Is code law? Yesterday I shared my own thoughts on this theory that is central to nearly everything being done in crypto, arguing that although there should often be room for nuance, the technology behind blockchain is highly "opinionated." Crypto is biased towards egalitarianism, and it creates equality in the world by treating code as sacrosanct. No one can dictate who can use a public blockchain, Bitcoin simply executes as it is written.
Lately, there is a movement away from the hardcore stricture that "code is law," and a willingness to accept that this industry needs regulation, to be integrated into the justice system and that "law is law" (and code is ... something else). I called that "maturity" for the industry in yesterday's column, but it is a complicated conversation.
What follows is what leading lawyers, builders and experts working in crypto have to say. Interestingly, despite the variety in backgrounds and diverse areas of expertise, there is cohesion around the idea that exploiting code is wrong, even if that's how it was written. What would the cypherpunks think?
Neeraj Agrawal, head of communications at Coin Center:
"We've [Coin Center] always taken the view that cryptocurrency use is regulated by applicable laws"
Scott Lewis, creator of DeFiPulse, Slingshot and the Canto Network:
"I might be misunderstanding, the exploiting a vending machine is stealing though, right? Is that an example in favor of the code is not law side? Isn't that the canonical 'code is not law' example? Using an error in someone's code to take people's money is not OK, and it shouldn't be legal. Laws and rules around smart contract hacks are unclear and should be clarified, but making them all legal is not the answer"
Austen Campbell, Columbia Business School professor and former BUSD portfolio manager at Paxos:
"If crypto wants to go mainstream, it needs an environment where regular people can transact with confidence and know the rules of the system, not be at the mercy of exploits and hackers. It can't be the case that everyone has to be a crypto expert."
David Hoffman, co-founder of Bankless:
"Code is Law is a thought experiment, not a prescription."
Christine Kim, Galaxy Digital vice president of research:
"The idea that 'code is law' or that the rules enforced and not enforced by a smart contract have the final say over who owns the assets on a blockchain is untrue because in most cases, especially DeFi hacks, protocol teams like the Kyber development team will rely on law enforcement for the retrieval of user funds. When code fails, which happens with some frequency with DeFi protocols, the law is the law."
Gwart, gwart of gwart:
"Code being law is increasingly difficult with the complexity of the system. It's probably naive to say "code is law" in an absolutist way. My more interesting take perhaps is that these types of decisions, and maybe other decisions that lean on law being law, really make us as a crypto community think about the value of these systems if they are ultimately enforced by the state. I'm not sure what the "correct" equilibrium is here but I do sometimes wonder how valuable these tools can be if contracts are ultimately reliant upon common law or state law or whatever to work out these situations."
Jon Rice, former editor in chief of Blockworks, Cointelegraph, Crypto Briefing:
"The concept of decentralization is about increased participation in our financial system, not about anarchy. 'Code is Law' is a tenet of DeFi that essentially absolves the deployer of responsibility, and passes it instead to the user. This isn't a recipe for greater participation, it's just another obstacle for the average user - and thus another hurdle for our industry in attracting both capital and users.
"It's encouraging to see courts begin to look more closely at guardrails for DeFi, but only if those decisions place the burden of responsibility on those who should know best: The people creating and deploying the code."
Conor Ryder, head of research at Ethena Labs:
"On one side I agree that we are lobbying for code to replace the need for trust, interpretations of law etc. Code is law does fit that narrative but I do think it's too extremist.
"It's a very dangerous precedent to set and at the end of the day it's still an attack on a security vulnerability — if a Web2 company had a similar vulnerability that was taken advantage of, you can be sure that there would be legal action taken. Encouraging these types of attacks is definitely met with negativity for a still relatively immature space and if he really was an 'ethical hacker' there were likely more subtle ways he could have raised the issue and still been compensated."
Cami Russo, co-founder of The Defiant:
"I interpret code is law as whatever the outcome is to code that is executed by smart contracts, cannot be interfered with and should be upheld both via social consensus around blockchains and also in actual courts. I think there is more nuance to the concept.
"I believe intent matters of both the developer of the code and the user of the code. The purpose of the protocol or dapp and the intention of the user of that dapp should be taken into account. If a user of a protocol is achieving a certain outcome by interacting with the code in a way the developers did not intend, then that should weigh into whether that outcome should be changed or reverted, especially if other users are hurt.
"A simplified way of seeing this is, a lock's intended purpose is to prevent access from say a safe. Someone might know how to pick that lock and access funds inside the safe. They found a "vulnerability" in that lock, but they're not using it as it was intended and they have produced an outcome that was not desired by the manufacturers of the lock or those keeping money on the safe. In this case, external parties should interfere with the outcome. The same is true for smart contracts."
Maria Bustillos, Brick House co-founder:
"In general I think it's not a bad idea to refer to the [Bitcoin] white paper; this tech was developed specifically to address significant weaknesses in legacy financial systems."
Michelle Lai, Electric Coin Company board member and governance councillor and Synthetix:
"The code is law camp is slowly being coerced into compliance, for the sake of their freedom. I'm not saying i agree fully with code is law, nor with full compliance, but the Overton window shifted towards compliance for many projects that might have been more pro-privacy, due to the heavy handedness and cowboy behavior of some regulators."
