What are smart contracts?
By James O'Connell, Commercial Solicitor
Smart contracts are software. They are written to automate agreed actions under a contract, usually on an “if/then” basis (e.g. ‘if the price of X falls to Y then purchase Z’). “If/then” contracts have always been with us. What smart contracts do is automate the process: a computer program monitors X and Y and places an order for Z automatically, all without direct human involvement.
This article explains why smart contracts, although in their infancy, are here to stay, but also why, currently at least, they are massively overhyped. The reasons lie in the technology smart contracts are most closely associated with (see ‘block chain’); the limitations on the things they can best interact with (see ‘digital assets’) and the status of smart contracts under the law (see ‘The law gets in the way’).
Most references that you will come across to smart contracts will be linked to block chain transactions. This coupling with block chain is not a prerequisite because smart contracts are, in essence, just automating a process as old as the hills. There are many smart contracts that have nothing to do with block chain. However, for the purposes of this article, we will link the two since that is the area where interest is greatest.
This section contains a much-simplified explanation of block chain.
Block chain is a fantastic concept which, just like smart contracts, has been massively oversold given its current state of development.
However as is the case with smart contracts, block chain does have significant real-world application and, as it develops, it will become a major disruptor in quite a few markets and sectors.
Block chain is a technology that allows strangers to trust each other enough to trade. Trust is always a big issue in any trade, e.g. how do I know that you will deliver when I pay you, and vice versa; or how do I find out if you own the things you say you own?
Many systems have been developed to address the trust issue: government registries to verify title (e.g. Lands Registry, Companies House, the Patent Office etc.); regulators to confirm key intermediary/institutional identity (e.g. the Financial Conduct Authority) and of course untold numbers of networks and associations where personal knowledge can be gleaned about the reputations of those one is considering dealing with.
All of these verification systems come with their own problems, but a consistent one is that (with a few exceptions) these nationally based/focused verification systems, tending just their own walled gardens, can’t cope well with the needs and demands of an online, globalised world.
At its most basic (and it pains me to reduce such an elegant, sophisticated concept in this way) the vision behind block chain is that if somebody’s ownership of something is accepted by and logged on thousands of anonymous computers distributed around the world, then it becomes extremely difficult to even identify those computers let alone hack all of them in an attempt to dishonestly alter the name of the true owner. As a hacker you could hack some of those computers, but unless you can hack a solid majority of them all at the same time and all in the same way then the system will reject your attempt at changing the online record/archive/history of ownership of the item (the block) by refusing to allow you to add your intended change to it (being the next link in the chain of ownership record).
Given the acceptable level of ‘trust in strangers’ created by the block chain system, it can be used for many different things other than just confirming legal ownership of something - e.g. to verify the completeness/correctness of a shipment of goods at each stage whilst being transported around the world.
Obviously any online record of ownership means little if the physical thing being recorded (e.g. the shipment just mentioned) is stolen, damaged, lost during transit, etc. So, in respect of physical items, block chain is just an agreed, very hard to corrupt, record of ownership or location or description (size/weight/number), etc. Where it really comes into its own is with digital assets: smart contracts are at their best when transacting with digital assets because it stops the pesky physical world intruding.
As a side observation, no doubt you have already spotted a weakness with block chain acting as a trustworthy verifier. Who gets to make sure that what is put up on block chain in the first place is true, complete and accurate? It is a depressingly regular feature of my conversations with suppliers offering block chain product that they all focus on what they can do with things already on the block chain, or how innovatively they can manipulate data. Almost invariably it is seen as somebody else’s job to make sure that what is put up in the first place is reliable.
Old coders used to reference the problem of “garbage in, garbage out”. This is a problem yet to be solved by block chain.
‘Digital assets’ is a fuzzy term. There is no agreed definition, but it is generally used to describe something which somebody owns and which is stored online, i.e. in a digital format. Examples are software, photos, databases, a trademark or logo, crypto currency, music etc.
Part of the reason the term is fuzzy is because it is difficult to trade/own something as an asset (digital or otherwise) unless the law recognises it as something able to be owned. The law moves slowly and there are debates being had about whether intangible things can be considered property that the ‘creator’ can own exclusively. Recent examples include the shape of a biscuit, the taste of something, the concept for a television show; way in which things are sold; the briefest snatch of music, a haircut/style look; a turn of phrase; a smell; a photograph taken on a camera by a monkey (all actual legal disputes).
There is also continuing uncertainty around things that we may think of as our property, but which are hosted on a technology platform which is provided as a temporary service shorn of all ownership rights e.g.: social media accounts/channels/handles, email accounts, domain names, online music playlists, etc.).
