Canadian $15.8M DeFi Theft Case Could Upend ‘Code is Law’ Convention

Indexed Finance’s Co-founder Dillon Kellar and a contributor, Laurence Day, claim the convention doesn’t apply in this case and are suing the alleged hacker to find out

article-image

Canadian flag

share
  • “I consider [code is law] a fringe and unworkable view of how DeFi actually needs to work if it’s going to be more widely adopted,” Day said
  • A series of tweets by a nondescript Twitter profile ZetaZeroes, which allegedly claims to be Medjedovic, has hinted that what occurred was crypto trading

A class-action lawsuit unfolding in Canada could upend the view that conventional law does not apply to unregulated decentralized finance (DeFi) protocols. The claim against Canadian teenager Andean Medjedovic, who allegedly stole $15.8 million from a DeFi protocol, Indexed Finance, argues that the so-called ‘code is law’ convention in DeFi doesn’t provide immunity from conventional laws. 

“Code is law,” often jokingly referred to as codeslaw, is a popular idea among DeFi communities that without real-life regulation, the DeFi (or crypto) ecosystem is regulated by code’s permissibility. 

Indexed Finance is a DAO that describes itself as a “decentralized protocol for passive portfolio management on Ethereum.” 

A series of tweets by a nondescript Twitter profile ZetaZeroes, which allegedly claims to be Medjedovic, has hinted that what occurred was crypto trading, simply put. Indexed Finance’s Co-founder Dillon Kellar and a contributor, Laurence Day, claim the convention doesn’t apply in this case and are suing the alleged hacker to find out. A notice of action was filed on Dec. 17 with the Ontario Superior Court of Justice relating to a proposed class action lawsuit against Medjedovic.

“I consider [code is law] a fringe and unworkable view of how DeFi actually needs to work if it’s going to be more widely adopted,” Day said in a message to Blockworks. “We operate in a space where perpetrators are…rarely found, which probably helps perpetuate the idea,” he wrote. 

Day said if code was law, it would set DeFi on a “pretty dystopian path where exploiters were lauded.”  

The idea of “just don’t get hacked” is a “cop-out that can realistically never be guaranteed” for any protocol, even in light of audits and open-source scrutiny, Day noted. 

“A lot of the ‘code is law’ appreciators seem to think that DeFi stands entirely outside of the framework of law, as opposed to simply being a manner of disintermediating financial institutions,” Day said. “Just because all of this happens through a blockchain doesn’t mean that suddenly hundreds of years of legal process magically stop applying,” he added. 

A number of lawyers are saying Medjedovic’s “code is law” argument probably will not be upheld under legal scrutiny, CoinDesk reported

The 19-year-old, who was 18 at the time of the attack, allegedly executed a series of trades, through $159 million of borrowed assets by using a flash loan. The filing claims he then distorted the protocol’s algorithm to buy assets at “artificially deflated prices” for a fraction of their true value. 

Around the time of the incident, ZetaZeroes tweeted that the protocol was “out-traded” and “there is nothing you can do about that.” 

But, the digital assets stored in Medjedovic’s crypto wallet are the “rightful property of the tokenholders,” the filing stated. 

“Thieves shouldn’t be encouraged or comforted by the fact that ‘code is law,’ or believe that they have a free pass to take assets that aren’t theirs simply because those assets exist on a distributed ledger,” Day said.

Medjedovic did not respond to Blockworks’ request for comment.

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Javits Center North | 445 11th Ave

Tues - Thurs, March 24 - 26, 2026

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Unlocked by Template (1).jpg

Research

As AI supercharges surveillance, privacy becomes a prerequisite and the winning stack will combine confidentiality with selective disclosure. Zcash’s Tachyon, composable standards on Ethereum/Solana, and compliance-aware pools aim to make private rails the new norm.

article-image

Bain Capital Crypto and Haun Ventures co-led the round as demand grows for Bitcoin-denominated savings and annuities

by Blockworks /
article-image

NYSE owner’s investment values the prediction market at $8–9 billion, signaling Wall Street’s entry into event-based trading

by Blockworks /
article-image

Pineapple begins deploying its $100 million Injective Digital Asset Treasury, staking INJ to earn yield and fund onchain mortgage ambitions

by Blockworks /
article-image

Staking levels in the ether funds will depend on protocol unstaking queue times and anticipated redemption activity, firm says

article-image

ETF inflows, miner strength, and tightening supply drive Bitcoin past its prior peak amid renewed demand for scarce assets

by Blockworks /
article-image

The Guidestar team, led by Alex Nezlobin, will join Uniswap Labs to enhance automated market maker design and smart order routing

by Blockworks /