Canadian $15.8M DeFi Theft Case Could Upend ‘Code is Law’ Convention

Indexed Finance’s Co-founder Dillon Kellar and a contributor, Laurence Day, claim the convention doesn’t apply in this case and are suing the alleged hacker to find out

article-image

Canadian flag

share

key takeaways

  • “I consider [code is law] a fringe and unworkable view of how DeFi actually needs to work if it’s going to be more widely adopted,” Day said
  • A series of tweets by a nondescript Twitter profile ZetaZeroes, which allegedly claims to be Medjedovic, has hinted that what occurred was crypto trading

A class-action lawsuit unfolding in Canada could upend the view that conventional law does not apply to unregulated decentralized finance (DeFi) protocols. The claim against Canadian teenager Andean Medjedovic, who allegedly stole $15.8 million from a DeFi protocol, Indexed Finance, argues that the so-called ‘code is law’ convention in DeFi doesn’t provide immunity from conventional laws. 

“Code is law,” often jokingly referred to as codeslaw, is a popular idea among DeFi communities that without real-life regulation, the DeFi (or crypto) ecosystem is regulated by code’s permissibility. 

Indexed Finance is a DAO that describes itself as a “decentralized protocol for passive portfolio management on Ethereum.” 

A series of tweets by a nondescript Twitter profile ZetaZeroes, which allegedly claims to be Medjedovic, has hinted that what occurred was crypto trading, simply put. Indexed Finance’s Co-founder Dillon Kellar and a contributor, Laurence Day, claim the convention doesn’t apply in this case and are suing the alleged hacker to find out. A notice of action was filed on Dec. 17 with the Ontario Superior Court of Justice relating to a proposed class action lawsuit against Medjedovic.

“I consider [code is law] a fringe and unworkable view of how DeFi actually needs to work if it’s going to be more widely adopted,” Day said in a message to Blockworks. “We operate in a space where perpetrators are…rarely found, which probably helps perpetuate the idea,” he wrote. 

Day said if code was law, it would set DeFi on a “pretty dystopian path where exploiters were lauded.”  

The idea of “just don’t get hacked” is a “cop-out that can realistically never be guaranteed” for any protocol, even in light of audits and open-source scrutiny, Day noted. 

“A lot of the ‘code is law’ appreciators seem to think that DeFi stands entirely outside of the framework of law, as opposed to simply being a manner of disintermediating financial institutions,” Day said. “Just because all of this happens through a blockchain doesn’t mean that suddenly hundreds of years of legal process magically stop applying,” he added. 

A number of lawyers are saying Medjedovic’s “code is law” argument probably will not be upheld under legal scrutiny, CoinDesk reported

The 19-year-old, who was 18 at the time of the attack, allegedly executed a series of trades, through $159 million of borrowed assets by using a flash loan. The filing claims he then distorted the protocol’s algorithm to buy assets at “artificially deflated prices” for a fraction of their true value. 

Around the time of the incident, ZetaZeroes tweeted that the protocol was “out-traded” and “there is nothing you can do about that.” 

But, the digital assets stored in Medjedovic’s crypto wallet are the “rightful property of the tokenholders,” the filing stated. 

“Thieves shouldn’t be encouraged or comforted by the fact that ‘code is law,’ or believe that they have a free pass to take assets that aren’t theirs simply because those assets exist on a distributed ledger,” Day said.

Medjedovic did not respond to Blockworks’ request for comment.

Tags

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

Brooklyn, NY

SUN - MON, JUN. 22 - 23, 2025

Blockworks and Cracked Labs are teaming up for the third installment of the Permissionless Hackathon, happening June 22–23, 2025 in Brooklyn, NY. This is a 36-hour IRL builder sprint where developers, designers, and creatives ship real projects solving real problems across […]

recent research

Featured.png

Research

Helium stands at a pivotal moment in its evolution as a decentralized wireless network, balancing rapid growth, economic restructuring, and global expansion. With accelerated growth in domestic DAUs and Hotspots supporting its network, Helium is leveraging strategic partnerships and innovative proposals to scale internationally. The recent implementation of HIP 138, “Return to HNT,” has unified its token economy under HNT, simplifying participation and strengthening liquidity, while HIP 139’s phase-out of CBRS refocuses efforts on scalable Wi-Fi offload. Meanwhile, governance shifts under HIP 141 raise questions about centralization as Nova Labs consolidates control over the roadmap.

article-image

Financial advisers in a January survey said equity ETFs were their top choice for gaining crypto exposure in 2025

article-image

“Why put a target out there that’s really speculative, not knowing exactly where this environment is going to go?” CarMax CEO Bill Nash said

article-image

While the head of Base may support legal sex work, Coinbase policies prohibit said workers from using its exchange.

article-image

EVM bottlenecks fundamentally hold back Ethereum’s scalability

article-image

In 2011, WikiLeaks faced a financial blockade imposed by the US government. It was Bitcoin’s first major test.

article-image

Kado’s founder Emery Andrew spoke to Blockworks about the acquisition and what’s next for the team