This week, Douglas Pike of Verium took some time away from trying to discover the origins of life to help us at CRYPTO 101 better understand the Byzantine generals’ problem. What the problem essentially boils down to is trust. It is called the Byzantine generals’ problem in reference to a hypothetical problem depicting a group of Byzantine generals surrounding an enemy city. The generals need to decide whether they are going to attack or retreat. If they are to be successful in their siege, they all need to agree to attack, and at the same time.

The Byzantine generals’ problem is an analogue of a well-known trust-based fault in distributed networks (like the blockchain). It is an illustration of the question “how do we know we can trust each other?” When we are only one member of a multi-member network needing to agree on a public course of action, how can we be sure the messages other parties are sending to us are trustworthy and haven’t been tampered with along the way? Similarly, how can we convince other parties that our messages can be trusted?

This is a ‘consensus problem’.

The messengers of each general’s army need to pass through the city in order to deliver their message to the other sides. During this delivery process, they may be kidnapped and their messages could be tampered with. One general sending the message “ATTACK TOMORROW AT NOON” could have their message tampered with so that by the time it arrives at its destination it now reads “RETREAT IMMEDIATELY”.

You may have read that Bitcoin is a “Byzantine Fault-tolerant system”, this simply means that Bitcoin has set itself up in a way with an inbuilt solution to the problem so that it can say that is in some way ‘tolerant’ of this inherent problem. The way Bitcoin and many other cryptocurrencies do this is with what is called ‘Proof of Work’.

Without getting into the technicals of an entirely different topic, essentially what Proof of Work does for the problem faced by our generals is to make the task of altering the messages incredibly difficult. Below is a brief example with links to the more technical details in brackets.

Think of the generals as Bitcoin wallets. One wallet sends out the message “I am sending Johnny 1BTC”. The hope is that this message will soon be added to the public distributed ledger.

Returning now to the generals — they have previously agreed, before separating to encircle the city that they will add extra characters (nonce) to the end of any message they send so that when the message and the extra characters are mathematically combined together by the recipient using a previously agreed-upon algorithm (SHA256) they will produce a new and different number (hash) with a certain aesthetic characteristic. For example, they may agree that the hash of a received message after undergoing the calculation of the algorithm must begin with ten zeros. If a message is received and once calculated it does not begin with then zeros then the message is rejected as a possible fraud.

This allows the system to be ‘tolerant’ of the problem because it is extremely difficult to tamper with the messages encrypted in this way. If the city intercepted the message “I AM SENDING JOHNNY 1BTC” and changed it to “I AM SENDING SARAH 100BTC” without changing the nonce, it would not result in the correct attributes of the hash — those then zeros.

The city could also try to fiddle with the nonce as well as the message (transaction) in an attempt to produce a hash with ten zeros at the beginning to try trick the network of generals (or Bitcoin wallets) into believing their altered message. However, the ONLY way to do this is by guessing nonce after nonce and running the algorithm in an attempt to stumble upon a hash with ten zeros. This is why it is called Proof of Work — in finding the hash you have PROVED you did the work. It takes energy and time.

You might think “well, it still isn’t impossible, the city might be able to brute force their way and complete the Proof of Work task and change the message to “I AM SENDING SARAH 100BTC” or in the case of our generals “RETREAT IMMEDIATELY”. This is true, but it is made exponentially more difficult by adding more players to the game.

This is why decentralisation is so powerful. The more generals surrounding the city, or the more Bitcoin wallets/transactors in the network the more difficult it is to dupe the system. Because now the generals aren’t just sending one message to one recipient, nor are the wallets sending one notice of a transaction to one recipient — they are being sent to every general, every wallet. This is why it is called a “distributed ledger” these messages go out to all parties and all parties can keep record of them.

If the city successfully captured one message and altered it by brute forcing the correct nonce to produce the previously agreed-upon hash, this would take time. It is vastly improbable that they would be able to do this before other generals/wallets received their own version of the message and validated it as an authentic message using the algorithm.

However, let’s say they succeed and create an altered message with a new nonce that also creates a hash with that trademark 10 zero beginning. Once the city had sent their new message off on its way to one of the generals, even with the correct nonce, that general would now have two conflicting messages — one saying “ATTACK TOMORROW AT NOON” and the other “RETREAT IMMEDIATELY”. Or in the case of the Bitcoin wallet, “I AM SENDING JOHNNY 1BTC” and “I AM SENDING SARAH 100BTC”. They have an internal consensus problem. All this general would have to do is ask the other generals which message they had accepted. To which they would all respond with the unaltered version of the message — Johnny gets his 1BTC and the generals agree to attack tomorrow at noon. Thus the altered versions would be rejected and the original, untampered messages would be accepted. Even if the city quickly copied out multiple versions of their new message, it would be rejected on the basis it was received far later than the original, untampered messages.

The Byzantine generals’ problem can never be 100% guarded against. There is always the possibility that an altered message could be successfully created and find its way into acceptance. One of the primary ways this can happen is through what is called the 51% attack. Which would mean that over half of the generals might be working alongside the city and colluding to confirm altered messages. This could happen on the Bitcoin network if over half of all the computers validating messages (blocks) were controlled by one entity.

So, that is the 101 on the Byzantine generals’ problem.

Thank you to Doug Pike for shining some light on this interesting problem.

Link to the Podcast episode featuring Doug Pike: https://apple.co/2uwKXqd

Share this: Twitter

Facebook

Like this: Like Loading... Related