The Byzantine Generals Problem
拜占庭将军问题

Reliable computer systems must handle malfunctioning components that give conflicting information to different parts of the system. This situation can be expressed abstractly in terms of a group of generals of the Byzantine army camped with their troops around an enemy city. Communicating only by messenger, the generals must agree upon a common battle plan. However, one or more of them may be traitors who will try to confuse the others. The problem is to find an algorithm to ensure that the loyal generals will reach agreement. It is shown that, using only oral messages, this problem is solvable if and only if more than two-thirds of the generals are loyal; so a single traitor can confound two loyal generals. With unforgeable written messages, the problem is solvable for any number of generals and possible traitors. Applications of the solutions to reliable computer systems are then discussed.
可靠的计算机系统必须能够处理向系统不同部分提供相互矛盾信息的故障组件。这种情况可以抽象地用一组拜占庭军队的将军围绕敌城与部队扎营来表达。将军们只能通过信使进行通信，必须就一个共同的作战计划达成一致。然而，其中一个或多个可能是叛徒，试图混淆其他人。问题是找到一种算法，确保忠诚的将军能够达成一致。研究表明，仅使用口头消息时，当且仅当超过三分之二的将军是忠诚的，该问题才可解决；因此，一个叛徒可以使两个忠诚的将军陷入混乱。使用不可伪造的书面消息时，该问题对于任意数量的将军和可能的叛徒均可解决。随后讨论了这些解决方案在可靠计算机系统中的应用。
Categories and Subject Descriptors: C.2.4. [Computer-Communication Networks]: Distributed Systems-network operating systems; D.4.4 [Operating Systems]: Communications Managementnetwork communication; D.4.5 [Operating Systems]: Reliability-fault tolerance
类别和主题描述符：C.2.4. [计算机通信网络]：分布式系统-网络操作系统；D.4.4 [操作系统]：通信管理-网络通信；D.4.5 [操作系统]：可靠性-容错

General Terms: Algorithms, Reliability
通用术语：算法，可靠性
Additional Key Words and Phrases: Interactive consistency
额外关键词和短语：交互一致性

A reliable computer system must be able to cope with the failure of one or more of its components. A failed component may exhibit a type of behavior that is often overlooked-namely, sending conflicting information to different parts of the system. The problem of coping with this type of failure is expressed abstractly as the Byzantine Generals Problem. We devote the major part of the paper to a discussion of this abstract problem and conclude by indicating how our solutions can be used in implementing a reliable computer system.
一个可靠的计算机系统必须能够应对一个或多个组件的故障。一个故障组件可能表现出一种常被忽视的行为——即向系统的不同部分发送相互矛盾的信息。应对这种类型故障的问题在抽象层面上被称为拜占庭将军问题。本文的大部分内容将讨论这一抽象问题，并最终指出我们的解决方案如何应用于实现可靠的计算机系统。

We imagine that several divisions of the Byzantine army are camped outside an enemy city, each division commanded by its own general. The generals can communicate with one another only by messenger. After observing the enemy, they must decide upon a common plan of action. However, some of the generals
我们设想拜占庭军队的几个师驻扎在敌城外，每个师由自己的将军指挥。将军们只能通过信使相互通信。在观察敌情后，他们必须决定一个共同的行动计划。然而，其中一些将军

may be traitors, trying to prevent the loyal generals from reaching agreement. The generals must have an algorithm to guarantee that
可能有叛徒，试图阻止忠诚的将军们达成一致。将军们必须有一个算法来保证这一点
A. All loyal generals decide upon the same plan of action.
A. 所有忠诚的将军都决定采取相同的行动方案。

The loyal generals will all do what the algorithm says they should, but the traitors may do anything they wish. The algorithm must guarantee condition A regardless of what the traitors do.
忠诚的将军们都会按照算法指示去做，但叛徒可能会做任何他们想做的事。无论叛徒做什么，算法都必须保证条件 A。

The loyal generals should not only reach agreement, but should agree upon a reasonable plan. We therefore also want to insure that
忠诚的将军们不仅应该达成一致，还应该同意一个合理的方案。因此，我们还希望确保的是
B. A small number of traitors cannot cause the loyal generals to adopt a bad plan.
B. 少数叛徒无法导致忠诚的将军们采纳一个糟糕的计划。

Condition B is hard to formalize, since it requires saying precisely what a bad plan is, and we do not attempt to do so. Instead, we consider how the generals reach a decision. Each general observes the enemy and communicates his observations to the others. Let $v(i)$$v(i)$v(i)v(i) be the information communicated by the $i$$i$ii th general. Each general uses some method for combining the values $v(1),\dots ,v(n)$$v(1),\dots ,v(n)$v(1),dots,v(n)v(1), \ldots, v(n) into a single plan of action, where $n$$n$nn is the number of generals. Condition A is achieved by having all generals use the same method for combining the information, and Condition B is achieved by using a robust method. For example, if the only decision to be made is whether to attack or retreat, then $v(i)$$v(i)$v(i)v(i) can be General $i$$i$ii 's opinion of which option is best, and the final decision can be based upon a majority vote among them. A small number of traitors can affect the decision only if the loyal generals were almost equally divided between the two possibilities, in which case neither decision could be called bad.
条件 B 难以形式化，因为它要求精确定义什么是糟糕的计划，而我们并未尝试这样做。相反，我们考虑将军们如何做出决策。每位将军观察敌情并将他的观察结果传达给其他人。设 $v(i)$$v(i)$v(i)v(i) 为第 $i$$i$ii 位将军传达的信息。每位将军使用某种方法将这些值 $v(1),\dots ,v(n)$$v(1),\dots ,v(n)$v(1),dots,v(n)v(1), \ldots, v(n) 合并成一个行动方案，其中 $n$$n$nn 为将军人数。条件 A 通过让所有将军使用相同的信息合并方法来实现，条件 B 则通过使用一种鲁棒的方法来实现。例如，如果唯一需要做出的决策是进攻还是撤退，那么 $v(i)$$v(i)$v(i)v(i) 可以是第 $i$$i$ii 位将军对哪个选项更好的看法，最终决策可以基于他们之间的多数投票。只有当忠诚的将军们在两种可能性之间几乎势均力敌时，少数叛徒才可能影响决策，在这种情况下，任何决策都不能被称为糟糕。

