Blockchain networks should develop legal resilience within their governance mechanisms. The Author investigates the theory of adaptive governance and its applicability to blockchain networks with the aim of helping them adapt to regulatory changes while staying decentralized.
This research investigates adaptive governance for blockchain networks within the context of legal resilience by looking at the current regulatory trends in two major jurisdictions, the European Union and the United States. The paper explores the current stance of blockchain networks and regulations, and explains why alegality of blockchain networks is no longer a justifiable argument. It also finds that the current regulatory environment is not suitable for blockchain network compliance due to their properties, presenting an existential threat and fear of legal claims which may lead to full banning, criminal charges or a loss of user base. In order to address the threat, this research suggests that blockchain networks should develop legal resilience within their governance mechanisms. Later, the research investigates the theory of adaptive governance for the purpose of assessing its applicability to blockchain networks with the aim of helping them adapt to regulatory changes while staying decentralized. Lastly the paper makes seven recommendations to blockchain networks to consider for their governance and policies.
“It is not the strongest of the species that survives, nor the most intelligent that survives. It is the one that is most adaptable to change.”
- Charles Darwin
As with organisms, institutions and states, the most successful blockchains will be the ones with the highest adaptability to their environments over the long term. These networks have to evolve to survive and resist the natural selection process if they do not want to go extinct.1
The current regulatory developments2 in major jurisdictions such as the European Union and the Unites States are forcing blockchain networks to respond and to comply. However, these upcoming regulations or the decisions of regulatory authorities are not suitable or easily applicable to the blockchain networks3 due to the distinctive characteristics they exhibit.4 Although some argue that blockchain networks are outside of the legal realm5, recent empirical evidence suggests differently: new regulations pose a threat to the existence of blockchain networks and networks are now taking action towards complying with the applicable law6 or at least towards decreasing the risks of non-complying. The consequences of not complying with the laws for blockchain networks include being deemed illegal or sanctionable,7 resulting in a decrease of activity of the participants8 in a given network due to the fear of committing an illegal activity or a crime.9 As a result, networks encounter a significant loss in their participant base which potentially leads to halt in their entire activity,10 and they face the threat of the networks relying on centralized components, like an incorporated entity using centralized applications to comply with laws,11 implementing compliance measures on their user interface as a result of centralized decision-making which may be taken as a strong signal and encouragement by other networks to do the same.12 13 Therefore, in order to retain their activity, remain operative and survive, blockchain networks will have to develop strategies to adapt to the changing regulatory environment which is not inherently compatible with their nature. This strategy would involve a decision making process in order to identify the position of a blockchain network against regulations and come to a decision on whether the network wants to comply and, if so, how. Decentralized blockchain networks strive to make decisions in a decentralized way through their governance mechanism, wherein there is no central rulemaker who dictates what rules should apply and under what conditions. Instead, decisions are taken collaboratively in a multi-stakeholder environment across different levels of blockchain networks. Therefore, this paper asks the question of how blockchain networks can adapt to the changing regulatory environment which does not suit their nature through their governance and without compromising their decentralized structure and how can an adaptive governance framework as a potential approach help blockchain networks gain adaptiveness and preserve their decentralized characteristics.
This paper calls the survival actions of blockchain networks taken as a response to the sudden changes in their environment, including regulatory environment, which is known to bring uncertainty, as adaptability or adaptation and their mechanism for identifying legal risks, developing mitigation to absorb regulatory disturbances and responding to these with the purpose of preserving their structure as legal resilience.
The contribution of this paper to scholarly understanding of adaptive governance is that it discusses the topics legal resilience, adaptability, and adaptive governance within the framework of resilience and adaptability of blockchain networks under the discourse of regulatory adaptation. First, these mentioned topics have not been previously assessed within the broader theoretical framework of adaptive governance in the context of legal uncertainty and crises that new regulations bring. Secondly, the topics have not been discussed within the discourse of adaptability and resilience of blockchain networks as socio-technological assemblages in the face of changing regulatory landscape, as a type of complex adaptive system.
First, the article draws the picture of the recent regulatory developments in the European Union and the United States, at the time of writing, in the area of blockchain and how blockchain networks respond to them and why alegality of blockchain networks is no longer a justifiable argument. Second, it discovers the theory of resilience in engineering and ecology disciplines and later links them to the field of law and to existing literature on legal resilience while redefining legal resilience. Next, it explores the application of legal resilience within the context of blockchain networks. By linking this discourse with the relevant academic literature on legal resilience, the article investigates how relevant legal resilience can be for blockchains and their regulatory adaptation. Later, the article explains adaptive governance and compares that concept with adaptive management, scans the existing literature of adaptive governance for the purpose of assessing its applicability to blockchain networks for them to gain adaptiveness for regulatory changes and preserve decentralization, and lastly makes seven recommendations for blockchain networks to translate to their governance and policies.
Blockchains are decentralized and generally public databases maintained by distributed networks of computers which provide a global computational infrastructure on a peer-to-peer network by using public-private key cryptography, and are managed by a consensus mechanism in order to transfer digital assets and create applications and organizations that run without a central entity or intermediary managing them.14
A blockchain network consists of three interconnected networks: (1) the computation and communication network comprised of nodes using peer-to-peer protocol to validate transactions by mining new blocks, (2) the financial network comprised of wallet or smart contract addresses which may sign transactions and transfer funds, and (3) the off-chain socioeconomic network representing people and organizations that control the tokens in the financial network and operate those nodes in the computation and communication network.15
From this perspective, blockchain networks can be seen as socio-technological assemblages accommodating human and non-human elements.16 For example, in the EOS blockchain the order of the network is maintained through technological and social relations managed by decentralized, socio-technological governance utilizing peer-to-peer terms of a binding contract among its participants referred to as its ‘constitution,’17 which defines “obligations among the users which cannot be entirely enforced by code and facilitates dispute resolution by establishing jurisdiction and choice of law along with other mutually accepted rules. Every transaction broadcast on the network must incorporate the hash of the constitution as part of the signature and thereby explicitly binds the signer to the contract.”18
Inspired by the above, this paper defines blockchain networks as a network of software code and technical infrastructure maintained by globally distributed nodes, of participants having influence on the development and direction of technical networks, protocols, applications, and decentralized autonomous organizations (DAO). These participants include but are not limited to developers, hardware, validators, miners, users, communities and their members, token holders behaving within the decided and given rules of internal policies, which determine under what conditions the database will change. Although the conditions are coded into the architecture of the blockchain itself, the determination of those rules are closely related to governance.19
A. European Union
In the European Union, regulatory initiatives and developments with respect to blockchains began mainly in a so-called “DeFi Summer'' in 2020, when decentralized finance applications became popular among retail users and the number of applications increased. The European Union introduced the “Digital Finance Package”21 which included a digital finance strategy and related legislative proposals on crypto-assets and digital resilience for the Union. These proposals are namely regulation of markets in crypto assets (MiCA), regulation of a pilot regime for market infrastructures based on distributed ledger technology (DLT Pilot Regime), and regulation of digital operational resilience for the financial sector (DORA) suggesting a framework to foster innovation and digital resilience without compromising the financial stability and investor protection within the Union.
Regulation on Markets in Crypto Assets (“MiCA”)
Given that current EU legislation could not be applied to the greater amount of crypto-assets, especially AML regulations, according to the European Union, there was a need to develop a piece of legislation that covers all types of crypto-assets with a unified approach within the Union. Through this regulation, the legislator strives to bring a unified approach while removing the inhibitions of the current regulations in front of the use of distributed ledger technologies, to introduce new rules for consumer and investor protection, and to address the threat that global stablecoins pose to financial stability.
The regulation applies to “natural and legal persons and other undertakings that are engaged in the issuance, offer to the public and admission to trading of crypto-assets or that provide services related to crypto-assets in the Union,”22 excluding crypto-assets that are unique and not fungible with other crypto-assets (NFTs). It brings new requirements for the offer to the public and admission to trading on a trading platform of crypto-assets as well as for crypto-asset service providers (CASP), which are a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services.
Some of the new requirements of MiCA include the obligation of publishing of a white paper during the issuance, offer, trading and other services around crypto assets, with specifics in the regulation included, approvals and authorizations from competent authority of the home Member State in which the service is provided, and drafting marketing communications in a certain way.
DLT Pilot Regime
DLT Pilot Regime is introduced for similar reasons as MiCA. The current legislation ruling EU financial services does not take the distributed ledger technologies (DLT) and crypto-assets into consideration and it can limit the use of DLT. In addition, there is lack of market infrastructure using DLT, provision of trading and settlement services for crypto-assets as well as lack of transparency, reliability, and safety requirements for the protocols and smart contracts that the crypto-assets are issued through. The fact that the traditional trading venues are accessible to retail customers through financial intermediaries whereas crypto trading platforms are accessible to retail customers creates gaps and incompatibilities in the current legislation.
For the reasons above, the pilot regime is bringing temporary exemptions to DLT market infrastructures23 from some requirements under the Union law which may potentially inhibit solutions developed for trading and settlement of transactions in crypto-assets. During the time of the exemption, European Securities and Markets Authority (ESMA) and other competent authorities will gain experience on the risks and opportunities that crypto-assets and DLT present.
The DLT infrastructures are subject to additional requirements that traditional infrastructures are not. Some of these are the establishment of rules by infrastructures regarding access and admission on the DLT, participating nodes, risks on conflict of interest, risk management measures, the provision of information to the members, participants, issuers and clients of DLT on how infrastructures intend to perform their activities and how the use of DLT will create deviations compared to the way the service is normally provided traditionally, and the placement of specific and robust IT and cyber arrangements related to the use of DLT.
These arrangements are to ensure the continued reliability, continuity and security of the services provided, including the reliability of smart contracts that are potentially used. DLT market infrastructures should also ensure the CIA triad (integrity, security, confidentiality, availability and accessibility of data stored) on the DLT.
The aim of the regime is to create a new Union-wide status of DLT market infrastructure expanding the MiFID II and the MiFIR regulations to include the DLT infrastructure.
Digital Operational Resilience Act
Digital Operational Resilience Act (DORA) is initiated to strengthen the digital operational resilience of financial sector entities in light of ongoing digitization of financial services within the Union. It regulates cyber risks in the financial sector and aims to provide a uniform set of requirements concerning the security of network and information systems of financial entities and their important third-party service providers. The act aims to achieve a high common standard of digital operational resilience.
DORA requires financial entities to formulate a risk management system and to put policies in place to identify exposure to cybercrimes and defend against them, provides companies with a set of guidelines for reviewing outsourced services and mitigating the risks from working with crucial third-party ICT partners, such as cloud computing software providers. To encourage threat intelligence, DORA aims to incentivize knowledge sharing. Industry participants are encouraged to share techniques, threat alerts, and organizational tools to enable operational resilience. In case of data breaches, financial entities are required to report to the regulators within a required time frame, using predefined templates. The rules and guidelines also extend to the suppliers and service providers as part of their contractual obligations. DORA prohibits financial institutions from partnering with organizations that don’t agree to these terms. DORA is indirectly related to blockchain technology as some financial entities provide services on crypto assets such as custodial wallet providers, centralized exchanges. Therefore the requirements of the Act affect crypto companies, thus indirectly targeting blockchain technology.
Transfer of Funds Regulation
As a response to the Financial Action Task Force’s travel rule24 introduced in 2019, the EU initiated Transfer of Funds Regulation (TFR) which expands the anti-money laundering and counter-terrorism financing rules to the crypto-assets and new obligations on the CASPs. Accordingly, CASPs have to collect personal data of users who are involved in fund transfers between custodial wallets and from custodial to non-custodial wallets and vice versa and have to report all transfers above €1,000 to the authorities.25
B. United States
DAO Legislations
The Wyoming Decentralized Autonomous Organization Supplement of the Limited Liability Company Act from April 2021 is the first bill in the world specifically regulating decentralized autonomous organizations (DAO). The act is a supplement to the Wyoming Limited Liability Company Act. It defines DAOs and smart contracts and introduces new terms such as Limited Liability Autonomous Organization (LAO) and open blockchain. It regulates the formation of a DAO under Wyoming’s law as a limited liability company. Any limited liability company in Wyoming can be converted to a DAO by amending its articles of organization to include the specific notice stated in the law. Its formation is finalized upon the signing and delivery of the original and conforming copies of the articles of organization to the secretary of state for filing.
