Recently I came across a post which argues that the best way to stop crypto scams/rug is by enforcing KYC on people that have control over contracts, as that enables accountability in case funds are rugged. The post makes the point that as an industry we should create KYC standards to prevent more rugs/scams.
This type of discourse carries heavy implications that are somewhat hidden, so I wanted to provide a counter-argument since a lot of it also applies to our daily operations at defillama. I'll focus on two quotes from the article:
by far the most effective way to ensure that a project is secure is to have those in control of the main contracts undergo hard KYC/AML while the rest of the project can remain pseudonymous.
Those of us in the development space often forget that our knowledge and capabilities far exceed those of people who are not devs. While we can laugh amongst ourselves at the “normies,” we need to remember that when technology outpaces the ability of regulators to comprehend it and create meaningful and useful legal space for it, we all end up losing. That means it is part of our responsibility to help guide the standards for how DEFI will continue to integrate into the world. From an engineering standpoint, standards not only provide guidance, but also create a framework for innovation.
Similar ideas can be found in the recent buzzfeed article that doxxed BAYC founders, and even at DefiLlama we get many requests that echo this sentiment, asking us to delist projects that people perceive as a scam, arguing that by keeping them on our site we are endorsing them and that allows them to keep scamming people.
Fundamentally, this seems to stem from the idea that users should be protected, and that the way to do so is by limiting their autonomy. Not just that but there's people that know better than them what's good for themselves and thus should be allowed to make decisions for them.
This sounds quite similar to the laws in multiple countries like the US that prevent normal people from taking part in VC investments. These come down to saying that users are too stupid to correctly assess VC risks and they must be prevented from taking these for their own good, because government knows better than them what's good for them and only rich people are good enough to assess these risks and have the ability to invest.
Blockchains flip that on it's head. You have your money and you can use it any way you want, whether that be by putting it on straight up ponzis, buying worthless coins, or farming on some protocol with an anon founder that could rug the whole thing. It lets users make their own risk assesments and execute them, without anyone restricting their autonomy.
Let's embrace this. If people want to put money on protocols with anon founders then that's it, there's no need for anyone to make decisions for anyone else, just let people make their own choices. Let's abandon the idea that users are stupid and need to be protected by someone with more knowledge, they are just mature people that are making their own decisions based on their own risk assesments.
This is our approach at defillama: we list everything. Our role is just to provide accurate data, we don't make decisions for our users. We won't remove any protocol because a user could discover it on defillama, instead we treat users as autonomous people that can make their own decisions and we certainly don't believe we are better than them and should be telling them what to do.
Please don't mistake this as a defense for rugs/scams. These are bad and should be banished, however I don't believe that the solution goes through restricting users. I'm also not against informing users or telling them that it's best to stay away from things that you deem unsafe, all I'm saying is that if two parties make a deal then there's no reason a third party should have to decide if that's okay or not.