Hedera’s Path to Decentralization with Co-Founder & Chief Scientist Dr. Leemon Baird
This is the first of a series of webinars on various aspects of the technology of Hedera and of the ledger and how it works and what we’re doing. And hopefully these will be somewhat helpful, somewhat interesting. We’re going to be talking about decentralization. If it’s going to be a “decentralized public ledger technology”, then it has to be decentralized. Let’s talk about what decentralization is, and how we’re doing it and all those things.
I’m Leemon Baird, Co-Founder and Chief Scientist at Hedera Hashgraph. Let’s talk about decentralization. The whole company’s goal, in fact, is to be the most decentralized public network at scale in the market.
What’s the path that we’ve followed, so far? Well, we started way back in 2012 with the idea. We’ve been building it for years. You know about that. But recently we’ve been doing more interesting things. As it got built up, we had our first testing program. Our first testing program was in January 2019, and we had thousands of people who were able to use the system and test it out. And then we have today and soon we will be doing the next test phase with a lot more thousands of people.
And then we will have open access (OA) coming this US summer. Now, OA is when we open up the network to the whole world. Anybody can create an account, anybody can transfer the cryptocurrency and use smart contracts and files and all those things. But before that, we’ll have our second community testing program, and that’s where we are headed. And then of course, we’ll eventually have mirror nodes and even opening up the network where anonymous people can run nodes on the network.
We have requirements for decentralization. To be fully decentralized, to go from a little bit decentralized to a lot decentralized, what you need to do on this path is to have decentralized governance, network utility, permissionless nodes, and currency distribution. That’s really what you need to be decentralized.
Decentralized governance:You have to have not just a handful of developers that run the whole thing.
Network utility:It’s a not a very useful decentralized ledger if it’s not a useful ledger. It has to be useful in its own right. Usefulness actually helps you become decentralized. Well, why would that be true? We’ll get to that.
Permissionless nodes: We want to be fully decentralized. You can be slightly decentralized before that but, to be fully decentralized, we’re going to have millions of nodes around the world. Even anonymous people can just start up a node, any anonymous person can run a node on the network and be part of the network, and be part of the consensus.
Currency distribution: Why currency distribution? For proof of stake; the currency is the stake. And to be safe in a proof of stake system, you have to have distributed stake. It controls who’s really performing the consensus.
If you want to go to be totally decentralized, you need to hit all four of these things completely. You need to fully be doing these four things.
DLTs in general are public or private; they’re permissioned or permissionless. And there can be combinations of the two. Public and private is about who can use it. Permission and permissionless is who is running it, who is making up the ledger itself, who is the network.
Public ledger: Anyone can use it.
Private ledger: Only certain people can use it.
Permissioned:You need permission to run a node on the network, to contribute to consensus.
Permissionless: Anyone can run nodes on the network to contribute, to consensus.
Hedera is starting off on this path where it’s sort of in the upper left cornerl, moving to the upper right corner. We’re public. We start off with just a handful of nodes, and you have to have permission to run a node. And then over time, we get more and more of those; we relax how much permission you need, and then it goes to permissionless. In permissionless, any random person can run a node without talking to us, without telling us who they are. This is the path that we are on to go from being a public permissioned to a public permissionless ledger. Hedera was created from the ground up to do exactly that. We’ve been wanting to create a path that would be secure at every point along this path.
How can you do that? Well, as we said, to be fully decentralized, you do need anonymous nodes / would want to be permissionless. But you also need a wide distribution of coins, because the coins are the stake and the stake is how you control consensus. The more stake you have, the more weight on the consensus you have. And so if you want distributed consensus, you need distributed stake, which means you need distributed coins. Hbars, the native Hedera cryptocurrency itself, needs to be widely distributed and not have any huge concentrations. If an attacker gets a third, it’s bad. To be distributed and fully decentralized, you need fully decentralized coins spreading out, and you need to be permissionless.
Now, being decentralized isn’t any good unless you’re secure. You have to be secure. So how can you be secure? There are many ways to be secure, and the whole goal is we have this path which we’re following. We want this path to be secure at every single point; at different points on the path, we can use different mechanisms to be secure. It doesn’t have to be the same kind of security at every point. The way Hedera works under the hood, under the math of it all, is that we’re secure. If you do any one of these three things, just one of them, it’s enough to make you secure.
