The U.S. Capitol building, seen at night.
Photo: Andy Feliciotti/Unsplash

The crypto regulation problem nobody wants to touch

Protocol Policy

Hello and welcome to Protocol Policy! Today we examine how the emerging crypto regulatory landscape has been neglecting DeFi — likely to the industry’s long-term detriment. Warren accused Intuit of getting away with “Free File scams” thanks in part to a revolving door with the IRS. And in the latest episode of tech CEOs taking to Twitter, Jack Dorsey quips at Marc Benioff for his shareholder capitalism spiel.

Crypto regulators have a DeFi problem

How do you regulate a decentralized crypto project? The question is pressing and the answer could be as simple as “You can’t.” After all, there’s no legal entity to sue, no CEO to grill in front of Congress and no compliance department to keep up with the latest regulatory requirements.

That should scare the DeFi sector, because it’s a short jump from being unregulatable to becoming outlawed: U.S. legislators could end up banning DeFi projects that don’t meet licensing and compliance measures, rather than working to find a regulatory scheme that can embrace them.

DeFi hacks have become big business. Several high-profile crypto hacks in recent weeks have left crypto investors both big and small holding the bag. The consequences of hacks are especially acute in the case of Axie Infinity, which is popular in the Philippines and Venezuela among people who expect to earn around $3 to $5 per day from playing the game as a full-time job.

  • The Axie Infinity hack in March resulted in $622 million in stolen funds after the decentralized Ronin network was breached. The hack has been traced to two North Korean hacking groups. Sky Mavis — the actual company that owns the Axie Infinity game but not the Ronin sidechain — pledged to make hacking victims whole, and its investors ponied up over $150 million to shore up its balance sheet. But it’s unclear how the decentralized Axie DAO will replenish funds stolen from its treasury as part of the heist.
  • Earlier this week, hackers stole $182 million worth of stablecoin from DeFi project Beanstalk Farms. The hackers took out around $1 billion in flash loans, which they used to take over the protocol’s governance and approve proposals which amounted to “Give us the money.”
  • And in February, a hacker stole wrapped ether worth around $320 million from the Wormhole DeFi project. The developer group behind Wormhole offered a $10 million ransom payment, but the hacker eventually converted the stolen tokens into around $250 million worth of ether.

As of now, our legal system offers little in the way of recourse for victims of DeFi hacks. Sen. Elizabeth Warren called DeFi “one of the shadiest parts of the crypto world … where consumers are least protected from getting scammed.” With DeFi projects, there’s no single entity to sue when things go wrong. But if that changes, you don’t have true DeFi — at least not in the way we think of it today.

  • In an interview with the Wall Street Journal last year, Gary Gensler suggested DeFi projects could be regulated with a somewhat aggressive reinterpretation of ownership: “There’s still a core group of folks that are not only writing the software, like the open source software, but they often have governance and fees,” Gensler said. “There’s some incentive structure for those promoters and sponsors in the middle of this.”
  • But that approach could have its own pitfalls. Consumers can buy into DeFi projects on exchanges such as Uniswap with little to no understanding of what it is they’re buying into. There’s no easy way to draw the line between an unwitting investor and a savvy perpetrator. If a teenager buys a DeFi token on a decentralized exchange and that token is then used by Russia to evade sanctions, should the teenager go to jail? Most people would of course say no, but under most DeFi protocols every token holder is an owner.

This all points to a fundamental misalignment between crypto lobbying and crypto policy needs. The crypto regulatory landscape is coming into focus, thanks in part to millions of dollars spent on lobbying by the likes of Coinbase and Ripple. Corporate entities are understandably steering legislators towards issues that impact them — issues such as regulatory definitions, compliance costs and enforcement standards. That’s especially true in the states, where most of the crypto legislation action is taking place at the moment. Legislators instead should strive to take action on their own, finding a middle road between banning DeFi and ignoring it. That’s easier said than done, but the growing fallout from hacks demands it.

— Hirsh Chitkara (email | twitter)

In Washington

Sen. Elizabeth Warren accused Intuit of getting away with “Free File scams thanks to extensive lobbying and adroit influence-peddling.” The accusation came in a letter also signed by Reps. Katie Porter and Brad Sherman. The lawmakers requested information about the alleged revolving door between the IRS and Free File Alliance, which they say swings in both directions. The Free File Program was intended to serve 70% of Americans but as of 2018 only served 3%.

The Justice Department is tweaking the algorithms it uses to predict recidivism, according to NPR. Reports had pointed out flaws and bias in the government’s tool, but the department admits the assessments still result in some disparities.

A coalition of business associations is urging the Justice Department and FTC to “abandon an unconstrained approach to merger law.” Led by the U.S. Chamber of Commerce, the groups, representing every major sector from hospitals to tech, are weighing in on the effort to revamp internal policies that help enforcers decide which mergers get the most scrutiny.

