Who are the administrators of blockchains?

[Note: I neither own nor have any trading position on any cryptocurrency.  I was not compensated by any party to write this.  The views expressed below are solely my own and do not necessarily represent the views of any organization I advise.  See Post Oak Labs for more information.]

On All Hallows’ Eve in 2008, an anonymous person (or group of persons) posted a short technical whitepaper on an obscure mailing list about a new virtual coin-based online-only payment system they had been designing for the last eighteen months.1 Several months later, in January 2009, this same person posted the code that created the functionality described in the whitepaper and began minting this new virtual currency.  Less than two years later, the creator walked away from the project and without ever revealing their real identity.

The creator likely stayed anonymous for a variety of reasons, including the fact that by creating and administering a new payment system they may have been violating money transmission laws in multiple countries.2 Despite multiple hoaxes, we still don’t know who this anonymous person was.  But their system – like the Ship of Theseus – continues to exist in a form referred to as Bitcoin.

But before getting to that part of the saga, let’s look at May 2013.  At the end of that month, US federal agents raided a Costa Rica-based company called Liberty Reserve due to money laundering violations (along with a list of other crimes).  Liberty Reserve was a centralized payment platform that marketed to its users the ability to anonymously send funds to one another.

According to the BBC:

The US Justice Department said the scheme had been used to process 78 million transactions with a combined value of $8bn (£5.5bn) – many of which were related to hiding the proceeds of credit card theft, identity fraud, hack attacks and Ponzi scam investment schemes.

Last year the founder of Liberty Reserve, Arthur Budovsky, was convicted and sentenced to twenty years in prison.  Several other insiders also received sentences.  Liberty Reserve had more than 5 million users including more than 200,000 in the US — it is unclear at this time if any of the users are being prosecuted.

According to some cryptocurrency fans, Liberty Reserve’s big blunder was that they attached their legal names to the payment processing enterprise.

But this misses the point.  If you play with a highly regulated industry such as financial services, be prepared for the existing stakeholders such as regulators and law enforcement to increasingly scrutinize your operations as they detect familiar activities, such as the marketing and sale of securities or operating a payment platform.

Cypherpunk cosplay uniform (mostly worn online)

If you spend your weekends cosplaying online as a cypherpunk and yet voluntarily sit on-stage wearing a name tag with your real name at public events and promote financial products and financial market infrastructure to the world at large, consider that there may be people who later watch these videos stored on Youtube. In its report on The DAO, the SEC cited two specific Youtube videos including one from Slock.it, the creators of The DAO.  Recall that Slack stores everything, including your private pump and dump strategies.  If you used cloud-based email, there is a non-zero chance that your successful solicitations and payola to coin media could be discovered after the cloud provider receives a subpoena.

What does this have to do with blockchains?  Below we discuss a few ideas that tie in with money transmission and payment processing.

“Core” development teams

Let me state from the onset that I am unaware of any current or potential criminal or civil cases specifically against developers of cryptocurrency networks.  Furthermore, regulators and law enforcement may not view development teams as administrators at all.  I am not a lawyer and this is not legal advice.

What are administrators?  At a very high level, in the United States, according to guidance published in March, 2013 by FinCEN:

An administrator is a person engaged as a business in issuing (putting into circulation) a virtual currency, and who has the authority to redeem (to withdraw from circulation) such virtual currency.

The rest of the March guidance goes into a little more detail of what administrators are with respect to money exchange itself.

For the purposes of this article, and without diving too much into the technical weeds, let’s consider this hypothetical:

Bob forks/clones Bitcoin in a new GitHub repo that he alone has commit access to.  While other people can submit suggested changes, he alone has commit access to make any changes to the code.  He likes his privacy so he doesn’t actively advertise or market the repo or coin or tell anyone who he is.  And then sets up one mining node, initiates the genesis block, and begins Day 1 of Bobcoin.

Is Bob an administrator?  If so, at what point does he stop being an administrator?  When there are more than one mining nodes in operation?  When more than one developer has commit access?

That’s a decision that regulators and law enforcement will need to make but from this cursory bit of detail, Bob clearly issued his own virtual currency.  Can he redeem it?

Perhaps.3  Either way, he could unilaterally change the code and annul previous or future coins/transactions.  He could change the money supply schedule, doubling or halving it if he so pleased.   He could make a new rule that says block sizes should be arbitrarily larger or smaller.  He could make a new version that separates the digital signatures from other data in the block.  He could change the required transaction fee.  He could add functionality such as P2SH.  He could change how the difficulty setting adjusts.  And so forth.

