1 Introduction
This paper considers the problem of achieving exact Byzantine consensus in a synchronous system under a localbroadcast communication model. The nodes communicate with each other via messagepassing. The communication network is modeled as an undirected graph, with each vertex representing a node in the system. Under the localbroadcast communication model, when any node transmits a message, all its neighbors in the communication graph receive the message reliably. This communication model is motivated by wireless networks. For instance, in the communication graph in Figure 1, node 1 has neighbors 2 and 3, whereas node 2 has neighbors 1, 4 and 5. Thus, when node 1 transmits a message, the message is received by both its neighbors, namely 2 and 3. Similarly, when node 2 transmits a message, it is received by its neighbors 1, 4 and 5.
In this brief announcement, we present necessary and sufficient conditions on the underlying communication graph to achieve exact Byzantine consensus under the localbroadcast communication model.
2 Related Work
Under the classical pointtopoint network model, and vertex connectivity are both necessary and sufficient conditions for Byzantine consensus on undirected graphs [2, 3]. Closest to our contributions is the work on consensus using partial broadcast channels that help achieve various forms of “nonequivocation” [9, 4, 6]. Intuitively, nonequivocation prevents a node from transmitting inconsistent messages. Prior work has considered various constraints on equivocation, however, surprisingly, the localbroadcast model considered in this paper does not seem to have been addressed yet. In a completely connected graph, a broadcast channel ensures that a node cannot send inconsistent messages to any pair of nodes, and it is easy to see that nodes suffice to tolerate Byzantine faults. [9] consider networks modeled as a uniform hypergraph. In this setting, each transmission is viewed as occurring on one of the hyperedges, and the nodes belonging to the hyperedge receive the message reliably. Motivated by the work in [9], [4] obtained further results on networks with 3uniform hypergraphs.[6] studies the problem of iterative approximate Byzantine consensus using 3hyperedges in which one of nodes in each hyperedge is identified as the unique sender.
For the localbroadcast communication model, [5, 1, 8] consider the problem of reliable broadcast. Although their communication model is analogous to this paper, we consider Byzantine consensus, whereas this prior work considers reliable broadcast. It turns out that the network requirements for these two problems are quite different.
Another related line of research considers approximate Byzantine consensus algorithms with a restrictive computation structure. In particular, each node maintains a realvalued state, and in each iteration of the algorithm, a node computes its new state as a weighted linear combination of its previous state and its neighbors’ state. For this class of iterative approximate consensus algorithms, necessary and sufficient conditions under the localbroadcast model have been identified [10]. These conditions are distinct from those obtained in our work, since we do not constrain the algorithm structure; additionally, we consider exact consensus.
3 System Model
represents the communication graph. Each vertex represents node , and edge if and only if nodes and can receive each other’s message transmissions. The system is synchronous. The localbroadcast communication model is assumed. Thus, a transmission by any node is received reliably (and identically) by all the nodes in the set . It is assumed that when a node receives a message, it can correctly identify the neighbor that sent the message.
Each node has a binary input, i.e., the input is in . Up to of the nodes may be Byzantine faulty. A faulty node is assumed to have complete knowledge of the states of all the nodes, the algorithm, and the communication graph. A correct algorithm for Byzantine consensus must satisfy the following conditions:

Agreement: All nonfaulty nodes decide on an identical value.

Validity: If input of all the nonfaulty nodes equals , then nonfaulty nodes decide .

Termination: The algorithm terminates after a bounded duration of time.
Figure 1: Example graph Figure 2: Detecting message tampering
4 Our Results
Before presenting the results, we illustrate a benefit of the localbroadcast model. As an example, consider the illustration in Figure 2, where we assume that node B is Byzantine faulty, and other nodes are nonfaulty. In the figure, solid lines show edges between nodes, and directed dotted lines show the messages being transmitted. As shown in Figure 2, node A transmits message to node B, and then expects B to forward to node C. However, node B tampers the message before forwarding to C. Instead of , node B forwards message . Due to the localbroadcast property, node A will also receive , and learn that node B is faulty. Subsequently, node A sends a message to node E along path ADE claiming that node B is faulty^{1}^{1}1Some messages have been omitted from the figure for brevity.. If the path travelled by the message is also included in the message, then node E can now infer that at least one of the nodes on the path DAB must be faulty. Such inferences under the localbroadcast model can be shown to reduce the requirements on the communication graph, compared to the classical pointtopoint communication model. In particular, we have obtained the following results [7].
Theorem 4.1 (Necessary Conditions).
Under the localbroadcast model, Byzantine consensus is impossible with up to Byzantine faults () if either condition below holds true:

