Debate is raging in the crypto community as Justin Bons, founder and CIO of Cyber Capital, argues that Ripple’s XRP Ledger (XRPL) is “centralized.”
Meanwhile, Ripple’s CTO Emeritus, David Schwartz, has firmly defended its architecture. This raises crucial questions about what makes a blockchain genuinely decentralized.
Justin Bons Labels XRP Ledger “Centralized”
In a recent post on X (formerly Twitter), Bons criticized what he calls “centralized blockchains.” He argued that several networks rely on permissioned validator structures, pointing to XRP Ledger’s Unique Node List (UNL) as an example.
“Ripple: Has a “Unique Node List”, which makes the validators effectively permissioned. Any divergence from this centrally published list would cause a fork, effectively giving the Ripple Foundation & company absolute power & control over the chain,” he wrote.
He also named Canton, Stellar, Hedera, and Algorand in his post. Bons framed decentralization as a binary choice, arguing that a blockchain is either fully permissionless or it is not. In his view, any permissioned element is “anti-thetical” to the ethos of crypto.
“The future of finance is decentralized & permissionless,” he wrote. “But let’s not pretend as if these chains are really playing a part in this revolution…if you care about crypto. Reject these permissioned chains & demand they decentralize.”
Bons also outlined what he described as the only three forms of blockchain consensus: Proof of Stake, Proof of Work, and Proof of Authority. He mentioned that any system not based on PoS or PoW then “it is, by definition, PoA.” The executive said that “choosing who we trust is not the same as trustlessness,” specifically referencing XRP and XLM.
David Schwartz Defends XRP Ledger
Bons’ post sparked notable reactions from the community. Schwartz, one of the chief architects of the XRP Ledger, rejected claims that Ripple has “absolute power & control.”
He explained that the XRP Ledger was designed so that Ripple could not control the network. Schwartz said this decision was intentional and rooted in regulatory considerations.
“Ripple, for example, has to honor US court orders. It cannot say no….But could a US court decide that international comity with an oppressive was more important than XRPL or Ripple? We were quite concerned that could come down either way. We absolutely and clearly decided that we DID NOT WANT control and that it would be to our own benefit to not have that control,” he replied.
Schwartz also pushed back against Bons’ claims about potential double-spending and censorship. He explained that validators cannot force an honest node to accept a double-spend or censor transactions.
Each node independently enforces protocol rules and only counts the validators it has chosen on its Unique Node List (UNL). If a validator behaves dishonestly, an honest node simply treats it as a validator it disagrees with.
Schwartz acknowledged that validators could theoretically conspire to halt the network from the perspective of honest nodes. However, he said this would be equivalent to a dishonest majority attack and would still not allow double-spending. In such a scenario, he argued that the remedy would be to select a new UNL.
“Transactions are discriminated against all the time in BTC. Transactions are maliciously re-ordered or censored all the time on ETH. Nothing like this has *ever* happened to an XRPL transaction and it’s hard to imagine how it could,” he remarked.
He also pointed out that XRPL resolves the double-spend problem through consensus rounds that occur roughly every five seconds. During each round, validators vote on whether transactions should be included in the current ledger.
Honest nodes may defer a valid transaction to the next round if a supermajority of trusted validators say they did not see it before the cutoff. According to Schwartz, this mechanism maintains consensus without granting unilateral control to any single party.
“There are only two reasons you need a UNL: 1) Otherwise a malicious party could create an unbounded number of validators causing nodes to need to do excessive work to reach consensus. 2) Otherwise a malicious party could create validators that just didn’t participate in consensus, leaving nodes unable to tell whether they actually had reached a consensus with other nodes,” he noted.
He further stressed that if Ripple had the ability to censor transactions or execute double spends, using that power would permanently damage trust in XRPL. Therefore, he said the system was intentionally architected to limit the power of any single actor, including Ripple itself.
