Richard French examines the blockchain technology and discusses some of its legal aspects
History has shown that emerging technologies and regulators can make for uneasy bedfellows. Over the past five decades law-makers and law-enforcers have had to contend with the launch of strong cryptography, the Internet, VoIP telephony, peer-to-peer file-sharing, human DNA sequencers and 3D printing to name but a few of the more challenging examples. The regulatory response was as different as the technology and its field of application in each case. Numerous factors play their part in a regulator's calculus, from a comparison of economic impact on incumbents, national security concerns, societal benefits for mankind, and weakening of long-vested property rights. Nothing polarises society quite so much – with the possible exception of Brexit – as the advent of new disruptive technology.
Arguably those with less obviously damaging effects, and more positive benefits for mankind, have been given the more positive reception. What happens, however, when a truly disruptive and diffuse open and decentralised tech arrives in the wake of one of the greatest credit shocks in living memory, the ripples from which are still being felt by millions of people across the world? Pull the leg from a spider and it is weakened; do the same to a starfish and the result is regrowth and multiplication.
Sovereign states rely on central control to some degree to maintain their grip on power. We take for granted in this country that the rule of law will balance this power. However, a new force may now be at work; a renewed appetite by governments to drive a recovery in prosperity through innovation. Enlightened governments are desperate to recover lost ground and re-balance their economies and may be prepared to relax their grip. Is this the time of the starfish?
The technology prompting these questions is blockchain. Often confused in the media with bitcoin, the notorious digital currency used by drug dealers on the now defunct Silk Road website and built on blockchain technology, blockchain incorporates some very advanced mathematics with a clever software protocol. It is available to anyone with an Internet connection to download as open source, runs online, and possesses a sophisticated combination of technical incentives and disincentives to inspire and maintain the trust of the offline world.
The open source nature of the blockchain technology allows innovators to take it and develop it in other ways, tweaking it and writing applications on top of it. In this way blockchain can be seen as an operating system supporting an eco-system of other services. In the digital currency world, innovators have built digital wallets for users to hold their bitcoin, with companies offering payment processing and exchange services that take bitcoin in return for fiat currencies, like the dollar. Other fields of use are being explored ranging over a vast scale from online voting, to smart contracts and even entirely automated, self-owned corporations. The common thread is the drive to decentralize and by doing so remove cost, inefficiency and in some cases the distrust with whicht citizens have come to look upon institutions. Some advocates claim that widespread adoption of this decentralised technology will lead to a collapse in centralized systems of economic control, a collapse in the state and freedom from state-sponsored surveillance. These are bold claims and could present regulators with their greatest challenge yet.
At the heart is the blockchain itself. Using the analogy of a ledger in the offline world to keep a record of credits and debits, the blockchain is a complete digital record of all activity in time order, forming an unbroken, unchangeable chain back to the very first entry in the ledger.
Activity occurs when messages (or transactions in the case of bitcoin) are passed between addresses. Address numbers are unique, and a person may control multiple addresses. They function much like accounts in the offline world. In the case of bitcoin, a transaction is a transfer of bitcoin from one address to another. When a person in the offline world wants to credit the account of another, the transaction is recorded on the ledger, with the sender's account debited and recipient's credited with an equivalent amount.
The ledger is a public record, open to inspection by anyone. It is also distributed across all participating computers, known as 'nodes', each of which downloads a copy. Decentralising the blockchain is a vital property, putting the ledger in theory beyond the manipulation or control of one party.
A second vital architectural property is that since all nodes are connected to the internet, they each receive message data at about the same time and so are able to start the work of updating their copy of the ledger.
Message length is a design decision, as is the number of messages that can be stored on the ledger overall. In the case of bitcoin version 1 the message length is 1 megabyte, which some advocates suggest is too limiting. Some applications for blockchain in the financial arena are working on designs with capacities of millions of transactions per day, enough to rival existing payments systems. Naturally, scalability of the technology to meet the demands of everyday high volume usage is a concern for innovators. Given that a key property of the ledger is that it is decentralized, as it gets larger it takes longer to download and more challenging to store. Currently Moore's law continues to deliver results but, unless computer performance outpaces the growing workload, there may be ledger size/performance trade-off that limits some future uses.
