Architecturally, blockchain’s distributed and peer-to-peer networks are fundamentally different from client-server model of database system. But on top of the basic architecture, there are other factors and stakeholders influence the security and decentralization of a blockchain.
There is a famous blockchain trilemma which conceptualizes three key features (decentralization, scalability and security) and suggests that they cannot be achieved at same time. In this trilemma model, it seems decentralization and security are sort of independent dimensions while I think they are closely related. If a public blockchain aims to be really secure, decentralization is a necessary but insufficient condition. The rest of this post will focus on these two features.
Generally, there are five stakeholders(non-mutually exclusive) around a blockchain network: 1) founders and core team, 2) miners and validators, 3) investors, 4) third party developers, 5) end users. The discussion about security mainly includes two parts:
Governance of protocol or network. It's about ensuring the modifications of blockchain to be legitimate and complied to consensus of majority. All five types of stakeholders can engage in governance but core team, validators and developers have more engagement in most cases.
Stability and reliability of the current running protocol. It's about the capabilities of resisting malicious attacks and various accidents. Miners and validators are decisive on this part.
Let's walk through some specific examples and unpack details to understand different security levels of blockchains.
Bitcoin
Governance
Satoshi Nakamoto disappeared after leaving his last written post on the forum bitcointalk.org on December 12, 2010. Also, no one knows his real identity and he is likely to keep anonymous.
Core team and community have the rights to update and change the blockchain software. Currently, bitcoin has 17 core developers (own commit access in bitcoin's Github repository)and any new proposals (BIPs) of upgrading and large-scale amendments of bitcoin software must achieve community consensus and pass peer review to implement. Although there are only a dozen core developers over the years, many community members contribute a lot willingly.
A modification in the code requires acceptance by a vast majority of around 95% of miners unless a reasonable motive is given for a lower threshold. Ninety-five percent support has to be signaled from the last 2016 blocks (approximately 14 days). The recent Taproot soft-fork took more than 2 years from proposal creation(Jan, 2020) to final implementation(Nov, 2021). Besides, if the miners want to include invalid transactions, bitcoin nodes could reject the blocks produced by miners.
Bitcoin Core developers are contributors who have built up sufficient social capital within the project by making quality contributions over a period of time. Bitcoin Core is a focal point for development of the Bitcoin protocol rather than a point of command and control. If it ceased to exist for any reason, a new focal point would emerge. By Jameson Lopp
The famous blocksize war: The history of bitcoin's blocksize controversy is a perfect len to examine and grasp the gist of decentralization and community. The game between large block camp and small block camp presents how different parties including core developers, miners, users and various industry players fight each other. Here is a post reviewing this history for a quick read. I recommend reading the original book "The Blockszie War" to deep dive, but let me briefly summarize keynotes:
The most prominent and highly-trusted developers cannot change bitcoin protocol without overwhelming consensus. Gavin Andresen was the chief developer in bitcoin's early stage and there were only two people listed as bitcoin code maintainers on Sourceforge, Satoshi and Gavin. Gavin rentlessly tried to unite all parties in community to increase the blocksize but failed. There are many other developers supporting the big block and Gavin is just a representative.
Powerful miners cannot change bitcoin protocol without overwhelming consensus. Bitmain was staunch supporter of big block and had mining pools and a 75 percent market share in the production of mining equipment. In June 2015, over 60% of hashpower agreed on big block plan on 8 MB and it failed in the end.
Large industry players cannot change bitcoin protocol without overwhelming consensus. Large companies like BitPay(one of the largest merchant payment processors) Blockchain.info (#1 Bitcoin wallet provider), Coinbase(well-backed by VCs from Silicon Valley), Circle, Kncminer, itBit, Bitnet, Xapo and BitGo. bitcoin.com(Roger Ver's company)...
The above information is just a non-exhaustive list. Currently, no other blockchain has encountered and gone through such complex and large-scale governance conflicts.
Miners and nodes(validators)
For miners, there is one and only one reason for their existence: Protecting bitcoin network from 51% attack. The centralization of mining pools is often criticized by skeptics, the total computing power of top 3 mining pools is over 50% and this is a fact. But the real point here is about game theory, miners have no incentive to conspire and spend huge costs shorting their own business. They prefer long-term and stable income. Even if Superpower like nation states wants to launch a 51% attack, lots of practical factors like hardware preperation and confidentiality make it almost impossible to implement.
In the long-term, the exponentially decreasing block reward may lower the miners' income and reduce the security of bitcoin network further. Miners' revenue comes from block rewards and transaction fees, while the latter only takes 1~3% of total income. However, it's still a problem decades away from us and it hard to predict the future(just know it).
