Beyond One-third Faulty Replicas in Byzantine Fault Tolerant Systems

Benedetta Pacilli  •  Valentina Pieri

Projects in this category follow a common pattern:

  1. Students study the corresponding paper and try to understand the consensus algorithm's functioning;
  2. They create a proof of concept implementation it using a technology of choice;
  3. They test the consensus algorithm's robustness agains crash and byzantine faults.

There is an implicit step hidden into the procedure above: consensus algorithms are usually aimed at implementing some sort of SMR system (e.g. a replicated DB). Even if the goal of a project in this category is to study & implement a consensus algorithm, students may need to actually use it in order to test it. To do so they will have to create a simple SMR system, like, e.g. a replicated Key-Value store supporting at least two operations: put and get.

Paper abstract:

Byzantine fault tolerant systems behave correctly when no more than f out of 3f + 1 replicas fail. When there are more than f failures, traditional BFT protocols make no guarantees whatsoever. Malicious replicas can make clients accept arbitrary results, and the system behavior is totally unspecified. However, there is a large spectrum between complete correctness and arbitrary failure that traditional BFT systems ignore. This paper argues that we can and should bound the system behavior beyond f failures.
We present BFT2F, an extension to the well-known Castro-Liskov PBFT algorithm, to explore the design space beyond f failures. Specifically, BFT2F has the same liveness and consistency guarantees as PBFT when no more than f replicas fail; with more than f but no more than 2f failures, BFT2F prohibits malicious servers from making up operations that clients have never issued and restricts malicious servers to only certain kinds of consistency violations. Evaluations of a prototype implementation show that the additional guarantees of BFT2F come at the cost of only a slight performance degradation compared to PBFT.


Overviews and surveys are available in order to perform a quick evaluation and comparison among the protocols above:

Finally, the following readings may of interest for who is interest in understanding the many impossibility results affecting the distributed consensus: