20 Impossibility resultsGeneral 1 General Retreat Attack 1 Attack BFT resistance is optimal: at least 3 f -1 aftershocks are needed to offer security and liveliness in our assumptions, if up to f replicasarefaulty. To understand the numberdefaultyreplicas, you should consider a replicated service that implements a variable variable with reading and writing processes. To ensure liveliness, the service may need to return a response before receiving the replication requirement more than n-f, as f-replicants may be defective and may not react. Therefore, the service can meet a writing requirement after the new value has only been written in a W sentence with replicants n – f. If a customer later issues a read query, they can get a state-based response to an R sentence with n-f replicants. Replicants R and W must have in common only n-2 f replicants. In addition, it is possible that the f replicants that did not respond are not defective and that f of the responders is therefore defective. Therefore, the intersection between R and W can only contain n x 3 f of non-defective replicants. It is impossible to ensure that the reading value returns the correct value unless R and W have at least one non-defective replica in common. therefore > 3 f. General 3 General 3 General 2 Retreat No solution for three trials can deal with a single traitor.
In a faulty process m system, an agreement can only be reached if 2m-1 (more than 2/3) works properly. Lamport, Shostak, Pease. The problem of the Byzantine general. ACM TOPLAS, 4.3, July 1982, 34 Distributed Systems FLP Impossible: Async Consensus must not end the sketch of evidence: The system begins in the « bivalent » state (may decide 0 or 1). At some point, the system is a message from the decision of 0 or 1. If this message is delayed, another message may divert the system from the decision. Even if the servers can only crash (not bizantine)! Therefore, the protocol may not always be live (but there are randomized BFT variants that are probably live) [See Fischer, M. J., Lynch, N.A., and Paterson, M. S Impossibility of distributed consensus with one faulty process.
J. ACM 32, 2 (av. 1985), ] 33 Practical Byzantine Margin of ErrorWhy async BFT? BFT: Malicious Attacks, Software Errors Need N-Version Programming? A faulty customer can write garbage data, but not make the system inconsistent (injuring corporate semantics) Why async? A faulty network can violate timing assumptions, but can also prevent the survival 5 resilience of the process – 2 reach an agreement:Calculation results Selecting a leader sync that engages on a transaction … How much replication is needed? A system is tolerant of error if it can survive errors in k components while meeting its specifications.