On Time-Optimal, Fault-Tolerant Algorithms for Connected Consensus Beyond Grade Two

Arteaga Vázquez, Alan Ernesto

doi:10.4230/LIPIcs.OPODIS.2025.24

On Time-Optimal, Fault-Tolerant Algorithms for Connected Consensus Beyond Grade Two

Alan Ernesto Arteaga Vázquez

Universidad Nacional Autónoma de México (UNAM), Mexico City, Mexico

Abstract

A common question in the asynchronous model is whether some given notion of agreement between processes is achievable. Usually, we formalise such agreement notions in the form of agreement problems. Some of these problems also receive the name of coordination primitives. Several fault-tolerant algorithms in asynchronous systems rely upon the use of different primitives as building blocks, such as adopt-commit, crusader agreement, or graded broadcast.

Recently, the connected consensus problem – a form of agreement over a specific family of graphs parametrised by a positive integer $R$ – was introduced. This problem unifies the three mentioned primitives while extending them for multi-valued inputs. Moreover, the problem is equipped with a security condition called binding, which limits the effect of malicious processes over the decision of correct parties. While fault-tolerant connected consensus algorithms for $R=1$ and $R=2$ are known, the existence of algorithmic solutions for any positive integer parameter remained an open question.

In this work, we introduce a pair of fault-tolerant algorithms for connected consensus when the $R$ parameter is any positive integer. We introduce a crash-resilient algorithm, which is optimal with respect to the maximum number of possible faulty processes. Our second algorithm is resilient to Byzantine failures; whose failure-resilience is optimal for a specific class of algorithms. Both algorithms satisfy the binding property and match the best known time complexities achieved for the $R=1$ and $R=2$ cases, further achieving time optimality for the general case in the crash-failure setting, and asymptotic time optimality in the Byzantine scenario.

Keywords and phrases:

Approximate Agreement, Binding, Connected Consensus

Copyright and License:

2012 ACM Subject Classification:

Theory of computation

\rightarrow

Distributed algorithms

DOI:

10.4230/LIPIcs.OPODIS.2025.24

Event:

29th International Conference on Principles of Distributed Systems (OPODIS 2025)

Editors:

Andrei Arusoaie, Emanuel Onica, Michael Spear, and Sara Tucci-Piergiovanni

Series and Publisher:

Leibniz International Proceedings in Informatics, Schloss Dagstuhl – Leibniz-Zentrum für Informatik

1 Introduction

A central task in theoretical distributed computing is to enquire whether it is possible to achieve some agreement notion between processes that participate in a distributed system. Commonly, this task involves solving agreement problems – coordination tasks defined using a list of properties that establish how processes must decide over a set of valid values. Typically, one must fix a specific computation model with a well-defined communication mechanism between processes to formally describe the setting of such problems. Taking this into consideration, a classical model for studying agreement problems is the asynchronous model. In this model, processes communicate point-to-point via message passing over a complete network; also, there is a guarantee of the arrival of messages, yet there is no bound on their delay. In particular, we are interested in the solvability of agreement problems in such a model when we consider processes that exhibit faulty behaviour, such as crash failures or Byzantine faults.

A cornerstone result in the area is precisely the impossibility of deterministically reaching consensus in the asynchronous model if we assume the presence of even a single faulty process [18]. In order to circumvent this impossibility, different algorithmic approaches are often explored to achieve termination for consensus protocols under particular circumstances, which combine classic mechanisms such as randomisation or failure detectors with coordination primitives, which are precisely agreement problems with weaker agreement notions than consensus. Some of such primitives include adopt-commit [20], crusader agreement [13], and graded broadcast [16].

After some consideration, it is clear that the latter primitives are similar in nature: all of them depend upon the agreement on either the same or adjacent vertices of a specific kind of graph, thus, intuition suggests an intrinsic relationship between them. Recently, Attiya and Welch [11] presented an agreement problem called connected consensus. This problem effectively unifies the resolution of the three previous primitives by reaching approximate agreement on a particular class of graphs parametrised by a positive integer $R$ which is called the refinement parameter. In [15], $R$ is also referred to as the grade of the graph; hence, an alternate name for the problem is graded consensus. Moreover, the authors further generalise such primitives by extending the problem in order to accept multi-valued inputs. Furthermore, this recent problem definition also incorporates the binding property previously defined for the binary crusader agreement problem, which results helpful at limiting the decision power of malicious processes over the protocol’s final outcome.

There exist agreement problems, such as approximate graph agreement, that generalise connected consensus. Yet their known algorithms, for example [5], though capable of tolerating Byzantine failures, do not satisfy the binding property while also requiring exponential local computation. Therefore, the connected consensus problem remains a relevant research topic when we both need agreement on special-case graphs, and adversarial decision-power limitation by means of the binding property; not to mention its usefulness in works such as [15].

It is worth mentioning that, in the paper that introduced the connected consensus problem, Attiya and Welch also present algorithms for instances where the refinement parameter $R$ is either $1$ or $2$ – one for crash faults and two for malicious failures – while preserving the binding property. Additionally, the authors prove that the crash-resilient algorithm and one Byzantine-tolerant algorithm are optimal with respect to the number of communication rounds between processes. However, it remained an open question whether it was possible to devise algorithms for connected consensus instances where $R>2$ , and if so, if it was possible to satisfy the binding property all the same.

Therefore, as our main contribution within this work, we present algorithms that solve connected consensus for any positive integer parameter $R$ in the presence of both crash and Byzantine failures, therefore answering the open question in the affirmative.

As a first result, we present an algorithm that is tolerant to $f<n/2$ crash failures, with $n$ being the total number of processes and $f$ the maximum number of faulty parties. This algorithm successfully solves connected consensus for any positive integer $R$ parameter. For this algorithm, we make use of an averaging approach, which allows us to quickly reduce the decision space of possible vertices that processes are able to output as a solution. We prove this algorithm optimal with respect to the maximum number of crashed processes it can tolerate; and we do so by using a fault-resilience lower bound introduced by Attiya and Welch in their seminal work, which we explain in more detail in the section dedicated to prior work. We also prove that the binding property holds in this algorithmic solution. This algorithm runs in $\log_{2}R+1$ rounds, hence matching the time complexity for $R=1,2$ of the previous algorithm for crash faults by Attiya and Welch, which was in turn, optimal according to the number of rounds.

Next, as a second and core contribution, we introduce a Byzantine-tolerant algorithm for connected consensus, which again manages to solve the problem for any instance with parameter $R\geq 1$ . This algorithm tolerates up to $f<n/5$ Byzantine failures which, albeit suboptimal in the general case, is in fact optimal for a class of connected consensus algorithms that Attiya and Welch call uniform. For this class of algorithms, we refer to a proof presented by the authors of the connected consensus paper. This proof is discussed within the “previous work” section of this paper. Regarding this second algorithm, we take inspiration from an algorithm tool called witness technique; which originally Abraham, Amit, and Dolev [1] introduced to achieve a Byzantine-tolerant approximate agreement algorithm on the asynchronous setting.

By combining this approach with an averaging technique similar to the crash-tolerant algorithm, we are able to devise an algorithm that makes use of a reduced number of communication rounds. In fact, we are able to match the time complexity for $R=1,2$ of the fast Byzantine-tolerant algorithm proposed by Attiya and Welch; which in turn, is optimal for these two parameter scenarios.

Table 1: Comparison of connected consensus algorithms proposed in this paper and in [11]. The total number of processes is denoted by

n

, and

f

is the maximum number of faulty processes. We denote the partially-ordered input set of values by

V

.

Failure model	Crash		Byzantine
Algorithm	Alg. 1	[11, Alg. 1]	Alg 2	[11, Alg. 2]	[11, Alg. 3]
Fault-tolerance	$n>2f$	$n>2f$	$n>5f$	$n>5f$	$n>3f$
Messages	$O(n^{2})$	$O(n^{2})$	$O(n^{2})$	$O(n^{2})$	$O(\|V\|\cdot n^{2})$
Time $(R=1)$	1	1	1	1	5
Time $(R=2)$	2	2	2	2	7
Time $(R>2)$	$\log_{2}(R)+1$	-	$\log_{2}(R)+1$	-	-
Binding property	Yes	Yes	Yes	Yes	Yes

For reference, Table 1 compares the algorithms introduces in this paper with prior work, from where it becomes clear that the algorithms introduced in this work match time-optimality from previous algorithms for $R=1,2$ , while achieving for the first time solutions for positive values of $R$ beyond grade $2$ . It is important to mention that both algorithms introduced in this paper work for the multi-valued input scenario; and that, as a key feature, preserve the binding property. In brief, our contributions are the following:

$\blacksquare$

We introduce a connected consensus algorithm resilient to crash failures for multi-valued inputs. This first algorithm exhibits tolerance to at most $f<n/2$ faulty processes, which is optimal using a result discussed in the next section. Also, it uses one communication round for $R=1$ and two communication rounds for $R=2$ . Therefore, our Algorithm matches the time-complexity of the crash-fault algorithm introduced by Attiya and Welch for the $R=1$ and $R=2$ cases; which turns out to be optimal for these scenarios. Moreover, this algorithm achieves solutions for $R>2$ for the first time using a logarithmic number of rounds. We also show that this approach satisfies the binding property.
$\blacksquare$

As a second contribution, we provide a Byzantine-resilient algorithm with fault tolerance of $f<n/5$ and logarithmic time complexity. As with the crash-tolerant algorithm, this algorithm effectively solves connected consensus for any positive parameter $R$ . In a similar fashion to the previous algorithm, our algorithm matches the time-complexity of the only known algorithm for malicious failures, also optimal for the $R=1,2$ scenarios. Regarding fault-tolerance, we rely on a preliminary result which we present in the subsequent section to argue that our approach attains the best possible resilience bound without sacrificing clarity in its implementation. Finally, we prove that the binding property holds for this second algorithm as well.

The remainder of this paper is structured as follows. In Section 4, we provide a review of the previous results known algorithms for connected results presented by Attiya and Welch, in addition, we will briefly describe the interesting witness technique, which served as inspiration for the development of the Byzantine-tolerant algorithm we present in this work. Section 2 covers the definition of the asynchronous model upon which our problem is defined. Next, Section 3 presents the formal definition of the connected consensus problem for multi-valued inputs; we define the binding property, and include several other key definitions and useful notation as well.

As the core discussion of our work, Sections 5 and 6 present the fault-tolerant connected consensus algorithms for crash and Byzantine faults respectively. Finally, we bring our work to a close in Section 8.

2 Model of computation

In this work, we consider a standard message-passing asynchronous model consisting of a set of $n$ processes. In this model, processes communicate by sending messages to one another through a complete communication network of reliable bi-directional channels. These channels are point-to-point, therefore every process is able to directly communicate with any other (including itself) within the network.

As we consider full asynchrony in our model, we assume that messages sent in the communication network have an unbounded, yet finite transit time between the instant a certain process sends a message and the moment the target process receives it.

We also consider two possible kinds of failures that processes in our model may present: crash and malicious failures. Crash failures occur when faulty parties stop taking any additional computing steps and, consequently, stop communicating with other processes in the network from a certain instant in time onwards. For this kind of failure, we assume that processes do not recover and stay silent during the remainder of the execution of any distributed algorithm. On the other hand, parties that exhibit malicious failures (also known as Byzantine failures) behave in an arbitrary manner that may be even aimed to corrupt the outcome of the algorithm for correct parties. We call any process that exhibits faults faulty; furthermore, we use the terms malicious or dishonest for a process if its faults are Byzantine. Additionally, we denote by $f$ the maximum number of parties that behave in a faulty manner in the execution of a protocol.

In our model, processes are given a particular input value $v$ at the start of their execution from a set of possible input values $V$ . Furthermore, as we are interested in the decision that correct processes reach during the execution of a distributed algorithm, we also consider a particular output set from which processes end up deciding a particular value which we refer to as the output or decision of the process. If some correct process has decided a value among the output set, we say that it has decided on a value; notice that this decision may occur at any point of the execution of the algorithm.

Finally, in order to evaluate the performance of algorithms that solve the connected consensus problem, we present both time and communication measures for complexity. Take into account that we analyse complexities for the worst-case scenario of any execution. For time complexity, we adopt the same definition for asynchronous message-passing systems that Attiya and Welch use in the previous paper [11]. It is important to note that the definition used in this paper is, in turn, adopted from [9]. While this time measure is adequate for a granular time complexity analysis, for simplicity, we analyse our algorithms in terms of “rounds”. This is a time measure used likewise in the previous paper, which is directly comparable “time complexity” measure. A proper definition of this measure appears in [2]. Throughout this paper, we use the terms rounds and communication rounds interchangeably.

For communication complexity, we simply consider the maximum number of messages sent by correct processes over all the possible executions of a connected-consensus solving algorithm.

