Author: Peter Todd 2015-01-20 15:46:41
Published on: 2015-01-20T15:46:41+00:00
According to a lawyer with a background in finance law, authors of Bitcoin wallet software probably have a custodial relationship with their users, especially if they use auto-update mechanisms. This has potential legal implications as custodial relationships tend to be pretty highly regulated. In most jurisdictions financial laws, a custodial relationship is defined as having the ability, but not the right, to dispose of an asset. If you have the private keys for your users' bitcoins, you clearly have the ability to spend those bitcoins, thus you have a custodial relationship. However, if you can trivially obtain those private keys, you can also argue you have a custodial relationship. The law isn't a deterministic algorithm; it's a political process. Circle is easy to portray as having a custodial relationship, StrongCoin and Blockchain.info are a little harder, Android Wallet harder still, Bitcoin Core's multi-party deterministically compiled releases even harder. But ultimately we're not going to know until court cases start happening. In the meantime, probably the best advice is to do everything you can to prevent losses through malicious auto-updates. Create systems where as many people as possible have to sign off and review an update before it has the opportunity to spend user funds. Not having auto-updates at all is a (legally) safe way to achieve that goal; if you do have them make sure the process by which an update happens is controlled by more than one person and there are mechanisms in place to create good audit logs of how exactly an update happened. One of the consequences of a custodial relationship is that some legal authority might try to force you to seize user funds. StrongCoin made it 100% clear to authorities that they and sites like them are able to seize funds at will - authorities might use that power in the future.
Updated on: 2023-06-09T15:40:54.004000+00:00