JPMorgan and MIT Built a Payment Token Blueprint.

They Forgot the Foundation.

Originally posted by Greg Chew via LinkedIn

The collaboration between MIT’s Digital Currency Initiative and JPMorgan’s Kinexys division produced something rare: a genuinely thoughtful analysis of what regulated financial institutions need from blockchain-based payment systems.

The 39-page report, Designing Payment Tokens for Safety, Integrity, Interoperability and Usability, catalogues requirements, maps existing standards, identifies gaps, and proposes solutions.

It deserves serious engagement and discussion, especially as we emerge into what I believe will be a big year for blockchain rather than the crypto casino. So here is my take in that spirit.

The Problem They Name But Cannot Solve

Deep in the report, the authors make a striking admission about the state of blockchain standards:

“There is general apprehension about the proliferation of standards, where specifications developed by individual parties are framed as standards even when adoption is limited. The benefits of standards are realized through convergence and alignment, and there is a need to move beyond ‘your’ standards versus ‘my’ standards, towards the convergence of ‘our’ standards.”

This is exactly right. The blockchain ecosystem is drowning in competing standards that serve their creators’ interests. ERC-20, ERC-721, ERC-1400, ERC-3643, ERC-4337. The report maps fifteen different token standards against its functionality requirements. Each was proposed by parties with stakes in their adoption. None provides neutral ground.

The authors recognise that “reaching consensus on a single set of standards may be challenging for ecosystem participants.” Their proposed solution is “composable standards”, modular, narrow specifications that institutions can mix and match.

But composable standards still require a foundation to compose upon. And here’s where the analysis breaks down.

Building on Sand

The entire prototype is built on “EVM-based blockchains”, meaning Ethereum or its derivatives. The report acknowledges governance concerns but defers them:

“Concerns stem mainly from the governance of open blockchains, particularly public blockchains where there is no central operator. In such scenarios, operating part of the infrastructure, such as hosting nodes and mining blocks, might be required to mitigate the risks.”

Required by whom? Mitigated how? The report offers no answers because there are no good answers on Ethereum.

The Consensus Problem

Anonymous proof-of-stake enables collusion without accountability. Four entities – Lido, Coinbase, Kraken, and Binance – control approximately 60% of Ethereum’s staked value. The Ethereum Foundation makes governance decisions that affect all participants. When JPMorgan builds payment infrastructure on this foundation, they inherit all of it. Their carefully designed administrative controls, their composable standards, their regulatory compliance. All of it sits atop infrastructure controlled by parties with no accountability to JPMorgan’s clients or regulators.

The report identifies privileged administrative functions as a concern: “the existence of such functions may raise concerns about potential misuse.” They propose transparency and observability as solutions. But transparency at the application layer cannot compensate for opacity at the consensus layer. You cannot observe what anonymous validators are coordinating.

The Scaling Problem

The paper proposes building on “EVM-based blockchains.” Ethereum mainnet sustains approximately 15-30 TPS in practice. Kinexys Digital Payments already processes over $2 billion daily on private infrastructure. If the authors intend to bring payment token standards to public Ethereum at anything approaching institutional volumes, they will inevitably turn to ‘Layer 2’ so called ‘solutions’. There they will face a mathematical impossibility that the Ethereum fanboys are desperately hoping that nobody is thinking about – sorry chaps, we did and we have. What follows isn’t our opinion, it’s mathematical impossibility.

Every transaction requires minimum irreducible data: sender address (20 bytes), receiver address (20 bytes), and cryptographic signature (65 bytes). 105 bytes that cannot be compressed away. At 10,000 TPS, a modest throughput for institutional settlement, this requires 12.6 MB per Ethereum block. Ethereum’s practical block capacity is approximately 100,000 bytes. The blob space added by EIP-4844 provides 1.125 MB for ALL Layer 2s combined. The arithmetic doesn’t work.

Layer 2s don’t solve Ethereum’s scaling problem, they prove it cannot be scaled.

The Security Problem

The EVM ecosystem’s security model is fundamentally compromised at the supply chain level. We have covered this before in a long form and short form video – links in the references below. MetaMask, the dominant wallet in the EVM ecosystem, relies on 212,620 NPM packages from anonymous contributors. In September 2025, 18 NPM packages were hijacked, affecting 2 billion weekly downloads, installing crypto-stealing malware. This is not historical. This is the current state of Ethereum wallet security.

The report proposes transparency and observability for administrative functions. But you cannot observe a supply chain attack until after it has succeeded. You cannot audit 212,620 packages maintained by strangers who can push updates at any time.

The Real Question They Cannot Ask

The fundamental question the report cannot ask is: Who controls the infrastructure on which payment tokens operate?

