‘Individual Loyalty’: Supreme Court Considers Duties of Bitcoin Developers to Recover Lost Private Keys

background

at Tulip Trading Ltd against the Bitcoin Association for Bitcoin SV (BSV) and others [2022] EWHC 667 (Ch) The Supreme Court has reconsidered the scope of common law and other duties in the context of digital asset networks. The case relates to a lawsuit against 16 software developers (“Defendants”) claiming that they owe a fiduciary and/or discretionary duty to holders of digital currency assets on their networks. One such investor – Tulip Trading Limited (“TTL“), incurred alleged losses as a result of deleting cryptographic keys to use digital assets worth $4.5 billion following an alleged cyber attack against TTL. TTL claimed that the defendants should help it regain control and use of its assets.

TTL, a company registered in the Seychelles, is the holding company of Dr. Craig Wright – an individual associated with the pseudonym Satoshi Nakamoto. Satoshi Nakamoto is the self-proclaimed author of Bitcoin and the “inventor” of Bitcoin. TTL claimed that the defendants had a duty to enable him to recover stolen encryption keys allegedly deleted from Dr. Wright’s computer when he was the victim of a cyber attack in February 2020.

TTL claimed that the defendants, being the primary developers that control the Software with respect to four related digital asset networks (“”Networks“, as defined below), a fiduciary duty and/or a discretionary duty of the TTL which shall compel them to assist the TTL in regaining control of and use of its digital assets. The TTL has claimed that “It won’t be technically difficult“to compile a program debug to allow a TTL to”Take back control of the assets. “

Networks included:

  1. Bitcoin Satoshi Vision Network (“BSV Network”) – First Defendant (“Bitcoin Society”);
  2. Bitcoin Core Network (“BTC Network”) – Defendants 2nd to Thirteenth (“BTC Developers”);
  3. Bitcoin Cash Network (“BCH Network”) – 14th accused; And
  4. Bitcoin Cash ABC Network (“BCH ABC Network”) – the fifteenth and sixteenth defendants.

Notably, none of the defendants fell within the jurisdiction of England and Wales. Therefore, the judgment, and not the full trial, relates to the second to twelfth, fifteenth and sixteenth defendants (together, the “plaintiffs”) seeking to challenge the jurisdiction of the court. The first defendant accepted the jurisdiction of the court and the thirteenth and fourteenth defendants were not a party to the application.

to rule

In order to obtain permission to serve extra-judicial proceedings, the TTL had to convince the court that its claim met the following criteria: 1) there was a serious problem to be prosecuted; 2) there has been an arguable good case that the claim falls within one or more jurisdictional gates; and 3) in all circumstances England was the appropriate forum and the court should have exercised its discretion to permit extrajudicial service.

On the question of whether there is a serious problem to be prosecuted, a TTL claim must meet the following criterion: “The claim should be more than an argument. While the court should not conduct a mini-trial, it should take into account the evidence available as well as the evidence that could reasonably be expected to be available at the trial. But there may be a legal point where the court must “understand nettle”“.”

The court, in its judgment, determined that the lawsuit failed in this first hurdle, as there is no serious case to be tried. Of the seven disputes as to the merits of the case at trial, Ms. Falk singled out the existence of any fiduciary and transitory duties in the circumstances as these two principal tasks and devoted the most attention (only by looking briefly at the ‘judicial portals’). and “appropriate forum” issues, which are outside the scope of this article.) Other substantive issues included establishing ownership of “stolen” crypto assets and, in fact, verifying whether the alleged cyber attack had occurred.

fiduciary duty

The Court concluded that it was not realistic to argue that the facts paid showed a fiduciary relationship, since there were no circumstances which gave rise to a relationship of trust with an overall obligation of loyalty between any of the applicants and the TTL.

The imposition of a fiduciary duty would mean that applicants in this case would owe the TTL an “undivided loyalty” obligation, but this would be impossible because it would be in favor of the TTL alone. Creating this precedent could harm every other user in a particular network.

Nevertheless, Mrs Falk left the door open to future attempts to demonstrate a fiduciary duty in various circumstances, and commented on this.… On a general level, I can see that any owner of digital assets on networks will have certain expectations, for example about network security and private keys, the effectiveness of “proof of work” operations, and indeed anonymity“.

common law duty

With regard to the common law duty of care (or duty to default), the TTL had to demonstrate that there was a special relationship between them and the applicants and that this special relationship (or duty) had been breached when the latter failed to assist in the recovery of the digital assets. However, the Court dismissed the existence of any such duty and held that there was no legitimate reason to carry out a gradual extension of the existing test of the duty of care, and (especially in view of its unlimited nature) it could not be said realistically that it was just, just and reasonable to impose such a duty on applicants. .

In addition, the loss claimed by the TTL was purely economic loss and in the absence of any special relationship between the parties, there can be no common law or discretionary duty of care. However, Ms Falk made comments suggesting that “It may be argued that developers have a certain level of responsibility to ensure that they take reasonable care not to harm the interests of users.“By taking active malicious steps that threaten the security of the network. Furthermore, I suggested that developers may be obligated to address bugs or other flaws in their network. Since there were no such allegations in this case, Ms. Falk did not consider the allegations further.

Suspension

While the case was the first of its kind that took into account the potential roles and duties of cryptocurrency software developers, we would suggest readers to avoid making general conclusions based on the judgment. The court did not make a direct ruling on the general existence of fiduciary or common-law duties in the digital asset network, but merely reiterated the “upper limit” that exists to prove the existence of certain fiduciary duties and/or malicious duties.

There is no doubt that the topic of cryptocurrency is attractive and some may welcome this decision as a “milestone” potentially relieving crypto developers of their duty of care. However, we believe that this analysis may go further, because this case was a preliminary hearing and the result turned out to be specific facts rather than any reinterpretation of the law. The court rejected the notion that software developers and/or software controllers in blockchain tools could owe a duty to protect network users by allowing them to re-establish access to digital assets when their private keys are lost.

However, the court has achieved significance obedient Comments (ie, passing notes) that may indicate that their results could be different in other circumstances. These may provide some encouragement to potential claimants looking to go after developers for failures such as malicious or neglected security threats to their networks, breaches of anonymity, or “Proof of Work” processes.

The full Supreme Court ruling can be found here.

Leave a Comment

Your email address will not be published.