Staking is a security. The SEC's Howey Test defines an investment contract by a common enterprise with an expectation of profits from others' efforts. Passive yield generation from validator services fits this definition precisely, unlike the active work of DeFi protocols like Uniswap or Aave.
the-sec-vs-crypto-legal-battles-analysis
Blog
Why 'Passive Income' from Staking Guarantees SEC Attention
An analysis of how marketing staking rewards as 'passive income' or 'yield' creates an expectation of profit from the efforts of others, satisfying the Howey Test and guaranteeing SEC scrutiny, regardless of a network's technical decentralization.
introduction
THE REGULATORY TRAP
Introduction
Staking's promise of passive income is a legal liability, not a feature.
Marketing guarantees scrutiny. Protocols that advertise 'set-and-forget' returns from Lido or Rocket Pool are explicitly promising the profit expectation the SEC targets. This contrasts with the fee-for-service model of infrastructure like Chainlink or The Graph, which are harder to classify as securities.
Evidence: The SEC's settled charges against Kraken in 2023 explicitly cited its staking-as-a-service program as an unregistered securities offering. This established the agency's enforcement template.
key-trends
THE REGULATORY TRAP
Executive Summary
Staking's 'passive income' narrative directly triggers the Howey Test's 'expectation of profit from the efforts of others', creating an unavoidable legal hazard for protocols.
01
The Howey Test: A Three-Pronged Spear
The SEC's primary weapon. Staking services check every box:\n- Investment of Money: Users deposit ETH or other tokens.\n- Common Enterprise: Funds are pooled in a validator or protocol.\n- Expectation of Profit: Promoted as 'passive income' or 'yield'.\n- From Efforts of Others: Profit depends on the protocol's technical and promotional work.
3/3
Howey Prongs Met
100%
SEC Focus
02
Lido & Coinbase: The Precedent Setters
The SEC's actions against these entities define the battlefield. Lido's stETH and Coinbase Earn were explicitly cited as unregistered securities. The common thread is the marketing of a hands-off, yield-generating product. This sets a precedent that ensnares any protocol using similar language, regardless of technical decentralization.
$20B+
stETH Market Cap
2
Major Cases
03
The Marketing Mousetrap
Protocols are hoist by their own petard. To attract TVL, they market 'yield' and 'rewards'. This creates the documented 'expectation of profit' the SEC needs. The technical reality—running validators, slashing risk—is irrelevant if the front-end message is 'set it and forget it' income. This language is a gift to regulators.
~5% APY
Common Promise
0
Legal Defense
04
The 'Passive' vs. 'Active' Illusion
A false technical defense. Protocols argue staking is 'active' due to slashing risk or delegation choice. The SEC sees a retail user clicking 'Stake' and receiving automated rewards. The legal perspective focuses on the user's experience, not the backend mechanics. If it feels passive to the investor, it's a security.
1-Click
User Action
High
Regulatory Risk
05
The Pooling Problem
Liquid staking tokens (LSTs) like Rocket Pool's rETH or Frax's sfrxETH compound the issue. They represent a share in a pooled validator set, creating a textbook 'common enterprise'. The fungibility and tradability of the LST make it indistinguishable from a security in the SEC's view, more so than solo staking.
$50B+
LST TVL
Direct Hit
Howey Test
06
The Only Exit: Reframe or Register
There are two paths, both painful. 1. Reframe: Eliminate 'yield' and 'income' from all messaging. Call it 'network security participation' or 'validation rewards'. This kills growth. 2. Register: Become a compliant securities offering, which destroys the permissionless model. Most protocols are stuck in the middle, guaranteeing SEC attention.
0
Painless Options
Inevitable
Confrontation
thesis-statement
THE SECURITY LABEL
The Core Argument: Marketing Overrides Mechanics
Protocols that market staking as 'passive income' create an expectation of profit, which is the legal definition of a security under the Howey Test.
Marketing creates the expectation. The Howey Test hinges on an 'expectation of profits from the efforts of others'. When a protocol's website, like Lido or Rocket Pool, advertises 'earn yield' or 'passive income', it directly establishes this expectation for retail users.
Mechanics are legally irrelevant. Whether the token is 'utility-based' or the staking is 'non-custodial' does not override the marketing message. The SEC's case against Coinbase centered on this exact point: promotional language defines the asset's character.
Decentralization is a weak defense. Protocols like Ethereum, after its Merge, argue staking is a core protocol function. However, for most Layer 1s and liquid staking tokens (LSTs), the centralized promotional entity (the foundation or core dev team) is clearly driving the profit expectation.
