Ooki DAO Default Judgment: Regulators Still Face Many Technical and Legal Challenges in Regulating Smart Contracts

The Commodity Futures Trading Commission (CFTC) won what it described as a “sweeping victory” in its case against Ooki DAO, in which the CFTC alleged that the decentralized autonomous organization (DAO) operated an illegal trading platform. Nonetheless, the CFTC’s victory represents only one aspect of the overall challenge, as the uncertainty of how and whether the CFTC will successfully enforce its judgment remains. This task is more complex than it appears, as the key attribute of Ooki DAO membership lies in owning a governance token associated with the DAO. Establishing a direct connection between these tokens and real individuals is challenging. The CFTC’s attempts to collect on its judgment will be the real test of the theory that some DAOs are “enforcement proof” because of their decentralization. This case also leads to questions about the regulation of smart contracts^[1] in the future and whether it is possible to effectively regulate smart contracts that operate autonomously without user intervention.

Background of the Case

The crypto community has been closely monitoring the CFTC’s case against Ooki DAO, primarily due to apprehensions surrounding the potential liability of individual governance token^[2] holders for the actions of the DAO they are associated with. Holding individuals personally liable for actions of a DAO could significantly increase the perceived risks associated with participating in DAOs that lack a business structure designed to protect their members from liability.^[3] The case has garnered significant attention, partly due to public statements suggesting that Ooki DAO was deliberately established to circumvent regulatory and legal obligations. This factor has made the DAO unsympathetic in the eyes of many observers.

The case has demonstrated the court’s acknowledgment of the unique nature of DAOs and a willingness to adopt a flexible approach for the service of legal documents. Proper service is a necessary initial step in initiating a lawsuit, ensuring that individuals know of the legal proceedings and can take the necessary steps to protect their interests. The CFTC requested that it be allowed to serve the complaint through the “Help Chat Box” and “an online discussion forum” on Ooki DAO’s public website. For its request, the CFTC argued that it needed to serve the complaint this way because it could not find someone at Ooki DAO to accept service of its complaint on Ooki DAO. In response to the CFTC’s request, the court determined that Ooki DAO was an “unincorporated association”^[4] and allowed service in the manner requested.

After the CFTC posted the complaint in the Help Chat Box and online discussion forum, the court agreed that Ooki DAO had “received both actual notice and the best notice practicable under the circumstances.” However, no representative appeared before the court on behalf of Ooki DAO, resulting in a default judgment entered by the court for $634,542. Additionally, the court imposed additional requirements on Ooki DAO, including ceasing its operations and taking down associated material, such as its website. At the request of the CFTC, the court also issued an order for all third parties to take down any content they are hosting on behalf of Ooki DAO.

The Court’s Reasoning for Default Judgment

In its order, the court determined that due to Ooki DAO’s failure to appear in court, it could accept the CFTC’s factual allegations against the entity as accurate without engaging in extensive fact-finding procedures. Consequently, the court’s order addresses the matters at hand without thoroughly examining the specific facts. However, the court emphasized multiple times that Ooki DAO deliberately chose not to appear as a strategy and that it had the opportunity to appear and present a defense. The court’s reasoning on this point may appear somewhat inconsistent with the full reality of the situation, as it remains unclear who should have appeared on behalf of the DAO and whether that individual or group could genuinely represent the entire DAO. The complexities of DAO structures and decision-making processes make it challenging to ascertain a representative who can speak on behalf of the entire entity. Additionally, it is highly probable that it did not make economic sense for any individual to mount a defense against the CFTC’s lawsuit. This is primarily because no single person had the incentive to take on the responsibility of defending the lawsuit on behalf of the entire DAO. This is particularly true because any party that appeared would openly acknowledge their status as token holders, thereby making themselves a potential target for the enforcement of the complete judgment. Consequently, it appears less likely that there was a deliberate strategic decision to abstain from appearing and defending the lawsuit. Instead, it seems to be a collective action problem, wherein no individual had the necessary motivation to step forward and bear the full cost of litigating the action and any subsequent judgment.