Even if other participants added computers and joined the Bobcoin network and diluted Bob’s mining hashrate, if the new participants solely rely on the code in his GitHub repo (e.g., are unaware of and/or do not use alternative implementations of Bobcoin code), then Bob remains very influential and could still directly make changes to the network.

Does being very influential — controlling the code repo to a financial network — constitute “administration”?  Arguably yes, but there should be some objective measuring sticks as to what these attributes are (e.g., how many different people have commit access to a repo for financial market infrastructure).

In the proof-of-work-based cryptocurrency world today, we have observed a stark 180 logistical change from Bitcoin in 2009.  Whereas originally all nodes were miners and vice versa, today you have a permanent bifurcation between: fully validating nodes and the mining process itself (hash generation process).  Similarly, many participants in the market, including dozens of developers and miners, use their real legal identities through the use of verified social media accounts and the speaking circuit at fintech events.  They are no longer pseudonymous.

In order for participants to coordinate and administer these types of networks, they did not necessarily need to reveal themselves.  In fact, we still don’t know who many of the original creators of various cryptocurrency networks are that are still in operation (who is BCNext?).  But because many have publicly identified themselves, they could be served with legal process and held responsible if legally liable: hiding behind pseudonymity or anonymity is no longer an option for them.

To borrow a phrase that has been recently used by several regulators, will it come down to the “facts and circumstances” to determine whether or not an entity such as a mining pool operator or core development team is a money service business or fiduciary? 4

Either way, popular euphemisms commonly used by cryptocurrency promoters and lobbyists include supposedly supporting “open” or “public” blockchains – several feelgood words – but as we empirically observe, in many cases these networks are not open to the general public: either as an actual validator or as a developer.  Access can become gated by a clique who determines who can be involved.5

In December 2015, the individuals in the photo above allegedly represented about 90% of the Bitcoin network hashrate: Source

Command and control

According to some, the Bitcoin network is viewed as a “third party payment processor” and because no one single entity administers the network it meets FinCEN’s exemptions.6  Thus, the argument goes, cryptocurrency network creators do not need to obtain a money transmitter license in the US because each activity is separate and run by a different group of participants who meet some kind of legal or regulatory exemption.7

This may have been the case in 2009 and 2010 prior to mining pools and dedicated development teams but it may not stand up to closer scrutiny in 2017.

For instance, over the past couple of years there has been this phenomenon called the “block size” debate.  Rather than go into the different camps and what they want or demand, let’s look at how various participants actually behave and act.

To begin with, let’s look at mining.

As mentioned above, mining in 2017 is different than it was in 2009.  Whereas mining initially meant (1) validation back to the genesis block and (2) generating proofs-of-work (hashes), these two processes are fully separated today.8

Today mining pool operators pick and choose which transactions to include into blocks and validate the chain they are building their blocks, is the chain they intended to do so on.  They can (and do) censor transactions.  For a pre-arranged fee, some will include your transaction before including others, including transactions from the mining pool operator itself.  Mining pools in turn pay miners (those with hash generating equipment) a share of the block reward for the work they do.  Note: miners (hash generators) themselves do not validate blocks and in fact, the machines they use are comprised of ASIC chips, are incapable of doing anything other than some simple multiplication — they can’t even run the software needed to validate the chain, let alone software like Excel.

There is a third stake holder in the mining process; infrastructure managers, who own and operate (or lease) the physical infrastructure that houses the equipment for miners.  Very little has been published on these participants (in English) because most of this infrastructure is managed in countries where English is not the mother tongue.9 These participants negotiate electrical rates and sometimes help install and operate the electrical equipment (transformers and wiring) at the various mining facilities (or outsource and manage that to someone else).

Now let’s look at the software implementation commonly used by many Bitcoin mining pools, called Bitcoin Core.  Until very recently, most mining pools ran a reference implementation of what is called the Bitcoin Core implementation of Bitcoin.  That is to say, the software running their node which builds and validates blocks, comes from a repository managed by a collective describing itself as Bitcoin Core.  This software was originally called the “Satoshi client” (Bitcoin-Qt) and has been renamed a few times along the way to its current name of Bitcoin Core.

