Protocol developers of cryptocurrencies don’t own a special duty of care, the High Court of England has ruled.
In a case involving a claim against bitcoin core developers for failing to add a chargeback ‘feature’ to the protocol, leading to the alleged loss of assets as the claimant could no longer locate his private keys, the court found that there is no fiduciary relationship between the developers and the claimant.
“I do not think that bitcoin owners can realistically be described as entrusting their property to a fluctuating, and unidentified, body of developers of the software,” Mrs Justice Falk said.
They instead entrust their property to open source code which anyone is able to audit themselves.
The claimant, a company of Craig Wright, further argued that there was a tortious duty of negligence due to developers “failing to include in the software means to allow those who have lost their private keys or had them stolen to access their cryptoassets.”
The court however found there was no special relationship between the claimant and the developers.
In response to the argument that such duty should be imposed on public policy grounds, the court found that the class to whom the duty would be owed would be “unknown and potentially unlimited”, with “no real restriction on the number of claims that could be advanced against the [Developers] by persons who had allegedly lost their private keys or had them stolen.”
In the first case of its kind therefore, English case law establishes that there is no general duty of care by protocol developers to the public.
However, that’s within the very specific circumstances of this case where the claimant, whom ethereum’s founder Vitalik Buterin has called a “fraudster”, argues that some sort of chargeback button should be inserted into bitcoin when it was never part of the bitcoin ‘deal.’
The case was hopeless, in other words, and due to that it isn’t too clear just to what extent this establishes a lack of duty of care.
That’s a technical term with fiduciary duty usually applying if you hand over someone assets to custody for you, for example.
While the duty of care in this context applies more to professionals. Financial advisors for example have to take care not to be negligent in the financial advice they provide.
The court suggested that developers could have such duty as well in some circumstances as developers have to assume some level of responsibility to ensure that they take reasonable care not to harm the interests of users, like not to implement something that compromises the security of the asset.
Which is why they usually carry extensive tests over months and years on testnets before pushing a live update.
But there is no specific duty to safeguard your private keys. Instead their duty, if any, is more towards not intentionally damaging the network through negligence or carelessness.