What do you legally “own” with Bitcoin? A short introduction to krypto-property

Knut Karnapp posed this very interesting question over on Twitter. His answer:

To me you own a part of the Bitcoin UTXO set uniquely assigned to you, and only you — by virtue of the corresponding private key. With this comes great responsibility. If you lose your private key, you lose your bitcoins. If your private key gets stolen civil law may dictate that the key itself and the UTXOs accessed by it are still “yours”. As far as the Bitcoin network is concerned though the private key grants power of disposition to whomever is in possession of said key.

That’s a solid answer from a de facto point of view, where continuing knowledge of the private key basically == what most people commonly refer to as control, or ownership. From a workaday transactional standpoint I basically agree with it wholeheartedly. De jure, on the other hand…

It Depends

“Ownership” is more than mere control; it is a legal concept and law is a local phenomenon. Accordingly, when you ask yourself whether and how something is owned, it’s generally a safe assumption to begin, in the first instance, by looking at the governing law of the asset and asking what that governing law says.

With certain things, like securities, the governing law of the issuing jurisdiction/entity and the governing law of the instrument (if different) are likely to be dispositive. International bearer securities, e.g.,  utilize well-worn issuance frameworks like the New Global Note structure, which divides up legal and beneficial title in the underlying security by contract in a manner that is highly certain and leaves little room for ambiguity. With real property (an apartment, a house, some land) you usually look to the law of the situs as the starting point for that inquiry. Generally speaking it’s the same story for chattels, save where ownership of those chattels is represented by a certificate of title or the like.

The problem with Bitcoin, of course, is twofold.

First, Bitcoin does not avail itself of existing categories of property, like chattels or instruments; indeed, it defies them in many respects. As a consequence, any contractual or systemic understanding of the thing – to the extent one exists at all – is going to be implied, and seeing as courts haven’t really grappled with foundational questions about what Bitcoin is, we don’t know what that implication will look like. The best we can do for now is guess what the boundaries of that implication, once set down in writing, will be.  We will call this the Classification Problem.

Second, a bitcoin does not really have a physical location, and is a fundamentally global good – it exists on every computer which runs a full node, and is arguably issued everywhere and nowhere at the same time.  But the Classification Problem will be determined by reference to local, not global, rules. We will call this the Forum Problem.


The “Forum Problem” is a simple one; Bitcoin has no identifiable origins, no clear home, so each different country/jurisdiction in which litigation over Bitcoin is brought (in the case of the U.S., the states and the various federal jurisdictions) will feel entitled to apply its own rules to the asset. For the majority of commercial arrangements, harmonization can probably be achieved by choice-of-law clauses among the counterparties to the transaction.

The “Classification Problem” is where things get more interesting. Here we ask what rules each jurisdiction would apply if some litigation arose which involved fundamental questions about the nature of ownership as it pertains to Bitcoin the asset. Usually, those fundamental questions are not in dispute in the kind of workaday litigation that comes before the courts. Courts take judicial notice of who owns what bitcoins based on the facts of the case; Alice sold some bitcoins to Bob, there are no competing claims to the bitcoins and the question is whether one of the parties reneged on the high-level commercial terms of the deal.

What hasn’t happened yet, and what invariably will happen as more and more cases  hit the courts, is that someone will ask the question, “what property classification do we apply to Bitcoin – WTF is it that Bob actually owns?” This is because, at its core, a bitcoin is really, in its purest essence, only a solution to a randomly-generated math problem. Because the problem is very hard, the combination of a UTXO plus the ability for a recipient to spend it, armed with the knowledge of the relevant private key, is treated by most of us today as property. That “property” creates a write permission on a massively distributed cryptographic ledger which nobody controls, although control of that write permission can be transferred to other users of that database by spending the associated coins to those other users.

