A word that you keep on running into when getting into the web3 space is 'decentralisation'. Drawing on _gabrielShapir0, I'll take decentralisation to mean the equal distribution of a system's accepted forms of power, protecting users against their arbitrary use from the recognized legitimate 'authorities'. Decentralisation, in other words, refers to the way power is structured within a community and its legitimate use among its members.
I have been around the web3 and crypto space for a while now, and the relationship between blockchains and decentralisation is far from straightforward. Let me discuss some of the ways I have seen people link blockchains to the decentralisation of DAOs and dApps; the actual practice of decentralisation at the application level; and its enduring relevance to the web3 and crypto space. I'll aim to provide some context to its importance and stake out my own position when it comes to defending decentralisation.
There are several ways in which people draw a link between blockchains and decentralisation. I will observe three here:
Decentralisation as an intrinsic property of on-chain application and organisations.
Decentralisation as a necessary condition for the security of dApps and DAOs.
Decentralisation as a moral principle to be pursued in the creation of blockchain based applications.
This argument generally unfold as follows:
Communities consist of individuals. For a community to thrive, individuals need to coordinate their actions effectively toward a collective aim.
In real life, such coordination is impossible without the mediation of a central authority. See for instance the functioning of money, deeds or private property that consist of coordinated actions between individuals that are impossible without the mediation of banks and bureaucracies.
It implies that people place their trust in these central authorities to do a proper job and represent their collective and individual interests. This trust element is a weak point in how communities coordinate their actions. See the banking crisis of 2008.
Enter the blockchain. Very simply put, a public distributed ledger provides immutable and transparent proof that address A owns asset B. It removes the necessity for a centralised authority to provide the social trust necessary for individuals to coordinate their collective action.
As we cut out the centralised banks and bureaucracies, we have individuals interacting with each other through trustless - and hence decentralised - blockchain contracts.
Examples of this line of thought can be found all over the web3 and crypto space. A telltale sign is when minimising human intervention is equated with decentralisation. A beautiful example from the wikipedia page on decentralised applications:
A decentralised application is an application that can operate autonomously, typically through the use of smart contracts, that run on a [...] distributed ledger system. DApps operate without human intervention and are not owned by any one entity, rather DApps distribute tokens that represent ownership. These tokens are distributed according to a programmed algorithm to the users of the system, diluting ownership and control of the DApp. Without any one entity controlling the system, the application is therefore decentralised.
Because applications run autonomously on a distributed ledger, and ownership is distributed through a programmed algorithm, it bypasses a centralised authority and hence ends up being decentralised. A classic example of this approach is the ‘Code is Law’ mantra: arguing that the way in which code of smart contracts can be used, defines how it ought to be used. It minimises human intervention in name of avoiding the centralising tendencies of authority by maximising the autonomy of smart contracts. Although less extreme, a similar approach can be seen more recently in the assessment of layer-2 zk rollups that argue more developed rollups minimise human intervention and are, therefore, more decentralised.
Here the argument goes somewhat like this:
Distributed ledgers do not enforce a set of laws or regulations onto the applications and organisations that are active on them. In the absence of a fallback legal system, each application and organisation needs to police bad behaviour autonomously.
Giving a single entity the right to define and sanction bad behaviour in a dApp or DAO will result in a centralised authority having unchecked power. The entity will never sanction itself and hence stand above its own laws.
The only alternative is to sanction bad behaviour through coordinated action by community members. By giving voting power to those who own assets, asset holders will vote against actions that are detrimental to their interests. Collectively, this will safe guard the community from malicious actors.
Crucially, this coordinated action only works if no single entity represents more than 51% of a community asset. If this does happen, the actor holding the majority of tokens can always vote through any of their actions, in effect acting with impunity. This actor turns into a de facto centralised authority.
In short, without decentralisation, applications on a distributed ledger cannot replace the trust that legacy centralised authorities provided.
Sybil attacks are the obvious example of this approach: a single actor takes control of sufficient community assets to allow full control of its governance system. An infamous example is the Beanstalk governance hack of April 2022, where a single actor used flash loans to take control of its governance system and pass a decision to drain its funds. But there does not need to be one actor or an intentional attack for centralisation to become a security risk. In most DAOs tokens are extremely unequally distributed, giving a limited set of actors outsize voting power. Sometimes, as few was three are needed to reach a majority 'consensus'. It leaves possibilities for collusion wide open, frustrating the ability of the community to police its collective interests.
There are several ways in which this argument can be made. A common one goes something along the following lines:
The invention of public ledgers was meant as a challenge to centralised authorities. Its aim was to replace centralised trust - necessary for coordinating actions in social communities - with the immutability and transparency of public distributed ledgers.
But blockchains can only represent interactions based on assets that have been encoded on the blockchain. Many interactions in a social community do not fall within that scope. Examples are interaction based on a subjective assessment (what project is ‘good’ and receive funding?) or interactions based that rely on data that is only available off chain (for instance exchange rates to fiat currencies and random values).
In each and every case, the move beyond the boundaries of a blockchain invites for the reentry of centralised authorities. The data they provide - either a subjective assessment or off-chain data - needs to be trustworthy. An entity is needed to provide this trust. If not a blockchain, then this has to be some kind of publicly recognised central authority.