Minimum degree of is less than , or

Vertex connectivity of is at most .
Theorem 4.2 (Sufficient Conditions).
Under the localbroadcast model, Byzantine consensus can be achieved with up to Byzantine faults () if the vertex connectivity of is at least .
The sufficient condition above is proved constructively by providing a correct Byzantine consensus algorithm [7]. A simpler algorithm for connectivity is given in Appendix A. There is a gap between the necessary and sufficient conditions in Theorems 4.1 and 4.2, due the different thresholds on vertex connectivity. The following result suggests that it may be possible to significantly tighten the sufficient condition in Theorem 4.2.
Theorem 4.3.
There exists a graph with vertex connectivity on which Byzantine consensus with up to Byzantine faults is achievable under the localbroadcast model.
References
 [1] V. Bhandari and N. H. Vaidya. On reliable broadcast in a radio network. In ACM Symposium on Principles of Distributed Computing (PODC), 2005.
 [2] D. Dolev. The Byzantine generals strike again. Journal of algorithms, 3(1):14–30, 1982.
 [3] M. J. Fischer, N. A. Lynch, and M. Merritt. Easy impossibility proofs for distributed consensus problems. Distributed Computing, 1(1):26–39, 1986.
 [4] A. Jaffe, T. Moscibroda, and S. Sen. On the price of equivocation in byzantine agreement. In Proceedings of the 2012 ACM symposium on Principles of distributed computing, pages 309–318. ACM, 2012.
 [5] C.Y. Koo, V. Bhandari, J. Katz, and N. H. Vaidya. Reliable broadcast in radio networks: The bounded collision case. In Proceedings of the twentyfifth annual ACM symposium on Principles of distributed computing, pages 258–264. ACM, 2006.
 [6] C. Li, M. Hurfin, Y. Wang, and L. Yu. Towards a restrained use of nonequivocation for achieving iterative approximate Byzantine consensus. In Parallel and Distributed Processing Symposium, 2016 IEEE International, pages 710–719. IEEE, 2016.
 [7] S. S. Naqvi. Exact Byzantine consensus under localbroadcast channels, University of Illinois at UrbanaChampaign, M.S. Thesis (Advisor: Nitin Vaidya), 2018.
 [8] A. Pelc and D. Peleg. Broadcasting with locally bounded byzantine faults. Information Processing Letters, 93(3):109–115, 2005.
 [9] D. Ravikant, V. Muthuramakrishnan, V. Srikanth, K. Srinathan, and C. P. Rangan. On Byzantine agreement over (2, 3)uniform hypergraphs. In International Symposium on Distributed Computing, pages 450–464. Springer, 2004.
 [10] H. Zhang and S. Sundaram. Robustness of information diffusion algorithms to locally bounded adversaries. In American Control Conference (ACC), 2012.
Appendix A Algorithm for Connectivity ()
Definition A.1.
For two nodes , reliably receives a message sent by if

[topsep=0pt, itemsep=0pt]

,

is a neighbor of , or

receives the message identically on at least node disjoint paths.
Observe that if a node sends a message , then any node can not reliably receive a message from other than .
For simplicity, fix node disjoint paths for each pair of nodes. We say that a nonfaulty node is a type A node if it knows the identity of all faulty nodes. Every other nonfaulty node is a type B node. Initially, all nonfaulty nodes are type B nodes. As the algorithm is run, some nonfaulty nodes will discover the identity of faulty nodes and transition to type A nodes. We show that by the end of the algorithm, all type A nodes have reached consensus on the output. Since type B nodes know the identity of all faulty nodes, they can ignore messages from paths with faulty nodes (faulty paths) and receive the correct decision value of type A nodes.
The algorithm proceeds in 3 rounds. In round 1, each node sends its input value to the entire network (i.e. “floods” its input value). As all the communication is synchronous, can wait for synchronous time steps to ensure that the input value is propagated to each node in the graph. Since the communication is via broadcast, all nonfaulty neighbors of reliably receive the same value from in round 1, even if is faulty. Therefore, we assume that the input value of a faulty node is the value it floods in the first round. In round 2, for each node , its neighbors report on the messages propagated in round 1. As before, after synchronous time steps, this information has been propagated to the entire network. Again, due to the broadcast model, each neighbor of knows the exact messages propagated by in round . These messages help identify faulty nodes if they exhibit faulty behaviour (i.e. tamper with messages). The details are in the proof of Lemma A.2. In round 3, type B nodes reach consensus and inform the type A nodes on the decision. If no type B nodes exist, then type A nodes decide by themselves.
The algorithm is as follows.

