There are 3 things that are required before Security Token hit the hockey stick curve up and start to get mass adoption.
These 3 things are needed on the underlying blockchain at the same time. We can look at existing projects and blockchains and see that some of them have some of these features, but not all. For example, Ethereum has programmability but not Scalability or privacy (yet). Stellar has scalability but not programmability or privacy. Liquid has privacy and scalability but not programmability (debatable statement for some). No one has hit the trifecta yet.
This feature is probably the easiest to understand why it is needed. For a global market to emerge with high liquidity, the assets need to be able to transferred very fast and very cheap. If it takes 10 minutes for a trade to settle or costs $50 to move an asset, it can't compete with the existing market.
Currently, there are a couple of blockchains and projects that have pretty good scalability. For example, you can send assets on Stellar in a few seconds.
Another network that has high throughput is Blockstream Liquid. This is a sidechain on Bitcoin that has a consortium of "validators" that run the network as trusted nodes which allow it to scale up and get finality in seconds.
There are many proposed solutions coming down the pipeline as well. ETH2 will have sharding to increase throughput. Both Bitcoin and ETH have 2nd layer networks being developed like Lightning (though there is no support for 3rd party assets being promoted on Lightning yet). Other native blockchains with higher throughput are being touted as well, but many trade speed for decentralized security.
Again, the main point of scalability is to allow many participants to interact and trade these assets.
Programmability is a contentious feature to discuss. For example, if I say Bitcoin doesn't have programmability, then many people will probably disagree, because Bitcoin does have a scripting language built in. Instead programmability is really related to allowing developers to build and test new ideas and infrastructure over top of the assets. It may not need to be Turing complete, but ideally it would be to allow any complexity required.
The main chains active and running with programmability right now is Ethereum and Tezos. They both have Turing completeness in their smart contract languages and runtimes. Ethereum is definitely ahead, and there are a bunch of other following as a pack looking to pick up adoption if either of these fall behind.
The reason I think programmability is required, is that there is a lot of innovation and exploration happening at the fringes of the ecosystem and I think there will be new use cases and value unlocked. Without programmability, there may not be enough of a benefit to force the existing market to move to a new platform. Cost savings alone will probably not move the market, but cost savings plus additional capabilities that aren't available on the traditional financial rails might.
When privacy is discussed relating to blockchain tech, there are a few things that can be selectively hidden.
- Hiding the type of asset transferred
- Hiding the value of the asset transferred
- Hiding the parties sending and receiving the asset
The interesting thing is that these different pieces of data can be split up and selectively hidden or made public. This is something that was not possible in the old financial tech world. At a minimum, to prevent front running, business strategy leakage, or financial theft targeting, the value of transactions needs to be made private.
An interesting example of this is Tether issuance on the Liquid blockchain. Previously on all the other blockchains where Tether is being used, people can watch the flow of funds between exchanges. On Liquid, they have set it up to hide the values with Confidential Transactions so that there can be no front running when traders are moving funds between exchanges. Note that the issuance of the token is not confidential, so any user can verify the total amount of tokens ever issued, but not see the value being transferred between accounts.
One of the main reasons I think privacy is needed is from various discussions at TokenSoft about tokenizing our equity, stock options, and even salaries. Unless the company is set up explicitly to have all this information made public ahead of time, there is an expectation of privacy for employees and shareholders. As a company, it would be a bit brash to make all this information public (even if it was pseudonymous). If this is an issue for a company that is on the bleeding edge of the market, then many other companies will run into the same roadblock.
If you squint hard enough, you can see the future coming together where all 3 of these capabilities collide and provide real value. As of today though, it seems like there are only blockchains with at most 2 of the 3 requirements needed to unlock the potential, and it's a race to see who can augment their existing distributed networks to make it happen. And once it does, I think it will be undeniable that there are benefits to using this new infrastructure over the old model.