Tulip Trading Limited v Bitcoin Association for BSVA & Ors

This was a first instance jurisdictional decision refusing to allow service out of the jurisdiction. The claimant (Tulip Trading Limited) alleged ownership of substantial cryptoassets and sought declarations and orders requiring core developers/controllers of multiple blockchain networks to take steps (including producing a software "patch") to enable the claimant to regain access to assets lost after an alleged hack. The court accepted that there was a serious issue to be tried on ownership and that a hack had occurred, and found a good arguable case that the cryptoassets could be treated as property located in England for jurisdictional purposes (gateway 11) and that damage would be sustained here (gateway 9(a)).

However, the court concluded that the claimant had no realistic prospect of establishing the novel legal duties it alleged. In particular:

• The pleaded factual matrix did not give rise to fiduciary duties: the obligation of single‑minded loyalty could not be extended so as to require developers (a fluctuating and anonymous group) to take unilateral, positive steps benefitting one owner to the possible detriment of others.
• The proposed tortious duty of care was an impermissible incremental extension in relation to pure economic loss: there was no special relationship or assumed responsibility of the breadth required to impose a positive duty on developers to remedy loss caused by third party hackers.

Accordingly the order granting permission to serve out and service of the claim form were set aside.

Background and parties. TTL, a Seychelles company controlled by Dr Craig Wright (resident in England), claimed to own cryptoassets at two addresses and said it had been prevented from accessing them by a hack at Dr Wright's Surrey home office. It sued a number of non‑UK defendants who are alleged to be core developers/controllers of four blockchain networks (BSV, BTC, BCH and BCH ABC), seeking declarations of ownership, orders requiring them to implement software changes to restore access (or equitable compensation), and damages.

Procedural posture and relief sought. Permission to serve the claim out of the jurisdiction had been granted on paper; the defendants (mostly) challenged jurisdiction and the matter came before Mrs Justice Falk on applications to discharge that permission and to set aside service.

Issues framed by the court. (i) whether there was a serious issue to be tried on ownership of the cryptoassets and on the fact of the hack; (ii) whether the defendants owed fiduciary duties to TTL; (iii) whether the defendants owed a tortious duty of care to TTL (for pure economic loss) to take positive steps to restore access; (iv) whether the claim fell within the service‑out gateways (in particular gateways 11 and 9(a), and alternatively 4A); and (v) whether any quia timet or other equitable relief was properly pleaded and available.

Court’s reasoning and conclusions. The judge found there was a serious issue to be tried on ownership and on the occurrence of the hack. On jurisdictional connection, the court was prepared to accept a good arguable case that the cryptoassets could be regarded as property and that their situs for the purposes of gateway 11 could be the place where the owner exercises central management and control (in this case England), and that damage would be directly felt in England (gateway 9(a)).

On the core merits points, the court rejected the extension of fiduciary obligations to the developers/controller class in the way pleaded: an imbalance of power and vulnerability alone did not establish the assumption of a duty of single‑minded loyalty that could require positive action benefitting one owner to the possible detriment of others. Equally, imposing a duty of care to require developers to take positive steps to remedy theft or loss of private keys from third‑party hackers would be an impermissible and disproportionate incremental development of the law in respect of pure economic loss, and would give rise to indeterminate liability.

The court also emphasised procedural points: the claimant had not properly amended its particulars of claim to match the developed oral case (including reliance on anticipated breaches) and had not sought interim injunctive relief indicative of imminence; further, policy considerations and reform of the law on digital assets were matters for the Law Commission and Parliament rather than basis for a novel common law duty. In the absence of a serious issue to be tried on the pleaded duties, permission to serve out and service were set aside.

This is a first instance decision. The court set aside the order granting permission to serve out of the jurisdiction and set aside service of the claim form. Although the claimant had a serious issue to be tried on ownership of the cryptoassets and on the occurrence of the hack and had a good arguable case on the situs of the assets and on damage within the jurisdiction (gateways 11 and 9(a)), it had no realistic prospect of establishing the novel fiduciary or tortious duties alleged. The proposed duties would have imposed positive obligations on a fluctuating group of developers, creating indeterminate and unforeseeable liability; imposing such duties would be an impermissible incremental extension of the law in relation to pure economic loss and of fiduciary loyalty. The claimant’s application to serve out is therefore discharged.