All our services are belong to you
Aug 06, 2020
by Hedera Hashgraph
Hedera is a decentralized public network upon which developers can build fast, fair, and secure applications.

Since open access of the Hedera mainnet on September 16th, 2019, we’ve openly discussed and placed milestones on our product roadmap to open source all of Hedera’s developer tools and network services — including the Consensus Service, Cryptocurrency, Smart Contract, and File Service. The officially supported Java, JavaScript, and Go Hedera SDKs as well as the mirror node software (beta) have all been open-sourced upon their introduction into the ecosystem.

Today, all of the Hedera network services have officially entered open source under an Apache 2.0 license. Everyone can access the GitHub repository of OSS Hedera network services here. The code will be marked with versions and there will be tags for which software version is running on the previewnet, testnet, and mainnet.

Open sourcing is important to Hedera because it creates transparency not only in Hedera’s network services codebase, applications, and development tools, but also the engineers working day-to-day behind the scenes. We anticipate that the open sourcing of Hedera’s network services will empower the community to get even more involved in the development of the Hedera network.

Bugs & features: Submit a pull request, open an issue, or email us

We welcome members of the Hedera developer community to review and contribute to the Hedera network services codebase.

If you find a non-sensitive bug or issue in any of the Hedera network services code, you can open a new issue to report it or submit a pull request to fix the bug yourself from within the network services GitHub repo. It’s important to the team that pull requests are very specific in scope and include a detailed description of what’s being committed.

If you've found a highly sensitive bug, we've created a bug bounty program which rewards researchers in hbars and encourages the discovery and reporting of serious vulnerabilities. Please send an email to security@hedera.com with a highly detailed description of what you’ve found. Hedera has set a period of three to six months to implement bug fixes. After we’ve fixed it, we’ll publicly announce the finder (unless you want to remain anonymous).

If you have a new feature request that you’d like to see as part of the Hedera services codebase, the Hedera improvement proposal (HIP) program continues to be open and we strongly recommend submitting your feature request there. The Hedera engineering team may not be able to respond to every community contribution, but we expect to learn and get better at accommodating these requests over time.

Open review of the hashgraph codebase

While the Hedera network services code is open source, the hashgraph codebase is not yet available for open review. Open review is when the hashgraph source code becomes available for anyone to read, recompile, and verify that it is correct. The source code is in the process of being audited, and updated based on audit results. The results of these audits will be made available upon open review of the codebase. We expect the hashgraph codebase to enter a state of open review during the fourth quarter of 2020.