The DeFi Decentralization Test Under CLARITY: A Mechanics Guide to Section 309's Control-Surface Analysis

I. Bill on the Verge: The Sec. 309 Exemption Sits in a Bill That Hasn’t Been Enacted Yet

Section 309 of H.R. 3633 is the most-analyzed, most-contested, and most-misread provision of the CLARITY Act — and not yet law. The House passed the bill 294-134 on July 17, 2025.¹ Senate Banking advanced it May 14, 2026 on a 15-9 vote.² Senate Ag’s parallel S. 3755 is silent on the DeFi exemption, so Banking dominates in any reconciliation.³ Floor passage, reconciliation, and Presidential signature still lie ahead. Enactment is priced for August 2026.

The current text is enough to plan against — but Sec. 309 is the provision most likely to shift. Warren and Reed amendments push toward tighter AML/sanctions integration and stripping the Blockchain Regulatory Certainty Act money-transmitter carveout.⁴ Variant, Paradigm, and Coin Center push the other direction. Most likely outcome: Senate language stands at 50-55%, with material-change probability in the 35-45% range. The §XI record survives floor amendments either way.

The article’s thesis: Sec. 309 protects activities, not tokens. [“The activity exemption is not a token exemption.”] Protocols claiming Sec. 309 must independently survive what I call [“The Seven Control Surfaces”] — upgradeability, fee switches, frontend control, oracle dependencies, sequencer ownership, treasury concentration, governance distribution. [“Decentralization Theater vs. Structural Decentralization”] is the distinction enforcement counsel will probe first. Most protocols claiming Sec. 309 today have done the theater. Their counsel are not yet building the structural record.

II. What Section 309 Actually Protects: The Statutorily-Enumerated Activities

Section 309 is not a doctrinal break from the regulatory tradition that precedes it. It is the codification of a 15-year architecture that began with FinCEN’s 2013 Guidance distinguishing miners and software developers from convertible virtual currency administrators, refined by FinCEN’s 2019 Guidance.⁵ The pre-existing framework already carved non-custodial publishers out of money-transmitter status. Sec. 309 takes that carveout, expands it to SEC and CFTC intermediary registration, and writes it into positive law.

The activities Sec. 309 enumerates are statutorily protected from SEC intermediary registration; Sec. 409 provides parallel CFTC treatment.⁶⁷ The Arnold & Porter advisory counted four activities — compiling and validating transactions; computational work supporting a blockchain network; publishing user interfaces; developing or maintaining trading protocols and wallets.⁸ The House-passed text reads to many practitioners as enumerating five (separating wallet publication from frontend publication, node operation from validation). I read the text as four functional categories with internal overlap; footnote ⁹ flags the Q-PENDING discrepancy until conference locks the final count. Substantive coverage is the same either way.

Activity (i) covers writing, deploying, and publishing software — smart contract code, protocol logic, frontend interfaces published non-custodially. The boundary case is the frontend that retains custody, routes order flow, or extracts fees. That frontend is published software in form but intermediary in operation. The CFTC’s September 7, 2023 trilogy — Deridex, Opyn, ZeroEx — established that “publishing” plus “operating” is operational reality, not software publication.¹⁰¹¹¹²

Activity (ii) covers validating transactions. PoS validators, PoW miners, and supporting infrastructure are protected. The boundary case is the validator that bundles MEV-extraction services or runs a centralized sequencer with discretionary ordering. Validation is exempt; discretionary intermediation around it is not.

Activity (iii) covers operating nodes — full nodes, archive nodes, light clients, computational infrastructure. This is the activity furthest from intermediary function. The boundary case is the node operator who simultaneously runs a custodial staking pool or a centralized RPC endpoint with discretionary access controls.

Activity (iv) covers publishing wallet software — non-custodial wallets, hardware wallet firmware, self-custodial account abstraction. Non-custodial is the load-bearing term. A wallet that takes custody — even briefly, even for routing — is not wallet software for this section. FinCEN’s withdrawn non-custodial wallet NPRM (RIN 1506-AB47) was the regulatory tradition Sec. 309 codifies in stronger form.¹³

Activity (v), in the broader reading, covers developing or maintaining blockchain systems — consensus research, cryptographic protocol design, infrastructure work. The boundary case is the developer who is also the protocol’s largest treasury holder, an upgrade-multisig signer, or an off-chain governance gatekeeper.

The activity test in Sec. 309 is functional, not nominal. A “publisher” who retains operational control over user funds, parameter changes, or fee routing is not the publisher the statute means.

III. What Section 309 Does NOT Protect: The Protocol’s Token, the DAO’s Governance, the Frontend Operator, the Corporate Sponsor

A textual distinction does most of the work. Sec. 309 reaches whoever is “engaged in” a covered activity — a threshold test. Section 101(24) operates as the substantive limit, defining “decentralized governance system” through an effective-control inquiry within the engaged-in scope.¹⁴ Conflating them produces the Single-Test Binary Read the more aggressive industry analysis advances — Sec. 309 protects whoever is engaged in covered activity, categorically, and seven-surfaces is litigator’s prudence rather than statutory requirement. I read the bill differently. “Engaged in” gets you across the doorway. Section 101(24) governs the room.

A minority position is worth naming at full strength. Some industry counsel — Coin Center, EFF, parts of the Variant/Paradigm policy bench — read Sec. 309 plus Van Loon as creating categorical protection for non-custodial protocol developers without further factual inquiry.¹⁵ On this view, the Howey analysis is functionally displaced for tokens issued through covered protocols. I’d push back. Sec. 201’s investment-contract-asset framework is jurisdictional, not classificatory; pre-CLARITY secondary-market sales remain Howey-analyzed; and Sec. 309(b) and Sec. 409’s anti-fraud carveouts presuppose Howey still operates downstream.¹⁶ SEC v. LBRY tested and rejected the proposition that token utility alone insulates from securities classification — LBC’s utility did not defeat investment-contract status where the team retained an economic stake and promised managerial development.¹⁷ LBRY is the live precedent against the Howey-Displacement Lite reading.

Three independent things Sec. 309 does not reach.

First, the protocol’s native token. Section 201 classifies it as either an investment contract asset or a digital commodity based on sale terms, secondary-market posture, and §202 maturity.¹⁸¹⁹ A Sec. 309-exempt protocol can issue a token that is a security. The SEC’s March 17, 2026 Interpretive Release (Release No. 33-11412) controls: a “decentralized” crypto asset “functions and operates autonomously with no person, entity, or group of persons or entities having operational, economic, or voting control.”²⁰ That definition is sharper than the bill’s text and controls downstream classification. The activity exemption does not move that needle.

Second, the DAO’s governance treasury management. If the treasury manager exercises effective control over more than 20% of governance tokens — or functional control through delegate aggregation, multisig dependency, or upgrade authority below the 20% raw threshold — the DAO is not “decentralized” under Section 101(24).¹⁴ Section 101(24) incorporates an effective-control qualifier, not a pure percentage test. Below 20% on raw metrics, the surfaces still matter; protocols at 18% should not assume they’re clear. Tier audit recommendations by proximity to threshold.

