Good faith purchaser for value

Disclaimer: This post is not meant as legal advice and I’m thinking about working up a full legal brief/article on the subject. This post is meant to point out a potential concern over Bitcoin and it’s fungibility.

Many of the legal discussions around Bitcoin concern the potential impact that regulation may have on the emerging digital currency. There are, though, other legal issues afoot. I’d like to address one that recently came to my attention. Two of the appealing characteristics of Bitcoin are the irreversibility of the transactions and the fungible nature of the currency.This makes Bitcoin much more cash-like. It also makes it more susceptible to theft and the continuing problem of stolen addresses plagues Bitcoin. Proposals to blacklist wallets identified as holding Bitcoins stolen or otherwise the result of criminal proceeds has caused division in the Bitcoin community. The concern is that by blacklisting Bitcoin wallets from the blockchain could cause forking and introduce additional regulatory oversight of the currency. Seeing as how many of the early adopters of Bitcoin did so because they wanted a monetary system free from government manipulation, such a proposal runs counter to the original raison d^etre for Bitcoin.

So what happens when the owner of a Bitcoin address follows the blockchain and finally identifies a wallet containing the stolen balance? In other words, the proceeds of theft are transferred to a known merchant dealing in Bitcoin. [What follows is applicable to US law, clearly Bitcoin is international so such analysis may be limited] Under common law, a seller can not convey more ownership in property than they possess. Since a thief has no rights to property his conveyance of possession conveys no rights to the purchaser and thus the purchaser has no rights to convey to future purchasers (“nemo dat quod non habe”). There are some exceptions:

¬†Under the law of good faith purchase as it is embodied in the Uniform Commercial Code (U.C.C.), the nemo dat rule is subject to only two exceptions. First, under the “voidable title” rule, if the original owner is induced-say, by fraud or deceit-to transfer goods under a transaction of purchase, the transferee acquires the power to transfer a good title to a good faith purchaser for value. Second, under the “entrustment” rule, if the original owner entrusts goods to a merchant who deals in goods of the kind, the merchant has the power to transfer the owner’s title to a buyer in the ordinary course of business.

The other common limitation on replevin actions against purchasers is a statute of limitations and requirement that the original owner demand and the purchaser refuse to return the goods within a certain period of time.

The current common law rule places the burden of proof on the receiver of goods, because ultimately they are going to be the one losing the value if the original owner comes to them. The thief is probably long gone. The put the recipient in the awkward position of wanting to know if the good they receive have been stolen and investigating to see if the title is clean. If the original owner is actively publishing that these goods are stolen in a way that the purchaser is on notice, it behooves them not to take possession of the goods. What does this all mean for Bitcoin?

Characteristics when support original owners of Bitcoin coming after recipients

  1. Traceability – The public nature of the ledger puts all Bitcoin transactions in the public sphere. This means that the original owner can potentially follow their Bitcoin balance as it is transferred from thief to future recipients.
  2. Publicity – Related to the traceability, an original owner could publicize the address from which a balance was stolen and because of the searchable nature and traceability of the blockchain, any future recipient from that address or subsequent recipient address would be on notice that they are receiving stolen goods.
  3. Identifiability – While Bitcoin is touted as an anonymous system, the anonymity characteristic is tied to the non-identifiability of addresses owners. However, many address owners are real world merchants and businesses and publicize their Bitcoin address in order to receive payments for goods and services. This makes the likelihood of some downstream recipient of Bitcoin balance being identifiable very high. Even if the thief were to transfer the Bitcoin to an exchange, the transfer out to the regulated fiat currency market and the scrutiny of exchanges to know their customers increases the identifiability of the thief.
  4. Value – When Bitcoin was only worth a few USD, the effort necessary to recover stolen balances was probably not worth it. However, with balances in the millions of dollars being stolen, the time and effort to track down and bring legal action against recipients is now cost effective.

Characteristics which may make it hard for original owners to recover

  1. Fungibility– Money is not generally subject to a replevin action unless it is marked or packaged in such as way as to make it distinguishable. It’s unclear how courts might view Bitcoin addresses as a Bitcoins are not discrete objects but a balance collectively agreed to by the blockchain. There may be actions in trover, dentinue, conversion,¬† or even trespass to chattels. More research into these needs to be done. The problem exists that if a Bitcoin address that receives both “good” and “bad” balances and proceeds to transfer partial balances to different recipients, how then to distinguish the “good” and “bad” balances.
  2. Statute of Limitations – At least with replevin, it is governed by statutes of limitations. This may allow a thief to put the Bitcoins in cold storage long enough to defeat the statutes and then bring the balance out to recover the value at that time.
  3. Proof of ownership – Ownership of a Bitcoin address is proven by possession of the private key. Theft of Bitcoins is generally accomplished by accessing the private key and using that private key to then transfer the balance to another Bitcoin address. How then does the original owner prove that, in fact, the private key was stolen and they are not the ones who initiated the transfer. A Bitcoin owner could transfer the balance, receive goods or services and then sue the recipient or future recipient resulting in a double benefit to the original owner for their fraudulent actions.