Month: October 2023

NOTE: this is the first post in a six-part series:

1. AI Breaks the World, Crypto Fixes It;
2. AI Breaks The World, Crypto Fixes it, Part II: the “AI Misinformation” problem can be completely solved by cryptocurrency-based “proof of human”; 
3. AI Breaks the World, Crypto Fixes It, Part III: How Crypto Can Solve the Joe Biden AI Deepfake Problem;
4. AI Breaks the World, Crypto Fixes It, Part IV: The Great Zoom Robbery; and
5. AI Breaks the World, Crypto Fixes It, Part V: OnlyFakes Requires New Forms of “Proof of Human.”
6. AI Breaks the World, Crypto Fixes It, Part VI: Hacking the 2024 Election

As the next crypto bull market appears to be gathering steam, I am occasionally asked what my long-term thesis on crypto is, and how that thesis has changed since 2014.

Most lawyers don’t especially need a market thesis. If you ask a litigator, “what’s your thesis?” The response will be “people will fight, and I will bill a zillion hours.” Outside GCs and tech contracts guys such as myself are expected to be a little more opinionated. Where traders are tasked with predicting the future of prices, or VCs are tasked with predicting which companies or protocols will be winners, commercial legal advisors have to guide entrepreneurs straight through the middle of Scylla and Charybdis so that they can succeed despite the fact that the rules will likely iterate several more times, in several different places, between the date the advice is given and the date it finally becomes irrelevant. Having a thesis is table stakes for this sort of work.

One common, and incorrect, refrain I often hear – several times a week – is that you can’t found a crypto company in the U.S. and that you should instead set up as a BVI or Cayman foundation or something like that. This is, generally speaking, not correct. US laws around securities and commodities are rather agnostic as to where you set up a corporation; what they care about is where your users are, the locations of the subject matter of the transactions your startup might facilitate. If you want to sell tokens that the SEC considers securities, for example, you could rent office space in a building across the street from the SEC’s by Union Station and print ICOs all day long, just as long as you aren’t selling those tokens to Americans, and were correctly availing yourself of the appropriate safe harbors.

Put differently, our regulators are so awful that people avoid the country even though they don’t have to, and the degree to which our regulators are awful communicates to these entrepreneurs that being incorporated in America is regarded as a reputational black mark and long term business risk. This is pretty much conventional wisdom among the crypto bar at this point. Questions where practitioners tend to disagree a little more concern (1) why our regulators are so hostile, and (2) whether our regulators will continue to be hostile in the future.

The answer to (1) is actually pretty easy, as long as you’re willing to talk turkey and be unafraid of offending people. Put simply, it’s entirely political. The United States was once a free country which as recently as 1905 took less than 5% of gross national income in government tax receipts. Now, its government is a bloated, heavily-indebted, Soviet Union-sized monster, constituting more than half of national economic life, run by a bunch of borderline Marxists (which designation includes most Republicans and Democrats) (a) who have done very well shuffling paper for a living for the last 10-30 years, (b) who don’t understand technology and (c) who stand to be made obsolete by it.

These folks are currently dominant in the universities, civil service, and upper echelons of the white collar professions. Exhibit A, ticking all of these boxes: Elizabeth Warren, who is also not at all coincidentally leading the charge against crypto on the Hill. Technology is a threat to these people’s way of life, a way of life which will almost certainly end in our lifetimes. Since these folks, being in power, are also in a great position to throw wrenches in the works and slow everything down, that’s what they choose to do.

The answer to (2) is rather more speculative, but I have seen enough to be more certain than not that I’m within striking distance of what will be the eventual outcome of the great crypto experiment. My thesis is that AI is going to demonstrate crypto’s necessity and drive adoption as quickly as AI proliferates. The faster AI’s takeoff, the faster crypto’s takeoff will also be.

Critics frequently harp on the fact that cryptocurrency does not yet have product-market fit, and/or that the Securities Act of 1933 is the right long-term regulatory regime for the asset class. In 2014 this view, which I also held at that time, was correct. Today, if we assume the world will cease to exist tomorrow, it is probably also correct.

To the extent those critics are currently right based on present technology levels, it is unlikely that they will be right for much longer. Artificial intelligence is the reason why.

