I was sitting across from an investor in a coffee shop in Singapore last year, three months into the rebrand, when she stopped me mid-sentence and asked whether the architecture I was describing was just Lido for tokenized real-world assets. I'd been reaching for a way to compress the framing for ten minutes and she had said it in a single phrase. I borrowed it on the spot. We have used it in pitch decks and explainer pages ever since.
Then I started getting nervous about it. Because every time someone borrows a clean analogy, the analogy starts doing more work than it can support. The Lido parallel is useful for the part of the story that lines up. It is misleading for the parts that don't, and the parts that don't are where most of the actual product decisions live. So I want to lay it out in writing, because I'd rather have the analogy be precise than have it be borrowed-and-broken.
What we copied
The thing Lido did, that almost no other protocol in the space did at the same scale, was decouple the permissioned operator layer from the permissionless user layer. A user staking ETH through Lido does not KYC. They do not register. They connect a wallet and deposit. The operator side, where validators run real infrastructure under regulatory and operational scrutiny, is permissioned. The user side is not. The two layers are bridged by a token that anyone can hold.
That separation is the thing we borrowed. In our world, the equivalent is that a user buying a tokenized stock or a tokenized credit position on GM Markets does not gate at the platform level. They connect a wallet and transact. The complexity, where regulated brokers hold underlying shares and bankruptcy-remote issuers maintain custody and collateral agents enforce claims, lives at the layer below the user. The user does not have to participate in any of that to transact.
The reason we did this is the same reason Lido did it. Once you put a user-layer gate between the user and the asset, you lose the property that makes the asset interesting. You lose composability with the rest of DeFi. You lose the global, time-zone-independent, jurisdiction-independent reachability that wallet-native assets are supposed to deliver. You become a closed pool with a slicker interface, which the world already has plenty of.
What we didn't copy
The Lido analogy stops being useful past the user-permissionless framing, because the rest of the architecture is fundamentally different, and pretending otherwise has bitten us a few times.
Lido's underlying is one asset, ETH. Our underlying is many assets. Tokenized stocks. Tokenized commodities. Tokenized credit. Each underlying has its own custody chain, its own settlement cycle, its own regulatory shape, its own operational requirements. Lido validators run identical infrastructure across all of them. Our underlying brokers, issuers, and collateral agents are different by asset class. The architecture has to support heterogeneity in a way that Lido never had to.
Lido's economic model is built on validator yield from the protocol itself. Staking ETH produces ETH. The yield is denominated in the underlying. Our yield, where it exists, is denominated in dollars and depends on the strategy that the underlying capital is deployed into. We have to support a fee structure that splits between manager and protocol. Lido does not have a manager-and-protocol split because the validators are the underlying. We do. That changes the user-facing economics.
Lido's slashing risk is a property of the validator. If the validator misbehaves, a portion of the stake is slashed. The risk surface is bounded by validator behavior. Our risk surface is much wider. It includes the broker, the issuer, the collateral agent, the strategy manager, the underlying market, and the on-chain wrapper. Each layer has its own failure mode. The whole architecture is a risk-budget composition that Lido never had to contend with, because Lido has one risk source.
I get worried when investors take the Lido parallel too seriously and assume the risk profile is comparable. It is not. The user-permissionless surface is the same. The risk underneath it is fundamentally more heterogeneous, and we have to be honest about that.
The third thing we copied, which is harder to see
There's a piece of the Lido architecture that is less visible from the outside but, I think, is the deeper lesson. Lido did not try to verticalize. They did not run their own validators. They did not custody the underlying ETH directly. They built a coordination layer that aggregated user deposits and routed them to a permissioned set of independent operators, each running their own infrastructure.
We did the same thing for vault strategies. We do not run the strategies. We do not pick the trades. The vault wrapper is a coordination layer. The actual strategies are run by independent managers, each of whom maintains their own infrastructure, makes their own picks, and competes with the others on yield and risk-adjusted return. The platform is the rails, not the strategy.
The reason this matters is that it is the only architecture that scales. If we ran every strategy ourselves, the platform's growth would be capped by our own ability to source, run, and manage strategies. By being a coordination layer, we let third-party managers compete to bring strategies to the platform, and the user gets a wider menu than any single manager could produce. Lido has more validator operators than they would have if they ran them themselves. We have more strategy managers for the same reason.
This is the part of the Lido analogy that survives most cleanly. Coordinate, don't operate.
What stops working past a certain point
There are two places I think the analogy actively breaks, and I want to flag them rather than let them sneak into the framing unchallenged.
The first is regulatory shape. Lido has historically operated in a relatively narrow regulatory band, with most of the operational surface above the user being audit-able by anyone with time and access to an Ethereum node. Our operational surface includes regulated brokers, regulated trust companies, regulated issuers, and a layer of compliance that is genuinely non-trivial. The transparency story is different. The user-facing surface looks similar. The compliance burden is not.
The second is asset class scope. Lido extended into other proof-of-stake assets, but the core remains ETH and the model is replicable across staking. Our model has to hold up across asset classes that do not share a common settlement model. Equities settle at T+1. Commodities have their own cycles. Credit has none of the above. The platform has to abstract over those differences without papering them over.
I am not sure either of these breaks the analogy fatally. They might. They might just be the places where the analogy is shorthand for something more complex. The honest answer is that the framing helps for the first thirty seconds of explaining the platform and starts to leak after that. We are still going to use it, because the alternative is a longer first sentence, and the first sentence is the one people remember.
Where this lands
Lido-for-RWA is good shorthand for the user-permissionless property and the coordination-not-operation architecture. It is misleading shorthand for the risk surface, the asset heterogeneity, and the regulatory burden. I think the honest thing is to use the analogy as the front door and then walk people past it as soon as they are inside.
I might be too cautious about the framing. It has worked well in conversations. It compresses a lot of architecture into one phrase. Probably the right move is to keep using it and to be clear about what it captures and what it doesn't, which is what I'm trying to do here. If you've used a similar parallel for something you're building and found a better one, I'd actually like to know what it is. The shape of analogies in this space is still moving.
