Cryptocurrencies, and blockchain technology in general, were originally created to operate without the need for trusted third parties. The Bitcoin Whitepaper explicitly proposed an electronic payment system that does not require trusted financial intermediaries. Through a combination of cryptographic proofs and economic incentives, Bitcoin would facilitate direct peer-to-peer transactions between two parties without having to rely on financial institutions. Satoshi Nakamoto, the pseudonymous author of the Bitcoin Whitepaper, claimed that the removal of trusted financial intermediaries would better protect parties undertaking transactions against fraud (i.e., a breach of trust).
It is important to establish that, within the context of a financial transaction, a financial institution such as a bank is a centralized entity that can single-handedly make decisions pertaining to that transaction. For example, this entity can easily stop or reverse transactions. Furthermore, others who maliciously gain access to the centralized entity can abuse their level of control to harm the users of a trusted financial intermediary. Centralized entities are potential single-point-of-failures, which can cause the entire system to break down. The main objective of blockchain technology is to decentralize control of a system in such a way that single, centralized actors are no longer individually capable of inadvertently or intentionally making decisions that influence the entire system. In the ideal situation, blockchain technology transfers this control from centralized entities to a distributed network of equal and independently operating participants (nodes). In such a distributed system, a single participant alone cannot prevent or alter transactions or negatively impact the network in any other way. This setup protects the system against potential single-point-of-failures and gives rise to properties such as immutability and censorship resistance. Trust minimization is the core concept involving these properties, as they offer protection against malicious entities and enable end-users to rely on the software rather than a single trusted financial intermediary.
The level of (de)centralization in a blockchain-based system is, however, not a binary value. There are multiple dimensions in a blockchain ecosystem that may experience various levels of (de)centralization. In other words, there are various dependencies on third parties that may affect the trust-minimized ideal of blockchain technology, which, in turn, can impact the aforementioned benefits that the technology may offer. The Bitcoin community often argues that a change to the Bitcoin software, in which its proof-of-work (PoW) mechanism is replaced in favor of a (more sustainable) proof-of-stake (PoS) mechanism, could make the network more centralized and compromise security. In Section 2, we will, therefore, explore how (de)centralization takes place in the network when these mechanisms are employed. Subsequently, Section 3 will highlight other aspects of blockchain (de)centralization that are not captured in the previous discussion.
2. PoW versus PoS decentralization
Before discussing (de)centralization in PoW and PoS, it is important to understand the role of these mechanisms in blockchain technology. Both PoW and PoS are part of the consensus mechanisms that govern cryptocurrencies such as Bitcoin and Ethereum. Essentially, the consensus mechanism prescribes how a distributed network of nodes reaches agreement on the current state of the blockchain. In Bitcoin, this set of rules is known as the Nakamoto Consensus. These rules, for example, define what constitutes a valid transaction or a valid block and how the network should decide on which blocks are added to the blockchain (which is where PoW comes in). Therefore, although PoW is an important part of the Nakamoto Consensus, it would be wrong to solely refer to PoW as the consensus mechanism.
PoW specifically enables the network to align with the current state of the blockchain while also providing an incentive to anyone to participate in the network in the first place. New blocks of transactions can only be added to the blockchain after a valid PoW has been obtained. The process of doing so can be best described as a massive numeric guessing game, wherein the first participants to correctly guess a certain predefined winning number are allowed to create the next block for the blockchain. This block will also contain a monetary reward for the participant who created it. This process is also referred to as PoW mining or, simply, mining. All the mining devices in the Bitcoin network together generate around 500 quintillion guesses every second of the day, non-stop, as of late 2023. In Bitcoin’s blockchain, this process of guessing will, on average, result in one new block being created every 10 minutes. The software self-adjusts the difficulty of guessing the winning numbers to keep the issuance rate steady. The fact that it costs electricity to operate the machines participating in this mining process (along with the costs of acquiring the machines in the first place) provides an incentive to keep participants behaving honestly, as dishonest behavior will either not yield any reward at all or probably negatively impact the value of the rewards on being successful.
