Why decentralization isn’t as important as you think

If you spend any time on crypto Twitter, you’ll be familiar with the web3 narrative. It goes something like this: In the beginning, the web was “truly decentralized.” Against all odds, the internet won a victory over corporate conglomerates’ design, and cyberspace became the domain of hobbyists and hackers. The internet was thus enshrined as a neutral platform. Any publisher, no matter how big or powerful, was free to open up in its corner of the web.

But the end result is that the decentralized Eden fell. Today's story has become like this.

Today, in the Web 2.0 era, 93% of searches are conducted through Google, 64% of browsers use Crome, and 79% of social advertising revenue is pocketed by Facebook. A small number of companies now effectively control cyberspace.

Web3 advocates see public blockchains as a catalyst for reversing this trend. They hope to put users back in control of the web and replace the Googles and Facebooks with open platforms that could be collectively owned by their users and run as public utilities.

Versions of this story were sold to The Economist, The Wall Street Journal, Gartner, and pretty much all of the tech media. I believe this story, this fairy tale of decentralization, is based on a mistake. It’s the mistake behind most utopian projects.

Let me ask you a question: Why did Satoshi choose to make Bitcoin decentralized?

In reality, this is a trick question. Satoshi had no choice. Bitcoin had to be decentralized or it wouldn’t work. All attempts to create an internet-native currency before Bitcoin either went bankrupt or were shut down by regulation.

So, Satoshi Nakamoto decentralized Bitcoin. He used proof-of-work mining to achieve permissionless consensus. He created a P2P network model so the network was decentralized. Eventually, he completely disappeared from the project, so Bitcoin has no apparent leadership. He did this so that Bitcoin could survive and have a chance to fulfill its vision of a permissionless, distributed currency.

And so we got to where we are today. Bitcoin is now over $100 billion worth of currency, and it has also spawned a resurgence of hundreds of crypto networks, all trying to innovate in the digital financial space. And now, they inspire the spirit of Satoshi Nakamoto, all arguing and bickering over who is the most decentralized.

“Look how concentrated your mining pools are!”

“You’re talking about your block size, your shitcoin.”

“Well, we didn’t have a pre-mine, so we are truly decentralized.”

What happened here? Why did they do this?

This article is an attempt to suggest that maybe we should stop worrying so much about decentralization. I know this is unpopular in the crypto space, but before you get angry, hear me out. If you read it, you’ll see what I mean.

Maxwell's Bitcoin Guardian

Let's do a thought experiment. Imagine a parallel universe where your entire experience with Bitcoin is an illusion. All of your direct experience with Bitcoin is identical - it runs the same software, you click the same buttons, your UTXOs show up on a block explorer, all of your command line interactions are identical. However, there is no decentralized network, no P2P or anything like that, no actual decentralized consensus. Every Bitcoin transaction is just running on a giant Postgres database run by some dude in Canada.

All the miners, consensus, hashrate explorers, are just pinging this guy's server. Whenever someone mines a block, they send it to this Canadian guy's server, who then immediately inserts the block into the database and forwards it to everyone. All the external functions of the system look exactly the same. Monetary policy, block times, scarcity, everything is the same. We still have the block size debate, we still have Twitter trolls, we still have Craig Wright, and we still have this weird connection between Bitcoiners and meat-eating.

It’s just not ‘decentralized.’ That part is a mirage.

How would that world be different? How would the actual facts about the Bitcoin system be different from Bitcoin as we know it today? What functions does Bitcoin have in our world that Bitcoin in this thought experiment does not have?

Think about it carefully.

The answer is: almost nothing. It is just as scarce, just as hard, and just as “better than gold.” The only real difference is one of risk: Maybe one day, the Canadian police can kick down this guy’s door and make him shut down Bitcoin. (Blue Fox Note: But this distributed attribute determines whether other attributes make sense, so although the surface is similar, the essence is completely different. The problem here is that it is an indispensable part of a whole, and the author separates it by disassembling it, which in itself creates conceptual confusion)

That would kill Bitcoin. That cannot be allowed to happen.

This is why Bitcoin is decentralized. It's to make it resistant to censorship, manipulation, and shutdowns. But other than that, Bitcoin's decentralization doesn't really do anything. Sure, it's important for its image and narrative, and if it weren't decentralized, we wouldn't consider it legitimate in that sense. But all of the substantive functions of the system are essentially the same.

Fortunately, no Canadian controls Bitcoin. No one can shut it down, which is great. But this view reveals something important about decentralization.

Satoshi Nakamoto decentralized Bitcoin to solve a specific problem: previous internet-native currencies had been shut down. Decentralized forms of money are resilient to insolvency, attacks, and censorship. But decentralization itself isn’t the point. It’s just a tool to an end. The point is to create a viable internet currency.

For Satoshi, decentralization is valuable because it has mitigated some fundamental risks to date: censorship, platform security, corruption, etc. Decentralization gives us some properties to focus on, not decentralization itself.

You can’t compete on being more decentralized

As a crypto VC, I often hear projects claiming they will be “X, but decentralized X.” Usually, this is a poor sales pitch with a poor tone.

Here’s the thing: decentralization is a global emergent property. These properties are nearly impossible to compete with.

This is a simple framework for thinking about network properties (originally learned from Nathan Wilcox), with two axes: a property can be global (global) or local (local), and it can be immediate or emergent.

Credit: Tony Sheng

Q1: Local and direct attributes. Think about the local weather. It is a local condition in your city that everyone in your city can feel, and therefore, it is direct. People often choose a city to live in based on local and direct attributes, such as weather.

Q2: Local and organic. Think about voter turnout in your city. People in your city know what the turnout is, and that high turnout is nice, but no one actually experiences it directly. Even if people care about civic engagement in the abstract, it’s hard for cities to compete on better voter turnout.

Q3: Global and direct. Think about global warming. Everyone in the world can directly feel global warming to varying degrees. However, it is difficult for people to coordinate to solve this problem. That is, everyone can feel it, and everyone reacts to its consequences.

Q4: Global and naturally occurring. These are the most insidious properties. They apply to everyone, but no one experiences them directly. For example, things like “privacy.” Not in the “your neighbors can see you through your windows” kind of way, but more like “it’s weird and uncomfortable that multi-billion dollar companies have a lot of data about you, even though nothing obviously bad seems to be happening as a result.”

That's the problem. Decentralization is the last category: it's global, indirect. No one can feel it. You can feel the latency, you can feel the transaction fees, but it all looks the same, centralized or decentralized. If your network becomes less decentralized, how can users tell? As a general rule, it's almost impossible for products to compete on global, naturally occurring value attributes like decentralization.

Now, you might counter: “This isn’t about competing against each other. This is about building a better Internet.”

Fine! Build a better internet yourself on your own personal Mastodon server. But that's not enough for you, you want the whole world to join in. Yep! If you want that, you have to compete for the world's attention, and you have to compete on merit. In this case, decentralization isn't an advantage. It's a hindrance. Leave it alone. You can still win if decentralization actually lets you do things that nothing else can handle.

This is why Bitcoin will win, despite being a decentralized network. It brings something completely new: permissionless transfer of money without censorship. Bitcoin has proven its worth by being alive and well, having been around for over 10 years, and having managed to survive its seemingly immature adolescence (Mt. Gox, Silk Road, darknet markets, etc.). Bitcoin survived because it is decentralized.

But let’s be more specific. Many proponents claim that developers chose this new world. Developers got tired of the walled gardens of the modern internet. Developers are the ones who are bringing us into this new decentralized future.

OK. So, let's take a closer look.

We know that it’s hard for developers to build on decentralized blockchains today: they’re slow, expensive, hard to use, and there aren’t many blockchain users. But supporters of decentralization will counter: Don’t you know the story of the Twitter API? Twitter originally had an open API, but they shut it down, and all the entrepreneurs who built apps on top of it were devastated. Entrepreneurs no longer want to use APIs owned by others. This is why web3 will win.

But, here’s the thing: developers don’t care about “decentralization” either. When developers evaluate whether to use Linux, npm, React, Twilio, they don’t care at all whether they are decentralized or not. Developers care about risk.

They want to minimize technical risk. They want to minimize the risk of API dependencies. But they also want to minimize the risk of users of their platform migrating to other platforms (or never having such a risk); they care about the risk of potential technical breakage; they care about the risk of tooling being degraded or never being optimized, and so on.

Risk is a multi-dimensional vector. Decentralization mitigates some risks, but not others. I guarantee you that developers today are more comfortable building products on Twitter’s remaining APIs than they are on public blockchains. Twitter has 38 million accounts that regularly use its API, while the total number of dApp users is still well under 1 million.

To be clear, decentralization reduces some risks! In a decentralized system, the risk of censorship or shutdown is lower. However, as a developer, are these really the main risks they care about? Or are they more concerned about uptime, cost, or user churn? It depends on what the developer is building!

What risks does decentralization increase? How does this affect my p99 response time? Or how likely is it that fees on the network will spike and my users will migrate elsewhere? As a developer, is this set of trade-offs worth it?

Crypto is cleverly leveraging its censorship-resistance to build money and open finance. Great! Is there anything more annoying to people than banks? But the web3 story is this: Never mind. Instead, we should be trying to decentralize Uber, Airbnb, you know, two of the most popular products in the world that are just beginning to disrupt stagnant, historic pre-tech industries. And Google, you say? You mean one of the most trusted brands in American history? Sure, let’s try to re-implement the hardest computer science and data problems on Ethereum, the technological equivalent of a graphing calculator.

Decentralization is valuable when it allows you to fundamentally change new things rather than fundamentally worsen old things. Web3 proponents are trying to compete with the most popular products in the world, and in the meantime, they are putting themselves in a decentralized architectural dilemma. If you want to win a boxing match, you might be better off not picking the strongest guy in the room, especially when one of your hands is tied behind your back.

Innovate against bad products. There are so many of them in this world. You can only win when decentralization is a real advantage.

But, is this really decentralized?

Asking whether something is “truly decentralized” is a very vague question. I hope this question will go away. Let me give you two examples of why using words starting with D is so confusing. (Blue Fox Note: Starting with D means Decentralized, such as DeFi, etc.)

DeFi is often claimed to be more secure because it is “decentralized.” What they mean is that its code is executed directly in smart contracts on the public blockchain. Any normal programmer will retort: ​​wait, why is it secure just because it’s written in code?

Of course, DeFi itself does not provide security. In fact, a single bug in these programs has the potential to wipe out all the funds in them. Just look at the 0x hack, where the attacker could have stolen all the funds in the system! Of course, there was the DAO hack, the Bancor hack, the bZx hack, and history is littered with examples like this. There is nothing inherently secure about DeFi itself.

Security starts with audited open source code, written with best practices and, ideally, formally verified. But what matters most about making something secure is that it is battle-tested over time with stakeholders at stake. Just like what happens with centralized systems.

Here’s another example: the oracle problem. People lose their common sense when it comes to the oracle problem. So this is a great place to do a real-world test.

In short, the Oracle Problem asks: How does a blockchain know about things that happen outside of it? By definition, someone reports this information to the blockchain, but who should we trust to report this data, and how do we know that the data is correct? Framed this way, the Oracle Problem is a question that even a child can understand: How do we know that someone is telling us the truth?

Let’s take the Maker V1 oracle system as an example. It basically consists of 20 addresses, most of which are anonymous, that publish prices to the chain. The oracle reports the median of those 20 prices. You might ask “is this decentralized?”

This is the wrong question to ask. The right question is: how risky is it to trust what this oracle is telling us? What is the cost of manipulating the oracle? Whose reputation is involved? What value is involved so far, and how long has the system been working correctly? Is it decentralized or not irrelevant to what we actually care about, especially if censorship is not the main risk to the system?

Let’s take a step back. How is the oracle problem solved in the real world? When a person wants to know the result of a game, what do they do? They probably check ESPN. How centralized are they! Why do they trust ESPN’s score? What complex crypto-economic game is ESPN playing that we can safely trust them?

One answer might be: OK. If ESPN publishes an incorrect score, well, someone can sue them for damages. ESPN's bank account can be controlled by the legal system, so ESPN has an incentive to do things honestly. So we have great oracles thanks to the threat of lawsuits against ESPN.

This analysis is tempting, but not entirely correct.

