Identifying and Serving Defendants on the Blockchain
In several instances, courts have allowed the serving of legal documents on anonymous parties by serving the papers in the form of an NFT. In these instances, the NFT was minted linking to the legal document, and the NFT was then assigned to the party’s account. In New York, LCX AG, a cryptocurrency exchange based in Liechtenstein, traced the theft of $1.3 million of Ether to an address on the Ethereum blockchain, but was unable to identify the owner of this address. LCX brought a lawsuit in New York state court asking for a preliminary injunction to prevent redistribution of the Ethers from this account. The state court issued an Order to Show Cause, and then authorized the attorneys for LCX to server the Order by “airdropping” an NFT token to the address on the Ethereum blockchain. The NFT included a hyperlink to a web page (created by the plaintiff’s counsel) that contained the Order. The counsel then monitored the website to see if the hyperlink were ever followed to view the Order.
There are various issues with using NFT tokens as a method for legal communications. First, unlike email communications, the recipient of an unexpected token is not provided with a “You have Token” message. Account owners will typically have to use a specialized explorer service to identify all the tokens that are owned by their account. If they do not do this frequently, it may be a long time before they are aware that they now own a new NFT. Second, the airdropping of unknown NFTs has become a frequent “phishing” technique. The technique is to grant recipients the ownership of a new NFT, which includes a link to a website where they can receive additional tokens. If the recipient follows that link and enters in their account information to obtain the proffered tokens, their crypto account can be emptied. Consequently, recipients are wisely becoming reluctant to examine airdropped NFTs and follow the inserted web links.
Obtaining Judgment Against a Blockchain Account
Blockchains assign ownership of tokens (such as cryptocurrency tokens or NFTs) to an address. The address is just a number, and it can be difficult or impossible to identify the owner of a particular account. Thus, while stolen or absconded cryptocurrency tokens can be undoubtedly traced to a particular account (this is made transparent by the very nature of the blockchain), it can be very difficult to place a hold on that account or recover those tokens.
In some cases, it is possible to obtain physical control over accounts that hold cryptocurrency tokens. In 2020, the Federal government sued for civil forfeiture of Bitcoins that were acquired during illegal activities by the Silk Road dark website. Silk Road was a marketplace for various criminal activities, including the distribution of illegal drugs. The marketplace earned over 600,000 Bitcoins in commissions. Some of these Bitcoins were tracked to a particular blockchain address over which the Federal Government obtained control by seizing computers that identified the address and the private key used to transfer funds from that that address. In 2022, the founder of the Silk Road agreed to a forfeiture of the assets held in that account to the U.S. government.
Another technique is to organize the blockchain itself to act against the accounts of bad actors. Typically, this is accomplished by blacklisting the accounts, with the hope that various actors on the blockchain will not allow transactions to or from accounts that have been blacklisted. Some blockchains contain smart contracts whose purpose is to accumulate lists of blocked addresses (that have received stolen or fraudulently obtained cryptocurrencies or NFTs). Cryptocurrency exchanges and other service providers on the blockchain can then examine these lists and refuse to provide service to accounts on the blacklist. Such blocklists, however, cannot stop all transactions on the blockchain—only those transactions that pass through those exchanges or service providers.
A third technique is to use government action. The U.S. government maintains a list of blockchain addresses on its “Specially Designated Nationals” (or SDNs) list. This list includes individuals and groups that are involved in such activities as terrorism and narcotics trafficking. Once an entity or person is on the list, US nationals are prohibited from interacting with them or else risk criminal prosecution. By including digital currency addresses on this list, the U.S. government is indicating that these addresses have been associated with theft, fraud, or even state-sponsored terrorism. Exchanges (and other parties) are discouraged from interacting with these blacklisted accounts since such interactions may bring about criminal liability. The SDN list has also been used to shut down organizations that ignore the SDN list, such as the Tornado Cash DAO.
Suing the Service Companies
Many users interact with cryptocurrencies through an exchange. A cryptocurrency exchange allows customers to buy, trade, and sell crypto currencies, including purchases with, and cashing out into real (fiat) currencies. The exchanges are frequently the source of hacking attacks that allow thieves to steal the currency tokens of the clients of the exchange. To date, the largest hacks (exceeding $100 million) of exchanges include:
- 2022: $113 million from Maier (a decentralized exchange),
- 2021: $150 million from BitMart (Grand Cayman),
- 2020: $275 million from KuCoin (Singapore),
- 2019: $105 million from Coinbene (Singapore),
- 2018: $560 million from Coincheck (Japan),
- 2016: $623 million from Bitfinix (China), and
- 2014: $460 million from Mt. Gox (Japan).
Cryptocurrency exchanges can be of two types—centralized and decentralized. Centralized exchanges operate as real-world companies that are capable of being sued. They are organized in the jurisdiction in which they are located. Money lost in the above-listed thefts therefore can and do result in lawsuits against these exchanges. Coinbase, for example, is the largest cryptocurrency exchange in the United States. It is publicly traded, has a market capitalization of over $16 billion, and has been sued many times, including numerous class action suits as a result of its exchange services.
Decentralized exchanges are effectively DAOs operating under a smart contract on a blockchain. Lawsuits for the activities on, and breaches of, decentralized exchanges are more difficult as there may not be an entity that can be sued for the actions that occur on the exchange. Binance, the largest cryptocurrency exchange, is a centralized exchange that holds assets on behalf of its users. It has created a decentralized exchange known as Binance DEX. Consequently, while actions occurring on Binance (or the U.S. version known as Binance.US) could result in a lawsuit against an actual legal entity, it might be more difficult to bring suit for activities that occur on Binance DEX.
Please see Dan Tysver's bio and contact information if you need any blockchain-litigation legal assistance. Dan is a Minnesota-based attorney providing intellectual property advice relating to blockchain litigation to clients across the country.