Trustless

The cryptography works. Public-key signatures are mathematically sound. Hash functions are collision-resistant. Merkle trees provide tamper-evident data structures. Consensus protocols like Byzantine Fault Tolerance and its descendants can achieve agreement among untrusted parties without central coordination. These are not speculative claims. They are engineering results, formally proven and deployed across decades in contexts from secure communication to distributed databases.

A system in which no single party can alter the ledger, halt the network, or change the terms is, in principle, constructible. The aspiration to build such a system reflects a serious diagnosis: centralized institutions concentrate power, extract from the populations they serve, and abuse the trust their position requires. The financial crisis of 2008, the surveillance architecture revealed in 2013, the platform monopolies that emerged over the following decade, all provided evidence that institutional trust is frequently misplaced. The engineering response was to design infrastructure where trust is replaced by verification.

What follows examines what happens between the theoretical possibility of a trustless system and the one that actually gets built, funded, deployed, and governed. The gap between those two things is where the argument lives.

In 2010, Tim Wu published The Master Switch, documenting a pattern that has repeated across every major information technology since the telephone. Each began as an open system: competitive, experimental, accessible to individual operators. Each was captured by monopoly or cartel. Bell’s patent expired in 1894 and the market opened to thousands of independent operators. Within three decades, AT&T had consolidated nearly all of them. Radio began as amateur experimentation, accessible to anyone with a receiver; it became NBC, CBS, and a federal licensing regime that restricted who could broadcast. Film began with independent studios; it became the vertically integrated Hollywood studio system. Television followed the same arc.

Wu called this "the cycle," and he argued that the dynamic is not accidental. It is structural. Open systems under market conditions tend toward concentration because scale economies reward size, network effects entrench incumbents, and capital accumulation enables acquisition. The pattern does not require malice. It requires only that each participant pursue the option that is most efficient for them. The aggregation of individually rational choices produces a collectively concentrated outcome.

Wu wrote The Master Switch when the internet was still widely understood as an exception to the cycle. It is no longer widely understood that way. The open web of the 1990s consolidated into the platform economy of the 2010s. Independent websites became dependent on Google for discovery, Facebook for distribution, and AWS for hosting. In 2006, Yochai Benkler published The Wealth of Networks, arguing that the internet had created conditions for commons-based peer production that could resist the cycle. Open-source software, Wikipedia, and collaborative journalism demonstrated that large-scale cooperative production was possible without corporate hierarchy. In 2018, Microsoft acquired GitHub, the platform that hosted most of the world’s open-source code, for US$7.5 billion.

The question for blockchain is whether it represents a genuine departure from this cycle, or its latest phase.

A blockchain’s security model assumes that its nodes are distributed across independent infrastructure, so that no single failure, decision, or policy change can compromise the network. The protocol layer achieves this assumption. The physical layer does not.

The pattern holds across networks. On Solana, two hosting providers (Teraswitch and Latitude.sh) control 43% of staked infrastructure. The Jito client holds an 88% share of network stake. Of seven major blockchain networks independently studied, five had over 50% of nodes on public clouds, with some reaching 90%.

ConsenSys owns both MetaMask and Infura: the wallet most users interact with and the RPC provider that wallet uses by default to reach the network. One company controls both the interface and the connection. In November 2020, Infura fell out of sync with the network, producing an inadvertent hard fork. In March 2022, a configuration error blocked MetaMask users in certain regions entirely. In November 2022, ConsenSys disclosed that the combination collects wallet addresses and IP information when transactions are broadcast.

None of this contradicts the protocol design. The protocol is decentralized. The infrastructure hosting it is not. The access mediating it is not. What "trustless" means in practice is: you trust the protocol, and you trust Amazon, and you trust ConsenSys, and you trust that the three ISPs carrying 60% of Bitcoin’s traffic will continue to carry it. Each of these trusts has already been violated at least once. The difference between these dependencies and the ones they replace is not that they are smaller. It is that they are less visible.

The infrastructure pattern above is not yet a radical monopoly. But it has the architecture of one. As financial services, identity systems, and data storage migrate onto blockchain infrastructure, and as that infrastructure consolidates around a small number of providers, the ability to participate in these services without going through the consolidated access points diminishes. The restructuring proceeds not by decree but by the accumulation of dependencies that, individually, each appear as reasonable engineering choices. The landscape changes. The alternatives narrow. And the narrowing is cited as evidence of adoption.

The validators who secure proof-of-stake networks are, in theory, a large and independent set. The economic design assumes that no small group controls enough stake to compromise the system.

Lido controls approximately 31-32% of all staked ETH. Coinbase holds roughly 14%. Two entities, 45% of Ethereum’s security weight. Only about 25% of the network’s 916,000+ validators are independent solo stakers. The remainder are controlled by staking pools operated by a small number of organizations. The DARPA report quantified the implication: four entities could disrupt Bitcoin. Two could disrupt Ethereum. Fewer than a dozen could compromise most proof-of-stake networks.

