
How Can DePIN Projects in the Popular Web3 Sector Operate Legally and Comply with Regulations?
TechFlow Selected TechFlow Selected

How Can DePIN Projects in the Popular Web3 Sector Operate Legally and Comply with Regulations?
This article discusses the legal issues to consider when launching a DePIN project.
Author: Liu Honglin, Founder and Director of Shanghai Manqin Law Firm
01 Introduction
In the traditional internet sector, the sharing economy model—represented by shared bicycles, shared routers, and storage service leasing—has become highly mature. In the Web3.0 space, a similar concept exists known as DePIN (Decentralized Physical Infrastructure Networks), which aims to improve resource utilization and eliminate centralized monopolies.
Simply put, DePIN leverages blockchain technology to record data resource sharing, aiming to build a globally interconnected ecosystem of physical infrastructure networks.
According to data from Coingecko, as of February 2024, the liquid asset size of the DePIN sector has exceeded $16 billion. The Messari Report predicts that the DePIN market could reach a scale of $3.5 trillion by 2028.

Data source: Coingecko, data as of 2024.2

Overview of DePIN projects (image from Messari)
It is evident that the DePIN sector is gaining increasing attention and has become a key focus area for many project teams. The Manqin team not only continuously monitors this sector but has also provided legal services to related projects. This article will discuss the legal issues that need to be considered when launching a DePIN project.
02 Business Models of DePIN Through Typical Projects
Filecoin: A Storage Space Sharing Incentive Project
Filecoin can be considered one of the older DePIN projects. As a decentralized storage network based on the IPFS (InterPlanetary File System) protocol, its primary function is to connect users with idle storage space on their hard drives to those who need data storage capacity.
Through such transactions, the former provides their storage space to the latter in exchange for FIL tokens as rewards. The latter gains access to storage at lower costs, maximizing the additional market value created by underutilized digital resources.
Render Network: Leader in the AI Sector
Render Network (hereinafter referred to as RNDR) is a distributed GPU rendering network platform built on blockchain technology by OTOY Inc.
The main demand side consists of users requiring extensive rendering tasks, while the supply side includes providers with idle GPU computing power. By extending 3D rendering workloads and applications to the cloud, RNDR creates a vast computational marketplace, enabling users worldwide to more easily provide or access high-quality rendering services.
Hivemapper: Decentralized Encrypted Mapping
Hivemapper is a blockchain-based mapping network that collects global map data through Hivemapper dashcams installed by users around the world. It enriches the cloud-stored world map database through continuous information updates, ultimately creating a complete and highly reliable global map.
From the user's perspective, individuals are rewarded with HONEY tokens simply for contributing valuable map information.
Hivemapper’s unique advantage lies in its cost-efficiency. Traditional mapping solutions like Google Maps use expensive cameras, vehicles, and manpower, resulting in extremely high operational costs. In contrast, Hivemapper leverages a large number of everyday drivers to collect street-level imagery globally. Moreover, since the only way to access Hivemapper’s map data is by spending HONEY tokens, these tokens gain real utility and strong user appeal.
In summary, the business model of DePIN projects revolves around the following core elements:
(1) Hardware devices: Purchased and deployed by users within the project ecosystem.
(2) Real goods/services/resources: Addressing genuine needs and promoting infrastructure maintenance and improvement.
(3) Token incentives: Rewards for resource providers, which can either be used to consume real services or traded for other resources.
03 Legal Risk Analysis of DePIN Projects
1. Does a DePIN Project Violate China’s Prohibitive Regulations?
Those familiar with Manqin Law Firm, especially Attorney Honglin, may know that we often emphasize there are three legal red lines that must never be crossed in China.

However, as seen from the above analysis, in DePIN projects, users earn tokens by maintaining and improving project infrastructure. These tokens can then gain liquidity via exchanges or other methods. It appears that DePIN projects may easily touch the first and last items on this negative list.
In reality, although the process of earning tokens in DePIN projects resembles mining under PoW mechanisms to some extent, it does not necessarily involve massive electricity consumption and carbon emissions associated with resource-wasting industries. Instead, it helps balance supply and demand and improves the efficiency of idle resource utilization.
Additionally, while China prohibits token financing using virtual currencies, it does not deny the property attributes of virtual currencies nor ban all activities related to them. We have previously provided detailed analyses on this; see “Three Points to Note When Launching a Blockchain Project with Tokens But No Fundraising” for specifics.
Nevertheless, from a judicial practice standpoint, regulators remain strict regarding individuals and entities acquiring tokens from DePIN-like projects.
Take Filecoin as an example. After reviewing disputes involving FIL tokens over the past three years, we found that courts frequently cite content from the September 24th notice and broadly classify actions by parties such as certain companies, individual Xiang, and Guangxi XX Technology Industry Co., Ltd., as "mining activities." Courts generally rule relevant service contracts, entrustment agreements, or sales contracts invalid, dismissing plaintiffs’ claims or ordering defendants to return payments, without conducting thorough analyses. See cases (2022) Hu 0114 Min Chu No. 22068, (2023) Gui 0202 Min Chu No. 2287, and (2023) Yu 0235 Min Chu No. 2152 for details.
2. Legal Issues in Data On-Chain Processes
DePIN projects intersect with traditional infrastructure sectors, primarily including server (cloud) networks, wireless networks, sensor networks, and energy networks. A common characteristic across these industries is their close involvement with the collection and use of large volumes of data. Since most DePIN projects involve overseas users or require publishing data onto blockchains outside China, cross-border data transfer becomes a critical consideration.
Taking the previously mentioned Hivemapper project as an example, within just one year of launch, it mapped approximately 10% of the world’s total road length, widely collecting geospatial data. While enhancing daily travel convenience, this also raises concerns about national data security and potential leakage of sensitive information.
Interestingly, China’s Ministry of State Security has recognized this issue and published an official WeChat article in February this year:

3. Beware of Improper Promotion in DePIN Projects
Marketing and promotion stages of Web3 projects are generally high-risk phases. Project promotions often rely on KOL endorsements, yet the industry is mixed, with frequent occurrences of exaggerated claims, guaranteed returns, and false advertising. Some malicious project teams even exploit the buzzwords of “sharing economy” and “digital economy” to attract investments under false pretenses, deceiving users and stealing their assets.
Moreover, DePIN projects combine blockchain technology with decentralized hardware devices. Due to their complex business models, they involve various upstream and downstream roles such as hardware suppliers and channel agents.
During hardware equipment marketing and sales, channel agents may adopt multi-level distribution strategies to rapidly expand market reach. If agents set entry barriers, establish multiple sales tiers based on purchase volume or amount, and explicitly or implicitly promise rebates for recruiting new members, such models may deviate from genuine product sales and carry significant pyramid scheme risks.
04 Compliance Recommendations from Manqin Lawyers
To better help entrepreneurs navigate risks during DePIN project development, founders should pay particular attention to the following aspects during project execution.
1. Design an Appropriate Organizational Structure
Since many activities are restricted within China, going overseas for growth might be a better option. An increasing number of project teams choose to establish companies and build teams abroad in crypto-friendly regions such as Hong Kong, Singapore, and Dubai. Domestic operations can retain only limited support functions:
-
For teams planning to launch DePIN businesses, especially those intending to issue tokens in the future, it is advisable to plan early for offshore structuring and locate the main project entity overseas.
-
Given the tight integration between DePIN projects and hardware devices, production and sales related to hardware can still be conducted domestically.
2. Data Security and Cross-Border Compliance
Although DePIN projects are inherently decentralized, they still involve a degree of centralized management and coordination in actual operation, along with cross-regional data interactions. Therefore, special attention must be paid to data compliance and data security:
Personal Information Protection
-
Develop a privacy policy: Clearly inform users about how personal information is collected, used, stored, and transmitted, ensuring compliance with laws such as the Personal Information Protection Law (PIPL).
-
Obtain user consent: Clearly disclose the purpose, method, and scope of personal information processing before collection and obtain explicit user consent.
-
Data minimization principle: Collect and process only the minimum amount of personal information necessary to achieve specific purposes.
Data Security
-
Establish a data security management system: Develop and implement comprehensive data security policies in accordance with the Cybersecurity Law and Data Security Law to ensure data safety during storage, transmission, and processing.
-
Data encryption: Employ strong encryption techniques to protect data at rest and in transit, preventing unauthorized access and data breaches.
-
Regular security assessments: Conduct regular risk assessments and vulnerability scans, promptly patch security flaws, and enhance system resilience.
Data Storage and Cross-Border Transfer
-
Data localization: Store important data related to national security and public interests within China per local requirements. Conduct feasibility assessments accordingly before launching the project.
-
Cross-border data transfer assessment: Perform security evaluations prior to transferring data across borders to ensure compliance with the Cybersecurity Law, Data Security Law, and relevant regulatory requirements.
-
Registration and approval: Where necessary, complete registration and obtain approvals for cross-border data transfers to ensure full legal compliance.
3. Prevent Financial Crime Risks
Comply with anti-money laundering (AML) and counter-terrorism financing (CFT) regulations, strengthen platform security, prevent fraud, protect user interests, enhance platform legitimacy and compliance, thereby promoting healthy and sustainable project development:
Implement KYC (Know Your Customer)
-
Identity verification: Require users to submit identity documents (e.g., ID cards, passports) and proof of address for identity verification.
-
Background checks: Screen users for criminal records or histories of illegal activity.
-
Ongoing monitoring: Regularly update and review user information to ensure accuracy and timeliness.
Implement KYT (Know Your Transaction)
-
Transaction monitoring: Monitor and analyze transaction behavior in real time, using advanced tools and algorithms to detect anomalies and suspicious transactions.
-
Risk scoring: Assign risk scores to each transaction and conduct deeper reviews of high-risk transactions.
-
Reporting mechanisms: Establish internal and external reporting systems to promptly report and handle suspicious transactions, meeting AML/CFT requirements.
4. Prevent Criminal Risks Such as Illegal Fundraising and Fraud
From the perspective of avoiding financial regulation and mitigating risks, DePIN projects should avoid direct sales of hardware devices to individual end-users within China. During sales, attention should be paid to the following:
-
Equipment sales: Sell hardware devices (e.g., storage mining rigs) to enterprise clients (B2B), ensuring the business model does not resemble financial investment or wealth management products, thus avoiding risks of illegal fundraising.
-
Sales contracts: Execute standardized sales agreements clearly outlining rights and obligations, including product descriptions, pricing, payment terms, delivery schedules, and after-sales service provisions.
-
Quality assurance: Provide high-quality hardware and robust after-sales support to build customer trust and satisfaction.
-
Avoid guaranteed returns: Explicitly state during sales that hardware purchases do not include any guaranteed returns or investment profits to prevent customer misunderstandings.
-
Risk disclosures: Provide clear risk warnings informing customers of potential risks and uncertainties involved in purchasing hardware, ensuring informed acceptance of these risks.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News