Third, the frontend operator with custody, order-routing, or fee-extraction features. Those are intermediary functions, regardless of whether the underlying smart contracts are immutable. Opyn settled $250,000 in September 2023 on a theory that IP-geoblocking was insufficient to exclude U.S. users and that Opyn retained upgrade authority over the smart contract code.¹¹ ZeroEx settled $200,000 the same day on a theory that frontend operators bear regulatory responsibility for products offered through their interface, even when they did not develop the underlying contracts.¹² The Matcha-frontend precedent is now floor doctrine.

A fourth omission — and the most common factual pattern in 2024-2025 SEC enforcement — is the corporate sponsor. [“Does the developer exemption extend to the developer’s employer?”] The Uniswap Labs question. The Aave Companies question. The pattern repeats across virtually every protocol with meaningful traction. The answer requires three sub-distinctions.

(a) Employer-as-developer. A corporate entity employing the engineers who write protocol code is publishing software through them. The activity is exempt under the employer’s name as well as the developers’. This is the cleanest case and the strongest version of the Sec. 309 defense for corporate sponsors. Uniswap Labs in its core engineering capacity sits here.

(b) Employer-as-operator. The same entity that operates the canonical frontend, captures the fee switch, or directs the treasury is doing intermediary activity. Sec. 309 does not reach that conduct. Risley v. Universal Navigation tested this fact pattern — pre-CLARITY plaintiffs sued Uniswap Labs as an exchange operator under federal securities law, and the Second Circuit affirmed dismissal on a theory that the protocol functions as a “neutral, automated tool.”²¹ But Risley is a private-plaintiff case, not a Sec. 309 immunity ruling. The SEC and CFTC are not Risley plaintiffs; their enforcement theories run through Opyn/ZeroEx.

(c) Employer-as-issuer. Where the corporate sponsor conducted the initial token sale, retains issuer status, or makes managerial commitments tied to holder profit expectations, the analysis is Section 201. The activity exemption is irrelevant to the issuer analysis. This is the LBRY pattern.¹⁷ Sec. 309 has no purchase on it.

Employer-as-developer is arguably exempt. Employer-as-operator is arguably not. Employer-as-issuer is separately analyzed under §201. A corporate sponsor that sits in all three boxes does not get a single answer from Section 309.

Section 309 reaches an activity. It does not reach the protocol’s token, the DAO’s governance treasury, the frontend operator, or the corporate sponsor’s intermediary conduct. Four independent surfaces; four independent analyses; none collapsed into the activity exemption.

IV. Decentralization Theater vs. Structural Decentralization

Some protocols have done the structural work. Compound and Maker spent years redistributing governance, formalizing voting frameworks, and building genuinely independent foundations. Optimism’s RetroPGF allocations and bicameral council architecture are serious institutional design. A meaningful subset of L1/L2 projects has invested in real cessation of managerial efforts. The diagnostic in this section is aimed at the larger set that has moved the labels without moving the substance.

The SEC’s March 17, 2026 Interpretive Release supplies the authoritative definition: a crypto asset is “decentralized” when it “functions and operates autonomously with no person, entity, or group of persons or entities having operational, economic, or voting control.”²⁰ Three dimensions, conjunctive. A protocol with diffuse voting but concentrated economic ownership flunks. Diffuse economic distribution but a founder-controlled upgrade key flunks. Both, but a foundation-controlled treasury flunks.

The foundational SEC authority on operational-vs-nominal is In re The DAO — the 2017 21(a) report holding that DAO governance token voting did not satisfy the “efforts of others” Howey prong because curators retained discretion over which proposals to implement.²² The DAO Report’s central proposition survives in Release No. 33-11412: form (token-holder voting) does not satisfy substance (effective control) if discretionary gatekeepers remain. The Hinman speech of June 14, 2018 introduced the colloquial “sufficiently decentralized” framing the trade press still uses; that framing was extensively litigated in SEC v. Ripple and courts have declined to treat the speech as binding agency policy.²³ Rely on the DAO Report and Release No. 33-11412.

The industry policy literature anticipated this regulatory direction by half a decade. Walden’s “Progressive Decentralization” (2020), Jennings’s “Principles and Models of Web3 Decentralization” (2022), and Boiron’s “Sufficient Decentralization” (2022) are the published industry consensus the Seven Control Surfaces synthesizes.²⁴ These frameworks are industry policy work, not legal authority. They map the operational dimensions a project must distribute to reach the regulatory floor Release No. 33-11412 codifies.

The diagnostic — [“Decentralization Theater”] — covers cosmetic moves that do not change operational reality. Foundation-held governance tokens marketed as community-distributed. Two-of-three multisigs where two signers are correlated employees. “Community grants” that route in a circle and fund the founding team. Off-chain governance that requires founder approval to execute on-chain votes. Time-locks the founding team can override under self-defined “emergency” provisions. None moves the seven surfaces. They move the optics. Theater does not survive an enforcement audit.

Sec. 309 will reward protocols that built decentralization architecture in advance of the bill. It will not reward protocols that built decentralization marketing in advance of the bill. The seven control surfaces are the test.

V. The Seven Control Surfaces

[“The Seven Control Surfaces”] are an analytical organizing tool, not a codified test. The bill does not name them. The SEC’s March 2026 release does not list them. They are the operational map of where § 101(24)‘s effective-control inquiry and §§ 309(b)/409’s preserved anti-fraud authority bite — synthesized from the industry frameworks in §IV, calibrated against the enforcement record, and ordered by audit-priority. Each surface anchors to a specific statutory hook. The taxonomy is my contribution; the doctrinal weight is the statute’s.

A. Upgradeability

The first surface is upgradeability. Admin keys, proxy contract architecture, multisig thresholds, time-lock parameters. The threshold question: can the protocol be upgraded — substantively, not just parametrically — without token-holder consent? If yes, the team retains operational control over the protocol’s core logic, and that control reaches every other surface downstream.

The CFTC v. Deridex settlement (September 7, 2023) is the sharpest enforcement articulation of what developer “control” means.¹⁰ Deridex paid $100,000 on a theory that the developers retained “substantial” control through code-update authority and user-suspension power. The CFTC mapped Deridex’s upgrade architecture onto the question of whether the developer was operating an unregistered futures intermediary. The answer was yes — not because the code was custodial, but because the developer retained the operational levers that made custody irrelevant. Upgrade authority is operational control. Time-locked upgrades with adequate notice (typically 7-14 days) and multisig governance with diffuse, non-correlated signers move the analysis. Immediate-effect upgrades by a foundation-held key do not. The Uniswap question — can Uniswap Labs upgrade v4 without governance vote — is the diagnostic for every protocol claiming Sec. 309.

Time-locked, governance-gated, multisig-distributed upgrade authority moves the analysis. Foundation-held emergency keys do not. Document the upgrade architecture as if a CFTC enforcement attorney will read it first.

B. Fee Switches

The second surface is the fee switch. The classic Uniswap question — and the question most protocols have not finished answering. Who controls the switch? Who receives the fee? Is the routing transparent in code or discretionary through governance? Pro rata distribution to token holders without managerial discretion looks structurally different from discretionary treasury allocation through a foundation-controlled vote.