2.1 PoW decentralization
As not all participants in the mining process necessarily hold an equal amount of computational power, this part is also where the first cracks in Bitcoin’s decentralized control start to appear. Bitcoin has an open network where anyone can participate with any amount of computational effort they may be able to afford. Some participants in Bitcoin’s mining process have invested millions and even billions in large Bitcoin mining farms that cluster significant amounts of the computational effort in Bitcoin’s mining network at a single location. As the cost of electricity consumed for operating the mining devices is a key factor that ultimately determines a miner’s profitability, miners can benefit from economies of scale in minimizing cooling power requirements and obtaining lower (industrial) electricity rates. Moreover, network participants also tend to cluster together at the same geographical locations that offer the lowest electricity rates. Wealth inequality and spatial inequality, combined with economic incentives, distort the likelihood of having a perfectly distributed network of equal and independently operating participants, and the effects of this inequality on Bitcoin’s mining network have been profound. In March 2023, the New York Times identified a list of just 34 Bitcoin mining facilities (controlled by 22 different entities) in the United States, which represented about a third of the total worldwide Bitcoin mining network at the time. Additionally, roughly half of these 34 facilities’ total capacity was found solely in the state of Texas (controlled by nine different entities).
The clustering of computational power in a PoW-based network presents a risk in the context of decentralized control, as a sufficiently large cluster may, in fact, be able to exercise control over the underlying blockchain. This situation is where the term “majority attack” (also known as “51% attack”) becomes relevant, as it refers to the situation in which an entity (or a group of entities) accumulates more than half of the network’s computational power and abuses the power to disrupt the blockchain. Specific actions such an attacker could take would include double-spending their own money, undoing transactions by others, and even preventing any transactions from taking place at all (i.e. paralyzing the network). Bitcoin itself has never experienced such an attack in its entire history, but others, such as the Bitcoin spin-off Bitcoin Gold, have, and it will always remain a risk that such an event may one day affect Bitcoin. This exact risk is hard to quantify, but the risk certainly goes up the more computational effort is concentrated under the control of a limited group of participants.
Besides these physical clusters of mining devices, it is also possible to observe significant virtual clusters of computational power in the Bitcoin network. Miners typically combine their computational power in so-called mining pools, allowing them to operate as a single mining entity. By doing so, miners can make their income stream more predictable. On average, the Bitcoin blockchain adds only 144 blocks per day, whereas only the creators of a block are rewarded. With millions of active mining devices in the Bitcoin network, the chance that a single device will ever get to create a block during its entire lifetime is extremely small. However, by combining computational power into mining pools, the relative share of an entity in the network can go up significantly. As the chance of creating a block is ultimately proportional to one’s share of the total computational power in the network, a Bitcoin mining pool controlling 10% of the network’s hash rate can, on average, mine 14.4 blocks per day. The mining pools then distribute these rewards to their participants proportionally to their respective share of computational effort made available to the mining pool. In Bitcoin’s case, more than half of the network’s computational power has been clustered in only two mining pools as of late 2023. Notably, in 2014, there was even a brief moment during which a single mining pool (GHash.io) controlled the majority of the Bitcoin network’s computational power by itself. Even this situation did not lead to an actual majority attack; however, the ease at which such an attack could have been executed (either by the pool owner or a malicious third party with access to the pool server) has never been greater.
Finally, the dominance of certain companies in the manufacturing of Bitcoin mining hardware has also proved to be a challenge when it comes to keeping control over the mining network decentralized. Bitmain, the largest manufacturer of Bitcoin mining devices, was caught implementing a backdoor to their devices in 2017, when the company had an estimated market share of around 80%. This backdoor, known as Antbleed, could have been used to remotely shut down mining devices. For Bitmain (or any malicious third party that gained access to Antbleed), using this backdoor would have been an easy way to take control of the mining network, as they would only have had to shut down all devices outside their own control in order to take full control over Bitcoin’s mining process.
At this point, it is important to establish that decentralized control is a complex matter and that Bitcoin’s mining network is far from a perfect example of what it should look like. Although Bitcoin may never have experienced a situation in which the network’s weakness in this regard was abused, the risk has been (and continues to be) unacceptably high in various cases. It is, however, not an easy task to quantify this risk into a single metric. Moreover, the risk landscape looks very different for alternative mechanisms such as PoS, which also makes it difficult to compare individual elements. The next section will explore the various dimensions that influence decentralization in PoS-based networks.
