Though many new "blockchain" systems do achieve BFT (perhaps most notably Tendermint, which seems to be passing aphyr's Jepsen tests with flying colors), it's important to keep in mind Bitcoin falls short of achieving it:
"Regarding BA, we observe that Nakamoto’s suggestion falls short of solving it, and present a simple alternative which works assuming that the adversary’s hashing power is
bounded by 1/3."
One important difference between how a truly BFT system behaves versus Bitcoin is how Bitcoin handles network partitions, or rather, how it doesn't handle them.
Specifically, when Bitcoin goes split-brain, i.e. in the event of a network partition, Bitcoin will "reorg" into two new chains, both of which will happily accept writes from both sides. When the partition is healed, one chain will win, and the writes to the other chain will be clobbered. Ideally these transactions will wind up in the mempool again and be accepted into the new chain, but that isn't a guarantee, more of a band-aid, and doesn't change the fact the system ostensibly acknowledged a write it then lost.
There are ways to turn Bitcoin into a truly BFT system. The main one I like is decoupling proof-of-work from transaction processing, turning it into a leader election system for a more traditional BFT algorithm, such as ByzCoin:
With ByzCoin, if you can't reach quorum, you can't make progress, so in the event of a network partition the system will simply stop accepting writes if it can't reach quorum, as opposed to accepting writes which will go on to be clobbered by a future reorg.
> With ByzCoin, if you can't reach quorum, you can't make progress [...]
This may be a stupid questions, but how does such a system prevent me from adding new nodes, only to remove them all at once if I want to prevent the system from progressing?
The participants in the consensus group are selected via PoW. You would need to control > 1/3rd of them (i.e. 1/3rd of the nodes that have recently won the PoW leader election race/lottery) to cause Byzantine faults.
Not a bandaid at all. Unconfirmed transactions in the "lost" chain are bringing fees with them, so it is the exact same incentive of every other transaction.
Besides , how many times in history a continental network partition of the internet has happened?
And it would only take a single node connected to both sides (land and satellite?), to undo all the work of the would be attacker.
> how many times in history a continental network partition of the internet has happened?
Continental? No. Country-wide? Many, many times.
Imagine being in Egypt during the Arab Spring revolution when the government shut off Internet access. Imagine selling product to people for Bitcoin, seeing your client software accept the transaction because "enough time has passed", and then a few days/weeks later, when Internet access is restored, seeing your wallet balance get clobbered by the much-longer global chain.
https://eprint.iacr.org/2014/765.pdf
"Regarding BA, we observe that Nakamoto’s suggestion falls short of solving it, and present a simple alternative which works assuming that the adversary’s hashing power is bounded by 1/3."
One important difference between how a truly BFT system behaves versus Bitcoin is how Bitcoin handles network partitions, or rather, how it doesn't handle them.
Specifically, when Bitcoin goes split-brain, i.e. in the event of a network partition, Bitcoin will "reorg" into two new chains, both of which will happily accept writes from both sides. When the partition is healed, one chain will win, and the writes to the other chain will be clobbered. Ideally these transactions will wind up in the mempool again and be accepted into the new chain, but that isn't a guarantee, more of a band-aid, and doesn't change the fact the system ostensibly acknowledged a write it then lost.
On the CAP triangle, Bitcoin has chosen to sacrifice partition tolerance (i.e. Bitcoin is NOT partition tolerant), and this is bad: https://codahale.com/you-cant-sacrifice-partition-tolerance/
There are ways to turn Bitcoin into a truly BFT system. The main one I like is decoupling proof-of-work from transaction processing, turning it into a leader election system for a more traditional BFT algorithm, such as ByzCoin:
https://arxiv.org/abs/1602.06997
With ByzCoin, if you can't reach quorum, you can't make progress, so in the event of a network partition the system will simply stop accepting writes if it can't reach quorum, as opposed to accepting writes which will go on to be clobbered by a future reorg.