[label=Round 0:,topsep=0pt, itemsep=0pt]

(Flood) Each node floods its input value.

(Report) For each node , its neighbors report on the messages propagated by in round 1. At the end, each node , attempts to discover the faulty nodes (details in proof of Lemma A.2).

(Decide) Fix an arbitrary nonfaulty node . If is a type B node, then it decides from the input values it received reliably in round 1, by taking the majority, and then floods the decision value. If is a type A node, then it waits for a decision value from a nonfaulty (type B) node. If a decision value is received from a nonfaulty (type B) node, then decides on this value. Otherwise, decides from the input values of all nonfaulty nodes by taking the majority.
Lemma A.2.
Message sent by a faulty node is received reliably by every node.
Proof: Let be an arbitrary faulty node and let be an arbitrary node in the graph. If or is a neighbor of , then the claim is trivially true from Definition A.1. Otherwise, there exist node disjoint paths from to as the graph is connected. Since is faulty, only of these paths can have faulty nodes. Moreover, due to the broadcast model, sends the same message on all the node disjoint paths. Therefore receives identical messages from the remaining node disjoint paths that do not have a faulty node.
Lemma A.3.
Let and be distinct nodes. In round 1, if reliably receives an input value of some node and does not, then knows the identity of faulty nodes after round .
Proof: Fix a node with input . Observe that, by Lemma A.2, is a nonfaulty node since did not receive from reliably in round 1. Note also that reliably receives from in round 1. Let be the node disjoint paths. Since did not reliably receive from in round 1, therefore exactly of these paths have faulty nodes. WLOG let these paths be . By Lemma A.2, after round 2, reliably receives that some nodes on forwarded in round 1. For each path, sets the first such node to be faulty.
To see why this assignment is correct, consider an arbitrary path in . WLOG let this path be . Let be the faulty node in that tampers the message. Observe that each of has exactly one faulty node that tampers the message. In round 2, by Lemma A.2, reliably receives that forwarded in round 1. Moreover, let be an arbitrary node in before . Then is nonfaulty and forwarded in round 1. Therefore, in round 2, can not reliably receive that forwarded in round 1.
Lemma A.4 (Agreement).
All type B nodes reliably receive the same set of input values in round 1.
Proof: Suppose, for the sake of contradiction, that two nodes and are type B nodes and there exists a node such that reliably receives the input of and does not. Then, by Lemma A.3, knows the identity of faulty nodes after round 2. Therefore, must be a type A node, a contradiction.
Lemma A.5 (Validity).
Each node reliably receives input values of at least other nodes.
Proof: Since the graph is connected, therefore each node has at least neighbors. By Definition A.1 each node reliably receives input from these nodes.
Theorem A.6.
The algorithm given above achieves Byzantine consensus with up to Byzantine faults () if the vertex connectivity of is at least .
Proof: The termination follows from the construction of the algorithm. For validity and agreement, there are two cases to consider.
There is at least one type B node: For agreement, note that by Lemma A.4 all type B nodes receive the same input values and therefore decide on the same value by taking the majority. Type A nodes know the identity of all () faulty nodes and so they can ignore messages on paths with faulty nodes. So we only need one nonfaulty path between a type A node and a type B node. Since there are at least node disjoint paths without any faulty nodes between any two nodes, therefore in round 3 each type A node correctly receives a message from a type B node about the final decision and decides on the same value. For validity, note that by Lemma A.5 each type B node is aware of input values of at least nodes (including its own). If the input of all nonfaulty nodes equals , then by taking the majority a type B node will decide on .
There are no type B nodes: Let be an arbitrary nonfaulty node. Since there are no type B nodes, is a type A node that does not receive any decision value from any type B node in round 3. Since knows the identity of faulty nodes, can check messages received from nonfaulty nodes in round 1 and ignore messages from any path that contains a faulty node. Therefore, knows the input values of all nonfaulty nodes. For agreement, observe that all nonfaulty nodes are type A and each nonfaulty node decides on the same decision value by taking the majority of the input values of nonfaulty nodes. For validity, observe that all nonfaulty nodes only consider the input values of nonfaulty nodes.
Appendix B Alternate characterization of the Necessity Condition
Consider an undirected graph . For a set , define . For two disjoint sets , define if . For a set , is an partition of if

