Decentralization Deserves a Number
Node counts measure nothing. Here is a five-layer test for who actually holds a protocol — and what it says about Bitcoin and Ethereum.
Keywords / tags: blockchain, proof-of-work, proof-of-stake, institutional economics, lock-in, network effects, Bitcoin, Ethereum, decentralization, economic modelling
The question nobody asks clearly
There is a phrase that gets thrown around in crypto with the confidence of a law of physics: miners secure the network, validators run the chain, the community governs. Each of these sentences smuggles in a claim about power. And each of them, when you look closely, is wrong in a way that matters.
The people who produce blocks — miners under proof-of-work, validators under proof-of-stake — do not write the rules of the system they operate. They did not author the protocol. They cannot, acting alone, change the consensus rules, the issuance schedule, or the validity conditions. What they can do is choose: which chain to point their hardware or stake at, which software client to run, which fork to follow when the road splits. They are not legislators. They are adopters.
That sounds like a small distinction. It is not. Once you take it seriously, a great deal of confused argument about decentralization, governance, and “code is law” resolves into a much sharper question: if producers are choosers rather than rule-makers, what governs their choice, and what happens in aggregate when many of them choose at once?
This is the question I built a formal model to answer. The paper is technical — dynamic discrete choice, replicator dynamics, stability analysis, the usual machinery — but the ideas underneath are not, and they generalise well beyond crypto. This post is the plain-language version, including a section near the end on what the model cannot show, because that part is at least as important as what it can.
A blockchain is five jobs, not one
Start by pulling apart something we usually treat as a single thing. When people say “the protocol,” they are actually compressing five distinct jobs, performed by five distinct sets of people, on five distinct timescales:
Layer 1 — Rule authorship. Someone writes the specification. In Bitcoin these are BIPs; in Ethereum, EIPs and ERCs. The artefact is text. It has named authors, submission dates, and merge dates. This is the legislature.
Layer 2 — Software implementation. Someone turns the specification into running code. Geth, Nethermind, Besu, Reth, Bitcoin Core. These are separate teams making separate engineering decisions about release timing, performance, and features. A rule that exists on paper but ships in no production client is, for practical purposes, not yet real.
Layer 3 — Operational production. Someone actually runs the machines — the miners and validators who produce blocks. This is the layer everyone fixates on, and it is the layer with the least authority over the others.
Layer 4 — Legal enforcement. Someone, somewhere, can attach real-world legal consequence to what happens on-chain: sanctions regimes, securities regulators, courts. This layer does not live inside the protocol at all, which is precisely why it is so often ignored — and so consequential when it acts.
Layer 5 — Liquidity coordination. Someone determines whether the asset is tradeable and usable: exchanges, market makers, custodians. A chain whose token cannot be priced or moved is technically alive and economically dead.
The central claim of the framework is that these five layers are usually staffed by different people. The person writing the rules is not the person running the hardware is not the regulator is not the exchange. I call this separability, and it is measurable: take the set of real-world actors operating at each layer, and compute how much they overlap. When the overlap is near zero, the layers are genuinely independent and the system behaves like the decentralised thing it claims to be. When the overlap is high — when one entity authors rules and runs validators and controls the dominant exchange — the decentralisation story is theatre.
This matters because it gives “decentralization” a number instead of a vibe. You can ask of any chain: how separable are its layers, actually? For a mature chain like Bitcoin Core (BTC) or Ethereum, the cross-layer overlap is at times small. For a foundation-controlled chain, or a corporate ledger dressed up as a blockchain, it is not. The framework does not take anyone’s word for it. It says: show me the actor sets, and I will tell you whether your layers are separate.
How you actually compute the number
It is worth being concrete, because this is where most decentralization claims quietly fall apart. To measure separability you build, for each of the five layers, a list of the real-world entities operating there. For Layer 1 you take the named authors of the protocol’s merged improvement proposals. For Layer 2, the development teams behind the production software clients. For Layer 3, the mining pools or validator operators with material share. For Layer 4, the jurisdictions and regulators with demonstrated reach over the participants. For Layer 5, the exchanges, market makers, and custodians that carry the bulk of volume.
