Ethereal

Star and Ruhleder (1996), in the founding statement of infrastructure studies, identify infrastructure as relational rather than substantial: a given technical system is infrastructure for some communities of practice and not for others, and its status as infrastructure depends on how it is used and by whom. Infrastructure exhibits nine properties: embeddedness (sinking into other structures), transparency (invisible in use), reach or scope beyond any one event, learned as part of membership, links with conventions of practice, embodiment of standards, built on an installed base, becomes visible upon breakdown, and is fixed in modular increments.

Jackson, Edwards, Bowker, and Knobel (2007) extend the infrastructure framework to cyberinfrastructure policy, developing the distinction between routine maintenance work and breakdown-revealing visibility. Their analytical contribution is the specification of how infrastructure’s invisibility in routine operation shapes governance attention: what is not visible is not governed, not because of deliberate concealment but because infrastructural invisibility is a constitutive property of functioning infrastructure.

Plantin, Lagoze, Edwards, and Sandvig (2018) identify the convergence of infrastructure studies and platform studies in analyzing Google and Facebook. Their framework distinguishes infrastructure (connective, standard-enforcing, universal) from platform (modular, programmable, two-sided). Contemporary digital systems combine infrastructural and platform characteristics: they operate with infrastructure’s universality and embeddedness while deploying platforms' modular programmability and two-sided dynamics.

For Ethereum, the infrastructure-studies framework applies at multiple levels. At the hosting layer, cloud providers (AWS, GCP, Azure) function as infrastructure for node operators, with embeddedness (validators running on cloud infrastructure), transparency (invisible until outage), reach (concentrated across a small number of providers), and installed-base effects (migration costs are substantial). At the access layer, RPC providers (Infura, Alchemy, QuickNode) function as infrastructure for wallet users and application teams, with similar infrastructural properties. At the block-construction layer, MEV relays function as infrastructure for validators running MEV-Boost. The infrastructural framing clarifies why these functions are invisible in protocol-native evaluation: they are infrastructure, and infrastructure is invisible in routine operation.

Scott (1998), in Seeing Like a State, develops the concept of legibility: the state’s capacity to "see" populations and activities through standardized measurement regimes that simplify complex local conditions into abstract, countable categories. Legibility enables administrative action (taxation, conscription, service delivery) but imposes epistemic costs: what is legible gets governed, what is illegible does not, and the gap between the two shapes political possibility.

For Ethereum, the legibility framework applies to decentralization measurement. Validator count, client diversity, and geographic distribution are legible: they are counted, published, and discussed. Cloud-hosting concentration, RPC dependence, and staking-institution governance are less legible: they are measured through external dashboards and incident reports rather than through protocol-native metrics, and they receive less continuous governance attention. The legibility gap is not neutral. It shapes which decentralization questions enter governance debate and which remain on the margins.

The Scott framework requires careful application. Scott’s state-legibility argument addresses deliberate administrative simplification; Ethereum’s situation is different, in that the legibility choices emerged from protocol-design commitments rather than from administrative will. Yet the consequences are structurally similar. What is legible gets governed; what is illegible receives sporadic attention when breakdown exposes it.

DeNardis (2012, 2014) develops the infrastructure-based theory of internet governance. Her central claim is that control over technical-operational functions (DNS root management, IP address allocation, internet exchange points, submarine cables, content-delivery networks) produces governance consequences without formal rule-making. Hidden levers of internet control are distinct from formal governance institutions (ICANN, ITU, standards bodies); they operate through the ordinary technical-operational work of maintaining infrastructure, and their governance consequences appear when operational choices shape what can be said, accessed, or done.

For Ethereum, the hidden-levers framework applies to the full path from protocol to participant. Cloud-hosting providers, RPC providers, staking intermediaries, MEV relays, and crisis-coordination coalitions each carry hidden-lever potential: their operational choices shape participation in ways that the protocol’s formal rules do not specify. The hidden-levers analysis clarifies that Ethereum’s governance occurs at multiple layers simultaneously, with the formal protocol governance (EIPs, hard forks, client development) as one layer alongside multiple infrastructure-mediated governance sites.

