Legal analysis of the governed blockchain



Publication June 2018


  • A governed blockchain adds a Constitution to a permissionless blockchain
  • Each transaction on a governed blockchain includes a hashed reference to the Constitution
  • The Constitution takes effect legally as a series of private consensual arrangements involving different subsets of the community

A governed blockchain has the potential to resolve many of the legal uncertainties that may inhibit widespread adoption of distributed ledger technology in commerce and finance. However, the form of governance must not itself raise new intractable issues and a precise but flexible dispute resolution mechanism will be crucial to its success.

A governed blockchain has a Constitution. This is meant to be more than a statement of lofty aspirations – it should have some legal effect and be enforceable. Although a Constitution is – in legal terms – a private agreement, it may purport to contain obligations of a quasi-public as well as private nature, so that its analysis does not fit easily into pre-existing categories. Crucially, it should bind blockchain participants to a binding arbitration mechanism. To achieve these aims, a Constitution must:

    • create a legally binding contract;
    • allow others to enforce the terms of that contract; and
    • bind parties to an arbitration mechanism in that contract.

Whether a Constitution succeeds in these aims will depend on many factors, including its terms and the governing law that is chosen for it. In this paper, we address the issues that any governing law will consider and identify some legal subtleties of a governed blockchain Constitution that will arise in any governing law.

This is necessarily a predictive, even speculative, analysis. The most developed expression of blockchain governance, EOS, based on EOS.IO software, launched in early June 2018. It is designed to create three bases of power: firstly, block producers who maintain the chain; secondly, the community who vote on changes to the set of block producers and constitution; and thirdly, a forum for dispute resolution.

Our analysis will inevitably evolve after the launch, as we watch the chain emerge and practice its trade. Yet, as with all ventures based on prior agreement on a set of rules, much value rides on getting it right initially and mistakes can be hard to fix. Accordingly, we present here an a priori legal analysis of the governed blockchain, in which we seek to show that effective governance can be achieved by interpreting the Constitution as a series of private consensual agreements involving different but overlapping groups of users.

For analysis of blockchain disputes generally, we refer to the forthcoming chapter Blockchain Disputes: Risks and Resolutions in Unlocking the Blockchain, which will be available here and, for a description of the EOS.IO design, see (Grigg, 2017), (, 2017).

What is a governed blockchain?

Blockchains have traditionally come in two flavours: permissionless and permissioned (Swanson, 2015). In a permissionless blockchain, anyone can join the network by creating a public/private key and submitting transactions to the network in accordance with the protocol. In a permissioned network, only identified nodes are permitted to submit transactions to the network or to take part in building the distributed consensus or adding to the blockchain. These nodes have generally undergone some form of validation independent of the blockchain before being allowed to join as users or block producers (e.g. miners) and there is generally an administrator with "super-user" powers over the blockchain (that is, the ability to amend or override the consensus mechanism or insert arbitrary transactions).

A governed blockchain adds a Constitution to a permissionless blockchain (see (, 2017)). Although it allows anyone to take part, there is built into the protocol a requirement for transactions to contain a reference (in the form of a hash) to a separate document: the Constitution. Only transactions that contain a reference to the Constitution will be incorporated into the blockchain.

Methods built into the Constitution might allow it to change over time. New transactions will refer to the current Constitution; previous ones will refer to older Constitutions. Block producers will have flexibility as to whether to accept changes to the Constitution. One mechanism for voting on Constitutional changes is simply consensual adoption by the community – in this way, much of the effect of a fork could be built in to the constitutional framework. For further details, see “JAC: the JAC Amendable Constitution” below.

Governed blockchains will occupy a spectrum from ostensibly permissionless blockchains that nevertheless contain significant barriers to entry managed by central administrators to genuinely open platforms with community governance and evolution. In this paper, we focus on the idealised governed blockchain at the open end of the spectrum, but the issues raised apply, to varying degrees, across the spectrum.

