Software

Subscribe to Software via RSS

We are happy to report that our recent in-depth Practice Note on Blockchain as applied to Supply Chain Management was selected to appear as the cover story for the June/July issue of Practical Law – The Journal. Read the full text here.

The plot has thickened in the longest-running “whodunit” in the blockchain space: Who is Satoshi Nakamoto, the pseudonymous creator of Bitcoin and author of the white paper that started it all, Bitcoin: A Peer-to-Peer Electronic Cash System? Published in 2008, Nakamoto’s paper proposed a form of electronic cash that would operate purely peer-to-peer, without the need for a trusted intermediary (such as a centralized financial institution) and in a verifiable manner that protects against the “double-spend” problem. That white paper served as the launch pad for the Bitcoin network and inspired blockchain’s proliferation. Over a decade later, the true identity of Nakamoto and whether Nakamoto is a single person or a collective remain a mystery, despite speculation and multiple claims to the digital throne.

Recently, claimants turned to intellectual property registrations in their campaigns for recognition. In April 2019, Australian entrepreneur Craig Wright (who has long claimed to be Nakamoto) sparked controversy in the blockchain community by filing two copyright registrations claiming authorship of Nakamoto’s white paper (Reg. No. TXu002136996) and the original Bitcoin source code (Reg. No. TX0008708058). In the wake of Wright’s claims, on May 24, 2019, Wei Liu, reportedly a cryptocurrency entrepreneur and a Chinese citizen with an address in California, upped the ante by also filing a copyright registration (Reg. No. TX0008726120) asserting that he had in fact authored the white paper.

The gauntlet, it seemed, had been thrown down.

Proskauer partners Daniel Ganitsky and Jeff Neuburger address five factors for private equity firms to consider when evaluating the critical business decision of implementing blockchain-based technology solutions for their portfolio companies:

Daniel Ganitsky: Technology is causing private equity firms to deal with a whole new set of questions for their portfolio companies. The use of blockchain technology is one of those questions. Given operational factors and the fact that private equity firms often provide additional access to capital, it may make sense for private equity firms to consider using blockchain technology in their portfolio companies.

Jeff Neuburger: There are a number of factors that a private equity firm should consider in evaluating blockchain for their portfolio companies.

When a smart contract coding vulnerability resulted in the Parity wallet “freeze” that compromised over $150 million worth of user funds, we discussed the pitfalls of unsecure code in the context of cryptoassets and the extent to which software developers might be held liable to their users for losses arising

Last year’s spike in the valuation of bitcoin has much of the technology world focused on blockchain, the distributed database ledger technology behind bitcoin and many other cryptocurrencies.  Lost behind the scenes, however, is a rush by some in the industry to patent inventions relating to the blockchain technology itself.  These moves come with controversy in an industry known for its culture of open-source practices.

The recent Parity wallet “freeze” provides yet another example of a coding vulnerability in a smart contract (rather than a flaw in the underlying blockchain or cryptography) resulting in an exploit that compromises cryptocurrency worth millions. It again highlights some of the pitfalls of insecure code in the context of digital assets and raises questions regarding the extent to which software developers can be held liable to its users for losses suffered due to those oversights. As blockchain-related software that serve as storage vaults for digital assets continue to proliferate, it will be interesting to see how industry standards and the existing software liability regime in the U.S. and other jurisdictions evolve to reflect the critical role of secure software in the “Internet of Value.”

The Parity Wallet “Freeze” Explained

Parity Technologies made available, on an open source basis, multi-signature software “wallets” that users could use to store the keys to Ether cryptocurrency, which are necessary to use Ether.  Those multi-sig wallets were smart contracts built to run on the Ethereum blockchain and, unlike standard Parity “accounts” or other cryptocurrency wallets, required more than one digital signature (private key) before Ether associated with them are approved to be transferred.

On November 8, Parity Technologies announced that “devops199”, a user of the prominent web-based software development platform Github, had exploited a software vulnerability in Parity’s multi-sig wallets, resulting in Ether tied to over 500 multi-sig wallets, then valued at over $150 million, becoming completely unusable. Among impacted users were many high-profile blockchain startups that used Parity’s wallet platform to raise funds through initial coin offerings (ICOs).  This marked the second time this year that Parity’s wallet software has been compromised, with the prior time being July 19, when hackers exploited another software bug to steal over $30 million in Ether.