Read Our New Project Report About Bitcoin (BTC) - The World's Largest Cryptocurrency
Go

Decentralisation, governance and EOS - a lost case?

Assessing the governance of EOS against the benefits of decentralisation, such as collusion resistance.
Binance Research (Jonas)
  • Owing to its high market cap, EOS, a delegated Proof of Stake consensus network, has oftentimes been picked out and labeled as a victim of its governance, where the largest EOS holders further consolidate their position and hold all the power.
  • The notion of how decentralised the governance of EOS may indeed be, is best assessed by looking at proxies thereof.
  • The assessment is conducted in a three-fold manner, by looking at the performance of EOS in regards to Collusion Resistance, Fault Tolerance and Attack Resistance.
  • In regards to collusion resistance, the insights are:
    • The governance of EOS lacks mechanisms to avoid or structure the process of vote trading.
    • The incentive structure of EOS reinforces consolidation, by promoting vote trading and selfish acts.
    • Individual parties, such as proxies or block.one, have the influence to drastically change votes.
  • In regards to fault tolerance:
    • Operational metrics that measure reliability and capability to react, show that ⅔ of the exchanges operating as block producers (BP), had the worst performance among the 21 BPs.
    • There were furthermore two incidents where failures occurred.
  • In general, EOS problems seem to be enabled and aggravated by a number of issues such as low voter turnouts, little resistance to Sybil attacks, and coherently little transparency, the 1-token-30-votes system, as well as the changed block rewards.
  • Lastly, in regards to attack resistance, it appears as if there were two clusters of block producers, evidently displayed in correlations between voting patterns and regional distribution.

“If the potential of a startup is proportionate to the size times the incompetence of its competitors, the most promising startup of all would be one that competed with national governments. It's not impossible; this is what cryptocurrencies do.”

Paul Graham, Y-combinator

It is what cryptocurrencies do, or at least aspire to do. There are various different approaches on how to coordinate and agree on the network status. For this reason, the governance of EOS will be singled out in the scope of this case study.

After a brief general introduction to EOS, the concept of decentralisation is introduced and subsequently tested against the governance of EOS.

1. Description of EOS and its governance

1.1 Description of EOS

Block.one raised more than USD 4.1 bn in a year-long ICO that ended in July 2017. This constitutes the largest ICO recorded, exceeding the second largest ICO of 2017 (i.e., Filecoin with $257mn) by almost 16 times and the second-largest ICO across all time by 2.5 times1. Subsequently, Block.one’s product, EOS.io, officially launched on mainnet on the 1st of June, 2018.

EOS is a third-generation blockchain - for more information on the applied methodology, refer to chapter 2.1 of the report on the Telegram Open Network - and was quick to gain traction after the launch. The latter is also displayed in Chart 1, which shows the development of the USD denominated EOS closing price from the 1st June 2017 to the 10st of February 2020.

Chart 1 - Historical EOS closing price (in USD) from July 1st 2017 to February 10th 2020

eosprice

Sources: CoinMarketCap, Binance Research

Not only the price but also the ecosystem of EOS was quick to grow. EOS now constitutes one of the most popular blockchains for dApp development. As of writing2, data from Dapp.Review suggests that 676 dApps chose to build on EOS, a figure that is only exceeded by Tron (693 dApps) and Ethereum (2,195).

These EOS dApps are also being used. In fact, their activity is far exceeding the activity of dApps on Tron or Ethereum. As of writing, Dapp.Review recorded almost 99% (or ~32mn txs) of all transactions that involve a smart contract of a dApp on EOS. The amount of respective transactions is one factor of magnitude higher than for dApps on Tron (~330k txs) which is still more than double the amount of dApp txs on Ethereum (~150k txs).

This insight is even more surprising when including the number of users per chain. While EOS had almost 85k users three months ago (30/10/2019),EOS now has the least amount of users (~10k users) among the three compared blockchains3. Ethereum is clearly leading with the largest user base (~50k users), which is more than double the amount of Tron’s users (~24k users).

This proxy measurement for activity - transactions involving dApp smart contracts - can be interpreted in several ways and may give insights in regards to:

  • dApp complexity, as more complex dApps might leverage multiple smart contracts.
  • dApp types like games, for example, are likely to require more frequent user interactions.

