Introduction to Blockchain Decentralization
Over the past months, Security Innovation tested several blockchain applications. Testing began by creating a threat model, in which a major component was the security of the underlying blockchain itself. While all the blockchains Security Innovation studied shared many similarities, including the use of a Byzantine Fault Tolerant style Proof of Stake (BFT-style PoS) consensus mechanism, a few notable differences resulted in different security considerations. Rather than offer a high-level security comparison, which other recommended blogs have done before, we wanted to deep dive into one of the more interesting and controversial topics of blockchain security – decentralization. To begin understanding the impact of decentralization on security, let us start by looking at the scalability trilemma.
The scalability trilemma, originally termed by Vitalik Buterin, co-founder of Ethereum, describes the difficulty in designing a blockchain that incorporates decentralization, security, and scalability. Vitalik explains that a simplistic blockchain “can only get two of those three.” The trilemma introduces a simple yet defining relationship between decentralization and security. A decentralized blockchain that is also scalable will inherently be less secure than a blockchain that deprioritizes scalability or decentralization.
The Nakamoto coefficient is a measure of decentralization, which draws a clear symbiotic relationship between decentralization and security. The Nakamoto coefficient ascertains the number of nodes that must be compromised to affect the blockchain and prevent it from functioning correctly. The Nakamoto coefficient measures how easy it is to pull off a majority attack (more commonly known as the 51% attack) against a given blockchain.
While the Nakamoto coefficient does not contradict the blockchain trilemma – the trilemma only dictates that a blockchain with a high Nakamoto coefficient and scalability optimizations is less secure than a blockchain with the same Nakamoto coefficient and security optimizations – it does introduce the not-so-obvious relationship between decentralization and security.
Historically, most attacks have only occurred on lesser-known blockchains like Litecoin Cash. Most blockchain attacks have instead been associated with smart contract code bugs. However, FTX’s bankruptcy in early November of last year illuminated another benefit of decentralization. Solana, which had deep relationships with FTX through Alameda, saw drastic reductions in its amount of staking tokens and validators post-FTX bankruptcy. The FTX problem exemplified a non-technical and non-malicious adverse event on a blockchain that is as probable, if not more probable, than a successful majority attack. As the conversation has shifted these past few months, it is an excellent time to reassess decentralization’s role in blockchain security.
Measuring Decentralization
Decentralization is very difficult to quantify. To explain why, let us look at an argument that has been made in the past. This argument that attempts to prove that one blockchain is more decentralized than another focuses on the following metrics.
▪️ Staking ratio (Number of staked tokens to total outstanding number of tokens)
▪️ Individual wallets participating in staking
▪️ Initial coin distribution (How many tokens are held by institutions or insiders at ICO)
▪️ Nakamoto coefficient (MAV [Minimum Attack Vector]– the minimum number of how many independent parties have to collude to have control of the network and perform a majority attack [conventionally defined as greater than ½ control, but for BFT-style PoS protocols, is actually greater than ⅓ control]).
▪️ The total number of Validator nodes
The following table, Table 1, compares these metrics between several popular blockchains. The numbers represent the latest raw figures as of January 1, 2023.
Blockchain | Consensus Mechanism | Delegation Natively Supported | Initial Cost to run Validation Node | Staking Ratio | Individual Wallets Participating in Staking | Initial Coin Distribution (% offered to public) |
Nakamoto Coefficient | Total # of Validator Nodes |
Ethereum | PoS | No | 32 (~$49,694.4) | 14% | 92,500 | 80% | 3 | ~9469 |
Cardano | PoS | Yes (delegate to stake pool) |
340 (~$122.4) |
72% | 1,255,182 | 81% | 24 | 3209 |
Solana | PoH (PoS) |
Yes | 0 | 71% | 284,691 | 39% | 31 | 2063 |
Flow | PoS | Yes | 135,000 (~$133,056) |
49% | 42,242 | 42% | ~2 | 428 |
Tezos | PoS | Yes | 6,000 (~$5,160) |
77% | 171,057 | 80% | 5 | 407 |
Algorand | PoS | No | 0.1 | 14% | 24,239 | 75% | ~16 | 1302 |
Consensus Mechanism and Staking Participation
Except for Solana, the consensus mechanisms used between the six blockchains are relatively similar. They all use some form of a Byzantine Fault-Tolerant (BFT) style Proof-of-Stake (PoS) consensus mechanism. In a BFT-style PoS consensus mechanism, two-thirds of the validators or a “supermajority” must reach a consensus before a new block is added to the chain. This means one-third of the validators or a “superminority” can effectively prevent a supermajority from occurring, causing a denial of service (DoS) on the blockchain.
