Written by: Tejaswi

1. What is the problem?

ETHBTC has been down-only.

2. Are there easy fixes?

Tokenomics 101 says that a token goes up when:

1. Supply goes down.
2. Demand goes up.

3. Is ETH supply going down?

Not really. See this chart from ultrasound.money:

4. Is ETH demand going up?

There are two types of demand.

1. Monetary demand. People hold a token to store value, protect savings, etc. Bitcoin already does this.
2. Utility demand. People want to do things on Ethereum. They need to buy ETH for that.

We have not seen much utility demand for ETH. Why though? What happened to all the things that you do on Ethereum? Did the activity move elsewhere?

Some of it moved to alt-L1’s like Solana. Some of it moved to rollups that “settle” on Ethereum. Both are bad for ETH.

5. Rollups are supposed to save ETH, right?

At the peak of DeFi summer 2020, when gas prices (and thereby ETH prices) spiked, the stewards of Ethereum decided that Ethereum had to be scaled to handle more transactions. In October 2020, Vitalik Buterin published the Rollup Centric Roadmap of Ethereum.

6. What are rollups again?

A rollup is a centralized web2 system — similar to Google or Facebook. Except that it handles Ethereum-like transactions through an open endpoint on the internet. Behind this endpoint, the rollup operator runs a web2 server (sometimes called a “sequencer” for effect) which executes these transactions. These transactions update a database that is also maintained by the rollup operator. This database has users’ rollup-specific asset balances, or a DeFi smart contract’s liquidity pool, or other such.

The rollup is anchored to Ethereum L1 through an “anchor smart contract”, which is supposed to be immutable and has two functions.

1. Maintain the rollup’s Ethereum L1 asset balance. If a user wants to move assets from Ethereum L1 to the rollup, they send their assets here and get an equivalent amount minted in the rollup’s database.
2. The rollup operator periodically checkpoints the rollup-database to this anchor smart contract on Ethereum L1.

7. What are these rollup-checkpoints?

The checkpoint — which the rollup operator sends to the anchor smart contract every so often, is made up of two artifacts.

1. A small hash/proof that guarantees that the rollup has executed its transactions properly.
2. A large list of assertions that help users exit the rollup during emergencies. This data is large enough to be called a “blob”. It is typically called the “data availability (DA) blob”.

8. Why rollup-checkpoints?

In the “happy path” — the user is in the good books of the rollup, and their transactions go through. They are able to bridge their assets from Ethereum L1 to the rollup and back to Ethereum L1 without any problem.

In the “unhappy-path” — the user is either censored or canceled by the rollup. The user needs to leave the rollup and move their assets from the rollup’s database to Ethereum L1. This needs the immutable anchor smart contract and the checkpoints. The user can make a transaction on Ethereum L1 using the checkpoint data and the anchor smart contract. This will allow him to withdraw his assets from the rollup’s account unilaterally.

This “unhappy-path” might happen en-masse, if there is a bank-run like situation on the rollup. When the rollup loses user-confidence, so to speak.

9. Are rollups good for ETH?

Rollups are good for Ethereum, sure. They definitely scale Ethereum. The stewards envisioned a world with 1000’s of rollups, which would collectively absorb all the transaction demand in the world and would periodically commit much smaller checkpoints to Ethereum L1 — thereby scaling Ethereum. Rollups can theoretically absorb this transaction demand as they can scale like web2 services. Committing a checkpoint every few minutes is trivial for a web2 service. These checkpoints give users an assurance that the rollup is “secured by Ethereum”.

Are rollups good for ETH, the token? The answer is “No”. Most users don’t care about whether a rollup is “secured by Ethereum” or not.

10. Do rollups need ETH at all?

The rollup operator makes fees from users transactions, and in turn has to spend some of those fees on security (for checkpoint transactions). This fees can be quite low. This fees can be in stablecoins and not in ETH. The checkpoints can be made infrequently. They can be compressed. Perhaps most egregiously, the checkpoints can even be made elsewhere and not to Ethereum L1 at all!

There are various alt-DA blockchains especially meant for rollup checkpointing, like Celestia or EigenDA. Some rollups are “secured by Celestia” now.

Here’s the truth — in a world of rollups, ETH accrues value when rollups themselves pay rent in ETH because they want bank-runs on themselves to be easy.

Read that again. That is what is supposed to accrue value to ETH.

11. So, what are the stewards trying?

For inexplicable reasons, the stewards are making it cheaper to post rollup-checkpoints on Ethereum L1.

1. EIP-4844 in the Dencun upgrade (early 2024).
2. EIPs-7623 and 7691 in the soon-to-go-live Pectra upgrade.
3. EIP-7594 in the Fusaka Upgrade, which comes after Pectra.

The Ethereum stewards are perhaps hoping for Jevons Paradox — where you make something cheaper, and the demand for it goes up.

12. What sort of rollups do the stewards want?

The stewards have been proposing multiple rollup designs that ostensibly accrue value back to ETH. I list a few of them below.

TL;DR: None of them accrue value back to ETH — feel free to skip to the next question.

Based Rollups use L1 validators to run the rollup service in a decentralized way. This helps in a few ways.

1. If the rollup is decentralized, it’s more likely to be censorship-resistant, and unlikely to suffer from a bank-run. The flip side is that decentralizing a rollup brings in a swath of new problems “higher up the stack”. The biggest one is that of consensus — which the L1 has already solved after years of research. The second biggest one is network-latency, which is crucial to the high throughput of rollups.
2. If the L1 validator nodes are running the rollup as well, they get additional revenue on top of their L1 rewards.
3. L1 validator nodes also know rollup transactions before they are confirmed. This allows them to build some synergy between L1 and rollup transactions — by issuing preconfirmations for rollup-transactions, etc. This might make UX marginally better, but preconfirmations are still an area of active research.

As we can see, none of these accrue value of ETH itself. In fact, making the rollup more trust-worthy by decentralizing it reduces the incentive for the rollup to checkpoint more frequently. Based rollups hurt ETH.

Side note: Block builder teams (Gattaca, Beaver, etc.), however, are interested to push for this design because this lets them get a part of the rollup MEV pie in addition to the L1 MEV that they already get.

Boosted Rollups have the base layer’s state (L1’s state) stored in the rollup. This makes rollup smart contracts aware of the L1 state natively. This makes the L1→rollup bridging trivial, but the rollup→L1 and rollup→rollup bridging complexity remains. This could marginally benefit ETH because at most 50% of the bridging complexity is removed, and that might bring in more users.

Shared Sequencer Rollups have multiple rollups sharing the same server and ledger. This seems a bit far-fetched and also removes incentives from rollup operators who want to improve their own rollup.

Native Rollups allow easy “bank-runs” on optimistic rollups, a specific type of rollup. To enable Native Rollups, Ethereum has to fork to add the complicated EXECUTE precompile to Ethereum’s specification. On top of that, as I said before, native rollups only make the “bank-run” mode of a specific rollup design more efficient.

Take a moment to reflect on what exactly is being optimized in Native Rollups. A new complicated precompile, a hard-fork, tons of narrative-building and stewardship — all to make the “bank-run” mode of optimistic rollups a bit safer. I kind of gave up on the Ethereum stewards’ ability to do stewardship after this.

13. Is Ethereum not really relevant to rollups at all?

Well, there is the bank-run case. One rollup rug-pull might spotlight Ethereum’s “security,” but until then (and if at all), ETH has to wait. Tying ETH’s value to such dystopic low-probability events is a grim place to be in the present.

14. What do you suggest Ethereum do to improve ETH?

1. Scale the L1
2. Tokenomics 201
3. Tax Rollups

These are not in the roadmap or the roadmap’s roadmap.

15. What do you mean — scale the L1?

This means increasing the block-gas limit, explicitly deprioritizing home-stakers, and working on a Monad style scale-up with pipelined execution. Vitalik’s gas-limit tease nods at this playbook. This is perhaps the easiest route to take — as Monad has already proven that the EVM can be scaled to much higher TPS than what is currently done on Ethereum. All Ethereum has to give up is a bit of decentralization and get huge scaling boosts.

This is the easiest way to show that the Ethereum stewards mean business.

16. WTF is Tokenomics 201?

We blend ETH into other aspects of Ethereum’s functioning, like:

1. P2P network optimization (like Solana does)
2. Proof of Liquidity (like Berachain)
3. Other token locking/staking/TVL specific tweaks to the protocol. I have not thought this through.

Tokenomics 201 would be too low-brow for the stewards, I think.

17. Rollup-Tax

This is non-trivial and inelegant to implement at the protocol level. Every rollup is just another smart contract, and there is really no way to identify a rollup. They could hide in plain sight using 100’s of obfuscation techniques, some of which are:

1. Using calldata instead of blobs.
2. Encrypting their DA-data.
3. Using ZK-verification networks.

If targeted taxing of rollups is not possible, how about taxing every smart contract?

Hear me out.

Ethereum is choosing between death (on its current route), centralization (if it were to scale the L1), or this route, which might not be as bad as it sounds. Let’s say Ethereum has a hard-fork that increases the gas price of all contracts or requires some amount of stake in the network from users to interact with smart contracts — essentially making smart-contract usage very expensive; what will happen?

An increase in gas fees would cause a migration of users, and if users have a preference for decentralization, they will opt for the rollups that distinguish themselves in that regard. Of course, this comes at the risk of exposing user preferences. If users do not care about decentralization, the rollups will not, and as “rent” becomes too expensive, they will migrate to their own more centralized chains.

18. So, what now?

There is no good news at the end. Ethereum might pay too high a price for its ideological commitment to decentralization. Study ETHBTC and see where you want to be.

Written by: Tejaswi

TL;DR

1. Pectra = Prague + Electra. Similar to how Dencun = Deneb + Cancun.
2. Ethereum will take the first steps towards Smart-Accounts, which is a huge UX-win. More is needed, but this is a great first step. See the section on EIP-7702 below.
3. The rest of the EIP’s are not interesting from an investor’s perspective. They either enable potential future upgrades or pay back long standing technical debts. These kind of changes do contribute to the platform’s robustness and cannot be underplayed. But from a short-to-medium term investor’s perspective, they are not interesting.
4. Notably, there are no changes, or even hints of future changes, about L2’s contributing value back to the base ETH token.

This “Meta-EIP” has the list of all EIP’s that go into the Pectra hard-fork.

EIP-7702: Set EOA account code

A massive UX-enabler, this is the true superstar of the Pectra upgrade. It essentially gives smart contract powers to externally-owned-accounts (EOA’s). One could argue that this fixes one of Ethereum’s original design sins of separating EOAs and smart contract accounts. If you have ever heard the word “smart-account” before, EIP-7702 is the first step towards getting there. Example use cases could be:

1. Batching of transactions. DAPP approval and transaction can now be just one transaction.
2. Transaction fee sponsoring — either with ETH or with ERC-20’s. This allows DAPPs to subsidize their users.
3. Users can authorize others to spend on their behalf — that too with fine grained control.
4. Developers could come up with crazy cool ideas around what this EIP enables. Think words like “composability”, “smart-accounts”, “better-UX”, “safer-UX”, “better-custody”, “user-back-in-control”, etc.

Not surprisingly, smart-account proponents like Safe have written about this EIP. So have “safer-UX” folks like Tenderly.

From an invedstor’s perspective, it is not easy to forsee all the possibilities that this EIP unlocks. The EIP leaves a blank-slate for developers and product builders to think of interesting or even game-changing things that can be done with this feature. Watch this space.

Fireblocks has an “awesome EIP 7702” repository here: https://github.com/fireblocks-labs/awesome-eip-7702/ (fyi: ”awesome” repositories are showcases of creative things you can do with new features in any project).

Rest of the EIPs

EIP-2537: Precompile for BLS12–381 curve operations

BLS12–381 signature scheme has more security than the standard one used in consensus currently. Note that the BLS schemes are used for consensus and not for smart contract or account operation signatures. Those are still good old ECDSA algorithm. Not interesting, but worth doing.

EIP-2935: Save historical block hashes in state

This adds some additional data to Ethereum’s state to help future upgrades. I have not seen anyone ask for this, but I guess the push for stateless clients is a thing now. Not interesting, and perhaps worth doing.

EIP-6110: Supply validator deposits on chain

Solving some technical debt from the proof-of-stake migration. Not interesting, but worth doing.

EIP-7002: Execution layer triggerable exits

Effectively managing who has withdrawal rights over staked ETH has had some weird edge-cases. This EIP solves that. Not interesting, but worth doing.

EIP-7251: Increase the MAX_EFFECTIVE_BALANCE

Increase the max staking value to 2048 ETH, thereby allowing validators to stake any amount from 32 to 2048 ETH. This mostly makes large validators’ operations easier. Earlier, larger validators used to split their stake into separate nodes toget the same effect. That harade will not be not necessary anymore. Not interesting, but worth doing.

EIP-7549: Move committee index outside Attestation

Optimization that helps beacon-chain’s block-layout. Not interesting, but worth doing.

EIP-7685: General purpose execution layer requests

This makes smart-contract-driven validator management easier. Earlier, external web2 systems had to read smart-contract state and then trigger beacon node changes. Now, smart contracts can directly trigger these events. This makes trustless node-management easier, and might help folks like NodeOps, Lido, ChorusOne, etc. Not interesting, and perhaps not worth doing. I have not seen anyone ask for this.

EIP-7623: Increase calldata cost

Most “raw data” is now posted as blobs (EIP-4844), and not as calldata. This allows the repricing of calldata to its appropriate levels. This is mildly interesting, and worth doing (to discourage anyone who is still using calldata for raw data storage).

EIP-7691: Blob throughput increase

Number of blobs per block was limited to 6 before. Now, it’s increased to 8. And together with EIP-7623 from above, the consolidated picture will look like below. Transaction-block-size reduces a bit. Blob-block-size increases a bit. With this move, Ethereum continues to double-down on the rollup-centric roadmap.

Image from an excellent primer on EIPs 7623 and 7691 by 2077-Research on Hackernoon

I don’t see how this accrues value back to ETH though. This is mildly interesting and perhaps worth doing.

EIP-7840: Add blob schedule to Execution Layer config files

Makes blob-related bookkeeping easier. Not interesting, and perhaps worth doing.

Written by: Tejaswi

We love Bitcoin, Ethereum, Solana, and the rest of crypto here at L1D. Crypto — given the name, has to use cryptography somewhere, and every time there is a quantum computing (QC) announcement — we ask ourselves: are our favorite cryptos in danger? The short answer is an emphatic no.

Read on for the longer answer.

Worse case, what will we do?

There is a very low probability event where a viable QC is built in the real world that can find the private key to a standard cryptographic public key. If this low probability goes up, let’s start planning. There are quantum resistant (QR) cryptographic algorithms standardized and available already. Most cryptos can migrate to these algorithms with some coding and some coordination. The coordination part will be hard, given that cryptos are decentralized to varying extents.

