Recovering one’s property when lost through theft, fraud, or simply misplacing it should not be a controversial topic. Yet, in the digital asset space, certain foundational principles and the ideologues that cling to them often prove a barrier to asset recovery. However, in the United Kingdom, courts have laid down a marker for treating digital assets as property, and an ongoing asset recovery case could force blockchain miners and developers to choose between their commitment to ideals—real or imagined—and the rule of law.
Crypto-anarchists, and before them, the Cypherpunk movement of the 80s and 90s, advocated for the use of cryptography and decentralized technologies to protect privacy, promote individual freedoms, and counteract third-party surveillance. Two of the fundamental principles that came out of these movements and were applied to the blockchain were ‘decentralization‘ and ‘immutability,‘ the mantras of many blockchain philosophers.
Decentralization refers to the distribution of power and control among a network of participants rather than relying on a central authority—in theory—preventing single points of failure and reducing the risk of censorship or manipulation by any one entity. Immutability refers to the inability to change or alter data once it has been recorded on the blockchain, which is intended to ensure that transactions and data recorded are tamper-proof and resistant to revision after the fact, thus fostering trust in the integrity of the blockchain and its historical record.
Unfortunately for proponents of these ‘foundational principles,’ there’s a growing recognition that decentralization in the blockchain space might be a myth, and as for immutability, opinion is split on whether it is necessary to always maintain it or if there are some situations that may also warrant a rethink of this seemingly non-negotiable characteristic.
One such situation, which, to some extent, challenges both of these core principles, is the contentious topic of digital asset recovery.
Before getting into the meat and potatoes of the debate, it’s necessary to clarify that there are two distinct types of recovery to speak of: that involving assets lost through frauds, such as Ponzi schemes (FTX being a recent high-profile example) and those stolen through hacks or otherwise made inaccessible (e.g., lost keys).
The two present very different challenges, with recovery of the former being relatively
commonplace and uncontroversial, the latter decidedly not.
Recovering assets lost to fraud often involves legal recourse, investigation, and potential restitution efforts. Investors losing money due to fraud is not exclusive to the digital asset space, and when a fraud is uncovered and those behind it put to trial, the courts generally make every effort to reimburse or compensate victims where possible.
In the case of FTX, for example, victims of Sam Bankman-Fried’s fraud look likely to get a large amount, if not all, of their investment returned, with the caveat that this is partly due to FTX having a large portion of its remaining assets in tokens, the price of which has skyrocketed since the FTX fraud was uncovered.
On the other hand, recovering assets stolen through hacks or lost due to inaccessible keys is a more complex and technical challenge. In many cases, once funds are stolen or keys are lost, they become irretrievable without specific technical solutions. Progress is being made in this regard, but it remains limited to certain blockchains, BSV Blockchain (BSV) being a prominent example.
Such progress, on top of returning assets to their rightful owners, serves to dispel the common misconception that digital asset investors must sign a Faustian pact when getting into the space: to enjoy the benefits of the technology, one must accept that lost or stolen assets often cannot be recovered.
UK courts setting the standard
“The point is that we can recover it, and there have been successful recoveries,” says Charlotte Hill, Partner at international law firm Penningtons Manches Cooper, which is a board member of the Crypto Fraud and Asset Recovery Network (CFAAR).
Launched in August 2021, CFAAR brought together lawyers, barristers, forensic accountants, corporate intelligence, and asset recovery professionals with the purpose of developing “best practices” in digital asset recovery.
Speaking with CoinGeek, Hill points out that when it comes to digital asset recovery, the U.K. courts have been meeting the challenges head-on.
“The English courts were very quick to deal with the problems that were arising, which predominantly stemmed out of fraudulent actions or theft or some sort of scam,” says Hill.
One such problem was whether digital assets could be classified as property within the traditional legal framework. If something can be considered property, then the theft of loss of it does not change who the rightful owner is, and any service or network that is responsible for overseeing such assets may owe a duty of care to the owner, and thus could be compelled to do anything within its power to return said assets to their rightful owner.
