There are many people out there, many of whom are lawyers (I am not) who have publicly discussed the merits of the cases. I will not do so. What I am here to do is paint a picture of a possible future based on a few facts, which have been known for a long time but are more obvious now, and a bit of educated guesswork.
What We Know
1. The SEC moves extremely slowly.
Time seems to move faster in nascent industries, and crypto is still aging in dog years. For almost anyone in this industry, 2018 seems like a lifetime ago. The SEC has been building these cases for multiple years - probably at least since 2021, when Gary Gensler took over as head of the SEC. In crypto, two years feels like a very long time. For the SEC, two years is a normal time horizon over which to bring charges in a complex case.
2. The SEC thinks almost everything in crypto is a security (and let's be honest: they're probably right).
In the Coinbase case, the SEC provided its rationale on why it believes 13 different tokens are securities. It specifically called out SOL, ADA, MATIC, FIL, SAND, AXS, CHZ, FLOW, ICP, NEAR, VGX, DASH, and NEXO, and made a note to say that those are not the only tokens it believes are securities which are offered by Coinbase. Note the amount of L1s and L2s in there, which most observers in crypto would likely have thought are on the safer side with regards to securities treatment.
Crypto enthusiasts, as a group, are unusually likely to be familiar with the Howey test. Somewhat hilariously, if you Google "Howey test" the top result Google spoon-feeds you is a definition from Cointelegraph.
The Howey test, from the case SEC v. W.J. Howey Co. which was decided before the US Supreme Court in 1946, states that something is a security if:
there is a financial investment
in a shared enterprise (i.e. investments are pooled and investors profit proportionally)
there is an expectation of profit
the profit comes from the efforts of others
This is going to be an unpopular opinion, but I'm going to go out on a limb and say that most tokens, if not the vast majority of them, would fail the Howey test. While there are absolutely non-financial, utility-driven use cases for many crypto tokens, most people who are buying and selling cryptocurrencies are doing so because of an expectation of profit from the efforts of others (generally, the project developing the token or an affiliated platform). Projects aren't solely avoiding the US because the SEC is extremely hostile, they are also avoiding the US because the SEC has a good case if it chooses to make it!
“we are operating as a fking unlicensed securities exchange in the USA bro.” - Binance Chief Compliance Officer, as quoted in the SEC complaint
3. The SEC's reach extends to everyone who has ever served US residents.
The SEC has made plain in its complaints against Binance that it is very willing to go after any platform which serves US users. This is a rehash of the CFTC's complaint that Binance intentionally onboarded high-value US clients in violation of registration requirements.
In this context, it is also notable that Jared Grey, the "Head Chef" of Sushiswap was subpoenaed by the SEC.
What This Could Mean for the Future of Crypto
In a worst-case scenario, a US court will decide that cryptoassets are, generally speaking, securities, and the SEC has jurisdiction over any platform allowing US users to access it. While a different department, prior guidance from the US Treasury's Office of Foreign Assets Control (OFAC), which enforces sanctions, has already established that restricting access through geo-IP is insufficient, as it is readily bypassed by VPNs. Presumably the SEC would share the same view and whether any effort to exclude US citizens is sufficient would be adjudicated in a US court. It is not difficult to believe that the standard the courts will uphold for determining whether someone is in the US or not is a fully-fledged KYC process, as this is a normal standard for knowing one's counterparties in the realm of traditional finance.
If KYC does end up being the standard which determines if a platform is protected from "unknowingly" serving US customers, then the very crypto-antagonistic SEC could methodically go about taking down as many exchanges, both centralized and decentralized, as it has the throughput to. Many centralized exchanges have (or had) a tier which does not require KYC, and almost no decentralized exchanges have ever required KYC. The SEC's enforcement would likely extend to many other DeFi platforms, such as those offering lending, derivatives, aggregation, etc., which haven't excluded US users through a KYC process. The reach of the SEC could prove to be extremely long, and in such a scenario there would be relatively few platforms which would be safe from it.
A Problem of the Industry's Own Making
The problem many industry participants find themselves in is one where they have created unrealistic expectations which they are now obligated by their customers to meet. No DeFi project could implement KYC without a massive hit to their likelihood of ultimate success. By not doing so, however, they are potentially putting themselves under US jurisdiction by serving US persons while offering services which would generally require licensure, and also violating a number of sanctions regimes. This industry will continue to put large swaths of itself at risk until these realities are reconciled and we do more to safeguard against the possibility of future enforcement actions by regulatory agencies. The permissionless ethos of DeFi may not be fully compatible with existing regulation, but betting against the regulators entails a very substantial risk!
... but Crypto Will Survive
Any sense of a fragile peace which existed the past few years between US regulators and crypto / DeFi was an illusion. It may have felt like this begrudging tolerance could go on forever since each year feels like a decade in crypto, but this is simply the timeline over which many regulators act.
While the SEC may inflict a lot of pain on the industry, and though it may prove to have a long reach, its impact will be limited and will not be fatal. Many global governments are enacting policies which are friendlier to crypto, and there are many projects which have taken thorough and prudent care to ensure they have avoided the United States entirely. Deepwaters is one such project, and it is why we have required KYC from all users from day one.
As a member of this industry, we do not want this to be the moment the sleeping giant has awoken. I sincerely hope I am wrong in my worst-case assessment. If nothing else, Chairman Gensler's term will be limited, and it is possible that he only serves a single 5-year term, or even steps down before his term is up - an outcome which would be more likely if there is a different US president come 2025. He may not have enough time to inflict as much damage to the industry as he would like. Many companies may be able to survive it, paying a hefty fine, adapting, and moving forward. But there is a distinct possibility that the industry looks very different when the dust settles. We're building for success in either future.