How Smart is Your Contract? Legal Considerations Around Smart Contracts

19 avril 2018 | Imran Ahmad

( Disponible en anglais seulement )

In a 2016 report by the World Economic Forum,[1] it was suggested that smart contracts based on blockchain technology could potentially codify financial agreements in a shared platform and guarantee execution based on mutually agreed conditions. This would significantly reduce manual efforts required to support the execution of financial agreements and thereby, in theory, accelerate business processes. While the benefits associated with the application of blockchain technology to smart contracts is promising (e.g., operational simplification, counterparty risk reduction, clearing and settlement time reduction and fraud minimization), it brings with it important technical and legal issues.

Smart Contracts – A Primer

Broadly speaking, smart contracts are self-executing electronic instructions drafted in computer code. This allows a computer to “read” the contract and, in many instances, effectuate an instruction or transaction, should certain conditions be met – hence the “smartness” of the contract. Put differently, a smart contract will self-execute the stipulations of an agreement when predetermined conditions are triggered. The parties to the contract typically “sign” the agreement using a cryptographic security code and deploy it to a distributed ledger or blockchain. When conditions in the code are met, the program automatically triggers the required action.

The underlying technology to smart contracts, blockchain, is a register (or ledger) of all transactions that have occurred for a given smart contract. Each transaction (or block) is authenticated by a network of computers before it is added to the chain of all prior transactions using cryptographic techniques and a large amount of computing power. The blockchain, or distributed ledger, is open and transparent for all to see. The record is intended to be secure, permanent and immutable.

Blockchain uses encryption and a combination of public and private “keys” for security. The system utilizes mathematical techniques to match a public address with a private security access key for each participant in a transaction. If these two items match, the transaction can then be broadcast to the other participants in the blockchain for verification and entry into the ledger.

Key Legal Challenges

Cybersecurity

One of the key concerns around smart contracts is whether they can be hacked and manipulated for improper use. The concern is not hypothetical. In July 2016, a hacker exploited code vulnerabilities in the so-called Decentralized Autonomous Organization (“DAO”) to redirect $50 million into an account controlled by the hacker. DAO was an investment fund where, instead of leaving decisions to a few partners, anyone who invested would have a say in which companies to fund. The more an investor contributed, the more their weight mattered. The distributed structure was meant to ensure that no one could run off with the money – in theory. However, a hacker, who was also a participant in the fund, was able to manipulate the code and transfer $50 million in cryptocurrencies without proper authorization.[2] While the hacker was apprehended and the funds recovered, the incident demonstrates that the “security” around smart contracts is not absolute.

Contract Law

Another key question that comes up about smart contracts is whether they are really contracts. Broadly speaking, a contract is a legally enforceable promise or promises that must meet a number of conditions imposed by law, such as multiple parties, the capacity of parties, mutual assent and consideration. Further, there are a number of defenses to the enforcement of contracts, including mistake, misrepresentation, duress, undue influence and unenforceability on public policy grounds.

For a smart contract to be enforceable, it would need to meet all of the traditional requirements of a valid contract under law. Based on Canadian cases in the area of electronic commerce, it is unlikely that smart contracts will require any special set of new laws or regulations. Rather, existing legal principles will be adapted and perhaps modified, either by statute or by the courts, to deal explicitly with the requirements of smart contracts or other emerging technologies.

What is unclear at this stage is how smart contracts will take each legal requirement for contract formation and demonstrate that it has been met with the proposed smart contract solution into which the parties entered.

Financial Crimes Enforcement

Smart contracts also raise concerns from an anti-money laundering standpoint. Under Canadian law, participants in financial transactions are required to know and verify the identity of counterparties and report any suspicious activity to law enforcement or to block the transfer of funds to specific individuals or organizations. Since smart contracts are designed to self-execute without human intervention, users of these smart contracts will need to build technical contracts that allow them to comply with such legal requirements.

Further, smart contracts often will keep the identify of parties anonymous, which will further complicate the work by financial institutions required to report such transactions and law enforcement tasked with investigating them.

Other Issues

In addition to the above, there are a host of other issues that should be taken into consideration when it comes to smart contracts, including how legal disputes between contracting parties will be settled and how evidence will be provided to the courts. For example, given the courts’ limited expertise in deciphering code, parties to a smart contract may need to retain a neutral third party to securely maintain and produce the smart contract in natural language for a court to review as part of a potential dispute.

Similarly, if the parties to a smart contract are using a third party platform, they may be required to agree to an established set of overarching basic legal provisions, such as dispute resolution, governing law and venue. These provisions would need to be clearly disclosed and agreed upon by the parties to the smart contract to be enforceable. While simple in theory, demonstrating that the parties clearly understood the meaning of their agreement to such provisions (so as not to vitiate their consent) is not likely to be straightforward.

Conclusion

Blockchain technology and smart contracts have the potential to positively transform financial markets and the business of banking. Assuming that the technology is further developed and broadly adopted, smart contracts will need to meet the same legal standards as traditional paper agreements.

Given the significant costs associated with building smart contracts and the underlying infrastructure to support them, businesses should also invest resources in developing a legal architecture built on existing statutory and judicial guidance. This approach will avoid unnecessary issues down the road.

 


 

[1] World Economic Forum, The Future of Financial Infrastructure: An Ambitious Look at How Blockchain Can Reshape Financial Services, August 2016, available online at: <http://www3.weforum.org/docs/WEF_The_future_of_financial_infrastructure.pdf>.

[2] Klint Finley, A $50 Million Hack Just Showed That The DAO Was All Too Human, Wired Magazine, June 18, 2016, available online at: <https://www.wired.com/2016/06/50-million-hack-just-showed-dao-human/>.

Avis de non-responsabilité

Les renseignements affichés sur ce blogue contiennent des points de droit variés fournis uniquement à des fins informatives et non commerciales. Ces renseignements ne constituent pas un avis juridique de la part de l’auteur. Nous mettons en garde les lecteurs de ne pas prendre de décision particulière sans avoir préalablement obtenu l’avis juridique d’un professionnel qualifié. Toute personne qui décide de prendre une décision en s’appuyant sur ces renseignements le fait à ses propres risques.