« SCOTUS Term: The Cert Denial in Planned Parenthood v. Jegley | Main | How to make a better law review »

Wednesday, May 30, 2018

A Preview of Why Code Is Not (Necessarily) the Contract

Yesterday, I briefly explained how new blockchain technologies allow people to come together to form "smart contracts." These smart contracts consist of computer code on a decentralized computer network. For example, one could use a digital currency called "ether" to execute a betting contract with 2:1 odds on some upcoming athletic competition. When the competition is over, the Ethereum network would determine which team won by, say, examining ESPN’s website. A winner would receive twice as much ether as he wagered. Since Ethereum smart contracts consist of particular computer code on a decentralized blockchain, it is easy to verify program execution. Once the smart contract is formed, it operates without further human intervention. While bitcoin allows some smart contracting, Ethereum smart contracts are practically limitless in scope.

In 2016, to illustrate the possibilities of smart contracting on the Ethereum blockchain, one group crafted an application that provides insurance in the event of a flight delay. While the application was active, you could go online and find out how much it would cost to buy insurance for an upcoming flight. Based on data from prior delays, the application would then present users with the terms of a smart insurance contract. If you liked the terms, you could agree by submitting ether. Soon after an insured flight was scheduled to take off, the smart contract consulted public records to determine whether or not the flight was delayed and settled accordingly. 

Among the many legal questions raised by smart contracts, one major question is: are smart contracts contracts? Suppose, for example, that the Ethereum blockchain broke down after a smart contract was formed but before the smart contract reached a final resolution. Could people try to track down their counterparties and sue them in court for breach of contract? 

I don't know. But in a forthcoming paper, I address a related question. After a collection of smart contracts constituting TheDAO was drained of about $50 million worth of value (see yesterday's post), those running the Ethereum blockchain used by TheDAO had an interesting choice to make. Should they take the ordinarily-verboten step of modifying blockchain software to undo the exploitation? Or should they stick to the usual rule that blockchains are immutable and unstoppable and decide to allow the person or group that exploited TheDAO to keep the $50 million.

This choice is not first and foremost a legal matter. Those running the Ethereum blockchain may never have participated in TheDAO at all. They wouldn't have an obvious legal obligation to those who invested in TheDAO (though this matter is worth analyzing more closely and in more detail). Rather, the question I examine is whether they have a moral obligation to refrain from mitigating the exploitation on the ground that those who did participate in TheDAO's smart contracts agreed that the code-is-the-contract such that undoing the blockchain would upset those legitimate agreements.  And one might think those agreements were legitimate either because they were legal contracts or because they were morally-binding promises.

So, that's a preview of the issue. My answer goes beyond a blog post but suggests that, at least in this particular case, there are reasons to doubt that DAO token holders reasonably expected that the sort of mega-exploitation that occurred here would not be mitigated. So, if they didn't really agree among themselves that mitigation in this sort of circumstance was off the table, then those running the underlying blockchain needn't feel that mitigation was off the table either. And, indeed, the exploitation was mitigated, but it's a matter of ongoing controversy as similar situations have arisen and are likely to continue to arise.

Importantly, I don't address the question of whether TheDAO exploit should have been mitigated or not. I merely argue that the "code is the contract" slogan, by itself, is not enough to settle the matter for the reasons given in the paper. (This post is adapted from an article forthcoming in the Stanford Technology Law Review; footnotes are omitted.)

Posted by Adam Kolber on May 30, 2018 at 10:33 AM | Permalink


Post a comment