Solana modifies the traditional BFT-style PoS consensus mechanism with a Proof-of-History (PoH) system that solves the network throughput problem plaguing other PoS blockchains. In other PoS blockchains, all validators must reach a consensus before confirming a block. This means isolated network throughput issues affecting one node will effectively propagate to the rest of the system. In a PoH blockchain, all the validators are always in agreement over the order of blocks. This means a network throughput issue that results in an out-of-order block does not affect the integrity of the blockchain; isolated network throughput issues remain isolated. As a result of asynchronous block validation, throughput increases dramatically. Throughput, however, comes at the expense of decentralization. Solana achieves synchronization across validators using a leader system, where a leader is randomly selected to add ledger entries.
The centralized leader system results in a known issue where a malicious leader can censor votes and transactions under the guise of a network issue. Solana mitigates this known issue with slashing. Slashing grants Solana the ability to forcibly remove rewards and staked tokens from a suspected malicious node.
Unlike the PoH hybrid consensus mechanism, delegation in consensus mechanisms has minimal security consequences. Delegation is how token holders can participate in the staking, validation, and rewards process without the need to set up their own nodes. This is not to be confused with a formal Delegated Proof of Stake (DPoS) consensus mechanism like Tezos’. In a DPoS blockchain, the ability to “delegate” nodes for critical activities like block validation is native to the protocol. This is as opposed to non-delegated PoS mechanisms like Algorand and Ethereum, which randomly select the verification nodes. While Algorand and Ethereum do not support this functionality directly, a user interested in delegating funds can always use a third-party staking service. The only impact of direct delegation support is on the staking ratio and individual wallet participation metrics. Notice how Ethereum and Algorand have a low staking ratio (and a relatively low number of individual participating wallets). This is not to say individual users do not participate in the validation process; it just means users must go through a third-party staking service, which obfuscates the actual values. Since delegation occurs on all PoS blockchains, whether natively supported or not, it does not serve as a significant differentiating factor between PoS blockchains.
Ultimately, aside from Ethereum and Algorand presenting misleading staking ratios due to third-party delegation, the only other takeaway is that Flow has a lower-than-average staking ratio for a blockchain that natively supports delegation. We discuss Flow more in depth later.
Nakamoto Coefficient And Total Number of Validation Nodes
The Nakamoto Coefficient is the single best metric we currently possess to measure decentralization; it is also often the most misleading since it can be exaggerated for marketing purposes. As previously noted, decentralization is difficult, if not impossible, to quantify.
The Nakamoto Coefficient is defined as the minimum number of independent parties that have to collude to have control of the network and perform a majority attack i.e. create a superminority and produce a DoS attack.
One problem with the Nakamoto Coefficient is that it can unfairly penalize blockchains with large insider ownership. That is a blockchain whose founder owns more than one-third of the stake would have a Nakamoto Coefficient of 1. Yet, there would be a minimal incentive for the founder to exploit their own blockchain; the founder would most likely want their product to succeed, and if the founder truly wanted a get-rich-quick scheme, there would be far easier ways to achieve that objective. Granted, a blockchain with large insider ownership should be questioned for its lack of decentralization. The point here is that a low Nakamoto score does not necessarily mean a lack of security.
Another problem is the Coefficient only accounts for malicious nodes; it does not account for malicious nation-states, malicious cloud providers, or malicious data centers. The impact of a malicious data center was simulated when Hetzner, a data center operator, blocked server access for Solana nodes. As a result, one thousand Solana validators went offline. Since the one thousand validators only represented one-fifth of the total staked value, the Solana blockchain was unaffected. However, if another data center operator, such as Equinix, which holds approximately another one-fifth of the total staked value, had colluded with Hetzner and blocked access to Solana simultaneously, the Solana blockchain would have gone completely offline. The Hetzner situation represents a real-world scenario that will likely occur again. In contrast, the Nakamoto Coefficient’s majority attack situation represents an on-paper scenario that may never occur for a blockchain that appropriately disincentivizes malicious behavior.
One far more likely scenario is individual nodes, wallets, or institutions being hacked. In this case, it is important that the Nakamoto Coefficient is high enough such that the likelihood of the attacker being able to launch a majority attack using the hacked assets is insignificant. Proper decentralization means the hacked asset does not expose the entire blockchain to additional attacks.
The total number of validation nodes is another popular method of measuring decentralization. The association between the number of validation nodes and decentralization is evident in this case. A greater amount of validation nodes means greater unpredictability when selecting a validator, which disincentivizes malicious actors attempting to maximize their probability of a successful exploit while minimizing their risk of identification. A greater amount of validation nodes also increases the chance that even if a central entity decides to go rogue e.g. a nation-state, it will be more difficult for the nation-state to coerce all the validation nodes to collude without news first leaking out.
Barriers To Entry And Institutional Ownership
The last two metrics we will discuss do not measure decentralization directly but instead represent barriers to further decentralization. The first barrier is the cost of running a validation node. The cost we focus on is the deposit amount required by the blockchain protocol to begin participating as a validator. We ignore the hardware/software/utility costs because every blockchain incurs these.
