Do DAO Participants Know They Have Legal Exposure for Their DAO Participation?


Oct 11, 2022
post featured image

By: Moish E. Peltz, Esq. and Matthew E. Feinberg, Esq. with contributions from Chris Rivera

Decentralized Autonomous Organizations (DAOs) have evolved into a major part of the blockchain ecosystem and are continuing to make their way into the mainstream. The fundamental ideas of community-led management and transparency among DAO members have served as big attractions to groups that want to operate under a shared goal, with groups coordinating their efforts via blockchain smart contracts. Examples of these initiatives include funding blockchain projects, distributing art and even tackling climate change.

However, at least one DAO allegedly provides financial services (or decentralized finance a/k/a DeFi services) which more closely align with activities traditionally regulated by government authorities. A recent filing by the Commodity Futures Trading Commission (CFTC) against the “Ooki DAO” illuminates the issue. Importantly, the CFTC has now alleged that DAO members may be subject to legal exposure by exercising their governance rights for the first time.

What Happened?

Recently, the CFTC charged bZeroX, LLC (bZx Protocol creator) along with its founders, Tom Bean and Kyle Kistner, with the following:

  1. Illegally offering leveraged and margined retail commodity transaction in digital assets;
  2. Engaging in activities only registered futures commission merchants can perform; and
  3. Failing to adopt a customer identification program as part of the Bank Secrecy Act compliance program, as required of Futures Commission Merchants (FCMs) (ie. Know Your Customer / Anti-Money Laundering).

A settlement with those three parties has resulted in a CFTC Order which requires that the respondents cease and desist from further violations of the Commodity Exchange Act and CFTC regulations and pay a $250,000 civil monetary penalty.

In addition, the CFTC has simultaneously filed a federal civil enforcement action charging the Ooki DAO, bZx’s community-led successor, with the same violations. Ultimately, the CFTC seeks “restitution, disgorgement, civil monetary penalties, trading and registration bans, and injunctions against further violations of the CEA and CFTC regulations.”

These charges are based on the services that Ooki DAO (and formerly bZx) offers to its users and the DeFi community as a whole by maintaining the Ooki Protocol by voting its OOKI tokens. That is, (as alleged by the CFTC) the ability to “contribute collateral to open leveraged positions, whose ultimate value is determined by the price difference between the two virtual currencies from the time the position is established to the time it is closed, without third-party intermediaries taking custody of the digital assets”. The CFTC has deemed this DeFi activity as unlawful because it did not occur on a designated contract market and that, by soliciting and accepting orders for and entering into retail commodity transactions with users and accepting funds to margin these transactions, Ooki DAO is illegally operating as an unregistered FCM.

These claims of first impression are striking, including specifically: (1) the CFTC’s definition of the Ooki DAO; and (2) the method the CFTC used to put Ooki DAO members on notice of the lawsuit. Both of these legal theories demonstrate a wide range of legal risks for those that create DAOs or exercise their participation rights in a DAO’s governance.

How did the CFTC define the Ooki DAO?

The CFTC defined the Ooki DAO as an “unincorporated association comprised of holders of Ooki Tokens… who have voted those tokens to govern (e.g., to modify, operate, market, and take other actions with respect to) the Ooki Protocol.”

Given that the Ooki DAO does not appear to have any legal wrapper, yet controls the Ooki Protocol through the DAO voting its Ooki tokens, it is unsurprising that the CFTC is trying to categorize the DAO as an “unincorporated association.” Since the Ooki Protocol is governed by an autonomous smart contract, there is presumably no legal entity to force to take the actions demanded by the CFTC, except for the individual Ooki holders. This means that the CFTC is seeking to have the Court order the Ooki token holders to take these actions, and if a Court were to agree, any Ooki holder would presumably be personally liable.

This presumably applies to any holder of Ooki DAO tokens who voted on any governance proposal at any time (or at least during the relevant period of August 23, 2021 to present) would fall into this category. This definition appears to lose all sense of nuance, in that it does not require that a user vote during any particular time period (i.e. during the time period where alleged violations occurred), nor does it require that a user vote on any proposal directly related to the alleged CFTC violations. Presumably, even a user who voted against a proposal, and then sold their tokens in protest, could be included in this dragnet.

One interesting aspect about this definition is that it fails to rely upon any relevant case law. It cites zero court decisions, nor any CEA provisions that holds for-profit unincorporated association members personally liable for CEA or CFTC rule violations committed by the association based on their status as a member. Instead, the Commission has utilized one tort and two contract dispute cases in which private actors sought unpaid debts from the plaintiffs – both unrelated to the situation here. Another issue is that these cases were all decided under State law, not in a federal court. Thus, the CFTC seems to be imposing federal sanctions based on possible inapplicable State-law and legal theories without an indication from Congress that the CFTC should regulate in this manner.

What are the legal implications of this definition for DAO members?

By way of this definition, the CFTC has presented a wide range of legal implications for DAO members because the Commission has essentially created an unfair system of winners and losers with legal liability only being held to those who decided to actually participate in DAO governance (and not the DAO itself because it is not wrapped as a recognizable legal entity). This system is not only an inequitable distinction among members but it completely disincentivizes individuals to do what they set out to do – act as a community to further a shared goal.

