Hostname: page-component-7b9c58cd5d-7g5wt Total loading time: 0 Render date: 2025-03-15T16:07:27.666Z Has data issue: false hasContentIssue false
  • English
  • Français

How to Make Sure My Cryptokitties Are Here Forever? The Complementary Roles of Blockchain and the Law to Bring Trust

Published online by Cambridge University Press:  24 July 2019

Charlotte DUCUING Open the ORCID record for Charlotte DUCUING [Opens in a new window]
Rights & Permissions [Opens in a new window]

Abstract

Under the phrase “code is law” and based on its “trustless trust”, blockchain has emerged as a disrupting technology considered by some as an alternative to the law. Based on a study of real-life blockchain-based decentralised applications (Dapps), this article takes blockchain developers at their word and adopts the point of view of users: can blockchain live up to its promise and enable them to transact with each other without the need for the trust granted by the law? The article particularly highlights that users need to be able to ascertain that a self-advertised Dapp indeed qualifies as one. Blockchain technology may make it possible to do away with trust in third parties, but this is not enough. Users also need to trust that an alleged Dapp genuinely is one, and blockchain alone cannot provide this. Beyond Dapps, it is argued that blockchain needs the complementary role of the law to deliver its promises and especially to authenticate blockchain “virtues”. The EU certification mark is identified as a promising form of co-regulation for that purpose.

Type
Symposium on Blockchain Regulation and Governance
Information
European Journal of Risk Regulation , Volume 10 , Issue 2: Symposium on Blockchain Regulation and Governance , June 2019 , pp. 315 - 329
Copyright
© Cambridge University Press 2019 

I. Introduction: blockchain-based decentralised governance and the promise of trustless trust

The first wave of blockchain technology was characterised by the rise of cryptocurrencies – the first of them being Bitcoin – which enabled decentralised electronic payment while circumventing financial institutions. But the potential of blockchain technology is not limited to currencies. As highlighted by Davidson et al, “distributed ledgers are a technology of decentralization”.Footnote 1 Blockchain would make it possible to perform activities without the intermediaries traditionally needed to bring trust between partiesFootnote 2, by replacing them with “the network of participants”Footnote 3 based on computationally-achieved consensus. Actors could “trust the technology, which dispenses from the need to trust human counterparties or institutions”.Footnote 4 This feature – also known as trustless trustFootnote 5 or “trust-by-computation”Footnote 6 – is the overarching purpose of blockchain. In that sense, blockchain technology has been described as an “institutional technology”.Footnote 7 Other blockchain protocols have been further developed to decentralise various activities, such as information storage and sharing,Footnote 8 registries,Footnote 9 domain name systems,Footnote 10 transfer of assets (“smart property”),Footnote 11 capital markets,Footnote 12 voting systems,Footnote 13 enforcement of contracts without the need to resort to judiciary authorities (“smart contracts”),Footnote 14 and the list keeps growing.

Against this background, the decentralisation of governance by means of blockchain-based automation is considered as the “final stage of decentralization”Footnote 15 and attracts much attention. Coordination between individuals to make decisions is a difficult task that requires organisational models. Until the blockchain technology emerged, it had been mainly achieved by trusting a third party to do so (agency model). Detrimental effects are observed when this party becomes an inevitable intermediary, such as abuse of such central positionFootnote 16 or high costs. More generally this party constitutes a “single point of failure” (in blockchain parlance), thereby concentrating the risks. The party can be a public authority, such as elected politicians governing a State or appointed institutions such as central banks. It can also be a private entity, such as the GAFAM or Uber, accused of taking advantage of their respective gatekeeping positions to exploit the value brought by the users. The idea is that blockchain provides for “governance-by-computation”Footnote 17 or “trustless trust”, enabling individuals to reach consensus and make common decisions in a distributed manner, without having to delegate this competence to trusted third parties.Footnote 18 Among other things, the possibility for blockchain technology to “transform the gig economy”Footnote 19 and get rid of digital platforms intermediaries has been put forward. Blockchain is also envisaged as a means to organise (digital) commons.Footnote 20

The blockchain community has then abounded in technical writings to try and achieve blockchain-based decentralised services and organisations. The latter may consist of stand-alone blockchain networks, or they can “run” on another blockchain network, such as Ethereum. Ethereum was indeed created as a non-specific network-powered super-computerFootnote 21 on which programmers can run any applicationFootnote 22 so that it functions as a disinterested intermediary enabling other e-commerce services to take place on the application layer. In his ambition to create a fully decentralised e-commerce ecosystem as an alternative to the current one, which he deemed too centralised, V Buterin, the founder of Ethereum V, especially envisioned “decentralised applications” (Dapp, ÐApp or DA) to run on the Ethereum networkFootnote 23 “instead of running on a central server as usual Apps”Footnote 24 amongst which he singled out “Decentralized (Autonomous) Organizations” (DAOs).Footnote 25 The list of decentralised (autonomous) entities has then extensively grown in the blockchain community and in the scholarship with reference to corporations, societies (respectively D(A)Cs and D(A)Ss),Footnote 26 government (DAG),Footnote 27 Decentralised Collaborative Organization (DCO)Footnote 28 or delegated Decentralized Autonomous Organization (dDAO)Footnote 29 according to the entity to be “decentralised” as well as to its actual means and purpose.

