Ricardian contract

From Wikipedia, the free encyclopedia

The Ricardian contract, as invented by Ian Grigg in 1996, is a method of recording a document as a contract at law, and linking it securely to other systems, such as accounting, for the contract as an issuance of value.[1][2][better source needed] It is robust through use of identification by cryptographic hash function, transparent through use of readable text for legal prose and efficient through markup language to extract essential information.

A Ricardian contract places the defining elements of a legal agreement in a format that can be expressed and executed in software.[3] The key is to make the format both machine-readable, such that they can easily be extracted for computational purposes, and readable as an ordinary text document such that lawyers and contracting parties may read the essentials of the contract conveniently.[citation needed]

From a legal perspective, it has been claimed the use of markup language embedded within a mostly legal prose document can lead to reduced transaction costs, faster dispute resolution, better enforceability and enhanced transparency.[better source needed][4][5] From a computing perspective, the Ricardian contract is a software design pattern to digitize documents and have them participate within financial transactions, such as payments, without losing any of the richness of the contracting tradition.[citation needed] Publication of the content and reference to that content by the unique cryptographic message digest is claimed to prevent frauds based on multiple presentations.[better source needed][5]

The method arises out of the work of Ian Grigg completed in the mid-1990s in contributions to Ricardo,[6][better source needed] a system of assets transfers that was built in 1995-1996 by Systemics and included the pattern. The system and the design pattern was named after David Ricardo in honour of his seminal contribution to international trade theory.[citation needed]


A Ricardian contract can be defined as a single document that is[1]

a) a contract offered by an issuer to holders,
b) for a valuable right held by holders, and managed by the issuer,
c) easily readable (like a contract on paper),
d) readable by programs (parsable like a database),
e) digitally signed,
f) carrying the keys and server information, and

g) allied with a unique and secure identifier


The Ricardian contract separates the agreement of parties across time and domain. On the left of the "Bowtie" representation,[clarification needed] the negotiation and formation of a legally binding contract leads to a single parent document that defines all of the intent of that agreement. On the right, the performance of that agreement might involve many transactions to be accounted for, logically separated from the meaning of the issue.[citation needed] The join between the legal world and the accounting world is formed by the hash — each transaction locks in the terms and conditions of the precise deal of the parties by including the hash of the contract in every relevant transaction record, yet the operation of the transactions and the issuance of the contract are cleanly separated and thus perverse incentives are eliminated.[7]

BowTie diagram of Ricardian contract elements & generatives

Legal relationship[edit]

The role of the Ricardian contract is to capture the contractual relationship between contracting parties to assist later performance of that contract by programs.[citation needed] In its contractual form, it is the recording of an offer from an issuer to a holder. The offer is signed digitally within the format by the offerer, typically using a plaintext digital signature such as provided by OpenPGP.

The acceptance of the contract is typically formed by signing/agreeing to a transaction that refers to the hash of that contract. Within the context of a high-performance payment system, a secure payment will cite the hash of the contract of the instrument being paid, as well as paying and payee parties and a quantity of units.[8] In a smart contracts system, the acceptance would be performed by operating the contract's code to move the state of the agreement forward.

Signing and intent[edit]

Typically, the signing of the contract by any party is overtly performed by use of a private key. The original offerer's signature is typically over the original document, and is then appended to form a fully binding, readable offer for the assets described in the document.[citation needed]

Later participation by parties in the contract such as payments or smart contract performance will typically sign over a hash identifier (as generated by a cryptographic hash function) over the signed original document. In contrast to the initial signature, the use of the hash of the contract within following transactions also signals intent, and forms a covert signature over the contract. Although private key signatures are well studied and are subject of legal frameworks such as the European digital signature directive, Grigg suggests that the trail of hashes – entanglement – forms a more effective evidence of intent[1] than a private key signature.


If the agreement is more complicated than a single document can describe, the documents can be chained: An acceptance of an offer can be a Ricardian contract that includes the hash of the offer, or the acceptance can include the entire contents of the earlier phase, a design pattern known as Russian dolls[citation needed] used by both OpenTransactions and OpenBazaar. These referral patterns can be conducted multiple times to create a chain or hierarchy of elements.


A relevant decision is choosing a representation of the text such that markup can be included to assist the software agent while maintaining readability.[citation needed] To be a Ricardian contract, it has to be parsable both by the program and by a human reader.[9]

"Readability" is necessarily defined relative to some viewing interface. Embedded markup systems such as XML are commonly viewed not as "raw source", but with much richer formatting applied. Jurists need not view "raw" JSON, LaTeX, or XML any more than Web users must view raw HTML or hexadecimal PNG images. Some visually impaired readers necessarily use very different interfaces. Even "plain text" editors differ in the treatment of character sets and character encodings, OS-specific line-ends, fonts, tabs, wrapping of long lines, etc. Even a simple text editor can be hacked to mis-display text in a desired way, just like any other software can. But with standard, non-binary data representations underneath users can compare multiple viewing solutions, and with text-based representations as opposed to binary files it is practical to check the source document directly when desired (or, as commonly done, to view fully-formatted and raw views simultaneously).

An ideal document format should also support a canonical form hash (cryptographic hash function), that is, have a way of delivering a hash over contents that does not change due to common serialisation and transmission artifacts. LaTeX and XML are suitable because their source is generally readable by humans, and they have widely-available renderers. XML also has a standardized Canonical XML form which is specifically designed to facilitate cryptographic hashing, and neutralizes minor syntactic variations such as insignificant whitespace, platform-specific line-ends, order of attributes, etc.

Popular formats such as JSON and Semantic Web formats are often, though not always, much less readable in raw form to non-programmers such as jurists, and much more subject to unbounded syntactic but not semantic variation.[10][11][better source needed]

Relationship to smart contracts[edit]

Smart contracts, as defined in the work of Nick Szabo are an abstract concept relating to the automated performance of an already agreed contract,[12] whereas the Ricardian contract is a design pattern to capture the intent of the agreement of the parties, before its performance.[citation needed]

By means of hashes within as references or links to external documents, above, the Ricardian contract form easily extends to refer to code.[3][13][better source needed] The explicit referral to the code can pass legitimacy from overarching legal prose to the code, thus implementing the concept of the smart contract.[14]

Refactoring to describe blockchains and to integrate references to smart contract logic created a hybrid version of the Ricardian contract.[13][15] This form proposes a tuple of {prose, parameters, code} where the parameters can particularise or specialise the legal prose and the computer code in order to create a single deal out of a template or library of components.[3] Also known as a Ricardian triple, it can describe blockchains, smart contracts, IoT devices and persons.

Intellectual property[edit]

The Ricardian contract is free of any intellectual property restrictions, other than the request that any implementations cite the author and link to the paper.[16] It was fully published as design and implementation in 1996, and was described in an academic paper presented in 2004. No patent or other intellectual property mechanism was ever asserted by its inventor, Ian Grigg nor by Systemics.


  1. ^ a b c Grigg, Ian (2004). "The Ricardian Contract". Proceedings of the First IEEE International Workshop on Electronic Contracting. IEEE: 25–31. doi:10.1109/WEC.2004.1319505. ISBN 0-7695-2184-3.
  2. ^ Chohan, Usman W. (11 December 2017). "What is a Ricardian Contract?". Cyberspace Law eJournal. Social Science Research Network. SSRN 3085682.
  3. ^ a b c Clack, Christopher D.; Bakshi, Vikram A.; Braine, Lee (2016). Smart Contract Templates: foundations, design landscape and research directions. arXiv:1608.00771.
  4. ^ Nagy, Daniel A.; Shakel, Nadzeya V. (2008). Tsudik, Gene (ed.). OpenPGP-based Financial Instruments and Dispute Arbitration (PDF). Financial Cryptography and Data Security. Lecture Notes in Computer Science. Vol. 5, 143. Cozumel, Mexico: Springer. pp. 267–271. doi:10.1007/978-3-540-85230-8_24. ISBN 978-3-540-85229-2.
  5. ^ a b Nagy, Daniel A. (2006). "On Digital Cash-like Payment Systems". Proceedings of the International Conference on E-Business and Telecommunications. Communications in Computer and Information Science. 3: 26–38. doi:10.1007/978-3-540-75993-5_3. ISBN 978-3-540-75992-8.
  6. ^ Grigg, Ian (February 2000). Financial Cryptography in 7 Layers. Proceedings of Financial Cryptography Conference 2000. LNCS. Vol. 1, 962. Anguilla, British West Indies: Springer Verlag.
  7. ^ Franco, Pedro (2014). "14.5 Open Transactions". Understanding Bitcoin: Cryptography, Engineering and Economics. John Wiley & Sons. pp. 240–241. ISBN 978-1-119-01916-9.
  8. ^ Howland, Gary (1996). "Development of an Open and Flexible Payment System". Systemics.
  9. ^ Wörner, Dominic; von Bomhard, Thomas; Schreier, Yan-Peter; Bilgeri, Dominic (2016). "The Bitcoin Ecosystem - Disruption beyond Financial Services?". {{cite journal}}: Cite journal requires |journal= (help)
  10. ^ "Ricardian Implementations". Webfunds. 2016.
  11. ^ Batlin, Alex (2016). "Crypto 2.0 Musings – Combining Ricardian and Smart Contracts". LinkedIn.
  12. ^ Szabo, Nick (1994). "Smart Contracts". Archived from the original on 6 March 2016. Retrieved 13 June 2016.
  13. ^ a b Grigg, Ian (2015). "The Sum of all Chains – Let's Converge". Coinscrum.
  14. ^ Brown, Richard Gendal; Carlyle, James; Grigg, Ian; Hearn, Mike (2016). "Corda: An Introduction" (PDF). Archived from the original (PDF) on 6 June 2017.
  15. ^ Grigg, Ian (2015). "On the intersection of Ricardian and Smart Contracts".
  16. ^ Grigg, Ian (2016). "IP Concerns over Ricardian Contracts". Financial Cryptography.