The court, however, does not directly address several specific issues concerning the scope and extent of the judgment, leaving certain matters unresolved and lacking clarity. In its complaint, the CFTC alleged that anyone who participated in a blockchain vote using a governance token was considered part of the unincorporated association and, consequently, liable for any judgment against it. However, the court did not explicitly adopt this conclusion. Instead, the court hinted at the possibility of an even broader interpretation of who qualifies as a member of the DAO. This is evident in statements made in its order, suggesting that simply holding the token might be sufficient for membership:

Not voting and voting against a proposal are both voluntary choices made to further the common purpose of governing the DAO. Indeed, based on the complaint it seems that individuals who own but do not vote their token still comprise the DAO because the purpose of holding a token is being able to vote on the DAO’s governance. There are no other factual allegations that provide for other reasons to hold tokens, and the amici do not offer any alternatives. Thus, the DAO and its Token Holders have a common objective: making choices to govern the DAO.

However, it remains unclear from the court’s order whether it intended this statement to serve as the only standard for determining who is part of the unincorporated association of the DAO. The excerpt shown above was provided within the context of whether the DAO could be served as an unincorporated association. It is difficult to say whether the court intended this statement to establish a definitive definition of who qualifies as a member of Ooki DAO for liability purposes.

Enforcement of the Judgment by the CFTC

With the CFTC now in possession of its judgment, the typical course of action would involve approaching the individuals involved and requesting payment. If they refuse to comply, the next step would be to pursue legal recourse through local courts to enforce the judgment. This may entail seizing funds from bank accounts or tangible assets as necessary. It is necessary to establish the person’s identity before undertaking these actions. The CFTC emphasized its inability to find an individual who could accept the service when attempting to serve the complaint on Ooki DAO. Given this statement from the CFTC, it will be interesting to see whom, if anyone, the CFTC targets to collect the judgment. It is indeed possible that the CFTC may choose not to enforce the judgment against any specific individuals. Instead, the fact that the CFTC was even able to obtain a default judgment will deter those who might consider using a DAO for illicit purposes. In the case of Ooki DAO, there may not be clear targets for enforcement, especially because the CFTC has already settled with the system’s founders, who would have been the most logical candidates for enforcing the judgment.^[5]

Indeed, an unincorporated association is typically regarded as an entity in which the liabilities are “joint and severally” borne by its members. If it becomes unfeasible to collect the liabilities from the association itself, it is generally possible to pursue collection from the individual members of the association.^[6] It is unknown if forcing Ooki DAO to pay anything is technically possible here.^[7] Theoretically, this could mean that the CFTC can instead extract the full amount from anyone who voted in Ooki DAO governance. It remains unknown whether the CFTC will or can undertake the task of locating voting members of Ooki DAO to collect the amount specified in the judgment, namely $634,542. It may be deemed unfair for the CFTC to pursue individuals who hold a minimal amount of the Ooki DAO governance tokens or who sold their tokens long ago. The logistics and practicality of identifying and pursuing individual token holders present significant challenges and potential complexities for enforcement. Based on the reasoning provided in the CFTC’s complaint, there is a possibility that the CFTC could allege liability for individuals who voted using a single governance token in a specific vote and subsequently sold or disposed of the token. However, it remains uncertain whether the court’s decision in the Ooki DAO case will inevitably lead to such outcomes. The interpretation and application of the court’s decision, especially regarding the liability of individual token holders, may still require further clarification.

The CFTC could also consider preventing third parties in the United States from hosting material related to Ooki DAO as a satisfactory outcome and may not proceed with further collection efforts. CFTC has not yet let on if it wants to make examples of any specific individuals as a statement against future attempts to evade regulation by adopting a DAO structure. The CFTC’s priorities and strategies in enforcing the judgment will likely depend on various factors and considerations.