Then you ask, layer by layer, how much these lists overlap. If the people who author the rules are largely the same people who run the dominant client, Layers 1 and 2 are fused, not separate. If the largest validator is also the largest exchange, Layers 3 and 5 are fused. You compute an overlap score for every pair of layers — a simple set-similarity measure — and you get a matrix. A nearly-empty matrix means genuine separation: five different crowds doing five different jobs. A matrix lit up with high values means the decentralisation is cosmetic, with a few entities wearing many hats.
When I run this on Ethereum and Bitcoin, the matrices are mostly sparse — the layers really are staffed by different groups — with one or two non-trivial entries worth noting rather than alarming. That is the empirical content of the claim that these chains are meaningfully decentralised: not a slogan, not a node count, but a measured pattern of who-does-what across the five jobs. And crucially, the same procedure would expose a chain that failed the test. A consortium chain where one firm authors the rules, ships the only client, runs the validators, and operates the exchange would produce a matrix close to all-ones, and the model’s predictions about producer dynamics would simply not apply to it — because there are no independent producers making independent choices, only one entity wearing five hats. The measurement is honest in both directions: it can certify separation and it can expose its absence.
I should be candid that this measurement is itself illustrative rather than definitive in the current work. Counting entities equally treats a giant exchange the same as a tiny one, which is obviously wrong; the better version weights each actor by economic share, and resolving exactly who counts as “the same entity” across layers (legal parents, subsidiaries, shared ownership) is fiddly work that materially affects the answer. So I report the number transparently and treat it as a proof of concept for the method, not a final verdict on any chain. But the method is the point: separability is the kind of claim that should come with arithmetic, and usually doesn’t.
Why choice becomes a stampede
Here is where it gets interesting, and where the economics earns its keep.
Suppose you are a block producer choosing between two regimes — two chains, two clients, two forks. A naive model says you pick the one with the higher expected profit and you are done. But producers do not choose in isolation. The value of being on a chain depends on how many other producers are also on it. A chain with almost no producers is insecure and worthless; a chain with most of the producers is secure and liquid. So your best choice depends on everyone else’s choice, which depends on yours.
This is a coordination problem, and coordination problems have a nasty property: they produce multiple stable outcomes. There is not one “correct” equilibrium that the system glides toward. There can be several, and which one you end up in depends on history — on accidents of timing, on who moved first, on a shock that happened to hit at the wrong moment. Economists call this path dependence. In plain terms: you can get stuck.
The model formalises this with what is called replicator dynamics — borrowed from evolutionary biology, where the same mathematics describes how a trait spreads through a population. Producers who are doing well attract imitators; the popular choice gets more popular. Under the right conditions this feedback is gentle and the system settles sensibly. Under other conditions it is vicious, and the system locks into a regime that no one would have chosen from scratch — an inferior standard that survives purely because everyone is already on it.
If that sounds familiar, it should. It is the QWERTY keyboard. It is the VHS-versus-Betamax story. It is why your office still runs software everyone complains about. Lock-in is not a crypto phenomenon; it is a feature of any system where the value of a choice rises with the number of people making it. Crypto just makes it unusually visible, because every choice is recorded on a public ledger, timestamped and permanent.
The model’s formal contribution is to say precisely when the feedback turns vicious — to identify the tipping point, mathematically, at which a system flips from “one sensible outcome” to “multiple stuck outcomes.” That tipping point is a bifurcation, and locating it is the technical heart of the paper. But the intuition is the part worth carrying away: coordination among the upstream layers can trap the producers downstream. The people running the machines can end up locked onto a regime chosen by forces they don’t control and a history they didn’t author.
The headline result: proof-of-work moves fast, proof-of-stake moves slow
Now to the part most readers came for. The model makes several predictions; one of them is about the difference between proof-of-work and proof-of-stake, and the data — with heavy caveats I will be explicit about — point in a clear direction.
The prediction is about adjustment speed. When a shock hits a system, how fast do the producers re-sort themselves? The model says this depends on the switching cost — how expensive it is for a producer to leave one regime for another. High switching cost means slow adjustment. And proof-of-stake, by its very design, imposes a far higher switching cost than proof-of-work.
Look at what actually happened.
Proof-of-work, the China shock. In mid-2021, China banned Bitcoin mining outright. Roughly half of the entire Bitcoin network’s mining power went dark almost overnight — a 54% collapse. What happened next is the tell: the network recovered half of that lost power in about two weeks. Miners are mobile. Their capital is hardware in shipping containers. You unplug in Sichuan and you replug in Texas, and the network heals at the speed of logistics.
