A machine flag on a data record which doesn't even say SPEND_WITH_PASSWORD, but is instead a set of machine instructions, to be interpreted by a machine that nobody really fully understands, is not human-readable English, and can reasonably be set without intent to allow anyone to spend it - it's easy to mess up and make it less secure than you intended.
Therefore, it's not a contract, by definition, no matter what a subset of the population would like to think. Also - what if there's a crypto bug somewhere in Bitcoin, or a popular key/password generator? If it turned out all SPEND_WITH_PASSWORD transactions are far weaker than expected, does that mean it would be perfectly legal for anyone to steal money from all such transactions? I can't see a court saying "yes" to that, any more than they'd say that if your computer wasn't secure enough it'd be legal to access your bank account details and steal all your money from your bank. Or you could also bring up the argument that you'd get your money back if you'd sent money to the wrong person by PayPal/Faster Payments/whatever and had to take it to court, and the term "smart contract" doesn't actually change what's almost the same action.
This doesn't necessarily mean the blockchain needs to include some sort of "revoke transaction" functionality, but it is something that you can take to court if you find out who stole your money. New tech doesn't mean that courts suddenly break every rule that's been developed over hundreds of years. Courts are very used to dealing with "irrevocable" transactions.
Therefore, it's not a contract, by definition, no matter what a subset of the population would like to think. Also - what if there's a crypto bug somewhere in Bitcoin, or a popular key/password generator? If it turned out all SPEND_WITH_PASSWORD transactions are far weaker than expected, does that mean it would be perfectly legal for anyone to steal money from all such transactions? I can't see a court saying "yes" to that, any more than they'd say that if your computer wasn't secure enough it'd be legal to access your bank account details and steal all your money from your bank. Or you could also bring up the argument that you'd get your money back if you'd sent money to the wrong person by PayPal/Faster Payments/whatever and had to take it to court, and the term "smart contract" doesn't actually change what's almost the same action.
This doesn't necessarily mean the blockchain needs to include some sort of "revoke transaction" functionality, but it is something that you can take to court if you find out who stole your money. New tech doesn't mean that courts suddenly break every rule that's been developed over hundreds of years. Courts are very used to dealing with "irrevocable" transactions.