Just how decentralized are cryptocurrencies?

“I’ll tell you another story that is underreported, but worth paying attention to. Bitcoin is really controlled by China. There are four miners in China that control over 50% of Bitcoin.”

When Brad Garlinghouse made this recent assertion, it seems he was referring to China’s disproportionate accumulation of Bitcoin mining power. The Ripple CEO highlights an issue that continues to be fervently debated in the crypto community — namely, that despite decentralization being a core principle of cryptocurrencies, Bitcoin — and indeed, many of the biggest cryptocurrency projects — continue to exhibit some degree of centralization, in one form or another.

Of course, it’s no secret that Ripple itself has its own issues in this regard, which has led to a highly polarized debate over whether it can truly be considered a cryptocurrency. Nevertheless, Garlinghouse’s observation still rings true.

A decentralized world in which no central entity can wield excessive power is undoubtedly an enticing concept. Indeed, it is an ideal that fuels much of the current interest in cryptocurrency. But it is also worth acknowledging that many cryptocurrencies do not quite represent the decentralized panacea that many of us had assumed. Well, not yet, anyway.

With this shortcoming in mind, we investigate some of the most common ways for centralization to arise within the cryptosphere.

Centralization in consensus

In Bitcoin’s seminal whitepaper, Satoshi Nakamoto described the Proof of Work (PoW) consensus mechanism as “one-CPU-one-vote”. This principle highlights the intention for mining power to be distributed fairly among the nodes in the network, with a decentralized and democratized system of block validation taking hold.

But Satoshi’s vision hasn’t quite materialized in the 9 years since Bitcoin’s inception. Instead, an arms race has emerged among miners, one that has seen more powerful — and more expensive — mining equipment (such as GPUs and ASICs) being widely adopted in order to boost miners’ chances of earning block rewards.

Whether this current scenario was anticipated in Satoshi’s initial analysis is not exactly clear. But what has resulted is the aggregation of hashing power around mining pools, each comprising of several individual miners using increasingly powerful hardware. Looking at Bitcoin’s distribution of hashing power, we see that just three such pools — BTC.com, AntPool and F2Pool — control over half of the network (not four as Garlinghouse stated).

In fact, given that BTC.com and Antpool are owned by the same company — Bitmain — one entity is responsible for a whopping 42% of the network’s hashrate. That’s some serious centralization going on right there. Should these mining pools be compromised by an external attacker, it could have profound consequences for the health of the entire network.

And given that virtually all the biggest pools are based in China — where an abundance of coal and hydroelectric facilities facilitate cheap electricity for profitable mining endeavours — collusion among the big entities becomes all too real a possibility. A “majority attack” — whereby one entity ends up controlling the majority of the network hashrate and maliciously reverses transactions on the blockchain in order to “double spend” coins — then becomes a feasibly destructive threat.

Ethereum, which also currently uses PoW to secure the network, poses a similar problem. The top 3 mining pools control more than 50% of the hashing power, while the top 5 control a hefty 80%. And again, a substantial portion of the network hashrate is located in China.

But it’s not only PoW coins that are vulnerable to centralization. Other consensus mechanisms such as Proof of Stake (PoS) are now experiencing a rise in the number of staking pools. Similar to mining pools, staking pools combine the staking value of individual nodes to improve the chances of being picked to verify a block.

The advantages of cheap electricity isn’t a significant factor for PoS coins, and thus the geographical congregation of pools in one particular country is unlikely. That said, the potential profits realized by large staking pools vis-à-vis small ones/individual nodes could lead to a highly uneven distribution of profits — and power — in favor of the biggest pools.

Centralization of token distribution

What do you consider to be a more decentralized project: one that has 10,000 token holders each holding about 0.01% of the total token supply; or one that has 500 token holders, one of whom holds 20% of the token supply and another who holds a further 15%? Clearly, the former is more decentralized in the sense that no single token holder has any significant influence over the others.