Section 101(24)‘s inquiry treats the fee switch as a paradigm of operational economic authority. A fee that flows automatically to holders pro rata through immutable code, with no team discretion over rate or recipient set, is consistent with structural decentralization. A fee that flows to a treasury managed by a 4-of-7 multisig with three foundation signers is operational economic control. The question is not whether the fee switch exists — most successful protocols will eventually monetize. The question is who exercises managerial authority over how it operates.

The boundary case is the parameter-only fee switch — governance sets the rate, but routing is hard-coded to token holders. The team is no longer the economic beneficiary, only the rate-setter, and that authority is distributed across holders. The closer the fee mechanic moves toward parameter-only governance with mandatory holder routing, the cleaner the Sec. 309 record.

Fee switches are not disqualifying. Discretionary control over the switch is. The structural test is whether managerial effort is required to operate the fee mechanic — and who supplies it.

C. Frontend Control

The third surface is frontend control. This is the surface most contested in trade press and most consequential in enforcement. Post-Van Loon, immutable smart-contract code is not property subject to OFAC sanctions.²⁵ But the frontend operator who routes order flow, charges access fees, or retains custody is doing something different from publishing software.

The minority position deserves its full strength. Coin Center, EFF, and parts of the Variant policy bench read Sec. 309 plus Van Loon as creating categorical protection for non-custodial developers — frontends with no custody and no fee extraction are exempt without further inquiry.¹⁵ The reading has First Amendment force; publishing code is expressive conduct, and Universal City Studios v. Corley and the Bernstein line preserve that protection. My view: the categorical reading is defensible if the frontend is genuinely non-custodial, non-fee-extracting, and non-order-routing. The seven-surfaces audit is the prudent posture even if the minority view prevails — frontend operator residual responsibilities (KYC, sanctions screening, anti-fraud monitoring) still attract regulatory attention.

The enforcement record is consistent on the operational side. Opyn established that IP-geoblocking is insufficient to exclude U.S. users and that frontend operators retain responsibility for products offered through their interface.¹¹ ZeroEx established the same proposition even where the operator did not develop the underlying leveraged contracts.¹² The Second Circuit’s affirmance in Risley v. Universal Navigation is the strongest pro-DeFi circuit-level authority — protocol as “neutral, automated tool” — but Risley is a private-plaintiff case, and the SEC and CFTC have not been Risley plaintiffs.²¹ The mixed record requires the audit.

U.S. v. Roman Storm is the post-Van Loon limit case. Storm was convicted in August 2025 of conspiracy to operate an unlicensed money-transmitting business in connection with Tornado Cash, with the jury deadlocking on sanctions-evasion and money-laundering counts.²⁶ Retrial pending; Rule 29 motion pending. The doctrinal point survives whichever way the retrial goes: even where smart contract code is immutable (as Van Loon established), a developer’s role in operating an ongoing service can create criminal exposure independent of the code’s property status. Van Loon protects publish-and-walk-away. It does not protect the developer who keeps operating the surface.

A frontend with no custody, no order-routing, and no protocol-external fee extraction has the strongest version of the Sec. 309 defense. A frontend with any of those features is doing something the activity exemption does not protect.

D. Oracle Dependencies

The fourth surface is the oracle. This is the article’s most novel analytical territory; no specific Sec. 309 guidance addresses oracle architecture, and the doctrinal scaffolding has to be built from analogy. If the protocol depends on a price oracle the team operates, the team controls liquidations. The team controls margin calls. The team controls the inputs that determine when collateral is seized, when positions close, and when penalty fees accrue. That is operational economic control, by a different name.

The closest enforcement analogue is CFTC v. Eisenberg (Mango Markets).²⁷ The CFTC’s civil action established oracle price-feed manipulation as actionable market manipulation under CEA § 6(c)(1) — operating on the inputs side (manipulating the feed) rather than the control side (the team running the oracle). Criminal convictions in the parallel matter were vacated May 23, 2025; civil status should be reverified at draft. Eisenberg establishes that the CFTC reads oracle architecture as a regulated surface for anti-manipulation purposes — which implies analogous regulatory interest in team-operated oracle architecture.

The structural distinction is between externally-sourced oracles (Chainlink, Pyth, RedStone) and team-operated oracles. An externally-sourced oracle the team has no managerial influence over is operationally neutral. A team-operated oracle, or an external dependency where the team retains discretionary parameter authority (heartbeat intervals, deviation thresholds, fallback feeds), is operational control over price-discovery inputs. The closer to Chainlink-style decentralized oracle networks, the cleaner the Sec. 309 record.

Externally-sourced, non-team-influenced oracles move the analysis. Team-operated price feeds — or team-discretionary parameter authority over external feeds — does not. Oracle architecture is the surface most protocols underestimate.

E. Sequencer Ownership

The fifth surface is L2-specific and novel territory; no specific regulatory guidance addresses sequencer architecture as a Sec. 309 question. The analytical work has to be done from first principles against § 101(24). If the team runs the sequencer, the team controls transaction ordering. The team controls MEV extraction. The team controls the practical inclusion guarantees the network’s users actually receive. Theoretical forced-inclusion mechanisms backed by L1 data availability matter less than the operational reality of a centralized sequencer running with team-controlled software, team-set parameters, and team-discretionary upgrade authority.

Most rollup teams have published decentralized sequencer roadmaps targeting multi-year migration from team-operated to shared-sequencer architecture. Arbitrum’s roadmap, Optimism’s bicameral governance and superchain plans, and the shared-sequencer initiatives (Espresso, Astria, Radius) are real attempts to migrate this surface. Sec. 309 reliance on Day 0 is harder for rollup teams whose sequencers still run on team-controlled infrastructure. The § 101(24) effective-control test reads “centralized sequencer with discretionary ordering and MEV-extraction authority” as operational control. The decentralization roadmap matters less than the snapshot at the moment of regulatory inquiry.

A centralized sequencer is operational control. A decentralized sequencer with no team discretion is not. The roadmap matters for trajectory; the snapshot matters for Sec. 309. Plan to be on the decentralized side of the snapshot before enactment, not after.

F. Treasury Concentration

The sixth surface is treasury concentration. The question Section 101(24) anchors here is whether the DAO’s treasury management constitutes “managerial effort” of the kind that defeats the § 101(24) decentralized-governance characterization. If the DAO funds core contributors directly, the funding flow looks structurally like compensation — and compensation by the protocol to the people running it implies the people are running it. If the treasury composition is dominated by foundation-held tokens that vest over a multi-year window into the same foundation, the treasury is operationally controlled regardless of nominal token distribution.

Three diagnostic dimensions: composition, vesting, and discretionary authority. Composition — foundation-held versus broadly distributed in multisigs with diffuse signers. Vesting — do schedules transfer effective control to broader holders over time, or recycle into foundation custody at unlock. Discretionary authority — signer-set distribution. A 5-of-9 multisig with three foundation employees, two contractors, and four independent signers is foundation-controlled because the foundation controls a working majority. A 5-of-9 with no more than two correlated signers across nine independent parties is operationally distributed.