Naturally, larger deposits should negatively impact both the number of unique validators on the network and the Nakamoto coefficient. We see this relationship play out with Cardano, Algorand, and Solana, as all three blockchains have relatively small required deposit amounts. All three blockchains also have high Nakamoto Coefficients and relatively high numbers of validator nodes.
Another barrier to further decentralization is institutional and, to a lesser extent, insider ownership. A blockchain can only become so decentralized if only so many of its available tokens are publicly ownable. Similar to how large insider ownership does not necessarily undermine security, nor does large institutional ownership. In fact, high institutional ownership is often a coveted attribute for publicly traded stocks. Institutions represent subject matter experts, and if the subject matter expert believes in something, the public tends to follow. For Solana and Flow, two blockchains where publicly available tokens represent less than half of the total available tokens, an argument can be made that by inviting institutional ownership, the blockchain can build public trust. And public trust can result in more public participation. Once public participation goals are met, the blockchain can begin releasing insider-owned tokens until the total amount of tokens owned by the public catches up to other blockchains.
At this point, we need to talk about the elephant in the room. Flow has absurdly high barriers to entry. Not only does Flow require a user to stake 135,000 FLOW (5M USD at FLOW’s price peak) to run a validation node, it requires applying. Dapper Labs, the company behind Flow, also came out with an article over a year ago with the subtitle, “Dapper now running less than one-third of the total nodes.” Upon further reading, it became clear that Dapper now ran less than one-third of the total consensus nodes. While misleading, given that Dapper still runs a healthy majority of the collection nodes, the statement was innocuous because the consensus nodes do play the most critical verification role in the ecosystem. With that said, the article did not mention the Nakamoto coefficient of Flow. Before the update, the Nakamoto coefficient had been 1. Now the Nakamoto coefficient was 2 as a collusion between Dapper Labs and CoinFund would still bring down the network.
While Flow has enough quirks to fill a mini-blog post, the primary takeaway is that Flow is a centralized, unique blockchain that offers an anomalous data point whenever multiple blockchains are being compared and contrasted.
FTX Bankruptcy
Institutional ownership scrutiny increases when institutions go bad. A prime example of this is Solana and its relationship with FTX. On August 31, 2022, Solana published a report mentioning that its Nakamoto coefficient had risen from 19 to 31. An impressive coefficient that objectively outclasses the other blockchains in this comparison.
Three months later, FTX and Alameda, the hedge fund with possibly fraudulent ties to FTX, filed for bankruptcy, and a broad cryptocurrency market selloff would occur. Since FTX (via Alameda) was one of the largest holders of SOL and one of the top validators (if not the top), seeing the bankruptcy impact Solana negatively was unsurprising. 29.5M SOL was unstaked in a day, and the number of Solana validators dropped by 322. While it is possible that some of the unstaked tokens and lost validators were not directly associated with FTX, it is unlikely because Solana enforces an unbonding period of 5 days. That means any unstaking activity that occurred on 11/09/22 and 11/10/22 must have been initiated on 11/04/22 and 11/05/22. This was before any major public news impacted the sentiment on Solana; hence, most of the unstaking activity can likely be attributed to FTX.
The following table, Table 2, compares the impact of the FTX bankruptcy on all six blockchains and their underlying tokens.
Blockchain | Token | Token Price on 11/05/2022 | Token Price on 11/09/2022 | Overall Change Price |
CoinDesk Market Index |
CMI | $1078.14 | $757.19 | -29.77&% |
Ethereum | ETC | $1627.90 | $1100.11 | -32.42% |
Cardano | ADA | $0.4267 | $0.3179 | -25.50% |
Solana | SOL | $36.77 | $13.99 | -61.96% |
Flow | FLOW | $1.8462 | $1.4511 | -21.40% |
Tezos | XTZ | $1.4454 | $1.0199 | -29.44% |
Algorand | ALGO | $0.4235 | $0.2652 | -37.37% |
The bankruptcy clearly had an outsized impact on Solana. Other patterns are less clear. Flow saw the slightest impact, which suggests higher centralization can help mitigate risk during major negative catalysts. Cardano saw the second smallest impact, suggesting that higher decentralization can also mitigate the same risk, except Algorand, another well-decentralized blockchain, saw the second-highest impact.
Good questions at this juncture are whether we should treat the FTX bankruptcy as an adverse security event and whether we care about the depreciation in Solana’s price as security practitioners. At face value, the answers would be no. However, FTX’s liquidation of Solana assets parallels how a hacker might play a successful FTX exploit; like the Hetzner event, the bankruptcy serves as a real-life stress test of the blockchain. And while a large depreciation in the underlying asset value might not be the biggest threat against a blockchain application, it remains a severe threat. Take, for example, an NFT marketplace. As expected, Solana NFTs saw large price collapses and reduced demand days after the FTX bankruptcy. Given that NFT marketplaces receive fees based on the NFTs transacted, the reduced earnings would have quickly escalated to the marketplace level.