In another angle, bitcoin network pays 900 BTC per day(6.25 BTC/ block * 1 block/ 10mins* 60mins/ hour * 24 hours/ day * 365) and a small transaction fee as security budget to miners to defend the of the bitcoin. If we roughly assume the average price of bitcoin in 2021 is 4,0000$/BTC, the security budget in 2021 is 13 billion (900BTC/ day * 365 day/ year * 40,000$/ BTC). If the block rewards lower to negligible, the security budget will be reduced by two order of magnitude and become highly unstable, but that will happen in the distant future and trasaction fee will matter.
“ In a few decades when the reward gets too small, the transaction fee will become the main compensation for nodes. I'm sure that in 20 years there will either be very large transaction volume or no volume.” — Satoshi Nakamoto
For full nodes, they need to validate, propagate and synchronize transactions in network. Currently, bitcoin has ~16,000 reachable nodes around the 97 countries in the globe and Unite States takes the largest share(~13%). In addition, bitcoin has over 3,400 ASNs which means it doesn't rely on single internet service providers.
Anyone can run a bitcoin core on their own and join the network if they can satisfy the basic hardware requirements. Briefly sum up, you need 2GB RAM, 7GB available disk space(~500GB if you want a full copy of blockchain), 0.5Mbps bandwidth. Such requirements are easy to reach except for highly remote and undeveloped countries (mainly about internet bandwidth).
Ethereum
Ethereum is in a progressive transition from PoW to PoS and there is no agreement on completion date. Now, the mainnet consensus is still PoW.
Governance
Ethereum has 8 co-founders but Vitalik is the only one actively and directly working around Ethereum. More importantly, Ethereum has hundreds of active core developers and over 4000 thousand other developers in ecosystem.
Smilar to Bitcoin, there is a Ethereum Improvement Proposal (EIP) governance process including formal steps from initial proposing to final activation. The core EIP like EIP-1559 took more than two years to final launch (from Apr, 2019 to Aug, 2021).
The hardfork since The DAO hack is the most important governance issue in Ethereum's history. The voting result of the ETH holders presented that over 85% voters agree on a hardfork(note only part of all holders participate). Based on the opinions expressed on social networks, calls and chats of core developers, groups that represent miners, opinions of important exchanges and companies, all parties overwhelmingly agree on a hardfork. Here is post about the whole history. The community sticking to the "code is law" retained on the Ethereum Classic(far less prosperous than Ethereum now). This event exemplifies a successful hardfork with sufficient consensus.
Miners and nodes(validators)
PoW stage: Ethereum has ~4800 nodes around the gobal, United States takes over ~47% of the nodes and Germany takes ~13%, the rest nodes are distributed in over 60 countries. In terms of network type, ~67% of the nodes are runing on the business hosts (Amazon take over 50% shares in this part, but there are multiple cloud service providers), the residential nodes account for ~30% which bring some diversification here. In terms of node client software, there are over 10 choices and geth takes ~80% (nodes amount) shares and erigon take ~13%. Anyone can run their own nodes.
The hardware requirements of Ethereum is higher than bitcoin, especially bandwidth requirements. The requirements are higher than bitcoin but still affordable to normal users. The full archive of whole blockchain needs 6TB+ of disk space.
Minimum requirements: CPU with 2+ cores, 4 GB RAM minimum with an SSD, 8 GB+ if you have an HDD, 8 MBit/s bandwidth
Recommended specifications: Fast CPU with 4+ cores, 16 GB+ RAM, Fast SSD with at least 500 GB free space, 25+ MBit/s bandwidth
PoS stage: For normal users, staking ETH has some obstacles: 1) 32 ETH is minimum staking amount, 2) technical problems about setting up a validator(run three pieces of software), 3) hardware requirements, 4) the lock-in time of staking, 5) improper operation such as node offline leads to token slash.
There are 2 ways to fill this demand vacuum: 1) centralized solution from CEX or other third party staking providers. CEX has custody of huge ETH reserves and lots of existing users. Coinbase, Binance and Kraken account for ~30% of total staking ETH 2) on-chain staking protocols like Lido(a liquid staking derivative) and only Lido takes ~31% of total staking amount and it's initially seen as an approach to break the monopoly of staking in CEX.
Solona
Solana is comparatively centralized blockchain emphasizing high TPS (transactions per second) and low costs. The current real TPS averaged in 3000 while the theoretical TPS in its whitepaper is 701K.
Goverance
Solana does not have plans for on-chain governance and token-weighted voting system at the moment. Solana Labs will remain a core contributor to the protocol and help propose and support network upgrades and new features. The governance process seems centralized and there are no formal and well-documented materials.
