An Ethereum bill of lading under the UNCITRAL MLETR

1. An abridged history

Evidence dating back to 1063 shows that clerks regularly kept records documenting goods that had been boarded onto ships. ¹ In the time since, the documentation has evolved significantly, becoming more complex and maturing in legal character, ² with the precursor to our modern bill of lading (B/L) appearing around the beginning of the 19th century. ³ Today, the B/L is a document of title issued on demand of the shipper, also known as the consignor, by a carrier or master or agent of the carrier acknowledging receipt of the goods to be shipped to the ultimate receiver, or consignee. ⁴ It determines the rights and obligations both of the shipper and the carrier, and is recognized as an indispensable document in the shipping industry. ⁵

2. Functions

There is some difference in the way B/Ls are treated by shipping parties around the world depending on the international convention applicable to the transaction; ⁶ however, the B/L’s principal purpose lies in enabling the owner of the goods to dispose of the goods rapidly, even though they will be in the custody of the carrier by the time the B/L is finalized. ⁷ Three main functions of the B/L render it capable of achieving this purpose. ⁸

Firstly, as a document of title, the B/L indicates the party with interest in the goods and, in the case of a negotiable B/L, facilitates and documents title transfer through an ‘uncomplicated transaction.’ ⁹ Passing on the B/L in this manner transfers property rights in the goods, where that is the intention. ¹⁰ The consignee can exchange the B/L for the goods once they arrive at their port of destination, but it also enables them to dispose of the goods through endorsement and delivery of the B/L. ¹¹

In order to transport the goods, the shipper concludes a contract of carriage with a carrier. ¹² The second function of the B/L is to serve as evidence of this contract, with the terms and conditions usually placed in fine print on the back of the B/L. ¹³ This indicates both to the buyer and concerned intermediaries that the goods have been tendered for shipment. ¹⁴

Thirdly, the B/L functions as a receipt, identifying the shipper, the carrier and the receiver. ¹⁵ It specifies details of the cargo, evidencing its condition, which prevents the carrier from claiming prior damage in the event of delivery of the goods in unsatisfactory condition. ¹⁶ Furthermore, it references the carrier vessel and the goods’ port of arrival. ¹⁷

1. The sea waybill

It is evident that a shift away from a paper-based document is desirable. Although some progress has been made in the form of the sea waybill, an alternative document that can serve as evidence of the contract of carriage and as a receipt, this document is an inadequate substitute for the B/L as it cannot transfer title. ³⁴ A consignee receives the goods simply by proving that they are the party mentioned in the sea waybill. ³⁵ This makes the sea waybill incapable of functioning as a security or loan by banks for example to the seller, pending payment by the buyer, since the goods can be collected without banks’ documented approval. ³⁶ Furthermore, seeing as a sea waybill is made available only to pre-designated parties at its time of issuance, ³⁷ this ‘non-negotiable’ document is incapable of effectuating endorsement. ³⁸

2. Digitization

Nowadays, it seems like there is hardly a problem that a digital solution cannot fix. However, a particular difficulty with digitizing the B/L is that, as a document that confers title, it allows for the performance of the obligation of handing over the goods in question. This is a problem in the virtual arena due to the fact that a digital signal is, in layman’s terms, little more than a succession of ones and zeros. This means that copies can be made that are indistinguishable from the original, ³⁹ enabling any party with such a copy to claim performance of the obligation.

3. The registry model approach

A proposed method for digitizing the B/L has been the registry model approach, whereby the party in control of the goods is referenced in a third-party registry maintained by a trusted administrator. ⁴⁰ However, initiatives employing this approach have failed. ⁴¹ One major obstacle is the requirement of subscription due to the closed nature of such a system. ⁴² Legal uncertainty furthermore abounds regarding the relationship between users of the registry system and third parties, with users accepting contractual terms set out by the respective commercial providers, to which external parties are not privy. ⁴³ In these cases, substitution of the electronic record by a paper B/L is required, ⁴⁴ making the investment in subscription superfluous.

