This essay was written in January 2024 for inclusion as a book chapter in a larger publication. It was copyedited and translated, but unfortunately has not yet been published and to my knowledge the project no longer has a publication date (my last email asking about it has gone unanswered for almost two months) - so I’m sharing it here. There is definitely something to reflect on about the games we play for institutional legitimacy vs whats actually optimal in terms of sharing ideas and communicating - but I’ll leave my culture industry tell-all for an unknown, future post. This essay is based on a talk I gave in 2019 (online here) though it’s been adapted and updated for this format
It doesn’t take long in the land of cryptomania to encounter the spectre of “decentralization”. It’s in the first sentence of the wikipedia pages for both bitcoin and ethereum — in 2023, the two largest blockchains by marketcap. Bitcoin, we read, is “the first decentralized cryptocurrency” and Ethereum is “a decentralized blockchain”. But the word comes up outside of a blockchain too: for example, the Internet Archive organizes an annual event called Dweb camp, “a collaborative space for people to connect, learn, share, and have fun as we work towards building a better, decentralized web”. I co-organize a conference on this subject called Our Networks that held its first event in 2017. In both the cryptocurrency world and the communities that have spun up around other decentralized technologies, “decentralization” is spoken about as a universal good. It’s seldom questioned. But what does “decentralization” actually mean? What exactly are we decentralizing — and to what ends?
The first thing to know - and I’m hardly the first person to point this out - is that “decentralization” has an antonymic definition. It’s defined by what it isn’t: not centralization. And therein lies the problem: even assuming we know exactly what “centralization” is, and that all centralizations are the same, is everything not-centralization also the same? Is there only one way of being not-centralized?
Decentralization as a concept is older than today’s tech world and has origins in the political. The first usage of the word is in the mid 1880s during the French Revolution, when Alexis de Tocqueville described the revolution as “a push towards decentralization…[but became,] in the end, an extension of centralization.” (Page 10) Which of course brings to mind this Hannah Arendt quote: “The most radical revolutionary will become a conservative the day after the revolution.” (source) This is to say that once the task at hand changes from challenging power to defending it - it is actually everything that changes. But it bears keeping this in mind as we follow the narrative arc of decentralized technology too: firstly, because its structure looks more cyclical than linear, a series of progressive decentralizations growing out of centralizations (and then vice versa) and secondly, it’s often politics in disguise.
One of the interesting things about decentralization as a political concept is that it’s been called for by a variety of thinkers - many seemingly opposed to each other. For example, there is a strong free market rationale for decentralization. To make a Hayekian argument, a free market is decentralized because it arises in an uncoordinated way from individual actors. But there’s also a conversation about decentralization in communism, with a series of decentralization reforms in China beginning with Mao Zedong and reacting against the centralization of soviet Russia. Indeed, a dizzying range of thinkers have called for some kind of decentralization: from Frantz Fanon to the IMF, to the Kurdish revolution, to the founding fathers of the United States.
So is this the political compass of decentralization?
This is a very real, confusing, and sometimes distressing element of decentralized tech communities. Though many people come to these software projects wanting to break up the monopolies and centralized power of tech giants like Google and Facebook, analogous maybe to antitrust activism, they often find themselves with uncomfortable bedfellows. People of many contradictory political tendencies sometimes feel like the content moderation policies of big tech companies result in their views being censored. In the case of cryptocurrencies for example (a technology with the essential affordance of permissionless payments), sex workers are often blocked by big payments companies like Visa and Mastercard but so are, for example, white supremacists. The people who find each group sympathetic likely overlap very little — but any technology that enables a truly permissionless payment will enable uncensorable transactions by both groups.
Indeed, the ideological quagmire of decentralization is related to this essay’s opening maneuver: is there only one centralization, and is everything not-centralization the same thing? In an essay called Quantifying Decentralization, Balaji Srinivasan, former CTO of Coinbase, and Leland Lee attempt to analyze the decentralization of different cryptocurrencies. They use a metric called the Lorenz Curve, which was developed in 1905 for assessing the decentralization of wealth. It is related (and part of the calculation of) the Gini Coefficient.