Sometimes (but often not) the answer is common sense, but even in those cases the ‘asset’ in questions may not fit neatly into any of the categories of thing recognised by law – because many of the categories date back 150+ years.
If something is not deemed to be property it cannot be owned in any meaningful sense and therefore is not deemed at law to be an asset. If the law does not recognise what you’re buying as being an asset, then you’d better hope that your deal doesn’t go wrong (try getting the police to act if what has been ‘stolen’ is not deemed to exist at law); and that the tax authorities are sympathetic when they classify any profit you make and any expenses you incur.
This uncertainty becomes even worse when there’s an international element because most countries jealously guard (as a matter of tradition, culture, national pride and trade advantage) their own definitions of what the law will recognise as an asset, and therefore what rights and protections are given to asset holders. If the seller is in America, the buyer a Danish company operating from a branch office in Germany, whilst the digital asset in question is held simultaneously on servers in five countries and the purchase money is sent from the buyer’s UK bank account to the seller’s Swiss account, then just whose laws will apply if there is a problem? In my experience the overburdened regulatory/law enforcement bodies of most jurisdictions are reluctant to take ownership of cross-border disputes.
A further complication is how do we deal with those “assets” which can be transferred digitally, but which also have a physical manifestation that needs to be handled separately – e.g. I recently acted for a client selling a successful turn-key drop-shipment web business. The client didn’t actually own anything he was selling other than the content of his Microsoft Access database of customers and suppliers. As a result the deal relied on getting approval from each third party providing a part of the service to seamlessly switch delivery of the service from the seller to the buyer.
That said, for the purposes of this article about smart contracts, a digital asset is an asset recognised by the law and ownership of which can be transferred digitally.
The law gets in the way
Most smart contracts are misnamed: the majority being neither smart (“if/then” contracts having been around forever) nor do most smart contracts meet the legal definition of a contract. This second point is very important; and the source of much confusion. It is one of the main reasons why the smart contract concept is, currently at least, being massively oversold (I know, whoever heard of such a thing with new tech….!?)
Firstly we need to review some essential law. We all make a score of agreements every day - to be home by a certain time, to meet somebody for lunch, buying something or getting a train. The law says that some agreements have be taken more seriously than others: this class of agreement is known as a contract. The courts expect people to comply with their contractual agreements and will (broadly speaking) help disgruntled parties enforce contracts when they are broken.
Because circumstances are often very messy where people are involved (you learn quickly in the law that if it can happen, no matter how ridiculous, sooner or later it will happen) it can sometimes be difficult to determine whether an agreement was just a non-binding agreement or a contract. Each country has its own laws about which agreements are legally binding. Those laws vary. Because of the need for international trade, commercial laws amongst major trading nations have tended towards (limited) harmony over the past decades. But many differences remain - which is why for any lawyer working on an international contract it is important to specify which country’s law will apply when deciding whether or not there is a contract and, if so, how it should be interpreted and how it might be enforced if breached (these are usually referred to as the ‘governing law’ and ‘jurisdiction’ provisions of a contract).
Under English law, there are various requirements to be met before an agreement can be considered to have met the threshold to becoming a contract:
- Offer and acceptance: there must have been an offer made to enter a contract (as opposed to merely discussing the possibility of a deal and on what potential terms) which is accepted.
In particular, silence cannot be taken as consent, so my saying: “If I do not hear from you by midnight then I will take it that you have agreed to sell me your Ferrari for £1” is probably meaningless and unenforceable since there is no contract (I say ‘probably’ because in the law it is not uncommon for unusual circumstances to amount to an exception to an otherwise a solid rule). There must be a clear offer and a clear acceptance. Many court actions arise where the offer and/or acceptance were open to argument.
- Capacity: everyone who is a party to a contract (i.e. making it) must have the mental ability to know that they are entering into a binding agreement and to understand (in broad terms, even if not in detail) the terms of the contract. For example, someone who is mentally ill or has serious dementia, or who is a child, is assumed not to have capacity (whereas healthy adults signing a business-related contract are generally assumed to understand any legal gobbledygook thrown at them). Also, for there to be capacity, a party must freely consent to enter into a contract. The contract can therefore be ended if a party can show he/she/it was induced to enter into the contract by, for example, threats of violence or by fraud, coercion or misrepresentation).
- Consideration: something of value must be exchanged between the parties, otherwise it may just be seen as a gift - and the promise of a gift is not usually something that is enforceable.
- Intention to create a legal relationship: the parties must have been intending to agree something that they expected to be legally binding.
- Certainty: what the contract is about and the terms of it must be reasonably clear. If the contract is gibberish or vague to the point that it cannot be substantively performed, then the courts may hold that it lacks sufficient certainty to be a functioning contract.
