The Time Complexity of Consensus Under Oblivious Message Adversaries

Winkler, Kyrill; Paz, Ami; Galeana, Hugo Rincon; Schmid, Stefan; Schmid, Ulrich

doi:10.1007/s00453-024-01209-4

The Time Complexity of Consensus Under Oblivious Message Adversaries

Open access
Published: 13 February 2024

Volume 86, pages 1830–1861, (2024)
Cite this article

Download PDF

You have full access to this open access article

Algorithmica Aims and scope Submit manuscript

The Time Complexity of Consensus Under Oblivious Message Adversaries

Download PDF

Kyrill Winkler¹,
Ami Paz²,
Hugo Rincon Galeana³,
Stefan Schmid⁴ &
…
Ulrich Schmid³

506 Accesses
1 Citation
Explore all metrics

Abstract

We study the problem of solving consensus in synchronous directed dynamic networks, in which communication is controlled by an oblivious message adversary that picks the communication graph to be used in a round from a fixed set of graphs $\textbf{D}$ arbitrarily. In this fundamental model, determining consensus solvability and designing efficient consensus algorithms is surprisingly difficult. Enabled by a decision procedure that is derived from a well-established previous consensus solvability characterization for a given set $\textbf{D}$, we study, for the first time, the time complexity of solving consensus in this model: We provide both upper and lower bounds for this time complexity, and also relate it to the number of iterations required by the decision procedure. Among other results, we find that reaching consensus under an oblivious message adversary can take exponentially longer than both deciding consensus solvability and broadcasting the input value of some unknown process to all other processes.

Valency-Based Consensus Under Message Adversaries Without Limit-Closure

Communication-Efficient Randomized Consensus

Communication-efficient randomized consensus

Article Open access 14 October 2017

Use our pre-submission checklist

Avoid common mistakes on your manuscript.

1 Introduction

Consensus, the task in which multiple processes need to agree on some value, based on local inputs, is a fundamental problem in distributed computing. At the heart of this problem lies the question of whether and how it is possible for the processes to exchange enough information with each other in order to reach agreement, e.g., on a numerical value or on performing a joint action. While deterministic consensus has been studied intensively for several decades, it is still unknown whether and, in particular, how quickly it can be achieved in fundamental models such as the one we study here: synchronous dynamic directed networks controlled by an oblivious message adversary.

The study of such dynamic networks is of both practical and theoretical interest: It is of practical relevance, as the communication topology of many large-scale distributed systems is dynamic (e.g., due to mobility, interference, or failures) and its links are often asymmetric (e.g., in optical or in wireless networks) [1]. It is also of fundamental theoretical interest, as solving consensus in dynamic directed networks is known to be significantly more difficult [2, 3] than solving consensus in dynamic networks with bidirectional links [4].

Focusing on the worst-case perspective, we consider a lock-step synchronous model where a message adversary [5] may drop an arbitrary set of messages sent by some processes in each round. This results in a sequence of directed communication graphs, whose edges indicate which process can successfully send a message to which other process in that round. We specifically consider the fundamental oblivious message adversary model [6] introduced by Coulouma, Godard and Peters, which is specified via a set $\textbf{D}$ of allowed communication graphs from which the message adversary can pick one arbitrarily in each round. Note that this model does not limit the adversary to choose a communication graph based on the previously chosen graphs (e.g., if a message failed on a link in some round, messages may still be sent on this link in successive rounds).

The oblivious message adversary model is appealing because it is conceptually simple and still provides a highly dynamic network model: The set of allowed graphs can be arbitrary, and the nodes that can communicate with one another may vary greatly from one round to the next. It is hence also well-suited for settings where significant transient message loss occurs, such as in wireless networks subject to interference. Furthermore, this model includes as a special case the classic link failure model by Santoro and Widmayer [7], where up to f links may fail in each round: the model is equivalent to a set of allowed graphs which contains all communication graphs where $\le f$ edges are missing.

Interestingly, determining consensus solvability for a given set of graphs $\textbf{D}$ and, in particular, designing a consensus algorithm which succeeds whenever this is possible, is difficult [6]. For example, sometimes, a “weaker adversary”, i.e., an adversary that allows for more communication overall (e.g., supporting a larger set $\textbf{D}$ and failing less links), may render consensus impossible, while it would be possible for a smaller set $\textbf{D}$. However, to the best of our knowledge, nothing is known about the complexity of deciding consensus solvability given $\textbf{D}$, i.e., using a centralized algorithm and, in particular, about the time complexity of distributed consensus in the cases where it is possible.

Contributions: In this paper, we present both a practical decision procedure for consensus solvability, based on the beta-classes introduced in [6], and provide the first study of the consensus time complexity in this model. In more detail:

We provide a centralized decision procedure for determining consensus solvability for a given oblivious message adversary $\textbf{D}$ and bound its complexity. Compared to the beta class criterion proposed in [6], our decision procedure has the advantage of being explicit, simple and early deciding.
We provide both upper and lower bounds for the worst-case time complexity of distributed consensus^{Footnote 1} for oblivious message adversaries. Interestingly, this time complexity may depend not only on the number of processes n and the number of iterations ${{\,\textrm{TD}\,}}$ required by our centralized decision procedure, but sometimes also on the number of connected components in the outcome of the decision procedure after ${{\,\textrm{TD}\,}}$ iterations. Indeed, by means of two deliberately crafted examples of oblivious message adversaries, we show that consensus termination times exponential in n can happen whether or not ${{\,\textrm{TD}\,}}$ is exponential in n. Note that the dependency on the number of connected components could not be inferred from the existing beta class results [6].

Our results also shed an interesting new light on the relationship between distributed consensus and broadcasting: As the input value of some process is known to reach all other processes in linear time under any oblivious message adversary [8,9,10,11], one might be tempted to expect that consensus can also be achieved quickly. Our results show that, quite to the contrary, reaching consensus can take exponential time, even in cases where the decision procedure terminates in only a few iterations.

Paper organization: The remainder of this paper is organized as follows. After a brief survey of related work in Sect. 2, we introduce our formal model and terminology in Sect. 3. The description and analysis of our decision procedure and our consensus algorithm are presented in Sects. 4 and 5, respectively, and our lower bound results are presented in Sect. 6. A fully worked out scenario showing constant iteration complexity vs. exponential consensus termination time is provided in Sect. 7. We conclude our contribution and discuss directions for future work in Sect. 8.

2 Related Work

Consensus is a fundamental task in distributed computing, and the question whether and when consensus is possible has engaged researchers at least since the influential impossibility result by Fischer et al. [12] and its generalizations [13]. Consensus problems come in different flavors and arise in many settings, including shared memory architectures, message-passing systems, and blockchains, among others [14,15,16,17,18].

Research on deterministic consensus in synchronous message-passing systems subject to link failures dates back to the seminal paper by Santoro and Widmayer [7], who showed that consensus is impossible if up to $n-1$ messages may be lost each round. This result has later been generalized along many dimensions [3, 6, 19,20,21,22,23]. For example, in [3], Schmid, Weiss and Keidar showed that consensus can even be solved when a quadratic number of messages is lost per round, provided these losses do not isolate the processes. Several generalized models have been proposed in the literature [20, 24, 25], like the heard-of model by Charron-Bost and Schiper [20], and also different agreement problems like approximate and asymptotic consensus have been studied in these models [22, 23]. In many of these and similar works on consensus [2, 16, 26,27,28,29,30], a model is considered in which, in each round, a digraph is picked from a set of possible communication graphs. Afek and Gafni coined the term message adversary for this abstraction [5], and used it for relating problems solvable in wait-free read-write shared memory systems to those solvable in message-passing systems. For a detailed overview of the field, we refer to the recent survey by Winkler and Schmid [17].

An interesting alternative model for dynamic networks assumes a T-interval connectivity guarantee, that is, a common subgraph in the communication graphs of every T consecutive rounds [4, 31]. In contrast to our directional model, solving consensus is relatively simple here, since the T-interval connectivity model relies on bidirectional links and always connected communication graphs. For example, 1-interval-connectivity, the weakest form of T-interval connectivity, implies that all nodes are able to reach all the other nodes in the system.

Another related model arises in the context of wait-free computation in shared memory systems with immediate atomic snapshots. These systems can be roughly described using one specific oblivious message adversary, containing all transitively closed tournaments. Wait-free computation in this context is often studied using topological tools [32,33,34,35,36]. This line of work did not provide any time complexity bounds for consensus in our model, however.

Closely related to our work is the paper by Coulouma et al. [6], who substantially refined the results of [19]. The authors consider oblivious message adversaries and identify an equivalence relation on the sets of communication graphs, which captures the essence of consensus impossibility via non-broadcastability of one of the so-called beta equivalence classes of this relation. The decision procedure from Sect. 4 can be seen as an explicit computation of these beta-classes. Moreover, [6] also presents a distributed consensus algorithm that, essentially, computes the beta classes. However, in stark contrast to our paper, neither the iteration complexity of our decision procedure nor the time complexity of distributed consensus has been studied in this or any other paper we are aware of.

3 Model and Preliminaries

We assume a set $\Pi = \{ p_1, \ldots , p_n\}$ of n processes, which execute a deterministic distributed protocol to reach consensus. Processes operate in lock-step synchronous rounds, where each round consists of a phase of message exchanges among the processes, followed by some local computation, whose execution time is assumed to be negligible. We consider a full information protocol where, in each round, every process broadcasts its complete local history (its view obtained at the end of the previous round, or the initial state), and computes a deterministic choice function $\Delta $ based on its current view, which also involves all views it received from other processes in this round.

Each phase of message exchange is restricted by a (possibly different) directed graph on $\Pi $, called a communication graph, which is chosen by an oblivious message adversary. A message from p to q is delivered in round r only if the communication graph of round r contains the edge (p, q). Since every process knows its own current view, we just assume that the communication graph always contains all the self-loops. We use ${{\,\textrm{In}\,}}_G(v)$ to denote the in-neighborhood of process v in a graph G. Messages are unacknowledged and rounds are communication-closed, i.e., messages that are sent in round r arrive in round r or not at all.

A communication pattern is a sequence of communication graphs, which (along with the initial views of all processes and the choice function $\Delta $) will uniquely define a run of the system. In the oblivious message adversary model, there is a set $\textbf{D}$ of allowed communication graphs, and the admissible communication patterns are all infinite sequences of graphs from $\textbf{D}$. For brevity, we identify our message adversary with its set of allowed communication graphs.

For a communication graph G, let $G^r = (G)_{i=1}^r$ denote the communication pattern that consists of r repetitions of G. For a set of communication graphs $\textbf{G}$, let $\textbf{G}^r = \{ (G_i)_{i=1}^r: G_i \in \textbf{G}\}$ be the set of communication patterns of length r that consist only of graphs from $\textbf{G}$. Given a set of allowed graphs $\textbf{D}$, the oblivious message adversary generated by $\textbf{D}$ may thus be written as $\textbf{D}^\omega $.

Let $\sigma = (G_i)_{i=1}^r$ be a communication pattern, where its length $r \ge 1$ can be any integer or infinite (denoted $\omega $), and let $\Sigma $ be a set of communication patterns. We use $\sigma |_{r'} = (G_i)_{i=1}^{r'}$ to denote the $r'$-round prefix of $\sigma $, which is only defined if the length of $\sigma $ is at least $r'$, and $\Sigma |_{r'} = \{ \sigma |_{r'}: \sigma \in \Sigma \}$ to denote the set of all $r'$-round prefixes of $\Sigma $; by convention, $\sigma |_0 = \varepsilon $, where $\varepsilon $ is the empty word. We use $\sigma (r') = G_{r'}$ to denote the $r'$th graph of $\sigma $ and $\Sigma (r') = \{ \sigma (r'): \sigma \in \Sigma \}$ for the set of communication patterns $\Sigma $. If $\sigma $ has a finite length r and H is an arbitrary communication graph, we write $\sigma ' = \sigma \circ H$ to denote $\sigma $ extended by H, i.e., the communication pattern of length $r+1$ with $\sigma '(i) = \sigma (i)$ for $i \le r$ and $\sigma '(r+1) = H$.

A root component of a graph is a strongly connected component that has no incoming edge from a node outside of the component.

We call a graph G rooted if it has a single root component and write ${{\,\textrm{Root}\,}}(G)$ for the node set of the root component of G. Note that if a graph G is rooted then a node (in our context: a process) $p \in V(G)$ has a path to every other node (process) in G if and only if $p \in {{\,\textrm{Root}\,}}(G)$. In Claim 3 below, we show that consensus is trivially impossible if the set of allowed graphs contains a graph that is not rooted, and for this reason we consider adversaries whose set $\textbf{D}$ consists of rooted graphs only. A set of communication graphs $\textbf{S}$ is root-compatible if all their root components

contain a common node, i.e., $\bigcap _{G \in \textbf{S}} {{\,\textrm{Root}\,}}(G) \ne \emptyset $. We will show that root-compatibility is a central concept when it comes to consensus solvability.

In our full information protocol, the view of process p in $\sigma $ at time (= end of round) $r\ge 1$ comprises the view of all the processes that p had in its in-neighborhood in the round r communication graph $\sigma (r)$, along with the round number r. The initial view of process p consists of its input value $x_p$ (see the specification of the consensus problem below) and the round number 0. Formally, views are recursively defined as ${{\,\textrm{view}\,}}_\sigma (p, 0) = \{ (p, 0, x_p) \}$ and, for $r>0$, ${{\,\textrm{view}\,}}_\sigma (p, r) = (p, r, V_\sigma (p, r-1))$, where $V_\sigma (p, r-1) = \{ {{\,\textrm{view}\,}}_\sigma (q, r-1): (q, p) \in \sigma (r) \}$.

For notational simplicity, we will subsequently use the tuple (p, r) to refer to the view of process p at time r. We thus use $(p, r') \leadsto _\sigma (q, r)$ to denote that p at time $r'<r$ has influenced q at time r, which can be expressed formally by the existence of a sequence of processes $p=p_1,\dots ,p_{r-r'+1}=q$ satisfying ${{\,\textrm{view}\,}}_\sigma (p_i, r'+i-1) \in V_\sigma (p_{i+1}, r'+i-1)$ for $1 \le i \le r-r'$. We say that p is a broadcaster in $\sigma $ (or equivalently, that a communication pattern $\sigma $ is broadcastable by p), if $(p, 0) \leadsto _\sigma (q, r)$ for some time r, for all $q \in \Pi $.

Two communication patterns $\sigma $ and $\sigma '$ of the same length are indistinguishable by a process p, denoted $\sigma \sim _p\sigma '$, if this process has the same view in $\sigma $ and in $\sigma '$, eventually or in each round r in case of infinite patterns. Formally, $\sigma \sim _p \sigma '\Leftrightarrow {{\,\textrm{view}\,}}_\sigma (p, r) = {{\,\textrm{view}\,}}_{\sigma '}(p, r)$ if $\sigma $ and $\sigma '$ are r-round patterns, and $\sigma \sim _p \sigma '\Leftrightarrow {{\,\textrm{view}\,}}_\sigma (p, r) = {{\,\textrm{view}\,}}_{\sigma '}(p, r)$ for all r if $\sigma $ and $\sigma '$ are infinite. We write $\sigma \sim \sigma '$ if $\sigma \sim _p \sigma '$ for some p. We also use $\sigma \not \sim _p \sigma '\Leftrightarrow \lnot (\sigma \sim _p \sigma ')$, and $\sigma \not \sim \sigma '\Leftrightarrow (\forall p\in \Pi :\sigma \not \sim _p \sigma ')$.

Given a set $\Sigma $ of communication patterns of the same length, we define its indistinguishability graph $I(\Sigma )$ as follows. The nodes of $I(\Sigma )$ are the communication patterns in $\Sigma $, and the two communication patterns $\sigma , \sigma ' \in \Sigma $ are connected by an edge if $\sigma \sim \sigma '$, i.e., if they are indistinguishable for some process. We label each edge with the set of processes defining it, that is, we define an edge labeling function $\ell :E(I(\Sigma ))\rightarrow 2^\Pi $ by $\ell ((\sigma ,\sigma ')) = \{ p \in \Pi : \sigma \sim _p \sigma ' \}$.

Our first simple, yet important insight is that root components can preserve indistinguishability. Consider two communication patterns $\sigma , \sigma '$ that are indistinguishable for a set of processes $\ell ((\sigma ,\sigma '))$, and assume that there is an allowed graph $G\in \textbf{D}$ such that ${{\,\textrm{Root}\,}}(G)\subseteq \ell ((\sigma ,\sigma '))$. Then, the communication patterns $\sigma \circ G$ and $\sigma ' \circ G$ are also indistinguishable for the processes in ${{\,\textrm{Root}\,}}(G)$: in G, these processes only receive messages from other members of ${{\,\textrm{Root}\,}}(G)$, and so these extended communication patterns are still indistinguishable for them.