The bottom line is that we have to stop an attacker from getting one third of the coins. If an attacker holds a third of the coins, and still wants to attack, that’s a problem. You’ve got to stop them from getting the one third, and maybe even make it where if they ever get one third, they wouldn’t want to attack. But you’ve got to stop someone from getting a third of the coins and attack you. One way to go about doing this, is we just hold all the coins. If we never release one third of the coins, they could never get one third of the coins.
As of today, almost all the coins are sitting in our treasury. We have that secured. But then you move to where you do give away all your coins, but you’re still not permissionless: Maybe you don’t have anonymous nodes. Maybe you have hundreds or even thousands of nodes that you have investigated, and you know that they’re good people, and you let them be “permissioned nodes”. But you don’t yet do the permissionless, and you’re still secure. It doesn’t matter how the coins are concentrated; there’s easy ways to make it where each of the people that we know only has an even weight, because there’s a cap on how much you can stake on a given node, and no problem.
But eventually we want to be both giving away all the coins, and have permissionless nodes, and at that point, security relies on the coins being widely distributed and being too expensive for one person to buy up a third of all of the coins. In other words, you need the circulating coin cap to be high enough (the total value of all the coins that are circulating to be high enough) that it would just be too expensive to buy a third of them. Not a third of the circulating, but a third of all the coins in existence. The coin cap is what matters; the price per coin doesn’t matter. What matters is how much would it cost to buy a third of every coin in existence. There are 50 billion coins in existence and it never changes.
Early on during this first year, we launched last August 24th. Since August 24th, coins have been earned by people who are in our testing program. But mostly, the coins are all sitting in treasury. Even the coins that people bought haven’t been given away yet. They’re still sitting in treasury and they’re waiting to be released over time; not all at once, but over time, they’ll dribble out. The coins that we have given to the testing program participants have had zero price. The coins that we gave to the employees, the coins that were bought early on, all have a price of zero (or very close to zero) for each of the coins. But the last round of the coins weren’t zero or close to zero, they were actually 9.6 or 12 cents USD; and so the last round of coins actually cost something.
I bring that up to say when we initially start, we’re secure because all the coins are in treasury. After we have given away the coins, we’ll still secure because we haven’t allowed anonymous nodes. But after we’ve given away all the coins and we’re allowing anonymous nodes, we will still be secure if the coins are widely distributed, and we have this high circulating coin cap. Now, I don’t know what the coin cap is going to be 3 years, 5 years, 10 years, 15 years from now.
But even if they were only 12 cents USD, 15 years from now (we’ve given away every single coin) that would be $6 billion for all of the coins. And if it’s $6 billion USD for all the coins, then it would be $2 billion USD for a third of the coins. The $2 billion dollars USD is what an attacker would have to pay to buy all the coins, except as they’re slowly trying to grab all the coins, people notice that and that makes the price go up even higher. They have to pay even more than $2 billion.
It’s kinda hard to corner the market on such a thing. If you wanted to buy a third of all the US dollars in the world or a third of all the euro’s in the world, that’d be really hard. If you wanted to buy a third of all the coins, that would be a very hard thing to do. And so 10, 15 years, whenever, when all these other things have happened, if the market cap is really high, and even if it’s only $6 billion, it would be incredibly hard to get a third of the coins.
And even if it’s only $6 billion at that point, if it costs an attacker $2 billion to buy a third of the coins (even if the price doesn’t go up as they’re collecting), if they tried to attack the network for various technical reasons, everybody will know it very fast. They can pull off some kind of a scam of double spend or something, but they’ve got to do it really fast — in maybe a day or less, maybe even hours. And not only do that to do it really fast, it would then destroy all interest in the network, and the coin value would be zero and the billions of dollars they spent would go to nothing; they get no value for it. They would have to have a really good scam and that scam would have to make them many billions of dollars, in just a few hours, to justify such an attack. If you tried to buy a third of anything in the world, it becomes incredibly hard. That is where the security comes from, in the longterm. As we go on the path, we have security at each point.
