Does decentralization and security really exist? – report

Since its birth in 2009, BTC’s success has been built on two core promises: decentralization and absolute security. The world’s first and most powerful cryptocurrency is being hailed by its proponents as a digital, independent and fair monetary system, a response to centralized Wall Street’s hegemony and an alternative to national currencies like the US dollar. Open to everyone with Internet access, decentralized and seamlessly secured across thousands of networks, without a central ruler. This is the myth of BTC. One of the top blockchain security firms is now shaking up this alluring narrative.

Decentralization and security report

“Are blockchains decentralized?” is the name of the 26-page report by the experts at Trail of Bits. Founded in 2013, the firm secures some of the largest crypto projects, including ETH, Polygon, Polkadot, and Chainlink. She advises Web2 giants like Microsoft, Google and Zoom. She prepared the study on behalf of DARPA, the US Pentagon’s Department of Research, known among other things for the invention of the Internet.

The conclusion of the report on BTC? Sobering. The usual defenders of BTC in space (Anthony Pompliano, Michael Saylor, Jack Dorsey and Co.) have so far kept a low profile. Here are the most important results.

BTC and Co. are at risk.

• 1. With the so-called Proof-of-Work consensus algorithm, miners keep the BTC network alive. They generate new blocks, guarantee the authenticity of the database and the security of the system. According to Trail of Bits, 51 percent of this activity comes from four of the largest mining collectives. That means 0.004 percent of the miners control more than half of the hash rate, the computing power of the network.
• 2. 60 percent of BTC’s traffic is routed through just three ISPs, each of which is highly centralized and error-prone, including Amazon Web Services. They could also simply deny access to the individual nodes in the network (nodes) or throttle their speed if they wanted to.
• 3. Nearly 55 percent of BTC nodes also run on a dark web browser, Tor. A failure or attack on this ecosystem could also have far-reaching consequences for BTC. For example, Tor was attacked last year by a Russian hacker who briefly took over 40 percent of the network’s nodes.
• 4. 85 percent of the amount of BTC in circulation is concentrated in less than 5 percent of holders.
• 5. The world’s leading mining pool ViaBTC uses password 123 for its accounts, according to Trail of Bits. The mining organization Pooling does not verify login credentials at all. Slushpool even instructs its users to ignore the password field. These three miner collectives account for about 25 percent of the total BTC hash rate.
• 21 percent of BTC nodes are still running on old software that has been known for its security vulnerabilities since June 2021.

In the past, studies have repeatedly found that certain areas in the blockchain are not as decentralized as they are marketed to be. Chainalysis came to the conclusion that around one percent of the members in decentralized organizations have around 90 percent of the voting rights.

In the field of NFTs, according to another study by Chainalysis, around 80 percent of digital artworks are owned by ten percent of people, at least on the ETH blockchain.