Claim 1

Let $\textbf{D}$ be an oblivious message adversary, r be a round, and $e = (\sigma , \sigma ')$ be an edge in $I(\textbf{D}^r)$. For $r>1$, the edge $(\sigma |_{r-1},\sigma '|_{r-1})$ is in $I(\textbf{D}^{r-1})$. Moreover, if there is a graph $G \in \textbf{D}$ such that ${{\,\textrm{Root}\,}}(G) \subseteq \ell (e)$ then the edge $e' = (\sigma \circ G, \sigma ' \circ G)$ is in $I(\textbf{D}^{r+1})$ and its label $\ell (e')$ satisfies ${{\,\textrm{Root}\,}}(G) \subseteq \ell (e') \subseteq \ell (e)$.

Proof

If $r>0$, for every $p\in \ell (e)$, the indistinguishability $\sigma \sim _p \sigma '$ also implies $\sigma |_{r-1} \sim _p \sigma '|_{r-1}$, so the edge $(\sigma |_{r-1},\sigma '|_{r-1})$ is indeed in $I(\textbf{D}^{r-1})$.

To prove the second part of our claim, consider any process $p \in {{\,\textrm{Root}\,}}(G)$. By the definition of a root component, we have ${{\,\textrm{In}\,}}_G(p) \subseteq {{\,\textrm{Root}\,}}(p)$, so each process q with $(q, r) \in {{\,\textrm{view}\,}}_{\sigma \circ G}(p, r+1)$, is in ${{\,\textrm{Root}\,}}(G)$, and satisfies ${{\,\textrm{view}\,}}_{\sigma }(q, r) = {{\,\textrm{view}\,}}_{\sigma '}(q, r)$, because ${{\,\textrm{Root}\,}}(G) \subseteq \ell (e)$. This immediately implies that ${{\,\textrm{view}\,}}_{\sigma \circ G}(p, r+1) = {{\,\textrm{view}\,}}_{\sigma ' \circ G}(p, r+1)$ and thus the edge $e'$ exists and ${{\,\textrm{Root}\,}}(G) \subseteq \ell (e')$. The last part, $\ell (e') \subseteq \ell (e)$, follows because if ${{\,\textrm{view}\,}}_{\sigma \circ G}(q, r+1) = {{\,\textrm{view}\,}}_{\sigma ' \circ G}(q, r+1) = (q, r+1, V_\sigma (q,r))$ for some process q then ${{\,\textrm{view}\,}}_{\sigma }(q, r) = {{\,\textrm{view}\,}}_{\sigma }(q, r)$, as, by definition, ${{\,\textrm{view}\,}}_\sigma (q, r)\in V_\sigma (q, r)$. $\square $

In the consensus problem, each process p has an input value $x_p \in V$, taken from some (usually finite) domain V, and an output value $y_p$, initialized to $\bot $, to which it can write irrevocably, i.e., only once. An algorithm solves consensus in our setting if it ensures that

eventually, every process p decides, i.e., assigns $y_p \ne \bot $ (termination),
if $y_p \ne \bot $ and $y_q \ne \bot $ then $y_p = y_q$ for all $p, q \in \Pi $ (agreement),
if $y_p = v \ne \bot $ then there is a process $q \in \Pi $ such that $x_q = v$ (validity).

Since we consider only full information protocols, our consensus algorithm is actually a collection of choice functions. For every $p \in \Pi $, the choice function $\Delta _p$ maps every possible ${{\,\textrm{view}\,}}_\sigma (p,r)$ to a decision value $y_p \in V \cup \{\bot \}$, such that $\Delta ({{\,\textrm{view}\,}}_\sigma (p,r))\ne \bot $ implies $\Delta ({{\,\textrm{view}\,}}_\sigma (p,r'))=\Delta ({{\,\textrm{view}\,}}_\sigma (p,r))$ for every $r'\ge r$. The configuration $C_\sigma ^r$ of our system at the end of round r in $\sigma $, is the vector of the elements $({{\,\textrm{view}\,}}_\sigma (p,r),\Delta ({{\,\textrm{view}\,}}_\sigma (p,r)))$, for all p, and the run (also called execution in the literature) corresponding to $\sigma $ is the sequence $(C_\sigma ^r)_{r\ge 0}$. In the oblivious message adversary model, a run is uniquely determined by the input value assignment contained in the initial views and the communication pattern since the algorithm is deterministic.

With these definitions in mind, we now state two properties of consensus under oblivious message-adversaries, which will be of central importance in this paper. We first observe that any valid decision value must be the input value of a broadcaster. The proof of the following claim uses the same argument as [37, Theorem 2].

Claim 2

Let $\textbf{D}$ be an oblivious message adversary and let $\sigma \in \textbf{D}^\omega $. If in some correct consensus algorithm, all processes decide v in a run with $\sigma $, then v is the input value of a broadcaster in $\sigma $.

Proof

By the termination condition, there is a round r such that in all runs with $\sigma $ all processes decide by this round when running a given correct consensus algorithm. Suppose that there is a r-round run $\gamma $ with communication pattern $\sigma $ where all processes decide v even though no broadcaster in $\sigma $ has input value v. We show that this leads to a contradiction to the assumed correctness of the consensus algorithm.

Let $P=\{i_1, \ldots , i_k \}$ be the identifiers of those processes that start with input value v in $\gamma $. By the valditiy condition, $P \ne \emptyset $. Let $\gamma _j$ denote the run that is the same as $\gamma $, except that the processes with identifiers $i_1, \ldots , i_j$ have an input value $\ne v$. We show by induction that some process decides v in $\gamma _j$ for $0 \le j \le k$. Thus in the run $\gamma _k$ some process decides v, even though no process has input v in this run, a contradiction to the validity condition of consensus.

The base of the induction $j=0$ follows immediately because $\gamma \sim \gamma _0 = \varepsilon $.

For the step from j to $j+1$, where $0 \le j < k$, we observe that, because $\sigma $ is not broadcastable for any process with an identifier from P, there is a process q such that $(p_{i_{j+1}}, 0) \not \leadsto (q, r)$. Since $\gamma _j$ is identical to $\gamma _{j+1}$ except for the input of $p_{i_{j+1}}$, we have $\gamma _j \sim _q \gamma _{j+1}$. As all processes decide by round r in $\gamma _j$, and because they decide v by hypothesis, q and, by agreement, all processes decide v in $\gamma _{j+1}$. $\square $

Our second observation is that every communication graph in the set of allowed graphs of an oblivious message adversary, under which consensus is solvable, must be rooted.

Claim 3

If an oblivious message adversary contains, in its set of allowed graphs $\textbf{D}$, a graph G that is not rooted, then consensus is impossible.

Proof

The pattern $\sigma =G^\omega $ may be played by the adversary even though it is not broadcastable by any process, thus the claim follows from Claim 2. $\square $

4 A Decision Procedure for Consensus Solvability

In this section, we present a decision procedure for determining whether consensus is solvable under an oblivious message adversary with a set $\textbf{D}$ of allowed graphs. In a nutshell, our procedure revolves around the (undirected) indistinguishability graph $I(\textbf{D})$, constructed from the given input set $\textbf{D}$: the nodes of the indistinguishability graph represent the graphs of $\textbf{D}$ and the edges represent indistinguishability. Given $I(\textbf{D})$, we create a sequence $\mathcal {N}_1 = I(\textbf{D}),\mathcal {N}_2,\ldots $ of refinements of $I(\textbf{D})$, and use the last graph $\mathcal {N}_{{{\,\textrm{TD}\,}}}$ to decide if consensus is solvable under the oblivious message adversary $\textbf{D}$. Here, ${{\,\textrm{TD}\,}}$ is the number of iterations of the decision procedure. Our decision procedure can be viewed as an iterative computation of the beta classes introduced in [6], that is also early-terminating: it may terminate early if broadcastability of the intermediate result is already guaranteed. As an additional feature, it reveals a certain relation between the number of iterations of the decision procedure under a given oblivious message adversary and the time complexity of distributed consensus.

More concretely, our approach, summarized in algorithm 1, uses the fact that a graph whose root component is a subset of $\ell (e)$ is suitable for perpetuating the indistinguishability for at least some of the processes of $\ell (e)$ (according to Claim 1). The algorithm starts from the indistinguishability graph $\mathcal {N}_1=I(\textbf{D})$ of $\textbf{D}$, where $\textbf{D}$ is viewed as a set of 1-round communication patterns: the nodes of $I(\textbf{D})$ are the graphs of $\textbf{D}$, and two graphs $A,B\in \textbf{D}$ are connected by an edge if there is a process p that has the same set of incoming edges in A and in B. The algorithm then computes a sequence $(\mathcal {N}_i)$ of graphs, using iterative refinement. To refine from $\mathcal {N}_{i-1}$ to $\mathcal {N}_i$, it keeps all $\mathcal {N}_{i-1}$’s nodes, but only a subset of its edges (Line 9): an edge e is kept (by adding it to the set $E_i$) if the connected component of e in $\mathcal {N}_{i-1}$ contains a communication graph G such that ${{\,\textrm{Root}\,}}(G)\subseteq \ell (e)$ (Line 8).

This procedure continues until the set of edges does not change for two successive iterations, or until all remaining connected components are root-compatible, i.e., all its communication graphs have a common member in their respective root components. As we will see later in Theorems 2 and 1, the root-compatibility of the connected components of the refined indistinguishability graph is precisely what is required to make consensus solvable.

Whereas the number of iterations of our decision procedure could be exponential (see Claim 5), every iteration can be performed efficiently, as its main components require merely the computation of reachability in graphs: In each $G\in \textbf{D}$ during the initialization, and in $\mathcal {N}_i$ in iteration i. The running time is hence polynomial in n and $|\textbf{D}|$ for both the initialization and for each iteration:

Claim 4

The initialization phase of algorithm 1 can be implemented in $O(|\textbf{D}|^2n^3)$ time, and each of its iterations can be implemented in $O(|\textbf{D}|^3n^2)$ time.

Proof

Recall that the transitive closure of a (directed or undirected) graph $G=(V,E)$ is a graph $H=(V,{\hat{E}})$ such that $(u,v)\in {\hat{E}}$ if there is a (directed) path from u to v in G. The transitive closure can be computed in $O(|V|^3)$ time using combinatorial algorithms (e.g., the Floyd–Warshall algorithm), and slightly faster using fast matrix multiplication.

For the initialization, compute for each $G\in \textbf{D}$ its transitive closure, and set ${{\,\textrm{Root}\,}}(G)$ as the set of nodes that can reach all other nodes—we have seen that being in ${{\,\textrm{Root}\,}}(G)$ and being able to reach all other nodes are equivalent conditions. Overall, this takes $O(|\textbf{D}|n^3)$ time. Then, build the graph $I(\textbf{D})$ and assign labels to its edges by going over all pairs $(A,B)\in \textbf{D}\times \textbf{D}$ and checking for every $p\in \Pi $ whether ${{\,\textrm{In}\,}}_A(p) = {{\,\textrm{In}\,}}_B(p)$, which takes $O(|\textbf{D}|^2n^2)$ time.

For iteration i, start by computing the transitive closure of $\mathcal {N}_{i-1}$ (in fact, this is done at the end of the previous iteration). For each edge $(A,B)\in E_{i-1}$, go over all graphs G reachable from A to see if one of them satisfies ${{\,\textrm{Root}\,}}(G)\subseteq \ell ((A,B))$. This takes $O(|\textbf{D}|^3n^2)$ time overall. To check the stopping condition, compare $E_i$ and $E_{i-1}$ (taking $O(|\textbf{D}|^2)$ time), compute the transitive closure of $\mathcal {N}_i$ to find its connected components (taking $O(|\textbf{D}|^3)$ time), and finally, for each of the at most $|\textbf{D}|$ connected components, go over $\Pi $ and mark for each process $p\in \Pi $ if there is a graph in the connected component (which has size at most $|\textbf{D}|$) that does not have p in its root. Overall, this takes no more than $O(|\textbf{D}|^3n^2)$ time. $\square $

For the algorithm, we assume that all graphs of $\textbf{D}$ have a unique root component, as consensus is trivially impossible otherwise (Claim 3). Note that, for two communication graphs A, B, we have $\ell ((A,B)) = \{ p \in \Pi : A \sim _p B \} = \{ p \in \Pi : {{\,\textrm{In}\,}}_A(p) = {{\,\textrm{In}\,}}_B(p) \}$.

The following corollary provides a concise statement of the rule according to which the decision procedure selects which edges to keep when refining $\mathcal {N}_{i-1}(\textbf{D})$ into $\mathcal {N}_i(\textbf{D})$.

Corollary 1

Let $e = (A, B)$ be an edge of $\mathcal {N}_i(\textbf{D})$, for $i > 1$. Then in $\mathcal {N}_{i-1}(\textbf{D})$:

1.
the edge $e = (A, B)$ exists, and
2.
there exists a graph $G_e$ with ${{\,\textrm{Root}\,}}(G_e) \subseteq \ell (e)$, such that A, B and $G_e$ are in the same connected component.

Proof

According to algorithm 1, an edge $e = (A, B)$ can only persist in $\mathcal {N}_i$ if it was already present in $\mathcal {N}_{i-1}$ and there was a corresponding graph $G_e$ with ${{\,\textrm{Root}\,}}(G_e) \subseteq \ell (e)$ connected to A and B in $\mathcal {N}_{i-1}$. $\square $

We observe that, in order for an edge e of the indistinguishability graph to be “protected” from being omitted by the decision procedure by Line 9 of algorithm 1, there must exist a communication graph whose root component is a subset of the label of e. This motivates the following definition.

Definition 1

Given a set of allowed graphs $\textbf{D}$, let E be a set of edges of $I(\textbf{D})$ and $\textbf{G}\subseteq \textbf{D}$ be a set of communication graphs. We call E protected by $\textbf{G}$ if for every $e \in E$ there is a graph $G_e \in \textbf{G}$ such that ${{\,\textrm{Root}\,}}(G_e) \subseteq \ell (e)$.

The following upper bound on the number of iterations ${{\,\textrm{TD}\,}}$ of the decision procedure exploits the maximum number of different labels of the edges of $I(\textbf{D})$.

Claim 5

The number of iterations of the decision procedure, ${{\,\textrm{TD}\,}}$, satisfies ${{\,\textrm{TD}\,}}< |\textbf{D}|$ and ${{\,\textrm{TD}\,}}< 2^n$.

Proof

For a set of communication graphs $\textbf{G}$, let $\mathcal {N}_i[\textbf{G}]$ denote the subgraph of $\mathcal {N}_i$ induced by $\textbf{G}$. According to algorithm 1, there must exist a set of communication graphs $\textbf{G}\subseteq \textbf{D}$ such that $\mathcal {N}_{i}[\textbf{G}]$ is connected and not root-compatible for all $i < {{\,\textrm{TD}\,}}$, whereas all connected components of $\mathcal {N}_{{{\,\textrm{TD}\,}}}$ are root-compatible. That is, $\textbf{G}$ constitutes the last connected component of $I(\textbf{D})$ that had to be broken apart by the decision procedure in order to arrive at a graph $\mathcal {N}_{{{\,\textrm{TD}\,}}}$ where all connected components are root-compatible.

Furthermore, for $1< i < {{\,\textrm{TD}\,}}$, the set $\textbf{C}_i(\textbf{G})$ of nodes reachable from $\textbf{G}$ in $\mathcal {N}_i$ satisfies $|\textbf{C}_i(\textbf{G})| < |\textbf{C}_{i-1}(\textbf{G})|$. This is because, if the $(i-1)$th iteration of the decision procedure does not result in the removal of a node from $\textbf{C}_{i-1}(\textbf{G})$, then a set of edges that connects $\textbf{C}_{i-1}(\textbf{G})$ in $\mathcal {N}_{i-1}$ is protected by the communication graphs of $\textbf{C}_{i-1}$; hence, no node will be removed from $\textbf{C}_j(\textbf{G})$ for any $j \ge i$. This cannot come to pass, however, because then the decision procedure would already have terminated after $i < {{\,\textrm{TD}\,}}$ iterations. Hence, at least one graph of $\textbf{D}$ get discinnected from $\textbf{G}$ in each round, and ${{\,\textrm{TD}\,}}<|\textbf{D}|$.

