Blockchain technology has often been heralded as a revolutionary mechanism for recording immutable truths (Vigna and Casey, 2019). However, this perspective may mischaracterise its fundamental nature. Rather than viewing it as a truth-discovery mechanism, we should consider blockchain as a twenty first century solution to the old problem of managing discrepancies between multiple records in order to build a consensus that allows systems to function. This historical distinction is paramount for analyzing the challenges posed by tokenized assets, which combine the ‘consensus-building’ features of blockchain with a price mechanism in the real world that may occasionally undermine / challenge that consensus.
We can draw parallels between blockchain and record-keeping systems. Early modern European states evolved record-keeping systems not merely to document truths, but to mediate between different accounts, manage complex information, and according to historians like Walsham, establish forms of consensus that enabled practical problems, like tax collection, to be solved. The English Domesday Book of 1086, an exercise unparalleled in Europe at that time, is perhaps the model of this pattern. Commissioned by William the Conqueror, it established fiscal consensus across Norman England by documenting property values and tax obligations, making the new kingdom governable. By the sixteenth century, attempts to maintain a comprehensive central record became more widespread. For instance in Venice, the Cancelleria Secreta formed part of a rich political communication network involving citizens at all levels.
Just as historical records might record patterns in tax collection or governance, providing an agreed-upon narrative without guaranteeing the veracity of each individual entry, blockchain systems can establish consensus on a macro level without necessarily ensuring the truth of the information it contains at the micro level. This distinction is particularly pertinent to financial risks, where risks often lie in the micro-level details, such as the accuracy and transparency of individual financial reports, rather than in the broader narrative.
To put this simply: when someone votes to 'validate' an entry on a blockchain, they haven't actually verified that the information it contains is correct. They are merely confirming that the entry satisfies the set of rules that constitute the platform's consensus mechanism. This is similar to how a bank might process a cheque according to proper procedure without being able to verify if there are actual funds backing it. This vulnerability was famously exploited in "triangular kiting" schemes, where fraudsters would write cheques between three banks in a circle, each bank assuming another bank had verified the existence of the underlying funds, creating a recursive loop of false verification.
Blockchain encompasses two connected concepts: discovering truth and building consensus. These are frequently conflated, but the distinction is important. A blockchain validator does not vote on blocks because they contain truth, but because they best satisfy the consensus mechanism. In fact, the most prominent blockchain network, Bitcoin, is a closed system that takes in no external information. Consequently, there is no truth for the network to discover or represent to begin with. If we were to believe these systems can ascertain absolute truth, it would be equivalent to suggesting that scientific truth can be determined by popular vote.
The Oracle Problem and Its Implications
The problem we describe has come to be known as the “oracle” problem — the difficulty of bringing external data onto the blockchain in a trustworthy manner (Garratt and Monnet, 2023). This problem manifests in various ways that challenge the core premise of blockchain technology. For example, while code and its deterministic execution might appear more predictable than the human process of consensus making, this may not be the case in very complex systems. As individual scripts get compromised or multiple scripts interact, the resulting behavior can become as opaque and risky as traditional financial systems.
As noted by Jon Cunliffe, “it is effectively the ‘code’ that manages the risks rather than intermediaries” (Cunliffe, 2022). This transition from human to algorithmic risk does not eliminate the need to incorporate trust mechanisms - it simply shifts them from traditional intermediaries to code auditors, oracle providers, and protocol developers. The same risks associated with human systems, such as error, fraud, and valuations driven by crowd mentality, persist but are transformed into new forms that may be less transparent and potentially more difficult to govern.
One example of this is in supply chain management, where blockchain coupled with IoT devices has been proposed as a solution for verifying shipments and automating payments, based on a belief that machines are inherently more trustworthy than humans (Everledger, 2020). The blockchain-IoT solution attempts to replicate traditional supply chain verification processes that rely on physical audits carried out by known third parties in a series of jurisdictions to confirm the existence of assets. However, this potentially replaces one form of trust with another, less accountable one, as IoT hardware could be tampered with during the manufacturing process or hacked completely anonymously. More importantly, addressing these risks leads to a recursive trust dilemma: if we distrust IoT devices, we might attempt to “bring them on chain,” but this only pushes the problem one level deeper. We then need to verify the mechanism that brings IoT data on-chain, ad infinitum.