In October, 2017 one common refrain from the camp that collectively identifies itself as Bitcoin Core, is that miners do not ultimately operate Bitcoin.  They argue that hashrate follows price and price follows the chain that is best maintained by the best developer team.  This is empty rhetoric.  We know that there are three entities involved in mining: mining pools, hash generators, infrastructure managers.  We know their key importance because they have been lobbied non-stop by many different stakeholders (such as Bitcoin Core and Bitcoin Classic) over the past several years including both open and closed door events on multiple continents.  They have been asked to sign agreements.  And then have seen those same agreements broken.  If miners are not important, they would not be lobbied or demonized at all: they would be ignored entirely.1011

Bitcoin Core is especially interesting because Bitcoin Core proponents claim it does and does not exist.  It is a bit like Schrodinger’s cat: Core exists when it is convenient for its proponents (like rallying supporters to denounce an alternative implementation) but does not exist when it encounters accountability or responsibility for its collective decisions or the decisions made by its surrogates.

Bitcoin Core maintains a website, a verified Twitter profile, Slack and other media channels.12 It even has a public team page of some of the contributors.  It is unclear how they precisely coordinate, but they work closely together with the owners and maintainers of Bitcoin.org and Bitcoin Core GitHub repo.  Note: Bitcoin.org, Bitcoin Talk and /r/Bitcoin are all controlled by the same individual, “theymos.”13 The other channels are owned and controlled by a set of unknown participants.  This collective does not have any known trademarks or copyrights at this time.  While no one has yet identified the actual decision makers, Bitcoin Core has multiple surrogates who are publicly known and actively engaged in media.

When there are disputes over decisions, some individuals who have identified themselves on the Bitcoin Core contributor list, will come out defending Bitcoin Core.  This includes asking for Bitcoin Core alleged lookalikes and doppelgangers to stop existing.  Schrodinger’s cat strikes again: Bitcoin Core wants to own the term Bitcoin Core on social media so that others can’t use it, but do not want the accountability when the collective or someone from the collective makes a decision.  Whose identification documents were used to create a verified Twitter (KYC’ed) account?  What about the web domains?  Those people are arguably actual representatives of the collective.

Bitcoin Core does not have a trademark on the Bitcoin logo, the Bitcoin ticker symbol, etc.  The original code base was released under an MIT License and “Satoshi Nakomoto” is still the copyright owner.14 Tibanne KK (the parent company of Mt. Gox) actually has a trademark on “Bitcoin” in the UK; although since the logo was originally placed in the public domain it is unclear if Tibanne can enforce these claims.  While the representatives and surrogates of Bitcoin Core argue over alternative implementations, if the entity called Bitcoin Core sued, this could open them up for a few things:

  1. they might need to incorporate in order to have legal standing;15
  2. they’d likely have to reveal their legal names (who is the verified Twitter entity?);
  3. they could be liable for complying with state, federal and international laws around operating financial market infrastructure.

Some developers want the power to control a code repo but not the accountability that comes with it.   Source: Spider-Man

Note: if you have a few moments, Angela Walch has a great paper on this topic worth reading.  Recall one of the common refrains from multiple full-time cryptocurrency developers is that they must be conservative in how they upgrade the chain they are working on, “as billions of dollars are at risk.”  These statements are arguably self-incrimination for being a fiduciary.16

It is unclear if Bitcoin Core itself will remain pseudonymous to avoid lawsuits and countersuits.  But recall, no one currently owns “Bitcoin” — the network itself is a public good, a commons.  However, Bitcoin Core does control the GitHub repo and tightly controls the commit access, occasionally removing those that do not align with their political views.17

What is the big deal?  Isn’t this software similar to a browser?

No.  The several thousand ISPs that are connected to each other forming “the Internet” are not dependent on the existence of Firefox or Internet Explorer or any browser.  These ISPs use protocols which are developed and managed by various non-profit and for-profit entities, some with clearer governance than others (like ICANN and IETF).  Network traffic will continue to flow irrespective of what browser is being used.

Bitcoin Core (the software) is not like a browser.18  If it was, the miners could simply switch out and use a different implementation and then start building blocks based on this new implementation.  But as noted above, miners have been lobbied not to use anything but Bitcoin Core or face the consequences if they did.  For instance, this past spring a group of Bitcoin Core affiliated developers threatened to change the proof-of-work mechanism.  These same developers even created a Twitter account (hence deleted) and still maintain a website dedicated to promoting this change.

With threats like this, arguably miners aren’t really free to choose what implementation to run.  To use Walch’s description, Bitcoin Core (and other identifiable developer teams) could arguably be a fiduciary if not an administrator.

bitfury

Source: Twitter

George Kikvadze is an executive and vice chairman of BitFury, a large Bitcoin mining company based in the Republic of Georgia.  Seven months ago he tweeted the statements above in reaction to a Bitcoin Core developer that threatened to change the proof-of-work algorithm used in Bitcoin in order to punish miners for using non-Bitcoin Core code.