Daian, Goldfeder, Kell, Li, Zhao, Bentov, Breidenbach, and Juels (2019), in "Flash Boys 2.0," identify miner extractable value (MEV) as a systemic pattern in blockchain consensus: the ability of ordering authorities (miners in proof-of-work, proposers in proof-of-stake) to extract value from transaction sequencing. MEV introduces incentives for frontrunning, sandwich attacks, and other forms of ordering manipulation that undermine fair access to blockchain applications.

Heimbach, Kiffer, Ferreira Torres, and Wattenhofer (2023), in their analysis of Ethereum’s proposer-builder separation, extend the MEV analysis to the post-Merge architecture. Proposer-builder separation (PBS) addresses MEV by separating block proposal (the validator’s formal duty) from block construction (the operational work of assembling a profitable block). In practice, PBS operates through MEV-Boost, a sidecar that queries relays for bids and pays for the winning block. The architectural result is that block construction is externalized from validator operation into a protocol-adjacent market populated by builders, relays, and bid-selection algorithms.

For Ethereum, the MEV/PBS literature supplies the specific analytical apparatus for block-construction analysis. The architecture explicitly externalizes a decisive function (block construction) into a protocol-adjacent market, and the market’s structure (builder concentration, relay policies, bid-selection logic) determines the consequences that validators and downstream participants inherit.

Srinivasan and Lee (2017) developed the Nakamoto coefficient as a threshold measure of decentralization. Kwon et al. (2019) proved that full decentralization is impossible in permissionless blockchain systems under specified conditions. Lee, Nayak, and Kannan (2025) provide a systematization of blockchain decentralization measurement. These works operate at the protocol-native measurement level and address how to count concentration within specified dimensions. The prior art is indispensable but bounded: it addresses decentralization of what the protocol formally specifies, without addressing residual operational authority outside the formal field. The contribution relative to this literature is the systematic extension to protocol-adjacent operators and the participant-relative methodology.

Walch (2019), in "Deconstructing Decentralization," identifies the analytical slippage in crypto-decentralization claims: the term is used to describe formal protocol properties while participants experience concentrated operational authority. Her analysis is complementary to the framework developed here. Walch focuses on the conceptual-normative claim that decentralization language produces false confidence in systems that remain operationally concentrated. This Article’s contribution is the methodological and empirical extension: the participant-relative dependency graph operationalizes Walch’s conceptual analysis into a systematic method for identifying where operational concentration matters for which participant paths.

The MEV literature (Daian et al. 2019; Heimbach et al. 2023; Oz, Sui, Thiery, and Matthes 2024) analyzes block-construction market structure and its consequences. This Article engages this literature substantively in Part 9.4 and positions block construction as one of five empirical domains in the broader dependency-graph analysis. The contribution relative to the MEV literature is the analytical integration of block construction into a systematic framework covering multiple participant-path dependencies.

The infrastructure-studies literature (Star and Ruhleder 1996; Jackson et al. 2007; Plantin et al. 2018; Edwards 2003; DeNardis 2012, 2014; Bowker and Star 1999) supplies the analytical foundation developed in Part 3. This Article’s contribution relative to this literature is the application to cryptoeconomic protocol ecosystems, which exhibit specific features (tokenized participation, explicit stake-based authority, multi-actor participant paths) that the infrastructure-studies literature was not developed to address directly. The application extends the frameworks into a new empirical domain while preserving their core analytical moves.

Reijers, Wuisman, Mannan, De Filippi, Wray, Rae-Looi, Cubillos Velez, and Orgad (2021) analyze on-chain and off-chain governance in blockchain technologies. Their framework identifies the dualism between code-based governance (smart contracts, protocol rules) and social governance (coordination, legitimacy, dispute resolution). Crisis episodes make the dualism especially visible. This Article’s contribution relative to this literature is the specification of crisis coordination as one form of residual operational authority, with identification of the specific actors and mechanisms through which coordination occurs during crisis episodes.