We identify the following parties:

  • the User : the specific user who posts a transaction to the blockchain containing a hashed reference to the Constitution
  • the Counterparty : another individual who has entered into an arrangement with the User of which the posted transaction forms a part. The rest of the arrangement may consist of other transactions posted to the blockchain, or a smart contract or obligations to be carried out off the blockchain. For instance, the User buys something to be paid for using cryptocurrency recorded on the blockchain and the Counterparty is the seller transferring the physical object and receiving the cryptocurrency.
  • the Block Producer : the block producer who incorporates the transaction posted by the User into the blockchain.
  • The dApp Provider and the end-user : creator of a distributed application on the blockchain. The dApp Provider and a user of the application may be a User and Counterparty if they interact directly on the blockchain. Alternatively, the dApp Provider may be an intermediary, posting directly on the blockchain itself as a User, but insulating its own users from any interaction with the blockchain.

What is the legal effect of a governed blockchain?

Assume a transaction contains a reference to a Constitution – does this have any legal effect? Is it any different to including a reference to Bitcoin: A Peer-to-peer electronic cash system by Satoshi Nakamoto or to the US constitution? In fact, in most legal systems, the reference to a Constitution will have legal effects. The key to understanding these effects – and how they differ from the sort of constitution that might underlie a country – is that the Constitution, at least initially, will be seen purely as a private agreement between parties. It will be subject to the area of law dealing with consensual agreements. The quasi-public effectiveness of the Constitution will be limited by its nature as a creation of private contract law – see “Civil and Criminal” below.

Constitution as contract

Our goal is to ensure that the Constitution works. This happens at three levels: it will take effect automatically as a smart contract (R3 & Norton Rose Fulbright, 2016), it will be supported by the community, and it will be enforced by the courts (see Figure 1).

Legal analysis of the Governed Blockchain - Figure 1 

Figure 1 – the inverted apex effect on the courts in strengthening contracts

For court intervention to operate smoothly, the Constitution should contain certain classical elements such as governing law and jurisdiction clauses and clearly set out the User’s obligations and rights (we discuss below in more detail why these clauses are necessary). Assuming these conditions are satisfied, it is likely that the Constitution would be interpreted as a contract binding on the User and other parties, although there are some technicalities, also considered below.

Forming a contract

To be legally enforceable, the parties must agree to enter into a contract. This is generally characterised as a process of offer and acceptance. For the Constitution to be effective as a contract, it must fit within the offer and acceptance paradigm.

The key act is the posting of the transaction containing the reference to the hashed Constitution. Although posting to a blockchain a hash of a document in a message secured by a private key (that is, digitally signed) is an unusual means of specifying the terms of a contract – a manuscript signature is the normal method – there is no reason in principle why it cannot work and, indeed, it appears to specify the exact terms clearly and unambiguously. This is the idea behind the so-called Ricardian contract and, indeed, the Constitution will – among other things – be a Ricardian contract.

Where membership is less open, posting a transaction may not be a User’s first interaction with the community. In this case, there may be scope for a User to undertake the obligations of the Constitution by entering into an explicit formal agreement using established non-blockchain norms. The feasibility of this approach will depend on the details of the blockchain – in this paper, we restrict discussion to the idealised open governed blockchain. In any case, whether the Constitution is entered into offline or using the blockchain techniques discussed here, to ensure practical enforcement by the community, evidence of offer and acceptance should be sufficiently certain and accessible, which strongly suggests that those elements be preserved on the blockchain.

Posting a transaction is an act by a single person – it cannot constitute both offer and acceptance. There must be at least one other act by another person to form a contract. This is vital for the enforceability of the Constitution. In general, only other parties to a contract can enforce that contract (in fact there are limited exceptions that allow third parties to enforce contractual obligations in many legal systems, but only if there is a contract binding on its parties ). So, if somebody undertakes an obligation in a contract but no interested person is party to that contract, it becomes effectively unenforceable.

In practice, a single posting on the blockchain may lead to a contract in a number of different ways:

  • A posting by a User may be an offer accepted by a Counterparty posting its own transaction, leading to the formation of a bilateral contract between them, perhaps also partly constituted in a smart contract. In this way, a transaction between a User and Counterparty would incorporate the Constitution.
  • Alternatively, the Counterparty could accept the offer by performing an act other than posting on the blockchain, such as transferring an asset or cash. This would also constitute a bilateral contract incorporating the Constitution.
  • A posting by a User may be a unilateral offer to abide by the Constitution accepted by a Block Producer adding the transaction to the blockchain. This would create a contract between that User and that Block Producer. If the Block Producer is acting as agent for all Block Producers or a wider group of market participants, there may be a multilateral contract between them all. However, as most legal systems have a principle that an agency can only be established by an act of the principal rather than the agent, the agency may need to be set out other than in the Constitution itself.
  • Previous acts such as postings by other Users and creation of blocks by Block Producers might constitute an offer that is accepted by the User posting on the blockchain. This might be mediated by software which presents the Constitution to a potential new User and posts a transaction on the blockchain when they indicate acceptance of it. This contract could involve multiple parties.
  • As the blockchain becomes more established, it may establish a community with social conventions as to the acceptance of the Constitution. These background facts may be sufficient for a posting by a User to bind it to a contract with other members of the community that includes the Constitution.