DAOs are being largely discussed within the blockchain community and in the scholarship as the most ambitious form of blockchain-based decentralised entity.Footnote 30 According to Buterin who coined the term, a DAO “is an entity that lives on the internet and exists autonomously […]”. The autonomy of a DAO means that it “in some fashion, makes decisions for itself”. For example, Buterin considers the Bitcoin network to be autonomous enough to qualify as a DAO, rather than as a mere decentralised organization (DO). One feature common to both DO and DAOs is the decentralised character of the organisation, meaning that “instead of a hierarchical structure managed by a set of humans interacting in person […] a decentralized organization involves a set of humans interacting with each other according to a protocol specified in code, and enforced on the blockchain”. According to Buterin, a DAO is a Dapp with the main additional feature that it “has internal capital”.Footnote 31

As for the Dapp, the most elaborate definition within the blockchain community was proposed by Johnston et al in 2015Footnote 32 and has since been massively re-used.Footnote 33 According to the authors, an application is genuinely “decentralised” if it meets the four following criteria: (1) it is fully open-source and “operates autonomously” with “no entity controlling the majority of its tokens” while changes to the protocol are “decided by consensus of its users”; (2) the “application’s data and records of operation are cryptographically stored in a public decentralized blockchain in order to avoid any central points of failure”; (3) the application “uses a cryptographic token […] necessary for access to the application and any contribution of value […] should be rewarded in the application’s tokens”; and finally (4) it must “generate tokens according to a standard cryptographic algorithm acting as a proof of the value nodes are contributing to the application […]”. Bitcoin is cited as an example of a Dapp. The definition refers both to technical and governance criteria with the aim to prevent single points of failure and political centralised control of the application. Being a Dapp would ensure the presence of blockchain characteristics in the governance of the application and notably its autonomous character so that no trust in third parties would be needed.Footnote 34

This article takes blockchain developers at their word and adopts the point of view of the users: Can blockchain live up to its promise and enable them to transact with each other without the need for the trust granted by the law? The article particularly focuses on the need of users to ascertain and trust that a self-advertised Dapp (or other blockchain-based entity) does indeed qualify as one. While blockchain technology may enable the creation of Dapps, section II below, based on real-life examples, shows why users also need to be able to authenticate Dapps as being genuinely so. Having found, in section III, that the blockchain environment at large is not able to provide such authentication, section IV then identifies the missing component as, essentially, the legal function of classification of regulatory objects. Finally, some legal options are outlined where certification mark is identified as an interesting form of co-regulation for that purpose.

II. A need for meta-trust…

A fair number of websites operate on the internet and claim to be “Dapps”, DAOs and the like. Among others, StorjFootnote 35 operates decentralised cloud storage, LaZoozFootnote 36 decentralised carpooling, CryptokittiesFootnote 37 provides “digital cats” collectibles, KlerosFootnote 38 provides blockchain-based arbitration and OpenBazaarFootnote 39 operates a decentralised online marketplace. For instance, Kleros advertises itself as a “decentralized application” and “autonomous application” providing a blockchain-based arbitration service. “Every step of the arbitration process (securing evidence, selecting jurors, etc) is fully automated. Kleros does not rely on the honesty of a few individuals but on game-theoretical economic incentives” [enshrined in the Kleros protocol].Footnote 40 Such “computational courts”Footnote 41 obviously pose legal challenges arising from their attempt to constitute an alternative to judicial dispute resolution, which are, however, not the subject-matter of this paper: our point here is that blockchain-based decentralisation is a core feature of the service delivered by Kleros. As a result, Kleros users are invited to trust blockchain protocol as enabling “crowdsourced jurors to adjudicate disputes”. Failing that, the users would be left with their dispute being arbitrated by anonymous jurors about whom they have no guarantee.

In a different fashion, CryptoKitties, advertises itself as a “distributed application” and a Dapp which provides users with a game consisting of “breeding and collecting” unique digital cats. The advertising states that, “secure in the knowledge that blockchain will track ownership securely”, a digital cat is “100% owned by you; it cannot be replicated, taken away, or destroyed”. The underlying argument is that of the immutability and tamper-proof character of a public and decentralised blockchain, so that the application’s data stored on it (the second condition for being a Dapp), in this case the data featuring the digital cats, are also immutable because they would not depend upon a third party being a “single point of failure”. The characterisation as Dapp hence also plays a role in the essential features of the service provided. These websites look like any other website,Footnote 42 only their marketing highlights their blockchain virtues. The use of blockchain terminology – and especially the signs of “Dapp” or DAO recognised in the blockchain community – triggers expectations of decentralisation and absence of single point of failure on behalf of the users. However, such marketing may simply be misleading.

A user of CryptoKitties argued that “CryptoKitties folks”Footnote 43 retain the ability to alter, duplicate and even destroy the digital cats. In other words, the application would not be as decentralised and autonomous as promoted. Therein, CryptoKitties Terms of Use stipulate that “in addition to the Gas Fee [the cost of running smart contracts transactions on the underlying Ethereum blockchain], each time you utilize the CryptoKitties marketplace Smart Contract to conduct a transaction with another user via the App, you authorize us [namely Dapper Labs Inc] to collect a commission of 3.75% of the total value of that transaction […]”.Footnote 44 This tends to confirm that a single legal entity, namely Dapper Labs Inc, would run the application. Except for the Terms of Use referring to a contractual arrangement between the consumer and “Dapper Labs Inc”, the rest of the website, and especially the homepage, is however silent on who is actually running CryptoKitties and refers more profusely and confusedly to “the Cryptokitties team”. Given that CryptoKitties obviously targets individuals, the marketing of CryptoKitties could inter alia constitute an unfair commercial practice within the meaning of Unfair Commercial Practices Directive,Footnote 45 and more specifically a “misleading action” in that it would contain “false information and [would] therefore [be] untruthful […] in relation to the main characteristics of the product [in casu: the digital cats] and which is likely to cause [a consumer] to take a transactional decision that he would not have taken otherwise”.Footnote 46 Illegitimately promoting one’s application as vested with the decentralised virtues of a Dapp – as alleged with regard to CryptoKitties – would obviously also result in misleading consumers with regard to the trader’s role and rights in the transaction, which constitutes another “misleading action”.Footnote 47 Illegitimate promotion of the decentralised character of the structure could even quite simply mislead users as to the very existence of a trader conducting the economic activity.

