` 18 D. Mazieres Local state System-widestatusofa uncommitted unknown(any) voted a unknown(any) voted ā unknown(any) accepted a stuck, a-valent, or a agreed confirmeda a agreed Fig. 13. Whatanintactnodeknowsaboutthestatusofstatementa More concretely, Figure 12 depicts the potential status a statement a can have system-wide. Initially, the system is bivalent, by which we mean there is one sequence of possible events through which all intact nodes will accept a, and another sequence through which all intact nodes will reject a (i.e., accept a statement ā contradicting a). At some point, one of these two outcomes may cease to be possible. If no intact node can ever reject a, we say the system is a-valent; conversely, if no intact node can ever accept a, we say the system is ā-valent. At the time an FBAS transitions from bivalent to a-valent, there is a possible out- come in which all intact nodes accept a. However, this might not remain the case. ConsideraPBFT-likefour-nodesystem{v ,…,v }inwhichanythreenodesconstitute 1 4 a quorum. If v and v vote for a, the system becomes a-valent; no three nodes can 1 2 ratify a contradictory statement. However, if v3 and v4 subsequently vote for ā contra- dicting a, it also becomes impossible to ratify a. In this case, a’s state is permanently indeterminate, or stuck. As seen in Figure 10a, even once an intact node accepts a, the system may still fail to reach system-wide agreement on a. However, by Theorem 11, once an intact node confirms a, all intact nodes can eventually come to accept it; hence the system has agreed upon a. Figure 13 summarizes what intact nodes know about the global state of a statement from their own local state. Topreservethepossibilityofconsensus,aprotocolmustensurethateverystatement is either irrefutable, and hence cannot get stuck, or neutralizable, and hence cannot block progress if stuck. There are two popular approaches to crafting neutralizable statements: the view-based approach, pioneered by viewstamped replication [Oki and Liskov 1988] and favored by PBFT [Castro and Liskov 1999]; and the ballot-based ap- proach, invented by Paxos [Lamport 1998]. The ballot-based approach may be harder to understand [Ongaro and Ousterhout 2014]. Compounding confusion, people often call viewstamped replication “Paxos” or assert that the two algorithms are the same whentheyarenot[vanRenesseetal.2014]. View-basedprotocols associate the slots in votes with monotonically increasing view numbers.Shouldconsensusgetstuckontheithslotinviewn,nodesrecoverbyagree- ingthatviewnhadfewerthanimeaningfulslotsandmovingtoahigherviewnumber. Ballot-based protocols associate the values in votes with monotonically increasing bal- lot numbers. Should a ballot get stuck, nodes retry the same slot with a higher ballot, taking care never to select values that would contradict prior stuck ballots. Thisworktakesaballot-basedapproach,asdoingsomakesiteasiertodoawaywith the notion of a distinguished primary node or leader. For example, leader behavior can be emulated [Lamport 2011b]. 6. SCP: A FEDERATEDBYZANTINEAGREEMENTPROTOCOL This section presents the Stellar Consensus Protocol, SCP. At a high level, SCP con- sists of two sub-protocols: a nomination protocol and a ballot protocol. The nomination