Across the five prior-art clusters, the specific contribution developed here is the integrated framework combining the participant-relative dependency graph (methodological innovation) with the residual-operational-authority concept (theoretical innovation). The dependency graph operationalizes infrastructure-studies and Walch’s conceptual critique into a systematic method for identifying when protocol-adjacent concentration matters for which participant paths. The residual-operational-authority concept specifies the institutional form that emerges at protocol-adjacent operators, distinguishing this form from formal protocol governance and from ordinary market structure.

Ethereum’s formal protocol specifies validator duties, payload validity, fork-choice rules, client behavior, and slashing conditions. The protocol specifies consensus rules (Gasper combining Casper-FFG finality with LMD-GHOST fork choice), execution rules (EVM semantics, transaction formats, state transitions), validator operations (signing duties, attestations, slashing exposure), and base-layer economic parameters (issuance, gas pricing, withdrawal mechanisms).

The protocol does not specify the full operational path through which participation occurs. Hosting infrastructure, RPC routing, staking institutional structures, MEV-Boost relay and builder markets, and crisis-coordination coalitions are not part of the formal protocol. These functions belong to the operational layer through which participation is actually enacted.

Five function classes remain residual to the formal protocol and carry the operational-layer analysis that follows.

Hosting infrastructure carries node operation for validators and non-validating nodes. Cloud providers (AWS, GCP, Azure) and specialist infrastructure providers supply the physical hosting, bandwidth, and operational tooling that node operators use. The protocol does not specify hosting; it specifies the requirements that hosting must satisfy (uptime, bandwidth, state access) without specifying how those requirements are met.

Access mediation carries the path from user to chain. Wallets, RPC providers, and hosted interfaces mediate between participant intent and protocol operation. The protocol does not specify access; it accepts transactions and state queries from any source.

Staking intermediation carries delegated participation in validator duties. Liquid-staking providers, custodial staking services, and staking pools enable participants to deposit ETH without running validators directly. The protocol does not specify staking intermediation; it accepts deposits from the deposit contract without specifying the institutional structure that assembles those deposits.

Block construction carries the work of assembling profitable blocks. Builders, relays, and bid-selection logic organize transaction ordering and value extraction. The protocol’s proposer-builder separation architecture explicitly externalizes block construction; the market structure that emerges in this externalized space is residual to protocol specification.

Crisis coordination carries the work of aligning developers, validators, exchanges, clients, and major service providers when ordinary expectations break down. The protocol does not specify crisis coordination; it specifies formal upgrade mechanisms (EIPs, hard forks) that crisis coordination frequently works through but does not exhaust.

The architectural pattern is that Ethereum’s formal protocol specifies a minimally sufficient set of functions, with substantial residual operational load distributed across protocol-adjacent institutions. The distribution is not accidental; it reflects protocol-design commitments to minimality (smaller formal specification, more room for experimentation at the edges) and to permissionlessness (any actor can participate without formal authorization). These commitments produce predictable residual-institutional patterns: where the protocol does not specify, protocol-adjacent operators will emerge, and their concentration patterns will depend on the economic, operational, and regulatory conditions under which they operate.

The default retail path begins with a wallet interface rather than a self-run node. In MetaMask’s normal startup path, the selected network defaults to Ethereum mainnet and the built-in mainnet RPC URL resolves to an Infura endpoint, with wallet-managed failover URLs layered on top. The protocol-native portion of the path begins only after the request reaches chain-facing infrastructure. Before that point, access is mediated by wallet defaults, RPC routing, and provider availability.