From an even broader perspective, this approach presents many other legal issues. For example, let’s say XYZ DAO has been charged with CEA and CFTC rules violations for DAO conduct that took place over a 12-month period. Suppose that during the 12-month period token holder A casts a single vote on a governance proposal completely unrelated to the CEA and CFTC rule violations, while holder B does not. Following the CFTC’s definition, holder A, by voting on a random governance proposal, has become a member of the association and, very well unknowingly, has subjected themselves to CFTC sanctions for any violations committed by XYZ DAO. On the other hand, holder B, by failing to vote on the proposal might not be considered a member of the association, and thus, is more likely to be able to evade personal liability.

Ultimately, this broad distinction allows the CFTC to essentially pick and choose which holders can be held personally liable for the actions of a DAO and may lead to inequitable results for DAO participation.

Significantly, this approach may bring about issues of joint and several liability amongst DAO members. In principle, the idea of joint and several liability is based upon the premise that the defendants, within themselves, are capable of determining their individual shares of liability and damages owed to the plaintiff. In this process, in theory, the defendants internally should establish which members are liable and those that are not.

One issue with joint and several liability is that it can often lead to members, that had little or nothing to do with the purported violations, facing liability for the group as a whole. Further, if it is determined that the DAO, in its entirety, is liable and a single member does not make payment, the entire group may be responsible for the lack of funds from the other joint members. This often leads to members with more financial resources paying more than their fair share.

Another possible pitfall regarding joint and several liability is that the plaintiff may decide to seek recovery from any member of the DAO, no matter their level of culpability. This means that a single DAO member could potentially be sued and held liable for all of the DAOs violations, even if they had a low fault percentage.

Moreover, if only a single or small group of members are found to be liable, they may decide to seek legal action against the other members to make sure they contribute their share. In other words, if a single DAO member ends up bearing full liability, they can potentially sue the other DAO members to have the financial liability shared amongst the entire group.

How did the CFTC provide notice to Ooki DAO members?

The Commission put Ooki DAO members on notice by posting the complaint on an Online Forum that serves as a discussion board for DAO governance issues. In addition, the CFTC submitted the documents via a help chat box on a DAO-associated website. Due to the fact that these methods are far from the traditional legal standards of providing notice, the CFTC has asked the court to approve these methods as proper means of putting Ooki DAO members on notice about the lawsuit against them.

The CFTC claims that they took “extensive steps” to identify an individual that is authorized to accept the service of process on the DAO’s behalf and, alternatively, a physical location where the documents could be mailed to. With no avail, the CFTC argues that the methods they used were the most effective means. To support this argument, the CFTC points out that, at a minimum, there have been 38 messages discussing the complaint in the Ooki DAO’s Telegram Channel and that there have been at least 112 views of the CFTC’s complaint post on the DAO’s Online Forum. In addition, the complaint itself has been highly-publicized and has been discussed extensively on social media. For example, there have been over 1,000 tweets on Twitter.

By way of court order dated October 3, 2022, the court granted the CFTC’s motion, holding that service of process on the Ooki DAO may be made by providing a copy of the summons and complaint through the Ooki DAO’s Help Chat Box, with contemporaneous notice by posting in the Ooki DAO’s Online Forum. Further, the court reasoned that because the CFTC provided the documents in this manner on September 22, 2022, the CFTC effectively served the Ooki DAO on that date.

What are the legal implications for these methods of notice for DAO members?

From the outset, it seems like a natural evolution of the legal process for the CFTC to utilize these methods for the purpose of serving notice to members of a DAO that are facing a lawsuit. This is because DAO members are typically pseudonymous, and it would be difficult or potentially impossible to identify them in the physical world. To say that a bad actor should go free just because they cannot be identified would be something most people would disagree with. However, the Court’s approved method of notice presents various concerns.

Many of these concerns are identified and articulated in the Dissenting Statement of CFTC Commissioner Summer K. Mersinger.

Are you at risk of being affected by these issues?

Until further legislation is enacted and a more definitive precedent is determined to address whether the CFTC’s definition of Ooki DAO and their methods of notice are legally sound, members of other DAOs may be exposed to legal exposure in their respective capacity as a member of the DAO and/or in their personal capacity. In response:

  • DAOs should reevaluate their conduct and legal form (including consideration of a legal wrapper)
  • DAO participants should reconsider their participation in DAO governance and more fully consider whether to own their DAO governance tokens through an entity (which might provide additional liability protections, depending on the circumstance)

If you feel that you are or may be affected by these issues please contact us to further discuss your situation.

DISCLAIMER: This summary is not legal advice and does not create any attorney-client relationship. This summary does not provide a definitive legal opinion for any factual situation. Before the firm can provide legal advice or opinion to any person or entity, the specific facts at issue must be reviewed by the firm. Before an attorney-client relationship is formed, the firm must have a signed engagement letter with a client setting forth the Firm’s scope and terms of representation. The information contained herein is based upon the law at the time of publication.

Have Questions? Contact Us