How to Measure Crypto Decentralization: Reconciling a Legal and Technical Approach

14 April 2023

A crypto network’s decentralization used to be a purely technical concept that refers to the transfer of control from a centralized entity to a distributed network. Decentralization, however, is also of increasing legal importance. Securities regulations across the globe often exempt crypto networks from their compliance obligations to various extents, if networks can prove a sufficient degree of decentralization. As an example, the EU’s Markets in Crypto-Assets Regulation exempts crypto networks “provided in a fully-decentralised manner without any intermediary.” Similarly, William Hinman, former Director of the U.S. Securities and Exchange Commission (SEC), finds it “less meaningful” to apply securities regulations to a sufficiently-decentralized crypto network.

Despite its legal significance, no regulation has clearly defined what decentralization means. After surveying both computer science and legal scholarship, this essay observes a distinct divide between how computer scientists measure decentralization and how regulators measure it. Part One of this essay describes the two differing approaches and suggests how the division occurred. Part Two proposes a solution to harmonize the division.

**Legal vs. Technical Approach ** Computer scientists largely measure decentralization from an infrastructure security perspective. Widely-used metrics often quantify how many participants (miners or validators) a blockchain has to maintain its network integrity, and whether participants’ powers are equally dispersed to provide checks-and-balances. For example, the Nakamoto coefficient computes how easy it is to gather over 51% of the mining power that can gain control of a blockchain. The Gini coefficient measures the extent of power inequality among miners or validators.,

Regulators, however, prefer to measure decentralization through a market-power perspective. A lack of decentralization is often indicated by a crypto network’s ability to manipulate market valuations, regardless of how many miners or validators the network has to ensure its infrastructure security. For example, in SEC v. Ripple Labs, the SEC argued that the Ripple network is not decentralized, because its founders Ripple Labs allegedly manipulated the market’s valuation of the network by doing the following: (1) Limiting the number of network tokens resold on market (2) Selling a large number of tokens at a discount (3) Making bulk-purchase agreements to skew tokens’ supply-and-demand. What the SEC left unaddressed is the fact that the Ripple network purportedly has a majority of the independent validators — what computer scientists might consider a sign of decentralization from an infrastructure security angle.

To explain why regulators tend to measure decentralization using market dynamics, we need to look into laws that regulate securities. U.S. securities laws determine whether to subject a crypto network to SEC regulations through what is now known as the four-prong Howey Test, which got its name from the Supreme Court case SEC v. W. J. Howey Co. Under the Howey Test, a crypto network would be subject to SEC regulations, if purchasers of the network’s crypto assets: (1) Invest money (2) In a common enterprise (3) With the expectation of profits (4) Solely or largely derived from the managerial effort of others. Essentially, the Howey Test would consider a crypto network as decentralized if investors can no longer expect any individual entity (or a few entities) to single-handedly increase the market value of the network. If investors can count on one or a few entitles’ effort alone to increase the market’s valuation of the network, then the Howey Test would likely not consider the crypto network as decentralized. Since U.S. regulators need to follow the Howey Test to evaluate crypto networks, they have to look at market dynamics in measuring decentralization.

While Howey doesn’t apply in Europe, EU regulators also tend to measure decentralization via a market approach, since this approach fits decentralization into the European Commission’s larger fight against market monopolization. As an example, the 2022 European Financial Stability and Integration Review highlights concentrated token holdings by a few market players as a key obstacle to achieving full decentralization. While regulators generally favor a market approach, it is hard for blockchain developers to use the same approach to assess if they are operating within the boundaries of the law. Market dynamics are often hard to quantify. It is also impossible to fully eliminate large transactions that would significantly affect market prices. Therefore, it is imperative to find a middle ground that can harmonize the viewpoints between the technical and the legal communities, to which we now turn.

**Harmonizing the Division ** The legal and technical communities have intrinsically different mindsets in measuring new technologies like decentralization. While computer scientists favor quantitative metrics, regulators prefer flexible standards. The rise of Decentralized Autonomous Organizations (DAOs) suggests a middle ground that incorporates both features — decentralized governance.

Decentralized governance means a crypto network’s founders permanently give its user community major decision rights regarding the network’s future. A community vote is thus required on all proposals that would substantially impact the network’s technical development, market valuation, and security practices. Voting results are irreversible and transparent to all parties on the blockchain. Decentralized governance has a potential to satisfy both regulators’ focus on market dynamics and computer scientists’ considerations for infrastructure security. On the market side, regulators can require key players in a crypto network to pre-clear major decisions that would substantially affect the network’s market value by a well-informed community vote. A failure to do so would disqualify the crypto network from regulatory exemptions reserved for truly-decentralized networks. Similarly, decisions affecting a crypto network’s infrastructure and security measures can also be subject to community votes. Computer scientists can further design quantifiable metrics to measure degrees of voting decentralization, bringing certainty to regulatory compliance.

Most importantly, decentralized governance is accumulating support from both the legal and technical communities. Computer science scholarship suggests that decentralized governance often leads to more secure blockchains. Both the SEC and the European Commission also underscore the importance of governance-level decentralization. To ensure that decentralized governance can truly bring the legal and technical communities together, we need to have lawyers and computer scientists work hand-in-hand, developing action guidelines that address both sides’ concerns.