3 The Connected Consensus Problem definition

Let $V$ be a set of well-ordered values, and consider a special value $\bot\notin V$ . Given a specific positive integer value $R$ which we call the refinement parameter (also grade, following [15]), we denote by $G_{S}(V,R)$ the “spider” graph with central vertex $(\bot,0)$ , such that $G_{S}$ has exactly $|V|$ paths spanning from the central vertex, each with length $R$ and having $R$ vertices different than the central vertex, labelled $(v_{i},1)$ through $(v_{i},R)$ for $i\in\{1,\dots,|V|\}$ . Notice that $G_{S}(V,R)$ is indeed a special kind of tree, thus connected and acyclic, and that for any value $v\in V$ , the vertex $(v,R)$ is a leaf.

Hence, $G_{S}(V,R)$ is given by the vertex set

V_{G_{S}(V,R)}=\{(\bot,0)\}\cup\{(v,r)\mid v\in V,1\leq r\leq R\}

and the edge set

	$\displaystyle E_{G_{S}(V,R)}=$	$\displaystyle\{((\bot,0),(v,1))\mid v\in V\}\;\cup$
		$\displaystyle\{((v,r),(v,r+1))\mid v\in V;1\leq r,r+1\leq R\}$

Figure 1: Spider graph for

V=\{1,2,3\},\,R=3

.

Moreover, consider a subset of input values $V^{\prime}\subseteq V$ and define $T(V,R,V^{\prime})$ , the minimal subtree of $G_{S}(V,R)$ as the induced subtree that connects the set of leaves $\{(v,R)\mid v\in V^{\prime}\}$ . It is important to note that when $V^{\prime}$ consists of a singleton $\{v\}$ , then the minimal subtree is a single leaf, namely $(v,R)$ . Furthermore, let $I=\{(v,R)\mid v\text{ is the input of a (correct) process}\}$ be the set of leaves induced by the inputs of correct processes. We define $T(V,R,I)$ as the correct minimal subtree of $G_{S}(V,R)$ .

Finally, let $(v,r),(v^{\prime},r^{\prime})$ be a pair of vertices of $G_{S}(V,R)$ . We define the middle vertex of $(v,r),(v^{\prime},r^{\prime})$ as $(\bot,0)$ if $v\neq v^{\prime}$ and and neither $v$ nor $v^{\prime}$ equal $\bot$ , $(v,\lceil\frac{r+r^{\prime}}{2}\rceil)$ if $v=v^{\prime}$ , and, without loss of generality, $(v,\lceil\frac{r+r^{\prime}}{2}\rceil)$ if $v\neq v^{\prime}$ and $v^{\prime}=\bot$ .

Thus, we define the connected consensus problem for $V$ , $R$ , with each process receiving a particular input value from $V$ through the following properties:

Termination.: Each correct process must decide on a vertex of $G_{S}(V,R)$ .
Validity.: The decision of each (correct) process must be a vertex within the correct minimal subtree of $G_{S}(V,R)$ . It is important to note that, in particular, if all processes start with the same input $v$ (and thus $I$ is a singleton), then the vertex $(v,R)$ must be the decision for each (correct) process.
Agreement.: The distance between the vertices labelled by the decisions of all (correct) processes is at most one.

Notice that the output set for the connected consensus problem for $V, R$ is exactly the set $V_{G_{S}(V,R)}$ , but since there is only one input value associated with each vertex of such set, a value $v\in V$ is uniquely determined from the decision of each process.

Alongside the previous requirements for the connected consensus problem, we may require yet another interesting safety condition called binding, as proposed before for the Crusader Agreement primitive [13]. Such property can be stated as follows:

Binding.: After the first (correct) process decides a vertex $(v,r)$ , with $v\in V,r\in\{1,\dots,R\}$ , the decision of every other (correct) process must be on the same branch labelled by $v$ of the spider graph.

It is noteworthy that in any execution in which the first correct process decides any vertex but $(\bot,0)$ , then the binding condition follows from Agreement; moreover, it is not difficult to deduce that the same argument holds when $R=1$ .

4 Previous work

In the full version of the paper defining the connected consensus problem [10], the authors also establish lower bounds on both fault-resilience and time-complexity for connected consensus algorithms that tolerate either crash faults or malicious behaviour. Using these bounds as a reference, Attiya and Welch proposed the only multi-valued connected consensus algorithms with the binding property to date.

In this section, we first review and formally state these lower bounds, noting that that they also hold for the algorithms that we present as the main contribution of our paper. Then, we discuss the only known connected consensus algorithms, highlighting their time and message complexity, while examining both their strengths and limitations.

Finally, we provide a brief overview of the witness technique, a recently proposed method originally applied to the closely related approximate agreement problem. This discussion is included since the technique plays a central role in the Byzantine-tolerant algorithm that we propose, which solves multi-valued connected consensus with binding for any positive integer parameter $R$ .

4.1 Connected consensus lower bounds for fault-tolerance and time complexity

Following the results presented by Attiya and Welch in the full version of the connected consensus paper, we note that there is a fault-resilience lower bound for solving connected consensus in the presence of crash faults. The authors obtained this result using a standard partition argument over the set of processes of the distributed system. We formally state the result as follows:

Proposition 1 ([10, Appendix A]).

For any connected consensus algorithm for $R\geq 1$ with $n$ processes, out of which at most $f$ may crash, then at least $n>2f$ is required.

Additionally, there is a lower bound for the number of rounds required to achieve connected consensus when considering crash faults and $R=2$ under a particular fault-resilience assumption. For this bound, the authors employed a reduction from approximate agreement. We state this lower bound result as follows:

Proposition 2 ([10, Appendix B.1]).

For any connected consensus algorithm for $R=2$ with $n$ processes, out of which at most $f$ may crash, at least two communication rounds are necessary if $n\leq 4f$ .

Now, regarding Byzantine faults, we also find lower bounds for both the maximum number of processes that may behave maliciously and the number of communication rounds required when $R=2$ , obtained by means of analogous arguments to those of the crash-faults scenario. Such bounds are the following:

Proposition 3 ([10, Appendix A]).

For any connected consensus algorithm for $R\geq 1$ with $n$ processes, out of which at most $f$ are malicious, then at least $n>3f$ is required.

Proposition 4 ([10, Appendix B.1]).

For any connected consensus algorithm for $R=2$ with $n$ processes, out of which at most $f$ may crash, at least two communication rounds are necessary if $n\leq 9f$ .

Finally, we present a more subtle result obtained by Attiya and Welch related to the binding property. Consider a connected consensus algorithm such that each process obtains $n-f$ values, at most one, from each process, and then decides based only on the multiset of values it has received; moreover the algorithm is such that for any pair of processes $p, q$ that obtain values corresponding to some process $r$ , then the values received from $r$ are the same, and if $r$ is correct, then the received values correspond to $r$ ’s input. Therefore, we say this algorithm is uniform. With this in mind, the result is the following:

Proposition 5 ([10, Appendix G, Theorem 19]).

For any uniform connected consensus algorithm for $R=1$ with $n$ processes, out of which at most $f$ are malicious such that satisfies the binding Property, then $n>5f$ .

4.2 Previous connected consensus algorithms

As a first algorithm, Attiya and Welch introduced a crash-tolerant algorithm that works when $R$ is either $1$ or $2$ , while requiring $n>2f$ . The key idea behind their solution is to perform as many communication rounds as the value of R: the algorithm first executes a communication round to decide on a branch of the spider graph; next, it uses a second round to decide on a particular vertex that lies within the selected branch, beginning at the central vertex.

Using a natural generalisation of this approach, we can obtain a safe algorithm with the same resilience. The generalisation works as follows: the first communication round again fixes a branch of the spider graph. Then, in subsequent rounds, the processes start at the central vertex and progressively refine the outcome, moving one vertex at a time towards the leaf corresponding to the chosen branch. Clearly, a drawback of this extension is its time complexity, since it would require a linear number of rounds, namely, as many rounds as the $R$ parameter. We state the formal result regarding this crash-tolerant algorithm proposed by Attiya and Welch as follows:

Proposition 6 ([11, Theorem 3]).

Consider a standard asynchronous model consisting of $n$ processes, out of which at most $f$ may crash. If $n>2f$ , then Algorithm $1$ from [11] solves connected consensus with binding for $R=1,2$ in $R$ rounds, sending $O(n^{2})$ messages.

Furthermore, the authors present a pair of Byzantine-tolerant connected consensus algorithms for $R=1,2$ . The following are the formal results related to these algorithms, respectively:

Proposition 7 ([11, Theorem 4]).

Consider a standard asynchronous model consisting of $n$ processes, out of which at most $f$ are Byzantine. If $n>5f$ , then Algorithm $2$ from [11] solves connected consensus with binding for $R=1,2$ in $R$ rounds, sending $O(n^{2})$ messages.

Proposition 8 ([11, Theorem 5]).

Consider a standard asynchronous model consisting of $n$ processes, out of which at most $f$ are Byzantine. If $n>3f$ , then Algorithm $3$ from [11] solves connected consensus with binding for $R=1,2$ in $5,7$ rounds respectively, sending $O(|V|\cdot n^{2})$ messages.

From the results in Section 4.1, it is clear that Attiya and Welch’s Algorithm $1$ is both optimal in time and fault tolerance. On the other hand, Byzantine-tolerant Algorithm $2$ is fault-optimal, whereas Byzantine-tolerant Algorithm $3$ is time-optimal. Lastly, an important observation is that all three algorithms assume $R=1,2$ ; hence, algorithmic solutions for $R>2$ remained unattempted in the original paper. In the following two sections, we address this gap by presenting new algorithms that extend the results to the general case $R>2$ .

4.3 The witness technique and resilience-optimal approximate agreement

As discussed in the introduction, several agreement problems have been introduced due to the impossibility of achieving consensus in asynchronous systems. One such problem first proposed by Dolev et. al [14] is approximate agreement, which arises from the relaxation of the consensus agreement property. The goal of this problem is for a set of processes receiving inputs from a given space to eventually decide values that lie in the convex hull of the inputs of correct processes. Additionally, any algorithm that solves approximate agreement must ensure that any two decided values differ in less than a fixed $\varepsilon$ parameter. This $\varepsilon$ parameter serves as an upper bound for the distance between any two decided values. As stated before, we can define the approximate agreement problem for $\varepsilon>0$ through the following list of properties. This list is analogous to consensus, except that the agreement property is relaxed:

Termination.: Each nonfaulty process decides a value.
Agreement.: If processes $p_{i},p_{j}$ decide values $v_{i},v_{j}$ , then $||v_{i}-v_{j}||\leq\varepsilon$ for all nonfaulty processors $p_{i}$ , $p_{j}$ (no two correct processes decisions differ more than $\varepsilon$ ).
Validity.: Any decided value from honest parties must be within the convex hull of the initial values of honest processes.

A key result established by Fischer, Lynch, and Merritt [17] is that fewer than $n/3$ processes may exhibit malicious behaviour to solve approximate agreement in the asynchronous model.

Since the introduction of approximate agreement, several fault-tolerant algorithms have been proposed. Among these, an interesting solution by Abraham, Amit, and Dolev [1], which matches the mentioned $n>3f$ resilience lower bound, employs a novel idea known as the witness technique. In this approach, processes exchange their inputs using reliable broadcast, which prevents malicious parties from sending different values to different processes. Additionally, each process $p$ waits to receive a set of process identifiers from each other process. Next, if at some point the set of processes of $p$ for which it has received input values so far fully contains the set of processes reported by some process $q$ , then $p$ marks $q$ as a witness.

This technique is the core mechanism behind the gather coordination primitive, alongside applications such as asynchronous key generation [3], and a consensus protocol that relies on randomisation [9]. Finally, it is noteworthy that our Byzantine-tolerant algorithm in Section 6 draws heavy inspiration from the witness technique. Within the latter algorithm, this technique plays a central role in its ability to mitigate the effects of values proposed by malicious parties.

5 Crash-Tolerant Algorithm

Consider an asynchronous system with $n$ processes, out of which $f$ may crash. Recall that, following Proposition 1, $n>2f$ is required to solve connected consensus for any instance where $R\geq 1$ . Taking this into consideration, we introduce in this section a connected consensus algorithm for $n$ processes that works for any positive integer refinement parameter $R$ using logarithmic time, more specifically, it uses $\log_{2}R+1$ communication rounds, thus matching the optimal complexity for $R=1,2$ as detailed in Proposition 2.

The central idea behind this algorithm is to note that the fault-resilience bound $n>2f$ nicely outlines a fixed number of different scenarios in which the input values of processes may be categorised in any instance of the connected consensus problem. More precisely, it turns out that there exist only three viable scenarios for any input set $V$ (Appendix A, Corollary 17). Using this result as a starting point, we devise an algorithm whose core property is the following: at the end of each round we preserve a restricted number of scenarios for the values that processes hold as their current value. We achieve this by using an averaging approach, in which processes exchange values, and compute values that lie in the average of the set of received values. In a nutshell, we initialise the current decision as a leaf on the spider graph, and we then update it as new information regarding the topology of the network is gathered.

