Hedera Hashgraph is a new public hashgraph network predicated on an asynchronous Byzantine Fault-Tolerant Algorithm proposed for replicated state machines with guaranteed Byzantine fault-tolerance. The platform itself is governed by Swirlds and a Governing Council of approximately 39 industry leaders.
The platform’s governance model and reception so far have been somewhat polarizing in the cryptocurrency realm, which is not surprising. Platform governance and politics aside, Hedera’s Hashgraph consensus mechanism and platform design offer some exciting developments.
The Hedera Hashgraph platform is based on a form of Byzantine-Fault Tolerant (BFT) consensus, known as asynchronous Byzantine-Fault Tolerance (aBFT), which was elaborated on in an academic publication by Leemon Baird back in 2016. The platform aims at providing an improved model of Distributed Ledger Technology (DLT) by providing solutions facing many established cryptocurrency platforms today.
Overseen by the Hedera Hashgraph Council, the platform aspires to achieve mass adoption through regulatory compliance and providing an architecture connecting users in a high-throughput and secure system for reaching distributed consensus.
Under the Hood
Similar to blockchains, but with distinct differences, hashgraphs are a “gossip about gossip” protocol where Byzantine agreement is accomplished through virtual voting. In both a blockchain and a hashgraph, consensus is produced when a distributed community come together in agreement on the order of transactions in the network where nobody is trusted.
This is where the term “trustless” comes from when commonly referring to Bitcoin because you do not need to trust anyone using the network, only that the system is not compromised. The critical difference that arises between a blockchain and hashgraph is that a hashgraph can achieve both Byzantine agreement and fairness on the consensus.
Asynchronous Byzantine Fault Tolerance
The primary feature of Hedera Hashgraph, asynchronous Byzantine Fault Tolerance is a form of Byzantine Fault Tolerance. Basically, in a distributed system, Byzantine Fault Tolerance refers to the ability of the system to retain honest consensus in the network despite malicious nodes failing or propagating false messages.
It has some interesting caveats, and substantial research has been performed on the concept, especially when applied to distributed networks such as cryptocurrencies.
The Hashgraph consensus mechanism is unique. According to the Swirlds Hashgraph paper by Leemon Baird:
“No deterministic Byzantine system can be completely asynchronous, with unbounded message delays, and still guarantee consensus, by the FLP theorem . But it is possible for a nondeterministic system to achieve consensus with probability one. The hashgraph consensus algorithm is completely asynchronous, is nondeterministic, and achieves Byzantine agreement with probability one.”
The assumption that a system is asynchronous Byzantine Fault Tolerant means that it can achieve consensus even if malicious actors control the network and can alter messages. The Hedera Hashgraph consensus mechanism does not use a leader format as with the round-robin system of practical Byzantine Fault Tolerance, which allows it to be resistant to DDoS attacks aimed at leader nodes or small subsets of nodes.
Proof-of-Work is used in blockchains to mitigate against these types of attacks (i.e., Bitcoin), but according to Hedera:
“However, such systems cannot be Byzantine, because a member never knows for sure when consensus has been achieved; they only have a probability of confidence that continues to rise over time. If two blocks are mined simultaneously, then the chain will fork until the community can agree on which branch to extend. If the blocks are added slowly, then the community can always add to the longer branch, and eventually the other branch will stop growing, and can be pruned and discarded because it is “stale”.”
The result is the inefficiency of the system, not only because Proof-of-Work is required but because many blocks that work is performed on are ultimately discarded. Hashgraph consensus is effectively a blockchain without pruning, where every miner can mine a block at as fast a pace as they can without using Proof-of-Work.
Interestingly, as a virtual voting system, Hashgraph does not send any voting messages across the network at all. It is important to note that Hedera’s consensus mechanism still follows the basic practical Byzantine Fault Tolerance assumption that no more than ⅓ of the nodes in the network are malicious at any given attack instance.
Hedera breaks down the core concepts of the consensus mechanism into the following:
- Gossip about Gossip
- Virtual Voting
- Famous Witnesses
- Strongly Seeing
Transactions – Any member can create a signed transaction at any time, and all members receive a copy of it and reach consensus on the order of transactions.
Fairness – It should be difficult for a small group of attackers to influence the order of transactions.
Gossip – Each member node randomly selects another node and tells them everything they know.
Hashgraph – A unique data structure for taking into account who gossiped with whom and records the order that it occurred.
Gossip about Gossip – One of the critical features of the mechanism, this is the hashgraph spreading throughout the gossip protocol. Since the hashgraph contains the history of the gossip from each node and the order, this process is empirically just gossip about gossip that already happened. A significant result is that very little bandwidth overhead is consumed in the process.
Virtual Voting – Where every member node can reach agreement on any decision without any vote ever being sent because every node has a copy of the hashgraph. Therefore, each member knows exactly what another member would have voted without actually having to go through a voting process.
Famous Witnesses – This is where the community selects a few vertices in the hashgraph known as “famous witnesses” where each is a witness (i.e., transaction) that is received by a majority of the nodes comparatively early in the gossip process. By doing so, they can come to consensus much more efficiently on the order of events in the hashgraph.
Strongly Seeing – The proof of Byzantine agreement with probability one, this is where two nodes can independently calculate the same virtual vote of a third node because they come to the same conclusion on the connection between two vertices within the hashgraph.