In addition, all edges e of the connected component of $\textbf{G}$ in $\mathcal {N}_i$ that have the same label $\ell (e) = \lambda $ are removed during a single iteration of the decision procedure: If e is removed from the connected component of $\textbf{G}$ in $\mathcal {N}_i$, then there is no communication graph in $\textbf{C}_i(\textbf{G})$ that protects e and so all edges with label $\lambda $ are removed from the connected component of $\textbf{G}$. We recall that every label is a nonempty subset of $\Pi $, thus there are at most $2^n-1$ different labels. The claim follows because, as we have shown above, $|\textbf{C}_i(\textbf{G})| < |\textbf{C}_{i-1}(\textbf{G})|$; hence at least one edge is removed from the connected component of $\textbf{G}$ in $\mathcal {N}_i$ during the $i^{\textrm{th}}$ iteration of the decision procedure. $\square $

Before looking more closely into the ramifications of a large number of iterations ${{\,\textrm{TD}\,}}$ of the decision procedure of a given oblivious message adversary $\textbf{D}$, it is instructive to study a few “extreme” examples of such adversaries, and, in particular, how the number of communication graphs $|\textbf{D}|$ relates to ${{\,\textrm{TD}\,}}$. As we already know that ${{\,\textrm{TD}\,}}<|\textbf{D}|$, one may wonder how large that gap between them can be. The following examples show an exponential gap, with ${{\,\textrm{TD}\,}}=1$ and $|\textbf{D}|$ exponential in n. We first present such a scenario in which consensus is solvable: the set of all communication graphs that consist of a single clique of a fixed size $\lfloor n/c \rfloor $, for a constant c, and all the edges from each clique node to all other nodes (plus the self loops). There are exponentially many such graphs, yet no two are indistinguishable to any of the nodes, so the decision procedure already terminates after the first iteration because each connected component in $I(\textbf{D})$ consists of a single communication graph. An example where the decision procedure terminates quickly despite an exponentially sized $\textbf{D}$, where consensus is impossible, is the set of all rooted trees for $n>2$. In this case, there is a path in $I(\textbf{D})$ connecting every two trees $T_1, T_2$. Also, every edge e in $I(\textbf{D})$ has a corresponding tree $T \in \textbf{D}$ that protects this edge, since there is a tree T with ${{\,\textrm{Root}\,}}(T) \subseteq \ell (e)$.

On the other hand, the question arises whether there are examples where ${{\,\textrm{TD}\,}}$ is (almost) the same as $|\textbf{D}|$. This is of course the case if $|\textbf{D}|$ is small, but we answer this question affirmatively also for the case where ${{\,\textrm{TD}\,}}$ is even exponential in n, by constructiong an explicit example (Sect. 6). In a nutshell, we choose a set of communication graphs $\textbf{D}= \{ G_1, \ldots , G_{{{\,\textrm{TD}\,}}} \}$, where the root component of each graph consists of a different set of processes of the same cardinality, i.e., for every $G, G' \in \textbf{D}$ we have $|{{\,\textrm{Root}\,}}(G)| = |{{\,\textrm{Root}\,}}(G')|$, but if $G\ne G'$ then ${{\,\textrm{Root}\,}}(G) \ne {{\,\textrm{Root}\,}}(G')$. Furthermore, we let

$$\begin{aligned} G_1 \sim _{R_3} G_2 \sim _{R_4} G_3 \sim _{R_5} \ldots \sim _{R_{{{\,\textrm{TD}\,}}}} G_{{{\,\textrm{TD}\,}}-1} \sim _S G_{{{\,\textrm{TD}\,}}}, \end{aligned}$$

where $R_i = {{\,\textrm{Root}\,}}(G_i)$ and S is a nonempty set such that no $G \in \textbf{D}$ satisfies ${{\,\textrm{Root}\,}}(G) \subseteq S$. Here, the decision procedure can remove only the rightmost edge $\sim _S$ in the first iteration, only the edge $\sim _{R_{{{\,\textrm{TD}\,}}}}$ in the second iteration, and so on, because all the remaining edges are protected by one of the remaining graphs.

Also in this case, consensus might be solvable (as in the example in Sect. 6 described above), or it might be impossible, as in the instance

$$\begin{aligned} G'_1 \sim _{R'_3} G'_2 \sim _{R'_1} G'_3 = G_1 \sim _{R_3} G_2 \sim _{R_4} \ldots \sim _{R_{{{\,\textrm{TD}\,}}}} G_{{{\,\textrm{TD}\,}}-1} \sim _S G_{{{\,\textrm{TD}\,}}} \end{aligned}$$

where we assume that $G'_1$ and $G'_2$ are chosen such that they are not root-compatible: in this case, the indistinguishability $G'_1 \sim _{R'_3} G'_2$ will never break.

In view of the above results, it might be tempting to assume that it is ${{\,\textrm{TD}\,}}$ that actually determines the worst-case termination time of distributed consensus. Interestingly, this is not the case. Complementing the result of Theorem 1 established in Sect. 5, we show in Sect. 7 that there are instances of oblivious message adversaries where the decision procedure terminates after a constant number of iterations, while the consensus termination time is at least exponential in n. This example also reveals that the time complexity of distributed consensus is not solely determined by the need to compute (overapproximations of) the beta classes of [6].

5 Time Complexity of Consensus

In this section, we study the worst-case time complexity of consensus, and also ascertain our claim from Sect. 4, namely, that the decision procedure of algorithm 1 correctly assesses oblivious message adversaries where consensus is solvable. Thus, throughout this section, we consider an oblivious message adversary, where, after some number ${{\,\textrm{TD}\,}}$ of iterations, algorithm 1 determined that all connected components of the refined indistinguishability graph $\mathcal {N}_{{{\,\textrm{TD}\,}}}$ are root-compatible.

For solving consensus, we use the fact that non-connectivity in $\mathcal {N}_{{{\,\textrm{TD}\,}}}$ implies non-connectivity in $I(\textbf{D}^{(n-1){{\,\textrm{TD}\,}}+1})$, in the following sense: Let $\textbf{C}_1$ and $\textbf{C}_2$ be two different connected components of $\mathcal {N}_{{{\,\textrm{TD}\,}}}$, and $t > (n-1) {{\,\textrm{TD}\,}}$. Then, any two communication patterns $\sigma _1\in \textbf{C}_1^t$ and $\sigma _2\in \textbf{C}_2^t$, consisting only of graphs of $\textbf{C}_1$ and $\textbf{C}_2$, respectively, are not connected in the indistinguishability graph $I(\textbf{D}^t)$.

We then apply a pigeon-hole argument to show that all connected components of $I(\textbf{D}^{c t})$ are broadcastable, where c is the number of connected components of $\mathcal {N}_{{{\,\textrm{TD}\,}}}$. Note that this choice guarantees that graphs from at least one connected component are used at least t times. From here, a choice function $\Delta _p$ can be easily defined by (i) for each connected component $\mathcal {C}$ of $I(\textbf{D}^{c t})$, choosing one of its broadcasters, denoted $b(\mathcal {C})$, and (ii) if p’s view is consistent with a graph sequence $\sigma $, and $\sigma $ belongs to a connected component $\mathcal {C}$ of $I(\textbf{D}^{c t})$, then p decides on the input $x_{b(\mathcal {C})}$ of $b(\mathcal {C})$, for which ${{\,\textrm{view}\,}}_\sigma (b(\mathcal {C}),0,x_{b(\mathcal {C})})$ must already be present in p’s view.

It is rather immediate that such a procedure solves consensus, given the mapping $b(\mathcal {C})$ which we define in the remainder of this section: Termination follows from the existence of the mapping $b(\mathcal {C})$; validity follows because the decided value was some process’ input value; agreement is a consequence of all pairwise indistinguishable views lying in the same connected component $\mathcal {C}$ of $I(\textbf{D}^{c t})$. Hence two different decisions can only occur in runs that are distinguishable for everyone (and are thus distinct runs).

A path $\pi =(\sigma _0,\ldots ,\sigma _s)$ in $I(\textbf{D}^r)$ is a sequence of communication patterns such that $(\sigma _i,\sigma _{i+1})\in E(I(\textbf{D}^r))$ for all $0\le i<s$. Given such a path and $r'\le r$, we write $\pi |_{r'}$ to denote the path $\left( \sigma _0|_{r'},\ldots ,\sigma _\ell |_{r'}\right) $ in $I(\textbf{D}^{r'})$ of the ${r'}$-round prefixes of the communication patterns in $\pi $, which exists by Claim 1. Similarly, we denote by $\pi (r')$ the path $(\sigma _0({r'}),\ldots ,\sigma _\ell ({r'}))$ in $I(\textbf{D})$ of the ${r'}$th graphs of the communication patterns in $\pi $. Both $\pi |_{r'}$ and $\pi (r')$ are indeed paths in the corresponding indistinguishability graphs, due to a more general claim: Removing an intermediate communication round from all communication patterns in a path cannot disconnect it, as stated below.

For a communication pattern $\sigma $ of length r, and some round $r' \le r$, let $\sigma - r'$ denote $\sigma |_{r'-1} \circ \sigma (r'+1) \circ \cdots \circ \sigma (r)$, i.e., the communication pattern $\sigma $ with the round $r'$ communication graph omitted. Corollary 2 shows that edges, and hence paths, between communication patterns in $I(\textbf{D}^r)$ are preserved when omitting some round $r'$.

Corollary 2

If the edge $(\sigma ,\sigma ')$ is in $I(\textbf{D}^r)$, then the edge $(\sigma - r', \sigma ' - r')$ is in $I(\textbf{D}^{r-1})$ as well.

Proof

Assume for contradiction that the edge is not preserved, i.e., $\sigma \sim \sigma '$ while $\sigma - r' \not \sim \sigma '-r'$. So, there is a process p such that $\sigma \sim _p \sigma '$ (this is true for at least one process, p) while $\sigma - r' \not \sim _p \sigma '-r'$ (this is true for all processes, and specifically for p). This implies that there exists a round $r''\ne r'$ and a process q with w.l.o.g. $(q, r'') \leadsto _{\sigma -r'} (p, r)$ but $(q, r'') \not \leadsto _{\sigma '-r'} (p, r)$ or ${{\,\textrm{view}\,}}_{\sigma -r'}(q,r'')\ne {{\,\textrm{view}\,}}_{\sigma '-r'}(q,r'')$: if no such $q,r''$ existed, we would have $\sigma - r' \sim _p \sigma ' -r'$. Since $(q, r'') \leadsto _{\sigma -r'} (p, r)$, we also have $(q, r'') \leadsto _{\sigma } (p, r)$, as the sequence of processes causing $(q, r'')$ to be in ${{\,\textrm{view}\,}}_{\sigma -r'}(p, r)$ also exists in $\sigma $ and we just need to take path where the process of round $r'$ is the same as of round $r'-1$. To finish, it suffices to consider two cases: if $(q, r'') \not \leadsto _{\sigma '} (p, r)$, then p distinguishes $\sigma $ and $\sigma '$ since it has ${{\,\textrm{view}\,}}_{\sigma }(q,r'')$ in its view in $\sigma $ but does not have ${{\,\textrm{view}\,}}_{\sigma '}(q,r'')$ in its view in $\sigma '$; if $(q, r'') \leadsto _{\sigma '} (p, r)$, then p distinguishes $\sigma $ and $\sigma '$ by having ${{\,\textrm{view}\,}}_{\sigma }(q,r'')\ne {{\,\textrm{view}\,}}_{\sigma '}(q,r'')$ in its views. In both cases $\sigma \not \sim _p \sigma '$, a contradiction. $\square $

The following corollary relates the preservation of an edge in $I(\textbf{D}^r)$ to the root components of the communication graphs that occur in the communication patterns of this edge.

Corollary 3

Let $\textbf{D}$ be a set of allowed graphs and $0<r'<r$ integers. Consider an edge $e=(\sigma ,\sigma ') \in I(\textbf{D}^r)$ such that $e'=(\sigma |_{r'},\sigma '|_{r'}) \in I(\textbf{D}^{r'})$ satisfies $\sigma |_{r'}\ne \sigma '|_{r'}$. Then, there are at most $|\ell (e')|-1$ rounds $r_j$, $r'<r_j\le r$, satisfying ${{\,\textrm{Root}\,}}(\sigma (r_j)) \not \subseteq \ell (e')$.

Proof

By Claim 1, we can be sure that $e'$ exists. For a contradiction, suppose that there are $|\ell (e')|$ rounds $r'< r_1<\cdots <r_{|\ell (e')|}\le r$ such that each $r_j$ satisfies ${{\,\textrm{Root}\,}}(\sigma (r_j)) \not \subseteq \ell (e')$. Let

$$\begin{aligned} U_j = \{ p \in \Pi : \exists q \in \Pi \setminus \ell (e') \; (q, r') \leadsto _{\sigma } (p, r_j) \} \end{aligned}$$

denote the set of processes that received a message by round $r_j$, sent after round $r'$, from a process outside of $\ell (e')$. Let $r_0=r'$ and $U_0=\Pi {\setminus } \ell (e')$. Note that from $\sigma |_{r'}\ne \sigma '|_{r'}$ it follows that $\emptyset \ne \ell (e') \ne \Pi $ and thus $U_0 \ne \emptyset $.

Let ${\overline{U}}_j = \Pi \setminus U_j$ and consider the cut $(U_j, {\overline{U}}_j)$ in $\sigma (r_j)$, the communication graph at round $r_j$. Since we have ${{\,\textrm{Root}\,}}(\sigma (r_j)) \not \subseteq \ell (e')$, there is a process $p' \in {{\,\textrm{Root}\,}}(\sigma (r_j)) {\setminus } \ell (e')$. On the one hand, $p' \in {{\,\textrm{Root}\,}}(\sigma (r_j)) {\setminus } \ell (e')$ immediately implies $p' \in U_j$, since $(p', r') \leadsto _\sigma (p', r_j)$. On the other hand, $p' \in {{\,\textrm{Root}\,}}(\sigma (r_j))$ implies that in $\sigma (r_j)$ there is a path from $p'$ to every node. Hence, if ${\overline{U}}_j\ne \emptyset $, then there is a node $p''\in {\overline{U}}_j$, and a path in $\sigma (r_j)$ from $p'$ to $p''$; this path must cross an edge ${\tilde{e}}_j$ from $U_j$ to ${\overline{U}}_j$.

We now use induction on $j=0,\ldots ,|\ell (e')|$ to show that $|U_j| \ge n-|\ell (e')|+j$. For the basis $j=0$, we have already shown that $|U_0|=n-|\ell (e')| > 0$. In the induction step, we prove that $U_j$ grows by at least one (unless $U_j = \Pi $) due to the edge ${\tilde{e}}_j = (q', q'')$ from $U_j$ to ${\overline{U}}_j$. As, for every $q \in \Pi \setminus \ell (e')$ in the definition if $U_j$ in Sect. 5, $(q, r') \leadsto _\sigma (q', r_j)$ in conjunction with $(q', r_j) \leadsto _\sigma (q'', r_{j+1})$ implies $(q, r') \leadsto _\sigma (q'', r_{j+1})$, we obtain $U_{j+1} \supseteq U_j \cup \{ q'' \}$ as required.

It hence follows that $|U_{|\ell (e')|}| =n$, i.e., by round $r \ge r_{|\ell (e')|}$, every process has received a message, sent after round $r'$, from a process q outside of $\ell (e')$. Consequently, at time r, the view of every process contains the view of a process q that could distinguish $\sigma |_{r'}$ and $\sigma '|_{r'}$, hence every process can also distinguish $\sigma $ and $\sigma '$. Formally, $\forall p \in \Pi \, \exists q \in \Pi {\setminus } \ell (e): (q, r') \leadsto _{\sigma } (p,r) \text { and } {{\,\textrm{view}\,}}_{\sigma }(q, r') \ne {{\,\textrm{view}\,}}_{\sigma '}(q, r')$, which implies that ${{\,\textrm{view}\,}}_{\sigma }(p,r) \ne {{\,\textrm{view}\,}}_{\sigma '}(p,r)$. That is, every process that can distinguish $\sigma |_{r'}$ and $\sigma '|_{r'}$ can also distinguish $\sigma $ and $\sigma '$, contradicting the existence of the edge $e_r=(\sigma ,\sigma ')$ in $I(\textbf{D}^r)$. $\square $

We proceed with Lemma 1, which generalizes and formalizes chains like Sect. 4, made up of connected subgraphs $\mathcal {S}_1,\dots ,\mathcal {S}_i$ which are interconnected in a chain. It uses protected edges in order to delay the separation of root-incompatible connected components as much as possible, namely, by removing the interconnects between $S_j$ and $S_{j+1}$ in $\mathcal {N}_{i-j}$, i.e., from right (i) to left (1).

