Centralization Risk in Crypto: How Decentralized Is Crypto?
Tech Deep Dives

Centralization Risk in Crypto: How Decentralized Is Crypto?

8m
Created 1yr ago, last updated 1yr ago

Explore the complexities of centralization in the crypto industry and its risks in assets like Ethereum, Bitcoin, popular layer-ones and DeFi.

Centralization Risk in Crypto: How Decentralized Is Crypto?

Table of Contents

TL;DR:

  • Centralization in crypto occurs when there are choke points within the technology stack, leading to potential censorship and risks.
  • Examples include a limited number of internet service providers, concentrated mining operations, and centralized node hosting.
  • Censorship can be strong, where transactions are excluded from a block, or weak, occurring on the infrastructure level.
  • Centralization risks come in various forms, such as governance, consensus, motivational, topological, and network, all of which can have a ripple effect across the industry.
The crypto industry has a love-hate relationship with centralization. We need centralization, but we don't like it. Everything should be as decentralized as possible, but we also love fast transactions and low fees.
Centralization risk is real. 2022 highlighted the risk of centralization of capital with the collapse of 3AC and FTX. But there are other centralization risks out there, and you don't have to dig deep to find them even in the most popular cryptocurrencies.

Join us in showcasing the cryptocurrency revolution, one newsletter at a time. Subscribe now to get daily news and market updates right to your inbox, along with our millions of other subscribers (that’s right, millions love us!) — what are you waiting for?

What Is Centralization In Crypto?

Centralization in crypto comes from centralized points in the tech stack. Any time there is a choke point in the infrastructure, centralization occurs.

To name only a few examples:

  • There are only a handful of internet service providers to use.
  • Miners are concentrated due to economies of scale in hash power, meaning it's easier for bigger mining farms to be profitable.
  • Nodes can have centralized clients or rely on centralized node hosting.
Centralization can also lead to censorship. Here, censorship refers to the exclusion of transactions or addresses. We can distinguish between strong censorship and weak censorship.
Strong censorship is the exclusion of transactions from a block. It happens on the protocol level when miners don't process a transaction from a certain address. One example would be the Tornado Cash sanctions. The Office of Foreign Assets Control (OFAC) sanctioned Tornado Cash and several associated Ethereum addresses in August 2022, leading to relay operators to filter specific transactions.
Weak censorship can happen at the protocol or the infrastructure level. An example is DeFi frontends or infrastructure providers like Infura restricting the flow of transactions through their nodes. Of course, this happened with Infura a few months ago, sparking a discussion about the decentralization of Ethereum.
The conclusion is that more centralization opens the way to more potential censorship. But centralization can come in many shapes and sizes.

Different Types Of Centralization Risks

A study about blockchain decentralization by blockchain security company Trail of Bits points out different vectors of centralization risks.
  • Governance: how many entities are needed to disrupt the system?
  • Consensus: how many entities control the hashing or validation power?
  • Motivational: how are participants incentivized to act correctly?
  • Topological: can a few nodes be disrupted, impacting the entire network?
  • Network: are nodes dispersed geographically and across internet service providers (ISP)?
  • Software: does the blockchain depend on any special software?
Some of these have been well-known topics of discussion for Bitcoin, Ethereum and other chains. For example, while consensus and governance centralization are similar, you can argue that Ethereum is exposed to an added risk vector through Vitalik. If someone "disrupted" Vitalik, it would throw Ethereum into turmoil, regardless of how many entities control validation power. In a way, this happened to Solana when FTX, one of its biggest backers, went under.
In similar fashion, topological centralization can harm scaling solutions and alternative L1 chains. They depend on cross-chain bridges, which can be exploited and proverbially sever the link to the more liquid ecosystems. Examples of this abound:

With that in mind, what kind of centralization risks do the big ecosystems face?

Centralization Risk In Ethereum

Ethereum has a fair bit of centralization risk. Take consensus centrality. At the time of writing, Lido and the top three CEXes Binance, Coinbase and Kraken hold a majority of the staked ETH.

Source: dune.com

While Lido technically only "aggregates" the delegated staking power it is assigned, the concentration of voting power in the hands of a few entities can lead to cartelization. MEV can even amplify this going forward.
Speaking of MEV, this has become another point of discussion for Ethereum. In simple terms, MEV refers to the profit miners can make by prioritizing some transactions over others. This process of front-running has led to the rise of MEV boost relay companies. These are companies providing tools that help everyone to capture a slice of extra profit from MEV.
The problem?

Validators that use these tools outsource the decision over what transactions go into a block to the MEV boost relayers. And if these companies want to be compliant with, say, a sanctions regime that can exclude certain blocks, that would be censorship. Censorship, which comes from centralization. Below is the share of "sanctions-compliant blocks" in Ethereum:

Source: mevwatch.info

The share is currently declining, but the centralization risk is there.

Then there are centralized choke points: validator clients and node hosting diversity. Most of Ethereum's nodes depend on one execution client (Geth). AWS hosts the majority of nodes. Two companies provide a majority of nodes with consensus clients.

