INTRODUCTION
The much anticipated judgment in Tulip Trading Ltd v Bitcoin Association for BSV & others [2022] EWHC 667 (Ch) (TTL v Bitcoin Association & Anor) was published in late March 2022. The judgment in this case is the most important so far in the cryptocurrency and blockchain space as its consequences are fundamental to how the underlying technology works within this largely uncertain area of law. It serves as the first case heard by the English Courts that considers the roles and duties of cryptocurrency software developers.
The court found that open source Bitcoin software developers whose code is widely adopted and used to trade or store cryptocurrencies owe neither:
fiduciary duties; nor
a common law duty of care to those who use that code to store or trade their crypto assets. ;
In this case, Tulip Trading Corporation (Tulip) claimed $4.5bn from a number of developers alleging, inter alia:
they owed fiduciary and common law duties to it; and
for the defendants to come to its aid by writing and applying a “patch” to the blockchain network in order to reverse an alleged hack that had led to the claimed loss of Tulip's Bitcoin.
The Court reached a view indicating, amongst other things, that fiduciary duties will not be expanded beyond the scope of established principles. The contrary result would have had significant consequences on the crypto space and on the blockchain more widely. Whilst the decision has been dubbed a victory for the crypto space, the decision is far from categorically establishing a framework of certainty, and there are still further questions and issues that are yet to be decided.
THE CASE
Tulip sought declarations that it owned a very substantial amount of digital currency assets as well as orders requiring the Defendants to take steps to ensure that Tulip had access to and control of the assets, and/or for equitable compensation or damages.
Based on established principles of fiduciary duties, the Court was not able to determine that Tulip had any realistic prospect of establishing that the facts pleaded amounted to a breach of fiduciary duty owed to it by the Defendants.
BACKGROUND
In summary, Tulip alleged the Defendants controlled the software in respect of four digital asset networks, namely:
i) the Bitcoin Satoshi Vision Network (BSV Network);
ii) the Bitcoin Core Network (BTC Network);
iii) the Bitcoin Cash Network (BCH Network); and
iv) the Bitcoin Cash ABC Network (BCABC Network)
Tulip, through its CEO - Dr Craig Wright (Tulip and Dr Wright may be used interchangeably in this writeup) alleged that BTC, BCH, and BCHABC Networks were all initially created by copying the blockchain of a pre-existing network, being the BSV Network, but applying different code via its protocols and software instructions.
Tulip argued its assets were held on the BSV Network (the network that had been copied) and were replicated in the other networks after a substantial hack of computers located at Dr Wright’s home office in Surrey, England. Dr Wright has been a controversial figure in the cryptocurrency space since claiming that he wrote the Bitcoin whitepaper - which first outlined the technology behind the digital assets - under the pseudonym Satoshi Nakamoto in 2008.
It was alleged the hack resulted in the loss of Dr Wright’s private keys contained in encrypted digital wallet files being stolen. Tulip claimed the Defendants were the core developers of, and had control over, various forked versions of Bitcoin, and that they had the ability to propose amendments to the underlying source code in order to give Tulip control over the previously stolen digital assets. Tulip alleged the Defendants were under tortious and fiduciary duties that compelled them to do this.
The extent to which the Defendants had control was a factual issue in dispute. Tulip submitted that the Defendants controlled the networks as they were able to select the software updates to be promoted, and to decide whether or not to implement changes to the source code. The Defendants submitted in response, they were part of a very large, shifting group of contributors without any organization or structure and that any change would be ineffective as miners/nodes could and would refuse to run the updates and instead would continue to run earlier versions of the blockchain. This would effectively render any purported change nugatory.
Tulip argued in response that the technology in the Bitcoin blockchain/protocol did not grant miners the ability to refuse to accept a software update if the Defendants updated the software. Further, Tulip alleged the current consensus mechanism was limited to the acceptance by nodes of blocks of transactions being verified by other nodes in the blockchain, as opposed to relating to the protocols that govern the network. In essence, Tulip argued for a software blockchain ‘fork' so that the blockchain consensus would allow it to retrieve the stolen digital assets. A 'fork' in a protocol occurs whenever a developer/community makes a change to the blockchain's protocol, or basic set of rules.