Most relevant to the interpretation of this metric is, however, the underlying technical infrastructure. Unlike Ethereum, which (still) uses a Proof of Work consensus mechanism, EOS uses a delegated Proof of Stake consensus (dPoS) mechanism. While dPoS enables higher network throughput, it comes at the cost of decreased decentralisation, as it is based on the “institutional reputation” of a small set of actors.

The EOS infrastructure uses a set of 21 delegates, also referred to as supernodes, that may vote on new blocks in a round-robin model. These delegates are elected by EOS token owners out of a larger set of candidate block producers. Since block producers get rewarded per block validation, they have an incentive to get elected as a block producer, which puts them in direct competition for votes with each other. The block rewards are paid from annual token inflation.

EOS token owners execute their vote for a certain block producer by staking their tokens for them for a period of 3 days. Votes “decay” over time and are void after two years. For votes to maintain a high vote strength, it is required to resubmit votes on a weekly basis. While token ownership and voting power generally increase linearly, at a one to one ratio, it is possible to vote for up to 30 block producers simultaneously. Effectively, this means that 1 token may equal to 30 votes.

Besides voting rights, token owners get usually compensated with a pro-rata share of the block rewards their block producer reaps and may similarly claim network resources such as RAM, CPU, and bandwidth (in jargon “NET”).

To avoid an inefficient resource allocation from inactive - “hodling” - token owners that are not utilizing their allocated resources, additional market-driven allocation mechanisms have been introduced4.

1.2 Is EOS (too) centralised?

Even though this particular problem of optimizing the resource utilisation of the EOS network was overcome easily by stakeholder-driven innovation, other problems have turned out to be more persistent. In particular, one concern has consistently accompanied EOS from the initial ICO to the current state - the fear that EOS may be too centralised, as “too few people own too many tokens” (WeissCrypto, 2019).

Generally speaking, all blockchains have been touted (Hacker et al. 2019) to be:

“prone to patterns of re-centralisation: they are informally dominated by coalitions of powerful players within the cryptocurrency ecosystem who may violate basic rules of the blockchain community without accountability or sanction”.

To answer the question of EOS potentially being too centralised, one must start by defining the opaque concept of centralisation.

1.3 Measuring decentralisation

The definition and measurement of “centralisation” have long garnered a lot of interest. Especially in the early years of Bitcoin and crypto-asset adoption, being “decentralised” has been a guiding goalpost.

Buterin’s blog posts [1, 2, 3] in 2017 kickstarted a discussion that was coined by a less dogmatic and increasingly pragmatic stance towards the purpose and benefits of decentralisation. Until then, the goal of being decentralised was considered an irrefutable necessity. A notion that is furthermore well represented in early debates about the Bitcoin block size - for more information on this refer, for example, to this medium article. The majority of the discourse was not framed within a “value from decentralisation” or cost-benefit perspective but was categorically ideological5.

Buterin’s efforts reinforced previously existing research efforts, such as the popular position paper “On Scaling decentralised Blockchains” (2016), that attempted to rethink the design of blockchains by splitting them into the parts network, consensus, storage, view, and side planes.

This general idea of having identifiable subcomponents of blockchains was adopted and enriched by transferring the Gini coefficient concept onto it. The Gini coefficient is the most common measurement of inequality, but is based on several conditions that drastically reduce its value in this context6.

Srinivasan (2017) subsequently popularized the Minimum Nakamoto Coefficient that measures the Gini coefficient of subsystems to ultimately derive a total score on the equality of token ownership of a chosen crypto-asset. This concept experienced wide popularity and was implemented in a public Python library and further developed in the Minimum Nakamoto Coefficient “2.0”.

However, any attempt to quantify the level of centralisation of a blockchain has rightfully been criticized as being flawed. “Proposals such as the Minimum Nakamoto Coefficient try to quantify exactly this, but run the risk of providing an illusion of measurability” (Walch, 2019). Instead of thus entertaining the vain effort of applying one of these well-intentioned frameworks onto EOS, EOS governance is best assessed by looking at proxies thereof. A proxy measurement can be understood as an indirect measurement of the subject of interest.