Some blockchain advocates and developers argue that digital assets such as Bitcoin exist outside of the laws that apply to other assets, such as property law. As a novel asset type, its status should be decided by fresh legislation, not the courts applying old ones.
This is certainly the case being made by the likes of Coinbase (NASDAQ: COIN) and Ripple
in the United States, both of whom face court cases against the Securities and Exchange Commission (SEC). They have persistently argued the financial sector regulator is overstepping its jurisdiction by attempting to apply existing securities laws to their ‘unique’ asset type and demands to be left alone until Congress comes up with digital asset-specific legislation.
Whether digital assets are securities is another debate—spoiler, they almost all are—however, on the question of whether they can be considered property, several cases in the U.K. have set a precedent for recognizing that the industry is not so different in nature to other sectors, clearing a potential hurdle to recovery.
“The English Courts grappled with it and very quickly decided on an interim basis that crypto can be treated as property, we really refined our concepts to this new asset class,” explains Hill.
The implication of this, says Hill, is that “in short, we can take steps to recover this new asset class.”
The key cases in question include AA v Persons Unknown & Ors Re Bitcoin (2019), in which the court was willing to grant proprietary injunctions against all defendants, freezing fraudulently obtained Bitcoin. In granting the injunctions, Judge Bryan ruled that “crypto assets such as Bitcoin are property.”
Incidentally, the case also demonstrates another innovation of the U.K. courts, being able to sue ‘persons unknown.’ This is a useful tool when dealing with the frequently anonymous and pseudo-anonymous digital asset space.
The property question was later affirmed in the case of Tulip Trading Limited v Bitcoin Association for BSV & Others (2023), in which the Court of Appeal was asked to consider whether Bitcoin developers owe fiduciary duties to the user, specifically whether the developers should be required to return the claimant’s lost property (Bitcoin) to them if they can prove ownership. The Court unanimously held that there was a serious issue to be tried on this point and remitted the case for trial before the High Court.
The U.K. Law Commission referenced this judgment in its June 2023 report on digital assets, stating that the case had “brought a high degree of certainty to the law of England and Wales: it recognizes that crypto-tokens can be things to which personal property rights can relate.”
This cleared one barrier to recovery (in the U.K. at least) but several other significant obstacles remain.
“The challenges lie around enforcement and around jurisdiction, because by virtue of this asset class, they are borderless and many of the entities, to the extent that they are centralized in some way, are typically offshore,” says Hill.
Another issue she notes is simply the costs involved.
“You have individual investors that have lost money or had however many thousands of crypto stolen, but unfortunately, because of the cost of the litigation—if it’s quite a legally challenging case that takes time and effort, it will cost. It quite often means, unfortunately, individuals can’t afford to take the action required in order to recover the assets.”
This means bad luck for smaller investors, where the cost of the process, barring getting involved in a large class action, simply outweighs the benefit and chance of recovery.
Despite these challenges, Hill is optimistic about digital asset recovery from fraud, pointing out that the odds are improving.
“In terms of actually seeking to recover the asset, if it’s in, for example, a centralized wallet, it is more often than not possible, as long as that exchange or whoever is holding the wallet is willing to play ball with you.”
Whether a prominent exchange, such as Binance or Coinbase, is willing to play ball may be a big if, but this rosier take on digital asset recovery clashes with a common conception, or perhaps misconception, of the process being prohibitively difficult.
Easier than it looks?
The idea that recovering digital assets once ‘lost’ is a fool’s errand likely stems from conflating assets lost through fraud and Ponzi schemes with those stolen through hacking or literally lost, i.e., misplaced keys.
In the case of the former, it could be argued that it’s actually an easier process than with certain other asset classes.
“At the moment, I’ve got an active cryptocurrency tracing case, a couple of traditional payment fraud cases where we are tracing fiat currency through bank accounts, and a third case where a client was defrauded into buying gold bars which the fraudsters then took possession of. Having those three sets of cases provides a stark reminder of just how traceable crypto is,” explains Dan Wyatt, partner at RPC, one of the founding law firms of CFAAR.
