Two armies are preparing to attack a city from opposite sides. The General of army A is orchestrating the attack, and has decided that they must attack simultaneously at noon on March 3rd to succeed. He sends a sealed, encrypted letter by messenger across the valley to the General of army B, informing him of the plan, but worries that the messenger might be intercepted, so General B may not be informed. (If the attack is not simultaneous, both attacking armies will be destroyed by the defenders.)
As it so happens, General B does receive the message, but knows that General A cannot be sure of this. He sends back a receipt of the attack plan. Then he wonders... will it go through? What if General A does not receive it and decides not to attack, being unsure of B's knowledge? And even if General A sends over an acknowledgment of the plan's receipt, there is no guarantee it will arrive.
Given this faulty communication channel, how will the generals coordinate their plan?
I originally stumbled across this problem in the context of email. Remember how unreliable it used to be, back in the early nineties, how you were never quite sure that your message had gotten through? I explored the idea of return receipts and counter-receipts, but I never quite managed to come up with a satisfactory answer. Then a few days ago, I came across a Wikipedia entry on the Two Generals' Problem while reading about Google's distributed database networks. The article stated that there is no solution to the problem.
This took me by surprise. Surely, after 50 meta-receipts have successfully passed in each direction, surely then both parties would know that the original message was successfully sent. But I couldn't prove it. Part of the problem is that we aren't interested in proof that the message has actually arrived, but rather in both parties being certain that the message has arrived and that the other party knows this. In other words, given an agreed-upon communication protocol, there must be sufficient information on each "side" to conclude that the message has arrived.
For the sake of simplicity and without loss of generality, I'd like to set the following assumptions:
- Messages are instantaneous
- Each message is either delivered (instantaneously) or destroyed (without a trace)
- Forgery is impossible, due to cryptography
- If a General repeatedly tries to send a message, it will *eventually* get through
General A sends the original message (numbered 0.0) to General B, and continues sending it (messages 0.1, 0.2, 0.3...) until he receives message 1.x (a receipt) from General B. He starts sending a counter-receipt, starting with 2.0. When 100 is reached, it is impossible for either party to be unsure about the status of the original message.
Message 100.x is sent by General A in response to 99.x from B, but we have two problems: 1) How does General B know when to stop sending 99.x? 2) How long should General A keep resending 100.x to let him know? Crap. It's the same problem! But the very existence of messages 90.x through 95.x (for example) tells both parties that message 0.x got through.
Ultimately, this appears to be one of the worst sorts of paradoxes in computing: A halting problem. There comes a point at which the original question has been answered ("Do both parties agree on a battle plan? Yes.") but the algorithm is still running.
I'm still convinced there's a way around it, but I can't seem to find the key. Any ideas?