Since early May 2022, a Decentralized Autonomous Organization (DAO) known as “bZx DAO” has been facing a lawsuit in California. The plaintiffs hold the defendants liable for their losses following a hack of the protocol that was managed by the DAO. This case is reminiscent of the first DAO known as “The DAO”, which was hacked in July 2016 by a user who syphoned off a large portion of the DAO’s funds by taking advantage of a flaw in the protocol. At the time, a solution was found in the release of a version of the Ethereum blockchain that did not contain the hacker’s transactions. This event prompted a hard fork, which indirectly compensated the injured parties by creating a version of the blockchain where the stolen funds were restored. While compensation was obtained without going to court, tampering with the state of the ledger prompted a lot of debate and will probably not happen again. The DAO case showed that if the blockchain ecosystem is to thrive as an economic powerhouse, the system has to provide adapted dispute resolution mechanisms to DAO users. Otherwise, disputes involving DAOs will have to be adjudicated by ill-equipped state courts. Before resolving any case on the merits, the courts would be faced with unprecedented issues pertaining to the legal nature of a DAO, and would have to analyze delicate questions in an international context in relation to jurisdiction and applicable law. But the real question is whether courts can provide effective access to justice for claims involving a DAO. Would it be better to leave the task of dispensing justice to the blockchain community?
What Led To The Rise Of The DAO?
Since the early days of Bitcoin, blockchain enthusiasts envisioned a new form of digital company for which management rules would be distributed across all the nodes of a blockchain network in order to be incorruptible. Cryptocurrencies would constitute the shares of this digital company and, as cryptocurrencies have market value, they would also serve as the assets of the company. This is how the idea of the “virtual corporation” came to light: a new form of company that would rely on the security, predictability and speed of computer code and would remove the need for human involvement as much as possible to minimize internal error and corruption.1
However, the Bitcoin protocol did not allow for such complex rules to be coded. It was not until the launch of the Ethereum blockchain that DAOs became a reality, thanks to the implementation of smart contracts. DAOs are the logical extension of smart contracts as they are simply “long-term smart contracts that contain the assets and encode the bylaws of an entire organization.” What differentiates a DAO from a smart contract is that a DAO has some form of internal organization that defines the governance of the entity and establishes the procedure to manage its crypto assets, while smart contracts are simple rules that trigger the transfer of crypto assets when determined conditions are met.
To date, there is still no universally accepted definition for the concept of a DAO. From a technical perspective, a DAO is composed of “smart contracts (i.e., blockchain-based software) deployed on a public permissionless blockchain, which implement specific decision-making or governance rules enabling a multiplicity of actors to coordinate themselves in a decentralized fashion. These governance rules must be technically, although not necessarily operationally, decentralized.” This definition highlights one of the essential features of a DAO: the decentralized governance. It is borrowed from the COALA Model Law for DAOs which is a private project to establish a legal regime for DAOs and their users. This Model Law defines a certain number of technical requirements that a DAO must meet to acquire legal personality and to grant its members limited liability.
What Is A DAO From A Legal Perspective?
DAOs have not yet caught the interest of many legal scholars. A DAO can be legally defined as “the entity created by the deployment of an autonomous and self-executing software running on a distributed system that allows a network of participants to interact and manage resources on a transparent basis and in accordance with the rules defined by the software code”. This definition is based more on the technical than the legal characteristics of the DAO because a legal definition can only be drafted in relation to a reference legal system. It was proposed in a study of the legal treatment of DAOs in the Swiss legal system, where the law does not know this form of social organization.