The algorithm proceeds as follows. At the beginning of the algorithm, each process with input $v\in V$ starts with a vertex variable, initially pointing to the leaf vertex $(v,R)\in V_{G_{S}(V,R)}$ . It is important to notice that this approach differs from the one used in the previous crash-tolerant algorithm from [11]; since we begin at leaf vertices and then work inwards, instead of first choosing a branch and then work outwards.

Afterwards, during each round labelled by $r$ , every process sends its current vertex value in a message tagged with the Round_r flag. Next, each process waits for exactly $n-f$ messages for the current round, and stores the corresponding vertex values in a $W_{r}$ set. Then, the process computes a new vertex value for its vertex variable, based in the number of different values stored in the $W_{r}$ set. For any process, one out of three possible vertices is assigned to its $v e r t e x$ variable. These vertices are either:

$\blacksquare$

A vertex $v\in V_{G_{S}(V,R)}$ if $W_{r}$ is a singleton $W_{r}=\{v\}$ .
$\blacksquare$

A middle vertex if $W_{r}$ consists of exactly one pair of vertices.
$\blacksquare$

The special central vertex $(\bot,0)$ if $W_{r}$ consists of more than two vertices.

As the core result behind the behaviour of the algorithm, we prove an important invariant: that at the end of any round, there exist only two possible vertices that figure as values of the $v e r t e x$ variable of any process. Finally, after exactly $\log_{2}R+1$ rounds, each process decides the vertex value stored in its $v e r t e x$ variable during the final round. By stating the previous invariant as an extended result (Appendix A, Lemma 21); we show that, at the end of the algorithm, all decided vertices lie at distance at most one in the spider graph. Hence, the agreement property holds.

As a subtle (yet important) result, we prove that for the single-input-value scenario, all processes decide the same vertex of the spider graph (Appendix A, Lemma 19). Therefore, the validity property also holds. Moreover, since the number of rounds does not depend on the input of the algorithm, termination holds.

From the previous arguments, we now present the main result regarding Algorithm 1. The complete proof of this result appears in Appendix A.

Theorem 9.

If $n>2f$ , then Algorithm 1 solves connected consensus for $R\geq 1$ with $n$ processes, up to $f$ of which may crash; using $\log_{2}R+1$ rounds, and sending $O(n^{2})$ messages.

Algorithm 1 Connected Consensus algorithm for

R\geq 1

with

n

processes,

f<n/2

of which may crash; code for process

p

with input value

v\in V

.

As we mentioned in the introduction, a main reason behind proposing ad-hoc algorithms for connected consensus is that achieving the binding property is not trivial in algorithms for more general families of graphs. Thus, as a fundamental result, we prove that this algorithm also satisfies such property. We state this result as follows:

Theorem 10.

Algorithm 1 satisfies the binding condition for $R\geq 1$ .

The proof behind this result is also addressed in Appendix A. The intuition behind this proof is simple: we show that at the end of the first round, the $v e r t e x$ variable of any process can only point to one vertex out of a fixed pair of vertices which is solely determined by the inputs. Therefore, the corresponding branch of the spider graph whose ends are such vertices is already determined at the end of the first round.

6 Byzantine-Tolerant Algorithm

In this section, we outline the description of a connected consensus algorithm resilient to $f<n/5$ Byzantine failures. We take inspiration from the Attiya and Welch Byzantine-resilient algorithm with the same fault-tolerance discussed in Section 4.2, as well from the witness technique presented by Abraham, Amit, and Dolev [1], which we already discussed in the Previous Work section.

The idea of the algorithm is similar to the one used for the crash-tolerant algorithm introduced in the previous section; with the difference that we incorporate an additional mechanism to prevent malicious processes from corrupting the decision of correct processes. For this end, we rely on the use of the witness technique in each but the second round, alongside the convenient application of the reliable broadcast primitive, for which we assume a given implementation such as the one from Bracha [12].

In order to modularise the algorithm and to make the use of the two mentioned tools clear, we first define a subroutine called WitnessCollect, parametrised with a round number $r$ .

This subroutine receives as additional parameters a value $v$ which will be sent to other processes, a multiset $M_{r}$ where values coming from other processes will be stored, and an integer set $S_{r}$ that will store process identifiers in order to maintain small message sizes. The subroutine proceeds as follows for round $r$ : Firstly, each process sends the $v$ value alongside their identifier within a message labelled with $\textsc{Value}_{r}$ using reliable broadcast. Next, after receiving $n-f$ such messages (at most one per process) each process sends the set of identifiers of processes corresponding to received messages together with their identifier under the $\textsc{Report}_{r}$ label via reliable broadcast, while it keeps receiving $\textsc{Value}_{r}$ messages and storing their respective senders in the integer set. Afterwards, each process $p$ waits to receive $\textsc{Report}_{r}$ messages, reporting sets $S_{r}^{\prime}$ with $n-f$ process identifiers. If, at some given moment, a $S_{r}^{\prime}$ set of processes received from some process $q$ is entirely contained in the $S_{r}$ set of processes of process $p$ , then $p$ marks $q$ as a witness and adds it to a set of witnesses. Finally, once a process has successfully collected at least $n-f$ witnesses, then it removes the $f$ largest and $f$ smallest values from $M_{r}$ and stops adding further values to it.

Algorithm 1

\textsc{WitnessCollect}_{r}

; code for process

p

and round

r

.

Once we have outlined the signature of the WitnessCollect subroutine, we describe in detail the behaviour of the main algorithm.

At the beginning of the algorithm (as in the crash-tolerant approach) processes with input $v\in V$ are assumed to “point” to the corresponding leaf vertex $(v,R)\in V_{G_{S}(V,R)}$ through a vertex variable. Next, the number of rounds to perform is determined by the refinement parameter $R$ , each communication round being labelled with an integer $r$ . Upon the start of each round labelled with $r$ , a $M_{r}$ multiset and a $S_{r}$ set are defined. Next, the algorithm performs a different sequence of steps depending on the current round counter.

If the first round is executed (namely, if $r=1$ ), each process calls the WitnessCollect subroutine with the first entry of their vertex variable as the $v$ value argument. In other words, each process communicates its input value with all other processes, and waits to learn theirs. Subsequently, each process gathers input values from other processes and removes outlier values upon collecting at least $n-f$ witnesses. After removing outliers, each process sets its vertex variable to the leaf $(v,R)$ corresponding to value $v$ branch of the spider graph if the remaining values in the $M_{r}$ multiset are all copies of some value $v$ . Otherwise, if there is more than one distinct remaining value in $M_{r}$ , the process sets vertex to the central vertex $(\bot,0)$ . As we did for the crash-tolerant algorithm, we also show that there is a restricted number of different vertices that any correct process stores in the vertex variable at the end of the first round (Appendix B, Lemma 38). More precisely, those vertices are either $(\bot,0)$ or $(v,R)$ , with $v$ being some fixed input value coming from correct processes. In fact, this result prevents Byzantine processes from proposing invalid vertices in subsequent rounds, by fixing a branch at the end of the first round.

Next, during the second round, processes exchange the value of the branch computed during the first round: either $\bot$ , or $v$ . After receiving $n-f$ Branch messages, and storing the corresponding values, processes recompute their vertex value if necessary, according to the multiplicity of the values gathered in the multiset. Therefore, each process finishes the round with one out of three possible vertices in their vertex variable: either $(\bot,0)$ , $(v,1)$ , or $(v,R)$ . The reason behind this idea is to ensure that the branch values across all processes are consistent at the end of the round. Namely, all process point to vertices different than the central vertex within the same branch $v$ . Otherwise, if some process points to the central vertex, the only other vertex that any other process may point to is $(v,1)$ . This way, in subsequent rounds, processes avoid inconsistent values in their vertex variable, such as $(\bot,1)$ , which may appear if we use an averaging approach in each round. We use a result to show that these are the only two possible scenarios (Appendix B, Lemma 42).

Finally, in the remaining rounds we use the same approach as in the first round, with the only difference that processes aim to agree in the grade of their current vertex. As an important remark, we ensure that if the scenario with at least one process pointing to $(\bot,0)$ happens, then each subsequent round preserves the property of consistent vertices. Otherwise, each round contributes in reducing the distance between vertices lying in the same branch. This approach is key to making grade values converge rapidly.

Using the previous arguments, we manage to prove that in any scenario, the vertices decided by correct processes converge to distance at most one. As for proving validity and termination, we rely on analogous arguments to those of Algorithm 1.

Hence, as our central correctness result for the Byzantine-tolerant Algorithm 1 we have the following Theorem, whose complete proof is presented in Appendix B.

Theorem 11.

If $n>5f$ , then Algorithm 2 solves connected consensus for $R\geq 1$ with $n$ processes, up to $f$ of which may be Byzantine; using $\log_{2}R+1$ rounds, and sending $O(n^{2})$ messages.

Algorithm 2 Connected Consensus algorithm for

R\geq 1

with

n

processes,

f<n/5

of which may be Byzantine; code for process

p

with input value

v\in V

.

Finally, to conclude this section; in the same manner as with Algorithm 1, we prove that our Byzantine-tolerant algorithm also satisfies the binding property. The full proof is presented in Appendix B, and the formal result is as follows:

Theorem 12.

Algorithm 2 satisfies the binding condition for $R\geq 1$ .

Again, the proof follows a simple argument that we previously discussed while presenting the algorithm. Recall that at the end of the first round, the algorithm fixes a particular branch, namely, the one induced by the only two possible vertices $(\bot,0)$ , and $(v,R)$ . As we mentioned, this particular result prevents malicious process from proposing invalid branches for the remainder of the algorithm, following the removal of outliers within the WitnessCollect subroutine.

7 Time and message complexities

Now, we analyse both the time and message complexities of the algorithms introduced in the previous sections. First, we do it so for the crash-tolerant algorithm, and then, we do it again for the Byzantine-tolerant one.

Before we move on to the discussion of such complexities; it is worth noting that the prior work by Attiya and Welch already introduced some useful time lower-bounds for connected-consensus algorithms when $R=2$ in the full version of the paper. We can summarise those results through the following remark:

$\blacktriangleright$ Remark 13 ([10, Appendix B]).

Two rounds are necessary for solving connected consensus when $R=2$ in the presence of crash failures if $n\leq 4f$ . The same holds for malicious failures if $n\leq 9f$ .

7.1 Complexities for Algorithm 1

Beginning with time-complexity analysis: Since at least basic communication between processes is required, observe that at least one communication round is needed; hence, our first algorithm is optimal for $R=1$ . Following Remark 13, observe it is also optimal for $R=2$ .

Now for $R>2$ , we recall that, according to our previous description of the algorithm, a branch of the spider graph has already been fixed by the second round. Thus, the algorithm only needs to secure the agreement property in subsequent rounds. Observe that this problem is exactly the problem of approximate agreement on a subdivided path, on a path of length $R$ .

Therefore, in order to prove round optimality, we refer to a previous result by Attiya, et. al. [8] for asynchronous approximate agreement on a subdivided path. Observe that this problem is analogous to the one we just described, if we consider a $(0,1)$ path subdivided in $1/R$ segments. We restate their result as follows:

Proposition 14 ([8, Proposition 17]).

For every $\varepsilon\in(0,1)$ , $\varepsilon-$ agreement cannot be solved by $n\geq 2$ processes in less than $\lceil\log_{2}1/\varepsilon\rceil$ rounds.

Therefore we get the following result, considering a discretization of the $(0,1)$ interval:

Theorem 15.

For every path of length $R\geq 1$ , approximate agreement on an edge of the path cannot be solved by $n\geq 2$ processes in less than $\lceil\log_{2}R\rceil$ rounds.

Thus, using the previous result from the reduction from approximate agreement, we show that Algorithm 1 is time-optimal for $R>2$ .

Now, onto the message-complexity of the algorithm, it is clear that it corresponds to $O(n^{2})$ , since at any round $r$ , each process sends a message labelled with $r$ to any other process.

7.2 Complexities for Algorithm 2

For our second Algorithm, observe that if we observe the description of the Algorithm alone, without considering the WitnessCollect subroutine, the same arguments hold for both message and time complexities. Thus, we argue that this algorithm is still asymptotically time-optimal in terms of rounds, given the subroutine only implies a constant round overhead. Hence, the asymptotic complexity for the general case remains just the same.

Finally, with regards to message-complexity, at any round, we only consider the overhead of using some reliable broadcast implementation. Therefore, when using an implementation such as Bracha’s, we obtain the same complexity [19].

8 Conclusions

In this work, we successfully obtained connected consensus algorithms that work for cases where the refinement parameter $R$ is any positive integer, thus filling the gap left open by the algorithms presented in the original paper for scenarios where $R>2$ . We achieve this both for crash and Byzantine failures, while being driven by the goal of achieving asymptotic time-optimality in terms of communication rounds. Furthermore, in all presented algorithms we achieved the much-desired binding property, which is clearly deduced by the modular and clear nature of the algorithms. Our crash-tolerant algorithm achieves both time and resilience optimality, while using an approach that improves the $R$ -round-dependant approach used by Attiya, Welch. Moreover, although this algorithm works for any positive $R$ , it is self-contained in terms of employed primitives, since it relies only on basic message deliveries.

As the main contribution of this work, we provide an affirmative result concerning the possibility of achieving connected consensus in the presence of malicious faults for $R\geq 1$ via our Byzantine-tolerant algorithm, which achieves round optimality for the $R=1,2$ cases as prior algorithms did, while doing it so for $R>2$ . Furthermore, although it requires $n>5f$ , we deduce following the discussed result presented by Attiya and Welch that this resilience is needed given the uniform nature of the algorithm. We consider that the tradeoff between time and resilience complexity employed by our approach is justifiable in the light of the clarity and modularity achieved by our algorithm (cf. [11, Algorithm 3], which achieves fault-optimality through a significantly more complex code than the fault-suboptimal [11, Algorithm 2]). It is worth noting that concurrent work by Attiya, Flam, and Welch, presented as a DISC Brief Announcement [7] (full version [6]) also achieves a Byzantine-tolerant connected consensus algorithm for any $R$ through a reduction from the gather primitive.

As this work addresses the question of algorithmic solutions for connected consensus in any possible $R$ parametrised scenario where time-optimality is prioritised, an interesting further research direction is to inquire whether achieving fault-optimality in the presence of malicious faults justifies the intuitive required tradeoff with time-optimality. Another development is the possibility of translating the presented algorithms to models that differ from the one we used throughout this work either in communication mechanism (e.g. shared memory), timing (e.g. eventual synchrony), connectivity, or the nature of allowed faults. Finally, a possible future work is clearly the one related to find possible applications of connected consensus in different problems that benefit from the intuitive semantic behind the $R$ parameter, this is, a parametrisation of the degree of certainty (or preference) that a given process has over a proposed value. This may well include practical applications such as voting systems that quantify the trust/distrust of the participating agents, or theoretical ones that benefits from the use of variants of the commonly used crusader agreement primitive, such as [4].

References

[1] Ittai Abraham, Yonatan Amit, and Danny Dolev. Optimal resilience asynchronous approximate agreement. In Proceedings of the 8th International Conference on Principles of Distributed Systems, OPODIS’04, pages 229–239, Berlin, Heidelberg, 2004. Springer-Verlag. doi:10.1007/11516798_17.
[2] Ittai Abraham, Naama Ben-David, and Sravya Yandamuri. Efficient and adaptively secure asynchronous binary agreement via binding crusader agreement. In Proceedings of the 2022 ACM Symposium on Principles of Distributed Computing, PODC’22, pages 381–391, New York, NY, USA, 2022. Association for Computing Machinery. doi:10.1145/3519270.3538426.
[3] Ittai Abraham, Philipp Jovanovic, Mary Maller, Sarah Meiklejohn, Gilad Stern, and Alin Tomescu. Reaching consensus for asynchronous distributed key generation. In Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing, PODC’21, pages 363–373, New York, NY, USA, 2021. Association for Computing Machinery. doi:10.1145/3465084.3467914.
[4] Yehuda Afek, James Aspnes, Edo Cohen, and Danny Vainstein. Brief announcement: Object oriented consensus. In Proceedings of the ACM Symposium on Principles of Distributed Computing, PODC ’17, pages 367–369, New York, NY, USA, 2017. Association for Computing Machinery. doi:10.1145/3087801.3087867.
[5] Dan Alistarh, Faith Ellen, and Joel Rybicki. Wait-free approximate agreement on graphs. Theoretical Computer Science, 948:113733, 2023. doi:10.1016/j.tcs.2023.113733.
[6] Hagit Attiya, Itay Flam, and Jennifer L. Welch. Beyond canonical rounds: Communication abstractions for optimal byzantine resilience, 2025. doi:10.48550/arXiv.2510.04310.
[7] Hagit Attiya, Itay Flam, and Jennifer L. Welch. Brief Announcement: Communication Patterns for Optimal Resilience. In Dariusz R. Kowalski, editor, 39th International Symposium on Distributed Computing (DISC 2025), volume 356 of Leibniz International Proceedings in Informatics (LIPIcs), pages 46:1–46:7, Dagstuhl, Germany, 2025. Schloss Dagstuhl – Leibniz-Zentrum für Informatik. doi:10.4230/LIPIcs.DISC.2025.46.
[8] Hagit Attiya, Pierre Fraigniaud, Ami Paz, and Sergio Rajsbaum. One step forward, one step back: Flp-style proofs and the round-reduction technique for colorless tasks. In Rotem Oshman, editor, 37th International Symposium on Distributed Computing, DISC 2023, October 10-12, 2023, L’Aquila, Italy, volume 281 of LIPIcs, pages 4:1–4:23. Schloss Dagstuhl – Leibniz-Zentrum für Informatik, 2023. doi:10.4230/LIPICS.DISC.2023.4.
[9] Hagit Attiya and Jennifer Welch. Distributed Computing: Fundamentals, Simulations and Advanced Topics. John Wiley & Sons, Inc., Hoboken, NJ, USA, 2004.
[10] Hagit Attiya and Jennifer L. Welch. Multi-valued connected consensus: A new perspective on crusader agreement and adopt-commit, 2023. doi:10.48550/arXiv.2308.04646.
[11] Hagit Attiya and Jennifer L. Welch. Multi-Valued Connected Consensus: A New Perspective on Crusader Agreement and Adopt-Commit. In Alysson Bessani, Xavier Défago, Junya Nakamura, Koichi Wada, and Yukiko Yamauchi, editors, 27th International Conference on Principles of Distributed Systems (OPODIS 2023), volume 286 of Leibniz International Proceedings in Informatics (LIPIcs), pages 6:1–6:23, Dagstuhl, Germany, 2024. Schloss Dagstuhl – Leibniz-Zentrum für Informatik. doi:10.4230/LIPIcs.OPODIS.2023.6.
[12] Gabriel Bracha. Asynchronous byzantine agreement protocols. Inf. Comput., 75(2):130–143, November 1987. doi:10.1016/0890-5401(87)90054-X.
[13] Danny Dolev. The byzantine generals strike again. Journal of Algorithms, 3(1):14–30, 1982. doi:10.1016/0196-6774(82)90004-9.
[14] Danny Dolev, Nancy A. Lynch, Shlomit S. Pinter, Eugene W. Stark, and William E. Weihl. Reaching approximate agreement in the presence of faults. J. ACM, 33(3):499–516, May 1986. doi:10.1145/5925.5931.
[15] Mose Mizrahi Erbes and Roger Wattenhofer. Asynchronous approximate agreement with quadratic communication, 2025. doi:10.48550/arXiv.2408.05495.
[16] Paul Feldman and Silvio Micali. Optimal algorithms for byzantine agreement. In Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, STOC ’88, pages 148–161, New York, NY, USA, 1988. Association for Computing Machinery. doi:10.1145/62212.62225.
[17] Michael J. Fischer, Nancy A. Lynch, and Michael Merritt. Easy impossibility proofs for distributed consensus problems. In Proceedings of the Fourth Annual ACM Symposium on Principles of Distributed Computing, PODC ’85, pages 59–70, New York, NY, USA, 1985. Association for Computing Machinery. doi:10.1145/323596.323602.
[18] Michael J. Fischer, Nancy A. Lynch, and Michael S. Paterson. Impossibility of distributed consensus with one faulty process. J. ACM, 32(2):374–382, April 1985. doi:10.1145/3149.214121.
[19] Thomas Locher. Byzantine Reliable Broadcast with Low Communication and Time Complexity. In Silvia Bonomi, Letterio Galletta, Etienne Rivière, and Valerio Schiavoni, editors, 28th International Conference on Principles of Distributed Systems (OPODIS 2024), volume 324 of Leibniz International Proceedings in Informatics (LIPIcs), pages 16:1–16:17, Dagstuhl, Germany, 2025. Schloss Dagstuhl – Leibniz-Zentrum für Informatik. doi:10.4230/LIPIcs.OPODIS.2024.16.
[20] Jiong Yang, Gil Neiger, and Eli Gafni. Structured derivations of consensus algorithms for failure detectors. In Proceedings of the Seventeenth Annual ACM Symposium on Principles of Distributed Computing, PODC ’98, pages 297–306, New York, NY, USA, 1998. Association for Computing Machinery. doi:10.1145/277697.277755.

Appendix A Correctness proof for Algorithm 1

First, we prove a couple of results directly related to the resilience constraint $n>2f$ for solving connected consensus in the asynchronous model while considering at most $f$ crash failures; then, starting from Lemma 18 we prove results directly related to the behaviour of the algorithm, leading to Theorem 9, which finally proves the correctness of the algorithm. Additionally, Theorem 10 proves that the binding property also holds for the algorithm.

Lemma 16.

If $n>2f$ , for any input set $V$ , then there is at most one input value $v\in V$ that appears at least $n-f$ times.

Proof.

Suppose a pair of values $v,v^{\prime}$ that both occur at least $n-f$ times. Let $P,P^{\prime}$ be the sets of processes such that have $v,v^{\prime}$ as input respectively. Since each process has a unique input value, it follows that $P\cap P^{\prime}=\varnothing$ . Given we assume that both $v,v^{\prime}$ are input for $k\geq n-f$ processes, then $|P|\geq n-f,|P^{\prime}|\geq n-f$ . Let $\mathcal{P}$ be the set of all processes, and note that $|\mathcal{P}|\geq|P\cup P^{\prime}|$ . Since $P,P^{\prime}$ are disjoint, it follows that $|P\cup P^{\prime}|=(n-f)+(n-f)=2n-2f$ , and as we assume $f<\frac{n}{2}$ , it follows:

|\mathcal{P}|\geq|P\cup P^{\prime}|=(n-f)+(n-f)=2n-2f>2n-2\left(\frac{n}{2}% \right)=2n-n=n

Therefore:

|\mathcal{P}|>n

But this cannot happen, since $|\mathcal{P}|=n$ . Thus, necessarily $v=v^{\prime}$ . $\hfill\blacktriangleleft$

Corollary 17.

If $n>2f$ , the following are the only possible scenarios for any input set $V$ :

(a)

The input set consists of a singleton, i.e. $V=\{v\}$ .
(b)

There exists an input value $v\in V$ that occurs at least $n-f$ times but less than $n$ times.
(c)

Any input value $v\in V$ appears less than $n-f$ times.

Proof.

Let $V$ be the set of input values. If $V$ is a singleton, we get (a). Otherwise, from Lemma 16, there is at most one input value $v\in V$ that appears at least $n-f$ times. If that is the case, we get (b), otherwise, we get (c). $\hfill\blacktriangleleft$

Lemma 18.

At the end of the first round, at most two vertices of the spider graph are possible values for the vertex variable of any process.

Proof.

We analyse the three different scenarios for the input set $V$ from Corollary 17:

(a)

The input set consists of a singleton $V=\{v\}$ . Thus, in round $1$ any process receives at least $n-f$ messages equal to $\langle$ round₁, $(v,R)$ ) $\rangle$ . Given $v$ is the only input for any process, it follows that $W_{1}=\{(v,R)\}$ for all processes, thus, vertex is set to the vertex $(v,R)$ for every process.
(b)
There exists an input value $v\in V$ that occurs at least $n-f$ times but less than $n$ times; therefore, the same number of processes necessarily begin with their vertex variable set to $(v,R)$ . Let $p$ be an arbitrary process; we have the following cases after receiving $n-f$ round₁ messages:
- $\blacksquare$
  
  If all the $n-f$ messages received by $p$ were for $(v,R)$ , then $W_{1}=\{(v,R)\}$ , with $p$ setting vertex to $(v,R)$ thereafter. From Corollary 1, $v$ is the only possible value that appears at least $n-f$ times, therefore there is a single possible vertex choice $(v,R)\in G_{S}(V,R)$ for the vertex variable.
- $\blacksquare$
  
  If $W_{1}=\{(v^{\prime},R),(v^{\prime\prime},R)\}$ for some input values $v^{\prime},v^{\prime\prime}\in V$ . Then, by line 9 of the algorithm, the middle vertex between $(v^{\prime},R),(v^{\prime\prime},R)$ is chosen as value for vertex. Since by initialization both vertices are leaves of the graph, the middle vertex has to be $(\bot,0)$ .
- $\blacksquare$
  
  If $W_{1}$ contains at least three elements, it follows from line 11 that the vertex $(\bot,0)$ is chosen as value for vertex.
(c)

Any input value $v\in V$ appears less than $n-f$ times. Therefore, the argument is analogous to the two latter cases for an arbitrary process $p$ after receiving $n-f$ round₁ messages in scenario (b).