Proof-of-stake, the validator queue. Ethereum’s validators cannot do this. To become a validator you must bond your stake — lock it into the protocol. To leave, you join an exit queue, and the protocol deliberately rate-limits how fast validators can enter or exit. When you look at the actual Ethereum data, the largest exit episode took roughly 83 days to clear half its backlog. The largest entry queue never cleared within the entire window I could observe — well over a hundred days. Where proof-of-work heals in weeks, proof-of-stake re-equilibrates over months, and sometimes longer.
That is roughly an order of magnitude difference in adjustment speed, and it is not an accident. It is the mechanism working exactly as the model says it should. The bonded stake is the switching cost. The very thing that makes proof-of-stake secure — your money is locked up, so you have skin in the game and can’t cheaply attack and leave — is the same thing that makes it slow to adjust. Lock-in is a feature and a cost at the same time, and you cannot have one without the other.
This reframes the tired “which is better” debate. Neither is better. They sit at opposite ends of a genuine trade-off:
Proof-of-work buys flexibility. Cheap to enter, cheap to exit, fast to heal after a shock. The cost is that nothing holds producers in place; loyalty is only ever as deep as this week’s profit.
Proof-of-stake buys commitment. Producers are bonded in, which makes attacks expensive and the validator set stable. The cost is rigidity: when the world changes, the system is slow to follow, and participants are, in a real sense, trapped — by design.
If you want a system that re-sorts quickly under stress, proof-of-work has a structural advantage. If you want a system whose participants cannot cheaply abandon it, proof-of-stake does. The choice between them is a choice about which failure mode you would rather live with.
The honest part: what I can and cannot show
Now I have to do something that academic incentives usually punish and that I think is the whole point of doing this properly. I have to tell you exactly how strong this evidence is — which is to say, not very, and certainly not as strong as the clean story above makes it sound.
The proof-of-work-versus-proof-of-stake comparison I just described is not a controlled test. It is what I call a mechanism vignette: a directional illustration that the mechanism behaves as predicted. Three things are wrong with it as proof, and I report all three rather than hide them:
First, it is cross-asset. The proof-of-work data is Bitcoin; the proof-of-stake data is Ethereum. These are different systems with different histories, and a purist would rightly say you cannot cleanly attribute the speed difference to the consensus mechanism alone.
Second, the two things I am measuring are not the same quantity. Bitcoin hash rate bouncing back after a shock is a stock recovering. The Ethereum validator queue draining is a flow being processed through a rate-limited gate. They are cousins, not twins.
Third, part of the proof-of-stake slowness is mechanical — the protocol’s churn limit caps how fast validators can move regardless of what anyone wants. That mechanical limit is the bonding friction the theory points to, so it is not irrelevant. But it is not purely a behavioural choice either, and I separate the two rather than pretend the whole effect is behavioural.
So the direction is clear and it matches the theory. The magnitude is suggestive. But it is an illustration, not an identification. I would be lying to you if I dressed it up as more.
I will go further, because there is one result in the paper that came out as a flat null — no effect, nothing significant — and I kept it in the paper anyway, because why it failed is more interesting than a tidy success would have been.
The prediction was that producers follow profit, not stated allegiance. To test it I needed three things for each mining pool over time: how much they produced, what they publicly signalled (Bitcoin’s 2017 SegWit fight is a rare moment where miners broadcast their preference directly on-chain), and how profitable each pool was. Bitcoin’s design hands you the first two for free, permanently, for every block ever mined. The blockchain is the most transparent production ledger humanity has ever built. I pulled 42,964 blocks and the signalling data fell straight out.
And then I hit a wall. The one thing Bitcoin does not record is each pool’s cost — their electricity contracts, their hardware efficiency. Those live off-chain, in private. So I could see what every producer did and what every producer said, but not what it cost them, and without cost you cannot test whether they followed profit. The regression returned nothing because the variable that mattered wasn’t in the data — and couldn’t be, by the nature of the system.
I report this as a data-availability diagnostic, not as a finding about the hypothesis. It says something genuinely useful: the public ledger, for all its radical transparency, has a permanent blind spot exactly where private cost lives. That is worth knowing. A null result that teaches you where the data runs out is not a failure. Burying it would have been.