The line of equality, the straight diagonal line going from the bottom left to the top right, shows a uniform wealth distribution — i.e. 10% of the population having 10% of the wealth, 50% having 50%, etc. The Lorenz Curve is the plotted actuals — the farther away the Lorenz Curve is from the line of perfect equality, the more concentrated wealth is in the system. The open-ledger nature of many cryptocurrencies make this analysis relatively easy compared to traditional finance.
Not only do Srinivasan and Lee plot the wealth distribution of the top 100 cryptocurrencies (finding it to be very centralized, and very far away from “perfect equality”) — they also apply the Lorenz Curve to other aspects of software projects. In their words: “A decentralized system (like Bitcoin) is composed of a set of decentralized subsystems (like mining, exchanges, nodes, developers, clients, and so on).” For example, is there only one set of software that can be used to run or access the blockchain? This could be seen as centralization. Is most of the code written by a handful of individuals? Their specialized knowledge could constitute a single point of failure. How is the data stored? Looking at the Ethereum network in 2022 for my sculpture The percentage of the Ethereum network on the hosted cloud, the percentage of the hosted cloud on Amazon, ethernodes.org reported 69% of Ethereum nodes are running in the hosted cloud (data centers run by large providers like Amazon, Google or Hetzner) and of that 69%, 58% are specifically on Amazon infrastructure (40% of all nodes). When I looked at the data again for the follow-up work with the same title but in 2023 (after proof of stake, a significant change to the functionality of the network) I found a significant shift: 47% on the hosted cloud, and 37% of that amount on Amazon (17% overall).
This mental model — multidimensional decentralization — is helpful for unpacking the antonymic definition. A project can be extremely decentralized along one of these axes, and completely centralized in another. In the past, I’ve also called this intersectional decentralization, borrowing the term from feminist scholarship. There are many overlapping and intersecting decentralizations, and looking at them separately is unlikely to capture the full story or lead to a coherent conversation. Which decentralization is the one that we want?
Besides the aspects of decentralization already mentioned, I would add: Decentralization of authority, who holds decision-making power over the project or its data? Geographical decentralization, e.g. is it located largely or exclusively in urban areas, in the global north, in a single country or continent? Decentralization of access, eg. Does it require a powerful computer, specialized knowledge, an institutional login, or a passport? Broadly, these additional decentralizations could be clustered as decentralizations of power — and there are further ways that power can centralize or concentrate not listed here. Specifically, desire for the decentralization of power is one of the greatest sources of confusion in communities around decentralized technology, because decentralizing technology — architecturally, in terms of data storage, in terms of alternative software clients, etc. — has very little to do directly with decentralizing power. Moreover, it’s possible to decentralize power without using technology at all. It’s also possible to decentralize power using explicitly centralized technology, as seen in projects like Loomio, an app for collaborative decision making that uses a traditional web2 architecture, and Slido, an app that lets people vote on which subjects are most important to them in a discussion or following a presentation, or crowdfunding tools like Kickstarter and OpenCollective. Lack of clarity around specifically which axes of decentralization are desirable for a particular project leads to two core problems. Firstly, decentralizing in a way the project does not actually want, and secondly, trying to decentralize in every way at once which is certainly a waste of energy if not impossible.
I have already touched on the political quagmires decentralization can dredge up, but let’s look at some of them more closely. In August 2017, Cloudflare generated a flurry of news attention because it terminated the account of The Daily Stormer, a well known Neo-nazi site. It wasn’t the only company to do so — in the weeks prior, The Daily Stormer had its accounts also canceled by GoDaddy, Google, and Network Solutions, and it has struggled to maintain an internet presence ever since. (source) The layers of the internet at which this was taking place are infrastructural: DNS servers (Domain Name System), hosting, and in Cloudflare’s case, defense against DDoS attacks. At the time, Cloudflare published a blog post outlining their reasons for this action, and simultaneously the dangers of centralized internet architecture, calling attention to, “Increasing Dependence On A Few Giant Networks”. When they say, “Our terms of service reserve the right for us to terminate users of our network at our sole discretion”, they summarize one of the dangers of centralization quite succinctly. Despite the use of centralized power, the decision by Cloudflare was wildly popular and celebrated by many in the decentralized tech community.
But just a few months prior in May 2017, dailystormer.eth was registered on ENS, or the Ethereum Name Service, with little fanfare (transaction). The ENS is used for routing payments on the Ethereum network, in a somewhat similar role to the one DNS pays in routing internet traffic. Though The Daily Stormer can’t use the ENS to keep its website online, it can use it to route payments on the Ethereum network, simplifying the donation process for the site, andhere is evidence that cryptocurrency accounts for a significant amount of its revenue. Some estimate that Andrew Anglin, founder of The Daily Stormer, has personally received upwards of $481,000 in Bitcoin donations (source). This use is not limited to The Daily Stormer: In 2017, a twitter bot called @NeonaziWallets was launched, which posts every time a payment is sent to or from a known or suspected far right wallet (source). It appears to have stopped working in July 2020, but it lists 49 transactions in the first week of that month alone. Despite this information being available fairly publicly, it has not received widespread discussion in the decentralized tech community.
One moment that did, however, cause a storm was when ENS — or the legal entity associated with it, called True Names Limited — fired its Director of Operations, Brantly Millegan, over tweets that were anti-abortion and offensive to the LGBTQ community (source). Though a company can of course choose to fire its employees, ENS also has a DAO, or Decentralized Autonomous Organization alongside the traditional incorporated structure. There are different coordination methods used by different DAOs, but the ENS DAO used a token-weighted voting system, where the more tokens a voter has the more share of the vote they are afforded. Though Millegan was fired by the legal entity, the DAO vote did not agree and the proposal to eliminate him from governance failed. Millegan himself held 11% of the vote, could not be blocked from participation, and remains an active voting member to this day (snapshot vote). Though this may be simply poor DAO design, the disjuncture in outcomes between the legal entity and the DAO points to an unresolved question in terms of how power should be distributed and how protocols should be governed. That the conflict originated because of right-wing opinions expressed on social media, also points to incoherence between the legal entity’s values and the functionality of the protocol itself. True Names Limited seems to want to moderate content but they built and work on a protocol without content moderation.
Of course blockchains aren’t the only kind of decentralized protocol that can be used within extreme political tendencies. A contrasting architecture can be found in SSB, or Secure Scuttlebutt. SSB is a protocol often used as something like a social media network, but one where the users in the network connect to each other directly. When I follow you, it means I also download and store your posts, and then forward them to other users of the network as needed, instead of all of us requesting all the data we see from a central platform like Facebook or Twitter. On SSB you only ever see content shared by those who are “close” to you: friends, friends of friends, maybe friends of friends of friends. There are also tools called pubs, which are run by users to assist in routing content between users, since most people’s personal computers are often asleep or off. Though the community of SSB users is mostly fairly left-leaning, there is a far right pub on scuttlebut, called Alltinget. Because people only see content that is close to them, few users knew about this part of the network. Alltinget is also specifically isolationist, using white supremacist language like warning members not to connect to other pubs lest their feed become “polluted”. But at some point 2019, Alltinget content started appearing in the feeds of many — what was previously an island had become connected to the wider SSB community. Users banded together to find out where these white supremacist posts came from, using the network connections to figure out how Alltinget had become joined to the broader community. By strategically blocking and unfollowing, they cut the connections so that it was once again isolated. These protocol dynamics are very different from those of a standard blockchain like bitcoin. One way to describe this would be to say that SSB has “decentralized” data storage to the point where there is no single source of truth in the network. Another would be to say that SSB has built curatorial or content moderation mechanics into the protocol itself.
