Free report
Get the report by email.
The report covers DNS, CDN, TLS, hosting, and email security concentration across 1,043 DEX protocols. It includes HHI values, DNSSEC and DMARC gap analysis, and the six key findings in full.
Internet Infrastructure Intelligence
Infra Verdict
Crypto DEX infrastructure is still concentrated around a narrow set of shared DNS, CDN, and delivery providers.
Key Issue
The sector still reads as shared infrastructure first and independent stacks second.
The infrastructure beneath digital platforms, measured.
DatumLine measures the infrastructure beneath digital platforms, then turns the result into a public benchmark. The first benchmark shows the DEX sector concentrated around a small cluster of shared DNS, CDN, and delivery providers — with measurable gaps in DNSSEC, SPF, and DMARC coverage.
Key finding
46% of DEX interfaces serve traffic via a single CDN provider
First benchmark
1,043 DEX protocols · 4,237 assets
Method
Passive observation · repeatable scans
DL-2026-DEX-INFRA-001 · First benchmark
Crypto DEX infrastructure is concentrated enough to shape resilience.
The point is not just that vendors repeat. The point is that the same edge, DNS, and frontend paths recur across the sector, so infrastructure choice becomes sector exposure. DatumLine measures that shared stack as a benchmark, not as isolated domain trivia.
DNSSEC adoption
8.9%
Only 96 of 1,043 projects deploy DNSSEC, which means DNS integrity is still optional rather than baseline.
CDN concentration HHI
0.269
Cloudflare and Vercel dominate the edge path, leaving little spare vendor diversity if delivery conditions change.
DNS concentration HHI
0.330
Cloudflare resolves most roots, so the control plane is still the sharpest single point of concentration in the sector.
Frontend stack HHI
0.443
The presentation layer is more concentrated than the edge, which means product surfaces ride the same narrow tooling stack.
n = 1,043 protocols · 4,237 assets · Three-source merge: DefiLlama + CoinGecko + CMC · TVL ≥ $1M filter · Root-domain deduplicated · Passive observation only · Scan date: 2026-04-17
Public benchmark trust
Methodology, benchmark definition, last updated, confidence.
Homepage, report, and compare pages draw from the same archive fact set, so readers do not have to reconcile conflicting benchmark claims.
Methodology
Signals are collected through repeatable passive observation. Concentration scores use HHI, with the DOJ oligopoly threshold at 0.25 for context. Scope is root-domain deduplicated and measured across the same benchmark universe on each run.
Benchmark definition
Crypto DEX is the first benchmark for internet infrastructure beneath digital platforms: 1,043 protocols · 4,237 assets.
Last updated
2026-04-17
Confidence
Aggregated sector metrics are strongest where the signals are directly observable. Confidence is lower where provider attribution is inferred from response headers or frontend fingerprints.
Scope counts High
The published archive benchmark fixes the 1,043-protocol and 4,237-asset universe.
Method High
Passive observation and repeatable scan logic keep measurement auditable.
Signal churn Medium
Single-domain attributes can move between scans even when the sector aggregate is stable.
DL-2026-DEX-INFRA-001 · Sector gaps
Security gaps stay widest where infrastructure is most shared.
The weak spots are not random. Mail and DNS integrity fail at the same layers that concentrate traffic, which turns hygiene gaps into sector-level exposure rather than isolated exceptions.
Email security · SPF
57.4%
of projects have no SPF record, so spoofing remains a live delivery-layer problem instead of a solved baseline.
Email security · DMARC
71.7%
of projects have no DMARC policy, which leaves mailbox reputation and phishing resistance weak across the sample.
DNSSEC
91.1%
of projects have no cryptographic DNS validation, keeping hijack resistance far below what the sector claims rhetorically.
Domain lifecycle
3.7%
of projects have domains expiring within 30 days, which makes a few public interfaces one renewal cycle away from breakage.
Gaps measured as proportion of 1,043 root domains · Scan date: 2026-04-17 · Signal definitions follow V3.1 scoring methodology
DL-2026-001 · Sector benchmark
Crypto DEX Infrastructure Benchmark
Concentration, operational security, decentralized access, and provider dependence across 1,043 DEX interfaces. The report exists to turn those measurements into a citation-ready finding set, not just a table of numbers.
How it works
Passive. Repeatable. Evidence-backed.
DatumLine measures infrastructure the same way it can be verified: from the outside, without credentials, and with enough trace detail to compare one scan with the next.
01 · Observation
Passive measurement only
No credentials, no contract interaction, no privileged access. DNS resolution, TLS handshake, HTTP headers, certificate transparency, and frontend fingerprinting become structured observations that can be repeated.
02 · Reconciliation
Multi-source universe construction
Each benchmark starts with a universe built from multiple public data sources, then cross-referenced, filtered, and deduplicated so the sample is defensible before the conclusion is drawn.
03 · Attribution
Every result carries a trace
Provider attribution includes what was measured, when, and why the classification was made, so a reader can follow the evidence chain rather than trust a black box.
What we measure
DNS · CDN · TLS · Hosting · Registrar · Frontend stack · Analytics signals · Email security (SPF / DMARC) · DNSSEC · Decentralized delivery paths
Sectors covered
Crypto DEX — 1,043 protocols, 4,237 assets, Q1–Q2 2026
Output formats
Sector benchmark report (PDF) · Structured dataset (CSV) · Explorer pages · Longitudinal change alerts · API access (roadmap)
Paid dataset
Request dataset access.
Email the research team directly and include the report ID to request the DEX benchmark dataset.
Email researchSubject: DL-2026-001 dataset request