Table of Contents
We have written already about the Kelp–LayerZero–Arbitrum–Aave mess. Following the hack itself there is now a fair amount of legal noise. And what we find is a wonderful example of well-tested legal principles and procedures colliding with web3 teams that appear ignorant of even basic legal concepts. Or, maybe, these web3 folks believe they deserve special treatment before even learning the details of normal treatment. This is of course amusing. But more importantly it is a harbinger of trouble ahead we can see quite clearly now.
It is too early to predict precisely what shape that trouble will take. Might it be DeFi products and developers watching their systems implode when the legal team forces devs to use admin tools in ways a judge demands but the team fears? Or perhaps might some team decide to openly defy a court and watch whatever subset of the team sits within the court’s reach get held in contempt? Or will we go the other direction where special treatment is somehow granted to digital assets and then, inevitably, unintended consequences roll in that nobody likes? Most likely it will be none of those things exactly but borrow some elements from each. Unintended consequences are, as always, the most predictable type of consequence.
So rather than predict exactly what will happen we set ourselves a simpler task here: to argue that, within a US context, this trouble is generally the fault of DeFi developer-operators and nobody else. And the problems are likely to land mainly in their general area.
We choose the term developer-operators consciously. These are not "merely" developers. These are not people that only write open source code. These are people working on building systems and then maintaining an ongoing relationship with live systems that keeps them running. To date not a single person has been charged simply for writing open source digital assets software and nothing else. Yes, quite a few people claim this happened to them. But in every case they had some kind of ongoing relationship with a live instance of their creation. Speech is speech and action is action.
We are not going to litigate each and every case here. And we have observed a wide range of "ongoing relationships" in the wild. These run from extremely basic admin work through to what can only be called active operation. As we are going to argue all of this ends up in court anyway we do not need to parse out the details of each case here.
Property
The first, and most glaring, legal mistake many in web3 make on this whole Kelp DAO mess is to assume the stolen or hacked assets are the issue at all. Yes, they were the issue briefly. But the attacker got rid of them right quick and everyone agrees those tokens are both worthless and have not been held by the hacker since soon after the attack. What really matters is the valuable property the attacker was able to get in exchange for the worthless hacked tokens. All the scuffling concerns that property and then other tokens downstream of it.
This becomes important when we look into the details of a court case brought by people owed money by North Korea who are trying to assert a claim on funds formerly held by whoever hacked Kelp. Some people claim that was North Korea. And these creditors already have a judgement in hand against North Korea. To kick off proceedings – not to get the money, to kick off judicial proceedings that might some day grant them the money – all they need to show is some reasonable chance it might be North Korea to the extent it is worth litigating and digging in more deeply. That is a low bar and surely widespread attribution to North Korea is sufficient to qualify. Again, recall the standard here is whether it is worth bothering to have proceedings at all. That is a low standard.
With respect to the court case many bemoan that stealing property does not make it legally yours. So, the logic goes, this stuff never belonged to the hacker and there is no point considering a request from someone with a judgement against the purported hacker. This is patently absurd because it does not match the facts on the ground at all. Yes, stealing does not give you title to what you stole. But nobody is arguing about the worthless hacked tokens. Roughly speaking the hacker produced some counterfeit rsETH, then pledged those to Aave to borrow WETH and unwrapped the WETH for ETH. The ETH is property of the hacker. So was the WETH for the time they held it. Loan proceeds transfer good title whether you are a criminal or not. And these ETH, on Arbitrum, are the assets everyone is arguing about.
Note we are not saying these belong to the hacker and they can go off and keep them. If we assume, reasonably, that the hacker committed something like theft or fraud then they owe their victims back the value of what they stole. But they owe that in the way you owe money when you take loan: you owe the value but not the specific funds (or tokens) borrowed. There are steps to all of this because a consistent system handles all manner of claims. And, notwithstanding claims by web3 personalities with no idea how normal finance really works, none of these entanglements are complex by the standards of traditional structured finance litigation.
So we reason from a simple case. If your watch is stolen and a watch of that make and model with a matching serial number is recovered you will get the watch back pretty much entirely independent of where it was found. Now, say it is found in a pawn shop. The pawn shop owner was defrauded by the thief and they then have a claim for whatever value they gave the thief to buy the watch. But the watch goes back to you and the shop is out of luck if the thief is never found or turns out not to have any assets.
If a thief does this 10 times and all 10 watches are recovered but the thief only has $10 when they are arrested then two things happen. The original watch owners all get their watches back. And the involved pawn shops split $10 with a claim for the rest. This is how it works and long has. If you sell something you stole you do get good title to the proceeds. You are still a thief and will eventually have a fraud judgement to return the money. But there is a difference between how we handle the exact property you stole and value that is received for that property.