For private permissioned blockchains like Kinexys Digital Payments (which processes over $2 billion daily), JPMorgan controls it.12 That’s appropriate: they’re accountable to regulators and clients, so they should control it.

For public blockchains, the answer is: anonymous validators, protocol foundations, and whoever accumulates enough stake to influence consensus. That’s not a foundation for institutional finance. That’s a foundation for regulatory arbitrage.

The Finality Question

The authors raise finality as a concern: “The decentralized nature of public blockchains and the consensus mechanisms used to achieve decentralization allow for blocks to be proposed by different parties, sometimes leading to situations where some blocks are discarded… Consequently, finality in this context is probabilistic rather than deterministic.”13

Let me be precise here, because this matters for institutional settlement.

All finality is probabilistic. T+2 equity settlement can be reversed. Wire transfers can be clawed back. Even physical cash can be counterfeit. The question isn’t whether finality is probabilistic—it’s what the probability depends on, and how quickly it converges to near-certainty.

Ethereum’s finality depends on trusting validators not to collude. With 60% of stake controlled by four entities, that’s a governance question: will these parties coordinate a reorg? Will they comply with a social consensus to roll back transactions?

This is not theoretical either. In 2016, the Ethereum community did exactly this: the DAO hack resulted in a hard fork (EIP-779) that reversed approximately $60 million in transactions that had achieved “finality” under the protocol’s consensus rules.14 The transactions were final. Until the community decided they weren’t.

The probability of Ethereum finality holding is high. But it’s a probability about human behaviour and governance decisions, not mathematics. And we have direct evidence that Ethereum’s community will reverse “final” transactions when sufficiently motivated.

Proof-of-work finality depends on computational reality. Each block requires actual work that cannot be faked. The probability of reversal decreases exponentially with each confirmation, not because validators choose to behave, but because reversing would require outcomputing the network’s cumulative work from that point forward. After sufficient confirmations, reversal becomes computationally infeasible regardless of any party’s intentions or governance decisions.

For institutional settlement, what matters is:

The question isn’t probabilistic versus deterministic.
The question is: does your settlement depend on trusting parties to behave, or on mathematics that parties cannot circumvent?

What Would Actually Work

The report correctly identifies what payment tokens need: safety, integrity, interoperability, and usability. It correctly identifies the limitations of current standards. It correctly calls for “our standards” rather than competing proprietary specifications.

But “our standards” require neutral ground: infrastructure that no party controls, where convergence can occur without requiring trust in competitors.

This requires a governance-free resource layer. Not a private chain (which is an island). Not a ‘public chain’ with anonymous governance (which is someone else’s kingdom). A resource layer with:

• Proof-of-work consensus, so participants don’t need to be known or trusted
• No administrative keys, so no party can censor or reorder transactions
• Finality that depends on mathematics, not governance, meaning probability converging to near-certainty through computational work, not trust in validator behaviour
• Connection points for sovereign infrastructure, so institutions control their own governance while settling through neutral ground

Such infrastructure exists. It has been operational since October 2024.

Liechtenstein is building national blockchain infrastructure with it. The Liechtenstein Trust Integrity Network (LTIN) is majority-owned by state Telecom Liechtenstein, regulated under the Liechtenstein Blockchain Act with EU MiCAR compliance. Bank Frick, Bitcoin Suisse, and Zilliqa are founding participants alongside QPQ. This is not a pilot. This is a European sovereign deploying the architecture for production financial infrastructure.

The architecture the MIT DCI/Kinexys paper describes – composable standards, modular functionality, regulatory compliance – works better on neutral ground than on Ethereum. Institutions can maintain sovereign governance over their own infrastructure while settling through a resource layer controlled by no one, where finality depends on mathematics rather than trusting anonymous validators not to collude.

The Invitation

The authors conclude by hoping their work “can serve as a starting point for further dialogue and collaboration with the ecosystem.”

We accept. This article is the shorter version of my exploration of the points they are raising.

The blockchain and tooling designed for exactly what you’re describing exists. A European sovereign has already validated it. We built it. We’d welcome the opportunity to show you.

Reference Links

MIT Digital Currency Initiative and Kinexys by J.P. Morgan, “Designing Payment Tokens for Safety, Integrity, Interoperability and Usability,” https://www.jpmorgan.com/kinexys/documents/designing-payment-tokens-for-safety-integrity-interoperability-usability.pdf

2 Billion Wallets Hacked: Why Your Crypto Isn’t Safe (And Never Was) [Long form] https://rumble.com/v6yqsls-2-billion-wallets-hacked-why-your-crypto-isnt-safe-and-never-was.html

2 Billion Wallets Hacked: Why Your Crypto Isn’t Safe (And Never Was) [Short form] https://youtu.be/P_Z-QwFNm9M

A subsequent post will be published in relation to this shortly.