Attempts to address these challenges, for example through decentralized oracle networks like Chainlink (Breidenbach et al., 2021) have aimed to identify incorrect information and untruths by aggregating data from multiple sources. These networks incentivize data providers to submit accurate information by requiring them to stake cryptocurrency tokens as collateral, which they can lose if they report false data. However, Vitalik Buterin cautions that "mechanisms that do not rely on any model of identity and only rely on coins fundamentally cannot solve the problem of concentrated interests outcompeting dispersed communities" (Buterin, 2019). In other words, wealthy actors could still manipulate these systems by being willing to lose their stakes in exchange for larger profits from market manipulation.
Ultimately, while blockchain and smart contracts are often touted as solutions that transcend traditional boundaries and systems, closer examination shows that these technologies can only function effectively when data sources are clear, verifiable, and trusted. These are conditions typically achievable within well-defined legal frameworks. Blockchain’s strength may lie not in eliminating the need for existing jurisdictions as part of a trust mechanism, but in enhancing connections between them. Each jurisdiction already possesses complex mechanisms for physical verification and legal enforcement. Blockchain could serve as a neutral, transparent layer for reconciling these independently verified statements and serve as a tool for inter-jurisdictional cooperation with a range of potential applications from travel and border security, to financial products.
Asset Tokenization
The distinction between consensus and truth is a practical concern in the lifecycle of financial transactions. Opening a deal relies on consensus—mutual agreements based on shared expectations—which aligns with blockchain's strength in building participant agreement. However, closing a deal during financial stress requires confronting hard truths about creditworthiness.
The oracle problem is not unique to the blockchain technology per se; traditional financial systems face similar issues with complex financial instruments. For instance, Exchange Traded Funds (ETFs) rely on Authorized Participants (APs) to maintain the link between the ETF’s price and its underlying assets.
In permissionless blockchain applications like decentralized finance (DeFi), protocols such as Centrifuge play roles like APs, acting as bridges between real-world assets and their tokenized representations on the blockchain. The question then arises as to how trustworthy these protocols are. Without the involvement of existing jurisdictional authority and regulation, the permissionless tokenization process introduces a layer of abstraction and potential points of failure that can obscure the true nature and value of the underlying assets.
Centrifuge’s approach depends on the accuracy of information provided by its asset originators (Centrifuge, 2022), where the inherent unknowability of underlying assets introduces vulnerabilities, as evidenced by its $6 million in unpaid debt accrued in February 2023 (Sandor, 2023a).
Having tokenized assets such as invoices and real estate into Non-Fungible Tokens (NFTs) that represent digital claims, Centrifuge then sends these claims to other DeFi protocols, such as stablecoin MakerDAO, for debt financing. Specifically, MakerDAO accepts Centrifuge’s tokenized assets, along with other forms of Real World Assets (RWA) as collateral for generating its stablecoin, DAI.
Example: how MakerDAO creates its stablecoin
MakerDAO's collateral strategy has evolved through three distinct phases, each mirroring different traditional financial institutions.
- Currency Board Model: Initially, MakerDAO primarily accepted cryptocurrency assets like Wrapped Ether (WETH) as collateral. This model functioned similarly to a currency board, allowing users to obtain DAI loans against their cryptocurrency holdings. It was entirely on-chain, relying on the inherent liquidity and price discovery mechanisms of major cryptocurrencies. WETH's volatility required significant over-collateralization and a fire-sale mechanism to manage price fluctuations.
- Stablecoin-Backed Reserve Model: MakerDAO admitted USDC, a stablecoin managed by Circle, as a collateral type. This addition provided stability to the reserve mix but also introduced indirect exposure to traditional financial markets. While designed to be stable in value, USDC exposed MakerDAO to external shocks affecting Circle or the broader financial system. An example of this can be found in March 2023, and the collapse of Silicon Valley Bank (SVB) where Circle had held a portion of USDC’s reserves. The bank’s failure caused USDC to temporarily lose its peg to the US dollar and this shock was further transmitted to MakerDAO, causing volatility in its DAI stablecoin (Reuters, 2023; Sandor, 2023b).