Users could also simply be led to believe that there is no “trader” in the traditional sense. Even more seriously, the promotion of blockchain magic is likely to blur the issue enough for users, so that they don’t even wonder about the existence of a trader. This is all the more so, given that blockchain decentralisation is sometimes precisely advocated as an alternative to the law under the “code is law” motto.Footnote 48 The user would then not even consider that (consumer) law might be applicable to his situation, nor against whom he could invoke it. In this regard, ill-founded promotion of blockchain-based decentralisation – and especially alleged Dapps – may be found not only to constitute unfair commercial practices: they may violate the most basic information obligations provided for in the E-Commerce DirectiveFootnote 49 in order to bring trust in e-commerce, such as the obligation falling onto the provider of an information society service to ”render easily, directly and permanently accessible to the recipients of the service and competent authorities, at least the following information: (a) the name of the service provider; (b) [his] geographic address; […] (d) […] the trade register in which [he] is entered and his registration number [where relevant]”. The legal analysis against the Unfair Commercial Practices and the E-Commerce Directives is only provided as a case in point which has the advantage of being harmonised at EU level, while similar conclusions could also be drawn from the analysis of other bodies of legislation, such as the general principles of fairness and fair dealing in contract law as embodied in the respective national legislations.

Our purpose is not to undertake an audit of the websites promoting themselves as blockchain-based decentralised entities. Rather, the imbalance of information between these entities (“operators) on the one hand and their users on the other hand, demonstrably appears to make it possible for abuses to go unnoticed and unchallenged. Blockchain and the marketing on its “magic” act as a screen between (in this case) consumers and the legal protection afforded to them, rendering the whole legal protection inoperable or at the very least inefficient. The same has already been well documented with regard to the sale of “ICOs” to investors unable to ascertain whom they purchase tokens from, and what the tokens actually consist of.Footnote 50 By developing the application of blockchain beyond the realm of the financial sector, the second wave of blockchain only makes this very same issue bigger and broader in scope. It disempowers users,who may not even realise the abuse and who would in any case have a hard time claiming their rights, where in theory available. This leads us to an intermediary conclusion: blockchain technology may make it possible to do away with trust in third parties, but this is not enough. It remains to be seen how users can trust that an alleged blockchain-based application or entity is indeed vested with such blockchain characteristics, or – in other words – that it is what it claims to be. The need for trust does not disappear with blockchain; it is shifted to a meta-level: how to trust that a structure is indeed vested with the ‘trustless trust’ features of the blockchain? In other words, how to bring about what we hereby call “meta-trust”? The importance of this requirement should not be underestimated. Failing to address it is likely to result in free riding behaviours. In the medium term, this could result in what is known in economics as “adverse selection”Footnote 51 and would additionally have a chilling effect on the acceptance of blockchain innovations.Footnote 52 Against this background, the rise of private blockchains can be seen as a first reaction to the need for trust and accountability. The fact that this disintermediation technology is operated by big IT companies, who were precisely the targets of disintermediation, is not as paradoxical as it might first seem.Footnote 53 The next section investigates whether the blockchain environment at large might bring meta-trust or, conversely, what are the hurdles to its doing so.

III. … Which cannot be provided by the blockchain

The blockchain environment is not a structured one: it is comprised of a multitude of individual initiatives, brought together by common traits and common believes. As part of the latter, the importance of the open-source character of blockchain code is put forward as a regulatory means. The open-source character of the code is unanimously considered as a sine qua non condition for qualifying as a Dapp (see definition of a Dapp above), a DAO and the like. Blockchain-based decentralised entities are “inspired from the models of open source collaboration”.Footnote 54 Among other virtues, the open-source character of the code would enable collaboration of the “community” in the updates and improvements of the code, and also its auditability.Footnote 55 In that sense, the open-source character of the code is a transparency or even accountabilityFootnote 56 measure viewed as a safeguard and can thus be interpreted as vested with a regulatory function.Footnote 57 As a matter of fact, some websites have emerged which display the result of their “audit” on existing Dapps.Footnote 58 However, mere auditability of the underlying code of a Dapp is clearly not sufficient to enable users to trust the blockchain virtues of an alleged Dapp. It has already been found that “such [open source] networks present major cognitive entry barriers”.Footnote 59 This is particularly problematic in the case analysed here of non-developer individuals willing to purchase goods or services on Dapps, or in other words where the blockchain technology would scale up. Further, mere auditing of the open-source code may not be sufficient to determine the level and scope of decentralisation of an application or entity as, simply, not everything is in the code. For instance, a party may use different devices and credentials to control an entity which makes it difficult to trace, especially because anonymity – or at least pseudonymity, is strongly promoted in the blockchain environment.

Failing to determine the decentralised character of an application or structure, users may turn to reputed websites that have emerged on the internetFootnote 60 and provide directories of decentralised applications and entities, especially of Dapps. Such websites can easily be found; they are broadly referred to not only within the blockchain community but also in the scholarship.Footnote 61 They display Dapps according to criteria such as their field of activity, their popularity, their respective volume of transactions, etc. Users of decentralised applications or entities may therefore want to rely on these directories to be able to determine whether a website is genuinely decentralised, or in other words whether it is a genuine Dapp. As they stand, the directories of Dapps that can be found on the internet are, however, not able to provide such trust service, which is now further analysed by taking a closer look at one of most famous ones, State of the ÐApps. This website claims it has “become one of the biggest reference for the Ethereum ecosystem”Footnote 62 and advertises its references (talks, workshops, etc). However, it stipulates in its Terms of Use that “neither the website nor any of the persons or entities involved in any way in respect of the website including its host and its contributors, provide for specific legal, fiscal, economical and/or any other kind of advice or recommendation that may be relied upon. A visitor of the website will therefore act at its own risk in accessing or in any way relying on the content of the website […]”,Footnote 63 especially when investing in cryptocurrencies. Further, State of the ÐApps does not clarify how a website ends up being displayed as a Dapp in its directory. While the State of the ÐApps does not claim to be a Dapp or another blockchain-based decentralised entity itself, it does not allow the user to identify who runs the website.Footnote 64 In addition, it provides for specific features that Dapps representatives may choose to purchase – upon payment – to enhance the visibility of Dapps “to attract more users”.Footnote 65 As a result, one is led to believe that the displaying of Dapps is probably done without any verification of the genuine character of an application as a Dapp so that the State of the ÐApps would merely be a list of self-proclaimed Dapps. In that it allows for promotion of self-proclaimed Dapps, it can even contribute to further misleading the Dapp users. In this regard, CryptoKitties is, for instance, referred to on State of the ÐApps with much visibility.Footnote 66

