All transactions that meet this requirement are applied to the ledger, and that ledger is closed, becoming the new last-closed ledger. 3.2 Correctness In order to achieve correctness, given a maximal amount of Byzantine failures, it must be shown that it is impossible for a fraudulent transaction to be conrmed during consensus, unless the number of faulty nodes exceeds that tolerance. The proof of the correctness of the RPCA then follows directly: since a transaction is only approved if 80% of the UNL of a server agrees with it, as long as 80% of the UNL is honest, no fraudulent transactions will be approved. Thus for a UNL of n nodes in the network, the consensus protocol will maintain correctness so long as: f

(n 1)/5 where f is the number Byzantine failures. In fact, even in the face of (n 1)/5 + 1 Byzantine failures, correctness is still technically maintained. The consensus process will fail, but it will still not be possible to conrm a fraudulent transaction. Indeed it would take (4n + 1)/5 Byzantine failures for an incorrect transaction to be conrmed. We call this second bound the bound for weak correctness, and the former the bound for strong correctness.

It should also be noted that not all fraudulent transactions pose a threat, even if conrmed during consensus. Should a user attempt to double-spend funds in two transactions, for example, even if both transactions are conrmed during the consensus process, after the rst transaction is applied, the second will fail, as the funds are no longer available. This robustness is due to the fact that transactions are applied deterministically, and that consensus ensures that all nodes in the network are applying the deterministic rules to the same set of transactions. For a slightly different analysis, let us assume that the probability that any node will decide to collude and join a nefarious cartel is pc. Then the probability of correctness is given by p, where: p = d ( n 1 5 ) e i=0 n i pi c(1 pc)n

Since this likelihood is a binomial distribution, values of pc greater than 20% will result in expected cartels of size greater than 20% of the network, thwarting the consensus process. In practice, a UNL is not chosen randomly, but rather with the intent to minimize pc. Since nodes are not anonymous but rather cryptographically identiable, selecting a UNL of nodes from a mixture of continents, nations, industries, ideologies, etc. will produce values of pc much lower than 20%. As an example, the probability of the Anti-Defamation League and the Westboro Baptist Church colluding to defraud the network, is certainly much, much smaller than 20%. Even if the UNL has a relatively large pc, say 15%, the probability of correctness is extremely high even with only 200 nodes in the UNL: 97.8%.