While this approach may not be the only way to satisfy conditions A and B, it is the only one we know of. It assumes a method by which the generals communicate their values $v(i)$$v(i)$v(i)v(i) to one another. The obvious method is for the $i$$i$ii th general to send $v(i)$$v(i)$v(i)v(i) by messenger to each other general. However, this does not work, because satisfying condition A requires that every loyal general obtain the same values $v(1),\dots ,v(n)$$v(1),\dots ,v(n)$v(1),dots,v(n)v(1), \ldots, v(n), and a traitorous general may send different values to different generals. For condition A to be satisfied, the following must be true:
虽然这种方法可能不是满足条件 A 和 B 的唯一方式，但这是我们所知道的唯一方法。它假设了一种将将军们的数值 $v(i)$$v(i)$v(i)v(i) 相互传达的方法。显而易见的方法是第 $i$$i$ii 位将军通过信使将 $v(i)$$v(i)$v(i)v(i) 发送给其他每位将军。然而，这种方法行不通，因为满足条件 A 要求每位忠诚的将军获得相同的数值 $v(1),\dots ,v(n)$$v(1),\dots ,v(n)$v(1),dots,v(n)v(1), \ldots, v(n) ，而叛徒将军可能会向不同的将军发送不同的数值。为了满足条件 A，必须满足以下条件：

Condition 1 implies that a general cannot necessarily use a value of $v(i)$$v(i)$v(i)v(i) obtained directly from the $i$$i$ii th general, since a traitorous $i$$i$ii th general may send different values to different generals. This means that unless we are careful, in meeting condition 1 we might introduce the possibility that the generals use a value of $v(i)$$v(i)$v(i)v(i) different from the one sent by the $i$$i$ii th general-even though the $i$$i$ii th general is loyal. We must not allow this to happen if condition B is to be met. For example, we cannot permit a few traitors to cause the loya! generals to base their decision upon the values “retreat”, … “retreat” if every loyal general sent the value “attack”. We therefore have the following requirement for each $i$$i$ii :
条件 1 意味着将军不一定能直接使用从第 $i$$i$ii 个将军那里获得的值 $v(i)$$v(i)$v(i)v(i) ，因为一个叛变的第 $i$$i$ii 个将军可能会向不同的将军发送不同的值。这意味着，除非我们小心，否则在满足条件 1 时，我们可能会引入将军们使用与第 $i$$i$ii 个将军发送的值不同的 $v(i)$$v(i)$v(i)v(i) 值的可能性——即使第 $i$$i$ii 个将军是忠诚的。如果要满足条件 B，我们绝不能允许这种情况发生。例如，我们不能允许少数叛徒导致忠诚的将军基于“撤退”……“撤退”的值做出决定，而每个忠诚的将军都发送了“进攻”的值。因此，我们对每个 $i$$i$ii 有以下要求：
2. If the $i$$i$ii th general is loyal, then the value that he sends must be used by every loyal general as the value of $v(i)$$v(i)$v(i)v(i).
2. 如果第 $i$$i$ii 个将军是忠诚的，那么他发送的值必须被每个忠诚的将军用作 $v(i)$$v(i)$v(i)v(i) 的值。

We can rewrite condition 1 as the condition that for every $i$$i$ii (whether or not the $i$$i$ii th general is loyal),
我们可以将条件 1 重写为：对于每个 $i$$i$ii （无论第 $i$$i$ii 个将军是否忠诚），
$1^{\prime }$$1^{\prime }$1^(')1^{\prime}. Any two loyal generals use the same value of $v(i)$$v(i)$v(i)v(i).
$1^{\prime }$$1^{\prime }$1^(')1^{\prime} 。任何两个忠诚的将军使用相同的 $v(i)$$v(i)$v(i)v(i) 值。
Conditions $1^{\prime }$$1^{\prime }$1^(')1^{\prime} and 2 are both conditions on the single value sent by the $i$$i$ii th general. We can therefore restrict our consideration to the problem of how a single general sends his value to the others. We phrase this in terms of a commanding general sending an order to his lieutenants, obtaining the following problem.
条件 $1^{\prime }$$1^{\prime }$1^(')1^{\prime} 和 2 都是对第 $i$$i$ii 个将军发送的单一值的条件。因此，我们可以将考虑范围限制在单个将军如何将他的值发送给其他人这一问题上。我们将其表述为一位指挥将军向他的中尉发送命令，从而得到以下问题。

Byzantine Generals Problem. A commanding general must send an order to his $n-1$$n-1$n-1n-1 lieutenant generals such that
拜占庭将军问题。一位指挥将军必须向他的 $n-1$$n-1$n-1n-1 位中尉将军发送命令，使得

IC1. All loyal lieutenants obey the same order.
IC1。所有忠诚的中尉都服从相同的命令。
IC2. If the commanding general is loyal, then every loyal lieutenant obeys the order he sends.
IC2。如果指挥将军是忠诚的，那么每个忠诚的中尉都会服从他发送的命令。

Conditions IC1 and IC2 are called the interactive consistency conditions. Note that if the commander is loyal, then IC1 follows from IC2. However, the commander need not be loyal.
条件 IC1 和 IC2 被称为交互一致性条件。注意，如果指挥官是忠诚的，那么 IC1 可以从 IC2 推导出来。然而，指挥官不一定是忠诚的。

To solve our original problem, the $i$$i$ii th general sends his value of $v(i)$$v(i)$v(i)v(i) by using a solution to the Byzantine Generals Problem to send the order “use $v(i)$$v(i)$v(i)v(i) as my value”, with the other generals acting as the lieutenants.
为了解决我们最初的问题，第 $i$$i$ii 位将军通过使用拜占庭将军问题的解决方案发送他的值 $v(i)$$v(i)$v(i)v(i) ，并发送命令“使用 $v(i)$$v(i)$v(i)v(i) 作为我的值”，其他将军则充当中尉。

