What Ethereum built in ten years — and what it still hasn’t delivered

Vitalik Buterin says adoption alone is not progress. Are today’s Ethereum-based systems truly autonomous, or just decentralized in name and centralised in control?

Ethereum’s core mission still needs defending

Ethereum (ETH) turns ten today, Jul. 30. The anniversary comes at a time when the platform sits at the center of global blockchain infrastructure, powering thousands of applications, tools, and digital economies. 

But in his keynote at ETHCC 2025, Ethereum co-founder Vitalik Buterin stressed that widespread adoption is not enough. The real question, he said, is whether Ethereum is still serving its original purpose.

Buterin challenged developers to revisit the meaning of decentralization itself. He argued that many projects today use the language of decentralization without delivering its core benefits. 

For example, a decentralized application may be built on Ethereum, but if it includes an upgrade mechanism controlled by a developer team, then users remain dependent on intermediaries. 

According to Buterin, true decentralization must translate into outcomes that users can rely on. He cited the work of cryptographer Phillip Rogaway, who once described cryptography as a moral contract, not just a technical field. 

Buterin shared this view and urged the Ethereum community to think of their work not as neutral infrastructure, but as a series of tools that shape user freedom. 

The goal, he said, should not be decentralization for its own sake, but for what it enables. If a system does not increase user control, then even the most advanced technology can fall short of its original promise.

More users, more power gaps

Ethereum today anchors much of the global web3 infrastructure, facilitating over two-thirds of decentralized finance activity and hosting the majority of stablecoin and NFT transactions. This scale was unimaginable in 2015, but it has brought with it a new set of trade-offs.

The most visible change is in who now participates. Ethereum is no longer shaped primarily by independent developers or grassroots communities. It is increasingly influenced by financial institutions, state-linked entities, and large protocol operators. 

Many top DeFi applications continue to operate with admin keys or proxy upgrade rights. These permissions allow select teams to unilaterally alter smart contracts or freeze funds, reducing user control to a function of internal policy decisions. 

The pattern is not limited to smaller platforms. Some of the largest protocols on Ethereum still retain forms of administrative power that contradict the idea of autonomous, tamper-proof execution.

The influence of legal and compliance frameworks is also changing Ethereum’s operational model. 

Since the sanctions against Tornado Cash (TORN) in 2022, several infrastructure providers have introduced filtering mechanisms, including RPC-level restrictions, transaction screening, and regional access controls. 

For example, projects such as Infura, Alchemy, and others have implemented systems that block users based on location or regulatory status. 

These developments occur outside the Ethereum protocol itself, but they affect the user experience in direct ways. The result is a layered system where decentralization exists at the protocol level but not across the full stack.

Buterin used the example of Android to highlight the risks of such divergence. While Android remains open source, most users interact with a version modified by vendors, layered with non-removable apps, and shaped by commercial incentives. 

Ethereum, he argued, could move in a similar direction unless core infrastructure remains neutral, auditable, and open to user choice. The distinction between formal decentralization and practical centralization is becoming harder to ignore.

Tests that many Ethereum systems still fail

A core argument in Buterin’s ETHCC 2025 keynote was that many systems claiming to be decentralized fall short when examined closely. To help assess this gap, he proposed a series of practical tests. 

The first is the walk-away test. If the original development team disappeared, would the protocol still function fully for users, or would access to funds and basic operations break down? 

In many cases today, especially among layer-2 networks and DeFi applications, the answer is no.

Buterin pointed to another metric, the insider attack test. This assesses how much damage a compromised interface, insider action, or malicious actor could cause. 

For instance, if a front-end can be hacked to redirect user funds, or if a protocol upgrade can be triggered by a single multisignature wallet, then the project remains highly centralized in practice. 

The final metric is the trusted computing base, which refers to how many layers of infrastructure must be trusted for a system to operate securely. 

A smart contract may be immutable, but if the user relies on a centralized oracle, a third-party API, and a default RPC endpoint, each adds a new point of failure or potential censorship.

In 2025, a large portion of Ethereum’s ecosystem still fails these tests. Around 60% of layer-2 networks retain administrative keys or upgrade mechanisms that allow developers to change or pause the network without broad user consent. 

Similarly, over 70% of front-end interfaces for Ethereum-based dApps rely on centralized hosting, often through single domains or third-party APIs. 

