Variant: Balancing Legal Risks and Commercial Value in the Crypto Industry
TechFlow Selected TechFlow Selected
Variant: Balancing Legal Risks and Commercial Value in the Crypto Industry
From a macro perspective, control rights bring convenience from a business standpoint, but entail costs from a risk perspective.
Navigating Web3 tides with focused insightsAuthor: Daniel Barabander, Deputy General Counsel at Variant Fund
Translation: Saoirse, Foresight News
Founders in the crypto space understand that legal "control" carries significant risks. While I'm encouraged to see growing awareness around the importance of control (there's been real progress over recent years), I've also noticed persistent confusion about how to properly assess it. Founders generally treat "control" as a minefield—but struggle to articulate the underlying logic clearly.
A more accurate way to think about control is as a spectrum—a continuous range stretching from strong control on one end to weak control on the other. To determine your position along this spectrum, ask two fundamental questions:
-
Who exercises control?
-
What is the scope of that control?
On “Who Exercises Control”
The key variable here is degree of decentralization, forming the following spectrum (from strong to weak control):
-
Single-entity control → Internal multi-sig control → Independent multi-party multi-sig control → Decentralized Autonomous Organization (DAO) control → Fully immutable
On “Scope of Control”
The key variable here is the boundary of permissions, forming the following spectrum (from strong to weak control):
-
Full upgrade rights → Time-locked full upgrade rights → Limited upgrade rights for specific external dependencies (e.g., changing oracles) → Pause functionality only → Fully immutable
Once you’ve mapped your position along these two axes, you can apply that understanding within any given legal framework. I firmly believe control analysis applies across nearly all areas of law. At its core, legal liability often hinges on the question: “Who controls what?”
Take the legal definition of a money transmitter as an example: I’ve argued that unilateral control over user funds is a necessary condition for determining whether an entity qualifies as a money transmitter (although the Tornado Cash ruling took a different view, which I’ve challenged in prior writings). When assessing “unilateral control,” both (1) degree of decentralization and (2) scope of permissions must be considered.
-
Scenario A: A single administrator holds keys but can only pause the protocol in emergencies;
-
Scenario B: A genuinely decentralized DAO possesses full upgrade authority.
In both cases, there is no unilateral insider control, and thus a legal argument can be made that such projects do not constitute money transmitters.
This kind of control analysis extends to other legal domains as well. In securities law, for instance, the “efforts of others” prong of the Howey test fundamentally asks whether there is a central party with meaningful control. The technical architecture of a protocol’s control hierarchy provides critical evidence in answering that question.
Determining where to situate oneself on the control spectrum requires careful evaluation within the relevant legal regime and consultation with legal counsel. But from a high-level perspective: control brings operational convenience on the business side, but carries legal risk as a cost. The key is balancing this trade-off and being clear about why control is retained in the first place. For example, if the primary reason for retaining control is emergency response, then limiting control to pause functionality results in significantly lower “control costs” (in terms of legal liability) compared to full upgrade rights. Identify precisely which control functions are truly essential to your operations—and align your control structure accordingly.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News
Variant
