SEC targets Uniswap Labs, raising concerns over open-source code liability
On April 10, Uniswap Labs received a Wells notice — a letter informing a company or individual that the United States Securities and Exchange Commission is planning to bring an enforcement action against them.
Uniswap Labs is the eponymous developer of the software on which Uniswap — a widely used decentralized cryptocurrency exchange (DEX) — facilitates trading.
The Wells notice follows a reported SEC investigation in which it was allegedly seeking information about Uniswap’s marketing and investor services.
As the top financial regulator in the U.S. takes aim at Uniswap, the action raises questions about the nature of code as free speech and the legal responsibilities — or lack thereof — of open-source developers.
Some industry observers maintain that since Uniswap Labs publishes open-source software for an open-source front end, the issue is well outside the SEC’s jurisdiction.
So, can Uniswap Labs be held liable for what happens in a decentralized, permissionless market such as the Uniswap DEX? And if the SEC takes issue with the code itself, aren’t there free speech protections in publishing code?
Are developers liable for open-source code?
The issue of Uniswap Labs’ relationship to its open-source code has already been litigated in court.
In 2022, six plaintiffs brought a class-action lawsuit against the organization, claiming it was responsible when they lost money to scam tokens traded on the Uniswap DEX.
They argued that Uniswap Labs controlled liquidity pools on the protocol, including those created by the scammers they lost money to.
Recent: Memecoin sector’s continued growth hinges on long-term utility
However, the court ruled that an individual who drafts computer code should not be liable for a third party’s misuse of that platform.
Not all platforms have been so lucky. The downfall of the crypto mixer Tornado Cash shook the crypto community, as regulators targeted developers of the open-source software for facilitating criminal activity.
One of Tornado Cash’s developers, Alexey Pertsev, spent over eight months in jail in the Netherlands on suspicion of using the protocol for money laundering. Fellow developer Roman Storm has pleaded not guilty in the U.S. to charges of conspiring to operate a money transmitter or facilitate money laundering and sanctions evasion.
With these recent cases, blockchain developers may fear regulators blaming them for the transgressions of third parties using their technology to illicit ends.
Immutable code for smart contracts
Peter Van Valkenburgh, director of research at Coin Center, suggested during an April 9 panel at the 2024 Bitcoin Policy Summit that developers building decentralized applications (DApps) should ensure the code of their smart contracts can never be changed for their protection.
Van Valkenburgh highlighted how “from a regulatory standpoint,” developers can avoid liability for scams or illicit activity on platforms built with their code by making their code “immutable”:
“You have very hard questions of whether everybody who’s participating [is] liable for the activities of that smart contract. […] I don’t see those questions having good regulatory outcomes.”
He believes that DApp developers who don’t wish to “end up in jail” should ensure immutability in their smart contracts from the get-go.
According to Ben Hart, chief technology officer at research and development consulting firm MLabs, this may not be the best option. He told Cointelegraph that mutable code may offer developers a better defense mechanism if things go wrong.
Hart said that if the developers of Tornado Cash had created the mixer with mutable code, which they could control, they could help “steer the mixer toward regulatory compliance” and avoid being prosecuted.
Developer’s intention is important
Mutable or not, there quite simply may be no “get-out-of-jail-free card” for developers.
Julian Gretch, head of the legal department of fintech firm YouHodler, told Cointelegraph, “There is never a guarantee that a developer can avoid legal persecution. There will always be an examination of the developer’s intentions and desired outcomes when coding.”
Gretch noted how intention is a “subjective matter that cannot result in a guarantee of avoiding legal persecution.”
Gideon Greenspan, founder of Coin Sciences — which develops the open-source MultiChain blockchain — told Cointelegraph that it’s crucial to “question whether there is malicious intent.”
He noted the Post Office scandal in the United Kingdom, where hundreds of post office operators were wrongly accused of theft, fraud and false accounting based on data produced by the faulty Horizon IT system the Post Office used in the late 1990s.
The Horizon software made it appear like money was missing from its branches. Between 1999 and 2015, the Post Office relentlessly pursued people despite knowing since at least 2010 that the centralized accounting software had faults.
Concerning the Tornado Cash case, Hart believes the developers’ true intention was “dedicated to decentralization and openness.” In his opinion, the intention wasn’t to launder money but to make digital currency anonymous, but “unfortunately, governments are going to disagree with that.”
Since perceptions of intention are subjective, the only safe path for developers may be to create a product anonymously, as Satoshi Nakamoto did with Bitcoin (BTC). If there is nobody to hold accountable, there is no case.
But this is also far from ideal. Eric Chen, CEO of decentralized finance protocol Injective, told Cointelegraph, “Anonymity truly enhances regulatory safety. However, I am concerned if individuals feel compelled into anonymity, as this may not represent a positive trend.”
Recent: Bitcoin ETF demand turns negative around BTC halving
Details are still emerging on the exact nature of the action Uniswap Labs is facing — the SEC does not discuss ongoing investigations. But it would seem there is no perfect path forward.
The threat of jail time would likely be enough to scare off any developer remotely uncertain about how their code could be employed.
Some observers have claimed that SEC action could have a chilling effect on U.S. markets, but Daniel Mosquera, a technical sales representative at MLabs, took a more optimistic stance.
He told Cointelegraph he has a sense that “the technology is more exciting than the fear of being persecuted.”