A protocol three years into a four-year vest is closer to structural decentralization than one six months in, at identical raw concentration. Section 101(24) reads as a snapshot, but audit-priority calibration should consider trajectory for protocols claiming sub-threshold compliance through near-term vest unlocks.

Treasury concentration is the surface most protocols can fix between now and enactment. Distributed multisig signers, transparent disbursement policies, and time-bound vesting unlocks move the analysis. Foundation-controlled custody does not.

G. Governance Distribution

The seventh surface is the headline test most protocols already track. Vote-locked tokens. Delegation patterns. Foundation-held tokens. The 20% threshold under Section 202’s maturity-pathway exemption is the most-cited number, but the § 101(24) effective-control inquiry operates as a substantive overlay regardless of the 20% line.¹⁴¹⁹

A minority position deserves engagement. Variant and Paradigm read initial governance concentration over 20% as not disqualifying so long as tokenomics trajectory reverses the concentration inside the §202 four-year window.²⁸ On this view, the snapshot is misleading; the trajectory matters. I’d push back. The § 101(24) test reads as a snapshot inquiry, and Release No. 33-11412 is sharper still — “no person, entity, or group” can hold operational, economic, or voting control.²⁰ The release does not say “will hold.” It says “having.” The trajectory matters for the §202 maturity pathway, but Sec. 309 reliance on Day 0 requires the snapshot.

Dimensions to track: vote-locked aggregation (addresses delegating to one foundation-aligned voter, creating effective control below raw thresholds); quorum mechanics (low quorum lets small concentrated blocs pass proposals); on-chain vs. snapshot governance (snapshot with off-chain execution leaves team discretion at the execution step); foundation-held token visibility (foundations frequently hold across multiple wallets to disguise concentration).

The 20% line is a useful audit prompt. The § 101(24) effective-control inquiry is the substantive test. Distribute votes through diffuse, non-correlated holders; resist delegate aggregation that recreates the same effective control through a different surface; and document the analytics that show effective distribution.

VI. The Anti-Fraud Carveout: What Sec. 309 Preserves for the SEC (and Sec. 409 for the CFTC)

Sec. 309 limits SEC intermediary registration authority over covered activities. It expressly preserves SEC anti-fraud authority under Securities Exchange Act § 10(b), 15 U.S.C. § 78j(b).²⁹ Sec. 409 limits CFTC intermediary registration authority while preserving CFTC anti-manipulation authority under CEA § 6(c)(1), 7 U.S.C. § 9, and CFTC anti-fraud authority under CEA § 9(a)(2), 7 U.S.C. § 13(a)(2).³⁰³¹ Both statutory frameworks are explicit. The activity exemption does not displace the fraud carveout.

The minority position worth engaging: the anti-fraud preservation is a paper tiger. No SEC win against a pure non-custodial protocol on a clean § 10(b) theory exists. The SEC’s recent DeFi record has run mostly through registration theories the post-CLARITY architecture forecloses. On this reading, the anti-fraud language looks consequential but operates as residual sweeping. I’d push back on three grounds.

First, resource concentration. Post-CLARITY, § 10(b) is the SEC’s only remaining DeFi hook for activity that survives the §309 exemption test. With registration theories foreclosed for covered activity, resource concentration on § 10(b) is the predictable consequence. Treating preservation as paper-tiger doctrine assumes enforcement priorities remain static. They will not.

Second, MEV exposure. MEV extraction at scale through team-controlled infrastructure plausibly implicates § 10(b) on the theory that the team materially misrepresented the fairness of execution to retail users. The SEC has pressure-tested fairness-of-execution arguments in equities for two decades; the doctrinal vocabulary maps onto DeFi. Protocols that built MEV-extraction features into team-controlled validator or sequencer infrastructure are exposed on a surface the activity exemption does not protect.

Third, the private-plaintiff vector. Sec. 309 limits SEC and CFTC intermediary registration. It does not preempt private securities or commodity-fraud actions, state-law claims, or anti-fraud enforcement. Risley survived dismissal on the Howey analysis, but plaintiffs are already developing parallel theories targeting MEV, oracle dependency, and frontend operator conduct.²¹ Build the record for both regulator-facing defense and private-plaintiff deposition exposure.

Two enforcement records confirm the carveout’s bite outside pure custodial cases. BlockFi Lending LLC (2022 SEC settlement, $50M federal plus $50M state) applied Howey and Reves v. Ernst & Young’s family-resemblance test to crypto lending products and found them both investment contracts and notes.³² BlockFi was custodial, not Sec. 309-protected, but the mechanic — managed yield products are not “developing or maintaining a blockchain system” — applies to any protocol bundling yield features alongside protected developer activity. CFTC v. Polymarket (In re Blockratize, $1.4M order, Jan. 3, 2022) established that deploying smart contracts to operate event-based binary options without CFTC registration violates the CEA, and that CFTC’s preserved authority reaches protocol activity, not just individual actors.³³

Sec. 309 is an activity exemption from intermediary registration. It is not a shield against well-pleaded fraud claims, anti-manipulation actions, or private-plaintiff securities litigation. Build the evidentiary record for all three.

VII. Cross-Reading Sec. 309 with the Innovation Exemption Safe Harbor’s Cessation Test

Sec. 309 and the SEC’s Innovation Exemption Investment Contract Safe Harbor are different doctrinal instruments on overlapping protocols. Sec. 309 is an activity exemption from intermediary registration. The Safe Harbor is a token-status pathway under which a token initially offered as a security transitions to non-security status when the issuer’s essential managerial efforts cease.³⁴ The two regimes are independent. A protocol can be Sec. 309-eligible without being Safe Harbor-eligible. A token can satisfy cessation without its operators being Sec. 309-protected.

The SEC’s March 17, 2026 Interpretive Release supplies the cessation-test definition: “decentralized” means “functions and operates autonomously with no person, entity, or group of persons or entities having operational, economic, or voting control.”²⁰ That definition controls both the Safe Harbor’s exit trigger and § 101(24)‘s effective-control inquiry where they intersect. A token cannot satisfy cessation if the seven surfaces still register team control.

Three practical consequences. A Sec. 309-exempt protocol may still issue a token whose holders rely on managerial effort the team performs through other surfaces — treasury, parameter governance, fee distribution. A token that satisfies cessation will, by construction, have passed the seven-surface audit. Protocols planning §202 maturity should treat the seven surfaces as the joint audit framework. The Innovation Exemption Founders Guide explores cessation mechanics in detail.³⁵

Sec. 309 protects what developers do. The Safe Harbor governs what the token becomes. The seven surfaces are the joint audit framework that produces a defensible record in both regimes.