In the states

Florida Gov. Ron DeSantis is trying to bring Disney under the state law penalizing social media companies for alleged anti-conservative bias. Disney had been exempted from the law, which a federal judge paused as unconstitutional, but then the entertainment giant criticized Florida’s new “Don’t Say Gay” statute.

Former Attorney General Loretta Lynch will lead a racial equity audit for Amazon. The company said it will “evaluate any disparate racial impacts on our nearly 1 million U.S. hourly employees resulting from our policies, programs, and practices.” Amazon shareholders will also vote next month on whether to support an independent audit of Amazon’s treatment of warehouse workers, per CNBC.

Star civil rights attorney Ben Crump is suing Amazon on behalf of a worker killed during the tornado warehouse collapse in Edwardsville, Illinois. Crump will also represent four drivers injured in the crash. The lawsuit alleges Amazon didn’t allow workers to heed warnings and accuses the company of negligence in warehouse construction and maintenance.


M&A and workforce reorganization can create a wealth of opportunities for companies seeking rapid growth, transformation and market expansion. In fact, 47% of executives say pursuing corporate M&As, joint ventures and alliances is their top growth driver in 2022. Unfortunately, nearly half of executives say talent acquisition and retention challenges are the biggest obstacle.

Learn more

In the courts

A federal appeals court ruled that a recruiting analytics firm was not violating anti-hacker statutes by scraping publicly available data from LinkedIn. The court decision is seen as a win for researchers and journalists, who often use data scraping of public sources to source information. It could be a loss for Big Tech, however, as the companies argued that such rules allowed them to safeguard user privacy.

Tesla asked a California judge to delay a lawsuit that the company characterized as being part of a "turf war" with the U.S. Equal Employment Opportunity Commission. The lawsuit from California's Department of Fair Employment and Housing accuses Tesla of racial discrimination in its Fremont factory.

On Protocol

Coming tomorrow! It’s been almost six months since Congress passed the landmark $1.2 trillion Infrastructure Investment and Jobs Act. The long-awaited bill promised significant investments in the tech industry, including $65 billion to support broadband expansion and another $7.5 billion to promote electric vehicle adoption. What progress toward those goals have we seen so far — and what can we expect in the next six months? Find out on April 21 at noon ET. RSVP here.

Around the world

Publishers urged European authorities to tweak the landmark, but supposedly already finalized, Digital Markets Act so that gatekeepers can’t use all-purpose opt-ins to combine data streams across services. The member of the European parliament who’s been overseeing the measure jumped into a Twitter thread about the issue to say simply, “Fixed,” and post a little black check mark emoji.

In the C-Suite

Marc Andreessen predicts “identical censorship/deplatforming policies across all layers of the legacy Internet stack” with “only rare exceptions.” Elon Musk responded: “Extremely concerning. Who is pushing this censorship/deplatforming? Very shadowy.”

“The intentions are in the right place and we will iterate through it,” said Mastercard’s global head of crypto and blockchain, Raj Dhamodharan, on the topic of interfacing with policymakers as they form crypto regulation. Dhamodharan conducted a full Q&A with Protocol that dug into Mastercard’s crypto strategy.

Jack Dorsey wasn’t having any of Marc Benioff’s shareholder capitalism spiel, which came alongside a picture of the Salesforce CEO on the cover of CEO Magazine. “You bought this magazine too?” Dorsey tweeted, referencing Benioff’s ownership of Time Magazine.

More fallout from the CNN+ launch: Executives at Discovery and CNN are beefing over disparate visions for the CNN+ streaming service, which has been flailing since launch. Axios reports that Discovery executives want the service to focus on hard news while CNN executives want experimental content that complements the cable service.

In data

58%: That’s the percentage of women working as delivery couriers for Doordash in the U.S., according to the company’s first ESG report released since a 2020 IPO. The report also found that 38% of Dashers were people of color.

Be careful what you FOIA

The Verge recently dug up a FBI document of internet acronyms that had been uncovered around 2014 as part of a Freedom of Information Act request. Highlights from the list include, fittingly, 420 (drugs). Some bizarre acronyms on the list include: PIMPL (“peeing in my pants laughing”), BEF (“best enemies forever” or “best email friend”) and MLS (“my life sucks”). The list is 83 pages long.


ProEdge can help you conduct a skill gap analysis across your organization and gain insights you can leverage to develop forward-looking plans while taking into account the needs of the entire enterprise, including individuals, teams and functions. In an M&A scenario, an upskilling program like ProEdge can also be used to uncover employees’ skills that weren’t utilized before.

Learn more

Thanks for reading, see you Friday.

Recent Issues