“If stolen crypto has gone through a mixer and been dissipated all around the world to cold wallets or less reputable exchanges it’s more difficult, but usually there are always leads to follow.”
So, in contrast to ‘traditional’ assets, blockchain-based assets are actually easier to trace, thanks to the clear and public transaction records. Barring the assets going through a mixer or mixing service—platforms that can obfuscate the origin of digital assets funds by mixing coins with others and sending them to different wallet addresses to make transactions anonymous and difficult to trace—it’s relatively straightforward to follow the paper trail.
These controversial mixer services are also becoming increasingly difficult to access as they often find themselves on the sanctions list, particularly in the U.S., due to their utility for money laundering and terrorist financing— Tornado Cash, Sinbad.io, and ChipMixer are prominent examples.
Comparatively, Wyatt states that in a standard payment fraud case, “it is usually much more difficult as there is obviously no public ledger you can use for tracing; all you know is that your client has instructed a payment to a bank account. You then have to ask that bank for disclosure of account records to work out what happened to the funds next. Most banks will require an order before giving you such records. Obtaining an order incurs legal fees (and takes time), and you’ll then get account records which likely show onward payments to another ten bank accounts. Those ten accounts are often held at banks which are out of the jurisdiction and may or may not be willing to co-operate by providing further account records. So at best this process is actually really clunky and time-consuming.”
Rather than this awkward process, digital assets can often be traced to or via exchanges, at which point the next stage is to freeze and repossess them. Hill suggests this can also be a straightforward affair, with embattled digital asset exchanges increasingly wanting to be perceived as legitimate and law-abiding businesses.
“More known exchanges will usually want to uphold their reputation, with the right court order or documentation to prove ownership, they will return it. Whereas if it was in an offshore bank or something like that, that’s a very different challenge and actually takes a lot longer and requires a lot more cooperation.”
This positive take on digital asset recovery will come as music to the ears of the legion of victims of crypto-fraud and Ponzi schemes, such as FTX, whereas Hill points out, “ironically, it appears that not only are the victims going to be paid in full but there’s going to be a profit.”
However, the outlook remains decidedly less optimistic for the many digital asset investors who have lost access to their property, thanks to misplaced keys or hacks.
Recovering stolen or lost assets
In 2017, digital asset research firm Chainalysis estimated that between 2.78 and 3.79 million, or between 17% and 23% of all BTC, at the time, had been lost. In March last year, economist Timothy Peterson went further, suggesting that “six million of the 19.3 million bitcoin mined have been irretrievably lost.”
The reason such a huge cache of assets is considered ‘irretrievable’ is due to the complexity of the process, throwing up roadblocks at several different stages of recovery.
First, the person or entity that suffered the loss or theft would need to prove ownership. This is arguably the easiest and least controversial part of the process, especially now that digital assets are established as property in law (in the U.K., at least).
Second, it would need to be established who, if anyone, is responsible for a certain blockchain; in the case of BTC, for example, this would be the ‘BTC Core Developers,’ a somewhat anomalous and distributed group of people who contribute to the ongoing development and maintenance of the BTC protocol and its implementation. Lastly, a court order would need to be issued compelling the group of developers, miners, or custodial organizations to implement the reassignment of coins, either by getting enough hash power to undo approved transactions or adding new code.
But even with a court order, implementing changes to a pseudo-decentralized network like BTC would be extremely challenging. If the significant hash power required to implement changes was attained or new code added to the protocol, there’s still no guarantee that all network participants would accept these changes, potentially leading to a contentious hard fork or individuals refusing to comply with the court order.
Robin Smith, founder of ToHonesty, a startup company aiming to carve out a niche as an intermediary in the digital asset recovery field, suggests that part of the problem is a matter of mindset rather than technical barriers.
“If people thought stealing digital assets and recovering or resigning coins—getting the hash power to do it—was just the same as a bailiff going to a thief’s house and getting the property back, people wouldn’t dispute it at all,” Smith tells CoinGeek.
He goes on to suggest that the process itself is not the problem.
