Code [will be] Law - Unqualified Opinions #17

reacting to chilling comments from a CFTC commissioner


  • Important if unofficial comments from the CFTC that we need to push back on as an industry. Namely, that smart contract developers could be held accountable for publishing code that is misused for unregistered / illegal exchange, prediction markets or derivatives. There’s legal precedent that protects developers from this overreach, and the “engage or else” insinuation should be strongly challenged. This is different from centralized exchanges pushing back on regulation. Code is protected speech, and the courts have ruled as much.

Code [will be] Law - Unqualified Opinions #17

(seven minute read, but worth it)

CFTC Commissioner Brian Quintenz spoke at a tech event in Dubai on Tuesday, and offered some interesting, cogent, and (in part) alarming comments on crypto.

I always find it interesting to read the prepared remarks from the CFTC and SEC folks in particular because they tend to be - contrary to the perception of some - extremely thoughtful, nuanced, and level-headed. Even when I disagree with the conclusions.

Which I do - strongly - in this particular case.

This is important, y’all, so pay attention.

Sometimes, important stuff can’t be so easily condensed, so what follows is a seven minute read that I think is worth your time, because the CFTC’s “just spitballing here" conclusions are chilling.

The disclaimer:

Quintenz opens with the standard disclaimer...

“The views I express today are my own and do not represent the views of the Commission. For those of you not familiar with the Commission’s mission, the CFTC is responsible for regulating the derivatives markets in the U.S. As such, we have oversight authority over the futures and swaps market, including derivatives on commodity cryptocurrencies.”

[This is CYA language. These speeches don’t get prepared and delivered without a great deal of internal input and research.]

The set-up:

There’s an interesting tidbit to open that shows how thoughtful Quintenz is with respect to the tricky transition his agency must make as it moves to grapple with decentralized technologies. He talks about visiting a digital art exhibit:

"An artist group called teamLab created a digital art piece presented through a video screen that evoked a living, moving water pond. Art by Algorithm, Saeb and I thought. Or was it? Could an algorithm actually be considered art? How easily could it be copied and reproduced, with or without the artists’ permission? What is it exactly that a purchaser owns – a computer program? As I looked at the piece, it was unquestionably artistic, but was it artwork?

We are living during a period of large-scale technological advancement and adoption. These developments are challenging our current beliefs, as well as our current constructs. Just as my discussion with Saeb reflected the potential transition of artwork from the physical to the algorithmic, so too are discussions in financial markets and regulatory spheres reflecting a transition from the intermediated to the distributed, dis-intermediated environment of the internet-based blockchain world. How can our regulatory apparatus, built to register and oversee intermediaries, adequately police our markets and set standards for a disintermediated market?

[So far so good.]

The worrisome transition:

Then Quintenz hits the typical regulatory pivot: “it’s unclear how to handle this new tech / asset, so we assume jurisdiction.” This is why eight national regulatory bodies and all the states are planting a flag to regulate crypto. Ostensibly, to save us.

"A particular area of interest to me is how regulators apply existing legal paradigms to novel technologies not contemplated when those laws were adopted...[The current] supervisory framework is not applicable in the disintermediated world of blockchain, which raises several complex legal and policy issues...[W]ho is responsible for ensuring that activity on the blockchain complies with the law."

["I’m from the government, and I’m here to help."]

The definitions:

If you read the remarks, these guys aren’t taking sloppy shortcuts. They grok the challenges of crypto.

Quintenz defines core developers as “those who write the foundational open-source software underlying the public blockchain.” They don’t play an active role in managing the blockchain, but "retain some responsibility for its ongoing operability.”

He notes that some blockchains integrate smart contracts on chain. A smart contract is "self-enforcing – meaning the software can execute the terms of the contract without additional input from the parties.” They are "almost limitless in their applicability, including for things that "more closely resemble traditional financial products.” Things like prediction markets could present regulatory issues where activity looks like investment advice, or "given the anonymity of the predictions, could be used nefariously for insider trading."