Similar to Wyoming, Utah passed the Utah Decentralized Autonomous Organizations Act (Utah DAO Act) HB 357 on 1st of March 2023.26
OFAC Sanctions
On the eighth of August 2022, the U.S. Department of the Treasury proclaimed that it sanctions Tornado Cash which is a decentralized and open source obfuscation tool for crypto currencies and transactions that runs on Ethereum virtual machine (EVM) compatible networks. Tornado Cash offers a service that mixes potentially identifiable or "tainted" cryptocurrency funds with others, and obscures the trail back to the fund's original source”27 while creating financial privacy for its users.
The Department of the Treasury blacklisted the tool on the basis that it is used by a North-Korean hacker group, Lazarus group, in order to mask their illicit transactions which are considered by the U.S. government as money laundering and financing of other cybercrimes.28 This decision is highly criticized because it is legally possible to sanction natural or legal persons, and Tornado Cash is only a protocol governed through a DAO, meaning that there is no central organization or a corporation behind managing it. As a result of the blacklisting, all property and interests in property of Tornado Cash that is in the United States or in the possession or control of U.S. persons has been blocked and must be reported to OFAC. Additionally, all entities that are owned by blocked persons and all transactions by U.S. persons or within the U.S. involving any property of blocked persons are also blocked. The blocked persons are included in the Specially Designated Nationals (SDN) list which makes assets of persons on the list blocked and U.S. nationals are prohibited from dealing with them.29
Ongoing Litigations30
Apart from legislative bills and enforcement actions there are ongoing litigations in the USA which have important effects on the future of blockchain networks. Some of the most recent and important ones are presented below.
In the case Sarcuni et al v. bZx DAO et al (bZx DAO Class Action),31 users of the bZx protocol filed a class-action lawsuit against bZx DAO and its successor Ooki DAO claiming the liability of its creators for the security breach resulting in a loss of $40 million funds. The claims are that the creators of the protocol guaranteed security of funds to the users by telling them not to “ever worry about . . . getting hacked or [anyone] stealing their funds.” However, due to simple negligence of one developer who was a victim of a phishing attack, hackers gained access to key passphrases and drained users’ accounts. Plaintiffs seek redress by claiming that the DAO is “a general partnership and its participants are jointly and severally liable to the users of the protocol for their loss of funds resulting from the hack.”32 On 27th March 2023, the United States District Court Southern District of California determined that bZx DAO is a general partnership and found that Plaintiffs’ injury is fairly traceable to the bXz DAO general partnership and that they have standing to sue the alleged general partners.33
In another case, Commodity Futures Trading Commission v. Ooki Dao,34 Commodity Futures Trading Commission (CFTC) sanctioned and blacklisted bZx DAO and its founders for the non-compliance with Commodity Exchange Act due to its offering, accepting and executing digital asset transactions that constituted “retail commodity transactions”35 and the lack of its registration with the CFTC. As a result, the DAO and its founders are ordered to pay a $250,000 civil monetary penalty and to stop further violations of the Act and other regulations. Connected to bzX DAO, its successor Ooki DAO has been also found by CFTC that it failed to adopt a customer identification program and violated the Bank Secrecy Act and the Commission regulations promulgated thereunder36 resulting in CFTC filing a complaint in the U.S. District Court for the Northern District of California against the DAO which brings a major procedural question on whether a DAO can be sued.37
Under the current regulatory landscape that is given, it is possible to observe a tendency of regulators to centralize. If paid attention to, it is clear that the regulatory environment in the EU and the U.S. tries to tie blockchain networks to a central entity and regulates these networks through other centralized intermediaries. In MiCA these entities are crypto asset service providers, while in DORA and DLT Pilot Regime they are financial entities. In the U.S., Wyoming’s bill connects a DAO to a centralized limited liability company. OFAC sanctions treat software as a de facto legal entity and attribute a character of a legal entity to it, which can be seen as an effort to treat software as a central entity. In the ongoing litigation of Commodity Futures Trading Commission v. Ooki Dao, CFTC sued Ooki DAO with the assumption that it is an unincorporated association, although in Sarcuni et al v. bZx DAO et al., the Southern District Of California decided that both bZx DAO and Ooki DAO are a general partnership.38 While it was decided by the Californian District court that the DAO is a general partnership and cannot be sued within this capacity, CFTC suing Ooki DAO within a capacity of unincorporated association shows its clear intention of treating DAOs as a legal entity and thus connecting it to a central point.
The attempts of regulators connecting decentralized networks to a central point is a consequence of the maintained approach of entity-based regulation culture which has been continuing for many years and incorporated in different legal frameworks. The approach limits certain characteristics of an entity that affect the risk and repercussions of its failure39 in order to control the level of damages that will occur. On the other side of the coin, there is the approach of activity-based regulation restricting the undertaking of specific activities by entities,40 which is also used in the financial industry to achieve financial stability.41
The newly adopted regulations and ongoing enforcement actions at the time of writing targeting blockchain networks seem to adopt mostly the approach of entity-based regulation. The observations show that such an approach triggers a non-harmonized response in blockchain networks and pushes them towards centralization.
The responses of blockchain networks to the above mentioned developments seem to verify the assumption that networks face a hard choice between whether to comply with regulations that are not fitting them or not in order to stay operative and not get shut down by legal authorities. Another hard choice for blockchain networks to make is to what extent this compliance should be achieved and for what price, especially how much decentralization should be compromised.
