Back to All Posts
The First Bank to Put Dollars on a Public Blockchain Just Published a List of Everything That Still Worries It

The First Bank to Put Dollars on a Public Blockchain Just Published a List of Everything That Still Worries It

There's a particular kind of credibility that comes from writing about problems you're actually living with. In June 2025, Kinexys, J.P. Morgan's blockchain unit, began piloting its JPMD deposit token on Base, and by November it was in production, making J.P. Morgan the first bank to issue a US dollar deposit token on a public blockchain. Now that same unit, together with the MIT Digital Currency Initiative, has published a report cataloguing what still doesn't work when regulated institutions use public chains.

The result is one of the most practically useful documents to come out of the institutional blockchain conversation, precisely because it isn't a case for or against public blockchains. It's a map of four unresolved problems, an analysis of why banks can't fix them alone, and a set of specific requests to protocol developers and regulators. We've focused on the report's core framework and its institutional angle rather than its full technical treatment.

Why Now: The Problems Arrive With Adoption

For years, the risks in this report were hypothetical because banks weren't really on public chains. That changed fast. J.P. Morgan's own deposit token went from pilot to production on Base within five months, with B2C2, Coinbase, and Mastercard completing test transactions, and expansion plans that include a euro-denominated token. Across the industry, the pattern the IMF recently described as hybrid adoption, public infrastructure wrapped in institutional controls, has become the default path, one we mapped in our analysis of the IMF's tokenization framework.

The report's opening insight explains why this creates a new category of problem. In traditional finance, an institution controls its full technology stack, either by owning it or through contracts that make vendors accountable. On a public blockchain, the institution is just a user. It can't dictate how the network evolves, can't demand service-level agreements from validators, and can't fully control who processes its transactions. The authors' framing is blunt: institutions are limited to managing risks and impacts, not fixing root causes.

What makes the report interesting is which problems it elevates. Not the famous ones, but four that "appear straightforward, yet remain unresolved."

The Four Problems That Sound Small and Aren't

Front-running, with a compliance twist. Front-running is usually discussed as a trading problem: block builders see pending transactions and insert their own ahead of them. The report adds a version most coverage misses. Suppose a token issuer tries to add an address to a denylist or freeze tokens as part of a sanctions action. The target can watch the public mempool, see the enforcement transaction coming, and move their funds first, potentially with a higher fee that guarantees they jump the queue. On a transparent network, enforcement actions announce themselves before they execute.

Censorship by economics. Block proposers order transactions by profitability, not urgency. In normal times that's an inconvenience. In a crisis it's dangerous: during a run on a token, redemption transactions flood the network and bid up fees, and the issuer's own "pause" transaction, the on-chain equivalent of a circuit breaker, may be exactly the transaction that can't get included in time. Public blockchains generally have no concept of an administrative transaction that deserves priority.

Unsolicited tokens. Anyone can send tokens to any address, including addresses controlled by banks, and including tokens from sanctioned entities deliberately "dusting" accounts to muddy analytics. Institutions, drawing on the analogy of receiving funds into a bank account, respond with costly due diligence and return processes. The report's better analogy: most of this is junk mail, but current rules force banks to treat every flyer like a suspicious wire transfer.

Gas fees paid to sanctioned entities. On permissionless networks, anyone can be a validator, so a bank's transaction fee could end up with a sanctioned entity. The amounts are tiny and the probability low, but sanctions are strict liability: intent doesn't matter. That single legal fact turns a rounding error into a compliance question that can stall an entire program.

The Framework: Symptoms vs Root Causes

The report's most useful contribution is a layered model of where fixes can live: application, smart contract, token standard, blockchain network, network governance, and regulation. The uncomfortable pattern it reveals is that the layers institutions actually control are the ones where only symptom management is possible.

At the layers banks can reach today, the mitigations are real but partial. Private transaction pools keep transactions out of the public mempool, and this is already mainstream: 30 to 40 percent of Ethereum transactions arrive through private order flow, and in January 2026 a single builder produced 45 percent of blocks in the dominant proposer-builder system. Institutions can run their own validators, though a minimum Ethereum stake proposes a block only about once every five months. Contracts can be designed fail-secure, pausing automatically if the institution loses the ability to reach them, rather than relying on a pause transaction winning a fee auction.

The durable fixes live lower in the stack, where institutions have no direct control: encrypted mempools that hide transactions until they're committed, inclusion-list mechanisms that guarantee timely processing, protocol-level receive controls that would let an address refuse unwanted tokens, and validator onboarding rules. Each is technically plausible. Each also runs into the tension the report is honest about: most of these features have centralizing effects, and the decentralization they would erode is the very property that makes public blockchains credible as neutral infrastructure.

What This Implies for Different Stakeholders

  • For banks and financial institutions, the near-term playbook is the symptom-management layer: private order flow relationships, fail-secure contract design, receive controls where token standards allow them, and operational monitoring for unsolicited assets. The report is candid that this reduces exposure rather than eliminating it.
  • For protocol developers, the report is effectively a requirements document from the institutional side. Some ecosystem participants were reportedly surprised these issues mattered at all, which is exactly the communication gap the paper is trying to close. Proposals like fork-choice enforced inclusion lists map directly onto institutional needs.
  • For regulators, the report makes three specific requests: clarify whether front-running financial transactions on-chain constitutes market manipulation, define proportionate obligations for unsolicited tokens so banks can stop treating junk mail as suspicious wires, and create safe harbor provisions for institutions that took reasonable steps but still brushed against a sanctioned validator. The report also stresses that fragmented national approaches create spillovers on shared global networks, and the pace of that fragmentation is visible across the jurisdictions we follow in our Stablecoin Regulation Tracker.
  • For the L2 ecosystem, the report offers a pragmatic observation: Layer-2 networks with identifiable operators can offer institutions something public L1s can't, a counterparty to sign agreements with. That's one step removed from full decentralization, but it may be the realistic entry point.

The report also flags quantum resilience as a looming coordination problem of its own: post-quantum signatures are far larger and slower than today's, and upgrading a decentralized network is much harder than patching a centralized one, a migration challenge we examined in our post on quantum computing and crypto.

The Bottom Line

Read narrowly, this is a technical report about four edge cases. Read properly, it's about a structural mismatch. The properties that make public blockchains valuable (permissionless participation, transparent state, credible neutrality) are, one for one, the properties that generate these institutional headaches. Transparency enables front-running. Permissionlessness creates the sanctioned-validator problem. Neutrality means no transaction, not even a circuit breaker, gets priority.

The report's answer isn't to pick a side. It's that the mismatch gets resolved layer by layer, with institutions handling symptoms, protocol designers weighing which institutional features are worth their centralizing costs, and regulators supplying the legal certainty that no amount of engineering can. None of those groups can do it alone, which is the paper's real thesis.

And there's a quiet signal in who wrote it. The institution that moved first onto public rails isn't retreating; it's publishing its problem list and asking the ecosystem to help solve it. That's usually what commitment looks like.


Source: Kinexys by J.P. Morgan and MIT Digital Currency Initiative, "Public Blockchains and Regulated Financial Institutions: Key Challenges, Layered Solutions, and a Path Forward," 2026. JPMD launch details are drawn from J.P. Morgan announcements and public reporting. We focused on the report's core framework and institutional implications rather than its full technical treatment.

This article is for informational purposes only and does not constitute financial, investment, or legal advice.