The decentralization promise

The SEC has finally said out loud what some have been expecting for a while: decentralization is a material factor in determining whether a transaction involving a token is an offer or sale of a security. A few hours later zooko tweeted:

To his point on why there are no working definitions of decentralization, there are multiple reasons. Not only is decentralization hard to define, let alone quantify. It is also obvious that different groups within crypto define it differently. A great example of this is the belief long-held by some that Ethereum is not decentralized because it is controlled by Vitalik Buterin and the Ethereum Foundation, as “evidenced” in the post-DAO-hack hard fork that gave birth to the Ethereum Classic chain. (Footnote: if you believe that Ethereum is controlled by Vitalik, would you then have to hold that Ethereum Classic is controlled by Barry Silbert?)

The best framework I know attempting to formalize what it means for a system to be decentralized was put forth by Balaji S. Srinivasan, who frames it as follows:

The basic idea is to (a) enumerate the essential subsystems of a decentralized system, (b) determine how many entities one would need to be compromised to control each subsystem, and (c) then use the minimum of these as a measure of the effective decentralization of the system.

This is a very clear and meaningful framework, extending in generality far beyond crypto. Unfortunately, it is clearly too broad, since it applies to systems that are not decentralized at all. To illustrate this, let’s ask ourselves how many entities would need to be compromised to control at least one critical subsystem of, say, Goldman Sachs. It is pretty obvious that the answer is quite a few.

We see that Balaji’s framework above does not define decentralization per se, but rather focuses on the resilience aspect of decentralization. And the concept of resilience applies to everything from traditional companies, to communities, to countries, to completely centralized systems.

We need a more fine-grained approach that would let us distinguish decentralization from mere resilience. The key component to doing this lies in understanding individual agency and its consequences. In an earlier article I argue that eliminating agency over the system’s behavior is the key aspect of decentralization and introduces unprecedented efficiencies, not possible in centralized systems.

Most importantly, agency (or lack thereof) matters most in places with strong incentive misalignment. Why don’t we trust Facebook? Is it because it can be easily taken over or destroyed? No, it is because its business incentives make it an unreliable service provider. More specifically, Facebook can and will do bad things to its users, because any social contract it makes with regards to protecting a users’ data is against its own economic incentives as they currently stand.

Let me illustrate. Say you wanted to launch another company to compete with Facebook. You developed a new business model, where your profits did not depend on advertisement. You acquired a few million users and realized that without additional revenue streams you couldn’t grow any further. Little by little, prompted by market demand, you relaxed the self-imposed restrictions on data use. Curtains.

This shows that resilience is important here, but not just any resilience. What matters is specific resilience to any violations of the social contract the system has made. This crucially applies even to the people who make the system run in the first place.

Blockchain-based systems are unique in that they provide such guarantees with unprecedented degree of assurance. The premise behind Bitcoin is that its guarantees are expressed in economic terms. In principle, you can calculate how much it would cost to make the network do something unsavory. With this cost known, the user can decide whether the guarantee is sufficiently strong or not. But no matter what, the cost is the true lower bound: the system cannot be compromised for any less.

So let me offer a definition of decentralization as follows: decentralization in a system of agents is a strong guarantee of minimum difficulty (economic or otherwise) associated with materially altering the social contract or the technical promise of such a system by any of its agents. The decentralization of system A is stronger than that of system B, if and only if the minimum effort required to materially alter the system’s promises is greater in A than in B.

You will note that the definition above does not offer an opinion on what kinds of promises the decentralized system should make, other than the guarantee of difficulty associated with altering these promises. Consequently, decentralization is not universally a good thing. As evidenced by the existence of assassination markets, strong guarantees in decentralized financially-enabled networks can give rise to all kinds of awfulness.

Also note, that within this framework could lie systems with any sort of governance, as long as the governance mechanism is part of the promise the network makes and the difficulty to circumventing it is well known. So, for example, a system where some transactions (such as the DAO hack) can be reverted by community vote are not automatically centralized. They are systems in which the promise made and strongly kept is that the majority of participants must agree, in order for such drastic action to be taken.

One may think that by expressly allowing decentralized systems to support transaction reversal and recourse, I am relaxing the definition of decentralization rather than strengthening it. In truth, I am shifting it from describing how protected the system is from outside influence, to how protected it is from any influence, while relaxing the assumptions of what the system actually does. Decentralization is a structural characteristic, and so should be completely orthogonal to system’s functionality.

We can now understand the main benefit of decentralization — the ability of decentralized systems to treat their users as fully empowered stakeholders. Indeed, the investor-operator cliques, such as Facebook and Google, only respect their users to the extent required not to lose too many of them. It’s a cost-benefit equation, nothing more. Conversely, operational promises of decentralized systems are towards their users, ensuring the level of trust and long-term commitment not attainable in traditional operator-controlled systems.

This is why it is so important for crypto projects to retain their ability to sell or give tokens to their users, as well as to maintain a fully functional economic ecosystem of secondary markets, market makers, and arbitrageurs. It is because in order for users to act as empowered stakeholders, they have to be able to vote not only with their feet, but also with their money.

This to me is the main topic of discussion that needs to happen between the space and the regulators. Its outcome will determine whether customers forever remain a second class citizen, predated on by Facebook and its ilk, or are allowed to have a real voice and a real power — the main promise of decentralization.