When Tornado Cash sanctions were announced in August 2022, it reflamed an old discussion, which is whether crypto mixers were legal. The first discussion on this topic started at the time of sanctions of Blender.io, a bitcoin mixer, which was the first of its kind ever sanctioned by the OFAC42, for a similar reason as Tornado Cash. Upon the spread of the news about Tornado Cash sanctions, there was a significant drop in the number of users of Tornado Cash per week43 and a discouragement in users of the protocol due to the fear of committing an illicit act. Indeed, 537,792,311 worth ETH have been withdrawn since the sanctions until May 5th, 2023.44 As of May 1st 2023, Tornado Cash is used by only 57 users per week. Unless the sanctions are lifted, Tornado Cash is under the threat of becoming and staying idle although it will continue to exist in cyberspace. This event was followed up by the actions of the other blockchain protocol owners such as Aave, Uniswap, Balancer,45 Oasis, Ren46 and also mining pools such as ETH mining pools.47 These blockchain network actors started to stop processing Tornado Cash transactions. Protocols like Aave, being backed by its legal entity Avara UI Labs Ltd., integrated an API developed by a single provider48 which monitors the Tornado Cash related transactions to its front-end and prevented any Tornado Cash related transactions. Deciding for the use of one common API by many of the protocols increases the centralization level of the blockchain networks as they rely on one single provider’s technical assessment of what transaction to validate and it decreases the chance of rest of network49 participants operating fully as independent units if the system is cut in half. Furthermore, the API code itself is an element of centrality because it is stored in a central codebase and was not developed open source, meaning that not many people contributed to the same files apart from the employees of the provider.50
To mitigate legal risks arising out of unincorporation and liability, on March 20th 2022, the community of SushiSwap, a decentralized exchange, proposed to have a legal wrapper in a form of association of foundation in order to mitigate future legal risks coming from legal unclarities regarding the rights and obligations of token holders and contributors, to limit liability of token holders and contributors, and create an apparatus to manage administrative issues for SushiDAO.51 In October 2022, Sushi decided to have a Cayman Island-based DAO foundation, a Panamanian foundation, and a Panamanian corporation with the purpose of flexibility and mitigation of legal risks that may evolve in the future.52 However, during the proposal, a community member explicitly wrote a comment that is in line with the hypothesis of this paper about compliance and the sacrifice of decentralization: “As long as the final legal structure doesn’t force Sushi to move away from offering their services globally to all humans equally. We cannot afford to compromise our core crypto ethos in order to appease increasing global ‘regulatory demands.’”53
Furthermore, very recently, Polkadot revived its discussions on the legal nature of the DOT token and getting it approved by global regulatory bodies after the FTX collapse as regulatory efforts have become much more granular. The community felt the need for best practices for undergoing regulatory recognition as critical and submitted a grant request to its treasury54 and formed a team composed of lawyers and legal researchers to explore the concept of token morphism and then create accessible, actionable content geared towards web3 builders.55
These efforts towards compliance signal that blockchain networks are in search of developing strategies to adapt to the changing regulatory environment in order to keep operating and to survive by sacrificing decentralization. Unlike times when these networks were just starting and decentralized blockchain-systems were seen as neither legal nor illegal, that they merely subsisted outside of the legal realm and thus being ‘alegal,’56 the current empirical evidence shows that some networks have started to consider themselves within the legal realm and take position according to the current legal stream. Especially the percentage of OFAC compliance Ethereum blocks clearly indicates that almost half of the validators57 agree to be subject to the ‘default setting’58 and accept the role of U.S. state institutions for the application of the rules.59
The acceptance of the legal realm among blockchain networks is a natural consequence of the alegality cycle. All legal orders set rules and define legal and illegal acts. By doing so, they create a set of boundaries which Lindhal defines as temporal, spatial, material and subjective.60 A legal or illegal act falls under these boundaries whereas an alegal act is an act that challenges these boundaries and leads the legal order to a change resulting in restructuring of the legal order within its four boundaries.61 The inclusion of blockchain networks within a legal order, after previously claiming that they were alegal, verifies the observation of the earlier literature that alegal acts are not entirely immune to the legal system,62 blockchain-based platforms do not exist in a vacuum63 and “that they subsist within a larger ecosystem, and their operations depend on the actions of a variety of actors with divergent or competing interests (Bohme et al. 2015), which are themselves subject to the law.”64 With this in mind, a complete alegality of blockchain networks is no longer justifiable given that the networks themselves are now willingly following the legal order. Accepting this shifts the focus from the question of “if blockchains are alegal or not'' to “if the new legal order is suitable for the networks'' and in case it is not “how the networks can increase their legal resilience in order to keep being operative within the unsuitable legal order.” At first glance, current regulations seem hard to comply with for blockchain networks. Although regulations like MiCA focus on the regulation of intermediaries and service providers, it has an indirect impact on the networks built with the ethos of decentralization but have not fully decentralized due to being backed by a central entity. As the central entity itself is subject to the regulation, its decentralized protocol also becomes subject to the regulation and shows behavior towards centralization. The German lobbying organization Bitkom published a position paper65 about an earlier draft proposal of MiCA and criticized it for the lack of clarity concerning the decentralized finance about the obligation of publishing a whitepaper, DeFi tokens and the legality of the existing stablecoins which are already in use. Indeed, the unclarity around these topics is still valid. As an example, can it be expected from a decentralized protocol as an issuer of a stablecoin, to establish an entity within the European Union or target certain users in a single jurisdiction or multiple jurisdictions within the Union, write a whitepaper compliant with MiCA and file it to a supervisory authority of the Member State they have a connection with? This legal requirement is indeed not suitable to the decentralized blockchain networks or networks aiming at going fully decentralized and it favors centralization over decentralization making decentralized networks hard to survive within the Union. Although the new version of the regulation states “Where crypto-asset services as defined in this Regulation are provided in a fully decentralized manner without any intermediary they do not fall within the scope of this Regulation,”66 and attempts to exclude decentralized finance from its scope and eliminates the necessity of answering the question above, as previously mentioned some networks are backed by a legal entity making the arguments of being fully decentralized hard. In addition, it is not possible to understand from the regulation what fully decentralized actually means. This intervened centralized-decentralized structure and the unclarity that the regulation brings makes for decentralized blockchain networks or networks in the process of being decentralized67 hard to comply with the law.
The same goes for Tornado Cash sanctions, the compliance with the sanctions lead the validator nodes to behave coherently and in a similar way which lead to a coordinated action and centralization. Although the nodes are distributed throughout the globe, in order not to get caught by law enforcement in the jurisdiction they are operating under, they show a centralized alike behavior which goes against decentralization. It may be right to deduce that the entity-based approach does not seem to work for decentralized networks because of its characteristics68 and current regulations as a product of this approach are not suitable for decentralized networks. The enforceability of some regulations depends on the level of centrality that decentralized networks adopt and the networks are incentivized to embrace centralization to an extent that it protects them from legal claims and to stop the loss of the user base in order to keep being operational, in other words adapt and retain its core state and functionality.