“There are innumerable types of smart contracts on the blockchain, many of which operate entirely outside of the CFTC’s jurisdiction. But, what steps should the CFTC take if it learns of a smart contract protocol that may implicate its regulations?”

[Uh oh.]

The regulatory action thought process:

I can’t condense this. You have to read it and appreciate the logic of the CFTC according to their interpretation of the letter of the law and the agency’s mandate:

“The first step in the analysis is defining the basic nature of the contract. Is it a contract for sale or a rental agreement? Or, does it have the essential characteristics of a swap, future or option? If so, is the product accessible by U.S. persons? If the contract is a product within the CFTC’s jurisdiction, then regardless of whether it is executed via a written ISDA confirmation or software code, it is subject to CFTC regulation.

If the smart contract is within the CFTC’s jurisdiction, then the next question becomes, is the method by which it is being transacted on the blockchain compliant with CFTC regulations? If the contract is a swap, is it being offered to retail participants? Is it a product that must be traded on an exchange? Does the protocol itself perform exchange-like functions by facilitating trading, thereby potentially implicating registration requirements? These are all open questions that the CFTC must consider and resolve as smart contracts proliferate.

Now, let’s assume the CFTC has answered all of these questions for a particular smart contract it is examining. Let’s say the hypothetical product at issue is within our jurisdiction, but is not being executed in a manner compliant with CFTC rules. Who should be held responsible for this activity? How should the CFTC enforce its regulations against a software code, rather than a registered intermediary or an exchange? The answers to these questions are still being contemplated, but I have a few thoughts of my own that I would like to share and on which I would welcome feedback and discussion.

Let’s apply the general analytical framework I’ve described to “prediction markets.” In this hypothetical, after performing a facts and circumstances analysis, the CFTC has determined that the smart contracts executed on the blockchain are binary options, which are within the CFTC’s jurisdiction. Binary options are a type of option whose payoff is either a fixed amount or zero. For example, there could be a binary option that pays $100 if the price of gold is above $1,200 per ounce on a specified date and zero otherwise.

Moreover, the contracts in our scenario likely qualify as event contracts that are based upon the occurrence or non-occurrence of an event (as opposed to a price of a commodity). Event contracts have a unique spot in CFTC jurisprudence because of the public policy concerns they raise. For example, event contracts based upon war, terrorism, assassination, or other similar incidents may be contrary to the public interest – in which case, the CFTC can prohibit an exchange from offering the contract. Because of these concerns, as noted above, the CFTC has historically only authorized off-exchange trading in event contracts in limited circumstances, on specific types of events, for academic purposes, and with strict limits on the amounts retail customers can invest.

Therefore, the particular fact pattern described above – event contracts, executed in a potentially for-profit manner, between retail customers, on any conceivable event, for any sum of money – raises multiple CFTC regulatory concerns.

But who should be held accountable for this activity?”

[I think you can see where this is heading.]

The ugly conclusion:

Quintenz rules out the developers of blockchain platform code (e.g. ethereum core) who "had no involvement in the development of the [specific] smart contract code.” He also rules out miners who "are not in a position to know and assess the legality of each particular application on the blockchain.” So he concludes only the specific smart contract code developers and users of those contracts could be held accountable for illegal activity. He disputes the counter-argument that developers have "no control over whether and how users choose to use it once it is part of the public domain."

"In my view, this analysis misses the mark. Instead, I think the appropriate question is whether these code developers could reasonably foresee, at the time they created the code, that it would likely be used by U.S. persons in a manner violative of CFTC regulations. In this particular hypothetical, the code was specifically designed to enable the precise type of activity regulated by the CFTC, and no effort was made to preclude its availability to U.S. persons. Under these facts, I think a strong case could be made that the code developers aided and abetted violations of CFTC regulations. As such, the CFTC could prosecute those individuals for wrongdoing."

[Screw that. No. This is where we’re going to have a fight, Brian. There are still a few ethical/regulatory hills to die on in crypto. And this is one of them.]

The "obey me or else" ultimatum:

Quintenz leaves the door open for engagement, but does so in a way that would require developers to "engage with CFTC staff to see if there is way the code’s product can comply with CFTC regulations.” A great way to regulate if you want the U.S. to lose its early lead in crypto.

He allows that "it may be that new products require the Commission to rethink its existing regulations or provide regulatory relief – both courses of action that I think would be appropriate depending upon the technology in question,” and points to the LabCFTC’s work in its 200+ meetings with FinTech start-ups this past year to "better understand their views and innovations."

"I would much rather pursue engagement than enforcement – but in the absence of engagement, enforcement is our only option….I have heard some say that “the code is law,” meaning that if the software code permits it, an action is allowed. I disagree with this fundamental premise. Case law, statutes, and regulations are the law."

The path forward:

The best laid plans…ugh, I don’t have the energy for this.

These comments are almost certainly a mere market test. ("What’s the reaction going to be here to these unofficial trial balloon comments, and this specific hypothetical? And our embedded conclusions and warnings?")

But I hope the industry’s answer to this test is swift and decisive: code is and should remain protected speech, for which there’s plenty of legal precedent.

The courts have already ruled as much in Bernstein v U.S. where UC Berkeley cryptographer Daniel Bernstein sued (and won, with the support of the EFF) in 1995 to publish a paper and associated source code with his encryption software, which the U.S. government had fought on the grounds it was an export of “illegal munitions.” Earlier this year, that decision was reinforced somewhat when Cody Wilson and Defense Distributed (hardly a cuddly protagonist) won a settlement with the State Department in which State essentially conceded defeat and paid DD’s legal fees, allowing the company to publish its code for 3-D printed guns.

If code for actual munitions is protected speech, then prediction markets on cryptokitty offspring should probably be safe from overreach as well. And the developers that are tinkering with new software shouldn’t be intimidated into withholding releases or moving to friendlier jurisdictions.

This isn’t to say we shouldn’t engage with regulators, or that we as an industry shouldn’t attempt to weed out fraudsters, money launderers, and exploiters.

We should.

But conversations that start with “engage with us or else” are not good faith openings, even when they are unofficial. And when those opening salvos also rest on weak legal foundations, they must be slapped down.



P.S. Thank god we have Coin Center and the Blockchain Association. Donate.

P.P.S. Smash those share and subscribe buttons, and spread the love. Tweet at [me: hyperlink this] or Messari for feedback, comments, or (more?) questions.

News & Analyses

Messari Compression Algorithm

Content and thoughts from around the web as summarized by the Messari team.

💰 [Analysis] How to think about crypto investing, for institutional investors – Scott Kupor

Institutional investors should think about investing in crypto assets the same way they think about asset diversification across listed and private assets. For institutional managers, there should be little difference between how they invest in other domain-specific subsets of VC such as life sciences and how they invest in crypto. They should first figure out their allocations to venture more generally, and then decide whether they want exposure to crypto as a subset of that VC allocation. Buying publicly trading cryptos ignores the fast-developing private market, as well as the risks of investing in liquid assets without the info available to crypto’s active managers. (Messari | Source)

🧠 [Analysis] Statistical fallacy behind Lindy Effect – Qiao Wang

The Lindy Effect states that future life expectancy is proportional to current age. However, this is because, in the absence of all information except for current age, the best estimator for future life expectancy is the current age. The more relevant information acquired, the less relevant the Lindy Effect, thus making it a trivial heuristic. Additionally, another factor that undermines the usefulness of the Lindy Effect is how closely linked it is to the survivorship bias. (Messari | Source)

Quick Bits (Don't read that, I read it for you)

Choke Points (Exchange News)