Coding

Cryptos will quickly change their code to use these new algorithms. The relevant foundations, labs, and influential communities will ensure that the old software is upgraded to this new QR software. These software updates will not be backward compatible. We have a so-called “hard-fork”. Non-Bitcoin cryptos have done many hard-forks for arguably smaller stakes. So, this particular hard-fork will be an non-issue.

Bitcoin has had two hard-forks in its history (2010, 2013), both to fix bugs. The bar is high.

Coordination

Crypto custodians — like exchanges, wallet providers, and others will need to “rotate their keys” — which is jargon for “change their old quantum-vulnerable keys to new quantum-resistant keys”. Self-custody users will also need to do this. The software will encode a long time window to do this. Most users will do it and that’s that.

Satoshi’s coins

The million bitcoin purportedly belonging to Satoshi are at risk. There are tricky philosophical and ethical questions here.

1. Will Satoshi come back from the dead to rotate his keys?
2. If not, will the hard-fork freeze Satoshi’s coins forever if the keys are not rotated after the time window has passed?
3. Is that tantamount to property theft?

It would be tragically ironic if we did wrong by the one person who made this entire space possible. This question is still open.

Do we need to bother?

Quantum computers are notoriously hard to build in real life. The current crop of devices can barely figure out that 15 is 5 times 3. But recently, QC implementations by Google, IBM, and others are showing “fast results” on some problems. The key question is, what problems?

Useful vs. Useless problems

What problems can quantum computers solve? Quantum computers are NOT general purpose “fast computers” which make every hard problem easy. If there is one thing that you take away from this article, it is this — quantum computers do not solve every hard problem we know. Most problems that are hard for classical computers — are also likely hard for theoretical quantum computers. Even if quantum computers existed in real life, they don’t help solve these problems.

For now, we only know two useful problems that quantum computers can solve noticeably faster than classical computers.

1. Break a specific type of public key cryptography (Shor’s algorithm)
2. Simulate quantum chemistry (of course).

Other than these, all other applications of quantum computing you see in the media are either empty marketing claims to fool shareholders/VC’s (quantum AI) or problems for which classical computers are already quite good (solving linear equations).

The useless problem that most quantum computing companies showcase their “supremacy” in is called Random Circuit Sampling. This is a tailor- made problem for quantum computers and is specially designed to be hard for classical computers. It has no practical use whatsoever. So, when you read somewhere that a QC solved a problem in 10 minutes which would take a million years on a classical computer— remember that this problem is a useless problem.

Did I already mention that Quantum AI is not a thing? It is not.

Why Build a Quantum Computer?

Classical computing was transformed by the invention of the transistor. It was small, reliable, energy-efficient, and could be mass-produced at scale — leading to modern microprocessors. QC is still searching for this fundamental building block. Current approaches range from superconducting circuits to trapped ions to photonic systems, each with their own fundamental trade-offs. The ideal quantum “transistor” would need to maintain quantum coherence, allow precise control, tame uncontrolled errors, be scalable to millions of qubits, and be manufacturable at scale. QC needs innovations in materials that may not even exist yet. Unlike classical transistors, where we could gradually improve performance, quantum systems often face fundamental physical limits that require completely new approaches rather than incremental improvements.

Show Me The Incentive

This naturally begs the question — what is the incentive to fund the gargantuan costs of building a viable, non-trivial QC?

Here, I am assuming that quantum scammers will get called out, and investors will become smarter over time. So, we only look at legitimate applications. In my opinion, the exhaustive set of applications are:

1. Break the cryptography behind Bitcoin and spend someone else’s money.
2. Invent new molecules and drugs by simulating quantum chemistry.
3. Break the cryptography that enables encrypted internet communications.

My subjective opinion is that none of these incentives are enough.

1. Breaking Bitcoin and other cryptos — I just don’t see this as a sole incentive because these cryptos will move to QR cryptography anyway, as we discussed above.
2. Simulating quantum chemistry to invent new drugs, new molecules, etc. This seems like a strong incentive. However, the current crop of AI tools can do protein folding already (Nobel Prize in Chemistry — 2024). Whatever benefits come from simulating quantum chemistry — AI can probably get there cheaper/faster.
3. Regarding encrypted communications — perhaps some national security agency of a powerful country might want to have a crack at it. I argue that there are easier political/covert means to do that — for example, by politically pressuring PKI root certificate authorities. These are just well-meaning organizations that have been credibly neutral and running cryptography services for the last 40 years. Pressuring them is — well, easier than building a quantum computer. Also, this approach is more in line with how these agencies operate anyway.

As you can see, there is no strong incentive to build a viable QC other than getting some PR or raising that 5th round of VC funding. Useful applications like AI training/inference, enterprise software, mobile applications, cloud computing, any hard optimization problem — have no quantum advantage.

My prediction is that the funding will stop and QC will remain a theoretically interesting idea with no practically viable implementations — like Dyson spheres, photon rockets, and such.

written by Neil, L1D’s Head of Operational Risk

This piece is designed to serve as a guide and reference for launching an institutional class liquid crypto fund (‘liquid fund’) from an operational perspective. It is our intention that this will serve teams planning such launches and serve as a resource on their journey.

Crypto is still a nascent asset class, as is the infrastructure servicing it. The goal of establishing a robust operational framework is to enable trading and investing while ensuring security and control of fund assets — both technically and legally, and proper accounting for all investors.
The information and opinions included in this piece draw on L1Dʼs experience as one of the most active investors in liquid funds since 2018, and on the long track record of our team investing in hedge funds over multiple financial crises prior to our own launch in 2018. As active allocators in the years leading up to the 2008 GFC and being involved as investors and liquidators in its aftermath, our team drew many lessons that we’ve applied to investing in liquid funds.

As a guide and reference this piece is lengthy, exploring several topics in great detail. The level of detail given to any given topic is based on our experience with new managers and are typically topics that are less well understood and often left to the purview of legal counsel, auditors, fund administrators and compliance experts. We aim to assist newly launching managers navigate this landscape and working with these expert resources.

Service providers that are mentioned in this piece are included based on the established nature of their brands combined with our own experience working with them. There are no service providers that are intentionally excluded from this piece. The crypto space is fortunate to have many high-quality service providers that create a robust infrastructure landscape that is continuously evolving, and newly launching managers have many options. The scope of this piece is specifically not focused on providing an exhaustive review of the infrastructure available in the space, and there are other publications that cover this very well.

The goal here is to examine in detail processes and workflows, identify the operational risks, and present best practices for managing risks in the context of launching and operating a liquid strategy. This examination will include the following:

1. Planning and Strategy Considerations
2. Fund structures, terms, and investors
3. Operations stack
4. Trading venues and counterparty risk management
5. Treasury — fiat and stablecoins
6. Custody
7. Service providers
8. Compliance, policies and procedures
9. Systems

Certain sections include summary case studies of how certain liquid funds failed, or almost failed, for operational reasons covered in this guide. These cases are included here to demonstrate how critical even seemingly minor operational features can have outsized negative impacts. In most cases, the intent of the managers was to do the right thing for investors, and their oversights had consequences they could not fully contemplate. We intend that newly launching managers avoid such pitfalls.

Investors and investment managers who come to Crypto from TradFi backgrounds recognize the differences in parallels between managing funds in these different environments. This piece uses operations in TradFi to introduce these differences and how the resources available to liquid funds are used to achieve an operating profile that can properly service institutional investors.

1. Planning and Strategy Considerations

Identifying and vetting the right partners, establishing, testing, and perfecting procedures pre-launch can take several months. Contrary to what the broader public believes, Crypto investing at an institutional level is not the ‘wild westʼ from a compliance perspective, it is in fact quite the opposite. Quality service providers and counterparties are very risk-averse, and typically have onerous and extensive onboarding processes (KYC & AML). Such planning also includes contemplating redundancies in areas such as banking partners. From experience, a typical fund set-up can take anywhere from 6 to 12 months to establish. It is not uncommon to launch in a step-wise fashion, scaling into new assets as the full scope of certain strategies may not be achievable from day 1. This also means that the investment manager must account for a certain expense load in preparing for launch as revenue will take longer to materialize.

A liquid fund’s investment strategy effectively defines the fund’s operational profile and requirements, and the corresponding workflows to prepare for launch. The diagram below depicts what we at L1D classify as the strategy landscape. As each strategy further defines itself through sub-strategies, implementation and liquidity, the operational profile of the fund is also defined — form follows function as they say. This ultimately materializes in the specific fund’s structure, legal documents, counterparty and venue selection, policies and procedures, accounting choices, and the responsibilities of the fund administrator.

2. Fund Structures, Terms and Investors

A fund’s structure is typically determined by the assets to be traded, the tax preferences of the investment manager, and the domicile of prospective investors. Most institutional funds select structures with domiciles that enable them to face offshore exchanges and counterparties, and to attract both US and non-US investors. The section below details a fund’s offering documents and provides further details on several key items. Included are several case studies that highlight how certain choices in structure and language of offering documents led to potentially negative outcomes for investors and outright failures.

The diagram below represents a typical Cayman-based Master-Feeder structure.

Investor Types and Considerations
At a high level, when structuring a fund, the Investment Manager should consider the following characteristics of prospective investors to account for legal, tax, and regulatory implications, as well as commercial considerations.
• Domiciles — US vs Non-US
• Institutional, Accredited vs Non-Accredited Investors, Qualified Purchasers
• Number of investors and Minimum subscription sizes
• ERISA (US Pension Plans)
• Transparency and Reporting
• Capacity of the strategy

Offering Documents
The items below are the key factors when considering a fund’s structure and are typically included in the fund’s offering documents — a Private Placement Memorandum and/or Limited Partnership Agreement.

Domicile
Institutional class funds often select the Cayman Islands as the primary domicile and to a lesser extent — the British Virgin Islands. These domiciles enable the fund vehicle that faces trading counterparties — to engage with Offshore counterparties.

• Cayman Islands as the preferred jurisdiction is an artifact of TradFi hedge funds establishing themselves there, and a service provider complex having grown-up around it including legal, compliance, fund administration and audit that have established track-records in the alternative asset management space. This has carried over to crypto as many of these same brand-name service providers have now established footprints in the space. Cayman is still considered ‘Best in Class’ when compared to other jurisdictions, and the increased oversight of its regulator ‘CIMA’ (Cayman Islands Monetary Authority) is a testament to this.
• The established nature of these jurisdictions translates into a higher degree of regulatory clarity and legal precedent with respect to fund management, and highly developed AML KYC requirements, which are critical to a well-functioning market. These jurisdictions are generally associated with a premium in terms of costs.
• Cayman is the most expensive and legal establishment time consuming, leading many managers to consider BVI. BVI continues to establish itself as an accepted jurisdiction and the more quality and reputable service providers that offer services there, the more comparable to the Cayman Islands it becomes. The premium paid for selecting a name brand jurisdiction is typically justified over a fund’s life.

Fund entities — Master and Feeders
As per the structure chart above, there are typically Master and Feeder entities, with the Master fund holding the investments, engaging in and executing all portfolio investment activity, and allocating the financial economics to the underlying Feeder Funds.

• Master Funds are typically Cayman Limited Companies (LTDs) that issue shares.
• Feeder Funds for Offshore investors are typically Cayman Limited Companies that issue shares, and Feeder Funds for US Onshore Investors are typically Delaware Limited Partnerships (LPs) issuing Limited Partnership interests. A US Onshore Feeder can also be a Delaware LLC, though less common.

Fund entity form — Limited Company vs Limited Partnership
Offshore funds and Master-Feeder fund structures enable targeting a diverse set of capital sources including US tax-exempt investors and non-US investors.

The choice between structuring as an LTD vs LP is generally driven by tax consideration of the manager of the fund and how they want to be compensated for performance fees, and this is generally applicable at the Master Fund level.

Cayman Limited Company (‘LTD’): A separate legal entity distinct from its owners (shareholders). The liability of shareholders is generally limited to the amount invested in the company.

LTDs typically have a simpler management structure. They are managed by directors appointed by shareholders, and the day-to-day operations can be overseen by officers — typically the investment manager.

• Shares in an LTD can be transferred, providing flexibility in ownership changes.
• LTDs have the flexibility to issue different classes of shares with varying rights and preferences. This can be advantageous for structuring investment vehicles or accommodating different types of investors.
• LTDs typically elect to be treated as a Corporation from a US tax perspective, therefore paying taxes at the level of the LTD and not passing them through to investors.

Cayman Limited Partnership (‘LP’): In a limited partnership, there are two types of partners — general partners and limited partners. General partners are responsible for managing the partnership and are personally liable for its debts. Limited partners, on the other hand, have limited liability and are not involved in day-to-day management.

• LPs involve General Partners (‘GP’) who are responsible for managing the partnership. The GP are exposed to unlimited personal liability, LPs benefit from personal liability protection.
• Cayman has no taxes on foreign Limited Partnerships.
• LPs have a different structure, with limited partners typically contributing capital without having the same flexibility in terms of share classes.

Delaware Limited Partnership (‘LP’): Electing to implement a Delaware LP vs a Cayman LP can be nuanced and is typically related to tax and governance preferences of investors. Onshore funds are most commonly Delaware LPs.

• Delaware’s LP laws define governance and investor rights.
• Are pass-through entities for taxation eg LPs/Investors pay their own taxes.
• Provides flexibility in defining relationships between parties through the fund’s governing documents.
• A Delaware LP is typically cheaper and quicker to form.

Investment Manager/Advisor/Sub-Advisor/GP

• The entity that has discretion over portfolio management and is remunerated with management and incentive fees.
• The entities with discretion and receiving fees typically depend on the ultimate beneficial owners (UBOs), their respective nationalities, and tax preferences.
• Are typically formed as LLCs to benefit from limited liability protections as GPs have unlimited liability.

Asset Holdings Structure

• Investments are typically held at the Master Fund level, but other entities may be formed for certain assets/holdings that may be driven by tax, legal, and regulatory considerations.
• In some exceptional situations investments may be held directly by a Feeder fund for the same reason as described above, and the ability to do so must be clearly defined in the fund’s legal documents.

Share Classes

• A fund may offer different share classes with distinct liquidity, fee structures, and capacities to retain certain types of investors; often a founder’s share class may be offered to early investors making significant capital contributions. Such a share class may provide early investors with certain preferred terms for supporting the fund early in its life.
• Special Classes may be created for special situations, such as for assets with limited liquidity, often referred to as side pockets (see below).
• Different share classes may have different rights from each other, but the assets in each share class are not legally distinct nor segregated from assets in other share classes — examples of this are covered in the case studies below.

Fees

Market standard for charging of management fees is to be on the same basis as the fund’s liquidity — if a fund offers monthly liquidity for example, then management fees should be charged on a monthly basis (in arrears). This approach is also the most operationally efficient. As described further down, it is common practice to impose a lock-up period, during which management fees are charged.