Now, I’ve mentioned several times, we’re proof of stake. Proof of work and proof of stake are different. Proof of work is you have basically a supercomputer or mining rig that’s doing all the calculations to slow down the network on purpose, and it uses lots of electricity. Bitcoin uses more electricity than all of Ireland, and it slows people down on purpose. You could never have a sybil attack where one person pretends to be a million people and gets a million tons as much influence. No. The influence is by how much computing power you have and how much electricity you’re willing to buy. That’s your influence. Proof of stake? Your influence is how much stake you have. The stake is the influence. And for us, the stake is the cryptocurrency (the hbars); the amount of influence is how many hbars you have. The scarce resource is the coins, much more energy efficient, much faster to reach consensus, because you’re not slowing yourself down on purpose.
There’s no mining pools needed. In proof of work systems, typically the rewards come infrequently. But with proof of stake, you’re paid every day to be a node; you’re paid every day to “proxy stake”. That’s the difference between proof of work and proof of stake, and so that’s why everything comes down to the stake.
What I said is that we need decentralized governance. We need a useful network. We need to have those permissionless nodes as anonymous nodes. We need to be able to have our currency widely distributed and stay widely distributed. We have to believe that it’s widely distributed, and believe that it’s staying widely distributed before we’ll let them be anonymous nodes. And if you do that, then you’re fully decentralized and you’re also safe.
Let’s go through the first one. Decentralized governance. This is maybe the most important part about being decentralized and it’s one that people don’t talk about a lot. I don’t know what good a gigantic decentralized network is, if a single government can be in charge of the half a dozen humans that are running the pools, that run all the nodes or the hashing power, that can control it. You don’t want that. You don’t want centralization of the governance under a handful of people, or under a single government. You don’t want them geographically centralized. You don’t want just whoever founded it, and maybe a handful of developers running it. You really want it to be truly decentralized where there’s checks and balances on each other. It’s hard for them to corrupt the system as a whole, and where you mostly trust each of them to at least look out for their own interests.
There’s lots of ways you can do governance.
You can do “anarchy”, where there is no governance, where you’re constantly forking and that churning can actually hurt you for going towards something really useful.
You have “direct democracy”, and that’s when everybody gets a vote; even people who don’t know what they’re doing get a vote.
You have a “dictator” and that’s very efficient, but do you really trust a dictator to do everything?
Or you have an “expert council”, which is a small group of people (or maybe a large group of people), but people who we have reason to believe know what they’re doing. And maybe they’re not all honest, but we think most of them will be honest and they’ll keep each other honest with checks and balances, and they at least know what they’re doing; they at least have a knowledge of how to run things.
The Federal Reserve System works this way, where you have a bunch of these banks, and you have a council, and then you have a chairman, and you hope that they’re doing the right thing. But you at least trust them to know what they’re doing, to be smart and you have multiple ones so there’s checks and balances. That’s what you’d want: an expert council will work the best. But if you have weak governance, if they can’t actually enforce what they choose, then you’ll slide down to anarchy. You’ll have lots of forks, and they can’t actually control anything… they can’t govern.
We want to have decentralized governance, meaning lots of different governors who can actually govern. And we do; we’re building up a council of 39 gigantic companies around the world, in 18 different industries, within lots of different geographies. They’re not all under the same government. They’re not all in the same hemisphere: north or south, east or west. They aren’t in the same continent. They aren’t in the same culture. They aren’t in the same industry. Each of them will be looking after their own interests, but they’re across different industries with different interests.
There are checks and balances on each other. They prevent each other from being bad and make everything transparent, so that the whole world can see what they’re doing. It affects their reputation if they do something sleazy. They have a strong motivation to not do something sleazy, and you would expect them, because they’ve been around for a long time, to know what they’re doing. 39 people trying to figure out what to do is better than one person figuring out what to do.
We’ve even announced the technical controls, to let them actually control. And so, we have technical controls that make it where you can’t fork the state, and trick the typical cell phone app into thinking that you’re “this state” when you’re really “this state”. That you’re “this ledger” when you’re really “this ledger”. There’s technical controls that you can’t fork the state, and then pretend to be the other one; it’ll always be clear which of the two is the real one, and every app can check that.
We have legal controls where the council is going to ensure that nobody can stand up a “legal” network that is distributed around the world. Now, you can do an “illegal” one, but a lot of people won’t want to build something serious on an illegal one; it’s another thing to help us actually ensure that everybody actually upgrades the code at the same time, and follows what the governors have said in their governance.
