I have long thought about applying technology to improve contract creation and management. My first blog post on the topic dates from 2004 (see my contract management posts here.)
Recently, I have read several articles about how blockchain technology – which underlies Bitcoin – can support self-fulfilling contracts. So when I had an opportunity to learn more about Ethereum, a player in this space, I took it.
Sometimes I ask for a demo of new tech but that did not seem useful here. Ethereum’s approach is new and distributed, so I was not sure what I could see. Instead, I posed a series of questions by email, which Dr. Aeron Buchanan, a Researcher at Ethereum, answered. I edited his answers lightly before posting (after after he reviewed them).
Ethereum is a not-for-profit organization. Its home page states “Ethereum is developed by a worldwide team of passionate developers from EthDev on behalf of the Ethereum Foundation, a Swiss nonprofit.”
For more information, see this Ethereum infographic (thumbnail version at end of post).
[UPDATE of 9 Oct 2015: Over the last couple of months, Shawn S. Amuial and Josias N. (“Joe”) Dewey, lawyers at Holland & Knight, published a series of five blog posts on the blockchain and smart contracts at the Bloomberg Business of Law blog. As of today, the collected set of posts, which I highly recommend, are available here.)
[My usual qualifier when I write product-specific posts … I receive many offers to view products. Occasionally, I engage when I think the new tech or service is interesting. I do not look for competing products to compare and I have no financial interest in the company or product.]
Many readers will find the tech here difficult. Lawyers and professionals who work with them must decide, as a strategic matter for any new technology:
- Might a new technology affect the practice of law? What opportunities or threats does it create? Does it raise substantive issues of law? Might it affect how we practice or deliver client service?
- If an impact might occur, how much should we invest to understand and track it?
- At what point – and how do we know when that point arrives – must we do a deeper dive? Or adopt it?
These are hard questions. As far as I am concerned, most lawyers blew these questions in the 1980s and 1990s on PCs, email, and the Internet.
My answer to these for Ethereum is that “there is enough there there” that, as a market, we need to understand more and start tracking it. Hence this post.
[In the interview below, my questions are in italics.]
Q: In the legal market, I’m always reluctant to start with technology. But understanding what Ethereum offers – and it’s potential to substitute for some contracts – is the best place to start. For those who are not tech-oriented, what’s the easiest and quickest way to explain what you do and how the technology works?
This is a tricky question to answer, because Ethereum is a foundational platform layer for using the internet, intranets, VPNs, etc. So it’s not much easier than explaining what computer networks are for and how they work.
The most helpful explanation is that Ethereum, as a technology, is a robust, secure, shared computing resource: it provides guaranteed computation and storage, with customizable cryptographically secured permission schemes for both. This means it can act as a trusted authority for digital information and processing, even though (and in fact because) it is not controlled or controllable by any entity or cohort.
Now, no system is perfectly secure, and it is possible for Ethereum to be subverted if a majority of its uses somehow managed to coordinate and collude (the so-called “51% attack”).This would, however, involve a huge number of actors going against their own self-interest. Furthermore, because of the Ethereum built-in cryptographic security, it is not possible to spoof actions. That is, if Ethereum says a particular person uploaded a specific instruction, you know it was him or her.
All this means that Ethereum, its technology and, eventually, web 3.0, make it possible to collaborate in ways that have not been practical or even possible until now. For example, being able to write a document with others where every update is fully auditable by all parties involved (and no-one else, if desired).
At the heart of Ethereum is the concept of reliability: every use of the Ethereum “shared computer” is initiated by a cryptographically signed instruction and the rules relating to that instruction are strictly adhered to, which means everyone can rely on the veracity of the instructions and the outcomes. Needing a secure digital signature means that the concept of identity on Ethereum is very strong and guaranteed.
There are two main types of instruction that can be given to Ethereum: the first is a request to create a new contract (with its own program code and storage); and the second is to interact with any existing contract. Contracts can be as simple or as complicated as you want. They also come with as much data storage as you want, although storage is very expensive on Ethereum.
