This is a chapter from the book Token Economy (Third Edition) by Shermin Voshmgir. Paper & audio formats are available on Amazon and other bookstores. Find copyright information at the end of the page.
This token design thinking framework was developed to support the understanding, analysis, and design of token systems. It systematically addresses the critical questions surrounding token issuance, distribution, and governance. A series of questions guide the design thinking process in a methodical manner. This framework was also used to analyze the use cases presented in this book.
After analyzing numerous token systems, both their similarities and differences, I realized that every protocol, regardless of their final governance structure, demands a systematic evaluation of its purpose, principles, functions, stakeholders, token types (and their properties), and potential power structures. There is no one-size-fits-all solution for token design.
I developed this framework as a qualitative tool. It is intentionally comprehensive and should serve as an essential first step in the design thinking process, approaching token design from an economic, political, technical, and legal perspective. While additional quantitative modeling and analysis will be necessary, they are not the starting point of the process. Quantitative methods—though crucial—only become meaningful once the objectives, stakeholders, key measurements, and contextual factors have been clearly defined. Metrics such as the number of tokens issued (for fungible tokens) or pricing policies (for NFTs), as well as analytics indicators like total value locked, market capitalization, or gross network value, are not meaningful in isolation. They must be evaluated in relation to the token’s purpose, industry context, stakeholder structure, and other qualitative factors.
The design process should be iterative rather than linear, incorporating continuous feedback loops across the different stages of trying to answer all the questions in the tool. Iteration ensures that each question is thoroughly examined and refined in response to other connected questions. While it can be time-intensive, this approach is essential for developing robust and adaptable token systems.
This framework can be applied to model or analyze complex token systems that govern Web3-based online communities. It can also help design more simpler tokens, such as asset tokens or access-right tokens which are managed within more centralized governance structures, such as those of a private company. However, such centralized approaches contradict the principles and potential of Web3, and might prove counterproductive in the long run.
Purpose of the Token System
The first step in the design process is defining a clear purpose for the token or community one wants to create. Understanding the purpose helps to (i) identify the necessary stakeholders, (ii) determine their motivations for participation, and (iii) establish the best way to incentivize them with network tokens (in the case of a DAO) or define the business model (in the case of tokenization of real-world assets or access rights).
If one aims to create a DAO protocol that collectively maintains an infrastructure network, it is crucial that the purpose is well-defined and understood by all participants. A clearly articulated purpose simplifies the alignment of tokenized incentives and supports the development of a resilient and sustainable economy. Single-purpose protocols can be seen as collectively maintained public (often global) infrastructure networks. Multi-purpose protocols, designed to provide various services, may face coordination challenges similar to those encountered by nation-states. These challenges stem from contradictory goals that governments and administrative bodies must navigate while attempting to meet the diverse needs of their people and institutions. A clearly defined single-purpose protocol simplifies incentive alignment and enhances resilience over time.
Key questions to consider:
- What is the purpose of the protocol? Does it serve multiple purposes?
- What services will the protocol provide to fulfill its purpose?
- How might its purpose evolve over time to remain relevant?
Political Principles
Political principles establish the governance philosophy upon which a protocol is designed. These principles must address power structures, individual privacy, and institutional accountability:
Power Structures:
- How egalitarian should the system be?
- How are rights (voting, policymaking, executive, etc.) distributed?
- What metrics can track power distribution?
- What range of power imbalances is acceptable?
Privacy vs. Accountability
- What is the role of privacy in the system?
- What trade-offs between privacy and accountability are acceptable?
- How do these design choices affect compliance with legal frameworks?
Other Considerations
- What else could be relevant for your community/infrastructure?
Positioning
How is the protocol is positioned in the broader Web3 ecosystem?
- What unique problems does the protocol solve that others do not?
- Who are the protocol’s competitors (Web3 & traditional institutions)?
- How do your protocol services differ from those of competitor protocols?
- What protocols/institutions can integrate with your infrastructure?
- Do you need to a minimum viable economy to jumpstart your ecosystem?
- What partnerships could strengthen the protocol's position?
Functions
Analyzing the protocol’s functional components and their interactions is essential to identifying which stakeholders are responsible for specific tasks and how to incentivize them effectively. For example, in Bitcoin, miners provide transaction verification and block creation. In the stable token system MakerDAO, the core function is to maintain sufficient collateral to support DAI’s stability. As the design thinking process progresses, these functions can be broken into smaller sub-functions to provide deeper insights and ensure completeness. This approach prevents blindly copying functions from other protocols without fully addressing unique system requirements. Key questions to consider:
- What functions are essential to achieving the protocol’s overall purpose?
