Permissioned and permissionless DeFi are two products on one chain. Here is what the institutional tier actually requires: KYC, 506(c), and a per-pool SPV.
Two pools can run on the same protocol and be completely different products. One is open to anyone with a wallet. The other checks your documents before you get near it. The gap between them is the whole story.
Disclosure: AncoraOak Studio is building a compliance-plus-tokenization concept and raises capital from accredited investors, so we read this category as builders with a stake in it, not as neutral observers.
The lazy way to talk about decentralized finance goes like this: on-chain credit is permissionless, anyone can lend, anyone can borrow, code is law, no gatekeepers. It makes for a clean tweet. It also describes maybe half of what actually moves serious money on-chain.
The half that institutions touch looks almost nothing like that. It has a front door. It checks ID. It runs through a legal entity you could sue. The on-chain credit protocols that survived the 2022 stress and kept attracting real capital did so by building a permissioned tier that wears the rails of DeFi and the discipline of private credit. Same chain. Different product.
Here is what that tier is made of.
Start with the fork, because everything else hangs off it.
A permissionless pool lets any wallet deposit or borrow. The smart contract is the only gatekeeper, and it gates on collateral and parameters, not identity. This is the part of DeFi that gets written about. It is genuinely open, and it is hard to fit inside a securities or lending framework, which is why most institutional capital stays out of it.
A permissioned pool inverts the default. Before a wallet can do anything, it has to clear an off-chain check. Identity, accreditation, sometimes jurisdiction. Only then does the wallet get added to an allow-list the contract will respect. The openness of the rails stays. The openness of the door does not.
Most protocols that serve both audiences run these as separate pools with separate rules, not as one pool with a toggle. That separation is deliberate. It keeps the compliance surface of the institutional tier from leaking into the open tier, and it lets each side make promises the other could not.
Permissionless and permissioned aren't two settings on one product. They're two products that happen to share a ledger.
On the permissioned tier, the first requirement is know-your-customer verification mapped to a wallet address. A participant completes identity checks off-chain, through a verification provider, and the cleared wallet gets whitelisted. The contract then enforces the whitelist on every transfer.
This sounds like a small thing. It is the load-bearing wall. The moment you can prove who is on each side of an on-chain transaction, an entire category of regulatory objection becomes answerable. Anti-money-laundering obligations, sanctions screening, investor eligibility: none of them are solvable against anonymous wallets, and all of them become routine once identity is bound to the address.
The privacy trade is real and worth naming. A whitelisted institutional wallet is pseudonymous to the public but fully known to the protocol operator and its verification partner. That is the cost of the institutional tier. Participants on this side are buying compliance, not anonymity, and they know it.
Lending capital into a pool that pays a yield, where that yield depends on a manager's underwriting and the performance of underlying loans, frequently looks like the offer of a security. Not always, and the analysis is fact-specific, but often enough that the conservative institutional structures assume it is and build accordingly.
That usually means routing the offer through a private-placement exemption. In a US context, Rule 506(c) of Regulation D (17 CFR 230.506(c)) is the common fit when the pool is marketed openly, because it permits general solicitation in exchange for verifying that every participant is accredited. The protocol can talk about the pool in public precisely because it gates who can actually fund it.
This is the same trade we have written about for venture DAOs, and it is not a coincidence. The exemption does not care whether the vehicle is a fund, a DAO, or a credit pool. It cares whether you verified the people who put money in. The on-chain wrapper changes the plumbing. It does not change the question.
Here is the part the rails alone cannot provide. A smart contract pool, by itself, is not a borrower, not a lender of record, and not a thing that can hold a security interest in collateral or pursue a defaulting borrower in court.
So the institutional tier wraps individual pools in legal entities. A common pattern puts each pool, or each borrower relationship, inside its own special-purpose vehicle, an SPV, frequently structured to isolate that pool's assets and liabilities from every other pool on the protocol. The SPV is the entity that actually originates or holds the loan, takes the collateral, and stands as the thing a lender has recourse against. The token a depositor holds represents an interest connected to that specific structure, not a claim on the protocol at large.
Per-pool isolation matters because it answers the question that breaks naive on-chain credit: what happens when one borrower blows up. In a single undifferentiated treasury, one default socializes the loss across everyone. In a per-pool SPV design, the damage is supposed to stay contained inside the pool that took the risk. Containment is not glamorous. Containment is what lets the next institution show up.
The permissionless tier is not lawless either, it just relies on different tools. Where an open pool wants to avoid US securities exposure, it often combines geo-fencing, blocking access from US IP addresses and screening out US persons, with reliance on Regulation S, the framework for offers made outside the United States (17 CFR 230.901 through 230.905).
This is a structural choice, not a moral one. Reg S and geo-fencing let an open product exist for a non-US audience without pulling the full weight of US registration. It is imperfect. IP-based blocking is porous, and a determined user can route around it. But combined with token-level restrictions and clear terms, it is the architecture that lets the open tier stay open for the people it is actually meant to serve.
The instinct, when you start designing on-chain credit or any pooled on-chain capital, is to pick a side. Pure permissionless, for the ethos. Pure permissioned, for the institutions. The protocols that lasted mostly refused the binary. They built both tiers, kept them structurally separate, and let each one be honest about what it was.
The institutional tier is not DeFi with extra steps. It is private credit that happens to settle on a ledger, with KYC at the door, a real exemption behind the offer, and a per-pool SPV underneath the risk. Strip any one of those out and you are back to a structure that works right up until the moment it is tested.
We think the interesting design space is not choosing between the two tiers. It is building the compliance layer that makes the institutional tier feel as frictionless as the open one. That is the problem worth solving.
The rails are the easy part. The whitelist, the exemption, and the SPV are where the work lives. If you want the deeper version of how a compliance layer sits over tokenized structures, read how on-chain KYC and accreditation actually get enforced at the wallet.
Read next: The legal anatomy of a venture DAO built to survive scrutiny
Nothing here is an offer to sell a security or investment advice; participation is limited to verified accredited investors via definitive documents. It is general information about legal and structural concepts and may be wrong or out of date for your situation. Talk to your own counsel.
Field notes on venture building, AI, and capital. No spam, unsubscribe anytime.
By subscribing you agree to receive AOS Insights e-mails. We use your address only for this newsletter - see our Privacy Policy.