This week, the Commodity Futures Trading Commission (CFTC) civilly charged Avraham Eisenberg with violating commodity exchange laws by allegedly manipulating crypto token and swap contract prices on Mango Markets, a decentralized crypto exchange (DEX). This follows on the heels of Eisenberg’s arrest in Puerto Rico for alleged criminal commodities fraud and manipulation in connection with the same scheme.

Contrary to a common narrative, these cases show that manipulation and fraud in crypto markets are not unregulated. They also highlight the regulatory uncertainty that decentralized marketplaces, such as Mango Markets, face with respect to what obligations they have to protect their other users from such schemes. When interpreting this incident, policymakers should recognize the differences between market manipulators and the marketplaces they exploit. Fraud already is illegal, as it should be, but prescriptive regulation of decentralized exchanges is not the best way to protect DEX users.

In our recent working paper, Regulatory Clarity for Crypto Marketplaces, we point out that it already is unlawful to intentionally or recklessly defraud or make untrue or misleading statements or omissions of material fact in connection with a contract of sale of any commodity in interstate commerce under the Commodity Exchange Act (7 U.S.C. § 9(1)) and its implementing regulations (17 C.F.R. § 180.1). Fraud, manipulation, and deception charges against Eisenberg were filed under these provisions.

In short, Eisenberg’s alleged scheme involved artificially inflating the value of collateral on Mango Markets to borrow about $114 million in various crypto tokens from the exchange and walk away with $47 million of those funds (he arranged to return approximately $67 million in a dubious effort to avoid liability). Specifically, Eisenberg allegedly set up a “wash” trade on Mango Markets by taking both the long and short positions on a type of derivative—a perpetual swap contract—that was based on the relative price of two crypto tokens, in this case the MNGO token (which offers holders certain governance rights and fee discounts on the Mango Markets exchange) and USDC (an asset‐​backed stablecoin pegged to the value of the U.S. dollar). In addition, Eisenberg purchased MNGO tokens on other exchanges, inflating both the token’s price and the value of his swap contracts in the process. Eisenberg used this expanded collateral to borrow heavily from the Mango Markets exchange and then withdraw those borrowed funds.

While commodity and swap market manipulations are nothing new, the added wrinkle here is that this scheme targeted a decentralized crypto exchange. For that reason, Eisenberg tweeted that he believes all of his actions were “legal open market actions, using the protocol as designed, even if the development team did not fully anticipate all the consequences of setting parameters the way they are.” This contention flows from an interpretation of the notion that “code is law” in the crypto context, or in other words, if the software let you do it, it isn’t illegal. The CFTC and Justice Department evidently see things differently.

Regardless of whether one buys into this particular theory of code as law when considering the liability of the manipulator, there is ambiguity when interpreting the regulatory obligations of decentralized crypto marketplaces, such as Mango Markets, themselves. At a high level, federal commodities and securities exchange regulations are designed to address the “intermediary risks” posed by financial middlemen. Sam Bankman-Fried’s FTX is an infamous example of such an intermediary. Decentralized exchanges made up of self‐​executing software programs, while not without risks, do not pose the same classic intermediary risks. For example, genuine DEXs, unlike centralized exchanges, are transparent by design and do not custody customers’ assets.

As the experience of Mango Markets demonstrates, though, DEXs can be susceptible to third‐​party manipulation. But when it comes to advancing DEXs’ consumer‐​protection and anti‐​manipulation features, one‐​size‐​fits‐​all regulations are not the answer. One reason is that because DEXs are written in open‐​source code, they can be rapidly iterated as the ecosystem learns the lessons of experience and develops compensating design features. A prescriptive regulatory regime that forces DEXs to register and become subject to the same requirements as centralized exchanges would impede this process, as novel consumer protection innovations unfamiliar to regulators would carry greater compliance risk. Voluntary DEX registration would avoid this problem and allow consumers to choose the level of protection that best serves their needs. Those choices may include DEXs that have opted to register as one way of demonstrating that their consumer protection standards are, at least, comparable to those of traditional, centralized intermediaries.

As the 118^th Congress gets underway, lawmakers looking to craft crypto marketplace policy will need to grapple with the distinctions between market manipulators and exchanges, centralized exchanges and decentralized exchanges, and mandatory and voluntary registration. To give these issues their due, the Cato Institute’s Center for Monetary and Financial Alternatives is holding a policy forum next Thursday, January 19 at noon: Differentiating DeFi: Understanding Efforts to Regulate Decentralized Finance. We hope to see you there.