search

HashSphere FAQs

Common questions about HashSphere Managed Service. This covers scope, operations, and shared ownership.

Go deeper here:

hashtag
Service basics

chevron-rightWhat is HashSphere Managed Service?hashtag

HashSphere Managed Service is a fully-managed, enterprise-grade private ledger offering operated by the HashSphere engineering team on AWS or GCP. It allows organizations to run a permissioned network aligned with Hedera technology without needing to manage nodes, upgrades, or infrastructure operations themselves.

HashSphere Managed Service provides:

  • Managed network operations with defined SLAs

  • Proactive monitoring and maintenance

  • Backup and recovery

  • Structured support and escalation policies

  • Clear operational boundaries between HashSphere and the customer

chevron-rightWho is HashSphere Managed Service designed for?hashtag

HashSphere Managed Service is designed for organizations that need:

  • Production-grade reliability and uptime guarantees

  • Predictable operations rather than ad-hoc support

  • Enterprise-grade security and compliance alignment

This includes regulated industries, financial services, payments, supply chain, and enterprise application teams, to name a few.

chevron-rightWhat does “fully managed” mean?hashtag

Fully managed means:

  • HashSphere engineers deploy, operate, monitor, and maintain the HashSphere network

  • The HashSphere team handles node health, upgrades, backups, and incident response

  • Customers do not require blockchain infrastructure expertise

Customers can instead focus on building applications and integrations, not running nodes.

chevron-rightWhat cloud providers are supported?hashtag

HashSphere runs on AWS or GCP. Deployments are single-region and multiple Availability Zones by default.

hashtag
Operations

chevron-rightWhat uptime and reliability guarantees are provided?hashtag

HashSphere Managed Service includes the following:

  • Published uptime SLAs (≥ 99.9%).

  • Defined maintenance windows.

  • Clear definitions of what services are included in uptime calculations.

Planned maintenance is communicated in advance and accounted for as part of the SLA agreements.

chevron-rightHow are incidents handled?hashtag

Incidents are managed through our support portal, with tickets serving as the primary source of truth. HashSphere Managed Service employs a tiered support and escalation model:

  • Ticket Submission: Customers submit tickets via ZenDesk.

  • Guaranteed Response Times: Response times are guaranteed based on the customer’s support contract.

  • Clear Escalation Paths: Incidents can be escalated to Solution Architects, engineers, or product teams as needed.

  • Structured Communication: We ensure systematic communication throughout the incident lifecycle.

Start here:

chevron-rightWhat monitoring and visibility do customers get?hashtag

Every network includes the HashSphere Console. It integrates with your SSO provider.

You can view node health, endpoint availability, and network status. This helps you validate issues before opening a ticket.

chevron-rightHow does backup and recovery work?hashtag

HashSphere provides automated backups and restore capability. Backup scope and recovery objectives depend on your service contract.

See Network Backup and Restore.

hashtag
Security & access

chevron-rightWhat is the shared responsibility model?hashtag

HashSphere operate the managed platform. This includes nodes, upgrades, monitoring, backups, and platform incidents.

Customers operate the customer environment and application. This includes app deployment, access policies, and signing keys.

Use Architecture Overview for boundary details.

chevron-rightWho owns keys, certificates, and infrastructure?hashtag

Ownership depends on how the key is used. HashSphere runs the infrastructure. Customers own transaction signing keys.

Item
Examples
Owned and operated by

Consensus node keys

Node identity keys, gossip/TLS material

Hashgraph

Mirror / RPC / explorer service certificates

Ingress TLS certs, internal mTLS certs

Hashgraph

Infrastructure access credentials

Cloud account/project, Kubernetes control plane, CI for platform components

Hashgraph

Platform/admin secrets

Monitoring credentials, service-to-service secrets, platform admin accounts

Hashgraph

Customer ledger account keys (transaction signing)

Operator keys used by apps, treasury keys for customer-issued tokens, contract admin keys

Customer

Customer auth/identity configuration

SSO/IdP config, user access policies in the customer environment

Customer

HashSphere can bootstrap initial accounts during onboarding. Customer-owned keys are transferred using secure mechanisms.

hashtag
Integrations & development

chevron-rightCan customers integrate wallets, custody providers, or partners?hashtag

Yes. HashSphere supports integrations with wallets, custody, and third-party tooling.

Customers provision partner access. HashSphere provides required network identifiers and endpoints.

chevron-rightCan customers deploy applications automatically?hashtag

Yes. Use standard enterprise CI/CD for customer applications.

HashSphere provides stable environment details for automation. Your team owns pipelines and releases.

See HashSphere Application Deployment.

hashtag
Data & privacy

chevron-rightIs customer data private?hashtag

HashSphere is permissioned. Access is restricted to approved participants.

Connectivity is typically private. Examples include AWS PrivateLink and GCP Private Service Connect.

Data is encrypted in transit and at rest. Your application still controls what you publish on-ledger.

HashSphere APIs do not enforce your app auth model by default. Use a customer-managed proxy or gateway for fine-grained control.

Advanced privacy features may ship in future releases. Treat them as roadmap until contracted.

PreviousIntroduction to HashSpheresNextArchitecture Overview

Last updated