Because the secret embodied by a private key one does not know is very difficult to obtain – and impossible to obtain on a commercial timescale with existing technology – people call Bitcoin a “digital bearer asset.” Bitcoin is most assuredly not a bearer asset or chattel, though. Nor is it a documentary intangible, as it is not a contract and is silent, apart perhaps from the provisions of the MIT Licence, as to what a court should do when presented with one (more on that below). Unlike physical goods which can only exist in one place at one time, it is conceivable that with a powerful enough computer, the solution could be found entirely honestly by a third party simply doing some math and stumbling upon the answer at random, or by asking the right questions and exploiting some as-yet-undiscovered weakness in the implementation.

Screen Shot 2018-11-25 at 10.41.12 AM
For example. Courtesy of Hacker News

Bitcoin might, therefore, be better described as a digital I-know-something-you-don’t-yet-know asset. “Yet,” because the information is not secret (in the same way as a trade secret, e.g.) or impossible to ascertain; it’s out there waiting to be ascertained by someone clever enough, or a computer powerful enough, to figure it out. The term “cryptoasset” that is cavalierly thrown around by your  garden-variety ICO bro inadvertently turns out to be an accurate description for this new class of ownership. Lawyers wishing to confer dignity on the phrase might call it “crypto-property” instead.

If we really wanted to make it our own and de-emphasize the “there’s a lot of cryptography in this thing” aspect of Bitcoin, which is not legally relevant, in favor of an laser-focused emphasis on exclusive knowledge of the secret key as being dispositive for control and highly relevant for ownership, I might suggest the radical step of changing the spelling of the prefix to “krypto,”  per the original Greek κρυπτῷ, so we’re left with krypto-property.”

Contrasting approaches between England and the U.S.

Who owns the solution to that really hard to solve, but solvable nonetheless, math problem? I ask this question, which seems like an obvious or even pedantic one, only because I am fairly certain that the world’s two largest common-law jurisdictions – England and Wales, and the United States – would reach different conclusions.

Now, of course Bitcoin is treated as various things by various agencies of the state – most significantly, as “property,” by both the IRS (American taxman) and HMRC (English taxman). But that doesn’t answer the question of what kind of property the stuff actually is.

In England, for example, longstanding precedent has held that “the right to confidential information is not intangible property;” see Oxford v. Moss, (1979) 68 Cr App Rep 183 (a student cheating on a test by reading the answer sheet in advance could not be convicted of theft, as the answer to the test – as pure information – was not intangible property and therefore incapable of being stolen). This principle nukes the notion that a private key is worth more than the paper that you [really should not] have written it on.

At the same time, English law may have an equity, which looks a lot like a property interest in confidential information that has been misappropriated, that gives a party wronged  (i.e., for our purposes, the person from whom knowledge of a private key was wrongfully obtained) a right to restitution. Anyone looking for the detailed treatment should read the section “Information as Property” at page 1 in Palmer & McKendrick’s Interests in Goods (1998).

I wrote a fairly lengthy analysis on the English law in this area back in the day, which, annoyingly, I have since lost. TL;DR, if an attacker fraudulently obtains a private key, English law provides a a remedy, but if an attacker should stumble upon a key by accident or by brute force, it probably doesn’t. This is unsatisfactory but it’s what we’ve got.

Contrast this with the U.S. position, where the courts have found that property rights can subsist in pure information such as unpublished or recently-published news (INS v. Associated Press, 248 U.S. 215 (1918)) or straightforwardly analogize doctrines such as relativity of title as a hack/workaround (e.g. Popov v. Hayashi, WL 31833731 Ca. Sup. Ct. 2002). Incidentally, a relativity-of-title-theory approach would also solve, for most practical purposes, what the inimitable Izabella Kaminska described as “Bitcoin’s Lien Problem” in 2015; it strikes me that that theory of ownership should be fairly good fit with UTXO-based systems where one can trace title to a given coin perfectly, give notice of theft or fraud efficiently, and prove current “possession” with a high degree of precision. Crucially, it might prevent an attacker – even an accidental one – from getting superior title to the Bitcoin he obtains, as long as the courts or the legislatures decide that’s how they want to crack that nut.