Very few jurisdictions have introduced the notion of DAO into their legal system. The US state of Vermont, for example, created in 2018 a new form of company: the Blockchain-based Limited Liability Company (BBLLC). A BBLLC is a DAO incorporated as a Limited Liability Company (LLC) in Vermont’s jurisdiction. The key innovation is that BBLLCs are incorporated using the same procedure as any other LLCs, but their governance can be fully or partially provided through blockchain technology, and votes regarding their operation and activities can be recorded on blockchain-based smart contracts. BBLLCs are legal entities distinct from their members who are subject to a limited liability regime for the DAO’s debts. In 2021, the state of Wyoming adopted a similar legal regime for DAOs, followed by the state of Tennessee in April 2022 with a law that is mostly a copy of Wyoming’s bill. Wyoming’s bill introduces a distinction between member-managed and algorithmically-managed DAOs. Under this law, the possibility to be managed by a manager, which is found in regular LLCs, is supplemented for DAOs by the possibility to be managed by an algorithm. However, the exact meaning of the term “algorithm” is not defined in the law, and it is unclear whether a Wyoming DAO could be managed by an artificial intelligence or by another DAO. The version of the law enacted in Tennessee replaces algorithmically-managed DAOs with smart contract-managed DAOs, which should remove some confusion as a smart contract is defined in the law as an “event-driven computer program”. However, the practical scope of this type of DAO is also unclear.
Vermont, Wyoming, and Tennessee DAOs benefit from legal regimes that give DAOs incorporated under their law the capacity to sue and be sued, to carry on business activities, and to enter into contractual relationships in their own name. Countries such as Malta and the Marshall Islands have also introduced DAO legislation. However, these legal regimes cannot be transposed into other jurisdictions that have not introduced DAOs into their legislation. In a country or state where there is no DAO law, a DAO cannot be incorporated to benefit from a specific legal regime and therefore does not have legal personality. In other words, DAOs are alien organizations in those jurisdictions.
Considering the creation by some jurisdictions of a legal regime applicable to DAOs, it is necessary to make a distinction between two types of DAOs: on the one hand, DAOs that are created and incorporated under the law of a state or country (hereafter referred to as “regulated DAOs”) and on the other hand, DAOs that are created outside existing legal frameworks and are not incorporated within a jurisdiction (hereafter referred to as “maverick DAOs”). To date, the number of maverick DAOs surpasses by far the number of regulated DAOs.
Regulated DAOs benefit from a legal regime that defines the nature of the relationships among the members (i.e., the people who have governance rights in a DAO). For example, Vermont, Wyoming, and Tennessee laws introduce a legal fiction, which grants DAOs a legal personality detached from their members’ personality as well as limited liability for their members. However, those legal constructs of corporate law only apply to DAOs incorporated under one of those legislations. They do not apply to maverick DAOs which are – by definition – not constituted under a formal legal structure. As a consequence, their members do not benefit from a clear legal regime and the legal nature of their relationships is uncertain. This leaves members of maverick DAOs exposed to legal uncertainty with respect to their individual liability should there be a dispute of contractual, tortious, criminal, or administrative nature. The exact scope of the liability of maverick DAO members will depend on the applicable law, but it cannot be ruled out that a person involved in the governance of a maverick DAO could be held to have individual liability for the actions and debts of the DAO. DAO members take significant risks by not using a formal legal structure. This risk is showcased by the ongoing proceedings in California against bZx DAO, where plaintiffs (who staked some cryptocurrencies in the DAO but did not participate in the governance of the DAO) argue that the members, and especially the core DAO members (i.e., the founders and main investors of the DAO) are jointly and severally liable for the damage they suffered.
Trying to determine the legal nature of maverick DAOs is a legally challenging undertaking and the resulting answer could differ from one maverick DAO to another and from one jurisdiction to another. Since DAOs function as organizational structures pursuing economic or social activities, the core question is whether a certain maverick DAO can be considered a company (or another form of social organization), in which case the relationships among the members of the DAO would be ruled by corporate law (and laws governing other forms of social organizations), or if the DAO should be regarded as a general partnership, in which case the relationships among the members of the DAO would be of a contractual nature. As maverick DAOs do not stem from the laws of a particular jurisdiction, legal scholars usually try to apply by analogy existing corporate law rules of their own jurisdiction to define the legal regime of maverick DAOs. For example, in the California case, bZx DAO has been characterized as a general partnership by plaintiffs’ counsel and the lawsuit has been filed consequently against some of the DAO’s “partners”.