If ESPN starts posting game results on Ethereum, how do you think people will treat on-chain oracles? I'll tell you: People will only use ESPN scores. They will use them instead of Chainlink, Augur, or any other so-called decentralized oracles. Because they trust ESPN's scores. This will be the case even if ESPN explicitly denies any legal responsibility for these scores. (Blue Fox Note: If it cannot be posted on the blockchain, the probability of single point failure and error is very high. I do not agree with the author's judgment. People's more reasonable choice is to choose oracles with multiple sources of information, and ESPN is just one of them, including the possibility of operational errors by ESPN staff and hacker attacks)

Why? Why would people trust ESPN even though it’s not decentralized? (Say it out loud, this sounds like a stupid question.)

Everyone knows why we trust ESPN scores: reputation. The value of ESPN’s reputation is so high that we trust ESPN not to try to undermine it. It goes beyond any simple thing like, “They staked X dollars, but if they corrupted the oracle, they’d make Y dollars.” In that sense, ESPN’s reputation backs every single score they publish. They staked the same X dollars for the entire life of their business. You could think of this as somehow cross-margining the money they’re going to make. You can’t do that with collateral or bonds or any of the other cryptoeconomic games that people ask for. Reputation is how iterative games enable long-term value creation. Without reputation, there wouldn’t be enough capital in the world for all of us to trust each other.

So what about Maker’s oracle system? Why do so many products in DeFi use it? I don’t think it’s because it’s the “most decentralized”. I think the real answer is simple: reputation. People trust Maker’s reputation.

Of course, they know that technically 15 participants could collude and run away with the money. (Indeed, a single developer on ESPN could post fake scores.) But I think deep down, people intuitively understand that the Maker brand has a reputation to uphold, just like ESPN. And that reputation is, in a way, hard to quantify in a way that supports the price it posts on-chain every time. In some abstract sense, the Maker system has greater economic value behind its oracles than a rudimentary system that requires bonds and slashing.

If we accept the notion that DAOs can be like companies, why are we unwilling to consider that DAOs can have a reputation worth protecting?

Now, MakerDAO is a monopoly, and we intuitively believe that its reputation will reduce its burden. But MakerDAO retains an exit door through global settlement. If MakerDAO screws up or is manipulated, its users will not come back.

Despite its many flaws, many DeFi projects have chosen Maker oracles. To be clear, I don’t think Maker oracles are close to optimal oracle design. But it does work. Developers can intuitively understand why Maker oracles are trustworthy.

Many researchers would find it offensive to make such imprecise security claims. If it can’t be quantified, if it’s not “X times Y = Z”, then it’s not correct cryptoeconomics.

What I want to say is: I don’t care if your oracle is decentralized. I only care if your oracle is under the threat model I care about. Although Chainlink and Augur are more decentralized than Maker’s oracle, they have not been very successful in the past. I don’t think Maker’s oracle is perfect. But it is better than most of what we see on the market today. (Blue Fox Note: I don’t agree with the author’s judgment. Oracles have been pursuing decentralization. The purpose is not for decentralization itself, but to provide more reliable and secure oracles. There is no need for word games and boring and uninteresting logical debates here.)

Decentralization is not binary

But asking if something is “truly decentralized” is another question: decentralization is not a “yes or no” question. If you need a network that can survive targeted attacks from “three-letter organizations,” then even Bitcoin isn’t good enough. But most people don’t need that. Only you know the level of decentralization you need, and more decentralization may not be useful.

Remember, decentralization doesn’t reduce risk linearly. It’s more like an S-curve. That initial little bit of decentralization doesn’t actually accomplish anything. Take Napster, for example: Napster was decentralized in the sense that it didn’t store files on its own servers. But Napster acted as a search index so people could discover other people’s files. So if someone shut down the Napster servers (which happened in 2001), they essentially shut down everything. All of the little P2P elements in Napster’s design were essentially window dressing, because the entire system could be easily shut down from the top.

Early attempts at decentralization won’t achieve anything until the level of decentralization is censorship-resistant. It’s like making a watertight barrel, a little sealant won’t solve the problem until you’ve actually plugged every leaky hole. At that point, you’ve entered the bend of the decentralization curve, and suddenly all that work has a noticeable impact on your risk of shutdown.