“Technically, the mechanics of it are really well understood. You wouldn’t even need to get the developers to change the code. You could get an injunction, theoretically, that would compel the miners to patch the code themselves. If they say ‘we can’t do this,’ then it’s possibly contempt of court.”
Compelling enough of a disparate network of miners to comply with an injunction or court order might seem even more fanciful than compelling a developer group, but industrial-sized mining operations are big business. Depending on jurisdiction, it’s not beyond the realms of possibility that a large digital asset mining company might feel it needs to comply with court orders for the purposes of legitimacy, or even PR.
By way of example, U.S.-based mining company Marathon Digital (NASDAQ: MARA) has cooperated with two different SEC subpoenas related to its operations; while they were not asking the firm to do something as seemingly drastic as partake in a reassigning of coins or changing of code, it does at least show a willingness to cooperate with authorities when compelled to do so.
However, even if this was a possibility, without total consensus, controversial decisions made on a blockchain have a habit of resulting in forks. One of the most notable instances occurred on the Ethereum blockchain.
The DAO (Decentralized Autonomous Organization) was a smart contract platform built on Ethereum, essentially a venture capital fund in the form of a smart contract. In 2016, a vulnerability in the DAO’s code was exploited, resulting in the theft of approximately $50 million worth of ETH.
In response to the hack, the Ethereum community faced a difficult decision, some arguing for a hard fork of the Ethereum blockchain to effectively reverse the unauthorized transactions and restore the stolen funds to their rightful owners, while others argued that such an action would violate the principles of ‘immutability’ and ‘decentralization.’
Ultimately, the community chose to proceed with a hard fork to reverse the transactions associated with the hack, which led to the creation of two separate blockchains: Ethereum (ETH) and Ethereum Classic (ETC). Ethereum continued with the hard fork, undoing the hack and returning the stolen funds, while Ethereum Classic remained on the original blockchain.
In this case, the controversial decision was taken due to the huge number of people affected by the hack, and the value of the assets involved. But even then, the decision was taken reluctantly and with consequences for the blockchain’s future.
Imagine, then, how difficult it would be for a single individual to retrieve lost assets. As Hill points out, “if you’ve lost your private key, there’s nothing at the moment you can do.” However, she does add the caveat, “unless, of course, the Tulip Trading case changes a lot.”
This is the same Tulip Trading case which, as we’ve seen, more or less settled the ‘are digital assets property?’ question in the U.K., and, depending on how the case pans out, it may have an even more landmark precedent up its sleeve.
Tulip Trading
In December 2023, the U.K. High Court ruled that if Tulip Trading Limited can prove it owns 110,000 BTC at a preliminary issue trial in 2025, there is a case to be heard that the defendants owe fiduciary duties to return those BTC to their rightful owner.
Bitcoin Association for BSV (now called BSV Association) has already settled the case with Tulip, and the remaining ‘others’ are essentially a list of BTC Core Developers.
Tulip Trading, which is owned by Dr. Craig Wright—who claims to have lost access to the coins following a hack on his home in 2020—is arguing that developers of blockchains owe fiduciary and common law duties to owners of digital assets, in large part due to the centralized nature of blockchain development.
“The key point in Tulip Trading is whether the developers of the Bitcoin network, who support and run the Bitcoin network, owe duties to the victims of fraud to take such steps as are required to place the ownership of stolen crypto back with the victim,” explains Wyatt.
“It’s a fundamentally important case which goes to the core of the operation of Bitcoin and other crypto currencies.”
The seismic significance revolves around developers of blockchains having largely managed to avoid any legal liability arising from their control of vast networks that govern trillions of dollars in assets. If blockchain developers were found to owe fiduciary duties—the legal responsibility to act solely in the best interest of another party—to the owners of assets on the blockchain they oversee, then certain blockchains would have to radically change their philosophy and way of operating – or else potentially find themselves in contempt of numerous court orders and injunctions.
For this reason, even in the instance of a Tulip Trading win, Wyatt suggests the fight wouldn’t end there:
“I imagine securing compliance wouldn’t be very challenging in practice, plus it would likely result in a fork of Bitcoin because it would fundamentally alter how the whole ecosystem operates.”
