A Correctness Proof for a Practical Byzantine-Fault-Tolerant Replication Algorithm

We have developed a practical algorithm for state-machine replication [7, 11] that tolerates Byzantine faults. The algorithm is described in [4]. It offers a strong safety property — it implements a linearizable [5] object such that all operations invoked on the object execute atomically despite Byzantine failures and concurrency. Unlike previous algorithms [11, 10, 6], ours works correctly in asynchronous systems like the Internet, and it incorporates important optimizations that enable it to outperform previous systems by more than an order of magnitude [4].