VIII. The Ooki DAO and Van Loon Lessons

A. Van Loon: Immutable Code Is Not Property

Van Loon v. Department of the Treasury, 122 F.4th 549 (5th Cir. 2024), is the high-water-mark federal authority for the proposition that immutable smart-contract code is not property subject to OFAC sanctions.²⁵ The Fifth Circuit vacated OFAC’s designation of Tornado Cash’s immutable smart contracts under IEEPA on November 26, 2024. IEEPA’s definition of “property” requires an owner with control or transfer authority; immutable smart contracts, once deployed, have neither. The opinion invoked Loper Bright v. Raimondo, 144 S. Ct. 2244 (2024), conducting de novo statutory interpretation rather than deferring to OFAC’s reading.³⁶

Two doctrinal caveats. Van Loon is IEEPA-specific; SEC and CFTC anti-fraud and anti-manipulation authority operates under different statutory grants, and the Fifth Circuit’s reasoning is persuasive scaffolding outside IEEPA, not binding precedent. Van Loon protects publication of immutable code; it does not protect the developer who keeps operating the surface — running the frontend, controlling deployment, accepting fees. Storm tested that limit.²⁶ Retrial pending; Rule 29 motion pending; the doctrinal limit survives whatever the retrial produces.

Publish-and-walk-away is the cleanest pattern. Publish-and-keep-operating is the Storm limit case. Protocols claiming Sec. 309 should structure the developer-activity record to look like Van Loon’s immutable-publication pattern. Where the two coexist — immutable contracts plus an active canonical frontend — the seven-surface audit governs whether the operational layer is exempt or whether the frontend is separately analyzed under Opyn/ZeroEx.¹¹¹²

B. Ooki DAO: DAO-As-Unincorporated-Association

CFTC v. Ooki DAO, No. 3:22-cv-05416 (N.D. Cal. June 8, 2023), produced a $643,542 default judgment against the unincorporated Ooki DAO for operating an unregistered futures intermediary and providing illegal commodity-margined transactions to U.S. customers.³⁷ The doctrinal proposition is narrower than the bottom-line suggests. The CFTC successfully pleaded that a DAO is a legal “person” for CEA entity liability, treating governance token voting as the functional equivalent of membership in a California unincorporated association. The court accepted that theory on default; the defendants did not appear, and the merits were not contested.

That posture matters. The available CFTC theory is not contested on the merits. A defendant DAO that appeared, argued against the unincorporated-association analogy, and pressed the First Amendment associational rights of holders would test the theory’s doctrinal limits. The case stands as enforcement precedent — the CFTC has used the theory; counsel cannot ignore it — but not as merits-tested doctrine. Treat Ooki as an available CFTC theory not contested on the merits, and structure DAO governance to limit exposure on the entity-liability and membership-attribution sides.

The interaction with Sec. 309 is the load-bearing move. Sec. 309 exempts developer activities from SEC and CFTC intermediary registration. It does not exempt the DAO entity from CFTC anti-manipulation, anti-fraud, or commodity-pool-operator authority where the DAO is the actor engaging in regulated commodity activity. A developer who publishes code under Sec. 309 and a DAO that operates a margined-trading facility through that code are two different legal subjects. Ooki reaches the second; Sec. 309 does not displace it.

C. What Sec. 309 Helps and Where Pre-CLARITY Doctrine Survives

The boundary line is clean. Sec. 309 helps developers. It protects publishing software, validating transactions, operating nodes, publishing wallets, and developing or maintaining blockchain systems from SEC and CFTC intermediary registration. It does not unwind Ooki DAO. It does not eliminate DAO-as-unincorporated-association entity liability for DAOs that themselves engage in regulated commodity activity. It does not displace Van Loon’s limits in Storm-pattern ongoing-service cases.

The dual-track defense is the practical implication. Build the Sec. 309 evidentiary record for developer activity per §XI. And build the legal-wrapper structure that limits DAO entity exposure for downstream regulated activity. Wyoming SF 50’s DUNA (eff. July 1, 2024) supplies a tested entity-status framework with limited liability and DLT-based governance.³⁸ Cayman foundation, Swiss Stiftung, and Marshall Islands DAO LLC structures supply alternative wrapper architecture. Section X addresses the wrapper question on its own terms.

Sec. 309 protects what developers do. It does not protect the DAO entity that uses what they built to engage in regulated commodity activity. The dual track is mandatory.

IX. How Likely Is This to Change Before It Becomes Law: Reconciliation Forecast

Trade-press analyses treat the bill text as fixed. It is not. Reconciliation between Senate Banking’s manager’s amendment, the House-passed text, and Senate Ag’s parallel S. 3755 still has to clear floor votes and conference.³⁹ One development is already off the probability table: the Senate Banking AML/DLM provision adopted at the May 14, 2026 markup directs Treasury to publish sanctions and AML guidance for U.S.-operated DeFi front-ends — “distributed ledger messaging systems.”⁴⁰ The provision is live as of committee passage. Calibrated probabilities below address the provisions still subject to change, derived from filed amendments, industry comment letters, and reported reconciliation positions as of May 14, 2026.⁴¹

The Senate Banking AML/DLM provision adopted at the May 14 markup is the development most overlooked in industry analysis. The provision directs Treasury to publish sanctions and AML guidance for U.S.-operated DeFi front-ends — “distributed ledger messaging systems.”⁴⁰ It creates a compliance pathway narrowing effective Sec. 309 protection for U.S.-operated frontends. Even where the activity exemption holds, U.S.-operated frontends will face Treasury-side obligations the exemption does not displace.

The BRCA reconciliation question is the second wildcard. The Blockchain Regulatory Certainty Act, H.R. 1747 (Emmer/Torres 2023-2024), is the direct statutory ancestor of Sec. 309’s money-transmitter carveout.⁴² The Reed amendment targets BRCA-style developer protections directly. If Reed passes, §309’s securities-and-commodity exemption survives, but Sec. 309 developers lose the BSA money-transmitter exemption — and the FinCEN compliance burden returns. The surface to watch is whether the developer’s role brushes against custody, fee collection, or transaction routing in ways that re-trigger FinCEN MSB analysis.

Translation. Build the seven-control-surfaces evidentiary record on the assumption Sec. 309 lands roughly as drafted with the AML/DLM provision attached. Reserve fallback plans against § 101(24) and §202 tightening. Monitor BRCA reconciliation; the developer’s BSA exposure may shift independently of the §309 securities-and-commodity exemption. The record in §XI survives the amendments in either direction.

X. If This Version Becomes Law: Operational Posture for Protocols Claiming Sec. 309

Assume for purposes of this section that the Senate Banking manager’s amendment text, with the May 14 AML/DLM provision attached, becomes law unchanged. Sec. 309 provides narrow but defensible protection for non-custodial developers, validators, and open-source contributors. Protected activities (per §II): writing smart-contract code, validating transactions, operating nodes, publishing wallet software, building frontends without trading control. Not protected: managing governance treasuries with effective control over 20%, running centralized frontends with order-routing or custody, operating DAO-level commodity-trading infrastructure that engages CEA-regulated activity.

Day 0 (enactment). Audit governance against § 101(24) using the seven surfaces. Prepare dilution and distribution roadmap if treasury or governance concentration sits above 20% raw threshold — or anywhere § 101(24) could reach team-controlled architecture. Audit frontends against Opyn/ZeroEx/Risley; segregate custody, fee-extraction, and order-routing features from protected developer activity. Document the entity stack: repository, foundation ownership, wrapper jurisdiction.

