THE INTERNATIONAL JOURNAL OF BLOCKCHAIN LAW - Volume 2 March 2022
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
GLOBAL BLOCKCHAIN BUSINESS COUNCIL Geneva | London | New York | Washington, D.C.
TABLE OF CONTENTS Note from the Editor-in-Chief 2 About the Editors 3 A Round Table Discussion: Pressing Legal Issues in Decentralized Finance 4 Spotting And Managing Litigation Risk In Defi 14 If NFTs Ruled The World: A New Wave Of Ownership 19 Blockchain Vulnerabilities And Civil Remedies To Recover Stolen Assets 25 Can Code Be Law?: A Review Of Current Developments 36 Digitalizing Trade in Asia Needs Legislative Reform 43 The Emerging Legal And Regulatory Framework For DeFi Lending Platforms In Vietnam 48 1
NOTE FROM THE EDITOR-IN-CHIEF DR. MATTHIAS ARTZT SENIOR LEGAL COUNSEL DEUTSCHE BANK Dr. Matthias Artzt is a certified lawyer and senior legal counsel at Deutsche Bank AG since 1999. He has been practicing data protection law for many years and was particularly involved in the implementation of the GDPR within Deutsche Bank AG. He advises internal clients globally regarding data protection issues as well as complex international outsourcing agreements involving data privacy related matters and regulations. Welcome to the 2nd issue of the IJBL! Following the DeFi pieces, Samir Patel explores the issue of I am proud to present a great set of fractionalization of NFTs. new articles covering various legal topics surrounding blockchain technology from It is a matter of fact that blockchain/ around the globe and from different DLT based solutions continue to be perspectives. prone to hacks, frauds and scams. Barry Sookman (Mc Carthy/Tetrault First things first: For this issue the Toronto) presents a case study and editor’s board has decided to add a the pertaining remedies as well as new feature to the Journal: a written challenges in recovering digital assets. round table. My fellow editors, Andrea Tinianow and Stephen Palley, took Michael Jünemann and Udo Milkau the initiative to reach out to top US from Bird & Bird Frankfurt explore the attorneys in the blockchain space to practical challenges of using smart ask them about the most pressing legal contracts, in comparison to traditional issues pertaining to DeFi. The result written contracts. This will be the first is a comprehensive and insightful “episode” of a broader discussion discussion on currently unresolved around smart contracts, as my fellow legal topics around this issue from an co-editor Jake van der Laan is drafting American legal perspective. This piece an article on the same topic for the is deservedly the leading article of this 3rd issue of the IJBL focusing on the issue. A special shout out to Andrea and more technical aspects of how smart Stephen for making this happen. contracts currently function and the limitations this creates in their utility in DeFi is touted by many in the crypto the “contractual life cycle”. space as having potential to significantly disrupt the traditional financial industry Further, Raoul Renard, Carmen over the next decade. With that in mind, María Ramírez Ortiz, Oswald Kuyler and this issue continues with two more Steven Beck provide an overview of appealing articles covering DeFi from the state of play on the adoption of the different perspectives: Norton Rose Model Law on Electronic Transferable Fulbright lawyers Robert A. Schwinger, Records (MLETR) in conjunction with Harriet Jones-Fenleigh and Jonathan blockchain-based trade deals in the Hawkins look at some of the disputes APAC region. that may arise in the DeFi space and set out the steps to be taken by users Finally, Prof. Tran Viet Dung and Le of DeFi- or smart contract protocols to Tran Quoc Cong present an interesting manage these potential risks. perspective of the legal and regulatory aspects of DeFi Lending in Vietnam. Happy reading! 2
ABOUT THE CO-EDITORS You can find the editor’s full bios here. LOCKNIE HSU PROFESSOR SINGAPORE MANAGEMENT UNIVERSITY Locknie Hsu received her legal training at the National University of Singapore and Harvard University, and is a member of the Singapore Bar. Locknie specializes in international trade and investment law, including areas such as paperless trade, FTAs, digital commerce, and business applications of technology. STEPHEN D. PALLEY PARTNER ANDERSON KILL Stephen Palley is a partner in the Washington, D.C. office of Anderson Kill. He is the founder and chair of Anderson Kill’s Technology, Media and Distributed Systems Group, a cross-disciplinary team of lawyers, with experience across a wide range of legal practice areas, who specialize in advising software, internet, and FinTech companies. THIAGO LUÍS SOMBRA PARTNER MATTOS FILHO Thiago’s practice focuses on Technology, Compliance and Public Law, and in particular on anti-corruption investigations handled by public authorities and regulators, data protection, cybersecurity and digital platforms. He was awarded as one of the world’s leading young lawyers in anti-corruption investigations by GIR 40 under 40 and technology by GDR 40 under 40. ANDREA TINIANOW CHIEF LEGAL OFFICER IOV LABS Andrea Tinianow, a Delaware attorney, is the chief legal officer for IOV Labs, the brand behind the Rootstock and RIF protocols. In 2015, Andrea started the Delaware Blockchain Initiative which gave rise to the “Blockchain Amendments” to Delaware’s business entity statutes that authorize corporations (and other business entities) to maintain their corporate records, including stock ledgers, on a blockchain. JAKE VAN DER LAAN CHIEF INFORMATION OFFICER & DIRECTOR FINANCIAL AND CONSUMER SERVICES COMMISSION, NEW BRUNSWICK, CANADA (FCNB) Jake van der Laan is the Director, Information Technology and Regulatory Informatics and the Chief Information Officer with the New Brunswick Financial and Consumer Services Commission (FCNB) in New Brunswick, Canada. He was previously its Director of Enforcement, a position he held for 12½ years. Prior to joining FCNB he was a trial lawyer for 12 years, acting primarily as plaintiff’s counsel. GARY D. WEINGARDEN ASSISTANT VICE PRESIDENT, DATA PROTECTION OFFICER NOTARIZE, INC Gary Weingarden is AVP and Data Protection Officer at Notarize, Inc. He is responsible for their information security, privacy, IT, and fraud prevention programs. Gary has over 15 years of experience in the mortgage industry having served as Chief 3 Privacy Officer and General Counsel at Birmingham Bancorp Mortgage Corp.