Equally, and another idea I have noodled on, is that Bitcoin’s code is really the first “smart contract” in that the code embodies a binding contractual understanding among the users. However, the fact that the code can be forked by consensus of the users to say anything at any time suggests to me that a court would likely conclude that there was not a clear intention to create a contract by running the code and so might refuse to enforce a particular mode of operation on the users of the network (see e.g. Jones v. Padavatton, [1968] EWCA Civ 4). Incidentally this absence of a contractual understanding/effective ousting of the jurisdiction of the court is why Bitcoin cannot and should not be described as a chose in action.

Wrapping up, the reason that the matter of Bitcoin’s ultimate classification as property hasn’t come up yet is because, in common practice, ownership  disputes are resolved at a higher conceptual level than inquiring about the “nature of a bitcoin itself” – when I deposit coins at an exchange, e.g., it ought to be pretty clear from the exchange’s TOS that if I have a balance on the exchange, I can ask the exchange to spend an amount equal to that balance back to me on request and, if they fail to do so, I can ask a court to force the exchange to render specific performance or pay damages. A dispute of that kind, of which there have been many, doesn’t ask at what point title transferred and what the fundamental nature of that title is, because it doesn’t have to. It looks instead at the contractual obligations between the counterparties and whether those obligations were satisfactorily performed.

One could write chapter and verse comparing these two jurisdictions and their treatment of Bitcoin as an asset. That said, it’s a Friday night and I have places to be, so for now it will have to suffice to say only that the question has no answer and at some point, probably sooner rather than later, there is going to be a case that explores these fundamental issues (I am frankly shocked that Oxford v. Moss hasn’t been raised yet in any of the UK-based Bitcoin fraud prosecutions).

I look forward to reading those decisions.


Too good not to share.

I told you so… now, what’s next for American ICOs?

1) Getting it out of my system: I told you so

The American Initial Coin Offering is dead.

As I predicted, years ago. In case you’re wondering why I make predictions years in advance, such as

  • my 2013 prediction that the UK’s Help to Buy scheme would end badly, or
  • my 20142016 and 2017 predictions that the American ICO market would come crashing down due to regulatory intervention,

I make those predictions for days like today, when they finally come true.

Today’s post to my blog is the latest, and arguably best, post in my ICO Mania series. That’s because, today, I can prove that my bear case for crypto was absolutely correct in predicting major regulatory headwinds at a scale that few other lawyers, or investors for that matter, foresaw.

I take an ultra-conservative approach when it comes to token issuances in the United States, and have done so for years. This has not been an easy position to publicly maintain for the last half-decade. The great and the good of cryptocurrency, including numerous cryptocurrency foundations and their “billionaire” entrepreneur sponsors, BigLaw partners, Coin Center (more) (more), USV, a Cardozo/Consensys joint venture,  a Coin Center/Consensys/Coinbase/USV collaboration, venture capitalists talking their books, and others have all insisted, at various points, that there is some magical workaround, some way that a token becomes useful-enough, which has the result that the registration requirements of U.S. federal law no longer apply.

I was right. They were wrong.

In the instant case, the two companies that settled – Paragon and AirFox – each agreed to register the tokens as securities within 90 days, and to pay a substantial fine. The SEC concurrently announced pathways to compliance for token issuers, unregistered token investment funds, unregistered exchanges and unregistered broker-dealers. All of this follows last week’s enforcement action against a founder of the decentralized exchange EtherDelta, who no longer runs it, yet was made to pay restitution and penalties.

These enforcement actions are an earthquake that should be felt by the entire cryptocurrency and digital asset space, all over the world.

There is nothing extraordinary or particularly interesting about these enforcement actions by themselves; one could describe the orders as being mundane. It is for this reason that these orders are notable; they all but destroy a narrative that I have often heard in legal and VC circles, accepted hitherto as gospel, that US regulators will “only go after bad actors” or “the most egregious frauds,” and that strength in numbers from the startup side of things will overwhelm regulators’ ability to cope or, Uber-style, convince the regulators of the errors of their ways.