Do we have the right to post content online? What versions of freedom of speech and content moderation do we want technology to enable? Some people would argue that payments constitute speech, and that we have a fundamental right to send them and receive them. Each of these are serious philosophical questions deserving discussion and consideration, but for a user of a given protocol the answers may already be decided by that protocol’s design, and governance structure (or lack thereof). These examples of technical architectures either enabling or blocking the passage of undesirable content speak to the protocol itself having a politics, and it is not always the politics that the users desire or anticipate.
Further, there is no state of complete decentralization, and even if there were, it would not always be desirable. In the blockchain world, Vitalik Buterin, the creator of Ethereum, posited the scalability trilemma with three poles: decentralization, scalability, and security (source). Protocol designers must choose trade-offs amongst the three. A bit like a video game character creator — the trilemma says you cannot have maximum values for all three stats. Buterin defines decentralization as “the system being able to run in a scenario where each participant only has access to O© resources, i.e. a regular laptop or small [virtual private server]“. This is of course very specific and limited, and we’ve discussed many other possible definitions. Scalability deals with the amount of transactions the network can process, and Security with its resistance to attack. In the blockchain world, protocols are often seeking scalability — the ability to process more transactions faster — and the trilemma explains why it has been so challenging. It’s something of a blockchain catechism to compare it to the transactions per second of something like the VISA credit card network, which processes 65,000 transactions per second (source). The Ethereum network processes at most around ~58. Another way to understand this distinction would be to say that VISA has dropped its decentralization stat to zero in order to max out scalability.
However, besides the relationship of decentralization to scalability put forward by the trilemma itself, there is also a competing version of decentralization inherent in the juxtaposition of Ethereum with VISA, as VISA itself was an attempt at a decentralized organization. Its founder, Dee Hock, was also a prolific writer on the subject of organization design. In The Trillion-Dollar Vision of Dee Hock, M. Mitchell Waldrop summarizes, “Hock designed the organization according to his philosophy: highly decentralized and highly collaborative. Authority, initiative, decision making, wealth — everything possible is pushed out to the periphery of the organization, to the members.”
Besides software design constraints to decentralization, there is also the question of where the software runs. I’ve discussed this already in terms of my sculpture, The percentage of the Ethereum network on the hosted cloud, the percentage of the hosted cloud on Amazon, and the concentration of blockchain nodes inside traditional data centers. But the issue persists all down the software stack, from the operating system (there are only a few that are commonly used) to hardware itself. How many companies manufacture computers? What about computer components? There are only three significant companies that make DRAM chips, Samsung, Micron, and SK Hynix, critical to every computer system (source). We have already seen the costs of this centralization, in the form of price surges after the Japanese earthquake of 2011 (source). There are only really two companies that make graphics cards — also often used in cryptocurrency mining — and one company, NVIDIA, has over 80% market share (source). In the case of graphics cards, shortages have plagued the market on and off since 2018, with many new releases in 2020 and 2021 selling out within seconds and being otherwise impossible to buy (source). Even the metals, minerals, and ores needed to manufacture these parts are subject to a kind of centralization: 74% of the rare earth metals used by the United States are imported from China, (source) something what has already been the subject of American national security memos (source). But it is only possible to decentralize these processes to a point: mineral deposits are not evenly distributed on the surface of the earth, and most advanced manufacturing processes take advantage of economies of scale that render them impossible below a certain threshold.