This approach also begets the common concern related to digitization, namely the loss of electronic data in the event of hardware or software failure. ⁴⁵ A third-party registry administrator introduces a host of problems: taking for granted that said administrator is competent and can be trusted not to act with malicious intent, ⁴⁶ this system introduces a clearly discernible centralized entity embodying a single point of failure. ⁴⁷

1. The United Nations Commission on International Trade Law

The United Nations Commission on International Trade Law (UNCITRAL) was established on 17 December 1966 by the United Nations General Assembly and is tasked with the modernization and harmonization of international trade rules to facilitate trade and investment. ⁴⁸ This is done through the preparation and promotion of legislative and non-legislative instruments targeting key areas of commercial law. ⁴⁹ This is important and necessary work, as information asymmetries between domestic and foreign companies form a non-tariff barrier to trade, with effective governance, policy and politics occurring, for the most part, at a national level. ⁵⁰

2. The Model Law on Electronic Transferable Records

One tool at UNCITRAL’s disposal is the Model Law system. ⁵¹ Model laws are legislative templates that jurisdictions can adopt through transposition into domestic law, ⁵² with the aim of achieving as much harmony as possible among fragmented polities on issues with an international character.

UNCITRAL first focussed on issues of transferability and negotiability of rights in 1994. ⁵³ Subsequent action involved the creation of a Working Group to deliberate on Electronic Transferable Records, with a draft Model Law being considered at UNCITRAL’s 50th session, in 2017. ⁵⁴ The Model Law on Electronic Transferable Records (MLETR) was adopted by UNCITRAL on 13 July 2017. ⁵⁵

3. Scope of the MLETR

The MLETR applies to electronic transferable records (ETRs), ⁵⁶ which are, broadly speaking, electronic substitutes for transferable documents, ⁵⁷ the latter being defined as ‘a document or instrument issued on paper that entitles the holder to claim the performance of the obligation indicated in the document or instrument and to transfer the right to performance of the obligation indicated in the document or instrument through the transfer of that document or instrument.’ ⁵⁸ Domestic law will determine which transferable documents or instruments should be included, but seeing as the B/L is one of the main negotiable instruments, ⁵⁹ this document is a prime target for the MLETR.

1. The Bitcoin protocol

Participants within the Bitcoin network are called nodes. ⁷¹ Anyone can become a node by generating a Bitcoin address from which to send and receive bitcoin, with the protocol maintaining a ledger detailing the amount of bitcoin at each address. As such, Bitcoin is a ‘state transition machine’ in which ‘unspent transaction outputs’ (UTXOs) are recorded, with requests for transfers and approvals of said requests resulting in the changing of the ‘state’ of the addresses in question. ⁷²

Verification of each party’s intent to change the state of the ledger is done through digital signatures attached to transactions. This is done through public key cryptography, a cryptographic technique whereby two sets of ‘keys’ (made up of a string of ‘bits’, or ones and zeros) are generated. ⁷³ One of these keys, the private key, is kept secret by the user, as, together with the information in the transaction message, it constitutes an element in the function to generate the digital signature. ⁷⁴ This digital signature allows users to approve changes in the state of the address to which they have access by virtue of the secret key. A second function using the public key is used to verify the validity of the digital signature. ⁷⁵ A new signature for each transaction is therefore required to differentiate transactions from each other, ⁷⁶ as copying a signed transaction request message would allow a malicious node to duplicate past transactions ad infinitum.

The digital signature method makes it all but impossible for anyone without the secret key to have signed off on a transaction. However, the above is merely the application of an established practice for data integrity purposes, ⁷⁷ while the information that is generated needs to reside somewhere. Whereas ledger storage and maintenance has traditionally been within the purview of a centralized entity, ⁷⁸ the Bitcoin protocol achieves decentralization by giving each node their own personal copy of the ledger; ⁷⁹ nodes broadcast any changes they wish to make to the network, thus allowing all nodes to record the updates in their ledger.

Without a method to achieve consensus between the distributed ledgers, the system would not work as there would be no assurance that all nodes are recording transactions in the same order. This is where the so-called ‘miners’ come in. Miners are nodes who perform the bulk of the upkeep of the system. The method for achieving consensus in Bitcoin is called Proof of Work (PoW). PoW is based on the Hashcash protocol, a technique established in 1997 by Adam Back to thwart email spam. ⁸⁰ Sending an email involved the sender expending computing power to solve a complex computational puzzle. ⁸¹ Doing so requires an investment of energy, and the amount of energy expended means that the sender of the email is limited to a number that a usual user would send, and not the overload that is generally the case with spam. ⁸² The receiver could input the answer to the computational puzzle, thus verifying that the sender was not a spammer. ⁸³ In this manner, proof of computational work ensures that the receiver can trust that the sender is acting without malicious intent.

In Bitcoin, miners listen for the transaction requests and bundle a number of these transactions together. ⁸⁴ They then apply the cryptographic hash function SHA-256 to arrive at a specific output. SHA-256 involves the input of an arbitrary message and results in an output (a ‘hash’) of a string of 256 bits. Changing the input in any way changes the hash. The specific output that must be arrived at is preordained by the Bitcoin protocol. Due to the fact that it is impossible to reverse-engineer the SHA-256 process to arrive at the correct input, the only way that miners can get a hash that meets the specifications is by guessing the input, which involves expending computing power. Guessing the correct input results in a bitcoin reward for the miner, ⁸⁵ which adds an element of competition and incentive to the miners.

Once a miner has guessed the input required to achieve the specified hash, the answer is broadcast to other miners, who verify that the input arrived at is indeed the answer to the puzzle by simply running the hash. ⁸⁶ The ‘winner’ is then allowed to combine the answer together with their list of transactions into a ‘block’ that includes a timestamp, in order to guarantee chronological order, and a hash of the previous verified block. ⁸⁷

Making each block dependent on the block preceding it means that changing the history of the chain would involve redoing not only the work on the targeted block, but also redoing the work on the blocks that follow it. Having the input to these already established blocks does not mean that a miner can simply input this answer again, as the puzzle is variable due to its cryptographic nature. Redoing all the work in order to change the recorded history of the chain would require an immense, almost impossible amount of computing power, which is why the blockchain can be said to be immutable. ⁸⁸

A reason that someone may want to change the history of a chain could be to achieve consensus on their address containing more bitcoin. It is possible that someone does the work on a block to include a false transaction, and then broadcasts this block to the system. However, maintaining this lie would require a higher amount of the computing power than all the other miners combined due to the PoW logic. As long as the rest of the network has a greater percentage of computing power than the malicious miner (an attack on the blockchain would require more than 50% of the computing power, hence the term ‘51% attack’), the chance becomes overwhelming that the rest of the network will be the first to win the computational lottery and be in a position to add blocks to the chain. The whole process of verification, clearance and storage into a block happens roughly every ten minutes. ⁸⁹ It takes the addition of approximately six subsequent blocks before the block in question can be deemed trustworthy by logic of irrefutable mathematical probability. ⁹⁰ Therefore the longest chain will always serve as the consensus chain. ⁹¹

With an idea of how blockchain works, this paper will now examine the blockchain B/L.

1. The satoshi bill of lading

The blockchain B/L would work in a similar way to Bitcoin, by bundling digitally signed transfers of B/Ls into blocks and timestamping them on the chain. ⁹² In fact, the possibility exists to create B/Ls on the Bitcoin blockchain by loading the metadata required to establish a B/L onto a ‘satoshi’, the smallest possible bitcoin denomination. ⁹³ The satoshi B/L could then be traded over the Bitcoin network. This is a technique called ‘colouring’ coins, and is an appealing prospect as traders can use an already existing and highly secure system. ⁹⁴ Furthermore, due to the fact that Bitcoin is a public blockchain, it is easy to run a node, which does away with the burdensome registration requirements of the registry system. ⁹⁵

2. Disadvantages of a Bitcoin bill of lading

There are, however, some disadvantages to using the Bitcoin blockchain for transferring B/L tokens. Crucially, such a B/L would not be considered legally valid due to the absence of a relevant legal framework. This is something that the MLETR seeks to change. The MLETR will be examined in more detail at a later stage.

Another disadvantage stems from the technology itself. Bitcoin suffers from scalability issues and requires a high energy consumption to achieve PoW consensus. ⁹⁶ Furthermore, the 51% attack possibility remains a looming problem with potential miner centralization, whereby miners pool their resources to achieve a collective advantage over the rest of the miners. Although Nakamoto asserts that nodes will choose not to destroy the foundation of their wealth by undermining the trustworthiness of the blockchain, ⁹⁷ this possibility does in fact exist, and was brought about by opportunistic miners on another blockchain. ⁹⁸ Fortunately, a large amount of research is being done on the 51% attack issue, and on other issues related to blockchain, and in this fast-evolving industry, there are many promising solutions being developed. In time, technical issues could be solved, provided they are not foundational in nature.