- Investment Bank Model: MakerDAO began accepting Real World Assets as collateral, marking its most significant departure from its original design. By accepting Real World Assets, MakerDAO effectively incorporates certain behaviors commonly found in investment banks, transforming illiquid, non-fungible real-world assets into liquid, fungible DAI tokens. While potentially higher-yielding, Real World Assets come with complex off-chain risks. These include loans backed by U.S. Treasury and banks like Huntingdon Valley Bank. I show their introduction dates into the MakerDAO system in Table 1.
|
Table 1: Real World Assets' Introduction Dates into the MakerDAO System
|
|
RWA
|
Source
|
Nature
|
Pool Date
|
Vote Date
|
Days Delay
|
|
RWA001
|
6S Capital
|
Mortgage
|
2020-11-30
|
2021-03-05
|
95
|
|
RWA002
|
New Silver
|
Mortgage
|
2021-01-25
|
2021-04-12
|
77
|
|
RWA003
|
Consol Freight
|
Trade Finance
|
2020-10-12
|
2021-07-24
|
285
|
|
RWA004
|
Harbor Trade Credit
|
Trade Finance
|
2020-10-12
|
2021-07-24
|
285
|
|
RWA005
|
Fortuna-Fi
|
Revenue-based Finance
|
2020-10-12
|
2021-07-24
|
285
|
|
RWA006
|
Centrifuge
|
Technical Test
|
2020-10-12
|
2021-07-24
|
285
|
|
RWA007
|
MIP65
|
Short-term bonds
|
2021-08-30
|
2022-10-05
|
401
|
|
RWA008
|
Societe Generale
|
Bank
|
2022-07-11
|
2022-07-29
|
18
|
|
RWA009
|
HVBank
|
Bank
|
2022-07-04
|
2022-07-29
|
25
|
|
RWA010
|
BlockTower
|
Treasury Bills
|
2022-11-24
|
2022-12-09
|
15
|
|
RWA011
|
BlockTower
|
Treasury Bills
|
2022-11-24
|
2022-12-09
|
15
|
|
RWA012
|
BlockTower
|
Treasury Bills
|
2022-11-24
|
2022-12-09
|
15
|
|
RWA013
|
BlockTower
|
Treasury Bills
|
2022-11-24
|
2022-12-09
|
15
|
|
RWA014
|
Coinbase Custody
|
Custody
|
2023-04-19
|
2023-06-17
|
59
|
|
RWA015
|
Andromeda Bonds
|
Short-term Bond
|
2023-05-30
|
2023-06-14
|
15
|
In Figure 1, I illustrate the implications of these Real World Assets items in terms of MakerDAO's balance sheet. The diagram illustrates MakerDAO's financial structure, showing assets (crypto, Real World Assets, and stablecoin collateral), liabilities (circulating and locked DAI), and equity (in terms of protocol surplus). The equity section is important, as it highlights how Real World Assets returns and stability fees increase the surplus, while potential fire-sale losses and DAI Savings Rate payments decrease it. For further details, see Table 2.
Figure 1: MakerDAO Balance Sheet and Equity Dynamics.
|
Table 2: MakerDAO Mechanism’s Underlying Details
|
|
Component
|
Item
|
Description
|
Key Smart Contracts
|
|
Assets
|
Crypto Collateral
|
- Primarily ETH and other cryptocurrencies
- Overcollateralized loans
- Subject to automatic liquidations
|
Vat.sol, Clip.sol
|
|
|
RWA Collateral
|
- Tokenized real-world assets (e.g., bonds, loans)
- Managed through specialized vaults
- Not subject to automatic liquidations
|
RwaUrn.sol, TinLake
|
|
|
Stablecoin Collateral
|
- Primarily USDC
- Managed through Peg Stability Modules
|
PSM.sol
|
|
Liabilities
|
Circulating DAI
|
- Minted against collateral
- Freely tradeable on open market
|
Vat.sol, Join.sol
|
|
|
Locked DAI
|
- Deposited into DSR (DAI Savings Rate) contract
- Earns interest based on current DSR
|
Pot.sol
|
|
Equity
|
Protocol Surplus
|
- Accumulated from stability fees and other revenue sources
- Managed through surplus buffer and token buyback/burn
|
Vat.sol
|
|
|
Factors Increasing Surplus
|
- RWA Returns: Interest from RWA investments
- Stability Fee: Interest paid on DAI loans
|
Jug.sol
|
|
|
Factors Decreasing Surplus
|
- Firesale Loss: Potential losses from liquidations
- DAI Savings Rate: Interest paid to DAI depositors
|
Clip.sol, Pot.sol
|
|
Governance
|
MKR Token Voting
|
- MKR token holders vote on risk parameters, new collateral types, and other protocol changes
- Executed through executive vote smart contracts
|
Chief.sol
|
Incorporating Real World Assets into Stablecoin brings a unique set of risks
Incorporating Real World debt finance instruments into DeFi creates a multi-layered risk structure. Primarily, the performance of the Real World Assets hinges on the real-world asset it represents, such as mortgages or invoices, carrying the inherent risk of default by the original asset holders. Equally significant is the counterparty risk introduced by the entity (in this case, Centrifuge) tokenizing the asset. The accuracy and honesty of the originator in representing the underlying asset are critical, as misrepresentation could undermine the value proposition. Here, emerging multi-party custody arrangements could offer safeguards, particularly when they integrate with existing jurisdictional frameworks. Finally, smart contracts and blockchain infrastructure used to manage these Real World Assets also introduce some, comparatively minor, technology risks (Least Authority, 2020). The core challenges in RWA integration lie in managing the off-chain asset performance and counterparty risks, which cannot be fully mitigated by technology alone. The information asymmetry these create could lead to mispricing of risks or even systemic vulnerabilities if RWA-backed assets become a significant portion of the DeFi ecosystem.
