Comment by walterbell

4 months ago

  Bybit CEO Ben Zhou wrote on X that a hacker "took control of the specific ETH cold wallet and transferred all the ETH in the cold wallet to this unidentified address."

"Control" has a specific meaning under UCC Article 12, which was ratified in 2022 and is slowly being adopted by U.S. states. It links some rights to control/possession of keys, even if a blockchain asset may have been stolen before being sold, https://www.clearygottlieb.com//news-and-insights/publicatio...

> Article 12 – dealing directly with the acquisition and disposition of interests (including security interests) in “controllable electronic records,” which would include Bitcoin, Ether, and a variety of other digital assets ... a good faith purchaser for value who obtains control (a “qualifying purchaser”) takes its interest free of conflicting property claims... Control under Article 12 is designed to be a technology-neutral functional equivalent of “possession.” It generally encompasses circumstances when a party has the “private key”

I think (I assume but could be wrong) in the average CEO X-tweet "control" likely only means 'control' nobody was reading through UCC Article 12 while drafting this message

As in: "The hacker gained access to" "The hacker took charge of" "The hacker assumed authority over"

  • Those are all equivalent to exclusive control of the private key, which is the meaning within UCC Article 12.

What is the purpose of this comment?

  • It describes the legal status of stolen cryptocurrency changing after the first sale. This HN story is about stolen cryptocurrency. In particular:

    > The wallet has sold around $200 million worth of stETH so far

    If some of those sales took place within jurisdiction of a U.S. state that has ratified UCC Article 12, then the buyer of the stolen cryptocurrency is now the new legal owner.

  • It is important everyone is thinking real hard about how this is different from traditional theft: there is no way to actually prove the operators didn't just steal everything themselves vs actual real hack theft.

    • There is. ZachXBT has already gotten a bounty for unambiguously pinning this on the Lazarus Group (North Korea).