The scholarship has documented – especially in the case of cryptocurrency wallet service providers – the fact that, by creating a new and complex economic environment, blockchain networks give rise to profitable “edge services”,Footnote 67 ie intermediaries taking advantage of the lack of knowledge of users of blockchain “things”, while not being “decentralised” themselves.Footnote 68 State of the ÐApps is demonstrably one of those. The very existence of such directories can be viewed as a symptom of the need for reliable information and trust on behalf of users of blockchain things, and in particular alleged decentralised applications and entities.

Eventually, the role of blockchain vocabulary in this regard needs to be touched upon, and especially the role of the taxonomy of blockchain-based decentralised “things” that has been developed. The lack of clarity and reliability of blockchain vocabulary has already been documented.Footnote 69 It is paradoxically illustrated by the huge number of websites displaying blockchain glossaries, lexicons or dictionaries.Footnote 70 The legal scholarship found that it resulted in further confusing regulators.Footnote 71 Notably, it leads to the overestimation of the virtues of blockchain, or their actual scope.Footnote 72 With regard to blockchain-based decentralisation, it was particularly found to prevent observers from seeing that blockchain networks’ governance is often de facto less decentralised than promoted, to the benefit of the unaccountable but actual managers of the said blockchain network.Footnote 73

To give a taste of the issue with regard to decentralised applications and entities, it can be observed that, although extensively promoted and discussed within the blockchain community and scholarship, the definition of a “DAO” is not yet settled.Footnote 74 The concept of the “autonomy” of a decentralised entity – core to its “trustless trust” virtues – is particularly subject to controversy. Inter alia, the degree of autonomy required to be considered genuinely “autonomous” is not clearly settled. As an illustration, “TheDAO”Footnote 75 is mostly referred to as the main life example of a DAO; however De Fillipi and Wright classify it as a mere DO for lack of sufficient autonomy.Footnote 76 As part of this debate, the technical means by which such autonomy is to be acquired is not clear, namely whether artificial intelligence shall necessarily be involved or not.Footnote 77 Although the definition of a Dapp by Johnston et al is relatively unchallenged and massively reused, it also leaves numerous questions unanswered. Should the State of the ÐApps have genuinely tried to conduct due diligence analysis of alleged Dapps, it would have bumped into questions of some importance, such as: does qualification as a Dapp prevent an application from being run by a legal entity at all? In relation thereto, what involvement of the “users” on the changes to the protocol is considered sufficient to qualify as “decision by consensus”? With reference to the application’s “data and records of operation” to be stored on a public blockchain, what exactly shall be “on” blockchain is also unclear. For instance, the Dapp OpenBazaar was found not to “use a blockchain for its core architecture”:Footnote 78 can it nevertheless qualify as a Dapp? The list of questions goes on.

The lack of clarity in blockchain vocabulary obviously makes it difficult for users to ascertain what and who they are dealing with when transacting with blockchain-based decentralised applications or entities. Ultimately, where a website claims to be a Dapp, what does it actually claim to be and provide? If a website – say CryptoKitties – claims to be a Dapp as part of its blockchain marketing while the definition of a Dapp is not settled, it obviously also makes it harder for users to lodge a complaint arguing that they were illegitimately deceived. In that sense, blockchain vocabulary – and especially the taxonomy of blockchain-based decentralised entities – does not provide appropriate signals for users to help them cope with the imbalance of information that they suffer vis-à-vis blockchain developers. On the contrary, it worsens it by bringing an additional layer of uncertainty or potential malicious use.

This section has demonstrated that the blockchain environment is unable to provide what we termed “meta-trust” with regard to decentralised applications and entities. In other words, blockchain technology may make it possible for A and B to exchange without trusting each other, based on C blockchain-based application; however, blockchain tools are unfit to provide trust to A and B that C application is indeed “trustlessly trustable”. Against this background, we now need to deduce from the above what is needed in order to bring this absent meta-trust into being, with a view to how the law could play a role in this regard.

IV. The role of the law

Two factors in the blockchain environment have specifically been pointed at as potential tools to bring meta-trust, and have eventually proved to result in the opposite effect: the vocabulary that has emerged in the blockchain environment and especially the taxonomy of blockchain-based decentralised entities on the one hand, and the upsurge of websites serving as (unreliable) directories of the latest on the other hand. The mere conclusion that blockchain vocabulary is vague does not suffice to understand why it is not helpful to bring trust and even why it is so detrimental. After all, legal provisions are also often vague or even unclear; just think of terms largely used in different jurisdictions around the globe such as “reasonable”, “fairness” or “negligence”. How can they nonetheless be entrusted with any value and meaning? The answer is quite obvious: because they are further clarified by judicial authorities, which grant them binding and enforceable interpretation over a given jurisdiction. It is worth noting that the interpretation of unclear blockchain terms is given by what the scholarship has called “benevolent dictators” with regard to the role played by some individuals in bringing “off-chain governance” of the internal blockchain networks but also of the blockchain environment at large.Footnote 79 Illustrative thereof is the “post” of Buterin trying to dispel the blur (what he calls the “Daoism”) around the delineation of the various blockchain structures (DAO, DO, Dapp, smart contract …).Footnote 80 His quasi-regulatory function in the blockchain community demonstrates the lack of actual regulation, while it certainly does not satisfy the regulatory demand. Not to mention that he could simply be inaccurate, he obviously lacks the legitimacy as well as the authority to make his statements exclusive, binding and enforceable. Against this backdrop, blockchain vocabulary, the emergence of directories and the role of “benevolent dictators”Footnote 81 appear to constitute a distorted mirror of what legal regulation brings. In other words, they can be interpreted as signs that the law is needed. The remainder of this paper therefore attempts to draw guidelines for how the law could help bring meta-trust.