Even though the ledger itself is open to inspection by anyone, the identity of each of the parties to a message is concealed behind their unique address numbers. An address is an alphanumeric string. Anyone wishing to join the bitcoin system can download the software and generate their own address that they can share publicly. At the same time a private key is generated for that address. Transactions from that address can only be signed off by the person with that private key. An example of an address and private key 'pair' is as follows:
The relationship between the pair is determined by a mathematical equation chosen to make it very difficult to work backwards from the public address to the private key. This is an example of an asymmetric algorithm, so named because the sender and receiver of a message do not share a secret key as they would in a symmetric algorithm. This basic idea is known as public-key cryptography. An important consequence of this is that the sender and receiver do not share any common secrets, and there is no need for them to either know or trust each other.
A bitcoin user can generate as many addresses as they wish free of charge, and with very low risk of duplication of an existing address. To send a message from one address to another – or in the case of bitcoin, to send digital money – the sender uses the software protocol running on their node to combine their private key, plus details of the transaction itself, to create a special code. They 'sign' the transaction much like signing a cheque, and hence this code is known as the 'digital signature'. At this stage the digital signature has not been sent out to the other nodes.
The next step in the process is for the digital signature to be broadcast to the other nodes on the network. This takes place over the internet. The nodes that receive it cannot work backward to get the private key because this is an asymmetric system. But they can put the signature and the public address into another set of maths equations to verify that the signature was created by the private key relating to that address.
Once the signature is verified, the nodes check back through the ledger to look for credits and debits against that address to make sure that there is enough credit to spend from that address. However, this being a decentralized system, it is not enough that one node verifies the transaction as being valid, other nodes must also.
It is at this point that the architecture plays a very clever role in creating incentives and disincentives that inspire and maintain trust in the system.
Incentives and Disincentives
The first challenge to overcome is how to incentivize nodes to update the blockchain, and to update it honestly. The way the protocol achieves this is by contriving a competition or race between nodes to solve a mathematical problem set by the protocol. The winner of this race receives a reward in the form of credits and, in some cases, transaction fees. To keep nodes honest, the winning node's solution must be verified by other nodes and their confirmation then broadcast out to the network.
In the implementation known as bitcoin, the nodes that compete in the race to update the ledger are known as 'miners'. To win the contest a miner on the network compiles recent transactions into lists, known as 'blocks'. Transactions are being sent out to the network all of the time, reaching some nodes before others, and this could create a problem for the integrity of the ledger.
So the protocol requires a node to run their block through yet another mathematical equation, known as a 'hash' function, to turn the block into a unique 64 character string. The nodes are looking for a block that, once put through the equation, creates the right answer to the set mathematical problem. The hash function used by bitcoin is called SHA-256 and is deemed impossible to reverse engineer to work out what block would give the right answer.
Hash functions have the special property that for any given input they always generate the same output, and they are very sensitive to changes in input. Each node takes their block and hashes it and compares the output with the required answer, then re-runs the process by adding a random number on to the end of their block. This cycling happens at great speed, and the most powerful computers are able to perform the process in minutes. This type of mining is known as 'Proof of Work'. Other less computationally expensive methods, such as Proof Of Stake are gaining in popularity but are outside the scope of this article.
To control the speed with which nodes come up with the right answer the protocol can adjust the complexity of the mathematical problem. As computing power has increased, the competition has been made harder to make it fair. For bitcoin this time is about ten minutes.
The node that solves the mathematical problem first then sends its block around the network for the other nodes to verify the result. The winning node adds into the block their reward. At the same time that the other nodes are checking the hash result, they also check that the winning miner has not granted themselves too much credit and reject the block if they have. Again this checking happens very quickly. When a majority of nodes have broadcast their verification of the new block, it is accepted. Each node adds the new block to their copy of the ledger as the official record of all transactions that occurred since the prior winning block. The new block, in addition to the transactions and random number, include a reference to the previous block and some information on the state of the network. If some transactions have been left out of the winning block, they would be picked up in the next cycle by the miners. The way that consensus is achieved between a network of unrelated people, without the need for individual bonds of trust, is one of the defining aspects of blockchain. This consensus-building leads to the existence of one single blockchain, one source of the truth, shared by everyone.