Looking to the Future: Regulating Fully Autonomous Systems

In this case, the CFTC’s approach targeted the DAO controlling the smart contract code governing the exchange. Although DAOs include “autonomous” in their name, they still involve decisions made by individuals. However, smart contracts can be deployed and executed autonomously on various blockchains. The ability for this code to be loaded and then run automatically, without anyone being able to alter its operation, has been viewed as a fundamental advantage of blockchain technology. Systems that operate independently, such as “hyperstructures,” have been proposed under various names. These systems are often discussed as a means to run programs as infrastructure without relying on centralized authority, offering a public good that is accessible to all. Hyperstructures, specifically, are protocols that “can run for free and forever, without maintenance, interruption or intermediaries.” While the primary focus of such systems is to provide infrastructure as a public good, the situation becomes more complex when a system deemed illegal by a regulator operates as a hyperstructure. In the case of Ooki DAO, the smart contracts operating as the exchange could be written anonymously and deployed on a blockchain to run autonomously indefinitely.

One approach to addressing such systems, similar to what was done with Ooki DAO, involves attempting to sever their connections to front-end services like websites. This strategy can make it more challenging for a typical user to interact with smart contracts by blocking certain avenues of access. However, it does not entirely eliminate access, as technically proficient users can still utilize generic front-ends and software to interact with the blockchain directly. Cutting off access at the blockchain level would require extensive intervention and could be impossible in practice. It would likely necessitate a coordinated international effort to censor transactions involving specific addresses, which presents significant challenges and potential limitations.

The issue surrounding the sanctions against Tornado Cash, specifically targeting addresses hosting the smart contracts of the mixer, raises important questions regarding the intersection of regulatory actions and freedom of speech protections, as guaranteed by the First Amendment. Concerns have been raised about the potential implications, such as whether law enforcement in the United States would pursue validators for processing transactions from the sanctioned addresses. While the situation has not yet reached that point, it is evident that the current sanctions have not been entirely effective, as Tornado Cash continues to operate. The future of autonomous smart contracts may require regulators to adapt their strategies and approaches to effectively address the evolving landscape and challenges they present.

Conclusion

The Ooki DAO judgment begins the U.S. court system’s involvement with the intricate and uncharted questions arising in this evolving legal landscape. Many uncertainties persist within this emerging domain. However, the court’s rulings on these matters possess the potential to profoundly impact the future use of innovative business structures in the United States. The outcomes and precedents established in these cases will shape the legal framework and provide guidance for navigating the complexities associated with novel business models and technologies.

^[1] _{The term “smart contract” is generally used to describe blockchain-native programs. Many blockchains support Turing complete programming languages allowing the implementation of smart contracts that execute automatically under normal operation. A benefit of smart contracts over a standard program is that the operation can be known by both parties and the code is executed automatically as it is written. In effect, the “code is law.”}

^[2] _{Governance tokens are a specific type of digital asset that gives voting or other governance rights to the holder. While they are often traded on different exchanges, they are usually considered to be their own distinct category of digital asset. They are used in most DAOs as a way to vote on proposals on how the DAO should operate.}

^[3] _{A number of states have implemented corporate structures such as specific types of limited liability corporations (LLCs) for decentralized organizations. Furthermore, some have suggested separating out business entities from the DAO into what they call a cybernetic organization, or BORG.}

_{[4] California state law defines an unincorporated association as “an unincorporated group of two or more persons joined by mutual consent for common lawful purpose, whether organized for profit or not.” Cal. Corp. Code § 18035(a). Even though the CFTC alleged the DAO was created for the unlawful purpose of evading regulations, the court determined that it had some common lawful purpose, including that of administering the DAO.}

^[5] _{The system was called bZeroX when they were involved. The name was changed to Ooki DAO based on a governance vote.}

^[6] _{The California Corporations Code, Section 18270(a), notes that members of an unincorporated association may be liable for its debts if it does not, cannot or will not pay a judgment against it. A party can also seek reimbursement from members of the association if collecting from the unincorporated association is “excessively burdensome.”}

^[7] _{The treasury of Ooki DAO is an option for recovery, but the government still has the problem of how to access the private keys to these treasury funds to release them to fulfill the judgment. Likely, those with the keys to access the treasury are located outside the jurisdiction of the United States and would not release the funds voluntarily. An unverified website lists the funds at over $3 million at the time of this article. A full discussion on this is beyond the scope of this article, but we will update the article if we learn that it is technically possible to collect from the treasury.}