Re: Unlawful Unregistered Securities, DID and VC from Mahmoud Alkhraishi on 2023-06-14 (public-did-wg@w3.org from June 2023)

From: Mahmoud Alkhraishi <mahmoud@mavennet.com>
Date: Wed, 14 Jun 2023 17:51:24 +0000
To: Alex Tweeddale <alex@cheqd.io>, Christopher Allen <ChristopherA@lifewithalacrity.com>
CC: Melvin Carvalho <melvincarvalho@gmail.com>, Kim Hamilton <kimdhamilton@gmail.com>, Michael Prorock <michael.prorock@mesur.io>, Orie Steele <orie@transmute.industries>, Steve Capell <steve.capell@gmail.com>, W3C Credentials Community Group <public-credentials@w3.org>, W3C DID Working Group <public-did-wg@w3.org>, W3C Chairs of DID WG <group-did-wg-chairs@w3.org>
Message-ID: <YT2PR01MB57730A2184A5C57D03CB9418CC5AA@YT2PR01MB5773.CANPRD01.PROD.OUTLOOK.COM>

Big +1 to Alex’s point, there are big issues in the registry, mostly due to non-compliance with the spec and I think narrowing down the registry to a list of methods that are fully spec compliant with a registrar.

Regards,
Mahmoud Alkhraishi
Director of Engineering
Mavennet
________________________________
From: Alex Tweeddale <alex@cheqd.io>
Sent: Wednesday, June 14, 2023 12:26 PM
To: Christopher Allen <ChristopherA@lifewithalacrity.com>
Cc: Melvin Carvalho <melvincarvalho@gmail.com>; Kim Hamilton <kimdhamilton@gmail.com>; Michael Prorock <michael.prorock@mesur.io>; Orie Steele <orie@transmute.industries>; Steve Capell <steve.capell@gmail.com>; W3C Credentials Community Group <public-credentials@w3.org>; W3C DID Working Group <public-did-wg@w3.org>; W3C Chairs of DID WG <group-did-wg-chairs@w3.org>
Subject: Re: Unlawful Unregistered Securities, DID and VC

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

+1 to Christopher's point - the UK is going the other way and as is the EU with the MiCA regulation<https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52020PC0593>, which looks at regulating different asset providers rather than making them "illegal". It also provides a lot more clarity on what constitutes a "utility" token.

I think the larger problem within the DID Registry is that many of the methods are:

  1.  Not spec compliant;
  2.  Not built into any SDKs / libraries and cannot be used in practice.

If we wanted to start looking at removing methods, we should look at Markus Sabadello's latest work with the DID linter on the Universal Resolver<https://dev.uniresolver.io/>. Here, it shows only 12 methods are fully spec-compliant, and only 8 methods have a functional DID registrar<https://uniregistrar.io/>.

I'd suggest only having methods in the registry that have a working DID Resolver and DID Registrar, regardless of whether they're blockchain based or not.

On Wed, 14 Jun 2023 at 16:56, Christopher Allen <ChristopherA@lifewithalacrity.com<mailto:ChristopherA@lifewithalacrity.com>> wrote:

On Tue, Jun 13, 2023 at 5:19 PM Melvin Carvalho <melvincarvalho@gmail.com<mailto:melvincarvalho@gmail.com>> wrote:
For a more comprehensive understanding, I recommend reading the original SEC guidance, which you can find at this non paywalled link:

https://www.sec.gov/litigation/complaints/2023/comp-pr2023-102.pdf

This document provides thorough case studies, including insights from blog posts, Twitter posts, and transcripts. For an illustrative and relevant example, you might find the Filecoin / Protocol Labs case study particularly informative, which is covered in parts 163-189.

I'm very uncomfortable with this discussion by our community (ccg) and standards (did). We are not qualified.

I read through the Filecoin/IPFS portion of this doc, and it is very biased and is based on unsettled law. They did not mention the utility use of the tokens, which in some jurisdictions (Wyoming and a few other states) should be considered a factor.

The key point is that these topics are unsettled. There are many congressmen and senators that are very unhappy with how the SEC is handling these matters and are working on bipartisan bills. There are also cases before judges where they appear to be critical of the SEC approach even before making judgment. Other parts of the Federal Government are also critical of the SEC here.

Though I'm not a big fan of Filecoin for other reasons, they went to a lot of effort to do the best practices of the time and avoided many bad practices that were common. I, too, want us to avoid scams and bad practices, but I don't know where the line is.

So to say that we need to remove, for instance, Filecoin-related DID methods because they are included in an SEC document feels to me to be very premature. I suspect that this may not be settled law in the US for a few years. In addition, this will likely only be US — it feels like the UK is going the other way. This is the WORLD-wide-web consortium. What if a token used in a blockchain becomes illegal in the US, but is legal in the UK? What to do then?

-- Christopher Allen

Received on Wednesday, 14 June 2023 17:51:33 UTC