The Byzantine Generals Problem

This post is part of our Blockchains Study Group. Take a look there to learn more about related topics.

The Byzantine Generals Problem is a white paper written by Leslie Lamport, Robert Shostak, and Marshall Pease in 1982. In it, they explain the problems with reaching consensus in a system that can have components that give conflicting information because of errors or malicious attacks.

They use the metaphor of a group of generals from the Byzantine army surrounding a city and deciding whether to attack or retreat. Some of the generals can be traitors, and the messengers are not reliable. A half-baked attack would be a disaster, so all the generals have to agree and execute the same plan. It is a little violent, but it’s a clear depiction of how multiple computers work in a distributed system (like the Internet) to reach consensus.

This is a must-read for anybody trying to understand distributed systems and in particular, blockchains. I will share a summary here, but I strongly recommend you to take some time and read the full original white paper. It’s only 20 pages and full of vibe from the 80s:

Here is my highlighted version:

The generals must have an algorithm to guarantee that:

A. All loyal generals decide upon the same plan of action.
Loyal generals will do what the algorithm says. Traitors will do anything they wish.

B. A small number of traitors cannot cause the loyal generals to adopt a bad plan.

Each general observes the enemy and communicates her observations to other n-1 generals.
So, let’s say that v(i) is the information communicated by the ith general. Each general combines v(1), ..., v(n) into a plan of action.

Not adopting a bad plan (B) is achieved by using a robust method. For example, do what the majority of generals say.

Deciding upon the same plan of action (A) is achieved by having all the generals use the same method for combining information.
To satisfy this:

  1. Every loyal general must obtain the same information v(1), ..., v(n).
    Putting a little differently: For every i, any two loyal generals must use the same value of v(i).
  2. If the ith general is loyal, then the values that she sends must be used by every loyal general as the value of v(i).

This way, the problem can be reduced to how a single general sends her values to the others.

Byzantine Generals Problem

A commanding general must send an order to her n-1 lieutenant generals, such that:
IC1. All loyal lieutenants obey the same order.
IC2. If the commanding general is loyal, then every loyal lieutenant obeys the order she sends.

(IC stands for interactive consistency.)

To solve the original problem, the ith general sends her value of v(i) by using a solution to the Byzantine Generals Problem to send the order “use v(i) as my value”, with the other generals acting as the lieutenants.

Now, brace yourselves, because impossibility theorems are the best theorems and one of the coolest comes next.

Suppose that the generals can only communicate through oral messages, meaning that they say either “attack” or “retreat”, and then, an evil general can report that he received the opposite command. There is no way to sign the commands, so they can be forged.

Imagine the following cases with 3 generals:

byzantine1


byzantine2

Note that there is no way for Lieutenant 1 to distinguish the two cases, and this means that for 3 generals, there is no solution that can handle a single traitor.
Lamport and friends generalized this and proved, by contradiction, that no solution with 3m+1 generals can cope with m traitors. So…

If the generals can send only oral messages, then no solution will work unless more than two-thirds of the generals are loyal.

They also prove that reaching an approximate agreement (for example, saying, “We will attack within the next 10 minutes.”) is just as hard as reaching an exact agreement (“We will attack now.”).

Next, they present a solution for the Byzantine Generals Problem with oral messages that can cope with m traitors if there are at least 3m+1 generals:

Assumptions

A1. Every message that is sent is delivered correctly.
A2. The receiver of a message knows who sent it.
A3. The absence of a message can be detected.

Algorithm OM(0)

  1. The commander sends her value to every lieutenant.
  2. Each lieutenant uses the value she receives from the commander or uses a default if she receives no value.

Algorithm OM(m) for m>0

  1. The commander sends her value to every lieutenant.
  2. For each i, let vi be the value Lieutenant i receives from the commander or a default if she receives no value. Lieutenant i acts as a commander in Algorithm OM(m-1) to send the value vi to each of the other n-2 lieutenants.
  3. For each i and each j≠i, let vj be the value Lieutenant i receives from Lieutenant j in step 2 (using Algorithm OM(m-1)) or a default if she receives none. Lieutenant i uses the value majority(v1, …, vn).

The white paper presents a solution for signed messages, which allow generals to send unforgeable commands. This simplifies the problem a lot, and their solution can cope with any number of traitors for any number of generals. They also explore systems with missing links, so not all generals can communicate with each other. They also finish unpacking the metaphor to discuss reliable computational systems.

I will leave you alone to read those parts. Please leave your comments and questions below! :slight_smile:

More learning resources

3 Likes