Shin v. ICON: A Notable Blockchain Lawsuit

Wednesday, August 25th, 2021

orange background with words blockchain lawsuitShin v. ICON is a fascinating cryptocurrency lawsuit that nobody is talking about. A multifaceted claim, the case raises questions about exploit legalities, civil conversions — as it relates to digital currency — and proof-of-stake ethics. The suit also presents a noteworthy defamation scenario singular to the tech ecosystem.

Before We Begin, Some Background and Lingo Clarifications

If you’re familiar with the blockchain landscape and crypto terminology, skip this section and scroll straight to the case specifics. If not, let’s first review some industry basics that will help you better understand the suit.

What Is the ICON Network and ICX Cryptocurrency?

Based in South Korea and launched in 2017, the ICON Network serves as an interconnective hub for disparate blockchain networks. ICX is the platform’s digital token.

In keeping with the crypto economy’s decentralized ethos, ICON is a proof-of-stake network where the voting power is vested in about 22 “P-Reps” — aka validators. The company controls a percentage of the voting shares, and the rest are independent parties.

What Is a Proof of Stake Network?

ICON is a proof of stake (PoS) network as opposed to a proof of work (PoW) network, the model used for Bitcoin and Ethereum. (Note, however, that ETH is in the testing phase of a PoS network called Casper.) The proof of stake model operates by consensus, and some think it’s the future blockchain standard.

How Proof of Stake Cryptocurrency Blockchain Networks Operate

Proof of stake is a newer blockchain model that limits the validation structure. Instead of a mining free-for-all, consensus algorithms serve as the network’s “approval” force. Under the framework, validators and delegators (which we’ll refer to as “validators” for simplicity’s sake) are designated parties that handle all transaction calculations. Becoming a validator requires freezing and banking a substantial number of tokens on the network — a “stake.”

If a validator does something wrong, the network punishes them by removing coins from their stake banks. If it’s an honest mistake, the network levies a fine, but validators with enough stake in the game can usually remain in their positions. In extreme situations, they’re banished.

Who Is Suing ICON (ICX) and Why?

Shin v. Icon is a decentralized network lawsuit worth talking about. Here are the facts:

  1. Mr. Shin was active on the ICON Network and had previously purchased ICX tokens, which he staked to become a part of the validator-delegator echelon.
  2. At some point, ICON proposed Software Update Proposal #9, and the validators — who enjoy voting rights — gave it a thumb’s up.
  3. After the update, Shin discovered that the SetDelegate function on the smart contract was broken. Every time he delegated coins to a new validator, he got another 25,000 tokens back. Ultimately, he amassed 14 million coins in a short amount of time and compared the experience to stumbling upon a “slot machine that went haywire.”
  4. Shin didn’t sit on his tokens. Instead, he started sending some to exchanges to sell.
  5. ICON discovered the vulnerability, accused him of stealing, froze the tokens in his wallet and on outside exchanges, and then asked validators to vote on another platform revision to “fix a vulnerability.” ICON also approached exchanges about Shin’s activity, labeling him a malicious actor.
  6. Shin sued on three causes of action, but the two that stood out to us were conversion (the civil law equivalent to larceny; i.e., freezing his tokens was theft) and defamation. Shin’s lawsuit also questions the purported decentralization of the ICON Network, arguing that the company maintains inordinate control over allegedly independent validators. Additionally, Shin takes issue with ICON’s framing of Software Update Proposal #10 as solely a bug fix. He argues that ICON failed to inform the “P-Reps” about freezing his token assets — including ones he bought legitimately — and asserts that some validators may not have voted in favor of the update if they had known.

Shin v. ICON: The Arguments

Plaintiff Shin’s Position

Shin’s argument is pretty straightforward. He believes ICON acted illegally by freezing his tokens since:

  1. He stumbled upon a vulnerability, leveraged it, but didn’t intentionally create a hack to steal tokens.
  2. ICON didn’t fully disclose the full scope of their intentions with the second vulnerability update (#10).
  3. The platform froze all of his tokens, not just the ones acquired via the vulnerability, but also ones he purchased prior to Update #9.

Shin likens the situation to a landlord locking out a tenant and denying them access to the personal property inside. He also uses the suit to take a swipe at ICON’s ethics, arguing that the company isn’t nearly as decentralized as it claims to be. It isn’t a legal argument, per se, but one that speaks to the crypto movement’s operating ethos.

Plaintiff Shin also claims ICON defamed him with the “malicious attacker” label since he simply took advantage of a mistake in the code and didn’t actively attempt to breach the network.

Defendant ICON’s Position

In its defense, ICON insists that Shin acted in bad faith — and therefore illegally — by exploiting the platform’s vulnerability. The company framed Shin’s actions as intentional theft. They also reasoned that, as a decentralized business entity that maintains smart contracts to administer the network, they have every right to make system updates and fix security vulnerabilities.

The Motions and Hearings So Far

Shin initially filed his lawsuit last year and amended the complaint this year. In May, ICON filed a motion to dismiss. The second filing included information about four other parties who allegedly took advantage of the token bug, two of which Shin claims, partner with ICON — ICX Station and Hyperconnect.

Specifically, Shin argues that ICX Station is made up of ICON employees that act on ICON’s behalf. If true, and ICON did orchestrate a voting majority, the company could, theoretically, exercise influence over the other validators.  According to Shin, their tokens weren’t frozen, rendering ICON’s targeting of him unjust.

Shin v. ICON: Legal Points to Consider

As of now, a judge granted ICON’s dismissal request in part. However, Shin was able to amend his pleading. He removed the defamation claim and argued the other two points with more specificity.

But was the judge’s decision right? Shin v. ICON raises several legal points that could prove fundamental in crafting regulatory and statutory parameters for the crypto law space.

  1. Perhaps the gravamen of the case is the question of Shin’s rightfully acquired tokens. Did ICON maneuver to reclaim Shin’s ICX assets on other exchanges, like Binance and Kraken? If so, does that amount to conversion? Could Shin craft a valid conversion claim if the judge allowed for discovery instead of dismissing the case?
  2. Did ICON purposefully omit details about Revision #10, and if so, did it amount to a cause of action? After learning of Shin’s token bounty, a P-Rep sided with Shin, saying he should “be able to keep the ICX and do as he pleases,” since Shin “didn’t hack anything.”
  3. Shin’s dropped defamation claim raised theoretical questions about tech-linguistic legal precedence. Is it inherently harmful to call someone a hacker? Did ICON step out of bounds by labeling Shin a malicious actor? It’s too bad he dropped this portion of the suit, as it may have had the most merit.

As a cryptocurrency lawyer, in my opinion, most of Shin’s claims are a stretch. Ultimately, as presented herein, ICON’s influence over P-Reps is a subjective matter that falls outside the law’s borders. After all, we’re not living on a medieval vassalage; companies don’t need permission from a feudal lord to fix system vulnerabilities. Moreover, Shin may have eaten his own conversion argument. As the Defendant’s Response to the Amended Complaint succinctly quips, “he can’t have his cake and eat it too.”

Shin v. ICON: Was the Partial Dismissal A Mistake?

A judge recently dismissed parts of Shin v. ICON, which may have been a mistake. Sure, at first glance, it may seem like a cut and dry decision with ICON as the clear winner. However,  a discovery phase may have unearthed evidence that altered the picture. For example, Shin’s claim may have been able to survive some tort theory of interference or undue influence. Moreover, what if the other validators WERE all part of ICX? And how much of Shin’s legally bought ICX tokens were confiscated? Was it lawful?

These are all questions we may never get to see play out.

Connect With a Cryptocurrency Law Firm

The Kelly Law Firm works with cryptocurrency businesses and investors on everything from contract negotiations to litigation. Get in touch.

Click here to read more from our cryptocurrency law blog.