Neither threat was carried out but this scenario raises interesting questions: if representatives of Bitcoin Core (or other development teams) who had commit access did change the proof-of-work mechanism to something the ASIC miners that BitFury designed was no longer capable of monetizing, is Bitcoin Core (or other developer teams) itself liable for the loss in revenue suffered by BitFury and other miners?  Is it just the person who submitted the documents to get a verified Twitter account?

No terms of service

One of the fundamental challenges for any anarchic chain is coming to agreement on defining the chain in the first place.19 What is Bitcoin?  Is it the chain with the most proof-of-work?  The longest chain?  The one that gets the most retweets?  The one with the most starred repo on GitHub?

As I mentioned in a paper a couple years ago (Appendix A), because there is no de jure process to handle governance issues, the various communities and tribes rallying and fighting around their disparate visions must rely on ad hoc de facto processes, much of which spills over onto social media

Fundamentally there does not appear to be any contract rights involved in using or operating Bitcoin (the network).  Who do users have contractual relationships with?  If someone does, then you could theoretically sue them.  But there is not even a click-through agreement or EULA when downloading Bitcoin Core (or any other alternative implementation).

This is relevant because earlier this month there were several Bitcoin Core contributors and surrogates, some of whom used their real names, claimed that alternative implementations such as Bitcoin Segwit2X (and its developers) could be violating the Computer Fraud and Abuse Act in the event that Segwit2X successfully creates a new fork next month.

If the CFA Act or money transmission laws are being broken post-Segwit2X then they are probably being broken now because of how various forks and updates are currently rolled out by developers and miners.  While it is unclear if any regulators or law enforcement would see the interpretation of the CFA Act the same way as Bitcoin Core representatives do, this hypothetical legal threat raises a few interesting points:

  1. What legal standing does anyone have in the event of a fork on an anarchic chain?  Code is not law.
  2. What country has jurisdiction and who has contractual relationships with one another?
  3. Would such a lawsuit create precedence or chilling effect on anyone wanting to fork/clone code in the future?  Who is liable for orphaned blocks?
  4. What happens in the event of an accidental fork like the one in March 2013?

By pushing any interpretation of the CFA Act onto anarchic cryptocurrency networks, it could create interesting legal precedents for Bitcoin Core because once the government gets involved in deliberating which fork is and is not legitimate or which miners can or cannot participate, then you no longer have a pseudonymous anarchic network.  Recall there was no EULA or Terms of Service on purpose when Bitcoin was launched years ago.

Another recent example, a Bitcoin Core surrogate who used his real name, publicly asked the New York State Department of Financial Services (DFS) to look into Coinbase’s support of Segwit2x.  Does Coinbase violate the BitLicense for supporting one chain versus another?  Last month a Bitcoin Core contributor who also used his real name, penned a letter to the SEC about why it should not approve an ETF because the company applying for it supported Segwit2X, an alternative Bitcoin implementation.20

A couple weeks later the same author of the SEC letter publicly said:

But, yea, lets be clear, I dont know a singla significant contributor to Core who will ever work on btc1/Segwit2XCoin. If all the miners switch over, most likely some folks will buy hashrate and there will be a Bitcoin chain again to work on. If, somehow inexplicably, the entire community gives up on Bitcoin and uses 2xCoin, then most likely the vast majority of Core contributors will just move on to something other than Bitcoin, though given how 2x has been going, I find that highly, highly unlikey.

The term “2XCoin” is intended to be an inside baseball pejorative towards the developers and supporters of Segwit2X.  Other Core developers have publicly stated that other Core developers will walk away from (quit) the project if an alternative implementation successfully creates a fork.

Another common war cry during the summer was that Bitcoin Cash, a fork and airdrop of Bitcoin up to a certain block height, “was an attack on Bitcoin.”  This statement raises a number of questions:

(1) there are multiple existing forks of Bitcoin that continue to exist (such as Bitcoin Dark), were these also attacks on Bitcoin?  Where is the passionate uproar against the dozens of Bitcoin clones and forks including the ones that used line-for-line the same code but simply rebranded?

(2) Bitcoin needs to first be defined, since there is no 100% consensus or agreement on what it is (longest chain?) or even agreement on how to measure consensus, to prove that there is an attack you would need to at least agree on what Bitcoin is and what exactly was attacked.  Since Bitcoin was designed from the outset to be forked and for those with the most hashrate to decide what is and is included in a block — and the rules therein — how is Bitcoin Cash any different in terms of legitimacy than Bitcoin?

