As the world turned its attention to the unfolding coronavirus crisis, one of the most fascinating stories in crypto went mostly overlooked. The hostile takeover of the Steem network, and the ensuing community response, might just be the most interesting example of decentralized governance we've seen since Ethereum's DAO debacle or Bitcoin's block size wars.



The turmoil around Steem has subsided, and the network is now irrevocably split, but the most interesting question remains. Can the community lead hardfork, called Hive, outperform the de-facto centralized platform that Steem has become under the tutelage of Justin Sun? Or will both networks fade into irrelevance after this incident? Only time will tell.



In this edition of Build Blockchain, we'll cover some background on the Steem network, discuss the dramatic story that played out over the last two months, and look at what this incident might show us more broadly about decentralized governance. Buckle up! This is a wild ride.



The Ninja Mine

The Steem network launched in 2016 as a Proof-of-Work blockchain aimed at rewarding content creators. Users can publish blog posts directly to the chain and other users can upvote them. As new Steem is mined in each block, rewards go not just to miners, but also to the users who have created popular content.Steem was announced publicly by Steemit Inc, the company that created and stewarded it until very recently. Though there was no "pre-mine" included in the genesis block, few details on mining were made public. For months after its launch, no one mined any Steem except for Steemit Inc. As a result, the company controlled a huge percentage of the total Steem— upwards of 80% at its peak. The is known as the "ninja mine."Several years ago the network transitioned from Proof-of-Work to Delegated Proof-of-Stake for consensus. Under DPoS, any Steem holder can vote for block producers proportional to their holdings. The 20 entities with the highest vote totals produce almost all the blocks and effectively control the network. Have you noticed the issue here? By ninja mining 80% of all Steem, then transitioning the network to DPoS, Steemit Inc had essentially given themselves the ability to control the network completely. Link Despite this obvious centralizing risk, Steem attracted a fairly large and active userbase across the globe— at least as far as blockchains go. Perhaps driven by the promise of rewards for content creation, or by a relatively straightforward user experience compared to many other networks, Steem grew a vibrant community. Many in that community were critical of Steemit Inc's shepherding of the network, as well as their large ninja-mined share of the tokens.In response to this criticism, the company promised never to use their tokens for staking. To their credit, they never did. Well, at least not while Steemit Inc was an independent company. Which brings us to the next part of the story.

The Sun Sets On Steem

In mid-February, the Tron Foundation announced that it had acquired Steemit Inc. Critically, the Steem currency owned by Steemit Inc was included in the deal.The Tron Foundation develops the Tron blockchain and was founded by Justin Sun. Tron was created by forking the source code of an Ethereum client, and Justin Sun has long positioned it as a so-called Ethereum killer. To date, there has been no significant adoption of Tron, but this has not stopped Sun— a self-styled marketing guru— from raising enormous amounts of money via hype generating stunts.Sun's reputation lead many in the Steem community to react skeptically. Of particular worry was the large amount of Steem now controlled by Sun. Would he break with Steemit Inc's promise and use it to vote for his own block producers? Leaders in the Steem community, including many of the block producers themselves, asked the Tron Foundation to clarify this point, but no response was given. Instead, vague plans for "integrating" Steem into Tron were announced.The block producers then made a controversial decision: they deployed a soft-fork which froze the ninja-mined coins. They promised to unfreeze the tokens if Sun committed to maintaining Steemit's pledge not to stake with them. Unsurprisingly, Sun was not happy about this, but what happened next was nonetheless a shocking turn. Sun convinced the leaders of several large exchanges, including Binance, to use their customer's custodied Steem to vote for his own block producers. Once they controlled the network, they unfroze Tron's funds. Link A centralized exchange using its customer funds to influence consensus on a Proof-of-Stake network would be extremely controversial action even if intentions were benign. Using it to execute the hostile takeover of a network is even worse. What makes this move completely stupefying, though, relates to how Steem staking works. When you use Steem to vote for block producers, it becomes locked for a minimum of two weeks.So not only did these exchanges use customer funds to takeover the Steem network, they also made it impossible for customers to withdraw them for at least two weeks! This is truly hard to believe, even in the wild west that is crypto.Both the Tron Foundation and the exchanges involved received enormous blowback after this move. The exchanges quickly withdrew their votes and apologized, saying that Sun had somehow "tricked" them, a claim that, frankly, beggars belief. Despite this, the Tron Foundation used their unlocked funds to vote for their own block producers. It seemed that Sun had won. Link Following the story as an outsider, I expected it to end here. Sun now controlled the network and would move forward with half-baked plans to integrate it into Tron. This would undoubtedly accelerate Steem's slide into irrelevance. To my surprise, that's not what happened.The Steem community, which as I mentioned before is surprisingly vibrant, rallied. Community members coordinated their voting and made every effort to scour all accounts which held any coins at all, contact their owners, and ask them to vote for community owned block producers. Incredibly, the effort was partially successful. Soon, half of the block producers were from the community. A stalemate had been reached. Link Stuck in this limbo, the Steem community formulated plans for the future. A grassroots effort to hardfork the network soon gained traction. The Steem network would be left to Sun and the Tron foundation, but the network's most valuable asset— its community— would be secede. On March 20th, the Hive network successfully forked from Steem. On the new fork, the ninja-mined coins are not owned by Tron's accounts. Instead, they're available for dispersion by the community to fund development via a DAO-like structure. Link

