TechFlow Exclusive: CEO of Blockstack (STX), the First SEC-Compliant Project, Explains How to Navigate Compliance After Ripple Case
TechFlow Selected TechFlow Selected
TechFlow Exclusive: CEO of Blockstack (STX), the First SEC-Compliant Project, Explains How to Navigate Compliance After Ripple Case
Currently, Blockstack has discontinued all work prior to version 2.0, rebranded as Hiro, and shifted focus to developing developer tools for builders.
Navigating Web3 tides with focused insightsThe recent lawsuit filed by the U.S. Securities and Exchange Commission (SEC) against Ripple has triggered a chain reaction across the industry: over 40 exchanges have delisted XRP, Galaxy Digital and Jump Trading have ceased market-making for XRP, and the market capitalization of XRP has dropped by more than half.
In response, Muneeb Ali, co-founder of Stack — hailed as a "positive example" and the first SEC-approved compliant security token offering in history — and CEO of Hiro (formerly Blockstack PBC), shared his insights. This article summarizes his views, which may serve as a model for the industry to better understand the path toward SEC compliance.
Which SEC red lines did Ripple cross?
Professionals in the crypto industry should consider reading the SEC’s full 71-page complaint against Ripple:
https://twitter.com/muneeb/status/1342214640399474688?s=20
A few years ago, some in the crypto space believed that SEC regulations might not apply to crypto assets — an idea I found puzzling. We conducted our own research and concluded there was indeed a way to comply. We completed the first-ever regulated token offering under SEC supervision. You can read about it in The Wall Street Journal:
Since then, we’ve been working on a framework to transition STX into a non-security status in the U.S. See Reuters’ recent coverage: https://twitter.com/muneeb/status/1335972550560669698?s=20
In many ways, our approach has been the complete opposite of Ripple's — much like how many of our technical designs contrast with Ethereum.
We did our homework and chose the hard but correct path. This not only demonstrates our alignment with regulatory expectations but also reflects how our Clarity language, designed for smart contracts and scalability, is harmonious with Bitcoin. We always take a long-term view rather than seeking shortcuts.
In the summer of 2017, a year after the DAO hack, the SEC released its DAO investigation report. The SEC clearly stated that DAO tokens were securities but decided not to pursue enforcement action. Had the SEC sued the DAO or Ethereum at that time, the industry landscape would look entirely different today. Most people didn’t read the report because no action was taken. Even those who did often came away with the mistaken impression that even if tokens are securities, the SEC wouldn’t do anything. In short, regulations weren’t taken seriously. From the SEC’s perspective, they made it clear that the DAO constituted a security, and that problems would arise if other entities continued issuing similar tokens. While we now commonly see token issuers impose certain restrictions — such as KYC requirements limiting participation — Ripple imposed no such restrictions and freely sold XRP tokens to Americans and institutions without limitation.
How does the SEC view other blockchain projects?
Some believe these regulations will drive crypto companies out of the U.S., but it’s not that simple. We’re talking about access to the U.S. market — one of the largest capital markets in the world. Even if your company isn’t based in the U.S., due to the openness of the U.S. capital markets, you still need to comply with U.S. regulations. The SEC’s rules matter for two key reasons: 1. The U.S. market is huge; 2. The SEC holds a leading role in the eyes of regulators worldwide.
Industry participants should engage in dialogue with regulators. In its complaint against Ripple, the SEC noted that Ripple never attempted to contact the SEC over the course of many years. Some argue that even if you talk to the SEC, you won’t get clear answers — and there’s truth to that. The SEC doesn’t sit around telling everyone what’s allowed; their job is to enforce laws and procedures. For instance, Reg A+ is a process where, ultimately, you either qualify or you don’t.
How Blockstack navigated the path from “regulated” to “compliant yet unregulated”
The SEC did not sue the DAO — or, by extension, Ethereum. If you look closely, the SEC essentially said, “At this point, Ethereum is not a security,” implying they remain open to the possibility that Ethereum once was a security. I believe ETH’s initial sale was an illegal securities offering. But they escaped that classification because they acted early enough. By the time the SEC reviewed it, Ethereum had achieved sufficient decentralization and was no longer a security.
Bitcoin never conducted a token sale — only mining. Satoshi built the codebase, and initially Bitcoin depended heavily on him, making it centralized. Then miners joined and began driving decision-making, completing the transition to decentralization. The exact mechanism of this transition remains a black box, but one thing is certain: transitioning to a non-security status is critically important.
Our project, Blockstack, launched in the fall of 2018. We asked ourselves: Ethereum underwent a decentralization transition — when will we be decentralized enough to no longer be considered a security in the U.S.? No one had ever asked this before. We had to work closely with our legal counsel to deeply study the Howey Test. We pursued a transparent, deliberate path toward decentralization. Today, Blockstack has discontinued all pre-2.0 activities, rebranded as Hiro, and shifted focus entirely to building developer tools. It’s akin to Satoshi founding a new company that builds developer tools for Bitcoin while no longer being involved in Bitcoin itself. We’ve publicly shared these transitions, aiming to draw community attention and share our learnings so others can apply them to their own projects. Of course, each company and product has unique details. Realities differ. There is no one-size-fits-all framework. The Howey Test is flexible for a reason. Our case study offers deep insight into Blockstack’s journey, but our exact path cannot be directly copied by others.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News
@muneeb