And we have announced our first five governors:
Deutsche Telekom(largest telecom in Europe)
DLA Piper(one of the biggest legal firms in the world)
Magazine Luiza(gigantic online retailer in Latin America)
Nomura(biggest bank in Japan)
Swisscom Blockchain(which is Swisscom and it’s a blockchain)
We have just five that we’ve announced. We’ll be announcing more, and we are very excited about the idea of having truly distributed governance. You need distributed governance. This is underappreciated. People aren’t talking about it, but it’s what you need.
But that’s not enough. You also need your network to be useful. To have a useful network is, of course, the whole point of the exercise. Why build a network if it’s not going to be useful? Why would you want to have a distributed ledger, if your ledger isn’t useful for anything?
But it’s more than that: Having a useful distributed ledger creates a secure ledger — just like you have to be secure, in order to be useful, being useful makes you more secure, which makes you more useful, which makes you more secure… and so it’s a virtuous cycle.
Well, how does having a useful ledger make you more secure? Because as the ledger grows, and as the stuff building on top of it grows — when lots of people are building on it, and it becomes an infrastructure for companies and individuals all around the world building on it, using it every day, having more traffic on it— then it becomes part of the infrastructure of the planet; everybody is using it. That makes it more difficult to corner the market on hbars, because the hbars is what you use to uset he network, and what are what your paid with for proxy staking, and so forth. And so it actually makes it harder to corner the market on hbars — it makes that circulating coin cap better —and so it makes it secure.
What utility do we have? Well, what is the network? You’ve got the network with the nodes at the bottom, guarding the consensus. Then on top of all those nodes you have the next layer up, which is the cryptocurrency and the smart contracts and the file service. Those are the three network services that we’re starting with. There could be more in the future, but those are the three services you really need, and those are governed by the council.
But on top of that is where the real value is. The real value are the people that build the Dapps on top of it; people building applications that run inside of a smart contract, or applications that run on a computer that call the network. Either kind. Companies that build on it, startups that build on it, individuals that build on it, people just using it, maybe just apps on your phone. All of these are where the real value of the network comes from. And then the end users: individuals, companies, and governments even. All sorts of people can be using it.
The real value is in this though: Who is building on it? Well, we’ve got a thousand developers just on our testnet right now. That’s just people using our testnet at this moment, who want to build on it.
And so what kinds of companies are building dapps on top of us? Well, we know about hundreds: We know about people like Chainlink; Chainlink is building a system for Oracle’s. They have smart contracts, but sometimes a smart contract would like to know some information about the real world; maybe it needs to know what is the price of corn today? What is the temperature in New York City? Whatever it needs to know. And so the company that does “Oracle’s” can go out and get that information, and give it to the smart contract, and do it in a way that you know that it really was them and not someone else, and that they’re really getting it from the true source. And then we know that the smart contract really got the information, and that it didn’t get lost. There are Oracles that allow you to use smart contracts, and it is incredibly important. We have Chainlink doing it, and Chainlink is building a system to do Oracles with Hedera. Hedera Smart Contracts will be able to get information from the outside world, in a way that is secure and trustworthy.
There’s a lot of other companies: Certara is doing pharmaceutical development and tracking, and Rightory is allowing brand assets and rights to be managed, and there are other companies doing things to keep track of information or helping various transactions to happen, or are bringing people together to disintermediate industries.
We have over 1,000 developers building across 80 testnets right now. We’ve got 15,000 people that come to meetups around the world, led by our ambassadors. We really appreciate our ambassadors; they just do an amazing job and they aren’t employees, they’re just people that want to help spread the word and get involved. We have 560+ apps under development that we’re aware of. And who knows that we aren’t aware of? Because you don’t have to tell us; you don’t have to register or anything to build a dapp, you just build it. You can do it on your own, but if you tell us, maybe we can help you somehow. And then almost 7,000 developers in discord. Who knows what cool things they’re going to build?
The ecosystem even includes people like Helix that are allowing you to do something beyond that: Helix isn’t a dapp, Helix is an accelerator for dapps. Helix is a company that goes out and finds people that want to build a dapp that will run on top of the Hedera ledger; Helix funds them, gives them advice, and gives them 10 weeks of help, training, office space, and interaction with each other. At the end of the 10 weeks, they give them all a chance to say what they’re going to do and demonstrate what they’ve done and they decide who the best ones are and they fund them further to actually incubate them into being real companies building on Hedera.
