Legal responsibility for the Bitfinex theft (aka "Bitfinexit")

in #theft8 years ago (edited)

So who might actually be liable for the Bitfinex theft and what hope might the victims have?

The thief

Obviously, the thief or thieves are fully liable. If they are caught, they can certainly be sued. And, of course, there's hope that the investigation into the theft might recover some or all of the funds.

BitGo

I don't see any way BitGo could be legally liable for the theft. All the evidence we have suggests that they complied with their contract with Bitfinex and their systems weren't compromised. There doesn't seem to be any credible argument that they breached the required standard of care.

The situation is somewhat analogous to one where they helped another company set up a cold wallet and then the other company put the secret keys on a server that was later compromised. BitGo provides total control over what authorization is needed to change system limits -- if Bitfinex put all the credentials needed to change those settings on systems that could be compromised, that's on them.

Bitfinex

Well, here's where it gets interesting. Bitfinex has announced that they are considering spreading the loss over their entire customer base. I do not see how they could possibly do this unless they are insolvent.

The two classes of Bitfinex customers

Bitfinex legally delivers bitcoins to its customers using segregated wallets. While Bitfinex has practical control over these wallets, it does not have legal control. Bitfinex has no right to transfer these funds without the customer's permission because they belong to the customer. These are the only funds that were stolen.

Other customers have what is essentially an IOU from Bitfinex. This is just a general liability and a claim against Bitfinex's assets. Bitfinex is obligated to pay these claims out of any assets they have unless they declare bankruptcy.

The Bitfinex announcement

Yet Bitfinex has announced that they are considering spreading the losses among their customers. I don't see how they can do this unless the are insolvent. If Bitfinex owed me $10 before the theft, they still owe me $10 now. If they pay me less than $10, I can sue them for the difference and I'll win unless they're insolvent.

So it sounds like Bitfinex believes they are liable for the theft of these customer funds, likely because they don't believe they provided the legally required standard of care. That would mean that they are insolvent and will have no choice but to declare bankruptcy.

What all this means

Under the law in most jurisdictions, someone who holds another's property for mutual benefit is only liable for a third party's theft of that property if they didn't provide reasonable care in securing the property. If this standard applies, that means Bitfinex's hint that losses would be imposed on customers equally means they believe that they would probably be found not to have provided reasonable care.

The good news

The theft only seems to account for somewhere between 10% and 30% of Bitfinex's holdings. This means there's a good chance that Bitfinex could continue operating, whether they are liable for the theft or not.

Disclaimer

I am not a lawyer. This is pure speculation based on limited, public information. If anyone knows of any errors or omissions, please make me aware of them.


JoelKatz

  • Follow me on Twitter
  • Read this Steem exclusive about how banking regulation violate rights, stifles innovation, and make crime fighting harder.
  • Read this article about dissatisfaction with America's two-party system and what we can do about it.
Sort:  
Loading...