We are already at a point where machines and software are so advanced, so capable of portraying human voices, faces, and emotions, that, among other things, soon we will not even be able to trust our eyes when having video calls with our own loved ones or speeches from our leaders, due to so-called “deepfakes.” This is a world where authentication, metering interaction with irrevocable digital cash (a la charging for receipt of e-mail like Balaji Srinivasan’s startup 21 tried five years ago), “proof of human,” and, in particular, strong cryptography, will become exceedingly important.

One thing the machines can’t do, and won’t be able to do for the foreseeable future, is bruteforce private keys. Which is where crypto comes in. We will soon be inundated by the endless shitposting of an army of infinite generative AI models trying to wend their way into our inboxes, our feeds, our head-space. Proving who the humans are and only letting them through if they prove they’re human – or pay a price – is the only way we’ll be able to filter the spam.

If it were true that in 2009 nobody needed the double-spending problem fixed, or that in 2014 nobody needed cryptographically secure state machines with money to execute contractual obligations, or that today anyone needs their transactions encrypted and hidden from AI-powered surveillance bots run by criminals or foreign threat actors, by 2029, it is entirely possible, even probable, that everyone will.

These are functions that no stock, nor bond, nor evidence of indebtedness, nor any investment contract has ever performed, but are ones at which cryptocurrencies of various kinds routinely excel. Regulators will eventually come to realize this of their own accord or because market forces compel them to.

So that’s my thesis. Crypto didn’t have product-market fit in the past for most people because the technology for which most people will actually need cryptocurrency, practical AI, didn’t exist until this year. AI drives the price of creating distraction to zero, which will drive the amount of available distraction to infinity. The more AI the world has, the more crypto it will need to keep it at bay and put a price on – and defensive wall around – the most precious and irreplaceable resource of all: our time.

Image credit Patrick Blumenthal.

Volume VII of the International Journal of Blockchain Law (IJBL) is now live, and an article I wrote is in it!

The IJBL is published by the Global Blockchain Business Council (GBBC).  IJBL is written and edited entirely by lawyers, and designed to help interested legal, business and non-legal communities better understand the regulatory world of blockchain and digital asset tech.

Volume VII explores the evolution of UK’s pioneering cryptocurrency regulation since 2009, in which I argue that the UK is charting a more fruitful regulatory course than the United States. Other articles cover the Southern District of New York’s recent rulings around token issuances and sales, the General Division of the Singapore High Court’s stance on cryptocurrency in insolvency contexts, and an analysis of International Organization of Securities Commissions (IOSCO)’s DeFi Consultation Report. 

Check it out for free here: https://gbbcouncil.org/wp-content/uploads/2023/10/International-Journal-of-Blockchain-Law-Volume-VII.pdf

This is the longer version of a shorter note posted on Brown Rudnick’s website.

Most consumer Internet businesses, including Web3 businesses, are, at their core, publishing businesses. Some publishing businesses are like the New York Times which commission, post, and host content which they have created themselves. Most Internet businesses, however, ingest content originating from somewhere, or more often someone, else, such as user-generated content like marketplace listings, social media posts and videos, or blockchain transaction data, and republish it under their own domains under license. 

With success, comes legal issues, and principal among these is “content moderation” or “trust and safety,” industry terms meaning “the censorship and removal of undesirable content.” Moderation takes place for a variety of reasons including user demands, advertiser demands, or government demands. What demands come to a business, and how businesses choose to respond to them, will vary widely from one platform to the next – one would not expect to encounter large volumes of hate speech on a marketplace or personals app, for example, nor would one usually expect to see personals ads on apps which focus on news. 

As blockchain-based applications begin to move into areas formerly exclusively occupied by Web 2 – Friend.Tech, for example, trying to break into social media – the censorship question rears its ugly head in novel and vexing ways. This is because of a simple, but fundamental, way in which most blockchain databases differ from SQL-style databases used by existing Web 2 incumbents: most internet businesses don’t require agreement on permanent, uncensorable, and immutable global state. Blockchains do.  

Decentralized technologies like Bitcoin are designed to render censorship or deletion virtually impossible. How then, do you address the need for censorship and deletion on the one hand while integrating blockchain technology on the other? Particularly with something like, say, a decentralized version of Twitter, how do you square the fact that blockchains might be used with an objective of undermining censorship laws in repressive jurisdictions like Russia without complying with the much more limited but nonetheless very binding censorship requirements in jurisdictions like England or the United States? 