Helix has nothing to do with the Hedera employees, the Hedera company, or the Hedera governance; they’re entirely independent. They’re an accelerator that has grown up as part of the ecosystem, that is now accelerating the rest of the ecosystem, and they have all sorts of cool things. The first batch has gone through the 10 weeks. They’ve finished. They’ve presented what they’ve done and it’s really cool.
One of them is Payable Links, which is building a micropayment system that lets you do micropayments on the web. It’s really cool and takes advantage of the fact that Hedera is emphasizing micropayments; we have tuned the ledger from the ground up to be extremely fast for micropayments, much faster even than for the smart contracts or the files.
Or you have Nuvonic, which is keeping track of hotspots and allowing people to share the bandwidth of those hotspots, and share information with each other. Again, emphasizing the micropayment system. It’s a very cool application that, in both of these cases, arguably you couldn’t even do it unless you had really fast micropayments.
Or you have something completely different: Otrafy fororganic food. You want to know: Is my organic food really organic food? You’re telling me it’s organic, what’s the history of it? And this is what they’re doing. They’re tracking the history of it, and they’re using Hedera to do it, and they are already operating with some grocery stores, and they will be running on Hedera.
This is the ecosystem that is growing up around Hedera. and this is extremely exciting to me. It creates the value of the ledger, and the value of the ledger allows it to become decentralized faster. The more useful the ledger is, the more people building on it, the faster it can become decentralized.
So what is this path? I talk about going to “being permissionless”. If we’re being decentralized, we have to have anonymous nodes. You don’t start with anonymous nodes on day one, that would be silly; it’d be easier for an attacker to get a third of the coins, and we’re out of luck.
Starting on day one we have permission nodes, and you can trust them, but then we want to grow with lots and lots of nodes, even permissionless ones. We need a methodical path.
What does that look like? We start with a handful of nodes running, and then the council members run them. And as the council grows, we get more nodes until we have 39 nodes being run from the council.
But we want to grow far beyond a handful of nodes, and we also want to grow far beyond even 39 nodes. And so we will start having participating organizations. We get to know the organization, we trust them, the council trusts them, and we say: “okay organization, you can run a node also”; and that could get us beyond the initial 39 nodes… it could get us to hundreds of nodes.
But we want to go beyond that. We want to go beyond having to get the permission from us, for each person running a node. We want to go beyond that to anonymous nodes, permissionless nodes: Thousands or millions of them all around the world. We want them to just be universal, with no barrier to entry (I’ll tell you in a second about how it’s really easy to run a node because you don’t have to have any tying up of your money or even the danger of your money being taken away if something goes wrong; we can protect you from that). We want these permissionless nodes around the world. That is the path to being truly permissionless. It’s also a path to becoming more useful and more decentralized, because that’s what you want: lots and lots of nodes.
But we have to be secure in every step along that path. That is without question, the most important thing. A distributed ledger is about trust, beyond anything else. It is good for it to be fast. It is good for it to be decentralized. It is good for it to be distributed. It’s great for it have good governance, but you have to have trust. Now, of course, good governance is part of trust. Decentralized can be part of trust. But it has to be trustworthy, it has to be secure. All of these things tie together; it’s all one big thing that ties together. How do you get security for one of these things?
Well, you want best-in-class security. The consensus algorithm itself really should be ABFT. ABFT means you have finality, and even when attackers can slow down parts of the network and put in firewalls, you still have guarantees that you won’t have double spending and so on. You want it to be sybil attack resistant: you don’t want one person to pretend to be a million people, and to get a million times as much influence on the voting and the consensus, and then destroy the system. You want DDOS attack resilience; you do not want some big button out there of compromised computers, flooding messages all into one computer shutting it down, and that shuts down the whole network. We don’t want to have a leader; we want to be completely decentralized in not even having a leader for a second.
