White Paper - Receipt of BTC From Unknown Person

[TheButterZone]

White paper published (open for editing forks on GitHub) here

Inspired by https://bitcointalk.org/index.php?topic=133122.0 and https://bitcointalk.org/index.php?topic=133299.0

I want to keep this Legal forum topic to just legal discussion and not speculation/douchebaggery about mine specifically, like my locked thread turned into. Please limit your replies, or I can delete them.

[1714061563]

1714061563

[1714061563]

1714061563

[1714061563]

1714061563

[1714061563]

1714061563

[Luke-Jr]

My review/concerns:

• "The bitcoin network thrives on anonymity" is wrong. Bitcoin is not anonymous, nor intended to be. When bitcoin experts come across people making this claim, they correct them. Was this premise presented to the lawyers, or established by them somehow?
• The section "Never just send bitcoins back to someone you don’t know." implies one can be criminally liable for sending bitcoins to someone who has ulterior motives for the coins, despite having no knowledge of that intent. This seems absurd, as it would make nearly all transacting in bitcoins impractical.
• This does not seem to clearly cover the case of accidental transaction fees. The argument that the bitcoins were not lost does not seem to apply in that case. An accidental transaction fee is merely forgetting to include a change output in your transaction. The loser has not explicitly set any destination for the lost bitcoins.

I gladly defer legal matters to the lawyers, but it would be nice if they would comment on the above concerns.

[gmaxwell]

"UP purposely entered in JD’s bitcoin address information and initiated the the transfer of bitcoins from his bitcoin address to JD’s"

Except that isn't part of the facts in this case.  UP may have intended to enter a different address, UP may have intended to send a different amount. A reasonable person would not believe that 500 BTC just showing up for no reason were a gift.

Most (all?) states have statutes governing mis-shipped and found property— I would suggest looking there for guidance rather than focusing myopically on UCC which is silent on the matter especially when doing so has clearly resulted in legally incorrect conclusions.

Seriously, you're calming that someone who miswrote $1000 on a payment for $50 would have no remedy?  I suspect someone's JD may have been sent to the wrong address.
 

[TheButterZone]

Luke-Jr & gmaxwell, would you like to raise these concerns on GitHub too? The lawyers should get email notifications, I think.

[Luke-Jr]

Luke-Jr & gmaxwell, would you like to raise these concerns on GitHub too? The lawyers should get email notifications, I think.

I sent a copy of mine to the lawyers' emails.

[gmaxwell]

Luke-Jr & gmaxwell, would you like to raise these concerns on GitHub too? The lawyers should get email notifications, I think.

I asked my lawyer to look at it. (Not that I care much about the particular issue, but I am interested if people are letting their politics get in the way of giving solid legal opinions to the community)

[simplydt]

Does this mean if I create a few thousand bit coin addresses I have a good chance of getting free money from the Russian/Chinese black market? Jokes aside, thanks for the whitepaper, I will remember to not send the coins back if it ever happens to me.

[davidspitzer]

White paper published (open for editing forks on GitHub) here

Inspired by https://bitcointalk.org/index.php?topic=133122.0 and https://bitcointalk.org/index.php?topic=133299.0

I want to keep this Legal forum topic to just legal discussion and not speculation/douchebaggery about mine specifically, like my locked thread turned into. Please limit your replies, or I can delete them.

The main problem would the reasonableness or the ability to discover the identity of the person who sent you the money. If said person was to contact you and inform you that the sent the money to you in error, that actual knowledge would likely be enough to trigger criminal and tort liability if you refuse to return it. What constitutes a reasonable attempt to find the person is a matter of factual debate which would be a combination of local, federal and case law.

Keeping any money wrongly credited to your account, could lead to you being charged with ‘Retaining wrongful credit’. The 1968 Theft act defines this as: "A person is guilty of theft if he dishonestly appropriates property belonging to another with the intention of permanently depriving the other of it".

It goes on to say that: "A person is guilty of an offence if:

(a) a wrongful credit has been made to an account kept by him or in respect of which he has any right or interest;
 

(b) he knows or believes that the credit is wrongful; and (c) he dishonestly fails to take such steps as are reasonable in the circumstances to secure that the credit is cancelled."

[prophetx]

Cant u just send the btc back to the originating address?  Why is that so difficult?  You get an envelope in the mail with a check made out to cash.  You either return it to the sender or you cash it.

[optimator]

The white paper of seems to echo what I've heard: "If you control the private key, you own the bitcoins"

While in practice controlling the private key does indeed give you access to the bitcoins, legally it may be a different story. Consider:

1) Who owns the coins when a private key collision occurs through a poorly chosen brain wallet passphrase? For example, say I choose "Correct horse battery staple" as my brain wallet phase and I then discover there are 10 btc in my account. Who owns the bitcoins?

2) A little more obscure, but, assume a poor implementation of a wallet, something like Instawallet. A little google hacking and you find a list of bitcoin containing URLs. Who owns those bitcoins?

3) You fire up a gpu farm to guess at passphrases for brain wallets. Who owns the bitcoins?

4) You examine the blockchain for weak implementations of deterministic wallets. Finding an exploitable transaction you recover the private key. Who owns the bitcoins?

[BTCBuyer]

The white paper of seems to echo what I've heard: "If you control the private key, you own the bitcoins"

While in practice controlling the private key does indeed give you access to the bitcoins, legally it may be a different story. Consider:

1) Who owns the coins when a private key collision occurs through a poorly chosen brain wallet passphrase? For example, say I choose "Correct horse battery staple" as my brain wallet phase and I then discover there are 10 btc in my account. Who owns the bitcoins?

2) A little more obscure, but, assume a poor implementation of a wallet, something like Instawallet. A little google hacking and you find a list of bitcoin containing URLs. Who owns those bitcoins?

3) You fire up a gpu farm to guess at passphrases for brain wallets. Who owns the bitcoins?

4) You examine the blockchain for weak implementations of deterministic wallets. Finding an exploitable transaction you recover the private key. Who owns the bitcoins?

Hello optimator,

I believe at the heart of the confusion is the legal term "control." In my understanding, control encompasses not only physical control, but also legal and authoritative control, as well as intent.

1) For your first scenario, if I understand it correctly, if a person mistakenly got hold of a different brain wallet, who owns the bitcoins? In this case, it would not be the person who innocently and mistakenly got hold of that particular wallet. However, if the intent is to acquire that wallet with a malicious mind to use the bitcoins from within the wallet, then that appears to mean "control" of the bit coins. This balancing test between what is "malicious" intent, depends on the fact pattern and the mind set of the actor at play in that particular scenario.

2) In this scenario, it is a bit more clear to me as to who is the controller. Before the hacking of the account, the original owner would be legally responsible for his or her act up until the point the hacker got hold of that particular account. After which point, the hacker had the malicious intent to use the account and had actual authoritative control, therefore "controls" that account in the legal sense.

Scenario (3) and (4) led me to the same conclusion as (2).

Let me know your thought process when you go over my analysis. I am interested in your application of the facts and law, as this legal field is still left to be clarified.

BTCBuyer Team.

[optimator]

Let me know your thought process when you go over my analysis. I am interested in your application of the facts and law, as this legal field is still left to be clarified.

BTCBuyer Team.

I would agree that acquiring a private key with malicious intent would mean that you have stolen the bitcoins. Just because you can doesn't mean you should.

However, I'm not sure about the brain wallet passphrase collision. Are you supposed to "un-see" the passphrase. Pretend that it never happened?

How is a passphrase collision any different from unknown coins being sent to an address you control?

Here are some additional thoughts:

You are walking down the street and you see some bitcoins on the sidewalk and you pick them up and deposit them into your wallet. I would argue those bitcoins are yours. The same as if you saw a Euro in the gutter and picked it up.

I believe the general legal reason for this is that one has a claim to found property against everyone except the rightful owner. Since you can't determine the rightful owner of the Euro in the gutter (or the btc private key on a piece of paper) the money is yours.

More interesting is the application of the concept of lost property or a treasure trove. Take the example of a weak brain wallet. What if those coins haven't moved in 5 years? 10 years? 30 years? Is there a point where those coins become "lost" and you are able to claim them (because you have the private key from the weak brain wallet passphrase) against everyone but the rightful owner?

I suppose you could argue that a brain wallet passphrase collision is "found" property and that even though you don't know who owns the coins, you do know there is a rightful owner and the coins are not yours.

Interesting conversation.

[BTCBuyer]

Let me know your thought process when you go over my analysis. I am interested in your application of the facts and law, as this legal field is still left to be clarified.

BTCBuyer Team.

I would agree that acquiring a private key with malicious intent would mean that you have stolen the bitcoins. Just because you can doesn't mean you should.

However, I'm not sure about the brain wallet passphrase collision. Are you supposed to "un-see" the passphrase. Pretend that it never happened?

How is a passphrase collision any different from unknown coins being sent to an address you control?

Here are some additional thoughts:

You are walking down the street and you see some bitcoins on the sidewalk and you pick them up and deposit them into your wallet. I would argue those bitcoins are yours. The same as if you saw a Euro in the gutter and picked it up.

I believe the general legal reason for this is that one has a claim to found property against everyone except the rightful owner. Since you can't determine the rightful owner of the Euro in the gutter (or the btc private key on a piece of paper) the money is yours.

More interesting is the application of the concept of lost property or a treasure trove. Take the example of a weak brain wallet. What if those coins haven't moved in 5 years? 10 years? 30 years? Is there a point where those coins become "lost" and you are able to claim them (because you have the private key from the weak brain wallet passphrase) against everyone but the rightful owner?

I suppose you could argue that a brain wallet passphrase collision is "found" property and that even though you don't know who owns the coins, you do know there is a rightful owner and the coins are not yours.

Interesting conversation.

Hello Optimator,

I am not technically well versed in the field, so I do not truly understand the programming that is involved behind a passphrase collision and an unknown coin being sent to an address I control.

To me, if a passphrase collision is one that is simply a mechanical or technological malfunction, then there is no issue of malicious intent or control. The issue is simply that of miscommunication within the system that needs clarification. Similarly, an unknown coin being sent to an address that I control, would not be my coin, and therefore I should not be legally held responsible.

The main issue then becomes how can we clarify between (1) actual and intentional control of the coins being sent over and (2) those that we have no control over and therefore we should not be held liable.

I believe that in order to progress, we need a centralized mechanism to report these issues. But this comes into tension between (1) privacy and autonomy of the Bitcoin user and (2) fraud protection. If we can establish a centralized mechanism for reporting, at least there is a case to build for  the innocent user with the unknown coin being sent over. However, this method of course is subject to abuse where the innocent user is not so innocent and fraudulently files the report to the centralized agency to cover any legal responsibility. But note, at this point, the fraudulent user will actually have to forfeit that particular bitcoin fund. Therefore the user may not be incentivized to fraudulently files, and this system might work to help users legally.

In regards to the discussion point between lost property or treasure trove, I think it truly rests on the intention of the user. This is truly difficult to evaluate, therefore the user should be careful and cautious to document his or her action, so to guard against legal actions.

What regulatory mechanism do you suggest for this issue of "control?"

BTCbuyer Team.

[optimator]

The main issue then becomes how can we clarify between (1) actual and intentional control of the coins being sent over and (2) those that we have no control over and therefore we should not be held liable.

I believe that in order to progress, we need a centralized mechanism to report these issues. But this comes into tension between (1) privacy and autonomy of the Bitcoin user and (2) fraud protection. If we can establish a centralized mechanism for reporting, at least there is a case to build for  the innocent user with the unknown coin being sent over. However, this method of course is subject to abuse where the innocent user is not so innocent and fraudulently files the report to the centralized agency to cover any legal responsibility. But note, at this point, the fraudulent user will actually have to forfeit that particular bitcoin fund. Therefore the user may not be incentivized to fraudulently files, and this system might work to help users legally.

In regards to the discussion point between lost property or treasure trove, I think it truly rests on the intention of the user. This is truly difficult to evaluate, therefore the user should be careful and cautious to document his or her action, so to guard against legal actions.

What regulatory mechanism do you suggest for this issue of "control?"

BTCbuyer Team.

I've given the issue much thought and happened across this reference, a legal challenge, to the introduction of Scottish Banknotes in 1695.

At issue was whether the recipient of a tainted banknote could be held responsible for previous illegal acts committed with the banknote. Essentially, does the holder of a banknote (bitcoin) have free and clear title to that note despite its previous history?

The Royal Bank of Scotland prevailed in the lawsuit. The legal argument essentially said that not providing title upon acceptance of a banknote "would be to render the Notes absolutely useless, and consequently would in a great Measure deprive the Nation of the Benefit of the Banks, which could hardly subsist without the Circulation of their Notes".

I would suggest the same for bitcoin. That the holder of the private key must have free and clear title to the bitcoins represented by the private key.

Any centralize repository of tainted coins would, in effect, inhibit the free circulation of bitcoins making them, in the words of the 18th Century court "absolutely useless".

Of course, just like paper currency, the acquisition of a private key by fraudulent means should be illegal.