• Performance Fees are typically accrued during a given year and only crystallize and become payable on an annual basis based on a corresponding High Water Mark (’HWM’). Performance fees are also typically crystallized and charged if an investor redeems within a performance fee period above the HWM.
• Some funds may favor crystallizing and charging performance fees on a quarterly basis — this is not considered best practice nor is it market standard and not favored by investors and is much less common.
• Performance fees are not charged on side pocket holdings until they are realized and moved from the side pocket back into the liquid portfolio either as a liquid holding or as cash after realization.

Liquidity

Redemption terms and corresponding provisions — should be consistent with the liquidity of the underlying holdings.

• Lock-up Periods — are at the discretion of the Investment Manager — and typically driven by the strategy and underlying liquidity. Lock-up periods may vary with 12 months being quite common but can be longer. Lock-ups may apply to each investor for the initial subscription or to each subscription — initial and subsequent. Different classes may have different lock-up periods eg founders classes may have a different lock-up periods than other shares classes.
• Side Pockets — see below.
• Gates — a fund may impose a gate at the fund or investor level — a gate means the fund can limit the total accepted amount of redemptions in the event more than a certain percentage (eg 20%) of the fund or investor assets are requested to be redeemed during any redemption window — this is done to protect (remaining investors) from the effect on prices or portfolio construction that would result from a large redemption.
• Gates are typically associated with less liquid assets where the impact of a large redemption could impact the actual price of the asset as they are sold/liquidated to raise cash for the redemption, and this feature does protect investors.
• The choice between imposing a gate at the investor level or fund level is driven by the liquidity structure and the concentration of AuM across the investor base. It is however more common, investor friendly and operationally efficient to implement a gate solely at the fund level.
• It is also important that a gate provision should specify that investors that placed redemptions prior to a gate being applied, should not have priority over redemptions placed after a gate has been applied — this ensures that later redemptions are treated on equal footing with earlier redemptions, and removes the incentive or possibility of any large investor to game the system and receive unintended preferential treatment in terms of liquidity.

Expenses

Funds may charge certain operating expenses to the Fund, which is effectively paid for by investors.

• Best practice is to charge expenses to the fund that are related directly to the management and operations of the fund, and do not present a conflict between the fund and the investment manager, bearing in mind that a manager is paid a management fee for its services, operational and other expenses related to the management company and entity should not be charged to the fund. Direct fund expenses are typically related to servicing and maintaining the fund structure — administrator, audit, legal, regulatory, on behalf of investors. Management company expenses include office, personnel, software, research, technology and expenses necessary to run an investment management business.
• Managers should be cognizant of Total Expense Ratios (’TER’). A newly launched fund in crypto will typically have a relatively low AuM for a period of time. Institutional allocators to crypto are likely taking a new risk with exposure to the asset class, that risk should not be compounded by high total expense ratios (‘TER’).
• To keep TERs at reasonable levels, enforce accountability, and align managers with investors, it is advised — and a sign of confidence — that managers undertake to cover certain start-up and ongoing operational expenses. This demonstrates long term commitment to the space and expectation of growth in AuM from this commitment will compensate managers for this investment and discipline.
• Good expense management can also further align managers and investors by mitigating potential conflicts of Interest. There can be a grey area between what benefits the fund directly, and what benefit accrues more to the manager than to the fund — industry presence at conferences and events, and associated expense policies are one such area. Expenses associated with maintaining this presence are not direct fund expenses, and often more likely are encompassed by the management fee, or even at the manager’s own expense.

Crypto is already an industry rife with conflicts, a true fiduciary approach to expense policy is critical to establishing crypto as investible by institutional allocators.

Accounting

In order to properly track an investor’s high water mark for performance fee calculations, there are 2 accounting methods that can be applied — Series Accounting or Equalization.

• Series or Multi-Series Accounting (‘Series’) is a procedure used by fund managers where a fund issues multiple series of shares for their fund — each series start with same NAV, typically USD 100 or 1,000 per share. A monthly dealing fund would issue a new series of shares for all subscriptions received each month. The fund would therefore contain share classes of Fund I — Jan 2012 Series, Fund I — Feb 2012 Series or sometimes called Series A, B, C and so on. This makes it very straightforward to track the high water mark and to calculate performance fees. Each Series has its own NAV and depending on where a series is relative to the investor’s HWM at year-end, those series at the HWM are ‘rolled-up’ at YE into the main class and series, and those series below the HWM are rolled-up as they are ‘below-water’. This process is labor intensive at year-end but once done is fundamentally easier to understand and manage going forward.
• In Equalization (’EQ’) Accounting all the shares of the fund have an equivalent NAV. When new shares are issued/subscribed, they are subscribed at the gross NAV and depending on whether the NAV is above or below the HWM, the investor receives an equalization credit or debit. Investors that subscribe below the HWM will receive a statement showing their number of shares and an EQ debit (for future incentive fees of the performance from their entry NAV up to the HWM), if subscribed above the HWM the investor receives an EQ credit to compensate for the possible overcharged incentive fee of the amount between their purchase NAV and the HWM. Equalization accounting is considered quite complicated and places an additional burden on fund administrators and many are not equipped for it. The same can be said for operations and accounting personnel of fund managers.
• Neither method is superior as investors are treated equally in both cases, but series accounting is generally preferred as it is more straightforward and easier to understand, (with the draw back that it creates many series which are not always able to be rolled up in the lead series and so there can be many different series over time which increases the operational and reporting work of the administrator).
• FIFO — redemptions are generally processed on a First-in First-Out basis (‘FIFO’) meaning that when investors place redemptions, the shares that are redeemed belong to the earliest Series to which they subscribe. This is preferable to the manager as such redemptions will trigger crystallization of performance fees if those (earlier) shares are above their high water mark.

There are cases where a manager will elect to apply leverage to a strategy via an accounting mechanism rather than a separate fund vehicle — this is not advisable, the rationale for not doing this will be described in more detail in a case study below.

Side Pockets
Within crypto investing, certain investments, typically early-stage protocol investments, may not be liquid. Such investments are typically held outside the regular portfolio and are separated in side pocket classes which cannot be redeemed with the liquid holdings during normal redemption intervals.

Side pockets came to prominence during the 2008 crisis/GFC — side pockets were originally provisions that enabled funds running otherwise liquid strategies to invest in less liquid holdings, typically with limitations in terms of a percentage of AuM, and had certain defined liquidity catalysts such as an IPO. However, as a result of the GFC, larger portions of otherwise liquid portfolios became illiquid and placed into side pockets, and such funds experienced massive redemptions meaning all liquid assets needed to be liquidated. The side pocket mechanism ultimately protected investors from having assets sold at distressed prices, but investors in liquid funds ultimately held much larger illiquid holdings than anticipated. The intention of side pocket provisions did not anticipate these compounding effects of the crisis, and therefore treatment of side pockets and the impact on investors — including valuation and fee bases — were not well thought-out.

Side pockets in and of themselves are a useful tool in the crypto space, but implementing side pockets requires careful consideration. Side pocket investments have the following characteristics:

• Should only be created if there is a genuine need for it in terms of protecting investors.
• Should ideally be limited to a specific percentage of fund AuM.
• Cannot be redeemed during normal redemption intervals.
• Are (should be) held in their own legal share classes, and not just separated by an accounting mechanism.
• Are subject to management fees but not performance fees — the holdings are subject to performance fees when they become liquid and are moved back into the liquid portfolio.
• Not all fund investors have exposure to side pockets — typically an investor will be allocated Side Pocket exposure if they are a fund investor at the time the side pocket investment is made, investors entering the fund after any particular side pocket investment is made will Not have exposure to that existing side pocket.

Key considerations when structuring Side Pockets:

• Offering documents — should clearly communicate that side pockets are permitted and intended; if the fund is structured as a Master-Feeder, both sets of offering documents should reflect side pocket treatment.
• Separate Share Classes — side pockets assets should be placed in their own class with corresponding terms — eg management fees are charged, no performance fees charged, no redemption rights.
• Accounting structure within fund structure — side pockets are typically created when illiquid investments are made, and/or existing investments become illiquid; only investors that are invested in the fund at the time the side pocket is created should have exposure to the side pocket, such investors are typically subscribed to that side pocket class. When an asset in a side pocket becomes liquid, it is typically redeemed from its class and then placed into a liquid share class, and the investor with that exposure is then subscribed to the newly created liquid class — this ensures accurate tracking of investor exposure and high water mark. If the fund is structured as a Master-Feeder, then side pockets at the Feeder level should have a corresponding side pocket at the Master Level to ensure that there are no potential liquidity mismatches between the Feeder(s) and the Master.

The following items are not directly contemplated in a fund’s offering documents, but there must be an established policy to ensure alignment of interests and clear communication with investors:

• Migration from Side Pocket classes to Liquid Classes —there should be a clear policy on what determines whether an asset is sufficiently liquid to be moved from a side pocket class to a liquid class. This policy and rule is generally based on some measure of exchange liquidity, volume and the fund’s ownership of outstanding liquidity.
• Valuation — When side pockets are created, they are typically valued at cost which serves as the basis for charging management fees. Assets in side pockets can be marked up but must adhere to clear and practical valuation guidelines. An approach can include applying a Discount for Lack of Marketability (‘DLOM’) based on a recent large transaction in the asset, eg a recent fund raise at a higher valuation than the original cost to the fund.
• Reflection on Investor Statements — Investors should clearly understand their liquidity in a fund, therefore side pocket classes should be reported separately from liquid classes (and each liquid class should also be reported separately) to ensure investors know their number of shares and NAV per share, that are redeemable under standard liquidity terms.

Sample Side Pocket Structure
The sample structure charts below reflect a generalized version of how investors are allocated Side Pocket exposure.

For purposes explanation, an Offshore Feeder LTD is used as an example as the LTD uses share class accounting and is better suited to illustrate certain key points related to this accounting concept and its application with Side Pockets. Similar mechanisms are applied for the Onshore Feeder Limited Partnership but no detail reflected in this example.

• The Master Fund makes and holds the actual crypto investments in its portfolio. Each Feeder Fund invests in share classes of the Master and is a shareholder of the Master.
• Investors in the Feeder receive shares of the Feeder — a fund that accepts subscriptions monthly, when investors subscribe in a given month, a Series is created for that month to properly account for and track performance and account for the respective incentive fee. Investors in the Feeder Fund(s) are allocated performance of the Master Fund portfolio through changes in the value of Feeders investment in the Master Fund shares and correspondingly the value increase in their Feeder Fund their shares.
• When the Master Fund holds only liquid assets, Feeder investors own an indirect proportionate share of the entire Master Fund liquid. In that case, 100% of Master Fund shares are liquid and in return also the Feeder shares are liquid and eligible for redemption based on the Fund’s terms. 100% of their Feeder Fund shares’ performance will be based the performance of the Master Fund shares and ultimately the Master Funds portfolio (with specific performance accounted for at the Series level).

In Chart 1 below, the Master Fund holds only liquid investments in January, and the entire performance will be allocated to the Feeder investors, all Feeder Series will benefit from the Master’s performance, and each identical Series (eg subscribed in the same month) will have identical performance.

Chart 2 reflects a Master Fund portfolio that determines that 10% of its portfolio is illiquid in February.

• When a certain portion of the Master Fund portfolio is illiquid, those assets cannot be sold to meet redemption requests from Feeder investors. Assets can be illiquid for 2 primary reasons — either certain assets become illiquid due to some form of distress, or the Master Fund makes an investment in an illiquid asset as a result of a special opportunity. In either case, only Feeder investors that are invested at the time the illiquid assets come into the Master Fund portfolio, should have exposure to those illiquid assets — from a fee and performance perspective, and from the perspective of the changed liquidity of their share holdings.
• To deal with the now partial illiquidity in the portfolio, the Master Fund will create a side pocket in February which will hold those illiquid assets, and only Master investors who are invested prior to February will have exposure to the side pocket — they will receive the P&L from the future performance of the side pocket, and crucially after the creation of the SP (which will take place via the Conversion and Transfer OUT and IN of 10% of their liquid shares into SP shares), only 90% of their shares are then eligible for redemption (as 10% of their initial liquid shares have been converted to SP shares). An investor that subscribes to the Master Fund in March will not have exposure to the side pocket created in February.
• The Master Fund will create a special share class to hold the side pocket assets — Class SP. When this occurs, the Feeder Funds Portfolio will then hold 2 assets (liquid master shares and non-redeemable Master SP shares) and in turn must also create a side pocket share class which will hold the illiquid exposure, eg the Master Fund SP shares. This is to ensure proper accounting and liquidity management to match the Master Fund liquidity exposure, since the date an investor is invested is now critical in determining their exposure, performance and fees. When a Feeder investor redeems (it can only be from a liquid class ie Class A shares), and in turn the Feeder Fund will redeem part of its liquid shares from the Master to raise the redemption proceeds for the redeeming investor. The Feeder SP shares (like the Master SP) are non- redeemable.
• Separate accounting for each side pocket and corresponding class is necessary to ensure that value is assigned equitably.
• In this structure, an investor in the Offshore Feeder has exposure that is mirrored from both an accounting and legal perspective at the Master Fund level (a similar mechanism exists for investors in the Onshore Feeder). This ensures that only actually liquid assets can be sold at the Master Fund level to raise cash to pay the redemptions at the Feeder Fund level.
• Investors in the Offshore Feeder will receive investor statements that reflect their liquid classes and side pocket classes so they know what their total capital is and also what capital is available for redemption.

Such accounting and proper structuring is not very well-understood by many managers and service providers, and tight coordination between the investment manager, legal counsel, fund administrator, and auditor is critical to ensure the structure and rights are enforceable and compatible with the terms of the offering documents.

Governance

• Board of Directors — it is good governance and decidedly preferable to have an independent member on a fund’s Board of Directors and there should typically be a majority of independent directors eg more independent directors than affiliated directors (eg the CEO and/or CIO). Typically, directors for Offshore Funds are provided by companies specializing in such corporate services in the fund’s domicile. If possible, it is preferable to have an independent director with actual operational experience and expertise that can add value in dealing with complicated operational issues — such individuals can also add value in an advisory capacity rather than as a formal director.
• Independent boards are becoming increasingly common for newly launched crypto funds, but there is a cost associated with directors that is directly borne by the fund.
• Side Letters — a fund may enter into side letter agreements with certain investors that provide the investor with certain rights that are not directly provided for in the fund’s offering documents. Side letters should generally be reserved for large, strategic and/or early investors in the fund. Side letters may include provisions related information rights, fee terms and governance items.

