Reaching approximate agreement in the presence of faults

Paper: Reaching approximate agreement in the presence of faults. Danny Dolev, Nancy A. Lynch, Shlomit S. Pinter, Eugene W. Stark, and William E. Weihl. 1986

Definition

  • Each node \(i \in [n]\) starts with an arbitrary real value \(v_i\).
  • Let \(\epsilon\) be a public value.
  • An Approximate agreement algorithm must satisfy the following two conditions:
    • Agreement: All non-faulty nodes eventually halt with output values that are within \(\epsilon\) of each other.
    • Validity: The value output by each non-faulty node must be in the range of initial values of the non-faulty nodes.

Protocol Sketch

  • State
    • \(latest \leftarrow v_{i}\)
  • For every round \(r \in \{1,2,\ldots\}\):
    • Send \(latest\) to all nodes
    • Collect \(n-t\) values from other nodes for round \(r\) in the set \(V\).
    • \(latest \leftarrow f(V)\)
  • Output \(o_{i}\leftarrow latest\)

Properties of Approximation Functions

  • Let \(\mathbb{N}\) be the set of natural numbers including \(0\).
  • Let \(\mathbb{R}\) be the set of real numbers.
  • Let \(U\) be a finite multiset of reals.
    • For e.g., \(\{1,1,2,2,2,3.2,3.4\}\)
  • We can also view \(U\) as a function \(U: \mathbb{R} \rightarrow \mathbb{N}\).
    • For e.g., \(U(2) = 3\), \(U(0) = 0\)
  • Here, we call \(U(r)\) as the multiplicity of \(r\in \mathbb{R}\).
    • In our example, multiplicity of \(2\) is \(U(2) = 3\).
  • We define cardinality of \(U\) as \(|U| = \sum\limits_{r\in \mathbb{R}}U(r)\).
  • Multiset is empty if \(|U| = 0\), otherwise nonempty.
  • Difference of two multisets \(U-V\) is \(U(r) - V(r)\) if \(U(r) - V(r) \ge 0\), \(0\) otherwise.
    • Let's define: Multiset \(U = {1, 2, 2, 3, 4}\), \(V = {2, 3, 3, 5}\)
    • The difference \(U - V\) following the rules is:
      • For element \(1\): \(U(1) - V(1) = 1 - 0 = 1\) (since \(1\) appears in \(U\) but not in \(V\)).
      • For element \(2\): \(U(2) - V(2) = 2 - 1 = 1\) (\(1\) occurrence of \(2\) in \(U\) and \(1\) in \(V\)).
      • For element \(3\): \(U(3) - V(3) = 1 - 2 = 0\) (\(2\) occurrences of \(3\) in \(V\) and \(1\) in \(U\), the result is \(0\) as per the rule).
      • For element \(4\): \(U(4) - V(4) = 1 - 0 = 1\) (since \(1\) occurrence of \(4\) in \(U\) but none in \(V\)).
      • For element \(5\): \(U(5) - V(5) = 0 - 1 = 0\) (since \(1\) occurrence of \(5\) in \(V\) but none in \(U\), so the result is \(0\)).
    • Therefore, the difference of multisets \(U - V\) would be: \(U - V = {1, 2, 4}\).
  • Intersection of two multisets \(U \cap V\) is \(min(U(r),V(r))\)
    • Let's define: Multiset \(U = {1, 2, 2, 3, 4}\), \(V = {2, 3, 3, 5}\)
    • The intersection \(U \cap V\) using the rule provided is:
      • For element \(2\): \(min(U(2), V(2)) = min(2, 1) = 1\) (as \(1\) occurrence of \(2\) in \(V\) and \(2\) occurrences in \(U\))
      • For element \(3\): \(min(U(3), V(3)) = min(1, 2) = 1\) (as \(2\) occurrences of \(3\) in \(V\) and \(1\) in \(U\))
      • Therefore, the intersection of multisets \(U\) and \(V\) is: \(U \cap V: \{2, 3\}\)
  • If \(g\) is a function on multisets, then \(g^k\) denotes the $k$-fold iteration of \(g\); thus \(g^1 = g\), \(g^2 = g\circ g\), etc.
  • Minimum of multiset \(min(U) := \min\{r\in \mathbb{R}: U(r)\ne 0\}\)
  • Maximum of multiset \(max(U) := \max\{r\in \mathbb{R}: U(r)\ne 0\}\)
  • For a non-empty \(U\), range of \(U\) denoted by \(\rho(U)\) is the interval \([min(U),max(U)]\)
  • For a non-empty \(U\), diameter of \(U\) denoted by \(\delta(U)\) is \(max(U)-min(U)\)
  • For a non-empty \(U\), mean of \(U\) denoted by \(mean(U) = \sum\limits_{r\in \mathbb{R}}\dfrac{rU(r)}{|U|}\).
  • For a non-empty \(U\), define \(s(U)\) as the multiset obtained by removing the smallest element in \(U\), i.e., \[ s(U) = \begin{cases} U(r) - 1 & \text{if } r = min(U) \\ U(R) & \text{otherwise}\end{cases}\]
  • For a non-empty \(U\), define \(l(U)\) as the multiset obtained by removing the largest element in \(U\), i.e., \[ l(U) = \begin{cases} U(r) - 1 & \text{if } r = max(U) \\ U(R) & \text{otherwise}\end{cases}\]
  • For a multiset \(|U| \ge 2\), define \(reduce(U) = s(l(U))\)
\begin{lemma}
Suppose that $V$ and $W$ are non-empty multisets. Then
\begin{enumerate}
  \item $|V \cap W| - |s(V) \cap s(W)| \le 1$
  \item $|V \cap W| - |l(V) \cap l(W)| \le 1$
\end{enumerate}
\end{lemma}
\begin{proof}
  Let $s_{v}$ and $s_{w}$ be the elements that are removed from the multisets $V$ and $W$ respectively to obtain $s(V)$ and $s(W)$.
  If $s_{v} = s_{w}$, then this element belongs to both $V$ and $W$. Thus, it is present in $V\cap W$. Since they are the minimums in both sets, the only element missing in $s(V)\cap s(W)$ is $s_{v}$. As a result, $|V \cap W| = |s(V) \cap s(W)| + 1$.
  Else, then both elements $s_{v}$ and $s_{w}$ do not belong to $V \cap W$. Thus, $|V\cap W| = |s(V) \cap s(W)|$.
  The proof for (2) is similar.
\end{proof}

