Thursday, August 1, 2024

More Cryptocurrency Gaslighting

SEC vs. Consensys
On 30th June Amy Castor and David Gerard reported that SEC sues Consensys over MetaMask Swaps and Staking:
The SEC is charging Consensys for unauthorized sales of securities through MetaMask Staking and for failure to register as a broker and a dealer while offering crypto trades and staking services through MetaMask Staking and Swaps. The SEC says that Consensys took $250 million in fees as an unregistered broker.

MetaMask is Consensys’ main money maker — a popular browser-based wallet that also lets you stake ETH and buy and sell crypto via decentralized exchanges with “swaps.”
Consensys' defense strategy poses potentially serious problems for the concept of open source, because they are gaslighting about the software that is the basis for the SEC's complaint being open source. Were the court to (a) fall for their gaslighting but (b) agree with the SEC's complaint it could provide a basis for imposing liability on open source developers.

I am afraid that the explanation for why this is so is necessarily rather long but I and others think that it needs to be understood. So stock up with supplies for the journey and follow me below the fold.

Before the House of Representatives Committee on House Financial Services Subcommittee on Digital Assets, Financial Technology, and Inclusion, William C. Hughes, Senior Counsel & Director of Global Regulatory Matters for Consensys testified thus:
Our firm develops and offers the most popular unhosted wallet software in digital assets, the MetaMask wallet. This offering is open source software that can be downloaded for free from the Apple app or Google extension store, and installed on any Google Chrome browser, iPhone, or Apple desktop computer. The wallet is an interface that allows the user to read and write to the blockchain without any intermediary’s help, akin to how a web browser is a consumer’s direct connection to the open web.
Why was Hughes stressing that the MetaMask wallet was open-source? Consensys responded to the suit by claiming that MetaMask was just software that they wrote:
We are confident in our position that the SEC has not been granted authority to regulate software interfaces like MetaMask.
Consensys claims that their software is open source:
Consensys is a leading Ethereum and decentralized protocols software company. We enable developers, enterprises, and people worldwide to build next-generation applications, launch modern financial infrastructure, and access the decentralized web. ... On this trusted, open source foundation, we are building the digital economy of tomorrow.
Specifically including MetaMask:
Build your dapp using the same infrastructure and APIs powering web3's most popular open-source wallet.
It is true that MetaMask's wallet was originally truly open source, under the MIT license. But as of 4 years ago, the license changed to a Consensys-specific license that prevents commercial use if it serves more than 10K users/month. So in this post "open source" means readable, it does not mean the canonical definition of Free Open Source Software.

But notice Consensys' focus on the wallet software. That is not what the SEC is suing them about. The SEC's complaint is about the services MetaMask provides customers who use the wallet. Consensys' strategy is to conflate the wallet and the services, and claim that all the wallet does is interface to the blockchain.

Lets use an analogy to see why this distinction is important. When I use an open-source browser to access a financial institution's website, such as Vanguard's it receives a bunch of HTML and JavaScript. It isn't technically open source because it doesn't carry an open source copyright license, but I can read it. But it doesn't implement any of the services Vanguard offers me, such as trading mutual funds and transferring dollars to or from my bank account. These are implemented as closed-source, the browser under control of Vanguard's HTML and JavaScript is just a wrapper around them.

Consensys seems to claim that because the "smart contracts" implementing these services are just open source software they do not control and in whose operations they are not involved, they are not acting as a broker because they don't take custody of the customer's tokens.

I should pick a nit. I've written before, for example in Blockchain Gaslighting and More Cryptocurrency Gaslighting, about the crypto-bros habit of loudly and repeatedly making provably false statements in the hope that no-one will bother to check them. This post is, strictly speaking, not about gaslighting because the repeated statements are technically true, but they are intended to be interpreted in a broader context in which they are false.

The reason Consensys' statements are technically true is that the wallet functionality is open source, at least in the sense that it can be read. But, a couple of weeks ago, Jon Reiter and the team at Chainargos came out with a three-part series examining how MetaMask's services actually work that reveals the lie underlying Consensys' arguments:
  1. How MetaMask Swap Really Works uses Etherscan and Sim explorer to trace a single MetaMask swap transaction.
  2. How MetaMask Staking Really Works examines four different staking staking contracts and uses the same techniques to follow a transaction from one of them. It also discusses how one part of MetaMask Bridge works.
  3. How MetaMask Bridge Really Works covers the rest of MetaMask Bridge's functionality, again including a sample transaction.
In each case the structure of the transaction is basically the same. For the details you should read the three posts, but to oversimplify:
  • The customer's wallet invokes a function, for example MetaMask:Swap Router.swap(), on one of MetaMask's open source contracts. The call parameters identify a specific contract, which in the swap case MetaMask calls the "aggregator" and Chainargos calls the "execution strategy":
    It is the algorithm that the user told their broker to use to execute this order
    These contracts are closed-source, owned and controlled by Consensys. Part of their function is to transfer the fees for executing the transaction to a Consensys wallet.
  • The open-source function validates inputs, identifies the "adapter" that implements the requested algorithm, and formats a block of parameters with which to invoke it.
  • The open-source function transfers control of the customer's tokens to a MetaMask contract. In the case of MetaMask Swap this is an open-source contract, in other cases it is an upgradeable or closed-source contract.
  • That contract invokes the closed-source, MetaMask owned adapter contract with the encoded parameters.
  • The adapter performs the transaction, returning the proceeds to the customer after subtracting the fee, which it sends to the Consensys wallet.
Note first that the actual algorithm performing the transaction is closed-source, MetaMask's open-source software simply provides the wrapper exposed to the customer. And second that in each case a closed-source MetaMask contract takes control of the customer's tokens in order to perform the requested transaction. In some cases even the open-source contract is upgradeable, meaning that MetaMask can change what it does on a whim. In some cases the contracts have functions such as pause() demonstrating MetaMask's control over their operation. At minimum, MetaMask needs this control to ensure that the fees for the transaction are routed to their wallet.

