Is Hashgraph Secure?

by Apr 18, 2019Hedera Hashgraph

How Hashgraph is different than blockchain in security

Summary: There are many vulnerabilities to public networks including majority controlled attacks, distributed denial-of-service (DDoS) strikes, botnet attacks, Sybil attacks, and malignant partition firewall coordinated assaults. A resilient public database must have a sufficient degree of decentralization, resistance to a colluding majority of miners or stakeholders, and a distributed form of governance in order to thwart a complete network hijacking.

In each of these scenarios, consensus in a distributed ledger technology (DLT) can be either halted or even corrupted by these calculated network assaults. There are different strengths and weaknesses in the designs of blockchains as well as direct acyclic graphs (DAG) in the cryptocurrency ecosystem. The cybersecurity architecture of each kind of DLT is of vital importance in the financial technology world, where cryptocurrencies could potentially store a large fraction of the world’s wealth.

To date, cryptocurrencies such as bitcoin and ethereum have sustained the security of their decentralized networks by blockchain design. However, this block-based network architecture comes with costs in regard to speed of throughput and scale limitations. In order to fulfill the long term goal of blockchain with a financial layer of trust in internet commerce, issues of speed, scale and security would have to be optimized to be ultimately successful. Also, the PoW mechanism favors supercomputers and large mining pools to consolidate, lowering the distributed nature of the network and lowering security.

New to the DLT space is the DAG design, best exemplified by the Hedera Hashgraph network. This distributed database may have the best all around assembly of network resilience, speed of throughput and ability to globally scale without compromising on any one variable. In other words, what makes Hashgraph secure beyond on all blockchain designs is the achievement of asynchronous Byzantine fault tolerance by consensus algorithm and Sybil attack resistance by governance structure. Hashgraph is fast, fair, secure and stable beyond all blockchain platforms.

Hashgraph is secure because of the features that are not present in any private or public database. The unique features of Hashgraph can finally offer a platform that will build the new ‘trust layer of the internet’. The network property of aBFT cannot be underestimated in a public network like Hashgraph, which is the highest level of security that a network could ever achieve. This is a bank-grade level of security never before seen at scale or in a public database architecture. This feature alone makes Hashgraph secure beyond any possible blockchain or competitive DAG.

Discussion: In order to understand the design of modern decentralized networks like blockchain, it is important to review the nature of public proof-of-work systems. In the original design of the anti-spam mechanism of email in the early internet days, the idea of proof-of-work (PoW) was introduced by Adam Back in the form of Hashcash. This was a cryptographic hash-based proof-of-work algorithm that required all emails to have a header to prove that they spent CPU resources on generating each email. This assumed that all good actors would not waste resources, only send well-intended emails and not spam networks with fake emails. Hashcash also served as a control against DDoS attacks since it imposed a cost to all computers with every email send request in a network assault.


Blockchain Security: With the advent of bitcoin and the blockchain revolution, the PoW security mechanism against spam and DDoS was reappropriated into a resilient public distributed network. However, as the blockchain cryptocurrency grew to a global level, the PoW mechanism began to show its less than ideal design in its wasteful energy use through CPU cryptographic puzzle solving at the miner level.

This design was successful at limiting DDoS attacks because of the cost associated with it, however, certain services such as bitcoin wallets still fell under these kinds of attacks. Inherent in the blockchain design was also a self-imposed limitation on network transactional speed in order to slow network latency and synchronize the network to 10 minute block intervals. Furthermore, the use of supercomputers and expensive high-speed processors at the miner level created an arms race of technology that left out the common user, favoring consolidated mining pools. This reduces the distribution of the network and lowers overall security.


In order to determine the security requirements of a public distributed network, a designer must consider all the possibilities of internet attack types. In blockchain, unfortunately, cryptography, PoW and the distributed randomized node network offer the security of the network. However, many additional forms of attacks can still occur and should be considered in their design. A 51% attack is the simplest to understand.