2.2 PoS decentralization
Until September 2022, the second-largest cryptocurrency by market capitalization, Ethereum, was operating on the same type of PoW mechanism as Bitcoin. During this month, the Ethereum community accepted a software change in which the PoW mechanism was replaced by PoS. This transition was called the “Merge.” By changing this part of the software, Ethereum effectively changed the way in which the network aligns itself with the current state of the underlying blockchain. While this process took place in PoW through what has been described at the start of Section 2 as a computationally intensive numeric guessing game, it looks completely different when a PoS mechanism is employed. Although the blockchain largely continues to function in the same way and there is still a reward for participating in the block creation process, computational effort plays no role in selecting which participants are able to create the next block for the blockchain. In PoS, participants lock up a certain amount of wealth as collateral in the staking process, from which the algorithm then selects a random participant to create the next block for the blockchain. One’s chance of winning here is proportional to one’s share of the total wealth staked rather than one’s share of the network’s computational power, which removes the need to compete on the latter altogether. The reason this mechanism is called proof-of-stake is that participants can have their collateral slashed as a result of bad behavior; therefore, they are putting their wealth at risk (i.e. “at stake”).
Due to the lack of computational effort in PoS, there are no mining facilities, no mining pools, and no mining hardware manufacturers. This lack makes it impossible to do a one-to-one comparison between a PoW-based network and a PoS-based one based on these factors. At the same time, in the same way that there is inequality in the computational power held by Bitcoin’s network participants, there exists inequality in the wealth held by Ethereum’s network participants. Likewise, this inequality may pose a threat to the extent to which the network is free from centralized control.
For a start, while Ethereum does not have mining pools, it does have staking pools. Indeed, similar to mining pools where computational effort may be combined to increase the probability of obtaining block rewards, wealth may be combined in a staking pool for a similar effect. Furthermore, staking pool participants need not worry about the technical side of setting up and maintaining a validator node, while they may also be enabled to participate in the staking process even if they do not meet the minimum requirements. In Ethereum, operating a validator node requires a minimum of 32 Ether (ETH). Additionally, similar to how clustering in mining pools is a risk to decentralization in PoW, clustering in staking pools is a risk in PoS. However, a look at the Ethereum staking pool distribution as of late-23 highlights the difficulty in assessing this risk.
While the staking pool distribution shows several centralized entities, such as Coinbase and Binance, offering staking services, Lido and Rocketpool are examples of decentralized staking pools. Lido operates as a decentralized autonomous organization (DAO) in an attempt to decentralize its governance, theoretically making it less risky than a traditional centralized entity. At the same time, this risk is hard to evaluate, as it, for example, also depends on the distribution of governance tokens (i.e. centralization risks within the DAO) and on how the cybersecurity risks of using smart contracts compare to a more traditional environment. Moreover, a bigger concern with regard to the pool distribution is that nothing is known about the majority of the stakeholders. In Bitcoin’s mining pool distribution shown in Section 2.1, only a limited share of the computational power can be attributed. While Bitcoin’s mining pool distribution does not look very decentralized, it does provide a solid sense of direction for understanding how network participants are exposed to various entities. However, a similar sense cannot be obtained when the majority of the network is simply not known. It cannot even be ruled out that, ultimately, a majority of these unknown validators are controlled by the same entity. The only certainty is that wealth in Ethereum is extremely unequally distributed, as it was previously found that the top 100 Ethereum accounts held 35.13% of all wealth (in comparison the top 100 addresses in Bitcoin controlling 13.52% of all Bitcoins). Consequently, there is a serious risk that a limited group of entities may threaten Ethereum’s current and/or future decentralization. In Ethereum it is already the case that several staking services actively engage in transaction censorship. As a result, roughly one third of all blocks created on the Ethereum blockchain are compliant with sanctions by the U.S. Office of Foreign Assets Control as of December 2023. These sanctions specifically target cryptocurrency mixer Tornado Cash, while compliance with these sanctions (coming from a U.S. government authority) highlight how centralization among stakeholders leaves the network vulnerable to being influenced by a centralized entity.
On examining how mechanisms such as PoW and PoS influence blockchain decentralization, it becomes evident that neither solution can guarantee perfectly decentralized control. Each solution carries its own unique landscape of risk factors with regard to where the network may become too centralized, while even the risk factors that appear to be similar have their own unique properties to consider. The higher the degree of centralization in one or more of these factors, the greater the chance that a limited group of entities may be able to adversely impact the network. Both PoW and PoS mechanisms contain (economic) incentives that may naturally encourage some level of centralization. At the same time, a single entity controlling a majority of the network in some form or capacity is not necessarily a guarantee that the power will be abused either. The fact that abusing a majority on a blockchain would likely negatively impact the value of the native cryptocurrency may, in itself, be a strong deterrent to such an event. Even so, majority attacks have affected other blockchains than those of Bitcoin and Ethereum before; hence, the risk is not purely hypothetical.
