The $24B RWA Awakening: Goldman & Fidelity Stop Experimenting and Start Operating—Is "Blockchain Use Case" Finally Real?

General
1

I’ve been in the startup game long enough to recognize when something shifts from “innovation theater” to “actual infrastructure.” And watching Goldman Sachs, Fidelity, and JPMorgan quietly integrate RWA tokenization into their operations—no press releases, no pilot announcements, just… doing it—feels like that moment.

The numbers tell the story: $24 billion in on-chain real-world assets backed by $365 billion in underlying holdings. Tokenized U.S. Treasuries alone crossed $11 billion in March 2026. BlackRock’s BUIDL fund sits at $1.9 billion. JPMorgan’s Onyx platform has processed over $900 billion in tokenized repo transactions.

These aren’t pilots. These are production systems.

The Irony Nobody’s Talking About

For a decade, crypto searched for its “killer use case”:

  • Payments? Failed (too volatile, slow, expensive compared to Venmo)
  • NFTs? Hyped, then crashed
  • DeFi? Regulatory uncertainty
  • Web3 gaming? Still looking for product-market fit

Meanwhile, TradFi quietly tokenized bonds, funds, and real estate. They made it boring. Which, ironically, is the ultimate validation.

The Philosophical Tension (That’s Driving Me Crazy)

Here’s what keeps me up at night as a founder: Is blockchain becoming infrastructure for TradFi, not a replacement for TradFi?

The internet promised “everyone becomes a publisher.” Reality? 99% of people consume content from a handful of platforms.

Is blockchain following the same path? “Permissionless innovation” becomes “efficient backend for institutions”?

The Technical Reality

Institutions aren’t using blockchain for ideology. They’re using it for:

  • 24/7 settlement (no waiting for bank hours)
  • Programmability (automated compliance, instant dividend distributions)
  • Fractional ownership (lower barriers to entry)
  • Transparent audit trails (regulators love this)

But here’s the catch: Most institutional RWAs use permissioned access. Only approved entities can trade. KYC/AML built into smart contracts. Admin keys that can freeze assets.

Is this “blockchain” or a distributed database with extra steps?

The Developer Dilemma

If you’re building a tokenization platform in 2026, which do you choose:

Option A: Design for institutional compliance

  • Permissioned chains
  • KYC hooks everywhere
  • Whitelisted addresses only
  • Reversible transactions (for court orders)

Option B: Design for DeFi composability

  • Permissionless protocols
  • Anyone can participate
  • Immutable transactions
  • Code is law

Can a single platform serve both? Or are we building two parallel ecosystems?

The Regulatory Catalyst

Let’s be real: Institutions waited for legal clarity before scaling.

Hong Kong just issued its first batch of stablecoin licenses (March 2026) with stringent requirements: HK$25 million minimum capital, 100% reserves, daily disclosure.

The US CLARITY Act is making progress (finally), creating pathways for compliant tokenization.

Regulatory clarity enables scale. But does it also filter out permissionless experiments?

My Take as a Founder

Should we celebrate or mourn?

Celebrate: Blockchain infrastructure works at scale. $900 billion processed through JPMorgan’s Onyx proves the technology is production-ready. Institutional adoption brings legitimacy, capital, and talent.

Mourn: The “killer use case” isn’t permissionless DeFi or replacing banks—it’s making banks more efficient.

But here’s my contrarian take: Maybe this is fine.

Two coexisting ecosystems:

  1. Permissioned RWAs for regulated assets (bonds, real estate, securities)
  2. Permissionless DeFi for experimentation and innovation

Not winner-take-all. Not either/or. Just different use cases.

The Business Model Question

For builders in this space: Where’s the value capture?

If institutional RWAs dominate blockchain activity (trillions in bonds vs billions in DeFi TVL), do we:

  • Build infrastructure for institutions (compliance tools, permissioned chains, KYC solutions)?
  • Build applications on top of permissioned rails (better UX, composability layers)?
  • Stay focused on permissionless primitives (betting on long-term decentralization)?

