Understanding Hedera's Governance & Security
Hedera is a directed acrylic graph (DAG)-based distributed ledger technology (DLT) network that aims to offer faster, more efficient transactions compared to traditional blockchain-based DLT systems. At the heart of its success lies the platform's unique governance model, ensuring the network remains secure, robust, and reliable.
In this blog post, we'll take a closer look at how Hedera's governance model works and how it contributes to the platform's overall security and integrity.
Hedera's Governance Model
Governance is an essential aspect of any decentralised network. It helps protect the interests of its users and provides a framework for decision-making. Hedera’s model is inspired by VISA’s original model from 1968 and is governed through a limited liability company (LLC) operating agreement.
This agreement outlines the legal responsibilities and obligations of a Governing Council, which currently consists of 28 members, with plans to have a total of 39 members in the future. Each of these members plays a crucial role in ensuring the integrity of the Hedera network and protecting its users from the risk of forks.
Who Are the Governing Council Members?
The current Governing Council consists of highly-respected organisations, including, Google, Boeing, Dell, IBM, University College London and IIT Madra, the latter two also members of the DSF University Network. Each member comes from different industries and geographies, and it’s, by sector, one of the most diverse networks in the DLT space.
To ensure diverse and objective governance, new members of the Governing Council are selected based on predetermined criteria approved by the majority of the existing members.
Apart from Swirlds, the company that formed Hedera in September 2017, all other council members have a limited term of 3 years - with up to two consecutive terms. This term limit ensures that power is distributed fairly among individuals with varying perspectives and expertise.
Additionally, former members are allowed to rejoin after a 3-year waiting period, which allows for the possibility of bringing back experienced members who may have valuable insights to contribute.
Responsibilities of Council Members
Council members have two primary responsibilities:
- To participate in the governance of the Hedera network: All members contribute their expertise in decision-making related to software updates, Hedera Treasury management, network pricing, and regulatory compliance among other prominent governance matters. By having a diverse group of council members with varied expertise and different perspectives, the decisions made aim to be more robust and comprehensive, reducing the chances of compromising the security and integrity of the network.
- To host and maintain a node on the Hedera network: Each council member is required to host and maintain one of the initial network nodes, either by using their infrastructure or by hosting it in a public cloud. This ensures that the network remains decentralised, as no single entity can control the majority of nodes. At the same time, Hedera incentivises node runners to follow best practices for maintaining the node's security and performance.
In addition to participating in governance and hosting nodes, Council members will actively participate in the Technical Steering and Product Committee, Coin Committee, Finance Committee, Legal and Regulatory Committee, and other committees responsible for overseeing Hedera operations.
Collectively, they ensure that various aspects of the network's operations are being monitored and that any issues are addressed promptly.
Role of Hedera's Consensus Mechanism
For its consensus mechanism, Hedera employs asynchronous Byzantine-Fault Tolerance (aBFT), which helps in achieving a reliable consensus in the network, even when certain nodes fail or spread false messages.
The aBFT consensus mechanism aims to ensures that no single council member or a group of members can prevent the community from reaching a consensus, nor can they change the consensus once it has been reached.
Every member eventually reaches a point where they know for sure that they have reached a consensus. It is because aBFT is based on the assumption that more than 2/3 of the members follow the protocol correctly, and that if messages are repeatedly sent from one node to another, eventually one will get through, and then another will, and so on. This process is more secure and reliable than blockchain-based networks as all nodes are involved in the decision-making process and have a say in the final outcome.
Additionally, the network is ACID (Atomicity, Consistency, Isolation, Durability) compliant, ensuring that the transactions are consistent and isolated, making it a distributed database with the same properties as a standard database.
Moreover, the aBFT mechanism of Hedera ensures fairness because nodes do not have special rights or responsibilities in establishing consensus. Instead, the consensus is reached democratically through the virtual voting process that achieves the same fair and secure properties as direct voting - but is also fast and practical.
The virtual voting algorithm determines the linear ordering of events and transactions recorded inside them. This approach saves bandwidth and ensures that members always calculate their votes according to the rules, even if some nodes are dishonest.
Furthermore, Hedera is also fair in terms of access. It uses the Gossip protocol, where each member communicates with a random member and shares information. The history of communication is recorded in a hashgraph, ensuring all members have a consistent view of transactions, as well as, no individual can stop or delay a transaction from entering the system.
Governing Documents: Upholding the Legitimacy of Governance
Furthermore, Hedera also adheres to its governing documents, which are a set of legal agreements and protocols that outline the platform's governance structure, policies, and procedures.
These documents include the Hedera LLC Operating Agreement, and the Hedera Governing Council Charter. These documents are designed to ensure the platform remains transparent and secure.
Three-Phased Plan towards Decentralisation
Since governance decisions are made by a selective group consisting of 28 governing council members, Hedera's governing model is currently permissioned, with a plan to transition to permissionless or open consensus.
With each phase, the network aims to become more open and transparent, allowing for greater participation and decision-making power for all network participants. It will become much more difficult for any single entity to take control of the network or to manipulate its transactions.
By the end of the third phase, Hedera aims to achieve full decentralisation.
Phase I: The Permissioned Council Member Nodes
The governance model in the first phase is permissioned, with the council responsible for establishing membership policies, managing the treasury of coins, approving changes to the platform’s code, and for the infrastructure and operation of consensus nodes.
Though the mainnet and primary network services of Hedera are currently available for devs and end users to deploy dApps or create accounts, the consensus nodes are permissioned and operated by the 28 governing council members.
Phase II: Invite-Only, Multiple Permissioned Consensus Nodes
Hedera will move to the next phase as Hedera's security, stability, and incentives become sufficient, which will be determined by the governing council.
In this phase, peripheral parties and companies will be invited to join the mainnet as permissioned consensus node operators in exchange for Hbar.
This will allow Hedera to expand its network while maintaining a high level of security and stability, as well as incentivising node operators to participate in the network.
It will also help in gradually achieving decentralisation of the network, as more parties will be able to participate in consensus and governance decisions.
Phase III: Evolving Governance – The Plan to Go Permissionless
The third and final phase is for an open/permissionless model, which essentially means that nodes can freely join the network and participate in the consensus on the order of transactions in the Hedera network by staking Hbars.
It is designed to prevent consolidation of power and collusion by validators, increasing the decentralisation and resilience of the network as more nodes are encouraged to join in.
The third phase will begin when the governing council has reached all 39 members and when the network has hundreds of permissioned, consensus nodes live on the Hedera mainnet.
As or when Hedera becomes permissionless, any person or organisation will be able to host a Hedera mainnet consensus node on the network.
Ending Note
Hedera's governance model is a testament to the power of carefully-selected individuals working together towards a common goal. The 28 council members have been elected based on their expertise and experience, and their efforts have resulted in a network that is efficient, secure, and scalable.
Although the current phase of Hedera's governance model is permissioned, the team is committed to keeping it open to the general public fairly and transparently. It will be done through a three-phased approach, allowing anyone to join and contribute to the network in the future.
The current council, made up of trusted and established players, adds to the reliability of early nodes. The careful planning for decentralised governance in phases further ensures Hedera's security and integrity. As the network continues to evolve towards total decentralised governance, Hedera remains committed to creating a secure, reliable, and decentralised platform.