It’s not only the material constraints of the physical world that can intrude on dreams of decentralization — sometimes it is legislative, as seen with Tornado Cash. Deployed in 2019, Tornado Cash is a protocol deployed on the Ethereum network and used for anonymizing transactions. On Ethereum, as on most blockchains, all transactions and all account balances are publicly visible by default, and anyone seeking more privacy must use special tools, of which Tornado Cash was among the most popular. But in 2022, the United States Office of Foreign Assets Control issued sanctions against the contracts associated with Tornado, claiming the protocol had been used to launder $455 million stolen by the Lazarus Group, a hacker group associated with North Korea, along with a list of other notable heists and hacks (source). This is notable historically as the first time the United States has issued sanctions against running open-source software per se, rather than individuals or entities using the tool nefariously. The consequences were immediate: the project’s domain name and GitHub page were taken down the same day, and two days later one of the developers associated with the protocol, Alexey Pertsev, was arrested in Amsterdam, charged with “involvement in concealing criminal financial flows and facilitating money laundering through the mixing of cryptocurrencies through the decentralized Ethereum mixing service Tornado Cash.” (source) Two other developers associated with the project have since also been charged - notably, not for laundering money themselves, but by writing software that allowed others to do so. Besides these urgent and concerning consequences, the sanctions also required that all money currently deposited in the protocol to be frozen or considered tainted. This presents consternation on a protocol designed specifically for uncensorable payments. In the days immediately following the sanctions, anonymous users started sending small amounts of money from Tornado Cash to the accounts of well-known community figures. There is no way on Ethereum to block someone from sending you money, and now all accounts that received these funds could theoretically be prosecuted under the sanctions. Some protocols and DAOs have gone so far as to block access to these inadvertent recipients. It also brought up questions for miners, responsible for processing transactions. Does processing a transaction to or from Tornado Cash violate the law? In the days following the sanctions, Ethermine, one of the largest miners on Ethereum, preemptively blocked all such transactions (source). By now, some 91% of validators on network are doing so (source). This seems to contradict the “permissionless payments” narrative of blockchain entirely. Even though it’s impossible for even a powerful government to attack the protocol directly, there are other levers to exercise control. Those working on the project still exist within legal jurisdictions. Computers are run by people who can be arrested — or worse. There are many examples of a nation state using central choke points to block access in even more extreme internet censorship action. Besides the Great Firewall, notable cases include Turkey blocking access to Wikipedia in 2017, Cameroon blocking access to the entire global Internet also in 2017, or more recently Israel blocking the Internet in Gaza.
Finally, “resilience” is often touted as one of the benefits of decentralization, but again, as with decentralization itself, this turns out to not be a simple one-dimensional story. Even from the perspective of the network topology — which computers connect to which other computers and what the “shape” of that connection is — there are different ways that the network might be organized, and different ways resilience can be defined. In some cases, a network that demonstrates more centralization can be more resilient. In a paper called Error and attack tolerance of complex networks, Réka Albert, Hawoong Jeong, and Albert-László Barabási analyze two possible network shapes — one where that is random, where each node connects to a random amount of other nodes resulting in a “flatter” topology, and one that is scale-free, meaning some nodes are disproportionately connected to others, aka more “central”. They find that if an attacker is able to choose which nodes to take out (computers to take offline) — perhaps because they are very skilled or sophisticated — then they can target the more centralized nodes and the network will fall apart more quickly. But in cases where the nodes are going offline randomly — as part of normal churn, something like an incomplete protocol update, or low-skill attack — it’s the opposite. In this scenario, the network with more highly-connected centralized nodes persists longer. This is just one perspective from network science, but it shows that the relationship of decentralization to resilience is not one-dimensional. Much like software security cannot be reasonably assessed without modeling specific threats, to speak about resilience without the concept of an adversary or event that software should be resilient to, is meaningless.
There is no single meaning of “decentralization”. Instead, conflicting decentralizations, in particular the conflation of decentralized power and decentralized technology, lead to confusion and incoherent outcomes. It’s unclear whether any technology is outside the scope of the state, as seen with Tornado Cash, but to the extent that one is, it can be used by those of any political perspective. The range of writers and political leaders who have called for decentralization reflects this — as well as the many different axes upon which decentralization can occur. Sometimes, bad actors use “decentralization” as a smokescreen, and it is not that actually decentralizing anything is desired, merely a change in the existing relationships of power. The mental model of multidimensional decentralization is useful - to speak about decentralization without speaking about exactly what is being decentralized is meaninglessly imprecise. Only by clarifying exactly which decentralization is desired, why it is desired, and what we hope it to enable, will we understand the technology we currently have or how we might want to build it otherwise.