COINOTAG Logo

SAFT (Simple Agreement for Future Tokens): What It Is and How It Works

A SAFT (Simple Agreement for Future Tokens) is an investment contract in which an accredited investor pays upfront for the right to receive a blockchain project's tokens once the network becomes functional. The SAFT itself is treated as a security and filed under U.S. securities law, while the tokens delivered later are meant to operate as utility tokens. By separating the funding event from the token delivery, the structure lets teams raise institutional capital during development without conducting an unregistered token sale, and shifts early-stage risk onto sophisticated investors. Crucially, regulators have never guaranteed that the eventual tokens escape securities classification.

What Is a SAFT?

A SAFT (Simple Agreement for Future Tokens) is an investment contract in which an accredited investor pays upfront for the right to receive a project's tokens at a later date, after the network or application is actually built. The SAFT itself is treated as a security and registered or exempted under U.S. securities law, while the tokens delivered later are intended to function as utility tokens. The structure was created to let blockchain teams raise capital legally during the development phase without selling tokens that regulators might classify as unregistered securities at the moment of sale.

📷 a simple two-stage timeline diagram showing 'Investor pays cash for SAFT' on the left and 'Functional network delivers tokens' on the right, with a development arrow connecting them

Why SAFTs Exist

Selling tokens before a network is live creates a legal problem. In the U.S., a token that buyers acquire purely expecting profit from the team's efforts can be deemed an investment contract under the Howey Test — and issuing unregistered securities is illegal under the Securities Act of 1933. Penalties can reach years in federal prison and heavy fines, and secondary venues that trade such tokens may also be exposed unless registered as broker-dealers or exchanges.

The SAFT framework splits the problem into two phases. Investors buy a registered security (the SAFT) instead of a token, so there is no unregistered-securities sale at funding time. Tokens are only minted and delivered once the network has genuine utility — at which point the team bets regulators will view them as commodities or utilities rather than securities. The model echoes traditional venture financing more than a public ICO token sale.

How a SAFT Works: Step by Step

  1. Agreement signed. The developer of a token-based blockchain network signs a SAFT with accredited investors, usually at a discount, and files the appropriate exemption forms (commonly Reg D / Form D) with the SEC. No tokens change hands yet.
  2. Capital deployed. The team uses the raised funds to build the network or application. There is typically no fixed timeline — delivery can take months or years.
  3. Tokens delivered. Once basic network functionality exists, the developer mints the tokens and distributes them to SAFT holders, who can hold or sell.
  4. Public phase. With the network live, the tokens behave as utility tokens, and the team can sell them publicly without needing a SAFT.

SAFT vs. ICO vs. SAFE: A Quick Comparison

FeatureSAFTPublic ICOSAFE (equity)
What investor receivesRight to future tokensTokens immediatelyRight to future equity
Legal status of instrumentSecurityOften ambiguousSecurity
Who can participateAccredited investors onlyFrequently open to publicAccredited / VC investors
Tokens exist at sale?NoYesNo (no tokens at all)
Main riskTokens may still be deemed securitiesUnregistered-securities exposureDilution / no token upside

A Worked Example

Imagine a project raises $10 million through a SAFT from accredited investors at a 30% discount to the expected public token price of $1.00. Investors effectively pay $0.70 per future token, so $10M secures roughly 14.29 million tokens ($10,000,000 / $0.70). After 18 months of development the network launches and tokens trade at $1.00. On paper, SAFT holders hold ~$14.29M in tokens against a $10M outlay — a ~43% unrealized gainif and only if the tokens deliver, the network ships, and regulators do not reclassify them as securities. That triple conditionality is exactly where the risk lives.

Real-World SAFT Examples

Several landmark sales used SAFT-style structures to stay compliant with U.S. securities rules:

  • Filecoin raised more than $257 million to fund its decentralized cloud-storage network.
  • Telegram's TON reportedly raised about $1.7 billion across pre-sale rounds using SAFT agreements — though the SEC later challenged the offering, a cautionary tale about the framework's limits.
📷 a bar chart comparing headline raise amounts for Filecoin (~$257M) and Telegram TON (~$1.7B) SAFT rounds

Benefits of the SAFT Framework

  • Regulatory clarity for builders. Teams can raise institutional capital during development without an unregistered token sale, reducing legal exposure under the Securities Act.
  • Institutional access. Funds whose mandates block them from buying raw cryptocurrencies can still invest, because the SAFT instrument is itself a security.
  • Risk concentration. By restricting the first round to accredited investors, the framework shifts early-stage risk onto sophisticated parties rather than retail buyers — one of the SEC's stated concerns about token sales.
  • Onshore incentive. Clearer rules can keep projects and jobs in jurisdictions like the U.S. rather than pushing them to Switzerland or Singapore.