It appears then, like so many who have lost digital assets, Tulip Trading is running up against that dogmatic brick wall of ‘decentralization’ and ‘immutability,’ which comes part and parcel with many blockchain ecosystems.
However, this is not universally the case when it comes to blockchain technology and digital assets. BSV Association, the Switzerland-based steward organization of the BSV blockchain (and former defendant in the Tulip Trading case), has taken a more proactive approach to digital asset recovery.
BSV and DAR
Connor Murray, Stewardship Director at BSV Association, described the organization’s role as “ensuring network integrity and compliance with legal standards,” with the intention of making BSV “a reliable and trustworthy platform for digital innovation.”
Putting its money where its mouth is, in October 2022, the BSV Association launched the
Blacklist Manager software tool to permit miners to freeze digital assets on the BSV blockchain—provided that a court order or equivalent documentation has been secured. Blacklist Manager was a key first step towards digital asset recovery on the BSV blockchain.
This year, the Association took the next step by introducing the Digital Asset Recovery (DAR) tool, which “enables the recovery or freezing of digital assets in cases of loss, theft, or if they require ownership or transfer” and delivers “a protocol that aligns blockchain technology with existing legal frameworks for asset protection.”
When announcing the package of security enhancements in which DAR was introduced, the BSV Association said it was “essential in establishing a regulatory-compliant network and framework for digital assets, as well as for enforcement and compliance with existing property laws.”
Of course, the BSV Association is a centralized organization and, as such, has drawn criticism from the crypto-anarchist purists that cling to decentralization as a fundamental pillar of the technology. But the key difference between the BSV Association and those groups in charge of other blockchains is that the former does not have any power to change the underlying BSV protocol—it is, as the BSV Association says, a steward of a set in stone protocol. Other blockchains—as shown by the Ethereum DAO fiasco—are very much in the business of exercising centralized power to make drastic changes to the underlying technology.
Where we are and where we’re going with asset recovery
When it comes to asset recovery from fraud or Ponzi schemes, the outlook appears a little more positive if situational.
“Where you can trace the stolen crypto, or some of it, to an exchange which is likely to comply with court orders either consensually or via formal enforcement steps, and where enough has been lost to make the legal and associated costs of tracing and recovering commercially sensible, and the victim is willing and able to fund those costs, then you have a fighting chance of making recoveries,” says Wyatt. With these “key things” in place, recovery is possible and frequently happens.
In terms of the law, as Wyatt points out, “there’s nothing particularly new there. It’s mostly just applying existing principles to a new asset class.”
In terms of recovery from theft, hack, or misplaced keys, while proponents of many blockchains may not like the idea and developers may not want to do it, similar asset recovery tools to DAR could be implemented on the likes of BTC, BCH, ETH, or any other blockchain. It’s worth noting that on the BSV blockchain, transactions do not get reversed since there is a full record of everything in the system just like an accounting system. Instead the transaction is appended and all of the relevant transaction information that caused the transaction to be appended is available to view creating an audit trail of why things changed, when and by what authority.
As things stand, until Tulip Trading or another case sets down a marker for the recovery of lost or stolen assets and the resulting court orders are actually enforced and complied with, this kind of recovery is going to be restricted to the BSV blockchain.
“Even if you can’t get BTC to comply with fiduciary duties, to recover assets from BTC – which, after all, is where a lot of the value really is in the digital asset space – why not just let the BTC network carry on without asset recovery. The BSV network is running,” says Smith.
“If BSV can be adopted by app developers or institutionally adopted by people, then if you did get something lost or stolen from the BSV network, the recovery tools are all there, ready to go.”
It appears then that digital asset investors and businesses have a clear choice to make, as things stand: use the blockchain that recognizes the need for asset recovery capabilities and respects property rights or the one that doesn’t. Ideology vs. security, dogma or duty.
Editor’s note: This article has been updated for clarity.
Watch: Securing personal information with blockchain identity system
New to blockchain? Check out CoinGeek’s Blockchain for Beginners section, the ultimate resource guide to learn more about blockchain technology.
