Exchanges are just crypto banks.
Steem was abandoned by this community and created a new brand under the banner of Hive during the start of the COVID 2020 fiasco. Using a WEB3 perspective and filter we can argue that a new network was not created. It was like the Ethereum DAO hack or other contentious hardforks like Bitcoin Cash. The Hive fork had incontestable dominance in terms of consensus. We didn't move networks or create a new network; it was just the continuation of the old platform, plus a big speed bump in the way.
From a WEB2 perspective (and subsequently legal perspective) Hive absolutely was a new network and a completely new token. This is precisely how Steemit was successfully sued after the theft of tokens as a direct result of the hardfork war. It's interesting to analyze these perspectives and see how a WEB3 vs WEB2 basis in perspective can rightfully conclude the exact opposite outcomes. Neither side is wrong, they just have different priorities and ways to judge information.
During this great time of adversity the core devs had to put a baidaid patch onto the way HivePower works. The attack against our network would not have succeeded if exchanges had been unable to [illegally] power up client stake and vote against their customer's own interests. In the wake of the attack we decided to limit the ability for newly powered up coins to vote on governance. They must now wait around 30 days to acquire their true governance power if I recall correctly.
This is a nice feature to have and literally no one complains about it. Essentially it's just a win/win type of utility, much like account recovery. It adds zero attack vectors to security and only makes the network stronger. However, exchanges powering up stake of client funds still remains a systemic threat to this network to this day.
SEC lawsuit vs Coinbase
Ironically for us the Security Exchange Commission's legal action against Coinbase actually helps Hive in this way. The SEC is telling Coinbase that they aren't allowed to stake user funds in exchange for yield (mostly on Ethereum/EVM). This is good for Hive; we don't want exchanges to be allowed to stake customer funds to generate yield. This gives exchanges all of the voting power of their clients (just like Blackrock gets all the voting power of their clients when voting with stock).
At the same time I'm 1000% convinced that the SEC is going to get absolutely thrashed in court by Coinbase once the dust settles. The precedence of that case very well may lead to the green light for every exchange to stake customer funds in exchange for yield (the exact reason why FTX became so popular before it collapsed).
But wait... it gets worse!
As the title of this post implies a centralized exchange (or even just a curation bot on Hive) can easily offer a better deal than what the Hive blockchain is offering itself. The liquidity of an exchange can be trivially leveraged to allow clients to instantly powerdown.
Takes money to make money.
Imagine a big exchange like Binance has 50M Hive on it or more. They don't need to keep 100% of that stake liquid. They could probably power up 25M and still never go insolvent. Even if they did go insolvent they'd be unlocking almost 2M coins every week so it wouldn't be a big deal: they'd just lie like they always do and say the wallet is "undergoing maintenance".
Allowing users to proxy their HP and power it up makes it even easier for them to stay solvent. If they have 25M powered up and their clients have chosen to power up 25M they can't go insolvent and clients know they have to wait by design. However the exchange can also allow the client to simply powerdown instantly because they have the liquidity to allow it. This is especially true if the exchange itself owns a couple million tokens and they can just loan the client their own stack immediately while the powerdown is active. Again there are many ways to go about this that are totally legal and mathematically cannot result in insolvency for any amount of time.
This creates a massive imbalance of financial incentives
How many people on Hive would transfer their tokens out of self-custody and into an exchange simply because that exchange is offering the same amount of yield PLUS the ability to powerdown the tokens instantly on demand? I'm guessing a feature like this would be highly popular and work against the security of the network.
Depending on how that stake is structured on chain it would almost certainly start out as a curation bot in which all the money is lumped into a single account with milions of HP. The 30 day delay on governance rights would have absolutely no mitigation affect on the ability for exchanges to once again manipulate the top 20 block producers.
It's also possible that once this type of system had enough users and demand: the exchange could create individual proxy accounts for bigger customers. These proxy accounts would still technically be owned by the exchange but they would represent individual clients and allow them to cast their own votes by proxy via the exchange's frontend login. This would be more ideal and lumping everything into one account but also it would take a long time to actually get to this point.
Exchanges allow us to do these things privately.
While exchanges are often criticized for being not private and giving their information to law enforcement and the IRS... Exchanges (and just corporations in general) protect the privacy of their users and data by default from anyone without a legal obligation.
You and I have no idea how much money a famous account on Hive has on the exchanges. We have no idea when they are buying and when they are selling, and there is no way to check as the public API doesn't allow unrestricted database access. With proxy features like this we'd have no idea what they were voting for either. This flavor of privacy could be yet another reason why users on Hive would want to stake their money on an exchange where it can't be nitpicked and dissected by public on-chain analysis.
One week powerdown
It would also be possible for big (custodial) curation bots to allow their users to powerdown their stake in one week rather than 13. If I control a bot with access to 13M Hive Power I can get 1M of that Hive unlocked every week. If someone wants to powerdown all their stake in 1 week the only requirement would be that the total amount is less than 1M, which is pretty much everyone. The smaller the account the easier they are to accommodate.
Conclusion
This isn't a problem now but it easily could be in the future. Liquidity providers and curation bot operators have the ability to create incentives that pool stake into centralized accounts. These incentives include instant/short powerdowns and privacy via asset pooling/obfuscation. Is this something we actually need to be worried about? Unclear, but it's always good to be thinking about potential threats before they actually happen.