51% Attack: When a majority of miners coordinate a ledger change and publish a false block to the network, it would be rejected by many, however, since the simple majority of miners agreed already to accept it, the blockchain incorporates the block and moves forward unimpeded by the dissenting minority 49%. Bitcoin and others will always be at risk of this kind of a majority attack. Remaining decentralized is critical for bitcoin. However, as evident in the link provided above, the blockchain security is at jeopardy because of PoW design and the arms race of supercomputers by a concentrated, small amount of mining pools.  

Malicious Partition: Another form of attack is in a malicious partition of the network by internet providers separating a large majority of the bitcoin network from the remainder. In this conceivable assault, internet providers, for example in China, could easily issue a firewall of all bitcoin nodes from the majority. This would allow the natural progress of two separate blockchains to propagate several blocks forward until a point where transactions occur that easily allowed double spends between the two networks.

In order to prevent this, the bitcoin network would need to progressively confirm their global miner distribution to prevent even the possibility of this attack. However, in the absence of strong governance controls, this leaves miners to do as they please, assemble mining farms in concentrated places where electricity is cheap, etc.. Bitcoin without governance will remain vulnerable to this for the foreseeable future.  

Blockchain DDoS Attacks: Blockchain in the form of bitcoin using random block generators has a resilient stand against this attack. In order for a DDoS assault to occur, the IP address of the block creator would have to be known and assailed with multiple transactions in order to flood the channel and prevent useability. Because bitcoin allows random block makers and also uses PoW, this threat is thwarted by making the transactions costly to the attacker. This is the benefit of the exuberant cost of PoW mining though. Considering that China has recently banned bitcoin for excessive energy use, PoW systems do not seem like a long term and tenable solution to the DDoS threat on DLTs.


DPoS Security: In other blockchain designs, such as EOS, a leader-based system called Delegated Proof-of-Stake suffers from a major DDoS vulnerability. By allowing stakeholders of EOS tokens to vote for a round of block producers (BP), limits the network to a small number of only 21 total BP’s per round. In this design, a round-robin of block production occurs that allows a chosen leader to start and then each of the producers follows in sequence, from one IP address (1st BP) to a second IP address (2nd BP) and so on.

In a distributed denial-of-service attack, once any of the IP addresses are discovered by hacking a block producer, then a serial DDoS assault could follow and freeze all consensus and halt the network. At early debut this was thought to have frozen the EOS network. However, this has not been confirmed. The fact that this vulnerability exists is important to note as well as the fact that the network only will have 21 total confirming nodes processing transactions. This is one of the lowest in decentralization of nodes in all of blockchain and would only require collusion of 11 of the BP’s to corrupt consensus.

A clever work around is the PoS use of CPU, memory and bandwidth costs that each block producer must pay for in order to be a block producer. This imposes a cost, but does not fix the vulnerability of having only 21 BP’s in total.


Hashgraph Security: In light of the various network assaults possible, design from bottom-up without using previous designs of blockchain is what really makes Hashgraph secure. In the DAG architecture all nodes can receive and send transactions without the grouping of orders into blocks. Instead a parallel processing network allows instant confirmations with no need for 2nd or 3rd confirmations like in blockchain. With virtual voting, Hashgraph outperforms all blockchains with minimal bandwidth requirements while achieving best-in-class security.

Hashgraph Nodes: This parallel design with randomized node selection makes Hashgraph secure by not allowing easy prediction of node use to prevent DDoS attacks. What’s more is that the starting node architecture will begin with 39 Governing Council members which will make Hashgraph secure. Compared to EOS, Hashgraph represents a much more decentralized network. Yet, with the roadmap in the near future, what will make Hashgraph more secure than blockchain will be its ability to scale globally with any user, far exceeding the founding 39 members with thousands or more of active nodes.


Hashgraph Hardware Requirements: Since Hedera Hashgraph does not use PoW but PoS, the CPU and memory requirements can easily allow mobile phone users to use proxy staking in consensus and earn fees. This low barrier for network entry also makes Hedera Hashgraph better than blockchain, which has large memory storage capacity (bitcoin ~200GB vs HH ~1GB memory).

