[author: Mikaella Boniel, Summer Associate]
Unlike traditional corporate entities with a typical hierarchical structure, a decentralized autonomous organization (“DAO”) – a management structure that uses blockchain technology – functions as a leaderless entity. Without a formal corporate structure, DAOs instead operate by distributing governance rights among persons who hold a specific governance token. Consequently, federal and state courts have been grappling with how to consider a DAO under existing laws that were traditionally interpreted against long-standing corporate entities.
As discussed in a prior post, DAOs allow individuals to organize and coordinate at arms-length, and rely on code (a “protocol”) to govern and execute functions traditionally determined by governing documents, like operating agreements and articles of formation, and undertaken by executives. A DAO’s protocol is committed to a public ledger on a blockchain, which guarantees accessibility and transparency. Each member is granted governance rights – the ability to propose and approve initiatives, called proposals – through a governance token. In light of their unique makeup, DAOs lack centralized leadership and a typical top-down management structure.
Accordingly, parties have debated whether a DAO should be recognized as a general partnership under state corporation laws (i.e., N.Y. P’ship Law §10: “an association of two or more persons to carry on as co-owners a business for profit….”) or, in the case of the Commodity Futures Trading Commission’s (“CFTC”) Ooki DAO enforcement, whether a DAO could be deemed an “unincorporated association” under the Commodity Exchange Act (“CEA”). Following the filing of the CFTC’s enforcement action, it is not surprising that the structure of the Ooki DAO, and the CFTC’s enforcement action against the DAO itself, has garnered a lot of media attention and industry reaction, and has raised novel legal issues.
Several questions have arisen in recent years regarding the potential liability of DAO members:
- While DAOs are emerging as a viable structure in the DeFi space, does their non-traditional makeup necessarily shield them from real world liability?
- Does a DAO’s structure render its activities “enforcement proof” or, at the very least, difficult to effect traditional service of process upon?
- Can a DAO be an “unincorporated association” under federal or state law?
- Who should be liable for the decisions made by a DAO?
- Because token holders participate in the DAO’s governance, can they be deemed personally liable for its actions (akin to the general partners in a general partnership), even if each governance token holder is essentially unknown to the other DAO members, who likely reside in multiple jurisdictions?
In a prior post, we discussed a recent California district court decision that, at least at the motion to dismiss stage, determined that a DAO could be deemed a general partnership under state law (absent any underlying “legal wrapper” or other corporate formations or agreements to the contrary). That court ultimately ruled that anyone holding the appropriate DAO governance token at the relevant time could be jointly and severally liable for the torts of the DAO.
More recently, on June 9, 2023, the CFTC announced a development in its own action against a DAO and stated that it had obtained a default judgment against the Ooki DAO (which the CFTC alleged was operating a decentralized blockchain-based software protocol that functioned in a manner similar to a trading platform) for violating the CEA. (See CFTC v. Ooki DAO, No. 22-05416 (N.D. Cal. Order Granting Default Judgment June 8, 2023)). Prior proceedings in the case over service of process and related issues had attracted a lot of attention from various amici, as the court considered amicus briefs but still reaffirmed that service of process was proper against the DAO based on a finding that the CFTC sufficiently pleaded facts showing that Ooki DAO is an unincorporated association under California law, a ruling that was pivotal to the litigation. The latest ruling from the court granting a motion for default judgment could be considered the cherry on top.
As we outlined in a prior post, the Ooki DAO enforcement began in September 2022 with the CFTC instituting an action against its predecessor entity – bZeroX, LLC (“bZeroX”). In that action, the CFTC announced an order simultaneously filing and settling charges against bZeroX and its creators for illegally offering leveraged and margined retail commodity transactions in digital assets, operating as an unregistered futures commission merchant, and failing to conduct KYC on its customers. According to the CFTC, a month prior to this settlement announcement, bZeroX transferred control of the bZx Protocol to the bZx DAO, which later renamed itself as the Ooki DAO. Subsequently, the CFTC alleged that the creators of bZeroX transferred control to Ooki DAO in an attempt to evade regulatory oversight in an action against the DAO for violations of the CEA. The CFTC stated that bZeroX and its creators engaged in this alleged unlawful activity in connection with their decentralized blockchain-based software protocol that functioned in a manner similar to a trading platform. According to the CFTC, the transactions executed on bZeroX, and subsequently on the Ooki DAO, were required to take place on a registered designated contract market. Additionally, the complaint asserted that bZeroX and Ooki DAO were operating as unregistered futures commission merchants by soliciting and accepting orders from customers, accepting money or property as margin, and extending credit.
Order Affirming Alternative Service
As a case of first impression, the district court’s first major hurdle in the Ooki DAO case was to determine sufficiency of service. While a necessary initial requirement to commence a lawsuit is proper service, the CFTC claimed it could not find someone at Ooki DAO to accept service of its complaint because it had no physical address or publicly identifiable persons associated with it. To ensure the lawsuit was properly commenced, the CFTC filed a motion for alternative service, requesting that the court allow the CFTC to serve Ooki DAO “via the online mechanisms the Ooki DAO has created to allow itself to be contacted by the public,” namely a “Help Chat Box” and “an online discussion forum” on its website.