In multiple known incidents, attackers have successfully injected malicious code into these interfaces, exposing users to financial losses even when the underlying contracts were secure.

Governance is another area where decentralization often exists more in appearance than in operation. 

One study found that in roughly one-third of DAO projects, more than 80% of the voting power is held by a small number of large token holders, creating a structural imbalance. 

Decisions are formally open to the community but in practice are determined by a concentrated minority. Token-weighted voting, while widely used, continues to raise questions about accountability and equitable participation.

Privacy tools show similar limitations. While zero-knowledge proofs are widely promoted as a breakthrough for user anonymity, the majority of existing implementations only partially mask transaction data. 

In about nine out of ten cases, patterns remain visible or transaction histories are not fully shielded. In parallel, infrastructure services such as wallets and RPC endpoints often retain user data. 

For example, MetaMask was shown to collect IP addresses and wallet activity through its default connection to Infura, a setup that contradicts expectations of user-level privacy.

Without addressing these structural weaknesses, Ethereum applications may continue to function, but they will do so without delivering the autonomy and resilience that decentralization is meant to provide.

Privacy cannot remain optional

Buterin’s other central argument is that privacy must become a baseline expectation across the network, not an optional layer. 

Today, most wallet infrastructure and on-chain interactions leave metadata visible, linkable, or externally stored. To address this, Buterin called for deeper integration of privacy features at the protocol and wallet levels. 

Tools such as ZK proofs and local encryption are already available. The challenge is to make them default, accessible, and standardized, not limited to niche applications.

Front-end access was another area of concern. Many users today depend on single websites or APIs to access decentralized applications. If those interfaces go offline, are censored, or are compromised, users lose functional access to the system. 

Buterin proposed a shift toward decentralized content delivery, using technologies such as content-addressable storage and peer-to-peer protocols. 

Interfaces delivered via networks like IPFS or Arweave (AR), combined with open-source front-end clients, can improve availability and reduce reliance on centralized infrastructure.

Governance also remains a critical point of vulnerability. The dominant model today is token-based voting, where large holders have proportionally greater influence. 

Buterin argued that this system can be easily captured by capital, leaving little room for equitable participation. 

He encouraged research into alternative approaches that distribute influence more broadly. Options under discussion include quadratic voting, identity-linked attestations, and reputation-weighted systems. 

These mechanisms remain experimental, but the goal is to produce governance structures that resist concentration and reflect user interests more accurately.

Experts on freedom, governance, and the path ahead

To evaluate whether Ethereum is still delivering on its founding values, crypto.news invited five ecosystem leaders to examine whether Ethereum meaningfully empower users today. 

Chris Anderson, CEO of ByteNova AI, began with a baseline assessment of decentralization. In his view, the problem is not theoretical.

Michael Cameron, co-founder of Superb, expanded the critique. He believes that real decentralization starts at the network’s edges, not just its protocol core.

Anderson pointed to concrete friction points, using the example of Blast, where users had to wait several days to bridge assets back to Ethereum’s mainnet.

Abdul Rafay Gadit, co-founder of Zignaly, focused on hidden forms of centralization, particularly in the tooling and access layers.

Luis Bezzenberger, Head of Product at Shutter Network, raised similar concerns in the context of transaction ordering and censorship.

The question of privacy also surfaced as a core limitation. According to Bezzenberger, privacy tools are available but remain fragmented and optional.

On governance, Cameron warned of consolidation trends that mirror traditional systems.

Varun Kabra, Chief Growth Officer at Concordium, described Ethereum as operating with two faces.

He also noted a growing disconnect between user metrics and real participation.

When asked whether builders are solving the right problems, the responses split into two tracks. Anderson acknowledged Ethereum’s technical progress but argued that priorities remain misaligned.

Bezzenberger added that technical excellence should serve two specific goals.

Cameron reinforced that point, using DeFi as an example.

All five experts agreed on one defining test for decentralization: the freedom to leave. Gadit called it the starting point for any serious audit.

Kabra added whether power can be redistributed over time.

The consensus is not that Ethereum has failed. It is that its foundation remains incomplete. The next decade, they argue, will depend not on performance gains or protocol milestones, but on whether Ethereum chooses to make freedom enforceable across every layer.