Regulatory status

• Funds are typically regulated in their jurisdictions by local company or mutual fund laws. In the US, even if a fund is exempt from registration with the SEC and the investment manager not an RIA (Registered Investment Advisor) under the Investment Advisers Act of 1940, the SEC and other regulatory bodies such as the CFTC can still exercise supervision and enforcement.
• Newer managers generally elect to be treated as an ERA (Exempt Reporting Advisor), with a much lower reporting requirement. In the US, a fund will fall into a category as defined by the Investment Company Act of 1940 for Private Funds. Two common categories are 3(c)1 which permits less than 100 investors, or 3(c)7 which permit only Qualified Purchasers (an individual with $5mm in investible assets, and an entity with $25mm investible assets). Many new funds opt to be a 3(c)1 as reporting requirements are lower, however, a manager must recognize that due to the limited number of permitted investors, they may not want to accept small subscription amount to manage this investor ‘budget’ in terms of the number of investors the fund can accept.
• Under the Securities Act of 1933, private funds can raise capital via Rule 506(b) which permits raising capital but prohibits broad solicitation, and Rule 506(c) which permits broad solicitation and comes with higher reporting requirements.
• Establishing an entity typically requires engaging legal counsel in each jurisdiction and corresponding filings and ongoing maintenance and compliance.

In-Kind Subscription and Redemptions

• A fund may choose to accept subscriptions from investors in crypto (in-kind).
• A fund may be permitted to pay redemptions in-kind under certain circumstances — this is typically not preferable and can create regulatory and tax issues as investors may not have the technical capability to custody assets or may not be permitted from a regulatory perspective to directly hold crypto assets.
• In-kind subscriptions could present valuation, tax and compliance issues. Typically, in-kind subscriptions are only accepted in BTC or ETH to avoid valuation issues. On the tax side, in the US in-kind subscriptions may trigger a tax event for the investor and this should be considered. On the compliance side, in-kind subscriptions will be wallet-to-wallet transactions, so the fund administrator as well as the fund’s agent accepting the subscription, should be equipped to perform proper KYC on the sending wallet address, and the investor should be aware of this. If a fund does accept subscriptions in-kind from an investor, when that investor redeems, it is best practice from an AML perspective to pay the redemption in-kind with the amount of the subscription paid in-kind, and any profits paid in cash.

Key Person Risk

• A key person clause enables an investor to redeem outside the normal redemption windows if a key person eg the CIO, becomes incapacitated or is no longer involved with the fund — inclusion of such a provision is considered best practice.

Case Studies

The following case studies highlight where choices embedded in a fund’s structure and reflected in the offering documents, led to negative or potentially disastrous outcomes for investors. These choices are understood to have been made with the best of intentions on the part of the respective managers and were typically motivated by trying to achieve operational and cost efficiencies.

Side Pockets

• A fund offered side pocket exposure to investors but did not create legally separate side pockets, but only accounted for side pocket exposure on an accounting basis.
• The manager and fund’s intention was clear, and the accounting was correct .
• However, since no legal side pockets were created, an investor in the fund could have theoretically and legally redeemed their entire balance — both liquid and illiquid side pocket holdings — and been legally — according to the terms of the fund documents — entitled to their entire balance.
• Investors received investor statements that did not reflect a side pocket class (as none were created), and therefore may believe their full reported NAV was available for redemption.
• If a large investor in the fund did in fact make such a redemption, within their legal rights, this would have forced the manager to liquidate illiquid assets at highly unfavorable terms, to the detriment of remaining investors, and/or selling the fund’s most liquid assets and leaving remaining investors with the least liquid assets, and putting the entire fund at risk of collapse.
• Ultimately this was corrected in terms of providing clear definition in updated fund legal documents, the creation of formal and legal side pockets, and proper investor reporting.

It should be noted that this issue was identified by L1D.

This fund’s manager, auditor, fund administrator and legal counsel were all under the impression that the structure as originally designed and implemented was sound and appropriate. The further lesson is that even experienced service providers don’t always get it right, and that managers must themselves master such domain knowledge.

Structuring

The strategy that L1D intended to invest in was in fact a share class of a larger fund (the ‘Umbrella Fund’) that offered various strategies via different share classes. Each share class had its own corresponding fee terms and redemption rights.

The Umbrella Fund was a standard Master Feeder structure.

On the face of it, this appeared to be an approach to scale various strategies through a single fund structure to save on costs and execution fees. However, one provision of the ‘Risks’ section represented the following:

Cross Class Liability. For accounting purposes, each class and series of shares will represent a separate account and will be maintained with separate accounting records. However, this arrangement is binding only as between the shareholders and not on an outside creditor of the Fund, who deals with the Fund as a corporate whole. Thus, all of the assets of the Fund may be available to meet all of the liabilities of the Fund, regardless of any separate portfolio to which such assets or liabilities are attributable. In practice, cross class liability will usually only arise in situations in which any class becomes insolvent or exhausts its assets and is unable to meet all of its liabilities.

• What does this mean? It means that if the Umbrella Fund was subject to liquidation, the assets of each share class would be considered assets available to Umbrella Fund creditors, potentially wiping out the assets of each and any share class.
• What happened? The Umbrella Fund was ultimately poorly risk managed leading to its blow-up and liquidation, and the assets of each share class, including the specific share class L1D considered as an investment opportunity, were swept into the bankruptcy estate. The assets of this fund and this share class subsequently became subject to broad litigation, and investors are basically left powerless with recovery uncertain.

A risk management failure at the investment level led to a blow-up, weaknesses at the operational/structuring level led to a further loss of capital by investors who were not exposed to the strategy that actually failed. An inadequately thought-out structuring decision with relatively mundane representation in the PPM resulted in an outsize loss for investors in a stress scenario. The risk was effectively buried in the PPM as a Key Risk Factor, albeit not intentionally hidden.

Based on the structure, L1D passed on the investment during initial due diligence.

Accounting Leverage

The following summary case study offers perspective on the risks when attempting to apply distinct strategies implemented at the share class level rather than by separate funds, each fund with its own assets and liabilities. The narrative is quite similar to the previous example — a risk management failure in the investment process, was amplified by a structural weakness.

• The fund offered levered and unlevered versions of its strategy via share classes within a single fund.
• The fund was a single pool with all collateral with the fund’s trading counterparty a single legal pool — all P&L was attributed to the fund as a whole, and the manager would allocated P&L on accounting basis based on share class leverage.
• The fund’s strategy and corresponding risk management processes were changed without notice to investors, this coincided with a major market event that effectively wiped out the fund’s collateral with its counterparty, leading to massive liquidations.
• Based on the leverage ratio as defined at the share class level, investors in the unlevered share class would have expected a large loss, but not to be wiped out. Again, the cross-liability risk as represented in the PPM communicates this risk but was not well-understood by investors in the unlevered share class.

This fund’s failure was the result of a confluence of events — an uncommunicated change in strategy and poor risk management that coincided with a tail event in the market, and compounded by the structuring choice that meant investors that intended unlevered exposure were Still impacted by the application of leverage.

NAV Reporting delays
See Service Provider Section, Fund Administrator

3. Operational Stack

The operations stack is defined here as the entire universe of functions and roles that must be undertaken by a manager to carry out its investment strategy. These functions encompass trading, treasury management, counterparty management, custody, middle office, legal and compliance, investor relations, reporting, and service providers.

Trading activity in TradFi has several specialized parties that ensure secure settlement and ownership — the diagram below reflects the parties involved in a trade in a US equity.

In crypto trading and investing, trading venues and custody form the core infrastructure, as their combined functions form the parallel architecture of the TradFi settlement and prime brokerage models. As these entities sit at the core of all transactions, all processes and workflows are developed around interfacing with them. The diagram below demonstrates the roles played by prime brokers and services they offer.

In TradFi a key function of the prime broker is to provide margin, collateral management and netting. This enables a fund to achieve capital efficiency across positions. For this service, the prime brokers can typically rehypothecate client assets in custody (eg lend out securities to other clients of the PB).

Though the prime broker plays a key role in managing counterparty risk, the PB itself is the primary counterparty to a fund and itself presents a risk. The rehypothecation facility means that client assets are lent out, if the PB fails for any reason, the fund client becomes a creditor as the rehypothecation means that client assets are not the property of the clients.

Within crypto, there are no direct parallels to TradFi prime brokers. OTC desks and custodians are attempting to fill this role or aspects of this role, in different ways. FalconX and Hidden Road are 2 examples. However, given the disparate nature of crypto — particularly since underlying assets sit on different blockchains that are not necessarily interoperable — and exchanges have more limited reporting systems, as well as operating in variety of jurisdictions, prime brokerage in crypto is still evolving. Most importantly, the incentive for an entity to become a prime broker in the first place is the ability to rehypothecate client assets, which is an explicit aspect of their business model. Prime brokerage failures during the GFC demonstrated the counterparty risk that Prime Brokers themselves posed to their hedge fund clients. Such counterparty risk in crypto is amplified given brokers and exchanges are less well-capitalized, subject to a lower level of risk management oversight from regulators or investors and will not be bailed out in a crisis. This is further compounded by crypto’s inherent volatility and the risk management challenges that presents. These factors make it very difficult to apply the TradFi prime brokerage model to crypto in ‘safe’ manner from a counterparty risk perspective.

The prime brokerage model is useful in defining a crypto investment manager’s operation stack, as the manager undertakes most of the functions of a PB internally, and/or assemble the various functions across several service providers and counterparties. These roles and skill-sets are typically both insourced and outsourced, but given the nature of service providers available in the space, a lot if not most expertise should be anticipated to be in-house and domain knowledge on the part of the manager is essential.

Operations Stack — Liquid Crypto Funds
Below are the primary operation functions within a liquid fund. It is still important to have a degree of segregation between operations and investment/trading and this typically applies to signature policies involved in the movement of assets.

Mid/Back-Office: fund accounting, trade and portfolio reconciliation, NAV production — typically oversees and supervises the fund administrator.

Treasury Management: managing cash & equivalents, collateral with exchanges, stablecoin inventory, banking relationships.

Counterparty Management: performing diligence on counterparties including exchanges and OTC desks, onboarding with counterparties and negotiating commercials terms, establishing asset transfer and settlement procedures between assets under fund custody to counterparties, establishing exposure limits to each counterparty.

Custody and Staking: internal non-custodial wallet infrastructure, third party custodians — includes establishment of whitelists and multisignature (‘Multisig’) procedures, maintenance of wallets, hardware and associated policies and security provisions, performing diligence on third party custody providers.

IT & Data Management: data systems, portfolio accounting, back-up and recovery, cybersecurity.

Reporting: internal reporting, investor reporting, audit.

Valuation: development and application of valuation policies.

Legal and Compliance: managing outside counsel, internal policies and procedures, dealing with regulatory filings including AEOI, FATCA, AML/KYC and other matters.

Service Provider Management: due diligence on service providers, service agreement vetting and negotiation, management of service providers with focus on the fund’s administrator.

Operations Roles

Given the above operations functions and responsibilities, when considering the appropriate skill-set for the operations personnel — typically the director of operations and/or COO, the requisite skill-set will include experience in these areas and may also further depend on the fund’s strategy and underlying assets. Requisite experience typically falls into two categories:

• Accounting and audit– appropriate for all funds but most critical for funds with high turn-over, many line items, and complicated share structures (such as side pockets).
• Legal and structuring — appropriate for funds that are trading in structured-type products and strategies with tax and regulatory components, typically some form of arbitrage.

In both cases, where there are gaps within the expertise of the individual, eg an accountant with no legal background, the gaps are typically filled by an outside party eg legal counsel. However, it should be noted that fund administrators in the space — as will be covered in more detail below- typically require a great deal of oversight and supervision leading up to and during the first 3–6 months after launch, and individuals with experience and backgrounds in fund operations, fund administration or dealing with fund administrators, and/or accountancy professionals are typically well-suited to manage this.

It is best practice that an investment manager to be able to maintain a shadow set of fund records, effectively performing a shadow, that mirrors the records kept by the fund administrator. This enables a tri-party reconciliation between the investment manager, fund administrator, and financial counterparties. Tri party reconciliation is done at month-end to ensure all records are aligned and match.

Overview of entities involved in fund operations

Life Cycle of Asset
The flow of assets from subscription to the fund, trading, and redemptions, demonstrate the functioning operations stack. The generalized life cycle below indicates the operational touch points:

Investor Subscriptions are transferred to Fund bank account

1. Investor subscriptions are transferred to fund’s bank investor account and after the KYC/AML is cleared moved to the Funds Trading or Operations account.
2. Fiat is transferred to fiat-on ramp (exchange or OTC) and exchanged for (typically) stablecoins; typically fund administrator must be second signer on fiat transfer out of bank account.
3. Stablecoin balances may be held on exchange and/or in third-party custody.

Investment Committee/CIO decides on a trade/investment

1. Pre-trade clearance for compliance (eg personal trading policy) and/or risk management purposes.
2. The Trader sources liquidity — via counterparty — exchange or OTC — order type is specified ie market/limit/stop, and potentially execution algorithm ie TWAP/VWAP.
3. Interface with counterparty via API, portal or chat (ie Telegram).
4. If exchange trade for listed assets, stablecoin balances are used, settled assets are transferred to third party custody.
5. In an OTC trade, some trades may be pre-funded, or OTC desk may provide some credit line — order is filled, settled and then assets are transferred to third party custody.
6. If Perpetual swap trade — maintain collateral balance with exchange, make periodic funding payments.
7. Clearance and settlement — verify trade details while trade settles; once trade is settled, move assets to storage/custody.
8. Investment team evaluates impact on exposure and risk parameters.
9. Operations reconciles all positions on a daily basis — assets, account balances (counterparty, custody, bank), price, quantity, price reference, calculates portfolio P&L; issue internal reports.

At Month-end, provide Fund Administrator with Trade File and Reconciliation Package

1. Fund Administrator independently verifies assets and prices with all counterparties, custodians, banks — typically manually, via API, support from OTC desks (eg TG chat extracts), and/or using third-party tool such as Lukka, applies fee and expense accruals.
2. Investment Manager works with Fund Administrator to resolve differences in Reconciliation and calculate final NAV.
3. Fund Administrator applies internal Quality Assurance/QA process, calculates fund NAV and Investor NAV.
4. Fund Administrator provides final NAV package to Investment Manager for review and sign-off, issues Investor Statements.

Investor places redemption

Invested assets are transferred out of custody to exchange/OTC and converted to fiat and sent to the fund’s bank investor’s account.

Following approval of the NAV

The Fund Administrator authorizes redemption payment to redeeming investors.

Generalized Counterparty Flows

This diagram reflects flows described in the Life Cycle of Assets.

4. Trading Venues and Counterparty Risk Management

Since the collapse of FTX, funds have re-evaluated their approach to managing counterparty risk, specifically whether to leave assets on any exchange, as well as managing exposure to any entity that holds fund assets at any time, including OTC desks, market makers, and custodians. Exchange-hosted custody is a form of custody (covered in more detail in the Custody section), whereby an exchange holds customer assets, and those assets are co-mingled with exchange assets and not bankruptcy remote. Funds hold/held assets on exchanges because it was easier, more cost efficient, more and capital efficient.

It is also worth noting that agreements with OTC desks provide for delivery vs payment, where the client pays before assets are delivered. In addition, these agreements typically specify that such assets are co-mingled with other client assets and not segregated or bankruptcy remote. Therefore, before assets are delivered, there is still risk of default of the OTC counterparty. During the FTX collapse, certain OTC desks themselves had unsettled client trades with FTX. Those OTC desks became creditors to the FTX estate and chose to make their clients whole from their own balance sheets, even though not obligated to do so. Formally underwriting exchange and OTC counterparties has been difficult as financial statements are not necessarily available and may be of limited use, though transparency is improving.

Approaches to Counterparty Risk Management
In order to properly manage counterparty risk, an investment manager should define a policy that is compatible with its investment strategy. This could/should include defining:

• Max exposure permitted to any counterparty.
• Max exposure permitted to any counterparty type — Exchange, OTC, Custody.
• Max exposure permitted to any sub-category — Qualified Custodian vs Other.
• Max time limit for trade settlement — typically measured in hours.
• The percentage of fund assets that can be unsettled at any given time.

Additional measures can be taken to monitor the health of a counterparty, including ‘pinging’ the counterparty at intervals for small trades to test response times. If response times are outside of normal ranges, a manager may move to transition exposure away from that counterparty. It’s a given that fund managers are continuously monitoring market activity, news and wallets of major players to identify anomalous activity to get ahead of any potential defaults and move assets.

Considerations for DeFi
Decentralized exchanges (“DEXs”) and automated market makers (“AMMs”) can supplement a fund’s counterparty universe, and under certain conditions can act as substitutes. When certain centralized players have experienced distress, their DeFi counterparts have performed relatively well.

When interfacing with DeFi protocols a fund trades counterparty risk for smart contract risk. As a general rule, the best way to underwrite smart contract risk is to size exposure in the same manner as counterparty exposure limits are defined (as described above).

In addition, there are access and custody considerations when interfacing with DeFi protocols, covered in more detail in Section 6 — custody.

Tri Partite Structures
To manage counterparty risk associated with exchanges, there are several service providers that have developed innovative approaches These approaches implement a tri-partite structure. The solutions detailed below have gained significant traction.

As the name suggests, there are (at least) three parties in this arrangement — the two parties that are transacting with each other, and the third party — the entity that manages collateral on the transaction, which is typically a custodian. This third party will monitor and manage the collateral assets involved in the transaction.

A key feature of this structure is that the party managing the collateral maintains the assets in a legally segregated manner, typically a trust, that protects the transacting parties from the entity managing this collateral and securing the structure.

Within this structure, the entity managing the collateral ensure both parties deliver and pay and then effect settlement.

As part of the process, excess collateral is posted or returned according to margin requirements, reporting is provided to both counterparties, and assets are continually monitored to ensure they’re sufficient for the financial transactions between the counterparties.

Copper ClearLoop
Copper Technologies through its ClearLoop product, enables off-exchange settlement, or settlement within custody. In such a set-up, both parties — the fund client and the exchange counterparty — both effectively post collateral to Copper (and such collateral is within a Trust), which acts as neutral settlement agent on behalf of both parties. This protects a fund from the risk of default of the exchange counterparty, where the principal (collateral) is protected, but there is still P&L risk if a counterparty defaults before a (winning) trade is settled.

Copper has been an early innovator in this type of set-up, and it capitalizes on its custody technology and existing exchange integrations.

All other major custodians including Anchorage, Fireblocks, Bitgo, Binance and others are working on their own form of Tri Party Agreements using both legal constructs and technology, and/or may partner with Copper.

Hidden Road
Hidden Road Partners (’HRP’) has developed a form of prime brokerage that provides a form of capital efficiency and counterparty risk protection. HRP raises capital from institutional investors and pays them a return on capital, which it generates by providing financing to clients for trading. HRP mitigates its risk by setting risk limits and requires some portion of collateral upfront. Clients can then net positions across trading venues.

Under this framework:

• Funds do not need to post collateral with exchanges or trading partners.
• Counterparty risk is transferred to HRP’s balance sheet.
• The transaction is documented under ISDA and standard Prime Brokerage agreements.
• Clients can margin portfolios across venues.

5. Treasury — Fiat and Stablecoins

The treasury function within a Crypto HF is typically a combination of managing small fiat balances, and inventories of stablecoins. Once investor subscriptions are accepted, they are typically swapped into stablecoins via a fiat on-ramp — an exchange or OTC desk. Considerations for treasury functions are as follows:

• Banking Partners
• Stablecoins

Banking Partners
Liquid funds typically keep very low fiat balances given most activity is transacted in crypto, and typically stablecoins. Still, all liquid funds need established banking partners in order to accept investor subscriptions and fund fiat-based expenses and pay service providers. The banking partners that are willing to work with crypto clients continues to expand, but onboarding processes from an AML and KYC perspective can be onerous and can often take months to complete.

Given the willingness of banks to work with crypto clients can change based on their respective risk appetites, funds should work with at least two banking partners for redundancy. When Silicon Valley Bank, Signature Bank, and Silvergate Bank failed, many funds were left without a banking partner and could not reliably conduct certain business including funding redemptions that had been placed and accepted before these banks failed.

An onboarding process is quite document heavy and may be via a portal or direct submission of documents. From the bank’s perspective the goal of the process is to ensure the client does not pose any risk from an AML and KYC perspective. To achieve this, the bank will perform due diligence on the fund structure, its UBOs (Ultimate Beneficial Owners), control persons (eg directors), and on the investment manager. Funds and investment managers with more complicated management and ownership structures should be prepared to explain the relationship between the various entities — preparing an organigram for this purpose is useful.

Below is the standard document set required by a (US) bank to get the process started. These documents are quite standard, but themselves may have up to 100 underlying questions related to the fund’s operations, the investment manager, all service providers, and potentially investors as well. In addition, once onboarded, there are typically ongoing/annual compliance exercises that may amount to re-onboarding.

Banking partner onboarding documentation requirements

• Account application
• Due Diligence Questionnaire
• Certificate of Incorporation — typically notarized or certified
• Private Placement Memorandum
• Memorandum and Articles of Association or Limited Partnership Agreements
• Financial Statements
• Register of Directors
• Business Registry Extract
• W-BEN-E
• FATCA ID — GIIN
• US Tax ID
• Passports/Drivers License for Account Signers and Authorized Users
• Certification of Beneficial Owners
• Passports/Drivers License/Proof of Residence for all Underlying Beneficial Owners (UBOs, > 10% or 25%)
• Regulatory Registration Status
• Service Agreements with Key Service Providers — Fund Administration, Compliance, Directors

Stablecoins
Stablecoins are an integral to transacting in crypto. Stablecoins also present certain operational risks. Stablecoins themselves, particularly USDT/Tether — are subject to periodic ‘scares’ over regulation, backing, de-pegging and fears that redemptions could be halted (though this has never happened). Therefore, diversifying stablecoin inventories across several stablecoins is prudent.

Banking partners typically do not impose monthly minimum balance requirements, but also typically do not offer a full suite of services for small fund accounts, including the ability to purchase and hold US Treasury Bills. Funds may therefore opt for other forms of stablecoins including Ondo, a tokenized note secure by short-term US Treasuries and bank deposits, or similar offerings by Centrifuge including Real World Assets/RWAs. Yield bearing stablecoin products may present their own risks and the structure of each stablecoin products should be subject to diligence to properly understand these risks.

6. Custody

In crypto, the term ‘custody’ is a metaphor as assets do not have physical representations eg share certificates.

In TradFi, custody is identity-based in that a custodian serves as an agent to individuals and corporate entities’ ownership of assets. In crypto, a custodian serves as agent to access and control of private keys.

There are several types of custody with crypto and the appropriate form of custody is typically determined by the investment strategy in terms of assets traded and trading frequency. It is likely that more than one type of custody will be implemented.

Use of third-party custodians is considered preferable where the strategy permits it, as they provide several levels of redundancy and are generally scalable. In addition, as described in section 4, custodians may extend their technology to support tri-partite arrangements. When selecting a third-party custodian, a rigorous due diligence process should be employed. In some cases, a form of self-custody may be warranted — this may include the use of hardware wallets and/or smart contract multi-signature wallets.

Custody Policy
It is important to understand the technical differences between the various types of custody, and offerings of top-tier custodians each implement one of several industry standard security architectures. The track record of incumbent custodians in crypto is quite good in that there have been no major losses, either systemically or idiosyncratically, and they have all weathered the various crises characteristic of the industry. Custodians have in fact benefitted from these crises as investors now place increasing value on third party custodians.

Each fund strategy is different, and it is likely that a complete custody set-up will include several forms of custody to meet a strategy’s full needs. This process should result in the creation of a practical custody policy that considers the following factors:

• Assets traded — Not all custodians support all assets, to ensure comprehensive asset support will likely mean working with more than one custodian.
• Frequency of trading — Strategies that implement relatively high frequency trading, will likely keep some portion of fund assets on exchange; however, there are now third party custodians using an MPC architecture that also support relatively quick access to assets.
• Diversification and Limits — as with counterparty management, a similar approach can be applied to custody — such limits are typically applicable to the split between custody types — third party custody, on exchange, and self-custody.
• Investor preferences — Some institutional investors may have a preference or requirement for the majority of fund assets to be with a regulated third party custodian. However, it should ultimately be the manager’s decision on the best approach on behalf of investors.
• Internal resources — For teams whose strategy requires the use of self-custody, those teams should have the requisite technical expertise and/or access to it, to establish an appropriate operational security program to ensure proper safe-keeping of hardware and recovery phrases. The same holds true for teams that rely largely on third party custodians — there needs to be secure and practical methods for backing up seed and recovery phrases.
• Recovery Protocols — In all cases, managers must develop protocols for recovery of private keys, seed and recovery phrases in the case of a catastrophic events, including situations where key people become incapacitated. These protocols typically involve a combination of technical and legal measures including the use of safe-deposit boxes and other forms of physical security, and appointing third-party legal agents to act on the fund’s behalf in the case of catastrophe.
• Access Control — Determines who within the manager, under what circumstances and by what method, can create whitelisted addresses, access assets and move/withdraw assets from custody — this includes defining the 2FA methods, use of smartphones, and quorum requirements for multi-signature wallets.
• Segregation and Control of Assets — When working with any third party — an exchange, custodian or other counterparty — it must be understood to what degree, if any, assets are legally segregated and the property of the fund, and the fund’s legal recourse if a counterparty fails.
• Third Party Oversight — When working with third parties, it must be understood to what degree of oversight they are subject to, either by auditor and/or regulators.
• Regulatory Considerations — a fund may have its own regulatory considerations. US-based managers may not be able to face certain custodians in Europe or elsewhere, and if they wish to do so, need to devise and implement management and ownership structures that permit this.
• Redundancy — Redundancy across key services is preferred but not always possible. Onboarding and maintaining accounts with third party custodians involves a degree of overhead and cost that may not be justified for a newly launching manager, but redundancy should be considered where feasible.

The primary consideration for selecting a custodian is by definition security. Ultimately the nature of a strategy’s underlying assets and the trading frequency will determine the custodial method and custodian. For more complex strategies involving multiple trading styles and sub-strategies, it is likely that several custody methods and custodians will be selected.

The following details the pros & cons of the 4 primary custody categories:

Self Custody

• Browser-based, software-based, cold/hardware/offline.
• Broad asset support, greater control.
• Safe but requires extremely good framework with several layers of redundancy and coordination and technical know-how.
• Generally used for assets for which there is no third party support.

Non Custodial

• Smart Contract Custody/Multisignature Wallet — assets are held in a smart contract wallet created and managed by the user (ie Safe for EVM, Squads for Solana).
• Are better suited for low turnover strategies rather than strategies that trade more frequently as moving asset between wallets is more operationally complex.
• May involve use of hardware to access non-custodial wallet.

Third Party Custody

• Institutional grade.
• Clearly defined features and controls.
• May have some compliance/light regulatory status ie Qualified Custodian, and be subject to SOC audit, others (ie Anchorage) have put themselves under the supervision of the Comptroller of the Currency; likely to be insured to a limited extent.
• Assume responsibility for assets, servicing, managing complex technology.
• Sub-custody where institutional investors can outsource custody operations to a custodian in an omnibus account or segregated account set-up (custodian would not know end-investor).
• Can be warm, hot, cold (see below).

The table below provides a high-level overview of the characteristics of each Wallet type.

Third Party Custodians
These are typically the most technically advanced and provide the entire custodial infrastructure and corresponding workflows. Third party custodians are considered to hold both the keys (or some portion of the key material) and the assets themselves. Third party custodians are typically represented by 2 types of architectures:

Multiparty Computation (‘MPC’)

• MPC is a method of bringing together key shards to sign a transaction. MPC is used in the case that the client wants to hold a part of their private key (a ‘shard’ or a ‘share’), in addition to the part(s) held by the Custodian. This prevents the Custodian from misusing the key and makes the key effectively impossible to steal from either party but increases the total responsibility for the safekeeping of the key. MPC enables a custodial solution in which a multisignatory requirement replaces the need to store private keys offline. Shards are geographically and architecturally distributed.

Hardware Security Module (‘HSM’)

• HSMs are hardware that allow the safe and controlled decrypting of private keys. The private key is generated on a device where it cannot be extracted without damaging the device — the private key is never exposed even to the holder of the device and cannot be copied or hacked. HSMs are often marketed as a better way to do ‘cold storage’, since they allow faster decryption of private keys and thus more real-time access to assets. The largest potential drawback of HSM is that keys are held in a single central location and can be made to sign transactions that they shouldn’t be signing — hence the custom business logic that requires biometric authentication.

This piece does not argue for MPC vs HSM when selecting third party custody provider. Thus far, both have been relatively battle-tested and have proven sufficiently secure. In fact, MPC Custodians can keep each shard/share in a HSM module and therefore the technologies are complementary.

Onboarding with a third-party custodian
Onboarding with a custodian involves negotiating the custody agreement, undergoing a comprehensive AML KYC process, and the creation of Custody vaults. The security measures around interacting with custody vaults are a combination of the custodian’s policies and those of the investment manager and can form the basis for asset security within an investment management operation. The technical and security aspects of onboarding with a custodian will generally involve the following steps and processes:

• Access and Authentication — Set up secure access to the custodian’s platform. This may involve creating strong passwords, enabling two-factor authentication (2FA), and defining access controls for authorized personnel, enabling biometrics and video call-back.
• Testing and Verification — Test the process of depositing and withdrawing assets with small amounts to ensure everything works smoothly before dealing with substantial holdings.
• Security Training — The custodian may provide training on how to use their platform securely. This can include best practices for safeguarding login credentials and managing assets.
• Asset Transfer — Transfer digital assets to the custodian’s designated wallets or addresses. This may involve a one-time transfer or a gradual process.
• Create Whitelists and Whitelist creation policy — Create an internal policy as to who can create and approve whitelists; create whitelist addresses and test them.
• Specify Transaction Permissions — For each whitelisted address, specify the types of transactions that are allowed. Common permissions include:
• Deposit: Allow funds to be deposited to the whitelisted address.
• Withdrawal: Allow withdrawals from the whitelisted address. Set internal withdrawal permissions.
• Transfer: Allow transfers between the whitelisted address and other addresses within the custody solution.