ARTICLE I A ROUND TABLE DISCUSSION (IN FOUR PARTS): PRESSING LEGAL ISSUES IN DECENTRALIZED FINANCE DAVID ADLERSTEIN OLTA ANDONI COUNSEL DEPUTY GENERAL COUNSEL WACHTELL, LIPTON AVA LABS COLLINS BELTON LEWIS COHEN MANAGING PARTNER CO-FOUNDER BROOKWOOD P.C. DLX LAW JASON GOTTLIEB CHRISTINE PARKER PARTNER, CHAIR VICE PRESIDENT, MORRISON COHEN LLP DEPUTY GENERAL COUNSEL COINBASE LEE SCHNEIDER ANDREA TINIANOW GENERAL COUNSEL CHIEF LEGAL OFFICER AVA LABS IOV LABS STEPHEN D. PALLEY PARTNER ANDERSON KILL 4
This roundtable discussion was curated leverage on long term contracts. and edited by Andrea Tinianow and Stephen Palley, Editors of the IJBL. See their Do such on-chain protocols constitute bios and headshots on page 4. “exchanges” as that term is defined under the Securities Exchange Act of 1934 (“1934 Act”)? INTRODUCTION LEE SCHNEIDER: The answer to With more than $USD 92 billion this question depends on a variety of locked in decentralized finance (DeFi) factors, including how the protocol protocols, DeFi is hot and it’s not is involved in effecting transactions. showing any signs of cooling down The 1934 Act definition would seem soon. We reached out to top attorneys to exclude from “exchange” a smart in the blockchain space to ask them contract that has no single point of about the most pressing legal issues failure, no single source of truth and pertaining to DeFi. Here is what they no single authority capable of, or had to say. responsible for, effecting transactions and recording or altering data. In A special shout out to attorney other words, if there is no operator Gabe Shapiro for helping us to craft (or group constituting an operator), these questions and to the attorneys then something is not an exchange. who provided commentary. We Therefore, each protocol needs to be appreciate their excellent contributions scrutinized to determine applicability to this article as well as the crypto/ of the definition. blockchain ecosystem overall. The roundtable discussion assumes that JASON GOTTLIEB: I agree with the reader has some basic information Lee. Definitionally, if the protocol is about crypto and DeFi. allowing the trading of securities tokens, it is more likely to be PART ONE deemed an exchange; but if it allows trading of only non-security tokens, Certain on-chain protocols allow it cannot be (at least, under the 1934 transactions (trades, borrowing, etc.) Act). relating to tokens, and it is likely that some of these tokens are securities or, COLLINS BELTON: While I some of the transactions are securities philosophically agree with Lee and transactions under U.S. law. Jason, there is at least some cause to believe that historical precedent CHRISTINE PARKER: The focus may bias the Securities Exchange on securities is important, but in the Commission (“SEC”) towards a different future, the vast amount of value finding. In particular, some of the will be transacted in the derivatives earlier literature and procedural market, based on the non-security history discussing the creation tokens, bitcoin and ether (“BTC and and categorization of electronic ETH”). There will be an increase in the communication networks, which did relative notional value of tokens that ultimately largely fall into the category are commodity-based, as opposed to of an alternative trading system security-based. In the future, there will (“ATS”), seems to be at least in part be large derivative exchanges for retail applicable to protocols allowing for investors. And, once there is robust certain exchanges. Like Lee suggests, trading in the derivatives markets in specific factors will weigh heavily in the the U.S., it will be much greater than Exchange Act’s “functional” test, but I’m the securities markets, with massive not sure if the lack of a single point of 5
failure alone will be dispositive (even broker are not regulated under the though it largely should be). Commodity Exchange Act, unless the tokens are offered with some form of LEWIS COHEN: I tend to agree financing/leverage (e.g, a commodity with Collins on this. The question derivative). to me is less whether technically the network of computers running Does the combination of such an on- the relevant protocol code are chain protocol and such a website operating an “exchange” (assuming constitute such an exchange and, if so, that the protocol facilitates the bids/ does that depend on the website being offers of “securities”). If that was operated by the same person or group of persons which developed or deployed the the function of the protocol code, protocol? a judge would likely conclude that the network was an exchange. But it LEE SCHNEIDER: Yes, it depends does raise difficult questions around on who is operating both. enforcement, though. For example, which participants would a regulator COLLINS BELTON: I tend to agree be able to go after? An Ethereum that the combination of providing node operator whose node passively the service functionality and access validates whatever code has been likely increases the risk of a site being deployed? The developer who actually deemed an exchange, although the deployed the relevant code? And what protocol may still retain colorable if multiple people contributed to the arguments against that classification. creation of the code, and the person That said, if the developer-operator is who physically deployed the code one of many interfaces, and further, was just an unknowing agent? What that single site is not the sole or about transient holders of governance primary means by which persons tokens for the protocol, or the person interact with the protocol or engage in that runs a front end for accessing the activity, then the argument for treating protocol (even if it is just one of many that particular combination as an such front ends)? exchange is weaker (unless *all* other combinations are similarly treated as Does a website that offers access to these types of on-chain protocols constitute an such). “exchange,” as that term is defined under the Securities Exchange Act of 1934? LEWIS COHEN: if you are an identifiable person over whom a LEE SCHNEIDER: It depends on relevant regulator or member of law what “access” means. If it just means enforcement can get jurisdiction that you can see what’s going on, that derives an economic look at pricing information, etc., then benefit from providing services probably not. If the website is the (even indirectly) that are not in execution facility and is operated by compliance with relevant law/regs, a single authority, then probably yes. you are at risk for an enforcement If the website allows users to effect/ action. Another reason why we need execute trades on the protocol but better laws. Soon. does not operate the protocol, then it is probably a broker. All of this Are there ways for non-banks (again, assumes the tokens are securities. in the U.S.) to structure so-called decentralized finance (DeFi) or centralized finance (“CeFi”) “yield” protocols that CHRISTINE PARKER: Same do not run afoul of the securities laws outcome for commodity-based (including the registration requirements tokens EXCEPT that the exchange and 6