The main decision surfaces for this class are access, continuity, and legitimacy. The principal bypass is manual RPC reconfiguration or self-hosting, both of which require technical knowledge, trust in an alternative route, and a willingness to maintain a path outside the social default.

MetaMask’s user base in 2024 exceeded 30 million monthly active users (Consensys 2024). MetaMask support materials explicitly describe the default Infura path and the MEV-protection routing through virtual mempool bidding (MetaMask Support 2025a, 2025b, 2025c). The default retail path is therefore both common and documented as such.

The hosted application path begins with JSON-RPC requests for reads, simulation, and transaction submission. The practical path is longer than the protocol method name suggests. A team using hosted RPC depends on a provider’s gateway, rate limits, archival policy, caching, geographic routing, and incident handling before the request ever reaches execution and consensus clients. Ethereum validity rules govern the chain-facing result, but the application’s ordinary ability to serve users depends on an institutional operator packaging and maintaining that path.

The main decision surfaces are continuity, access, and accountability. The main bypass is self-operation, which shifts cost into uptime engineering, monitoring, historical-state support, and security.

A current infrastructure trace illustrates provider mediation. On April 16, 2026, mainnet.infura.io resolved through an Infura router hostname carrying us-east-1 and eks, with Amazon-owned IP space and an awselb/2.0 header visible at the edge. A parallel trace of eth-mainnet.g.alchemy.com landed on OVH US space with an istio-envoy header. Provider mediation is primary; deeper infrastructure inheritance is measurable and provider-specific.

The MEV-Boost validator path is the clearest case of explicit functional externalization. The validator performs a protocol-native duty (proposing blocks), yet block construction is delegated through a sidecar that queries relays for bids, stores the winning bid, and later requests the payload from the relay path associated with that bid. Builders, relays, relay-side verification, and bid-selection logic sit between proposer duty and payload delivery.

The main decision surfaces are ordering, continuity, censorship exposure, and value capture. The principal bypass is self-building without MEV-Boost, which is possible but changes the validator’s revenue and operating profile materially.

The liquid-staking depositor does not enter Ethereum security as a bare token holder. The depositor enters an allocation institution. In Lido’s architecture, stake routing, module parameters, operator admission, staking limits, fee distribution, and deposit security are mediated through governance roles, registries, and a guardian-quorum security layer before capital reaches validator exposure.

The relevant decision surfaces are allocation, continuity, value capture, and institutional accountability. The principal bypass is solo staking or migration to another staking institution, both of which carry operational, liquidity, and coordination costs.

MetaMask’s support materials state that the wallet hosts a blockchain connection by default and that this default provider connection can become intermittent under load or when abusive sites are limited (MetaMask Support 2025a). Infura’s November 2020 disruption rendered MetaMask unusable for default-path users even while Ethereum itself continued operating normally (The Block 2020). Region-specific restrictions imposed by Infura further showed that an intermediary can shape access conditions without changing protocol rules. MetaMask’s support guidance is explicit that, by default, MetaMask accesses the blockchain via Infura and that certain jurisdictional restrictions apply at the provider layer rather than at Ethereum’s protocol layer (MetaMask Support 2025b).

The hosted-access layer is more than outsourced node operation. Infura’s own product materials describe a high-availability API service that packages JSON-RPC access, archive-data support, microservice scaling, and published throughput limits for developers (Infura n.d.a; Infura Support 2024). A current infrastructure trace reaches the same point at a lower level. On April 16, 2026, mainnet.infura.io resolved through an Infura router hostname carrying us-east-1 and eks, with Amazon-owned IP space and an awselb/2.0 header visible at the edge. Provider mediation is primary.

MetaMask support materials also describe an Infura MEV-protection path for Ethereum mainnet transactions sent via eth_sendRawTransaction, where transactions are routed to a virtual mempool and trusted participants bid for inclusion before fallback to the public mempool if needed (MetaMask Support 2025c). The participant enters a service layer with its own routing, quota, continuity logic, and, in some cases, transaction-path mediation.