From the above, it follows that only one vertex is a possible value for the vertex variable in the unique-input scenario, the pair of vertices $(v,R),(\bot,0)\in G_{S}(V,R)$ in scenario (b), and $(\bot,0)\in G_{S}(V,R)$ in scenario (c). $\hfill\blacktriangleleft$

Lemma 19.

If there is a unique input value $v$ for any process, the algorithm ends with every correct process deciding the vertex $(v,R)$ .

Proof.

By induction on $r$ , we prove that every process has its vertex variable set to $(v,R)$ at the end of round $r$ , and thus, it ends deciding such vertex. Let $r=1$ . From the proof of the previous lemma, note that at the end of round $1$ , every correct process has its variable vertex set to $(v,R)$ .

Assume for $r\geq 2$ . Therefore, in round $r+1$ every process sends $\langle$ round_r+1, $(v,R)$ ) $\rangle$ . After receiving $n-f$ round_r+1 messages the same argument as the first round holds; hence, it is true that for every correct process $W_{r+1}=\{(v,R)\}$ , and so every process sets its vertex variable to $(v,R)$ . $\hfill\blacktriangleleft$

Lemma 20.

At the beginning of the execution of any round of the algorithm, there is at most one vertex $v\in V_{G_{S}(V,R)}$ that appears at least $n-f$ times.

Proof.

Let $r$ be an arbitrary round of the algorithm and suppose a pair of vertices $w,w^{\prime}\in V_{G_{S}(V,R)}$ such that both occur at least $n-f$ times. Let $P,P^{\prime}$ be the sets of processes such that have $w,w^{\prime}$ in their vertex variables respectively. Since each process has a unique vertex value stored in its vertex variable, note that using a similar argument to the one on Lemma 16, necessarily $w=w^{\prime}$ . Hence, at most one vertex appears at least $n-f$ times at the beginning of round $r$ . $\hfill\blacktriangleleft$

Lemma 21.

If there is more than an input value for any process, at the end of the algorithm, one of the following occurs:

$\blacksquare$

All (correct) processes decide the same vertex $w\in V_{G_{S}(V,R)}$ .
$\blacksquare$

All (correct) processes end deciding between one of two vertices $w,w^{\prime}\in V_{G_{S}(V,R)}$ at distance $1$ .

Proof.

Note from Corollary 17 that we are now dealing with the scenarios (b) and (c) from the same result; thus, from Lemma 18, at the end of round $1$ either the central vertex $(\bot,0)$ or a unique leaf vertex $(v,R)$ (with $v$ being the sole input value that appears at least $n-f$ times) are possible values for the vertex variable. Thus, we have the following cases at the end of round 1:

(a)

Every process has the leaf $(v,R)$ in its vertex variable. Since we only consider crash failures, no other message different than $\langle$ vertex₂, $(v,R)$ ) $\rangle$ is received by any correct process in round $2$ . Thus, for every process, $W_{2}=\{(v,R)\}$ and $(v,R)$ is stored in the value vertex at the end of such line. Assume for $r\geq 3$ ; therefore, the same argument holds for round $r+1$ and each process ends with the leaf $(v,R)$ in their vertex variable at the end of round $r+1$ , thus deciding $(v,R)$ at the end of the algorithm.
(b)

Every process has $(\bot,0)$ in its vertex variable. Note that since we consider crash failures only, the argument is analogous to the previous case, with every process deciding $(\bot,0)$ at the end of the $\log_{2}R+1$ rounds.
(c)

The values for the vertex variables of any process are either $(\bot,0)$ , or $(v,R)$ . Note $(\bot,0)$ and $(v,R)$ are the only possible vertices stored in the vertex variable of any process. Hence, we propose the following invariant:

At the end of round $r$ , either all processes have their vertex variable set to one unique vertex $w\in V_{G_{S}(V,R)}$ , or to one of two vertices $w,w^{\prime}\in V_{G_{S}(V,R)}$ at distance at most $R/2^{r-1}$ .

For $r=1$ , we explicitly are in the case that the vertex variables of any process are either the central vertex $(\bot,0)$ , or the leaf $(v,R)$ . Note that the distance between such vertices is exactly $R=R/2^{0}=R/2^{1-1}=R/2^{r-1}$ .

Assume the invariant holds for the round $r\geq 2$ . For the round $r+1$ , if at the end of round $r$ , either all processes have their vertex variable set to one sole vertex $w\in V_{G_{S}(V,R)}$ , therefore the analysis is the same as in cases (a),(b), with each process storing the vertex $w$ at the end of round $r+1$ .
Otherwise, let $u,u^{\prime}$ be the two vertices that figure as the value stored in the vertex variable of any process. From Lemma 20, at the beginning of round $r+1$ , at most one of the mentioned vertices appears at least $n-f$ times. Then, we consider the following cases:
- $\blacksquare$
  
  If both $u,u^{\prime}$ appear less than $n-f$ times, then in round $r+1$ every process sends either $\langle$ round_r+1, $u$ ) $\rangle$ or $\langle$ round_r+1, $u^{\prime}$ ) $\rangle$ . After receiving $n-f$ round_r+1 messages, for lines 4,5 of the algorithm, necessarily for each process it is true that $W_{r+1}=\{u,u^{\prime}\}$ since neither $u$ , nor $u^{\prime}$ appear at least $n-f$ times. Thus, every process sets its vertex variable to the middle vertex between $u,u^{\prime}$ . Given the middle vertex is unique (if the distance between $u,u^{\prime}$ is odd) or a pair of vertices at distance at most $1$ (if the distance between $u,u^{\prime}$ i even), the invariant holds.
- $\blacksquare$
  
  If one of the two vertices $u,u^{\prime}$ appear at least $n-f$ times, without loss of generality assume it corresponds to $u$ . Note that in round $r+1$ every process sends either $\langle$ round_r+1, $u$ ) $\rangle$ or $\langle$ round_r+1, $u^{\prime}$ ) $\rangle$ . Consequently, each process waits afterwards for $n-f$ messages labelled for this round. Since $u$ appear at least $n-f$ times, for each process its vertex set $W_{r+1}$ may be either $W_{r+1}=\{u,u^{\prime}\}$ or $W_{r+1}=\{u\}$ . Therefore, the vertex variable may be assigned to either $u$ or the middle vertex between $u,u^{\prime}$ for every (correct) process. In addition, we notice that the distance between $u,u^{\prime}$ is $R/2^{r-1}$ , thence the distance between $u$ and the middle vertex between $u,u^{\prime}$ is $\frac{R/2^{r-1}}{2}=\frac{R}{2(2^{r-1})}=\frac{R}{2^{r}}=\frac{R}{2^{(r+1)-1}}$ .
Finally, since we showed the invariant to be true, after $\log_{2}R+1$ rounds, we end up with all processes either deciding the same vertex in the Spider Graph, or between one of two vertices at distance $\frac{R}{2^{(\log_{2}R+1)-1}}=\frac{R}{R}=1$ .

$\hfill\blacktriangleleft$

Theorem 9. [Restated, see original statement.]

If $n>2f$ , then Algorithm 1 solves connected consensus for $R\geq 1$ with $n$ processes, up to $f$ of which may crash; using $\log_{2}R+1$ rounds, and sending $O(n^{2})$ messages.

Proof.

We show that the three defining properties of connected consensus hold in any execution of Algorithm 1.

Termination.

Since at most $f$ processes are faulty and all messages from correct processes arrive, then any round of the algorithm finishes. Note that, given $T$ is a tree, the middle vertex between any two vertices can always be determined.

Validity.

Let $V^{\prime}\subseteq V$ be the set of input values for correct processes. If there is a unique input value $v\in V^{\prime}$ for every process, then $V^{\prime}=\{v\}$ . It follows

I=\{(x,R)\colon x\text{ is the input of a correct process}\}=\{(v,R)\}

From Lemma 19, at the end of the algorithm the vertex $(v,R)$ is decided for every correct process. We prove validity since $T(V,R,I)=T(V,R,\{(v,R)\})$ .

Otherwise, there exists more than one input value for correct processes. From Lemma 21, a valid vertex of $T(V,R,I)$ is decided as output for each correct process.

Agreement.

From Lemmas 19 and 21 the execution of the algorithm always ends with the non-faulty processes deciding either all a same vertex of the spider graph or one of two possible vertices at distance $1$ .

$\hfill\blacktriangleleft$

Theorem 10. [Restated, see original statement.]

Algorithm 1 satisfies the binding condition for $R\geq 1$ .

Proof.

From Lemma 18, at the end of round $1$ only two vertices (namely $(v,R),(\bot,0)$ ) are possible values for the vertex variable of any process. From the proof of the mentioned Lemma, the vertex $(v,R)$ can only correspond to the leaf of the branch of a value that is repeated at least $n-f$ times and has the property of being the unique repeated such number of times. Therefore, there is only one branch related to a specific value $v\in V$ with one end in $(\bot,0)$ and the other in $(v,R)$ over which any (correct) process can output a vertex value. Since for every $R\geq 1$ it is true that $log_{2}R+1\geq 1$ , then for any execution of Algorithm 1 where $R\geq 1$ , all processes reach the end of round 1, thus achieving the binding property. $\hfill\blacktriangleleft$

Appendix B Correctness proof for Algorithm 2

Firstly, we prove some properties of the $\textsc{WitnessCollect}_{r}$ subroutine for round $r$ .

Lemma 22.

No correct process receives more than two labeled messages sent via Reliable Broadcast from the same process.

Proof.

If follows directly from the specification of the Reliable Broadcast primitive. $\hfill\blacktriangleleft$

Corollary 23.

At most one value per process is added to $M_{r}$ in $\textsc{WitnessCollect}_{r}$ .

Proof.

From the fact that correct processes add exactly one value to $M_{r}$ per $\textsc{Value}_{r}$ message reception. $\hfill\blacktriangleleft$

Lemma 24.

For each correct process, before removals in line $13$ of WitnessCollect there is a one-to-one correspondence between the values in the $M_{r}$ multiset and the processes in the $S_{r}$ set.

Proof.

Notice from Corollary 23 that at most one value per process is added to $M_{r}$ in line $3$ of the subroutine. Also, observe from lines $3,4$ that each time a new process is added to $S_{r}$ , so is a value to $M_{r}$ ; therefore at least one value is added per process. Since neither processes nor values are removed from the corresponding structures after they added until the execution of line $13$ , it follows that for each process in $S_{r}$ , there is a corresponding value in $M_{r}$ and vice versa. $\hfill\blacktriangleleft$

Lemma 25.

Let $p, q$ be a pair of correct processes receiving $\langle\textsc{Value}_{r},s,v\rangle$ , $\langle\textsc{Value}_{r},s,v^{\prime}\rangle$ messages respectively in line $2$ of $\textsc{WitnessCollect}_{r}$ . Then, $v=v^{\prime}$ .

Proof.

Let $p, q$ be correct processes receiving $\langle\textsc{Value}_{r},s,v\rangle$ , $\langle\textsc{Value}_{r},s,v^{\prime}\rangle$ respectively. If $s$ is Byzantine, it follows from the specification of the Reliable Broadcast primitive that $v=v^{\prime}$ , since both messages are labeled with $\textsc{Value}_{r}$ . Otherwise, if $s$ is correct, from line $1$ of WitnessCollect trivially $v=v^{\prime}$ , since correct messages only send one $\textsc{Value}_{r}$ message per round. $\hfill\blacktriangleleft$

Lemma 26.

Each correct process eventually sends a $\langle\textsc{Report}_{r},p,S_{r}\rangle$ message via Reliable Broadcast, with $|S_{r}|=n-f$ .

Proof.

From Lemma 22, each correct process receives at most one labeled message from any other process in WitnessCollect. Since there are at most $f$ faulty processes, each correct process eventually receives $\textsc{Value}_{r}$ messages from at least $n-f$ different processes, thus storing the same number of processes in its $S_{r}$ set (Lemma 24); when that happens, given that messages arrive discretely, each correct process eventually sends a message labeled with $\textsc{Report}_{r}$ containing $S_{r}$ with exactly $n-f$ elements (lines 5-7). $\hfill\blacktriangleleft$

Lemma 27.

Let $p$ be a correct process that receives a $\langle\textsc{Report}_{r},q,S^{\prime}_{r}\rangle$ message. If $q$ is correct, eventually the WitnessCollect line $10$ condition holds.

Proof.

Observe that given $q$ is correct, then $|S^{\prime}_{r}|=n-f$ . Next, note we have two scenarios: firstly, if $S^{\prime}_{r}\subseteq S_{r}$ notice that the condition of line $10$ trivially holds. On the other hand, if $S^{\prime}_{r}\nsubseteq S_{r}$ , there is at least one process $s\in S^{\prime}_{r}$ such that $s\notin S^{\prime}_{r}$ . Since $q$ is correct, and it sent $S^{\prime}_{r}$ through a $\textsc{Report}_{r}$ message, it means that it previously received a $\textsc{Value}_{r}$ message from $s$ via Reliable Broadcast; therefore, from the Reliable Broadcast specification eventually $p$ will receive a message from $s$ , thus including it in its $S_{r}$ set. Since this happens inductively with any missing process from $S_{r}$ out of the $n-f$ processes in $S^{\prime}_{r}$ , eventually $S^{\prime}_{r}\subseteq S_{r}$ . $\hfill\blacktriangleleft$

Lemma 28.