Lemma 1

Given an oblivious message adversary $\textbf{D}$ and i connected subgraphs $\mathcal {S}_1, \ldots , \mathcal {S}_i$ of $I(\textbf{D})$ such that for every $1 \le j < i$, the edges of $\bigcup _{j'=1}^j \mathcal {S}_{j'}$ are protected by the communication graphs of $\bigcup _{j'=1}^{j+1} \mathcal {S}_{j'}$, and $\mathcal {S}_j$ is connected to $\mathcal {S}_{j+1}$ in $\mathcal {N}_{i-j}$, it holds that $\mathcal {S}_1$ is a connected subgraph of $\mathcal {N}_i$.

Proof

We show that all edges of $\mathcal {S}_1$ are in $\mathcal {N}_i$. In order to do so, we prove by induction on $i' = 1, \ldots , i$, that all edges of $\bigcup _{j'=1}^{i-i'+1} \mathcal {S}_{j'}$ are in $\mathcal {N}_{i'}$.

The base $i'=1$ follows directly from the code of algorithm 1: $\mathcal {N}_1 = I(\textbf{D})$, and each graph $\mathcal {S}_{j'}$ is a subgraph of $I(\textbf{D})$, thus every edge of $\bigcup _{j'=1}^{i} \mathcal {S}_{j'}$ is in $\mathcal {N}_1$.

For the inductive step from $i'$ to $i'+1$, assume that every edge of $\bigcup _{j'=1}^{i-i'+1} \mathcal {S}_{j'}$ is present in $\mathcal {N}_{i'}$. By assumption, every edge e of $\bigcup _{j'=1}^{i-i'} \mathcal {S}_{j'}$ is protected by a communication graph G of $\bigcup _{j'=1}^{i-i'+1} \mathcal {S}_{j'}$, i.e., by Definition 1, ${{\,\textrm{Root}\,}}(G) \subseteq \ell (e)$. As we also assume that $\mathcal {S}_j$ is connected to $\mathcal {S}_{j+1}$ in $\mathcal {N}_{i-j}$ for $1 \le j < i$, we have that $\mathcal {S}_{i-i'-j'}$ is connected to $\mathcal {S}_{i-i'-j'+1}$ in $\mathcal {N}_{i'+j'}$ for $0 \le j' < i-i'$. Since $\mathcal {N}_{i'+j'}$ is a refinement of $\mathcal {N}_{i'}$, $\mathcal {S}_{i-i'-j'}$ is connected to $\mathcal {S}_{i-i'-j'+1}$ also in $\mathcal {N}_{i'}$. Hence $\bigcup _{j'=1}^{i-i'+1} \mathcal {S}_{j'}$ is a connected subgraph of $\mathcal {N}_{i'}$, and thus e is connected to G in $\mathcal {N}_{i'}$.

Thus, in $\mathcal {N}_{i'}$, e is in the same connected component as a graph G with ${{\,\textrm{Root}\,}}(G) \subseteq \ell (e)$ and, by Line 8 of algorithm 1, we have $e \in \mathcal {N}_{i'+1}$. $\square $

We are now ready to prove the main technical result of this section. For $r=(n-1)\cdot {{\,\textrm{TD}\,}}$, we show how the connectivity of two r-round communication patterns in $I(\textbf{D}^r)$, consisting only of communication graphs from certain sets $\textbf{C}_1$ and $\textbf{C}_2$, respectively, is related to the connectivity of $\textbf{C}_1$ and $\textbf{C}_2$ in the refined indistinguishability graph $\mathcal {N}_{{{\,\textrm{TD}\,}}}$, as computed by algorithm 1.

Lemma 2

Given an oblivious message adversary $\textbf{D}$, let $\textbf{C}$ constitute a connected component of $\mathcal {N}_{{{\,\textrm{TD}\,}}}$ and let $\bar{\textbf{C}} = \textbf{D}{\setminus } \textbf{C}$. For $r=(n-1)\cdot {{\,\textrm{TD}\,}}$, there is no connection in $I(\textbf{D}^r)$ between any $\sigma _1 \in \textbf{C}^r$ and any $\sigma _2 \in \bar{\textbf{C}} \textbf{D}^{r-1}$. Herein, $\sigma _2 \in \bar{\textbf{C}} \textbf{D}^{r-1}$ denotes the fact that $\sigma _2$ is composed of one graph of $\bar{\textbf{C}}$ and then $r-1$ graphs of $\textbf{D}$.

Proof

Assume for a contradiction that there exist $\sigma _1 \in \textbf{C}^r$ and $\sigma _2 \in \bar{\textbf{C}} \textbf{D}^{r-1}$ which are connected in $I(\textbf{D}^r)$. We show that $\textbf{C}$ is connected to some node of $\bar{\textbf{C}}$ in $\mathcal {N}_{{{\,\textrm{TD}\,}}}$, contradicting the fact that $\textbf{C}$ is a connected component of $\mathcal {N}_{{{\,\textrm{TD}\,}}}$. We do so by proving that there are ${{\,\textrm{TD}\,}}$ connected subgraphs $\pi _1, \ldots , \pi _{{{\,\textrm{TD}\,}}}$ in $I(\textbf{D})$, such that each of them intersects $\textbf{C}$, $\pi _1$ also intersects $\bar{\textbf{C}}$, and, for every $1 \le j < i=TD$, the edges of $\bigcup _{j'=1}^j \pi _{j'}$ are protected by the communication graphs of $\bigcup _{j'=1}^{j+1} \pi _{j'}$. Moreover, $\pi _j$ is connected to $\pi _{j+1}$ in $\mathcal {N}_{i-j}$: We have that $\pi _j$ and $\pi _{j+1}$ both intersect $\textbf{C}$, and since $\textbf{C}$ is a connected component in $\mathcal {N}_i$ and $\mathcal {N}_i$ is a refinement of $\mathcal {N}_{i-j}$, all nodes of $\textbf{C}$ are in the same connected component of $\mathcal {N}_{i-j}$. We can hence apply Lemma 1, which reveals that $\pi _1$ is a connected subgraph of $\mathcal {N}_i$. As $\pi _1$ also intersects both $\textbf{C}$ and $\bar{\textbf{C}}$, however, we have the required contradiction.

Let $\tilde{\pi }$ be a path that connects $\sigma _1$ and $\sigma _2$ in $I(\textbf{D}^r)$. Recall that, for a round $r' \le r$, $\tilde{\pi }(r')$ denotes the round $r'$ communication graphs $\sigma (r')$ for all communication patterns $\sigma $ of $\tilde{\pi }$. By a repeated application of Corollary 2, we get that $\tilde{\pi }(r')$ is a path that connects $\sigma _1(r') \in \textbf{C}$ and $\sigma _2(r') \in \textbf{D}$ in $I(\textbf{D})$ where, in particular, $\tilde{\pi }(1)$ connects $\sigma _1(1) \in \textbf{C}$ and $\sigma _2(1) \in \bar{\textbf{C}}$.

We now construct each connected subgraph $\pi _{j}$, $1 \le j \le i$, as a union of paths $\tilde{\pi }(r')$. That is, for some set $R_{j}\subseteq \{1,\ldots ,r\}$ of rounds, which we will define below, we set $\pi _{j} = \bigcup _{r' \in R_{j}} \tilde{\pi }(r')$. We denote the largest round of $R_{j}$ as $r^{*}_{j} = \max (R_{j})$.

For $1 \le m < i$, we inductively construct $R_{m+1}$ from $R_m$, starting with $R_1 = \{ 1 \}$, i.e., setting $\pi _1 = \tilde{\pi }(1)$. We will assert that (1) $r^*_{m+1} \le r^*_{m} + n-1$ and (2) the edges of $\pi _{m} = \bigcup _{r' \in R_m} \tilde{\pi }(r')$ are protected by the communication graphs of $\pi _{m+1} = \bigcup _{r' \in R_{m+1}} \tilde{\pi }(r')$. For $1 \le m \le {{\,\textrm{TD}\,}}$, property (1) together with $r^*_1=1$ guarantees $r^*_{m} \le (n-1) (m-1)+1 \le (n-1) \cdot {{\,\textrm{TD}\,}}= r$, thus $\tilde{\pi }(r')$ is well-defined for all $r' \in R_m$.

Given $R_m$ for $1 \le m < i$, we construct $R_{m+1}$ as follows: By Corollary 3, for every edge $e \in \pi _m$, there is a round $r_e \le r^*_m + n-1$ such that $\tilde{\pi }(r_e)$ contains a graph G with ${{\,\textrm{Root}\,}}(G) \subseteq \ell (e)$. Let $R_{m+1}$ be the set of all such rounds, i.e., $R_{m+1} = \bigcup _{e \in E(\pi _m)} \tilde{\pi }(r_e)$. This ensures (1) by construction and also (2), because every edge e of $\pi _{m}$ is protected by a communication graph G of $\tilde{\pi }(r_e) \subseteq \pi _{m+1}$. Hence, the edges of $\pi _m$ are protected by the communication graphs of $\pi _{m+1}$ and so the edges of $\bigcup _{k=1}^m \pi _k$ are protected by the communication graphs of $\bigcup _{k=1}^{m+1} \pi _k$. $\square $

We are now ready to state the main theorem of this section, namely, an upper bound on the time complexity of consensus.

Theorem 1

Let $\textbf{D}$ be the set of allowed communication graphs of an oblivious message adversary. If the connected components of $\mathcal {N}_{{{\,\textrm{TD}\,}}}(\textbf{D})$ are root-compatible, then consensus is solvable by round $c (n-1) ({{\,\textrm{TD}\,}}+1)$, where c is the number of connected components in $\mathcal {N}_{{{\,\textrm{TD}\,}}}$.

Proof

We show that every connected component of the indistinguishability graph $I(\textbf{D}^t)$ is broadcastable for $t = c (n-1)({{\,\textrm{TD}\,}}+1)$. This implies the theorem, because there exists a mapping for every connected component $\mathcal {C}$ of $I(\textbf{D}^t)$ to a process p, such that p is a broadcaster in every communication pattern of $\mathcal {C}$. More specifically, as $\mathcal {C}$ is an indistinguishability component, there is, for every process q and every $\sigma \in \textbf{D}^t$, a map ${{\,\textrm{view}\,}}_\sigma (q, t) \mapsto p$ such that p is a broadcaster in every communication pattern of $\sigma $’s connected component in $I(\textbf{D}^t)$. In every run with a communication pattern from $\mathcal {C}$, every process has thus already learned the input $x_p$ of p, which is a valid decision value. Our decision procedure hence defines a correct consensus algorithm.

It remains to show the broadcastability of the connected components of $I(\textbf{D}^t)$. Consider a run $\sigma \in \textbf{D}^t$, and all the communication patterns $\sigma (i)$, $i=1\ldots ,c(n-1)({{\,\textrm{TD}\,}}+1)$ appearing in it. By the pigeon-hole principle, at least one connected component $\textbf{C}$ of $\mathcal {N}_{{{\,\textrm{TD}\,}}}$ must supply $(n-1)({{\,\textrm{TD}\,}}+1)$ of these graphs, when counted with repetitions. That is, there is a set $R\subseteq \{1,\ldots ,c(n-1)({{\,\textrm{TD}\,}}+1)\}$, with $|R|=(n-1)({{\,\textrm{TD}\,}}+1)$, such that every $r_i$ with $i \in R$ satisfies $\sigma (r_i) \in \textbf{C}$. Note that the occurrence of $n-1$ or more graphs from $\textbf{C}$ in $\sigma $ already suffices to ensure that it is broadcastable by every process $p\in \bigcap _{G \in \textbf{C}} {{\,\textrm{Root}\,}}(G)$, i.e., that every process $q\in \Pi $ has $(p,0,x_p) \in {{\,\textrm{view}\,}}_{\sigma }(q, t)$.

Consider another run $\sigma '\in \textbf{D}^t$ that is connected to $\sigma $ in $I(\textbf{D}^t)$, and the communication patterns $\sigma '(i)$ appearing in it. If $n-1$ or more of the latter satisfied $\sigma '(r_i) \in \textbf{C}$, $\sigma '$ would also be broadcastable by $\bigcap _{G \in \textbf{C}} {{\,\textrm{Root}\,}}(G)$, so assume that this is not the case. There are hence at most $n-2$ indices $r_j \in R$ where $\sigma '(r_j) \in \textbf{C}$. Let $R' \subseteq R$ with $|R'| = (n-1) \cdot {{\,\textrm{TD}\,}}$ be the set of indices obtained by discarding all these indices $r_j$ from R, in addition to discarding some additional indices $\ne 1$ so as to match the desired size of $R'$.

We now construct the $((n-1){{\,\textrm{TD}\,}})$-round communication patterns $\rho , \rho '$ defined by $\rho (j) = \sigma (r_j)$, $\rho '(j) = \sigma '(r_j)$ for each $j \in R'$. That is, starting out from $\sigma $ and $\sigma '$, which are connected in $I(\textbf{D}^t)$, we remove all communication rounds not in $R'$. By Corollary 2, $\rho $ and $\rho '$ are connected in $I(\textbf{D}^{(n-1){{\,\textrm{TD}\,}}})$. This, however, contradicts Lemma 2, because $\rho \in \textbf{C}^{(n-1) {{\,\textrm{TD}\,}}}$ and $\rho ' \in \bar{\textbf{C}}^{(n-1) {{\,\textrm{TD}\,}}} \subseteq \bar{\textbf{C}} \times \textbf{D}^{(n-1) {{\,\textrm{TD}\,}}-1}$ by construction, where $\textbf{C}$ is a connected component in $\mathcal {N}_{{{\,\textrm{TD}\,}}}$ and $\bar{\textbf{C}}$ is its complement. $\square $

The result of Theorem 1 suggests that, besides the termination time ${{\,\textrm{TD}\,}}$ of the decision procedure (which can be attributed to the complexity of finding broadcastable components) and the number of processes $n-1$ (which accounts for the worst-case information propagation time from root components to all other processes), the number of connected components c in $\mathcal {N}_{{{\,\textrm{TD}\,}}}$ might also cause exponential time complexity for solving distributed consensus. And indeed, the scenarios presented in Sect. 7, where ${{\,\textrm{TD}\,}}$ is constant, prove this to be true.

6 Lower Bounds

This section complements our positive results above by studying lower bounds. In the following, we first establish a relationship between the iteration complexity of the decision procedure and the termination time of consensus. We then derive a time complexity lower bound for the decision procedure, and combine it with the first result to establish a consensus termination time lower bound.

6.1 Decision Complexity and Consensus Termination Time

First, we present a relationship (Theorem 2) between the number of iterations of algorithm 1 and the time complexity of consensus. As before, let $\mathcal {N}_i=\mathcal {N}_i(\textbf{D})$ be the refined indistinguishability graph $\mathcal {N}_i$ after i iterations according to algorithm 1, with the set of allowed graphs $\textbf{D}$ sometimes omitted for brevity. Our general strategy is to establish that the impossibility of consensus after i rounds is equivalent to the existence of a set of “broadcast-incompatible” communication patterns of length i, which are connected to each other in the indistinguishability graph $I(\textbf{D}^i)$. We ensure broadcast-incompatibility by letting this set also contain communication patterns $G^i$, i.e., i repetitions of the same communication graph G, taken from a set of root-incompatible graphs. Due to the requirement that every decision must be on the input of some broadcaster whose input value has reached everyone (recall Claim 2), this suffices: in $G^i$, the only processes that have reached everyone are the members of ${{\,\textrm{Root}\,}}(G)$, the root component of G. Thus, not all these communication patterns can have led to the same decision value, which is a contradiction since all connected round-i communication patterns must have led to the same decision value if consensus was solved after i rounds.

The core of our proof is in Lemma 3. It shows that the connectivity of some communication graphs A, B in $\mathcal {N}_i(\textbf{D})$ implies the connectivity of the communication patterns $A^i, B^i$ in the indistinguishability graph $I(\textbf{D}^i)$. Informally speaking, it uses an inductive construction for an arbitrary edge (A, B) of $\mathcal {N}_i$ to show how the corresponding connectivity between $A^i$ and $B^i$ can be preserved for i rounds in $I(\textbf{D}^i)$. The proof crucially relies on the fact that every $\mathcal {N}_i$ is a refinement of $\mathcal {N}_{i-1}$, with $\mathcal {N}_1$ being a refinement of $I(\textbf{D})$, which is due to the fact that algorithm 1 iteratively only removes selected edges (Line 9) but never adds any edges.

