In their documentary Code is Law, co-directors James Craig and Louis Giles track hacks in which millions of dollars worth of cryptocurrency was stolen. The hackers responsible insist they have broken no laws. The first target of such theft was the German company Slock.it. In 2016, Slock.it launched DAO, a preliminary version of a venture capital system based on the Ethereum blockchain, meant for self-organizing enterprises to manage their corporate governance. DAO allows investors to structure a company without hierarchical interference or oversight.
When funds suddenly began disappearing, DAO community leader Griff Green assembled a volunteer team known as The White Hat Group to monitor the hack, restore lost balances, and secure the remaining funds. The story is told from the perspective of the teams of coders rooting out the methods and identities of the sophisticated attackers.
The next hack discussed resulted in the loss of $65 million from the KyberSwap and Indexed Finance decentralized finance (DeFi) protocols. This one was perpetrated by Canadian teenage math wizard Andean Medjedovic, who was eventually identified and charged with wire fraud, computer hacking, and attempted extortion. Medjedovic became the first to invoke the “code is law” defense. He then vanished and is still an international fugitive (with $65M to spend, one imagines he is hiding somewhere quite comfortable).
“…hacks in which millions of dollars worth of cryptocurrency were stolen…”
Craig and Giles walk us through the esoteric culture of crypto throughout Code is Law. The foundational idea of self-governance is key to all crypto projects and is the driving ethos behind the decentralization of currency. The “code is law” maxim derives from the notion that crypto should be beyond the scope of any governmental influence or enforcement. These are self-organizing collectives of users reliant on systems to provide autonomy as well as full security for investments and transactions. Absent any oversight authority, the community social contract insists that the platform code is the only law that can apply.
This cult-like adherence to self-governance has led crypto aficionados to agree that anything you can make the system do is fair game, and the hackers should not be punished, hence “code is law.” The question arises, however, whether the currently deployed code is the final word, or whether the designer’s intent for system capabilities should supersede exploited bugs or design gaps. There is no such thing as hack-proof code, and the Blockchain architecture itself has acknowledged scalability challenges that could impact security. So if someone exploits holes in the system and siphons off currency, should the platform bring legal charges against the hacker, or does that violate a philosophical tenet of crypto culture? To many users, there should be no legal case, and the losses should be considered part of the game.
Craig and Giles crack open this intensely technical can of worms in Code is Law, while keeping the discussions at a level that most viewers will be able to follow without delving too deeply into jargon. Cryptocurrency lives next door to the legacy world of hacking, and there is an overlap of people participating in both. They share a common culture, language, and understanding of cybersecurity that non-technical people cannot fathom. The DAO and DeFi hacks are known now, but one wonders what is going on that hasn’t been detected yet? What crypto hacks have not yet seen the light of day? The prospect is fascinating and terrifying.
Find out more at the official Code is Law website.
"…fascinating and terrifying."