Chainargos concludes that this workflow looks similar to the way a broker works:
  1. User enters order including an execution strategy.
  2. This order is sent to an order router.
  3. Router looks up the execution adapter for that strategy.
  4. Router sends the tokens intended to be sold, the adapter address, and the incoming order details to a spender contract.
  5. Spender delegates control over the received tokens as required for order execution.
  6. Spender calls a closed-source contract which effects the execution strategy.
  7. Fees are sent from Spender to the “MetaMask Fee Complex”.
  8. Sale proceeds are returned to the user.
And they point out that:
that steps 4, 5, and 6 look an awful lot like the concepts of “transmittal order” and “transmittal of funds” from here.
"Here" is the Financial Crimes Enforcement Network's Definitions of Transmittal of Funds and Funds Transfer.

The parts of MetaMask that provide services for which Consensys gets fees cannot be open source in the sense of readable. If they were, anyone could copy them, modify them to direct the fees to themselves, and deploy the result. This would kill off Consensys' $250M cash cow. Consensys has a belt-and-braces moat; if they did they would run into the 10K users/month limit of the license for the open source parts of the system. Note that the license appears to relate only to the open source parts, it isn't clear under what terms the closed source parts are used.

Source
The last of the three Chainargos posts was published July 15th, and on July 17th a brand-new blog appeared whose first post was Examining SEC v. Consensys by Daniel Barabander. He is Deputy General Counsel at the cryptocurrency VC Variant, so not an unbiased observer. Early in the post, in the table at the right, Barabander simply asserts that Consensys' technology is non-custodial, i.e. that MetaMask does not take custody of the customer's tokens.

How can Barabander make this assertion when it is clear that MetaMask's Spender delegates control over the customer's tokens and then invokes MetaMask's closed-source execution strategy? He relies on the fact that the transaction is atomic, it either succeeds completely, or it fails completely. He writes:
Assuming the adapters are not malicious (which would be another issue entirely), their job is to enable a user to perform an atomic swap—in a single transaction take token A and exchange it for token B. This would mean that transactions are "all or nothing"—either the tokens are swapped or they are not, they cannot end up in possession of the Spender.sol contract or Consensys
If the transaction succeeds, some of the tokens involved end up in possession of Consensys, because they get the fee. But that is not the big problem with this claim. It is true that the transaction either succeeds or fails completely, but what the transaction does with the control it is delegated over the customer's tokens is determined by MetaMask's closed-source adapters. The customer hands control to MetaMask's closed-source code and blindly trusts it will do what MetaMask claims. Barabander admits that this is the case when he assumes that "the adapters are not malicious".

Chainargos points out that:
If you can publish adapters, call setAdapter on the router and modify the input “data” blob you can do anything you like.

Even if you only have some of that power you can do pretty much anything you like with the input tokens.
As I understand it, only MetaMask can do these things. Barabander admits:
While there is some admin functionality on the smart contract for a multi-sig that Consensys may control, there is no evidence to suggest the company actively operates the smart contract’s code.
Chainargos posted a response to Barabander entitled In Re: Examining SEC v. Consensys. They note that the contract has a renounceOwnership() function that Consensys has not called, there are pauseSwaps() and unpauseSwaps() for use when the contract gets hacked, and that the admin functionality has to be used to set up the adapter mapping.

Consensys vs. SEC
In an attempt to preempt the SEC's suit, Consensys had already sued the SEC in the Northern District of Texas. In their complaint they state (my emphasis):
MetaMask is simply an interface — like a web browser — that allows digital asset holders to seamlessly interact with the Ethereum network, including all other users and applications participating on the network. MetaMask neither holds customers’ digital assets nor carries out any transaction functions.
It is a little strange to say that MetaMask the wallet doesn't hold customer's digital assets - what is a "wallet" for? But the MetaMask wallet is unhosted, Consensys doesn't hold customer's digital assets in MetaMask wallets. But Consensys' services accessed via the wallet do take control of them using closed-source "smart contracts" that they control.

It is possible that the court will decide that Consensys is acting as a broker, but will accept their assertion that the software they use to do it is open source. This would be a problem, in that it could be a precedent for assigning liability to the developers of open source software.

1 comment:

  1. I guess a question is whether this is forced teaming (trying to rope in some OSS advocates on their side), or an attempt to gish gallop with irrelevant facts.

    "unauthorized sales of securities"

    "failure to register as a broker and a dealer while offering crypto trades and staking services"

    Are these true of Consensys? Then it doesn't matter the particular nature of the vehicle used to do these unauthorized sales or actions of both a broker and dealer.

    The only way it would matter is if this nitpicking results in the suit being dismissed, but allowing for an amended complaint to be refilled. And if the lack of discussion in the mechanism of these imputed unlawful actions by Consensys (i.e. Metamask Staking and Swaps) results in a final dismissal. Do the laws require particular mechanics that Consensys could weasel around with this "open source" sophistry?

    It's not as if people use third parties (their banks) as intermediaries in money transfer. This doesn't suddenly resolve the first and second parties of any wrongdoing involving said money transfers. I would be surprised if the securities and broker/dealer laws has such exceptions.

    ReplyDelete