If there is a regulatory arbitrator stating which fork is the legitimate legal one, you have a permissioned network.  And I truly could talk all day about those because I popularized that term with this (now dated) paper more than two years ago and currently advise a couple companies involved in building those.  Inquire within!

The tactics used by different cryptocurrency tribes versus others is not new.  In fact, if you look as recent as the 1960s, during the Cultural Revolution in China there were struggle sessions in which the accused (class enemies) were captured and dragged out in front of the public and denounced for crimes that they didn’t commit.21

We see this type of behavior in the cryptocurrency world on a monthly basis, just look at the “Antbleed” hatchet job.  This was a manufactured controversy and coordinated attempt to discredit a company (Bitmain) that had publicly spoken out against one specific Bitcoin implementation in favor of another.2223 Nearly six months later, the original accusations (of covert usage) are still unproven yet some of the promoters of this theory, several of which who are affiliated with Bitcoin Core, continue to attack anyone who stands in the way of their own vision.  Many elements in the community thrive on both real and fake controversy in order to stay relevant: it is in a state of permanent lynching mode.

Other cryptocurrency chains

Lest I be accused of picking favorites, I should point out that future researchers could create an infographic depicting how all chains evolved over time.24

Below is a non-exhaustive list of other chains that have highly coordinated behavior between influential persons that look administrator-like:

  • Dash Core: run by a company (with a CEO no less); can identify the major participants involved and how they coordinate to make changes; they sponsor events and attempt to speak on behalf of the community while making any upgrades; they run various social media accounts
  • Ethereum Classic: this small community has held public events to discuss how they plan to change the money supply; they video taped this coordination and their real legal names are used; only one large company (DCG) is active in its leadership; they sponsor events; they run various social media accounts
  • Bitcoin Cash: an airdrop based on Bitcoin prior to a certain block height; can identify the major participants involved and how they coordinate to make changes; they run various social media accounts and events
  • Bitcoin Segwit2X: can identify the major participants involved and how they coordinate to make changes; they have met to formalize this process in multiple meetings including the New York Agreement (NYA); they run various social media accounts and claim to be the equivalent of Bitcoin Core
  • Bitcoin XT: defunct, in its terms they explicitly said one set of named individuals would be administrators
  • Litecoin: leaders are self-doxxed; have a formal Foundation as well; they run various social media accounts and events
  • Dogecoin: leaders are self-doxxed and publicly coordinated merged mining with Litecoin three years ago; there have a formal Foundation; they run various social media accounts
  • Ethereum: can identify and name specific people in the Ethereum Foundation and mining community who publicly coordinated several hard forks; these stakeholders sponsor public events and code changes; they run various social media accounts; the Ethereum Foundation has a registered trademark
  • Bitcoin Gold: an upcoming airdrop based on Bitcoin prior to a certain block height; can identify the major participants involved and how they coordinate to make changes; they run various social media accounts
  • Zcash: this was created by a company (Zerocoin Electric Coin Company); can identify and name specific people in the Zcash Foundation and mining community who publicly coordinate updates; these stakeholders sponsor public events, grants, and code changes; they run various social media accounts
  • Bitcoin: before Bitcoin Core consolidating itself, there was The Bitcoin Foundation which attempted to speak as the voice of Bitcoin… then it pretty much went morally and financially bankrupt
  • Dozens if not hundreds of others

Whereas the Bitcoin creator “walked away” (or is he lurking in the CoinDesk comment section?) most ICO issuers could have the same legal problems described above.  Even ignoring the issuance of unregistered securities through ERC20 and ERC20-like standards, many of these these ICO coins and tokens were centrally issued and administered.

One reviewer singled out Factom, Tierion, Ripple, and Stellar as well, but these communities have slightly different nuances worth looking into independent of this article.  It bears mentioning that Ripple was penalized and settled with FinCEN in May 2015, but this was due to non-compliance with BSA requirements with respect to not filing suspicious activity reports (SAR) from a side fund it operated. 25 It was not about operating the nodes on the network.26 Furthermore, centralized issuance and operation of a network through watermarked tokens (e.g., Counterparty, Omni (Mastercoin), all colored coins) is still taking place today (see Tether).

This is not to say that you shouldn’t create a cryptocurrency nor a foundation.  There are likely ways to create a new cryptocurrency and structure its governance in a legally compliant (or exempt) manner.