The relevant decision surfaces at the access layer are access, continuity, and legitimacy. A default RPC provider can throttle, refuse, geoblock, or degrade the path through which a user experiences Ethereum. Those decisions are often experienced as network properties rather than provider choices. The path matters as much as the share number.

Custom RPC configuration exists, but the bypass cost for a default retail user includes technical knowledge, interface friction, trust in an alternative provider, and a willingness to depart from the socially normalized path. MetaMask’s troubleshooting guidance points users toward another blockchain provider or a local node only after the default path has failed (MetaMask Support 2025a). The default path is treated as the ordinary route; bypass is corrective rather than normal.

For an application team, bypass is heavier because moving from hosted access to self-provisioned access means absorbing uptime, monitoring, scaling, and data-retention burdens that a provider ordinarily carries.

Middleware concentration persists through platform dynamics. Developers integrate against an endpoint with established uptime and documentation. Users remain on the wallet defaults that come preconfigured. The result is a coordination equilibrium in which alternatives are available yet weakly used. At the access layer, default routing converts an intermediate service into a decision-bearing function.

The decision surfaces here are allocation, governance, and value capture. A liquid-staking institution chooses which operators receive stake, under what conditions new operators are admitted, how risk is distributed, how fees are collected, and how the service responds to censorship pressure, regulatory shocks, or governance disputes. For the liquid-staking depositor, participation in Ethereum security passes through an institution that bundles custody, governance, operator selection, and reward distribution.

Staking is the strongest measured domain in this Article’s analysis. Independent dashboards make concentration visible even when Ethereum’s protocol-native metrics do not. Lido’s decline from its peak share to roughly 23% coincided with sustained scrutiny, Ethereum Foundation commentary, solo-staking advocacy, and growth in rival liquid-staking products. Visibility appears to matter when an actionable target and plausible alternatives exist, although market conditions and competitive entry also changed materially during the same period.

The staking case provides the clearest evidence for a qualified visibility-to-governance-pressure relationship. It does not establish that visibility alone produces correction; it supports the narrower claim that visibility combined with actionable targets and viable alternatives can produce observable governance responses.

A validator using MEV-Boost relies on relays for bid access and on builders for the payloads that determine ordering and value extraction. Retail users and applications inherit the consequences of that market through transaction ordering and inclusion. Relays and builders operate as verification and selection institutions rather than passive transport layers. They shape bid flow, verification, timing, and ordering under a value-maximizing logic.

The decision surfaces are ordering, censorship exposure, continuity, and value capture. A concentrated builder-relay market can shape transaction sequencing, the risk of compliance-driven filtering, and the distribution of MEV rents. The function is governance-relevant without being protocol-native. The architecture externalized it through a deliberate response to MEV and proposer specialization.

Oz, Sui, Thiery, and Matthes (2024) analyze the dynamics of Ethereum block-building auctions, identifying specific mechanisms (timing games, bid structure, relay-builder relationships) through which concentration emerges and persists. Their analysis extends the Heimbach et al. (2023) framework with empirical detail on auction winners and their operational characteristics.

The DAO fork is the clearest example of coordination under emergency conditions. The Ethereum Foundation’s July 2016 hard-fork announcement tied the irregular state change to block 1920000, and the Foundation’s follow-up guidance made clear that default client behavior, user instructions, and institutional attention would focus on the fork chain (Ethereum Foundation 2016a; Ethereum Foundation 2016b). The relevant function was coordination capacity: client updates, default chain selection, exchange support, validator behavior, and public legitimacy assembled quickly enough to define the practical continuation of Ethereum.

The episode illustrates residual operational authority at work. The Ethereum Foundation held no formal protocol-governance authority; its authority was coordination-based. The coordination succeeded because a recognized coordination site existed (the Foundation), because alternative paths (Ethereum Classic) remained available to dissenters, and because the operational coalition (clients, exchanges, major operators) converged on the fork-chain consensus.