Eventually each correct process gathers at least $n-f$ witnesses, namely $|W_{r}|\geq n-f$ .

Proof.

Let $p$ be a correct process. Eventually all $n-f$ correct processes send $\textsc{Report}_{r}$ messages via Reliable Broadcast including their $S_{r}$ sets of size $n-f$ (Lemma 26). It follows from the Reliable Broadcast specification that eventually $n-f$ $\textsc{Report}_{r}$ messages from correct processes will arrive at $p$ . From Lemma 27, eventually the condition of line $10$ holds for each $S^{\prime}_{r}$ set received from a correct process $q$ , thus, each of the $n-f$ correct processes will eventually be included in the $W_{r}$ set of $p$ . $\hfill\blacktriangleleft$

Corollary 29.

Eventually, each correct process executes line $13$ of $\textsc{WitnessCollect}_{r}$ .

Lemma 30.

For each correct process that passes WitnessCollect line $12$ verification, its $M_{r}$ multiset contains at least $n-f$ values before line $13$ execution.

Proof.

Assume, for sake of contradiction, that $p$ is a correct process that passes line $12$ verification and that $|M_{r}|<n-f$ . Since $p$ passes line $12$ verification, it happens that $|W_{r}|\geq n-f$ . Let $w\in W_{r}$ be an arbitrary process, then according to the subroutine’s code $w$ was added to $W_{r}$ in line $11$ ; therefore, it must have occurred that at some point in time $w$ sent a $\textsc{Report}_{r}$ message to $p$ via Reliable Broadcast containing $S^{\prime}_{r}$ , and that $p$ received it in line $9$ . Notice that if $p$ accepted $w$ ’s message, necessarily $|S^{\prime}_{r}|=n-f$ .

Observe that if $w$ was added to $W_{r}$ in line $11$ , it previously should have been the case that $S^{\prime}_{r}\subseteq S_{r}$ ; consequently, $|S_{r}|\geq n-f$ . It follows from Lemma 24 that $|M_{r}|=|S_{r}|\geq n-f$ , which is a contradiction. $\hfill\blacktriangleleft$

Lemma 31.

For each correct process, there exist at least $f+1$ values in $M_{r}$ not coming from Byzantine processes after dropping outliers in line $13$ of WitnessCollect.

Proof.

Let $p$ be a correct process, therefore it eventually executes line $13$ (Corollary 29). Observe that $M_{r}$ contained at east $n-f$ values before dropping outliers (Lemma 30); therefore, after dropping the $f$ smallest and $f$ largest values, $|M_{r}|\geq n-f-2f=n-3f$ . Since we assume $n>5f$ , it follows that $n-3f>2f$ , thus $|M_{r}|>f$ . $\hfill\blacktriangleleft$

Corollary 32.

For each correct process, there exists at least one value in $M_{r}$ not coming from Byzantine processes after dropping outliers.

Proof.

Given there is a bijection between values in $M_{r}$ and processes in $S_{r}$ (Lemma 24). $\hfill\blacktriangleleft$

Lemma 33.

Let $Q_{1},Q_{2}$ be two process quorums such that $|Q_{1}|=|Q_{2}|=n-f$ , then $|Q_{1}\cap Q_{2}|\geq n-2f$ .

Proof.

Let $Q_{1},Q_{2}$ be such quorums. Notice that since there are $n$ processes in total, $n\geq|Q_{1}\cup Q_{2}|$ . Observe that $|Q_{1}\cup Q_{2}|=|Q_{1}|+|Q_{2}|-|Q_{1}\cap Q_{2}|$ , thus $n\geq|Q_{1}|+|Q_{2}|-|Q_{1}\cap Q_{2}|$ . Since $|Q_{1}|=|Q_{2}|=n-f$ , $n\geq 2(n-f)-|Q_{1}\cap Q_{2}|$ . It follows that $|Q_{1}\cap Q_{2}|\geq 2(n-f)-n=n-2f$ . $\hfill\blacktriangleleft$

Lemma 34.

Let $p, q$ be a pair of correct processes that gather $n-f$ witnesses; then, they share at least one correct witness.

Proof.

Let $p, q$ be as stated, and let $W_{1},W_{2}$ be their respective sets of witnesses. From Lemma 33, $|W_{1}\cap W_{2}|\geq n-2f$ . Given that $n>5f$ , $|W_{1}\cap W_{2}|\geq n-2f>5f-2f=3f$ . Therefore, since there are at most $f$ Byzantine processes, $W_{1},W_{2}$ share at least $2f$ correct processes; in particular, they share at least one correct process. $\hfill\blacktriangleleft$

Lemma 35.

Let $p, q$ be a pair of correct processes that gather $n-f$ witnesses; then, they share at least $n-f$ values in their $M_{r}$ multisets before any of them executes line $13$ of WitnessCollect.

Proof.

Let $p, q$ be a pair of correct processes with $n-f$ witnesses each, then they share at least one correct witness (Lemma 34). Let $w$ be such witness, and note from the subroutine description that since $p$ has $w$ as witness, it must have been added to its $W_{r}$ set only after $p$ verifies that $S^{\prime}_{r}\subseteq S_{r}$ , with $S^{\prime}_{r}$ being sent by $w$ .

Note that according to Line $9$ , necessarily $|S^{\prime}_{r}|=n-f$ . It follows that at least $n-f$ of the processes in $S_{r}$ are also in $S^{\prime}_{r}$ , and so $n-f$ values in $M_{r}$ are uniquely associated with the processes in $S^{\prime}_{r}$ sent by $w$ (Lemma 24). Notice the argument is analogous for process $q$ .

Given both $p, q$ received the same $S^{\prime}_{r}$ set from $w$ via Reliable Broadcast, it follows by transitivity that $p, q$ have at least $n-f$ values in common in their $M_{r}$ multisets. $\hfill\blacktriangleleft$

Corollary 36.

After two correct processes execute line $13$ of $\textsc{WitnessCollect}_{r}$ , they have at least one common value in their $M_{r}$ multisets.

Proof.

Let $M^{p}_{r},M^{q}_{r}$ be the $M_{r}$ multisets of correct processes $p, q$ respectively. After disarding the $f$ smallest and $f$ largest values from the multisets, at most $2f$ values are removed from their intersection; given $|M^{p}_{r}\cap M^{q}_{r}|\geq n-f$ , it follows that $|M^{p}_{r}\cap M^{q}_{r}|-2f\geq n-f-2f=n-3f$ .

Since $n>5f$ , we have that $|M^{p}_{r}\cap M^{q}_{r}|-2f\geq n-3f>5f-3f=2f$ . Thus, $|M^{p}_{r}\cap M^{q}_{r}|-2f>0$ $\hfill\blacktriangleleft$

Lemma 37.

Consider the $M_{r}$ multiset of a correct process after $\textsc{WitnessCollect}_{r}$ line $12$ verification and just before line $13$ execution. Let $x, y$ be respectively the minimum and maximum values stored in $M_{r}$ that come from correct processes. If after executing line $13$ there remains any value $v$ received from a Byzantine party, then $x\leq v\leq y$ .

Proof.

Considering that in any round at most $f$ values in $M_{r}$ come from Byzantine parties we have the following scenarios:

$\blacksquare$

If each of the values coming from Byzantine parties are greater than any value coming from correct processes, then after the $f$ largest values are dropped from $M_{r}$ no value coming from Byzantine processes remains, so the property holds. Analogously if each of the $f$ values are less than any value added from correct processes.
$\blacksquare$

If none of the Byzantine values lie within the range $[x,y]$ (since there are at most $f$ of such values) it follows that each one of them is deleted after outliers are dropped.
$\blacksquare$

Finally, since the scenarios are exhaustive, if some value coming from some Byzantine party remains, then it lies within the $[x,y]$ interval.

$\hfill\blacktriangleleft$

Lemma 38.

After the first round, each correct process sets its vertex variable to one of only two possible vertices from the spider graph:

$\blacksquare$

The cental vertex $(\bot,0)$ .
$\blacksquare$

A leaf vertex $(v,R)$ , with $v$ being a value given as input to some correct process.

Proof.

From Corollary 29, eventually every correct process executes line $13$ of $\textsc{WitnessCollect}_{1}$ , removing outliers from $M_{r}$ , after which at least $2f+1$ values remain. Therefore, notice that there exist only two scenarios concerning remaining values in $M_{r}$ :

$\blacksquare$

If there are two or more different values, the else branch at line $9$ is executed; therefore, the vertex variable is set to $(\bot,0)$ .
$\blacksquare$

Otherwise, there is only one (possibly repeated) value $v$ in $M_{r}$ ; thus, according to the Algorithm’s code, line $8$ is executed, and vertex is set to $(v,R)$ .

Now, we claim that for every pair of correct processes $p, q$ that set their vertex variables to $(v,R)$ and $(v^{\prime},R)$ respectively, then $v^{\prime}=v$ . Suppose in contradiction processes $p, q$ set their vertex variables at the end of round $1$ to $(v,R),(v^{\prime},R)$ respectively, and that $v^{\prime}\neq v$ . Observe from Corollary 36 that the $M_{r}$ multisets of processes $p, q$ share at least one common value. Since $q$ sets it vertex variable to $(v^{\prime},R)$ , it must have been the case that after removing outliers, $M_{r}$ consists only in instances of $v^{\prime}$ . Analogously for $p$ , its $M_{r}$ multiset consists only in $v$ instances. Now, observe from Corollary 36 that $p, q$ have at least one value in common in their $M_{r}$ multisets, a contradiction.

Finally, notice that since $M_{r}$ consists only in copies of $v$ , from Corollary 32 we get that $v$ must come from some correct process. Since every correct process passes its input value as argument to $\textsc{WitnessCollect}_{1}$ (line $6$ ), it follows that $v$ is an input value of some correct process.

$\hfill\blacktriangleleft$

Lemma 39.

Every correct process executing round $2$ of Algorithm 2 eventually gathers $n-f$ values in its $M_{2}$ multiset coming from Branch messages.

Proof.

Given there are at most $f$ Byzantine processes and each correct process receives only one message per process via Reliable Broadcast (Lemma 22). $\hfill\blacktriangleleft$

Lemma 40.

Let $(v,R),(\bot,0)$ be the two possible values for the vertex variable of correct processes at the end of the first round (Lemma 38). At the end of the second round, if the vertex variable of some correct process is set to $(v,R)$ , then no other correct process has its vertex variable set to $(\bot,0)$ .

Proof.

Let $p$ be a correct process such that at the end of the second round sets its vertex variable to $(v,R)$ . From the algorithm’s code, it follows that it executed line 22 $e l s e$ branch, and that after gathering $n-f$ values in its $M_{2}$ multiset (Lemma 39) it stored $\bot$ fewer than $f-1$ times.

Since there are $n-f$ values in $M_{2}$ , then at least $n-2f$ messages are for $v$ , and therefore at least $n-3f$ of such messages come from correct processes. Now, observe there are exactly $n-f$ correct processes overall; therefore, since the branch variable of each process is either $v$ or $\bot$ , then at most $n-f-(n-3f)=2f$ correct processes have its branch variable set to $\bot$ .

Now, consider a correct process $q$ with branch variable set to $\bot$ , and notice it stores $n-f$ values in its $M_{2}$ multiset (Lemma 39). From such values at least $n-2f$ come from correct processes, and note from the previous argument that at most $2f$ out of them are copies of $\bot$ , hence at least the remaining $n-2f-(2f)=n-4f$ values are for $v$ . Since we assume $n>5f$ , if follows that $n-4f>f$ , then $q$ stored $v$ at least $f+1$ times in $M_{2}$ , thus line $17$ is executed and $q$ sets is vertex variable to $(v,1)$ at the end of round $2$ . $\hfill\blacktriangleleft$

Lemma 41.

Let $(v,R),(\bot,0)$ be the two possible values for the vertex variable of correct processes at the end of the first round (Lemma 38). At the end of the second round, if the vertex variable of some correct process is set to $(\bot,0)$ , then the only other possible value for the vertex variable of any other correct process is either $(\bot,0)$ or $(v,1)$ .

Proof.

Let $p$ be a correct process such that at the end of the second round sets its vertex variable to $(\bot,0)$ . It follows from the Algorithm’s code that it executed line 16 $e l s e$ branch, and that after gathering $n-f$ values in its $M_{2}$ multiset (Lemma 39) it stored $v$ fewer than $f-1$ times. Analogous to the proof of the previous Lemma, at most $2f$ correct processes have its branch variable set to $v$ .