As governed blockchains develop, all of these methods and others will be used to bind participants to a Constitution. Essentially, a Constitution will not be a single arrangement, but a series of private consensual arrangements involving possibly different groups of people. Replicating the universal effectiveness of a public agreement will need a multiplicity of private agreements – a patchwork that will ensure that all obligations can be enforced against all participants.

Offer and acceptance alone is not sufficient to constitute a legally enforceable contract. Most legal systems require some additional element to show that a party to an agreement should be able to call on the courts to enforce it. This additional element might include consideration – a mutual benefit bargained for between the parties, that the agreement concerns a commercial or legal object, or that the parties to it have an intention to create legal relations. Whether submitting the transaction including a hash to a Constitution satisfies this additional requirement will depend on the complete factual background behind the transaction.

For instance, take the requirement to show that the parties have an intention to create legal relations. The User is likely to interact with the blockchain via software that presents a graphical user interface. An intention to create legal relations must be inferred from the User’s interaction with this interface, not just the content that is posted to the blockchain. The User may click a button or check a tickbox which triggers software to post a transaction that includes a hash to the Constitution.

This raises two issues. First, is the wording on the button sufficient to demonstrate an intention to create legal relations? Without a consistent standard, this will be a factual question that depends on the details of each piece of software used to access the blockchain. And this issue applies not just to the Constitution but to every agreement concluded using the blockchain. A solution to this may be for a consistent mode of expressing agreement to be mandated for all software included in the blockchain. This would ideally be included in the Constitution itself – solving the problem for the Constitution and for all agreements concluded on the blockchain.

Second, does inclusion of the hash within a transaction posted to the blockchain generally show intention to undertake a legal obligation? If so, then this suggests that the User has that intention in a particular case. There are certain ways the Constitution itself can be drafted so as to maximise the chance that it is seen as legally binding, such as by explicit statements that it constitutes the terms of a contractual relationship, including details of how it may be accepted, and the inclusion of governing law, jurisdiction and dispute resolution clauses. In effect, this would contractually mandate the acceptance of digital signatures on the blockchain, mitigating any limitations on digital signatures in local laws.

Irrespective of the precise additional requirement to demonstrate legal effectiveness, any Constitution has a starting point at which it is just a document. How does it come to be seen as a legally binding agreement for an entire community? That is likely to take a certain amount of bootstrapping: an originating community demonstrates its commitment to the Constitution to new participants, in much the same way that a community assertion of trust in a cryptocurrency starts with a few early adopters and ultimately becomes self-fulfilling when this fosters acceptance by the wider community.

Expressing the Constitution within the blockchain software is a key resource to assist this process, but it is also a social phenomenon. New members of the community do not enter in isolation, they do so through a social process. That social process can be seen as the foundation for establishing the intent to be bound by the Constitution. For example, an existing member of the community may report to the blockchain witnessing the manifestation of the intent of the new member. In this way, the Constitution may gradually take on the form of a real, public constitution – like a state or municipal constitution that evolved from agreement among members of a local community.

What rights and obligations are in a Constitution?

We have seen that it is not straightforward to determine the extent to which a Constitution is legally binding and who can enforce it. Assume, however, that the User has submitted a transaction that contains a reference to the Constitution and that this constitutes a legally enforceable contract and that the counterparties to this contract include the Counterparty, the Block Producer, other block producers and other users of the blockchain. Even with all these assumptions, it is not clear how certain obligations in the Constitution are to be enforced.