Following the founding idea and intention of blockchains, we ought to enlarge the scope of social interactions that can be represented on-chain in order to avoid this introduction of centralised authorities through the proverbial backdoor.
From intrinsic property, to necessary condition, we now have decentralisation as a moral principle in governing blockchain communities.
Examples of this type of approach can be observed across the crypto space. A blockchain based court does not draw on law but on economic incentives (see the Kleros court); a funding scheme forces projects to self-assess through a combination of self-created quantifiable indicators and assessments (see banklessDAO funding scheme); or individuals stake assets to attest theirs, and others, social identities (Gitcoin’s identity staking). Last but not least, there are services - such as chainlink - that have alternative blockchains to provide decentralised trust to information not included in the basic blockchain: randomised values and exchange rates are two examples. More recently EigenLayer emerged as a solution where the trust embedded in Ethereum as blockchain can be shared (or ‘taken’ might be a more apt description) to other types of data.
How do these relationships appear in practice? When it comes to decentralisation as an intrinsic property of distributed ledgers, in reality blockchain communities turn out to be highly centralised. The voting tokens of some of the largest DAOs around - such as Arbitrum, Uniswap and Gitcoin - have a Gini-coefficient of more than 0.98. A Gini of zero is a community that is completely equal; and a community with a Gini of one is completely unequal. With wealth inequality in real life, Brunei has the highest Gini in the world with 0.889 - not even coming close to some of the largest DAOs in the web3 space. Other ways of measuring decentralisation, such as the Nakamoto coefficient, result in similar observations.
Additionally, following the definition of decentralisation mentioned above, minimising human intervention in smart contracts does not lead - in my opinion - to decentralisation, it just leads to automation. In reality, automation places full power at the smart contract, rendering it, technically, fully centralised. This might seem unproblematic (‘a smart contract is pure code, hence will never turn evil!’) as long as we assume code has been created in a social vacuum, by a being of full and complete knowledge, and is devoid of any bugs or security risks. Placing such faith in code, is like treating software developers as Gods whose offspring is by definition immaculate. Needless to say, the assumption is rather unrealistic in reality.
When it comes to decentralisation as a necessary condition for the security of blockchain applications things also look rather problematic: increasingly, DAOs turn more centralised in response to security risks. Following the earlier mentioned Beanstalk governance hack, for example, the foundation behind the DAO decided to abandon direct governance by the community and always implement votes indirectly: the community can vote on proposals, but it is the foundation that will implement them. It had to fallback on a trusted centralised authority because it could not guarantee the decentralised character of its community.
Intentional centralisation of governance not only happens in response to security risks, it also happens in response to economic risk. Decentralisation slows down governance and scales very poorly. It is as if a country or company holds a referendum on every individual decision, rendering it unable to react quickly enough to changing circumstances - creating a risk to its own survival. Recently SushiSwap decided it would transfer to a Labs system, streamlining its governance system to be able to react more quickly to changing market conditions. Ironically the decision was voted through their legacy - decentralised - governance process without problem, even though many community members vehemently opposed the move.
Despite, or maybe because, all of the above, decentralisation as a moral principle still seems very much alive. When SushiSwap passed its reforms their was an outcry from its community. The fact that Aragon, DecentDAO and layer-2s such as Optimism continue to place decentralisation at the centre of their public statements is testament to its importance in the web3 and crypto space.
But it is not just the extent that decentralisation is mentioned that is important. It is also the symbolic weight it carries. The notion of decentralisation in web3 emerged from an attempt to avoid centralised authorities such as banks and bureaucracies. As a result, it has very strong anti-institutional undertones. In many other contexts, decentralisation has a more structural meaning: It is seen as the equal distribution of power in a community. It is expressed in equal access to institutions, but also equal access to money, knowledge, social networks, voice and physical movement - to name a few.
In the case of blockchains, the symbolic baggage of equating decentralisation to a rejection of legacy institutions shapes the kind of solutions people find for problems around centralisation. By and large, they opt for individual incentives over public enforcement to guide community behaviour; devolution of powers over separation of powers to streamline governance; and incentivised games over enforced checks to balance powers within DAOs.
IRL, the closest thing to a decentralised governance system is a democracy. Unsurprisingly, it is often mentioned when discussing ideals of blockchain governance. But the realisation still seems to be absent that democracy is not just about free and fair elections, but also about the institutional separation of powers, usually between a legislature, judiciary and executive. Democracy uses institutions to facilitate instead of frustrate decentralisation. Laws do not only exist to guide behaviour of members of a community, or manage their conflicts - they also exist to manage who has power, when and how. They separate powers and create the checks and balances between them in an effort to avoid it's centralisation around an informal community elite.
I might be missing something here. But if this is indeed the case, there is still a world to win in creating modular and composable frameworks of checks and balances that ensure decentralisation in the web3 and crypto space. What is needed, in my opinion, is an open discussion on how to separate powers and create effective checks and balances in DAOs, dApps and blockchain communities. Can we use multisig wallets to separate powers in existing governance systems and build checks between them? Or is it possible to combine access control protocols (such as OpenZeppelin’s AccessManager) with governance protocols (such as its Governor protocol)? These are two examples of the many applied questions that can be explored. In short, a focus on checks and balances enables a discussion around decentralisation as an institutional framework for DAOs and dApps.
To be continued.
seven cedars