And there are plenty of good reasons for this setup. The easiest to understand requires first noticing that any thief active for a non-trivial period of time is likely to have stolen and then fenced a few things. Similarly, they are unlikely to have all the objects they stole, or all money they got fencing those objects, in their possession when they are finally arrested. One logical and conceivably-fair system would be to line up everyone that is out value, liquidate all the thief’s possessions, and then pay everyone back pro rata. The advantage of that flavour of system is a kind of global fairness: everyone harmed suffers equally. But of course in this case if your watch is stolen and recovered you will need to buy it back in the auction and then offset only the recovery portion you get from the whole. So retrieving your found property still costs you, the victim, more money.
There is a parity here between those with recovered and unrecovered property. But there is also an unfairness and inefficiency here. Another system – the one we have in the real world – chooses to favour those with recovered property. But also notice that it can get recovered property back into the hands of the original owner far more quickly. If we must auction everything and make pro rata distributions nobody gets anything until all the crimes are identified and all the thief’s potential property is searched. That could take years or decades. What do you do with recovered property if the thief is never found?
How do you allocate losses without a full accounting? Any realistic pro rata system would still end up with some time limit where, say, after 10 years, something happens to clear the decks. But this difficulty is introduced precisely because of trying to achieve global fairness. Allowing a measure of unfairness trades one arbitrary decision for another. You may have a personal preference here but all these variants of unfairness are reasonable.
Now we can see that choosing to prioritize the quick return of recovered property, and favouring those with found property over those without, is a plausibly-reasonable option. That is not to say it is objectively better than the alternatives. But it is a reasonable thing for society to settle on. And it happens to be the rule we have settled on. As the “stolen” property here is a worthless forgery everything should be about pro rata payments. Nothing of enduring value was stolen in that sense.
Fairness
So now that we have established returns need to be on a level playing field there is the question of what is level and fair. There would seem to be three choices in the dispute between the web3 parties and the DPRK creditors. First, the web3 parties can be given special treatment and given their funds back without regard to any other judgements against DPRK or the fact the involved protocols are clearly far more centralized than most realized. More on that in a bit. Second, the court can honor the prior DPRK judgement first and send them all the money. This in fact looks to be what a strict reading of the rules requires if the hack is sufficiently-firmly tied to DPRK. And third, there can be some kind of sharing between the groups. This of course leads to a fourth, quite likely, scenario where the DPRK victims and web3 parties negotiate something rather than a judge imposing an arrangement.
Before considering what you want to happen, first recognise that there is no way for everyone to get all of their money back. And it is plainly unfair to favour one party over another here outside the standard legal processes that exist in the world already. The entire reason insolvency processes have notice periods and open hearings and written plans is to ensure everyone is on an equal footing. And there is absoltuely no precedent in any insolvency system with which we are familiar to say something like “digital assets are special and first priority on recovery goes to parties in the web3 space.” There is something like superpriority in insolvency for collateral posted under ISDA agreements. But this required many years of work and legislation in many jurisdictions. And for those same reasons is not consistently present globally. You cannot just decide you deserve this kind of treatment and expect everyone else to go along.
Recovery should follow the normal rules because what we have here is a garden variety dispute over funds that cannot cover all the money owed and seem to fit well within existing legal frameworks. In truth there is nothing special in this case except possibly the extent of the lawbreaking by parties now playing the victim. Generally the government is paid before everyone else. Taxes, fines and the like are paid before non-government creditors in most systems. As we will see shortly this could become relevant.
To the extent the DPRK creditors here hold judgements under some very specific terrorism-related legislation it is clear US law intended to favour them over generic creditors. If the web3 parties involved lose we can imagine they have a reasonable challenge to make that that legislation is unconstitutional on the basis they were deprived of their rights as creditors by statute and without due process or, really, any process at all. If we go that route this could take decades to unravel. Either way the web3 creditors have no basis to claim any kind of special priority here.
Prior Bad Acts
Further, all possible arguments on the web3 side of this one are made dramatically worse because of massive centralization issues exposed in the hack and response to the hack. Kelp’s bridge was fully centralized, running as it was in a 1-of-1 configuration. LayerZero operated this 1-of-1 “Decentralized Validator Network” that was anything but. It also turns out LayerZero was running this centralized setup not just for Kelp but for many projects. The LayerZero ecosystem is going through convulsions we are not going to bother covering here.
Then we have Aave where the Guardian – yet another multisig with power over a system that claims to be automated – intervened to manually prevent a liquidation cascade. And of course Arbitrum’s Security Council multisig seizing the assets at issue in the court case. Not a lot of decentralization or fully-automated systems here.
Everyone involved called themselves DeFi but in fact operated some flavour of centralized custodial system. Arbitrum is argubly the worst as this exposes that a multisig with known signers has always had freeze and seize power over all funds on Arbitrum. There are a range of issues on arbitrum from sanctions violations to a Tornado Cash instance. But there are problems for everyone involved. None of this is DeFi in the sense of being immutable and fully automated. These are just traditional services with weird databases and no compliance departments. Those are not really parties one would expect to run towards court and to accept a discovery process that might lay bare their crimes.