A more glaring disadvantage to using Bitcoin for blockchain B/Ls is that technological limitations prevent Bitcoin from capitalizing on the unique applicability of blockchain as a foundation for smart contracts. ⁹⁹

1. Privacy and interoperability issues

Banks collect and retain data that is then used for compiling letters of credit to help finance trade. The current paradigm is one in which data is siloed off in centralized databases, thus reducing the impact potential of the gathered information. ¹¹¹ Although organizations have come to realize that blockchain can streamline processes involving multiple actors, its application will for the moment be limited mostly to internal processes, as companies may be wary of the teething problems common to a young technology and will not want to risk revealing sensitive data.

However, the real potential of blockchain will be unlocked when the technology is implemented at a level whereby data can be placed on public blockchains and made available on a need-to-know basis. ¹¹² Despite the name, data on a public blockchain can be made private. Zero knowledge proofs (ZKPs) ‘are used to prove the validity of an assertion without revealing any information whatsoever about the assertion.’ ¹¹³ Such ZKPs offer properties regarding privacy that is highly desirable in the financial, health and law fields. A successful recent implementation of ZKPs came in the form of Zcash, a cryptocurrency that uses the zero-knowledge Succinct Non-interactive Argument of Knowledge (zk-SNARK) ZKP mechanism to achieve privacy. ¹¹⁴ Monero is another cryptocurrency with a privacy focus. ¹¹⁵

Blockchains exchanging information with each other requires a certain level of interoperability. Currently there are many different blockchain solutions tailored to specific uses. However, advances in interoperability efforts have come, for example, in the form of Qtum, a blockchain that utilizes the bitcoin UTXO mechanism for value transfer while implementing the Ethereum Virtual Machine (EVM) for smart contracts. ¹¹⁶

2. The smart contract plus

Solving the issue of interoperability and privacy on public blockchains allows us to envision the (as yet) utopian ideal of many different blockchains running alongside each other in the virtual space, capable of gathering data from one another. This would bring huge benefits in terms of availability of data to improve processes within the B/L process. Smart contracts in the B/L process would be able to eliminate uncertainties stemming from the unpredictability of the parties to the B/L procedure by gathering information from the respective parties’ blockchains, and contribute to automating processes. This would result in a positive feedback loop of information generation, as big data can work its analytical magic. An example could be the likelihood of timely payment of invoices through the automatic detection of funds in a bank account or cryptocurrency address. Although this ideal is one from which we are still far removed, implementing a blockchain B/L token system with smart contracting capability would bring us one step closer.

1. Ethereum

Ethereum is a PoW blockchain platform envisioned by Vitalik Buterin in 2013. ¹²¹ It is specifically designed for smart contracts. ¹²² Unlike Bitcoin’s coding language, Ethereum’s is ‘Turing-complete’, theoretically allowing it to ‘express all practical computations in smart contracts.’ ¹²³ Where applicable, payment on the Ethereum Virtual Machine (EVM) is settled in Ethereum’s native cryptocurrency, ether. ¹²⁴

2. Popularity as an advantage

Being ‘the most mature open blockchain with Turing complete programming capabilities’ ¹²⁵ confers specific advantages on Ethereum. As mentioned above, interoperability of blockchains presents an issue in the blockchain field. Although this is an area being researched, it makes sense to examine the largest blockchains due to the fact that they have the biggest community, which is invested in Ethereum’s continuous improvement. With the market capitalization of Ethereum at US$18,504,462,636 at the time of writing, ¹²⁶ and the next-biggest smart contract-capable blockchain platform at US$2,420,339,706, ¹²⁷ it is clear which is the largest, and therefore the one most likely to be able to benefit from a vast pool of information in the shortest timeframe. Its size also makes it the most likely to be the target of interoperability efforts, with Qtum being a case in point. Aside from this, Ethereum has mainstream appeal, attracting interest from market leaders such as IBM, Samsung and Microsoft, as well as Barclays and UBS. ¹²⁸

Furthermore, Ethereum boasts the most tried-and-tested network, with many Initial Coin Offerings (ICOs) having been launched on it in the past years. The fact that some ICOs have been scams whereby users traded in their ether for other tokens and the scammers absconded with the ether implies a deficiency of morals and regulation and oversight more so than deficiencies in Ethereum’s technology; ether was traded for tokens through a smart contract system built on the Ethereum network, showing that the system works.

3. Governance on Ethereum as an advantage

There is always room for improvement. This was made especially clear with the infamous DAO hack. The DAO (or ‘Decentralized Autonomous Organization’) was an organization made up of smart contracts that functioned as an investment vehicle. Investors traded in ether for tokens issued by the DAO and would be delegated voting rights on the investments to be made. However, a bug in the DAO code allowed a hacker to steal US$150 million worth of ether. ¹²⁹

Problems will arise in any system; how these problems are handled will to a large extent determine the success of a venture. What followed the DAO hack was a controversial move whereby a majority of the computing power was turned on the Ethereum blockchain by agreement among miners following a vote by some of the user base, ¹³⁰ and the blockchain was rewritten in order to reallocate the stolen funds to their correct addresses.

Although this 51% attack called into question the immutability of blockchain, it is essentially an example of governance on a public blockchain. The question of governance is one highly relevant to open blockchains, ¹³¹ although a detailed discussion hereof is beyond the scope of this paper. For our present purpose, Ethereum has shown that where the stakes are high, its community is capable of mobilizing. Criticism of the manner in which this mobilization occurs forms part of the dialectic process that should lead to an improved system.

It is clear that in the digital realm, a solution is only as good as its code. However, ex post methods such as 51% attacks can work with ex ante ones. In this, Ethereum stands out due to its established culture of implementing standards. The best-known of these is the ERC-20 standard, which provides a template for so-called fungible tokens, or tokens that are indistinguishable from each other and can therefore be divided and traded for one another, ¹³² as would be required in utility or investment tokens. ¹³³ However, our B/L token requires a different standard. ERC-721 is an Ethereum standard for a ‘non-fungible token’ (NFT), or a token that remains unique and cannot be divided. ¹³⁴ NFTs are useful in representing documents, such as deeds, ¹³⁵ and the ERC-721 standard is therefore the natural choice for a B/L token. That being said, the standards would benefit greatly by being further tested and potentially adopted by relevant standard-setting organizations, such as the International Organization for Standardization (ISO). This is especially relevant as Turing-complete scripts offer further challenges in the area of language design and programming practices. ¹³⁶

4. Prospective improvements to Ethereum

The final reason given here for proposing Ethereum as the platform of choice for a blockchain B/L token is because of the prospective improvements to the system. ‘Casper’ is an update planned for Ethereum that includes switching Ethereum from the PoW consensus mechanism to a variant of the more energy-friendly Proof of Stake (PoS) consensus mechanism; besides this, research is also being done on zk-SNARK implementation. ¹³⁷ Furthermore, thanks to efforts by Ethereum co-founder Vitalik Buterin, the 51% attack could become a matter of malicious nodes requiring a full 99% of miner computing power to compromise the system. ¹³⁸

Ethereum is a promising platform for our blockchain B/L token. This paper now turns to the MLETR in order to examine the critical issue of compatibility of such a token system with its relevant legal framework.

1. Information and interpretation

Article 8 provides that where information in writing is required in a transferable record, this requirement is met in an ETR ‘if the information contained therein is accessible so as to be usable for subsequent reference.’ ¹⁵⁴ Such information can be loaded as metadata onto the token upon creation, prima facie satisfying the Article 8 requirement. ¹⁵⁵ However, seeing as the information needs to be ‘usable for subsequent reference’, clarification is necessary regarding the form of the information. This is because the token may contain relevant information in code, as would be the case with smart contract commands. ¹⁵⁶ Ethereum’s smart contracting code can exist on the storage trie (a component of the Ethereum address), or be loaded onto the token itself. ¹⁵⁷ It is likely that at least some of this information will need to be accessible and understandable to people without a background in Information Technology.

The legibility of coding is part of a wider debate within the blockchain field. ¹⁵⁸ Smart contracts are not yet enforceable in courts of law even though issues related to them may attract liability claims. ¹⁵⁹ In a shift from the traditional ‘law is code’ paradigm to a ‘code is law’ one due to the self-enforcement of terms, ¹⁶⁰ issues with coding may not be settled satisfactorily in courts that do not recognize the legal validity of smart contracts. ¹⁶¹

Once smart contracts are made subject to traditional enforcement mechanisms, the question can be raised as to the expertise required by courts. Mention here should be made of Article 3(1), which states that regard should be had to the Model Law’s international origin and, crucially, to the need to promote uniformity among many different legal systems in the application of the law. ¹⁶² Article 8 read in conjunction with Article 3 may indicate that some consensus among countries as to the benchmark of ‘subsequent reference’ is desirable.

Issues such as these call for cooperation at an international level. One possible solution to ensure the compatibility of domestic laws with the B/L token requirements of each country could be simply coding all the possibilities and granting the option to output the code into a human language. With its potential for simplifying processes, smart contracts can form an integral part of the templates in a B/L token system.

2. Additional information

In order to realize the potential benefits of smart contracts to the B/L process, these must be able to be included in the B/L token system. Article 10 establishes the conditions that the token must meet for it to attain the status of a transferable document. Article 10(1)(a) requires that the electronic record contain the same information as needed in a transferable document in order for it to be seen as the latter’s electronic equivalent. ¹⁶³ As mentioned already, the information can be loaded onto the token. However, Article 10(1)(a) could be confusing, as it might be interpreted to preclude inclusion of information other than that required in a transferable document.

Article 10 should be read in conjunction with Article 6, which allows for the inclusion in the ETR of information additional to that which would otherwise be required in a transferable record. ¹⁶⁴ For the purpose of creating a B/L token complex enough to react to data inputs and execute business logic based on those inputs, Article 6 is highly relevant, as it allows the additional lines of code that make up the smart contract and other important information to be covered by the MLETR.

3. Changing information

Throughout the lifetime of the token B/L, changing or adding data may be required. Article 16 deals with amendment, mandating a ‘reliable method (…) for amendment in the electronic transferable record so that the amended information is identified as such.’ ¹⁶⁵ Article 17, in dealing with another type of change, namely the replacement of a transferable record with an ETR, notes that ‘[f]or the change of medium to take effect, a statement indicating a change of medium shall be inserted in the electronic transferable record.’ ¹⁶⁶

Due to the fact that our proposed Ethereum B/L would come in the form of a non-fungible and unique token due to its ERC-721 compliance, this might seem to indicate that changing the token in any way would not be possible. However, ERC-721 ‘does not mandate a standard for token metadata or restrict adding supplemental functions.’ ¹⁶⁷ Therefore, a unique, non-fungible electronic token is capable of being amended and capable of having additional metadata loaded onto it, satisfying the requirements of Article 16 and Article 17(2). In case of technological or legal hurdles, another scenario could involve the information from the original token being copied onto another token, adding the required additional information, and re-minting the new token as an ERC-721-compliant token. The original token could then be ‘burned’ or blacklisted. ¹⁶⁸ The possibility to burn tokens and thus make them inoperable not only has potential bearing on Articles 16 and 17, but is also useful for the purpose of Article 18(3), which requires the ETR be made inoperable in case of a change of medium from electronic to paper.

The process for changing data on or related to the token B/L would be a matter for substantive law and applicable process design. However, this is an important consideration due to the amount of data that may be required regarding smart contract functionality. Fortunately, it seems that the MLETR and Ethereum are mutually compatible when it comes to information addition and amendment.

1. Reliability and signatures

Where a signature is required in the transferable record, this requirement is met in the ETR ‘if a reliable method is used to identify that person and to indicate that person’s intention in respect of the information contained in the electronic transferable record.’ ¹⁶⁹ The reliability standard for the method referred to here, as well as for the methods referred to in Articles 10, 11, 13, 16, 17 and 18, is to be found in Article 12, which mandates that ‘the method referred to shall be: (a) As reliable as appropriate for the fulfilment of the function for which the method is being used…or (b) Proven in fact to have fulfilled the function by itself or together with further evidence.’ ¹⁷⁰

Article 9 includes intention ‘so as to better capture the different functions that may be pursued with the use of an electronic signature.’ ¹⁷¹ Signatures have a variety of uses, ¹⁷² but endorsement provides a good illustration. In this case, ‘it is sufficient for signatures to establish that endorsements are back to back as under bills of lading’. ¹⁷³ This can be achieved with blockchain due to the fact that the token would come in the form of a chain of digital signatures, with the blockchain technology establishing the order of the signatures.

However, where signatures fulfil the purpose of identification of parties, it is conceivable that problems arise, as parties cannot be identified based on their pseudonymous address only. The Explanatory Note does in fact proffer pseudonymous identification as acceptable, provided that this pseudonym can be linked to a real name, which may also be established using facts outside of the distributed ledger system. ¹⁷⁴ Although one author notes that ‘[t]his stands to reason since sensitive information is not supposed to be stored on open ledgers’, ¹⁷⁵ this point may become moot in the face of technological progress, such as the aforementioned zk-SNARK implementation and other privacy advancements in blockchain. It is important then that these privacy advancements be implemented in such a way so as not to completely obfuscate the identity of the parties to the B/L transaction, as identification of the parties will be necessary where relevant issues arise.

2. A tamper-proof and unique virtual bill of lading

Because a transferable document allows for the holder to claim the performance of an obligation, it must be impossible for the document to be distributed multiple times. In law, this is achieved through the requirement that there be only one original paper copy (or one set of original copies) circulating. ¹⁷⁶ This is called the guarantee of singularity or guarantee of uniqueness. ¹⁷⁷ Article 10(1)(b)(i) advances this requirement in the virtual setting by requiring that a reliable method be used to ascertain that the electronic record with the requisite information is the ETR in question. ¹⁷⁸ Article 10(1)(b)(iii) furthermore mandates ‘a reliable method’ in order to ‘retain the integrity of that electronic record.’ ¹⁷⁹ What the latter means is that an ETR should be tamper-proof.

The blockchain B/L would be more tamper-proof than an ordinary B/L because the digital signature is more reliable than a handwritten one. ¹⁸⁰ Blockchain also provides for immutability of transactions, ‘a function which a handwritten signature cannot perform.’ ¹⁸¹ Finally, decentralization offers a host of improvements: there is no single point of failure, and concerns of censorship by registry administrators or governments are mitigated. ¹⁸²

Blockchain can meet the uniqueness requirement due to the token coming in the form of a digital signature chain, ‘with the additional ledger technology to single out the earliest transfer of a blockchain B/L as the authorized transfer.’ ¹⁸³ In this instance it is again worthwhile to recall the set of standards readily available to an Ethereum token in the form of ERC-721.

The registry system can in fact theoretically succeed in establishing the functional equivalent to a unique document. ¹⁸⁴ However, it fails in a related aspect, namely establishing an appropriate equivalent to possession.

1. Control as the functional equivalent of possession

Although possession results in legal consequences that may vary from country to country, ¹⁸⁵ its prime function is the determination of who is entitled to the rights to the goods in question, and it is this function that needs to be replicated in the electronic environment. ¹⁸⁶

Article 11 formally establishes control as the functional equivalent to possession, ¹⁸⁷ by stating:

Where the law requires or permits the possession of a transferable document or instrument, that requirement is met with respect to an electronic transferable record if a reliable method is used: (a) To establish exclusive control of that electronic transferable record by a person; and (b) To identify that person as the person in control. ¹⁸⁸

Article 11 is based on draft Article 17 of the UNCITRAL draft provisions on electronic transferable records. This article states that ‘[a] person has control of an electronic transferable record if a method used for evidencing transfer of interests in the electronic transferable record reliably establishes that person as the person to which the electronic transferable record was issued or transferred.’ ¹⁹² This already provides an indication as to the concept of control. Draft Article 17 seems to have more in common with United States’ Uniform Commercial Code § 7-106, on which it was based, ¹⁹³ than it does with its progeny. § 7-106 U.C.C. states: ‘A person has control of an electronic document of title if a system employed for evidencing the transfer of interests in the electronic document reliably establishes that person as the person to which the electronic document was issued or transferred.’ ¹⁹⁴ In other words, a person can be said to be in control once the system (which should be reliable) employed to identify a person as the person to whom the rights in the goods have been transferred through the passing on of an electronic record purporting to be an ETR has been updated to reference that person as the person to whom the ETR was transferred.

The idea of control from § 7-106 U.C.C. has been noted as a ‘a well-established statement of the concept’ ¹⁹⁵ and therefore carries significant weight. Is this how the Article 11 MLETR notion of control should be interpreted? Regardless of the seemingly circular reasoning employed to establish control, the question may be posed if the ETR can be said to be an ETR only by virtue of the system referencing the person who has the electronic record purporting to be the ETR. In a purely semantic sense, requiring a ‘system’ seems to be an odd addition, as this goes against the varied ways in which the word ‘control’ is used in our everyday language. However, a theme that emerges from the definitions of the word ‘control’ ¹⁹⁶ is one whereby control can be said to be had over something, with the ability to manipulate the fate of the object in question being instrumental in establishing the entity that has control. A slight difference is noted when the word is used in the example of a passport control: ‘the place from which a system or activity is directed or where a particular item is verified.’ ¹⁹⁷

The notion of control is interesting in the latter, space-bound definition, as it can be said that a person has a passport merely at the behest of the issuing authorities. A parallel to be drawn here is that in which a third party establishes the rights that the holder of the document can enjoy by virtue of their possession of this document. The delineation of these rights is where the authorities’ influence stops, however: what such an external body should not do is introduce itself into the process by making the existence of the ETR as an ETR overly dependent on its system. This constrains the rightful holder’s control, in the intuitive sense of the term, over the document that the parties intended, by agreement, to transfer. As such, it would seem that being in control, similar to being in possession of something, attracts the inclusion of third parties into its definition only by way of said third parties’ exclusion over the relevant process of the object over which control is had. This is corroborated in the Explanatory Note to Article 11(1)(a), which states that ‘the notion of “control”, similarly to that of “possession”, implies exclusivity in its exercise.’ ¹⁹⁸

The U.C.C. clarification of control prima facie fulfils the requirement of the functional equivalence of possession through the creation of a framework by which to establish a system to determine who has possessory rights to the goods. However, intuitively, it can be said that the reference to a system is redundant. Our definition of possession in the physical world does not reference humanity’s cognitive capabilities, ¹⁹⁹ which is what underpins our understanding of the notion, and there is no reason for such a requirement in an electronic environment.

Reference to a system is merely a capitulation to the requirements of the registry system, hitherto the best system for establishing a functional equivalent to possession, albeit simply the least bad alternative. Indeed, it appears that the entire control approach’s raison d’être ‘was that possession of an electronic record prior to the advent of the blockchain technology was not capable of being replicated.’ ²⁰⁰

However, even with a U.C.C.-style definition for the functional equivalent of possession to back it up, the registry system has significant flaws. This is because, unlike a symbolic key to a warehouse, transferring control in a registry system only changes the listed identity of the person said to be in control of the electronic record, and therefore fails to enable the act of delivery, or the acts of endorsement and delivery. ²⁰¹ By contrast, a blockchain token is capable of being delivered to a person who is then able to access the relative possessory and contractual rights by virtue of this delivery. ²⁰²

The roundabout way of establishing who has control over the ETR in a registry system becomes unnecessary with blockchain technology. This is because a blockchain B/L token is capable of being possessed. ²⁰³ Although the token B/L would conform to the U.C.C. definition of control, due to its transfer being noted in a publicly available, tamper-proof and immutable ledger, the difference is that the token is not only referenced, but this reference is inextricably linked, through mathematical certainty, to the transfer of the token from one address to another. Control over a token is granted not by virtue of a reference, but by virtue of the act of transfer, and the holder can access the possessory rights simply by proving that they have access to the address at which the B/L token is held, which was already confirmed would be possible.

It can thus be said that blockchain technology has far-reaching consequences for the entire notion of control as the functional equivalent to possession, seeing as it seems to allow for possession in a digital environment. This calls for a review by countries of the notion of control in a digital environment. Due to the perceived differences between the virtual and the real world, there may still be some room for the control approach, but the definition hereof should be adapted. Perhaps it could be modelled into a more intuitive definition such as the following: a person can be said to be in control when they are capable of exercising their rights over the ETR at their pleasure to the exclusion of all other persons. ²⁰⁴

2. Smart contracts - ceding control?

Since data triggers may be required to effect release of the B/L token to the consignee, one might presume a conflict with the more intuitive approach to control described above. However, this would not be the case. B/Ls have traditionally been issued in sets, ²⁰⁵ with each set a physical manifestation of its intended recipient’s rights in the B/L process, as each recipient has their own purpose with their set of the B/L. Each set should be seen as an unbroken continuation of the B/L process, pending completion.

With blockchain technology, the need for such a set may disappear, as sets were issued primarily due to the slow pace of mail services. ²⁰⁶ What does not disappear, however, is the implication that possession in this manner, that is, influence over various parts of the B/L process, can be delegated. An example is the letter of credit requirement. The hindrances that the smart contract component erects to one holder’s control over the token would merely reflect an electronic equivalent to the hindrances that said holder might have encountered when dealing with a paper document. Therefore, provided that the system does not introduce more hindrances to the rights of the parties to the B/L process than would be justifiable in the paper variant, adding a smart contract component to the blockchain B/L cannot be said to cause an issue regarding the notion of control.