The Blockchain Trilemma: why it's so hard to build a perfect blockchain In the decade-plus since Bitcoin introduced the world to decentralized ledgers, thousands of blockchain projects have launched with grand promises: faster, cheaper, and more secure, while not compromising on decentralization. Yet despite enormous investment and engineering talent, no network has managed to be everything at once. The reason comes down to a fundamental constraint that sits at the heart of distributed systems design, the blockchain trilemma.Coined and popularized by Ethereum co-founder Vitalik Buterin, the trilemma describes the near-impossible balancing act between three properties every blockchain strives for: decentralization, security, and scalability. The core claim is deceptively simple; you can optimize for two of these properties, but doing so will almost always come at the expense of the third. Understanding why this tension exists, and how the industry is trying to overcome it, is essential to understanding where blockchain technology stands today and where it's headed. The three pillars, explainedBefore diving into the trade-offs, it's worth being precise about what each property actually means.Decentralization is the degree to which control over a network is distributed across many independent participants. A fully decentralized blockchain has no central authority, no company, government, or individual can unilaterally change the rules, censor transactions, or shut it down. This property is what makes blockchains genuinely trust-minimized: you don't need to trust any single party because the rules are enforced collectively by thousands of nodes spread across the globe.Security refers to a network's resistance to attacks. The most common threat model is the so-called 51% attack, where a bad actor gains majority control of the network's consensus mechanism (whether hashing power in Proof of Work or staked capital in Proof of Stake) and uses that control to reverse or manipulate transactions. A secure blockchain makes such attacks economically ruinous. Security also encompasses resistance to bugs in smart contracts, Sybil attacks, and other vectors of exploitation. Without it, the system cannot be trusted and an untrustworthy blockchain is no blockchain at all.Scalability is the network's ability to process a large number of transactions quickly and at low cost. For context, Visa states that VisaNet is designed to handle more than 24,000 transaction messages per second at peak. Bitcoin, by comparison, manages roughly 7 tps, and early Ethereum wasn't much better. For blockchains to serve as a global financial infrastructure or the backbone of decentralized applications used by billions they need to scale by orders of magnitude without sacrificing user experience.Why the trade-offs are inevitableThe trilemma isn't just a catchy phrase. It's rooted in fundamental realities about how distributed systems work.Decentralization vs. scalabilityAdding more nodes to a network increases decentralization but creates a coordination problem. Every participating node must receive, validate, and store every transaction. This is intentional, it's what makes the ledger tamper-evident — but it means the network's throughput is bounded by what the least powerful node can handle. If you raise the hardware requirements to process more transactions faster, you price out smaller participants and end up with fewer, more powerful nodes. That's centralization by another name.This is why Bitcoin deliberately keeps its block size small and its block time slow. It's a feature, not a bug. It ensures that an ordinary person with a home computer can still run a full node and participate in consensus.Security vs. scalabilityFaster finality and higher throughput often require shortcuts in consensus. Some high-speed blockchains achieve their performance by using a small, pre-selected set of validators sometimes just 21 nodes, as with early EOS. With fewer validators, blocks can be produced and confirmed in milliseconds. But a smaller validator set is far easier to compromise. An attacker needs to corrupt or collude with far fewer parties to seize control. Speed comes at the cost of robustness.Decentralization vs. securitySecurity and decentralization are often conflated, but they are distinct properties that don't automatically reinforce each other.Security refers to how well a blockchain resists attacks, fraud, and manipulation. It depends on strong cryptography, robust consensus rules, and economic incentives that make attacks prohibitively expensive — not on how many nodes the network has. Decentralization, meanwhile, describes how broadly control is distributed so that no single party can dominate decisions or censor transactions.The key insight is that a blockchain can be highly decentralized and still be vulnerable, if its underlying consensus design or cryptographic protections are weak. Thousands of nodes participating in a flawed protocol does not make that protocol safe. Decentralization contributes to security by making it harder for any one actor to seize control — but it doesn't cover all attack vectors. Security has its own requirements beyond node distribution.The tension arises because the mechanisms that strengthen security — high validator stakes, strict consensus rules, demanding cryptographic requirements — raise the bar for participation. Over time, this can reduce the number and diversity of nodes, concentrating power and quietly eroding decentralization even when no one intended it. Real-world examples of the trade-off in actionExamining how major blockchains