  • 💱 Bitbox, the crypto exchange launched by Japanese messaging giant LINE, announced that it is listing its own token, LINK, for trading, joining bitcoin ($BTC), ether ($ETH), and tether ($USDT). (Messari | Source)

  • 💰 Bitfinex announced an improved fiat deposit system that will allow know-your-customer (KYC) compliant customers to initiate deposits in USD, GBP, JPY, and EUR on Tuesday. This comes after last week's news of Bitfinex halting fiat deposits and rumors of insolvency, which it denied in a blog post. “We believe this system to be significantly more durable in the face of sustained attacks by our competition and their supporters,” Bitfinex wrote. (Messari | Source)

  • 💵 BitPay introduces stable coin settlements in Gemini dollars and Circle USD coin. (Messari | Source)

  • 📈 The Winklevoss-backed Gemini ($GUSD) stablecoin saw its price hit an all-time high of $1.19 on Tuesday. This comes a day after tether ($USDT) fell to an 18-month low of $0.87. (Messari | Source)

Startup Signals (ICOs, Cryptos, and Startups)

  • 👐 Decred is turning its entire $21 million crypto treasury over to investors. Decred's Politeia software, which went live on Tuesday, combines proof-of-work and proof-of-stake consensus by allowing DCR token holders to vote on Politeia proposals. In short, Politeia gives holders of the cryptocurrency a way to exercise control over every aspect of the project, meaning it puts the Decred treasury in their hands. (Messari | Source)

  • 🏆 Ethereum announces finalists of Wave III of Ethereum Foundation Grants. he 16 finalist projects fell under five different categories: scalability, security, usability, education, and hackternships, with grants ranging from $10,000 to $4 million. (Messari | Source)

  • 📲Coinbase adds 0x to website and app. Trading will be available for customers in most jurisdictions, but will not initially be available for residents of the United Kingdom or the state of New York. (Messari | Source)

The Powers That Be (Legal/Reg/Policy)

  • 🤝 Intercontinental Exchange’s (ICE) Bakkt and ErisX, a Chicago-based firm, are building out their teams by making big hires. Former Coinbase VP Adam White recently joined Bakkt as COO, as did Brian Cooper, a 10-year ICE veteran, as director of operations, and financial sales representative Laura Edelman, who will be working on the futures product. ErisX recruited CME Group veteran Kelly Brown as chief commercial officer; Liz James as head of clearing; and former ScotiaBank director Michael Piracci as senior counsel. (Messari | Source)

    Did I miss something?

Send me the link, your twitter handle and your best imitation compression algorithm write up. If I like it, I’ll include your bit next issue (with attribution).

Community Updates

Podcast Recap

 ICYMI, KWu’s latest and greatest Messari podcast #9 is an interview with Tony Sheng on his writing process. The week before, KWu was on the ground at Crypto Springs taking names and doing interviews in #8.

Listen to 1 (or all 9) on Apple Podcasts here, Spotify here, and Google play here. Happy learning!

Shameless Plugs

We want your feedback!

We know Messari can feel like a couple different products right now, and we're working to unify our features into one overarching whole. To that end, We’ve made a Trello board to take in any and all of the feedback you have for us! Have at it 

We're Hiring:

  • We’re looking for engineers who want to bring transparency to crypto!

    Join a fast growing team in NYC; work with crypto OGs, and former Bloomberg/Palantir engineers; and access a network that will set you up for the rest of your career. Apply here!

Upcoming Travel:

  • Hit us up in these locations:

    • Money 20/20, Las Vegas, October 21-24th.

    • DevCon, Prague, Czech Republic, October 30–November 2, 2018.

Join Our Community:

  • If you are interested in helping us crowdsource token project details, or want to join our community to share your expertise, wed love to have you on board! Take a second to fill out an application and we will get back to you soon.

  • Going forward, we’ll be capping new members at 15 each week to keep things running smoothly. If you haven’t heard back, you are probably in the queue.

    Like what you read? Share it! Hate what you read? Let me know @MessariCrypto.

    Subscribe now