It has turned into a foreboding week for decentralized finance — the quest to build complex financial services on decentralized blockchains.
When I decided to write this column, the trouble was slightly abstract, sparked by the criminal trial of Mango Markets exploiter Avi Eisenberg. Eisenberg is essentially arguing that he committed no crime because the Mango Markets code allowed him to siphon off $110 million through a series of carefully coordinated loans and purchases. The dictum “code is law,” first coined by legal scholar Lawrence Lessig, has been widely parroted in the blockchain and DeFi community – but with Eisenberg’s case, it’s getting a real-world test, with major long-term implications.
It now appears the same questions will be litigated much more directly: On Tuesday, the U.S. Securities and Exchange Commission issued a Wells Notice of pending charges to Uniswap Labs, maintainers of the Uniswap decentralized exchange. If the SEC does file charges, its case would likely hinge on a court deciding exactly how much of a role Uniswap Labs plays in running Uniswap – that is, whether the “decentralized exchange” is, in fact, decentralized.
Read more: SEC Puts DeFi in Its Sights With Potential Uniswap Suit
I don’t at all want to suggest Eisenberg and Uniswap Labs, or their actions, are comparable. The teams and community around Uniswap have built something profoundly innovative, turning general principles into a service used and trusted by tens of millions worldwide. By contrast, Eisenberg, in the eyes of some observers, has instead weaponized those principles to superficially rationalize a series of increasingly damaging and immoral actions.
But the key issues at the core of the two cases are the same: Whether “Decentralized Finance” is actually decentralized – and, more dramatically, whether its core goal of code-enshrined financial services is actually possible.
What DeFi Wants To Be
This pair of actions are where the rubber meets the road for a set of ideas that have been circulating since at least the launch of Bitcoin. Satoshi solved the problem of uncensorable value transmission and sovereign value storage. But Bitcoin doesn’t (yet) allow for more complex on-chain functions like loans or swaps. That was one of the key insights behind the creation of Ethereum, which became home to early DeFi projects including Uniswap.
The development of DeFi has opened new horizons for what on-chain finance can become. Bitcoin’s uncensorable and sovereign nature makes it possible to completely bypass national boundaries and local infrastructure – a world-altering innovation itself. DeFi – again, at least in theory – builds similarly global, frictionless lending and asset-trading markets, with potentially even more mind-boggling implications for humanity.
In both cases, though, the freedom to transact globally is inextricable from the fact that there is no central arbiter to decide when someone has broken the rules. The only rules, at least in principle, are in the code that controls what transactions are valid. If you can find a way to get these encoded rules to produce unexpected or widely undesired results, as Avi Eisenberg did, well, that’s the fault of flawed structures – or so goes the “code is law” argument.
Conversely, while a particular group of people might write the code for something like Uniswap, the theory behind DeFi is that they then simply set that code loose to run on a swarm of decentralized nodes. The people who wrote the code don’t (or shouldn’t) have the direct ability to change its parameters, much less to reverse particular undesirable transactions.
In the very big picture, this is how we get to a trustworthy and transparent global transaction layer, with the potential to coordinate the activities of human civilization more efficiently and fairly than the current drunken spiderweb of banks, currencies, and national regulators. For a transnational system to be fair, humans can’t be directly involved in deciding what’s a “good” transaction or a “bad” one. The code, and the code alone, must be law.
What DeFi Actually Is
But this ideal isn’t the reality today, as illustrated by this week’s two legal happenings. On the one hand, Eisenberg’s exploit of Mango Markets was just one of hundreds in recent years that have showed, unequivocally, that DeFi systems are very vulnerable to malicious manipulation. At the same time, without commenting on Uniswap specifically, it’s obvious to anyone paying attention that many “DeFi” systems aren’t decentralized in any meaningful sense.
The same complex issues were at play recently with the malicious draining of $63 million from an application on Blast, an Ethereum layer 2. Observers pointed out that because Blast hadn’t fully decentralized, its creators technically could have just altered the balances on the protocol to take the money back. But that action would have highlighted their functional control, both exposing them to legal risk from national regulators, and damaging the trust of users.
That’s because, if an administrator can reverse a hack or block an undesirable transaction, they can take funds from, or censor transactions by, any user at all – or they can take everyone’s money all at once, in an all-too-common “rugpull.” That would ultimately reduce DeFi to the same congested, inconsistent tangle as the international financial system we already have.
Can We Get There From Here?
But does it even make sense to build a financial system without human arbiters empowered to enforce, and maybe more importantly to interpret, the rules? In a strange sense this comes down to a very abstract computer science question: is it even possible to accurately encode the full complexity of financial right and wrong in a series of smart contracts?
The reason the Eisenberg case stirs up so many core DeFi issues is that the attacker is using the “code is law” ideal to justify actions that are, in themselves, clearly less than ideal. And there’s good reason to take his argument seriously – even if you don’t like where the argument leads you.
What Eisenberg did to Mango, and attempted to do later to Curve Finance, weren’t “hacks” in the conventional sense. He didn’t gain unauthorized control of assets or parameters – DeFi systems gain many of the same immutability benefits of simple blockchains, so that kind of brute-force hack is very hard without stolen credentials. Instead, what Eisenberg did (in very broad strokes) was use large, coordinated sales and purchases to change prices on Mango in ways that benefited him. Soon after the attack, he argued this was simply a “highly profitable trading strategy,” not a crime.
As legal experts Collins Belton and Gabriel Shapiro opined soon after, this kind of attack can actually be healthy for the DeFi ecosystem in the long run. By exposing a weakness built in to the structure of Mango Markets, Eisenberg flagged the vulnerability for everyone working on similar systems. Over time, in theory, successive similar exploits will teach DeFi builders more and more about possible financial exploits, and how to build in protections. Over time, this exact sort of hardening is crucial to making DeFi trustworthy at scale. This isn’t entirely distinct from the way software companies invite “white hat” hackers to try and break their systems (though Eisenberg’s behavior after the hack was not strictly white-hat).
At the same time, Eisenberg’s actions raise questions about whether “code is law” is an ideal that can ever actually be achieved. One of the charges he faces is “manipulating” the price of assets on Mango Markets, using a mix of wash-trading and huge market buys. The market manipulation statute in the U.S. criminal code is lengthy, but fundamentally it prohibits “creating a false or misleading appearance of active trading” in assets, for the purpose of benefiting the manipulator.
But Eisenberg essentially argued that there’s no such thing as “manipulation” in instances like this. Eisenberg actually bought all the assets whose prices he was pushing around, so the market price resulting from his purchases was in a sense “real.” That’s in contrast to more obvious manipulation through “spoofing,” or sending fake bids to markets for assets the manipulator never intends to actually buy.
Market manipulation, then, may be a little like pornography – even if you can’t fully define it, you know it when you see it. By any intuitive ethical standard, what Eisenberg did was clearly manipulation, but he found an “edge case” where encoded rules could be gamed to create unintended outcomes.
Systems as complex as DeFi face huge, maybe inherent, challenges in formally eliminating those kinds of edge cases. While it’s not an exact analogue, Gödel’s Incompleteness Theorem and similar mathematical findings suggest that a formally encoded system—like DeFi—will always have some rules that exist “outside” its formal content, and can’t be encoded in it.
Whether true DeFi is even theoretically possible is a debate for greater minds than me. But Avi Eisenberg is living proof of the basic point: If code is truly treated as law, there will always be clever ways to circumvent its true intent. And there will always be a need for humans to make things right.