DECISION
In determining whether it was appropriate to impose a fiduciary relationship between the parties – and in effect, placing obligations on the Developers to take positive steps to re-write source code – the Court looked to past decisions including Bristol and West v Mathew where the Court noted a fiduciary will be a person who has:
"undertaken to act for or on behalf of another in a particular matter in circumstances which give rise to a relationship of trust and confidence. The distinguishing obligation of a fiduciary is the obligation of loyalty. The principal is entitled to the single-minded loyalty of his fiduciary."
Tulip alleged, because the Defendants have complete control and oversight of the relevant blockchain source code, the Defendants and Tulip fell within the established categories of fiduciary relationships at common law.
The Court found it difficult to establish how Tulip’s case was one where a fiduciary duty arose and that Tulip did not have a realistic prospect of establishing that the facts pleaded amounted to a breach of fiduciary duty owed by the Defendants to Tulip.
Importantly, the Court held that an imbalance of power in favor of the Defendants, coupled with a vulnerability under that power imbalance (asymmetry of power) is only an indication of a potential fiduciary duty and not a defining characteristic. The Court further went onto hold that bitcoin owners could only realistically be described as entrusting their property to a fluctuating and unidentified body of developers of the software to the extent claimed by Tulip.
Considerations in the Court's decision included the following:
The undivided loyalty of a fiduciary duty. Tulip was seeking that the Defendants made code changes to benefit it alone, as opposed to bitcoin owners generally. Importantly, the Court noted that the changes sought by Tulip would not only disadvantage other participants in the networks vitae a rival claimant to the assets, but also potentially other users more broadly.
The Court considered that other users may not agree that a system change that allows digital assets to be accessed and controlled without the relevant private keys accords with their interests. The Court held that the positive steps sought to be imposed upon the Defendants by Tulip went well beyond the nature of the action and would likely expose the Defendants to risk.
TORTIOUS DUTY
The Court relied upon established principles in N v Poole Borough Council [2020] AC 780 and Caporo v Dickman [1990] 2 AC 605 to determine whether a duty of care existed, confirming that an incremental approach ought to be adopted based on an analogy with established categories of liability, and whether the imposition of a duty of care would be fair, just and reasonable.
The Court further noted that any and all losses suffered by Tulip was purely economic, and that there were no elements present to suggest physical harm to person or property. The effect of this was that no common law duty of care could arise in the absence of a special relationship between the parties. Tulip accepted that the claimed tortious duty of care is novel, but submitted that it would amount to a permissible incremental extension of the law.
The Court held that it had not been able to conclude the existence of a fiduciary relationship as it was unable to find a duty of care in respect of economic loss. The Court also rejected arguments that the necessary special relationship existed on some other basis.
It was noted that the claim was based on an omission or a failure to act, and, in effect, was founded on the basis that the Defendants did not alter how the system worked to ensure that Tulip regained control of the bitcoin following harm caused by a third party. The Court did not consider it realistically arguable that the imposition of such a requirement could be treated as an incremental extension of the law, noting the economic nature of the alleged loss and how this could lead to the floodgates of potential litigants. In particular, the alleged fiduciary duties Defendants owed would be owed to a potentially unlimited class of people. There would be no real restriction on the number of claims that could be advanced against the Defendants by alleged victims of hacks akin to the hack alleged in this matter, specifically, where private access keys had been stolen.
Note, there were other issues the Court considered related to: an amendment of the claim; and jurisdictional issues of the court. Those issues are not discussed here.
NOTES
As mentioned in previous paragraphs, this decision has been dubbed a landmark win for software developers, one that absolves developers (and blockchain projects) from liability.
There are fundamental reasons why this decision is not necessarily a "one size fits all" free pass for software developers:
The decision is interlocutory in nature. The Court emphasized that the decision was based on narrow facts, unique to this particular case.
The Court deliberated with a view that an appeal of the decision is highly likely. There remains the possibility for Courts to impose a fiduciary or tortious duty on developers in other circumstances. There may also be legislative developments that change the trajectory of such cases and create a statutory fiduciary duty.
It can be argued that the case was more a win for applying established fiduciary duties under the common law, than a win for software developers per se. The substance of the case indicates that courts are unlikely to veer in the direction that broadens the scope of a fiduciary duty unnecessarily, even in circumstances that are novel. Particularly where broadening such a duty would create an indeterminate floodgate of potential litigants.
Notwithstanding the above reservations, the case is an important step for blockchain and cryptocurrencies generally, Particularly on issues such as fiduciary duties and developers. It highlights the importance of seeking regulatory and legal advice in this growing space for start-ups, blockchain developers, and cryptocurrency members generally.
Comments