The Byzantine Generals Problem seems deceptively simple. Its difficulty is indicated by the surprising fact that if the generals can send only oral messages, then no solution will work unless more than two-thirds of the generals are loyal. In particular, with only three generals, no solution can work in the presence of a single traitor. An oral message is one whose contents are completely under the control of the sender, so a traitorous sender can transmit any possible message. Such a message corresponds to the type of message that computers normally send to one another. In Section 4 we consider signed, written messages, for which this is not true.
拜占庭将军问题看似简单。其难度体现在一个令人惊讶的事实：如果将军们只能发送口头消息，那么除非超过三分之二的将军是忠诚的，否则没有解决方案可行。特别是，当只有三位将军时，在存在一个叛徒的情况下，没有解决方案能够奏效。口头消息是指其内容完全由发送者控制的消息，因此叛徒发送者可以传递任何可能的消息。这种消息类型对应于计算机通常相互发送的消息类型。在第 4 节中，我们将考虑签名的书面消息，对于这种消息情况则不同。

We now show that with oral messages no solution for three generals can handle a single traitor. For simplicity, we consider the case in which the only possible decisions are “attack” or “retreat”. Let us first examine the scenario pictured in Figure 1 in which the commander is loyal and sends an “attack” order, but Lieutenant 2 is a traitor and reports to Lieutenant 1 that he received a “retreat” order. For IC2 to be satisfied, Lieutenant 1 must obey the order to attack.
我们现在证明，对于口头信息，三将军问题中没有解决方案能够应对单个叛徒。为简便起见，我们考虑唯一可能的决策是“进攻”或“撤退”的情况。首先让我们考察图 1 所示的情景，其中指挥官是忠诚的并下达了“进攻”命令，但中尉 2 是叛徒，他向中尉 1 报告说他收到了“撤退”命令。为了满足 IC2，中尉 1 必须服从进攻命令。

Now consider another scenario, shown in Figure 2, in which the commander is a traitor and sends an “attack” order to Lieutenant 1 and a “retreat” order to Lieutenant 2. Lieutenant 1 does not know who the traitor is, and he cannot tell what message the commander actually sent to Lieutenant 2 . Hence, the scenarios in these two pictures appear exactly the same to Lieutenant 1 . If the traitor lies consistently, then there is no way for Lieutenant 1 to distinguish between these two situations, so he must obey the “attack” order in both of them. Hence, whenever Lieutenant 1 receives an “attack” order from the commander, he must obey it.
现在考虑另一个情景，如图 2 所示，其中指挥官是叛徒，向中尉 1 下达“进攻”命令，向中尉 2 下达“撤退”命令。中尉 1 不知道谁是叛徒，也无法判断指挥官实际上向中尉 2 发送了什么信息。因此，这两幅图中的情景对中尉 1 来说看起来完全相同。如果叛徒始终说谎，那么中尉 1 无法区分这两种情况，因此他必须在两种情况下都服从“进攻”命令。因此，每当中尉 1 收到指挥官的“进攻”命令时，他必须服从。

Fig. 1. Lieutenant 2 a traitor.
图 1。中尉 2 是叛徒。

Fig. 2. The commander a traitor.
图 2. 指挥官是叛徒。
However, a similar argument shows that if Lieutenant 2 receives a “retreat” order from the commander then he must obey it even if Lieutenant 1 tells him that the commander said “attack”. Therefore, in the scenario of Figure 2, Lieutenant 2 must obey the “retreat” order while Lieutenant 1 obeys the “attack” order, thereby violating condition IC1. Hence, no solution exists for three generals that works in the presence of a single traitor.
然而，类似的论证表明，如果中尉 2 接到指挥官的“撤退”命令，那么即使中尉 1 告诉他指挥官说的是“进攻”，他也必须服从。因此，在图 2 的情景中，中尉 2 必须服从“撤退”命令，而中尉 1 服从“进攻”命令，从而违反了条件 IC1。因此，三位将军中存在一个叛徒时，不存在可行的解决方案。

This argument may appear convincing, but we strongly advise the reader to be very suspicious of such nonrigorous reasoning. Although this result is indeed correct, we have seen equally plausible “proofs” of invalid results. We know of no area in computer science or mathematics in which informal reasoning is more likely to lead to errors than in the study of this type of algorithm. For a rigorous proof of the impossibility of a three-general solution that can handle a single traitor, we refer the reader to [3].
这个论点看似令人信服，但我们强烈建议读者对这种非严格的推理保持高度怀疑。尽管这个结果确实正确，但我们也见过同样看似合理的“证明”却得出了错误的结论。在计算机科学或数学的任何领域中，我们都未见过比研究此类算法更容易因非正式推理而导致错误的情况。关于三将军问题中无法解决单个叛徒的严格证明，读者可参见文献[3]。

Using this result, we can show that no solution with fewer than $3m+1$$3m+1$3m+13 m+1 generals can cope with $m$$m$mm traitors. ${}^1$${}^1$^(1){ }^{1} The proof is by contradiction-we assume such a
利用这一结果，我们可以证明少于 $3m+1$$3m+1$3m+13 m+1 位将军的方案无法应对 $m$$m$mm 个叛徒。 ${}^1$${}^1$^(1){ }^{1} 证明方法是反证法——我们假设存在这样的方案。

solution for a group of $3m$$3m$3m3 m or fewer and use it to construct a three-general solution to the Byzantine Generals Problem that works with one traitor, which we know to be impossible. To avoid confusion between the two algorithms, we call the generals of the assumed solution Albanian generals, and those of the constructed solution Byzantine generals. Thus, starting from an algorithm that allows $3m$$3m$3m3 m or fewer Albanian generals to cope with $m$$m$mm traitors, we construct a solution that allows three Byzantine generals to handle a single traitor.
针对一组不超过 $3m$$3m$3m3 m 个成员的解决方案，并利用它构造一个适用于拜占庭将军问题的三将军解决方案，该方案能够应对一个叛徒，而我们知道这是不可能的。为了避免混淆这两种算法，我们将假设解决方案中的将军称为阿尔巴尼亚将军，而构造的解决方案中的将军称为拜占庭将军。因此，从一个允许不超过 $3m$$3m$3m3 m 个阿尔巴尼亚将军应对 $m$$m$mm 个叛徒的算法出发，我们构造了一个允许三名拜占庭将军处理一个叛徒的解决方案。