The Tornado Cash sanctions arc shows a related pattern at a different surface. Treasury’s August 2022 sanctions changed the legal environment for relay and builder operators (Treasury 2022). Flashbots' August and September 2022 transparency report made one operator response explicit: in response to the legal requirements facing relay providers in their home jurisdictions, Flashbots accelerated the open-sourcing of relay code (Flashbots 2022a).

By late October, the operator layer was already shaping measurable network conditions. Flashbots reported that 70 percent of new blocks were then being sourced from relayers that did not include transactions interacting with OFAC-sanctioned addresses, and that affected transactions would on average wait two additional blocks before inclusion (Flashbots 2022b).

The bridge from relay policy to validator operation was institutional. Lido’s October 28, 2022 relay voting proposal treated relay choice as a DAO-vetted configuration problem (KimonSh 2022). The proposal defined a must-include list for relays judged trustworthy, well-operated, and reliable; defined an allow list for DAO-approved but less battle-tested relays; and stated that node operators would be expected to use as many must-include relays as possible, subject to operator risk management and legal requirements.

The policy surface inside that discussion was not uniform. Flashbots, bloXroute regulated, Blocknative, and Eden described different OFAC-compliance paths. Manifold was presented as a non-filtering relay eligible only for the allow list. By March 2023, Lido’s censorability-monitor process was already defining sanctions censorship and inclusion delay across the builder-relay-proposer pipeline and explicitly focusing on Lido operators for proposer censorship (Drake 2023). Tholoniat, Wüst, and Wattenhofer (2023) tightened the effect into a median inclusion-time delay of 11.43 seconds and a median block delay of one block for the studied February 2023 sample.

No on-chain vote or formal protocol amendment was required for those compliance effects to propagate through the network. When the Fifth Circuit later held that the immutable contracts were not sanctionable property and Treasury removed the sanctions in March 2025 (Fifth Circuit 2024; Treasury 2025), the operating environment shifted again.

The Tornado Cash episode supports a narrower conclusion than the DAO fork. Regulatory action, relay policy, staking-institution configuration, and monitoring reconfigured access and ordering conditions through operational adaptation without changing protocol specification. The residual operational layer absorbed regulatory pressure and produced measurable network-level effects (censorship rate, inclusion delay) without formal protocol action.

The contrast with the DAO fork is informative. The DAO fork required explicit coordination and formal protocol action (a hard fork). The Tornado Cash compliance response required no protocol action; it operated entirely through residual operational authority. Both are instances of crisis governance, but they work through different institutional mechanisms.

The central analytical move is a participant-relative dependency graph. For a specified participant class and action, the graph identifies the functions required for participation, the actors controlling those functions, the degree of concentration at each point, the cost of bypass, and the accountability route available when a dependency constrains action.

The graph shifts the object of analysis from abstract layer ranking to binding functions on a specified participant path. A retail wallet user on the default MetaMask path, an application team using hosted RPC, a validator using MEV-Boost, and a liquid-staking depositor all encounter Ethereum through different combinations of formal protocol rules and protocol-adjacent operators. Trust therefore appears here as path-specific and institutional rather than as a single property reducible to validator count or protocol design alone.

The graph treats a concentrated function as analytically relevant only if the participant actually traverses it, if bypass is costly under normal conditions, and if control over the function can alter participation in some recognizable way. More than a share statistic is needed. A relation between participant path, concentration, bypass cost, and practical consequence must be shown.

Ethereum’s formal protocol specifies validator duties, payload validity, fork-choice rules, client behavior, and slashing conditions. Participation depends on functions the protocol does not fully internalize: hosted infrastructure, wallet defaults, RPC routing, staking intermediation, relay-mediated block construction, and crisis coordination. These are residual in the sense that they are necessary for operation while sitting outside the protocol’s own native authority and evaluation apparatus.

