its own code, was redistributing investors’ funds to one savvy user. “I’m not even sure that this qualifies as a hack,” wrote Gün Sirer, the Cornell professor, on his blog post later that day. “To label something as a hack or a bug or unwanted behavior, we need to have a specification of the wanted behavior. We had no such specification for The DAO…. The ‘code was its own documentation,’ as people say. It was its own fine print. The hacker read the fine print better than most, better than the developers themselves…. Had the attacker lost money by mistake, I am sure the devs would have had no difficulty appropriating his funds and saying ‘this is what happens in the brave new world of programmatic money flows.’ When he instead emptied out coins from The DAO, the only consistent response is to call it a job well done.” By The DAO founders’ own terms, the attacker had done nothing wrong, in other words. He or she had simply exploited one of its features.
In the real world, the spirit of the law always supersedes its letter—the intent is more important than the code. In this case, the intent of the attacker was made clear in the mood of the token holders: they were angry; they believed they’d been wronged. They wanted their money back. But whom were they going to sue? There was no designated owner of this enterprise. They were all equal members of a decentralized system with no one in charge. As many lawyers argued, however, the law will always find a way to get around that problem. The law will seek out and find someone to hold responsible. And in this case those most likely to be fingered were the Slock.it team and various Ethereum founders and developers who’d encouraged and promoted The DAO. Even if they could avoid legal consequences, their reputations, and that of the system they supported, were on the line.
Sure enough, one year later, the law did take an interest. Conducting an investigation into the affair, the U.S. Securities and Exchange Commission ruled that the tokens that had been issued constituted unregistered securities and so would have been in breach of U.S. laws. To Slock.it’s inevitable relief, the SEC decided not to pursue charges, but the press release explaining its decision was a shot across the bow. Not only did it make clear that the growing number of crypto-token issuers needed to be wary of regulatory action, but it was also a reminder of how far-reaching are the jurisdictional powers of regulatory institutions that carry the weight of U.S. law behind them.
A related matter is the question of how to incorporate relationships of human trust into a blockchain. Bitcoin purists believe that users need not trust anyone with whom they enter into a transfer of bitcoin currency. The record of their transactions is generated according to a distributed software program that no one controls, and when currency is transferred to other users, that exchange is verified by a decentralized system that requires no “trusted third party’s” adjudication and has no need to identify the users. But in reality, Bitcoin users can’t get away from having to trust someone or something. For one, the payment is only one part of the transaction; there’s nothing in the software that ensures that the merchant delivers the goods or services offered in return. Bitcoin users also must trust that data being input into the record is reliable. How do you know the smartphone or PC you are using to give instructions to the Bitcoin network hasn’t been compromised? How do you know that when you are typing “6f7Hl92ej” on your keyboard, those characters are the ones being conveyed to the Bitcoin network? We have little choice but to trust that Apple, Samsung, and other manufacturers are using strict supply-chain monitoring systems to ensure that attackers haven’t put malware into the chips. This is not to sound paranoid, because the fact is that, even in the face of constant cyberbreaches, we all choose to trust our computers. But it is to say that it’s inaccurate, and a little naïve, to think that blockchain systems operate within what some in the cryptographic community describe as a state of “trustlessness.”
Once we go beyond bitcoin currency and start to transfer other rights and assets over a blockchain, the insertion of more trusted parties arises. The authenticity of a land title document that’s represented in a blockchain will, for example, depend on the attestation of some authority figure such as a government registrar. This dependence on a trusted middleman, some cryptocurrency purists would argue, overly compromises a blockchain’s security function, rendering it unreliable. For that reason, some of them say, a blockchain is inappropriate for many non-currency applications. We, however, view it as a trade-off and believe there’s still plenty of value in recording ownership rights and transfers to digitally represented real-world assets in blockchains. We must, however, be aware of that trust component and establish acceptable standards for how data from such sources is gathered and entered into a blockchain-based system.
Blockchain technology doesn’t remove the need for trust. In fact, if anything it’s an enabler of more trustful relations. What it does do is widen the perimeter of trust. While the software removes centralized trust from the internal ledger-keeping process inside the blockchain, we must trust other people in the “off-chain” environment. We have to trust that a merchant will fulfill a promise to deliver goods on time, that a provider of some source of key information like a stock market price-feed is accurate, or that the smartphones or computers we use to input information haven’t been compromised at the manufacturing stage. As we go about designing new governance systems based on this technology, we need to think hard about best practices as they exist at that outer rim—the “last mile” of verification, as some call it. Blockchain technology should be an impetus to develop standards and rules about how the fulfillment of contractual obligations is to be judged in ways that can be read and understood in this new digital context.
Finally, there’s a potentially contentious issue around the market framework—the questions of which computers control the blockchain and how much power to dictate prices, access, and market dominance that allows. Permissioned blockchains—those which require some authorizing entity to approve the computers that validate the blockchain—are by definition more prone to gatekeeping controls, and therefore to the emergence of monopoly or oligopoly powers, than the permissionless ideal that Bitcoin represents. (We say “ideal” because, as we’ll discuss in the next chapter, there are also concerns that aspects of Bitcoin’s software program have encouraged an unwelcome concentration of ownership—flaws that developers are working to overcome.)
Permissioned systems integrate a trusted third party—the very kind of intermediary that Satoshi Nakamoto aimed to avoid—to authorize which computers can participate in the validation process. This option makes sense for various industries that are looking to adopt blockchain technology but whose current industry structures just don’t allow a permissionless system. Until the law changes, banks would face insurmountable legal and regulatory opposition, for example, to using a system like Bitcoin that relies on an algorithm randomly assigning responsibility at different stages of the bookkeeping process to different, unidentifiable computers around the world. But that doesn’t mean that other companies don’t have a clear interest in reviewing how these permissioned networks are set up. Would a distributed ledger system that’s controlled by a consortium of the world’s biggest banking institutions be incentivized to act in the interests of the general public it serves? One can imagine the dangers of a “too-big-to-fail blockchain”: massive institutions could once again hold us hostage to bailouts because of failures in the combined accounting system. Perhaps that could be prevented with strict regulation; perhaps there needs to be public oversight of such systems. Either way, it’s incumbent upon us to ensure that the control over the blockchains of the future is sufficiently representative of broad-based interests and needs so that they don’t just become vehicles for collusion and oligopolistic power by the old guard of finance.
The open-source development of permissioned ledger models that’s being done by R3 CEV, a consortium dominated by major banks, and by the Hyperledger group, in which tech firms like IBM, Intel, and Cisco play hefty roles, is important. It’s forcing the incumbents within them to see the spotlight that this new technology shines on the inefficiencies of their old, centralized work processes. And some of the ideas being developed there will no doubt be of great value to the wider ecosystem of blockchain development. But we believe the “permissionless” ideal first laid down by Bitcoin and since followed by countless alternative “altcoins” and blockchains is a vital one for the world to focus on.