In particular, in the case of Bitcoin mining, the risk of a network incident may continue to grow over time. With every 210,000 blocks (roughly every 4 years), the built-in reward that is awarded to miners for creating new blocks is halved. At Bitcoin’s inception, miners received 50 Bitcoins (BTC) for creating a new block. In 2012, it was first cut in half to 25 BTC per block. In 2016 and 2020, the fixed reward dropped to 12.5 and 6.25 coins per block, respectively. In 2024, another halving will occur, reducing the fixed reward to 3.125 coins. Throughout Bitcoin’s history, increases in the value of BTC have (more than) offset the financial impact of these reward halvings for miners. At the same time, it does not appear likely that the value of Bitcoin will continue to grow at the same pace as it historically has. Even if it does, the fixed block rewards will eventually run out when the last Bitcoin is mined around the year 2140. This means that, over time, the cost of attacking the network could decrease, deteriorating the network’s security. The decreasing block rewards have previously been referred to as the doomsday economics of PoW.
In summary, while it may be difficult to state which mechanism is superior when it comes to keeping a blockchain network decentralized and secure (as both PoW and PoS face their own unique challenges), it can also be established that – at least in the long run – Ethereum’s PoS does currently have an advantage over Bitcoin’s PoW. It remains to be seen if either mechanism can withstand a serious attempt by a major nation-state to undermine the network. Countries such as China previously had plenty of opportunity to do so to Bitcoin, either by directly targeting the majority of Bitcoin miners within the countries’ borders before the spring of 2021 or through the Chinese mining device manufacturer Bitmain, but they never displayed an active interest in abusing their position. With economic incentives constantly leading to new weak spots with regard to network decentralization (e.g. the current concentration of physical mining hardware in certain US States), it will not be the last time a nation-state may be tempted to abuse these weak spots and adversely impact the network. In the meantime, what is seen as a decentralized and secure blockchain could be nothing more than an incident waiting to happen.
3. Blockchain decentralization beyond PoW and PoS
The previous section explored how PoW and PoS mechanisms affect blockchain decentralization. However, these mechanisms are only a small part of the total software of Bitcoin and Ethereum respectively, and even a limited (though important) part of their respective consensus mechanisms. There are a lot more risk factors to consider beyond these specific mechanisms that may lead to network centralization and, in turn, compromise security. This section will continue to discuss various of these risk factors.
3.1 Software development
The software development processes of both Bitcoin and Ethereum have often been scrutinized for being too centralized. Even though the objective of blockchain technology is to replace trust in institutions by trust in software code, the reality is that the software has to be maintained and this maintenance is ultimately still done by humans. Moreover, we can find that the number of people involved in this process is limited and that certain privileges do exist among the maintainers. The software for both Bitcoin and Ethereum is open source and made accessible through GitHub, allowing anyone to view and contribute to the code, but only a limited number of people actually have the ability to implement these code changes. In Bitcoin’s case there are only a handful of people that hold the keys necessary to effectuate code changes. Moreover, while anyone can contribute to the code, Bitcoin was found to have only 40 to 60 monthly active developers. The blockchain software may be open source, but only few people have the high level of technical expertise required to properly evaluate the code. The development process was therefore found to be both highly centralized and largely undemocratic, leading to the overall system displaying a highly technocratic power structure.
It is also possible to find several past examples of how this can potentially lead to severe network incidents. As recently as 2018 a major bug was discovered in the Bitcoin software that could have been used to inflate the supply of Bitcoins beyond the hard coded 21 million limit. This bug existed for more than a year. In this case the bug was never actually abused, but even earlier in Bitcoin’s history (in 2010) there was another incident in which 184 billion BTC were created out of thin air due to a software exploit. At the time, a new version of the software was quickly rolled out to roll back the inflation in Bitcoin’s supply. The bug itself was described as “an oversight in the code” that prompted additional safeguards in the review and security audit process. The more recent incident highlights that, despite these additional safeguards, vulnerabilities continue to exist in the centralized and human-driven code maintenance process.
