How Smart is Your Contract? Legal Considerations Around Smart Contracts

  • May 10, 2018
  • Imran Ahmad

In a 2016 report[1] by the World Economic Forum, it was suggested that smart contracts based on blockchain technology could potentially codify financial agreements in a shared platform and guarantee execution based on mutually agreed conditions. This would significantly reduce manual efforts required to support the execution of financial agreements and thereby, in theory, accelerate business processes. While the benefits associated with the application of blockchain technology to smart contracts are promising (e.g., operational simplification, counterparty risk reduction, clearing and settlement time reduction and fraud minimization), it brings with it important technical and legal issues.

Smart Contracts – A Primer

Broadly speaking, smart contracts are self-executing electronic instructions drafted in computer code. This allows a computer to “read” the contract and, in many instances, effectuate an instruction or transaction, should certain conditions be met – hence the “smartness” of the contract. Put differently, a smart contract will self-execute the stipulations of an agreement when predetermined conditions are fulfilled. The parties to the contract typically “sign” the agreement using a cryptographic security code and deploy it to a distributed ledger, or blockchain. When conditions in the code are met, the program automatically triggers the required action.

The underlying technology to smart contracts, blockchain, is a register (or ledger) of all transactions that have occurred for a given smart contract. Each transaction (or block) is authenticated by a network of computers before it is added to the chain of all prior transactions using cryptographic techniques and a large amount of computing power. The blockchain, or distributed ledger, is open and transparent for all to see. The record is intended to be secure, permanent and immutable.

Blockchain uses encryption and a combination of public and private “keys” for security. The system utilizes mathematical techniques to match a public address with a private security access key for each participant in a transaction. If these two items match, the transaction can then be broadcast to the other participants in the blockchain for verification and entry into the ledger.

Key Legal Challenges

Cybersecurity

One of the key concerns around smart contracts is whether they can be hacked and manipulated for improper use. The concern is not hypothetical. In July 2016, a hacker exploited code vulnerabilities in the so-called Decentralized Autonomous Organization (“DAO”) to redirect $50 million into an account controlled by the hacker. DAO was an investment fund where, instead of leaving decisions to a few partners, anyone who invested would have a say in which companies to fund. The more an investor contributed, the more weight their decisions were given. This distributed structure was meant to ensure that no one could run off with the money – in theory. However, a hacker, who was also a participant in the fund, was able to manipulate the code and transfer $50 million in cryptocurrencies without proper authorization.[2] While the hacker was apprehended and the funds recovered, the incident demonstrates that the security around smart contracts in not absolute.

Contract Law

Another key question that comes up about smart contracts is whether they are really contracts. Broadly speaking, a contract is a legally enforceable promise or promises that must meet a number of conditions imposed by law, such as multiple parties, the capacity of the parties, mutual assent, and consideration. Also, there are a number of defenses to the enforcement of contracts, including mistake, misrepresentation, duress, undue influence and unenforceability on public policy grounds.

For a smart contract to be enforceable, it would need to meet all of the traditional requirements of a valid contract under law. Based on Canadian caselaw in the area of electronic commerce, it is unlikely that smart contracts will require any special set of new law or regulations. Rather, existing legal principles will be adapted and perhaps modified, either by statute or by the courts, to deal explicitly with the requirements of smart contracts or other emerging technologies.

What is unclear at this stage is how parties to smart contracts will demonstrate that each legal requirement for contract formation is met with the proposed smart contract solution they are entering into.

Financial Crimes Enforcement

Smart contracts also raise concerns from an anti-money laundering standpoint. Under Canadian law, participants in financial transactions are required to know and verify the identity of counterparties and report any suspicious activity to law enforcement or to block the transfer of funds to suspicious individuals or organizations. Since smart contracts are designed to self-execute without human intervention, users of these smart contracts will need to build technical contracts that allow them to comply with such legal requirements.

As well, smart contracts often will keep the identify of parties anonymous, which will further complicate the work by financial institutions, who are required to report such transactions, and by law enforcement, who will be tasked with investigating them.

Other Issues

In addition to the above, there are a host of other issues that should be taken into consideration when it comes to smart contracts, including how legal disputes between contracting parties will be settled and how evidence will be provided to the courts. For example, given the courts’ limited expertise in deciphering code, parties to a smart contract may need to retain a neutral third party to securely maintain and produce the smart contract in natural language for a court to review as part of a potential dispute.

Similarly, if the parties to a smart contract are using a third-party platform, they may be required to agree to an established set of overarching basic legal provisions, such as dispute resolution, governing law and venue or forum for dealing with disputes. These would need to be clearly disclosed and agreed upon by the parties to the smart contract to be enforceable. While simple in theory, demonstrating that this was done in a manner such that the parties clearly understood what agreeing to such provisions meant (so as not to vitiate their consent) is not likely to be straightforward.

Conclusion

Blockchain technology and smart contracts have the potential to positively transform financial markets and the business of banking. Assuming that the technology is further developed and broadly adopted, smart contracts will need to meet the same legal standards as traditional paper agreements.

Given the significant costs associated with building smart contracts and the underlying infrastructure to support them, businesses should also invest resources in developing a legal architecture built on existing statutory and judicial guidance. This will avoid unnecessary issues down the road.

ABOUT THE AUTHOR

Imran Ahmad is a Partner at Miller Thomson LLP and practices in the areas of cybersecurity, privacy and technology law

 


[1] World Economic Forum, The Future of Financial Infrastructure: An Ambitious Look at How Blockchain Can Reshape Financial Services, August 2016, available online at: <http://www3.weforum.org/docs/WEF_The_future_of_financial_infrastructure.pdf>.

[2] Klint Finley, A $50 Million Hack Just Showed That The DAO Was All Too Human, Wired Magazine, June 18, 2016, available online at: <https://www.wired.com/2016/06/50-million-hack-just-showed-dao-human/>.