The answer will depend in large part on what the developer of the application is trying to design for. We must assume that a network which allows all lawful speech to be released to the world free from censorship will have the exact same design characteristics, in terms of censorship resistance against third parties, as one which allows all unlawful speech. Code on the blockchain doesn’t know the difference between these two categories, and in either case, one user should not be able, in a non-nerfed blockchain system, to shut down or censor any other user. 

Censorship resistance against third parties, however, does not require censorship resistance against oneself. Most of the time, blockchains are not used by themselves to host and serve an entire DeFi or Web 3 application. More often, they are linked to hosted user interfaces and third party datastores, whether something centralized like an S3 bucket on Amazon, or whether decentralized like a content-addressable system such as Bittorrent or IPFS. (Blockchains hosting raw image or video data is exceedingly rare, and uneconomical, due to blocksize constraints and the existence of fee markets for large, in data terms, transactions.) 

It is at these visual layers, rather than through running a full node and interacting with the chain in the command line, where most users experience blockchain tech. YouTube competitor LBRY, for example, offered an uncensorable blockchain which acted as a registry of sorts containing pointers to digital IDs and content, and a website, LBRY.com, which hosted and displayed content linked to those IDs. If a user chose to violate LBRY.com’s terms of service, the blockchain ID or URLs could be deindexed from the LBRY.com site on the surface web, rendering them inaccessible to anyone who either didn’t know where to look on the chain or wasn’t willing to run a node themselves or reimplement the LBRY.com application on their own – which practically nobody was. Other early storage systems like Sia bifurcated their protocols in two, splitting into a paid service (Sia Pro) and an unregulated, free service (Sia Sky) utilizing separate domains, with the paid service playing by the rules and the unregulated service remaining unregulated. Users chose the experience which made the most sense to them. 

Ultimately, the “decentralized” solutions we’ve seen to date tend to use blockchains to ensure only that text, links, and identity are uncensorable, with heavy penalties for putting plaintext on the chain and contributing to blockchain bloat. As a result, identity is usually the one thing app devs in the Web3 space will always delegate to the chain, with a variety of alternative approaches being available for texts and links. Video content and links are overwhelmingly hosted in the cloud, not on the chain, meaning that users who don’t want to see objectionable content on the chain should be able to deindex it either via block lists or blacklists.

At the end of the day, the most important thing to remember about the internet of publications integrating uncensorable blockchain technology is this: “censorship resistance against the world” doesn’t necessarily mean “censorship resistance against yourself.” Developers looking to address the content moderation problem in a blockchain-enabled application should therefore keep the following in mind:

• Legal compliance to address the unlawful/undesirable content problem starts with application design. You only get the chance to hash a genesis block once, and remember that any changes you want to make to the protocol might require a hard fork at a later date. 
  
• Users will expect and demand the ability to control their own experiences on the Internet. 
  
• Because blockchains scale poorly, as a general rule app developers should ask the blockchain to handle the bare minimum content possible, ideally limiting themselves to IDs, “money” (i.e. the native cryptocurrency) and any smart contract transaction logic required to effectively use “money.” 
  
• Content BLOBs will, in practically every case, be pushed out to the cloud – whether to third-party servers or be self-hosted by posters, user interfaces should have the ability to deindex user IDs which violate their terms of service or the law. Storing raw user-generated content and metadata onchain – as a system like DeSo does – presents an enormous compliance problem for node operators as well as a bloat problem, and is best avoided.
  
• The non-blockchain components of a blockchain-enhanced application will likely need to have a range of tools available to control the user experience. Site admins for a website which operates in tandem with the blockchain will need all of the usual tools to take down unlawful content and pull subscriber records in response to law enforcement queries like any other Web2 application.
  
• Unless the blockchain component of a Web3 app is completely nerfed, users trading in objectionable speech in applications designed in the manner described above would still have the ability to talk to the blockchain, by running a node and communicating with the chain through the command line if not through hosted UIs. In transactions directly with the chain they should be able to verify their identities.

Ultimately, the (activist-group-popularized, and also, legally, correct) maxim “freedom of speech is not the same as freedom of reach” is instructive. Hosted UIs are regulated just like any other website and will need to be managed in a very conventional fashion. If a user’s speech is so objectionable that their blockchain ID is deindexed or blacklisted by the most popular user interfaces, if those controversial users want to be heard they will have find someone willing to host them or, in extremis, they will have to host themselves.