- What sub-functions are needed, how do they support the main functions?
- Who should execute each function?
- What types of tokens (asset, reputation, voting) will incentivize people/institutions to perform system functions?
- Can incentives be automated, or do they require community curation?
Identify Stakeholders
Web3 networks typically involve various stakeholders (groups with similar needs or preferences) who fulfill different roles in achieving a common goal. Stakeholders can be incentivized with network tokens for their contributions and must pay network fees to consume network services. Identifying and grouping stakeholders helps determine who will participate in the system, their roles, motivations, incentives, and potential influence over time.
- Internal vs. external stakeholders: Internal stakeholders actively participate by providing or consuming services, influencing supply and demand dynamics. External stakeholders exert indirect influence on the protocol’s legitimacy, policies, and relevance.
- Producers vs. consumers of network services: Producers and consumers form the two essential sides of a marketplace. A lack of either threatens network sustainability.
- Human vs. automated stakeholders: Network nodes may be operated by humans or automated agents. Human agents are prone to behavioral biases, while bots typically act based on programming. AI-powered agents introduce unpredictability, requiring safeguards and adherence to AI ethics.
- Private stakeholders vs. institutional stakeholders: Private individuals and institutions interact with the protocol through human or automated representatives. Institutions may experience principal-agent dilemmas, acting based on hidden agendas.
Roles, Function, Rights & Rewards
The next step is modeling and mapping how stakeholders perform functions. Their incentives and obligations shape the protocol's power dynamics over time.
- What role does each stakeholder fulfill?
- Which system functions do they execute?
- What permissions/rights do they have?
- What rewards and obligations are tied to their actions?
Number & Types of Tokens
Bitcoin and similar blockchain networks have a single native network token, whereas many Web3 protocols use multiple token types to coordinate network participants. Examples that have been discussed in this book include: MakerDAO’s stable token system (DAI, MKR). Steemit’s decentralized social media platform (STEEM, SP, SBD). Helium’s telecommunications network (HNT, IOT, MOBILE, DC). Rebalance Earth’s ecological token system (ECO, Credit Tokens, Payment Tokens). Ocean Protocol’s decentralized data-sharing marketplace (OCEAN, veOCEAN, H2O, Datatokens, Data NFTs). Key considerations include:
- How many network tokens are required?
- What is the purpose of each token?
- What are the economic, legal, and technical properties of each token?
- Are token properties aligned with the protocol’s purpose?
The complexity of economic dynamics increases with the number of native tokens. Multi-token networks require careful design to avoid unnecessary complexity and maintain usability.
Economic Design
Bitcoin and other protocol tokens are designed to be transferable, tradable, and non-expiring, much like traditional money. However, these properties are socioeconomic choices, shaped by historical practices and the nature of physical bills and coins. The permanence and transferability of fiat money facilitate wealth accumulation, often reinforcing disparities between those who can lend and accumulate assets and those who cannot. Many Web3 networks have replicated fiat money’s fungibility and transferability without critical reflection, reproducing traditional inequalities and ultimately driving away contributors and users. Web3 tokens are not bound to this model—they can be programmed with constraints that shape economic behavior. Key considerations for economic design include:
Token purpose: Clearly define the purpose of each token.
Token properties: Derived from the purpose, establish the economic and political characteristics of each token.
- Rights & obligations: Tokens can confer one or several rights: property rights, access rights, usage rights, information rights, or voting rights. How these rights are distributed and allocated to which type of network participant, has economic and legal implications. Whether or not several rights are attached to the same token or do different types of tokens, is another question that needs to be decided.
- Minting event: This determines how tokens are brought into circulation. Tokens can be issued (i) upon proof of contributions to the network’s goals (e.g., intrinsic value generation) or (ii) upon payment from external sources (e.g., art NFTs purchased with fiat currency or BTC).
- Expiry dates: Depending on the use case, an expiry date could be interesting to discourage hoarding and wealth concentration, promoting active participation by a sustainable base of network participants.
- Transferability: Restricted transferability can limit liquidity and speculation. Depending on the use case, it could enhance alignment with the token’s purpose.
- Fungibility, pricing, supply & stability: Fungible tokens act as a medium of exchange, requiring well-defined monetary policies, including price stability considerations. Non-fungible tokens involve pricing policy decisions and, depending on the underlying asset or access rights, supply considerations as well.