have navigated these constraints illustrates the trilemma in practice. These examples are illustrative and not investment advice or an endorsement of any protocol.To gain an assessment of future demand and potential selling pressure, it is useful to look at the rates of change. On the demand side, two factors are currently particularly decisive: the dynamics of ETF inflows and the buying activity of the Bitcoin company Strategy.Bitcoin sits firmly in the decentralization-and-security corner. With tens of thousands of nodes worldwide and the most battle-tested Proof of Work consensus mechanism in existence, it is extraordinarily difficult to attack or co-opt. But it processes only about 7 transactions per second, and fees can spike to tens of dollars during periods of high demand. Scalability is the obvious sacrifice.Ethereum (pre-merge) faced similar constraints. Its smart contract functionality unlocked enormous utility, but network congestion during the DeFi boom of 2020–2021 pushed gas fees to absurd heights sometimes hundreds of dollars for a single transaction. Ordinary users were effectively priced out of the network.Ethereum (post-merge) addressed some of these issues when it transitioned to Proof of Stake in 2022. Slashing mechanisms made attacks economically brutal, and acquiring enough stake to control consensus would be prohibitively expensive. But new concerns emerged in parallel: a large share of staked ETH became concentrated in a small number of liquid staking protocols — most notably Lido raising fresh questions about validator centralization. Better security and creeping stake concentration arrived together, a neat illustration of how solving one side of the trilemma can quietly stress another.Solana took an aggressive stance on scalability, engineering a network capable of processing tens of thousands of transactions per second through a novel mechanism called Proof of History combined with a high-performance validator architecture. The trade-off showed up in a series of network outages and in a validator set that requires significant hardware investment raising questions about long-term decentralization.Early EOS and similar Delegated Proof of Stake chains explicitly traded decentralization for speed, delegating block production to a small set of elected "super nodes." The result was fast and cheap, but critics argued it was barely more decentralized than a traditional database.None of these choices are wrong, necessarily. They reflect deliberate decisions about which properties matter most for a given use case. But they confirm that the trilemma is a real constraint, not just theoretical hand-wringing. The pursuit of solutionsThe blockchain industry has refused to accept the trilemma as an immovable ceiling. Several architectural approaches have emerged that attempt to make up for the constraint.Layer 2 scalingThe most pragmatic near-term solution is to move most transaction activity off the main blockchain (Layer 1), while still anchoring its security to it. Layer 2 networks sit on top of a base chain and batch thousands of transactions together before settling them as a single entry on-chain.Rollups are the leading Layer 2 architecture. Optimistic rollups (like Optimism and Arbitrum) assume transactions are valid by default and allow a challenge period for fraud proofs. ZK-rollups (like zkSync and StarkNet) use cryptographic validity proofs to verify batches of transactions. Once verified on-chain, the batch can be accepted without re-executing every transaction on Layer 1. Both approaches dramatically increase throughput and reduce costs while inheriting the security guarantees of the underlying chain. Ethereum's long-term roadmap is almost entirely rollup-centric, treating L1 as a settlement and data availability layer rather than an execution environment.ShardingSharding is a technique borrowed from traditional database engineering. Instead of every node processing every transaction, the network is divided into smaller parallel groups shards each responsible for a subset of transactions. Nodes only need to maintain their shard's data, reducing the hardware burden while multiplying the network's overall capacity.Ethereum has long had sharding on its roadmap, though the approach has evolved over time. Rather than sharding execution (which proved extremely complex), the current focus is on data sharding specifically "blob" transactions introduced via EIP-4844 which provides cheap data availability for rollups without requiring every node to execute every transaction.Alternative consensus mechanismsProof of Work, Bitcoin's foundational consensus mechanism, is secure but energy-intensive and slow. Proof of Stake replaces computational hashing with economic collateral: validators lock up ("stake") cryptocurrency as a bond, and dishonest behavior results in that bond being "slashed." This enables faster finality and much lower energy consumption. Ethereum's 2022 transition to Proof of Stake was the largest live migration in blockchain history, reducing its energy usage by over 99% and enabling a path toward greater scalability without sacrificing decentralization.More exotic mechanisms continue to emerge Proof of History, Proof of Space and Time, Nominated Proof of Stake each making different trade-offs suited to different use cases.Modular blockchainsPerhaps the most philosophically interesting response to the trilemma is the idea of modular blockchains separating the different functions of a blockchain (execution, settlement, consensus, data availability) into specialized layers that can each be optimized independently. Projects