Then you climb up the S, decentralized governance, token ownership, etc., and you reach a steady state where the system is mostly censorship-resistant. You can throw more money at it to further distribute the hash rate, or add more nodes to the P2P system, or mitigate selfish mining or whatever, but in most cases any marginal changes don't materially change the properties of the system. These systems can't be replaced by script kiddies, and probably all of them could be taken down by a motivated nation-state. At the ultimate level, most arguments about decentralization are just quibbles.

Where do you think your favorite project is on the S-curve? I think most large decentralized networks are closer to the plateau than most people want to admit. Bitcoin is more decentralized than Ethereum, of course. Unlike Bitcoin, Ethereum's inventor is still guiding the project, and it has a frequent upgrade schedule. But from a risk perspective, Bitcoin is actually not that far off. Both Bitcoin and Ethereum can be destroyed by nation-states, but neither can be destroyed by organized actors on the Internet.

What I’m saying here is that there are diminishing returns to decentralization. This is obvious marginal analysis, but people rarely apply it to the concept of decentralization itself. Hence why we get an endless series of articles mocking how blockchain’s P2P networks and governance are not truly decentralized.

Protocol risk does not always decrease with decentralization. Decentralizing too quickly can also introduce new risks that did not exist before. I have never seen centralized servers at risk of 51% attacks, or front-running vulnerabilities, or fee sniping attacks, etc. Of course, you should not underestimate the ability to respond quickly to errors by shutting down the system. Centralized systems can respond to threats more effectively and are organized around technical leaders.

Think of how the computer industry rallied around its leadership after the Spectre and Meltdown bugs. Faced with industry-shaking vulnerabilities, ad hoc teams at Intel, Microsoft, and Linux went on an industry-wide embargo on disclosure while implementing patches. Looking back now, it was done well! This would have been much harder in a fully decentralized system. Angela Walch, a law professor at Saint Mary’s University, noted in Deconstructing Decentralization that “truly decentralized” projects cannot have such secrets. In her words, “secrets reveal centralization.”

“Bug fixes, secret developer meetings, centralization of mining pools… all reveal centralized — not decentralized — power. Yet, by uncritically describing blockchain systems as decentralized, we skip over all of that.”

She is absolutely correct in her premise. (Although I reject the binary division between centralization and decentralization) But I draw a different conclusion: this tells us that the optimal equilibrium for the project is not the current "100% decentralization". Climbing further up the S-curve will have diminishing returns, and the amount of juice here is not worth squeezing (Blue Fox Note: What this means is that increasing the degree of decentralization does not bring a proportional return.)

All that said, there are a lot of networks that can’t make it all the way up the decentralization s-curve. IOTA comes to mind; I’m sure you have your favorite altcoins. If you want to cross the chasm and fail, then decentralization is really important.

However, the biggest risk for these networks is not that their governance is too centralized, but that their governance is too incompetent. Of course, I hope that blockchain governance will be decentralized in the end. But if you give me the choice, I will choose world-class centralized governance over poor decentralized governance.

Beyond pure decentralization

Still, the crypto community loves to point fingers at each other and claim that their competitors aren’t “truly decentralized.” In a way, this is the perfect attack, because anything can be more decentralized. It’s the original sin that every project has. It turns decentralization into pure virtue, a self-flagellation ritual.

But this culture of pure decentralization is not only exhausting, it’s also counterproductive.

I know I stirred a hornet's nest. So let me be clear. Bitcoin would never have become what it is today if it wasn't decentralized. There is no other way to create internet-native digital gold. However, I don't want to see the brightest minds of our generation become obsessed with this single dimension and lose sight of the most important problems to solve.

Before we worry about decentralization, let’s first worry about what’s worth decentralizing. Don’t forget, no one actually wants this stuff yet! No one knows what problems it will actually solve! It’s all still weird, complicated, and unusable!

I agree with Jesse Walden on this point: once a project finds product-market fit, it should gradually decentralize. That is, first figure out what is truly valuable. However, for most things in this space, there is still a long way to go to find product-market fit. Until then, I think we don’t have to be perfectly decentralized. Our focus should be on innovation and building a better digital economic infrastructure.

If you ask me, that’s the real goal. Decentralization is sometimes just a means to an end.

Link to this article: https://www.8btc.com/media/577479
Please indicate the source of the article when reprinting