Everyone on the network can see what every contract is programmed to do. Indeed, this is an important aspect as it is part of the trust and of the security: everyone can be sure of what contract they are entering into and everyone checks that instructions are executed correctly so everyone can be sure that all the data Ethereum holds and all the decisions it has made are correct. Note that because all instructions are cryptographically verified, contracts can be given permission lists for their execution, with access to particular functions being as restrictive or complex as required.
Putting all this together creates a platform which will become the basis of new web services which will lower the barrier of cooperation and coordination and will provide features and functions that we have, do date, only dreamt about.
Q: Are there existing commercial applications now, ones that are deployed and in use? If yes, what are some example. If not, what types of players do you expect to be among the early adopters? From your website, it seems the early adopters will be pretty tech.
The technology involved and the Ethereum platform itself (which launched on July 30th, only a month ago) are still too new. A huge amount of development is going on, from the tech start-ups you have perhaps already seen to global banking institutions.
Because of the territory, it is only to be expected that the first uses are tech-oriented, just as with when the internet was new. However, as well as the many fin-tech flavored applications, there are currently people working on a range of services, including information-provision (Augur, Gnosis), supply-chain tracking (Provenance), real-world interaction (Airlock, Slock), and many others.
I think we will see “waves” of development, with the first services being themselves platforms that others can build on. However, entrepreneurs are a creative bunch, and I think we should be prepared to be surprised!
Q: Lawyers arguably should care about this technology for two reasons. First, it could raise new legal and regulatory issues. That would mean new business for them. And second, it could be a substitute for contracts. Do you already have a sense on the first – what legal issues are you seeing now or do you expect to see?
There will undoubtedly be legal issues, and they fall into three main categories. The first is regarding ether, the “crypto-fuel” that Ethereum relies on to manage the provision of computation and storage and avoid spamming, i.e. avoid the myriad tragedy-of-the-commons pitfalls. (Programs running on Ethereum need to pay the network for the resources they consume. Volunteers earn this ether by validating transactions, securing the network.) It’s not clear how authorities will judge and react to people transferring ether to each other in order to be able to use Dapps (the applications that run on the Ethereum platform).
The second is in relation to the use of Ethereum contracts as being legally recognized as a component in legally binding contracts; that is, having the results of computation on the Ethereum platform as being legally actionable.
The third will be a secondary effect coming from the impact of services built on the Ethereum platform. Uber is upsetting a lot of people at the moment, with riots in Paris, etc, but that is just the tip of the iceberg. Technology continues to transform society and Ethereum is no exception.
Interestingly, the introduction of Ethereum creates more work for lawyers than just legal assessment and regulatory compliance. I foresee a new job-title emerging: the code lawyer, whose job will be the creation of and translation to and from legally useful Ethereum contracts. The potential effects of Ethereum and smart-blockchain technology are exciting and far-reaching.
Q: Let’s turn to contracts. I’ve read a couple of articles about blockchain and sidechain technology and how these could be used as contracts. That is, as I understand it, for certain agreements, we would not need any text terms. The terms would be built into the technology. How does or would this work? And are there examples that exist? How does enforcement occur? What if there is failure to deliver? How are disputes handled?
You have just summarized the hurdles that need to be addressed to move into the age of digital law. At first sight, they might feel insurmountable, but the progression from where we are now with paper contracts and digital commerce to digital law is fairly incremental and relatively straight forward. First, we must recognize that a contractual agreement is just information, and can be taken as having two components: a set of “if X then Y” statements (where, in general, X and Y can be arbitrarily complex); and a set of identifiable, legally responsible entities.
At present, paper contracts use the insanely archaic and highly forgeable mechanism of written signatures to indicate the entities party to a contract. A huge step forward can be made simply by leveraging Ethereum’s intrinsic cryptographic identity and robust time-stamping features to sign contracts once the wording is finalized. Indeed, as I have already mentioned, the updating of the wording can itself be managed more securely and efficiently on Ethereum, but I digress.