2. Current status of EOS governance

2.1 General introduction

To reiterate on the core principles of EOS governance: 21 block producers (BPs) are elected by EOS token holders from a broader set of block producer candidates. These BPs follow and sign (in every transaction) a Ricardian constitution that now “acts as a peer-to-peer end-user license agreement”. In practice, however, EOS governance was already undergoing drastic changes.

The first (interim) constitution of EOS was published in May 2018. The constitution was enforced by the EOS Core Arbitration Forum (ECAF), which also served to settle disputes among EOS token owners. While the ECAF and its “analogue” approach of requesting BPs to sign and follow endorsements attracted some criticism, its purpose was to balance the influence of BPs. This is something that was deemed necessary, shown, for example, in circumstantial evidence that points to EOS users perceiving block producers as too powerful (c.f. Reddit, 2019). As one user put it, “block producers control all decisions made on EOS, from validating blocks to seizing funds from under your private key.”

Nonetheless, the BP EOS New York spurred previous efforts to discontinue the ECAF by publicly declaring not to follow ECAF decisions any longer. This followed two questionable incidents, where (1) ECAF first ruled to freeze 27 accounts without providing any reasoning (Coindesk, 2018) and (2) a popular, but fake ECAF ruling demanding the reversal of an EOS transaction (c.f. Hoskinson, 2018), but nonetheless represented a clear divergence from previously agreed-upon code of conduct.

The next development of EOS governance was coined by not only abandoning ECAF but also replacing the constitution with an EOS User Agreement (EUA). Effectively, this means that at this point, all original guidelines of the governance of EOS have been substituted. The process of replacing the constitution was - once again - fairly chaotic. The original proposal to replace the Interim Constitution with the EUA required a voter participation rate of 15%. However, it ended with a voter turnout of merely 2%. Nonetheless, EOS New York suggested to go ahead anyhow and received support by 15 out of the 21 BPs. Ever since, 21 elected BPs and the EUA are at the core of EOS governance. Some additional governance tools have recently been implemented, such as the EOS Enhancement Proposal and the BP System Upgrade Proposal, which have, however, a merely supportive function.

With a better understanding of the current and former fundamentals of EOS governance, it is possible to move to the practical implementation thereof. The chosen way of doing this is to assess the supposedly greatest fear of EOS being “too centralised” in its governance. This will be done by testing EOS against the three main goals of decentralisation (Buterin, 2017): (1) collusion resistance, (2) fault tolerance, and (3) attack resistance.

(1) Collusion resistance describes the ease of system participants to organize in ways that benefit them at the expense of others. Arguably, it is thus the most relevant metric against which to assess EOS’ governance.

A paper published by Whiteblock (2019) found that block producers have formalized incentives to collude. These incentives are originating in the substantial revenue from validating blocks and are only possible because of the following factors:

  • Block rewards from inflation: originally an annual inflation of 5% was split to fund a community pool (4%) and to fund block rewards (1%). It was, however, decided to discontinue the community pool and reduce the inflation to 1% to completely funnel it toward block producer and standby block producer spots. This further consolidated control of BPs, as it effectively increases their revenue.
  • 1 token - 30 votes: the ability to vote for 30 block producers with a single token facilitates vote trading and vote sharing incentives for the largest BPs. Effectively, the largest BPs may build a moat of votes by coordinating in networks of up to 30, respectively 21 parties.
  • Vulnerable to Sybil attacks: the current economic incentives and voting structure are very susceptible to Sybil attacks. A single actor may register multiple block producer accounts and multiply their voting weight at a negligible cost. Simultaneously, having multiple BP entities allows to allocate more block rewards to voters, increasing the competitiveness of the underlying actor (i.e., the mining pool).
  • The role of proxies further aggravates the threat by Sybil attacks: a proxy is entrusted to vote for BPs on behalf of EOS token holders. Proxies are usually led by community contributors that are deeply entrenched within the ecosystem. Allegedly, several proxies have been contacted by BPs to continue acting as a front-facing intermediary, but let the BP gain control over the votes in exchange for a monetary reward (see @ColinTCrypto).
  • Low voter turnouts: similar to other systems requiring network user participation, voting turnouts in EOS are generally low. This makes it easier for large individual players to coordinate and dominate votes as their relative control over “active tokens” is higher than their control over all tokens.
  • Tokens stored on exchanges: lastly, several custodial exchanges can vote with entrusted tokens, which also leads to a significant consolidation of voting rights.