The same bZx DAO would probably be characterized as a simple partnership (“société simple”) under Swiss law. However, the pseudonymity of DAO members contradicts the personal structure of the simple partnership, which requires the partners to be faithful and loyal to each other.2 Furthermore, each partner of a simple partnership is jointly and severally liable for the debts contracted within the framework of the partnership. This legal regime is not fit for DAOs as it would not be conceivable to expect from all members of a maverick DAO to be liable beyond their original contribution when they buy governance tokens that grant them mere voting rights in the DAO’s governance, especially when the DAO has thousands of pseudonymous members. In the bZx DAO case for example, even though the plaintiffs argue that bZx DAO is a general partnership, they are only holding responsible core members who have or had a great amount of control over the DAO’s protocol and who, according to the plaintiffs, “owed [them] a duty to maintain the security of the funds deposited using the bZx protocol”. In our opinion, it would be much harder to argue that participants who had small amounts of voting rights in bZx DAO are also liable for the damage, even if they had some decision power within the organization. As a result, it appears that different categories of members could bear different levels of responsibilities, putting identifiable core developers and core members of a DAO at greater risk of liability in case of a damage. This liability scheme would resemble that of a limited partnership (“société en commandite” under Swiss law) where general partners who oversee and run the business have unlimited liability, while limited partners have limited liability up to the amount of their investment.
How Can A DAO Undertake Business Activities In The Real World?
As they are incorporated entities, regulated DAOs can undertake business activities in the states or countries in which they are incorporated, just as any other forms of companies. Since their legal nature is determined by law, there is no specific legal question that must be addressed. As seen above, the situation is much more uncertain for maverick DAOs, as their legal nature is not specifically addressed in the law and it is not clear whether they can be validly represented in the real world or if they can even enter into contractual relationships.
When trying to determine the legal nature of maverick DAOs, one common practice by lawyers is to apply by analogy existing corporate law, which results in a transposition of maverick DAOs in one of the legal structures of the reference legal system (e.g., a société simple under Swiss law, a general partnership under Californian law). Both the qualification of a DAO and its legal features depend on the reference legal system. This means that the legal regime of a single DAO changes depending on the state or country in which the issue is being considered. This creates far too much legal uncertainty. This is why another way must be sought to determine how maverick DAOs could legally exist and undertake business activities in the real world.
The starting point of this alternative reasoning lies in private international law (PIL). Looking at the situation in Switzerland, DAOs must be considered foreign companies since they cannot be incorporated under Swiss law. This means that PIL rules can be applied to try to recognize DAOs as foreign companies in Switzerland. This approach aims at taking maverick DAOs as they are, without transposing them into one of the domestic legal structures.
In Switzerland, the recognition procedure of a foreign company aims at recognizing its legal existence and its legal personality, which ultimately gives it the right to undertake business activities within Swiss borders and to sue and be sued before Swiss courts. Foreign companies are recognized as legal entities in Switzerland if they meet two basic requirements. First, the entity must be characterized as a company under the Swiss Private International Law Act (Swiss PILA). Under this law, the notion of company is very broad and encompasses all social combinations that have a social organization or that are at least organized as a whole. Second, the company must be validly constituted according to the law under which it is organized, or failing that, according to the law of the state or country where it is administered in fact.
Whether a maverick DAO qualifies as a company under the Swiss PILA depends on its organizational structure. We can assume that most DAOs are sufficiently organized to be characterized as companies as they have governance rules that determine how the assets of the DAO can be used. But maverick DAOs cannot be validly constituted under a law since, by definition, such a DAO is not constituted under any law (as opposed to regulated DAOs which are registered and organized under the law of a state country). In this situation, the backup rule provided in the Swiss PILA connects the company that is being recognized to its place of administration. But this connection is not appropriate for a maverick DAO: it is not possible to link the administration of a maverick DAO to a physical space. The only “place” of administration of maverick DAOs is the Internet and the blockchain itself, where votes pertaining to their governance take place. Any attempt to anchor a maverick DAO in the territory of a state or country can only lead to a random and unpredictable result. There could be, of course, exceptions to this rule. For example, when membership in the DAO is restricted to a geographical area, the administration could be deemed undertaken in this physical space. In such circumstances, we could consider that the recognition of a maverick DAO as a foreign company is possible in Switzerland if the entity fulfills the constitution requirements provided for in the law where it is administered in fact. But this is an exceptional situation as it would be unlikely that the DAO would meet constitution requirements of a form of company known in the state or country of the place of administration of the DAO.