With e-commerce, we already have the notion of legally binding agreements based substantially on digital communication: if your credit-card issuer authorizes your purchase, the e-bay seller will send you your goods. If the goods are not sent, the digital communication between you and e-bay, and between your credit-card and the seller are admissible evidence in court. Now, e-bay the company acts as the escrow party, only releasing the funds to the seller once it seems you are happy that you received the goods.
Imagine for a moment that the escrow is managed by an Ethereum contract instead of e-bay: the credit-card company sends the funds directly to the seller as soon as the contract flags that the escrow conditions are satisfied. This is easy for the credit-card company because that side of the technology is very simple. In time, the credit-card company could decide to actually deploy its activities on Ethereum itself, tightening the integration even further.
The more intriguing question is how does the Ethereum escrow contract know that the conditions have been satisfied? Well, that depends on the conditions, but as you have hinted, because Ethereum contracts are actually computer code, in principle it is relatively easy to enumerate and translate the practical dependencies on to Ethereum. We can start with simply having a signed instruction sent to the escrow contract from the seller when the goods are sent, and then by the buyer when they are received. This could be made more robust by having the postal service send a signed instruction that the goods have been delivered. Involving the postal service means having a bit more infrastructure in place, but for the development of this example, we can assume that all such devices are already deployed. A “time-out” rule can be easily added, so that if the buyer hasn’t signed off or complained by a certain time the seller can claim the funds. Even this quite simple set-up will cover the vast majority of sales, without e-bay even needing to be involved.
When disputes do arise, a “real-life” arbitration procedure does need to exist as a back-stop. Contracts can be programmed to response to signed instructions from pre-agreed arbitrators to resolve dead-locks. In fact, there is no reason why judicial bodies should not be added as the final decision-makers, so Ethereum contracts can be made to respond to court rulings in a much more direct way than the current process of issuing orders that others must then act upon.
As the Ethereum ecosystem develops, more and more activities, assets and actions will have some form of integration with the Ethereum platform and therefore be directly manageable by Ethereum contracts. Initially, this will predominantly be drawn from the digital realm, but as blockchain-aware devices are developed, it will grow to include the physical realm as well. For example, devices automatically sending information to Ethereum contracts based on actions they detect in the real-world, or devices that unlock doors when they receive a signal from an Ethereum contract.
I think the two main concerns are i) how intrinsic, or simply useful, is the plastic nature of current contract interpretation and execution, and thus how far should we go in transferring agreements into strictly implemented computer code and ii) at what rate can we expect code-lawyers to learn how to write robust and comprehensive contracts in computer code? It could be said that lawyers over the centuries have been working towards the goal of codifying unambiguous rules in languages for which ambiguity is an unavoidable and, indeed, beautiful characteristic. We are now closer than ever to being able to codify rules on a realistically reliable platform using a unambiguous language. I personally am interested to see how the discussion of this topic reveals lawyers’ actual feelings about this foundational premise.
Q: Would there be value in having lawyers involved. What role might lawyers play. Are there advantages for first mover lawyers?
At the moment, you need to understand not just programming, but asynchronous process programming and the game-theoretic constraints that Ethereum contracts will sometimes be affected by. I see the involvement of lawyers as inevitable, but they will need to get up to speed on what coding on Ethereum involves, because here lies potentially the biggest opportunity that most lawyers will have ever seen in terms of an emerging ecosystem in need of the very expertise that lawyers possess. However, the opportunity is one that lawyers will need to create for themselves, because without active participation, the ecosystem will either learn the expertise itself or reduce to something where the expertise is simply not needed.
Q: In 2001 I worked for a dot.com e-signing company. Our tech was based on the Public Key Infrastructure. Does PKI matter here? If yes, how does one address the certificate / identification challenge. If no, how is identity established securely?
PKI is absolutely fundamental. Hopefully the answers above make this clear. If not, I need to go back and rework them! The main message is that Ethereum provides a PKI that is so integral to its operation that it will become as easy to use as logging into Facebook. Finally!
End of Interview
For reference, here is small version of the infographic referenced in the introduction: