• In a significant ruling with the potential to affect the digital-asset community, a federal district court in California recently ruled that decentralized autonomous organizations (“DAOs”), which are member-owned communities that maintain financial records and program rules on a blockchain, may be deemed general partnerships if certain indicia exist to support that finding.
• The court’s holding has the potential to render all DAO members jointly and severally liable for any claims against a DAO. Given that, DAO members should be mindful of the default business organization rules and appreciate the possibility of full liability.
• Founders and creators of DAOs should describe the purpose and features of a DAO carefully, as courts, regulatory agencies, and potential civil plaintiffs may use these statements as a basis for claims.
• Despite the recent federal court decision exposing DAO’s to full liability, states like Tennessee, Utah, and Wyoming have already enacted laws that limit liability for DAOs, and other states may soon take legislative action on the legal classification of DAOs.

A Southern District of California federal district court in Sarcuni v. bZx DAO held on March 27, 2023, that decentralized autonomous organizations (“DAOs”), which are member-owned communities that maintain financial records and program rules on a blockchain, may be deemed general partnerships if they meet the general legal criteria for such entities. If followed elsewhere, this decision could mean that simply owning a cryptocurrency token could create legal liability for holders and necessitate careful consideration by DAOs and regulators.

Background on the bZx Protocol

The bZx Protocol is a decentralized finance (DeFi) application that allows users to engage in cryptocurrency margin trading and lending through two products: (1) Fulcrum permits users to lend or trade on margin and (2) Torque permits users to make loans with fixed interest rates. The protocol supports three blockchains—Ethereum, Polygon, and BSC—so that users may select their preferred blockchain when the users are margin trading and lending on Fulcrum or when they are making fixed-interest-rate loans on Torque. bZeroX LLC, a limited liability company co-founded by Kyle Kistner and Tom Bean, controlled the bZx Protocol.¹

But, in August 2021, the bZx Protocol announced plans to transition control of the protocol from the LLC to bZx DAO, a decentralized autonomous organization tasked with “maintaining the protocol, building new products, marketing the brand, and managing the community.”² Anyone who held BZRX tokens—a cryptocurrency issued by bZx DAO—had the ability to suggest and vote on governance proposals, which the bZx Protocol would implement when a sufficient number of tokenholders casted their supporting votes.

Despite the bZx Protocol’s specific assurances about the security of users’ assets, a hacker successfully duped a bZx developer with a phishing attack in early November 2021.³ The hacker obtained the developer’s private key, which in turned allowed the hacker to steal approximately $55 million of cryptocurrency tokens held on the Polygon and BSC blockchains. (The protocol’s security features on Ethereum prevented the hacker from looting those assets.)⁴

In December 2021, the bZx Protocol encouraged users to switch from the bZx Protocol to the OOKI Protocol and encouraged bZx DAO members to exchange their BZRX tokens for OOKI tokens that would allow tokenholders to govern the OOKI DAO instead.⁵

The Class Action Lawsuit Against bZx

In Sarcuni v. bZx DAO, plaintiffs—a group of nineteen bZx Protocol users—filed a class action in the Southern District of California, alleging that seven defendants are jointly and severally liable for their negligence in failing to maintain the security of the bZx Protocol and for plaintiffs’ combined loss of $1.7 million from the hack. Plaintiffs argued that defendants owed a duty “to maintain the security of the funds deposited using the bZx Protocol” and that defendants breached this duty by failing to implement security measures that would have prevented the phishing attack.⁶ Assessing these claims, the court applied a six-factor special relationship test to determine that plaintiffs’ factual allegations supported a finding that defendants owed a duty of care and that they breached that duty.⁷

Plaintiffs premised their theory of joint and several liability on the argument that the bZx DAO is a general partnership, such that any member of the DAO—i.e., anyone who possesses BZRX governance tokens—may be held liable for the putative misdeeds of the entire DAO. The court found that the complaint sufficiently alleged facts suggesting that the bZx DAO is a general partnership. Four elements of the court’s reasoning here merit special comment.

First, the court noted that the California Corporations Code makes general partnerships a default rule. That means that absent any registration as an LLC or some other business organization, when two or more persons associate with one another as co-owners to carry on a business for profit, that association risks being classified as a general partnership under California law, regardless of whether the parties intended to form a partnership.⁸ Because bZx DAO failed to register as a specific business organization, say, an LLC, the default rule applied, in the court’s view.