Evidence: The SEC's 2023 lawsuits explicitly cited staking-as-a-service programs. Chair Gensler stated, 'These are securities because the investing public is anticipating profits based on the efforts of others.' This is a direct roadmap for enforcement.
WHY 'PASSIVE INCOME' FROM STAKING GUARANTEES SEC ATTENTION
The SEC's Enforcement Playbook: A Pattern Emerges
Comparative analysis of the legal and operational characteristics that trigger SEC enforcement actions, using recent cases as precedent.
| Critical Enforcement Trigger | Howey Test 'Investment of Money' | Howey Test 'Common Enterprise' | Howey Test 'Expectation of Profits' | Howey Test 'From Efforts of Others' |
|---|---|---|---|---|
Capital Contribution Required | ||||
Pooled Funds / Shared Fate | Investor funds commingled in protocol treasury | Staker rewards tied to overall network performance | Node operator slashing affects all delegators | Protocol revenue distributed pro-rata to token holders |
Yield Source & Marketing | "Earn up to 8% APY" (Kraken) | "Passive income" (Lido, Rocket Pool) | "Rewards" from transaction fees (Proof-of-Stake) | "Staking as a Service" (Coinbase, Binance) |
Role of Promoter/Protocol Team | Protocol developers control smart contract upgrades | Foundation controls governance and treasury | Core team executes roadmap and partnerships | Service provider operates validation infrastructure |
Investor's Managerial Effort | Token holder votes on governance proposals (minimal) | Delegator selects validator (one-time action) | Liquid staker holds derivative token (zero effort) | Custodial staker has no technical involvement |
SEC Precedent Case | Kraken Settlement (Feb 2023) | Coinbase Wells Notice (Mar 2023) | Terraform Labs (LUNA) Case | Ripple (XRP) Ongoing Litigation |
Implied Regulatory Outcome | Registration as a securities offering required | Must register as a national securities exchange | Token itself may be deemed a security | Staking service is an unregistered broker-dealer |
deep-dive
THE LEGAL FRAMEWORK
Howey Test Deconstructed: Why 'Efforts of Others' is the Kill Shot
The 'efforts of others' prong of the Howey Test is the primary vector for SEC enforcement against passive staking models.
Passive income guarantees scrutiny. The SEC's case against Kraken's staking service established that delegating tokens to a third party for rewards is a textbook security. The user's reliance on the promoter's managerial efforts to generate yield is the critical factor, not the underlying blockchain's decentralization.
Protocol design is irrelevant. Whether staking secures Ethereum or a centralized chain like Solana, the legal analysis focuses on the user's relationship with the service provider. A user clicking 'stake' on Coinbase is not validating transactions; they are buying into a pooled investment contract managed by Coinbase's infrastructure.
The kill shot is delegation. The SEC's 2023 Wells Notice to Coinbase targeted its staking program specifically. The agency argues that when users surrender control of their tokens to a centralized entity that performs all technical operations, the 'efforts of others' prong is definitively satisfied, regardless of the asset's initial classification.
counter-argument
THE SECURITY MISMATCH
Steelman: "But Ethereum is Decentralized!"
Ethereum's technical decentralization does not immunize its staking rewards from being classified as a security under the Howey Test.
The Howey Test is agnostic to network architecture. The SEC's analysis focuses on the economic relationship between the investor and the promoter. A common enterprise exists via the pooled validator set and the expectation of profits is explicit in staking's yield.
Lido and Coinbase are key precedents. Their centralized staking services received Wells notices, establishing that the SEC views the staking-as-a-service model as a security. The logical extension applies this to the underlying protocol reward mechanism.
Passive income is the trigger. Unlike Proof-of-Work mining, which required active capital expenditure and operational work, Proof-of-Stake rewards are generated by simply locking an asset. This passive yield structurally resembles an investment contract's return.
Evidence: The SEC's case against Kraken settled with the exchange shutting its U.S. staking service. Chair Gensler's public statements consistently equate staking rewards with securities, regardless of the validator's technical setup.
case-study
THE SECURITY-REGULATORY FRONTIER
Case Studies in Regulatory Risk: Lido, Rocket Pool, and Beyond
The promise of 'passive income' from staking is a direct invitation for SEC scrutiny, as it mirrors the economic reality of an investment contract. These protocols are the test cases.
01
Lido: The Centralization Paradox
Lido's $30B+ TVL and 32% market share on Ethereum make it a systemic risk and a prime target. Its liquid staking token (stETH) is a clear security: it represents a claim on future staking rewards derived from a common enterprise. The SEC's case against Kraken's staking service sets a clear precedent.