of the Securities Act of 1933 (the “1933 LEWIS COHEN: I agree with Lee Act”), the Investment Company Act of that the central question here is 1940 and the Investment Advisers Act of whether the “facts and circumstances” 1940)? around the yield product implicates the formation of an “investment contract.” LEE SCHNEIDER: These are I would say that in many cases, the very broad questions. Let’s focus answer will be “yes,” but it depends on on the question of whether such the details of how the program is being arrangements are investment run. contracts or otherwise securities. Let’s also consider similar arrangements DAVID ADLERSTEIN: I would and ask why they have not been add that in addition to securities treated as securities: payment for laws, these products involve bank- order flow; maker-taker arrangements; like functions, so depending on the credit card rebates. If the answer relies circumstances, other areas of law may on “pooling” of funds and returns, that also be implicated. The ability for retail seems a little thin because these 3 to place money with a counterparty in examples rely on pooling as well. exchange for a yield and to withdraw the money on demand resembles a CHRISTINE PARKER: There is bank deposit. The legal considerations likely a role that a futures commission around these products need to be merchant (“FCM”) can have in offering considered case-by-case. DeFi or CeFi yield protocols for BTC/ ETH products. This would be outside of the scope of their regulated activity but PART TWO comports with the financing/lending Automated Market Makers (“AMMs”) FCMs provide based on warehouse are the underlying protocol that enable receipts.1 users to trade crypto on a decentralized basis. Where do AMMs fit into the current COLLINS BELTON: I agree with structure of U.S. securities laws, if at all? Christine that the most likely non- How does MGM Studios Inc. v Grokster, bank entity to embody a hybrid Ltd. impact your conclusion? CeFi/DeFi model that doesn’t run afoul of securities laws like the one JASON GOTTLIEB: Ultimately, described above is a commodities most AMMs are just software, and entity. We are already beginning to software that can be used for a host see some examples of this model of completely legal purposes. The being experimented with in DeFi and software developers cannot be established commodities players. held responsible for misuse of the That said, to the extent that assets platform, any more than Bill Gates are treated as security-based swaps, could be held responsible if a drug I’m not sure it would be accurate to gang used Microsoft Excel to keep refer to these as being outside of the track of their drug deal profits. securities law requirements, but the offerings wouldn’t necessarily run afoul Some lawyers look to the file- of them either. sharing cases for the Supreme Court’s ultimate opinion in Grokster. I have a different, more pragmatic view. Ultimately, the courts could 1 To learn more, we refer you to the advisory from The Division of Swap Dealer and Intermediary shut down Grokster (or Napster, or Oversight (DSIO) of the Commodity Futures Trading Limewire, or or or…), but ultimately, Commission which provides guidance to FCMs on how during the several years it took to to hold and report certain deposited virtual currency from customers in connection with physically-delivered shut down a file-sharing service in the futures contracts or swaps. courts, several others sprung up. DeFi 7
protocols are easier: a team can “fork” and took no action to prevent it. an open-source protocol in a half-hour, Further, given their control of certain host it on a distributed website like access points, software distribution IPFS, and walk away from it. Maybe mechanisms required to maintain they’re liable under Groskster, maybe the service and other areas of central not, but good luck suing a bunch of control, ascribing illicit activity to them people who may be foreign, may be was more practical and reasonable. anonymous, and may be unwilling to In contrast, here, AMMs have largely comply with any US court orders. shown that they are totally neutral and, in many jurisdictions, allow completely Ultimately, what killed the permissible transactions. The fact that Groksters wasn’t the courts. It was the U.S. and certain jurisdictions Apple, and iTunes. Apple figured out have nebulous rules that have yet to a way to make music file sharing easy, make broad determinations about cheap, and 100% legal. The protocols assets should not be analogized that do that will win, and settle the to enabling the illegal sharing of argument. copyrighted materials (which was already a well-known prohibition COLLINS BELTON: I strongly agree prior to the development of basic with Jason that a “truly decentralized” file sharing). AMM, even with an unrelated treasury or something else, should not and is AMM liquidity pools enable users to not properly viewed as an exchange buy and sell crypto without the need for or function that is covered under the centralized market makers. Liquidity is 1933 Act or 1934 is Act. However, provided by “liquidity providers” (“LPs”) the term “truly decentralized” does and pooled, with each LP receiving a pro rata share of the pool’s assets (including much lifting here, and ironically, I accumulated trading fees) represented would say the SEC’s action against by an “LP token”. In addition to receiving something like EtherDelta, which a pro rata share of trading fees paid was ostensibly a DeFi exchange that by people who trade assets through the could be likened to an early AMM, AMM pool, LPs can often stake their LP was the correct outcome. Similarly, tokens in third-party smart contract for several AMM models where critical systems to receive governance tokens components core to the protocol’s relating to those systems–a process ongoing or future functionality are not known as “liquidity mining.” AMM decentralized (e.g. backend servers systems sometimes also reward LPs with or unilateral control of a governance governance tokens relating to that AMM token allowing material operational system itself. Thus, LPs are potentially triple-incentivized to provide liquidity to changes by a single group or group AMM pools–by trading fees from the pool, of affiliates), the risks attendant with by third-party governance tokens and other entities and platforms that we by the AMM’s own governance tokens. Is regulate under the securities laws liquidity-providing to an AMM pool an often are resurgent, and in those investment contract under Howey? cases, they fit squarely within the existing framework of securities laws. LEE SCHNEIDER: No, it is an order type that results in trades, with the Grokster can be distinguished share of trading fees being equivalent on the grounds that there, the court to maker-taker fees or payment for focused much attention on the fact order flow. that the arguable core functionality and practical reality of the platform LEWIS COHEN: I agree - not was illicit activity, and that the investment contracts. However, if operators knew about such activity a court were to take the position 8
