KoreConX is the first of its kind, an All-In-One Platform that unites tools to securely and efficiently manage essential business data and facilitate compliance.
KoreID Mobile App
KoreConX is the first of its kind, an All-In-One Platform that unites tools to securely and efficiently manage essential business data and facilitate compliance.
What is the KoreConX blockchain strategy & why choose KoreChain?
In this video, KoreConX Co-Founder and CEO, Oscar Jofre, and our Chief Scientist/CTO, Kiran Garimella, share the details of our permissioned blockchain. Built on the Hyperledger Fabric, it is secure and governed with the ability to have full lifecycle management of contracts for tokenized securities for global private capital markets.
Smart contracts have become popular due to the extensibility of the Ethereum blockchain beyond its main foundation as a cryptocurrency platform, where it competes with Bitcoin. The phrase ‘smart contract’ caught on in the popular imagination. After all, contracts are important mechanisms for transacting business, and what better than to make our contracts smart with computers and artificial intelligence.
Unfortunately, the glib phrase ‘smart contracts’ hides the ugly truth, which consists of three fallacies:
There’s nothing smart about smart contracts. Perhaps ‘smart’ is a matter of definition, so let me rephrase. If a simple “Hello, World!” program is considered smart, then so is a smart contract ‘smart.’ Maybe we can raise the bar one notch. Let us consider a simple program that, when you access it, determines the time of day (wherever the server on which the program runs or perhaps the browser from which a user invokes it). The code in the program implements the following logic:
If Time >= 6:00 am AND Time < 11:30 am THEN say “Hello, good morning!”
If Time >= 11:30 am AND Time < 3:00 pm THEN say “Hello, good afternoon!”
If Time >= 2:00 pm AND Time < 9:00 pm THEN say “Hello, good evening!”
If Time >= 9:00 pm AND Time <= 12:00 am THEN say “Good night, sleep well!”
If Time > 12:00 am AND Time < 6:00 am THEN say “Hi, you are up late – or did you get up early?”
The above are examples of what is called an IFTTT or “If This Then That” code. This is a bit more intelligent, but just barely. However, this is not necessarily smart enough in the financial world. The ERC-20 and its derivatives in the Ethereum world would have, one hopes, a bit more complicated IFTTT ‘rules’. For example, the protocol has a function that checks to see if the sender of the cryptocurrency actually has the amount in their account. This check is obviously important and a ‘smart’ thing to do. But, this type of check is performed by your bank when you use your bank’s debit card or credit card. However, banks don’t call their cards ‘smart cards’, even though there is more intelligence built into card processing than we give credit for.
In the age of artificial intelligence and machine learning, calling the above types of simple functionality ‘smart’ is an insult to the definition of ‘smart’. Even the earliest examples of AI software of the 60s were smarter. So, calling these ‘smart contracts’ smart is a throwback to prehistoric days of software engineering.
Incidentally, the moniker “IFTTT” is a bit of intellectual plagiaristic packaging passing off as a recent innovation. In reality, IFTTT has been around ever since the very first days of computing. All programmers know this, as well as it’s cousin, IFTTTE, which is “If This Then That Else.” Enough of this remarketing of old and well-known programming constructs.
Technologists who drool over smart contracts are obviously unfamiliar with what constitutes a contract. A loose definition of ‘contract’ may be fine for most casual applications, but for the financial world, the definition has to be legal and enforceable. Legally enforceable contracts have certain specific characteristics without which they don’t stand a chance of being defensible or enforceable. These characteristics include offer and acceptance, competence, unforced, mutual consideration, legal intent, and enforceable.
Transactions involving cryptocurrency or security tokens do not automatically become contracts because the transactions may violate one or more of the above provisions.
In general, people find regular contracts impenetrable, especially the fine print clauses. The article “Does Anyone Read the Fine Print? Consumer Attention to Standard Form Contracts” (by Yannis Bakos, Florencia Marotta-Wurgler, and David R. Trossen) generally concludes, unsurprisingly, that very few people do so.
In those rare cases when people read contracts, they may not actually understand them fully. Contrary to popular feeling, legal contracts are not obtuse by deliberate intention. If anything, they are as incredibly precise (or at least, strive to be) as possible without the use of mathematics. Despite the attempt at precision, there is still room for miscommunication and misunderstanding, whether that is due to the inexperience of the legal counsel (rare), the inexperience of the participants (very often), or the lack of clarity of the underlying regulation (probably rather common). When the application of the law is unclear in complicated cases, the courts resort to case law. All this points to the difficulty of understanding legal contracts. If that is not persuasive enough, consider that just about in all lawsuits both parties have previously signed contracts that were drafted and reviewed by experienced lawyers on both sides, yet one of the participants had to resort to a lawsuit.
In the case of smart contracts, the primary representation of the so-called contract is not the legal document but the computer program. Even simple transactions, when implemented in code, are very difficult to understand. Computer programmers are notorious for being poor documenters (or for their writing skills in general). What is less well-known is that programmers are deeply reluctant to read other programmers’ code because code is generally impenetrable, even when that code has been written by the same programmer who is reviewing it after a lapse of time.
Lay participants of contracts, such as investors and issuers, are asked to read the code in order to infer the underlying legal provisions! This is several steps removed from the requirement to read the actual legal document itself. Every step in the process has enormous potential for misrepresentation, misinterpretation, information loss, and outright incomprehensibility.
Indeed, the research data shows that many ICOs have “backdoor centralization”, but in the most negative sense of the term (unlike responsibly governed centralization), including pump-and-dump, insider trading, no expression in code of promises made on the website or whitepaper, unauthorized and unadvertised rights of modifiability, and so on. See “New Research Finds Backdoor ‘Centralized Control’ In Many ICOs” for a good summary.
You may think that the situation with smart contracts cannot be direr. But wait, it gets worse! In a 104-page study, “Coin-Operated Capitalism,” by the University of Pennsylvania Law School, “If ICO investors were scrutinizing smart contract code before buying into an ICO, we would expect to see (all else [being] equal) higher capital raises by teams that faithfully coded supply and vesting protections, and also disclosed their modification powers. We find no evidence of that effect in our sample.”
What this means is that ICO investors are either the dumb money (generally, the uninformed retail investors), highly speculative and risk-tolerant (hopefully in amounts small enough not to matter, or those with intense fear-of-missing-out), or outright criminal in nature with deeper motives. Obviously, this is a general conclusion and does not implicate the legitimate investors who may have invested in ICOs for diversification (though the use of the word ‘invest’ or ‘diversification’ in connection with ICOs is highly suspect).
As far as ICOs go, none of this should paint all ICOs with the same broad brush. But it does call into question the underlying architectural philosophy of smart contracts in general. Smart contracts should be designed by lawyers because smart contracts are primarily contracts. Only when contracts are truly legal contracts can technologists then strive to make them more or less automated and intelligent. All this automation should be wrapped into governance, risk, audit, and manual review functions precisely because even the smartest contracts cannot anticipate all scenarios in the real world.
Now, that’s smart!
ICOs suffer from disapproval from not only the SEC but also several media that have banned ICO advertising. This disapproval seems justified, since many of the ICOs had no business plans, no product, no service, no credible team, and no roadmap for generating value. Of the remaining well-intentioned ones, the problem of passing regulatory scrutiny for a utility token is insurmountable since it is a utility in name while a security in intent and form. The only way out is to re-classify it correctly as a security token.
The ERC-20 protocol and the concept of smart contracts are steps in the right direction for many use cases and great for many applications. However, for the financial markets, we need a protocol that can meet all regulatory requirements. We have taken an approach that originates solidly from securities law. We recognize the paramount need for safety, security, and risk management. We know all parties in a securities transaction must be protected at all times – these are the investors, issuers, directors, officers, lawyers, broker-dealers, transfer agents, secondary exchanges, and secondary token holders. There must be complete traceability and auditability.
Blockchain, in creating an immutable record, guarantees validity and (perhaps eventual) finality. However, this validity is technical validity and finality is the committing of the block to the chain. In the securities world, validity and finality means a lot more. Technical validity is necessary but not sufficient. Validity should include contractual validity and legal validity. Similarly, finality is achieved only upon authorized approval of transactions. KoreChain, our implementation of blockchain using Hyperledger Fabric, addresses this broader and more comprehensive definition of validity and finality. The KoreToken protocol and specification includes modular methods to implement various aspects of business validity and finality.
The KoreToken’s specification and protocol address the requirements for data and methods for the complete lifecycle of a security token. KoreConX will itself use this specification and protocol to create its own security token as well create security tokens for its issuers. The protocol includes data and methods that fall into three broad categories: public interface layer, business layer, and governance layer. The methods themselves can be invoked by participants in various transactions.
The execution of security transactions, from issuance to corporate actions to exit, cannot happen in a vacuum. Registered entities are accountable for knowing where these securities are, who are their holders, and the state of their compliance. More than issuing a protocol, KoreConX has taken the unique approach of providing a full operational platform as well as partnerships with other participants in the ecosystem such as broker-dealers and secondary market operators. KoreConX itself is an SEC-registered transfer agent, meaning that we can offer full custodianship services for securities.
The KoreToken architecture is modular, allowing security token designers to compose entire securities transactions and implement various use cases. The heavy lifting of blockchain functionality as well as business-related functionality such as event management, transaction management and process management are handled by the KoreChain.
Please see the following Executive KoreBriefing on The KoreToken Specification and Protocol.
We will release the detailed technical whitepaper shortly.