Notice that if a correct process has its branch variable set to $\bot$ at line $13$ , then according to the Algorithm, it sets its vertex variable to either $(\bot,0)$ or $(v,1)$ at the end of round $2$ . Therefore, let us consider a correct process $q$ with branch variable set to $v$ , and observe it stores $n-f$ values in its $M_{2}$ multiset. Using an argument analogous to that of the previous Lemma, we deduce that $\bot$ appears at least $n-4f$ times in $M_{2}$ . Since we assume $n>5f$ , it follows that $n-4f>f$ ; therefore $q$ stored $\bot$ at least $f+1$ times in $M_{2}$ , thus line $23$ is executed and $q$ sets is vertex variable to $(v,1)$ at the end of round $2$ . $\hfill\blacktriangleleft$

Lemma 42.

Let $(v,R),(\bot,0)$ be the two possible values for the vertex variable of correct processes at the end of the first round (Lemma 38). At the end of the second round, one of the following happens:

$\blacksquare$

The vertex variable of every correct process is set either to $(v,R)$ or to $(v,1)$ .
$\blacksquare$

The vertex variable of every correct process is set either to $(\bot,0)$ or to $(v,1)$ .

Proof.

It follows from Lemma 40, Lemma 41, and the fact that $(v,R),(v,1),(\bot,0)$ are the only possible values for vertex variables at the end of the second round. $\hfill\blacktriangleleft$

Now, having proved some important properties of the WitnessCollect subroutine, we move on to prove properties regarding Algorithm 2.

Lemma 43.

At the end of the first communication round of Algorithm 2, if there is a unique input value $v$ for every correct process, then for every correct process $\textsf{vertex}=(v,R)$ .

Proof.

Let $p$ be a correct process. Since we consider the first communication round, $r=1$ . Therefore, the code block beginning at line $5$ , and ending at line $11$ is executed. Now, notice that in line $6$ , a call to $\textsc{WitnessCollect}_{1}(v,M_{r},S_{r})$ is made. Note that inside the subroutine, $p$ eventually drops outliers (Corollary 29), and given all values coming from correct processes are instances of $v$ we deduce from Lemma 37 that every remaining value coming from some Byzantine process is also $v$ . Thus, after dropping outliers the $M_{r}$ multiset only consists in instances of $v$ . Hence, after returning from the subroutine call, line $8$ is executed, after which $\textsf{vertex}=(v,R)$ . $\hfill\blacktriangleleft$

Corollary 44.

At the end of the second communication round of Algorithm 2, if there is a unique input value $v$ for every correct process, then for every correct process $\textsf{vertex}=(v,R)$ .

Proof.

Let $p$ be a correct process. Since we consider the second communication round, $r=2$ . Therefore, the code block beginning at line $12$ , and ending at line $26$ is executed. Notice that at the end of the previous round $\textsf{vertex}=(v,R)$ ; thus, according to line $13$ , $\textsf{branch}=v$ . Afterwards, each correct process broadcasts $\langle\textsc{Branch},v\rangle$ (line $14$ ). Now, from Lemma 39, eventually $p$ gathers $n-1$ values in its $M_{2}$ multiset. Notice that given $\textsf{branch}=v$ , $p$ executes the line $22$ $e l s e$ branch, and since every other process has its vertex variable set to $(v,R)$ at the end of the first round, then no more than $f$ messages containing $\bot$ are delivered to $p$ , hence, $M_{r}$ contains less than $f+1$ copies of $\bot$ , and therefore no modification is done to the vertex variable. $\hfill\blacktriangleleft$

Lemma 45.

If there is a unique input value $v$ for every correct process, then every correct process decides $(v,R)$ when executing Algorithm 2.

Proof.

By induction on $r$ , we prove that every correct process has its vertex variable set to $(v,R)$ at the end of round $r$ , and therefore, it ends deciding such vertex.

Notice that for $r=1,r=2$ the property holds through Lemma 43 and Corollary 44 respectively. Assume for $r\geq 3$ . According to the Algorithm’s code, the code block beginning at line $27$ is executed; therefore, $\textsf{branch}=v$ (line $28$ ), and every correct makes a call to $\textsc{WitnessCollect}_{r}(R,M_{r},S_{r})$ (line $29$ ). With an analogous argument to that of Lemma 43, after returning from the subroutine call, necessarily $M_{r}$ consists only in instances of $R$ . Thus, process $p$ proceeds to the line $32$ else if branch. Following that, line $33$ is executed, after which $\textsf{vertex}=(v,R)$ . $\hfill\blacktriangleleft$

Lemma 46.

At the end of the first communication round, the vertex of the spider graph $G_{S}(V,R)$ pointed by the vertex variable of any correct process lies within the correct minimal subtree $T_{I}$ of $G_{S}(V,R)$ .

Proof.

Directly from Lemma 38, since both possible vertices lie within the correct minimal subtree $T_{I}$ of $G_{S}(V,R)$ . $\hfill\blacktriangleleft$

Corollary 47.

At the end of the second communication round, the vertex of the spider graph $G_{S}(V,R)$ pointed by the vertex variable of any correct process lies within the correct minimal subtree $T_{I}$ of $G_{S}(V,R)$ .

Proof.

Directly from Lemma 42. $\hfill\blacktriangleleft$

Lemma 48.

Every correct process decides a vertex that lies within the correct minimal subtree $T_{I}$ of $G_{S}(V,R)$ when executing Algorithm 2.

Proof.

By induction on $r$ , we prove that the $v e r t e x$ variable of every correct process lies within $T_{I}$ at the end of round $r$ .

For $r=1,r=2$ notice the property holds by Lemma 46, and Corollary 47 respectively. Assume for $r\geq 3$ , and let $p$ be a correct process. Therefore, we have two cases:

$\blacksquare$

The vertex variable is set to $(\bot,0)$ , thus, according to the Algorithm’s code, branch is set to $\bot$ (line $28$ ), and therefore the vertex variable remains unmodified (lines $30-31$ ), therefore the property trivially holds.
$\blacksquare$

The vertex variable is set to some vertex $(v,d)$ that lies within $T_{I}$ . Thus, branch is set to $v$ (line $28$ ). Next, $p$ calls $\textsc{WitnessCollect}_{r}(d,M_{r},S_{r})$ (line $29$ ). Notice from Lemma 37 that each remaining value in $M_{r}$ must lie within ${[a,\dots,b]}$ , with $a, b$ values sent from some correct processes, which, by assumption, make their vertex variables to lie within $T_{I}$ . Thus, either if vertex is modified in line $33$ or in line $36$ , the resulting value lies within $T_{I}$ .

$\hfill\blacktriangleleft$

Lemma 49.

If $R=1$ , then the distance between the vertices of the spider graph labeled by the decisions of all correct processes is at most one.

Proof.

From Lemma 38, and given $R=1$ , notice that at the end of the first round, each correct process has its vertex variable set to either $(\bot,0)$ , $(v,1)$ , with $v$ being a specific value given as input to some correct process, and observe that the distance between these two vertices is one. Given only one round is executed, every correct process decides on the value pointed by vertex, so the property holds. $\hfill\blacktriangleleft$

Lemma 50.

If $R=2$ , then the distance between the vertices of the spider graph labeled by the decisions of all correct processes is at most one.

Proof.

From Lemma 42, and given $R=2$ ,one of the following happens for the values of the vertex variables of correct processes:

$\blacksquare$

The vertex variable of every correct process is set either to $(v,2)$ or to $(v,1)$ .
$\blacksquare$

The vertex variable of every correct process is set either to $(\bot,0)$ or to $(v,1)$ .

Observe that in any case, the distance between any two vertices is at most one. Since only two rounds are executed, then every correct process decides on the value pointed by vertex, so the property holds. $\hfill\blacktriangleleft$

Lemma 51.

If $R>2$ , and at the end of the second round the vertex variable of every correct process is set either to $(\bot,0)$ or to $(v,1)$ ; then the distance between the vertices of the spider graph labeled by the decisions of all correct processes is at most one.

Proof.

Firstly, observe that since $v$ is fixed then $(\bot,0),(v,1)$ are at distance one. We claim that at the end of round $r>2$ , the vertex variable of every correct process is set either to $(\bot,0)$ or to $(v,1)$ , and therefore the property holds.

According to the code of Algorithm 2, if for some correct process, its vertex variable is set to $(\bot,0)$ at the beginning of round $r$ , then its decision remains unchanged at the end of the same round. Therefore, assume vertex is set to $(v,1)$ ; thus, according to the algorithm code, it is left unmodified or is modified either in line $33$ or line $35$ of Algorithm 2. If vertex is modified in line $33$ it must have been the case that $M_{r}$ consisted only in copies of some value $d$ . Using Corollary 32 we deduce that this value comes from correct processes, and given $d>0$ (line $32$ ), it can only be equal to $1$ , therefore vertex is set again to $(v,1)$ at the end of the round. Otherwise, if vertex is modified in line $35$ , observe from line $34$ that there are different values in $M_{r}$ ; from Lemma 37, each value in $M_{r}$ lies within $[0,1]$ , therefore, vertex is set to $(v,1)$ at the end of the round. $\hfill\blacktriangleleft$

Lemma 52.

Let $p, q$ be correct processes such that after calling the $\textsc{WitnessCollect}_{r}$ subroutine, end up with their $M_{r}$ multisets having only copies of values $v,v^{\prime}$ respectively. It follows that $v=v^{\prime}$ .

Proof.

Suppose otherwise, then according to Corollary 36 the $M_{r}$ multisets of both processes share at least one common value, a contradiction. $\hfill\blacktriangleleft$

Lemma 53.

Let $a,b\in\mathbb{Z}^{+}$ with $a\leq b$ . Let $[x,y]$ and $[x^{\prime},y^{\prime}]$ be intervals with a nonempty intersection, such that $a\leq x\leq y\leq b$ , and $a\leq x^{\prime}\leq y^{\prime}\leq b$ . Define $z=\frac{x+y}{2}$ , $z^{\prime}=\frac{x^{\prime}+y^{\prime}}{2}$ , it follows that $\left|\lceil z^{\prime}\rceil-\lceil z\rceil\right|\leq\lceil\frac{b-a}{2}\rceil$ .

Proof.

Since $[x,y]$ and $[x^{\prime},y^{\prime}]$ have a nonempty intersection, there exists $w\in\mathbb{Z}^{+}$ such that $x\leq w\leq y$ and $x^{\prime}\leq w\leq y^{\prime}$ . Now, without loss of generality assume $z\leq z^{\prime}$ , therefore $z^{\prime}-z=\frac{x^{\prime}+y^{\prime}}{2}-\frac{x+y}{2}$ .

Now, notice that given $x^{\prime}\leq w$ and $y^{\prime}\leq b$ , it follows that $x^{\prime}+y^{\prime}\leq w+b$ ; therefore $\frac{x^{\prime}+y^{\prime}}{2}\leq\frac{w+b}{2}$ . Analogously, observe that $a\leq x$ and $w\leq y$ , thus $a+w\leq x+y$ , and $\frac{a+w}{2}\leq\frac{x+y}{2}$ .

From the previous arguments, we deduce that $z^{\prime}-z=\frac{x^{\prime}+y^{\prime}}{2}-\frac{x+y}{2}\leq\frac{w+b}{2}-% \frac{a+w}{2}=\frac{b-a}{2}$ . Hence, $z^{\prime}-z\leq\frac{b-a}{2}$ , and by symmetry we have that $|z^{\prime}-z|\leq\frac{b-a}{2}$ .

Since trivially $\lceil|z^{\prime}-z|\rceil\leq\lceil\frac{b-a}{2}\rceil$ , it remains to prove that $|\lceil z^{\prime}\rceil-\lceil z\rceil|\leq\lceil|z^{\prime}-z|\rceil$ . $\hfill\blacktriangleleft$

Lemma 54.

If $R>2$ , and at the end of the second round the vertex variable of every correct process is set either to $(v,R)$ or to $(v,1)$ ; then the distance between the vertices of the spider graph labeled by the decisions of all correct processes is at most one.

Proof.

In order to prove the Lemma, we first show that at the end of round $r>2$ , the distance between the vertices of the spider graph pointed by the vertex variables of correct processes is at most $(R-1)/2^{r-2}$ .