- Convertibility: Tokens may temporarily or permanently change properties based on stakeholder actions, such as temporarily locking up network tokens to acquire voting rights or usage rights.
These design choices fundamentally influence how Web3 networks function and sustain themselves. Poor design can lead to power imbalances, discouraging participation and undermining inclusivity. Careful planning ensures a balanced, fair, and sustainable token economy.
Legal Design
Once the core token properties have been conceptualized from political and economic perspectives, collaboration with legal experts becomes essential to ensure that the token’s design and distribution comply with relevant regulations. This helps mitigate the risk of sanctions, at least within the key jurisdictions relevant to the protocol. The following high-level questions are fundamental to the legal engineering process and apply to all types of tokens, though some are particularly critical for purpose-driven tokens that govern Web3 protocols:
Organizational structure & applicable jurisdiction: Is the project operated by a centralized, incorporated entity or as an unincorporated Web3 network? Are the founders anonymous or identifiable? Where are the developers and operators based, and which jurisdictions are relevant? How do target markets, language use, and stakeholder residency influence jurisdictional and regulatory considerations?
- Incorporation: Most Web3 protocols require an incorporated entity to interact with other organizations, such as Web2 platforms or financial institutions. Incorporation may be necessary for signing contracts, managing accounts, opening bank accounts, and interacting with service providers. It also establishes legal liability, which is important for regulatory compliance. However, incorporation contradicts the principles of decentralization, so the team needs to decide how to balance the advantages and disadvantages. Key considerations include: (i) Does the project require one or multiple legal entities? (ii) If so, what type of entity is needed, where should it be established, and how will it interact with the protocol? (iii) How should liability be structured? While incorporation provides operational clarity, it also exposes founders to legal risks, whereas remaining unincorporated adds uncertainty for all involved parties.
- Applicable regulatory bodies & token classification: How is the token classified under existing regulations? Does it qualify as a security, a commodity, a utility token, an e-money token, or something else? This classification determines which regulations apply and how the token can be issued, distributed, and traded. The legal classification of tokens is highly jurisdiction-dependent and subject to ongoing regulatory changes. If the token is classified as a security, it must comply with securities laws, including registration requirements, disclosure obligations, and trading restrictions. Failure to comply can result in significant fines and legal penalties. KYC (Know Your Customer) and AML (Anti-Money Laundering) regulations require financial institutions to verify the identity of their customers and monitor transactions for suspicious activity. These regulations can be challenging for decentralized protocols that aim to provide pseudonymous or anonymous services. GDPR (General Data Protection Regulation) and similar data privacy laws impose strict requirements on the collection, storage, and processing of personal data. Web3 protocols that collect or process user data must comply with these regulations, which can be difficult to implement in a decentralized and transparent environment. The issuance, distribution, and trading of tokens can have significant tax implications for both the protocol and its users. Understanding and complying with tax laws in relevant jurisdictions is essential to avoid legal and financial penalties.
- Real-world assets & intellectual property: Will the Web3 network manage off-chain assets or hold intellectual property? How will ownership, licensing, and governance of these assets be structured? Who owns the intellectual property rights to the technology and content used in the protocol? How are these rights licensed or transferred? Clear agreements and documentation are essential to avoid disputes and ensure legal compliance.
- Smart contract vulnerabilities and liability: Smart contracts are immutable, but they can contain bugs or vulnerabilities. Who is liable if a smart contract fails or is exploited? How can vulnerabilities be mitigated or addressed?
- Terms of service and disclaimers: Clear terms of service and disclaimers are essential to define the rights and obligations of users and the protocol operators. These documents help manage expectations and mitigate legal risks.
- Legal budget: Will the network establish a legal fund to handle potential regulatory inquiries, compliance costs, or legal claims?
Addressing these questions early in the design process ensures that legal risks and compliance challenges are proactively managed, supporting the long-term sustainability of the token system.
Technical Design
From a technical perspective, several high-level design considerations are critical when developing a token system:
- Infrastructure: Does the project require a custom-built infrastructure, or will you rely on an existing blockchain infrastructure, and if so, which Web3 stack composition will be adopted?
- Security & durability aspects: A blockchain network must be resilient against corruption, frequent halts, or complete failure. An unreliable network could render issued tokens unusable, making it imperative to prioritize proven and secure infrastructure that ensures network stability.
- Scalability aspects: Does the chosen blockchain infrastructure meet the scalability requirements of the intended application or protocol? If not, potential bottlenecks must be identified early to avoid performance limitations.