The three-general solution is obtained by having each of the Byzantine generals simulate approximately one-third of the Albanian generals, so that each Byzantine general is simulating at most $m$$m$mm Albanian generals. The Byzantine commander simulates the Albanian commander plus at most $m-1$$m-1$m-1m-1 Albanian lieutenants, and each of the two Byzantine lieutenants simulates at most $m$$m$mm Albanian lieutenants. Since only one Byzantine general can be a traitor, and he simulates at most $m$$m$mm Albanians, at most $m$$m$mm of the Albanian generals are traitors. Hence, the assumed solution guarantees that IC1 and IC2 hold for the Albanian generals. By IC1, all the Albanian lieutenants being simulated by a loyal Byzantine lieutenant obey the same order, which is the order he is to obey. It is easy to check that conditions IC1 and IC2 of the Albanian generals solution imply the corresponding conditions for the Byzantine generals, so we have constructed the required impossible solution.
三将军解法是通过让每个拜占庭将军模拟大约三分之一的阿尔巴尼亚将军，从而使每个拜占庭将军最多模拟 $m$$m$mm 个阿尔巴尼亚将军。拜占庭指挥官模拟阿尔巴尼亚指挥官加上最多 $m-1$$m-1$m-1m-1 个阿尔巴尼亚中尉，而两个拜占庭中尉中的每一个最多模拟 $m$$m$mm 个阿尔巴尼亚中尉。由于只有一个拜占庭将军可能是叛徒，且他最多模拟 $m$$m$mm 个阿尔巴尼亚人，因此最多有 $m$$m$mm 个阿尔巴尼亚将军是叛徒。因此，假设的解法保证了阿尔巴尼亚将军满足 IC1 和 IC2 条件。根据 IC1，所有被忠诚的拜占庭中尉模拟的阿尔巴尼亚中尉都服从相同的命令，即他应服从的命令。很容易验证，阿尔巴尼亚将军解法的 IC1 和 IC2 条件蕴含了拜占庭将军相应的条件，因此我们构造了所需的不可能解法。

One might think that the difficulty in solving the Byzantine Generals Problem stems from the requirement of reaching exact agreement. We now demonstrate that this is not the case by showing that reaching approximate agreement is just as hard as reaching exact agreement. Let us assume that instead of trying to agree on a precise battle plan, the generals must agree only upon an approximate time of attack. More precisely, we assume that the commander orders the time of the attack, and we require the following two conditions to hold:
人们可能认为解决拜占庭将军问题的难点在于必须达成精确一致。我们现在证明情况并非如此，通过展示达成近似一致与达成精确一致同样困难。假设将军们不必就精确的作战计划达成一致，而只需就攻击的近似时间达成一致。更准确地说，我们假设指挥官下达攻击时间的命令，并要求满足以下两个条件：

IC1’. All loyal lieutenants attack within 10 minutes of one another.
IC1’。所有忠诚的中尉的攻击时间相互之间不超过 10 分钟。
IC2’. If the commanding general is loyal, then every loyal lieutenant attacks within 10 minutes of the time given in the commander’s order.
IC2’。如果指挥将军是忠诚的，那么每个忠诚的中尉的攻击时间与指挥官命令中给出的时间相差不超过 10 分钟。
(We assume that the orders are given and processed the day before the attack and that the time at which an order is received is irrelevant-only the attack time given in the order matters.)
（我们假设命令在攻击前一天下达并处理，接收命令的时间无关紧要——只有命令中给出的攻击时间才重要。）

Like the Byzantine Generals Problem, this problem is unsolvable unless more than two-thirds of the generals are loyal. We prove this by first showing that if there were a solution for three generals that coped with one traitor, then we could construct a three-general solution to the Byzantine Generals Problem that also worked in the presence of one traitor. Suppose the commander wishes to send an “attack” or “retreat” order. He orders an attack by sending an attack time of 1:00 and orders a retreat by sending an attack time of $2:00$$2:00$2:002: 00, using the assumed algorithm. Each lieutenant uses the following procedure to obtain his order.
像拜占庭将军问题一样，除非超过三分之二的将军是忠诚的，否则该问题是无法解决的。我们首先证明，如果存在一个能应对一个叛徒的三将军解决方案，那么我们就可以构造一个同样能应对一个叛徒的拜占庭将军问题的三将军解决方案。假设指挥官希望发送“进攻”或“撤退”命令。他通过发送进攻时间 1:00 来下达进攻命令，通过发送进攻时间为 $2:00$$2:00$2:002: 00 来下达撤退命令，使用假设的算法。每个中尉使用以下程序来获取他的命令。
(1) After receiving the attack time from the commander, a lieutenant does one of the following:
(1) 在收到指挥官的进攻时间后，中尉执行以下操作之一：
(a) If the time is $1:10$$1:10$1:101: 10 or earlier, then attack.
(a) 如果时间是 $1:10$$1:10$1:101: 10 或更早，则进攻。
(b) If the time is $1:50$$1:50$1:501: 50 or later, then retreat.
(b) 如果时间是 $1:50$$1:50$1:501: 50 或更晚，则撤退。
© Otherwise, continue to step (2).
© 否则，继续执行步骤（2）。
(2) Ask the other lieutenant what decision he reached in step (1).
（2）询问另一位中尉他在步骤（1）中做出了什么决定。
(a) If the other lieutenant reached a decision, then make the same decision he did.
（a）如果另一位中尉做出了决定，则做出与他相同的决定。
(b) Otherwise, retreat.  （b）否则，撤退。