Apart from a few atypical cases, it is impossible for maverick DAOs to legally exist in Switzerland. A maverick DAO cannot be recognized as a foreign company insofar as it is not possible to determine if it has been validly constituted according to a foreign law. To our knowledge, there has yet to be a state or country that grants maverick DAOs legal existence within its jurisdiction. This is not the case whatsoever under Vermont, Wyoming, and Tennessee laws. Wyoming law goes as far as explicitly prohibiting the registration of foreign DAOs. It is thus unclear whether, for example, a Vermont BBLLC could be registered in Wyoming. And Tennessee law only allows DAOs based in the US or its territories to be delivered a certificate of authority. But the vast majority of DAOs (i.e., those not incorporated in a US state or territory) are also considered as alien organizations in that state. This leaves members of maverick DAOs in a position of legal uncertainty, as those DAOs exist and function as social organizations but lack the legal recognition from states and countries as legally existing companies.
The legal situation is totally different for regulated DAOs. For example, a validly constituted Vermont BBLLC would most certainly be recognized as a foreign company and be allowed to undertake business activities in Switzerland. A regulated DAO, whether incorporated in Vermont, Wyoming, or Tennessee, legally exist in Switzerland, without having to complete any formalities, provided it is validly constituted according to the law under which it is organized (e.g., under Vermont law). A regulated DAO could thus sue or be sued in Switzerland if it has this capacity under the law of the state or country in which it was incorporated.
How Can A DAO Be Brought Before A Court?
DAOs are exciting new types of legal vehicles that are especially suited for conducting business in the crypto ecosystem. While this industry offers new economic opportunities, it is very important for entrepreneurs and investors to understand and manage the risks involved with crypto assets and DAOs, especially considering the many legal uncertainties. Regulated DAOs offer their members and contracting parties a good level of certainty as they are regulated by law, and they are clearly identifiable entities that can be brought before courts in case of a dispute. But as regard maverick DAOs, the bZx DAO lawsuit showcased that their legal qualification is uncertain. When contracting with this type of DAO, it can be difficult to determine who is liable when things go wrong and whether the entity can even be a party to the proceedings.
In order to sue a DAO before Swiss courts, the jurisdiction to hear the case must first be determined by PIL rules since a DAO is necessarily a foreign entity. Connecting factors used by Swiss PIL rules as grounds of jurisdiction for Swiss courts refer to the location of the parties (e.g., the domicile, residence, or seat of the defendant) or to the location of the legal relationship itself (e.g., the place of performance of a contract, the place of occurrence of a tort, the place of business operations).
Although Swiss law sets out its own rules for determining when the subject of the dispute or the parties have sufficiently close connections with Switzerland for Swiss courts to have jurisdiction, the approach is very similar to that followed in other countries. For example, the connecting factors set out in the Swiss PILA bring similar results to the US approach of assessing the existence of minimum contacts with the forum. All legal systems use similar connecting criteria to localize the subject of the dispute and the parties themselves. A state or country will agree to provide the protection of its courts when the subject of the dispute or one of the parties has sufficient connections with its territory.
Determining jurisdiction for disputes involving a DAO raises difficulties with regard to the use of connecting factors. One example will suffice to show the difficulty of establishing the link between a DAO and a state or country for the purpose of admitting the jurisdiction of its courts. The rule of jurisdiction which is most frequently applied is the forum of the domicile of the defendant. For a company, the seat is deemed to be its domicile under Swiss law. The seat of a company is deemed to be located at the place designated in the bylaws or articles of incorporation (statutory seat, registered office), or at the place where the company is administered in fact (administrative seat). Assuming that a DAO can be sued in the same way as a company, where is its seat?