Day 90. Implement anti-fraud controls regardless of the developer exemption. § 309(b) and §409 reach MEV-extraction features, team-controlled oracle dependencies, and frontend operator conduct that could be characterized as misrepresenting fairness of execution. Developer-activity defense under §309 plus anti-fraud controls under §10(b) and CEA §6(c)(1) — both records matter independently.

Day 180-270. Track SEC and CFTC rulemaking on the “digital commodity” definition as applied to the native token under §201. The activity exemption protects the publisher; token status is separately analyzed under §201 and §202 maturity. Build the joint audit framework per §VII; refine against the rulemaking as it publishes.

The extraterritoriality question is the elephant the bill does not address. If a non-U.S. developer publishes open-source code accessible from the U.S., is the developer in or out of Sec. 309? Morrison v. National Australia Bank establishes the effects-test framework for U.S. securities jurisdiction.⁴³ FinCEN’s U.S.-nexus approach in the 2019 Guidance supplies a parallel BSA-side framework.⁵ The Tornado Cash criminal prosecutions — Storm in the U.S., Pertsev in the Netherlands — establish that U.S. prosecutors will reach non-U.S. publishers where U.S. nexus is present.²⁶ Structure publication to minimize U.S. nexus (servers, financial accounts, marketing targeting), but do not assume non-U.S. residency provides categorical protection. Sec. 309 is silent; pre-CLARITY extraterritoriality doctrine applies by default, and that doctrine is not protective.

California’s Digital Financial Assets Law adds a state-law surface CLARITY does not displace. DFAL (Cal. Fin. Code § 3800 et seq.) takes effect July 1, 2026, applying to Digital Financial Asset Business Activity conducted with California residents.⁴⁴ DFAL does not include a DeFi developer exemption tracking Sec. 309. Protocols with material California-resident counts — most consumer-facing DeFi — face DFAL licensing obligations on a surface CLARITY does not preempt. Section 308’s state preemption reaches state securities laws for classified digital commodities; it does not preempt state money-transmitter licensing, state consumer-protection regimes, or DFAL.⁴⁵ The July 1, 2026 license deadline is imminent.

Wrapper structures matter because the dual-track defense in §VIII.C runs through them. Wyoming SF 50’s DUNA (eff. July 1, 2024) provides U.S. entity status with limited liability and DLT-based governance.³⁸ Cayman foundation companies supply offshore tax efficiency with tightening substance requirements. Swiss Stiftung provides robust civil-law foundation architecture with heavy substance obligations. Marshall Islands DAO LLC (MIDAO) provides U.S.-style LLC protection offshore. The choice depends on founder tax residency, holder geography, regulated-activity profile, and substance budget. None displaces Sec. 309; each provides parallel entity-liability protection for downstream DAO activity.

Key risk: Reed passes, BRCA is stripped, and developers lose the BSA money-transmitter exemption — §309’s securities-and-commodity exemption survives, but custody-adjacent developers face FinCEN MSB analysis. Key opportunity: Sec. 309 holds, AML/DLM is calibrated proportionally, and protocols get runway to mature governance through the §202 four-year window.

XI. Verification Architecture: Building a Sec. 309 Evidentiary Record from Day Zero

A. The Evidentiary Record Concept

Sec. 309 reliance is not a one-time legal opinion. It is a continuing-compliance posture. The closest doctrinal analogue is DMCA § 512’s safe-harbor architecture, which conditions protection on continuing technical compliance — repeat-infringer policies, notice-and-takedown responsiveness, designated-agent registration, knowledge-pattern audits.⁴⁶ § 512 protections survive only as long as the operational posture survives. Sec. 309 operates on the same architectural principle. The exemption attaches only as long as the developer-activity profile satisfies the test, and the evidentiary record must demonstrate satisfaction at any moment regulators choose to probe.

The bar is higher than most protocols realize. A Sec. 309 record is not the docs-site governance summary. It is an archival, signed, timestamped, audit-quality dossier — repository commits, multisig signer disclosures, treasury snapshots, oracle architecture, sequencer ownership, governance-vote records, decentralization memos refreshed against the seven surfaces. The record needs to satisfy two audiences: an SEC enforcement attorney in 2030 looking at the protocol’s 2026 posture, and a private-plaintiff’s expert deposing the team in a Section 12(a)(1) recission case. Both will read the same record.

B. Day Zero Documentation

At protocol launch (or at this article’s publication for existing protocols), the Day Zero set: (i) repository archive with cryptographic commit signatures; (ii) governance constitution, signed and timestamped; (iii) tokenomics whitepaper with allocation tables and vesting schedules; (iv) foundation entity documents; (v) multisig signer disclosures with relationship-to-foundation declarations; (vi) oracle architecture documentation; (vii) sequencer ownership disclosure (rollups); (viii) treasury composition snapshot; (ix) vesting schedule with cliff dates and unlock cadence.

Retention should be permanent and tamper-evident. Canonical archive on foundation-controlled cold storage with redundant off-site backup at a regulated third-party provider (law-firm escrow or notarized digital archive). Each document signed by the foundation’s general counsel or governance officer; multisig disclosures co-signed by each signer.

C. Annual Refresh

The annual refresh is the operational discipline most protocols underestimate. Each year: (i) decentralization memo against the seven surfaces, signed by counsel and dated; (ii) governance-vote records aggregated, with delegate-aggregation analytics; (iii) treasury composition updated for vesting unlocks and disbursements; (iv) multisig signer changes documented with succession records; (v) team-controlled changes audited against the seven surfaces. The annual memo is what an SEC or CFTC enforcement attorney reads first. Author it for that audience.

D. The Activity Exemption Is the Floor, Not the Ceiling

Sec. 309 is a floor. It protects what developers do. It does not protect against private plaintiffs, state-law claims (DFAL per §X), DAO-entity liability for downstream activity (Ooki per §VIII), or anti-fraud actions under §10(b) and CEA §6(c)(1). Protocols serious about long-term U.S. compliance need three records in parallel: (i) the Sec. 309 evidentiary record in this section; (ii) a DAO legal-wrapper structure (DUNA, Cayman, Swiss Stiftung, MIDAO) per §X; (iii) a §202 maturity pathway for the native token, cross-read against the Safe Harbor’s cessation test per §VII.

Protocols that build the seven-control-surfaces record now — code, governance, treasury, oracles, sequencers, frontends, fees — are protected against both the unchanged-text scenario and the tightened scenarios in §IX. Protocols that wait for enactment will be filing dossiers against a 90-day rulemaking window the CFTC has set against them.

Astraea Counsel works with DeFi protocol teams on the full Sec. 309 readiness posture — control-surface audits, foundation entity formation and wrapper design (DUNA, Cayman, Swiss, MIDAO), oracle and sequencer architecture review for § 101(24) compliance, frontend-operator separation from protocol-publisher activity, and the annual-refresh discipline. The “Control-Surface Audit” is our entry-point engagement: a structured walk through the seven surfaces, with deliverable memoranda calibrated to SEC enforcement-attorney and private-plaintiff-deposition audiences. Intake signal: defi-309-readiness.