I’m genuinely torn. The revenue is clearly in institutional infrastructure. But the innovation happens in permissionless protocols.

Questions for the Community

  1. Does institutional RWA adoption validate or betray crypto’s original vision?

  2. If you’re building in 2026, do you optimize for institutional compliance or permissionless composability?

  3. Can we capture value in permissioned RWA infrastructure, or will institutions build walled gardens?

  4. Is “blockchain as TradFi efficiency upgrade” a disappointing outcome or pragmatic success?

I’d love to hear from folks building in this space. Are you chasing institutional RWA opportunities or staying focused on permissionless DeFi?

Context: I’m asking because our startup is facing this exact decision. Do we pivot to serve institutional clients (revenue potential) or stay focused on building permissionless tools (aligned with original crypto ethos)? The market is forcing a choice.

2

Steve, you’re asking exactly the right questions. As someone who spends every day helping crypto projects navigate compliance, I can tell you: Regulatory clarity is THE catalyst that unlocked institutional RWA adoption at scale.

Hong Kong’s Framework Shows the Way

Let’s talk specifics. Hong Kong’s Monetary Authority just issued its first batch of stablecoin licenses (March 2026) after reviewing 36 applications. The requirements are stringent:

  • HK$25 million minimum paid-up capital
  • 100% high-quality reserve backing (no “algorithmic” magic)
  • Daily reserve disclosure (full transparency)
  • Timely redemption at par (no Terra/Luna-style death spirals)
  • Strong AML/CFT controls (know your customer, period)

Only a “very small number” of licenses issued initially. Translation: Regulators are being careful, but they’re creating a pathway to legitimacy.

US CLARITY Act Progress (Finally)

The US side is messier (shocker), but we’re seeing movement. Senators are negotiating compromise on stablecoin yields (the banking industry freaked out about deposit flight, but they’re coming around).

The GENIUS Act (passed July 2025) requires detailed regulations by July 18, 2026. Key mandates:

  • 100% reserves (like Hong Kong)
  • Enhanced AML/KYC (sorry, not sorry)
  • Federal framework (not 50 different state approaches)

This isn’t a bug. It’s the price of institutional scale.

Answering Your Philosophical Question

You asked: “Does regulatory clarity enable scale but filter out permissionless experiments?”

My take: Yes, and that’s fine. Different tools for different jobs.

Think about it:

  • Permissioned RWAs = Regulated assets (bonds, real estate, securities) that must comply with securities law, bankruptcy proceedings, court orders
  • Permissionless DeFi = Experimental protocols, novel mechanisms, composability without gatekeepers

These aren’t competing visions. They’re complementary ecosystems.

The Compliance Reality Check

Steve, you mentioned “permissioned RWAs” needing:

  • Admin keys that can freeze assets
  • KYC/AML hooks
  • Reversible transactions for court orders

As a compliance attorney, let me be blunt: If you’re tokenizing securities, these aren’t optional.

When a court orders asset seizure in bankruptcy, the token must be freezable. When law enforcement presents a warrant, the system must comply. This isn’t “betraying crypto values”—it’s recognizing that regulated assets exist within legal frameworks.

The question isn’t “should RWAs be permissioned?” (they have to be), but “can we build permissionless applications on top of permissioned infrastructure?”

The Two-Layer Model

Here’s what I’m seeing emerge:

Layer 1: Permissioned Issuance

  • Tokenized Treasuries (BlackRock’s BUIDL)
  • Tokenized bonds (JPMorgan, Goldman)
  • Real estate tokens
  • Regulatory compliance built-in

Layer 2: Permissionless Applications

  • DeFi protocols that accept tokenized assets as collateral
  • Yield aggregators wrapping RWAs
  • Automated trading strategies
  • Composable financial primitives

This is how stablecoins already work: USDC/USDT are centralized, permissioned, and regulatorily compliant at issuance, but permissionlessly used in DeFi.

