I have often observed that disagreements between smart people inevitably devolve into a difference of opinions based on assumptions which are either ignored by one or both sides or insufficiently proven, which leads to the construction of a belief system built on top of nothing more than reasonable guesses. Because of this, it takes a long time before one can peel away the layers of conditional truths before you reach the core assumptions over which the principle disagreement is erected upon. (one needs to look no further than the renewed flat earth movement to see how you can rewrite your entire belief system to support your theory). Over the last month as I have debated with the decentralists on the foundations of their “decentralization is the most important thing about Bitcoin”* argument, I believe I have finally discovered the crux of the dispute, the mistaken assumption, upon which all other conclusions are derived upon, the genesis block of the debate, if you will.
The problem comes from the fact that the term decentralization has been overloaded to mean so many different things. From topological point of view the old graphic from Paul Baran (1964) (inset right) may seem to provide a good enough definition but only from the perspective of a network topology which is certainly not the common usage of the term today. More recently some folks have improved upon the definition to more clearly indicate that it is the notion of control (the little puppet master hands in the diagram) of the network nodes that make them more or less decentralized.
This explanation, which I credit for adding richer meaning to the term decentralization in its own right, unfortunately misses the mark and fails to address the real issue at hand, the core basic assumption which I alluded to above… which is that it is not really decentralization that we want.
What we really want, is network security. Security from corruption, and collusion. Security against that evil puppet master hand taking control of things. Let’s measure this thing and call the quantity the net Cost of Corruption (CCR) of the network. What we want is to maximize this. The higher the CCR is, the more difficult and thus more unlikely it will be for a malicious puppet master to take over the network. Decentralization certainly helps in increasing the CCR, or does it? Not enough academic study has been done on the topic to say for sure, but I can empathize with the decentralists that in absence of solid theoretical or empirical evidence, it sure feels like increasing decentralization should increase network security. Right?
Well I’m not a PhD in economics so I will leave the heavy lifting to others on this, but I can certainly outline the framework by which I would start to examine this quantity of network security, or its Cost of Corruption.
Let the cost of a failed collusion attempt for a mining node be
Which broken down into all the assets which would be lost if the collusion is discovered, sunk capital costs, legal costs, expected future profit stream, and potential reputational damage
What a node gains for a collusion, i.e. the bribe amount, in % of current profits we shall call the gains
Now there is a cost to contacting every node in a network to coordinate a collusion, it increases the more independent nodes the network supports. This is quite a dynamic variable, as costs could drop if methods for coordinating an attack could be more efficiently employed, such as anonymous posted bounties, or use of social media, or use of viral spreading techniques. But as those methods can only reduce the cost of coordination, I will assume for now the worst case scenario where it is constant, and only linearly increasing with just the number of nodes.
Let the cost the cost of corruption be defined by
Where each node’s CCR is defined by
Where the expected costs of a failed collusion are
And the expected gains of a successful collusion are
The theory is that as the network becomes more decentralized, (more independently controlled nodes controlling an increasingly smaller portion of hash power), the cost of coordinating a collusion increases, but the cost of a failed collusion drops
Because smaller miners make less profits, and in the extreme case of teenagers in their basement, they also have little reputation or capital assets at risk.
Worse, if all nodes were anonymous, then colluding and being caught doing so would not even affect their future profits, so the biggest factor in the cost(fail) is practically zero. Contrast this to a large mining business, where their future revenue stream is likely the largest component of their cost(fail).
Let d be a configuration of network decentralization which results in a specific cost of coordination for the whole network, and a cost of failure for each node
It is also the case that the configuration of the network changes with the number of N nodes which will comprise more than 51% of the network hashing power.
But since we cannot enforce the number of mining nodes in the network N, (and if we did it would alter the cost(fail(d)), then it follows that we should optimize decentralization such that the net Cost of Corruption is maximum for any given N, which is the most secure network state.
It should be obvious from above that maximizing decentralization (maximizing N) alone, does not produce the maximum security, in fact it may start to hurt network security beyond a certain point due to decreasing the cost(fail) for each node. As we get more nodes, the cost(coord) may go up, but the CCR(n) for each node will drop. We should in fact be trying to find the optimal d. In addition, if we modelled the cost(coord) more accurately, accounting for more efficient ways to coordinate independent nodes to collude, then the result would even be stronger against decentralization being the most important factor in network security.
This is the decentralization myth.
* -“and this is why we need smaller blocks! Because big blocks hurt decentralization!”(would be the common “False Effect” argument built on top of this assumption)