Lessons Learned

What lessons can be drawn from this riveting crypto drama? Well, as is often the case, there's a real risk of confirmation bias setting in when assessing this situation.If you're someone who is skeptical of DPoS networks— and I count myself in those ranks— then this incident might seem prove their weaknesses. The block producers did collude, after all, and the consensus mechanism showed itself to be fragile and vulnerable to attack.On the other hand, if you're a believer in the underlying promise of Steem's technology, this incident might instead seem to prove to you that the design is sound. After all, the community rallied stake to produce a stalemate with a well capitalized attacker, then executed their right to exit via a hardfork.So, which is it? Honestly, I'm not totally sure, but I'll say this: Hive is much better positioned for success than Steem ever was. It seems to have retained Steem's enthusiastic community, but shed the centralizing force of Steemit Inc and their ninja-mined funds. In that sense, Justin Sun has actually done the community a huge favor.Still, I remain skeptical of DPoS. At the end of the day, it seems highly unlikely to me that 20 nodes controlled by known entities could withstand a full blown attempt at censorship by the likes of, say, a nation state. If it ever lands in the crosshairs of attacker more competent than Justin Sun, would Hive survive? It's unclear. That doesn't mean, though, that the network can't carve out a valuable niche in its own corner of the internet.Stepping back, there's a broader lesson from this incident, one that members of other cryptocurrency communities would be wise to learn. The measure of a network's security isn't whether it has been manipulated or attacked— it's how hard executing such an attack would be for any given entity. This seems obvious, yet it is frequently forgotten.In Steem's case, the community long overlooked an obvious, glaring weakness in the network: Steemit Inc and their ninja-mined stake. This should have been a dealbreaker. Promises from Steemit Inc not to use that stake were always irrelevant. Compromising the network only required compromising that one entity, and Justin Sun realized he could do so by throwing money at the founders. The whole network almost collapsed as a result.Lest you think this lesson somehow doesn't apply to your favorite coin, think again. Virtually all Proof-of-Work mined coins, including Bitcoin and Ethereum, are controlled by a small number of mining pools. Attacking those networks, then, is only as hard as getting 5-7 entities to collude. The fact they haven't yet is irrelevant, as is the fact that their narrow incentive precludes it. When push comes to shove, if compelled by either bribery or threat of violence, there is a high probably they would.The same can be said of Proof-of-Stake networks, including those that haven't launched yet like Ethereum 2.0. Staking pools and services will exist for these networks, as will large quantities of funds held on exchanges. These are inherently centralizing forces, and in the long run, they can and will be used as attack vectors.If we really care about building robust decentralized networks, we shouldn't shy away from these uncomfortable facts or try to sweep them under the rug. Instead, we should acknowledge them and try to mitigate them. The hostile takeover of Steem network was a dramatic reminder of the real nature of decentralized governance: underneath it all, everything ultimately depends on social consensus. We forget this at our own peril.