In Byzantine environments, existing CRDTs struggle to simultaneously guarantee strong consistency, detect malicious behavior, and expel compromised nodes. This paper introduces Blocklace—the first general-purpose Byzantine-fault-tolerant CRDT. Built upon a DAG-based block structure with signed hash pointers, Blocklace unifies operation-based and Delta-CRDT principles to enable conflict-free replication and strongly convergent state evolution. Its key contributions are: (i) the first real-time detection of equivocation (i.e., conflicting signatures) and progressive expulsion of malicious nodes; (ii) containment of Byzantine influence to computation prefixes, preserving global consistency; and (iii) a provably secure underlying infrastructure. Experimental evaluation demonstrates that Blocklace ensures strong eventual consistency under arbitrary workloads while enabling fine-grained attribution of malicious actions.

Conflict-free Replicated Data Types (CRDTs) are designed for replica convergence without global coordination or consensus. Recent work has achieved the same in a Byzantine environment, through DAG-like structures based on cryptographic hashes of content. The blocklace is a partially-ordered generalization of the blockchain in which each block has any finite number of signed hash pointers to preceding blocks. We show that the blocklace datatype, with the sole operation of adding a single block, is a CRDT: it is both a pure operation-based CRDT, with self-tagging; and a delta-state CRDT, under a slight generalization of the delta framework. Allowing arbitrary values as payload, the blocklace can also be seen as a universal Byzantine fault-tolerant implementation for arbitrary CRDTs, under the operation-based approach. Current approaches only care about CRDT convergence, being equivocation-tolerant (they do not detect or prevent equivocations), allowing a Byzantine node to cause an arbitrary amount of harm by polluting the CRDT state with an unbounded number of equivocations. We show that the blocklace can be used not only in an equivocation-tolerant way, but also so as to detect and eventually exclude Byzantine nodes, including equivocators, even under the presence of undetectable colluders. The blocklace CRDT protocol ensures that a Byzantine node may harm only a finite prefix of the computation.