It follows from IC2’ that if the commander is loyal, then a loyal lieutenant will obtain the correct order in step (1), so IC2 is satisfied. If the commander is loyal, then IC1 follows from IC2, so we need only prove IC1 under the assumption that the commander is a traitor. Since there is at most one traitor, this means that both lieutenants are loyal. It follows from IC1’ that if one lieutenant decides to attack in step (1), then the other cannot decide to retreat in step (1). Hence, either they will both come to the same decision in step (1) or at least one of them will defer his decision until step (2). In this case, it is easy to see that they both arrive at the same decision, so IC1 is satisfied. We have therefore constructed a three-general solution to the Byzantine Generals Problem that handles one traitor, which is impossible. Hence, we cannot have a three-general algorithm that maintains IC1’ and IC2’ in the presence of a traitor.
由 IC2’可知，如果指挥官忠诚，那么忠诚的中尉将在步骤（1）获得正确的命令，因此满足 IC2。如果指挥官忠诚，则 IC1 由 IC2 推导而来，因此我们只需在假设指挥官是叛徒的情况下证明 IC1。由于最多只有一个叛徒，这意味着两个中尉都是忠诚的。由 IC1’可知，如果一个中尉在步骤（1）决定进攻，那么另一个中尉在步骤（1）不能决定撤退。因此，他们要么在步骤（1）达成相同的决定，要么至少有一个中尉将决定推迟到步骤（2）。在这种情况下，很容易看出他们都会达成相同的决定，因此满足 IC1。因此，我们构造了一个解决拜占庭将军问题的三将军方案，该方案能处理一个叛徒，这是不可能的。因此，在存在叛徒的情况下，我们不可能有一个三将军算法同时保持 IC1’和 IC2’。

The method of having one general simulate $m$$m$mm others can now be used to prove that no solution with fewer than $3m+1$$3m+1$3m+13 m+1 generals can cope with $m$$m$mm traitors. The proof is similar to the one for the original Byzantine Generals Problem and is left to the reader.
现在可以使用让一个将军模拟 $m$$m$mm 个其他将军的方法来证明，少于 $3m+1$$3m+1$3m+13 m+1 个将军的解决方案无法应对 $m$$m$mm 个叛徒。证明类似于最初拜占庭将军问题的证明，留给读者完成。

We showed above that for a solution to the Byzantine Generals Problem using oral messages to cope with $m$$m$mm traitors, there must be at least $3m+1$$3m+1$3m+13 m+1 generals. We now give a solution that works for $3m+1$$3m+1$3m+13 m+1 or more generals. However, we first specify exactly what we mean by “oral messages”. Each general is supposed to execute some algorithm that involves sending messages to the other generals, and we assume that a loyal general correctly executes his algorithm. The definition of an oral message is embodied in the following assumptions which we make for the generals’ message system:
我们在上文中已经证明，对于使用口头消息来应对 $m$$m$mm 个叛徒的拜占庭将军问题的解决方案，必须至少有 $3m+1$$3m+1$3m+13 m+1 个将军。现在我们给出一个适用于 $3m+1$$3m+1$3m+13 m+1 个或更多将军的解决方案。然而，我们首先明确“口头消息”的具体含义。每个将军应执行某个算法，该算法涉及向其他将军发送消息，我们假设忠诚的将军会正确执行其算法。口头消息的定义体现在我们对将军消息系统所做的以下假设中：
A1. Every message that is sent is delivered correctly.
A1. 发送的每条消息都能被正确传达。
A2. The receiver of a message knows who sent it.
A2. 消息的接收者知道是谁发送的。
A 3 . The absence of a message can be detected.
A3. 可以检测到消息的缺失。
Assumptions A1 and A2 prevent a traitor from interfering with the communication between two other generals, since by A1 he cannot interfere with the messages they do send, and by A2 he cannot confuse their intercourse by introducing spurious messages. Assumption A3 will foil a traitor who tries to prevent a decision by simply not sending messages. The practical implementation of these assumptions is discussed in Section 6.
假设 A1 和 A2 防止叛徒干扰两个其他将军之间的通信，因为根据 A1，他不能干扰他们发送的消息，根据 A2，他不能通过引入伪造消息来混淆他们的交流。假设 A3 将挫败试图通过不发送消息来阻止决策的叛徒。这些假设的实际实现将在第 6 节中讨论。

The algorithms in this section and in the following one require that each general be able to send messages directly to every other general. In Section 5, we describe algorithms which do not have this requirement.
本节及下一节中的算法要求每个将军能够直接向其他每个将军发送消息。在第 5 节中，我们描述了不具备此要求的算法。

A traitorous commander may decide not to send any order. Since the lieutenants must obey some order, they need some default order to obey in this case. We let RETREAT be this default order.
一个叛变的指挥官可能决定不发送任何命令。由于中尉必须服从某个命令，因此在这种情况下他们需要一个默认命令。我们让“撤退”成为这个默认命令。

We inductively define the $\mathrm{Oral}$$\mathrm{Oral}$Oral\operatorname{Oral} Message algorithms $\mathrm{OM}(m)$$\mathrm{OM}(m)$OM(m)\mathrm{OM}(m), for all nonnegative integers $m$$m$mm, by which a commander sends an order to $n-1$$n-1$n-1n-1 lieutenants. We show that $\mathrm{OM}(m)$$\mathrm{OM}(m)$OM(m)\mathrm{OM}(m) solves the Byzantine Generals Problem for $3m+1$$3m+1$3m+13 m+1 or more generals in the presence of at most $m$$m$mm traitors. We find it more convenient to describe this algorithm in terms of the lieutenants “obtaining a value” rather than “obeying an order”.
我们通过归纳法定义了 $\mathrm{Oral}$$\mathrm{Oral}$Oral\operatorname{Oral} 消息算法 $\mathrm{OM}(m)$$\mathrm{OM}(m)$OM(m)\mathrm{OM}(m) ，适用于所有非负整数 $m$$m$mm ，其中指挥官向 $n-1$$n-1$n-1n-1 名中尉发送命令。我们证明了 $\mathrm{OM}(m)$$\mathrm{OM}(m)$OM(m)\mathrm{OM}(m) 在最多有 $m$$m$mm 名叛徒的情况下，能够解决拜占庭将军问题，适用于 $3m+1$$3m+1$3m+13 m+1 名或更多将军。我们发现用中尉“获得一个值”而不是“服从命令”来描述该算法更为方便。

