Bitcoin Legal Experts: nChain SegWit Criticisms Are Flawed

An evaluation of the possible legal risks of a bitcoin protocol change written by startup nChain has been criticised by industry legal experts.

AccessTimeIconJun 28, 2017 at 1:50 p.m. UTC
Updated Sep 11, 2021 at 1:29 p.m. UTC

An effort by stealth bitcoin startup nChain to raise awareness of supposed issues with code that would boost the capacity of the distributed payments network is coming under fire.

Following its publication yesterday, legal experts raised concerns about a view put forward in a CoinDesk opinion article by nChain legal officer Jimmy Nguyen that asserted the upgrade, called Segregated Witness, could face problems under US electronic signature law if activated on the network.

Nguyen's criticisms fly in the face of what has emerged as broad support for the network optimization, which has been largely embraced by the network's developers, miners and startups as a pragmatic step forward, though the specifics on how it should be enacted vary.

Analysts went so far as to question the motives of the commentary, suggesting that they showed a lack of understanding about how the bitcoin protocol functions today, as well as the functionality it is intended to provide.

Chief among the critics were lawyers versed on the intricacies of blockchain law in the US.

Marco Santori, a fintech lawyer who leads the blockchain tech team at Cooley LLP, for example, took issue with what he argued was the confused framing of the allegation.

Santori told CoinDesk:

"It took the concept of what is a legal contract, and took the position that if you have a blockchain signature it has something to do with a legal contract."

Stephen Palley, counsel at Washington, DC, law firm Anderson Kill, remarked similarly that the argument perhaps put too much weight on the idea that the "signatures" involved in executing transactions on the bitcoin blockchain were or should be equivalent to signatures used in digital documents.

"It elides the distinction between signature and witness data and a digital signature, and they're two different things," Palley said.

The comments come at a time when nChain is beginning to open up about its larger strategy after raising what it claims (but has yet to prove) is the most funding ever for an industry startup. nChain was sold to private investors in April, and is allegedly staffing up in advance of the launch of an alternative bitcoin software implementation, a move that would find it competing with Bitcoin Core's established software.

Adding to the narrative is that nChain employs controversial developer Craig Wright, an Australian native who once claimed to be bitcoin creator Satoshi Nakamoto only to retract that claim amid scrutiny. He has not since provided proof to satisfy the claim.

Technological underpinnings

One of the core critiques of the piece, however, pertains to its understanding of how the network would handle "witness data", or the cryptography that proves unspent bitcoins are able to be sent to another party.

At issue is that under Segregated Witness, nodes running this version of the software would send transactions and blocks in a new format, meaning transactions would be cryptographically linked differently than they are today. One merkle tree would be used to record the data, while another would include data and a signature. Nodes receiving blocks in the older format, by not upgrading to Segregated Witness, would not receive the witness data.

But even without receiving this data, technologists argue users would still be able to prove that the transactions were confirmed, and that they contained the correct signatures, if desired. Should they require it for business reasons, the argument is that not running a SegWit-enabled node would be impractical.

Even assuming the argument that digital signatures need to be stored by the network itself to prove the legal validity of the transfer, technologists argued this could be satisfied by other means – namely, the proper storage of this data by the companies involved.

"There are other ways to cryptographically prove a transaction is correctly signed other than having a full node," said BitGo engineer Jameson Lopp. "The assumption that if a transaction is in the blockchain, it's probably valid, is a fairly good guarantee."

Legal experts asserted that, because of this design, it's possible to prove that the transaction occurred between parties, even if those involved did not store signatures.

For this reason, Coin Center director Jerry Brito argued that nChain is overstating the issues that would arise from the absence of this data.

"If you have one-time proof that you have the bitcoin, if you don't have it and I have it, logically it was signed over to me. As long as somebody in the world keeps the signature data and it's accessible, it's fine," he said.

Florida lawyer Drew Hinkes went so far as to call the argument "sound and fury" that would have limited impact on the network, even if bitcoin transactions were applied to contracts.

"If the transaction made it on the blockchain, didn't it already have provably correct enforceable signatures that the two transacting parties can both keep?" he asked.

Question of intent

In remarks on Twitter, bitcoin legal specialist Patrick Murck expanded on the argument, honing in on nChain's claims this would be a problem perhaps only in instances where parties used the bitcoin blockchain as a way to establish legal contracts.

The nChain article states: "Years later, if you want to prove that you signed (or did not sign) a specific contract, you could find the signature block identifier, but you may not able to retrieve the physical signature block itself."

Here, Murck argued that, discounting the technical reasoning, the claim conflates bitcoin's signatures with the legal intent to execute a contract, which he argued isn't true.

Santori went on to suggest that the technological change wouldn't have any impact on startups seeking to use the blockchain to prove that something occurred for this reason.

"E-sign law is talking about human assent to particular contractual terms. Just because cryptographers call this a signature, doesn't mean it's an assent to terms," he said.

Lawyers queried also stressed that just because the word "signature" is used to define this process, that shouldn't mean it is captured under related law. As such, they pointed to a larger problem in the blockchain industry in which newcomers may equate the words used to express a concept incorrectly with other ideas.

"Calling something signature data, and assuming because it's signature data, it's a legal signature," Palley said. "That may be the logical flaw here."

Representatives for nChain in response indicated that they "stand by" the article and welcome the debate that it has created.

"[We feel] this opinion piece is reasonable and it certainly does not misconstrue the law in any way," the company said, though it declined further engagement.

Disclosure: CoinDesk is a subsidiary of Digital Currency Group (DCG), which helped organize the SegWit2x proposal, which would include the SegWit upgrade. Additionally, DCG has an ownership stake in BitGo.

Magnifying glass image via Shutterstock


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.