But some of those who issued a cryptocurrency which they centrally operate and mint could be on thin ice depending on how strict regulators and law enforcement are.27 Maybe they aren’t strict at all.

If it is centrally administered for 2 minutes versus 2 hours versus 2 years (like Satoshi did), at what point is that line crossed?  What about a network like Stellar that was originally decentralized and then in an emergency, centralized (running off of one node) due to a break in its consensus mechanism?  The Stellar organization itself operated the single validation node for months before re-decentralizing.  That is clearly administering a network especially since they issued lumens to begin with (lumens are the native currency of the Stellar network).

Forks as securities

A friend of mine that is the CEO of a Bitcoin-focused company recently hired an attorney to look at the upcoming Bitcoin Segwit2X (S2X) fork proposal and thinks there could be an argument that the fork is a security based on the Howey test.

His rationale is the following, reused with his permission:28

  • S2X is a common enterprise based on the efforts of the signers of the NYA
  • Many of the signers of the NYA have long touted the benefits and profit expectations of increasing the block size
  • S2X was assembled by a promoter/ third party: the organizers of the NYA and its signers
  • Anyone who purchased bitcoin between May 2017 and the fork date is an investor, in particular if that person bought bitcoin in anticipation / expectation of the fork

If this is true, then you could likely insert and replace S2X and NYA with various cryptocurrency developer groups (including Litecoin, Ethereum, Ethereum Classic, Bitcoin Core, Bitcoin XT and others listed in the section above) and just modify the date to argue that each of these coordinated efforts is effectively a common enterprise seeking to profit from the expectations of X, Y, or Z features.  It could be smaller or bigger blocks, sidechains, slower or faster block generation times, etc.  In other words, if Segwit2X is a security, then arguably many coordinated “soft” and “hard” forks are.29

At this time, in the US, neither the SEC nor CFTC have publicly issued their position on how a fork falls within their scope and mandate.30

However, if any regulator or court does formally publish guidance or a ruling siding with a specific fork, the cryptocurrency community will have institutionalized permissioned-on-permissionless chains.  An expensive contradiction.

Relevancy towards enterprise chains

Since you do not need proof-of-work to maintain all blockchains, enterprise focused blockchain and DLT-related companies (commonly referred to as private or permissioned chains) typically started off with the realization a couple years ago that:

  1.  In order for changes and upgrades to take place on a decentralized network, some clear governance needs to be created to manage that process;
  2.  Network validators, the nodes involved in validating transactions, would be run via known, identifiable (KYC’ed) operators who had specific contractual obligations that ultimately would rely on courts as arbiters (e.g., if there is a fork, only one chain would be deemed the legitimate de jure chain);
  3.  If an entity formally governs one of these networks it is likely that it would also be regulated under existing laws and regulations;
  4.  If an entity or group of entities has the power to coordinate and unilaterally make these changes at will without legal recourse, then this could be a single point of failure that could be abused.  How to design a network that prevents this security hole from forming yet comply with existing laws and regulations all while providing recourse to the users in the event of disputes arising?

Note: all of the vendor platforms have their own differences and nuances; from an architectural standpoint they cannot all be lumped together as a monolithic entity.

But in this case, many of these companies took roughly the same tact: one which attempts to hold validating parties accountable ultimately through the existing legal system (via contracts and if need be courts).  As a result, so far the vendors have generally gotten to bypass most of the drama around factional in-fighting described above.  But each vendor still has their own challenges ahead.  Once an enterprise chain’s mainnet is turned on in production and real value is being moved across their network, whoever administers and operates the network(s) could be legally liable for complying with a whole slew of regulations from multiple different jurisdictions.

That is why some operating models involve banks or other existing financial institution running the validating nodes — because they already have the necessary licenses and compliance structures put in place. That is also why some of the vendors created a consortium from the get-go because they foresaw the need to bring on different types of stakeholders early on.  But ignoring the consortium approach for the moment, once real legal names are touching and managing real financial instruments, regulators and law enforcement begin to pay much closer attention.

Final remarks

In the US there is no private right of action under the FinCEN guidelines.  Only FinCEN can initiate an enforcement proceeding, and based on conversations with legal experts who reviewed this article, these experts do not expect such actions right now given that FinCEN hasn’t thus far.

Can private parties initiate litigation?  Based on one conversation with an interested party, it seems that there is arguably a private right of action under the CEA, under certain state money transmission business (MTB) laws and under securities laws.  Will they?  My guess is that as more real value (e.g., real money like USD) is associated with any of these anarchic blockchains, the odds of lawsuits due to any type of fork (intentional or not), trends closer to probably.