The Constitution is, from a legal perspective, a private contract enforced by the law of consensual obligations but, from a social or technological perspective, a public statement of general rights and obligations to the community as a whole. Communal obligations based on moral precepts do exist in modern legal systems, but they have generally evolved from being enforced by individuals to being enforced by the state using criminal law principles. We shall see below that enforcement of some obligations of the Constitution is analogous to enforcement of the criminal law in a primitive legal system without a developed role for the state. The closest analogy in developed legal systems is membership of a private club with multiple participants – these are often considered as quasi-public relationships that have some private and some public characteristics.

We consider several types of obligation in turn to highlight the issues that may arise.

Governing law

The governed blockchain allows parties to exchange binding promises that will execute automatically without the interference of the courts. So why is there a need to include a governing law clause in any agreement? In fact, somewhat counterintuitively, if parties want to minimise national laws impinging on their agreement, it is essential for them to include a governing law clause. Otherwise, in the event of a dispute over a binding agreement, courts (or arbitrators) will simply decide for themselves what the governing law of the agreement should be and then proceed to apply that law to the agreement.

Not all governing laws are the same. Some will generally respect the choices of the parties and seek to interpret the agreement in accordance with their intentions. Others will not: they may incorporate additional rules – such as consumer protection – or annul certain obligations – such as payment of interest. Parties that value freedom to create their own agreements must ensure that the law that governs their agreement is one of those that is commercial and aims to ‘get out of the way’ rather than one of those that takes a paternalistic approach.

The distributed, cross-border nature of the blockchain makes it difficult to predict what governing law would be chosen for a particular contract or for the Constitution. Parties would have to consider every rule in every paternalistic system of law that might be applied to their contract. Fortunately, there is a simple solution. Parties can make an express choice of governing law in their contract. In most courts, a choice of governing law in a contract is respected and will be given effect, even when it is the governing law of a country other than that where the court is situated. By expressly choosing a predictable, commercial law to govern their contract, parties can avoid a governing law that interferes with their rights and obligations.

At first, it appears that there is a problem in deciding whether the governing law clause works: what system of law do you apply to determine that question? (In computing terms, this would be characterised as a ‘bootstrapping’ issue.) However, most legal systems – including all those in the EU – have adopted a practical solution to this question. A purported choice of governing law is used to determine whether that choice of governing law is binding. So, for instance, if the Constitution contains an express choice of English law, then English law principles will be used to decide whether it constitutes a binding contract – including the governing law clause. This means that a choice of governing law provides a clear origin for analysis of the Constitution and its effects and, by extension, transactions that take place on the blockchain. Any Constitution should contain at the very least a governing law clause.

Bilateral obligations

The Constitution may contain provisions that are deemed to be incorporated into particular contracts made on the blockchain, such as dispute resolution clauses. Assuming that the Constitution is itself a contract then, provided that the Counterparty and the User are both party to it, these bilateral obligations will be incorporated into the separate agreement between the User and the Counterparty and will be enforceable as with any other contractual obligation. This will apply, for instance, to arrangements between dApp Providers and end-users who are employing their distributed applications, insofar as those end-users are also Users – that is, direct participants in the blockchain.

Some bilateral obligations are only enforceable if they satisfy particular formal requirements – such as being ‘in writing’ or being signed by the parties. Arbitration clauses and other dispute resolution mechanisms often fall into this category. If these clauses are included in the Constitution and incorporated into individual agreements by reference, the Constitution itself may have to satisfy these formal requirements.

Smart contracts will often be used to document bilateral obligations between a User and a Counterparty. Smart contracts inherently deal with issues of evidence and intention that are behind some formality requirements – but, until legal systems add rules dealing specifically with smart contract, these formalities will still need to be satisfied.

Civil and criminal

The Constitution may contain obligations that are not simple bilateral promises. It may contain, for instance, promises to do or to refrain from certain behaviour or undertakings to act in accordance with certain general norms or values. An example of the former is a promise not to carry out a distributed denial of service attack (DDOS) on the blockchain; an example of the latter is a promise to treat other users of the blockchain with respect and consideration.

Some of these promises may be too vague to constitute legally binding obligations. This does not mean that they are useless: their efficacy will be in establishing moral or cultural norms. Others will be specific enough to be enforceable – but they are not promises made to particular individuals and it is unclear who will enforce them and what enforcement would consist of. Mechanisms to allow individuals to enforce them on behalf of the community may be needed, such as those used in enforcement of open source licences.