ABFT means you have consensus, you know you get to consensus. This is the strongest security. You have to have real finality for this, and the one third rule that comes out of mathematics is that it should be absolutely secure, as long as less than a third of the weight of the consensus is malicious. We want to make sure that less than a third of this “stake” (if you were counting nodes, it’d be less than a third of the nodes, but we are proof of stake)is controlled by a bad guy who will just turn off their computers, or who will actively do malicious things and protocol attacks on the whole network. The rules of mathematics say the best you could do is one third — we want to be there, and we are there. We have ABFT even at just under a third.
We also want to prevent DDOS attacks — and we do that by not having any leaders. The gossip about gossip of virtual voting means you never have a leader, not even for a second. We don’t even take turns being leaders. We don’t even have proposed leaders, who are block proposers or coordinators or leaders or whatever. Nothing. At every moment, every node is equivalent. Every node is creating new transactions at every moment. That the equivalent of a block, every node could be creating new blocks at every moment. They just are randomly picking each other and sending them around. There’s never a leader, never a coordinator, never any subset that’s special. They’re just all the same. That’s what you need and we have that.
And then there are sybil attacks. That’s really where talking about the proof of stake is most important in sybil attacks. Sybil attack says for a proof of stake system, “I don’t want one person to get the stake, as if they were a million people”. Don’t want that. Oh, we’ll do it with coins: So then if you have a million hbars, you can either pretend to be one person with a million hbars or a million people with one hbar, and you have the same effect on the system either way.
We want to stop the sybil attack, so we want you to have the same weight — and we want to do proxy staking so that we even have people saying, “I think you’re a good person,” and giving you some of their weight. And we want those people to be distributed, so it isn’t one person with all those proxy staking weight. It’s just on day one that Hedera has all that weight. We want to become decentralized, and then we want the treasury coins to be proxy state. Initially, when the treasury of Hedera itself has a bunch of coins, they will be putting their influence into certain nodes that they trust. That’s good to start with, but over time we’re going to transition to where the market itself is putting its trust into these nodes.
I keep coming back to how important it is that the hbars are widely distributed, and that it is hard for someone to get a third of them and then attack us.
How do you do that? Well, as you’ve seen so far, the hbars really have two different roles in the ledger: The fuel of the ledger is the hbars, because that’s what you spend to use it. Every time you want to do something, you spend a fraction of a US cent worth of hbars to do it. It’s the fuel that runs the network. It also runs the network itself in the sense that the ledger is a bunch of nodes, and each node is paid to be a node in hbars. And when we have anonymous nodes, you’ll be able to run an anonymous node. Totally permissionless, and you still get paid in hbars. That’s why you’d want to do that; that’s what will motivate people to run these nodes, that are spread around the world.
Furthermore, if you proxy stake your coins to somebody, then you get paid for that too. But more importantly, for security, is that it is a network protection mechanism — this is what keeps the ledger safe. It’s hard for one attacker to get a third of all the coins in existence. The proof of stake system is why we care about that, so dual rules of the hbars.
I’ve told you about proxy taking. Each node says “okay, here’s my coins, I am staking them and please pay me proportional to how many coins I’m staking and give me influence proportional to how many coins I’m staking”.
Also, if you don’t run a node, you can be a user and proxy stake your coins. You say “ I trust that node over there; I’ll give it credit for my coins”. Now, we do this in a way that is completely safe to the node and the user. You do not have to lock up your coins. You do not have to bond them. You do not have to risk your coins. There is no slashing.
If you proxy stake your coins to someone and then something goes wrong, you don’t lose your coins, they just kind of stop earning payments for you. You have a motivation to not do it, but there’s no threat there. Similarly, you don’t lock them up — as long as you have them in your account, and they’re being proxy staked, you earn some coins for them. If you ever want to spend them, you can, and then you just stop earning for the ones that you’ve spent, but you keep earning on the ones you haven’t spent yet. There’s no risk to you.
Same thing for a node. You don’t have to lock up your coins; you just have to leave them there, and if you have left them there for a whole 24 hours, at the end of 24 hours you get paid for them. Every day that you left your coins there you get paid, and you can take them out at any moment and then you just don’t get paid for that day. It is a very safe system for the users and for the nodes. And then of course, the whole point is it keeps the ledger itself safe.
