The Bitcoin Legal Defense Fund was pleased to see a thoughtful article about the Tulip Trading case in the current issue of the highly regarded Butterworths Journal of International Banking and Financial Law.
The article was written by an attorney not involved in the case who argues that regardless of whether Tulip Trading’s factual claims are taken at face value or are investigated at trial, “the ultimate conclusion is the same: Bitcoin developers do not owe a fiduciary duty to grant [Tulip Trading Ltd] access to its Bitcoin.”
The article does an artful job of explaining and dismantling the various legal tactics deployed by Craig Wright’s firm Tulip Trading in its ongoing lawsuit against 12 Bitcoin Core developers on the grounds that they “control the relevant networks and therefore owe [Tulip Trading] fiduciary and/or tortious duties to assist it in regaining access” to billions of dollars worth of Bitcoin it claims were stolen.
The article is well worth reading in its entirety, but we’ve highlighted some important points below:
The UK Court of Appeal’s analysis of an alleged duty of Bitcoin developers to implement Tulip’s requested change to Bitcoin Core is flawed
“This analysis is problematic because it relies on a flawed analogy between software bugs and the inability to transfer Bitcoin without a private key….First, the nature of the activity required to fulfill the duty alleged by Tulip Trading (i.e., change how the system is intended to work by transferring Bitcoin without a private key) is fundamentally different to fixing a software bug. Describing both as a mere ‘code update’ is a gross oversimplification…Nothing has gone wrong with the system. It is operating as intended. The inability to transfer Bitcoin without a private key is a fundamental security feature of the system. So on what basis can consent to a change which undermines that security feature be inferred? Even if consent can be inferred…it does not follow that there is a duty to implement that patch. It is completely unrealistic to say that Bitcoin owners (let alone the person who created Bitcoin who Dr. Wright ironically claims to be) have a legitimate expectation that developers will change how the system was intended to operate. This is a system which owners have voluntarily entered into and the consequences of losing a private key are well known.”
The Bitcoin Core developers are not a sufficiently well-defined group to warrant the imposition of fiduciary duties
“Bitcoin Core is the most popular software option in the Bitcoin ecosystem. It is open source and anyone can contribute. Therefore, the group of Bitcoin Core developers is necessarily not well-defined…Tulip Trading targets its claim at certain Bitcoin Core developers. It says those developers hold the passwords and are therefore able to introduce changes to the source code repository on GitHub. Developers with this access are referred to as repository maintainers. But not all of the defendant developers are maintainers. Some of them have never been maintainers and others are no longer maintainers. So Tulip Trading’s claim extends beyond maintainers, but to whom? That is unclear. Perhaps as the High Court observed, it extends to developers who Tulip Trading says exert a ‘significant influence’ over the Bitcoin network. What do ‘influence’ and ‘significant’ mean? When does influence cease to exist? What about other non-developer constituencies who might have significant influence? Therefore, even on Tulip Trading’s case, the class of developers is not well-defined.”
The Bitcoin developers do not control the Bitcoin Core software
“Tulip Trading asserts that the maintainers have unbounded discretion in deciding whether a proposal should be merged into the repository. However, that ignores two things: (1) the expectation of the wider development community is that maintainers should be mere facilitators or performing a ‘janitorial role’; and (2) all GitHub proposals are publicly available and the peer review is public. This transparency creates accountability.”
Bitcoin Core developers do not control the Bitcoin network
“The Court of Appeal considered that because software is all there is (and the developers control the software), the developers control the networks. There are a few problems with this. First, there are multiple software options within the Bitcoin ecosystem. Bitcoin Core is currently the most popular, but that is only because other nodes choose to run it. Second, there are other components of the Bitcoin system including the network of participants. The participants are just one part of a wider set of constituencies which…can and do exert influence on the system. If maintainers introduced a controversial change into Bitcoin Core, participants are free to not upgrade to the new version or to run an alternative software option. (Bitcoin Core is released under the open source MIT License, so the alternative software could even be a copied or modified version of Bitcoin Core.)…There are numerous incidents that demonstrate that no constituency (including developers) can unilaterally impose its will on the others.”
Even if Bitcoin Core developers were legally compelled to implement Tulip Trading’s patch, they can’t force other network participants to use the new software
“If maintainers were to merge Tulip Trading’s software patch into the Bitcoin Core repository, participants may refuse to upgrade to the new software or opt for another software option. Tulip Trading argues that would not happen because it is not in the participants’ commercial interests. However this assumes (without any justification) that a majority of participants and wider constituencies would upgrade to the new software with the result that participants who do not upgrade are left on a minority chain. Given the controversial nature of Tulip Trading’s software patch (including the potential for it to undermine security), it is very likely that the majority would not upgrade. All Tulip Trading’s patch would achieve is the creation of a minority chain with a likely worthless coin.”
For this reason, the article concludes, “fiduciary duties are not required” of Bitcoin developers.” Instead, “responsibility is placed on owners to safeguard their Bitcoin (or to go after the hackers) and not on developers to recover it for them.”