Concord-BFT: a Distributed Trust Infrastructure
Concord-bft is a generic state machine replication library that can handle malicious (byzantine) replicas.
Its implementation is based on the algorithm described in the paper SBFT: a Scalable Decentralized Trust Infrastructure for Blockchains.
It is designed to be used as a core building block for replicated distributed data stores, and is especially suited to serve as the basis of permissioned Blockchain systems.
For a real-life integration example, please take a look at Project Concord, a highly scalable and energy-efficient distributed trust infrastructure for consensus and smart contract execution.
We abide by semantic versioning. Public APIs can change at any time until we reach version 1.0. We will, however, bump the minor version when a backwards incompatible change is made.
Install and Build (Ubuntu Linux 18.04)
Concord-BFT supports two kinds of builds: native and docker.
git clone https://github.com/vmware/concord-bft cd concord-bft sudo ./install_deps.sh # Installs all dependencies and 3rd parties mkdir build cd build cmake -DBUILD_ROCKSDB_STORAGE=TRUE .. make sudo make test
- Install the latest docker.
- Optional: configure docker as non-root user.
cd concord-bft make make test
make help to see more commands.
- The output binaries are stored in the host's
Makefileis configurable. For example, if you want to use another compiler you may pass it to the
make CONCORD_BFT_CONTAINER_CXX=g++ \ CONCORD_BFT_CONTAINER_CC=gcc \ build
The C++ code is statically checked by
clang-tidy as part of the CI.
To check code before submitting PR, please run
In order to turn on or off various options, you need to change your cmake configuration. This is
done by passing arguments to cmake with a
-D prefix: e.g.
cmake -DBUILD_TESTING=OFF. Note that
make must be run afterwards to build according to the configuration. The following options are
||Debug | Release | RelWithDebInfo | MinSizeRel||Debug|
||OFF | ON||ON|
||TRUE | FALSE||FALSE - UDP is used|
||TRUE | FALSE||FALSE - UDP is used|
||TRUE | FALSE||FALSE|
Note(1): You can't set both
BUILD_COMM_TCP_TLS to TRUE.
Select comm module
We support both UDP and TCP communication. UDP is the default. In order to
enable TCP communication, build with
-DBUILD_COMM_TCP_PLAIN=TRUE in the cmake
instructions shown above. If set, the test client will run using TCP. If you
wish to use TCP in your application, you need to build the TCP module as
mentioned above and then create the communication object using CommFactory and
passing PlainTcpConfig object to it.
We also support TCP over TLS communication. To enable it, change the
BUILD_COMM_TCP_TLS flag to
TRUE in the main CMakeLists.txt file. When
running simpleTest using the testReplicasAndClient.sh - there is no need to create TLS certificates manually. The script will use the
create_tls_certs.sh (located under the scripts/linux folder) to create certificates. The latter can be used to create TLS files for any number of replicas, e.g. when extending existing tests.
(Optional) Python client
The python client is required for running tests. If you do not want to install
python, you can configure the build of concord-bft by running
cmake -DBUILD_TESTING=OFF .. from the
The python client requires python3(>= 3.5) and trio, which is installed via pip.
python3 -m pip install --upgrade trio
Adding a new dependency or tool
The CI builds and runs tests in a docker container. To add a new dependency or tool, follow the steps below:
- Rebase against master
- In order to add/remove dependencies update the file install_deps.sh
- Build a new image:
- Check image current version in the Makefile
- Tag the new image:
docker tag concord-bft:latest concordbft/concord-bft:<version>,
where version is
current version + 1.
- Update the version in the Makefile
- Make sure that Concord-BFT is built and tests pass with the new image:
make stop-c build test
- Ask one of the maintainers for a temporary write permission to Docker Hub repository(you need to have a Docker ID)
- Push the image:
docker push concordbft/concord-bft:<version>
- Create a PR for the update:
- The PR must contain only changes related to the updates in the image
- PR's summary has to be similar to
Docker update to version <new version>
- PR's message has to list the changes made in the image content and preferably the reason
- Submit the PR
- Adding dependencies or tools directly to the
Dockerfileis strongly not recommended because it breaks the native build support.
- If any tools are installed during the build but not needed for the actual compilation/debugging/test execution(for example,
git), please remove them(
Dockerfileis an example). The reason is that the image is supposed to be as tiny as possible.
Apollo testing framework
The Apollo framework provides utilities and advanced testing scenarios for validating
Concord BFT's correctness properties, regardless of the running application/execution engine.
For the purposes of system testing, we have implemented a "Simple Key-Value Blockchain" (SKVBC)
test application which runs on top of the Concord BFT consensus engine.
Apollo enables running all test suites (without modification) against any supported BFT network
configuration (in terms of n, f, c and other parameters).
Various crash or byzantine failure scenarios are also covered
(including faulty replicas and/or network partitioning).
Apollo test suites run regularly as part of Concord BFT's continuous integration pipeline.
Please find more details about the Apollo framework here
Simple test application (4 replicas and 1 client on a single machine)
Tests are compiled into in the build directory and can be run from anywhere as long as they aren't moved.
Run the following from the top level concord-bft directory:
Using simple test application via Python script
You can use the simpleTest.py script to run various configurations via a simple command line interface. Please find more information here
- bftengine: concord-bft codebase
- threshsign: crypto library that supports digital threshold signatures
- scripts: build scripts
- tests: BFT engine system tests
The concord-bft project team welcomes contributions from the community. If you wish to contribute code and you have not signed our contributor license agreement (CLA), our bot will update the issue when you open a Pull Request. For any questions about the CLA process, please refer to our FAQ. For more detailed information, refer to CONTRIBUTING.md.
The library calls
std::terminate() when it cannot continue in a safe manner.
In that way, users can install a handler that does something different than just calling
Request a Slack invitation via firstname.lastname@example.org.
concord-bft is available under the Apache 2 license.