Eva Beylin, director of the Graph Foundation:
"Code is law is not as binary as we're making it seem. Code can be law and also there are other laws that we abide by. In the case of the French decision it's quite frustrating that a precedent is being set that code is law = no other laws apply. For example, if someone enters the right code to break into your house, isn't it still called robbery/breaking and entering? Just because they followed the code (aka entered the pin), doesn't mean the act itself surrounding it was legal.
"Same thing with sim swaps and hacking. Just because someone got access to your sim or account because they happened to know your password/pin doesn't mean that it's not illegal (e.g. doesn't mean that it's legal)."
Jared Grey, Sushi CEO:
"Code is the law until it's exploited in the face of criminality, when the general rule of law supersedes. Tl;dr: I don't think you can excuse criminality through the use of technology. What is criminal is a wider discussion."
Stephen Palley, litigation partner and co-chair of Brown Rudnick's Digital Commerce group:
"The catchphrase "Code is Law" comes from a book written by law professor Larry Lessig. His more nuanced discussion of this concept has become shorthand by people working on crypto projects to mean something like 'anyone who interacts with a blockchain protocol should be bound by anything that results from that interaction -- the code, well or poorly written, determines and is the final boss of outcomes.' Under this sort of rubric, thus, there are no mistakes and the concept of a hack or exploit isn't recognized. Whether or not U.S. courts will follow the French court's reasoning remains to be seen. You can get pretty far with terms-of-service or a user agreement, that will bind a user to consequences and to accept all results, whether expected or unexpected. It's less certain that a U.S. court will agree to consequences that involve conduct that appears fraudulent or illegal, as the general rule is that you can't consent to a crime. Now, there's a ton of nuance here that I can't unpack in a simple quote but I think we can expect some US Courts in some circumstances to bind users to the results of irreversible code, as long as the consequences of software errors are knowingly and voluntarily waived."
General counsel for Alliance, Mike Wawszczak:
"Let's be clear about what "code is law" might mean to people like lawyers and judges. It cannot mean "code trumps law" or "code is on equal footing as law." Instead, it means something like "the law defers to the outputs of code in its normal functioning, whether that code is well-written or not, whether the function was intended by the developer or not, whether other users of the code are affected in some way or not." It's a deference, not a trump card.
"The judge in Platypus appears to be saying that there is no reason to overrule the deference here, but that does not mean another judge lacks that power.
Jake Brukhman, founder of CoinFund:
"In general, I would say that code is law refers to transactional hardness and often lower counterparty risks associated with blockchains. This is a key and central innovation, but I also think it can work in tandem with traditional law. Blockchain primitives are tools in a toolbox. I think the comparison to a vending machine is meaningful, I'm just not sure what conclusion about code-is-law to take from it."
Paul Dylan-Ennis, professor at the University of Dublin and CoinDesk columnist:
"The Platypus case brings us into direct contact with a contradiction in DeFi. On one hand, we want hackers to be punished. On the other, we are supposed to be building decentralized protocols that take the state out of the mix. Until we get clear on what Code is Law really means we'll be confused by decisions from the traditional legal system. The way I see it, this case is another example of how we tend to have these concepts, but they are more like memes than well thought of principles. and we let the contradictions hang around w/o trying to solve them. I agree that the principle is worth keeping, though I'd veer to the side that says the problem is actually that the code is obviously not up to scratch to actually be our law."
Krystal Scott, artist:
"I do agree code is law is kind of the whole reason for everything in the first place. If everyone just started going to court we're going to eventually just end up back in the exact bureaucratic structure crypto was invented to escape . But it is quite comical that the court just acquitted, perhaps the bureaucracy is also growing and adjusting with the space. Likely it's all just coming together tbh crypto is becoming less of an outsider thing."
Miguel Morel, CEO of Arkham Research:
"In the online world of decentralized finance it makes sense that code is law, one expects smart contracts to follow whats been written in the code without exception. However, humans who are the ones using these smart contracts exist in the physical world of jurisdictions and stately governance — this supersedes anything written in code, and therefore I'd expect it to take precedence over anything we believe in crypto."
L0la L33tz, author:
"Humans have been trying to regulate our way of life for centuries, but math will always route around our systems. Code is the only law that is always enforceable. This basically means: Even if this case was decided differently, then the next person that writes [bad] code comes along, which will also be exploited, and there's really nothing that can stop them, and you can try to 'enforce' your law, but maybe they're smarter and won't get caught (i.e. escape the law).
Arthur Brietman, co-founder of Tezos:
'Law is law, and depending on what the law says, it won't always align with code. But good law sets defaults, and minimizes the need for parties to enter into contractual agreements to depart from those defaults. This is, in a nutshell, the wisdom of Coase's theorem. By that standard, I do not believe that strictly following the code is the best a legal system can do, there is room to define meaningful abuse without introducing arbitrary discretion. This does not mean code is useless, shifting the burden of a legal complaint is huge! 'Defaults' are powerful."
Mike Demarais, co-founder of Rainbow wallet:
"Stealing is bad."
Read the entire story online...
– D.K.
@danielgkuhn
daniel@coindesk.com