The remaining two predictions fared a little better but are still bounded. One — that upstream software readiness has to precede downstream adoption, because you cannot run a client that hasn’t shipped — showed up as a clean directional pattern in Ethereum’s client data: readiness leads adoption, and not the other way around. But it is a single chain, fifteen quarterly data points, a small pilot. The other — that legal shocks bite regulated players specifically — showed up sharply around the 2022 OFAC sanction of Tornado Cash: the share of Ethereum blocks routed through regulated, compliance-enforcing relays jumped from about 11% to 78% in ten weeks, exactly among the legally exposed entities. But that one has no clean “before” period to compare against, so it too is an illustration rather than a verdict.
Four predictions. One genuine pilot, two directional vignettes, one instructive null. That is the honest inventory. I would rather hand you that than a slide deck of green checkmarks.
Why this is not really about crypto
If you do not care about blockchains, you might reasonably have stopped reading. You shouldn’t have, because the crypto application is just the place where the layers happen to be visible. The structure is everywhere.
Replace “block producers” with “firms adopting a technical standard.” Layer 1 is the standards body writing the spec. Layer 2 is the vendors shipping products that implement it. Layer 3 is the companies choosing which standard to build on. Layer 4 is the regulators and certification regimes attaching legal weight to compliance. Layer 5 is the large buyers whose concentration decides which standard coordinates the market. Every word of the model applies. The standards war, the lock-in, the tipping point past which an inferior standard becomes unkillable — all of it.
Replace it with platform ecosystems. Platform owners author the rules. Tooling providers implement them. Developers and complementors choose which platform to build on. Regulators set enforcement. App stores and dominant buyers coordinate the liquidity of attention. Again: same structure, same dynamics, same traps.
The general lesson is uncomfortable and I think correct. In any system where the value of a choice rises with the number of people making it, the participants who actually operate the system are not the ones who control it — and they can be locked, collectively, into an outcome that none of them would have chosen freely. The people running the machines, building on the platform, adopting the standard, are downstream of a coordination process they did not design. They are choosers, and their choices aggregate into something with a will of its own.
That is why “decentralization” deserves a number rather than a slogan. A system can have thousands of independent operators at Layer 3 and still be tightly controlled, if the upstream layers — the rule-authors, the dominant client, the regulator, the exchange — are concentrated and overlapping. Counting nodes tells you almost nothing. Measuring cross-layer separability tells you a great deal. The model’s contribution is to insist on the second and refuse the first.
What I actually built, and what comes next
To be precise about the contribution, since the honesty section above might leave the impression the whole thing is hedged into nothing: the substantive output is the model. A formal theory of how producers choose among institutional regimes they do not author; a microfounded account of how individual bounded-rational choices aggregate into population dynamics; a stability analysis that locates the exact conditions under which coordination feedback produces lock-in and multiple equilibria; and a measurable, falsifiable concept of institutional separability. That machinery stands on its own. The empirical pieces are demonstrations that the predictions can be taken to data and that, where the data permit, they point the right way.
The version of this work that would settle the questions rather than illustrate them needs things I do not yet have: a multi-chain panel instead of one chain; matched shocks instead of a cross-asset comparison; a clean before-and-after design for the regulatory prediction; and, for the profit question, producer-level cost data that the public ledger structurally cannot provide. Those are the next papers. I would rather name them as open than imply they are closed.
If there is a single thing to take from all of this, it is a habit of mind rather than a result. When someone tells you a system is decentralised, or that its operators control it, or that one consensus mechanism is simply better than another, ask the boring structural questions. Who authors the rules? Who ships the code? Who runs the machines? Who can bring legal force? Who coordinates the money? Are those five groups actually different people — and if a shock hits, how fast can the operators move? The answers are usually measurable, frequently surprising, and almost never what the slogan says.
The machines are running. The interesting question is who, exactly, decided what they would run — and whether anyone could change it now even if they wanted to.
This post summarises a working paper, “A Dynamic Institutional-Selection Model under Coordination Feedback and Network Externalities.” The technical version, the formal proofs, and the full replication data are available separately. As above: the empirical exercises are deliberately bounded, and I have tried to be exact about the difference between what is demonstrated and what is merely illustrated.