\begin{lemma}
Suppose that $j$ is a non-negative integer and that $V$ and $W$ are multisets such that $|V| \ge 2j$ and $|W| \ge 2j$. Then
\[ V \cap W - |reduce^{j}(V)\cap reduce^{j}(W)| \le 2j\]
\end{lemma}
\begin{proof}
  Applying Lemma 1 once results in $|V \cap W| - | s(V) \cap s(W)| \le 1$ or $|V \cap W| \le |s(V)\cap s(W)| + 1$. Applying it again, results in $|V \cap W| \le |s(V) \cap s(W)| \le |l(s(V)) \cap l(s(w))| + 2$ or $|V\cap W|\le |reduce(V) \cap reduce(W)| + 2$.
  Applying this iteratively for $i in 1,\ldots,j$, we get the statement in the lemma.
\end{proof}

\begin{lemma}
Suppose that $j$ is a non-negative integer and that $U$ and $V$ are non-empty multisets such that $|V-U|\le j$ and $|V|\ge 2j$. Then $\rho(reduce^{j}(V))\subseteq \rho(U)$.
\end{lemma}
\begin{proof}
Suppose $\rho(reduce^{j}(V))\not\subseteq \rho(U)$.
Then either $min(reduce^{j}(V))<min(U)$ or $max(reduce^j(V))>max(U)$.
If $min(reduce^j(V)) < min(U)$, then $\Sigma\limits_{r<min(U)}V(r) \ge j+1$.
Hence, $|V-U| \ge j+1$, which contradicts the hypothesis.
The other case can also be similarly shown to contradict the hypothesis.
\end{proof}
  • (Lemma 3) If two multisets \(U\) and \(V\) differ by \(j\), and their sizes are at least \(2j\), then the range of $j$-reduced \(V\) is a subset of the range of \(U\), i.e., \(\rho(reduce^j(V)) \subseteq \rho(U)\).
  • Define \(c(m,k) = \lfloor \frac{m-1}{k}\rfloor + 1\), where \(m\) is the number of elements in \(U\).
    • E.g., Basically, divides a set of size \(m\) into \(k\) groups
  • Lemma 4 holds for any \(k\).
  • In async. \(|U-V|\)
  • My understanding of constraints:
    • Let \(t_c\) be the number of parties that can crash.
    • Let \(t_b\) be the number of parties that are Byzantine.
    • Q. What happens to the rate of convergence? For sync., \(n>??t_c + ??t_b\), rate of convergence?
    • Is reduction a part of

Example:

  • Nodes: {1,2,3,4} Srini: {1,2,3,} Adi: {1,3,4} Now if 3 is Byz, there is 3,3' \(U-V\) is \(n-3t\) 3t comes from,
    • We are waiting for \(n-t\), we subtract \(2t\)
    • \(t\) liars

Approx. Agreement

  • Constraints:
    • Sets should be not empty
    • Convergence > 0
  • Factors:
    • # of values collected: |U|
    • # of values in intersection: I
  • Draft structure:
    • All parties have input values \(v_i\)
    • All parties collect others' \(v_i\) in set \(U\)

Questions:

  1. Generalize approx. agreement structure so we can argue for all future network models and fault models.
  2. Improve the quality of approx. agreement? Reduce epsilon.
  3. Given n>2t e approx. agreement, can we get n>3t exact agreement? (For lower bound)

Notes

  • First approximate agreement protocol

References

Danny Dolev, Nancy A. Lynch, Shlomit S. Pinter, Eugene W. Stark, and William E. Weihl. 1986. “Reaching approximate agreement in the presence of faults.” https://dl.acm.org/doi/10.1145/5925.5931.