Qualitative Security Model

In Social Network Principle it is shown that Bitcoin is a network of human relationships. This can be modeled as a directed graph where each vertex represents a merchant and each edge represents a trade for bitcoin. Edges indicate the direction of movement of coin and are quantified in the number of units traded. All owners are presumed to have been merchants at the time of coin receipt, including as miners (selling confirmations) and as recipients of charity (selling goodwill).

If a person is not personally accepting coin, or does not personally validate coin accepted, the person cannot reject invalid coin. The person is entrusting this task to a central authority. Similarly, when a person delegates coin to another party, the person no longer owns the coin. In both cases the person controls only a promise to trade back the coin and therefore does not contribute to security. All people utilizing the same delegate are reduced to just one vertex that represents the delegate.

For any period of time, economic security is a function of the number of merchants and the similarity of amounts traded. The strongest economy would be all people in the world trading for the same number of units in the period, an ideal which can be called a "distributed" (or fully-decentralized) economy. The weakest would be one delegate accepting all units traded in the period, which would be a "centralized" economy.

More specifically, the system is most decentralized which has the greatest number of vertices (merchants) with the lowest coefficient of variation in the sum of incoming edges (receipts):

economic-decentralization = recipients * receipts-mean / receipts-standard-deviation

Similar to economic security, confirmation security can be modeled as an edgeless graph. Each miner is represented by one vertex on the graph. A grinder is not a miner as the grinder has no decision-making ability, only the miner is represented. The total hash power employed by a miner is the weight of the vertex. The strongest censorship resistance is every person in the world mining with equal hash power.

The systemic mining threat is motivated by censorship, not double-spending. Total hash rate provides security against such attacks, but pooling of hash rate works against it. As mining collects into pools it becomes cheaper to co-opt than to compete against it.

For any period of time, confirmation security is a function of the number of miners and the similarity of hash power they directed. The strongest censorship resistance would be all people in the world mining at the same hash power in the period, an ideal which can be called "distributed" (or fully-decentralized) confirmation. The weakest would be one miner with 100% of hash power, which would be "centralized" confirmation.

More specifically, the system is most decentralized which has the greatest number of vertices (miners) with the lowest coefficient of variation in weights (hash power):

confirmation-decentralization = miners * hash-power-mean / hash-power-standard-deviation

While people could decide to trade and/or mine independently in the future, they do not contribute to security until after they actually do so. The distinction is analogous to being armed vs. having the ability to become armed. As shown in Cockroach Fallacy, the latter matters not when you are getting robbed. The model represents security as it actually exits in the period.

As show in in Public-Data-Principle, anonymity is a tool that aids in defending one's ability to trade and/or mine. As such the level of decentralization can never be measured. The model is a conceptual aid. Additionally, as shown in Balance of Power Fallacy, the the security afforded by each of the two sub-models is complimentary and independent of the other.

Decentralization alone is not security. A maximum level of participation (merchants and miners respectively) at a maximum level of evenly distributed activity (receipts and hash power respectively) implies the maximum level of security. Given that there is no limit to humanity, trade or computation, the level of security in each axis is unbounded. A minimum level of zero in each is achieved with either no participants or no activity.