
What do you legally “own” with Bitcoin? A short introduction to krypto-property - sergeant3
https://prestonbyrne.com/2018/11/23/what-do-you-legally-own-with-bitcoin/
======
ryan-c
> Unlike physical goods which can only exist in one place at one time, it is
> conceivable that with a powerful enough computer, the solution could be
> found entirely honestly by a third party simply doing some math and
> stumbling upon the answer at random, or by asking the right questions and
> exploiting some as-yet-undiscovered weakness in the implementation.

This really isn't hypothetical - a multitude of poorly designed and
implemented key generation algorithms (brain wallets being one of the worst
examples) have made it computationally feasible to find private keys. I have
the private key for 13Yk7NTC64VEfrBL9KE2NNHDrorcJ3SQbz, which currently holds
a few thousand dollars worth of Bitcoin (and various forks). I found it by
using an algorithm to generate many candidate keys and checking whether they'd
been used. I've previously found much more substantial amounts, and in some
cases have been able to track down the rightful owner.

As far as I'm concerned, finding a key through clever use of computing power
does not entitle one to use it from an ethical standpoint. Legally... well,
I've talked to quite a few lawyers about it. There is no agreement on the
answer, and as the article mentions, it's unclear who would have jurisdiction.

------
aerovistae
I had to do a lot of research to understand this in a technical sense. (I
haven't read the article OP linked.)

I found the answer really interesting: with bitcoin, what you actually _own_
in a technical sense is the cryptographic signature of an output of a previous
transaction on the blockchain. "Owning 10 bitcoin" is intrinsically identical
to "owning the cryptographic keys to a previous transaction whose value was 10
bitcoin, proving you were the recipient and can therefore initiate a new
transaction with the previous transaction's output as an input, thus paying 10
bitcoin to someone else."

~~~
swfsql
The system doesn't really considers ownership. All participants could,
individually but all, simply follow the rule (R):

"this 'address' (x) actually won't spend anything, ever".

Since participants are actually free to move into that rule, that x "owner"
(person X) never owned btc.

Person X can't say he was "disowned"/"robbed"/"stolen". Each participants is
free to do whatever they want with their computers (they could, individually,
even shut it down completely - so everyone could actually shut it down at the
same time and no one ever come back).

If Person X is to "actually own" bitcoins, then he (or someone) owns every
participants computers, so this owner could state (or enforce) the rule "you
shall not move into rule R" (because you would be disowning person X without
X's permission, which would be aggression and be unjust).

So knowing a private key "just happens" to interact with each blockchain on
the participants computers. They "just happen" to not ignore that information,
and interact to it in a certain way. We, in practice, consider the filters the
participants decides to apply as having the effect of simulating ownership.
But Bitcoins are not actually owned by anyone.

~~~
rcxdude
This is potentially semantics, but arguably 'Bitcoin' (or at least the
specific bitcoin you claim to 'own') is defined by the set of rules. Thus if
someone adds another rule, they are not using the same 'Bitcoin' any more. In
that sense you still control it, even if everyone moves to the 'new Bitcoin',
though it will now be worthless.

This does happen in practise, it is what is known as a 'fork', and things can
get complicated, because generally when the rules change most people will be
able to control addresses on both sides of the fork, and more confusingly, it
may be possible to 'transplant' transactions from one fork to another (i.e. if
you start a transfer from address A to address B on one set of the rules,
anyone can also initiate the same transfer on the other set).

Another point, more specific to the example you gave, is that within the rules
of bitcoin, the 'miners' who verify the transactions with a proof of work are
free to choose which transactions they include. If a sufficient percentage of
them choose not to include transactions from a particular address, then it
becomes much slower and/or more expensive to transfer anything out of them.

------
nemo1618
>Unlike physical goods which can only exist in one place at one time, it is
conceivable that with a powerful enough computer, the solution could be found
entirely honestly by a third party simply doing some math and stumbling upon
the answer at random, or by asking the right questions and exploiting some as-
yet-undiscovered weakness in the implementation.

This seems fanciful, but there are in fact UTXOs which could be "owned" by
multiple people without explicitly sharing the key. For example, Peter Todd
created an UTXO that you spend by proving that a sha1 collision (any
collision) exists [1]. Two parties could thus acquire ownership independently.

[1]
[https://bitcointalk.org/index.php?topic=293382.0](https://bitcointalk.org/index.php?topic=293382.0)

~~~
PeterisP
Following the context set by article, it's worth noting that it would be far
more accurate to not use the word "owned" in your sentence - you could say
such UTXOs are _controlled_ by multiple people without explicitly sharing the
key, two parties can acquire _control_ independently, but, as the article
describes, that's not exactly the same as the legal concept of ownership.

~~~
pjbyrne
Bingo. This is the sort of scenario for which the courts don't currently have
rules to decide to whom the coins (qua krypto-property) should belong.

~~~
esotericn
The entire point of such a transaction is that the courts _do not_ decide it.

The construction was specifically designed such that the person who figures
out the hash collision is the owner.

The courts having rules to decide whom the coins belong is meaningless in that
context.

Who owns a Barbie doll? Is it Mummy, Daddy or the child? It's not a matter for
courts to decide because the question is meaningless.

~~~
PeterisP
Ownership is a legal concept, and thus it's up to the legal system to decide
if "the person who figures out the hash collision is the owner", or if in
certain cases it's not.

Yes, it may be hard to enforce a judgement, especially if the other party
can't be identified or located. However, if the other party _is_ reachable,
then the courts can certainly force that person to, for example, reverse the
transactions, or compensate the rightful owner (as determined by courts, not
the algorithms), or have their stuff and liberty taken away by angry armed
men.

The process was designed so that the person who figures out the hash collision
has full de-facto control, but the designers of a cryptocurrency have no say
in what the rules for legal ownership are, that's up to the legislators - and
just as for many existing (including physical things) having full control does
not imply ownership, i.e. the right to freely act with that thing without it
being forcibly taken away, and the right to have your property protected by
the state if someone (including someone who has the key) takes your property.

~~~
esotericn
The users of a cryptocurrency are able to ignore the 'legal ownership' rules,
though - they implicitly opt-in by using the system.

This is the key distinction between actually using _Bitcoin_ (i.e. running a
full node and creating transactions), and using custodial Bitcoin (outsourcing
it all to a third party using legal constructs).

If you're saying that the users of the cryptocurrency can't opt-out of the
legal system - sure, no-one can opt out against men with guns (in practice
what ends up happening is everyone hiding under pseudonyms and introducing a
whole bunch of friction in an attempt to do it anyway).

I suppose my comment is intended to illustrate that this is all a sort of
shell game played by non-participants.

Essentially, lawyers trying to glue themselves onto and extract consulting
fees or whatever from a system which does not require them.

Repeated again for the sake of clarity - if men with guns ultimately decide
transactions on the blockchain, the entire system is pointless. We can just
delete it. We don't need the horrendously expensive resolution mechanism of
PoW in that case, because there's already a resolution mechanism, that of men
with guns.

------
tomc1985
This looks a lot like bearer-bonds to me. Anyone knowing ("bearing") the key
and having the means to use it is effectively the owner, except that ownership
can be copied because digital. Pretty dangerous...

Perhaps the legal response here should be dismissal.

~~~
PeterisP
The lawyer in this article asserts that "Bitcoin is most assuredly not a
bearer asset or chattel, though."

It may _technically_ have similar properties as bearer assets, but legally
it's different. A bearer instrument is a document which is an explicit legal
contract granting certain _legal_ rights. A Bitcoin private key is not a
document or a contract (an implicit contract as in "the system works this way,
you can look at the description and everybody should know that" doesn't
count), it's just some numbers, so it does not fulfil the criteria of laws
about bearer assets. And if it did match these criteria, that would not be a
good thing, since there are all kinds of prohibitions and restrictions on
bearer assets due to their potential usage in money laundering. So while it is
very similar to bearer assets regarding _de facto_ control, it's not similar
to bearer assets regarding _de jure_ ownership.

~~~
craftyguy
> The lawyer in this article asserts that

Has this been tested in court? Lawyers say all kinds of things, but the set of
proven-correct things they say is smaller than the set of all things they say.

~~~
PeterisP
The main point of this article is that there is _nothing_ in current case law
regarding the concept of cryptocurrency ownership, these questions have never
been raised in courts yet, so all we can do to evaluate what's likely to
happen is to apply analogies from the existing case law regarding non-crypto
intangible assets, from which this article cites quite interesting cases.

------
zby
""" What hasn’t happened yet, and what invariably will happen as more and more
cases hit the courts, is that someone will ask the question, “what property
classification do we apply to Bitcoin – WTF is it that Bob actually owns?” """

Well - this question has been asked for taxation purposes. In particular it
was answered by a Polish court in
[http://orzeczenia.nsa.gov.pl/doc/C8296DC8B9](http://orzeczenia.nsa.gov.pl/doc/C8296DC8B9)
\- and the courts answer is that it is a 'prawo majątkowe' (google translate
suggests "property law" \- but I am not a lawyer - and it probably is not just
'property'), and that it is not money nor financial instrument.

------
will_brown
It seems over thought. Blockchain is essentially a ledger (don’t even worry
about the distributed part), and the bitcoin associated with a public address
(wallet) is accessible to the holder(s) of the private key of the address. In
my mind there is digital access to a digital account, while in theory the
account is immutable and transactions on the ledger are immutable (ie no need
to worry about double spend in this system) access can be lost or stolen.

That’s it! Ownership, like its suggested by the lawyer...well like all things
in law: “it depends” and what it depends on are the facts as applied to
ownership laws of local jurisdiction

------
swfsql
Bitcoin in essence is not digital. If we could remember as good as hard-
drivers, calculate as fast and consistently as CPUs, and perhaps communicate
as efficiently as bits travel over the internet, Bitcoin would run in our
minds only. And it would run for real.

Therefore, the only actually physical attachment it must have is ourselves,
our minds, and (any) communication channels.

Bitcoin being mental before digital (I see digitization as just making it more
practical), we surround the "owning question": do we own other peoples bodys
or minds? Nope, we don't.

So Bitcoin is not, even remotely, private property.

------
esotericn
One section of this article is fairly accurate - a custodial holder of an
asset (e.g. a bitcoin exchange) doesn't "own" the asset.

They have a contractual liability to the actual owner completely irrespective
of any on-chain activity. It's not really even a "Bitcoin". The customer
doesn't care whether they get the same Bitcoin back - they just want A Bitcoin
and a legal agreement was specifically entered in to for safekeeping.

Outside of that, the majority of the article seems like someone external to a
system trying to muscle their way in and exert authority over the participants
in that system.

There already exists a mechanism to determine ownership in Bitcoin (e.g.
"physical" Bitcoin, the cryptographic system).

A UTXO requires a puzzle to be solved in order for it to be released. This
puzzle may or may not require the input of multiple parties.

The participants in that system accept this basis.

A court _cannot_ force a Bitcoin holder to give up their key except in
specific cases with naive/bad key management. It is actually impossible to
seize. Cooperation is required.

People can be locked in boxes, but a sole owner of a private key is the owner
a priori because no legal title is required in order for them to maintain sole
use.

It's literally the entire point of the system - if you revert to Men With Guns
as the dispute mechanism then you may as well scrap the whole thing and use
traditional banking.

------
FrozenVoid
The best analogy for cryptocurrency is combination locks. Imagine an anonymous
public box, locked by a combination lock. This is the "address". The owner
just has exclusive knowledge of correct combination("security by obscurity")
but he doesn't have anything else to prove ownership.

~~~
rcxdude
That's not "security by obscurity". Security by obscurity is relying on
keeping the working of the combination lock secret. All cryptography depends
on keeping some information secret, it's just that in good cryptography what
is kept secret is relatively small and well-defined (and hard to guess).

~~~
FrozenVoid
Its exactly this. All the "ownership" information is behind a secret number.
If you know/guess/steal the number you have ownership. If you have the entire
blockchain you can bruteforce checking millions of hash inputs for any
matching addresses in the blockchain and empty them all of coins. There is
nothing stopping this and it will become viable as devices will be built to
bruteforce random wallets or use a variant of rainbow tables to speed it up.

~~~
rcxdude
I think you underestimate the resources needed to do this. There is literally
not enough energy or matter in the universe to enumerate all the possible
wallet private keys. 'rainbow tables' are not useful here (they save you from
having to do this impossible task more than once...). You can attack private
keys which have not been generated properly, such that there is a sufficiently
small number of candidates (broken or malicious RNG usage or deriving the
private key directly from a user-created password), but a general brute-force
attack on even a random well-created wallet is utterly infeasible.

Now, securing the storage of the private key is a much more difficult problem,
and the fact that it is so easy to lose access to your funds (by losing the
storage medium it is stored on without having backups) or have them stolen
(through phishing, viruses, etc) is a legitimate criticism of bitcoin, at
least for the general user who is ill-equipped to deal with a piece of data
which is worth so much but both must be secret and cannot be lost.

------
gohbgl
Why does the question of ownability even arise?

In my mind the purpose of property rights is to resolve conflicts over scarce
resources. So what is the conflict with Bitcoin?

~~~
swfsql
Conflicts such as government arresting you for "owning cryptos". Or not
reporting you "own cryptos".

But it's also pretty far from other known forms of money. It's certainly an
opportunity for new philosophical/economical insights.

------
rasengan
The people (all people) own all of the bitcoins. Usability and control is
delagated by control of the private key.

------
esotericn
What does "Is that legal" actually _mean_ in this context?

It's clearly not _illegal_ for me to own a private key.

Bitcoin users generally accept that if they lose sole access to their keys,
they lose sole access to their funds. It's an opt-in system.

The fact that such opt-in systems may be rendered impossible due to the
application of force is a tremendous flaw in the legal system; it's not
otherwise an interesting question.

If I post this comment and claim it's public domain, and some legalistic
construct pops through a side channel and claims that in my jurisdiction
public domain doesn't exist; clearly my personal attribution takes precedence.

~~~
TheDong
> It's clearly not _illegal_ for me to own a private key.

How is that clearly true? Under the computer-fraud-and-abuse act, it's
probably illegal for you to own information on my server I don't intend you to
own (if you got it from my server at least).

If I worked at a certificate authority and stole the signing key they used,
quit, and began minting certificates, I can assure you I would be prosecuted
and found guilty (both for damage to the company, for stealing company
property, violating my contract, and probably a CFAA violation to boot).

There are plenty of numbers that you can't legally have on your computer under
certain circumstances [0].

All of this relates to "the color of bits"[1], which is to say what's legal
and not legal depends on more than just the number. If you steal someone's
private key, that's probably illegal. If you are given it or derive it by
chance, it's possibly legal. If you use it to steal their bitcoin, even if
derived by chance, that's probably illegal (the law doesn't really care about
the details of bitcoin, it's still a thing of value that's owned by an
individual).

The law doesn't care that all those bits are the same; some of them are legal,
some of them are not, and we as technical people don't like that.

> claim it's public domain, and some legalistic construct pops through a side
> channel and claims that in my jurisdiction public domain doesn't exist;
> clearly my personal attribution takes precedence.

That also doesn't seem clear to me. In reality, no one will care enough for it
to be an issue, but it seems legally arguable.

I would like to again refer you to the second post I linked. As a technical
person, you don't want to think about how arbitrary and situational the law
is, especially in technical issues that seem like they should be clearcut. The
reality is much more complicated.

[0]:
[https://en.wikipedia.org/wiki/Illegal_number](https://en.wikipedia.org/wiki/Illegal_number)

[1]: [http://ansuz.sooke.bc.ca/entry/23](http://ansuz.sooke.bc.ca/entry/23)