To show that the connectivity of $A^i$ and $B^i$ is preserved, we use the path in $\mathcal {N}_i$ from A to $\ell (e)$, respectively B to $\ell (e)$, to extend the already constructed connected prefixes $A^{i-1}$ and $B^{i-1}$. Note that this path also occurs in $\mathcal {N}_{i-1}$ due to Corollary 1. To illustrate this, consider a (very simple) example, where we have that $A \sim _p B$ occurs in $\mathcal {N}_{2}$ and furthermore $p = {{\,\textrm{Root}\,}}(C)$ such that $C \sim _{p'} A$ as well as $C \sim _{p''} B$ occur in $\mathcal {N}_{1}$. In this case, we have the following indistinguishability relation between communication patterns of length 2: $A \circ A \sim _{p'} A \circ C \sim _p B \circ C \sim _{p''} B \circ B$. This argument can be applied inductively to establish the indistinguishability relation for communication patterns $A^i$ and $B^i$.

Lemma 3

Let $\mathcal {C}_i$ be a connected component of $\mathcal {N}_i(\textbf{D})$ and let A, B be communication graphs in $\mathcal {C}_i$. Then $A^i$ is connected to $B^i$ in $I(\textbf{D}^i)$.

Proof

The lemma holds immediately for $i=1$: As a one-round communication pattern consists of only a single communication graph, $A^1 = A$ and $B^1 = B$ are both in the connected component $\mathcal {C}_1$.

Thus, we henceforth assume that $i > 1$, and prove the following claim by induction on k, for $k = 1, \ldots , i$: For each edge $(A, B) \in \mathcal {C}_i$ there is a path $\pi _k$ in $I(\textbf{D}^k)$ connecting $A^k$ to $B^k$. In addition, for $k < i$, the connected component $\mathcal {C}_{i-k}$ of A and B in $\mathcal {N}_{i-k}$ is such that, for every edge $e = (\sigma , \sigma ') \in \pi _k$, both the round k communication graphs $\sigma (k), \sigma '(k) \in \mathcal {C}_{i-k}$

and there is a graph $G_e \in \mathcal {C}_{i-k}$ such that ${{\,\textrm{Root}\,}}(G_e) \subseteq \ell (e)$.

The base, $k=1$, follows because $e = (A, B) \in \mathcal {C}_i$ implies that $(A^1, B^1) \in I(\textbf{D}^1)$, and by Corollary 1 there is $G_e \in \mathcal {C}_{i-1}$ such that ${{\,\textrm{Root}\,}}(G_e) \subseteq \ell (e)$.

For the step from $k-1$ to k, $k>1$, there exists a path $\pi _{k-1} \in I(\textbf{D}^{k-1})$ that connects $A^{k-1}$ to $B^{k-1}$. Let $e = (\sigma , \sigma ') \in \pi _{k-1}$ be an arbitrary edge in $\pi _{k-1}$. By the induction hypothesis, $\sigma (k-1)$, $\sigma '(k-1)\in \mathcal {C}_{i-k+1}$ and there is a graph $G_e \in \mathcal {C}_{i-k+1}$ with ${{\,\textrm{Root}\,}}(G_e) \subseteq \ell (e)$. Consequently, there exist paths $\tilde{\pi }_1 = (\Gamma _1, \Gamma _2, \ldots , \Gamma _m )$ and $\tilde{\pi }_2 = (\Lambda _1, \Lambda _2, \ldots , \Lambda _{m'})$ in $\mathcal {C}_{i-k+1}$ that connect $\sigma (k-1)$ to $G_e$ and $G_e$ to $\sigma '(k-1)$, respectively.

Consider $(\Gamma _j, \Gamma _{j+1}) \in \tilde{\pi }_1 \subseteq \mathcal {C}_{i-k+1}$. From Corollary 1, we know that $(\Gamma _j,\Gamma _{j+1}) \in I(\textbf{D}^1)$, which implies $\sigma \circ \Gamma _j \sim \sigma \circ \Gamma _{j+1}$. This enables us to prefix $\sigma $ to each communication graph of $\tilde{\pi }_1$, which makes $\sigma \circ \tilde{\pi }_1 = (\sigma \circ \Gamma _1, \sigma \circ \Gamma _2,\ldots , \sigma \circ \Gamma _m)$ a path in $I(\textbf{D}^k)$. Following a symmetrical argument, $\sigma ' \circ \tilde{\pi }_2 = (\sigma ' \circ \Lambda _1, \sigma ' \circ \Lambda _2,\ldots , \sigma ' \circ \Lambda _{m'})$ is also a path in $I(\textbf{D}^k)$.

Moreover, since ${{\,\textrm{Root}\,}}(G_e) \subseteq \ell (e)$, it follows from Claim 1 that $e' = (\sigma \circ G_e, \sigma ' \circ G_e) \in I(\textbf{D}^k)$. Therefore, $\tilde{\pi }_e = (\sigma \circ \tilde{\pi }_1, e', \sigma ' \circ \tilde{\pi }_2)$ is a path from $\sigma \circ \sigma (k-1)$ to $\sigma ' \circ \sigma '(k-1)$ in $I(\textbf{D}^k)$. If we substitute each edge $e \in \pi _{k-1}$ by $\tilde{\pi }_e$, we thus obtain a path $\pi _k$ that connects $A^k$ to $B^k$ in $I(\textbf{D}^k)$.

Now, consider any edge $e' \in \pi _k$. By construction, $e' = (\sigma \circ \Gamma _j, \sigma \circ \Gamma _{j+1})$, or $e' = (\sigma ' \circ \Lambda _j, \sigma ' \circ \Lambda _{j+1})$ or $e' = (\sigma \circ G_e, \sigma ' \circ G_e)$. If $e' = (\sigma \circ \Gamma _j, \sigma \circ \Gamma _{j+1})$, then the round k communication graphs are $\Gamma _j$ and $\Gamma _{j+1}$. Since $\tilde{\pi }_1 \in \mathcal {C}_{i-k+1}$, it follows from Corollary 1 that $(\Gamma _j, \Gamma _{j+1}) \in \mathcal {C}_{i-k}$, and there exists a communication graph $G_{e'} \in \mathcal {C}_{i-k}$ with ${{\,\textrm{Root}\,}}(G_{e'}) \subseteq \ell ((\Gamma _j, \Gamma _{j+1})) = \ell (e')$. A symmetrical argument holds for the case where $e' = (\sigma ' \circ \Lambda _j, \sigma ' \circ \Lambda _{j+1})$. Finally, if $e' = (\sigma \circ G_e, \sigma ' \circ G_e)$, then the round k communication graphs are both $G_e$, which is in $\mathcal {C}_{i-k+1}$ by the induction hypothesis. Corollary 1 guarantees $G_e \in \mathcal {C}_{i-k}$, and since ${{\,\textrm{Root}\,}}(G_e) \subseteq \ell (\sigma ,\sigma ')$, it follows that ${{\,\textrm{Root}\,}}(G_e) \subseteq \ell (\sigma \circ G_e, \sigma ' \circ G_e)$. This shows that $G_e$ is a suitable choice for $G_{e'}$, which completes the induction step. $\square $

Theorem 2

If $\mathcal {N}_i(\textbf{D})$ contains a connected component $\mathcal {C}_i$ that is not root-compatible, then not all processes in all runs of a correct consensus algorithm are able to decide after i rounds under the oblivious message adversary represented by $\textbf{D}$.

Proof

For the purpose of deriving a contradiction, suppose that the theorem does not hold. Let $\textbf{S}$ be a set of graphs from $\mathcal {C}_i$ that is not root-compatible. By Claim 2, for each $G \in \textbf{S}$, the decision value in a run with communication pattern $G^i$ that consists of i repetitions of G must be a value $v = x_p$ for some $p \in {{\,\textrm{Root}\,}}(G)$. Since $\textbf{S}$ is root incompatible, there exists some $H \in \textbf{S}$ such that $x_p$ is not a root value of H.

It follows from Lemma 3 that $G^i$ is connected to $H^i$ in $I (\textbf{D}^i)$. Therefore, there is a sequence of runs $(\sigma _1 = G^i, \sigma _2, \ldots , \sigma _m = H^i)$ such that $\sigma _k$ is indistinguishable from $\sigma _{k+1}$. Since all processes decided $v = x_p$ in $G^i = \sigma _1$, by the validity condition of consensus, $\sigma _2$ and inductively all processes in the sequence including $H^i$ should also decide $v= x_p$. Thus, Claim 2 yields the contradiction that $H^i$ decided a non-broadcasted value. $\square $

We conclude by explaining why Theorem 2 refines the lower bound from [6, Theorem 4.10], which stated that consensus is impossible if some beta class is not root-compatible, by making the round number i and hence a time complexity lower bound explicit. In fact, in our terminology, the beta classes are the connected components of $\mathcal {N}_{{{\,\textrm{TD}\,}}}$, where ${{\,\textrm{TD}\,}}$ is the smallest round such that $\mathcal {N}_{{{\,\textrm{TD}\,}}} = \mathcal {N}_{{{\,\textrm{TD}\,}}-1}$. Thus, the existence of a root-incompatible beta class is equivalent to $\mathcal {N}_{{{\,\textrm{TD}\,}}}$ containing a root-incompatible connected component. Note that, since $\mathcal {N}_{{{\,\textrm{TD}\,}}} = \mathcal {N}_{{{\,\textrm{TD}\,}}-1}$, even if we remove the termination condition from Line 11 of algorithm 1, for all ${{\,\textrm{TD}\,}}' \ge {{\,\textrm{TD}\,}}- 1$, we still have that $\mathcal {N}_{{{\,\textrm{TD}\,}}'} = \mathcal {N}_{{{\,\textrm{TD}\,}}}$, because, according to algorithm 1, if the set of edges remains the same in an iteration of ${{\,\textrm{TD}\,}}$, then it will remain the same for all future iterations as well. Thus we can apply Theorem 2 to show that, in this case, every consensus algorithm has, for every round, a run where some process has not yet decided. As for an oblivious message adversary with a set of allowed graphs $\textbf{D}$, it holds that every infinite communication pattern $\sigma $ with $\sigma |_r \in \textbf{D}^r$ for every round r satisfies $\sigma \in \textbf{D}^\omega $ (i.e., oblivious message adversaries are limit-closed, see [37] for details), this implies that there is an infinite run where consensus is not achieved, that is, consensus is indeed impossible.

6.2 Exponential Iteration Complexity of the Decision Procedure

As we have seen above, consensus termination time is related to the iterations of the decision procedure. Informally, this is due to the fact that the information encoded in the sequence $\mathcal {N}_1,\dots ,\mathcal {N}_{i}$ can be seen as a compact summary of the evolution of the indistinguishability relation of the corresponding communication pattern prefixes. Thus, a lower bound on the iteration complexity of the decision procedure immediately gives us a lower bound for the round complexity of any consensus algorithm.

In this section, we show that the decision procedure may take an exponential (in n) number of iterations until it terminates. This implies that there are oblivious message adversaries under which consensus is achievable, but reaching it takes exponential time. As already sketched at the end of Sect. 4, we show this by constructing a specific instance of such an oblivious message adversary, with a set of $N =1.3^n$ allowed graphs $\textbf{D}= \{ G_1, \ldots , G_N \}$, whose indistinguishability graph $I(\textbf{D})$ contains the following connected component:

$$\begin{aligned} G_1 \sim _{R_3} G_2 \sim _{R_4} G_3 \sim _{R_5} \ldots \sim _{R_{N+1}} G_N \end{aligned}$$

Herein, $R_i = {{\,\textrm{Root}\,}}(G_i)$ for $1 \le i \le N$, and $R_{N+1} \ne {{\,\textrm{Root}\,}}(G)$ for all $G \in \textbf{D}$. Therefore, $I(\textbf{D})$ contains a path of length $N-1$. Since all edges except the rightmost one are protected, algorithm 1 only removes one edge per iteration, from right to left. More precisely, it holds that $G_1 \sim _{R_3} \ldots \sim _{R_{N-i+1}} G_{N-i} \in \mathcal {N}_i$. Consequently, N iterations are needed until all edges have disappeared, which establishes our claim.

Informal overview of the definition of $\textbf{D}$. First, we choose a sequence of sets $\{R_1, \ldots , R_N\}$ that will play the role of root components of $\textbf{D}$. We will choose those from the first half $\{p_1, \ldots , p_{n/2}\}$ of the processes only. Each $R_i$ is chosen to be unique, of the same size n/12, and $R_i$, $R_{i+1}$ and $R_{i+2}$ must be be mutually disjoint. Note that we need N, i.e., exponentially many such $R_i$.

The first step in the definition of the graph $G_i$ is to make $R_i$ its root component, which is done by fully connecting its members to form a clique and ensuring a path to every other process. However, when doing so, we also need to guarantee that $G_i \sim _{R_{i+2}} G_{i+1}$ are the only indistinguishability relations in $I(\textbf{D})$. We secure this by making sure that every process except for the ones in $R_{i+1}$ and $R_{i+2}$ can distinguish $G_i$ from any other graph $G_j$, $j\ne i$. This is accomplished by adding an outgoing edge from every member of $R_i$ to every process in $\Pi {\setminus } (R_{i+1} \cup R_{i+2})$, and no other outgoing edge from members of $\{p_1,\dots , p_{n/2}\}$. Since $R_i$ is unique, any process in $\Pi {\setminus } (R_{i+1} \cup R_{i+2})$ will know if graph $G_i$ is being played: This is immediately obvious for every process p in the second half $B= =\{p_{n/2+1}, \ldots , p_N\}$, as ${{\,\textrm{In}\,}}_{G_i}(p) \cap \{p_1, \ldots , p_{n/2}\} = R_i$. For a process p in the “leftover set” $L_i=\Pi {\setminus }(B\cup R_i\cup R_{i+1}\cup R_{i+2}) \subseteq \{p_1, \ldots , p_{n/2}\}$, we have ${{\,\textrm{In}\,}}_{G_i}(p) \cap \{p_1, \ldots , p_{n/2}\} = R_i \cup \{p\}$. Since $R_i \cup \{p\}$ is larger than the size of the root components, p knows that it is not part of the root component, and can hence also uniquely determine $R_i$ and hence the graph $G_i$ being played. Figure 2 illustrates this construction.

However, we must also make sure that all the members of $R_{i+1}$ (resp. $R_{i+2}$) consider only $G_i$ and $G_{i-1}$ (resp. $G_i$ and $G_{i+1}$) as possibilities for the actually played graph. This means that the in-neighborhood of any process in $R_{i+1}$ (resp. $R_{i+2}$) must be the same in $G_i$ and $G_{i-1}$ (resp. $G_i$ and $G_{i+1}$). So far, the processes in $R_{i+1}$ or $R_{i+2}$ do not receive any message from $\{p_1, \ldots , p_n\}$, i.e., the only know that they are either in $R_{i+1}$ or in $R_{i+2}$. To tell them apart, we will connect some processes in $B=\{p_{n/2+1}, \ldots , p_N\}$ to the members of $R_{i+1} \cup R_{i+2}$, in a way that encodes $i+1$ (for the members of $R_{i+1}$) or $i+2$ (for the members of $R_{i+2}$). A process in $R_{i+1} \cup R_{i+2}$ can hence tell from its in-neighborhood whether it belongs to $R_{i+1}$ or $R_{i+2}$. More specifically, abbreviating $B[i]=\{b\in B\mid i_{b-(n/2+1)}=1\}$, where $i_{\ell }$ is the $\ell $th bit in the binary expansion of i, we just make sure that ${{\,\textrm{In}\,}}_{G_i}(p) = B[i+1]$ for every $p\in R_{i+1}$ and ${{\,\textrm{In}\,}}_{G_i}(p) = B[i+2]$ for every $p\in R_{i+2}$. This construction satisfies our indistinguishability requirements: Each process in $R_{i+1}$ (resp. $R_{i+2}$) can tell where it belongs to, but do not know whether $G_i$ or $G_{i-1}$ (resp. $G_i$ or $G_{i+1})$ is played.

Formal definition of the root components $R_i$. We define the sets $R_i$ by splitting $\{p_1,\ldots , p_{n/2}\}$ into $\{p_1, \ldots , p_{n/4}\}$ and $\{p_{n/4+1},\ldots ,p_{n/2}\}$, and construct the sequence $R_1,R_2, \dots $ of root components from partitions of these ranges alternatingly: Consider all the partitions of $\{p_1, \ldots , p_{n/4}\}$ into three sets of size n/12 each. Partition number $\ell +1$ constitutes the root components $R_{6\ell +1},R_{6\ell +2},R_{6\ell +3}$. Similarly, consider consider all the partitions of $\{p_{n/4+1},\ldots ,p_{n/2}\}$ into three sets of size n/12 each. Set partition $\ell +1$ constitutes the root components $R_{6\ell +4},R_{6\ell +5},R_{6\ell +6}$.