(wrongly!) that the specific tokens altering data. were “securities,” identifiable U.S. persons in a liquidity pool would run PART THREE a risk of being unregistered broker- dealers. Should the developer of a website that does no more than serve as a non- Are LP tokens representing positions in exclusive interface to a blockchain DeFi AMM pools investment contracts under protocol require anti-money laundering/ Howey? know your customer (“AML/KYC”) compliance? What if the website cannot LEE SCHNEIDER: No, they are interface with the protocol without being claim-checks for the assets placed in paired on the user side with a third-party wallet software under the user’s control? the pool. OLTA ANDONI: Although we tend LEWIS COHEN: I agree with Lee, to lump AML/KYC together for DeFi inasmuch as an “investment contract” protocols, I would emphasize AML necessarily involves a legal relationship for DeFi protocols. If the developer between two or more persons and does no more than serve as a non- an LP token does not create such a exclusive interface to a blockchain, relationship. This said, someone could I would not impose AML/KYC create an investment contract by requirements. But a different scenario marketing LP tokens as the object of may be applicable when a protocol the scheme (similar to ML’s marketing operates via third-party wallet software of certificates of deposit in Gary under the user’s control. Plastic). Is there a credible argument that liquidity LEE SCHNEIDER: There are pools are investment companies under several problems here, most the Investment Company Act of 1940? prominently the problem that many different asset types trade in LEE SCHNEIDER: No, because DeFi protocols, and AML laws are there is insufficient pooling of assets bleeding into general commerce (my assets get traded when an order rather than their traditional purview matches with them) and because there of financial instruments. This is no is no investment adviser. small issue and reflects a major policy shift that has not been justified or LEWIS COHEN: Not sure I agree gained broad support other than at the here. If a court found that the Financial Action Task Force (“FATF”). On digital assets in a Liquidity Pool were the question of “should” the developer “securities” then that pool could well be require AML/KYC compliance, that is considered an “investment company” up to the developer. If the question in the same way that a segregated is whether there is an existing account could be an “investment requirement that they do so, that company”. depends on the activities that can be accomplished through the website Is there a credible argument that LPs are and the compensation, if any, the securities market-makers, brokers, dealers developer receives. or underwriters under the securities laws? COLLINS BELTON: Absent LEE SCHNEIDER: It depends on additional activity, merely providing whether there is a single point of a non-exclusive interface to an failure, single source of truth and single existing protocol should not require authority capable of, or responsible for, KYC under a consumer due diligence effecting transactions and recording or (“CDD”), as such activity should not be 9
treated as being engaged in a money pointed out (including Gabe Shapiro, service business or otherwise trigger if I recall correctly), it is difficult to the provisions of a Bank Secrecy envision imposing affirmative content Act (“BSA”) by making such provider requirements on software developers, a financial institution. On the side especially in the case of open-source of sanctions/AML, imposing such software which could be replicated and requirements is not aligned with the deployed from anywhere in the world. intent or text of existing law, but unlike the KYC/CDD arguments under the Nonetheless, for the policy reasons BSA, I believe that Lee’s perspective noted, it stands to reason that an is right, and that the reach of AML/ AML/KYC touchpoint be required sanctions is now well beyond its somewhere along the line, and a original intent or text. As such, while logical starting point might be to I have a normative position on AML/ impose obligations on DeFi users at sanctions, I believe many policymakers scale, requiring that they have their in the U.S. and outside of the U.S. identity validated by a qualified believe existing law does require such third party in order to participate checks, and regulators operate under in DeFi transactions involving value this guise many times. transfers exceeding a particular threshold of value, and to prohibit LEWIS COHEN: The answer may users of scale from transacting through change if you are hosting a website protocols, or pools within protocols, front-end to the protocol and profiting involving participation of non-validated economically by doing so. participants. This need not entail fully “permissioned” DeFi but rather could DAVID ADLERSTEIN: Let’s entail portable proof of digital identity just come out and state the (not unlike a digital vaccination card fundamental policy issue at the associated with a wallet, perhaps root of this question – specifically, even in the form of a non-fungible currently operational DeFi protocols token (“NFT”)) or integration with are enabling large transactions wallet software featuring a mandatory between pseudonymous KYC integration, and could lead to counterparties, which may include a situation where most users “vote bad actors such as Office of Foreign with their feet” and transact through Assets Control (“OFAC”)-sanctioned protocols that make allowance for this persons and criminal organizations. type of functionality. Practically, this More sophisticated bad actors can be would not prevent bad actors from expected to circumvent the guarded transferring or receiving large amounts routes of regulated finance where they of value using decentralized software, can (although studies indicate that the but could facilitate enforcement by prevalence of criminal activity involving driving them into more concentrated, cryptoassets is significantly less than is darker corners. generally believed). PART FOUR Fundamentally, then, the issue is whether AML/KYC compliance— What are your predictions for legal/ acknowledging the prior points regulatory developments for DeFi in 2022 that there are distinctions between (and beyond)? AML and KYC and policy questions about when frameworks should LEE SCHNEIDER: For the U.S., appropriately apply—should be no developments from a rulemaking achieved by imposing requirements perspective in 2022. Perhaps some on website developers. As others have enforcement actions against low- 10
hanging fruit (clear situations where a regulatory issues with DeFi protocols. single authority has control and profits, At the end of the day, DeFi protocols which isn’t really DeFi). function in a centralized system which will not let go of transparency JASON GOTTLIEB: I agree that requirements for its players. we’re unlikely to see significant rulemaking from the SEC, but LEE SCHNEIDER: This question the Commodity Futures Trading presumes that securities laws are Commission (“CFTC”) may consider the only relevant ones. The focus some new guidance on certain on securities laws is too narrow issues (the 28-day rule, DAO control). because all different asset types I agree that we’re likely to see more trade on DeFi platforms, and since enforcement actions and, like Lee, the nature of the asset typically I think most of those will be against determines the applicable regulation either low-hanging fruit, or settlements (in the U.S.), focus on securities laws is with companies/developers who too narrow. are happy to pay a relatively modest settlement and walk away if they are Given the mix of asset types trading allowed to continue their business. in DeFi and the fact that that mix will The regulators are going to have great only become wider and more diverse, difficulty figuring out how to enforce the focus should be on market settlements (or even court orders) integrity principles, both for DeFi and against truly decentralized platforms. CeFi. Such principles will be easier to dictate for CeFi and pretend DeFi CHRISTINE PARKER: Agreed. (i.e., DeFi in name only) but true defi The bipartisan, bicameral letter (no single authority) will