- Legality: the contract must be for a legal purpose. Agreements between drug dealers to trade heroin are not enforced by the court. But, crucially for our purposes, if the thing being traded is not recognised as something that can be owned then although the contract is not in respect of a criminal/illegal matter, it may still fall foul of this provision: for example a party may find the courts reluctant to enforce a contract where the other party is obliged to provide real live flying unicorns.
Smart contracts – just one piece of the jigsaw
In the context of the above requirements, it is hopefully clear that a simple if/then piece of software (e.g. ‘if the price of Bitcoin reaches £X then we will send you Y Bitcoin and you will transfer the contents of your customer database to us’) does not in and of itself meet most of the above requirements – yet it needs to meet all of them to be a binding contract under English law. Obviously if both parties decide to honour the agreement even if it does not constitute a contract then it doesn’t matter if it meets the requirements to be a contract or not. In such circumstances that will only become an issue if there is a problem or some external party objects or intervenes, e.g. a regulatory authority.
As with crypto currency, many in the tech community have focused exclusively on whether something is technically possible and ignored the need for it to have to work in the offline world. Take this pretty common definition of a smart contract:
“A smart contract is a contract that functions automatically thanks to lines of code rather than relying on intermediaries. Lawyers and notaries, for example, are intermediaries. In other words, it is a self-executing contract. Lines of code contain the terms of the agreement between the parties. The code exists across a distributed blockchain network that is decentralized.”
So, what’s wrong with this definition? Well, from a lawyer’s perspective (we are talking about contracts after all):
- It just focuses on the execution of agreed terms. However, as you have seen from the above list of requirements for a valid contract, there are quite a few things that need to occur before one even gets to an execution stage: e.g. identify the parties, agree the subject matter, agree the terms of the deal and meet any anti-money laundering requirements.
Many contracts are very simple (e.g. buying a coffee in a cafe). But many are not. The ones that are more complex may require many pages of contract terms that are not relevant to the execution stage, and, because they are not execution instructions, are not appropriate for coding.
Accordingly, almost every smart contract needs to be tied to an old-fashioned written agreement – an agreement containing as part of itself the relevant code.
- It fails to identify what may go wrong and stipulate in advance what happens in such a situation. Much of a lawyer’s job in contract drafting is to ask: “What if….?” On the whole, businesspeople are optimists: they tend to assume that contracts will be performed as agreed. Their lawyers are constantly being asked to make contracts ‘shorter’ and to just ‘focus on the essential points needed to get the deal concluded.’ We are told to assume that all will go to plan. Problems arise when things don’t go as planned and the contract has not made provision for dealing with the unexpected.
- It fails to acknowledge that very few things are truly automatic, even when everything works as planned. Even the simple example given previously (‘if the price of Bitcoin reaches £X then we will send you Y Bitcoin and you will transfer the contents of your customer database to us’) still requires someone to stipulate such things as which cryptocurrency exchange will be used as the trigger benchmark for X, what happens if that X price is never reached, in what format the database contents need to be sent so it can be used by the buyer, etc.
As we have seen with the wholesale market manipulation of the LIBOR benchmark (not to mention the manipulation of some other foreign exchange rate and commodity price benchmarks), choosing the right trigger mechanism is essential. I suspect that the growth of smart contracts may be inhibited in certain markets by the lack of agreed, reliable online benchmarks to act as trigger points.
One of the advantages of smart contracts is that they reduce (but do not remove) the people element - and thus the opportunities for trouble to arise – e.g. from meddling intermediaries. I recall that cryptocurrency was also supposed to remove the need for intermediaries. What the boosters of that idea failed to consider was the age-old problem of who goes first. Does the crypto buyer send the fiat currency/other coin but risk not receiving the product, or is the product sent first and the seller shoulders the risk of the buyer not paying? As a result, intermediaries in the form of agents, banks and lawyers are all still gainfully employed providing escrow and party verification services. By automating the exchange smart contracts reduce the risk but do not remove it entirely.
- It assumes that to be an intermediary is to be superfluous and disposable, adding no value. That is often true, but people are not stupid and that they still choose (for the most part) to use intermediaries after all this time should give pause for thought that there might be a value-add to intermediaries - but clearly not.
Many intermediaries perform a valuable function. One of the functions lawyers perform in contract drafting is to cope with the fact that most people are not very detail orientated and so the contracts they self-draft simply do not work as intended because they miss out too much (or express it too vaguely).
By way of example: a small chain of grocery stores approaches a farmer and offers to buy her just-planted crop of cabbages at an agreed price, to be taken once fully grown.
For many people this is would be a clear deal, not needing any further embellishment. And that is fine provided nothing goes wrong – but things do go wrong all too often, or circumstances change and one party wants out of the contract without penalty and suddenly their memory of what was agreed changes.