Regulatory matters are complicated for many blockchain networks. Those who understand matters are facing hard choices due to the globally changing regulatory landscape. The shift to centralization comes as a threat to the livelihood for decentralized blockchain networks as it jeopardizes their fundamental values, core elements and functionalities, creates uncertainty, surprise and complexity to tackle at multiple scales.69 The hypothesis of this article is that if blockchain networks want to stay operative by staying true to their values and functionalities, they have to develop a capacity to suffer (regulatory) disturbances and still preserve their ability to return to an earlier state. In engineering, this capacity is called resilience.70
Theory and Concept of Resilience
The theory of resilience is originated from the discipline of ecology71 which was firstly introduced by Holling in his seminar paper “Resilience and Stability of Ecological Systems”.72 It states that ecosystems have multi-stable states as they could “flip between more than one stable state”73 and they are “both complex and adaptive and thus, characterized by surprise and inherent unpredictability.”74 Holling defined resilience as “the amount of disturbance a system could take before its controls shifted to a set of variables and relationships thus dominating another stability region.”75
Resilience is also a concept of engineering describing behavior near a stable equilibrium and the speed at which a system returns to a steady state after a disturbance.76 Some call engineering resilience as static resilience because it is quite a rigid strategy aiming at building a very efficient set of reliable structural and process components favoring recovery as the design goal77 whereas ecological resilience strategizes building more capacity to adapt into a system and uses dynamic flexibility78 favoring resistance as the design goal.79
Resilience has been later looked from a slightly different and inclusive understanding and its definition in the field of ecology has been stretched to include new concepts such as self-organization, adaptation and transformation80 and became “the capacity of a system to absorb the effects of disturbances through adaptation, whilst still retaining its original function and other core characteristics.”81 Walker and Salt associated resilience with systems thinking because it is hard to predict how ecosystems would behave due to their complex and adaptive nature.82 In complex adaptive systems (“CAS”), the behavior of the system cannot be predicted by only looking at their individual components (agent). The focus should rather be on the feedback between the agents and on how such feedback is translated and transformed.83 In some CAS the ability to return to the initial state before the shock may not be possible as the shock may have crossed a threshold to a new state e.g. a regime shift.84 This can be manifested within blockchain networks, for example, as a shift to centralization. Therefore, it is necessary to identify the threshold leading to a new state and how it occurs in blockchain networks. This is important to look at because once the threshold has been crossed, it is usually difficult to go back to the previous state.85 In order to predict a state change, Humby looks at the distance where a system stands to the threshold of key variables. The closer the system gets the more likely the system will jump to the new regime.86
If one knows whether there is any threshold and its key variables, capacity to manage the unwanted change may be also set within the system. Resilience theorists explain this scenario with an illustration of a ball on a curved surface. At rest, the ball stays at the bottom at equilibrium. As the surface gets shaky, the ball rolls around. If the surface is deeply curved, then the ball cannot roll or rolls around and comes back to equilibrium quickly. If the surface is rather flat, then the ball rolls and reaches far from the bottom and causes a system shift. The objective of resilience design is to keep the ball on the surface keeping in mind that different disturbances might produce different results between surfaces.87 The surfaces are called the "basin of attraction" for the balls, which represent the current system's behavioral state.88
Fig 1- Conceptual Illustration of Basin of Attraction and Resilience89
All in all, sustainability of a CAS goes hand in hand with keeping the variables below the threshold, in other words with its resilience.
Legal Resilience
The theory of resilience in the field of law has limited application. Indeed, most of the resilience scholarship applied to law has been developed in environmental law, administrative law and other related fields.90 Some works concerning resilience can be also found within the international public, conflict and security law.91 It is difficult to understand why the theory of resilience has never been more fully considered within the field of law. The theory may be useful as it would shift the attention of lawmakers to identification of external and internal threats of a legal system in order to create legal sustainability within the society.
The legal system lives within a dynamic system (society) and creates, implements and enforces formal rules which govern society.92 However, a legal system is not only about rules but also about the physical sphere of rules, actions, processes and institutions93 and the legal instruments that a society needs in order to create an order, foreseeability, certainty of social interactions94 to meet its societal goals. Ruhl suggests that a legal system can be defined by two elements: its structure and processes. Structure is the design of the division of powers between the courts and legislatures and process is the administrative decision procedures.95 From the resilience standpoint Ruhl argues that there is a distinction between the resilience of a legal system’s underlying structure and processes, which he calls “institutional resilience,” and the stability of the substantive content of law - meaning “instrumental resilience.”96 In institutional resilience, the structure and processes can stay stable while substantive law often changes whereas in instrumental resilience the content of substantive law is very hard to change.97 Taking common law legal system as an example, the stare decisis concept in common law jurisdictions allows the courts in a highly dispersed structure to respond to a single problem in different ways, and craft doctrine under different rule sets resulting in diversity in responses to the changing conditions without any institutional or process modification.98
Legal systems, as all other systems, are susceptible to external and internal disturbances. Their internal systemic vulnerabilities99 may become a threat for the system over time or an external actor can come as a shock and threaten the existence of the system if the disturbance created is not absorbed by the system. In this regard, the resilience theory introduces the notion of vulnerabilities and would help lawmakers to create an awareness for seeking external and internal vulnerabilities of a legal system, which has been used in engineering for some time as well as its coping mechanisms.100 Another potential usability of this theory for law would be the applicability of its methodologies for mapping the principles of resilience theory onto legal systems to better understand when they are and are not resilient.101 This paper calls the application of the theory onto law, legal resilience and defines it as follows: Legal resilience is a framework which deals with identifying internal and external legal risks of a system which may be a possible future threat. It refers to developing mitigation mechanisms in order for the system to absorb legal and/or regulatory disturbances, and to making the system respond to these disturbances with the purpose of sustaining itself and preventing its transition from the desired state to an undesired state, thus system change.
Legal Resilience of Blockchain Networks
Legal resilience of blockchain networks can be defined as the ability of its legal order and its agreed upon codified rules that they produce to experience shocks while preserving the same function, structure, feedback, and therefore identity.102 This ability operates across multi scales vertically and horizontally103 as well as micro, meso and macro scales.
Blockchain networks as being composed of technological and social elements accommodate both social and technical vulnerabilities.104 In a-DAO-focused-research, Nabben states that vulnerabilities of a DAO can emerge from outside (exogenous) or within (endogenous) a DAO and they can exist on different scales or across multiple scales which she calls: the individual (micro), group level dynamics (meso), or broader ecosystem (macro) level.105 She classifies regulatory vulnerabilities as exogenous and as Sari, points out that vulnerabilities can lead to opportunities for developing adaptiveness, resilience and growth.106
On a different note, she cautions that the greatest threat to a DAO is not an external threat of outside influence but that it is itself, as when facing external threats, DAOs seek to self-govern against them while making trade-offs between individual autonomy and participation in a community.107 On this point, Ruhl states similarly that to the extent resilience is a desired quality and depending on the desired trade-offs, it may be possible to have too much resilience producing outcomes that are no longer acceptable to the community which would turn resilience into a problem.108 Therefore the definition of the depth of basin of attraction plays a key role in deciding trade-offs. In other words, each blockchain network community must decide the desired level of legal resilience by looking at the trade-offs that are acceptable to the community. Trade-offs are not the only factor wherein resilience is variable. The readiness of a system affects resilience because it poses more substantial barriers to recovery if high flux and low predictability in new exogenous conditions for which a system’s components might have not been prepared due to some of the components having broken down undermining one or more properties of resilience.109 The readiness of a system is also important for adaptability of a system as the more ready a system gets the quicker it shows adaptability due to availability of its internal sources.
For blockchain networks, resilience and adaptability come down to the questions: what are the values of the network, what is unchangeable, what is the core system behavioral structure, when will the network display resilience and when is resilience desirable, and what are the tradeoffs that networks are willing to make over other normative goals of theirs in order to reach resilience. Given that a number of scholars have already noted that blockchains have or are a constitutional order110 and protocols such as MakerDAO.111 Nation3,112 Arbitrum113 and many others114 create their constitution, the question of the desired level of resilience and the preferences on the trade-offs is highly relevant for the constitution-making because resilience encompasses generating a shared vision for sustainability and resolving trade-offs.”115 In blockchain networks, the constitution sets the basin of attraction, decides the network’s equilibrium, and defines its level of resilience as well as the size for the room for adaptive capacity, in other words, its amenability to changes.116 Networks should decide how wide the desired and undesired basins of attraction should be, whether there will be creations of new desired basins or elimination of undesirable ones.117 When it comes to design choices, it is worth paying attention to the risk that a strong focus on adaptability can undermine resilience.118 The design of adaptive capacity is also crucial for the achievement of the intended functions of a blockchain network because “the extent to which a given governance structure can accommodate changes desired by a sufficient number of constituents”119 has an impact on how well the network is doing and gives the network a competitive edge by determining the degree of adaptation to emergent network problems and the changing demands of network users.120
Briefly, governance with a good degree of adaptive capacity promotes viability to blockchain networks and it is directly linked to its sustainability, protection of its core functionalities and values, thus, to its resilience.
The framework of ecological resilience places a legal system inside of a larger system of systems121 and sees it as its agent. Thus, a legal system has an impact on the resilience of the bigger system,122 making the choices of legal resilience a question about broader governance regime. Depending on the preferences of the regime set by system constituents, be it instrumental or institutional resilience, laws need to be designed in a particular way. In case flexibility, resilience and dynamism are wanted properties of the legal system at hand, the design of the system together with its institutions and instruments should be adaptive. This way of design is referred to as adaptive law by some researchers in the area of management of complex social-ecological systems.123
Adaptive laws require a room for adaptive capacity in the governance of the system for the emergence and resources of the system for the execution. Therefore, adaptive law stays on the level in between governance and execution. In other words, adaptive law is the mesolayer, adaptive governance is the macrolayer and adaptive management is the microlayer.124
Adaptive Management and Adaptive Governance
Adaptive governance is often confused with adaptive management. Although adaptive structures come in both forms and adaptive management has given rise to adaptive governance, both concepts have today a different meaning with some parts overlapping. The literature of adaptive governance widely recognizes the characteristic in the following: Adaptive governance has the “structures that support a broad range of actors, sometimes at multiple scales, to deal with the interrelated dynamics of resources and ecosystems, and social and management systems, as well as uncertainty, unpredictability and surprise.”125
The genesis of the notion is rooted in the intersection of application of ecological systems theory to natural resource management and self-governing institutions drawing on ideas such as “political economy, resource and environmental economics, experimental economics, evolutionary game theory, organizational theory, ecology, systems theory, and complex systems science.”126
Adaptive management has emerged as a critique of science-based centralized expert management practices by emphasizing the need of iterative, feedback-based evolution to manage ecological resources.127 According to proponents of adaptive management, environmental and resource management were heavily based on steady-state views and assumptions128 and they excluded the complexity and uncertainty of ecosystem processes129 that needed recognition. In scientific expert management, improved scientific understanding automatically became a new policy for the ecosystem which was allowing scientists and experts to be in control of the scenarios and excluding the social aspects of complex problems at hand. Supporters of adaptive management claim that science based management sets its targets that are measured against variables that are deemed to act in a linear way whereas they do not, reduces the capacity for change resulting in vulnerability in socio-ecological systems, and does not define the common interests of the multiple stakeholders.130 This specific criticism can be tracked in the early academic contributions of the field which focused on either making a case for adaptive management or the case against centralized expert management.131 Initially it was suggested that “learning through experimental design based on simulated modeling of ecological systems was the key to making a transition to more resilient ecological communities”132 and adaptive management was offering a way to deal with uncertainties associated with ecological science.133 The goal was to use management policies as hypotheses to be tested in order to refine management action to improve ecological resilience.134
Adaptive management later interpolated the theory of system dynamics in ecological systems and interdependent social ecological systems135 which then encountered Ostrom's works on the social dynamics of natural resource management.136 Later academic contributions emphasized case studies exploring implementation of adaptive management for specific geographic areas or natural resources. It became clear that adaptive management was not as scientific and structured as in practice as it was anticipated in theory and did not offer the flexibility that real world resources needed.137 In practice, adaptive management fell short in bringing the desired outcome because the changes in the management had to be severe enough in order to create detectable changes in a reasonable time period which came along with the messiness and unplanned actions that adaptive management did not allow and led to increased political risks within the stakeholder management,138 among which there were experts in the field. The initial focus on the quantitative modeling shifted towards biological, social and political interactions of the socio-ecological systems, which necessitated an institutional infrastructure that supported dynamic and interactive management capacity.139 This shift was the steppingstone of adaptive governance.
These reflections had led to theories on the evolution of governance principles for promoting sustainable development140 resulting in scholars in the socio-ecological field recognizing the need of social learning, collaboration and cultural change on multiple scales that affected resource management and shifted the focus of some legal scholars working in the area of management of complex social-ecological systems from adaptive management to adaptive governance. These scholars started to pay more attention to “a governance design to promote adaptive capacity at the macroscale of social-ecological system management” instead of “the instrument design for decision-making at the microscale.”141 They called this new focus “new governance.”
In the beginning, adaptive governance emphasized polycentricity, redundancy and interdisciplinary character of governance institutions, and reliance on flexible regulatory instruments such as adaptive management, market and information based instruments and increased public-private interaction.142 Overtime other research disciplines such as political science, sociology, ecological economics and natural resources management joined the discussion and added adaptation and resilience as necessary characteristics for managing complex social-ecological systems. With this addition, the new governance was granted a new name: adaptive governance.143 Today, two new components, flexibility and learning by doing,144 are also within the scope of adaptive governance.
The notion of adaptive governance has emerged from the intersection of the application of ecological systems theory onto natural resource management and self-governing institutions.145 It benefits from “both the reflexive, iterative, scientifically-based learning characteristic of adaptive management, and the governance of a broader range of actors acting on a wider spatial and temporal scale.”146 Hatfield defines adaptive governance as “the ways in which institutional arrangements evolve to satisfy the needs and desires of the community in a changing environment.” The field is relatively novel and under developed. A literature research conducted in 2007 by Hatfield-Dodds revealed that only nine results were found searching for “adaptive governance” as a phrase in the publications done in the previous three years while a search on “adaptive management” presented 789 references in the beginning of 1980.147 In April 2023, a literature search on Google Scholar with “adaptive governance” phrasing gives 25,000 references since 2007 and yields 815 results only for the year 2023. The growing literature shows diversity in the application of the theory onto different fields. The concept is discussed not only within the field of ecology but also within rulemaking in the area of emerging space activities,148 governance in AI systems,149 the context of developing responses to the crisis that COVID-19 pandemic caused150 and open data ecosystems.151 The theory is also appearing in some papers together with keywords adaptive law and agile regulation.152 As a consequence, the scope of applicability as well as the experimentality of the notion is getting broader.
Adaptive governance comes with three different approaches which are not contradicting but rather complimentary: socio-ecological adaptive governance, institutional adaptive governance and policy sciences adaptive governance.
Socio-ecological adaptive governance approach is responding to the inadequacies of expert dominated approach to adaptive management by “incorporating social dimensions as part of advancing feasibility of ecological resilience and understanding the components of governance to support this goal.”153 “Adaptive governance has been [seen] as a suitable approach for ecosystem management in changing environments. It [emerged] from the assumption that landscapes and seascapes need to be understood and governed as complex social–ecological systems rather than as ecosystems alone”.154 The representatives of this approach are Gunderson, Light, Folke et al. and “discuss adaptive governance as the collaborative, co-governance structures and seem to involve conscious arrangements that would facilitate decision making.”155
For this approach, adaptive governance means “flexible and learning-based collaborations and decision-making processes involving both state and nonstate actors, often at multiple levels, with the aim to adaptively negotiate and coordinate management of social–ecological systems and ecosystem services across landscapes and seascapes.”156 Folke et al. suggest that adaptive governance is operationalized through adaptive co-management157 which includes collaboration, institutional development, and social learning.158 This approach takes scientific learning as all types of knowledge which help with the understanding of different aspects of socio-ecological systems.159 In short, adaptive governance is a framework in which stakeholders (individuals, organizations, agencies) have a process of interactions across domains and different levels of organizations and capacity for learning and adapting to management needs at the project level.160
Institutional adaptive governance addresses an institutional context that supports adaptive management because adaptive management and governance are entangled. These intervening structures of decision making have an impact on resource management.161 Ostrom suggests that there are three levels of rules for decision making about environmental resources: operational, collective choice rules, and constitutional rules.162 Operational rules are about day-to-day decisions on allocation of resources, information provision, action monitoring and rule enforcement sitting at the bottom on the micro level whereas collective choice rules sitting on the meso level define the policy and administrative setup which dictates the operational rules. Translating these into adaptability and adaptive law, collective choice rules would be the environment where adaptive laws would develop and constitutional level as the macro level would identify who is allowed to participate and design the governance structure that crafts collective choice rules.163 Applying this to adaptive management and governance, a system would be incomplete without having the structures for adaptive governance and in its lack of adaptive management cannot manage the operational level. In such a hierarchy, rule changing gets harder on the higher or lower levels of hierarchy as additional efforts and greater consensus are needed at the collective and constitutive levels.164 All in all, the proponents of this approach would claim that “without adaptive governance structures or support at the collective and constitutive levels, adaptive management at the operational level will stand little chance of long term success.”165
According to policy scientists, the interdependencies among how policy is conceived, decision making practices, and how scientific and other kinds of knowledge are integrated creates an identifiable pattern of practice which they call adaptive governance.166 Policy science adaptive governance is distinguished from earlier approaches due to its experimentality and its explicit normative focus on the goal of serving the common interest.167 The common interest is defined as a composition of interests that are widely shared by members of the community.168 All other processes around such as institutional levels of support and decision making are set to fulfill this goal.169 In order to do so, adaptive governance includes the adaptation of policy decisions to real people170 whose local knowledge has attained importance in regards to balancing or integrating the common interests into policy for its advancement.171 Local knowledge is crucial because people on the field have limited subjective perspectives which bring diversity, they are independent from science or public laws and get influenced by external factors.172 These non-scientific perspectives which can even be based on rational or irrational thinking are wanted for the policy making to make sounder policies as they would represent reality, not an ideal.173 Contrary to adaptive governance, scientific management has a policy focus often on a single target goal that is implemented through centralized bureaucratic structures and favors scientific expertise and knowledge that prescribe how the single target goal can be maximized with technical efficiency.”174 Having close ties with the reality and people’s perspective, policy science adaptive governance turns into an expression of pragmatism as opposed to science which is not a sufficient foundation for sound policies and decision making structures.175 Briefly for policy science, adaptive governance is characterized by a pattern of practice which includes “the interdependent interactions among a common interest oriented policy goal, the decision support structure [which is provided by constitutional framers] that accommodates diverse interests in a collaborative or participatory model while incorporating diverse types of knowledge to inform the problem definition, implementation options and alternative selection.”