The critical questions in determining proper service were whether and how the DAO can be served, which required answering whether Ooki DAO had the capacity to be sued and whether it was properly served in that capacity (with the court noting that whether the DAO is subject to regulation under the CEA is a separate question that bears on the merits of the case). Notably, the CFTC alleged that Ooki DAO is an “unincorporated association” comprised of “Ooki Token Holders who have voted those tokens to govern the Ooki Protocol.” Back in October 2022, the court granted the CFTC’s motion to effectuate alternative service against Ooki DAO. In response, several organizations filed amicus briefs in support of Ooki DAO. In seeking reconsideration of the court’s order granting alternative service, various amici argued that Ooki DAO could neither be served nor be a defendant because: (1) Ooki DAO is a technology, not an entity; (2) it is not subject to enforcement under the CEA; and (3) it is not an “unincorporated association.”
In December 2022, the District Court for the Northern District of California ruled that Ooki DAO is an entity capable of being sued rather than merely being a technology. In making its determination, the court considered that when control of the software transitioned from bZeroX to Ooki DAO, control of Administrator Keys transitioned to Ooki DAO token holders. The court concluded that the CFTC’s choice to sue Ooki DAO as an entity for its use of Keys to control and govern the Protocol (rather than suing individual token holders) was merely a “litigation strategy.” Ultimately, the court held that, for purposes of their service motion, the CFTC sufficiently alleged that “Ooki DAO has the capacity to be sued [and served] as an unincorporated association under state law.” (CFTC v. Ooki DAO, No. 22-05416 (N.D. Cal. Dec. 20, 2022)). Thus, the CFTC properly served its complaint to Ooki DAO via its online forum and help chat box and complied with due process requirements. (note: the court previously ordered the CFTC to serve the founders of the bZeroX protocol who transferred control to Ooki DAO, as they were known Ooki DAO token holders, which the CFTC effectuated).
As previously discussed, Ooki DAO having the legal capacity to be sued does not automatically establish whether the DAO can be held liable as a “person” under the CEA. Rather, the looming issue of liability is a separate question that was finally addressed when the CFTC filed a motion for default judgment in June 2023. Following the CFTC’s proper service of process, Ooki DAO missed its January 2023 deadline to appear before the court. Judge Orrick was therefore tasked with assessing whether a DAO can be considered an association that is subject to liability under the CEA in order to grant the CFTC’s motion for a default judgment. His analysis centered on several factors, including the merits of the CFTC’s substantive claims and the sufficiency of the complaint. On a motion for default judgment, the court will assume that well-pleaded facts are true for the purposes of the motion.
With regard to Ooki DAO’s alleged CEA violations, the CFTC asserted that anyone who participated in a blockchain vote using a governance token was considered part of the unincorporated association and therefore liable for a judgment against it. Under the CEA, a “person” of an unincorporated association includes “individuals, associations, partnerships, corporations, and trusts.” The CEA makes it unlawful for any “person” to engage in activities that do not conform to its requirements. The CFTC alleged that Ooki DAO is an unincorporated association and therefore falls within the CEA’s definition of a “person,” which encompasses “association.” The CFTC’s action against the Ooki DAO thus implicitly argues that because token holders participated in the DAO’s governance, they could be personally liable for its actions.
Judge Orrick determined that the CFTC sufficiently pleaded facts showing that Ooki DAO is an unincorporated association under California and federal law, and that such definitions were not limited to service of process issues. As previously stated, the CEA assigns liability to “[a]ny person” who takes particular actions (7 U.S.C. § 13c(a)-(b)), and defines “person” to include “individuals, associations, partnerships, corporations, and trusts.” Accordingly, the court found that Ooki DAO can be held liable for violations of the CEA.
As to the merits of the CEA violations, the court concluded that the CFTC sufficiently pleaded facts that, assumed to be true, showed that the Ooki DAO engaged in unlawful off-exchange leveraged and margined retail commodity transactions, and that the “Ooki DAO, via the protocol, executed (or confirmed the execution of) contracts for the purchase and sale of commodity futures by controlling the Protocol and providing the platform and liquidity pool that allowed these transactions to occur.” The court also found that the CFTC’s complaint sufficiently pleaded that the Ooki DAO did not register as a futures commission merchant despite engaging in covered transactions under the CEA, and that the Ooki DAO did not facilitate KYC diligence or institute an anti-money laundering program, as required under the law.
The default judgment entered against Ooki DAO requires the DAO to, among other things, permanently shut down and pay a civil monetary penalty of $643,542.
This case garnered a lot of attention from many sectors within the crypto community, as DAO members, in particular, feared the possibility of being held liable for the actions of the DAO they are affiliated with. This, in turn, amplifies the perceived risks associated with participating in DAOs, which lack a structure specifically designed to safeguard their members from liability. To be sure, and as outlined in a prior post, DAOs may be an emerging web3 formation that presents a decentralized alternate structure for business and investment, yet it often makes prudential sense for such an entity to create a separate legal entity or “wrapper” to represent the DAO in off-chain activities and legal contracting, establish bank accounts, and manage the treasury, not to mention create a real-world legal structure that would generally insulate DAO members from personal liability for DAO affairs.
In the instant case, the CFTC was particularly concerned that the Ooki DAO token holders have been attempting to circumvent the law and erect serious obstacles to service of process by implementing a DAO structure that takes advantages of its decentralized nature. As a result, the founders of the Ooki DAO had seemingly attempted to use the DAO’s unsettled legal status to essentially immunize governance token holders from regulatory oversight. In what the CFTC termed Judge Orrick’s “precedent-setting decision” to grant the CFTC’s motion for a default judgment against Ooki DAO, the district court’s order will certainly be cited (and distinguished) in future cases against DAOs regarding issues of potential liability as an “unincorporated association.” We will have to wait to see the decision’s influence on future cases, particularly considering that the decision was an order on default judgment, as opposed to a contested litigation.