The Bitcoin community has often argued that Ethereum, with its more extensive software environment to support smart contracts, has a bigger attack surface than Bitcoin and therefore potentially more security risks. This is not even just because of the extra code needed to enable this feature, but also because smart contracts themselves are pieces of code anyone can add and operate on the blockchain regardless of their technical expertise. It can indeed be established that smart contracts have gotten the Ethereum network as a whole in trouble before. The most infamous example of this is the DAO that was launched in 2016. The DAO was intended to be an investor-directed venture capital fund governed as a decentralized autonomous organization through smart contracts on Ethereum’s blockchain. The DAO became so popular that it managed to attract 14% of all ETH in circulation at the time. However, the DAO code contained a critical vulnerability that was exploited to drain invested funds held by the DAO. Furthermore, the DAO code itself did not contain any way undo the theft. Eventually a decision was made to change the main Ethereum software layer to recover the stolen funds, with the justification given for this change being that the share of all Ether involved in this hack was too large (and could therefore endanger Ethereum’s switch to PoS in which wealth is a key driver as discussed in the previous section). Therefore, even though the vulnerability in the DAO code did not directly threaten the network’s integrity, the success of the flawed application did turn it into a systemic threat.
Blockchain networks ultimately consist of a certain number of nodes. These nodes are either individuals or entities that participate in the network by running a version of the software. A typical node will typically store a copy of the entire blockchain while validating and relaying both transactions and blocks to other nodes. Storing a full copy of the blockchain is necessary for the nodes to be able to operate independently. Some nodes (i.e., lightweight nodes) may store less information than the full blockchain, but this also implies that they are trusting other participants in the network to obtain the information they don’t hold themselves. Independently verifying the current state of a blockchain always requires the full history of transactions (i.e., a full node). It should be noted that nodes in, for example, Bitcoin are not necessarily mining nodes, but operating a mining node does require a full node.
By replicating the blockchain data over many nodes, the network is protected against factors such as power outages, malicious entities attempting to wipe out all data and even worldwide catastrophes. Centralization in the number of nodes can therefore also impact the integrity of a blockchain network. With thousands of active nodes, the Bitcoin and Ethereum networks are likely sufficiently decentralized pertaining to data distribution as of late 2023, but there are some caveats to consider. For example, a third of active Ethereum nodes may be located in the United States. Moreover, almost half of all Ethereum nodes are hosted (i.e., cloud-based) through a centralized entity, with Amazon.com estimated to be responsible for about 30% of these nodes. Data may therefore be less distributed than it appears at first glance.
Node centralization may be a growing concern as time passes, depending on factors such as data growth and general hardware capabilities. As of late 2023 the Bitcoin blockchain is around 500 GB in total size, which is well within the storage limits of most personal computers. The Bitcoin community has purposely opted to limit the growth rate by keeping the data limit for each new block low. The Ethereum blockchain, on the other hand, already has recommended storage requirements varying from 3 to 12 TB (depending on the client software) as of late 2023 for storing the entire blockchain. The fact that Ethereum supports more functionalities than Bitcoin is an important reason as to why this size difference is already so big, despite the Ethereum blockchain being launched several years after the Bitcoin blockchain (2015 versus 2009). Ethereum still defines a limit to the amount of computations allowed per block, but setting this limit too low would impair the usability of Ethereum’s functionalities. Simultaneously, more rapid growth in blockchain size and hardware requirements to store the blockchain data can generally become a limiting factor in one’s ability to run a node, ultimately leading to centralization in nodes. This dynamic is an example of what is known as the blockchain trilemma, or simply the trade-off between scalability, decentralization and security.
4. Concluding remarks
This article has highlighted how centralization and decentralization in blockchain technology are not binary values, but a spectrum in which each solution will have its own unique landscape of risk factors that may impair decentralization. Both the Bitcoin and Ethereum networks experience various levels of centralization in similar and different parts of their respective ecosystems, which could ultimately pose a serious threat to their network’s integrity. Bitcoin suffers from both physical and virtual clusters of mining devices, leading to significant centralization in the network’s computational power. In Ethereum wealth centralization among stakeholders leaves the network vulnerable to being influenced by a centralized entity. The centralization risks, however, do not exclusively originate from the PoW and PoS mechanisms, as these ultimately represent only a small part of the blockchain software. Centralization in the development process or network nodes can occur regardless of the chosen mechanism. All of these risks originate from the various interactions between software, humans and economic incentives. Despite these risks, both the Bitcoin and Ethereum networks continue to operate and offer an alternative to the highly centralized traditional financial system. There are many examples in which trust in financial intermediaries was easily abused to commit significant fraud. Regulatory checks and balances can mitigate the risk of fraud, but the quality may vary depending on one’s location and no fraud prevention strategy is completely foolproof. The mere existence of a decentralized alternative (even though imperfect) to centralized financial services can help to make finance as a whole less centralized and more secure.