Smart Contract Basics — A Legal Contract Perspective Part III: Privity
Privity is a straight-forward legal concept for traditional contracts: the terms and conditions of a contract are only valid for the parties that enter into the contract. You sign your name on the line and you receive the rights (and penalties). Whereas, privity in smart contracts restricts “knowledge and control over the contents and performance of a [smart] contract” that “should be distributed among parties only as much as is necessary.”[i] Contracting parties utilizing smart contracts have an interest in controlling access to knowledge of the terms of the agreement and controlling its execution and performance.
Smart contracts are more complex than traditional ink-and-paper contracts because of the transparent and collaborative design of a blockchain. Maintaining privity of contract takes on a new meaning: protecting the parties and terms of the agreement from interference from third parties is a priority for complex transactions contained in smart contracts. Controversy over the use of smart contracts for more complex transactions currently revolve around privacy, confidentiality and a balance between maintaining control and operating within a system originally designed for transparency.
I. What is Privity?
A. General Background
Privity of contract is a legal doctrine that establishes “all the rights, liabilities and responsibilities contained in the contract only apply to the named parties or specified beneficiaries.”[ii] For those non-lawyers, privity is the right to exclude other unauthorized parties from the performance and benefit of a contract. For example, a homeowner enters into a contract with a general contractor for repairs. The general contractor may hire subcontractors to do some work, but if the homeowner is unsatisfied with the subcontractor’s work, he is generally unable to do so because he was only in privity of contract with the general contractor, not the subcontractors.[iii]
B. Privity of Smart Contracts
Smart contracts require a more robust version of traditional privity of contract, including limiting access to the terms of the contract from outside influence and restricting modification or infiltration of the underlying code. Privity should be envisioned much like a gated fence, one wants to control parties who have access inside the fence but still allow authorized parties inside. More precisely, privity relates to the privacy and confidentiality that contracting parties expect from an exclusive contract. Consequently, parties will not utilize smart contracts until the blockchain industry as a whole begins to understand the need of contracting parties for privacy and ensure secure code that acts as indelibly as ink and paper contracts.
II. Privacy vs. Confidentiality
Why aren’t smart contracts used for more complex transactions? The most cited critique is the lack of privacy and confidentiality because the entire code of a contract is publicly visible.[iv] Privacy and confidentiality are not preserved under a blockchain framework, therefore making traditional privity of contract nearly impossible. But why are privacy and confidentiality important for a contract and its parties? And what is the difference between the two concepts?
“The right of an individual to keep their information from being disclosed”
Privacy is the “right of an individual to keep [their] information from being disclosed.”[v] Each party to a contract reasonably expects a certain level of privacy — they don’t expect to see their signature and compensation amount splashed across a billboard on the highway — because they are signing a contract just with another party. Comparatively, smart contracts are open to the entire network to inspect (unless the parties disguise their identity to maintain privacy).
“Controlling who has access to sensitive information”
Confidentiality is a bit more complicated; it encompasses the actual information shared between the parties that they do not want unauthorized parties to have access to. Confidentiality is “about controlling who has access to sensitive information,” by delegating authority to access or modify the code the parties can secure the confidential information.[vi] In most smart contract codes, a set of permissions is encoded to restrict the ability to enter the contract to a set list of authorized parties.[vii]
Simply put, standard smart contracts are not confidential. “Everyone can access and see all the information that is sent to and stored in a smart contract,” including the parties involved and the amount being transferred.[viii] Smart contracts can be coded to include authorization mechanisms to prevent third parties from accessing the data within, but proper coding has been difficult thus far and has led to well-known hacks.[ix]
III. Securing Smart Contracts
The 2016 “DAO Hack” as it became known, was a wake-up call for the blockchain community and demonstrated one of the many dangers of smart contracts: human error. Despite the promise of automatically executed contracts hosted on a secure decentralized network, someone found a single error in the code, which had been written by another person, allowing them to steal millions in cryptocurrency. For those not well-acquainted with the blockchain world, “DAO” refers to the “decentralized autonomous organization,” a distributed smart contract which operated as a venture capital fund.[x]
The primary goal of privity, in terms of smart contracts, is to secure the terms and information of a smart contract from outside influence. At the moment, human error accounts for most security breaches of smart contracts. To prevent human error from causing irreparable harm, “smart contracts need to be constructed 100% right in one shot, able to withstand years of security attacks with code [one] can’t really modify.”[xi] To account for privity, smart contracts must be built free of human error and with the primary goal of excluding all non-authorized parties without fail.
IV. Maintaining Control
The second element of smart contract privity is maintaining control of the code. By restricting unauthorized third parties from modifying the coding, a smart contract remains in privity only to the authorized parties. Maintaining absolute control of the code can be a difficult task, though, when a code is stored and verified on a public ledger. Furthermore, once a code is “live” on the blockchain, it is irreversible, meaning there is no way to simply fix a mistake or update the code. In other words, the smart contract has to be perfect in its first iteration.[xii]
Maintaining control of the smart contract is essential. In the DAO Hack, the only remedy to correct for the mistake was creating a fork in the blockchain, effectively creating a “classic version” of the blockchain with the old code and a new fork without the coding error. This solution was not simple and likely cannot be replicated, meaning coders must initially ensure protections are in place to prevent infiltration. In order to maintain control over the code, privity is required as a foundational element of the coding and relationship between the parties to prevent access by third parties. Without privity through tight control, smart contracts are vulnerable to malicious parties.
