CTA: “In these threads, we attempt to further the discussion of a key problem in this category and evolve our understanding of the domain space where research work has not yet answered the specific problem or question being considered. These posts are living documents, and it is our hope that the community will continue to contribute to their structure and content.”
Background
Meta-Trust: While blockchains theoretically create a trustless environment to transact in, an application connected to the blockchain (such as a non-fungible token or NFT) can involve another layer of trust beyond the blockchain: whether an application represents what it purports to. This concept is called meta-trust. Beyond the implications for decentralized applications (Dapps), meta-trust raises the question of legal jurisdiction. How will blockchains interact within the legal system to give users the confidence to put their “meta-trust” into the technology?
Decentralized Applications (Dapps): A genuinely decentralized application fits the following four criteria according to David Johnston: (1) it is fully open-source and it “operates autonomously” with “no entity controlling the majority of its tokens” while changes to the protocol are “decided by consensus of its users.” (2) The “application’s data and records of operation are cryptographically stored in a decentralized public blockchain in order to avoid any central points of failure.” (3) The application “uses a cryptographic token […] necessary for access to the application and any contribution of value […] should be rewarded in the application’s tokens”. Finally, (4) it must “generate tokens according to a standard cryptographic algorithm acting as a proof of the value nodes are contributing to the application”.
Code is Law: A quote originating from Lawrence Lessig’s book Code and Other Laws of Cyberspace (1999) that was adopted by the Ethereum community as a representation of the ethical framework that the code underlying a smart contract represents a legally binding contract between the parties utilizing a smart contract to come to terms of agreement or settlement.
Trustless Trust: A theoretical framework in which the need to trust a single individual to verify or validate a given unit of information is removed.
Cryptokitties: A game created by Dapper Labs, and built on the Ethereum blockchain, which claimed to give players ownership over virtual “cryptokitties” that they could collect, breed, and sell.
Key Problem / Topic Area
Many Dapps have captured the public’s attention under the guise of being blockchain- or smart contract-based projects, only to be exposed as only tangentially using those technologies, if at all. One example is Cryptokitties, a game that claimed to be a “distributed application” giving its users the capacity to create and sell digital cats while being “secure in the knowledge that the blockchain [would] track ownership securely,” as its advertising explicitly stated.
In Cryptokittes’ Terms of Service agreement, “Dapper Labs, Inc”’ (the company which created Cryptokitties) was given the right to collect 3.75% of each transaction’s total value. By articulating a third-party arbitration agreement, Dapper Labs effectively centralized the legal mechanism that dictates terms of operation on the Cryptokitties app. They claimed ownership was decentralized on the application, but in reality, ownership was bound by a legal agreement that was rooted in a centralized legal system.
The author argues that presenting an application as “trustless” because it was built on a decentralized layer could be a deceptive practice when there is also a contract establishing a third-party arbiter. The application intentionally conflates the network layer, application layer, and legal protections provided by the terms of service governing the platform.
According to the author, this type of deceptive marketing targeted individuals who were looking to participate in what they believed to be “decentralized applications.” Their misleading implementations of blockchain technology were intended to attract venture capital and presented little or no novelty for their users who were effectively entering contracts under false pretenses. This presents an ethical quandary: Is it “deceptive” if a contract involving a third-party dictates the terms of use of a “trustless” application layer?
Specific Question or Problem Statement
The recent Equifax and Office of Personnel Management hacks stand out as representative of a problem with large-scale data repositories: centralized systems create compelling incentives for attackers to target them, given the troves of sensitive information they might contain.
Blockchain’s distributed ledger removes single repository risk, effectively mitigating one of the most significant risks associated with data management. Smart contracts can also allow legal trades that would not otherwise occur due to many variables, including a lack of counterparty trust. The author labels the intersection of trust in the viability of technology and trust in the law’s capacity to protect that technology as “meta-trust” under the premise that blockchain technology has not yet achieved the legal protections to attain enough meta-trust to gain mainstream adoption.
Are the legal ramifications of a decentralized smart contract congruent with the legal protections and, by proxy, the perception of those protections, provided to parties entering a smart contract (asks Ducuing)?
Approach / Methodology
Ducuing analyzes the Cryptokitties app and the subsequent fallout to determine whether the balance of information between users and developers undermined their proposed “trustless” execution. She analyzed terms of service agreements associated with the most widely-used token-based collectibles at the time of her research relative to the most broadly applicable legal frameworks those applications were operating under. She did not attempt to audit websites or terms of service.
Conclusions / Key Takeaways
Ducuing calls for co-regulation between blockchain developers and governments. Creating a legal framework that would define intellectual property rights within the blockchain space would clarify much of the legal gray area between decentralized ownership and local government. It is unclear whether Ducuing’s definition of trustless execution is intentionally conflated with decentralization or her definition was a conflation of concepts within the cryptocurrency/blockchain lexicon.
CTA: Future Work / RFP
In this context, learning the source of definitions and frameworks (such as Ducuing’s use of “decentralization”) that dominate perceptions about the blockchain among users would be of value. Assessing how academics and enthusiasts discover information concerning advancements in the blockchain space could provide important perspective. For example, if their information comes from informal sources such as social media or forums, it would be helpful to determine the ratio of time spent learning from informal sources to the time spent learning in formal venues.
Another avenue would be looking at the general terms of service agreements associated with websites that issue NFTs to assess whether their claims about ownership of an NFT are congruent with the legal enforcement of ownership within the seller and purchaser’s jurisdictions.