Hashgraph is not fair

Let’s imagine Alice wants to buy something, and Bob wants to buy just before Alice (to have it cheaper) then either with ddos or bandwidth he will gossip faster. He just need to be aware quickly enough that Alice want’s to make her transaction to steal it (= do it before). If attackers are 50% of the population for instance (attackers needs to be less, that is just to understand the idea) then Alice each time she gossips have 1/2 chance of alerting the attackers, and therefore the attackers will be able to steal her transaction. She has no way to prove that someone stole her transaction because attackers can just have the same idea of buying almost the same time (just a bit after) but thanks to bandwith they will be first.


Why is this such an issue ?

It allows attackers to manipulate stocks, if Alice want to buy something, attackers can place a sell order really high, buy everything before Alice and sell everything after. Therefore, they will lose a bit of money due to spread, but will get all Alice money. Moreover, you just have a tremendous power if you can steal everything, the same power that decentralization aim to avoid (that’s the power of centralized servers). This applies to stock (buying cheaper, make others buy higher, …), to games (this implies a lot of Nash Equilibrium, if you need to do an action first but not too early) for instance. This problem of fairness is caused by a bad repartition of powers inside the community. For blockchain miners have all the powers of deciding which transactions will be first and if you hold X% of the hashing speed you have X% of the decision power. But due to gossip to gossip protocol information are shared really quickly and being at the beginning of the gossip chain gives you all the power : 100% for first, 50/50 when two people know, 33/33/33 when three … Therefore, if everyone is aware of this failure and are exploiting it the system can’t work, everyone will just steal to everyone (if 20% of people are attackers, but not colluding, just attackers of their own) then every single transaction will be stolen, by different attackers of course, but will be stolen. And people will steal transaction to hope earn some money of a decentralized exchange using Hashgraph.

If the system allow people to encrypt their transactions, then if everything is encrypted everyone will need a tremendous bandwidth (therefore this consensus is far from being optimal as the whitepaper claim it when you don’t share hashes) and computation power (just to decrypt 255,000 tps its insane), and if not everyone encrypt then Bob seeing that Alice is encrypting will guess what she does (thanks to machine learning for instance) and then steal it again. Moreover, you can guess and be wrong, if someone is doing an encrypted transaction you can suspect a huge short for instance, and then short yourself and cancel it if you were wrong, you will lose a bit of money but that’s none comparing to the money you would earn from that short. Therefore, as customer of a service I prefer when its centralized because I can be sure it is fair and that nobody is manipulating the market (the company itself won’t do it for their own reputation).


Numbers, data and simulation :

% of attackers at bottom and % of “success” at left

Thanks to this python simulation : https://github.com/Modaf/Hashgraph-is-not-fair/blob/master/main.py

It only shows the % of people that have heard first of this transaction by attackers and not Alice, on a system of 5000 people with attackers gossiping 100x faster. Of course consensus is not determined only with that but buying 100x the gossip speed is really easy (even if its not only bandwidth or whatever you just need to emulate 100 people that are gossiping).

Please go to the telegram of hashgraph for a “sdk simulation”, some people will post it their.


Whitepaper of Hashgraph claim that : “There are attacks against this system that would be not be considered to be a failure of the consensus system, because they would be equally effective against a single-server solution. For example, the Byzantine proofs assume the attackers control the internet, and can delay arbitrary messages. If attackers actually had that power, they could simply disconnect Alice from the internet for as long as it takes for Bob to send a transaction and have it recorded. This could be done on the real internet by launching a denial of service attack, flooding every computer with packets from Bob in an attempt to prevent Alice from communicating. Of course, this would also be effective if Alice were communicating with a central server, so it could be considered more a failure of the internet than a failure of the consensus system.”

Bob in a single-server solution has no way to know that Alice made a transaction. He can disconnect her but not steal her transaction.


Whitepaper of Hashgraph claim that : “Similarly, Bob could gain an advantage over Alice by buying more bandwidth, so that his gossips reach more people, faster. If he has 8 times the bandwidth of Alice, so that he can send his transaction initially to 8 members in the time Alice sends to 1, then he can gain an advantage of the time of about 3 gossip syncs. This is not considered a failure. If his message actually reaches the world before hers, then he should have the credit for it. This is similar to the current stock markets, where companies spend large sums of money for slightly faster connections, in order to reachthecentralserverfaster. So the consensus algorithm would not be considered “unfair” in this case, because it is behaving the same as a central server.”

Same here, it is not fair. Bandwidth should only “lower your ping” and not let you steal transaction. In centralized servers bandwidth only lower your ping.


Swirlds has proven that hashgraph is fair, so … ?

If you can delay all the transaction you want, then you can manipulation the order of the transaction, but not as much as one would like to. If you are 60% of the miners of a blockchain then you decide of the order of transaction and its not “fair” as hashgraph is. But if you don’t like Alice, you can ddos her and delay her transaction. Therefore, it is fair in a sense that no one can fully manipulate the order of transactions as blockchain/centralized servers can do, but on the other hand one can easily manipulate just enough the order of transaction in the consensus to take advantage of it. Simulation shows that it is really easy to do, and therefore the system is unsafe and unfair.