Werbach invited the legal community to rethink the role of the law in relation to blockchain and especially the deemed “regulation vs innovation” dichotomy. Stating that blockchain needs the law to keep up to its promises, he suggests we should look at how the law can help blockchain.Footnote 82 Blockchain invites lawyers to get back to the basics of the law: Werbach identified classification – ie the activity of naming things – as a major part of the role of regulationFootnote 83 that is of acute importance with regard to new technologies, which blur the understanding of traditional regulatory categories.Footnote 84 Classification is not only a first step to trigger the application of some substantive obligations, it also makes sense per se in order to bring trust by delineating and authenticating a party or a subject-matter. The obligation for an information society service to disclose his identity as trader – enshrined in the E-Commerce Directive (mentioned above) –not only brings a name: it creates a link between a party and a function (namely trader) enabling the consumer, where available, to hold that party accountable for the activity. Similarly, corporate law aims not only to trigger a certain legal regime to a certain form of company; it primarily enables third parties to authenticate with whom they transact, or – more precisely – what they transact with. Transacting with a natural person, a non-profit association or a company obviously makes a difference from the perspective of the third party.

In view of the foregoing, it appears that there is a need for regulatory classification of blockchain-based applications and entities – not to mention the other aspects of blockchain technology – as well as the means to have this classification enforced. To be clear and in line with the identified need for meta-trust, the purpose is not the regulation of blockchain activities (it would not regulate, for instance, how the blockchain-based decentralised applications or entities should operate), but the identification and authentication of blockchain “things”. Although it is therefore without prejudice to the required regulation of blockchain activities, it is not an unrelated topic. Regulating (blockchain) activities inevitably requires the performance of regulatory classification. Even when classification is stand-alone regulation, it has an impact on the regulation of activities. The lack of reliable information on fast-evolving technologies – and therefore the uncertainty surrounding the potential effect of a regulation – has been identified as a major explanation for the pacing problem.Footnote 85 In the case of blockchain, it was found that the opacity around the technology was partly due to the vagueness of blockchain vocabulary. Regulatory classification could in some cases be sufficient, because it would demonstrate that the blockchain “thing” – “Cryptoduck” as named by WerbachFootnote 86 – simply proves to be already regulated or in other words to already fall within a regulatory bucket. In that sense, filling the meta-trust gap would empower users and also regulators, by restoring the information asymmetry, if possible ex ante – just as corporate law requires companies to register under a specific legal form before operating. Even more, and subject to the regulatory design, it could shift the burden of proof so that “the blockchain” (although it remains to be seen who and how) would have to prove its alleged virtues.

Any regulatory attempt in this regard would, however, be confronted with at least the following challenges and constraints. Firstly, classification may itself fall into the pacing problem, given the fast pace of blockchain development. Secondly, law-makers may simultaneously want to promote – or at least not prevent – potential positive blockchain innovations.Footnote 87 Thirdly, the (alleged) decentralised character of blockchain-based applications and entities makes it difficult to identify which entity(ies) should be subject to regulation. The scholarship has already made clear that decentralisation – to a certain extent – does not mean that no entity can be subject to regulation.Footnote 88 A fourth, but related, challenge is the identification of the competent actor(s) to introduce such regulation, as well as where the latter should be positioned in the legal system’s hierarchical structure. The two final challenges at least would depend upon the context and the chosen regulatory purpose.Footnote 89 Introducing regulatory classification in the blockchain environment is ambitious and could be performed in various designs and with various scopes. The remainder of this paper merely touches upon a few options.

The most obvious option would seem to be simply to define blockchain terminology in statutory law, which was undertaken by a few US States, especially with regard to the legal recognition of blockchain-based electronic signatures and of smart contracts in e-commerce. The law of Arizona defines “blockchain technology” as “distributed ledger technology that uses a distributed, decentralized, shared and replicated ledger […]”. The law derives from it the legal recognition of certain features of the data stored on it, such as the fact that “the data on the ledger [would] provide an uncensored truth”.Footnote 90 These statutory provisions, however, illustrate a severe misunderstanding of the operation of blockchain, as summarised by Walch: “if a false piece of data is put on a blockchain ledger, it remains false, regardless of the fact that it appears on the ledger (the garbage in / garbage out idea)”. More generally, she notes that regulation of blockchain by the law-maker can be hindered by the fact that the law-maker does not have sufficient understanding of the technology.Footnote 91 Regulation of blockchain vocabulary can therefore rather result in bringing additional confusion to the field,Footnote 92 especially given the ever-evolving character of this technology. If no specific mechanism is provided for, the issue mainly arises from the fact that the law-maker and the judicial authority would have to make highly technical analyses of an ever-evolving technology, which they are poorly equipped to do. Should this option be chosen for a certain scope, it would be therefore wise to provide specific mechanisms to account for the technicalities of the technology: for instance, a registration system could be set up in order to provide for trust ex ante (namely before operation) while the analysis of the compliance of a “blockchain thing” with the statutory definition could be delegated to a body having technical expertise. Finally, regulators should pay attention to the principle of technological neutrality, namely the idea that “the law should not pick technological winners and loosers, the law should neither help nor hinder particular types of technological artefacts”.Footnote 93 Although not enshrined in EU primary law itself, so that it does not constitute a legal obstacle as such in EU law, this principle broadly applied in EU secondary law and referred to in EU ICT policies would logically prevent the setting up of a techno-specific regulation.