Image Credit – The Swirlds Hashgraph Consensus Algorithm Paper
The gossip protocol is key to the hashgraph, and its purpose is to spread information exponentially fast throughout the network of nodes so that each node is aware of the same information. As mentioned earlier, the hashgraph is a data structure that is comprised of the history of the communication between the nodes.
Gossip protocols are widely used in networks, and when particularly applied to gossip about gossip, they give nodes a substantial amount of information where they can converge on a consensus of the history of transactions quickly. A primary benefit of the model is the small amount of communication overhead needed for the process, an efficiency that is very useful for scalable and distributed networks.
Although the gossip protocol does provide information for each node, it is just the framework for the eventual consensus that is needed by the nodes on that specific information. A fundamental limitation of practical Byzantine Fault Tolerance is its communication overhead, which is why in its pure form it does not scale well and only efficiently works in small groups of nodes. With hashgraphs, the communication overhead for voting on consensus is inherently absent, due to each node containing a hashgraph of all previous communications.
Thus, deterministic functions of a hashgraph will allow two independent nodes to come to the same conclusion on the order of the transactions (consensus) without actually having to cast votes through messaging. This is the virtual voting of the mechanism. The protocol itself is defined as asynchronous because it does not make any assumptions about the speed of gossip or the consensus.
The concept of strongly seeing one state from another is used to mitigate malicious attacks on honest nodes and also doubles as a method for an agreement protocol to achieve Byzantine fault tolerance through virtual voting. The virtual voting rounds run locally at each node until sufficient consensus is reached on the famous witness for that round. The famous witness is determined in each round, and once it has been determined for each round, a consensus timestamp and agreement on the earlier events within the hashgraph ensue.
A shared state is maintained by every node in the network that digitally signs a hash of the consensus order of transactions that it subsequently gossips to the network. The state is organized as a Merkle tree, so it is verifiably authentic to third parties while remaining an efficiently small file.
Proof of Byzantine Fault Tolerance & Fairness
Just as in practical Byzantine Fault Tolerance (pBFT), Hashgraph consensus assumes that no more than ⅓ of the nodes are malicious along with the fact that digital signatures are secure. As an asynchronous system, it is also assumed that if the system is fault tolerant, then honest nodes sending gossip back and forth will eventually receive each others’ messages, even if there is an impediment such as a coordinated attack in the network.
A prominent issue that Hashgraphs addresses where many BFT systems fail are in fairness. This refers directly to their consensus of the order of transactions in the network. The problem that arises is deciding on a measure to determine whether or not a transaction propagated to the network was before another and its position considered “fair.”
Hashgraph consensus achieves this fairness by awarding it to the winner of 2 competing transactions that propagated at the same time. The winner, which is favored by the network and subsequently favored in the consensus is the node transaction that reached the majority of nodes first, particularly the set of “famous witnesses” set by actively participating nodes. The use of famous witnesses acts as the juror for deciding on the order of competing transactions in the network.
The Hedera Hashgraph governance system contains two tiers:
- The Governing Board
- Open Consensus
The governing board is where the primary criticisms stem from against Hashgraph, as it is a centralized control system over the protocol and the network, both of which are explicitly mentioned in their whitepaper.
Outside of that, the open consensus is the earlier mentioned consensus mechanism where nodes are allowed to join in the network to help create better decentralization. Hedera employs a Proof-of-Stake weighted voting model for the nodes in the system designed to mitigate collusion and incentivize users for running nodes.
The Hedera Hashgraph platform consists of a 3-layered structure as follows:
- Internet Layer (Bottom) – Computers on the Internet communicating by TCP/IP connections with TLS encryption.
- Hashgraph Consensus Layer (Middle) – The nodes throughout the network that participate in the gossip protocol and the hashgraph consensus algorithm. All nodes maintain an identical consensus state.
- Services Layer (Top) – This layer consists of its own 3 subgroups.
- File Storage
- Smart Contracts
The cryptocurrency is the native currency of the platform which can be earned by users for running nodes on the network. The file storage system is a distributed storage network based on Merkle trees but also allows for Java classes for developer manipulation. Hedera is also compatible with Solidity, allowing smart contracts to be written on top of the platform, enabling the building of scalable dapps.
Hedera’s network will initially be made up of a small number of nodes grouped into a single shard. However, they plan to transition the network into a scalable system of multiple shards executing in parallel to allow the network to scale even further.
Hedera Hashgraph makes some pretty bold claims about its platform. Specifically, it mentions how theoretically fast it can be, where only the available bandwidth inhibits its capacity. The system apparently can handle as many transactions per second (TPS) as a member’s bandwidth allows, which according to them, includes up to hundreds of thousands of TPS in a single shard. As they put it in their whitepaper:
“Even a fast home internet connection could be fast enough to handle all of the transactions of the entire VISA card network, worldwide.”
The innovative consensus mechanism, scalability, and finality of the Hedera Hashgraph system show meaningful promise in the next generation of blockchain platforms. However, a centralized governance model based on a Council of Governing members selected from the top industries in the world will not sit well with many people.
Opinions on the direction of the platform or its future aside, Hedera Hashgraph represents another critical step in scalability technology and large-scale consensus mechanisms applied to distributed ledger technology and cryptocurrency platforms.