Most protocols claiming Sec. 309 today have built the surface for the legend they want to be. We build the record for the protocol you actually are — and the case the regulator or private plaintiff actually brings. The activity exemption is the floor. The record is what holds.

Related Resources

• The CLARITY Act Exchange Registration Roadmap: A 180-Day Compliance Calendar (Article 1 of this series)
• The Stablecoin Issuer’s Dual-Framework Roadmap: GENIUS Act PPSI Compliance and the Pending CLARITY Act Yield Compromise (Article 3 of this series)
• The SEC’s Innovation Exemption: A Founder’s Decision Guide to the Atkins Token Safe Harbor (Section 202 maturity pathway and Investment Contract Safe Harbor cessation test)
• The CLARITY Act: CFTC and SEC Jurisdictional Divisions Explained (foundational hub)

Footnotes

1. H.R. 3633, Digital Asset Market Clarity Act of 2025, 119th Cong. (as passed by the House, July 17, 2025), available at https://www.congress.gov/bill/119th-congress/house-bill/3633/text. ↩

2. CoinDesk, “Clarity Act Clears U.S. Senate Committee on Its Way to a Final Test in Congress” (May 14, 2026), available at https://www.coindesk.com/policy/2026/05/14/clarity-act-clears-u-s-senate-committee-on-its-way-to-a-final-test-in-congress. ↩

3. S. 3755, Digital Commodity Intermediaries Act, 119th Cong. (Senate Agriculture Committee version, advanced Jan. 29, 2026), available at https://www.congress.gov/bill/119th-congress/senate-bill/3755/text. ↩

4. Sen. Elizabeth Warren et al., DeFi AML/Sanctions Amendments in Consideration to H.R. 3633 (May 2026, pre-floor); Sen. Jack Reed, Amendment to Strike BRCA Carveout (May 2026, pre-floor). Amendments filed during Senate Banking markup of H.R. 3633; reconciliation status pending. ↩

5. FinCEN Guidance FIN-2019-G001, Application of FinCEN’s Regulations to Certain Business Models Involving Convertible Virtual Currencies (May 9, 2019), available at https://www.fincen.gov/sites/default/files/2019-05/FinCEN%20Guidance%20CVC%20FINAL%20508.pdf; see also FinCEN Guidance FIN-2013-G001, Application of FinCEN’s Regulations to Persons Administering, Exchanging, or Using Virtual Currencies (Mar. 18, 2013). Together, the FinCEN guidance documents create the pre-existing administrative framework for non-custodial publisher carveout from money-transmitter status that Sec. 309 codifies in expanded form. ↩ ↩²

6. H.R. 3633 § 309 (SEC exclusion for decentralized finance activities; preserves anti-fraud authority). ↩

7. H.R. 3633 § 409 (CFTC parallel exclusion; preserves anti-manipulation authority). ↩

8. Arnold & Porter, “Clarifying the CLARITY Act” (Aug. 2025), available at https://www.arnoldporter.com/en/perspectives/advisories/2025/08/clarifying-the-clarity-act. ↩

9. Q-PENDING: Sec. 309 activity-count verification. The Arnold & Porter advisory identifies four enumerated activities; the article outline framed the enumeration as five. The author reads the House-passed text as enumerating four functional categories with internal overlap (publication of software, validation, node operation, wallet/system development). The substantive coverage is identical on either count; the discrepancy is taxonomic. Pull enrolled-bill text from Congress.gov when conference committee reports final text to lock the activity count. ↩

10. In re Deridex, Inc., CFTC Docket No. 23-46, $100,000 settlement (Sept. 7, 2023), available at https://www.cftc.gov/media/9221/enfderidexorder090723/download (CFTC theory that developer retained “substantial” control via code-update authority and user-suspension power). ↩ ↩²

11. In re Opyn, Inc., CFTC Docket No. 23-47, $250,000 settlement (Sept. 7, 2023), available at https://www.cftc.gov/PressRoom/PressReleases/8774-23 (IP-geoblocking insufficient to exclude U.S. users; frontend operator retained upgrade authority over smart-contract code). ↩ ↩² ↩³ ↩⁴

12. In re ZeroEx, Inc., CFTC Docket No. 23-48, $200,000 settlement (Sept. 7, 2023), available at https://www.cftc.gov/media/9216/enfzeroexorder090723/download (front-end operators bear regulatory responsibility for products offered through their interface). ↩ ↩² ↩³ ↩⁴

13. FinCEN Notice of Proposed Rulemaking, Requirements for Certain Transactions Involving Convertible Virtual Currency or Digital Assets, RIN 1506-AB47, 85 Fed. Reg. 83840 (Dec. 23, 2020); withdrawn. The non-custodial wallet NPRM articulated the continuous regulatory tradition of distinguishing non-custodial software publication from money-transmitter activity that Sec. 309 codifies. ↩

14. H.R. 3633 § 101(24) (definition of “decentralized governance system”). In the H.R. 3633 House-engrossed and Senate-referred text, the decentralized governance system definition is codified in the Title I Definitions section as paragraph (24), not in § 110 (which is the “Application of the Bank Secrecy Act” provision). ↩ ↩² ↩³

15. Industry policy literature on categorical exemption posture (Coin Center, Electronic Frontier Foundation, Variant Fund). The categorical exemption reading is contested industry-side policy work, not legal authority; cited for completeness of the doctrinal landscape. ↩ ↩²

16. H.R. 3633 § 309(b) (anti-fraud preservation language: “Subsection (a) shall not apply to the anti-fraud and anti-manipulation authorities of the Commission”); H.R. 3633 § 409 (CFTC parallel exclusion preserving anti-manipulation under CEA § 6(c)(1) and anti-fraud under CEA § 9(a)(2)). ↩

17. SEC v. LBRY, Inc., 639 F. Supp. 3d 211 (D.N.H. 2022) (summary judgment for SEC; parallel cite 2022 WL 16744741), final judgment, 2023 WL 4459290 (D.N.H. July 11, 2023) ($111,614 penalty). Court held that LBC token’s utility function did not insulate it from securities classification where team retained economic stake and promised managerial development. ↩ ↩²

18. H.R. 3633 § 201 (investment contract asset; jurisdictional pivot). ↩

19. H.R. 3633 § 202 ($75M mature-blockchain exemption; 4-year maturity timeline). ↩ ↩²

20. Application of the Federal Securities Laws to Certain Types of Crypto Assets and Certain Transactions Involving Crypto Assets, Securities Act Release No. 33-11412 (Mar. 17, 2026, eff. Mar. 23, 2026), available at https://www.sec.gov/files/rules/interp/2026/33-11412.pdf (defining “decentralized” as “functions and operates autonomously with no person, entity, or group of persons or entities having operational, economic, or voting control”). ↩ ↩² ↩³ ↩⁴