[topsep=0pt, itemsep=0pt]

is a partition of ,

is nonempty, and

is nonempty.
is good if for every set of cardinality at most , every partition of is such that

[topsep=0pt, itemsep=0pt]

either ,

or .
Lemma B.1.
If a graph is connected, then it is good.
Proof: Since is connected so it is of size . We show the contrapositive that if a graph of size is not good, then it has connectivity less than . Since is not good, there exists a set of cardinality at most and an partition of such that

[topsep=0pt, itemsep=0pt]

, and

.
There are three cases to consider:

and .
We have that , a contradiction. 
and . Since , we have that is nonempty. Also, since is nonempty and , we have that . Now has neighbors (outside of ) in either or . Furthermore, we have that both and are nonempty. Therefore, removing and disconnects from . To see that less than nodes have been removed, observe that (since ) and .

and . Since and , we have that both and are nonempty. WLOG we assume that so that . Now has neighbors (outside of ) in either or . Furthermore, we have that both and are nonempty. Therefore, removing and disconnects from . To see that at most nodes have been removed, observe that (since ) and for a total of at most nodes.
Lemma B.2.
If a graph is good, then it is connected.
Proof: We show that contrapositive that if a graph is not connected, then it is not good. Since has connectivity less than , there exists a vertex cut of size at most that separates two sets . We create a set and a corresponding partition that violates the conditions for good to show that is not good. Partition the cut into roughly equal parts so that , , and . Let so that . We create an partition as follows. Let , , and . Observe that is indeed a partition of and and are nonempty. Now we have that and . Therefore is nonempty and is nonempty. Thus is indeed an partition. Now observe that has cardinality at most . Similarly has cardinality at most . Therefore we conclude that

[topsep=0pt, itemsep=0pt]

, and

.
This completes the proof that is not good.
Lemma B.3.
If a graph is good, then each node in has degree at least .
Proof: First note that if is of size , then cannot be good (partition the graph into two parts and of roughly equal size with ). Therefore we assume that . We show the contrapositive that if there exists a node in of degree less than , then is not good. Suppose has degree strictly less than . We create a set and a corresponding partition that violates the conditions for good to show that is not good. Let be arbitrary neighbors of or the set if has less than neighbors. Let , , and . Then is indeed a partition of , is nonempty, and is nonempty since it has at least nodes (since , , and ). We show that

[topsep=0pt, itemsep=0pt]

, and

.
Now has at most neighbors in by construction. Also so that can not have more than neighbors in .
Lemma B.4.
If a graph is connected and every node has degree at least , then it is good.
Proof: We show the contrapositive that if a graph is not good, then either it has connectivity at most or there exists a node in of degree strictly less than . Since is not good, there exists a set of cardinality at most and an partition of such that

[topsep=0pt, itemsep=0pt]

, and

.
There are three cases to consider:

[topsep=0pt, itemsep=0pt]

and .
We have that . Therefore, all nodes in have degree at most . 
and . Consider a node (recall that is nonempty). We show that has degree strictly less than . Now has neighbors either in or in . Observe that so that has strictly less than neighbors in . Also since . Therefore has at most neighbors in . Thus , as required.

and . Since and , we have that both and are nonempty. WLOG we assume that so that . Now has either neighbors in or in . Furthermore, we have that both and are nonempty. Therefore, removing and disconnects from . To see that at most nodes have been removed, observe that (since ) and for a total of at most nodes.
This completes the proof that has either connectivity less than or a node of degree less than .
Theorem B.5.
A graph is good if and only if it is connected and every node has degree at least .
Comments
There are no comments yet.