Regulated Status
More established custodians generally seek some form of regulatory oversight in the jurisdictions in which they operate. This is positive as such oversight typically comes with requirements including subjecting themselves to third party control audits in the form of SOC or ISAE (Service Organization Controls and International Standard on Assurance Engagements). These audits evaluate and test and organizations internal control framework. Such audits by no means guarantee that a custodian is necessarily a good fit for a fund, or even a well-run business, and most importantly, does not imply that security is guaranteed. But such audits do provide some comfort that the custodian has a coherent internal control environment.

In the United States, custodians may seek Qualified Custodian status granted by the SEC or become State Chartered Trust Companies. In both cases, such custodians are permitted to offer custody services that satisfy the SEC’s Custody Rule so that they can act as custodians on behalf of Registered Investment Advisers (’RIAs’). RIA’s have typically chosen to work with Qualified Custodians or State Chartered Trust Companies, but they also increasingly work with MPC providers that are not in fact Qualified Custodians, but RIAs and their counsel have rationalized that in order to operate their funds in the most fiduciary manner consistent with their investment strategies. Fireblocks is one such MPC provider and has has recently launched the Fireblocks Global Custodian Network to address this. Fordefi is another such MPC provider.

Institutional class third party custodians
There are many institutional class players, and each should be properly diligence and selected on their merits. The institutions below are relative brand names each with certain unique characteristics.

Coinbase Custody
Perhaps the best known custodian, Coinbase is a New York State Chartered Trust Company (with a similar structure in Ireland for European clients). As a public company is considered a relative good business risk, though customer assets are segregated and cannot be re-hypothecated and is subject to heavy scrutiny based on public company reporting requirements.

Anchorage Digital
Anchorage is an HSM-based custodian. It is also a (US) nationally chartered Qualified Custodian and is subject to supervision of the Office of the Comptroller of the Currency and has a limited banking license. Anchorage has attempted to position itself as the most heavily regulated digital asset custodian in the US.

Copper Technologies
Copper is a UK-based custodian (now licensed in Switzerland). Copper is an MPC-based Custodian and innovated with its Walled Garden custody solution. The Walled Garden solution enables funds to move collateral within a perimeter of whitelisted exchanges easily and quickly but not permitting withdrawals outside the Walled Garden without several layers of authentication. Copper has leveraged its custody technology to support its ClearLoop offering).

Fireblocks
Fireblocks is an MPC-based infrastructure provider, it is not considered a custodian in that is not mandated to protect client assets, but rather their private keys and therefore cannot get a US Federal or State Charter to be considered a custodian. However, in practical terms it is a custody provider as it offers multisignature wallets and a secure transfer network.

Fordefi
Fordefi is an is an MPC-based infrastructure provider and is a relatively new entrant though has quickly gained traction particularly with funds active in DeFi and funds that trade with shorter holding periods. Similar to Fireblocks, it is not considered a custodian in that is not mandated to protect client assets, but rather their private keys, but in practical terms it is a custody provider as it offers multisignature wallets and a secure transfer network.

Staking
Many investment strategies include the staking of assets to earn yield.

Staking providers’ core offering is based on providing staking services to Proof-of-Stake (“PoS”) blockchains. Staking occurs when the owners of PoS tokens delegate their tokens to a validator (also known as staking provider). Validators run software that is hosted either in the cloud or on a bare metal server. That software maintains a full record of the state of the blockchain and contains complex rules for how the validators should operate. Established players in the staking space include Figment, Coinbase and Blockdaemon and these services are fairly commoditized.

The operational considerations for staking are fairly straightforward. Assets are held in custody with the third party custodian, and the custodian then delegate the assets to be staked to a third-party staking provider. If certain assets are held in non-custodial wallets, they can be similarly delegated to a third-party staking provider. In this scenario, assets never ‘leave’ custody, and the staking provider can only use the assets to validate the network. The risk presented by a staking provider is that it does not validate properly due to a failure or downtime, which results in rewards being slashed, but not loss of assets, which is technically not possible. Nevertheless, staking providers should also be subject to a similar due diligence as are third party custody providers, though as indicated, the failure of a staking agent does not result in the loss of assets, which are still under control of the custodian.

In essence, there are two governing keys for each asset — a transferring key (which moves the asset from one party to another), and a staking/validation key, which only participates in the proof of stake mechanism. These two keys can be independently custodied, as they are different and not related cryptographically.

Due Diligence and Evaluation of Third Party Custodians
Proper vetting of a Custodian involves examining its operation in several categories. Such information is typically included in Due Diligence Questionnaires, SOC/IASE Reports, and Account Agreements.

Asset support

• Tokens, forks, airdrops, staking, governance, lending

Security and Control

• Internal Security Measures
• Access Control and Fraud Prevention
• CyberSecurity and Disaster Recovery
• Key Generation and Management

Terms

• Segregation of client assets and bankruptcy remoteness
• Contractual obligations
• Tri-Partite agreement support and integration

Business

• Track record
• Financial strength and balance sheet
• Customer support

Technology

• Asset safe-keeping method
• Authentication methods/MPC/2FA/biometrics
• Accessibility — how long it takes to retrieve and move assets

Regulation and Compliance

• AML KYC — Client Onboarding practices
• Third party oversight — regulators, auditors
• Background Checks

Reporting

• NAV, balance transfer, orders

Service provider support

• Permissions and access to Fund Administrators, Auditors

Segregation of Client Assets

The below extract from a custody agreement with a globally recognized institutional custodian demonstrates clear language specifying segregation of client assets and rehypothecation provisions. All custody agreements should include similar language.

Self-custody — key generation and management
The key generation process is applicable to both self-custody and third party custodians. The process described below is an extensive framework for the creation of self-custody wallets. Smaller teams need to consider the resources available to create a process that is both efficient and practical for retrieval of assets, and secure with redundant recovery provisions.

• Participants
• Safety, Security
• Access Control — logs, cameras
• Employee background checks
• Four eye principal on key generation
• No single individual controls the end-to-end process
• Segregation of responsibilities and independence — deter collusion
• Multiple practice sessions to rehearse and train
• Redundancy
• Audit process — carefully selected external review, provide independent assurance, external attendees at key generation ceremony
• Sharding of key/seed phrases and safekeeping of shards:
• Master seed split into components and dispersed storage; N of M combinations that require minimum quorum to recreate/recover
• Splitting into separate components for storage, shamir secret sharing, shards dispersed geographically and stored securely
• Shamir secret sharing or equivalent — so that key can be recovered if a s shard is lost or damaged
• Resolution process contractually agreed, use independent third-party; requestor/retriever Different party
• Write down recovery seed and stored offline in secure location that is separate from location of hardware wallet; multiple parties should be involved in storing and accessing the see recovery phrase, assure there is no key person risk

Considerations for DeFi

• Given the nature of interaction with decentralized exchanges (’DEXs’), ustody is applied differently.
• Funds will typically interact directly with DEXs and DeFi protocols using either an MPC provider and/or MetaMask Institutional (’MMI’). Copper has a DeFi offering that is still gaining traction and Fordefi has designed its service to make DeFi more accessible with institutional level security.
• MetaMask Institutional provides access to assets in cold storage without having to first transfer assets to a hot wallet (ie browser using an extension).
• In the case of Copper, Copper provides its own version software, similar to MetaMask, which integrates with Copper’s custody vault.

7. Service Providers

The crypto space offers increasing options with respect to key service providers including fund administration, audit, legal counsel and corporate services. This section will focus on these service providers as they are essential to launching and managing a liquid fund, as is a custodian as covered in the previous section. At the end of this section is a summary of other service offerings in the space, of which there are many, and as indicated in the opening, providing exhaustive coverage of all service offerings is beyond the scope of this piece. The engagement of other service offering is largely dependent on the investment strategy, the skill-set available within the manager, and economic factors.

Many established service providers in the TradFi space are expanding their offerings to service crypto — notably audit firms with global franchises. However, their experience and expertise in digital assets is still developing. In the case of fund administration, options are more limited with only a handful of relatively established firms servicing the space. The most important factors in selecting a service provider are having gained experience with digital assets, fund accounting systems, technical expertise, reputation and client service.

It’s natural to rely on the advice and expertise of service providers — but managers must also take ownership of the respective processes as guidance offered by service providers is not always correct and the consequences can vary in severity. The lack of competition in the space creates a risk of its own and managers need to be aware of this.

Fund Administrator
The Fund Administrator is arguably the most important third-party service provider, and the one where the fewest high quality options exist. The fund administrator effectively sits between investors and the fund and is independent by definition. It should be expected that following the vetting and engagement of a fund administrator, during onboarding processes and the initial phases of the relationship (ie up to 4–5 months) following launch, a lot of supervision and oversight will be required, therefore it is important to have experienced operational staff available or engage these separately.

A Fund Administrator’s functions include:

• Valuation and Pricing — Fund administrators calculate and verify the net asset value (NAV) of the hedge fund. This involves valuing the fund’s assets, which can include a wide range of financial instruments, cryptocurrencies — spot and vesting, derivatives such as perpetual swaps, futures, equities, liquidity pools, and private agreements, staked assets earning yield, interest and non-interest bearing stablecoins.
• Accounting and Financial Reporting — Maintenance of the fund’s accounting records, including tracking income, expenses, gains, and losses. Fund administrators generate financial statements and reports for investors, ensuring compliance with accounting standards and regulatory requirements.
• Transfer Agent — Verify and manage the distribution of fund shares.
• Investor Services — Interaction with investors, process subscriptions, redemptions, and transfers, and provide support for investor inquiries, calculation of investor share values and preparation of investor statements for distribution.
• Compliance and Regulatory Reporting — Assist in ensuring the fund complies with relevant regulations, including anti-money laundering (AML) and know your customer (KYC) requirements and AEOI (Automatic Exchange Of Information). They prepare and submit reports to regulatory authorities as needed.
• Reconciliation — Reconciliation of the fund’s records with those of brokers, counterparties, and other service providers to identify any discrepancies in trade, settlement, and cash positions.
• Fee Calculations — The calculation of management and performance fees based on the fund’s performance and fee structure.
• Audit Support — Work with external auditors to provide necessary documentation and data for financial audits.
• Technology and Reporting — Often provide access to software and reporting systems that enable fund managers to monitor their fund’s performance and policy compliance.
• Data Management — Maintenance and safeguarding of sensitive data, including trade data, investor information, and financial records.

It’s well worth noting that the reputation of a fund administrator is important, but when conducting diligence and managing the relationship, it’s useful to also focus on the service teams assigned to the fund’s account, and consider the experience from the perspective of a fund investor receiving investor statements and formal communications from the fund — this is often overlooked when onboarding a fund administrator or transitioning to a new one.

Reconciliation
When dealing with Crypto HFs, fund administrators have typically struggled in the area of portfolio reconciliation and pricing, which can lead to issues in providing investors formal NAVs on a timely basis (typically within 30 days following the end of any given month). It is important that fund administrators be able to reconcile and price a portfolio independently of the investment manager. This requires accessing and processing data from:

• Trading venues and counterparties
• Custody providers
• Banking partners
• Blockchains
• DeFi pools

This requires a certain amount of technical expertise given that such data is typically not provided in a uniform fashion from any of those sources, and blockchain transactions that are read from underlying chains (eg Etherscan and other block explorers) do not necessarily reflect discrete transactions, and therefore, rebuilding the flow of transactions that results in a month-end balance of a wallet address can be very complex. Doing this accurately, on a timely basis, and in a scalable manner with a high degree of automation, has proven difficult for even some of the most established fund administrators.

In the past, the lack of certain standards has created accounting and audit issues including:

• No accounting standards for treatment of DeFi can create valuation issues.
• Treatment of LP positions on DEXs.
• Booking of staking rewards as capital gains vs income.
• DEXs do not offer API access for independent reconciliation, therefore block explorers must be used

The take-away from this lack of standards is that a manager must educate the fund administrator on the nature of the investment strategy during the onboarding process and on an ongoing basis and ensure that the approach of the administrator is consistent with audit standards, therefore requiring input from the fund’s auditor.

Certain fund administrators have built in-house systems. Many use a tool called Lukka, which is a technology and data services provider for middle and back-office crypto asset processing. It’s a crypto-native product that connects, standardizes, reconciles, processes, and reports audit-ready information. It does so by automated connectivity to collect data from all exchanges, wallet, blockchains and accounts (ie bank accounts) that a fund interacts with.

When vetting a Fund Administrator, the following factors should be considered:

• Reputation & experience in crypto, structures, reporting, side pockets.
• Client service including team redundancy & cross training, seniority of team and lead.
• Technical and API expertise, in-house development teams, and blockchain analysis.
• Manual vs automated processes.
• Independent access to venues and custody.
• Internal processes and quality assurance.
• Use of third party technology such as Lukka, Zapper, Zerion, DeBank

NAV Reporting Timeliness
One of the most important services provided by the fund administrator is independently calculating the fund’s NAV and reporting NAV to investors in a timely manner — typically within 30–45 days following a given month-end.

Institutional investors may be sensitive to NAV delays as they themselves have strict reporting cycles and have internal and external reporting requirements — therefore delays potentially put their own businesses at risk or introduce unnecessary frictions.

If delays are frequent and extended, it can mean the competence of the fund administrator is questionable and a change should be considered, or the underlying reason could be of greater consequence.

Case Study: NAV Reporting Delays

The team at L1D experienced situations where more than one fund — running different strategies, in different market regimes, with different fund administrators — were unable to properly reconcile the fund’s NAV for several months.

However, the delays in NAV production were masking uncommunicated strategy shifts and poor risk management, that led to investor losses. In one case, a manager had exercised poor risk management and run up massive losses, since the NAV was not formally reported, these losses were able to continue. The delayed NAVs raised serious concerns leading to the decision to redeem from the fund.

The main take-away is that often when there is smoke, there is fire. NAV delays raise flags with sophisticated investors as they demonstrate direct operational weaknesses that indicate there could further weaknesses that could prove existential in stress scenarios. During due diligence, an institutional investor may inquire as to incidences of delayed reporting. The question reflects the understanding of the relationship between operational competence and timely reporting.

Auditor
The options for Auditors are more robust in terms of the number of auditors experienced in crypto, and the quality of audit firms (eg Big 4). However, despite the number of auditors available, they all tend to be expensive, and for new funds launching, the amount of attention new and smaller funds receive can vary, which can lead to protracted and delayed audit processes.

In all cases, the onboarding of the auditor at inception of the relationship is key to ensure they fully understand the strategy, and the fund administrator can be properly prepared to work with the auditor and respond to information requests.