We proceed by induction over $r$ . Let $r=3$ , thus at the beginning of the round the vertex variable of every correct process is set either to $(v,R)$ or to $(v,1)$ . According to line $28$ , the branch variable of every correct process is set to $v$ , and every correct process calls the $\textsc{WitnessCollect}_{r}$ subroutine in line $29$ either passing $R$ or $1$ as the value argument, eventually gathering values and removing outliers in $M_{r}$ (Corollary 29). Now, let us consider a pair of correct processes $p, q$ that completed line $29$ , and let $[x,y],[x^{\prime},y^{\prime}]$ be the intervals induced by the values gathered in their $M_{r}$ multisets respectively. Since correct processes passed either $R$ or $1$ as the value argument to the subroutine, observe that the maximum and minimum values in $M_{r}$ coming from correct processes after removing outliers are $R$ and $1$ respectively, and notice that according to Lemma 37 no Byzantine value lies outside of the interval $[1,R]$ . From the previous argument, we get that $1\leq x\leq y\leq R$ and $1\leq x^{\prime}\leq y^{\prime}\leq R$ . Also, note from Corollary 36 that the $[x,y],[x^{\prime},y^{\prime}]$ intervals have a nonempty intersection. Since $p, q$ have their branch variables set to $v$ , and $r>0$ , either line $33$ or line $36$ is executed, and in both cases $d$ is computed as the ceiling of the average of the values in $M_{r}$ (this is trivially true for line $33$ when $M_{r}$ consists in only one repeated value). Therefore, from Lemma 53 we get that the distance between the $d$ values computed by $p, q$ is at most $\frac{R-1}{2}=\frac{R-1}{2^{3-2}}$ .

Assume for $r$ . For round $r+1$ , without loss of generality let $p, q$ be a pair of processes such that the vertices of the spider graph pointed by their vertex variables are of maximum distance, and note that by assumption, their distance is at most $(R-1)/2^{r-2}$ . Using an analogous argument as the previous one, and Lemma 53 we get that the distance between the $d$ values computed by any pair of correct processes is at most $\frac{(R-1)/2^{r-2}}{2}=\frac{R-1}{2^{r-2}2}=\frac{R-1}{2^{(r+1)-2}}$ .

Since we showed the invariant to be true, after $\log_{2}R+1$ rounds, we end up with all processes deciding vertices of the Spider Graph that are at distance at most $\frac{R-1}{2^{\log_{2}R+1-2}}=\frac{R-1}{2^{\log_{2}R-1}}=1$ . $\hfill\blacktriangleleft$

Lemma 55.

If $R>2$ , then the distance between the vertices of the spider graph labeled by the decisions of all correct processes is at most one.

Proof.

Following Lemmas 54 and 51, and the fact that they are exhaustive (Lemma 42). $\hfill\blacktriangleleft$

Theorem 11. [Restated, see original statement.]

If $n>5f$ , then Algorithm 2 solves connected consensus for $R\geq 1$ with $n$ processes, up to $f$ of which may be Byzantine; using $\log_{2}R+1$ rounds, and sending $O(n^{2})$ messages.

Proof.

We show that all of the connected consensus properties hold in any execution of Algorithm 2.

Termination.

From Lemma 28, each correct process eventually passes line $21$ verification, and since each of the following lines of code can be executed independently from the state of the involved variables, each round of communication is eventually completed for every correct process. Given there are explicitly $\log_{2}R+1$ rounds of communication, it follows that Algorithm 2 terminates.

Validity.

Let $V^{\prime}\subseteq V$ be the set of input values for correct processes. If there is a unique input value $v\in V^{\prime}$ for every process, then $V^{\prime}=\{v\}$ . Then,

I=\{(x,R)\colon x\text{ is the input of a correct process}\}=\{(v,R)\}

Thus, from Lemma 45, at the end of the algorithm the vertex $(v,R)$ is decided for every correct process. Then, validity holds since $T(V,R,I)=T(V,R,\{(v,R)\})$ . Otherwise, from Lemma 48 it follows that any decided vertex lies within $I$ .

Agreement.

It follows directly from Lemmas 49, 50, and 55.

$\hfill\blacktriangleleft$

Theorem 12. [Restated, see original statement.]

Algorithm 2 satisfies the binding condition for $R\geq 1$ .

Proof.

From Lemma 38, at the end of the first round only two vertices ( $(v,R),(\bot,0)$ ) are possible values for the vertex variable of any process is the input of some correct process; with the $v$ value related to the leaf $(v,R)$ being the input of some correct process. Finally, notice that according to the proof of the same Lemma, the $v$ value is the same for all processes. Therefore, the branch induced by the vertex variables of every correct process is unique. Given no other branches are considered in subsequent rounds, the property holds. $\hfill\blacktriangleleft$

[bib.bib1] [1] Ittai Abraham, Yonatan Amit, and Danny Dolev. Optimal resilience asynchronous approximate agreement. In Proceedings of the 8th International Conference on Principles of Distributed Systems, OPODIS’04, pages 229–239, Berlin, Heidelberg, 2004. Springer-Verlag. doi:10.1007/11516798_17.

[bib.bib2] [2] Ittai Abraham, Naama Ben-David, and Sravya Yandamuri. Efficient and adaptively secure asynchronous binary agreement via binding crusader agreement. In Proceedings of the 2022 ACM Symposium on Principles of Distributed Computing, PODC’22, pages 381–391, New York, NY, USA, 2022. Association for Computing Machinery. doi:10.1145/3519270.3538426.

[bib.bib3] [3] Ittai Abraham, Philipp Jovanovic, Mary Maller, Sarah Meiklejohn, Gilad Stern, and Alin Tomescu. Reaching consensus for asynchronous distributed key generation. In Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing, PODC’21, pages 363–373, New York, NY, USA, 2021. Association for Computing Machinery. doi:10.1145/3465084.3467914.

[bib.bib4] [4] Yehuda Afek, James Aspnes, Edo Cohen, and Danny Vainstein. Brief announcement: Object oriented consensus. In Proceedings of the ACM Symposium on Principles of Distributed Computing, PODC ’17, pages 367–369, New York, NY, USA, 2017. Association for Computing Machinery. doi:10.1145/3087801.3087867.

[bib.bib5] [5] Dan Alistarh, Faith Ellen, and Joel Rybicki. Wait-free approximate agreement on graphs. Theoretical Computer Science, 948:113733, 2023. doi:10.1016/j.tcs.2023.113733.

[bib.bib6] [6] Hagit Attiya, Itay Flam, and Jennifer L. Welch. Beyond canonical rounds: Communication abstractions for optimal byzantine resilience, 2025. doi:10.48550/arXiv.2510.04310.

[bib.bib7] [7] Hagit Attiya, Itay Flam, and Jennifer L. Welch. Brief Announcement: Communication Patterns for Optimal Resilience. In Dariusz R. Kowalski, editor, 39th International Symposium on Distributed Computing (DISC 2025), volume 356 of Leibniz International Proceedings in Informatics (LIPIcs), pages 46:1–46:7, Dagstuhl, Germany, 2025. Schloss Dagstuhl – Leibniz-Zentrum für Informatik. doi:10.4230/LIPIcs.DISC.2025.46.

[bib.bib8] [8] Hagit Attiya, Pierre Fraigniaud, Ami Paz, and Sergio Rajsbaum. One step forward, one step back: Flp-style proofs and the round-reduction technique for colorless tasks. In Rotem Oshman, editor, 37th International Symposium on Distributed Computing, DISC 2023, October 10-12, 2023, L’Aquila, Italy, volume 281 of LIPIcs, pages 4:1–4:23. Schloss Dagstuhl – Leibniz-Zentrum für Informatik, 2023. doi:10.4230/LIPICS.DISC.2023.4.

[bib.bib9] [9] Hagit Attiya and Jennifer Welch. Distributed Computing: Fundamentals, Simulations and Advanced Topics. John Wiley & Sons, Inc., Hoboken, NJ, USA, 2004.

[bib.bib10] [10] Hagit Attiya and Jennifer L. Welch. Multi-valued connected consensus: A new perspective on crusader agreement and adopt-commit, 2023. doi:10.48550/arXiv.2308.04646.

[bib.bib11] [11] Hagit Attiya and Jennifer L. Welch. Multi-Valued Connected Consensus: A New Perspective on Crusader Agreement and Adopt-Commit. In Alysson Bessani, Xavier Défago, Junya Nakamura, Koichi Wada, and Yukiko Yamauchi, editors, 27th International Conference on Principles of Distributed Systems (OPODIS 2023), volume 286 of Leibniz International Proceedings in Informatics (LIPIcs), pages 6:1–6:23, Dagstuhl, Germany, 2024. Schloss Dagstuhl – Leibniz-Zentrum für Informatik. doi:10.4230/LIPIcs.OPODIS.2023.6.

[bib.bib12] [12] Gabriel Bracha. Asynchronous byzantine agreement protocols. Inf. Comput., 75(2):130–143, November 1987. doi:10.1016/0890-5401(87)90054-X.

[bib.bib13] [13] Danny Dolev. The byzantine generals strike again. Journal of Algorithms, 3(1):14–30, 1982. doi:10.1016/0196-6774(82)90004-9.

[bib.bib14] [14] Danny Dolev, Nancy A. Lynch, Shlomit S. Pinter, Eugene W. Stark, and William E. Weihl. Reaching approximate agreement in the presence of faults. J. ACM, 33(3):499–516, May 1986. doi:10.1145/5925.5931.

[bib.bib15] [15] Mose Mizrahi Erbes and Roger Wattenhofer. Asynchronous approximate agreement with quadratic communication, 2025. doi:10.48550/arXiv.2408.05495.

[bib.bib16] [16] Paul Feldman and Silvio Micali. Optimal algorithms for byzantine agreement. In Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, STOC ’88, pages 148–161, New York, NY, USA, 1988. Association for Computing Machinery. doi:10.1145/62212.62225.

[bib.bib17] [17] Michael J. Fischer, Nancy A. Lynch, and Michael Merritt. Easy impossibility proofs for distributed consensus problems. In Proceedings of the Fourth Annual ACM Symposium on Principles of Distributed Computing, PODC ’85, pages 59–70, New York, NY, USA, 1985. Association for Computing Machinery. doi:10.1145/323596.323602.

[bib.bib18] [18] Michael J. Fischer, Nancy A. Lynch, and Michael S. Paterson. Impossibility of distributed consensus with one faulty process. J. ACM, 32(2):374–382, April 1985. doi:10.1145/3149.214121.

[bib.bib19] [19] Thomas Locher. Byzantine Reliable Broadcast with Low Communication and Time Complexity. In Silvia Bonomi, Letterio Galletta, Etienne Rivière, and Valerio Schiavoni, editors, 28th International Conference on Principles of Distributed Systems (OPODIS 2024), volume 324 of Leibniz International Proceedings in Informatics (LIPIcs), pages 16:1–16:17, Dagstuhl, Germany, 2025. Schloss Dagstuhl – Leibniz-Zentrum für Informatik. doi:10.4230/LIPIcs.OPODIS.2024.16.

[bib.bib20] [20] Jiong Yang, Gil Neiger, and Eli Gafni. Structured derivations of consensus algorithms for failure detectors. In Proceedings of the Seventeenth Annual ACM Symposium on Principles of Distributed Computing, PODC ’98, pages 297–306, New York, NY, USA, 1998. Association for Computing Machinery. doi:10.1145/277697.277755.

On Time-Optimal, Fault-Tolerant Algorithms for Connected Consensus Beyond Grade Two

Abstract

Keywords and phrases:

Copyright and License:

2012 ACM Subject Classification:

DOI:

Event:

Editors:

Series and Publisher:

1 Introduction

2 Model of computation

3 The Connected Consensus Problem definition

4 Previous work

4.1 Connected consensus lower bounds for fault-tolerance and time complexity

Proposition 1 ([10, Appendix A]).

Proposition 2 ([10, Appendix B.1]).

Proposition 3 ([10, Appendix A]).

Proposition 4 ([10, Appendix B.1]).

Proposition 5 ([10, Appendix G, Theorem 19]).

4.2 Previous connected consensus algorithms

Proposition 6 ([11, Theorem 3]).

Proposition 7 ([11, Theorem 4]).

Proposition 8 ([11, Theorem 5]).

4.3 The witness technique and resilience-optimal approximate agreement

5 Crash-Tolerant Algorithm

Theorem 9.

Theorem 10.

6 Byzantine-Tolerant Algorithm

Theorem 11.

Theorem 12.

7 Time and message complexities

▶ Remark 13 ([10, Appendix B]).

7.1 Complexities for Algorithm 1

Proposition 14 ([8, Proposition 17]).

Theorem 15.

7.2 Complexities for Algorithm 2

8 Conclusions

References

Appendix A Correctness proof for Algorithm 1

Lemma 16.

Proof.

Corollary 17.

Proof.

Lemma 18.

Proof.

Lemma 19.

Proof.

Lemma 20.

Proof.

Lemma 21.

Proof.

Theorem 9. [Restated, see original statement.]

Proof.

Theorem 10. [Restated, see original statement.]

Proof.

Appendix B Correctness proof for Algorithm 2

Lemma 22.

Proof.

Corollary 23.

Proof.

Lemma 24.

Proof.

Lemma 25.

Proof.

Lemma 26.

Proof.

Lemma 27.

Proof.

Lemma 28.

Proof.

Corollary 29.

Lemma 30.

Proof.

Lemma 31.

Proof.

Corollary 32.

Proof.

Lemma 33.

Proof.

Lemma 34.

$\blacktriangleright$ Remark 13 ([10, Appendix B]).