Take the promise not to carry out a DDOS. Assume that a User carries out a DDOS attack some time after posting a transaction with a hashed reference to a Constitution containing a promise not to carry out a DDOS. The Counterparty is able to enforce the private contract embodied in the Constitution against the User. In principle, this means the Counterparty could sue the User for damages. But the Counterparty might not have suffered any damage. Even if other users are also party to the contract, they may also have suffered minimal damage. Each person could only sue for the damage that they had suffered. In the case of the Block Producer, this might be significant. In most cases, there would probably be little practical incentive for any person to sue for breach of this obligation. It seems unsatisfactory to leave enforcement subject to the vagaries of individual loss or to those motivated by community spirit.

The problem here is that a private consensual agreement is being used to impose obligations that are more usually found within criminal law, in that they relate to norms of behaviour that affect the community as a whole as well as individuals. Provisions in the Constitution that fall within this definition will be referred to as quasi-criminal obligations. Private and criminal liability often go together – an individual may suffer damage from a crime for which he is entitled to be compensated. By a quasi-criminal obligation, we are referring to the obligation owed to the community, over and above the damage caused to any one individual. In many legal systems, there has been a gradual development of collective enforcement of criminal obligations by centralised authorities, replacing ad hoc individual enforcement. It may be that communities centred around blockchain Constitutions will need to go through a similar process for quasi-criminal obligations.

Apart from quasi-criminal obligations, the Constitution may also contain quasi-regulatory obligations. These are obligations relating to areas such as data privacy, initial coin offerings and mode of payments. Unlike quasi-criminal obligations, quasi-regulatory obligations do not apply to all users all the time. A dApp Provider might choose, for instance, to fall within the data privacy regime of the Constitution. If it does, Users will have the assurance that their data is being protected according to the regime and this will presumably bring benefits to the dApp Provider. But if the dApp Provider opts into the regime and then contravenes any of its obligations, this will be a breach of the Constitution with similar consequences to breach of a quasi-criminal obligation.

Effective sanctions do exist within the private consensual realm, particularly if enforcement is delegated to an institution internal to the community. Apart from monetary claims, which might include penalties in some circumstances, the community as a whole has an additional powerful tool: expulsion. Preventing a malefactor from future engagement with the blockchain is an effective sanction and could be the ultimate deterrent in enforcing quasi-criminal and quasi-regulatory obligations in the governed blockchain.

The creation of quasi-criminal and quasi-regulatory obligations suggests that governed blockchains may be able to address some of the worst examples of anti-social behaviour seen in permissionless blockchains. Traditional regulators might even be inserted into the dispute resolution mechanisms – whether as participants in arbitration or with some special status. While still fully decentralised, the governed blockchain may be able to filter out some universally unacceptable criminal behaviours.

Note that even where quasi-criminal and quasi-regulatory obligations are clearly set out in the Constitution and coupled with effective powers of enforcement, it is possible that a court may override them, for reasons of public policy. A court may decide that some obligations are inherently public and should not form part of private contract law. As courts have the power to confiscate property and imprison individuals within their jurisdiction, they cannot ultimately be ignored. So the scope for the Constitution to form a complete and self-contained regime may be limited.

JAC: the JAC amendable constitution

JAC stands for JAC Amendable Constitution. It refers to a Constitution that can amend itself. In other words, the Constitution includes a mechanism for changing all or certain terms of the Constitution, including a method by which assent to a change is measured and recorded. This might be a voting mechanism, for instance, or conditions on the Block Producer including a transaction that has a hashed reference to an amended Constitution.

The JAC is not inconsistent with contract formation in most governing laws. It is not uncommon for contracts to contain provisions limiting how they may be amended. So, in principle, the JAC can include a wide variety of different amendment mechanisms. It may even be flexible enough to regularise blockchain forks, making them a Constitutional activity, rather than something occurring outside the normal parameters of the blockchain community.

The difficulty with the JAC is not in enabling variation of the Constitution but in reconciling different versions. We have seen that there may be multiple instantiations of a single Constitution, involving different sets of parties. Where there are, in addition, multiple different versions of the Constitution, it may be problematic to determine which version of the Constitution governs the relationship between two Users who have entered into different versions at different times. The JAC should itself contain provisions to resolve these questions.

