Digital Assets Discussion: Implications of Ooki DAO CFTC Enforcement Action

November 14, 2022
12:44 minutes

Following the first action filed by a U.S. federal regulator against a DAO and its members, asset management attorneys Melissa Bender, Jeremy Liabo and Glen Chen discuss the Ooki DAO case and its implications on the potential liability of DAO token holders, DAO legal wrappers and the CFTC’s role in regulating digital assets.



Melissa Bender: Hello, and thank you for joining this Ropes & Gray crypto and blockchain podcast today. Drawing on the perspectives of over 1,400 attorneys from all areas of our practice, we provide insight into essential considerations associated with the crypto, blockchain and digital assets space. I'm Melissa Bender, a partner in our San Francisco office. Joining me today are my colleagues, Jeremy Liabo, a partner in our Chicago office, and Glen Chen, counsel in our LA office. In this episode, we will discuss decentralized autonomous organizations, or DAOs, and the recent suit by the CFTC against the Ooki DAO. To begin, Glen, could you give us a brief overview of the Ooki DAO and the protocol that it operated?

Glen Chen: Sure—I’ll start with describing the bZx Protocol, which is the DeFi protocol that the Ooki DAO controlled and operated. This protocol was built on top of Ethereum and allowed users to contribute tokens as collateral to open leveraged positions where the ultimate value of the positions was determined by the price between two different virtual assets. These positions were required to be over-collateralized so that if the price went in the wrong direction and the position lost too much value, the protocol would automatically liquidate the position and then sell the posted collateral to cover the loss. The bZx Protocol was developed and marketed by bZeroX, LLC, and the LLC was formed and controlled by two founders, Tom Bean and Kyle Kistner. In 2020, the protocol was hacked multiple times by individuals who were able to exploit bugs in the protocol, and about $55 million worth of Ethereum in user funds was drained from the protocol. Likely as a result of these hacks, the two founders in 2021 transferred ownership of the admin keys that controlled the back end of the protocol to the bZx DAO, which was later renamed Ooki DAO.

Melissa Bender: I understand that the Ooki DAO was really characterized as a rebranding of the whole project, potentially as a result of these prior losses, right?

Glen Chen: That's right. It's the same DAO, and they likely rebranded because they were concerned about potential lawsuits as a result of these hacks and the loss of user funds. It turns out these concerns were well founded, because in addition to the CFTC action, several users of the protocol eventually filed a class action civil suit against the two founders as well as the DAO for failing to reasonably safeguard user funds.

Melissa Bender: Yes, it’s interesting to note that there’s an ongoing civil suit against the DAO, as well. And so, Jeremy, could you talk a little bit about the violations of the CEA and the CFTC rules that were in the CFTC’s complaint against the DAO?

Jeremy Liabo: Absolutely. So the complaint contains three allegations. The first is that Ooki DAO engaged in unlawful off-exchange retail commodity transactions. The second, that Ooki DAO engaged in activities that may only be performed by a registered futures commission merchant, or FCM. And finally, the Ooki DAO as an unregistered FCM failed to implement required customer information program and KYC/AML procedures. So, let’s dig into these allegations a little bit here. At the foundation of the CFTC’s complaint is the premise that the smart contracts were actually CFTC-regulated derivatives, specifically, retail commodity transactions. Retail commodity transactions are commodity transactions that are entered into with or offered to non-eligible contract participants—these are sophisticated investors—on a leveraged or margined basis. Notably, the CFTC has taken the position that the ETH, DAI and other digital assets that are the reference assets underlying the smart contracts offered on the Ooki Protocol are commodities. Retail commodity transactions are required to be executed on or pursuant to the rules of a futures exchange, which did not occur here.

The second allegation is that Ooki DAO engaged in activities that may only be performed by an FCM. An FCM is an entity, association, individual, partnership or corporation that engages in soliciting or accepting orders in retail commodity transactions, and in connection with such activities, accepts money or property to margin the trades. If we look at the structure of the smart contracts here, as Glen mentioned earlier, they required the users to post collateral, for example ETH, and it’s through the posting of the ETH that they’re able to achieve this leveraged position. The posted ETH is locked into the smart contract itself, and as a result, the CFTC is taking the position that the DAO, because it controls the protocol, received and holds the collateral for the trades.

And finally, the requirement to implement KYC and AML procedures applies to FCMs. As a result, if Ooki DAO is found to have been acting as a FCM, then it is almost certain to be found to have violated this requirement as well, because as we know, they did not have KYC and AML procedures.

The most controversial aspect of the action is that the CFTC has alleged that Ooki DAO acted through the holders of the DAO’s governance token holders who voted their tokens. This means that the CFTC has alleged that such token holders—meaning the holders of the governance tokens who actually vote on those tokens—are liable for violations of the CEA. This is a novel theory of regulatory liability that has really shaken the industry.

Melissa Bender: I think one of the things you and I spend a lot of time talking about is this jurisdictional battle between the SEC and the CFTC, with you being on the CFTC side of things and me being on the SEC side of things in terms of our respective practice areas. But I’d be really interested to hear your thoughts in terms of what the implications might be as for the jurisdictional battle that we see playing out between the CFTC and the SEC?

