Agent devs need to grapple with the general rule crypto devs have had to deal with for years now:

Custody user funds = increased liability risk

Why? Control is the law’s lodestar for finding liability

Two issues immediately come to mind

(1) Money transmission: Control over user funds is crucial to the analysis if a party is a “money transmitter” and therefore must KYC/AML

(here's 40 pages I co-wrote on why: https://edit.financialcrimelitigators.org/api/assets/cd682a1c-1cb0-4c99-a491-ac6155f4bdc2.pdf)

(here's 16 more for good measure: https://edit.financialcrimelitigators.org/api/assets/b9fa10a1-5e91-4473-96f6-c240ff0761eb.pdf)

GC and Investment Partner @variant | ex software engineer/@ycombinator founder, attorney Cravath | casts are not legal advice | I am not your lawyer

(2) Cybersecurity/negligence: Control over user funds likely implicates duty of care to exert reasonable efforts to protect the funds, relevant in a negligence action

Crypto devs traditionally address this issue by using smart contracts/atomic transactions that never permit them to touch user funds

I'm seeing way too many agent projects with unilateral control over user funds; projects should work with counsel to discuss relinquishing control

what agent not from crypto is having this problem?