As far as processing power and Hashgraph hardware requirements go, HH has minimal CPU processing speed and RAM requirements due to its energy efficient proof-of-stake consensus method. This makes Hashgraph secure and green for the environment, something few other DLTs of equivalent security can boast.

Hashgraph PoS Security: The PoS model of security assumes that coins are a scarce and expensive resource that must be both staked to a node to participate in consensus and used for any transaction. This replaces the electrically costly PoW model and significantly reduces the hardware requirements for Hashgraph. However, PoS has a significant risk of a Sybil attack, in which if 1/3rd plus 1 nodes act maliciously they can halt consensus. Important to note, though, is that it would still take 2/3rds plus 1 nodes to corrupt consensus. This means that as long as the majority of the nodes are non-Byzantine or malicious, then the network will be very hard to corrupt or force a double spend.


Hashgraph Security- Sybil Attack: In the Sybil attack, what makes Hashgraph secure is the use of a first-in-class Governing Council and 2/3rds sequestered hbars in Treasury in the first five years of the platform roadmap. This Treasury will not be owned or sold for profit by the Council members, but will be used for all kinds of various community project development support, community testing and later conversion to network hbar distribution. By not allowing more than 1/3rd of all total hbars on market, a Sybil attack is rendered impossible for the first 5 years of platform deployment.

At the five year mark, hbar coin distribution should be much more spread in the community and the value of the hbar price higher. This would then make a future Sybil attack prohibitively expensive and unlikely.

Hashgraph Security-Network Partition: A malicious network partition is a conceivable use of a firewall to prevent consensus in Hashgraph by rogue nations or internet service providers. For example, in China where the entire internet is provided by, managed and filtered by the state, a network partition of the Hedera public DLT is easily possible. However, based on the ground-up design and security features of Hashgraph, this is easily thwarted by the staking model.

In the PoS model, no individual shard will allow a large coin holder to stake their coins in a disproportionate way without distributing it over other shards. This will prevent whales, or large coin holders, from dominating consensus and also forcing a greater decentralization of staking. Hashgraph is resilient to network partitions since it only needs a 2/3rds total majority of all stakeholders in a shard to come to consensus and uses randomized transaction features to not allow a leader-based vulnerabilities. Since thousands of nodes or more are possible with Hashgraph, the network partition attack would take a wide and costly form of collusion that is very impractical. Hence, Hashgraph is secure from network partition attacks, on a practical level.

BFT Security: There is no single feature of a public distributed ledger that is more important to understand than the property of asynchronous Byzantine Fault Tolerance (aBFT). This is a challenging idea to convey but is easy to understand in comparison with blockchain security and it’s less secure BFT design.

A network is considered Byzantine (meaning “bad actor”) fault tolerant (failure resistant) if it can handle a large number of malicious nodes attempting to stop of corrupt consensus. What makes a network secure is the ability to tolerate at least 1/3rd of the nodes from acting malicious in the security of DLT. Additionally, the network is also tolerant of delays or even dropouts of node messages in order to confirm consensus in its gossip protocol.

BFT is simply the least secure in the spectrum of this property and is all that most blockchains, such as bitcoin and ethereum are able to achieve. They use an assumption of a probability in finality of consensus, meaning that the blockchain never reaches 100% finality unless every single possible node agrees with the chain. With random nodes coming into the network and dropping out within the synchronized block times (ie/ bitcoin 10 min intervals), this is practically impossible.

What’s more is that the transaction finality, or irreversibility, only increases with the additional confirmation blocks after the first accepted block of transactions is chosen for the next round. For example, after 1 block is produced in the bitcoin network the likelihood of it being accurate is near 30%. After 2 confirmations it goes to about 60%. It will take at least 6 confirmation blocks, nearly 60 minutes to achieve over 90% certainty that the transaction is true and accepted by the network.