Figure 2: MakerDAO's financial evolution between 2022-05 and 2024-07. Source: CoinMarketCap (2024), Tadeo (2024), and DefiLlama (2021).
The historical balance sheet of MakerDAO, illustrated in Figure 2, reveals significant shifts in the protocol’s financial structure and risk profile. The chart depicts both the protocol’s non-Real World assets and liabilities, alongside its collateralization ratio, which is calculated as the ratio of assets to stablecoin debt. It is important to note that locked DAI and RWA DAI categories are not mutually exclusive and do overlap.
From 2023 onwards, two major trends emerge. First, the protocol has increasingly incorporated various tokenization projects, which now account for approximately half of its total debt. While DAI appears overcollateralized, this assessment relies on the perceived value of its Real World Assets, which cannot be liquidated via the protocol's automated fire-sale mechanism. As a result, the protocol's effective collateralization ratio for immediate liquidity now hovers around 1, only backed by its non-Real World assets. This introduces risks in case of Real World Asset defaults, which could trigger a run on the protocol.
It is important to note that while the tokenization of Real World Assets may expand access to the underlying asset and improve certain aspects of liquidity on-chain, it cannot enhance the underlying assets' ability to be quickly converted to cash, especially in stressed market conditions.
In such a scenario, MakerDAO might need to sell both its Real World Assets and non-Real World assets – the latter through its fire-sale mechanism and the former, manually. However, manually selling Real World Assets in a fire-sale scenario is time-consuming and might not restore confidence quickly enough without offering substantial discounts. Combined with the lack of emergency liquidity from a central bank, this situation poses a potential challenge to the protocol's solvency. For further details, see Table 3.
|
Table 3: Comparing Asset Fire-sales
|
|
Aspect
|
Crypto Collateral
|
Real World Assets Collateral
|
|
Liquidation Speed
|
Instant (minutes)
|
Slow (days to months)
|
|
Liquidation Mechanism
|
On-chain auctions
|
Off-chain maturity/refinancing
|
|
Price Discovery
|
Real-time, market-driven
|
Limited, based on off-chain processes
|
|
Firesale Capability
|
Yes, through auctions
|
Limited, depends on off-chain liquidity
|
|
Automation
|
Fully automated
|
Partially automated, requires manual steps
|
|
Counterparty Risk
|
Minimal
|
Significant (depends on asset originator)
|
|
Scalability
|
High
|
Limited (each Real World Asset may have unique process)
|
|
Governance Involvement
|
Minimal post-setup
|
May require ongoing involvement
|
|
Transparency
|
High (all on-chain)
|
Limited (relies on off-chain reporting)
|
|
Regulatory Compliance
|
Built into protocol
|
Requires additional off-chain processes
|
Second, and critically intertwined with the first trend, there has been a notable conversion from circulating DAI into locked DAI, as users seek to capitalize on the protocol's increased profitability from Real World Asset investments. While this currently constrains the circulating supply, it introduces a potential amplification of risk during a distress scenario. If confidence in the protocol's Real World Asset holdings wavers, users may rapidly convert their locked DAI back into circulating DAI, no longer expecting high rewards. This sudden increase in circulating DAI supply could exert further downward pressure on the DAI peg. The resulting need to defend the peg could force further asset liquidations, potentially creating a downward spiral, where falling asset prices and increasing circulating DAI supply mutually reinforce each other, challenging the protocol's ability to maintain stability.