On this basis the government could, and probably should, intervene to freeze everything while they figure out what other crimes were committed. If the entire basis of your argument you are exempt from compliance is self-custody and then you go and seize funds and file motions in court boasting about your power to control the funds on your network: you need a serious and thorough law enforcement colonoscopy inspection.
And then we have the problem of how Aave plans to resolve all of this. The published plan involves oracle manipulation by the Aave team after that team used a pause button and clearly exercised a lot of control over Aave's "automated" systems. This makes it difficult to argue the team is not in a privileged position to manipulate markets. And so the other main plank supporting exemptions for DeFi falls away. Aave running to court and linking a plan involving insider oracle manipulation is odd to say the least. Regulators and law enforcement presumably can see through this.
Resilience
Now, if you do not like that a court can get involved and exercise control over the centralized parties here there are two options open to you. First, you can design schemes that remove the central control levers. This was supposed to be the point of DeFi. And it is incredible that this still needs to be said.
LayerZero, the piece of software that was compromised here for whatever reason and with whoever to blame, began life calling itself “trustless.” It was, like so many web3 projects using that word, never trustless. And over time they migrated to claim only being trust minimized.
Aave and Arbitrum, similarly, make claims about being open and automated and permissionless but clearly have manual control panels. This is no longer subject to debate and it is not theoretical. We can be sure because Arbitrum's Security Council and Aave's Guardian used those panels. None of this is new either. Web3 has a strong revealed preference for systems that claim to be decentralized but are not. We are quoted in a recent piece in Grant's Interest Rate Observer about bridges that "Most of them pretend to be trustless, so they make more effort marketing that than hardening the design." This is a widespread problem. And it is unlikely this will voluntarily change. What we have here is an opportunity for courts to impose liability on identifiable parties in ways that shift preferences away from lying about control.
The second option, of course, is to find ways to anonymize voting and control so the court can issue orders but has no idea against who to enforce. This is an openly outlaw position where a project takes the position it has admin keys but is ungovernable as far as the law is concerned. Even openly working on this in collaboration with a live anonymized governance system is arguably entering into a conspiracy to abet contempt of court. The "make it super hard for the court to enforce" strategy is risky to say the least. And requires an awful lot of confidence nobody can break your schemes. Web3 leads the world in demonstrations of Schneier's Law in practice. And we surely expect this kind of insanity to proliferate. But those attempts will all still be bad ideas.
This hack and the attendant court case present many in web3 with a fork in the road. You need to either accept court control over your "safety" mechanisms, remove those mechanisms, or openly shift to a posture in which you acknowledge court control but claim to have stifled effectiveness. All the other routes look blocked.
The Future
Many people in traditional finance and law have long suspected these fully-automated non-custodial systems were in fact neither. But working out the details and convincing the lawyers and then convincing the courts is hard the first time. But now it will be an awful lot easier because parties that had formerly made such claims have now publicly admitted the were lying. Our first, and most strongly held, prediction is that more and more traditional parties will start to intervene in web3 cases when someone thinks they can get judgement against a protocol that can seize the money. Then they will find out if the protocol will submit.
The most obvious place to look will be actions against stablecoin issuers by victims of all manner of fraud and other crimes. If USDC’s identified beneficial owner has an outstanding judgement then someone can sue to get Circle to act. This will keep happening. The bar to kick off proceedings is not that high. And merely kicking off proceedings is enough to blow things up.
The consequences can be catastrophic here. A single indefinite-term freeze of a commingled pool inside an automated DeFi contract will break DeFi. Imagine the same DPRK creditors taking action against Circle and securing a freeze against a Uniswap pool or reserves inside Maker/Sky. Those protocols do not know how to handle this case and will implode. The relevant immutable contracts do not understand that assets inside their pools may be frozen by their issuers. Transactions will fail. Aggregators will aggregate prices that cannot be actioned. Liquidity will look like it is available but simply not be there when it is needed
As these cases proliferate projects will be forced to make admissions in court that contradict prior statements in court or to Congress or to regulators. This is inevitable because dishonesty has been endemic in web3 for so long. And the traditional finance lobby, long skeptical this web3 stuff really worked the way the supporters claimed, will be out for blood. If a DC lobbyist can catch their opponent lying to Congress in an attempt to influence legislation in a direction the lobbyist has been paid to oppose you can be sure they will try to crucify the liars. Politics is a blood sport and plenty of people do not yet know how exposed they are.
Honestly automated projects will be fine on this front. The may implode economically under asset freezes but the team is insulated precisely because it cannot prevent the implosions. Uniswap does not have a Guardian. Some of Aave’s smaller competitors lack the controls that caused the trouble here. And Kelp’s LayerZero 1-of-1 setup was literally the most centralized possible configuration so there are surely less centralized alternatives out there. We are not predicting all of DeFi is about to die in a fire. But this case seems likely to prove prelude to a much-needed purge.
For example: Arbitrum's Security Council never blocked addresses openly tagged as belonging to Iranian exchanges. And 2 of the 12 members are Israeli. One is a cybersecurity company based on Tel Aviv. That has gotta hurt.