involve from the leaders of the Agriculture lots of experimentation in market Committee to the newly confirmed integrity, which is overall beneficial. Chair of the CFTC, which focused on And yield farming (liquidity mining digital assets, suggests there will under the above definition) will add be a renewed focus on the CFTC’s to the market integrity discussion and role in regulating digital assets. The experimentation because it stitches letter focused on a number of topics, together many platforms. including DeFi, indicating that this will be an area of focus for the CFTC in JASON GOTTLIEB: No, the 2022. We should expect to see some securities laws are woefully inadequate proposed guidance or advanced notice to address crypto. To begin with, there of proposed rulemaking addressing are vast pockets of crypto that do certain DeFi principals. not implicate securities law at all. The CFTC is relatively much smaller than Are U.S. securities laws suited to address the SEC, and has jurisdiction only in the risks that DeFi platforms create for matters involving futures, derivatives, users or is a new/different regulatory etc. (except for fraud in spot trading regime an inevitability? of commodities that have futures or derivatives). So the CFTC’s jurisdiction OLTA ANDONI: The current is limited as well. Financial Crimes regulatory bodies are not ready Enforcement Network (“FinCEN”), the to address and regulate DeFi. But Department of Justice (“DOJ”), states, at the same time, the creators of even consumer protection agencies DeFi protocols should address real - they all might have jurisdiction, in regulatory risks. We cannot regulate certain circumstances, but their laws/ technology, but we can minimize regulations tend not to be designed our appetite for risk. There are big for crypto either (except FinCEN, which 11
has issued more specific guidance perfect regulatory balance, especially than most of the other agencies). And for DeFi protocols. even within the securities laws, there are a host of “square peg, round hole” COLLINS BELTON: No, but there problems that the current laws and are elements of other jurisdictions that regulations do not address. the U.S. could adopt to dramatically improve our balance. For instance, CHRISTINE PARKER: This question a limited sandbox program with seems oddly narrow in scope. It should responsive participants such as be whether U.S. financial statutes Singapore’s could be helpful. But, and regulations are currently suited more importantly, fostering deeper to address the risks posed by DeFi engagement like what we’ve seen platforms and even if they are suited, with FINMA (Swiss Financial Market does it make sense to update the Supervisory Authority) or MAS regulatory regime to accommodate (Monetary Authority of Singapore) these new types of financial markets/ at various levels could drastically products? cut down on misunderstandings of technology and help them narrow DAVID ADLERSTEIN: Today at their focus, as the current scattershot least, your elderly relatives probably approach is not only ineffectual, but aren’t using metamask to buy it is failing to capture real risks while wrapped ETH through a decentralized largely preventing only good faith exchange in order to liquidity mine actors from moving forward. and yield farm. The technical UX (user experience) hurdles could help explain Do DAO governance tokens in and of why regulators haven’t acted here with themselves fall outside of SEC regulations as much alacrity as in the case of some where token holders are required to retail-oriented initial coin offerings participate? Is more needed? (ICOs). But returning to first principles, U.S. securities laws and other COLLINS BELTON: More is needed, investment-related laws are predicated and the circumstances of the tokens’ on the idea of individual freedom to distribution and tokenomics is also participate in markets, but with the material. For instance, to the extent ability to obtain information about the a DAO is dominated by one party merits and risks of an investment in or a group of affiliated parties, order to make an informed investment the perfunctory participation of decision. That policy imperative applies many other members is unlikely here too, and as Jason alludes, the to abate regulators’ concerns that key macro challenge is to protect the risks of conflicts of interest or investors without fitting disclosure information asymmetries in favor of and other regulatory requirements the majority will dominate. Similarly, into a paradigm geared towards if the participation of the minority traditional equity and debt holders is relegated to immaterial investments offered by unitary, decisions, with the decision-making centralized issuers. There is work to authority for decisions that materially do here. impact future profit expectations being relegated to a subgroup, the general Are there jurisdictions that strike the right participation of the group might not (regulatory) balance and could serve as a suffice to make such an arrangement model for the U.S.? fail to appear similar to a traditional GP-LP relationship, which would have OLTA ANDONI: No, I do not think securities law implications. So, as a there are jurisdictions that strike a general matter, mere participation by 12
a broad number of people alone won’t suffice to determine the applicability of securities laws in most cases. LEWIS COHEN: As I have noted elsewhere, I agree that large groups of people can act in a coordinated way without being security holders. The presence (or absence) of the Williamson v. Tucker factors is critical in determining whether “securities” have been created. JASON GOTTLIEB: The classic lawyer’s answer: it depends. First, I’m not sure there are protocols where holders are required to participate. But I’m not sure participation is the key difference-maker. After all, most retail holders of Apple stock don’t vote their stock either, but there’s no doubt Apple common stock is a security. We go back to Howey: did people invest money in a common enterprise with the expectation of profits from the efforts of others? If all you can do with your governance token is vote, and if the “others” that would take action are just everyone else in the DAO, it’s hard to see how governance tokens fit the Howey test. (Nor do I think they fit the Reves test, but that’s a separate issue.) So, I don’t think DAO governance tokens would automatically fall outside SEC regulations, but in my view, the governance tokens of the major decentralized protocols very clearly are not securities, and are outside the securities law. 13
