In the first part, we discuss the Byzantine Generals Problem, how to achieve Byzantine fault tolerance, and their relationship with blockchain.

The algorithm mentioned in the last article is actually a Byzantine fault-tolerant solution. But that solution is not efficient enough, and its variants are limited, that is, less than a third of the network is dishonest.

The running time of Byzantine general problem solved by Lamport, Shostak and pease (n = number of members, M = number of traitors)

This brings us to a classic problem in computer science

Can we do better?

The topic of this paper will discuss alternative algorithms for Byzantine fault tolerance.

Note: please forgive me for some simplification. There are many complicated researches behind these algorithms. I’m going to provide links to readers who are interested and want to study more deeply.

Blockchain uses consensus algorithm to elect a leader to decide the content of the next block.

The leader is also responsible for broadcasting the block to the network so that other peers can verify the validity of its content.

## Proof of work (POW)

This is the most commonly used algorithm for currencies like bitcoin and Ethereum, each with its own differences.

Before proceeding, for a little explanation from the non-technical readers:

A hash function is any function that can map data of any size to a fixed size.

If a hash function is secure, its output cannot be distinguished from random results.

```
Example:
keccak256("hello") = 1c8aff950685c2ed4bc3174f3472287b56d9517b9c948127319a09a7a36deac8
keccak256("hello1") = 57c65f1718e8297f4048beff2419e134656b7a856872b27ad77846e395f13ffe
```

In the proof of workload, if a member wants to be a leader and choose the next block to add to the blockchain, they must find a solution to a specific mathematical problem.

For example, the mathematical problem is:

Given the data x, find a number n. for example, the hash of N attached to the result of X is a number less than y.

```
Example - hash is a hypothetical hash function that has the outputs listed as below
Y = 10, X = 'test'
hash(X) = hash('test') = 0x0f = 15 > 10
hash(X+1) = hash('test1') = 0xff = 255 > 10
Hash (x + 2) = hash ('test2 ') = 0x09 = 9 < 10 OK, solved
```

Since the hash function used is encrypted secure, the only way to solve this problem is to use the storm algorithm (try all combinations). In other words, from the perspective of probability, the member who first solves the above problems is the member with the largest computing power. These members are also known as miners.

This widespread success is due to the following characteristics:

- It is difficult to find a solution to this problem
- When there is a solution to the problem, it is easy to verify its correctness

Whenever a block is mined, the miner gets some money (block rewards, transaction costs), so he has more incentive to continue mining. In the proof of work, other nodes verify the validity of the block by checking whether the hash of the block is less than the preset number.

Because of the limited supply of computing power, miners don’t want to cheat. Because of the high cost of hardware, energy, and missed potential mining profits, attacking networks can lose a lot.

The images below illustrate how bitcoin and other currencies using proof of work prevent malicious behavior.

For those interested in how chain splitting (also known as bifurcation or chain reorganization) works in divergent situations, I recommend readingThis article。

The workload proof provides the required security and has so far proven to be easy to use. But it’s very energy consuming:

Almost all African countries (alone) consume less electricity than the tequila mining industry

## Certificate of ownership (POS)

Before I go on, let me compare the leader election (choosing the members of the next block) to a raffle:

In the lottery, if Bob has more votes than Alice, he is more likely to win.

Similar to this:

In the workload proof, if Bob has more computing power and energy than Alice, so that he can output more work – he is more likely to win (mining the next block).

Again, similar:

In the proof of ownership, Bob is more likely to win if he owns more than Alice.

Equity certificate eliminates the requirements of workload proof for energy and computing power, and replaces it with equity. Equity is the amount of money members are willing to lock in over a period of time. In return, they have a chance to be the next leader and choose the next block in proportion to their equity. There are now some currencies that use only equity certificates, such as NXT and blackcoin.

The main problem with POS is the so-called lack of stake. In essence, in the case of bifurcations, the equity holders are not motivated to hold shares in the two chains, which will increase the risk of double expenditure. To learn more, look here.

In order to avoid this situation, hybrid consensus algorithms, such as POW POS combination used by decred, have emerged. Ethereum, together with Casper the friendly ghost and Casper the friendly finality gadget, are actively working on a secure, decentralized proof of ownership agreement.

## summary

In this paper, we discuss the proof of workload and the proof of equity, which are the consensus algorithms of Byzantine fault tolerance, and have been applied in today’s blockchain system. Other consensus algorithms such as practical Byzantine fault-tolerant pbft (tendermint) or decentralized Byzantine fault-tolerant (NEO) also exist. If you want to know more about pbft and Casper, you canLook here。

Original author: Georgios konstantopoulos (loom network)