Circular gold lining Ethereum logo with laptop as background

Ethereum developers are fiduciaries too

Ethereum’s long-promised ‘Shanghai’ update went live, again raising questions around the legal status of Ethereum under securities laws and whether or not supposedly ‘decentralized’ projects are truly decentralized at all.

Fortunately, in the case of Ethereum, their core developers seem to have abandoned all pretense that their protocol is, in fact, decentralized. In a statement circulated following the Shanghai update, core Ethereum developer Justin Florentine said this:

“Shanghai is a big deal, it is Ethereum’s capstone on the merge. Our community has trusted us with their staking deposits for over 2 years, and now we’re returning their rewards. Now that the community has access to their stake, I suspect they will move it off of centralized staking platforms, perhaps even pooling together with their friends on decentralized alternatives.”

Given that this is coming from a self-described ‘core developer’ of Ethereum, does that sound like a description of a decentralized project?

Centralization means obligation

It’s a strange time to let this mask slip. Now more than ever, regulators and courts are drawing a straight line between the centralization of digital asset offerings and the legal obligations attached to them.

In fact, the centralization of Ethereum would put its developers squarely in the crosshairs of a landmark lawsuit currently making its way through the English courts. Tulip Trading is suing the developers in charge of the BTC, BCH, BSV, and BCHABC blockchains, arguing that they owe fiduciary duties to the people who use and rely on their blockchains and who trust the developers not to act contrary to their interests. These duties, it is argued, require the developers to take action to restore access to lost or stolen digital assets to their rightful owners.

Though this might raise the eyebrows of those taken in by so-called DeFi marketing, it’s an argument that has a lot of legal weight behind it—not least of all because the English Court of Appeal just ruled that Tulip Trading’s lawsuit makes an important and realistic argument which deserves the benefit of a full trial. In doing so, the second-highest court of the U.K. had this to say on the implications of centralization:

“If decentralized governance of bitcoin really is a myth, then in my judgment there is much to be said that bitcoin developers, while acting as developers, owe fiduciary duties to the true owners of that property.”

Fiduciary duties are well-established legal obligations. Broadly speaking, fiduciaries are those who have undertaken to act on behalf of another in circumstances that give rise to a relationship of trust and confidence (Bristol & West Building Society v Mothew). As a result of this relationship, fiduciaries owe particular legal responsibilities to those placing their trust in them. Though there are well-established categories of fiduciaries—think lawyers, financial advisers, doctors—the courts are not fixated on these categories, instead focusing on the nature of the relationship, emphasizing the assumption of trust. As such, the courts are amenable to recognizing such duties in novel circumstances.

In the U.S. the law has developed differently but has more or less the same conception of fiduciary duties. Tamar Frankel, a leading law professor on the subject, described fiduciaries as typically having four attributes:

  • Fiduciaries offer mainly services that are usually socially desirable and often require expertise.
  • They must be entrusted with property or power in order for them to perform these services effectively.
  • The entrustment poses to the entrustors the risk that the fiduciary will not be trustworthy.
  • There is a likelihood that the entrustor will fail to protect itself from the risks involved in fiduciary relationships, the markets might fail to protect the entrustors from these risks, and the costs for fiduciaries of establishing their trustworthiness might be higher than their benefits from the relationship.

It would be hard to fit a truly decentralized blockchain within the law on fiduciaries. After all, a legal relationship that is defined by trust might seem like a poor fit for an industry that uses ‘trustless’ as a marketing cornerstone. However, such language is just that—marketing—and many of the biggest blockchains are highly centralized when examined closely.

The quickest way to test this is to consider how decisions are made within a given project. If governance is truly decentralized, then the concept of a ‘core developer’ should be nonsensical. What differentiates a ‘core developer’ from anyone else with an interest in the project? The answer is inevitable control and authority: core developers have commit access, core developers decide the direction the project is heading and how it gets there. That’s also why people like Justin Florentine get quoted as an authority on Ethereum’s latest update.

Even in rare cases where ‘core developers’ are truly only responsible for implementing actions decided upon democratically by the community at large, somebody with power sets the parameters by which these alternative options are designed and presented in the first place and the system by which votes are collected and weighted. Even beyond that, once a decision is made democratically, it still falls to a ‘core developer’ to decide exactly how it is implemented as code, where seemingly minuscule design decisions can have an outsized impact on how it works in practice.

Though Tulip Trading is the first time the argument has been tested in the courts, the argument itself has been developing for years. “In Code(rs) we trust: Software Developers as Fiduciaries in Public Blockchains is a widely-cited paper by legal scholar Angela Walch, which argues that the highly centralized governance of blockchains by developers who create and continually modify the rules of the system should be treated as fiduciaries.

In discussing Ethereum, Walch points to the well-known Ethereum DAO disaster in 2016 as clear evidence of Ethereum’s centralized governance. There, an ETH-based decentralized autonomous organization (DAO) holding 15% of all ETH in circulation was hacked, posing massive risks to the network. Ethereum’s developers, led by Vitalik Buterin, proposed, approved, and implemented the solution: to fork the network and recover the stolen assets that way. This proposed solution was put to the community, but just 6% of all ETH holders participated, and 25% of the votes that were cast came from one address.

As Walch says:

“The passion, drama, and anger surrounding the Ethereum hard fork show how much was at stake for the Ethereum community, investors in ether, and those who built applications and companies atop the Ethereum blockchain. Yet only a small number of developers and miners in this “decentralized” system decided what the resolution of the DAO hack would be, in effect determining the financial fortunes of all those relying on the Ethereum blockchain, whether or not they had invested in the DAO.”

Once it’s accepted that very few of these projects are decentralized, the rest of the assessment falls into place relatively quickly. To use the four attributes described by Frankel, the core developers have the privileged expertise necessary to run their own blockchains, and are the only ones with the power to make any changes to the system at all, democratic influences notwithstanding. This means that anybody investing their money into the project—such as by buying a token—entrusts those developers with their property and the power to drastically affect its value.

The necessity of fiduciary obligations in these situations becomes more apparent when you consider the alternative. Can it really be true that people who have invested in a blockchain project have no legal recourse if the developer in charge of the project cynically railroads its development so that its value disappears overnight? Or simply stops maintaining the network? Or arbitrarily reassigns investment tokens from their investors to themselves?

The answer must be no, and all early indications are that the courts could agree. As the Court of Appeal said in approving Tulip Trading’s case:

“…there is, it seems to me, a realistic argument along the following lines. The developers of a given network are a sufficiently well defined group to be capable of being subject to fiduciary duties. Viewed objectively the developers have undertaken a role which involves making discretionary decisions and exercising power for and on behalf of other people, in relation to property owned by those other people. That property has been entrusted into the care of the developers. The developers therefore are fiduciaries. The essence of that duty is single minded loyalty to the users of bitcoin software. The content of the duties includes a duty not to act in their own self interest and also involves a duty to act in positive ways in certain circumstances. It may also, realistically, include a duty to act to introduce code so that an owner’s bitcoin can be transferred to safety in the circumstances alleged by Tulip.”

Bad timing for Ethereum

Disastrously for the likes of Ethereum, this question is being reviewed by the courts at precisely the time that a broader conversation is happening between regulators and lawmakers which challenges the myth of decentralization.

For instance, decentralization is a key concept in determining whether a digital asset offering amounts to the offering of securities, which invokes more onerous legal obligations. Under U.S. law, this is determined under the Howey test. Usually, the key Howey element relevant to digital asset offerings is whether or not offerees invested money expecting profits reliant on the efforts of others, such as a central management body. Ergo, if a digital asset project is centrally governed, then it’s highly likely to be considered a security.

While the Securities and Exchange Commission (SEC), the regulator in charge of securities in the U.S., has consistently recognized that the centralization of digital asset projects is likely to be the determining factor in whether the Howey test is met, officials have usually carved out an exception for the likes of BTC and ETH. This used to be done on the basis that decentralized projects likely do not qualify. But the SEC itself began to walk this back, beginning with Ethereum’s upgrade to proof-of-stake, which prompted SEC Chair Gary Gensler to say this:

“Whatever they’re promoting and putting into a protocol, and locking up their tokens in a protocol, a protocol that’s often a small group of entrepreneurs and developers are developing, I would just suggest that each of these token operators…seek to come into compliance, and the same with the intermediaries.”

This can be further seen in a recent enforcement action taken by the New York Attorney General against the exchange KuCoin over its failure to register as a securities broker-dealer. Ethereum, which is listed by the exchange, was expressly labeled as a security in the NYAG’s charges. Better yet, the charges point squarely at Ethereum’s centralized governance to justify that position:

“ETH’s development and management is largely driven by a small number of developers who hold positions in ETH and stand to profit from the growth of the network and the related appreciation of ETH.”

Further down:

“Buterin and the Ethereum Foundation retain significant influence over Ethereum and are often a driving force behind major initiatives on the Ethereum blockchain that impact the functionality and price of ETH.”

So it seems that the decentralization myth—at the very least as far as Ethereum goes—has been busted by authorities. What remains to be seen is how drastic the legal consequences of this sea change are: the NYAG’s action caused a stir for what it meant for Ethereum’s status as a security, but of potentially greater consequence is what it means for the Ethereum developers’ status’ as fiduciaries.

Given that the U.K. Court of Appeal has already signaled that it considers centralization (or lack thereof) to be the key to this question, fiduciary obligations for blockchain developers may already be a foregone conclusion.

Follow CoinGeek’s Crypto Crime Cartel series, which delves into the stream of groups—from BitMEX to Binance, Bitcoin.com, Blockstream, ShapeShift, Coinbase, Ripple,
Ethereum, FTX and Tether—who have co-opted the digital asset revolution and turned the industry into a minefield for naïve (and even experienced) players in the market.

New to blockchain? Check out CoinGeek’s Blockchain for Beginners section, the ultimate resource guide to learn more about blockchain technology.