The algorithm assumes a function majority with the property that if a majority of the values $v_i$$v_i$v_(i)v_{i} equal $v$$v$vv, then majority $(v_1,\dots ,v_{n-1})$$\left(v_1,\dots ,v_{n-1}\right)$(v_(1),dots,v_(n-1))\left(v_{1}, \ldots, v_{n-1}\right) equals $v$$v$vv. (Actually, it assumes a sequence of such functions-one for each $n$$n$nn.) There are two natural choices for the value of majority $(v_1,\dots ,v_{n-1})$$\left(v_1,\dots ,v_{n-1}\right)$(v_(1),dots,v_(n-1))\left(v_{1}, \ldots, v_{n-1}\right) :
该算法假设存在一个多数函数 majority，其性质是如果大多数值 $v_i$$v_i$v_(i)v_{i} 等于 $v$$v$vv ，则 majority $(v_1,\dots ,v_{n-1})$$\left(v_1,\dots ,v_{n-1}\right)$(v_(1),dots,v_(n-1))\left(v_{1}, \ldots, v_{n-1}\right) 等于 $v$$v$vv 。（实际上，它假设存在一系列这样的函数——每个 $n$$n$nn 对应一个。）对于 majority $(v_1,\dots ,v_{n-1})$$\left(v_1,\dots ,v_{n-1}\right)$(v_(1),dots,v_(n-1))\left(v_{1}, \ldots, v_{n-1}\right) 的值，有两个自然的选择：

The following algorithm requires only the aforementioned property of majority.
以下算法仅需要上述多数的性质。
Algorithm OM(0).  算法 OM(0)。
(1) The commander sends his value to every lieutenant.
（1）指挥官将他的值发送给每个中尉。
(2) Each lieutenant uses the value he receives from the commander, or uses the value RETREAT if he receives no value.
（2）每个中尉使用他从指挥官那里收到的值，或者如果没有收到值，则使用值“撤退”。

Algorithm $OM(m),m>0$$OM(m),m>0$OM(m),m > 0O M(m), m>0.  算法 $OM(m),m>0$$OM(m),m>0$OM(m),m > 0O M(m), m>0 .
(1) The commander sends his value to every lieutenant.
（1）指挥官将他的值发送给每个中尉。
(2) For each $i$$i$ii, let $v_i$$v_i$v_(i)v_{i} be the value Lieutenant $i$$i$ii receives from the commander, or else be RETREAT if he rezeives no value. Lieutenant $i$$i$ii acts as the commander in Algorithm $\mathrm{OM}(m-1)$$\mathrm{OM}(m-1)$OM(m-1)\mathrm{OM}(m-1) to send the value $v_i$$v_i$v_(i)v_{i} to each of the $n-2$$n-2$n-2n-2 other lieutenants.
（2）对于每个 $i$$i$ii ，令 $v_i$$v_i$v_(i)v_{i} 为中尉 $i$$i$ii 从指挥官那里收到的值，或者如果他没有收到值，则为“撤退”。中尉 $i$$i$ii 在算法 $\mathrm{OM}(m-1)$$\mathrm{OM}(m-1)$OM(m-1)\mathrm{OM}(m-1) 中充当指挥官，将值 $v_i$$v_i$v_(i)v_{i} 发送给其他 $n-2$$n-2$n-2n-2 个中尉。
(3) For each $i$$i$ii, and each $j\ne i$$j\ne i$j!=ij \neq i, let $v_j$$v_j$v_(j)v_{j} be the value Lieutenant $i$$i$ii received from Lieutenant $j$$j$jj in step (2) (using Algorithm $\mathrm{OM}(m-1)$$\mathrm{OM}(m-1)$OM(m-1)\mathrm{OM}(m-1) ), or else RETREAT if he received no such value. Lieutenant $i$$i$ii uses the value majority $(v_1,\dots ,v_{n-1})$$\left(v_1,\dots ,v_{n-1}\right)$(v_(1),dots,v_(n-1))\left(v_{1}, \ldots, v_{n-1}\right).
(3) 对于每个 $i$$i$ii 和每个 $j\ne i$$j\ne i$j!=ij \neq i ，令 $v_j$$v_j$v_(j)v_{j} 为中尉 $i$$i$ii 在步骤（2）中从中尉 $j$$j$jj 处获得的值（使用算法 $\mathrm{OM}(m-1)$$\mathrm{OM}(m-1)$OM(m-1)\mathrm{OM}(m-1) ），如果未收到此类值，则为撤退（RETREAT）。中尉 $i$$i$ii 使用值多数 $(v_1,\dots ,v_{n-1})$$\left(v_1,\dots ,v_{n-1}\right)$(v_(1),dots,v_(n-1))\left(v_{1}, \ldots, v_{n-1}\right) 。
To understand how this algorithm works, we consider the case $m=1,n=4$$m=1,n=4$m=1,n=4m=1, n=4. Figure 3 illustrates the messages received by Lieutenant 2 when the commander sends the value $v$$v$vv and Lieutenant 3 is a traitor. In the first step of $\mathrm{OM}(1)$$\mathrm{OM}(1)$OM(1)\mathrm{OM}(1), the commander sends $v$$v$vv to all three lieutenants. In the second step, Lieutenant 1 sends the value $v$$v$vv to Lieutenant 2, using the trivial algorithm $\mathrm{OM}(0)$$\mathrm{OM}(0)$OM(0)\mathrm{OM}(0). Also in the second step, the traitorous Lieutenant 3 sends Lieutenant 2 some other value $x$$x$xx. In step 3, Lieutenant 2 then has $v_1=v_2=v$$v_1=v_2=v$v_(1)=v_(2)=vv_{1}=v_{2}=v and $v_3=x$$v_3=x$v_(3)=xv_{3}=x, so he obtains the correct value $v=$$v=$v=v= majority $(v,v,x)$$(v,v,x)$(v,v,x)(v, v, x).
为了理解该算法的工作原理，我们考虑情况 $m=1,n=4$$m=1,n=4$m=1,n=4m=1, n=4 。图 3 展示了当指挥官发送值 $v$$v$vv 且中尉 3 为叛徒时，中尉 2 收到的消息。在 $\mathrm{OM}(1)$$\mathrm{OM}(1)$OM(1)\mathrm{OM}(1) 的第一步，指挥官向所有三名中尉发送 $v$$v$vv 。在第二步，中尉 1 使用简单算法 $\mathrm{OM}(0)$$\mathrm{OM}(0)$OM(0)\mathrm{OM}(0) 向中尉 2 发送值 $v$$v$vv 。同样在第二步，叛徒中尉 3 向中尉 2 发送了另一个值 $x$$x$xx 。在第三步，中尉 2 拥有 $v_1=v_2=v$$v_1=v_2=v$v_(1)=v_(2)=vv_{1}=v_{2}=v 和 $v_3=x$$v_3=x$v_(3)=xv_{3}=x ，因此他获得了正确的值多数 $v=$$v=$v=v= 。