Risks and Pitfalls

The SAFT is not a regulatory silver bullet. Key pitfalls:

  • The core bet may fail. Courts can look at the whole investment scheme, not just the paperwork. If accredited investors buy SAFTs purely for profit, a token delivered later may still be judged a security — collapsing the framework's main benefit.
  • It cannot rescue true securities tokens. Wrapping a security-like token (e.g., a profit-sharing or equity-style token) in a SAFT does not make it a utility token.
  • It cannot fix tokens that fail Howey. If buyers still rely on the team's ongoing efforts for profit after launch, the utility claim is weak.
  • It is U.S.-centric. Built around American securities law, a SAFT can be unhelpful — or even non-compliant — in other jurisdictions.
  • Retail is excluded. Only accredited investors join the first and potentially most profitable round, deepening access inequality. Like any early-stage instrument, it also carries classic exit-liquidity dynamics if hype outruns delivery.

COINOTAG Perspective

We view the SAFT as a transitional artifact of a regulatory grey zone rather than a permanent fixture. Its strength is that it forces the funding event and the token event apart, which aligns capital with real development milestones. Its weakness is that it relies on a future regulatory verdict no one controls — the same vulnerability that derailed Telegram's TON. For builders today, a SAFT is best treated as one tool among many (alongside equity-style SAFE rounds and modern token-warrant hybrids), chosen only after qualified securities counsel reviews the specific token's economics. For investors, the headline discount means little until the network actually ships and the legal classification settles. Pair a SAFT thesis with a clear understanding of how the underlying smart contract and tokenomics are designed before committing capital.

If you are still mapping how primary token sales work end to end, our ICO due-diligence guide and the ICO vs STO vs IEO comparison are useful next reads.

Last updated: 6/15/2026

Related Terms

AI Crypto Wallet

An AI crypto wallet is a digital wallet that stores your private keys and balances like any wallet, but adds a machine-learning layer to automate transactions, detect fraud in real time, optimize gas fees, and deliver portfolio insights. Rather than manually timing trades or watching for suspicious activity, you let the wallet learn your patterns and act as a co-pilot. Most are non-custodial, so you still control the keys; the AI operates on the convenience and security layer, not custody. The result is an active assistant for managing on-chain assets across DeFi, trading, and everyday transfers, balanced against new privacy and over-reliance risks.

AI Trading Bot

An AI trading bot is automated software that uses artificial intelligence and machine learning to analyze market data, detect patterns, and execute trades on exchanges with little to no human intervention. Unlike traditional rule-based bots that only follow fixed if-then instructions, an AI bot adapts its strategy as markets change and learns from past outcomes through feedback loops. It is especially common in crypto, where markets trade 24/7 and prices move fast. Core components are data input, decision-making, and trade execution. AI bots remove emotion and react in milliseconds, but they still depend on strategy quality, clean data, secure API keys, and human oversight to perform safely.

Algorithmic Stablecoins: How Code-Backed Pegs Really Work

An algorithmic stablecoin is a crypto token that maintains a price peg (usually to the US dollar) through code-enforced supply rules rather than a bank account full of cash. Smart contracts automatically mint new tokens when the price drifts above the target and burn or contract supply when it drops below, using arbitrage incentives to nudge traders back toward equilibrium. Unlike fiat-backed stablecoins such as USDT or USDC, a purely algorithmic design holds little or no off-chain collateral, prioritizing decentralization and censorship resistance over hard reserves. This makes the model capital-efficient but fragile: when confidence breaks, the same feedback loop can drive the token toward zero in a death spiral.

What is an Altcoin? Complete Crypto Guide

Altcoins are cryptocurrencies other than Bitcoin, ranging from major networks like Ethereum to thousands of smaller tokens with diverse use cases.

AltVM (Alternative Virtual Machine)

An AltVM (Alternative Virtual Machine) is any blockchain execution environment that is not the Ethereum Virtual Machine (EVM). Where the EVM is a general-purpose engine running smart contracts sequentially, AltVMs are purpose-built to optimize for a single quality the EVM handles poorly: parallel transaction execution, lower latency, zero-knowledge proof generation, resource-oriented asset safety, or flexible languages such as Rust. Prominent examples include Solana's SVM, the Move VM (Aptos, Sui), Cairo VM (Starknet), CosmWasm and zkVMs. They do not aim to replace the EVM but to complement it inside an increasingly modular, multi-chain ecosystem where different applications pick the execution model that fits their needs.