ARTICLE II SPOTTING AND MANAGING LITIGATION RISK IN DEFI ROBERT SCHWINGER HARRIET JONES-FENLEIGH PARTNER PARTNER NORTON ROSE FULBRIGHT NORTON ROSE FULBRIGHT JONATHAN HAWKINS DISPUTES ASSOCIATE NORTON ROSE FULBRIGHT By the end of 2021, USD 88 billion of crypto assets alone were held in DeFi characteristics that protocols. This figure is startling given allow DeFi protocols to the real uncertainty regarding the legal solve certain problems rights and obligations of those using DeFi and smart contract protocols and the – decentralised ability to enforce them when disputes networks, automaticity, arise. The resolution by courts and and pseudonymous tribunals of disputes in the context of DeFi and smart contract protocols is still participation – also create largely uncharted territory. In this article, significant legal uncertainty. we look at some of the issues that may give rise to disputes in the DeFi context WHAT UNCERTAINTIES DO and the importance for developers and users of DeFi protocols of incorporating THESE CHARACTERISTICS mechanisms for the orderly resolution of CREATE? any disputes that do arise. The major disputes risks arising from DeFi and related technologies stem from THE CAUSES OF the following issues: UNCERTAINTY 1. What is the nature of the legal relationship between participants in DeFi protocols and applications are DeFi transactions? designed to provide certainty, and in 2. Will agreements entered into via many respects the decentralised and DeFi protocols satisfy the necessary autonomous nature of DeFi products can formalities to be considered binding offer significantly more robust systems. legal contracts? They create indelible records and 3. When disputes arise as to the terms remove certain single points of failure of an agreement entered into via DeFi that can exist in classical centralised protocols, how will a court interpret financial transactions. the agreement? However, the very 4. What remedies will be available to the 14
parties to enforce their legal rights? are found to be in partnership because 5. How will the successful party/ies of the potential for unlimited liability, enforce a court’s decision but there are many more potential areas of uncertainty arising from the relationships between the participants RELATIONSHIP BETWEEN themselves. Will they be deemed to PARTICIPANTS owe duties to one another that could give rise to tort claims if those duties Most of the time courts and arbitral were deemed to be breached? There tribunals resolve commercial disputes is a web of potential tort-like duties arising out of relationships that have between such participants as the been around for hundreds of years, platform, the developers, the cloud such as purchaser and seller, lender service providers, individual users, and borrower, or landlord and tenant. and perhaps an outside oracle. While The law has had a long time to adapt the law provides certain tests and to the nature and nuances of those guidance regarding when and where relationships. However, DeFi and it is appropriate to infer such tort-like related technologies are still relatively duties among participants in a situation novel. Our legal systems have had very where their relationship is not governed limited time to get to grips with them by a contract, there is still considerable and often there is no legal consensus scope for argument as to the yet as to who owes what duties to application of those tests, especially in whom, and in what situations. the novel landscape of DeFi protocols. Partnerships User agreements One legal risk that may arise, particularly in the context of User agreements, which sophisticated DeFi protocols, is whether define contractual all of the participants involved might be found to have formed a partnership. relationships upon entry Under New York law, this might be an into the relevant DeFi actual or de facto partnership, while system, help significantly under English law it might be a general partnership. In either case participants to minimise the risk might be held to have unlimited liability that a court imposes for the acts of other participants. The a relationship that the law has not begun to grapple with the application of partnership law to participants did not DeFi transactions, and it is conceivable foresee. that various classes of users, such as investors, tokenholders, promoters, However, they do not prevent claims miners and node operators, may be from those who are not themselves found to either comprise a single parties to the user agreements. In the partnership, or for each class to form US, third parties have based claims on separate partnerships. grounds as varied as negligence, fraud, conversion, trespass to chattels, unfair Do these relationships create legal trade practices, and racketeering. As duties? legal systems grapple with DeFi, we expect to see creative claims being We have highlighted the specific issued, as parties test the limits of the relationship risk that the participants law and platforms’ user agreements. 15
capacity their jurisdiction requires). FORMALITIES Under New York and English law, a contract with a minor is voidable at Each jurisdiction has its own the minor’s discretion. However, DeFi formalities for entering into a protocols are often pseudonymous, contract. However, agreements meaning that participants do not struck across DeFi platforms have automatically know their counterparties’ certain fundamental differences when real-world identities and consequently compared to classical contracts. These whether or not they have capacity to differences will only become starker contract. with the rise of smart legal contracts. It is not yet clear how the law will apply Multiple participants these formalities in the context of DeFi protocols or whether they will recognise Further uncertainties as to legal all such agreements as being akin to relationships arise when there are classical contracts. multiple participants involved in a transaction on a DeFi platform. Are Execution formalities there two transactional parties in a single contract with each other? Or The requirements for the formal is each of them in an independent recognition of a contract in each contract with the platform, which is jurisdiction are idiosyncratic. While the essentially operating as a middleman? requirements of some jurisdictions Or is there one three-party relationship, raise obvious issues – such as the for example if the platform is taking requirement for ‘wet ink’ signatures by a commission of some kind on a sale certain Middle Eastern jurisdictions – transaction between the other two? even more flexible jurisdictions such as New York and England have their own INTERPRETATION areas of uncertainty. The DeFi market is still in its nascent For example, the UK Law stages, and participants do not typically Commission has recently concluded use the long formal contractual its investigation into how the current documents like those that govern law of contract is able to apply to many traditional finance transactions. smart legal contracts, and flagged the When people talk informally about requirement that certain contracts, their affairs, they often speak in broad such as guarantees, must be made in generalizations and overstatements and writing. Whether a smart legal contract, sometimes use imperfect metaphors or written only in code (i.e., no natural analogies. This can lead to unwelcome language such as English) can satisfy surprises when they are found to owe this requirement is uncertain. legal obligations that do not reflect their understanding of arrangements. The Legal capacity interpretation of smart legal contracts is particularly complex, and there are A contract entered with a party different schools of thought as to how who lacks the capacity to contract is disputes over interpretation should be unenforceable. In order to determine resolved. the capacity of a party, it is necessary to know the identity of the party. For Code is law example, a mortgage lender may require a passport, to allow it to One school of thought argues determine that a borrower has reached that “code is law”, i.e. the contract is 18 years old (or whatever the age of whatever the system is programmed 16