Maverick DAOs do not have a seat: they have neither a place of incorporation nor any place of administration that could point to the territory of a specific state or country. Maverick DAOs cannot be linked to a jurisdiction because they are not constituted or organized under a law. Those DAOs are simply launched on a blockchain and profit from the blockchain’s infrastructure to register their “bylaws” (i.e., their code) and to become a publicly visible entity. It is very unlikely that a maverick DAO would designate a seat in its code. Thus, the criterion of the statutory seat or registered office fails to link maverick DAOs to a state or country. Likewise, maverick DAOs do not have a physical place of administration, and the criterion of the administrative seat fails to create any link with a state or country. This criterion can only point to the Internet or the blockchain itself. The other rules establishing the jurisdiction of Swiss courts will also be difficult to apply. For example, where is the place of performance of a smart contract? or the place of occurrence of a hack?
In the end, the problem of the lack of capacity of a maverick DAO to be a party to legal proceedings will always remain. Even if a link can be established between a maverick DAO and Switzerland, it is unlikely that it would have the capacity to be sued as it would most likely be qualified as a simple partnership. In this case, individual members would be at risk of personal liability for the actions and debts of the DAO. In this regard, it will be interesting to see whether the Californian court will find having jurisdiction in the bZx DAO lawsuit and consider individual members personally liable for the damage incurred by plaintiffs.
The position of the members of regulated DAOs is more advantageous. Existing DAO laws require that regulated DAOs be connected to their state or country of incorporation, whether by requiring the registration of the DAO in a company register, by connecting the DAO to a registered company, or by requiring that the DAO be represented by at least one registered person. It can be assumed that all regulated DAOs are required to register in a company register or, at least, to be validly constituted or organized under the law of a state or country which provides a legal framework to DAOs. This allows the criterion of the incorporation to establish a link between a regulated DAO and a specific jurisdiction. This way, even if the activities of a regulated DAO are carried out exclusively on the blockchain, the DAO is always anchored to a jurisdiction. Regulated DAOs can be considered as having a seat at the place of their statutory seat or registered office. Therefore, the courts of the states or countries having adopted DAO legislation – such as the US states of Vermont, Wyoming, and Tennessee, or even the Marshall Islands – may have jurisdiction over disputes involving DAOs that are registered or incorporated in their jurisdiction, or that are constituted or organized under their law. Furthermore, the courts of other states or countries may also have jurisdiction on the ground of the location of the legal relationship itself. For example, Swiss courts may have jurisdiction to hear a dispute arising from a contract to which a regulated DAO is a party if the place of performance of the contract is located in Switzerland. The dispute may be judged by Swiss courts if the DAO is recognized in Switzerland as a foreign company and has the capacity to act before the courts according to the law under which it is incorporated.
Is It Enough To Have Jurisdiction Over A Dispute Involving A DAO?
Challenges to seeking justice in case of a dispute involving a DAO do not end with finding a court having jurisdiction over the dispute. Even if a court has jurisdiction and orders a DAO to transfer crypto assets, the aggrieved party may find it impossible to seek the enforcement of the judgment when the DAO does not comply.
When it comes to enforcing a judgment on the blockchain, the technology prevents authorities from exercising their power of enforcement. The immutability that characterises blockchain technology does not allow any authority to modify the content of the blockchain ledger. Hence, authorities have no enforcement power over crypto assets. As a result, a DAO’s crypto assets cannot be frozen, seized, or confiscated. Authorities cannot force an action upon a DAO either: only the community of members acting within the parameters of the code can trigger an action from the entity. In other words, the enforcement of a judgment rendered by a court can only happen with the cooperation of the DAO community. This leads to a significant risk of non-compliance with the judgment because people know that coercive enforcement is not a realistic option.
Since authorities have no power to enforce on the blockchain judgments rendered by their courts, the efficiency of justice cannot be guaranteed. However, the court could order a compensation (e.g., the payment of damages) to identified members of a DAO in order to circumvent the impossibility of enforcement on the blockchain. This could give the aggrieved party a fallback solution in order to receive compensation. This way, it would be the responsibility of the identified members to convince the DAO community to comply with the judgment, failing which they would find themselves personally liable for the payment of the compensation.
In any case, legal proceedings involving a DAO are long, costly and generate delicate questions as to jurisdiction and applicable law, as well as a significant risk associated with the international enforcement of the judgment. Courts cannot guarantee access to justice in a reliable manner for disputes involving a DAO. Thus, there is a great risk of denial of justice in this matter.
The Solution: Blockchain-based Dispute Resolution Mechanisms For Disputes Involving A DAO
This unsatisfactory situation calls for the search for alternatives to state justice. This leads us not to ask where to take legal action, but what is the most appropriate dispute resolution mechanism to settle a dispute involving a DAO? We believe it is one that takes advantage of blockchain technology and smart contracts. Indeed, actors of the blockchain environment have crypto assets stored in their wallets, such as cryptocurrencies, DAO governance tokens, and NFTs. Although authorities do not have the coercive means to enforce the judgments of their courts on those crypto assets, new dispute resolution mechanisms could be developed with other means to execute their decisions on those assets.
It is therefore not surprising that new online dispute resolution (ODR) mechanisms have emerged for resolving disputes between blockchain users. New generation ODRs have been designed to meet the specific needs of relationships arising in the blockchain environment. Those blockchain-based ODRs can be referred to as “Blockchain Dispute Resolution” (BDR) mechanisms. There are still very few BDRs in operation. Kleros is an example of a BDR that allows parties to submit a dispute to a jury of blockchain users selected at random who judge according to their own conscience without reference to the rules of law. The decision mechanism is formatted according to the precepts of game theory and economic incentives, which encourage jurors to choose the solution that is most likely to be chosen by the other jurors in order to reach consensus and make economic gains.
BDRs are the only dispute resolution mechanisms that can effectively resolve disputes in the blockchain environment because they function within that very infrastructure. The dispute resolution process of a BDR is conducted entirely on the blockchain and performed using smart contracts. Once a dispute is submitted to a BDR mechanism (e.g., a jury composed of blockchain users), a decision is rendered by the jury using a smart contract before being directly and automatically enforced by the smart contract. As a result, the enforcement of the decision does not require the assistance of coercive authorities, as this is done by the technology.
For the time being, BDRs have been limited to conflict resolution mechanisms configured in a binary way where a decision is rendered by choosing between two options. It is likely that more complex BDRs will be developed to allow more complex decisions to be resolved and executed, although the constraints of the technology limit the power of a BDR to enforce its own decisions. Enforcement using a smart contract can only be done on valuable resources placed by the parties within the power of the BDR. For example, if the jury finds that A must transfer 10 ETH to B, that amount of ETH must be placed beforehand in an escrow-type smart contract controlled by the BDR. Direct enforcement on other assets (e.g., a house or a car) would not be possible.
The advantage of BDRs is that they can resolve disputes involving DAOs without being faced with the challenges associated with a party’s lack of legal personality, the determination of the international jurisdiction of the courts, or the risk of non-enforcement of the decision. However, they have disadvantages of their own, which would take too long to discuss here. On a concluding note, if the bZx DAO case had been submitted to a BDR, the case could have been resolved simply by answering “yes” or “no” to the following (not that simple) question: “Are the defendants jointly and severally liable for the losses suffered by the plaintiffs following the hack of the protocol managed by bZx DAO?”. Should the answer be “yes”, an effective BDR should be able to enforce its decision, which means that the amount of cryptocurrency that the plaintiffs requested should be able to be transferred directly and automatically in their respective wallets.
Florence Guillaume is a Professor of Private International Law at the University of Neuchâtel and the Founder of the LexTech Institute.
Sven Riva is a PhD student and research assistant at the University of Neuchâtel.
This post is adapted from their paper, “Blockchain Dispute Resolution for Decentralized Autonomous Organizations (DAO) — The Rise of Decentralized Autonomous Justice”, available on SSRN and can be found in Bonomi & Lehmann (eds), Blockchain and Private International Law (Brill Nijhoff 2022).
The views expressed in this post are those of the authors and do not represent the views of the Global Financial Markets Center or Duke Law.