It is worth noting, at this point, that Solana’s founders posited in 2020 that censorship resistance was “the single most critical property of blockchain networks.” In that case, Solana can now point to both the Hetzner data center ban and the FTX bankruptcy as evidence of Solana’s resiliency to censorship. Both events severely compromised the Solana blockchain, but the availability and integrity of the blockchain were never affected.
Reevaluating Blockchain Third-Party Partners Post-FTX
The FTX bankruptcy opened our eyes to how blockchain and cryptocurrency have shifted how we think about third-party partner assessments. Not surprisingly, every blockchain application Security Innovation tested involved third party partners. Common partners were node-as-a-service (NaaS) companies, blockchain data aggregators, and decentralized storage providers, not to mention cloud computing platforms. For each partner type, Security Innovation would utilize the experience gained from our current service offerings like the SDLC Gap Analysis service and Secure Cloud Configuration service to create a holistic risk assessment of each partner and their respective integration points with the application.
Third-party assessments will always be complex due to their closed nature; most assessments condense down to questionnaires and interviews. The SDLC Gap Analysis, as mentioned above, utilizes these exact techniques. As a security company conducting a security gap analysis, it should not come as a surprise that the questions and interviews are all focused on security topics. Would SDLC Gap Analysis have caught all the bad practices that resulted in the FTX bankruptcy? No, because FTX’s woes were primarily driven by poor/fraudulent financial accounting.
The FTX bankruptcy revealed gaps in our methodology. First, Security Innovation does not typically assess third-party partners of the blockchain itself e.g. Solana’s partnership with FTX. In the future, we will make a stronger push to include better data in our final reports on the underlying blockchain; data that will include the blockchain’s significant third-party partners. Second, Security Innovation will explore how profound financial assessments can become a regular part of all third-party partner assessments in blockchain. Third, we will utilize certification audit reports like SOC2 reports to reinforce and augment our findings.
While Security Innovation never tested a blockchain application that called FTX a direct partner, FTX offered many of the same enterprise services as competing cryptocurrency exchanges like Coinbase and had high-profile direct partnerships with many prominent institutions including Visa and GameStop. In the future, whether a risky partner is directly or indirectly associated with a blockchain application, we hope that a revamped third-party assessment methodology will enable us to consistently present a clear and accurate risk profile to our customers.
Final Thoughts on Decentralization’s Impact on Blockchain Security
Recall that the main takeaway from this write-up is that decentralization is difficult, if not impossible, to quantify. Aside from this point, we can conclude a few other facts.
A secure and decentralized blockchain is a transparent one.
While it is challenging to measure transparency objectively, one method is to view the sources for all the data points in Table 1. The best blockchains contribute all the data clearly and directly from their official website. An example of a lack of transparency is Flow’s Nakamoto Coefficient. We had to compute the Nakamoto Coefficient by comparing two different lists of Flow nodes. We also observed that geolocation, cloud service, and data center data were difficult to retrieve across the board. Given the importance of this data, we hope to see it become part of official public datasets.
Be wary of any attempt to optimize for a single decentralization metric.
Given that measuring decentralization is difficult-to-impossible, optimizing for a single measurement of decentralization may not actually result in additional decentralization. Instead, attempts to optimize for a single metric are most likely marketing-led efforts that come at the expense of critical components like security.
Decentralization improves a blockchain’s resiliency, which improves the blockchain’s security (even if it is not always immediately obvious how).
Despite the warning above, decentralization should be optimized for in general. This means blockchains should strive for a low barrier to entry, a high public participation ratio highlighted by a high number of validators and delegators, and a reasonable Nakamoto coefficient. As stated in our conclusion on transparency, the decentralized blockchain should also be honest and clear about challenges to decentralization.
All partnerships are potential failure points and should be diligently assessed. Additionally, partnerships should be well-diversified such that no one partnership owns a monopoly on a single resource.
If the primary takeaway is the difficulty of measuring decentralization, the secondary takeaway is that decentralization is difficult, period. Being decentralized is analogous to living off the grid. You must figure out food, housing, and security all by yourself. For something as complex as a blockchain, it is unreasonable to build everything in-house. Partnerships are inevitable. Partnerships in blockchain should undergo robust security and financial assessments. In addition, where decentralization is impossible, diversification becomes critical. Having multiple partners hedge against a single bad partner should become standard practice.
Security Innovation is here for all your blockchain security needs.
Whether pentesting an NFT marketplace, auditing a smart contract, or threat modeling a potential third-party blockchain partner, Security Innovation has the tools and expertise to ensure a secure and successful outcome.