Potential risk management solutions for stablecoin issuers and for regulators
While MakerDAO has announced its “EndGame” update for mid-2024 (MakerDAO, 2023), introducing additional technical implementations, it appears that this update may not adequately address the fundamental issues facing the protocol. The logical endpoint of the protocol’s trajectory would be a system where DAI is increasingly locked and backed by tokenized assets, raising serious questions about its long-term sustainability and risk profile.
At the moment, DAI can be generated from two sources: either via tokens of different liquidity levels, or via tokenized assets whose source and management are opaque. But it is not immediately clear to ordinary users that the DAI stablecoins they are buying and using on secondary markets may have such different risk profiles. A prudent approach to address this could be to require MakerDAO and other stablecoin issuers to clearly ring-fence and label stablecoins according to how they are generated. However, it should be noted that this solution does not address the long-term issue of risk concentration.
Regulators are increasingly recognizing these challenges. The Bank of England is developing a regulatory regime for systemic payment systems using stablecoins, which emphasizes clear redemption processes and strict backing asset standards (Bank of England, 2023). Simultaneously, the UK’s Financial Conduct Authority is proposing a framework that differentiates between UK-issued “regulated stablecoins” and overseas “approved stablecoins” (United Kingdom Financial Conduct Authority, 2023).
As DeFi continues to grow, it is important for protocols, regulators, and users to recognize the complexities and risks associated with tokenization on permissionless blockchains. The future of DeFi depends on recognizing where consensus mechanisms are sufficient and where hard truths about underlying assets must be verified through traditional means. Developments in this space should focus on enhancing risk management practices, improving transparency, and aligning incentives among all participants. This includes developing regulatory frameworks that can effectively bridge the gap between traditional finance and DeFi, combining technological innovation with appropriate oversight to build robust, sustainable and trustworthy systems.
Bibliography:
Bank of England. (2022). Financial Stability in Focus: Cryptoassets and decentralised finance (No. 1). Bank of England.
Bank of England. (2023). Regulatory regime for systemic payment systems using stablecoins and related service providers. Bank of England.
Breidenbach, L., Cachin, C., Chan, B., Coventry, A., Ellis, S., Juels, A., & Zhang. (2021). Chainlink 2.0: Next steps in the evolution of decentralized oracle networks. Chainlink Labs, 1, 1–136.
Buterin, V. (2019, May 31). On Collusion.
Centrifuge. (2022). Legal Structure. Centrifuge.
Herman, E. S., & Chomsky, N. (2021). Manufacturing Consent. In Power and Inequality (pp. 198–206). Routledge.
CoinMarketCap. (2024). Cryptocurrency Prices, Charts And Market Capitalizations. CoinMarketCap.
Cunliffe, J. (2022, May 23). Reflections on DeFi, digital currencies and regulation - speech by Jon Cunliffe. Bank of England.
DefiLlama. (2021). projects/helper/tokenMapping.js at main · DefiLlama/DefiLlama-Adapters. Github.
Everledger. (2020, August 10). Everledger. Everledger.
Garratt, R., & Monnet, C. (2023). An impossibility theorem on truth-telling in fully decentralised systems. In BIS Working Paper (No. 1117). Bank for International Settlements.
Kubrick, S., Southern, T., & George, P. (1997). Dr. Strangelove. Colombia Tristar Home Vidéo.
Least Authority. (2020). Centrifuge Chain Security Audit Report (No. 1). Least Authority.
MakerDAO. (2020). MIPs Portal-RWA. MIPs Portal.
MakerDAO. (2023, May 11). The 5 phases of Endgame. The Maker Forum.
Reuters. (2023, March 11). Crypto firm Circle reveals $3.3 billion exposure to Silicon Valley Bank. CNBC.
Sandor, K. (2023, February 3). Decentralized Lending Protocol Centrifuge Accrues $6M Unpaid Debt. CoinDesk.
Sandor, K. (2023, March 23). Stablecoin Issuer MakerDAO Votes to Retain USDC as Primary Reserve Even After Depeg. CoinDesk.
Tadeo. (2024). MakerDAO Data Insights Core Unit.
United Kingdom Financial Conduct Authority. (2023). Regulating cryptoassets Phase 1: Stablecoins. Financial Conduct Authority.
Vigna, P., & Casey, M. J. (2019). The truth machine – the blockchain and the future of everything. Picador.
Walsham, A. (2016). The social history of the archive: Record-keeping in early modern Europe. Past & Present, 230(suppl 11), 9–48.
Xyz, R. W. A. (2023). RWA.xyz. RWA.Xyz.