V. Potential Solutions
Privity remains an issue for smart contracts due to the public nature of blockchain ledgers, continued attacks on the code underlying each smart contract, and the inability to maintain control of the contract. However, while some commentators have deemed smart contracts impossible to fully satisfy the need for privity, there are several proposed solutions that aim to make smart contracts more secure, confidential and viable for discrete transactions.
A. On-Chain Encryption
Several on-chain solutions have been identified to allow for privity by including greater privacy and confidentiality. Solutions such as cryptographic key definition functions (KDFs) generate a new “key” for each transaction rather than using the same key that can be traced to the holding party.[xiii] This allows for greater privacy, less transparency and more secure transactions.
Another on-chain solution is a confidential transaction (CT) protocol which encrypts the actual transaction amount being exchanged between the parties in order to obfuscate the transactions.[xiv] Without key portions of the transactions, it is difficult for a third party to determine what is being exchanged between the parties and how to exploit that information.
B. “Layered” Smart Contracts
Other proposed solutions are designed to “layer” encryption or withhold information on top of the base smart contract. These solutions utilize other layers of the contract either hosted off or on the blockchain to conceal the identity of the parties involved, but not the information needed for the nodes of the blockchain to execute the code. For instance, Hawk is a model of cryptography that couples a private contract, which parties and terms remain secret, with a public-version of the same contract that is then executed as usual.[xv] The private contract controls the payout to the respective parties, while the public smart contract contracts the exchange of the transaction and the recording of that transfer.[xvi] This allows the smart contract to operate efficiently on a distributed blockchain network while also keeping the parties’ information secure.
Security will always be a concern for parties utilizing smart contracts to automatically execute certain transactions. While blockchain technology represents a leap forward in how contracts can be handled between untrusting parties, smart contracts still have numerous issues to resolve before wide spread adopting, including privity. Tune in next week for the fourth and final article of this series, Part IV: Enforceability.
About the Author
Jared Arcari is a third year law student at Fordham University School of Law. Jared currently serves as the president of two student organizations, the Fordham Business & Law Association and the Entrepreneur Law Society. He is also a Notes & Articles Editor at the Fordham Journal of Corporate and Financial Law. When he isn’t writing about blockchain-related legal issues, Jared enjoys serving as a research assistant to prof. Bernice Grant researching entrepreneurial topics including non-compete alternatives and improving access to capital. To contact the author, please email him at email@example.com.
Any information contained in this post is for informational purposes only. The information, opinions and commentary contained herein does not constitute legal advice. It also does not constitute tax advice. This post is not a complete overview or analysis of the topics presented and may contain information that varies in different jurisdictions. The transmission of information to the reader does not create a lawyer-client relationship. The reader should not rely upon this post or treat it as a substitute for legal advice. The reader should consult a lawyer familiar with their particular circumstances and licensed in the proper jurisdiction for legal advice.
[i] Nick Szabo, Smart Contracts: Building Blocks for Digital Markets (1996), http://www.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/LOTwinterschool2006/szabo.best.vwh.net/smart_contracts_2.html (last visited July 10, 2018).
[ii] Paul Humbert, What You Need to Know about Privity of Contract, Contracting Excellent J. (Feb. 8, 2018), https://journal.iaccm.com/contracting-excellence-journal/-what-you-need-to-know-about-privity-of-contract.
[iii] See Logan-Baldwin vs. L.S.M. Gen. Contr., Inc., 942 N.Y.S. 2d 718 (N.Y. App. Div. 2012).
[iv] See Ahmed Kosba, Ander Miller, Charalampos Papamanthou, Elaine Shi & Zikai Wen, Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts, Inst. of Electrical & Electronic Engineers 839, 839 (2016) https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7546538.
[v] Seth Grimes, Privacy vs. Confidentiality vs. Anonymity: What you Need to Know (Apr. 14, 2017), https://breakthroughanalysis.com/2017/04/14/privacy-vs-confidentiality-vs-anonymity-who-knows/.
[vi] Michael Smolenski, Smart Contracts: Privacy vs. Confidentiality, Hackernoon (Oct. 14, 2017), https://hackernoon.com/smart-contracts-privacy-vs-confidentiality-645b6e9c6e5a.
[vii] See id.
[ix] See id.
[x] See Matthew Leising, The Ether Thief, Bloomberg LP (June 23, 2017), https://www.bloomberg.com/features/2017-the-ether-thief/.
[xi] A Short History of Smart Contract Hacks on Ethereum, New Alchemy (Feb. 7, 2018), https://medium.com/new-alchemy/a-short-history-of-smart-contract-hacks-on-ethereum-1a30020b5fd.
[xii] See Alyssa Hertig, Trust No One: Ethereum Smart Contract Security is Advancing, CoinDesk (Nov. 3, 2017), https://www.coindesk.com/paranoia-rules-ethereum-smart-contract-security-advancing/.
[xiii] See Stuart Popejoy, Confidentiality in Private Blockchain 2 (Aug. 2016), http://kadena.io/docs/Kadena-ConfidentialityWhitepaper-Aug2016.pdf.
[xiv] See id.
[xv] Kosba et. al., supra note iv, 2.
[xvi] See id.