Based on the observation that blockchain is a complex technology based on decentralisation, self-regulation is being undertaken, especially with regard to the classification of blockchain “things” as part of ISO certification.Footnote 94 “Dapp”, “DAO” etc could possibly be part of ISO certification. Certification indeed allows terms to be defined according to standards with authority, certified by external knowledgeable bodies. Displaying the respective ISO standard sign on a website alleging its “Dapp” or “DAO” character could therefore bring trust to users, while the question of “who” would display the sign would be partly left up to the internal organisation of the decentralised entity. ISO certification is voluntary and it is beyond legal expertise to try and guess whether the market would broadly embrace certification. Although the existence of (ISO) standards would help users prove the existence and nature of unfair commercial practices (discussed above), for example, it would not prevent per se other parties from continuing to promote (alleged) virtues of their blockchain-based decentralised applications or entities. In other words, wrongly claiming to be ISO-certified could be sanctioned,Footnote 95 but the use of certified terms – eg Dapp – would remain free for use.

In order to achieve legal certainty while acknowledging the complexity and the decentralised feature of blockchain, co-regulation has been called for.Footnote 96 With a view to bringing trust into blockchain terminology, it is hereby suggested that certification be taken a step further, by leveraging “certification marks” recently created in EU law.Footnote 97 Unlike other trademarks which mainly “aim to distinguish the origin of goods and services”,Footnote 98 the certification mark has a guarantee function.Footnote 99 “Applied for and […] capable of distinguishing goods or services which are certified by the proprietor of the mark in respect of [inter alia] the quality or other characteristics”,Footnote 100 the certification mark could guarantee the criteria for qualifying as a Dapp. The certification mark allowsFootnote 101 and even requires Footnote 102 the proprietorFootnote 103 – eg a certifying body – to prevent non-authorised third parties from using the mark (eg the “Dapp” sign(s)).Footnote 104 Contrary to collective marks, the use of certification marks does not have to be limited to a closed group of members. Subject to the provisions of the regulation governing the use of the mark,Footnote 105 an “‘open shop’ principle applies”,Footnote 106 which fits the open nature of blockchain initiatives. With minimal coordination effort, the certification mark could be used to monitor and sanction the use of the “Dapp” sign by applications wrongly self-advertised as Dapps.

V. Conclusion

Blockchain technology may make it possible to do away with trust in third parties. Yet, as this study of real-life Dapps has showed, this is not enough. The need for trust does not disappear with the arrival of blockchain. Users also need to authenticate (trust) that an alleged Dapp genuinely is one. We have termed this meta-trust, which the blockchain technology and “community” at large were found unable to deliver. Beyond Dapps as a case study, it is argued that blockchain needs the complementary role of the law in order to deliver its promises, and especially to authenticate blockchain “virtues”. The article ultimately identified the new EU certification mark as a promising form of co-regulation for that purpose. Failing to find an appropriate mix between the respective operations of blockchain and the law, the article contends that the beneficial innovations expected from public blockchains will not materialise for the general public or may shortly fade away. The lack of meta-trust in the blockchain environment would indeed likely result in adverse selection and would have a chilling effect on the acceptance of blockchain innovations.

References

1 Davidson, S et al, “Blockchains and the Economic Institutions of Capitalism” (2018) 14(12) Journal of Institutional Economics 639.Google Scholar

2 Wright, A and De Filippi, P, “Decentralized Blockchain Technology and the Rise of Lex Cryptographia” (Social Science Research Network 2015) SSRN Scholarly Paper ID 2580664 2.Google Scholar

3 DiRose, S and Mansouri, M, “Comparison and Analysis of Governance Mechanisms Employed by Blockchain-Based Distributed Autonomous Organizations”, 2018 13th Annual Conference on System of Systems Engineering (SoSE) (2018).Google Scholar

4 Finck, M, “Blockchains: Regulating the Unknown” (2018) 19(4) German Law Journal 665.Google Scholar

5 This broadly used expression is credited to have been coined by Reid Hoffman, see R Hoffman, “The Future of the Bitcoin Ecosystem and ‘Trustless Trust’ – Why I Invested in Blockstream”, LinkedIn post, 17 November 2014, <www.linkedin.com/pulse/20141117154558-1213-the-future-of-the-bitcoin-ecosystem-and-trustless-trust-why-i-invested-in-blockstream/> (last accessed 4 July 2019).

6 Atzori, M, “Blockchain Technology and Decentralized Governance: Is the State Still Necessary?” (2017) 6 Journal of Governance and Regulation 45 at p 46.Google Scholar

7 Davidson et al, supra, note 1, p 646.

8 De Filippi, P and Wright, A, Blockchain and the Law (Harvard University Press 2018)Google Scholar Ch 1 “Blockchains, Bitcoin, and Decentralized Computing Platforms” p 29.

9 Wright and De Filippi, supra, note 2, p 28.

10 ibid, p 14.

11 ibid, pp 33–36.

12 De Filippi and Wright, supra, note 8, p 98.

13 Atzori, supra, note 6, p 47.

14 Wright and De Filippi, supra, note 2, p 10.

15 Atzori, supra, note 6, p 51.

16 Werbach, K, “Trust, but Verify: Why the Blockchain Needs the Law” (2018) 33 Berkeley Technology Law Journal 487 at p 509510.Google Scholar

17 Atzori, supra, note 6, p 54.

18 Ortolani, P, “The Three Challenges of Stateless Justice” (2016) 7 Journal of International Dispute Settlement 596 Google Scholar; Jun, M, “Blockchain Government – a next Form of Infrastructure for the Twenty-First Century” (2018) 4 Journal of Open Innovation: Technology, Market, and Complexity 7.CrossRefGoogle Scholar The author considers that the blockchain would constitute “absolute law”. P De Filippi and S Hassan, “Blockchain Technology as a Regulatory Technology: From Code Is Law to Law Is Code” (2016) 21 First Monday; Kaal, WA and Calcaterra, C, “Crypto Transaction Dispute Resolution” (2017) 73 The Business Lawyer 109 at p 144.Google Scholar The authors consider that “blockchain technology provides its own solutions for jurisdictional issues, governance and conflict resolution”.