Within this setting, an economically rational agent must collude with others in order to maintain and maximize their profit (c.f. Whiteblock, 2019). This situation is further aggravated by an open, unregulated market for votes.

Generally speaking, the process of vote-buying is not inherently bad as any purchase can only be done if the buying party values a vote more than the selling party and thus has a stronger interest in expressing a position that is subjectively perceived as more relevant.

However, it may lead to an aristocracy, as rich individuals are in a “virtuous circle” where they can amass an increasing amount of votes, as they earn income from using them. Coherently, the 21 BPs earn almost seven times as much as other high placed BP candidates (avg. daily reward 978 EOS for the 21 BP vs. 142 EOS for BP 31 to 51). Posner and Weyl (2018) further assess the subject of vote buying in a book titled “Radical Markets” and suggest that votes should be subject to a cost-function, where votes may indeed be tradeable and purchasable, but using or purchasing them is coupled to a decreasing utility.

In EOS, however, any such cost-function is absent. The market for votes is furthermore very intransparent and structured via a lot of informal “quid pro quo” of BPs. It is nonetheless possible to conduct a basic assessment of voting patterns, which reveals the following picture.

2.2 Voting patterns

Out of the original 21 block producers, only five of them are still producing blocks at all. One of the remaining BPs completely unregistered as a BP and stepped away from EOS, while the rest are in standby and not part of the top 21. This is indicative of the significant changes in EOS governance participants. Chart 2, for example, shows the distribution of all casted votes for BPs (as of 07/02/2020).

Chart 2 - Distribution of EOS votes BPs as of February 12th 2020

voterdistribution

Sources: EOSAuthority, Binance Research

The most apparent insight from this chart is that the largest 164 voters have 72% of the weight in regards to casted votes. Additionally, a large number of voters (~480k) have less than one EOS staked and, therefore, very little impact. This preliminary insight indicatively displays the large influence of the largest EOS holders.

Chart 3 - Voting pattern of EOS whales against all EOS accounts

whalesvsrest

Sources: CoinMarketCap, Binance Research

Out of these 164 whales, 84% (123) voted simultaneously for 30 BPs - a figure that is considerably higher than the 52% (38,858) of all accounts that chose 30 BPs. One way to interpret this figure is that large EOS holders could simply be more attractive targets for vote trading schemes. A second notable voting pattern is to vote for ~20 block producers. The votes around 20 BPs are also likely to originate from collusion and vote trading. The last insight is that many - presumably smaller - voters only voted for one BP.

When it comes to BPs, themselves, the following BPs are currently producing blocks.

Chart 4 - The 21 block producers with the most received votes

blockproducers

Sources: CoinMarketCap, Binance Research

Chart 4 shows, for example, that the founding BP EOSHuobiPool has the largest amount of votes with 336mn votes. In comparison, the largest proxy, “colintcrypto” controls roughly 10mn EOS, with the largest 21 proxies controlling over 94mn votes. Other than BPs, the overarching idea behind proxies is similar to representative democracies, where voters may decide to elect chosen individuals to act on their behalf.

Even though this ignores the fact that at least three of these proxies, “bitfinexvp13, bitfinexvp21 and bitfinexvp33”, are, for example, controlled by Bitfinex, it shows that proxies have considerable influence. This is especially clear when considering that for eosrapidprod to become the largest BP, it would only require 13mn more EOS (~70mn USD). Self-evidently, this analysis is nonetheless overly simplistic.

2.3 Fault tolerance

A theoretical definition of (2) fault tolerance may describe it as the number of failures a system can endure while maintaining its function. Having a high number of separate components, i.e., a high redundancy generally increases fault tolerance. In line with the chosen methodology of observing outcomes, the fault tolerance of EOS can be assessed by looking for metrics or events that describe failures, and the respective outcomes.

There are two prominent examples of BP failures:

(i) One BP failed to update the list of blacklisted accounts. The result of this failure was the loss of USD 7.2mn. Even though these funds were later recovered by Huobi, the EOS blockchain showed no fault tolerance, as the funds were mismanaged and only reappeared because of the actions of an external actor.

(ii) The second example relates to a “bad allocation” error that forced the nodes of several BPs to go offline. These BPs were only temporarily replaced after 30mins, leaving the EOS blockchain exposed by having a reduced amount of BPs.

Besides these two high-profile events, BPs can be assessed on two additional metrics: reliability and capability to react.

The reliability of the 21 block producers (as of 10/02/2020) is displayed in chart 4 via the block and round availability. These metrics describe the amount of produced blocks i.e.,completed rounds divided by the scheduled amount of blocks/rounds.

Blocks may be not produced for various reasons - and failure to do so may not always be the fault of the block producer. Hence, this metric gives a general idea of the availability of BPs, but must be complemented with a metric that keeps BPs more accountable: round availability. A round is a series of 12 blocks, missing 12 blocks in a row is thus likely the fault of the respective BP.

Chart 5 - Historical block and round availability of BPs as of February 10th 2020

availability

Sources: AlohaEOS, Binance Research

The second metric to assess BPs is ‘capability to react’. This ability can be measured as the execution time of custom EOS contracts. On-chain data is gathered by EOS Mechanics via a smart contract calculating Mersenne prime numbers.

Chart 6 - Historical box plot data for BP’s CPU performance as of February 10th 2020 7

capability

Sources: AlohaEOS, Binance Research

Except for Bitfinex, EOS WIKI, and EOSHuobiPool, all 21 BPs have a low and consistent execution time, indicating a sufficient resource allocation to their activities as BPs. While it is interesting that two exchanges are amongst the least performant (i.e., invested?) BPs, all of them performed reasonably well on the metrics of reliability and capability to react.

2.4 Attack resistance

The last assessment of EOS governance targets the (3) attack resistance of EOS. This attack resistance can manifest in various ways such as, for example, censoring attacks. Generally speaking, decentralised systems are supposedly more expensive to attack due to their lack of central points of failure.

However, circumstantial evidence points to significant consolidation of the EOS network. EOS New York, for example, reported that one entity registered six different BPs. Similarly, many BPs are voting for themselves through proxies. Some of these proxies are openly associated to a particular BP - for example, Huobi has 5 proxies with a total of 5mn EOS, BigOne has 15 proxies with a total of 1mn EOS and Bitfinex has 13 proxies with a total of 40mn EOS. Additionally, it appears as BPs may operate up to 50 different covert proxies.

Another attack vector is of geographical nature. One third of all block producers are based in China, and more than half of all block producers are based in Asia. There is thus a strong regional focus, which is similar to the geographical distribution of mining pools (c.f. Wang et al., 2019). Nonetheless, correlation analyses from EOSAuthority suggest that there are two major clusters. One that would be centered around EOSAuthority and another around EOSHuobiPools. This insight mirrors the previously mentioned geographical divide.

Lastly, the issue of attack resistance generally links back to the chapter on voting patterns and in particular vote trading, as well as the influence of large token holders.

3. No immutable problems

EOS has a function called regproducer that is a “mutually agreed-upon guide” to enforce on-chain standards among block producers. One BP submitted a referendum to update this contract and thus raise the bar for BPs. As any change must be implemented with approval from at least 15/21 BPs and this update only received 13 out of 21 votes, it was destined not to get implemented.

However, large proxies may change the ranking of candidate block producers by re-allocating their votes. This is what happened in the previously described case and led to two candidate block producers move up the ranking, become a BP, and thus obtain voting rights.

Subsequently, it can be concluded that BPs may have the sole decision making power, but are nonetheless dependent on votes on becoming and staying a BP.