Dispute resolution mechanisms

One of the key benefits of a Constitution is the ability to insert dispute resolution mechanisms. These may encompass disputes about enforcement of the Constitution itself or they may be incorporated by reference into individual arrangements between the User and the Counterparty. In this way, a single consistent method of dispute resolution could apply to a large proportion of activity on the blockchain.

A bespoke dispute resolution mechanism automatically minimises many of the perceived limitations of the blockchain. Questions as to governing law and jurisdiction are, by definition, resolved. Issues as to reconciling code with natural language in smart contracts, dealing with bugs and coping with external information provider failure can be determined fairly. For more on types of dispute resolution mechanisms and, in particular, the advantages of arbitration, see the forthcoming chapter Blockchain Disputes: Risks and Resolutions in Unlocking the Blockchain, which will be available here.

A particular concern for arbitration clauses is that there may be formalities needed to make them binding. For instance, an arbitration clause may have to be in writing or be written in a particular language or signed by the parties. This may limit how arbitration clauses are included in the Constitution and whether they can be incorporated by reference.

Another concern for arbitration clauses is multilateral enforcement. Arbitration, as a private method of dispute resolution, has to be adapted where it is necessary for it to bind a larger group of people. For obligations in the Constitution that are inherently multilateral – such as promises to the community as a whole – drafting an effective arbitration clause will need careful thought.

The governed blockchain and the legal profession

A successful governed blockchain will facilitate seamless trade with businesses and individuals across national boundaries. Automatic execution should minimise disputes and arbitrators should dispose of those that do arise on the basis of facts clearly recorded on the blockchain. Apart from the initial activity in creating the blockchain and the Constitution, this suggests a future for commerce that has far less need for legal services.

It is possible that the governed blockchain will lead to an overall reduction in the demand for lawyers. But there are two factors that suggest otherwise. First, the governed blockchain will include small businesses and individuals that would not otherwise have resources to obtain legal advice. In this way, the governed blockchain may spread the benefits of legal certainty and enforceability beyond those who already have access to it. As this part of the economy currently functions without legal advice, its use of the governed blockchain would not reduce the demand for legal services. Second, technological innovations in the past have allowed legal services to become more efficient but this has not been matched by a decline in demand – rather, the reverse seems to happen. Appetite grows for more complex legal structures and for an increased number of transactions. New arrangements solve old problems but raise new questions. Of course, whether this will apply following creation of the governed blockchain remains to be seen.


The governed blockchain incorporating a Constitution and allied to a customised forum for dispute resolution is potentially a major advance that could substantially reduce legal uncertainty and promote adoption of the blockchain by businesses and individuals. However, there are a number of legal subtleties in making a Constitution effective and practically enforceable. A Constitution is a private consensual agreement that is also trying to do the job of a public statement of beliefs and obligations. It is a series of individual arrangements with different subsets of the community that is meant simultaneously to incorporate specific terms into a single contract between two users and to take effect as a unitary arrangement binding on the community as a whole. Some legal systems will impose a supervisory jurisdiction on ostensibly private obligations that are in fact quasi-public, especially if they involve exercises of discretion. Resolving these tensions will need a wise choice of governing law and careful drafting.


Ian Grigg, 2017, “EOS: an Introduction,”, 2017; “The Governed Blockchain,” working paper

Satoshi Nakamoto, 2008; “Bitcoin: A Peer-to-peer electronic cash system”

Dan Larimer & EOS.IO team, “EOS.IO Technical White Paper,” live document,

Norton Rose Fulbright, Blockchain disputes?, working paper on page 1

R3 & Norton Rose Fulbright, “Can smart contracts be legally binding contracts?”

Tim Swanson, 2015; “Consensus-as-a-Service”

About Ian Grigg

Ian Grigg has been working in financial cryptography since 1995, and is best known for creating the Ricardian Contract, a method of securely preserving legal prose in a digital framework such as blockchain. He co-invented triple entry accounting which uses cryptography to share accountable information into strong, immutable form: "I know that what you see is what I see." He has consulted for R3, Intuit and's EOS project for the governed blockchain. Ian is currently working on bringing all of these techniques to Kenyan social savings groups known as chamas, and is an advisor to Knabu, Akropolis and Mattereum.

Recent publications

Subscribe and stay up to date with the latest legal news, information and events...