19 Pouwelse, J et al, “Laws for Creating Trust in the Blockchain Age” (2017) 6 European Property Law Journal 321 at p 323.Google Scholar

20 Davidson et al, supra, note 1, p 654; Papadimitropoulos, V, “Reflections on the Contradictions of the Commons” (2018) 50(2) Review of Radical Political Economics 317.Google Scholar

21 The Ethereum white paper refers to the Ethereum blockchain as a “virtual machine”: Buterin et al, “A Next-Generation Smart Contract and Decentralized Application Platform (‘Ethereum White Paper’)” <github.com/ethereum/wiki/wiki/White-Paper> (last accessed 4 July 2019).

22 Shermin, V, “Disrupting Governance with Blockchains and Smart Contracts” (2017) 26 Strategic Change 499.Google Scholar

23 Buterin et al, supra, note 21.

24 Arruñada, B and Garicano, L, “Blockchain: The Birth of Decentralized Governance” Pompeu Fabra University, Economics and Business Working Paper Series 1608, p 6.Google Scholar

25 “DAO” was also used to refer to “Distributed Autonomous Organization” (emphasis added), in Davidson et al, supra, note 1, p 5; and Finck, supra, note 4, p 7.

26 Atzori, supra, note 6, p 46.

27 Jun, supra, note 18.

28 Davidson et al, supra, note 1, p 7.

29 DiRose and Mansouri, supra, note 3.

30 Werbach, supra, note 16, pp 506–507.

31 V Buterin, “DAOs, DACs, DAs and More: An Incomplete Terminology Guide” (6 May 2014), available at <blog.ethereum.org/2014/05/06/daos-dacs-das-and-more-an-incomplete-terminology-guide/> (last accessed 11 July 2019).

32 D Johnston et al, “Decentralized Applications White Paper and Spec. Contribute to DavidJohnstonCEO/DecentralizedApplications Development by Creating an Account on GitHub” (2018) <github.com/DavidJohnstonCEO/DecentralizedApplications> (last accessed 4 July 2019).

33 This definition is notably referred to in the study of the European Parliament on blockchain technology: P Boucher, “How blockchain technology could change our lives” European Parliamentary Research Service, 2017, 20.

34 E Mik, “Smart Contracts: Terminology, Technical Limitations and Real World Complexity”, available at <papers.ssrn.com/sol3/papers.cfm?abstract_id=3038406>. The author highlights the following belief (a statement that she then criticises): “if the platform itself is trustless, there is no need for any third parties to […] reduce the transactional risks that are present on an insecure platform. On a trustless platform, such risks are simply absent”.

35 See <storj.io/> (last accessed 4 July 2019).

36 See <lazooz.org/> (last accessed 4 July 2019).

37 See <www.cryptokitties.co> (last accessed 4 July 2019).

38 See <kleros.io> (last accessed 4 July 2019).

39 See <openbazaar.org> (last accessed 4 July 2019).

40 Lesaege and Ast, Kleros Short Paper v.1.0.5, January 2018.

41 Werbach, supra, note 16, p 545.

42 Wright and De Filippi, supra, note 2, 21.

43 Zhang, Your CryptoKitty Isn’t Forever – Why DApps Aren’t as Decentralized as You Think, 3 December 2017, <medium.com/loom-network/your-crypto-kitty-isnt-forever-why-dapps-aren-t-as-decentralized-as-you-think-871d6acfea> (last accessed 4 July 2019).

44 CryptoKitties Terms of Use, Art 2.C (version last updated 15 November 2018, <www.cryptokitties.co/terms-of-use>) (last accessed 4 July 2019).

45 Directive 2005/29/EC concerning unfair business-to-consumer commercial practices in the internal market [2005] OJ L 149/22 (the UCP Directive).

46 ibid, Art 6(1)(b).

47 ibid, Art 6(1)(f).

48 De Filippi and Hassan, supra, note 18. The phrase “code is law” was first used by Lawrence Lessig, Code (Version 2.0, Basic Books 2006) p 20.

49 Directive 2000/31/EC on certain legal aspects of information society services, in particular electronic commerce [2000] OJ L 178/1 (E-Commerce Directive).

50 Werbach, supra, note 16, p 518.

51 The expression was coined in Akerlof, GA, “The Market for ‘Lemons’: Quality Uncertainty and the Market Mechanism” (1970) 84 The Quarterly Journal of Economics 488.Google Scholar

52 The lack of understandability of the blockchain vocabulary as hindrance to broader acceptability is taken as a given in J de Kruijff and H Weigand, “Towards a Blockchain Ontology” (2017).

53 Yeung, K, “Regulation by Blockchain: The Emerging Battle for Supremacy between the Code of Law and Code as Law” (2019) 82 The Modern Law Review 207, 219.Google Scholar She quotes Paech, who argues that “blockchain financial networks are much more likely to take the form of permissioned networks, involving clear control nodes […]”.

54 De Filippi and Wright, supra, note 8, p 136.

55 Atzori, supra, note 6, p 51.

56 A Garapon and J Lassègue, Justice digitale (PUF, 2018) p 150.

57 Wright and De Filippi, supra, note 2, p 16.

58 See <www.dappsfund.com> (last accessed 4 July 2019).

59 Atzori, supra, note 6, p 57.

60 See <www.stateofthedapps.com/> (last accessed 4 July 2019). It is referred to on multiple blockchain-related websites and forums. See also, among others <dappradar.com/> (last accessed 4 July 2019).

