OciorABA: Improved Error-Free Asynchronous Byzantine Agreement via Partial Vector Agreement

TL;DR

This work tackles error-free, information-theoretically secure asynchronous Byzantine agreement without cryptographic assumptions beyond a common coin. It introduces APVA, a primitive for asynchronous partial vector agreement, and builds two ABA protocols, OciorABA* and OciorABA, achieving $O(n \ell + n^3 \log q)$ communication with resilience $n \geq 3t + 1$, where OciorABA* runs in $O(\log n)$ rounds and OciorABA achieves $O(1)$ rounds. The construction combines erasure coding, reliable broadcast, ABBA/ABBBA primitives, and APC (APVA) to coordinate outputs despite up to $t$ Byzantine nodes, while guaranteeing termination, consistency, and validity. The results advance practical IT-secure asynchronous BA by reducing round complexity to a constant and preserving efficient communication, with potential impact on distributed cryptography, blockchain consensus, and fault-tolerant systems.

Abstract

In this work, we propose an error-free, information-theoretically secure multi-valued asynchronous Byzantine agreement (ABA) protocol, called OciorABA. This protocol achieves ABA consensus on an $\ell$-bit message with an expected communication complexity of $O(n\ell + n^3 \log q )$ bits and an expected round complexity of $O(1)$ rounds, under the optimal resilience condition $n \geq 3t + 1$ in an $n$-node network, where up to $t$ nodes may be dishonest. Here, $q$ denotes the alphabet size of the error correction code used in the protocol. In our protocol design, we introduce a new primitive: asynchronous partial vector agreement (APVA). In APVA, the distributed nodes input their vectors and aim to output a common vector, where some of the elements of those vectors may be missing or unknown. We propose an APVA protocol with an expected communication complexity of $O( n^3 \log q )$ bits and an expected round complexity of $O(1)$ rounds. This APVA protocol serves as a key building block for our OciorABA protocol.

Figures (4)

• Figure 1: A block diagram of the proposed $\mathrm{OciorABA}^\star$ protocol with an identifier $\mathrm{ID}$. Here ${\mathcal{A}}_{\mathrm{ones}} \subseteq [1:n]$ denotes the indices of all $\mathrm{ABBA}$ instances that delivered $1$, while ${\mathcal{B}}_{\mathrm{ones}} \subseteq {\mathcal{A}}_{\mathrm{ones}}$ denotes the first $t+1$ smallest values in ${\mathcal{A}}_{\mathrm{ones}}$. The description focuses on the example with $n=4$ and $t=1$.
• Figure 2: A block diagram of the proposed $\mathrm{OciorABA}$ protocol with an identifier $\mathrm{ID}$. Here $\hat{\boldsymbol{v}}$ denotes the output vector of $\mathrm{APVA}$. ${\mathcal{A}}_{\mathrm{ones}} \subseteq [1:n]$ denotes the indices of all elements in $\hat{\boldsymbol{v}}$ that are equal to $1$, i.e., ${\mathcal{A}}_{\mathrm{ones}}=\{j: \hat{\boldsymbol{v}}[j] = 1, j \in[1:n]\}$, while ${\mathcal{B}}_{\mathrm{ones}} \subseteq {\mathcal{A}}_{\mathrm{ones}}$ denotes the first $t+1$ smallest values in ${\mathcal{A}}_{\mathrm{ones}}$. The description focuses on the example with $n=4$ and $t=1$.
• Figure 3: A block diagram of the proposed $\mathrm{APVA}$ protocol with an identifier $\mathrm{ID}$. Details of the $\mathrm{ACID}^{\star}$ protocol are presented in Fig. \ref{['fig:ACIDstar']}. Here ${\mathcal{M}}(\boldsymbol{w})$ denotes the set of indices of all non-missing elements of the vector $\boldsymbol{w}$, i.e., ${\mathcal{M}}(\boldsymbol{w}):=\{j: \boldsymbol{w}[j] \neq \phi, j \in[1:n]\}$.
• Figure 4: A block diagram of the proposed $\mathrm{ACID}^{\star}$ protocol with an identifier $\mathrm{ID}$.

Theorems & Definitions (43)

• Definition 1: Asynchronous partial vector agreement ($\mathrm{APVA}$)
• Definition 2: Byzantine agreement ($\mathrm{BA}$)
• Definition 3: Reliable broadcast ($\mathrm{RBC}$)
• Definition 4: $\mathrm{ACID}$ instance, ChenOciorMVBA:24
• Definition 5: Parallel $\mathrm{ACID}$ instances, ChenOciorMVBA:24
• Definition 6: Asynchronous biased binary Byzantine agreement ($\mathrm{ABBBA}$), ChenOciorMVBA:24
• Definition 7: Common coin
• Theorem 1: Termination
• proof
• Theorem 2: Validity