To a lawyer the above simple deal is a court case waiting to happen.
Depending very much on the particular circumstances (they always make a difference), a contract lawyer might want to try and avoid that court case by pining down in writing before the deal is finalised:
- When risk passes. Have the cabbages been purchased now (so if there is any problem with flooding, blight, pest infestation etc. during the growing season it is the buyer’s bad luck), or do they have a conditional contract which only becomes operative when the cabbages are ready for delivery (meaning risk does not pass until delivery to the buyer, in which case any of those problems are the farmer’s bad luck)?
- If ownership passed at the time the deal was done, when is payment due and who is then in control of the field and the cabbages while they are growing?
- What price will be paid if the cabbages grow, but are of poor quality?
- Does the price include VAT (I had a case last year which cost a client £5 million because they didn’t think to be clear on this point)?
- Can the buyer pull out before delivery and, if yes, on what terms?
- What happens if the farmer unexpectedly uses an insecticide when the buyer intended to sell the cabbages as premium price organic?
- Are the cabbages meant to be delivered prewashed and sorted in some way (e.g. by size or quality) or can they be delivered still covered in soil?
- Who sorts/cleans/loads the cabbages?
- Is the farmer responsible for harvesting and delivering the cabbages to the buyer, or must the buyer collect them from the fields?
- Who pays if the farmer causes damages to the crop?
- If the buyer has to collect the cabbages, then does the farmer have to make the field accessible and ready to accept the buyer’s haulage trucks? What if those trucks were unable to access the field because of their size?
- What happens if the haulage trucks damage farm property whilst collecting the cabbages?
- When will the farmer have to make the cabbages/her fields available (the cost of hiring haulage trucks is high, and so the buyer may want to minimise its costs by collecting during a specific period so as to win a discount from the haulage company - what happens if that time is inconvenient to the farmer)?
- It operates on the implied assumption that ‘real’ world issues are secondary to what is technically achievable. This assumption underlaid the way that cryptocurrencies were promoted – with somewhat disastrous results.
With a few honourable exceptions, here in the UK I have seen little evidence that those promoting smart contracts in the marketplace have engaged with issues such as mentioned above or GDPR requirements or financial services regulation (hence the case of smart contract coders working on a contract for a commodities client who found themselves at risk of prosecution for allegedly undertaking – albeit inadvertently - regulated commodities trading).
Liability and poor coding
Much time is spent in traditional contract drafting identifying risk and potential loss and limiting/allocating liability for that loss should it arise. This seems an area all but ignored, which is remarkable even if only because of the error rate in much smart contract coding.
In his book ‘Code Complete’ Steve McConnell cites Microsoft software as averaging about 10–20 defects per 1,000 lines of code delivered. The general industry average is between 15–50 errors per 1,000 lines (NASA has an average of near zero defects, but that is achieved only at very significant cost). It follows that unless smart contract coders work much more stringently than the industry average, then smart contracts potentially come with huge risk.
Risk estimation does not just focus on the percentage chance of a problem occurring, but also on the consequences should a problem manifest. The problem with smart contracts is that it is very difficult to anticipate what will happen if there is a coding error – especially if the program in question is linking numerous transactions. The error may just cause the program to stop - or it may cause a cascade of ever more disastrously wrong trades that could turn an expected modest profit into a the mother of all losses and liability. Professional indemnity insurance may prove problematic.
Despite the industry’s somewhat ‘go it alone’ approach to smart contracts, such contracts are clearly here to stay. They will be of great utility in many specialised situations – so much so that commercial lawyers may well have to learn to at least understand code as part of their contract drafting toolkit.
Smart contracts are not new, and so are already in use – usually in private situations between known parties. Their break-out into the wider digital world is currently being massively oversold for the reasons given above.
Once again we find ourselves in Groundhog Day. Techies’ are offering contract code with insufficient understanding of business complexities and regulatory requirements, applicable accounting and tax requirements, the impact of GDPR and their own potential liability and that of their clients: all those things in fact that the ‘disposable’ intermediaries ought to be advising on.
Recently I attended a big conference on digital marketing, IoT, block chain, cyber security, Fintech, digital transformation and AI. I walked the stands speaking to every smart contract supplier I could find. Even allowing for the sometimes-low level of technical knowledge amongst those running such stands, I found a complete (and I mean complete) lack of awareness of the issues raised above. More than once I was assured that the answer is apparently that smart contracts will be replaced by AI soon anyway, so it’s not a big deal. Phew, that’s okay then!
It looks like my litigation colleagues won’t be made redundant anytime soon….
Direct Dial: 01273 223209