61 See for instance Werbach, supra, note 16, p 506.

62 See <www.stateofthedapps.com/about> (last accessed 4 July 2019).

63 Terms of Use of State of the Dapps, Art 1 <www.stateofthedapps.com/terms> (last accessed 4 July 2019). See also the Terms of Use, Art 5.

64 The section “about” refers to State of the ÐApps as a “not-for-profit curated directory of Decentralized Applications”, supra, note 62.

65 See <www.stateofthedapps.com/promoted-dapps> (last accessed 4 July 2019).

66 It is notably reported in the list of “top Dapps” accessible on <www.stateofthedapps.com/rankings> (last accessed 4 July 2019).

67 Werbach, supra, note 16, pp 512–513.

68 Atzori, supra, note 6, p 58.

69 Mik, supra, note 34; Walch, A, “Blockchain’s Treacherous Vocabulary: One More Challenge for Regulators” (2017) 21 Journal of Internet Law 1 at p 10.Google Scholar

70 Among many others, see <www.technologyreview.com/s/610885/a-glossary-of-blockchain-jargon/>, <blockgeeks.com/guides/blockchain-glossary-from-a-z/>, and <blockchainhub.net/blockchain-glossary/> (all last accessed 4 July 2019).

71 Walch, supra, note 69, 11–13.

72 MIK, supra, note 34, pp 7–9.

73 Atzori, supra, note 6, p 58; A Walch, “In Code(Rs) We Trust: Software Developers as Fiduciaries in Public Blockchains” in Hacker, P et al, Regulating Blockchain: Political and Legal Challenges (Oxford University Press forthcoming).Google Scholar

74 Among other stumbling blocks, some consider a DAO as an egalitarian entity, see N Diallo et al, “EGov-DAO: A Better Government Using Blockchain Based Decentralized Autonomous Organization”, 2018 International Conference on eDemocracy eGovernment (ICEDEG) (2018) p 167.

75 The DAO was “one of the first decentralized venture capital organizations deployed on the Ethereum blockchain” and its operation, instead of being traditionally delegated to a management team, was “defined using smart contract code”: De Filippi and Wright, supra, note 8, p 137.

76 ibid, p 146.

77 While Atzori considers that DAOs are “self-sufficient agents derived from artificial intelligence” (Atzori, supra, note 6, p 46), De Filippi and Wright consider that a DAO may gain its autonomy not only from artificial intelligence, but also from “the aggregation of several code-based systems, which for a larger coordinated system” or in other words by “stigmergic process”: De Filippi and Wright, supra, note 8, p 149.

78 Kaal and Calcaterra, supra, note 18, p 19.

79 Atzori, supra, note 6, p 58.

80 V Buterin, “DAOs, DACs, DAs and more: an incomplete terminology guide”, 6 May 2014, <blog.ethereum.org/2014/05/06/daos-dacs-das-and-more-an-incomplete-terminology-guide/> (last accessed 4 July 2019).

81 For a further explanation of the “benevolent dictatorship” phenomenon, see Atzori, supra, note 6.

82 Werbach, supra, note 16, pp 534–549.

83 ibid, p 38.

84 Werbach, K, “The Song Remains the Same: What Cyberlaw Might Teach the Next Internet Economy” (2017) 69 Florida Law Review 887 at p 919.Google Scholar

85 Fenwick, M, Kaal, WA and Vermeulen, EPM, “Regulation Tomorrow: Strategies for Regulating New Technologies” in Kono, T, Hiscock, M and Reich, A (eds), Transnational Commercial and Consumer Law: Current Trends in International Business Law (Springer Singapore 2018).Google Scholar

86 Werbach, supra, note 16, p 37.

87 De Filippi and Wright, supra, note 8, p 189.

88 MIK, supra, note 34, p 13.

89 De Filippi and Wright, supra, note 8, pp 173–192.

90 Act of September 21 2006, ch 26, Ariz. Rev. Stat. Ann. § 44-7003 (2006) (amended by 2017 Ariz Sess Laws 2417), <legiscan.com/AZ/text/HB2417/id/1528949>.

91 Walch, supra, note 69, p 10.

92 Walch especially hints at the debated feature of “immutability” of blockchain, which has been included in the law of Arizona while the blockchain community still lacks a common understanding of its contours and even of its existence: Walch, supra, note 69.

93 The principle of technological neutrality particularly applies in electronic communications law, in the E-Commerce Directive and in the GDPR. See Thompson, M, “The Neutralization of Harmony: The Problem of Technological Neutrality, East and West” (2012) 18 Boston University Journal of Science & Technology Law 303.Google Scholar The reach and scope of technological neutrality in ICT policies are however subject to controversy, see Reed, C, “Taking Sides on Technology Neutrality” (2007) 4 SCRIPTed 263.Google Scholar

94 See <www.iso.org/committee/6266604.html> (last accessed 4 July 2019).

95 It could particularly constitute misleading action within the meaning of Unfair Commercial Practices Directive, Art 6(2)(b).

96 Finck, supra, note 4, p 686.

97 Regulation (EU) 2017/1001 on the European Union trade mark [2017] OJ L 154/1 (European Union Trade Mark Regulation), section 2 of chapter VIII.

98 A Ringelhann and S Martin, “Defining the EU Certification Mark” (2018) 13 Journal of Intellectual Property Law & Practice 625 at p 626.

99 ibid, p 627.

100 European Union Trade Mark Regulation, Art 83(1).

101 ibid, Art 90.

102 ibid, Art 91(b).

103 ibid, Art 83(2).

104 ibid, Art 84(2).

105 ibid, Art 84(1); Ringelhann and Martin, supra, note 98, pp 628–629.

106 Repas, M and Keresteš, T, “The Certification Mark as a New EU-Wide Industrial Property Right” (2018) 49(3) International Review of Intellectual Property and Competition Law 299 at p 303.Google Scholar