to do, so that if the outcome of the programming does not reflect what terms and supporting participants expected, they have to commentary will emerge live with it. “Code is law” may sound appealing to some technologists or just as parties in the derivatives and others who want to be able to operate loan markets have adopted ISDA, LSTA without the risk of interference from and LMA standard documentation. the courts. However, businesspeople Those standard terms are likely to be want predictable and commercially built on early smart legal contracts reasonable results when they enter which have been subjected to the into commercial transactions. The crucible of litigation and judicial majority will not be willing to execute consideration. and perform commercial transactions involving the transfer of millions of REMEDIES dollars’ worth of value via DeFi protocols if that in practice necessitates a side Courts historically have been willing bet on whether the programmer got to intervene where enforcement of a everything right. contract would produce commercially unreasonable or outrageous results, Interpreting code such as where there has been a fraud, a commercial misunderstanding, or a Assuming that the market or our misrepresentation. It seems reasonable legal systems are unwilling to adopt to expect that courts may look to code as law, then our courts will intervene in smart legal contracts in soon be faced with the challenge of similar circumstances. What is uncertain interpreting the parties’ intentions. is how courts will use their traditional Not only may these parties never have remedies in a DeFi context. met, but they may never have engaged even in a single natural language Immutability of the distributed ledger communication. Just as transactional lawyers today may exchange mark- A fundamental characteristic of a ups of contracts with little or no distributed ledger is that transactions commentary as to the changes, or two cannot be erased. If a court determines businesses may engage in a battle of that a smart legal contract does not the forms, code-only contracts and represent what the parties agreed and amendments may be exchanged should be rectified, or that it is void for between participants in a DeFi platform. frustration or illegality, the record of Just how the court will interpret the that initial transaction is going to remain intentions of each party as against the on the ledger. A likely solution is an effect of their code is uncertain. One offsetting transaction (often referred to approach that has been suggested is as an ‘equal and opposition transaction’) for the court to adopt the interpretation cancelling out the initial transaction. that a ‘reasonable coder’ would give to However, it remains uncertain how the relevant code, but this comes with aspects of this process will work in the its own complications and uncertainties. real world. What happens if only part of the transaction is voided or rectified? Market standards What happens if assets involved in the transaction have already been transferred to an innocent third party? As the DeFi market How will a party subsequently prove develops we expect ownership for the period in between that industry-standard the two transactions? The latter may be especially complicated in the context of 17
tax liabilities. governing law and jurisdiction in their smart legal contracts. ENFORCEMENT How will the counterparty know Even if the uncertainties highlighted there’s a dispute? above regarding parties’ rights and obligations are resolved, they are not Even if a court in New York or worth much unless there is a practical London, or an arbitral tribunal, is willing mechanism by which to enforce a to hear a dispute, how will a claimant judgment or award. A recent bug in make a potential defendant aware of Compound’s code (a money market the proceedings? The pseudonymous run on Ethereum) involved a single nature of certain protocols further character error that led to the mistaken complicates the process of identifying disbursement of an estimated USD 80 the defendant. million of funds to incorrect parties. The self-executing nature of the protocol Dispute resolution mechanisms meant that there was no one person in charge, and therefore no administrator We expect that the DeFi market controls to disable at mistaken will coalesce around standard dispute distribution. resolution clauses and mechanisms as it matures. Until then, parties entering Parties should foresee that they into DeFi transactions should ensure may need to amend their transactions. that their arrangements include Even ‘fire and forget’ contracts a dispute resolution mechanism or decentralised autonomous making clear who is to resolve any organisations (DAOs) will need dispute, under what law, and how the a method by which to receive dispute will be run and the decision instructions from the outside world. implemented. DeFi transactions that do not provide a mechanism for resolving disputes KEY TAKEAWAYS generate a significant amount of uncertainty that is likely to slow the As the DeFi market grows and adoption of such technology by increasingly complicated and high- sophisticated parties. value transactions are entered into and performed via DeFi protocols, it is Jurisdiction and governing law inevitable that disputes will sometimes arise, especially given the uncertainties Identifying which court has caused by unsettled issues of law in jurisdiction to decide a dispute arising this area. Parties entering into DeFi out of a DeFi transaction and what transactions should approach smart law should be applied to do so are legal contracts with the same critical fundamental issues for smart legal eye as they would a classical contract contracts. Traditional tests used and take legal advice to ensure that to answer these questions, such their transactions are documented as the physical location where the in a way that clearly defines the legal contract was entered into, will often relationships between the parties and be unworkable in the context of a provides a mechanism for resolving decentralised system. It will take disputes and implementing the time for a body of case law to evolve, decision. and different jurisdictions may take opposing views, creating unforeseen complications. It is therefore especially important that parties specify the 18
ARTICLE III IF NFTS RULED THE WORLD: A NEW WAVE OF OWNERSHIP SAMIR PATEL ASSOCIATE HOLLAND & KNIGHT LLP In 1997, avant-garde artist David WHAT IS AN NFT? Bowie, with incredible accuracy, prophesized how the internet will An NFT is a unique digital asset that disrupt music distribution systems, utilizes blockchain technology to record erode copyright laws and revolutionize ownership of an asset and evidence fandom consumption. He hedged authenticity. Fungible tokens can be his bets by selling Bowie Bonds that substituted without losing value and securitized the royalty rights to his have properties that make them exactly songs for $55 million. It was the first the same in type. Unlike fungible tokens ever securitization of music recordings, such as Bitcoin or Ether, NFTs cannot publishing rights and privately held be traded for another identical token. intellectual property rights.1 An NFT is not a content file—it does not contain digital art or a video clip, only a Fast forward 25 years later, uniform record locator to the content, legendary hip-hop artist Nas sold a which itself has intrinsic value. Rather, non-fungible token (“NFT”) entitling the NFT is a unique cryptographic key the holder of the NFT to a percentage contained within a digital token that of a song’s streaming royalties. In a verifies the corresponding