For expensive purchases with bitcoin near the $1 million dollar level, over 60 confirmations are recommended to confirm that no double spend has occurred in the lengthy 4-5 hour confirmation process. For maximum security, some advise waiting an entire 24-hour period, or about 144 confirmations to ensure less than 1% risk of a double spend. This is what BFT finality offers and it is very unlikely to achieve adoption in the financial world of international banks, institutions and investor platforms such as stock exchanges because of its probabilistic finality of transaction and uncertain risk of double spends within a reasonable period for commercial use.


Practical BFT Security: A minor improvement in the BFT design of blockchains is the additional property of practical Byzantine fault tolerance. Again this is an assumption of probability of transaction finality that never achieves perfection, or 100% certainty like aBFT. By design, pBFT uses other methods of consensus that involves a majority of network to determine the final ledger in a round of transactions, but still does not achieve 100% finality. .

For example, in the Stellar network a Federated Byzantine Agreement consensus chooses an ad hoc set of nodes (a quorum slice) and uses a demandive bandwidth approach with actual voting between members. Although transactions come to finality within a short time interval, the bandwidth use at global scale is entirely impractical for real-time voting algorithms. Network voting algorithms are a well known topic in academics and has been avoided for its inefficiency. Even with low transaction times and inefficient bandwidth use, the Stellar network still does not ensure that 100% finality has occurred in each round and is therefore below aBFT security. The voting algorithm also prevents transaction speed above 1-2 thousand TPS total.


Hashgraph aBFT Security: The breakthrough technology of the Hedera public DLT offers the greatest level of security in a network, aBFT. This makes Hashgraph security better than blockchain and all other forms of public distributed ledgers. In essence, the Hashgraph algorithm ensures within the Hashgraph data structure that all nodes agree with 100% certainty and finality within seconds that the state of the network is correct. This assumes that bad actors or Byzantine nodes have tried to halt consensus and if they are less than 1/3rd, they will be ignored.

Asynchronous BFT also ensures that the final state of the Hashgraph at any one moment is irreversible. This is termed deterministic in contrast to the probabilistic state that all blockchains rely on for security. Therefore, in an aBFT network finality will absolutely occur without error if bad nodes are 1/3rd or less, guaranteed. All other public DLT’s, including bitcoin, ethereum, EOS, Stellar and Ripple will never have this distinction but only a probability of not being reversed by all the various attacks previously described.

For example, if bitcoin suffers a partition attack and two separated blockchains grow in separate directions, then double spends can occur in both partitions until the malicious firewall is removed. At this point, one of the two chains will have to be decided on (based on the longest chain) and the losing blockchain will have to reverse all double spends on the network. This would be a catastrophic network failure and is completely avoided with Hahsgraph aBFT security.

A final note on aBFT that should also be understood. In every cryptocurrency, whitepaper claims are made and networks are built. At no point have any whitepaper claims been confirmed formally to prove their security model. The current blockchain networks are simply in a trial and error-market phase of experimentation. They will only prove their security until it fails. This is a precarious method by which to build the new internet financial layer, which could potentially hold all the world’s wealth.

Hashgraph security has been formally proven to be aBFT, a fact that no prior private or public network has ever achieved. In fact, it was felt impossible by the majority of cyber security experts before Hashgraph both claimed and proved the consensus mechanism. The aBFT property is what distinctly makes Hashgraph secure above and beyond all other DLTs and blockchains. This claim vas formally validated by an academic third party mathematical software program called a COQ proof. This validated the Hashgraph algorithm as aBFT unlike any other DLT to date.


Conclusion: What lends Hashgraph secure with 100% certainty is the formally-proven property of aBFT consensus. No double spends could ever occur as long as a third or less nodes act maliciously. The other features of Hashgraph security are the resistant mechanisms by algorithm and governance to botnet and DDoS attacks, Sybil attacks, network partitions and many more.

The Hedera Hashgraph public DLT is replete with features of security compared to blockchain and is a worthy network for all the world’s wealth. Understanding how Hashgraph is more secure than blockchain will certainly help any hbar investor in the challenging sector of cryptocurrency find the cryptocurrency that institutional investors, international banks and entire nations would be safe to put their national treasuries.

Ħello Future.