- Token standards: Leveraging existing token standards can streamline the technical design process and ensure compatibility with widely used tools, wallets, and exchanges. Choosing well-supported standards reduces development complexity and improves adoption.
- Interoperability: If the token use case requires cross-chain functionality but no suitable interoperability solution exists, selecting the right blockchain network becomes crucial. This decision directly impacts network effects and helps mitigate lock-out risks, ensuring long-term flexibility.
- Privacy aspects: Does the selected blockchain infrastructure provide the necessary privacy features required by legal obligations or community principles? Ensuring appropriate privacy mechanisms is critical for regulatory compliance and user trust.
Token Distribution & Power Structures
The design of token creation and distribution rules plays a critical role in shaping the power structures within a Web3 network. Thoughtful consideration of these aspects helps prevent unintended imbalances that could undermine inclusivity and long-term sustainability.
Policymaking power: Although governance participation is theoretically open to all, only a small subset of participants typically has the time, expertise, or resources to propose protocol improvements. This creates a knowledge gap between those who draft proposals and those who vote on them, leading to principal-agent problems, where decision-makers' interests may not align with the broader community. Key questions to consider include:
- Are all affected participants allowed to propose protocol upgrades?
- How many participants have the necessary expertise and availability to make informed proposals?
Voting Power: Voting rights tied to token holdings creates power imbalances, disproportionately favoring wealthier participants. Wallet-based voting introduces challenges, as creating multiple addresses is relatively easy, and transaction costs may discourage participation. Additionally, many participants lack the knowledge required to understand complex proposals, leading to oversimplified or emotionally driven debates.
- Can all affected participants vote on protocol upgrades?
- Are voting rights equitably distributed, and should they be? How do they impact participants' ability to safeguard their interests?
- Do voters have the knowledge and resources to cast informed votes? How many fully understand the implications of their decisions?
Information power: Information asymmetries present a major challenge in governance. While first-generation blockchain networks provide transparency in fund allocation and decision-making, off-chain communications, private collusion, and informal power structures can undermine public discourse. Effective governance depends on accessible and well-structured information to ensure participants can make educated decisions. Key considerations include:
- Where might natural or artificial information asymmetries emerge?
- How will governance-related information be structured and shared to maximize accessibility and clarity?
Market Power is typically distributed among contributors and users of network services, as well as external actors such as policymakers or exchanges. Economic incentives must be designed carefully to ensure sustained participation—if earning opportunities are concentrated among a few, or if the economic model becomes unattractive, participants may disengage, weakening the network and reducing token value.
- Who can earn network tokens?
- How equitable are earning opportunities over time?
- What are the initial and ongoing distribution policies for tokens?
- How can external actors influence token acceptance or market dynamics?
- Who will have which type of market powers, and how collusion resistant is the protocol in the light of these power structures.
Mediation power: Smart contracts are inherently incomplete and cannot account for every possible contingency. When disputes arise or unforeseen governance challenges occur, the network must have a mechanism to address them effectively and fairly.:
- What types of disputes might emerge?
- What resolution mechanisms are in place?
- How does the governance structure handle unforeseen and urgent issues?
Emergent stakeholder power: As Web3 ecosystems evolve, certain stakeholder groups may gain disproportionate influence, while entirely new groups may emerge, altering power dynamics over time. Governance structures must be adaptable to these shifts to prevent entrenched hierarchies. Important considerations include:
- How will power structures be measured and monitored?
- How will the protocol account for and adapt to evolving stakeholder dynamics?
Team Composition
Creating resilient token systems requires a multidisciplinary team capable of addressing economic, ethical, legal, and technical challenges. Lawyers, economists, social scientists, and engineers must work together at every level of the project. Transitioning from "meme-based development" to an engineering-driven approach is essential for sustainable growth. However, interdisciplinary collaboration can be slow and challenging due to differences in vocabulary and communication styles, potentially leading to impatience with the process, misalignments or team fallouts.
- Are all aspects of the engineering process (economic, ethical, legal, and technical) adequately addressed by team members with relevant expertise?
- Is the founding team balanced in terms of know-how?
- How well-balanced are the community contributors?
Footnotes
[1] http://tokenengineering.wikidot.com/
[2] “A design is a plan or specification for the construction of an object or system or for the implementation of an activity or process, or the result of that plan or specification in the form of a prototype, product or process.” Source: https://en.wikipedia.org/w/index.php?title=Design&oldid=943088539
[3] In an anonymous network, a so-called Sybil attack is an attack where a single user generates multiple entities (under pseudonyms) to influence the consensus process.