BREAKING THE CODE: CRYPTOCURRENCY AND PROGRAMMING PROPOSAL.

• Author: Hutchinson, Allan C.

The problem to be faced in regulating cryptocurrency is the general thrust of the 'governance paradox' (1)--how do you regulate an innovative scheme that demands some regulation in the public interest, when you know that any regulation will transform the very features of that scheme that not only makes it what it is, but also makes it especially useful and attractive to that same public? More specifically, how do you regulate an off-the-grid, decentralized and distributed scheme without making it into an on-the-grid, centralized and undistributed scheme? This is the challenge to be met in devising any kind of proposal to create a tailored and efficacious regulatory regime for cryptocurrency. Consequently, in making this effort, it will be important to remember that regulation is not a technical end in itself, but a means to a larger and more substantive end. As regards cryptocurrency, this means that regulation must serve to advance and protect broader social and democratic goals--the shared notion of putting ordinary people and their interests at the heart of any regulated society, not those of many civic or state-controlled institutions that tend to put their own interests ahead of others. Accordingly, any proposals to regulate cryptocurrency must be guided by that broader and more encompassing ambition.

In this paper, I explore how to go about that exciting and, some might say, daunting task of designing and implementing such a regulation scheme. In the first section, I examine the present self-regulatory arrangements that underpin cryptocurrency; it is important to appreciate where things presently stand if there is any chance of making progress forward. In the second section, I pull back the institutional curtain and reveal the people and processes that maintain the blockchain technology that drives cryptocurrency; the nature of its operation and alleged consensus-based character are examined. The third section looks at some of the objections that are made to any effort to monitor the work of the code-makers and programmers; an important distinction is made between what is possible and what is desirable. In the fourth section, I draw comparisons and contrast between programmers and corporate directors with an eye to adopting some disciplinary strategies from corporate governance. The fifth section examines the difficulties to applying a modified fiduciary duty to the work of programmers. Throughout the chapter, the goal is to lay bare the inner workings of cryptocurrency so that a better and more effective job can be made of regulating it in a sensible and sensitive manner. Taking seriously Lessig's notion that 'code is law', (2) I strive to bring the code-makers into the disciplinary fold.

In Those We Trust

Cryptocurrency is not so much an unregulated domain, but a self-regulated sphere of activity. While this kind of regulation is not the kind of central or governmental intervention that engages and enrages critics and supporters, it is a foundational aspect of cryptocurrency. In so many ways, cryptocurrency is entirely dependent on blockchain technology and, therefore, those who create, organise and maintain it. There can be no cryptocurrency without a very structured and sustained set of programs, codes and protocols that combine to form the underlying blockchain-technology of cryptocurrency. As such, one of the primary and neglected entry-points for possible regulation is the small, but influential group of programmers who have so far largely flown under the regulatory radar. With the power to maintain and change the codes and protocols of the blockchains, they are the heirs to Satoshi Nakamoto's originating vision and have enormous responsibility and power, especially within permissionless systems. Even if the credo of crypto-programmers is to "reject kings, presidents and voting," (3) they will, if only by default, assume those royal and almost autocratic powers.

Although cryptocurrency users do not need to trust any central intermediary or other transacting party, they have no other choice than to trust the technology itself. Indeed, as a way to alleviate the need to trust others, the blockchain demands that you trust the system of algorithmic and cryptographic proofs and the software that enables the blockchain platform to underpin cryptocurrency transactions. This can be termed the lex cryptographica: it is an informal governance tool that both enables and puts limitations on what can and cannot be done. Indeed, it is the code and protocols that comprise the network itself that must be trusted. Of necessity, it determines the nature of people's interaction within the network by channeling and constraining those interactions; there is no network without a code to realise it and there is no cryptocurrency without a network. As such, the defenders of cryptocurrency as a trust-free mode of interaction and financing must stake their claims on the controversial assertion that "technology is much more trustworthy than people." (4) There are obvious problems with this, especially if compared and contrasted with the operation of more traditional financial institutions, like banks.

First, it seems axiomatic that there are all modes of technology are vulnerable to error or manipulation in one way or another. Indeed, the short history of cryptocurrency itself demonstrates that distinct possibility. The Mt Gox fiasco in 2014 is perhaps the most well-known. Hackers were able to infiltrate this busy Tokyo-based Bitcoin exchange (with about 75% of all Bitcoin transactions); not only were millions in Bitcoin lost, but it destabilised the entire global cryptocurrency market. Although on a lesser scale, the antics of Quadriga resulted in investors losing C$200M; the death of the sole founder and operator left investors with no way to access the various e-wallets in which the company's passwords were held. Secondly, unquestioning faith in the trustworthiness of cryptocurrency's technology drives home the crucial point from a regulatory point of view that technology is only as good as those who design, run and maintain it; the programmers and code-makers must be trusted to fulfil their responsibilities and exercise their powers in a professional, competent and scrupulous manner. However (and again), experience teaches that, no matter how professional, competent or scrupulous those people are, there will be mistakes and errors. Of course, if the code-makers are not professional, competent and scrupulous (as in the Mt. Gox and Quadriga situations), trouble and turmoil will lie ahead. In such circumstances, the introduction of some regulation of programmers seems to be not only wise, but close to essential; the legitimacy of the cryptocurrency demands nothing less.

Accordingly, it is with programmers that regulatory efforts might be able to intervene at ground-zero in the cryptocurrency world. By addressing the work and world of the code-makers, a more innovative mind-set might be able to intervene in ways that are both effective and consensual. The regulatory impulse might be able to influence the lex cryptographica and engineer the kind of changes, like a scaling-back of the system's pseudonymous characteristics, that might be demanded. Indeed, whatever crypto-purists might demand and defend, the maintenance of such a characteristic is both unwarranted and indefensible. (5) In short, any agency or institution entrusted with regulatory responsibilities agency might seek to nudge and chivy the software guardians of the blockchain to design and build code that instantiates and reflects the kind of values and incentives that would be thought to best advance the goals of a more fairly and lightly regulated cryptocurrency world. Indeed, by so acting, these latter-day heirs to Nakamoto might begin to instantiate in the overall and animating benevolent spirit of that originating genius. This holistic approach to regulation would allow a blend of the lex cryptographica with what might be termed the lex traditionis for the mutual benefit of each.

Importantly, any intervention that targeted the programmers and core developers would also have a very significant and attractive effect--it would permit the blockchain to remain its own regulator by continuing and developing an internal mode of algorithmic governance. (6) This is a tantalising prospect. Despite the arguments put forward by the good faith defenders of the status quo (as opposed to its less savoury and ill-intended ones who seem keen to protect illicit activity), the present structure and operation of permissionless systems of cryptocurrency can be enhanced by the right kind of regulation. The main arguments against directing regulatory initiatives--'free speech' and impracticality--do not hold water. They are diversionary and last-ditch tactics more than they are genuine and serious obstacles to regulation. As such, the effort to bring the code-makers within the regulatory field of consideration are worth pursuing; they hold the potential to both unlock and boost the beneficial possibilities of targeting the work and influence of programmers.

Before recommending how to go about this challenging task of regulating the programmers and protocol-makers, it is important to explain who these people are and how they operate. For a process that is touted for its transparency and 'trust-free' qualities, there is a definite amount of mystery that swirls around how the technological integrity and maintenance of the system is achieved. Indeed, the identities of the core developers are far from simple to discern and their modus operandi is also far from transparent to the uninitiated eye. Nevertheless, as they are located at the dynamic heart of the cryptocurrency enterprise, it would be foolish not to look more deeply into the code-makers' mandate and canvass the possibilities for bringing them more squarely into the...