In the latter example, however, dominant token holders exist who can wield influence. EOS offers a pertinent example in this regard. The year-long ICO for the highly-anticipated blockchain project ended about a month ago, with an astounding $4 billion raised. But according to recent research from Trustnodes, a mere 10 addresses hold 496,735,539 EOS tokens — equivalent to 49.67% of all one billion EOS tokens.

Indeed, given this highly unequal distribution, as well as a handful of additional factors, Weiss Ratings — the first ratings agency for cryptocurrencies — identifies a handful of key issues that it says makes the EOS platform “one of the most centralized distributed ledgers in the world today”.

In a market context, for instance, dominant token holders can and often do operate as whales, manipulating the price of the coin and even engaging in pump-and-dump schemes, as we’ve already witnessed on several occasions.

It is also worth acknowledging that nearly every project will lock up a substantial portion of the token supply for its creators/developers. This gives rise to the possibility of scams emerging, whereby the project creator — and majority token holder — can simply dump his/her holdings at a sufficiently inflated price before making a run for the hills. That leaves the remaining investors in the project holding on to soon-to-be worthless tokens of an abandoned project.

And in many projects, the influence that each token holder can have also varies. Take the increasingly popular case of masternodes — network nodes who own a significant number of tokens and are thus rewarded more handsomely than ordinary token holders. Some projects such as Dash give their masternodes greater power on the network through enhanced voting rights with regards to how the network functions. Whilst not a huge concern from a centralization perspective, masternodes nonetheless hold an advantage over other token holders as far as making important decisions regarding the network is concerned.

Centralized decision-making

Under a decentralized model, taking decisions pertaining to changes or updates to the ledger should be as democratized throughout the network as possible. But with some cryptocurrencies, this is simply not the case. And Ripple provides arguably the clearest example.

Ripple employs its own consensus mechanism, called Ripple Protocol consensus algorithm (RPCA). But with XRP tokens having been ‘pre-mined,’ in that virtually the entire token supply already exists, there is no validation process that results in new coins being minted as rewards. Instead, Ripple is in control of how and when these existing coins are issued. Clearly, having this much power over how the ledger functions implies a strong degree of centralized power.

Ripple also seems to exert control over the validators themselves. In an attempt to identify five of the network’s validators, BitMex Research found that it could only connect to public keys that were “assigned to Ripple.com.” As such, it concluded that since the keys were all downloaded from the Ripple.com server, rather than a broader network, “Ripple is essentially in complete control of moving the ledger forward, so one could say that the system is centralized.”

And when things go wrong on the blockchain, we have seen decisions being made on a distinctly centralized basis. Among the clearest examples so far has been the decision to reverse The DAO hack on Ethereum via a hard fork, in order to return stolen funds to investors. Although the fork was voted for by the Ethereum community, the very fact that the Ethereum foundation intervened to initiate the vote in the first place raises questions over whether a central authority should have such power, even if it’s ostensibly for a good cause.

More recently, the problems with the launch of EOS’ mainnet blockchain resulted in Block.one having to make the decision to freeze seven accounts. As Dogecoin founder Jackson Palmer observed:

There are many more examples of top crypto projects exhibiting some tendency towards a centralized model — Bitcoin Cash has similar hashing power issues to Bitcoin, Litcoin’s top 100 token holders account for a hefty 45% of the total coin supply, and all of NEO’s validator nodes are currently run by one centralized entity.

Ultimately, how you regard this issue depends on whether you consider yourself to be a “decentralization purist”. For many, the need for decentralization is essential, a way to rid the world of excessively powerful, inefficient and costly central authorities, and to facilitate direct peer-to-peer business. And so, checking for ‘sufficient decentralization’ becomes an important part of many investors’ research.

With that in mind, our next piece will outline a ‘checklist’ for you to follow — a set of indicators and useful tools you can use to decide whether you are comfortable with the degree of decentralization being implemented by a particular project.

Originally published at www.datadriveninvestor.com on June 30, 2018.

Just how decentralized are cryptocurrencies? was originally published in Data Driven Investor on Medium, where people are continuing the conversation by highlighting and responding to this story.