Validators
Solana has ~1900 validator and the superminority number is 27 (top 27 validators account for over 33% of staked SOL, it's the smallest set of validators that can halt the network). Over 1/3 of the validators are running on a single Amazon data center (Feb, 2021) and the two data centres account for more than 55% of the actively staked SOL on the network(Sep, 2021). Therefore, theoretically centralization could become the kill-switch of Solana. Also, Solana has only one client software for running nodes which means the network is under threat of potential damage or malfunction of client software.
Solana has a prohibitive hardware requirements(minimal) for validators and it’s almost impossible for a normal user to run a validator:
CPU: 12 cores / 24 threads, or more; 2.8GHz, or faster
RAM: 128GB, or more
Disk: Terabytes of high performance SSD
Bandwidth: at least 300Mbps symmetric, commercial. 1GBit/s preferred
Solana will generate ~4PB (4000TB) per year when the network works at full capacity (1Gbps) which means it's alomst impossible for normal validators to own a full archive of blockchain
Another important flaw of Solana is the instability and reliability of network. It has frequent shutdowns and outages accidents throughout history. (Note: such halts don't lose funds or generate invalidated transactions.)
June 1, 2022: Solana’s operations were halted for over four hours due to a bug linked to certain cold storage transactions hampering the blockchain’s operations. The bug was found in this niche type of transaction meant for offline use cases. These transactions are called ‘durable nonce transactions.’
May 1, 2022: Bots had swarmed the popular non-fungible token (NFT) minting tool known as Candy Machine with four million transaction requests and 100 gigabits of data every second – a record for the network
January, 2022: Solana has eight network halts in one month.
Avalanche
Avalanch is a smart contract platform with PoS consensus mechanism. It advocates and markets to build a ecosystem of interoperable chains and applications and contains an EVM- compatible "C-chain"
Goverance
AVAX provides on-chain governance for critical network parameters where participants can vote on changes to the network and settle network upgrade decisions democratically. Parameters include the minimum staking amount and minting rate. But there are no formal and well-documented materials about the specific process.
Validators
Avalanche has ~1300 validators around the world and 80 nodes control over 2/3 of the total staking amount. Geographically, United States and Germany account for ~75% of validators. Amazon, Halzner and Contabo are top 3 infrastrcuture provides with respectively 45%, 12% and 4% shares. Avalanche has only one client software of running nodes.
Hardware requirements: 8 CPU cores, 16 GB of RAM, 1 TB SSD, sustained 5Mbps up/down bandwidth. Such requirements are still challanging for normal user and only high-end computer could satisfy.
Brief summary
From the above analysis, bitcoin should be the most decentralized and secure blockchain due to the gigantic hashrate and widely distributed nodes around the world. For normal people, it's easiest to run a bitcoin node to secure the network than any other blockchians due to simple hardware requirement. Ethereum of PoW version is also very secure while is suboptimal to bitcoin. The governance process of core protocol of bitcoin and Ethereum are well-organized and battle-tested in past years surrounded by the largest number of community members.
Currently, other blockchains like Solana and Avalanche are far less decentralized and secure. Solana's validator is too demanding on hardware requirements and maintenance cost. Their validators may heavily rely on the integrity of centralized stakeholders like VCs and infrastructure providers like Amazon. A decentralized exchange dYdX already has a record of shutdown result from the outage of underlying AWS service. In contrast, bitcoin and Ethereum never have a downtime in history.
Negative examples of governance
EOS: EOS created an unmatched fund raising record with $4.1 billion in ICOs. It once became the superstar in crypto space and most potential amd promising "Ethereum killer". Also, less than 48 hours after its launch, EOS mainnet faces a system failure and freezes the on-chain transaction. For governance, the DPoS consensus mechanism with 21 Block Producers(BPs) has lots of controversy and there are scandals about corrupt governance. The existing BPs could form a cartel or community of interests which will affect the equality of network. More severe, the chaotic and messy arbitration process about account freezing scandals also prove the chain is not secure and decentralized enough.
Terra: Terra once reached $40 billion market cap and had over $30 billion on-chain TVL while now go to zero. After the collapse of its LUNA/UST stablecoin ecosystem(I have post to explain), Terra blockchain encountered a risk of governance attack(over 2/3 staked LUNA controled by malicious validators) due to hyper inflation and massive issuance of LUNA. Thus, the current validators decided to halt the blockchain for 2 hours to execute an emergency upgrade. The active validator set is made up of top 130 validators who hold the most LUNA which means they can shutdown the blockchain for some reason and it did happen.
