Author
Garand Tyson
Publishing date
Who Really Controls Your Blockchain?
Crypto runs on slogans. “More validators means more decentralization! Open and permissionless! Trustless by design!” They’re catchy, but mostly false. What actually matters is who holds the power within networks and who has the ability to revoke that power if abused. With that lens, let’s debunk the biggest blockchain myths by examining how consensus actually allocates and reassigns power.
Consensus isn’t a democracy where each validator gets one vote. If it were, a single attacker could spin up a million fake nodes and “win” by sheer volume (a Sybil attack). To prevent this, networks must assign voting power selectively.
In proof-of-stake (PoS), that “selective” rule is simple: money talks. Validators lock up collateral (“stake”), and voting power is proportional to stake. Misbehave and you risk losing your bond (“slashing”). In practice, it isn’t one-validator-one-vote, but one-token-one-vote.
As an example, suppose a network has $100 staked. To add a block, you need a supermajority (~⅔ of stake, or ~$66). If one validator controls $70 of stake, that single validator has enough weight to push blocks through, even if a thousand tiny validators vote no. Outcomes depend on who holds the stake, not the number of nodes in the network.
That’s why major PoS chains end up with an effective tier-1 (the small set of operators whose stake gives them decisive voting power and block share). You can see this on Ethereum and Solana today: plenty of validators at the edges, but leader slots and governance cluster around just a few incumbents (large pools, exchanges, custodians, and early whales). When only a few of these incumbents align, their stake alone makes decisions for the network. The public sees “hundreds of thousands of validators.” The protocol sees a handful of entities with supermajority weight.
PoS is a plutocracy. Decentralization isn’t about validator count. It’s about who has the money.
“Anyone can join” is not the same as “anyone matters.” If power in PoS comes from stake, then power is expensive. To be a meaningful validator with regular block proposals and a real say, you need a percent-level share of total stake. On a major chain, that’s billions of dollars in volatile assets, before market impact.
Here’s the catch: incumbents already hold the supply. To join tier-1, you must buy your stake from the very incumbents whose influence you’re trying to counter. They can front-run your accumulation, jack up prices as you buy, or simply refuse to sell. The door might technically be open, but the cover charge is measured in billions, and the bouncer might not let you in at all. In practice, PoS “permissionless” participation collapses into capital-gating: serious new entrants are priced out before they start, and the anonymous tier-1 hardens. PoS is only as open as incumbents are willing to sell.
Staking pools promised to fix incumbency: many small token holders delegate to a professional operator that runs validators and stakes those tokens on their behalf, “crowdsourcing” stake to match tier-1. In theory, this gives the common people the ability to unite and become players themselves.
However, delegation only moves the needle if pooled stake can outvote incumbents, and that requires incumbents to sell down. They rarely do. Rewards compound to the biggest operators, delegation is sticky, and pools themselves are highly concentrated (on Ethereum, the Lido pool dominates over 85% of the liquid staking market). This concentration kills “choice”: most delegators are passive while the pool operator, not the crowd, sets software, relays, MEV posture, and fees. Switching has friction, big-brand integrations steer stake to incumbents, and large operators benefit from economies of scale that make them both cheaper and more reliable. “Vote with your stake” sounds nice, but if you disagree with the dominant pool (or the pool’s DAO), there’s often no other credible tier-1 alternative at comparative reliability or profitability. Staking pools don’t democratize PoS, they repackage incumbency.
True Decentralization: Stellar Consensus Protocol
The Stellar network doesn’t use PoS or proof-of-work (PoW), but uses the Stellar Consensus Protocol (SCP), also referred to as Proof-of-Agreement. Instead of letting coins buy votes, SCP builds consensus through explicit, reconfigurable trust.
The key difference between PoS and SCP:
Both PoS and SCP end up with a tier-1, i.e., the group of validators with the most voting power. However, with SCP, tier-1 is community-chosen, transparent, public, and revocable without a fork if behavior slips, including Fortune 500 companies like Franklin Templeton to blockchain startups like Blockdaemon. Meanwhile, in PoS, power accrues to stake-weighted, often pseudonymous addresses that can outvote the rest. Breaking in means buying billions from the incumbents you’d displace.
PoS is top-down: the biggest stakers set the rules, and ousting them requires them to sell. Their coin weight sets block policy and upgrade velocity. Slashing only targets provable violations (like double-signing), while the everyday abuses that matter, chronic downtime, soft censorship, MEV extraction, and validator-driven fee escalation, are typically not slashable and persist.
SCP is bottom-up: validators grant power, revoking it requires no permission. Tier-1 validators only exist because many other validators choose to trust them. If a tier 1 validator misbehaves, or even just diverges on policy, validators can reassign trust and converge on a new tier-1, no fork and no buy-in required. Power is granted by the community and revocable on behavior, not owned by a wallet balance.
Here’s a hot take: “trustless” is just marketing. Every consensus system runs on trust. The only question is who defines it and how it can be revoked.
In PoS, staked capital == trust. Whoever has staked the most has the most to lose, so they are deemed the most trustworthy. Even proof-of-work has a definition of trust. Whoever has burned the most money on compute is the most trustworthy, since they’ve sunk money in the form of hash rate into the protocol.
Unlike PoS and PoW, where the network defines trust, in SCP each validator chooses their own definition of “trust” and how they allocate that trust. A validator might trust someone because they are an avid builder in the community, a Fortune 500 company, or because they flipped a coin. The network doesn’t decide, individual operators do. At any point, a validator can revoke trust without a hard fork and without consulting anyone else on the network. The most trusted nodes on the network aren’t anonymous hash farms or whale accounts, they are transparent and known operators, held accountable by the network. The Stellar network isn’t “less decentralized” because trust is explicit; it’s more decentralized because trust is reconfigurable. PoS and PoW just hide their trust behind capital and compute requirements. SCP lets the community redefine trust at any time, by reliability, jurisdiction, compliance posture, uptime standards, or whatever matters for the network’s health.
As blockchains move into the mainstream with payments, settlements, and real-world assets, the question isn’t how many validators a network has or how much REV it’s extracting. It’s who is protecting the network today, what incentives drive them, and how fast they can be removed when they fail the public. Who decides which transactions get included? Who profits from ordering? If they censor, extract, or simply go dark, can you replace them without buying your way in or splitting the chain?
When power is pegged to stake or hashrate, it concentrates and resists correction. Removing a bad actor becomes a negotiation via capital, politics, or a messy social fork, rather than an operational control that individual validators can exercise. By contrast, a trust model that is explicit and revocable keeps power visible and movable, exactly what real-world operators need when customers, regulators, and markets are on the other end of the wire.
On the Stellar network, we know exactly who secures the ledger, and we can hold them accountable and replace them without a fork. The real question is: who is securing yours? If you can’t name them, or can’t remove them when they fail, you’re not buying security. You’re buying a story.