Large proxies and accounts thus have considerable influence. Similarly, the company launching EOS, block.one, has over 96 million EOS and could theoretically use this anytime to vote and change the order of BPs8. To put this amount into perspective: block.one holds almost ten times as much EOS, as the proxy that moved the ranking of seven BPs and BP candidates. Similarly, the holdings of block.one and the next four largest EOS holders already amount to one quarter of the entire circulating supply.

Another promising approach to improving EOS’ governance could relate to formalizing the process of vote trading. By introducing a formal, transparent mechanism with a cost function for votes, it might be possible to reduce informal coordination by introducing diminishing returns on purchasing EOS votes. This would maintain the ability of large token holders to have more sway, but avoid some “vicious virtuous-cycle” of further EOS consolidation. Alternatively, such cost-function could also be translated on the costs of casting a vote.

Other previously suggested ideas to improve EOS are:

  • Including a random shuffle to choose the 21 BPs out of a set of the 100 largest BP candidates.
  • Introducing a universal inflation based on the amount of staked EOS.
  • Introducing negative votes and/or a voting cap.
  • Introducing a proxy with block.one funds that votes according to community preferences for BPs.
  • Introducing BP diversity guidelines to restrict the amount of regional concentration.

These ideas are described in more detail by EOS Go.

4. Conclusion

“While Web2 was defined by philosophies like ‘Move Fast, Break Things,’ Web3 should be guided by mantras like ‘Do it the Right Way This Time.”

Andrew Keys, DARMA capitalisation

This inspirational appeal of Keys can - more pragamatically - be understood as a basic need to get the fundamental crypto-economics right: as soon as possible and ideally before the inception of a network.

This being said, it remains to be seen if EOS can overcome its very own structural problems. Unfortunately, EOS’s vulnerability to Sybil attacks reduce transparency and thus make it difficult to have definite conclusions in regards to voting patterns of BPs and BP associated proxies.

Two rather unrelated issues that may, however, indirectly aggravate the situation of EOS governance are relating to dApps on EOS. While EOS has manifold documentation for developers, only a few APIs are provided. The costly provision of APIs is completely voluntary and does not constitute any obligation of the BPs. Simultaneously, the amount of EOS dApp users has - lately - strongly declining over the course of the last 6 months. This being said, the upcoming beta launch of “block.one’s Facebook”, Voice, is widely treated as a milestone for general adoption.

While it is generally unclear to what extent collusion among the block producers does occur, circumstantial evidence points to a problematic consolidation of the network that appears to be rooted in the fundamentals behind EOS: a governance with an intransparent, poorly understood voting market, aggravated by the use of a dPoS consensys system with incomplete incentive allocations.

This problem is, however, not restricted to EOS alone, but appears to be an inherent problem of dPoS blockchains and is generally aggravated by custodial ownership of tokens (e.g., via exchanges). As the largest dPoS blockchain, EOS naturally encounters the highest amount of scrutiny and must identify and adopt pioneering solutions.

5. Bibliography

  1. Based on a report by Cointelegraph and data from ICObench.
  2. Seven-day average with data from 05.02.2020 to 11.02.2020. The same methodology is applied for all data from Dapp.Review.
  3. Even though EOS might have the fewest users among these three chains, this number is still well above average and reflects the high market capitalisation of the EOS blockchain.
  4. While RAM was always prized and distributed via a smart contract using the ratio of available RAM to EOS tokens in the contract, CPU and NET have only become tradeable with EOS REX, the EOS Resource Exchange. Before that the only way to optimize resource usage was a surplus allocation, that allowed dApps to exceed their allocated resources and draw from unused resources.
  5. This is based on circumstantial evidence, well represented in several Medium articles, as for example in Song (2018). The concept of decentralisation as a scale was only developed and popularized later on.
  6. The Gini coefficient is indicative of the wealth inequality of a population by measuring the ownership of the - by and large - only value/ means of payment within a population. As crypto-assets do, however, not constitute the only value of owners and the population is difficult or impossible to estimate, the Gini coefficient is a poor measurement of wealth inequality in this context. While it does show the ownership structure of a crypto-asset in a highly accessible manner, few insights can be derived from that.
  7. Data over the last 12 months is considered as of 10/02/2020. Data source: AlohaEOS.
  8. Until now, 13/02/2020, b1 has always abstained from voting.