Built in to the protocol are discentives to cheating. So the rewards won by nodes cannot be used or spent until 99 new blocks have been added on top of their winning block. An attempt to use credit twice would also be spotted. Also mining itself has a real world cost in that the computers themselves are costly to own and operate. The risk that someone might try to slow down the network by sending in very many very small value transactions (so called dust transactions) is mitigated by the addition of transaction fees. (Generally, computation costs make it more profitable to gain bitcoins by mining a new block, than by attempting to manipulate history.) Then there is the risk of someone taking over control of a majority of the nodes on the network, and using their combined hashing power to win more often than lose the race to add new blocks. Because the competition to add new blocks is one of chance, a node can increase its chances of winning by superior computational power, or by combining with other nodes to work in concert.
This vulnerability is generally recognized as blockchain's greatest weakness, known as a '51 percent attack'. If a node gained more than 50% of the total hashing power it could then create an alternate chain of fraudulent transactions. That this hasn't happened so far for bitcoin is testament to the genius of the architect behind the protocol who calculated that self-interest would act to prevent anyone with an interest in bitcoin from damaging it. In the event of a 51% attack other users would lose confidence and the value of bitcoins would fall impacting the attacker's own wealth.
A related issue is that of forking. This occurs when some nodes in the community build on a block, while others build on another block. By working on a particular block, legitimacy is conferred on that chain, and if the majority work on it they will win the right to add more blocks. Those nodes working on the forked chain will eventually notice that there is a longer chain and stop work to move over to the longer chain. The majority view is deemed as the correct one, and so the network adjusts itself automatically, again without central control.
Given that blockchain technology relies to a great extent on digital signatures and encryption, a central issue for developers is the extent to which these technologies are lawful in the relevant jurisdiction. The stronger the encryption the harder it is to break – and so work backwards to find the private key for an address and take over control of that address. Unofficial use of very strong cryptography can make the work of law enforcement very difficult and for this reason some countries have implemented tight controls (eg China and Israel). Importing encrypted products into these countries is a serious criminal offence, equipment can be confiscated and private keys divulged. Forty-one countries, including the US and the EU Member States, are signatories to the Wassenaar Arrangement, a multi-lateral export control regime dating from 1996. Under Wassenaar, export of some cryptography is permitted and there is a more relaxed attitude to cryptography used in publicly available products and open source software. A related issue is the vulnerability of a crypto product to a brute force attack, where a computer cycles through all of the possible keys until it guesses the right one. Increases in computing power mean that the amount of computing time needed to crack a key is falling. The predecessor to SHA-256, known as SHA-1, is now being widely replaced in mainstream digital products such as Google Chrome because of authoritative evidence that it is vulnerable to attack, and the US National Institute of Standards and Technology is working on the next generation SHA-3. Even so consensus estimates are that SHA-256 would still take centuries to crack with the computer technology available today.
In the case where the blockchain is being used as a reliable system of record questions of the admissibility and enforceability of transactions executed by digital signature in the courts are raised. A threshold question when researching the law is to be clear to distinguish signatures created by encryption technologies (digital signatures) from other electronic forms such as the typed form, a scan of a handwritten signature, attaching a symbol or clicking 'I Accept' or entering a PIN. Local laws may also require that a document be signed 'in writing' and 'witnessed', and authorities acting as registrars (eg for land) may also have their own rules requiring 'wet signatures' on documents.
The admissibility in legal proceedings of digital signatures is covered in the EU, firstly by the Directive on Electronic Signatures (1999/93/EC), which is to be replaced by the new e-ID Regulation from 1 July 2016. This legislation is technology neutral and provides that e-signatures (the umbrella term for all electronically generated signatures) will not be inadmissible simply because they are electronic rather than manual. The Directive goes on to distinguish between e-signatures and advanced e-signatures - the key difference is that an advanced e-signature must be secure and backed by a certifying authority in which case it will satisfy the legal requirements for 'signing'. The new Regulation attempts to harmonise the law across the EU to realize the vision of a single market in digital products and services. It updates the law in some key areas, such as cross-border recognition of government e-ID schemes, and regulation of trust providers. It is important to note that digital signatures, because they are produced by encryption software, are more likely to satisfy the requirements for advanced e-signatures. From an evidential perspective a digital signature will carry more weight in determining issues such as the intent of a party to be bound, identity of the signatory and authenticity of the underlying document or message.