The industry developed a metric to measure its own decentralization: the Nakamoto Coefficient, defined as the minimum number of entities needed to control 50% of a network’s resources. Ethereum’s coefficient is 6. In telecommunications, a market where six entities control half the infrastructure would be examined under antitrust frameworks designed to prevent monopolistic concentration. In blockchain, a coefficient of 6 is reported as a measure of decentralization, because the comparison is to centralized systems where the number is 1. The metric the industry invented to measure its decentralization documents its concentration. Whether this is read as progress or as consolidation depends entirely on the baseline one chooses.

Carl Schmitt, in Political Theology (1922), defined sovereignty with a single diagnostic: "Sovereign is he who decides on the exception." In any legal order, the sovereign is the entity that determines when normal rules are suspended and what action is taken instead. The definition does not depend on titles or constitutions. It depends on behaviour under stress. To find the sovereign, find who decides when the rules do not apply.

Blockchain claims to have no sovereign. The rules are encoded in the protocol. No single party can alter them unilaterally. The code is law.

The historical record contains three tests of this claim.

In June 2016, a vulnerability in The DAO smart contract was exploited for US$70 million. The Ethereum community faced a choice: honour the "immutable" ledger, or reverse the transactions through a hard fork that would violate the principle of immutability the system was built to guarantee. The fork was executed on July 20, 2016. 85% of miners followed. Vitalik Buterin stated that "the community was able to come together so smoothly to implement this." The code was law until the code produced an outcome that the informal sovereign found unacceptable. At that point, a human decided the exception, and the "immutable" ledger was mutated.

In 2022 and 2023, the Solana network halted multiple times. Restart decisions were coordinated by the foundation and core development team. Validators described the process as "very chaotic" with "emoji-based voting." The post-mortem recommended "reducing dependence on core dev team and foundation for future decisions," an acknowledgment, in the aftermath of the exception, of who had decided it.

In August 2022, the US Treasury’s OFAC sanctioned Tornado Cash. Within weeks, up to 80% of Ethereum blocks were censoring transactions associated with the sanctioned addresses. No governance vote authorized this. No protocol change mandated it. Validators and block builders unilaterally decided which transactions to include based on the guidance of a single government’s sanctions regime. By May 2023, compliance had declined to approximately 27% as non-censoring relays gained adoption, but the episode demonstrated the structural reality: the "permissionless" network had decided, without formal process, to exclude certain participants, and then decided, without formal process, to partially reverse that decision.

Each exception reveals the same structure. The sovereign is not a named authority operating under constitutional constraints. It is an informal coalition: core developers, foundation officers, major staking pool operators, dominant block builders. They coordinate through Discord channels, video calls, and unilateral compliance decisions. They are not elected. They do not publish reasoning. They are not subject to judicial review.

The tokens that govern these networks are distributed before most participants arrive.

The pattern generalizes. Team allocations rose from approximately 5% of total supply in 2013 to around 20% by 2021. Combined with private investor allocations (typically 15-20%) and foundation reserves (7-12%), insiders routinely control 35-40% of a token’s supply before any public participation begins. The governance tokens that determine the protocol’s future are pre-distributed to the entities that designed the protocol and funded its development.

A 2025 academic study of Uniswap governance found that entities affiliated with the lead venture capital investor receive disproportionate vote delegations, suggesting what the researchers describe as potential "window-dressing around" decentralization. In 2023, a16z used its 15 million UNI tokens to advocate for a bridge provider that was also in its portfolio. The community voted 66% for the alternative. The protocol’s fee switch, which would distribute revenue to token holders, has been deferred indefinitely at the objection of the largest holders. Courts have begun to examine whether major institutional investors in DAOs can be held liable as general partners, an implicit legal recognition that these "decentralized" organizations have identifiable controllers.

Marc Andreessen, co-founder of a16z (managing US$7.6 billion in crypto investments), now serves as an unofficial advisor to the Department of Government Efficiency, spending approximately half his time at Mar-a-Lago. He donated US$2.5 million to a pro-Trump PAC. Two former a16z partners hold government positions: one as senior policy advisor for AI, another as Director of the Office of Personnel Management. The Revolving Door Project documents that a16z’s cryptocurrency portfolio includes projects facing DOJ indictments, SEC investigations, and class-action lawsuits.

The firm that holds governance tokens in the protocols now influences the regulatory framework those protocols operate under. In securities law, the classification of a digital asset depends significantly on whether it is "sufficiently decentralized." This creates a structural incentive: the claim of decentralization provides regulatory benefit (exemption from securities classification) while the practice of centralization provides operational benefit (efficiency, control, directed development). The academic literature describes this as "the decentralization paradox." The word "decentralized" in a whitepaper functions not only as a technical description but as a regulatory position. And the regulatory framework that evaluates that position is increasingly shaped by the interests that benefit from the classification.

Every information technology of the past century has followed Wu’s cycle from open to closed. What blockchain introduces is not an exception to the cycle but a new variable: a narrative that disarms the institutional response.