With that said, networks such as blockchains, do not maintain themselves.  They do not upgrade themselves or automatically fix bugs that arise.  They are not anti-fragile.  They need people to do all of these pesky maintenance things.  And with people comes politics and social engineering.31

Empirically if there isn’t disharmony in a blockchain community it is because most participants agrees who the administrator or administrators are.32

If there is a disagreement, as we have seen multiple times, a political struggle often takes place and a fork or two may happen: either a fork in the chain or a fork in the community.  With hundreds of dead or zombie blockchains, it is clear that blockchains do not work without some kind of administrator and decision maker.  Whether or not FinCEN or other money transmitter regulators come to the same conclusion is a different matter.

The takeaway from this piece isn’t that no one should be formally or informally engaged with anarchic chains such as cryptocurrencies.  Or that passion and enthusiasm should be discouraged.  Rather, it is about consistency and the rule of law.  If you do not like the development or evolution in a community-without-formal-rules — such as the fractured tribes of Bitcoin — using the government as a club of convenience to get what you want and not expect consequences for their intervention on your behalf is shortsighted.

While a few dozen cryptocurrency startups have already begun using trade associations to lobby regulators on their behalf for a “hands-off” regulatory approach, at some stage the appearance of formalized governance of financial market infrastructure — even if it is marketed as self-sovereign, decentralized, open, and anarchic — could lead to increased regulatory oversight due to how the crypocurrency governance activity actually behaves in reality.  This is definitely a topic worth revisiting in a year to see if any regulator publicly opines on the topic. 33

[Note: if you found this research note helpful, be sure to visit Post Oak Labs for more in the future.]

Acknowledgements

To protect the privacy of those who provided feedback, I have only included initials: RD, CP, SP, CM, VB, DG, CK, AW.