Game theory about mining system
Content about "51% attack" maybe over-emphasized and become an attractive mystery. In fact, it's more like a theoretical concept that helps to understand basic security problems. Game theory and economical reasons are more decisive.
Due to scale economy and income stability, concentration of mining pools is inevitable. Let's be clear that Satoshi never claimed that computing power or hashrate should be evenly distributed. The main idea is miners are incentivized to play by the rule instead of chasing the uncertain and dangerous double-spend profits. Miners will always act rationally and pursue their best interests, even if they need to collude with other parties and attack the network.
The incentive may help encourage nodes to stay honest. If a greedy attacker is able to assemble more CPU power than all the honest nodes, he would have to choose between using it to defraud people by stealing back his payments, or using it to generate new coins. He ought to find it more profitable to play by the rules, such rules that favor him with more new coins than everyone else combined, than to undermine the system and the validity of his own wealth. --- Whitepaper
If 51% attack could generate considerable profits with an ideal probability, the weak and vulnerable chain(such as smaller forks of bitcoin like BSV and BCH) should be frequently attacked since all large pools have sufficient hashrate to attack while actually not the case.
However, the weak chains with small hashrate are far more vulnerable to 51 attacks. In history, lots of cryptocurrency encountered a malicious 51% attack and resulted in millions of losses like Bitcoin Gold(BTG) and Ethereum Classic(ETC) which underscores the importance of security. Therefore, it's all about the ROI calculation and opportunity cost of potential attackers.
Crucial security positive feedback loop for Layer-1 chain
Generally, Store of value and smart contact platform are two major types of Layer-1 blockchain in today and future. Bitcoin takes ~40% of the total market cap of crypto and Ethereum takes ~20%.
For store of value: Bitcoin is the king of SoV (Store of Value) and almost has zero possibility of being replaced in the foreseeable future. The more secure bitcoin is, the more valuable it is, then it becomes more secure(more users and nodes), this is the loop. Bitcoin has no competitors in its niche and you rarely hear about "Bitcoin Killer".
For smart contract platform: Things become more complicated. Will it be a winner-takes-all market which means a single player will take the lion 's share? There are other dimensions to consider but we only unfold around security here.
In terms of the status quo of Layer-1, Ethereum takes ~65% of the total on-chain TVL(Total Value Locked) while BNB chain has over 80% of active users(this data is from cz), even if BNB is far more centralized(only has 21 nodes permitted by Binance). From the previous analysis we know currently Ethereum is far more secure and decentralized than any other smart contract platform but why Ethereum has smaller user base?
Since it's expensive and slow, scalability is a well-known and long-lasting headache of Ethereum. For low income groups and people living in the least developed countries (such areas are targeted as potential market of crypto as most people have no bank accounts), the hundred dollar gas fee of Ethereum is insane.
If Ethereum effectively solves the scaling bottleneck in the future, there is no reason to use alternative Layer-1 considering all aspects like security and ecosystem.
For a chain with Proof of Stake consensus, market cap is significant since the staking value of native token on chain directly decides security level. For ethereum: More users —> ETH appreciates —> Higher staking value —> Ethereum becomes more secure —> More users
For alternative Layer-1 chain, the adverse positive feedback loop is: Less users —> Native token deppreciates —> Lower staking value —> Chain become less secure —> Less users. The captial loss resulting from the token price decrease will disincentivise staking which is fatal for a PoS chain.
The layer-1 chain is still kind of a based-layer software with unlimited and complex ecosystem building on top of it.
Desktop operatiing system has rich App ecosystem, Windows stably takes over 70% market share of desktop operating system and Apple's OS X takes ~15%.
Mobile operatiing system has rich App ecosystem, Android stably takes over 70% market share of desktop operating system and Apple's iOS takes 25% in recent years.
Web brower also has App ecosystem(account system, brower extensions, online collaboration softwares), Chrome stably takes ~65% of the browser market share and Safari takes ~15% in recent years.
Based-layer software are intrinsically self-reinforcing and evovle towards monopoly due to positive feedback loop(I don’t unfold too much here). For Layer-1 chain, security is of higher importance compared with traditional softwares like operating system. It’s because blockchain is tightly-coupled with financial assets from Day 1, you want to your asset to be exetremely secure. When people or company decide to deposit their living saving and Reserve assets on blockchain, they want a chain without governance scandal, cencorship risk and network downtime.
Blockchain is opensourced software and the only way build a moat or defensibility are network effect and unforkable states. Security is an unforkable states. It’s easy to fork a new chain with exactly the same functionality while it’s impossible to fork tens of billions staking value to assure the security.
If the future plays put as a situation that Ethereum is in a monopoly position, then currently all other alternative Layer-1 chain(smart contract platforms) are over-valued.