Residual operational authority arises when one of these functions acquires practical power because participants rely on it for access, ordering, continuity, verification, or coordination. The term identifies a form of authority distinct from a formal constitutional organ: the power to shape the conditions under which a participant can act, even when protocol rules remain unchanged.

The empirical sections above show several candidate sites. Cloud hosting carries availability at scale for node operators. Middleware mediates access for many retail users and application teams through wallet defaults and RPC paths. Staking intermediaries organize security participation for liquid-staking depositors through governance and allocation institutions. Builder-relay markets externalize block construction for validators using MEV-Boost. Crisis coordination reveals who can align the system when ordinary expectations fail.

Concentration and governance relevance are not identical. A dependency becomes governance-relevant only when control over it can be converted into one or more decision surfaces that matter for participation. The conversion test asks whether a concentrated function can shape:

The test narrows the claims. AWS concentration is analytically important only insofar as hosting dependence can produce continuity failures or make participation vulnerable to concentrated infrastructure decisions. RPC concentration matters where default access or provider refusal shapes who can use the network under ordinary conditions. Builder concentration matters where relay-mediated block construction can affect ordering, censorship exposure, value capture, and continuity for validators and downstream users. Staking concentration matters where allocation and governance decisions shape how security participation is organized for depositors.

Protocol-native metrics and public external metrics should be distinguished. Validator count and client diversity are protocol-centered indicators. Builder share, staking concentration, and RPC dependence are more often visible through external dashboards, reports, and operational episodes. Infrastructure concentration can be partially measured through node datasets without entering Ethereum’s privileged field of evaluation.

Scott’s (1998) account of legibility helps here in a limited way. Measurement regimes define what counts as an actionable object of governance. A protocol community that continually publishes validator and client data while leaving adjacent dependencies to scattered dashboards and incident reports will tend to deliberate differently about those fields. Infrastructure studies and participant-path analysis carry the question of when a residual function becomes binding more effectively than a direct state-legibility analogy.

The measurement-to-governance-pressure hypothesis is qualified. Public visibility can help create corrective pressure when an actionable target exists and when a coalition can bear the cost of intervention. The staking case is suggestive because public concentration dashboards, community pressure, and rival liquid-staking growth coincided with Lido’s decline from its peak share. The contrast with infrastructure dependence is suggestive; it does not amount to a controlled demonstration. Visibility may matter, but only in combination with governance capacity and viable intervention routes.

The argument has clear limits. First, a residual function can be concentrated without becoming decision-bearing if participants do not materially depend on it or if bypass is cheap under normal conditions. Second, visibility does not guarantee correction. Bitcoin’s mining concentration is visible and persistent, which suggests that public measurement without governance capacity or low-cost alternatives may change little. Third, the account is participant-relative. A solo staker running local clients faces a different dependence structure from a liquid-staking depositor or retail wallet user.

These limits keep the account from turning every external function into a governance claim. Ethereum is better analyzed as a layered participation system in which some functions outside the formal core become decision-bearing for particular participant paths.

Solana provides an adjacent comparison. Its validator set is large, yet infrastructure and RPC concentration are live concerns, and the Solana Foundation’s delegation choices shape validator economics (Helius 2024). The similarity lies in the coexistence of formal protocol participation with dependence on adjacent operational institutions. The Solana material is thinner than the Ethereum case and works as a boundary signal rather than proof of a general pattern. The framework applies; fuller empirical development requires Solana-specific data that this Article does not attempt to produce.

Bitcoin provides the more demanding comparison. Mining-pool concentration is publicly visible and persistent. That persistence weakens any claim that visibility alone explains concentration. The comparison sharpens the framework’s scope. Residual operational authority is especially likely to escape protocol-centered analysis when concentration sits outside the formal field of evaluation and when participants have limited governance capacity or costly exit options. Bitcoin’s mining concentration is visible; it persists because the governance capacity to address it is limited (Bitcoin has no EIP-equivalent process for coordinating against mining concentration) and because exit is costly (alternative proof-of-work currencies exist but with substantially smaller economic weight).

