Key Question

What happens when nodes don’t just crash, but actively lie or behave maliciously?

Deep Dive

In 1982, Lamport, Shostak, and Pease posed a problem: N generals surround a city, each commanding a portion of the army. They must agree on a plan — either attack or retreat. Generals communicate only via messengers. Some generals are traitors who will actively try to prevent the loyal generals from reaching agreement.

This is different from a crash failure. A crashed node stops. A Byzantine node actively misbehaves: it can send different messages to different recipients, lie about what it received, collude with other traitors, or send messages designed to confuse the protocol.

Scenario: 3 generals, 1 traitor

General A (loyal): "Let's attack!" 
  sends to B -> "attack"
  sends to C -> "attack"

General B (traitor): receives "attack" from A
  sends to C -> "retreat" (LIES)
  sends to A -> "retreat" (LIES)

General C (loyal): receives "attack" from A, "retreat" from B
  What does C think? Mixed messages!
  C can't tell who is the traitor.

General A: receives "retreat" from B
  A thinks: "B says retreat. C hasn't reported yet (message delayed)."
  A doesn't know B is the traitor either!

Crash vs Byzantine failure:

Crash failure:
  Node A: sends "attack" → Node B: ✓ received
  Node A: sends "attack" → Node C: ✓ received
  Node B: [CRASH] → stops sending anything
  
  Result: Everyone knows B is down. Easy to handle.

Byzantine failure:
  Node A: sends "attack" → Node B ✓
  Node A: sends "attack" → Node C:  ✓
  Node B (traitor): tells A "C says retreat," tells C "A says retreat"
  
  Result: A thinks C is the traitor, C thinks A is the traitor.
  The traitor (B) has successfully divided the loyal generals.

Why this matters for distributed systems: In permissionless systems (blockchains), anyone can join as a validator. A malicious validator can run modified software designed to subvert consensus. Even in permissioned settings, a compromised machine (rootkit, supply chain attack) becomes Byzantine. BFT protects against the worst case: active attackers, not just random crashes.

The Byzantine Generals Problem is considered solved when:

1. All loyal generals agree on the same plan.
2. The plan they agree on was proposed by a loyal general.

These correspond to consensus’s Agreement and Validity properties — applied in a world where nodes can lie.

Check Your Understanding

1. In the 3-generals example with 1 traitor, is it possible for the loyal generals to reach agreement? Why or why not?
2. What additional capabilities does a Byzantine faulty node have compared to a crash-faulty node?
3. Could a node with a hardware bug (bit flips in memory) be considered Byzantine?

The “So What?”

BFT is the threat model for blockchains, aerospace, and any system where nodes might be actively compromised. Satellite constellations (where radiation can corrupt memory) and financial systems (where fraud is the adversary) must handle Byzantine faults. Understanding BFT is essential for designing systems where trust is distributed and adversaries are active.

✏️ Exercises

Byzantine Fault Tolerance: Exercises

Exercise 1: 3f+1 Bound

How many nodes are needed to tolerate 3 Byzantine faulty nodes? Show the math.

Exercise 2: PBFT Phases

In PBFT, why is the Prepare phase needed if we already have Pre-prepare? What problem would occur with only Pre-prepare and Commit?

Exercise 3: Proof-of-Work as BFT

How does Proof-of-Work act as a probabilistic BFT mechanism? What happens if an attacker controls 40% of the total hashrate?