Can you sanction a smart contract? $1.9bn stolen in crypto hacks this year. Fiduciary duties for open source devs? US Fed guidance on master account for crypto banks. CCO license for NFTs

CryptoLaw Newsletter #62

Hello everyone!

TLDR:

• Sanctioning a smart contract? Coin Center preparing lawsuit against US Treasury Tornado Cash decision

• $1.9bn stolen in crypto hacks – big part of it by North Korea-linked hackers targeting DeFi

• Do open source developers have a fiduciary duty towards users? UK Court of Appeals to re-assess

• US Fed guidelines on master accounts for crypto banks

• Korean regulators investigating banks for large foreign remittances through crypto exchanges

• What’s a CC0 open license for NFTs?

Top-5:

1. Can you sanction a smart contract? Coin Center is preparing a lawsuit against the US Treasury’s sanctions against crypto mixer Tornado Cash and associated wallets. The Center distinguishes between two types of sanctioned Ethereum addresses linked to Tornado Cash. There may be a Tornado Cash entity and some of the sanctioned addresses could be pseudonyms for, or property of, that entity. Those can be subjected to sanctions under US law, the Center clarified. However, other Ethereum addresses simply contain the smart contract code of the mixing application. “They are the addresses at which a user can find the software logic that, given the proper inputs, will execute and mix coins for users. This is the mixer itself, but it is something wholly separate from the entity identified as Tornado Cash, even though the name ‘Tornado Cash’ is also often used to refer to it.'“ It’s this type of Ethereum address that the US Treasury shouldn’t subject to sanctions, according to the Center, as it cannot file a petition for removal from the sanctions list. “By treating autonomous code as a 'person' OFAC exceeds its statutory authority”. Meanwhile, Dutch authorities arrested a 29-year old Tornado Cash developer on suspicions of facilitating money laundering. A growing number of DeFi apps are severing ties with Tornado Cash users.

   

   Silke Noa @silkenoa

   8/20 So what is the "entity" "TORNADO CASH"? Is the #TornadoCash code the person? Are the wallet addresses identifiers of that person? Or does #OFAC equate "TORNADO CASH" with the #TORN holders who participate in Tornado governance? Unclear.

   7:21 PM ∙ Aug 10, 2022

   ---

2. The US Federal Reserve issued guidelines for granting master accounts to crypto banks.

3. Korean regulators are investigating banks for billions worth of crypto transactions linked to the so-called kimchi premium for foreign remittances through crypto exchanges.

4. US$1.9 billion was stolen in crypto hacks, according to Chainalysis' mid-year crypto crime report. Around $1bn was taken by North Korea-linked groups targeting DeFi vulnerabilities.

5. Do open-source developers have a fiduciary duty towards their users? No, according to a UK court. However, the Court of Appeal allowed an appeal against that judgment, asked for by a Craig Wright-owned, Sechelles-based company. “The issue as to whether developers owe duties of care and/or fiduciary duties to the owners of digital assets and if so, what is the nature and scope of those duties is one of considerable importance and is rightly characterised as a matter of some complexity and difficulty.” Therefore, the issue wasn’t “susceptible of summary determination in the context of a challenge to the jurisdiction”. It’s an important case for many developers around the world, especially in the wake of the Tornado Cash developer arrest in the Netherlands.

And also…

• What’s a CCO license for NFTs?

YitzyHammer.eth @ijhammer

1/ #CC0: What is it and what does it mean for NFT creators and holders? My two cents, in a 39-tweet 🧵👇

12:35 PM ∙ Aug 10, 2022

---

• The US Federal Reserve warned Fed-supervised banks with crypto activities or crypto plans that they need to notify the Fed of their crypto plans, “ensure such activity is legally permissible” and determine any necessary filings under federal or state law.

• The European Central Bank is “taking steps” to harmonise the assessment of crypto-asset licensing requests. The ECB will pay particular attention to business models, (internal) governance and fit & proper assessments.

• "The ECB also published a study on the economics of central bank digital currency (CBDC), summarizing economic research on CBDCs and knowledge gaps on the topic.

• US$1.9 billion was stolen in crypto hacks, according to Chainalysis. Around $1bn was taken by North Korea-linked groups targeting DeFi vulnerabilities.

• A status update on the EU’s planned new AML authority.

• No ICO issuer is safe from US SEC action: the agency made that clear once again by going after another 2017 ICO issuer, DragonChain, for its Dragon token sale years ago.

• Colombia may create its own CBDC to avoid tax evasion, according to the tax authority’s head.

• Korean regulators are investigating banks for billions worth of crypto transactions linked to the so-called kimchi premium for foreign remittances through crypto exchanges.

• Kenya’s crypto community hopes president-elect Ruto will be more crypto friendly than his predecessor.

• The US IRS obtained  John Doe summons to collect information about taxpayers trying to evade tax obligations.

• The insider trading case in the US against a former Coinbase employee may not have been the only instance of insider trading at the crypto exchange.

• A private-sector consortium will test cross-border transactions with its sterling-backed stablecoin and provide data to the Bank of England. The pilot starts in October.

• NFT platform OpenSea is changing its policy on stolen NFTs: it will now require a police report.

• Updates from crypto lending litigation:

CoinDesk @CoinDesk

.@Nexo is suing a former director that it says has been responsible for cryptocurrency losses equalling $7.9 million, according to Law360. By @OKnightCrypto

trib.alCrypto Lender Nexo Sues Former Director Over $7.9M Trading Loss: ReportNexo is looking to recoup losses in a BitMEX account it has been locked out of since 2019.

2:46 PM ∙ Aug 17, 2022

---

Watcher.Guru @WatcherGuru

Bankrupt Celsius Network CEO reportedly sold hundreds of millions worth of #Bitcoin from users funds and bought it back a day later at loss.

2:40 PM ∙ Aug 16, 2022

---

• The US Federal Reserve issued guidelines for granting master accounts to crypto banks.

• The Canadian securities regulator imposes new pre-registration obligations on crypto companies, demanding investor protection measures while awaiting registration.

• EU parliamentarian Eva Kaili on the EU’s crypto bill, the Markets in Crypto Assets Regulation.

• Applying anti-money laundering (AML) practices to NFTs (paywall).

• Regulatory licenses: Crypto.com became registered as a cryptoasset service provider in the UK by the Financial Conduct Authority. Binance obtains an in-principle approval in Kazakhstan. FTX obtains a full license in Dubai.

• Law firm insights: Challenges posed by cryptoassets in restructuring and insolvency appointments, by GrantThornton. One of the outstanding legal issues is “the registration and enforceability of security [collateral] over cryptoassets in an insolvency. For example, registering the security would de-anonymise the parties to the transaction, which goes against one of the key tenets of cryptoassets.”

• This week in the Law of Code podcast: NFTs - securities laws and IP rights; Ryder Ripps lawsuit and the impact of US law on the global scale:

Thanks for reading!