Jeremy Liabo: Yes, so I don’t see that this case really moves the ball too much. There are a couple things that we can look at here. First is the declaration by the CFTC that ETH and DAI are commodities. While Gensler has hinted at the possibility that, in connection with the merge, ETH is a security, I think that most people are in the camp that ETH really is a commodity—and I don’t necessarily think there’s a lot of debate about the classification of DAI either. But with that said, I think that this is an example of what we could see going forward in this space, specifically with respect to the split of the jurisdiction between the CFTC and the SEC. I could see the SEC taking the position that Ooki DAO tokens are securities but that, in itself, would not prohibit the CFTC from pursuing the action at hand. This happens all the time in TradFi: The CFTC regularly brings actions against publicly traded FCMs. Obviously, the shares in those companies are securities, but you still see the CFTC bring actions against FCMs for the violation of its rules.

Melissa Bender: Great—thanks, Jeremy. One thing that I’d like to turn to now is to chat with Glen a little bit about the structures for DAOS—the legal structures that may be available for DAOs going forward and some of the things that folks may want to be considering if they are in fact involved with or operating an unwrapped DAO.

Glen Chen: So in this case, there was no legal entity that “wrapped” the Ooki DAO. Because the DAO was allegedly acting as an unregistered FCM, as Jeremy mentioned, the CFTC called the DAO an “unincorporated association” and they relied on case law principles to hold the token holders responsible for the actions of the DAO. Now, many legal commentators have warned for some time that unwrapped DAOs could be deemed a general partnership, and that the members could be deemed general partners who are personally responsible and liable for the actions of the DAO—however, this will be first time in which this theory is tested in the context of the DAO. I expect many DAOs will be re-examining their legal structures, or lack thereof, in light of this case. For instance, the Sushiswap DAO, which operates one of the largest decentralized exchanges by volume, has recently engaged legal counsel to advise them on forming various legal entities to effectively wrap various aspect of the DAO’s activities. Of course, having one or more legal entities in place will provide additional benefits beyond limiting liability to members, including making it easier to hire employees, contract with services providers, open bank accounts and pay taxes.

Melissa Bender: Yes, and there’s several different types of legal wrappers that are available for DAOs, including Cayman, BVI, Swiss or Panama entities. The appropriate legal structure for a DAO will depend on the activities of the DAO, the governance structure for the DAO, and the composition of its members. Glen and I will plan to discuss the pros and cons of various DAO wrappers in a future podcast, so we can dig into more detail on that front then. But, I guess, Glen, can you also talk a little bit about whether this case may have a chilling effect on DAO participation going forward?

Glen Chen: Yes, that’s a great question, and one that a number of asset managers and other DAO participants are grappling with. On the one hand, it’s easy to see how this case clearly signals that there is some potential liability if you participate in a DAO, especially if the DAO is potentially facilitating a regulated activity, like a leverage retail commodity transaction. However, on the other hand, we know that a core aspect of DAOs is the engagement with the DAO and ability to help shape the direction of various projects by exercising voting rights in holding DAO governance tokens.

Melissa Bender: Yes, in particular, I’d note that fund managers will need to weigh the need to oversee investment activities where they hold interests in DAOs against the operational burdens of tracking governance matters (and determining how to vote) against the potential liability associated with them actually exercising those voting rights. But to conclude, I’d like to wrap up, Jeremy and Glen: What do we think some of the key lessons are for DAOs to be taking away from this case? Jeremy, if you're looking to start or if you operate a DAO, what would you be keeping in mind based on this action?

Jeremy Liabo: I would be thinking about whether the activities of the DAO would fall under the jurisdiction of the CFTC, or the jurisdiction of any other regulator for that matter. I could see the SEC bringing a similar case just as easily as the CFTC. The CFTC is a market regulator—they look at conduct. And if they see actors engaging in conduct that violates its rules, then they're going to bring an action. I think the question is going to be: How is this actually going to work in the DAO context? Will the CFTC’s theory that those who vote DAO governance tokens are subject to liability for violations of the CEA by the DAO stand up in court? There was a theory, and I think that it was pretty widely held, that DAOs by their very nature were decentralized, and therefore, beyond regulation. And the message from the regulator here is, "That simply is not the case." Personally, I’m not surprised by this position.  Glen, what do you think the key takeaways are from this case?

Glen Chen: In addition to what we discussed about the legal wrappers, I think DAOs should also be mindful in how they advertise their activities to the public and also to prospective DAO members. In their complaint, the CFTC clearly took issue with the fact that the two founders explicitly told DAO members that they were transferring control of the protocol to the DAO in an effort to avoid regulation and enforcement. In fact, the bZeroX website also claimed that it was offering a superior margin trading experience because “there was no need for any verification, KYC or AML.” The CFTC also noted that the founders often made public statements, appeared in interviews, wrote articles and led calls with community members that are publicly available on YouTube. Therefore, it’s clear that the level of advertising and the statements that were made by the founders and the DAO was a contributing factor in the CFTC’s decision to pursue a case against the Ooki DAO.

Jeremy Liabo: Glen, I think that’s a fantastic point, and it’s one that was actually reiterated by CFTC Chairman Behnam recently at a conference. When Chairman Behnam was asked about this case, he essentially said that they “had no other choice.” This was such a flagrant violation of the Commodity Exchange Act that they simply had to act.

Melissa Bender: That brings us to the end of the podcast. Jeremy and Glen, thank you so much for joining me today. And I really appreciate all of you tuning in to this series. For more information on the topics we've discussed today, other topics related to crypto, blockchain and digital assets, or any other topics of interest, please visit our Ropes & Gray crypto and blockchain website, where we have links to additional materials. You should also feel free to get in touch with any one of us or your primary contact at Ropes & Gray if you have additional questions. Finally, you can also subscribe and listen to the series of podcasts wherever you regularly listen, including on Apple and Spotify. Thank you again for listening today.

Subscribe to RopesTalk Podcast