What Is BFT (Byzantine Fault Tolerance)?

Byzantine fault tolerance is the ability of a distributed system to keep operating when some nodes behave arbitrarily. This post explains PBFT, how modern blockchains use BFT-derived consensus, and why the mechanism requires a bounded validator set.
Lewis Jackson
CEO and Founder

Byzantine fault tolerance is the property of a distributed system that allows it to reach agreement even when some participants behave arbitrarily — sending false information, going silent at inconvenient moments, or actively trying to subvert the process.

The name comes from the Byzantine Generals Problem, a theoretical framing from Lamport, Shostak, and Pease (1982) that modeled distributed coordination under adversarial conditions. But BFT, as used in computer science, is a specification: a system is Byzantine fault tolerant if it can guarantee correct operation despite up to f Byzantine-faulty nodes out of 3f+1 total participants. The theory established the problem; BFT is the family of implementations that solve it.

The distinction matters because it's easy to conflate the problem with the solutions. The Byzantine Generals Problem is the proof that the challenge exists and defines the threshold. Byzantine fault-tolerant algorithms are the protocols engineers build to stay below that threshold.

How BFT Algorithms Work

The foundational practical algorithm is PBFT — Practical Byzantine Fault Tolerance — published by Miguel Castro and Barbara Liskov in 1999. Before PBFT, Byzantine fault tolerance was largely theoretical. Castro and Liskov showed it was implementable with acceptable performance in real distributed systems.

PBFT works through three phases of message exchange. When a client sends a request to the network, the following sequence runs before any node commits a result:

Pre-prepare: A designated leader (called the primary) broadcasts the client's request with a sequence number.

Prepare: All nodes broadcast that they've seen the primary's proposal. A node enters the prepared state once it has seen 2f+1 matching prepare messages from distinct nodes.

Commit: Nodes broadcast that they've reached the prepared state. Once a node collects 2f+1 commit messages, it executes the request and responds to the client.

The math works out such that even with f Byzantine nodes sending contradictory messages, the 2f+1 honest nodes can always produce a consistent result. This is the formal guarantee PBFT provides.

The structural cost is communication complexity. At each phase, every node sends a message to every other node. With 100 validators, that's roughly 10,000 messages per consensus round. With 1,000, roughly 1 million. This O(n2) scaling is why classical PBFT doesn't extend to large, open validator sets — it breaks down well before the hundreds of thousands of participants a permissionless network might attract.

Variants Built on PBFT

Tendermint — the consensus engine used across the Cosmos ecosystem — is a BFT-derived protocol adapted for blockchain block times. It retains the core structure (two phases of voting, supermajority quorums, deterministic finality) but optimizes message passing and adds explicit timeout handling for liveness. Each block requires a quorum of two-thirds of validators by stake. Once committed, blocks in Tendermint are final — there's no probabilistic accumulation over time, just a clean commit or no commit.

HotStuff, published in 2018 by researchers at VMware, reduced BFT communication complexity to O(n) per round by using threshold signatures and a chained structure where each round implicitly confirms the previous. Its ideas appear in the consensus protocols behind Aptos and Sui.

Ethereum's finality mechanism — Casper FFG — is BFT-inspired, not strictly PBFT. Checkpoint epochs are finalized when two-thirds of validators by stake submit matching votes. This doesn't follow PBFT's multi-phase round structure, but it shares the core BFT property: a finalized checkpoint holds as long as fewer than one-third of validators are Byzantine.

Where the Constraint Lives

Every BFT system requires a bounded, known participant set. The f out of 3f+1 guarantee counts actual participants — the math assumes you know who's in the room. Open participation breaks this: an attacker in a system without identity controls could create unlimited Sybil identities, each counting as a node, making f effectively unbounded.

This is the structural reason BFT algorithms couldn't solve Bitcoin's problem directly. There was no mechanism to identify and bound participants in a permissionless network. Nakamoto Consensus solved that differently, replacing identity with computational cost as the Sybil-resistance mechanism — but that's a distinct design with its own tradeoffs.

The validator sets on BFT-based blockchains today reflect this constraint directly. Cosmos chains often cap active validators at 100 to 175. BNB Chain uses a rotating set of 21 to 50. The limit isn't arbitrary; it's an engineering decision that keeps message complexity within manageable bounds.

