top of page
  • J Huang and S Pettigrove

A bridge too far? Cross-chain bridges under MiCA

The EU's Markets in Crypto-assets Regulation (MiCA or MiCAR), one of the first comprehensive regulatory framework for crypto-assets, will come into force in 2024 across the EU. Since MiCA was introduced in its draft form, there has been ongoing debate on how the regime would impact different corners of the crypto world, for example, crypto exchanges, ICOs, stablecoins and decentralised finance (DeFi). Recently, the battlefield has been extended to another vital component of the crypto ecosystem: cross-chain bridges.

What are cross-chain bridges?

In brief, cross-chain bridges are software applications that enable transactions to occur between various blockchains by enabling the transfer of assets and information between blockchain networks.

Transferring digital assets between different blockchains can be beneficial for many reasons. For example, someone might want to transfer their Bitcoin to the Ethereum blockchain to use it on DeFi platforms, where they can potentially earn interest on their Bitcoin (in that case, wrapped Bitcoin or wBTC).

These so-called "cross-chain" or "bridge" protocols typically create synthetic crypto-assets called “bridged” or “wrapped token”. Bridges require a person to transfer an underlying crypto-asset to the address of a centralised third party or a smart contract on the blockchain supporting that crypto-asset, which in turn issues, through a smart contract, a crypto-asset representing the underlying crypto-asset on a different blockchain (the wrapped token).

As the wrapped token purportedly is backed by the underlying crypto-asset on a 1:1 basis and can be redeemed for the underlying crypto-asset at any time, it is designed to be the economic equivalent of that asset.

In its Decentralised Finance Report, the International Organization of Securities Commissions (IOSCO) gave two prominent examples of how bridge protocols and wrapped tokens work:

  • wBTC gives holders of BTC the ability to participate in DeFi protocols running on other blockchains, such as Ethereum, through a process that locks up their BTC holdings (for so long as the wBTC is outstanding) but does not require them to sell the tokens.

  • Wrapped ether (wETH) is another token that is increasingly being used as, among other things, a bridge to Ethereum-compatible networks that enable faster and cheaper transaction execution (e.g., a Layer 2 network).

These bridged or wrapped tokens offer synthetic exposure to an underlying or reference crypto-asset, and are affected by events involving both the reference asset, including volatility, and the blockchain to which it is bridged.

Separately, there are tokens that are intended to offer same exposure to an underlying reference asset and are similar to traditional derivatives such as options, swaps, and more complex structured products.

What elements of cross-chain bridges may attract regulation under MiCA?

Around a dozen types of crypto-asset services are expressly regulated under MiCA. A typical cross-chain bridge may involve a number of them, for example, crypto-asset custody, issuance, and transfer.

Crypto custody

Crypto-asset custody is defined in MiCA as follows: 

Safekeeping or controlling, on behalf of third parties, crypto-assets or the means of access to such crypto-assets, where applicable in the form of private cryptographic keys.

Bridging protocols would appear to prima facie satisfy this definition where operated by a centralized intermediary.

Crypto issuance

As cross-chain protocols typically create synthetic crypto-assets (e.g. wBitcoin and wETH) on the destination chain, prima facie, they also involve crypto issuance.

However, the nature of any such issuance will need to be carefully considered. In general, the issuance of a crypto-asset is only regulated by MiCA where it is offered to the public or admitted to trading on a trading platform, except when the crypto-assets are of specific types, such as asset-referenced tokens (ARTs) and e-money tokens (EMTs). Issuers of ARTs and EMTs will be subject to certain reporting obligations.

Crypto transfer

MiCA defines crypto-asset transfer services as follow:

Providing services of transfer, on behalf of a natural or legal person, of crypto-assets from one distributed ledger address or account to another

This broad definition is also a material consideration for cross-chain bridges that facilitate transfers between blockchains and, accordingly, from one distributed ledger address account to another.

However, the identity of the provider of the above-mentioned crypto-asset services is also important.

Possible exemption: full decentralisation?

MiCA's application to DeFi projects is currently uncertain and subject to ongoing consultation in the EU. Such uncertainties arise from Recital 22 of MiCA which indicates an intention not to regulate so-called "fully decentralised" projects. However, the notion of what it means to be "fully decentralised" does not have a fixed definition and is a matter of debate among industry experts.

This Regulation should apply to natural and legal persons and certain other undertakings and to the crypto-asset services and activities performed, provided or controlled, directly or indirectly, by them, including when part of such activities or services is performed in a decentralised manner. Where crypto-asset services are provided in a fully decentralised manner without any intermediary, they should not fall within the scope of this Regulation.

(our emphasis)

Even if a cross chain protocol involves a crypto-asset service, MiCA's intention appears to be only to regulate that service if there is an identifiable crypto-asset service provider (CASP) which provides the relevant service - making a cross-chain protocol outside of MiCA's jurisdiction when it is fully decentralised and no CASP can be identified.

It is no easy task to rely on this exemption. Critics have pointed out that it is practically impossible for a project to be "fully decentralised" depending on how the term is defined, and also that decentralisation and disintermediation (which appear to be confused as the same thing in MiCA) are very different concepts.

In response, the European Security Markets Authority (ESMA) has released a consultation paper acknowledging the fact that DeFi can operate in a manner in which a person can access a blockchain or smart contract based application as a mere user of a tool or piece of technology, rather than through forming a contractual relationship as service provider and customer.

ESMA's approach seems somewhat at odds with recent IOSCO recommendations which asserted that DeFi is not sufficiently different to existing financial services and so should be addressed in broadly the same way.

The question of whether a particular suite of smart contracts is decentralised will remain subject to nuanced analysis. It is hoped that further clarity can be provided in the final MiCA regulations or guidance before MiCA comes into force in June 2024. We will watch this space closely.

Written by J Huang, S Pettigrove and M Bacina


bottom of page