The coordination and understanding between the auditor and fund administrator is critical to ensure that assets and transactions are accounted for within accepted standards. Auditors must effectively be able to reconstruct a fund as of the year-end balance sheet date, which is done so on a testing basis (eg sampling) — this includes underlying transactions, fees and expenses. If a portion of assets cannot be properly accounted for, this could result in a ‘Qualified’ audit opinion, which may be considered a Yellow or Red flag to investors.

It is also important that the auditor is comfortable with the investment manager and the fund administrator in terms of information flow. If an auditor is not comfortable they may disengage prior to the annual audit, which can have grave consequences and is considered a Red Flag for investors.

Legal Counsel
Similar to auditors, there are many reputable law firms that have established themselves in the Crypto space. It should be noted that despite the engagement of experienced and reputable legal counsel, there are still gaps related to operations.

As noted in the Section ‘Fund Structures, Terms and Investors’ — there are many operational considerations and different law firms may have different views on certain important topics. Though (newer) investment managers may rely heavily on advice of counsel, the investment managers themselves need to develop a strong independent understanding of how they want to best manage their funds and serve investors.

When structuring a Master Feeder structure, typically both US and offshore counsel are required to deal with local authorities in their respective jurisdictions.

Legal counsel in the crypto space is most relevant when it comes to regulation. Most investment managers in their initial phases will not need their own General Counsel, unless the strategy is focused on some form of regulatory arbitrage. The expertise of counsel is most relevant for funds that focus in private, illiquid investments where both structuring and the nature of the underlying investments from a regulatory perspective are fundamental to the investment case — typically related to investing in DAOs and DeFi projects.

Legal counsel is useful when structuring an investment manager’s set-up where the founders are US citizens and the fund will face Offshore counterparties via the Master Fund (eg domiciled in Cayman or BVI), which is a relatively common set-up. In other scenarios, where UBOs of the investment manager include both US and non-US citizens, there may be additional considerations including tax matters, that require special structuring — legal counsel with tax expertise is essential in such cases.

Newer managers in the space may develop strategies with unique characteristics, eg liquidity. Such strategies may require special structuring considerations that translate into nuanced provisions in the offering documents. In these cases, the ‘fine-print’ can make a large difference in terms of expressing the legal parameters of the strategy and determining whether a fund is investible from an operational perspective.

Ultimately, it is critical that a manager not rely solely on advice of counsel when structuring the fund and drafting corresponding legal docs. The manager must take ownership of this process, gain expertise where feasible, and ensure that logic and common sense have been applied.

Corporate Services
In addition to the key services described above, there are additional services required to support a fund and investment manager as legal and compliant entities. Such services are quite specialized and mature jurisdictions such as Cayman have well established firms, many of which have adequate experience in crypto. Such services are typically required for funds with offshore vehicles, including:

• Registered Office
• Governance and Independent Directors
• AML Representation and Training
• Compliance
• Economic Substance
• Tax Advisory
• Regulatory filing and reporting

Other Service Providers
There are an abundance of offerings available to new and seasoned managers that cover all aspects of infrastructure and operations. Most offering specialize in data and analytics such Nansen and Dune, with robust offerings in compliance, portfolio management systems/PMS, order management systems/OMS, and execution management systems/EMS (more detail in Section 9). Through its Coinbase Prime offering, Coinbase is beginning to package certain services together, given the scale and scope of Coinbase’s business, it is natural they would extend their offering in this manner. Amber Group offers a host of infrastructure services that evolved from its core business as a sophisticated trading shop — their offering serve both crypto native and TradFi players.

Typically, teams looking to launch a fund already possess deep technical and analytical skill-sets, often with developers available to them or part of the core team. Such teams have already built their own tools, and those tools often contribute to their edge as investors. Managers may consider additional third-party services while approaching a level of scale in terms of AuM that justifies the cost of these services, and truly adds value to the strategy.

8. Compliance, Policies and Procedures

Regulatory risk is one of the biggest risks facing crypto as an industry, and the crypto landscape is rife with potential conflicts of interest, with questionable to outright bad actors that take advantage of crypto’s characteristics for their own gain, at the expense of investors and the public at large. In this context, it is essential that managers in crypto adopt an ethical approach that is codified and transparent through a culture of compliance, with appropriate and documented policies and procedures. This not only serves the industry but also makes a fund more investible to institutional allocators. In addition, developing and adopting sound practices are a means to efficiency and scalability.

From a US perspective, a fund will not reach an AuM threshold necessary for registration with the SEC as a Registered Investment Advisor/RIA for several years. However, given the scrutiny exerted over crypto globally, it is recommended that an investment manager adopt a profile as if they were being regulated or laying the groundwork for registration with the SEC by implementing a sound policy framework.

This profile involves adopting a set of internal policies and procedures that clearly articulate inherent operational risks associated with an investment in the fund, and how they are managed. Other sections of this piece present policy frameworks for custody, counterparty management and valuation which are essential starting points for policies that encompass all aspects of operations (see below).

It is unlikely a newly launching investment manager will require a compliance officer but is within the purview of the individual(s) leading operations. Depending on the strategy and potentially other characteristics unique to the strategy and the investment manager, outside counsel and compliance expertise can be useful. Cost is also a factor and if such outside advice directly benefits the fund, it may be a reasonable fund expense, otherwise, such expenses are typically borne by the investment manager.

Policies and Procedures
For newly launching funds, creating voluminous stacks of paper may seem superfluous, but the goal of the exercise is to genuinely reflect on the risks and complexities associated with operations, and establish processes that promote good governance, efficiency and scale. Providing with investors with transparency on processes is also essential in establishing trust and accountability.

A minimum set of policies should include:

• Counterparty Risk Policy — includes exposure limits as described in the Trading Venues and Counterparty Risk Management section.
• Custody Policy — covers all matter related to all forms of custody including self-custody, exchange hosted custody, smart contract/multisignature custody, and third party custody — as described in the Custody section.
• Security Policy — physical (office) security, CyberSecurity, Password Management, Background Checks, Disaster Recovery and Business Continuity.
• Compliance Policy — cover personal account dealing, trading on inside of information.
• Conflicts of Interest Policy — covers outside business activities and relationships that could potentially be interpreted as creating conflicts and misaligning the interest of the investment manager and investors.
• Valuation Policy — Framework that determines how assets are valued — this is decided by the investment manager and implemented by the fund administrator. When a Fund invests in illiquid assets eg SAFTs, that are held in side pockets, there are special considerations related to valuation, given that performance fees may be charged once a holding becomes liquid. In addition, an illiquid holding may be subject to mark-up which increases the basis for management fees. A valuation policy for illiquids and side pockets should consider the following:
• Hold position at cost until verifiable catalyst ie completed funding rounds, OTC transactions.
• Apply Discount for Lack of Marketability — illiquidity deduction.
• Apply Discount for Lack of Marketability — comparable investments ie if the same asset has a different lock-up period.
• Exchange liquidity — to determine whether there is genuine trading interest examine (for example) 30-day average volumes of trusted exchanges compared to quantity of vested tokens

Regulatory Set-up
Most funds will likely be facing US Offshore counterparties and will therefore implement trades through an Offshore (ie Cayman or BVI) Master Fund. However, Offshore counterparties are becoming increasingly more strict when onboarding funds that may have US UBOs somewhere in the structure, eg at the investment manager. Therefore, a US-based manager must consider structures that potentially involve a Sub-Advisor, appointed by the investment manager, that is formally responsible for management of the portfolio. This may involve engaging a third-party to manage a sub-advisor and/or hiring someone locally (eg in the Offshore jurisdiction) and potentially implementing some form of economic substance to create a structure that will comply with strict AML KYC onboarding requirements.

Typically, legal counsel and specialized service providers are tasked with managing all local regulatory affairs related to incorporation and registration of the fund entities in their corresponding jurisdictions.

As described in the Service Providers section, AML KYC processes and representation are typically implemented by the fund administrator consistent with local (jurisdiction) law, and potentially by a local representative.

9. Systems

The systems offerings that support operations within the crypto space are at various stages of maturity but there are still no systems offerings that have become universally adopted, though there are certain interesting entrants. As described in Section 7 — service providers — teams contemplating launching a fund typically bring a high degree of technical expertise with them.

The critical data relevant to operations is mostly related to portfolio reconciliation as covered under fund administrators in the ‘Service Providers’ section. When vetting a fund administrator, it is important to understand the tools they use and how they use them with a focus on the degree to which processes are automated and systematic, and how quality control is implemented. A high quality fund administrator will have a qualified in-house technical team that is capable of programming API access to counterparties, where available, and be proficient in reading block explorers and use of dashboards that interface with DeFi pools.

In TradFi, there is typically an integrated stack, often provided by the prime brokerage platform, which typically enable some form of Straight-Through-Processing of transactions. This stack would typically include:

• Portfolio Management System/PMS
• Order Management System/OMS
• Execution Management System/EMS
• Data Aggregation platforms (for Operations, not Analytics)
• Integrated Accounting System

In addition, the quality of information offered by trade venues and custodians to their own clients varies highly in quality but is improving.

Within Crypto, there are several platforms that offer variations of PMS, OMS and EMS, typically focused on liquidity aggregation via multi-asset trading infrastructure that connects funds, brokers, OTC desks, lenders, custodians, exchanges, and retail platforms to manage the entire trading cycle from price discovery to settlement including:

• Pre-Trade Processes — Price Discovery, Liquidity Aggregation
• Trading and Execution — Multi-dealer RFQ, Order Management
• Post Trade — Settlement integration
• Analytics and Reporting

Entrants in this space include Talos, CoinRoutes, Elwood, and Liquid Mercury.

These are all very good platforms, but newly launching managers typically cannot justify the cost, and depending on the strategy, these platforms add value once an operation truly scales. In addition, these platforms may be more suited to strategies that are more systematic in nature and less focused on fundamental asset selection.

Newly launching managers should also be aware of certain systems that are used by service providers and counterparties for onboarding and compliance purposes. These offerings include Chainalysis, TRM Labs and Elliptic. These platforms have become staples of the crypto ecosystem performing customer verification, AML on wallets and transaction monitoring. It is unlikely that a newly launching manager will require these systems directly but would probably interface with them indirectly when onboarding with financial counterparties.

Written by: Tejaswi

Bitcoin is the largest, most well-known, most liquid, and not to mention — oldest crypto-asset in the world. Most Bitcoin hodlers are happy to just hodl. Yield-seeing Bitcoin enjoyers, on the other hand, are out of luck. Bitcoin generates zero yield natively (lost private keys don’t count). To generate yield, Bitcoin has to move to the non-Bitcoin parts of Crypto — say, Ethereum or Solana or any of the Cosmos chains. The constraint is that the hodler doesn’t want to sell their Bitcoin and move to other assets. The hodler wants Bitcoin’s value appreciation without sacrificing possible yield from other chains. In other words, they want to have their cake and eat it too.

So, how does a cautious but curious Bitcoin hodler move their Bitcoin in and out of other networks? Enter Bitcoin bridges.

What is a Bitcoin bridge?

A Bitcoin bridge is a protocol that allows the following:

1. A Bitcoin hodler (let’s call them user) is able to send their bitcoin to a valid Bitcoin address (called the bridge-address) that the user does not control.
2. After the Bitcoin network finalizes this transaction, this user is able to mint a corresponding wrapped-BTC in another chain as a part of a smart contract on that chain, or natively on the chain itself (called the target-chain). This wrapped-BTC comes with its own address, private key, and all the accoutrements of the target-chain, and is tied back to the initial Bitcoin only through the bridge construct.
3. Sometime in the future, if this user burns these wrapped-BTC tokens on the target chain, they will get back their BTC on the main Bitcoin chain. The burning involves — say — sending the wrapped-BTC to a provably unspendable address on the target chain.

The first part — depositing Bitcoin into a valid address that they do not control — is called the peg-in, or bridge-in. This is as easy as it sounds. It’s just a vanilla Bitcoin-send transaction that can be monitored by anyone/anything that can run a Bitcoin node.

The second part is also quite easy in principle. Target-chains, or target-chain-based applications can run Bitcoin node software and monitor these bridge-addresses and based on finalized transactions, can mint corresponding wrapped BTC on their own chains/apps.

The third part — where the user is able to withdraw their Bitcoin back to an address they control — is called peg-out, or bridge-out. This is not easy at all, because Bitcoin node software does not know about other chains, or apps on other chains, or the rest of the world. There is no way to force Bitcoin to release funds from the bridge-address unless the private key that controls the bridge address signs these bridge-out transactions.

Three type of Bridge Designs

1. Simple Multisig

Trust assumption: Trusted Third Party

Capital assumption: None

Nothing much to explain here. The bridge operator maintains a well publicized public address to send Bitcoins to. The private key of this public address is (hopefully) a m-out-of-n multisig — as in, n signers have the authority to sign, out of which m signers have to actually sign to move coins. The bridge operator has good security measures to make sure that the keys to the multisig are secured properly. They have mechanisms in place to mint wrapped Bitcoin on other chains (which also needs secure private key management). They have internal web2 based bookkeeping that ensures that assets are balanced properly on both sides of the bridge.

Here’re a few examples.

1. Blockstream’s bridge to its Liquid sidechain was perhaps the first serious implementation of this design. This bridge is just a simple 11/15 multisig.
2. BitGo’s bridge to the wBTC smart contract on Ethereum is the more well known of the lot. This bridge adds more complexity by dividing the operator’s role into a custodian and several merchants. The custodian has the right to mint new wBTC tokens on Ethereum, but will not transfer these tokens to end-users. The merchant intermediates between the custodian and end-user. The custodian’s Bitcoin holdings can be seen in this audit report. This reminds me of the golden days of er… gold backed fiat currency. Remember the days when users would exchange gold for fiat currency from commercial banks, who would then get the central bank to mint the actual currency? Anyway, I digress.

2. Incentivized Network Bridges

Trust assumption: 51% of the token-network needs to be honest.

Capital Assumption: Native network token has to retain its value compared to the amount of bridged Bitcoin.

In this setup, a network of incentivized nodes control the Bitcoin keys that control the bridged-in funds. The nodes are incentivized using a token that is specific to this bridge. In this world, we have 3 tokens: native Bitcoin on the source chain (Bitcoin), wrapped Bitcoin on the target chain (Ethereum, etc.), and native-network-token (on its own blockchain, typically).

Typically, these networked bridges use Multi-Party-Computation (MPC, a cryptographic primitive) to derive Bitcoin public keys for the bridge-in transactions. This specific family of MPC protocols are called Distributed Key Generation protocols (DKG). In a DKG protocol, a bunch of peer-to-peer nodes come together to create a public key whose corresponding secret key never exists. In a beautiful dance of distributed systems and cryptography, these nodes each start with their own secret, and are able to create a public key for which they can create signature shares later on demand. The protocol can also be a m-out-of-n style threshold protocol, where any m shares are enough to create a valid signature for the public key generated by all the n nodes earlier.

It’s non-trivial to get these nodes to run the DKG and signing software as expected. What is their incentive to not misbehave and say — block a bridge-out transaction?