Screen Shot 2018-11-17 at 1.32.02 PM.png
Presented without comment

This assumption and comparison – which I have heard dozens if not hundreds of times over the last five years from investors and entrepreneurs alike – is flat wrong. VCs everywhere with no legal training, enabled by too-clever-by-half associates and advisers, failed to appreciate the meaningful difference between a municipal taxi regulation and federal law, and underestimated the intelligence and professionalism of those enforcing it. They thus failed to see what is becoming increasingly clear: the SEC intends to go after anyone in the ICO space who violates U.S. securities laws, well-intentioned or not, honest or not, technologically sophisticated or not, VC backed or not.

“But the SEC is a law enforcement agency, they don’t decide what the law is,” I hear you say. Yeah, OK. Sure. Let’s noodle on that for a second. It’s possible that, rather than roll over and die, some extremely wealthy coin promoter is going to decide to use his or her resources and a not inconsequential percentage of what time he or she has left on Earth to fight the SEC all the way up to the Supreme Court, and seek to overturn 70 years of extremely solid precedent on the basis of “because blockchain,” unlikely though that is. To the extent that unlucky entrepreneur’s scheme fits the standard mold we’ve come to expect of ICOs in the American market, I do not believe that effort will be successful, although I wish him or her the best of luck, if for no other reason than the college tuitions of the lawyers’ children for which such an action will pay.

2) So what’s next?

Companies that think they have a compliance issue on the ICO front shouldn’t panic. What they should do is convene their boards and call a lawyer, immediately.

Crucially, startups should get psychologically prepared to put in a lot of time and effort on a compliance program. What exactly this will look like for a particular startup will depend on a number of factors, e.g. whether any tokens have actually been issued or whether only SAFT notes are outstanding, whether those tokens have been listed on public exchanges, the residence of the team and investors, and the content of marketing efforts undertaken to date. Depending on those factors a number of different pathways might be available, including registering the token as a security, eliminating any U.S. touchpoints and moving the project offshore, or winding the project down and refunding investors.

Digging in one’s heels and fighting is also a possible option, but one which I would consider inadvisable for most startups.

In practical terms, for most ICO startups, the party, at least in the United States, is over. The landscape that makes ICO business practices so much more attractive than traditional capital-raising models has changed irreversibly. Much of the ease with which current coin businesses operate, including low overheads and the ease of onboarding new users, is facilitated by deficient compliance processes and absent licensure. Most existing “coin” services infrastructure accessible in the U.S. has a long way to go before it is in a position to deal in regulated products. Many coin issuers and service providers may not have the resources to achieve compliance. This includes exchanges. Overseas exchanges, based on their past performance, are unlikely to try.

At the issuer level, registration and ongoing reporting is extremely expensive, for which reason I cannot see it ever being an attractive option for seed-stage firms. Additionally, to the extent that Palley’s view is correct (it’s a fact-based determination, but I agree with his view that most ICO tokens, as they are encountered in the wild, are securities under U.S. law) this also has implications for any and all altcoin exchanges servicing U.S. customers, who will either need to register as national securities exchanges or cease servicing the U.S. For real, though, not just by easily-circumvented IP blocking.

The knock-on effects for the rest of the crypto ecosystem will be substantial, as U.S. projects wind down or register, projects that have not yet issued tokens pivot to Europe and Asia, and years of legal wrangling begins to pick up the mess engendered by a couple of years’ worth of crypto-anarchic whataboutism, Silicon Valley move-fast-and-break-things-ism and plain old bad legal advice.

In terms of assessing projects who really took the “Fat Protocol” thesis on board and are too far down the line to pivot, if I were running an altcoin portfolio for a living, today I should mark any such assets – if U.S.-based and having seriously deficient securities compliance – to zero.

None of this, of course, should come as any surprise to anybody who bothered to take the time to read the nearly 75 years of U.S. caselaw that exists on this question. Historia magistra vitae est. One wonders how many billions of dollars of value are going to be destroyed as a result of our industry’s shortsightedness; losses which might not have been, if only people had cultivated respect for legal history and the law, paid a little less attention to the salesmen, and paid a little more attention to the skeptics.