One of the foundations (or, rather, promises) of cryptocurrencies that provided them with the initial traction, was the ability to forego the custodian relationship in a post-cash society and the ability to transact without a middleman. In a sense, a way to walk away from the status quo monetary system.

So, what are these freedoms built upon?

Firstly, it is the inability of any individual party from making transactions with money that doesn’t belong to them.

In Bitcoin (and, subsequently, in some of the Bitcoin-based token systems, like colored coins) this is accomplished by ensuring that every transactor should be able to “unlock” the previous transaction’s output satisfying previous transactor’s requirements. Most often, that means they have to demonstrate the possession of the corresponding private key by signing the new transaction.

Since the guarantees demonstrated by such transactions are universally understood and respected by the participants of the blockchain, we can be reasonably sure no one can move our money unless they’ve got our keys.

Ethereum, having a much more flexible design, introduced the concept of a smart contract, or a program that can be invoked by a transaction. These are the foundation blocks for DApps (decentralized applications). One of the most common uses for these contracts have been so called “token contracts”. They define the issuance, transfer and computation of balances for every individual token. It’s a nice design, as it allows to experiment with the “laws of monetary physics”.

However, with this design, the actual possession of the token goes away from the holder to the smart contract, making that smart contract the custodian. It will transact on your behalf but will never “give” the tokens to you. You can’t own such a token without the contract that runs it.

Technically speaking, when invoked, the contract can do whatever it pleases. There is no cryptographic “connection” between ownership and transactions. It is up to the contract to enforce ownership or permissions of any other kind.

Sure, the code of the contract is always available and therefore, auditable. However, given the flexibility of the platform and the complexity that stems from it, review omissions are bound to happen. It would have been easier if there was just one contract to inspect, but if the current situation is of any indication, we’ll be holding a lot of different tokens.