Endnotes

  1. Both Ray Dillinger and Hal Finney have stated they analyzed and gave feedback to Satoshi on Bitcoin prior to its public announcement; perhaps there were others too. []
  2. See these two articles written by Daniel Friedberg: “FinCEN Guidance Validates Bitcoin Industry but Targets Satoshi” and “Bitcoin hard fork conspiracy treacherous” []
  3. It is possible to create a redeemable asset on Counterparty and several other platforms connected to Bitcoin. []
  4. One reviewer opined that: “I think it will be a technical legal definition that comes down to whether you can exert reasonable control before enforcing MSB rules.  Whether you are an administrator or not will be a boring court decision: they could look at whether you were mining or developing with a high enough impact. []
  5. On the mining side, the capital costs of running a mining farm and pool that actually validates blocks on many of the larger cryptocurrency networks is relatively expensive and out of reach for most users; mining pools have been documented at attacking one another on the network itself (e.g., DDOS attacks).  On the developer side, as discussed throughout this article, while it varies depending on the cryptocurrency, the control over the repo (specifically who has commit access) is often restricted to a few insiders who can permit and restrict who can be involved in the development process (e.g., they can remove a developer from mailing lists, forums, events, code repositories, etc.). []
  6. Cryptocurrency miners typically only have the ability to instruct payments of keys they control (although they can censor and/or fork as well).  Thus, it is argued, the miners typically just perform IT services. []
  7. In the UK, there is some relevant guidance from HM Revenue and Customs with respect to money laundering and money service businesses []
  8. See SPV wallets for a user-specific example. []
  9. This past summer Quartz published a series of articles detailing some of this physical infrastructure in China.  See: The lives of bitcoin miners digging for digital gold in Inner MongoliaPhotos: Inside one of the world’s largest bitcoin mines; and Take a 360 walk around one of the world’s biggest bitcoin mines []
  10. A year ago the narrative that miners were a key component of Bitcoin dramatically shifted in the minds of a group that lobbied for a change known as UASF: User Activated Soft Fork.  The proposal – which thus far has not been activated – attempts to remove miners and replace their role with nodes controlled by UASF advocates, pretty much removing Sybil protection.  Instead of buying hardware and pushing hashrate one way or the other, UASF advocates used social media to promote their views.  Incidentally some of the same people promoting “no2x” (opposed to Segwit2x) were actively part of the “UASF” campaign. []
  11. One reviewer mentioned that: “It’s worth noting that in Ethereum, miners actually don’t have a large role in decision-making. Ironically enough, I think the reason for this is that Bitcoin prefers soft forks for governance, whereas Ethereum prefers hard forks, and soft forks naturally depend more heavily on miner support in order to succeed.” []
  12. Its Twitter account actively retweets and highlights specific content from a common group of promoters, advocating and endorsing their viewpoints. []
  13. “theymos” is his/her username; his real name is allegedly Michael Marquardt but little is publicly known about who he is beyond his control of the most highly trafficked Bitcoin-specific developer sites.  Other pseudonyms that co-own some of these domains include “cobra.” []
  14. In the US, copyrights are unregistered.  The copyright owner of the original source code still belongs to “Satoshi Nakomoto” however as of this writing, no one has stepped forward to claim this copyright ownership. []
  15. Alternatively they could be a “general partnership;” this was discussed in the SEC paper on The DAO (pgs 14-15). []
  16. One reviewer provided a counterpoint: “There’s a difference between voluntarily taking on responsibility and being legally assigned it. For example, if I suddenly decide that I feel morally obligated to make sure all children in some village in Africa are properly fed, I do not become their legal guardian.” []
  17. Alex Waters, Jeff Garzik, and Gavin Andresen (among others) have been removed in this fashion. []
  18. If we replaced “browser” with “TCP/IP” that would likely create massive economic disruption and finger pointing for blame. []
  19. See also: Emochain and Statistchain []
  20. I touched on this same issue last year in a paper, see Comments on the COIN ETF (SR-BatsBZX-2016-30) []
  21. One reviewer pointed out that: “If you’re looking for parallels with authoritarian regimes, there are many. Bitcoin Core’s arguments that there must be only one reference implementation to “preserve stability”; them playing linguistic games to deny the opposition legitimacy, high levels of censorship, etc. There are also parallels on the other side of this, where the “opposition parties,” despite having many legitimate grievances, are all good at protesting but focus on negativity and are not nearly technically competent enough to effectively form their own “government”. This happens in Russia, to some extent Singapore, China (think Hong Kong independence movement), etc. You can probably expand this out into an entire blog post.” []
  22. Bitmain is the largest manufacture of mining equipment, Antminer is the brand of one of its product lines. []
  23. See also Just How Profitable is Bitmain? by Jimmy Song and Former Bitmain Chip Designer Seeks to Revoke Mining Giant’s Patent from CoinDesk []
  24. One reviewer suggested that future researchers and analysts could also look at several other attributes: (1) Basing oneself in a country as an incorporated entity; (2) Having developers heavily concentrated in a country; (3) Heavily marketing in a country, especially if it’s the same country as above; (4) The operation of a chain being controlled by one implementation and one company (as opposed to Ethereum’s geth/Parity/now harmony split []
  25. One reviewer opined that: “Though it is worth noting that their ability to operate the network in a way that gives users permissionlessness was compromised as a result of these side activities. A useful cautionary tale.” []
  26. XRP Ledger Decentralizes Further With Expansion to 55 Validator Nodes from Ripple Insights []
  27. One reviewer commented that: “I think it’s worth making a distinction here between convertibility and central administration of tech. Bitcoin, Bitcoin Cash, Ethereum, Ethereum Classic, Dash, etc are all not immediately convertible; the portion of tokens that actually are convertible is relatively low and I think everyone already agrees that those are regulated.” []
  28. Private correspondence on October 16, 2017. []
  29. For a related discussion see, Are Public Blockchain Systems Unlicensed Money Services Businesses in Disguise? from Ciaran Murray []
  30. One reviewer mentioned that in the event a fork occurs, there could be legal repercussions pursuant to Commodities Exchange Act (namely, section 6(c), rule 180). []
  31. Even some of the proposed “self-governing” blockchains ultimately start out fairly centralized, arguably as administrators and MTBs.  And due to the amount of coins that insiders and creators of these chains have, they could heavily influence the direction of votes (e.g., in a staking model, large coin holders are politically powerful entities who could coordinate and collude to fork in their own interest).  Will they always remain as administrators? []
  32. Many thanks to Ciaran Murray for providing this observation. []
  33. One of the reviewers asked how several current and proposed proof-of-stake coin-based projects would fit in here as potential solutions.  Since most of these are young and/or not even launched, see footnote 31 above.  Some have governance challenges already, see Backroom battle imperils $230 million cryptocurrency venture from Reuters.  Another reviewer opined that: “Systems like Bitshares, EOS, Tezos, et al will in practice be secure primarily precisely because there are large premines held by the foundations and developers themselves. It’s like a kind of ‘centralized administration without looking like centralized administration.'” []