The sequence clearly satisfies, by construction, the following properties:

1.
$|R_i|=n/12$, since we are considering equal-sized partitions of n/4 processes into 3 disjoint sets.
2.
$R_i\ne R_j$ for $i \ne j$, since all sets of the partitions are unique.
3.
$R_i,R_{i+1},R_{i+2}$ are pairwise disjoint, since they are either members of the same partition and thus disjoint, or one belongs to segment $\{p_1, \ldots , p_{n/4}\}$ and another to segment $\{p_{n/4+1}, \ldots , p_{n/2} \}$.

The length N of the sequence is dominated asymptotically by the number of partitions of $\{p_1, \ldots , p_{n/4}\}$ into three equisized sets, which is $\frac{1}{6}\left( {\begin{array}{c}n/4\\ n/12\end{array}}\right) \left( {\begin{array}{c}n/6\\ n/12\end{array}}\right) $. The definition of the binomial coefficients, along with simple bounds on the factorial function, give

$$\begin{aligned} \frac{1}{6}\left( {\begin{array}{c}\frac{n}{4}\\ \frac{n}{12}\end{array}}\right) \left( {\begin{array}{c}\frac{n}{6}\\ \frac{n}{12}\end{array}}\right) = \frac{\left( \frac{n}{4}\right) !}{6\left( \left( \frac{n}{12}\right) !\right) ^3} \ge c\frac{3^{n/4}}{n}>1.3^n \end{aligned}$$

where c is a constant and n is sufficiently large. It follows that N is exponential in n.

Formal definition of $G_i$. We are now ready to define the graphs $G_i$, recall also Fig. 2. Let $B=\{p_{n/2}+1,\ldots ,p_n\}$. For each $1\le i\le N$, the graph $G_i$ is composed of disjoint 5 node sets: $B,R_i,R_{i+1},R_{i+2}$, where $R_i,R_{i+1},R_{i+2} \subseteq \{p_{1},\ldots ,p_{n/2}\}$, $B=\{p_{n/2}+1,\ldots ,p_n\}$, and $L_i=\Pi \setminus (B\cup R_i\cup R_{i+1}\cup R_{i+2})$.

Connect every two nodes in $R_i$ by bi-directional edges, forming a clique. From each node in $R_i$, add a directed edge to each node in $B\cup L_i$. Finally, for an index i, let $B[i]=\{b\in B\mid i_{b-(n/2+1)}=1\}$, where $i_{\ell }$ is the $\ell $th bit in the binary expansion of i. Add an edge from each node of B[i] to each node of $R_{i+1}$, and similarly, from each node of $B[i+1]$ to each node of $R_{i+2}$.

We are now ready to show that the so-constructed graphs form an indistinguishability chain according to Sect. 6.2.

Claim 6

For $1\le i\le N$, we have $B[i]\ne \emptyset $, and for $1\le i<j\le N$, we have $B[i]\ne B[j]$.

Proof

As $N=1.3^n$, we find $\log _2(N)<n/2$, so each 1-bit of i is represented by a process in B, which ends up being in B[i]. This establishes the second assertion. The first one is now trivial, as $i\ge 1$. $\square $

Claim 7

For $1\le i\le N$, we have ${{\,\textrm{Root}\,}}(G_i)=R_i$.

Proof

This is immediate from the graph’s definition. In $G_i$, all nodes in $R_i$ are connected to one another and have no incoming edges from any node not in $R_i$. From each of them, there is a direct edge to all nodes of $B\cup L_i$. Moreover, by Claim 6, there is at least one process $b\in B[i]$, so there is a path from each node in $R_i$, through b, to each node in $R_{i+1}\cup R_{i+2}$. $\square $

Claim 8

We have $G_i\sim _{R_{i+2}} G_{i+1}$ for $1\le i\le N-1$, and these are the only indistinguishability relations in the graph.

Proof

As we have already explained in the informal overview, in $G_i$, every process that is not in $R_{i+1} \cup R_{i+2}$ can determine that the graph is $G_i$ from its in-neighborhood. This is immediately obvious for processes in B, and also possible for a process $p\in L_i$ by observing $|{{\,\textrm{In}\,}}_{G_i}(p)|=n/12+1$ and removing itself from it for determining $R_i$.

For a process $p \in R_{i+1}$ (resp. $R_{i+2}$), it holds by construction that ${{\,\textrm{In}\,}}_{G_i}(p) = B[i+1] = {{\,\textrm{In}\,}}_{G_{i-1}}(p)$ (resp. ${{\,\textrm{In}\,}}_{G_{i-1}}(p) = B[i+2] = {{\,\textrm{In}\,}}_{G_{i+1}}(p))$, and that $G_{i-1}$ (resp. $G_{i+1}$) is the only other graph besides $G_i$ where the in-neighborhood of p is the same. $\square $

Our lower bound is now easy to prove.

Theorem 3

There is an oblivious message adversary under which consensus is solvable, but for which the decision procedure takes time exponential in n to terminate.

Proof

Let $\textbf{D}=\{G_i\mid 1\le i\le N\}$, where $N=1.3^n$ for n begin sufficiently large for Sect. 6.2 to hold. We consider algorithm 1, and show, by induction on the iteration number i, that after iteration i the graphs $G_1,\ldots ,G_{N-i+1}$ constitute the only nontrivial connected component in $\mathcal {N}_i$.

The base case is $\mathcal {N}_1=I(\textbf{D})$, where the graphs $G_1,\ldots ,G_{N}$ are connected by Claim 8. For the inductive step $i-1 \rightarrow i$, $i>1$, assume $G_1,\ldots ,G_{N-i+2}$ is the only nontrivial connected component in $\mathcal {N}_{i-1}$, and consider iteration i.

For $G_1,\ldots ,G_{N-i+1}$, every two consecutive graphs $G_j,G_{j+1}$ with $1\le j\le N-i$ are indistinguishable for a set $R_{j+2}$ by Claim 8, which is the root component of $G_{j+2}$ by Claim 7. Since $G_{j+2}$ is in the same connected component as $G_j$ and $G_{j+1}$ in $\mathcal {N}_{i-1}$, the edge $G_j\sim _{R_{j+2}} G_{j+1}$ is incorporated by the algorithm in $\mathcal {N}_i$.

On the other hand, the edge $G_{N-i+1}\sim _{R_{N-i+3}} G_{N-i+2}$ of $\mathcal {N}_{i-1}$ is not added to $\mathcal {N}_i$. This is since $R_{N-i+3}$ is the root component of $G_{N-i+3}$, which is not in the nontrivial connected component of $\mathcal {N}_i$. Since all the root components have equal sizes and are distinct, $R_{N-i+3}$ cannot be contained in any other root component either. This completes the induction step.

It follows that the algorithm takes $N=1.3^n$ iterations to complete. Upon completion, each connected component of $\mathcal {N}_N$ is a single, root-compatible graph, so consensus is solvable under $\textbf{D}$. $\square $

6.3 Exponential Termination Time of Consensus

From Theorem 2, we immediately obtain a termination time lower bound of $\Omega ({{\,\textrm{TD}\,}})$ for solving consensus. Consequently, the oblivious message adversary used in (the proof of) Theorem 3, where ${{\,\textrm{TD}\,}}=N=1.3^n$ for sufficiently large n, reveals a lower bound that is exponential in n.

We now adapt the oblivious message adversary from Theorem 3 (Sect. 6.2) to get consensus termination time of $\Omega (n 1.3^n)$; that is, we show that the termination time of consensus may be $\Theta (n)$ times larger than ${{\,\textrm{TD}\,}}$ even when ${{\,\textrm{TD}\,}}$ is exponential. To this end, in the graph $G_i$ shown in Fig. 2, we replace the direct edges from $R_i$ to B by a path consisting of processes taken from a set $P \subseteq \{p_{n/2+1},\dots ,p_n\}$ with $|P| = \Omega (n)$ (i.e., taken away from the original B), as illustrated in Fig. 3.

In more detail, we change the graph construction from Sect. 6.2 as follows:

$B=\{n/2+1,\ldots ,0.9n\}$ and $P=\{0.9n+1,\ldots ,n\}$;
Add the directed edges $(p,p+1)$ for all $p\in P{\setminus }\{n\}$;
Instead of an edge from each node of $R_i$ to each node of B, add an edge from each node of $R_i$ to $h=0.9n+1$, and from n to each node of B.

Let $h=0.9n$ be the first node on the inserted path. Whereas our new construction introduced the additional indistinguishability $G_i \sim _p G_j$ for all $p \in {(B \cup P) {\setminus } \{ h \}}$ for any $G_i, G_j \in \textbf{D}$, it does not affect the iteration complexity of the decision procedure, since no $R \subseteq (B \cup P)$ ever occurs as a root component in a graph of $\textbf{D}$. Thus, all edges e with $\ell (e) \subseteq (B \cup P)$ are removed in the first iteration of the decision procedure, according to Corollary 1.

It is easy to see that Claim 6 still holds, as we have $\log _2(N)<0.4n$, and Claim 7 holds by construction. Regarding Claim 8, the original indistinguishability relations still hold, but are now expanded by additional indistinguishabilities labeled by a process $p\in (P\cup B)\setminus \{h\}$, which are removed in the first iteration of the decision procedure.

The crucial property of our new construction is that any $G_i, G_{i+1}$, when repeated for 0.1n rounds, yield indistinguishable communication patterns.

Claim 9

$G_{i}^r \sim _{p} G_{i+1}^r \text { for all } r \le 0.1n \text { and all } p \in R_{i+2}$.

Proof

Observe that, by construction, we have ${{\,\textrm{In}\,}}_{G_i}(p) = {{\,\textrm{In}\,}}_{G_{i+1}}(p)$ for all $p \in X = P {\setminus } \{ h \} \cup B \cup R_{i+2}$. The claim follows, because every path from a process outside X to a process in $R_{i+2}$ has length at least $|P|+1$. It thus takes at least $|P|+1$ repetitions of $G_i$, respectively $G_{i+1}$, until a process of $\Pi \setminus X$ reached a process of $R_{i+2}$. Since $|P| = 0.1n$, in a round $r \le 0.1n$, the nodes of $R_{i+2}$ have hence the same view in both $G_{i}^r$ and $G_{i+1}^r$. $\square $

The following Lemma 4 shows that we can even “inflate” arbitrary communication patterns of the oblivious message adversary from Sect. 6.2:

Lemma 4

Consider $(\sigma , \sigma ') \in I(\textbf{D}^k)$, where $\textbf{D}$ is the oblivious message adversary of Sect. 6.2. Let $\tilde{\textbf{D}}$ be the modified oblivious message adversary of Sect. 6.3, and $\tilde{\sigma }$ resp. $\tilde{\sigma }'$ in $\tilde{\textbf{D}}^{(k 0.1 n)}$ be the communication pattern obtained from replacing every round i graph $\sigma (i)$ resp. $\sigma '(i)$ according to Fig. 2 by 0.1n instances of the corresponding graph according to Fig. 3. Then, $(\tilde{\sigma }, \tilde{\sigma }') \in I(\tilde{\textbf{D}}^{0.1nk})$.

Proof

We prove, by induction over $k\ge 1$, that (i) the 0.1nk prefixes $\tilde{\sigma }|_{0.1nk}$ and $\tilde{\sigma }'|_{0.1nk}$ satisfy $\tilde{\sigma }|_{0.1nk} \sim _R \tilde{\sigma }'|_{0.1nk}$ for $R=\ell (\sigma ,\sigma ')\ne \emptyset $, and (ii) that $\tilde{\sigma }|_{0.1nk} \sim _B \tilde{\sigma }'|_{0.1nk}$ if and only if $\sigma |_k \sim _B \sigma '|_k$ for the processes $B=\{p_{n/2+1},\dots ,p_n\}$. Note carefully that $\sigma \sim _R \sigma '$ also implies $\sigma |_k \sim _R \sigma '|_k$, as well as $\sigma (k) \sim _R \sigma '(k)$. As a consequence, there is some i such that, for every k, either $\sigma (k)=G_i$ and $\sigma '(k)=G_{i+1}$ (or vice versa), with $R=R_{i+2}$, or else $\sigma (k)=\sigma '(k)$.

For the induction basis $k=1$, the only non-trivial case is $\sigma |_1=\sigma (1)=G_i \in \textbf{D}$ and $\sigma '|_1=\sigma '(1)=G_{i+1} \in \textbf{D}$, and $R=R_{i+2}$. From Claim 9, we get $\tilde{\sigma }|_{0.1n} \sim _R \tilde{\sigma }'|_{0.1n}$ as needed for (i). As for (ii), the lenght 0.1n of the path P in Fig. 3 ensures that all processes in B have the same distinguishing power in both the original and in the inflated prefix.

For the induction step $k-1 \rightarrow k$, $k>1$, we assume for our hypothesis that $\tilde{\sigma }|_{0.1n(k-1)} \sim _R \tilde{\sigma }'|_{0.1n(k-1)}$ and that all processes in B have the same distinguishing power. Assume for a contradiction for (i) that $\tilde{\sigma }|_{0.1nk} \not \sim _R \tilde{\sigma }'|_{0.1nk}$, i.e., some process $p\in R$ can distinguish the two prefixes. Consider the round k graphs $\sigma (k)$ and $\sigma '(k)$. If $\sigma (k)=\sigma '(k)=G_j \in \textbf{D}$, we immediately get a contradiction, since appending 0.1n instances $\hat{G}_j^{0.1n}$ of the corresponding $\hat{G}_j\in \tilde{\textbf{D}}$ to both $\tilde{\sigma }|_{0.1n(k-1)}$ and $\tilde{\sigma }'|_{0.1n(k-1)}$ cannot break their indistinguishability for p.

So let us assume w.l.o.g. $G_i = \sigma (k)$ and $G_{i+1} = \sigma '(k)$ with $R=R_{i+2}$. Since we know from Claim 9 that the corresponding graphs in $\tilde{\textbf{D}}$ ensure $\hat{G}_i^{0.1n} \sim _p \hat{G}_{i+1}^{0.1n}$, the information that allows p to distinguish $\tilde{\sigma }|_{0.1nk}$ and $\tilde{\sigma }'|_{0.1nk}$ was relayed to it from some informed process $q'$ during the last 0.1n rounds. Since $R_{i+2}$ only has incoming edges from B in Fig. 3, there exists an informed process $q \in B$ that relayed this information to p by the last of these rounds. This q must have been informed at the latest in round $0.1nk-1$. Since the path P in Fig. 3 has length 0.1n, however, $R_i$ (resp. $R_{i+1}$) cannot be the source of information that allows q to distinguish $\tilde{\sigma }|_{0.1nk}$ and $\tilde{\sigma }'|_{0.1nk}$. Consequently, q must already have had information to distinguish $\tilde{\sigma }|_{0.1n(k-1)}$ and $\tilde{\sigma }'|_{0.1n(k-1)}$. From (ii) of our induction hypothesis, we can infer that this is also true in the original $\sigma |_{k-1}$ and $\sigma '|_{k-1}$. Since q sends a message to $R_{i+2}$ in round k here, this would contradict $\sigma |_k \sim _R \sigma '|_k$, and therefore completes the induction step for (i).

The induction step for (ii) ist trivial, as the processes in B only get information from the respective root component, either directly (in the original prefix) or delayed via the path P (in the inflated one). The induction hypothesis hence immediately carries over from $k-1$ to k. $\square $

Lemma 4 immediately gives the consensus termination time for our new oblivious message adversary:

Theorem 4

There is an oblivious message adversary for which solving consensus takes $\Omega (n 1.3^n)$ rounds.

Proof

Consider any two indistinguishable communication patterns $\sigma , \sigma '$ of the message adversary of Theorem 3 on the path between $G_1^{N-1}$ and $G_2^{N-1}$ in $I(\textbf{D})^{N-1}$. As ${{\,\textrm{TD}\,}}=N=1.3^n$, Lemma 3 guarantees that this path exists. Lemma 4 immediately provides us with inflated communication patterns $\mu , \mu ' \in I(\textbf{D})^{0.1n(N-1)}$ for our new oblivious message adversary, which are also indistinguishable. Together, they form a path between $G_1^{0.1n(N-1)}$ and $G_{2}^{0.1n(N-1)}$ in $I(\textbf{D})^{0.1n(N-1)}$. Since the root components $R_1={{\,\textrm{Root}\,}}(G_1)$ and $R_{2}={{\,\textrm{Root}\,}}(G_{2})$ are disjoint, not all processes can have decided by round ${0.1n(N-1)}$, as claimed. $\square $

7 Another Source of Consensus Time Complexity

In this section, we investigate whether the number of iterations ${{\,\textrm{TD}\,}}$ of the decision procedure is the sole cause for a large time complexity of consensus under an oblivious message adversary. Before we do so, however, let us briefly reiterate what we have achieved so far. In Theorem 1, we have established that consensus can be solved after $c (n-1){{\,\textrm{TD}\,}}$ rounds, whereas Theorem 4 revealed that there are in fact oblivious message adversaries where consensus takes up to $n {{\,\textrm{TD}\,}}$ rounds to terminate and ${{\,\textrm{TD}\,}}$ may be exponential in n. Thus, in this case, a time complexity exponential in n is asymptotically tight for solving consensus under an oblivious message adversary. As we know that the consensus time complexity is always at most $c (n-1){{\,\textrm{TD}\,}}$, and since we have examples where it is at least $n {{\,\textrm{TD}\,}}$, it might hence be tempting to assume that ${{\,\textrm{TD}\,}}$ also determines the termination time of consensus in all cases. In this section, we will see that this is not the case, as, to the contrary, there are instances where the decision procedure terminates after a constant number of iterations while the consensus time complexity is still exponential in n, i.e., where c is exponentially large. We now proceed to show how to derive such an instance.

7.1 A Partition of an Oblivious Message Adversary

Before going into the details of how to construct an oblivious message adversary with the desired property of incurring a large time complexity of consensus while maintaining a low ${{\,\textrm{TD}\,}}$, we define an abstract property that, if satisfied by an oblivious message adversary $\textbf{D}$ for a parameter t, leads to a consensus time complexity in the order of t. Informally, this property is that there exists a partition $\textbf{S}_1, \ldots , \textbf{S}_t$ of $\textbf{D}$ such that $\textbf{S}_1$ is connected in the indistinguishability graph $I(\textbf{D})$ and all the edges that make up this connection are protected by the communication graphs of $\textbf{S}_2$. Similarly, $\textbf{S}_2$ is connected in $I(\textbf{D})$ and all of the edges in this connection, along with the ones from $\textbf{S}_1$, are protected by the communication graphs of $\textbf{S}_3$ and so on. Our claim is that if there exist t-round communication pattern that have no common broadcaster and whose round $1 \le r \le t$ communication graphs are picked from $\textbf{S}_r$, then consensus is impossible by round t. The reason for this, as shown in more detail below, is that the set of communication patterns $\textbf{S}_1 \circ \ldots \circ \textbf{S}_t$ is connected in the indistinguishability graph $I(\textbf{D}^t)$, because each $\textbf{S}_r$ can maintain the connectivity of $\textbf{S}_1 \circ \ldots \circ \textbf{S}_{r-1}$ in $I(\textbf{D}^{r-1})$ as all the edges relevant for this connectivity are protected by the communication graphs of $\textbf{S}_r$.

Formally, we express this property as follows:

Definition 2

Let $\textbf{S}_1, \ldots , \textbf{S}_t$ be a partition of $\textbf{D}$ with the following properties, for $1 \le i \le t$:

(i)
Each $\textbf{S}_i$ is connected. That is, for each $G, G'$ in $\textbf{S}_i$, there is a path from G to $G'$ in the indistinguishability graph $I(\textbf{D})$ that consists only of elements from $\textbf{S}_i$.
(ii)
The edges of the subgraph of $I(\textbf{D})$, induced by $\bigcup _{j=1}^{i-1} \textbf{S}_j$, are protected by the communication graphs of $\textbf{S}_i$.
(iii)
There is no process p such that every communication pattern of $\Sigma = \textbf{S}_1 \circ \ldots \circ \textbf{S}_t$ is broadcastable by p.

Given this partition, we show in Claim 10 below that $\Sigma $ is connected in $I(\textbf{D}^t)$, which shows that consensus is impossible after t rounds: If all processes do decide after t rounds in all runs with a communication pattern of $\Sigma $, they all decide the same value because $\Sigma $ is connected in $I(\textbf{D}^t)$. Thus, in some run with communication pattern $\sigma \in \Sigma $, the decision is on an input of a process p even though $\sigma $ is not broadcastable by p, which contradicts Claim 2.

Claim 10

The communication patterns of $\Sigma _t = \textbf{S}_1 \circ \ldots \circ \textbf{S}_t$ are pairwise connected to each other in $I(\textbf{D}^t)$.

Proof

Throughout this proof, let $I(\textbf{D})[\textbf{S}]$ denote the subgraph of $I(\textbf{D})$, induced by the set of communication graphs $\textbf{S}$.

We show an even stronger claim, namely that there is a set of edges $E_t$ that connects $\Sigma _t$ in $I(\textbf{D}^t)$ such that for each $e \in E_t$ there is an $e' \in I(\textbf{D})[\bigcup _{j \le t} \textbf{S}_j]$ with the same label $\ell (e) = \ell (e')$. We show this by induction on k with $\Sigma _k = \textbf{S}_1 \circ \ldots \circ \textbf{S}_k$.

The base of the induction $k=1$ follows directly from property (i) of Definition 2, as $\textbf{S}_1$ is connected in $I(\textbf{D})$.

For the step from k to $k+1$, the induction hypothesis is that there are edges $E_k$ that connect $\Sigma _k$ such that for every $e \in E_k$ there is an $e' \in I(\textbf{D})[\bigcup _{j \le k} \textbf{S}_j]$ with $\ell (e) = \ell (e')$. We use the graphs of $S_{k+1}$ to extend $\Sigma _k$ to $\Sigma _{k+1}$ while maintaining the connectivity of $\Sigma _{k+1}$ as follows.

For every $\sigma _1, \sigma _2 \in \Sigma _k$ with $e=(\sigma _1, \sigma _2) \in E_k$, we add to $\Sigma _{k+1}$ the extensions $\sigma _1 \circ G$ and $\sigma _2 \circ G$ such that $G \in \textbf{S}_{k+1}$ and G protects e. Such a communication graph G exists because of property (ii) of Definition 2 and because there is an edge $e' \in I(\textbf{D})[\bigcup _{j \le k} \textbf{S}_j]$ with $\ell (e) = \ell (e')$ by hypothesis.

Finally, for all extensions $\sigma _1 \circ G, \sigma _2 \circ G$ and $\sigma _2 \circ G', \sigma _3 \circ G'$ added to $\Sigma _{k+1}$ in this way, by property (i) of Definition 2, there is a path $\pi $ from G to $G'$ in $I(\textbf{D})$ that consists only of graphs $G''\in \textbf{S}_{k+1}$. We can thus add all the communication patterns $\{ \sigma _2 \circ G'': G'' \in \pi \}$ to $\Sigma _{k+1}$ as well: This maintains the connectivity of $\Sigma _{k+1}$ and ensures the induction hypothesis as the path $\pi $ lies entirely in $I(\textbf{D})[\textbf{S}_{k+1}]$ by property (i) of Definition 2. $\square $

7.2 An Example: Choosing the Processes

We now construct a set of communication graphs that can be partitioned in accordance with Definition 2, into $t=1.07^n$ sets. For a set $\Pi $ of n processes, let $m=\lceil \frac{n}{10}\rceil $. We construct an oblivious message adversary with a partition on it, $\textbf{D}=\bigcup _{i=1}^{t} \textbf{S}_i$, where each $\textbf{S}_i$ is a set of $2i+1$ graphs, denoted $\textbf{S}_i=\{G_{i,j}\mid 1 \le j \le 2i+1\}$. Each graph $G_{i,j}$ is defined by a partition of the process set $\Pi $ as

$$\begin{aligned} \Pi = {\left\{ \begin{array}{ll} B\cup R_j \cup U_i \cup U'_i\cup L_{i,j} &{} \hbox { for}\ j=1,\\ B\cup R_j \cup U_i\cup L_{i,j} &{} \text { for }j \text { even },\\ B\cup R_j \cup U'_i \cup L_{i,j} &{} \text { for }j\ge 3 \text { odd }. \end{array}\right. } \end{aligned}$$

The process sets are $B=[5m+1, n]$, which is fixed for all i, j; $R_j$ with $|R_j|=m$, which constitutes the members of the root components of all the graphs $G_{i,j}$; $U_{i}, U'_i$, with $|U_{i}|=|U'_i|=m$; and finally $L_{i,j}$, which is the set of all the remaining processes. We choose processes for these sets inductively on i as follows: For the base $i=1$, we just list the appropriate sets for the communication graphs of $\textbf{S}_1=\{ G_{1,1}, G_{1, 2}, G_{1, 3} \}$:

(b1)
$R_1 = [4m+1, 5m]$
(b2)
$R_2\subseteq [1, 2\,m]$, $|R_2|=m$, chosen arbitrarily
(b3)
$R_3\subseteq [2\,m+1, 4\,m]$, $|R_3|=m$, chosen arbitrarily
(b4)
$U_1\subseteq [2m+1, 4m]\setminus R_3$
(b5)
$U'_1\subseteq [1, 2m]\setminus R_2$

We proceed with the inductive step of our construction. For this we assume that we are given $R_1, \ldots , R_{2i+1}$ and $U_{i}, U'_{i}$, and show how to construct $R_{2i+2}, R_{2i+3}$ and $U_{i+1}, U'_{i+1}$.

(s1)
We let $R_{2i+2} = U'_{i}$
(s2)
We let $R_{2i+3} = U_{i}$
(s3)
We let $U_{i+1}$ be an arbitrary subset of $[2m+1, 4m]$ of size m, different (but not necessarily disjoint) from $R_2, R_4 \ldots R_{2i+2}$
(s4)
We let $U'_{i+1}$ be an arbitrary subset of [1, 2m] of size m, different (but not necessarily disjoint) from $R_3, R_5\ldots R_{2i+3}$

Note that steps (s1) and (s2) are always possible, as long as the sets $U_i$ and $U'_i$ are defined. To see that we can repeat step (s3) for t times, note that there are $\left( {\begin{array}{c}2m\\ m\end{array}}\right) $ many ways to choose a set $U_{i+1}\subseteq [2m+1,4m]$ of size m. We have

$$\begin{aligned} \left( {\begin{array}{c}2m\\ m\end{array}}\right) \ge \frac{(2m)^m}{m^m} = 2^{m} \ge 2^{n/10} > 1.07^n \end{aligned}$$

and the claim follows. The claim for (s4) is analogous.

7.3 An Example: The Graph Structure

We now show how to combine the sets $R_j, U_i, U'_i, B,$ and $L_{i,j}$ in $G_{i,j}$ to obtain an oblivious message adversary that has a partition as described in Definition 2 for $t=1.07^n$ (for an illustration, see Fig. 4). While the choice processes of $R_j$ is independent of i, the edges between them in $G_{i,j}$ will be different and depend crucially on i.

More specifically, the graph $G_{i, j}$ always contains a directed cycle in $R_j$ in increasing order of the process identifiers. Since $|R_j|=m$ and each process already has one incoming edge from the preceding process, there are $m-2$ other potential incoming edges we can choose to add for every member. Hence, there are $m\cdot 2^{m-2}>t$ (for n large enough) possible interconnects for $R_j$, and for each i we choose a different one.

We define the other edges of $G_{i,j}$ as follows. Each graph contains edges from all process of $R_j$ to all processes of B and $L_{i,j}$. For an index i, let $B[i]=\{b\in B\mid i_{b-(5\,m+1)}=1\}$, where $i_{h}$ is the hth bit in the binary expansion of i. Note that for $i\ne i'$, $1\le i,i'\le t$ we have $B[i]\ne B[i']$, i.e. all the bits of i are represented in B[i], since $\log _2{t}<0.1n < |B|$.

The rest of the edges depend on j, as follows.

For $j=1$, add an edge from each node of B[i] to each node of $U_i \cup U'_i \cup L_{i,j}$.
For j even, add an edge from each node of B[i] to each node of $U_i \cup L_{i,j}$.
For $j\ge 3$ odd, add an edge from each node of B[i] to each node of $U'_i \cup L_{i,j}$.

7.4 An Example: Properties of the Adversary

Finally, let us establish our main claim, namely that the above construction indeed yields an oblivious message adversary where the consensus time complexity $t= 1.07^n$ grows exponentially with n, yet ${{\,\textrm{TD}\,}}= 2$, a constant. In the remainder of this section, we show these properties for the oblivious message adversary $\textbf{D}$ constructed above. First, we prove that $\textbf{D}$ partitions as described in Definition 2.

Claim 11

The sets $\textbf{S}_1, \ldots , \textbf{S}_t$ are a partition according to Definition 2.

Proof

First, since all $G_{i,j}$ are different, $S_1,\dots ,S_t$ is indeed a partition of $\textbf{D}$. For property (i), the connectivity of $\textbf{S}_i$, pick any $G_{i,j} \in \textbf{S}_i$. We show that this graph is indistinguishable to some processes from $G_{i, 1}$, and thus the graph is connected by an edge to $G_{i, 1}$ in $I(\textbf{D})$. If j is odd, the in-neighborhood of every process of $U'_i$ is the same in $G_{i,j}$ and in $G_{i, 1}$, namely B[i]. Similarly, if j is even, every process of $U_i$ has B[i] as its in-neighborhood in $G_{i,j}$, and this is also the case for $G_{i, 1}$.

To prove property (ii), which states that the communication graphs of $\textbf{S}_i$ protect the edges that were used to connect $\textbf{S}_1, \ldots , \textbf{S}_{i-1}$, it suffices to show that for every $1 \le i' < i$, there are communication graphs $G, G' \in \textbf{S}_i$ such that ${{\,\textrm{Root}\,}}(G) \subseteq U_{i'}$ and ${{\,\textrm{Root}\,}}(G') \subseteq U'_{i'}$. For a given $1 \le i' < i$, note that the graphs $G_{i,2i'+2},G_{i,2i'+3} \in \textbf{S}_i$ satisfy $R_{2i'+2}=U_{i'}$ and $R_{2i'+3}=U'_{i'}$ by construction.

For property (iii), which states that there is no process by which all communication patterns of $\Sigma = \textbf{S}_1 \circ \cdots \circ \textbf{S}_t$ are broadcastable, let us investigate the processes that were able to broadcast in $(G_{i,2})_{i=1}^t \in \Sigma $ and $(G_{i,3})_{i=1}^t \in \Sigma $. We observe that, by (b2) and (b3), for all $1 \le i \le t$, ${{\,\textrm{Root}\,}}(G_{i,2}) = R_2 \subseteq [1, 2\,m]$ and ${{\,\textrm{Root}\,}}(G_{i,3}) = R_3 \subseteq [2\,m+1, 4\,m]$ and thus $R_2 \cap R_3 = \emptyset $. As the broadcasters of $(G_{i,2})_{i=1}^t$ are $R_2$ and the broadcasters of $(G_{i,3})_{i=1}^t$ are $R_3$, property (iii) holds. $\square $

Claim 12

The decision procedure terminates after ${{\,\textrm{TD}\,}}=2$ iterations on $\textbf{D}$.

Proof

First, note that all the roots $R_j$ are contained in [1, 5m], while $B=[m5+1,n]$, hence no edge of $I(\textbf{D})$ labeled only by processes of B will be preserved after the first iteration. Similarly, we can ignore processes of B in the labels, when considering the preservation of the edges.

Now, we show that in the first iteration of the decision procedure, none of the edges of $I(\textbf{D})$ that connect graphs from different sets in the partition $\textbf{D}=\bigcup _{i=1}^{t} \textbf{S}_i$ are preserved. Consider $G_{i,j} \in \textbf{S}_i$, $G_{i',j'} \in \textbf{S}_{i'}$, $i \ne i'$, such that $G_{i,j} \sim _\ell G_{i',j'}$. Note that in $G_{i,j}$, the processes of $U_i$ (or $U'_i$ if j is odd) and $L_{i,j}$ have B[i] as their incoming edges, while the corresponding processes in $G_{i',j'}$ have $B[i']$, and $B[i]\ne B[i']$, so none of $U_i$ (or $U'_i$), $U_{i'}$ (or $U'_{i'}$), $L_{i,j}$ and $L_{i',j'}$ could intersect $\ell $.

Hence, the only processes in $\ell $ that can occur in a root component of a graph in $\textbf{D}$ are processes of $R_j$ and $R_{j'}$. Let us study $|R_j\cap R_{j'}\cap \ell |$: if $j\ne j'$ then $R_j\ne R_{j'}$ so $|R_j\cap R_{j'}\cap \ell |<|R_j|=m$; if $j=j'$, then the fact that the choice of interconnects for $R_j$ in $G_{i,j}$ depends on i guarantees that at least one process of $R_j$ is not in in $\ell $ and hence not in $R_j\cap R_{j'}\cap \ell $, and again $|R_j\cap R_{j'}\cap \ell |<m$. As any root component $R_{j''}$ of a graph in $\textbf{D}$ has $|R_{j''}|=m$, no such root component satisfies $R_{j''}\subseteq R_j\cap R_{j'}\cap \ell $, and the edge $\ell $ is not being preserved in the first iteration.