Next, we see what happens if the commander is a traitor. Figure 4 shows the values received by the lieutenants if a traitorous commander sends three arbitrary values $x,y$$x,y$x,yx, y, and $z$$z$zz to the three lieutenants. Each lieutenant obtains $v_1=x,v_2=y$$v_1=x,v_2=y$v_(1)=x,v_(2)=yv_{1}=x, v_{2}=y, and $v_3=z$$v_3=z$v_(3)=zv_{3}=z, so they all obtain the same value majority $(x,y,z)$$(x,y,z)$(x,y,z)(x, y, z) in step (3), regardless of whether or not any of the three values $x,y$$x,y$x,yx, y, and $z$$z$zz are equal.
接下来，我们来看如果指挥官是叛徒会发生什么。图 4 显示了如果叛徒指挥官向三名中尉发送三个任意值 $x,y$$x,y$x,yx, y 、 $z$$z$zz 和 $v_1=x,v_2=y$$v_1=x,v_2=y$v_(1)=x,v_(2)=yv_{1}=x, v_{2}=y ，中尉们收到的值。每个中尉获得 $v_3=z$$v_3=z$v_(3)=zv_{3}=z 和 $(x,y,z)$$(x,y,z)$(x,y,z)(x, y, z) ，因此他们在步骤（3）中都获得相同的值多数 $x,y$$x,y$x,yx, y ，无论这三个值 $z$$z$zz 、{7} 和 {8} 是否相等。

The recursive algorithm $\mathrm{OM}(m)$$\mathrm{OM}(m)$OM(m)\mathrm{OM}(m) invokes $n-1$$n-1$n-1n-1 separate executions of the algorithm $\mathrm{OM}(m-1)$$\mathrm{OM}(m-1)$OM(m-1)\mathrm{OM}(m-1), each of which invokes $n-2$$n-2$n-2n-2 executions of $\mathrm{OM}(m-2)$$\mathrm{OM}(m-2)$OM(m-2)\mathrm{OM}(m-2), etc. This means that, for $m>1$$m>1$m > 1m>1, a lieutenant sends many separate messages to each other lieutenant. There must be some way to distinguish among these different messages. The reader can verify that all ambiguity is removed if each lieutenant $i$$i$ii prefixes the number $i$$i$ii to the value $v_i$$v_i$v_(i)v_{i} that he sends in step (2). As the recursion “unfolds,” the algorithm $\mathrm{OM}(m-k)$$\mathrm{OM}(m-k)$OM(m-k)\mathrm{OM}(m-k) will be called $(n-1)\cdots (n-k)$$(n-1)\cdots (n-k)$(n-1)cdots(n-k)(n-1) \cdots(n-k) times to send a value prefixed by a sequence of $k$$k$kk lieutenants’ numbers.
递归算法 $\mathrm{OM}(m)$$\mathrm{OM}(m)$OM(m)\mathrm{OM}(m) 调用 $n-1$$n-1$n-1n-1 次独立的算法 $\mathrm{OM}(m-1)$$\mathrm{OM}(m-1)$OM(m-1)\mathrm{OM}(m-1) 执行，每次执行又调用 $n-2$$n-2$n-2n-2 次 $\mathrm{OM}(m-2)$$\mathrm{OM}(m-2)$OM(m-2)\mathrm{OM}(m-2) ，依此类推。这意味着，对于 $m>1$$m>1$m > 1m>1 ，一名中尉会向每个其他中尉发送许多独立的消息。必须有某种方法来区分这些不同的消息。读者可以验证，如果每个中尉 $i$$i$ii 在他在步骤(2)中发送的值 $v_i$$v_i$v_(i)v_{i} 前加上数字 $i$$i$ii 作为前缀，所有歧义都将被消除。随着递归“展开”，算法 $\mathrm{OM}(m-k)$$\mathrm{OM}(m-k)$OM(m-k)\mathrm{OM}(m-k) 将被调用 $(n-1)\cdots (n-k)$$(n-1)\cdots (n-k)$(n-1)cdots(n-k)(n-1) \cdots(n-k) 次，以发送一个由 $k$$k$kk 个中尉编号序列作为前缀的值。

Fig. 4. Algorithm $\mathrm{OM}(1)$$\mathrm{OM}(1)$OM(1)\mathrm{OM}(1); the commander a traitor.
图 4. 算法 $\mathrm{OM}(1)$$\mathrm{OM}(1)$OM(1)\mathrm{OM}(1) ；指挥官是叛徒。
Fig. 3. Algorithm OM(1); Lieutenant 3 a traitor.
图 3. 算法 OM(1)；中尉 3 是叛徒。

To prove the correctness of the algorithm $\mathrm{OM}(m)$$\mathrm{OM}(m)$OM(m)\mathrm{OM}(m) for arbitrary $m$$m$mm, we first prove the following lemma.
为了证明算法 $\mathrm{OM}(m)$$\mathrm{OM}(m)$OM(m)\mathrm{OM}(m) 对任意 $m$$m$mm 的正确性，我们首先证明以下引理。

Lemma 1. For any $m$$m$mm and $k$$k$kk, Algorithm $OM(m)$$OM(m)$OM(m)O M(m) satisfies IC2 if there are more than $2k+m$$2k+m$2k+m2 k+m generals and at most $k$$k$kk traitors.
引理 1。对于任意的 $m$$m$mm 和 $k$$k$kk ，如果将军人数超过 $2k+m$$2k+m$2k+m2 k+m 且叛徒人数不超过 $k$$k$kk ，算法 $OM(m)$$OM(m)$OM(m)O M(m) 满足 IC2。