And I said, there are payments. The node gets a payment from Hedera because it’s a node. Thank you for being an node. You’re helping us be distributed and decentralized and secure. The user gets a payment, and that is the proxy payment, and the node gets the proxy payment which means the node wants to tell the users “yes, I am reliable, and convince the users that it’s reliable”, and so we have another virtuous cycle here. The nodes want to be thought reliable, and the users make them reliable. That’s the proxy staking.
The lifecycle of the coin is what I’ve said. You have the end users. Some of them decide to proxy stake, why not? It’s easy to do. And then they get paid for it. The other ones don’t get paid. And then they can use them to use the network directly or to use some of these third party applications and then it all flows around in a big circle. That’s the lifecycle.
Everything comes down to being able to get these coins distributed, and distributed widely, and distributed in such a way that it’s hard for them to become undistributed. How do you do that? You do that with a good release schedule. Here is our really scheduled right now. This is what we’re planning to do. We are planning to release all the hbars over a 15 year period, so that 15 years from now, we will have released every single hbar in circulation (that’s what I mean by release).
Putting them into circulation where people around the world can be sending them to each other. Last August 24th, we launched the network. We created 50 billion hbars, and started running the network . The nodes have been running continuously. We’ve had testing programs where people have earned hbars from us, and so a little trickle of hbars have started to go out to people over this year. Not very many.
But, we’re about to have another testing program, and more will trickle out. Not very many, but a lot more than the first testing program. And then we will have OA (open access), and a bunch is released. At OA, a total of about 4.66% will have been released. About 4.5% of the of the coins will now be in circulation around the world. We won’t dump 50 billion coins into the market on that first day. They’re contained to be released.
We’re trying to be methodical. We’re trying to do this in a reasoned way that makes sense, that keeps the network secure. We will be releasing them continuing for the rest of our year since network launch; from August 24th 2018 to August 24th, 2019. We expect by the end of 2019 to have 6.6% released. A little bit more than the 4.66% that we would have released at OA. And then it just continues and you can see here our current plans for 15 years, and at a 15 year point (15 years after our launch in 2018) we have now released 100% of the coins.
Reasoned, methodical, careful. This is what we plan to do. But what if something goes wrong? We might worry. What if, for example, we had the problem that all the coins are getting concentrated in the hands of one person, or the coins are so cheap someone could wake up tomorrow and buy a third of the coins for the price of a candy bar. What if that was the the fear, that the coins are not being distributed enough? Or that they’re becoming concentrated?
Well, first of all, no problem. If we don’t have anonymous nodes, then we are secure. It doesn’t matter. The concentration problem is only really when we get to the anonymous nodes. And so, if it looks like it’s becoming concentrated, we might delay how long we do the anonymous nodes. But we wouldn’t delay the releasing of the hbars. We wouldn’t delay the distributing of the hbars, both because we don’t need to and also because you wouldn’t want to. If you see a problem where they’re not distributed enough, you don’t fix the problem of a lack of distribution by failing to distribute. If they aren’t distributed enough, you solve it by distributing. And so what we would do in that case, is we would continue to distribute the coins. We continue to release the coins on this schedule and maybe delay when we do anonymous nodes, so that we can still be secure and continue to work to build up the ecosystem that builds on top of the ledger so that it has value. This 15 year release schedule, the council can change, but the council as a whole is going to have to agree and they’re going to need a reason to do it.
And so the most obvious security problem would be concentration of coins, and there’d be no need to change the schedule for that. Really, what you would want to do, is delay when you do anonymous nodes. And then there’s something called sharding, you would delay that too. Sharding is when you break up the big network of all the nodes into lots of little networks of nodes and each one has its own information. We have great plans to do sharding, again, just because we want it to scale. We want to be more valuable and more useful. But we could delay sharding if the coins all look like they’re not distributed and think they’re concentrated.
This schedule is subject to change if the council decides to; except for security reasons, they wouldn’t need to. It’s going to be a long time before we would even have this problem, I think. And even if we had the problem, we would solve it with different ways than changing the schedule.