Second, we show that in the second iteration of the decision procedure, none of the edges in $I(\textbf{D})$ that is within a set $\textbf{S}_i$ is preserved. Assume for contradiction that for some i, there are graphs $G_{i,j}, G_{i,j'}, G_{i,j''}\in \textbf{S}_{i}$, $j\ne j'$ such that $G_{i,j}\sim _\ell G_{i,j'}$ and $R_{j''}\subseteq \ell $. All the processes of $B, L_{i,j}$ and $L_{i,j'}$ have incoming edges from $R_j$ (or $R_{j'}$), and since $R_j\ne R_{j'}$ none of these processes appear in $\ell $. Note that $1\le j''\le 2i+1$, and the sets $U_i$ and $U'_i$ are chosen to be different from $R_1,\ldots ,R_{2i+1}$, which implies $R_{j''}\ne U_i, U'_i$.

If $j=1$, then the only processes that can appear in $\ell $ are those of $U_i\cup U'_i$. This is because, in $G_{i,1}$, processes of $R_1$ do not have any incoming edge from B, which they have in all other graphs of $\textbf{S}_i$, and processes of $L_{i,1}$ have incoming edges from $R_1$, which no process has in any other graphs of $\textbf{S}_i$. Therefore $R_{j''}\subseteq \ell \subseteq U_i\cup U'_i$, where $U_i\subseteq [2\,m+1,4\,m]$ and $U'_i\subseteq [1,2\,m]$. But either $R_{j''}\subseteq [1,2\,m]$ or $R_{j''}\subseteq [2\,m+1,4\,m]$, and $|R_{j''}|=|U_i=|U'_i|$, so either $R_{j''}=U_i$ or $R_{j''}=U'_i$, a contradiction.

If j is even, $R_{j''}\subseteq \ell \subseteq R_j\cup U_i$, as any process not in $R_j\cup U_i$ has incoming edges from all processes of $R_j$ in $G_{i,j}$, which it does not have in $G_{i,j'}$. We have $R_j\subseteq [1,2m]$ (as j is even) and $U_i\subseteq [2m+1,4m]$, while either $R_{j''}\subseteq [1,2\,m]$ or $R_{j''}\subseteq [2\,m+1,4\,m]$. So, either $R_{j''}=R_j$ or $R_{j''}=U_i$. This can only occur if $j=j''$: the sets $R_k$ are different for different indices k, and $U_i$ is chosen to be different from $R_1,\ldots ,R_{2i+1}$. The case of $j>1$ odd is analogous, and we conclude that $j=j''$ in both cases. The same analysis applies for $j'$, and so we have $j=j''=j'$, a contradiction. $\square $

From this, we conclude the main theorem of this section.

Theorem 5

There exists an oblivious message adversary with a consensus time complexity exponential in n in spite of a constant iteration complexity ${{\,\textrm{TD}\,}}$ of the decision procedure.

8 Conclusions

We presented a simple procedure for deciding whether consensus is solvable under a given oblivious message adversary. Whereas it can be viewed as an early terminating version of the abstract beta class characterization by Couloma, Godard, and Peters [6], our formulation turned out to be instrumental for characterizing the, to the best of our knowledge, previously unknown worst-case termination time of distributed consensus under a given oblivious message adversary. We discovered a relation between the number of iterations of the decision procedure and the consensus termination time, and the importance of the existence and number of root-compatible connected components in the refined indistinguishability graph.

Our work opens several interesting avenues for future work. For example, while we have pursued a combinatorial approach, it would be interesting to study the time complexity of the consensus and other agreement prototols from a topological perspective as well. It would further be interesting to fully understand the implications of our approach on distributed information dissemination problems such as broadcast, and explore alternative adversarial models. Another interesting avenue of research is a possible algorithmic and/or engineering improvement of our decision procedure, and to empirically evaluate its performance for different oblivious message adversaries.

Notes

We emphasize that worst-case time complexity of distributed consensus means that no correct consensus algorithm can terminate faster than the lower bound in all possible runs, and that there is some consensus algorithm that terminates within the upper bound in all runs. When we talk about the time complexity of consensus in our paper, we always mean worst-case time complexity.

References

Newport, C., Kotz, D., Yuan, Y., Gray, R.S., Liu, J., Elliott, C.: Experimental evaluation of wireless simulation assumptions. SIMULATION: Trans. Soc. Model. Simul. Int. 83(9), 643–661 (2007). https://doi.org/10.1177/0037549707085632
Article Google Scholar
Schwarz, M., Winkler, K., Schmid, U.: Fast consensus under eventually stabilizing message adversaries. In: Proceedings of the 17th International Conference on Distributed Computing and Networking. ICDCN ’16, pp. 7–1710. ACM, New York, NY, USA (2016) . https://doi.org/10.1145/2833312.2833323
Schmid, U., Weiss, B., Keidar, I.: Impossibility results and lower bounds for consensus under link failures. SIAM J. Comput. 38(5), 1912–1951 (2009). https://doi.org/10.1137/S009753970443999X
Article MathSciNet Google Scholar
Kuhn, F., Oshman, R., Moses, Y.: Coordinated consensus in dynamic networks. In: Proceedings of the 30th Annual ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing. PODC ’11. ACM (2011)
Afek, Y., Gafni, E.: Asynchrony from synchrony. In: Distributed Computing and Networking. Lecture Notes in Computer Science, vol. 7730, pp. 225–239. Springer (2013). https://doi.org/10.1007/978-3-642-35668-1_16
Coulouma, É., Godard, E., Peters, J.G.: A characterization of oblivious message adversaries for which consensus is solvable. Theor. Comput. Sci. 584, 80–90 (2015). https://doi.org/10.1016/j.tcs.2015.01.024
Article MathSciNet Google Scholar
Santoro, N., Widmayer, P.: Time is not a healer. In: Proceeding of 6th Annual Symposium on Theoretical Aspects of Computer Science (STACS’89). LNCS 349, pp. 304–313. Springer, Paderborn (1989)
El-Hayek, A., Henzinger, M., Schmid, S.: Brief announcement: broadcasting time in dynamic rooted trees is linear. In: PODC, pp. 54–56. ACM (2022)
El-Hayek, A., Henzinger, M., Schmid, S.: Asymptotically tight bounds on the time complexity of broadcast and its variants in dynamic networks. In: 14th Innovations in Theoretical Computer Science (ITCS) (2023)
Zeiner, M., Schwarz, M., Schmid, U.: On linear-time data dissemination in dynamic rooted trees. Discrete Appl. Math. 255, 307–319 (2019). https://doi.org/10.1016/j.dam.2018.08.015
Article MathSciNet Google Scholar
Függer, M., Nowak, T., Winkler, K.: On the radius of nonsplit graphs and information dissemination in dynamic networks. Discrete Appl. Math. 282, 257–264 (2020). https://doi.org/10.1016/j.dam.2020.02.013
Article MathSciNet Google Scholar
Fischer, M.J., Lynch, N.A., Paterson, M.S.: Impossibility of distributed consensus with one faulty process. J. ACM 32(2), 374–382 (1985)
Article MathSciNet Google Scholar
Biran, O., Moran, S., Zaks, S.: A combinatorial characterization of the distributed 1-solvable tasks. J. Algorithms 11(3), 420–440 (1990)
Article MathSciNet Google Scholar
Ongaro, D., Ousterhout, J.: In search of an understandable consensus algorithm. In: Proc. USENIX Annual Technical Conference (ATC), pp. 305–319 (2014)
Kuhn, F., Oshman, R.: Dynamic networks: models and algorithms. SIGACT News 42(1), 82–96 (2011)
Article Google Scholar
Castañeda, A., Fraigniaud, P., Paz, A., Rajsbaum, S., Roy, M., Travers, C.: A topological perspective on distributed network algorithms. In: Structural Information and Communication Complexity - 26th International Colloquium, SIROCCO, pp. 3–18 (2019). https://doi.org/10.1007/978-3-030-24922-9_1
Winkler, K., Schmid, U.: An overview of recent results for consensus in directed dynamic networks. Bull. EATCS 128 (2019)
Abraham, I., Malkhi, D., et al.: The blockchain consensus layer and BFT. Bull. EATCS 3(123) (2017)
Santoro, N., Widmayer, P.: Agreement in synchronous networks with ubiquitous faults. Theor. Comput. Sci. 384(2–3), 232–249 (2007)
Article MathSciNet Google Scholar
Charron-Bost, B., Schiper, A.: The Heard-Of model: computing in distributed systems with benign faults. Distrib. Comput. 22(1), 49–71 (2009). https://doi.org/10.1007/s00446-009-0084-6
Article Google Scholar
Biely, M., Schmid, U., Weiss, B.: Synchronous consensus under hybrid process and link failures. Theor. Comput. Sci. 412(40), 5602–5630 (2011). https://doi.org/10.1016/j.tcs.2010.09.032
Article MathSciNet Google Scholar
Charron-Bost, B., Függer, M., Nowak, T.: Approximate consensus in highly dynamic networks: The role of averaging algorithms. In: Halldòrsson, M.M., Iwama, K., Kobayashi, N., Speckmann, B. (eds.) Automata, Languages, and Programming. Lecture Notes in Computer Science, vol. 9135, pp. 528–539. Springer, ??? (2015). https://doi.org/10.1007/978-3-662-47666-6_42
Függer, M., Nowak, T., Schwarz, M.: Tight bounds for asymptotic and approximate consensus. In: Proceedings of the 2018 ACM Symposium on Principles of Distributed Computing. PODC ’18, pp. 325–334. ACM, New York, NY, USA (2018). https://doi.org/10.1145/3212734.3212762
Gafni, E.: Round-by-round fault detectors (extended abstract): unifying synchrony and asynchrony. In: Proceedings of the Seventeenth Annual ACM Symposium on Principles of Distributed Computing, pp. 143–152. ACM Press, Puerto Vallarta, Mexico (1998). https://doi.org/10.1145/277697.277724
Keidar, I., Shraer, A.: Timeliness, failure detectors, and consensus performance. In: Proceedings of the Twenty-fifth Annual ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing (PODC’06), pp. 169–178. ACM Press, New York (2006)
Fevat, T., Godard, E.: Minimal obstructions for the coordinated attack problem and beyond. In: 25th IEEE International Symposium on Parallel and Distributed Processing, IPDPS 2011, Anchorage, Alaska, USA, 16–20 May, 2011 - Conference Proceedings, pp. 1001–1011 (2011). https://doi.org/10.1109/IPDPS.2011.96
Biely, M., Robinson, P., Schmid, U.: Agreement in directed dynamic networks. In: Proceedings 19th International Colloquium on Structural Information and Communication Complexity (SIROCCO’12). LNCS 7355, pp. 73–84. Springer (2012). https://doi.org/10.1007/978-3-642-31104-8_7
Biely, M., Robinson, P., Schmid, U., Schwarz, M., Winkler, K.: Gracefully degrading consensus and k-set agreement in directed dynamic networks. Theor. Comput. Sci. 726, 41–77 (2018). https://doi.org/10.1016/j.tcs.2018.02.019
Article MathSciNet Google Scholar
Winkler, K., Schwarz, M., Schmid, U.: Consensus in directed dynamic networks with short-lived stability. Distrib. Comput. 32(5), 443–458 (2019). https://doi.org/10.1007/s00446-019-00348-0
Article MathSciNet Google Scholar
Nowak, T., Schmid, U., Winkler, K.: Topological characterization of consensus under general message adversaries. In: Proceedings of the 2019 ACM Symposium on Principles of Distributed Computing, PODC 2019, Toronto, ON, Canada, July 29–August 2, 2019, pp. 218–227 (2019) (Full version: http://arxiv.org/abs/1905.09590). https://doi.org/10.1145/3293611.3331624
Kuhn, F., Lynch, N.A., Oshman, R.: Distributed computation in dynamic networks. In: STOC, pp. 513–522 (2010)
Herlihy, M., Kozlov, D.N., Rajsbaum, S.: Distributed Computing Through Combinatorial Topology. Morgan Kaufmann (2013). https://store.elsevier.com/product.jsp?isbn=9780124045781
Attiya, H., Castañeda, A.: A non-topological proof for the impossibility of k-set agreement. Theor. Comput. Sci. 512, 41–48 (2013)
Article MathSciNet Google Scholar
Attiya, H., Castañeda, A., Herlihy, M., Paz, A.: Bounds on the step and namespace complexity of renaming. SIAM J. Comput. 48(1), 1–32 (2019). https://doi.org/10.1137/16M1081439
Article MathSciNet Google Scholar
Kozlov, D.N.: Structure theory of flip graphs with applications to weak symmetry breaking. CoRR http://arxiv.org/1511.00457 (2015)
Kozlov, D.N.: Combinatorial Topology of the Standard Chromatic Subdivision and Weak Symmetry Breaking for Six Processes, pp. 155–194. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31580-5_7
Winkler, K., Schmid, U., Moses, Y.: A characterization of consensus solvability for closed message adversaries. In: 23rd International Conference on Principles of Distributed Systems, OPODIS 2019, December 17–19, 2019, Neuchâtel, Switzerland. LIPIcs, vol. 153, pp. 17–11716. Schloss Dagstuhl - Leibniz-Zentrum für Informatik, ??? (2019). https://doi.org/10.4230/LIPIcs.OPODIS.2019.17

Download references

Funding

Open Access funding enabled and organized by Projekt DEAL.

Author information

Authors and Affiliations

ITK Engineering, Vienna, Austria
Kyrill Winkler
LISN — CNRS & Paris-Saclay University, Paris, France
Ami Paz
TU Wien, Vienna, Austria
Hugo Rincon Galeana & Ulrich Schmid
TU Berlin & Fraunhofer SIT, Berlin, Germany
Stefan Schmid

Authors

Kyrill Winkler
View author publications
You can also search for this author in PubMed Google Scholar
Ami Paz
View author publications
You can also search for this author in PubMed Google Scholar
Hugo Rincon Galeana
View author publications
You can also search for this author in PubMed Google Scholar
Stefan Schmid
View author publications
You can also search for this author in PubMed Google Scholar
Ulrich Schmid
View author publications
You can also search for this author in PubMed Google Scholar

Contributions

All authors contributed equally to the concepts, results and the writing of the paper.

Corresponding author

Correspondence to Stefan Schmid.

Ethics declarations

Conflict of interest

All authors certify that they have no affiliations with or involvement in any organization or entity with any financial interest or non-financial interest in the subject matter or materials discussed in this manuscript. The authors have no financial or proprietary interests in any material discussed in this article.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This work was originally presented at ITCS’23 conference: Innovations in Theoretical Computer Science 2023.

Rights and permissions

Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article’s Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.

Reprints and permissions

About this article

Cite this article

Winkler, K., Paz, A., Galeana, H.R. et al. The Time Complexity of Consensus Under Oblivious Message Adversaries. Algorithmica 86, 1830–1861 (2024). https://doi.org/10.1007/s00453-024-01209-4

Download citation

Received: 11 August 2023
Accepted: 12 January 2024
Published: 13 February 2024
Issue Date: June 2024
DOI: https://doi.org/10.1007/s00453-024-01209-4

Keywords

Use our pre-submission checklist

Avoid common mistakes on your manuscript.

The Time Complexity of Consensus Under Oblivious Message Adversaries

Abstract

Similar content being viewed by others

Valency-Based Consensus Under Message Adversaries Without Limit-Closure

Communication-Efficient Randomized Consensus

Communication-efficient randomized consensus

1 Introduction

2 Related Work

3 Model and Preliminaries

Claim 1

Proof

Claim 2

Proof

Claim 3

Proof

4 A Decision Procedure for Consensus Solvability

Claim 4

Proof

Corollary 1

Proof

Definition 1

Claim 5

Proof

5 Time Complexity of Consensus

Corollary 2

Proof

Corollary 3

Proof

Lemma 1

Proof

Lemma 2

Proof

Theorem 1

Proof

6 Lower Bounds

6.1 Decision Complexity and Consensus Termination Time

Lemma 3

Proof

Theorem 2

Proof

6.2 Exponential Iteration Complexity of the Decision Procedure

Claim 6

Proof

Claim 7

Proof

Claim 8

Proof

Theorem 3

Proof

6.3 Exponential Termination Time of Consensus

Claim 9

Proof

Lemma 4

Proof

Theorem 4

Proof

7 Another Source of Consensus Time Complexity

7.1 A Partition of an Oblivious Message Adversary

Definition 2

Claim 10

Proof

7.2 An Example: Choosing the Processes

7.3 An Example: The Graph Structure

7.4 An Example: Properties of the Adversary

Claim 11

Proof

Claim 12

Proof

Theorem 5

8 Conclusions

Notes

References

Funding

Author information

Authors and Affiliations

Contributions

Corresponding author

Ethics declarations

Conflict of interest

Additional information