Proof. The proof is by induction on $m$$m$mm. IC2 only specifies what must happen if the commander is loyal. Using A1, it is easy to see that the trivial algorithm $\mathrm{OM}(0)$$\mathrm{OM}(0)$OM(0)\mathrm{OM}(0) works if the commander is loyal, so the lemma is true for $m=0$$m=0$m=0m=0. We now assume it is true for $m-1,m>0$$m-1,m>0$m-1,m > 0m-1, m>0, and prove it for $m$$m$mm.
证明。证明通过对 $m$$m$mm 进行归纳。IC2 仅规定了指挥官忠诚时必须发生的情况。利用 A1，可以很容易看出当指挥官忠诚时，简单算法 $\mathrm{OM}(0)$$\mathrm{OM}(0)$OM(0)\mathrm{OM}(0) 是有效的，因此该引理对 $m=0$$m=0$m=0m=0 成立。现在假设其对 $m-1,m>0$$m-1,m>0$m-1,m > 0m-1, m>0 成立，并证明其对 $m$$m$mm 也成立。

In step (1), the loyal commander sends a value $v$$v$vv to all $n-1$$n-1$n-1n-1 lieutenants. In step (2), each loyal lieutenant applies $\mathrm{OM}(m-1)$$\mathrm{OM}(m-1)$OM(m-1)\mathrm{OM}(m-1) with $n-1$$n-1$n-1n-1 generals. Since by hypothesis $n>2k+m$$n>2k+m$n > 2k+mn>2 k+m, we have $n-1>2k+(m-1)$$n-1>2k+(m-1)$n-1 > 2k+(m-1)n-1>2 k+(m-1), so we can apply the induction hypothesis to conclude that every loyal lieutenant gets $v_j=v$$v_j=v$v_(j)=vv_{j}=v for each loyal Lieutenant $j$$j$jj. Since there are at most $k$$k$kk traitors, and $n-1>2k+(m-1)$$n-1>2k+(m-1)$n-1 > 2k+(m-1)n-1>2 k+(m-1) $\ge 2k$$\ge 2k$>= 2k\geq 2 k, a majority of the $n-1$$n-1$n-1n-1 lieutenants are loyal. Hence, each loyal lieutenant has $v_i=v$$v_i=v$v_(i)=vv_{i}=v for a majority of the $n-1$$n-1$n-1n-1 values $i$$i$ii, so he obtains majority $(v_1,\dots$$\left(v_1,\dots \right.$(v_(1),dots:}\left(v_{1}, \ldots\right., $v_{n-1}$$v_{n-1}$v_(n-1)v_{n-1} ) $=v$$=v$=v=v in step (3), proving IC2.
在步骤（1）中，忠诚的指挥官向所有 $n-1$$n-1$n-1n-1 名中尉发送值 $v$$v$vv 。在步骤（2）中，每个忠诚的中尉对 $n-1$$n-1$n-1n-1 名将军应用 $\mathrm{OM}(m-1)$$\mathrm{OM}(m-1)$OM(m-1)\mathrm{OM}(m-1) 。由于假设 $n>2k+m$$n>2k+m$n > 2k+mn>2 k+m ，我们有 $n-1>2k+(m-1)$$n-1>2k+(m-1)$n-1 > 2k+(m-1)n-1>2 k+(m-1) ，因此可以应用归纳假设得出每个忠诚的中尉对每个忠诚的中尉 $j$$j$jj 都获得了 $v_j=v$$v_j=v$v_(j)=vv_{j}=v 。由于叛徒最多有 $k$$k$kk 名，且 $n-1>2k+(m-1)$$n-1>2k+(m-1)$n-1 > 2k+(m-1)n-1>2 k+(m-1) $\ge 2k$$\ge 2k$>= 2k\geq 2 k ，大多数 $n-1$$n-1$n-1n-1 名中尉是忠诚的。因此，每个忠诚的中尉对大多数 $n-1$$n-1$n-1n-1 个值 $i$$i$ii 拥有 $v_i=v$$v_i=v$v_(i)=vv_{i}=v ，所以他在步骤（3）中获得了多数 $(v_1,\dots$$\left(v_1,\dots \right.$(v_(1),dots:}\left(v_{1}, \ldots\right. ， $v_{n-1}$$v_{n-1}$v_(n-1)v_{n-1} ） $=v$$=v$=v=v ，从而证明了 IC2。

The following theorem asserts that Algorithm $\mathrm{OM}(m)$$\mathrm{OM}(m)$OM(m)\mathrm{OM}(m) solves the Byzantine Generals Problem.
下述定理断言算法 $\mathrm{OM}(m)$$\mathrm{OM}(m)$OM(m)\mathrm{OM}(m) 解决了拜占庭将军问题。

Theorem 1. For any m, Algorithm OM(m) satisfies conditions IC1 and IC2 if there are more than $3m$$3m$3m3 m generals and at most $m$$m$mm traitors.
定理 1. 对于任意的 m，如果将军人数超过 $3m$$3m$3m3 m 且叛徒人数不超过 $m$$m$mm ，算法 OM(m)满足条件 IC1 和 IC2。

Proof. The proof is by induction on $m$$m$mm. If there are no traitors, then it is easy to see that $\mathrm{OM}(0)$$\mathrm{OM}(0)$OM(0)\mathrm{OM}(0) satisfies IC1 and IC2. We therefore assume that the theorem is true for $\mathrm{OM}(m-1)$$\mathrm{OM}(m-1)$OM(m-1)\mathrm{OM}(m-1) and prove it for $\mathrm{OM}(m),m>0$$\mathrm{OM}(m),m>0$OM(m),m > 0\mathrm{OM}(m), m>0.
证明. 证明通过对 $m$$m$mm 进行归纳完成。如果没有叛徒，那么很容易看出 $\mathrm{OM}(0)$$\mathrm{OM}(0)$OM(0)\mathrm{OM}(0) 满足 IC1 和 IC2。因此，我们假设定理对 $\mathrm{OM}(m-1)$$\mathrm{OM}(m-1)$OM(m-1)\mathrm{OM}(m-1) 成立，并证明其对 $\mathrm{OM}(m),m>0$$\mathrm{OM}(m),m>0$OM(m),m > 0\mathrm{OM}(m), m>0 也成立。