Most other countries in the world recognize electronic signatures as admissible in legal proceedings but some notable exceptions exist. For example, Brazil admits only electronic signatures created using a government form of public key infrastructure and Turkey will recognize signatures only if they are backed by a certificate issued by a qualified service provider. The blockchain protocol itself does not include a certification process that reliably links a natural person to their digital signature, but ecosystem providers, such as bitcoin wallet services can do.
A message on the blockchain can also hold arbitrary data, which may or may not be relevant to the message or transaction, and this may be illegal in some countries (eg hate speech or a pornographic picture). Unless the designer consciously obscures this data, it will be visible to those who view the blockchain and so may expose nodes processing the ledger to liability, as well as other third parties that offer analytics services.
If addresses are deemed personal data then, under EU law, each node becomes a data controller and node operators will have to think carefully about how they comply with laws on privacy and data protection, including export of data, and its security. Indeed, while addresses are not human readable they are unique and visible on the blockchain. For this reason anonymity is not guaranteed. Some research in the bitcoin space suggests that up to 40% of users could be unmasked by combining activity on the blockchain with activity on exchanges where digital currency is converted into fiat currency.
Given also that the blockchain is distributed across multiple nodes, if there are errors in it that cause economic loss to a user or organization relying on the system, there is no obvious defendant against whom to bring an action. In the absence of a central government or bank backing the protocol, individuals use the system at their own risk. In the case of bitcoin, the market is responding with solutions. An ecosystem of providers are responding by offering secure wallet services which store private keys, currency exchanges for converting legal tender into bitcoin and back again and the protection of multi-signatories. Even though it takes up to 10 minutes to seal off a new block, and longer for the majority of nodes to really verify its accuracy, some wallet services will complete a modest transaction instantaneously relying on statistics to be confident that the coins are there.
Finally, while not strictly speaking a legal issue, there are questions concerning governance of the open source software itself, and the fairness with which changes to the core software are selected and implemented. The OSI describes open source as 'a development method for software that harnesses the power of distributed peer review and transparency of process'. Governance of open source movements and projects has largely been a community affair, with little attention paid to binding rules. Most software developers just want to be able to get on with the work in an efficient way. The core developers are not elected or appointed democratically but maintain their position on technical merit. When conflicts have arisen the absence of a clear leader can mean the project descends into anarchy. However, the presence of a top-down leader can stifle the very energy and purpose of the project. A balance must be struck between central control and distributed. For blockchain technology to enter the mainstream and win the confidence of ordinary citizens good governance will be vital.
Blockchain technology opens up new and exciting ways of re-wiring society, government and commerce, simplifying and speeding up interactions and removing costly middlemen and centralised systems. The technology promises to be very disruptive to the existing world order if allowed to proliferate. How disruptive is anyone's guess. It is clear that it raises regulatory and consumer issues that will have to be resolved as the technology evolves. After an initial period of suspicion and skepticism, the bitcoin application is being embraced around the world by progressive organisations and innovators alike, looking either to gain competitive advantage or deliver societal benefits. All under the watchful eye of regulators.
In the UK the Chancellor George Osborne in 2015 announced a 'regulatory sandbox' initiative to stimulate technology innovation in financial services to make London a 'global centre for fintech'. Under this regime the financial regulator, the FCA, would relax its rules to permit companies to experiment and test new products. This measured approach was warmly welcomed by bitcoin enthusiasts and could prove to be the key to unlocking the promise of the blockchain.
If British philosopher John Locke were alive today I think I would take issue with his statement 'wherever law ends, tyranny begins'. After 300 years we may just have found a third way.
Richard French is Legal Director at the Digital Catapult: https://digital.catapult.org.uk/
 In this article we use 'blockchain' with a lower case initial letter to refer to the generic technology and differentiate it from the company with the same name 'Blockchain' at www.blockchain.com.