- Howey Test Trigger: Profit expectation from the managerial efforts of Lido DAO's node operators.
- Existential Risk: A successful enforcement action could classify stETH as an unregistered security, crippling its DeFi composability.
32%
ETH Staked
$30B+
TVL at Risk
02
Rocket Pool: The Decentralization Defense
Rocket Pool's permissionless node operator model and dual-token system (RPL/rETH) is a deliberate architectural hedge against the Howey Test. By minimizing the 'common enterprise' factor, it argues rewards are earned from individual node operation, not a centralized managerial effort.
- Regulatory Arbitrage: Node operators are independent actors, not employees of the protocol.
- Structural Weakness: The 16 ETH bond requirement and RPL collateral still create a unified economic scheme the SEC could challenge.
~3.5%
ETH Staked
2,900+
Node Operators
03
The Liquid Staking Endgame: Enforcement or Exemption?
The SEC's path is binary: enforce against the sector or grant a regulated exemption. Neither outcome is clean. Enforcement fragments liquidity and pushes staking offshore. Exemption legitimizes the asset class but imposes KYC/AML and custody rules that break DeFi's permissionless model.
- Precedent Watch: The outcome for Coinbase and Kraken will define the battlefield.
- Architectural Shift: Protocols are already adapting with non-transferable receipts (e.g., EigenLayer's native restaking) to avoid creating a tradable 'security'.
100%
Sector Exposure
$40B+
Total LSD Market
future-outlook
THE REGULATORY REALITY
The Path Forward: Survival in a Post-SEC Staking World
The SEC's Howey Test targets any protocol promising passive income from a common enterprise, making traditional staking a legal liability.
Passive income guarantees SEC scrutiny. The Howey Test's 'expectation of profit' prong is triggered by marketing staking as a passive yield service, as seen in the Kraken and Coinbase lawsuits. This legal framework treats staking pools as unregistered securities offerings.
The solution is active validation. Protocols like EigenLayer and Lido are pivoting to frameworks where stakers actively choose operators and restaking strategies. This transforms the user's role from a passive investor to an active network participant, altering the legal characterization.
Decentralization is a technical defense, not a marketing term. A truly decentralized network like Bitcoin or Ethereum (post-Merge) avoids the 'common enterprise' prong. The SEC's case against Ripple hinged on centralized control; protocols must architect validator selection and governance to be credibly neutral.
Evidence: The SEC's 2023 settlement with Kraken explicitly required the shutdown of its U.S. staking-as-a-service program, labeling it an unregistered security. This action created the regulatory precedent that now defines the market.
takeaways
SEC RISK ASSESSMENT
TL;DR for Builders
Staking-as-a-service models promising passive income are a regulatory red line. Here's the technical breakdown of why.
01
The Howey Test's Third Prong: Expectation of Profits
Promoting 'yield' or 'rewards' from a common enterprise triggers the core investment contract analysis. The SEC's case against Kraken ($30M settlement) explicitly targeted staking-as-a-service for this.
- Key Risk: Marketing language is primary evidence. 'Earn', 'APY', 'Passive Income' are direct triggers.
- Mitigation: Frame rewards as 'network participation incentives' or 'protocol utility fees'. Separate token from service.
$30M
Kraken Settlement
Prong 3
Howey Trigger
02
The Lido & Rocket Pool Precedent: Decentralization as a Shield
Protocols that minimize managerial effort and offer non-custodial, permissionless participation argue against a 'common enterprise'. Lido (DAO governance) and Rocket Pool (decentralized node operators) structure for this defense.
- Key Design: Eliminate central profit-taking entity. Use DAO-controlled treasuries and open-source node software.
- Trade-off: Increased complexity and potentially lower initial yields versus centralized competitors.
$20B+
Lido TVL
DAO-Governed
Key Structure
03
Technical vs. Financial Yield: The Infrastructure Play
Reframe the service. Providing secure RPC endpoints, MEV-boost relay integration, or slashing insurance is infrastructure, not an investment product. This aligns with the SEC's historical tolerance for cloud computing or data services.
- Solution: Productize the operational stack. Charge fees for uptime, not a share of staking rewards.
- Example: Offer 'Validator-As-A-Service' with a flat monthly fee, explicitly excluding reward-sharing.
Fee-Based
Revenue Model
0% APY Promised
Marketing Rule
ENQUIRY
Get In Touch
today.
Our experts will offer a free quote and a 30min call to discuss your project.
NDA Protected
Confidentiality24h Response
Time to ValueDirectly to Engineering Team
No Sales Fluff10+
Protocols Shipped
$20M+
TVL Overall