What's Changing

The active development frontier is scaling BFT-style consensus without sacrificing deterministic finality.

Ethereum's committee-based approach samples a random subset of validators per slot rather than involving all 1+ million active validators. This brings per-slot communication complexity to manageable levels — at the cost of weaker per-block guarantees than full PBFT would provide. The checkpoint finality every two epochs (~12.8 minutes) is where full BFT-style finality kicks in.

Single Slot Finality (SSF) research aims to restore deterministic finality per 12-second slot without requiring every validator to message every other. BLS signature aggregation — already used for Ethereum attestations — is one path to this; aggregating thousands of signatures into one reduces the per-round message load significantly. A viable SSF spec compatible with Ethereum's validator count remains an open problem as of mid-2026.

Confirmation signals: SSF research producing a viable specification at current validator counts. BFT chains sustaining operation without reaching the one-third-Byzantine threshold under adversarial conditions. O(n) BFT designs reaching production without security degradation.

Invalidation signals: A BFT blockchain finalizing a block later reversed — that would break the deterministic finality property the entire model relies on. A Byzantine coordination attack reaching one-third of a major validator set. SSF formally demonstrated infeasible at Ethereum's current scale.

Timing: Now — BFT-style finality is live on Cosmos, BNB Chain, and Ethereum's finality layer; deterministic per-epoch finality on Ethereum has held without incident since the Merge. Next — SSF research active, threshold signature optimization ongoing. Later — full stateless BFT for fully permissionless networks remains an unsolved research problem.

Boundary: This covers the BFT property, PBFT, and where BFT-derived consensus appears in production blockchains. It doesn't address the Byzantine Generals Problem in depth — that's a separate post — and it doesn't cover Nakamoto Consensus, which solves the permissionless version of the same problem through a different mechanism.

Related Posts

See All
Crypto Research
New XRP-Focused Research Defining the “Velocity Threshold” for Global Settlement and Liquidity
A lot of people looking at my recent research have asked the same question: “Surely Ripple already understands all of this. So what does that mean for XRP?” That question is completely valid — and it turns out it’s the right question to ask. This research breaks down why XRP is unlikely to be the internal settlement asset of CBDC shared ledgers or unified bank platforms, and why that doesn’t mean XRP is irrelevant. Instead, it explains where XRP realistically fits in the system banks are actually building: at the seams, where different rulebooks, platforms, and networks still need to connect. Using liquidity math, system design, and real-world settlement mechanics, this piece explains: why most value settles inside venues, not through bridges why XRP’s role is narrower but more precise than most narratives suggest how velocity (refresh interval) determines whether XRP creates scarcity or just throughput and why Ripple’s strategy makes more sense once you stop assuming XRP must be “the core of everything” This isn’t a bullish or bearish take — it’s a structural one. If you want to understand XRP beyond hype and price targets, this is the question you need to grapple with.
Read Now
Crypto Research
The Jackson Liquidity Framework - Announcement
Lewis Jackson Ventures announces the release of the Jackson Liquidity Framework — the first quantitative, regulator-aligned model for liquidity sizing in AMM-based settlement systems, CBDC corridors, and tokenised financial infrastructures. Developed using advanced stochastic simulations and grounded in Basel III and PFMI principles, the framework provides a missing methodology for determining how much liquidity prefunded AMM pools actually require under real-world flow conditions.
Read Now
Crypto Research
Banks, Stablecoins, and Tokenized Assets
In Episode 011 of The Macro, crypto analyst Lewis Jackson unpacks a pivotal week in global finance — one marked by record growth in tokenized assets, expanding stablecoin adoption across emerging markets, and major institutions deepening their blockchain commitments. This research brief summarises Jackson’s key findings, from tokenized deposits to institutional RWA chains and AI-driven compliance, and explains how these developments signal a maturing, multi-rail settlement architecture spanning Ethereum, XRPL, stablecoin networks, and new interoperability layers.Taken together, this episode marks a structural shift toward programmable finance, instant settlement, and tokenized real-world assets at global scale.
Read Now

Related Posts

See All
No items found.
Lewsletter

Weekly notes on what I’m seeing

A personal letter I send straight to your inbox —reflections on crypto, wealth, time and life.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.