like Celestia focus exclusively on data availability, allowing execution layers built on top to scale aggressively without compromising the base layer's decentralization or security.This modular paradigm represents a fundamental shift in thinking: rather than building one chain that does everything adequately, you compose a stack of specialized chains, each world-class at its specific function. The trilemma doesn't disappear it gets distributed across layers, with each layer making its own narrow trade-offs in a way that, taken together, achieves better overall performance than any monolithic chain could. Is the trilemma solvable?There's genuine debate about whether the trilemma represents a hard law of nature or simply a reflection of the current state of the art. Some researchers argue that with continued advances in cryptography particularly zero-knowledge proofs we may eventually approach something close to all three properties simultaneously. ZK-rollups offer a tantalizing glimpse: high throughput and strong cryptographic security guarantees, all while settling on a decentralized base layer.Others are more cautious. They point out that every "solution" introduces new assumptions, new attack surfaces, or new forms of centralization in bridge infrastructure, in sequencer design, in governance structures. The trilemma may not disappear so much as transform, with new versions of the same underlying tension appearing at higher levels of abstraction. A rollup might scale Ethereum's throughput dramatically, but if its sequencer is controlled by a single company, have we really solved decentralization or just moved the problem?What's clear is that progress is real and accelerating. The Ethereum of today with its proof-of-stake base layer, its bustling ecosystem of rollups processing millions of transactions daily, and its roadmap toward full danksharding — is dramatically more capable than what existed five years ago. The gap between blockchain throughput and traditional financial infrastructure is narrowing steadily. Why it matters beyond technologyThe blockchain trilemma isn't just a puzzle for engineers it has profound implications for how we think about the future of finance, governance, and the internet itself.A blockchain that sacrifices decentralization is, in important ways, just a slow and expensive database. The promise of blockchain censorship-resistance, permissionless access, self-sovereign ownership depends on genuine decentralization. If the only way to scale is to centralize, then we've built elaborate infrastructure to arrive back where we started.Conversely, a blockchain that is beautifully decentralized but can only handle seven transactions per second will never serve the billions of people who need financial infrastructure the most, those in countries with unstable currencies, broken banking systems, or governments that restrict financial freedom. Scalability isn't a luxury; it's a prerequisite for impact at civilizational scale.The trilemma, then, is ultimately about what kind of system we want to build and who we want it to serve. Every design choice is a values choice in disguise. ConclusionThe blockchain trilemma is more than a catchy slogan. It captures a genuine engineering challenge that sits at the intersection of distributed systems theory, cryptography, and game theory. Every major design decision in the blockchain space from block size debates to consensus mechanism choices to Layer 2 architectures can ultimately be traced back to it.Understanding the trilemma doesn't lead to pessimism about blockchain's future. Rather, it provides a clear-eyed framework for evaluating competing projects and their claims. When a new chain promises to be faster, cheaper, and more decentralized than everything that came before, the right question isn't "is that impressive?" it's "what did they give up to get there?".The trilemma isn't a reason to abandon the pursuit. It's a map of the terrain that makes the pursuit worth undertaking in the first place. Author: Pascal HügliPascal Hügli, Crypto Investment Manager at Maerki Baumann and founder of Insight DeFi, produces high-quality content on bitcoin and crypto and contributes to Maerki Baumann's development in the area of blockchain and cryptocurrencies. As a lecturer in digital finance and crypto assets at the HWZ University of Applied Sciences in Business Administration Zurich, he has in-depth expertise in this field, which he is now also applying to the establishment of our new brand "ARCHIP by Maerki Baumann". Important legal informationThis publication is intended for information and marketing purposes only, and does not constitute investment advice or a specific individual investment recommendation. It is not a sales prospectus and does not constitute a request, an offer, or a recommendation to buy or sell investment instruments or investment services, or to engage in any other transaction. Maerki Baumann & Co. AG does not provide legal or tax advice. Investors are therefore advised to obtain independent legal or tax advice concerning the suitability of such investments, since their tax treatment depends on the personal circumstances of the investor in question and is subject to change at any time. Maerki Baumann & Co. AG holds a Swiss banking licence issued by the Financial Market Supervisory Authority (FINMA). This publication is expressly not intended for persons domiciled in Germany or so-called U.S. persons. Editorial deadline: 26 February 2026Maerki Baumann & Co. AGDreikönigstrasse 6, CH-8002 ZurichT +41 44 286 25 25, info@maerki-baumann.chwww.maerki-baumann.ch