21. Risley v. Universal Navigation Inc., No. 23-1340 (2d Cir. 2025), affirming No. 1:22-cv-02780 (S.D.N.Y. Aug. 29, 2023) (Second Circuit affirmance of dismissal of private securities-law claims against Uniswap Labs; protocol characterized as “neutral, automated tool”; ETH characterized as commodity). ↩ ↩² ↩³

22. Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO, Exchange Act Release No. 81207 (July 25, 2017) (SEC concluded that DAO governance token voting did not satisfy “efforts of others” Howey prong where curators retained discretion over which proposals to implement). ↩

23. William Hinman, Dir., SEC Div. of Corp. Fin., Digital Asset Transactions: When Howey Met Gary (Plastic) (June 14, 2018). The Hinman speech introduced the “sufficiently decentralized” framing, but its precedential value has been extensively contested in SEC v. Ripple and related litigation; courts have declined to treat the speech as binding agency policy. Cited with caveat. ↩

24. Jesse Walden, Progressive Decentralization: A Playbook for Building Crypto Applications (Jan. 2020); Miles Jennings (a16z Crypto), Principles & Models of Web3 Decentralization (Apr. 2022); Marc Boiron (Variant Fund), Sufficient Decentralization: A Playbook for web3 Builders and Lawyers (Aug. 2, 2022). Industry-published policy frameworks the Seven Control Surfaces synthesizes; cited as policy work, not legal authority. ↩

25. Van Loon v. Dep’t of the Treasury, 122 F.4th 549 (5th Cir. 2024) (No. 23-50669, decided Nov. 26, 2024) (holding immutable smart-contract code is not property subject to OFAC sanctions). ↩ ↩²

26. U.S. v. Roman Storm, No. 23-cr-430 (S.D.N.Y. Aug. 6, 2025) (jury convicted defendant of conspiracy to operate unlicensed money-transmitting business; deadlocked on sanctions-evasion and money-laundering counts; retrial pending; Rule 29 motion pending as of article date). ↩ ↩² ↩³

27. In re Avraham Eisenberg, CFTC Docket No. 8647-23 (Jan. 9, 2023) (civil action establishing oracle price-feed manipulation as actionable market manipulation under CEA § 6(c)(1)); SEC v. Eisenberg, No. 1:23-cv-00503 (S.D.N.Y. filed Jan. 2023) (civil action; SEC characterized MNGO governance token as security). Note: criminal convictions in parallel U.S. v. Eisenberg matter were vacated May 23, 2025; civil status to be reverified at draft. ↩

28. Industry policy frameworks on trajectory-versus-snapshot governance analysis (Variant Fund, Paradigm). Trajectory-based reading is industry policy posture; SEC March 17, 2026 Release No. 33-11412 takes a snapshot-controlled approach. ↩

29. Securities Exchange Act § 10(b), 15 U.S.C. § 78j(b) (anti-fraud authority preserved). ↩

30. Commodity Exchange Act § 6(c)(1), 7 U.S.C. § 9 (CFTC anti-manipulation). ↩

31. Commodity Exchange Act § 9(a)(2), 7 U.S.C. § 13(a)(2) (CFTC anti-fraud). ↩

32. BlockFi Lending LLC, Securities Act Release No. 33-11029 (Feb. 14, 2022), $50M SEC settlement plus $50M state settlements (SEC applied Howey and the Reves v. Ernst & Young family-resemblance test to crypto lending products; held to be both investment contracts and notes). ↩

33. In re Blockratize, Inc. (Polymarket), CFTC Order (Jan. 3, 2022), $1.4M civil penalty (CFTC found that deploying smart contracts to operate event-based binary options without CFTC registration violates CEA; CFTC authority reaches DeFi protocol activity, not just individual actors). ↩

34. Atkins’s Innovation Exemption Investment Contract Safe Harbor framework, announced at DC Blockchain Summit (Mar. 17, 2026); OIRA pre-publication review submission (Apr. 6, 2026); rulemaking package pending Federal Register publication as of article date. ↩

35. See The SEC’s Innovation Exemption: A Founder’s Decision Guide to the Atkins Token Safe Harbor (Astraea Counsel APC, May 2026), cross-reference for §III.D Loper Bright APA-challenge analysis and the cessation-test mechanics. ↩

36. Loper Bright Enterprises v. Raimondo, 144 S. Ct. 2244 (2024) (Court eliminated Chevron deference; agencies retain authority only within express statutory delegations); the Van Loon opinion invoked Loper Bright in conducting de novo statutory interpretation of IEEPA’s “property” definition. ↩

37. CFTC v. Ooki DAO, No. 3:22-cv-05416 (N.D. Cal. June 8, 2023) (default judgment imposing CFTC liability on unincorporated DAO). ↩

38. Wyoming SF 50, Decentralized Unincorporated Nonprofit Association Act (signed Mar. 7, 2024; eff. July 1, 2024), available at https://www.wyoleg.gov/2024/Introduced/SF0050.pdf (Wyoming DUNA — legal entity status with limited liability and DLT-based governance for DAOs). ↩ ↩²

39. Senate Banking Comm., Manager’s Amendment to H.R. 3633 (May 12, 2026 text), available at https://www.banking.senate.gov/imo/media/doc/market_structure_draft.pdf. ↩

40. Senate Banking AML/DLM provision adopted at the May 14, 2026 markup of H.R. 3633 (directing Treasury to publish sanctions and AML guidance for U.S.-operated DeFi front-ends — “distributed ledger messaging systems”). Final markup language pending publication; cite to markup record. ↩ ↩²

41. Methodology for reconciliation forecast (§IX): inputs include filed amendments to H.R. 3633 and S. 3755 as of May 14, 2026; industry comment letters submitted to House Financial Services and Senate Banking Committees; reported reconciliation positions from CoinDesk, The Block, and Bloomberg Law as of May 14, 2026; and Senate Banking Committee staff guidance. ↩

42. Blockchain Regulatory Certainty Act, H.R. 1747, 118th Cong. (2023-2024) (Emmer/Torres); direct statutory ancestor of Sec. 309’s money-transmitter developer carveout. Available at https://www.congress.gov/bill/118th-congress/house-bill/1747. ↩

43. Morrison v. National Australia Bank Ltd., 561 U.S. 247 (2010) (establishing the transactional test for U.S. securities-law extraterritoriality; subsequent doctrine developed the “effects test” framework for U.S. jurisdiction over conduct with U.S. nexus). ↩

44. California Digital Financial Assets Law, Cal. Fin. Code § 3800 et seq. (eff. July 1, 2026) (applying to Digital Financial Asset Business Activity conducted with California residents; does not include a DeFi developer exemption tracking Sec. 309). ↩

45. H.R. 3633 § 308 (state preemption; covered-security treatment under NSMIA for classified digital commodities; does not reach state money-transmitter, consumer-protection, or DFAL-analogue regimes). ↩

46. Digital Millennium Copyright Act, 17 U.S.C. § 512 (safe-harbor architecture conditioning ongoing intermediary protection on continuing technical compliance, including repeat-infringer policies, notice-and-takedown responsiveness, designated-agent registration, and knowledge-pattern audits). Cited as doctrinal analogue for the continuing-compliance posture Sec. 309 reliance requires. ↩