Source: Messari

While these are not imminent or even critical risk vectors, they go to show that even a nominally decentralized chain like Ethereum is not that decentralized. You can have many nodes, which are widely distributed geographically, and still have centralization bottlenecks. And Gary Gensler doesn't even consider Ethereum validators to be that decentralized, which is why the SEC argues that ETH is a security.
Ethereum addressed this with an addition to its roadmap called “the Scourge.” So the community is aware of these potentially problematic issues and is looking to resolve them.

Centralization Risk In Bitcoin

Bitcoin's community prides itself on Bitcoin being the most decentralized blockchain. But there are also centralization risks in Bitcoin. The obvious one is the concentration of hash power in the proverbial hands of a few mining entities. AntPool (30.63%) and Foundry USA (19.77%) control a majority of the hash rate at the time of writing. Add a third pool in F2Pool (14.26%), and you have a comfortable majority. A fourth in Binance Pool (11.5%), and 75% of the hash rate is owned by four mining pools.

Source: blockchain.com

This is not necessarily bad or an immediate risk. Bitcoin's security model aligns miners' interests with that of the network as a whole. However, not being a risk today does not mean it cannot become a risk ever.
The Nakamoto Coefficient measures how many entities are necessary to disrupt a blockchain system. For Bitcoin, it's currently only at two since only two mining pools would need to be disrupted.
Moreover, the Trail of Bits study found that 60% of Bitcoin traffic traverses only three ISPs. Bitcoin ASICs production is highly centralized, with a few players like Bitmain and MicroBT dominating the market. Since Bitcoin’s value is a function of the kinetic energy it converts via ASICs, centralization is naturally going to occur. The geographic distribution of BTC mining power follows a similar pattern: 58% of the mining power in January 2022 were located in the US (37%) or China (21%), according to the Cambridge Institute for Alternative Finance.
For a currency whose community would like to see it become the next world reserve currency, Bitcoin is not all that much more decentralized than fiat currencies.

Centralization Risk in Other Layer-One Chains

Other blockchains like BNB Chain and Solana have often faced the wrath of hardcore crypto supporters, who accuse them of being too centralized. For instance, some pointed out that BNB Chain only has 21 validators. However, BNB Chain developers have also stressed that decentralization is a process and not an end state BNB Chain claims to already have reached:
View post on Twitter
Solana has had to battle with repeated outages over the last years due to its hardware-hungry blockchain. This has led to Crypto Twitter quipping that Solana has “opening hours” and a support desk that will address issues when needed. And while it is true that Solana is heavily influenced and controlled by the Solana foundation, in other regards it is also more decentralized than chains like Ethereum or Bitcoin.
For example, Solana’s Nakamoto Coefficient of 27 is much higher than that of its bigger rivals. Solana also requires no minimum stake to be a validator. Though Ethereum works around this requirement with liquid staking derivatives, it introduces the very centralization many fear. Node hosting providers are similarly (de)centralized as with Ethereum:

Source: coinmonks.com

On the other hand, hardware requirement is famously expensive, which has contributed to the very outages that keep plaguing the blockchain.

Centralization Risk in DeFi

This guide wouldn't be complete without a section on centralization risks in DeFi. They are a major concern and point of discussion for crypto natives.

One of the primary risks associated with DeFi is the potential for a single entity to gain control over a large portion of the network. Be it through majority control of the governance power or being able to unilaterally change the smart contracts power a protocol. DeFi is far less equipped to deal with these risks than crypto folks like to admit.

The Wormhole hack in February 2022 is a prime example of this. A hacker was able to steal 120,000 wrapped Ether (wETH) from Wormhole, a cross-chain bridge. The hacker was able to do this because the project had a vulnerability that allowed them to gain control of the funds. But the story doesn't end there.

The Wormhole hacker attempted to escape with the funds by moving them through various protocols. However, in February this year, Jump Crypto, the fund that initially plugged the liquidity hole caused by the hack, was able to recover the funds.

But that required a bit of centralized help.

Jump Crypto was able to obtain a court order from the High Court of England and Wales, which directed Oasis Protocol to take all necessary steps to retrieve the assets. And by necessary steps, we mean changing the multisig to retroactively strip the hacker of their funds.

Was this an example of how centralization can be (ab)used in DeFi?

Only through the intervention of a centralized entity was the hacker stopped. Not very decentralized, is it?

View post on Twitter

Conclusion

Centralization risks in blockchains are real. Hosting providers and internet service providers are common bottlenecks for almost all blockchains. The concentration of capital and/or hardware inevitably leads to centralization.

But it’s also important to keep in mind that centralization in itself isn’t bad. As long as stakeholders in blockchain ecosystems work towards developing and improving the chain, centralization can even lead to efficiency gains. Crypto supporters just need to be mindful of how to mitigate the side effects of centralization.

This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators. This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice. The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap.
0 people liked this article