What does that mean overall? Here’s what we have said: The summary is that we are going to go to where we are now, which is decentralized governance and utility. Growing decentralization over time as we get permissionless nodes, growing decentralization as we release our stake, which is hbars, the cryptocurrency. We will be going on this path to becoming more and more decentralized until we are totally decentralized. This is the path that we will be following, and we’ll be doing it in a way that is completely secure at each point along the path. The governance, we have the initial governors that we’ve announced and some more than we’ve signed that we’ll be announcing. We’ll be going up to 39, they’ll be revolving over time with six year term limits because we don’t even want centralization temporarily. After six years, they have to roll over to a new council member. And we’ll be making the network useful; it will be useful at open access, and will become more and more useful over time. We’ll be having permissionless nodes someday, but not on day one. On day one it’s just a handful of nodes and then it grows to be the council nodes and then grows to be the participating organizations running nodes and then grows to be the anonymous nodes. And so we can be starting with just a few, growing to a handful and then to hundreds and to thousands and maybe even millions.
There’s no reason we can’t go to millions, which will let us do things like sharding, where we break ourselves up from being one big network to being a few, and then to many. But all the mini little networks combine to form one ledger that is ABFT as a whole. That’s what sharding is. And then we also have something called mirrornets. Those are just computers that watch what’s going on; they can be anonymous from day one. No need to even delay those being anonymous for that, because all they’re doing is watching. They can’t hurt the security. We can do that right away and just have computers that are watching what’s going on right away. The goal there is to be smooth over 15 years and the smooth release schedule keeps things clean and reliable.
In the near future, we’re going to be doing community testing phase two. On May 13th, you’ll be able to sign up at the portal, you’ll be able to get a Hedera portal profile, you’ll be able to get an account, and we will put some hbars in it and then you’ll be able to use those hbars to test the network. The network testing will give you more hbars. We are devoting a lot of hbars to this program.
In addition, we will be having a smart contract testing program that you can try out. This is a really fun smart contract that someone in the community wrote. Nick wrote this. I am amazed at what he wrote. It is incredible. What this does is it lets you buy stars. It shows you maps of all the stars in the galaxy, or a bunch of them, and then it allows you to go in and buy them. It tells you the price of each star, and you can pick which one you want and you can buy it. You get 100 hbars if you try out this app that Nick wrote and you buy a star and then you own a star. You don’t really own a star. But this is just a fun demo app.
But it isn’t just the test program on the mainnet; we even have a testnet testing program that will be allowing you to earn hbars. If you’re a developer, you could earn hbars by using the testnets. You’ll be able to get the SDK and build your own Dapps, or you could use our Dapps and earn five hbars every time you do a hundred transactions from your account on the testnet. And in this way, you will be able to be helping us test the system on our testnets in addition to the testing program is happening on the mainnet, and you will be earning hbars for that, as well.
You could also contribute to the open source community SDKs. We have a number of SDKs that have been written by the community in various languages and you can contribute to those. You can use our open source utilities; we have the Android wallet and iOS Hedera Wallet, those are open source. You can use those and take the source code and modify them and create new ones. You can add on to the current ones or suggest adding ons for the current ones. But you can also fork them to create your own code or use them as inspiration in your own code or use them as components of your own code.
We have a chrome browser extension, which allows you to go out to the internet and surf the web and be paying a fraction of an hbar every time you read an article or listen to a song or see a webpage. And so you could build your own extensions to do similar things, or you can use the WordPress plugin and add it to your WordPress website. And so then other people who are using our chrome extension can go to your website and read your articles and listen to your songs and see content, watch your videos on your website and pay in hbars for that.
I have just enjoyed so much the people that I’ve talked to when I get to go to meetups and hear what you have to say. We appreciate your involvement in social media. We appreciate your involvement in writing code. We appreciate all the people that are building things on top of us and building this huge ecosystem of dapps and programs that are running on top of us. I have just really appreciated you all. And now I am really excited and you should be excited too, because you have helped come to this point where we are about to launch phase II of our testing program and then open access, and then just the world of you using this thing. I am really excited about the applications you’re building on top of Hedera, and how they have the possibility of truly changing the world. Some of these are going to change the way the world works. You’re not just doing old things better, but doing new things that have never been done before. Or doing things old things so much better that they’re practically new things that had never been done before. That’s you. You the developers. You the users. I just thank you. I want to thank you for listening to this webinar. I thank you for your interest in this webinar series. There’ll be more. I hope I’ll see you at the next couple of ones. We’ll have a webinar on the file service. We’ll have a webinar in forks. We’ll have webinars on all sorts of things. Thank you for that. And from all of us at Hedera Hashgraph, thank you very much.