|
|
|
|
|
|
by danbruc
14 days ago
|
|
|
I would not call it trust because in this kind of consensus protocols, namely permissioned consensus protocols, you assume trust between participants, you assume you know the participants and they are not malicious. Otherwise you have to go down a road more like Bitcoin, where you do not know the participants and do not trust them. What you need are rules that define a safe behavior in face of arbitrary communication breakdowns. You need a default behavior that guarantees that you are still doing the right thing no matter which other nodes you can no longer talk to. And safe behavior means two things. First, you need continuity, you must not lose any commits, so at least one node in the current round must have participated in the latest round. Second, you have to ensure that no two groups of nodes independently decide that they should continue to make commits, otherwise the state would diverge. And from this comes the tensions, you want many nodes in the quorum to make continuity easy, you want few nodes in the quorum to tolerate many failures, you kind of want many nodes in the quorum to prevent multiple quorums. |
|
|