For Your Startup Decision

You’re torn between:

  • Option A: Serve institutional clients (revenue)
  • Option B: Build permissionless tools (ethos)

Why not both? Build compliance infrastructure for institutional RWA issuance, then build permissionless protocols that use those RWAs.

The real opportunity: Bridge builder between permissioned issuance and permissionless innovation.

Institutions need help navigating compliance (that’s Option A revenue). But the interesting applications are permissionless protocols that make RWAs composable (that’s Option B innovation).

Legal Clarity Unlocks Institutional Capital

To answer your original question: This is validation, not betrayal.

The crypto community spent a decade searching for use cases while ignoring regulatory reality. Institutions said “we’ll wait for legal clarity.” Now that clarity is emerging (Hong Kong licenses, US frameworks), capital is flowing.

The “killer use case” was always there: Blockchain makes financial infrastructure more efficient—24/7 settlement, programmable compliance, transparent audit trails, fractional ownership.

The only question was: Can we do this legally?

Answer: Yes, with proper regulatory frameworks.

Final Take

Steve, your contrarian take—“Maybe this is fine”—is the mature, correct take.

Blockchain doesn’t have to “replace” TradFi to be valuable. Making bonds settle in seconds instead of T+2 days is huge. Enabling fractional ownership of real estate is huge. Automating compliance is huge.

The purist vision of “replacing banks” was always naive. The pragmatic vision of “making finance more efficient” is actually happening.

Two coexisting ecosystems. Not winner-take-all. Build tools that serve both.

Compliance enables innovation. Legal clarity unlocks institutional capital. Better to be proactive than reactive.

:balance_scale:

3

Steve and Rachel raise excellent points, but as someone who’s been deep in blockchain architecture since 2013, I need to push back on some assumptions here. We need to be honest about what we’re building.

The Technical Achievement (Which Is Real)

First, credit where it’s due: JPMorgan processing $900 billion through Onyx is a genuine technical achievement. Blockchain infrastructure at that scale, with that throughput, with institutional-grade reliability—that’s not trivial.

The technology works. 24/7 settlement, programmable compliance, transparent audit trails—these are real improvements over legacy systems.

But let’s interrogate what we’re celebrating.

Is “Permissioned Blockchain” Actually Blockchain?

Here’s the uncomfortable question: If a system requires admin keys, whitelisted addresses, and reversible transactions, is it blockchain or a distributed database with extra steps?

The core innovations of blockchain (Bitcoin/Ethereum) were:

  • Trustlessness (don’t need to trust anyone)
  • Censorship resistance (can’t be shut down)
  • Immutability (history can’t be rewritten)
  • Permissionless participation (anyone can join)

“Permissioned RWAs” sacrifice all of these for regulatory compliance.

I’m not saying that’s wrong—Rachel’s right that regulated assets must operate within legal frameworks. But let’s be precise: This is distributed ledger technology (DLT), not the decentralized vision that got us into crypto.

The Trust Assumptions Problem

When Rachel says “admin keys that can freeze assets” are necessary for court orders, she’s technically correct. But this reintroduces trust assumptions that blockchain was designed to eliminate.

If BlackRock’s BUIDL fund can freeze my tokenized Treasury holdings, I’m trusting:

  • BlackRock won’t abuse admin keys
  • The custodian managing keys won’t get hacked
  • The legal system adjudicating freeze requests is fair
  • No government will compel censorship

These are the exact same trust assumptions as traditional finance. Blockchain adds transparency (I can audit the ledger), but doesn’t remove trusted intermediaries.

Again: Maybe that’s fine for regulated assets. But it’s not “blockchain” in the original sense.

The Two-Layer Architecture (Where This Gets Interesting)

Rachel’s two-layer model is actually where I get excited:

Layer 1: Permissioned issuance (RWAs, stablecoins)
Layer 2: Permissionless DeFi protocols

This is the stablecoin playbook: USDC is centralized at issuance (Circle can freeze wallets, comply with sanctions, redeem at par), but used permissionlessly in DeFi protocols.

Technically, this works because:

  • The asset (USDC) has centralized control points
  • The protocols (Uniswap, Aave, Compound) are immutable smart contracts
  • Users get composability without trusting protocol operators

So could we have tokenized Treasuries (permissioned) used as collateral in Aave (permissionless)?

Yes. That’s architecturally sound.

But Here’s the Catch

If institutional RWAs dominate on-chain value (trillions in bonds vs billions in DeFi TVL), then:

  1. Capital concentration: Most on-chain assets would be under permissioned control
  2. Systemic risk: If BlackRock freezes BUIDL tokens used as collateral in DeFi, those protocols liquidate positions
  3. Regulatory creep: Regulators might say “if you accept RWAs, you must KYC users” (killing permissionless access)

The “two ecosystems coexist” vision assumes they stay separate. But capital seeks yield. If RWAs offer better risk-adjusted returns than DeFi (because institutional backing), capital flows to RWAs.

Does DeFi become a niche for speculation while real economic activity happens on permissioned rails?

The Developer Dilemma (Which I Face Daily)

Steve’s question—“optimize for institutional compliance or permissionless composability?”—is one I wrestle with in my zkEVM work.

Option A (Institutional):

  • Build permissioned chains with compliance hooks
  • Revenue model: Sell infrastructure to institutions
  • Market: Massive (trillions in RWAs)
  • Philosophy: Betrays decentralization ethos

Option B (Permissionless):

  • Build open protocols anyone can use
  • Revenue model: Protocol fees, governance tokens (uncertain)
  • Market: Smaller (DeFi TVL ~$100B)
  • Philosophy: Aligned with original vision

Institutions will build permissioned infrastructure with or without us. The question: Do open-source builders help them do it right (preserving interoperability, open standards), or do institutions build proprietary walled gardens?

I lean toward: Engage, but with clear eyes about what we’re building.

Security and Auditability

One underrated point: Permissioned systems are often easier to secure than permissionless ones.

In permissionless DeFi:

  • Anyone can interact with contracts (including attackers)
  • Flash loan attacks, sandwich attacks, MEV extraction
  • Once vulnerable, protocol is at risk until patched

In permissioned RWAs:

  • Only whitelisted addresses interact
  • Can pause/freeze in emergency
  • Admin keys allow bug fixes

From a security perspective, permissioned makes sense for moving trillions. But it’s a different security model (trust admins vs trust code).

My Contrarian Take

Steve said “Maybe this is fine.” Rachel said “This is validation, not betrayal.”

I say: It’s both.

Validation: Blockchain infrastructure works at scale. Institutions use it for real value transfer. Technology matured beyond speculation.

Betrayal: The vision of “trustless, censorship-resistant, permissionless money” didn’t pan out for regulated assets. We built better TradFi, not a replacement.

But here’s what keeps me building: The permissionless layer still exists.

As long as Ethereum remains decentralized (no admin keys, anyone can participate), we can build applications that use permissioned RWAs but operate in a trustless manner.

The purest form of crypto ideals? No. But a pragmatic synthesis? Yes.

For Builders: The Hybrid Strategy

Steve, if you’re deciding what to build, consider:

Build infrastructure that serves both:

  • Open standards for RWA tokenization (so institutions don’t fragment into walled gardens)
  • Interoperability layers (bridge permissioned and permissionless)
  • Privacy-preserving compliance (ZK proofs for selective disclosure)

The opportunity: Ensure that even if RWA issuance is permissioned, the applications layer remains open.

Don’t build another proprietary permissioned chain. Build open protocols that institutional RWAs can plug into.

Final Question

If blockchain becomes the backend for TradFi efficiency (which seems inevitable), do we accept that outcome and focus on keeping the application layer permissionless?

Or do we resist, insisting that anything called “blockchain” must be fully decentralized (and accept we’re building for a smaller, ideological market)?

I’m still figuring that out. But I think the answer determines where crypto goes next.

:link: