Recovery actions for stolen Bitcoin

[rjcesq]

Given the continued publicity around stolen Bitcoin, I thought it might be worth examining the possibility of recovery from future possessors. I'd actually like to get into a full law review article on this topic. If any lawyers would like to co-author this paper with me, please get it touch. I've written a preliminary blog post on it at http://rjcesq.com/?p=15

[1715301352]

1715301352

[1715301352]

1715301352

[justusranvier]

Bitcoins can not really be stolen.

Private keys can be stolen via unauthorized access to someone's computer (malware).

Contracts can be broken, such as the implicit agreement between an exchange and the customers who deposit funds there.

That's all outside Bitcoin though. Bitcoin is just a timestamping and script processing engine.

Bitcoin has no concept of the validity of a transaction beyond the question of whether all the scripts evaluate correctly.

Legal theories are of limited use here, since they are geographically-limited and Bitcoin is global.

The only effective use of resources in this matter is prevention, not recourse.

[Adrian-x]

Bitcoins can not really be stolen.

Private keys can be stolen via unauthorized access to someone's computer (malware).

Contracts can be broken, such as the implicit agreement between an exchange and the customers who deposit funds there.

That's all outside Bitcoin though. Bitcoin is just a timestamping and script processing engine.

Bitcoin has no concept of the validity of a transaction beyond the question of whether all the scripts evaluate correctly.

Legal theories are of limited use here, since they are geographically-limited and Bitcoin is global.

The only effective use of resources in this matter is prevention, not recourse.

I like this.

Effectively the blockchain is a tool that can be used to identify where the unauthorized action took place and possibly link it to an offender.  But the Bitcoins are neutral.

[bryant.coleman]

We need a (paid) service to recover coins which are stolen through hacking / phishing. Just like the bankers who use the help of recovery agents to get back the amount paid out as loans.

[Cryddit]

I don't think that's technically possible unless some central power retains a "master key" that can arbitrarily modify the blockchain.  And if some central power does, it's very hard to trust that they won't abuse it. No such key exists for Bitcoin, so unless you change the protocol to use the NIST curves or something, where a backdoor already exists, nobody can do that. And if you proposed such a change, you'd make most owners of Bitcoin really angry.

Further, opinions vary on what constitutes "abuse."  You can't really have someone enforcing US law on the blockchain when the coins are circulating worldwide. 

[User705]

Given the continued publicity around stolen Bitcoin, I thought it might be worth examining the possibility of recovery from future possessors. I'd actually like to get into a full law review article on this topic. If any lawyers would like to co-author this paper with me, please get it touch. I've written a preliminary blog post on it at http://rjcesq.com/?p=15

Since you are a lawyer why don't you define legal possession and how that concept can be applied to bitcoin for starters.

[bryant.coleman]

I don't think that's technically possible unless some central power retains a "master key" that can arbitrarily modify the blockchain.  And if some central power does, it's very hard to trust that they won't abuse it. No such key exists for Bitcoin, so unless you change the protocol to use the NIST curves or something, where a backdoor already exists, nobody can do that. And if you proposed such a change, you'd make most owners of Bitcoin really angry.

Further, opinions vary on what constitutes "abuse."  You can't really have someone enforcing US law on the blockchain when the coins are circulating worldwide. 

No no... I am not talking about modifying the blockchain. I am just talking about a service which can track thieves and get the coins back from them by force.

For example, look at the recent Sheep Marketplace scam. Some users are tracking down the thief, in order to recover the coins from them. Why can't we create a similar service, which will trace hackers and thieves, to force them to bring back the coins which they have stolen.

[Parzival]

For example, look at the recent Sheep Marketplace scam. Some users are tracking down the thief, in order to recover the coins from them. Why can't we create a similar service, which will trace hackers and thieves, to force them to bring back the coins which they have stolen.

How could  any private service force anyone to  give the stolen coins back? They could perhaps find the thief like a private detective. But using force would be illegal.

[bryant.coleman]

How could  any private service force anyone to  give the stolen coins back? They could perhaps find the thief like a private detective. But using force would be illegal.

If stealing the coins are not illegal, then getting them back is also not illegal. This hacking / stealing issue is scaring a way a lot of noobs from Bitcoin. In fact, I'd say that if not for the thieves, the market cap of BTC could have easily crossed 30 billion USD by now.

[darkmule]

Some throwaway thoughts on the replevin issue.  I'm not sure that's the appropriate remedy, particularly because of the inequity to innocent good faith purchasers.  Imagine this:  thief scams 10 BTC a couple years ago when it was worth much less.  Buys a number of trivial items for 1 BTC each.  Now, someone actually sleuths out who the thief is and where the money went.  It was to these ten merchants for a variety of $5 items.  The 1 BTC is worth $1,000 now.  To return that BTC (and the merchant probably could not return the actual BTC because that particular BTC is probably long-spent), the merchant would have to take a $995 bath.  Additionally, replevin requires the return of a specific item.  The merchant probably doesn't have this specific item any more.  Replevin can't require you to "return" an item you don't have, or substitute an item that just happens to be like it.

Additionally, the whole idea of boycotting particular BTC (basically destroying its value forever) would be considered breaking the protocol.  If there is something courts should not be encouraged to do, it is that.  Additionally, just as a matter of practicality, there are current technical proposals (specifically BIP 0032) that would render this kind of sleuthing much more difficult.  One pool (Eligius run by Luke-Jr) has recently started discouraging and de-prioritizing the kind of address reuse that would make going after merchants practical.  

Now, I agree that obviously, the thief is responsible to return the BTC, but I can't see a judgment ordering return in the form of a cryptocurrency.  How would the court administer such a thing and decide between conflicting claims when scammer claims he shipped and judgment creditor claims he didn't?  Expert testimony about BTC?  Costs money.  Lots of it.  Probably more than it's worth.

I think the plaintiff would be entitled to a money judgment in the form of the original money value of the BTC, plus something in the form of incidental and consequential damages (in a contract action), punitive damages if the conduct was particularly to be discouraged (and some other tort was involved), and otherwise.  Oh, and legal fees.  Because until you're getting into the million dollar territory, prosecuting the first few cases like this is going to be an uphill slog and require explaining highly technical subjects to 70 year old judges.

An action in the nature of trover also makes some sense, i.e. a verdict for the value of the lost commodity.  While arguably, BTC is identifiable rather than purely fungible, you could say that about actual cash, too.  It has serial numbers.  There's even a searchable database, as an example, of the serial numbers in the D.B. Cooper heist.  Money may be generally fungible, but in some cases, it can be identified as being particular stolen money.

While I understand why plaintiffs would desire to be able to go after merchants (since thieves are often judgment proof losers), especially for the current value of BTC they lost in scams which has since vastly appreciated in value, it would be grossly inequitable to the merchants, actual enforcement would be so disastrous to merchants that unless miners changed the protocol to make such a regime unenforceable (BIP 0032 would be a nice start), they would flee the market, and it would basically amount to a windfall for the plaintiffs.

[seanneko]

If stealing the coins are not illegal, then getting them back is also not illegal. This hacking / stealing issue is scaring a way a lot of noobs from Bitcoin. In fact, I'd say that if not for the thieves, the market cap of BTC could have easily crossed 30 billion USD by now.

The thief is probably in a different country to you. Just because their laws may not necessarily stop them hacking into your computer (or maybe their law enforcement is too lazy to do something about it), doesn't mean the same applies in your country.

[rjcesq]

Some throwaway thoughts on the replevin issue.  I'm not sure that's the appropriate remedy, particularly because of the inequity to innocent good faith purchasers.  Imagine this:  thief scams 10 BTC a couple years ago when it was worth much less.  Buys a number of trivial items for 1 BTC each.  Now, someone actually sleuths out who the thief is and where the money went.  It was to these ten merchants for a variety of $5 items.  The 1 BTC is worth $1,000 now.  To return that BTC (and the merchant probably could not return the actual BTC because that particular BTC is probably long-spent), the merchant would have to take a $995 bath.  Additionally, replevin requires the return of a specific item.  The merchant probably doesn't have this specific item any more.  Replevin can't require you to "return" an item you don't have, or substitute an item that just happens to be like it.


I agree that replevin is probably not the correct cause of action, but I'm not sure. I'd like to look more into how courts deal with cash or cash equivalents in replevin actions. I'm not sure I agree with your theory of increased value. If someone stole stocks/bonds from me and the value of the stock doubled in that time, could I not recover those particular stocks/bonds? Could the same be said for a bar of gold? The merchant is not taking a $995 bath. I mean his loss in value is $995 but he still loses only one BTCwhich is what he sold his wares for to the thief. He is returned to his original position less the loss of whatever wares he sold for the 1 BTC.

Additionally, the whole idea of boycotting particular BTC (basically destroying its value forever) would be considered breaking the protocol.  If there is something courts should not be encouraged to do, it is that.  Additionally, just as a matter of practicality, there are current technical proposals (specifically BIP 0032) that would render this kind of sleuthing much more difficult.  One pool (Eligius run by Luke-Jr) has recently started discouraging and de-prioritizing the kind of address reuse that would make going after merchants practical.  

I'm not suggesting that boycotting be built in, but consider this: when you are approached in a parking lot by a guy offering to sell you stereo equipment at a low rate, you're possibly liable for dealing in stolen goods. Similarly,  high profile thefts and associated addresses of Bitcoin are publicize and you're put on notice, accepting payment from these addresses (or even downstream addresses) is not going to be looked at favorably by the courts. I haven't looked at the proposals and will look into them in more detail.

Now, I agree that obviously, the thief is responsible to return the BTC, but I can't see a judgment ordering return in the form of a cryptocurrency.  How would the court administer such a thing and decide between conflicting claims when scammer claims he shipped and judgment creditor claims he didn't?  Expert testimony about BTC?  Costs money.  Lots of it.  Probably more than it's worth.

With heists in the millions of dollars, it could be worth it to bring in expert testimony. What happens if Bitcoin reaches $10,000?

I think the plaintiff would be entitled to a money judgment in the form of the original money value of the BTC, plus something in the form of incidental and consequential damages (in a contract action), punitive damages if the conduct was particularly to be discouraged (and some other tort was involved), and otherwise.  Oh, and legal fees.  Because until you're getting into the million dollar territory, prosecuting the first few cases like this is going to be an uphill slog and require explaining highly technical subjects to 70 year old judges.

An action in the nature of trover also makes some sense, i.e. a verdict for the value of the lost commodity.  While arguably, BTC is identifiable rather than purely fungible, you could say that about actual cash, too.  It has serial numbers.  There's even a searchable database, as an example, of the serial numbers in the D.B. Cooper heist.  Money may be generally fungible, but in some cases, it can be identified as being particular stolen money.

While I understand why plaintiffs would desire to be able to go after merchants (since thieves are often judgment proof losers), especially for the current value of BTC they lost in scams which has since vastly appreciated in value, it would be grossly inequitable to the merchants, actual enforcement would be so disastrous to merchants that unless miners changed the protocol to make such a regime unenforceable (BIP 0032 would be a nice start), they would flee the market, and it would basically amount to a windfall for the plaintiffs.


I have to disagree with this windfall theory. If I had 1 BTC (worth 5 USD) and it was stolen and then a year later it is worth 1000 USD, I'm in the same position that I would have been had the thief never stolen my BTC. Similarly with the merchant, if I sold my good for 1 BTC (worth $500 at the time) and now I have to return the 1 BTC because it was stolen, then I'm out 1 BTC, regardless of value. HOWEVER, if I no longer have the 1 BTC, because I used it to purchase goods and services my self (or exchanged it) then (1) I no longer have the BTC to return (under a replevin action) or (2) I should only be liable for the value ($500) at the time I received it. Again, all good legal arguments, lets write a law review article!

[rjcesq]

Since you are a lawyer why don't you define legal possession and how that concept can be applied to bitcoin for starters.

It is certainly subject to debate. My argument would be that possession of the privacy key constitutes the ownership and right to access the value denoted in the blockchain ledger. That is the basic premise of Bitcoin, correct?

[bryant.coleman]

The thief is probably in a different country to you. Just because their laws may not necessarily stop them hacking into your computer (or maybe their law enforcement is too lazy to do something about it), doesn't mean the same applies in your country.

Then we can set up this service in some country where theft is illegal and thieves can be caught using whatever means. May be Saudi Arabia?

Hacking in to someone's computer is punishable everywhere. Correct me if I am wrong. 

[User705]

Since you are a lawyer why don't you define legal possession and how that concept can be applied to bitcoin for starters.

It is certainly subject to debate. My argument would be that possession of the privacy key constitutes the ownership and right to access the value denoted in the blockchain ledger. That is the basic premise of Bitcoin, correct?

Really?  So if I post my private key here then everyone that sees it on this forum owns the btc in that address?  What about any btc that used to be there?  Do they somehow become past owners of that as well?

[BitWrit]

Since you are a lawyer why don't you define legal possession and how that concept can be applied to bitcoin for starters.

It is certainly subject to debate. My argument would be that possession of the privacy key constitutes the ownership and right to access the value denoted in the blockchain ledger. That is the basic premise of Bitcoin, correct?

This method is negated by any wallet stealer since both the thief and victim would have the private key. Given that info, how do you prove that you were ever the lawful owner of the BTC at that time? Only thing I can think of is maybe a receipt of some kind (exchange logs?) and that doesn't take into account the fact that the BTC could have been traded willingly off network by sending the private key to the buyer (or thief [I can know as a 3rd party{you can't either}]).

[Adrian-x]

Since you are a lawyer why don't you define legal possession and how that concept can be applied to bitcoin for starters.

It is certainly subject to debate. My argument would be that possession of the privacy key constitutes the ownership and right to access the value denoted in the blockchain ledger. That is the basic premise of Bitcoin, correct?

@ OP
Here was an interesting thought experiment are Bitcoin's virtual property? I think it is worth reading.

Many opinions expressed helped shape my understanding.

[darkmule]

Since you are a lawyer why don't you define legal possession and how that concept can be applied to bitcoin for starters.

It is certainly subject to debate. My argument would be that possession of the privacy key constitutes the ownership and right to access the value denoted in the blockchain ledger. That is the basic premise of Bitcoin, correct?

Really?  So if I post my private key here then everyone that sees it on this forum owns the btc in that address?  What about any btc that used to be there?  Do they somehow become past owners of that as well?

Actually deliberately posting it here would be an implicit invitation to add it to a wallet just to see what's in it.  For example, the "correct horse battery staple" brainwallet passphrase used as an example.  (Don't actually add it to a wallet because it is so constantly flooded with transactions that it can easily crash your client.)

Posting a private key with funds in it is basically yelling "Hey here's some money, and I'm leaving it here while I go away!"  That may make the inevitable thief still guilty of something, but good luck getting any sympathy from a jury.

If, however, someone obtained the private key illegally, such as with a keylogger or by finding the Post-It note where you left it under your desk, even if that is almost equally stupid, obviously they don't possess the BTC.  I assume OP meant by "possession" what is often meant legally by the term, that is, legitimate possession.  (Even a thief, though, is actually in "possession" of a stolen item and a drug dealer "possesses" illegal drugs even though the law recognizes no ownership right in such items.)

[User705]

What does sympathy have to do with legality?  The term legal possession implies a third party such as a government authorizing your right to it.  Bitcoin has no such thing therefore you can not possess bitcoin in a way that works with any current laws.  You can try to make it fit but it would be akin to trying to explain to a Native American the western concepts of land ownership.  You can only explain it with violence and force which then begets more violence and force in retaliation.

[darkmule]

What does sympathy have to do with legality?

Ask a jury.