One way to guarantee their reliable operation is that if a minority of the network misbehaves, the majority of the network get to slash the minority. The question to ask is — what asset is staked by the minority that can be slashed? This is where the network’s native-token comes in. These native-tokens need to have non-trivial value that a rational operator cares about — to incentivize them to perform the necessary bridge-out signatures. If the network’s native-token has value, the operator is disincentivized from:

1. Refusing to sign bridge-out transactions. If a minority of the operators refuse to sign bridge-out transactions, the majority of the operators can slash the native-tokens that were staked by the minority operators.
2. Bridge-apocalypse (majority colluding and stealing the bridged Bitcoin). If this comes to be, the value of the native-token will collapse because of real world news propagating off-chain. This is not slashing, but a complete collapse of the entire Bridge. All the operators together are incentivized to not do this because they care about their native-token holdings (staked and non-staked). Tricky stuff.

Here’re a few examples of projects that follow this model:

1. Stacks: The current Stacks bridge is still based on a simple multisig. Stacks has been working on the network bridge design, with STX as the native-token. It’s coming soon™ with their latest upgrade.
2. Threshold Network: The only implementation of this design already in production, kind of. The native-token (T) is already live. The current DKG algorithm of the Threshold Network cannot handle misbehaving nodes. The next generation of this algorithm will apparently do that. Till this next generation algorithm comes along, the nodes will be permissioned. We don’t necessarily have to view this (slow) evolution cynically. DKG protocols for Bitcoin (Schnorr and ECDSA) signatures have been continuously improving over the last few years, and there is still a long way to go. In an interesting turn of events, Threshold Network is now trying to subsume wBTC (see governance proposal here).
3. Nomic bridge: In its current design, Nomic does not use DKG/MPC to handle Bitcoin public keys and bridge-out signatures. But as with Threshold Network, Nomic has committed to move towards a permissionless setup.

3. BitVM Bridges

Trust assumption: One honest party (could be the user themselves)

Capital assumptions: Bridge operator needs to fund bridge-outs with their own capital (before having access to the bridged-in deposits). It’s not as bad as it sounds.

Bitcoin, even with its ridiculously limited buildable surface area — allows a few clever designs for trust-minimized bridges where the operator puts forth capital upfront that is later used to fund bridge-outs. One popular design is based on BitVM (or its latest iteration, BitVM2), a protocol that allows for optimistic computation verification.

WTF is optimistic computation verification?

Optimistic computation verification underpins many Ethereum L2’s like Base, Optimism, Arbitrum, Truebit, etc.

As a bridge operator with skin in the game, you execute a program off-chain (on your web2 server on AWS, for example), and post the result on-chain. Other folks who also have skin in the game try to replicate the same results off-chain on their own web2 servers. Let’s call one of these actors the challenger.

1. If the challenger sees that their results and your results align, we are in the happy-path, and after a certain timelock expires, you can sweep some funds from a common pool to your own pool.
2. If the challenger sees that their results and your results don’t align, they have some time to prove that you did the wrong thing. They are given an incentive to submit this proof on-chain. The proof is a small set of transactions that they post on-chain. Once these transactions are confirmed, you (the operator) cannot withdraw any money from the common pool, and hence suffer losses. If the challenger is wrong, they lose their transaction fees — which can be quite high, given the size of these transactions.

The tl;dr of optimistic verification is that in the happy outcome, the bridge operator is doing everything right and gets compensated after some time. In the unhappy outcome, any challenger can prove so and get rewarded for er…indicting the bad operator (I really wanted to use a different word than indict, but hey).

How to implement a bridge using BitVM?

1. You, the operator bring some funds as collateral to a complex Bitcoin transaction that you execute (along with others maybe) where your collateral is locked in a specific Bitcoin account (UTXO for purists) whose withdrawal is enforced by a complex tree of conditions.
2. These conditions ensure that you can withdraw your collateral from this locked account only if you execute a certain set of on-chain transactions and off-chain programs the right way. This combination of on-chain transactions and off-chain programs together make up the bridge.
3. Your commitment to executing these on-chain and off-chain programs ensures that users can send their Bitcoin into a specific type of address (that you publish and they can verify) and be assured that when they ask for their Bitcoin back, you will honor those requests. If you don’t honor those requests, you lose more money than what the user has asked for in their bridge-out request. This loss is caused by permissionless challengers who can prove to the Bitcoin network that you haven’t executed the on-chain transactions and off-chain programs as you had promised that you would.

This is a vague sketch of the design template, with many aspects still being worked on. The bridge-setup and the challenger-proof are deeply technical and still under active research.

For the curious, the VM in BitVM is the virtual machine on which the challenger’s proof runs, and the Bit in BitVM refers to this VM being executed on Bitcoin. Some have argued that BitVM is a 0→1 innovation as it enables arbitrary program execution on Bitcoin. BitVM V1 is more an exercise in what is theoretically possible on Bitcoin without changing Bitcoin in any way. Now we have the more practical V2. There are other variants being worked on as well. It’s still very early days.

Economically though, BitVM bridges are capital-inefficient for the operator. They have to commit capital up front — as collateral and to fund the optimistic-bridge-out transactions of users. They can recover this collateral only after a certain time. I would argue that the first iteration of these bridges is not capital efficient. This aspect can also be improved with just-in-time collateral, or some other economic incentive-alignment scheme. Watch this space.

And…

The three types of Bitcoin bridges are all active in the wild today. Some Bitcoin hodlers feel compelled to do stuff with their bitcoin that is beyond what is possible on the Bitcoin network. This relentless pressure to build something on Bitcoin will continue to mount. Tradeoffs will be made in complexity, trust, and capital requirements. Many hearts and wallets will be broken. But we will emerge stronger for it.

ps: This article omits daring new bridge designs that depend on changes to Bitcoin’s core protocol. Those are for this article’s sequel.

Written by: Louis, Jake

L1D is pleased to announce an investment in Pendle Finance, executed through an OTC transaction in December 2023. Pendle Finance is an interest rate derivatives platform that allows users to strip and trade the yield from yield bearing tokens.

There are a few inevitabilities in the world. The sun will rise, a pendulum will swing, and a degen left to their own devices will eventually find himself trading interest rates derivatives.

Of all the derivatives in TradFi, interest rate derivatives dominate.

But why would this also be the case for DeFi? The first reason is that interest rates are a great way to express a view. Rate derivatives are the perfect instrument for event driven trades as rates are extremely reflexive to changes in supply and demand. The second reason is that sophisticated players need to manage their risk — they simply can’t afford to be squeezed out of a borrow on Aave because the borrow rate goes into the high double digits.

You’ve likely heard this argument before (TradFi looks like this, DeFi should too) and if you’ve been in crypto long enough, you’ve seen enough investors and teams get this wrong to be seriously skeptical of any TradFi-DeFi mean reversion thesis.

Allow us to change your mind…

Through our FoF (Fund of Funds) activity, we’ve witnessed this growing institutional adoption of DeFi and DeFi instruments firsthand, and with it, the growing demand for sophisticated instruments, such as interest rate derivatives.

Almost 5 years ago, when the TVL metric was first noticed and tracked by DeFi Pulse, we remember looking at the charts for MakerDAO and Compound and thinking:

“Is that a hockey stick? That thing looks like a hockey stick…”

In the years since that moment, we look back and fondly remember it as the beginning of DeFi summer. And since then, we’ve made a promise never to ignore another hockey stick.

This is what PMF (product-market-fit) looks like.

Our thesis is a simple one:

• Mature markets need mature instruments
• DeFi is at an inflection point for maturation: native yield bearing tokens (LSDs, LSTs, LRTs, etc.) provide natural market supply while degens and institutions provide natural market demand
• The Pendle team has a proven track record of resilience, shipping code, and commitment to their community
• The recent market consolidation gives the Pendle team the opportunity to dominate this sector and land their protocol in the Pantheon of DeFi

Let’s dive deeper down the rabbit hole…

Product and Architecture

On Pendle, traders can speculate on DeFi yields by locking in a fixed yield or betting on yields increasing. Pendle has two products built on top of their single set of smart contracts:

• Pendle Earn: fixed income products for retail and risk-averse users.
• Pendle Trade: allows sophisticated traders to speculate on yields.

Examples of yield bearing tokens available on Pendle include:

• Ethereum liquid staking tokens (e.g. wstETH)
• Tokens representing positions on lending protocols (e.g. Compound or Aave)
• LP Tokens (e.g. GMX’s GLP)
• (In)famous Liquid Restaking Tokens (LRTs)
• Airdrops to token holders that are considered yield accrued to a token!

Pendle tokenizes yield bearing assets using the Standardized Yield (SY) token standard, which splits a yield bearing token into 2 new tokens:

Principal Token (PT)

• Represents the underlying asset stripped from the yield.
• PT tokens don’t receive any yield, but can be redeemed 1:1 for the underlying asset at maturity.
• Example: PT-wstETH simply is wstETH that doesn’t accrue any ETH 2.0 staking yield.
• PTs can be acquired at a discount to the underlying asset and their value will slowly converge over time to the underlying asset’s value.
• PTs are the analog of PO (Principal Only) securities or zero-coupon bonds in TradFi.

Yield Token (YT)

• Represents the yield of the asset up to expiry.
• Example: 1 YT-wstETH is worth the expected ETH staking yield that will be accrued by 1 wstETH until expiry.
• YTs are the analog of IO (Interest Only) securities in TradFi.

Pendle’s core equation provides a relationship between PT and YT’s prices, which can be visualized on the example graph below:

PT Price + YT Price = Underlying Asset Price.

The other core piece of Pendle’s architecture is the AMM. The AMM curve concentrates the liquidity around the expected APY (see green area below). This enables less slippage, less impermanent loss, and more flexibility for each Pendle market.

In order to add liquidity to the AMM, liquidity providers pair the base asset with the PT asset (e.g. for the wstETH market an LP would provide wstETH and PT-wstETH).

As time passes, the value of the net present value of the PT approaches the value of the underlying. The AMM’s curve becomes more horizontal, implying a higher concentration of liquidity and less impermanent loss.

Pendle’s AMM enables efficient DeFi yields trading: traders who want to earn a fixed yield buy PT while traders who want to long yield buy YT.

Token

Similar to CRV, the Pendle token can be vote-escrowed and vePENDLE token voters

1. receive fees generated by the protocol
2. can direct emissions of the protocol to incentivize pools
3. can boost their LP rewards if they are liquidity providers on Pendle

When considering any token design, we prefer to use the classic supply & demand framework.

Supply. The supply curve for Pendle is simple. The protocol inflates at 2% per annum to pay for LP incentives. vePENDLE is also locked and unlocked periodically.

Demand. In addition to channeling incentives, which can be valuable for large LPs (as we’ve seen with Frax in the Curve ecosystem), vePENDLE voters receive trading fees.

1. Buyers and sellers interact with the various Pendle AMM pools and pay a fee for each transaction
2. LPs receive 20% of AMM fees while vePENDLE voters receive the rest of the fees
3. vePENDLE holders vote on how to distribute PENDLE incentives to LPs

Example use cases

Everyone always asks wen $PENDLE, but no one ever asks why Pendle.

To understand why a protocol for interest rate derivatives in DeFi is inevitable, let’s walk through two example use cases for the protocol.

The Yield Farmooor. You’ve probably heard of the Yield Farmooor. He’s that savvy farmer who’s always a step ahead in the game, aping the most exotic farms, and calculating risks like a seasoned pro. His latest move? Diving headfirst into the Eigenlayer ecosystem, but with a twist that only a true yield connoisseur could appreciate.

The Yield Farmooor is bullish on Eigenlayer, and rightfully so. While many are eagerly anticipating Eigenlayer’s decision to open up its caps, the Fixed Yieldooor is taking a more cautious stance. He understands that this move could potentially dilute the value of the upcoming Eigenlayer airdrop.

Enter Pendle. Before the floodgates open, the Fixed Yieldooor strategically acquires PT-eETH tokens, locking in a high yield for himself. Utilizing Pendle, he’s safeguarding his farming against potential decreases in APY caused by a larger pool of Eigenlayer depositors.

The Tradooor. You’re a professional shitcoin shorter. Seriously, you cut your teeth on BSC ponzus in ’21 and you called the top, riding that wave like Kelly Slater. Your instrument and venue of choice: OKX perps. You’re a risk conscious person by nature so you have a tri-partied agreement setup with Copper and OKX, where you can margin with USDC on the Copper ClearLoop platform and never expose yourself to that pesky exchange counterparty risk.

But there’s just one thing that bothers you.

You recall April ’23 and start to run some ‘what-ifs’ in your head. What if something happens to Circle again? Well you might as well get paid for the risk. You open up a USDC short on Aave (borrow USDC and sell into USD) and you turn that thing 5 times. You have successfully Taleb-proofed your portfolio… or have you?

You forgot to factor in all the variables. In times of distress, that borrow can get pretty sketchy (read: expensive). In the Curve-Egorov debacle of July 2023, USDC borrow annualized around 23%. On a levered basis that’s enough to blow you out.

Enter Pendle. You need an asymmetric hedge on USDC? Why not just long the yield on Aave USDC? If people want to short USDC, they will borrow it on Aave and you’ll get paid out with maximum capital efficiency.

What’s next?

Limit Orders. The introduction of limit orders on Pendle will address one of Pendle’s bottlenecks to scaling. This feature unlocks the door for funds and institutions to deploy substantial capital into Pendle by bolstering market depth. Since launch, limit orders are quickly picking up in adoption (more than 10x-ing).

Liquid Restaking Tokens. Another popular use case for Pendle is LRTs: allowing users to speculate and trade the points meta before launch. For most of these points systems, by providing liquidity you earn points (akin to liquidity mining), which can convert into tokens and be effectively annualized into a yield. Pendle gives the possibility to tokenize that yield and could be used in the future not only in the LRT sector but any other DeFi sector that implements points.

Pendle V3. While still at the development stage, we’re excited about Pendle V3’s intention to scale yield trading and to further cater to institutions with exciting new features.

On a longer timeframe, we’re here to back Pendle’s vision of becoming the “Uniswap for yields”. The rapid maturation of DeFi, and the participants within, is indicative of the fact that TradFi’s best kept moat is… well… an actual moat (limiting accessibility & permission). With equal access comes equal opportunity and we’re keen on Pendle to open up these powerful instruments to everyone. We’re here to help Pendle summon the best global and independent yield traders from all corners of the world to compete shoulder to shoulder with the big firms.

About L1D

Headquartered and established in Zurich in 2018, L1D is a FINMA regulated crypto asset manager. L1D implements its investment strategy through a liquid Fund of Funds (FoF) and two Venture Capital (VC) vehicles. To date, L1D has invested in over 65 crypto funds and companies and currently manages half a billion in crypto assets.

At its core, L1D is passionate about working with teams that push boundaries and supporting founders with knowledge, operational guidance, capital, and access to a global network.

For more on L1D, check out our website, follow us on X and Medium.