When AT&T consolidated the telephone system, the consolidation was visible, and the visibility eventually produced a regulatory response (the 1984 breakup). When the platform economy concentrated the web, the concentration was visible, and while the regulatory response has been slow and inadequate, it exists (antitrust investigations, the Digital Markets Act, platform governance legislation). Visibility is what triggers institutional accountability.

The decentralization narrative removes the visibility. A system that presents as distributed does not trigger the institutional responses designed for concentrated systems, even when its actual structure is concentrated. The narrative does not prevent the cycle. It prevents the response to the cycle.

Moxie Marlinspike observed in 2022 that people do not want to run their own servers and that protocols evolve more slowly than platforms. These structural properties push toward centralization regardless of intent. But "regardless of intent" does not mean "regardless of design."

The token allocations that concentrate governance power are not evolutionary outcomes. They are term sheets, negotiated in private between founding teams and venture investors, months or years before the public sees the project. The infrastructure dependencies on AWS and Infura are not gravitational. They are defaults chosen for the convenience of builders, not the resilience of the network. The regulatory framework that rewards the claim of decentralization is not settled law. It is a policy environment shaped, as the revolving door between a16z and the White House demonstrates, by the same firms that profit from the classification it produces.

The narrative that frames all of this as organic is itself manufactured. Research demonstrates that crypto investors are more susceptible to hype than participants in traditional markets, and that digital hype functions as a "cheap talk signal" enabling inferior projects to outcompete superior ones through narrative alone. Studies of ICOs find that institutionally backed ventures exhibit weaker operating performance but stronger post-launch financial performance: the institution lends credibility, the credibility attracts retail capital, and the institution exits at multiples while the project’s operational weakness becomes apparent. The researchers call this "certification exploitation." The narrative is not a description of the project. It is the mechanism by which capital is extracted from those who believe the description.

Over 14,000 of 24,000 cryptocurrencies ever listed have died. 70% of projects launched during the 2020-2021 bull run have shut down. The average lifespan of a cryptocurrency project is approximately three years. The narratives that funded them, "decentralization," "trustlessness," "community governance," persist across cycles, attaching to new projects after old ones fail, because the narratives are more durable than the projects. The narrative is the product. The project is the vehicle.

Evgeny Morozov, in To Save Everything, Click Here (2013), identified the error he called "solutionism": the belief that political problems yield to technical interventions. Concentrated institutional power is not a problem of database architecture. It is a problem of incentive, resources, and institutional position. A new architecture does not alter these dynamics. It enters them. And when a new architecture is accompanied by a narrative that exempts it from the frameworks societies built to govern concentrated power, the result is not a solution but a more favourable environment for the same consolidation.

The possibility of trustless systems is real. The cryptography permits it. The question the evidence raises is not about the technology. It is about whether the entities building, funding, and governing these systems have an interest in realizing the possibility, or whether the value of the narrative lies precisely in its non-realization: a promise that generates regulatory exemption, attracts pension capital, and restructures the landscape of core services, while the infrastructure that emerges replicates the concentration of the systems it claims to supersede.

This is not an allegation of coordination. It is an observation about convergence. Each actor, at each layer, pursues the option most efficient for them: the cheapest cloud provider, the most convenient middleware, the highest-yield staking pool, the governance structure that gives the largest holders the most control, the regulatory environment that imposes the fewest constraints, the narrative that raises the most capital. The convergence does not require a plan. It requires only that the incentives at every layer point in the same direction. They do.

Wu’s cycle has a new feature. The consolidation occurs at the same speed as before, or faster, because the capital and institutional machinery are already assembled from the previous cycle. But the response to the consolidation is slower, because the narrative says there is nothing to respond to. The system is decentralized. The system is trustless. The retirement savings of public school teachers are invested in it.

The risk is not that blockchains are centralized. Centralized services function. The risk is specific, and it does not yet have a widely used name: infrastructure that operates as concentrated but is regulated as distributed.

A century of governance, antitrust law, telecommunications regulation, and financial oversight was built to address concentrated power over essential services. These frameworks are imperfect and frequently captured by the interests they regulate. But they exist because societies learned, through repeated failure, that concentrated control over critical infrastructure requires external accountability.

If blockchain infrastructure captures meaningful capacity in a core service while operating under the exemptions that the decentralization narrative provides, and that infrastructure is controlled by a small number of entities, as every major network currently is, the dependency is worse than the one it claims to replace. It is concentrated power without the institutional checks that govern equivalent concentrations in other industries. The checks were imperfect. Their absence is not an improvement.

Stablecoin infrastructure already settles US$45 billion daily. DeFi protocols govern tens of billions in locked value through governance systems where a single firm can hold 15 million voting tokens. Ethereum’s access layer has already demonstrated the ability to block users by region through a configuration error at one company. Validators have already demonstrated the willingness to censor transactions at the direction of a single government’s sanctions office, without governance authorization.

The question is not whether trustless systems are possible. They are. The question is whether the distance between the possibility and the implementation is closing or widening, and what it means that the narrative of trustlessness persists regardless of which direction the distance moves.