The Bitcoin comparison supports the qualification on the visibility-to-governance-pressure relationship. Visibility is necessary but not sufficient for correction; governance capacity and viable alternatives matter independently.

The framework weakens if self-hosted access, local validation, non-custodial staking, and alternative execution routes become cheap enough that large shares of the relevant participant classes migrate away from concentrated providers under ordinary conditions.

Observable metric: share of each participant class traversing non-concentrated paths under ordinary conditions.

Measurement protocol: for each participant class, track the share of participants using default-path versus alternative-path operators across a two-year observation window.

Falsification threshold: greater than 40% of retail wallet users using non-default RPC configurations; greater than 30% of application teams self-operating their RPC infrastructure; greater than 40% of MEV-Boost validators switching to self-build; greater than 30% of liquid-staking depositors migrating to non-top-three staking institutions.

The framework weakens if a concentrated dependency can be shown not to shape access, ordering, continuity, value capture, legitimacy, or accountability for the participant classes that traverse it.

Observable metric: documented episodes in which a concentrated dependency exhibited sustained constraint on one or more decision surfaces.

Measurement protocol: track documented episodes (outages, policy changes, regulatory interventions, market shocks) across a sustained observation window. Classify each episode by decision surface affected and by participant class exposed.

Falsification threshold: across the observation window, the top concentrated dependencies (AWS hosting, default RPC provision, top staking institutions, top builders) produce no documented episodes constraining the identified decision surfaces for the relevant participant classes.

The modest visibility hypothesis weakens if new and sustained measurement of currently underweighted dependencies produces no change in governance attention, no meaningful discussion of intervention, and no participant response across comparable cases.

Observable metric: governance-attention metrics (EIP discussion, foundation commentary, ecosystem-community engagement) following publication of new concentration data; participant-response metrics (migration, alternative development, institutional formation) following such publication.

Falsification threshold: three or more cases of new concentration data publication with no discernible governance-attention or participant-response effects within eighteen months of publication.

The framework weakens if a competing framework predicts operational dependence and trust-relevant failure more accurately across participant classes. Competing candidates include pure protocol-native measurement frameworks, purely market-based institutional-concentration frameworks, and formal protocol-governance frameworks. Each alternative, if it produced superior predictions across participant classes, would supersede the present framework.

Two alternative explanations deserve explicit engagement.

Market efficiency as primary driver. An alternative explanation: the concentration patterns this Article documents reflect efficient market-sorting rather than residual operational authority. Under the efficient-market view, concentrated operators provide superior services at lower cost, and participant paths naturally cluster at these operators without producing governance-relevant consequences. The Article’s response: efficient-market explanations are consistent with the observed concentration patterns but do not account for the specific decision-surface effects the conversion test identifies. Outages (Infura 2020), policy-driven censorship (relay-filtering 2022-2023), and institutional-governance consequences (Lido operator selection) are not market-efficient outcomes; they are decision-surface effects that arise because concentrated operators exercise authority that formal protocol rules do not specify. The efficient-market explanation accounts for the emergence of concentration without accounting for the governance consequences that concentration produces.

Transitional immaturity as primary driver. An alternative explanation: the concentration patterns reflect transitional features of an immature ecosystem that will resolve as alternatives mature. Under this view, Ethereum’s present dependence patterns will give way to more distributed arrangements as self-hosting, decentralized RPC (Pocket, Ankr, and others), solo staking, and decentralized block building mature. The Article’s response: transitional-immaturity explanations are compatible with the present analysis at the empirical level (the specific concentrations may shift over time) but do not supersede the framework at the analytical level. The participant-relative dependency graph operates regardless of the specific concentration levels; it provides the analytical method for identifying when residual operational authority emerges and what decision surfaces it affects. Concentration may shift as alternatives mature; the framework continues to apply.