content file matter of minutes, Nas sold 1,870 NFTs as genuine and establishes a record grossing over $560,000 in revenue. of ownership as it is transferred on Unlike the Bowie Bond, no publishing a blockchain, which allows it to be nor intellectual property rights were transferred without risk of fraud. While transferred with Nas’ NFT. Consistent others may have copies of the same with blockchains’ disruptive and content, only one person can own the rebellious hubris, the NFT was sold specific token authenticating ownership not as an investment contract, but as of the content. a collectible or music memorabilia, whereas the Bowie Bond was sold Collectors of many items (antiques, pursuant to US securities laws. Just as baseball cards, art) purchase NFTs how the internet and securitization as a way to support their favorite provided a new revenue model for artists, actors, musicians, and athletes. artists, blockchain technology and NFTs Certainly, there are others that may have forged a new way for artists to purchase NFTs as speculative assets disrupt the music industry. hoping they will increase in value and be a good investment. 1 Bowie Ch-Ch-Changes the Market, CFO: the Magazine for Senior Financial Executives, Apr. 1, 1997, 1997 WL 8300101. 19
The legal and regulatory holders to receive royalties every time the song is streamed across analysis of an NFT will be streaming platforms or played on heavily influenced by how the radio, TV, movie, or video game (“Mona Lisa NFTs”). Opulous partnered it is intended to be used with investment platform Republic, and how it is marketed. a Securities Exchange Commission (“SEC”) registered crowdfunding MUSIC NFTS portal, to sell these securities to main street investors. A Delaware LLC was The single-edition NFT is the most created and given 50% of the master commonly used form of NFT in the and publishing rights to the song.5 music industry. One NFT is associated The LLC then conducted a Reg CF with one song. Much like its digital offering, which provides an exemption image kin, music NFTs do not convey from the registration requirements economic nor intellectual property for securities-based crowdfunding, rights to the NFT holder, unless allowing companies to offer and sell up specified. Under U.S. copyright law, the to $5 million of their securities without artist, by default, owns the copyright to having to register the offering with the their work. All the NFT does is simply SEC. point to a file’s, video’s or image’s web location. Catalog is the primary BOWIE BONDS market-place for single edition music NFTs. Artists using Catalog earn seven Applying the basic securitization times more from NFT sales than one structure to Bowie Bonds, David year’s worth of streams on Spotify.2 Bowie’s assets are a twenty-five-album One artist made $226,800 using catalogue—roughly 300 songs— Catalog compared to $178 on Spotify.3 of Bowie’s recordings and song On the Catalog FAQ page, under “What copyrights. The two main sources do I receive when I buy a record?” it of revenue were recording royalties reads “[b]esides being a priceless piece and publishing revenues. Since David of art, buying a record on Catalog is Bowie actually owns his own record the biggest cosign another artist can masters, all record royalties go to give, the most immediate patronage a him. As for publishing revenues, there fan can offer, and a key to anything the are mechanical royalties, synchronic creator (or anyone else) might provide usage (e.g. films, commercials), sheet for its holder. No rights are included music, air play, Muzak, voice mail, live with Catalog records unless otherwise performances and tours by Bowie. EMI specified.”4 Music entered into a 15-year licensing deal for Bowie’s songs. The licensing In contrast, Opulous is a deal was the collateral put up for the marketplace that sells music NFTs investor, Prudential Insurance. that are securities and sold pursuant to Regulation Crowdfunding (“Reg NAS NFT CF”) of the Securities Act of 1933 (“Securities Act”). Unlike NFTs on Royal.io, is a platform that allows Catalog, Opulous sold NFTs entitling music fans to purchase the right to earn royalties from their favorite songs. 2 https://twitter.com/Cooopahtroopa/ In November 2021, Royal announced status/1489327698430234625 3 Id 5 Mona Lisa LLC – cite to EDGAR https:// 4 https://www.notion.so/Catalog-FAQ-98ee8509 musically.com/2021/11/05/lil-pump-soulja-boy-music- 2bad441daa1ee9426daa4be8 nft-populous/ 20
Tier Royalty Amount Purchase Price Diamond 1.5789% $9,999 Platinum 0.0658% $499 Gold 0.0113% $99 a $55M Series A round that included chooses to play a specific song on a Nas as an investor. In January of 2022, streaming service, thus reproducing using NFTs, Nas sold 50% of his royalty (or rebroadcasting) the composition. rights to Rare (“Rares”) — a single Public performance royalties song from his 2022 Grammy Award- compensate masters owners when nominated album, King’s Disease II. the song is performed or displayed The royalty rights were limited to only publicly. Every time a composition streaming royalties derived from digital is publicly performed, the rights service providers, as such term is owners get paid — whether it’s a radio commonly used in the music industry broadcast, performed live at a concert (ex. Spotify, Apple, Music, Youtube or a digital stream. Synchronization Music). The royalties are divided into license fees are generated when three tiers with each tier having a a derivative work based on the different royalty amount and purchase composition is created. In essence, price. every time someone wants to use the composition as a part of any other type Unlike NFTs on Opulous, Rares of content, whether it’s a TV show, a convey no publishing rights nor movie, an ad or a radio show, masters royalties when the song is played on owners are financially compensated. the radio, TV, movie, or video game. That process is generally known as sync licensing and is more a bespoke UNDERSTANDING MUSIC contractual arrangement than the first ROYALTIES two royalty streams. A master recording is the official MUSIC NFTS ARE original recording of a song, sound SECURITIES? or performance. Also referred to as “masters”, it is the source from which The Howey Test is the standard all the later copies are made. As an to determine whether a financial artist, owning the master recording instrument is an investment contract, gives them the legal rights to freely and is therefore subject to SEC appropriate and maximize their regulation. This is a three-part test in money-making opportunities. If the which the Supreme Court determined master recording belongs to a record that an investment contract exists label, then they have the right to when there is (1) an investment of license out the recording (and collect money; (2) in a common enterprise; the royalties). (3) with a reasonable expectation of profit derived from the entrepreneurial Mechanical royalties compensate or managerial efforts of others. If an the masters owner for the asset does not meet all three prongs, reproduction of the composition, it is not an investment contract, and paid by third-parties that want to not a security. Importantly, the SEC record, manufacture, and distribute has stated that neither bitcoin nor the musical work. With digital service ether are securities under the Howey providers, mechanicals are primarily test, but also specified that whether generated whenever the user a digital asset is an investment 21
You can also read