Second, the court found that there were sufficient allegations to establish that BZRX tokenholders met the hallmarks of a general partnership, which include (1) the right of the purported partners to participate in the management of the business; (2) the sharing of profits and losses among the purported partners; and (3) contributions of money, property, or services by the purported partners to the partnership. Specifically, BZRX tokenholders participated in the management of bZx DAO through voting with BZRX tokens and had the option to share in bZx DAO profits by voting to distribute assets among themselves or by receiving interest-generating tokens.⁹

Third, the court took judicial notice of the Commodity Future Trading Commission’s order in another matter noting that the bZx Protocol liquidity pool’s assets were supplied by providers who, in exchange for the liquidity, received interest-generating tokens and BZRX tokens.¹⁰ The court’s reliance on this administrative order suggests that courts are willing to give some deference to—or at least accept guidance from—agency action, even when the agency is not a party to the proceeding and has not issued an order in the case at hand. It also shows that there exists growing interest among courts and regulators in how to classify DAOs and what legal obstacles DAOs may face.

Fourth, the court appeared especially critical of co-founder Kyle Kistner’s comments—cited twice in the opinion and once in the CFTC order—that bZx adopted the DAO to evade regulatory oversight.¹¹ The court admonished Kistner for these comments, noting that “[c]ourts do not countenance partnerships which attempt to afford all the advantages of commercial intercourse without corresponding liabilities . . . such evasion will be construed and enforced as a general partnership.”¹²

Potential Significance of the Court’s Ruling

The procedural posture of this case cautions against hasty inferences: On a motion to dismiss, the court is required to accept plaintiffs’ factual allegations as true and draw all reasonable inferences in the plaintiffs’ favor. Given this posture, we should be clear that the court has not said that DAOs are always general partnerships, but rather only that plaintiffs’ theory that DAOs are general partnerships (and thus DAO members may be jointly and severally liable) is plausible and deserves further judicial consideration.

Nevertheless, the court’s unwillingness to dismiss plaintiffs’ claims premised on DAOs being a general partnership has sent tremors through the cryptocurrency community, as it raises the specter that simply owning a certain token could create legal liability for holders.¹³ Crypto holders who may have been drawn to DAOs thinking they could “have their cake and eat it too,” that is, “have a company or partnership, but without corporate regulation” now fear that they may instead get the obligations of a general partnership without all of its benefits.¹⁴

To reduce their exposure, those associated with DAOs could take a few lessons from the bZx matter:

• Keep in mind that allowing tokenholders to participate in management or profits may be seen as evidence that the DAO is a general partnership.
• Be careful in statements about the purpose and features of the DAO; any public comment—or even private comment that can be subject to discovery—that the DAO was formed in an attempt to avoid legal liability could make it more likely that a court or regulator will view the DAO as a general partnership.
• Evaluate whether the DAO can take advantage of laws, like those in Tennessee, Utah, and Wyoming, that facilitate limited liability for DAOs.¹⁵
• Consider the benefits of other legal structures, such as limited liability companies or corporations, that may allow liability to be clearly defined.

All said, Sarcuni v. bZx DAO teaches that DAO members and other individuals operating in the cryptocurrency arena would do well to proactively address business organization issues and evaluate thoroughly the attendant liability risks.

1. Sarcuni v. bZx DAO, No. 22-cv-618-LAB-DEB, 2023 WL 2657633, at *1 (S.D. Cal. Mar. 27, 2023).
2. Id. at *7.
3. Id. at *6, *3.
4. Id. at *5.
5. Id. at *7.
6. Id. at *4.
7. Id. at *3–5.
8. See Cal. Corp. Code § 16202(a) (“[The] association of two or more persons to carry on as coowners a business for profit forms a partnership, whether or not the persons intend to form a partnership.”).
9. Sarcuni, 2023 WL 2657633, at *8–9.
10. Commodity Future Trading Commission’s Order Instituting Proceedings in In re bZeroX LLC; Tom Bean; and Kyle Kistner, CFTC No. 22-31, 2022 WL 4597664, at *2 (Sept. 22, 2022).
11. Sarcuni, 2023 WL 2657633, at *2, *9 (observing that Kistner stated in a public call that “what we’re going to do is take all the steps possible to make sure that when regulators ask us to comply, that we have nothing we can really do because we’ve given it all to the community [via the DAO]”); In re bZeroX LLC, 2022 WL 4597664, at *2 (same).
12. Sarcuni, 2023 WL 2657633, at *9 (citation omitted).
13. Sander Lutz, Are DAOs Dead? Judge Ruling in bZx Case Spells Trouble, Legal Experts Say, DECRYPT (Mar. 30, 2023), available at https://decrypt.co/124963/daos-judge-ruling-bzx-case-trouble.
14. Jon Southurst, DAOs Are Still Legal Partnerships, US Judge Rules in Stolen Assets Case, COINGEEK (March 28, 2023), available at https://coingeek.com/daos-are-still-legal-partnerships-us-judge-rules-in-stolen-assets-case/.
15. See, e.g., Tenn. Code Ann. § 48-250-101 et seq.; Utah Code Ann. § 48-5-101 et seq.; Wyo. Stat. Ann. § 17-31-101 et seq.