On top of all three above-mentioned approaches, adaptive governance within the discourse of AI governance has been defined as a governance mechanism which encourages participatory democracy among relevant stakeholders where new information is gathered from reiterative adjustment, and guidelines enhancement from successful frameworks. Adaptive governance is referred to or likened to co-regulation, or hybrid governance approach, and suggested as a helpful approach for provision of flexibility in positioning governance guardrails that proactively identify foreseeable risks emerging from AI as it evolves.176
Applying Adaptive Governance to Blockchains
Blockchains as defined above are not only technical infrastructures but also a social construct.
Despite not having an agreed-upon definition, its governance can be defined as a process of reaching social consensus over protocol evolution, which requires a human decision-making process over when and how to conduct potential software upgrades (e.g. protocol or smart contract of a DAO), how decision makers coordinate and finalize decision-making processes.177 There are two major components of blockchain governance: on-chain governance and off-chain governance. On-chain governance briefly refers to the mechanism where decisions about any change in the protocol are taken via the direct voting procedure happening on the chain. After token holders place their votes on the given proposals on a voting platform, the accepted proposals are automatically coded in protocol. On the other hand, off-chain governance means that the decisions on protocol changes taken outside of the blockchain, mainly in social environments, which then results in the agreed change getting implemented in the protocol via coding. As Alston suggests for blockchain networks the governance of system-wide processes and the process by which the rules of this governance can change, have significant implications for the intended outputs of the network itself.178 This is also true for adaptability. Indeed, Yue Liu et al. come to a conclusion in their research that the governance can improve the adaptability and upgradability of blockchain179 and “[p]roper governance can help minimize the risks of different applications, hence blockchain can adapt to specific needs and restrictions of both public and private sectors”.180
Adaptive governance is applicable to blockchains because it provides a framework for managing complex systems encapsulating collaboration, learning, flexibility, and adaptability in decision-making with multiple stakeholders across different levels and management processes in order to either prevent undesirable transformations of interdependent complex systems, or promote desirable transformations.181 As such, blockchains can be seen as a similar version of complex social-ecological systems having multiple stakeholders across different levels and interdependent components, which also compose a complex adaptive system to which adaptive governance can apply to. Applying adaptive governance to the blockchain governance within the context of changing and threatening regulatory environment by distilling from all of its approaches this article offers a list of seven recommendations for blockchain networks to translate to their governance and policies.
Identification of common interest. Depending on the blockchain network either blockchain itself becomes the common interest in cases where its existence gets threatened by regulations which makes the common interest of stakeholders from all across layers the preservation of the network or for networks governing real-world assets or common the preservation of the underlying common would be the common interest. In some cases the common interest can be both.
Adequate and accurate expert information inflow. In the area of regulatory changes legal and/or regulatory expert information inflow should go on a regular basis. This point would be the equivalent of scientific knowledge for adaptive governance of socio-ecological systems. Polkadot’s treasury proposal emphasizes the importance of this recommendation by stating that web3 regulatory matters are complicated, there is no single, up-to-date reference point that builders can rely upon and that there is a significant lack of content oriented towards non-technical stakeholders.182
Local knowledge sourcing from network participants of the respective layers and across scales. By sourcing the knowledge from people that are in different places and layers of the network, it would be possible to reach a solid policy creation that starts from the bottom up integrating decentralization into policy making and to further encourage it.
Even information distribution to participants across layers and to all relevant stakeholders. One of the current challenges of blockchain governance is the information asymmetries that occur within the networks leaving the participants blind to some necessary information for decision making due to the use of multiple and desynchronized communication channels.
Constitutional rules for the setup of the basin of attraction and adaptability. The Constitution sets the basin of attraction and collective choice rules that would later operationalize rule implementation within the desired range of adaptability on an ongoing basis. This would create the adaptive capacity that would help the network organize itself for the changing and predicted regulatory environment.
Exposure to feedback and deliberate creation of feedback loops to foster organizational learning. Feedback will be used to reiterate the collective choice rules for the achievement of the common interest.
Monitoring to inform governance decisions and adjust governance strategies in response to changing conditions and new information. This is slightly separate from the previous point by developing the appropriate response to the newly emerging conditions that are not foreseen.
In some blockchain networks, these seven recommendations may be hard to apply and transpose the seven recommendations as their equilibrium states may not allow. If this is the case and resilience is still desired, networks should plan a shift of structures and processes for a new equilibrium, meaning a transformation,183 and keep in mind how to manage multiple equilibriums during the time of the shift. Transformability of blockchain networks highlights the need for additional research to fully address and clarify the complexities of this issue.
Blockchains are decentralized and public databases maintained by distributed networks of computers, which provide a global computational infrastructure on a peer-to-peer network, and at the same time socio-technological assemblages whose order is maintained through a constitution.
Blockchain networks are facing hard choices due to the globally changing regulatory landscape. Recent regulatory developments in major jurisdictions such as the European Union and the Unites States of America are forcing blockchain networks to respond and to comply. The shift to centralization comes as a threat to the livelihood for decentralized blockchain networks as it jeopardizes their fundamental values, core elements and functionalities, creates uncertainty, surprise and complexity to tackle at multiple scales.184 Unlike times when these networks were seen as alegal, the current observation shows that some networks have started to consider themselves within the legal realm and adjust their position according to the current legal stream. If blockchain networks want to stay operative by staying true to their values and functionalities, they have to develop their resilience by incorporating adaptive capacity in their constitutions with the help of the theory of adaptive governance. Adaptive governance provides blockchain networks a framework for managing themselves as complex systems through collaboration, learning, flexibility, resilience and adaptability in decision-making and management processes in times of uncertainty, unpredictability and surprise arising out of regulatory changes. This paper recommends seven points that are inspired by the existing literature to transform blockchain networks for adaptability: (1) identification of common interest, (2) adequate and accurate expert information in-flow, (3) local knowledge sourcing from network participants of the respective layers, (4) information distribution to participants across layers, (5) constitutional rules defining the basin of attraction and fostering adaptability, (6) exposure to feedback loops to foster organizational learning, and (7) monitoring to inform governance decisions and adjust governance strategies in response to changing conditions and new information. How are they going to be implemented? How does the transformation of blockchain networks to adaptive governance happen? What are the threshold metrics to understand regime change? How to measure adaptability and resilience? These are some of the questions that need to be explored in future research.