This paper presents Mir-BFT (or, simply, Mir), a robust Byzantine fault-tolerant (BFT) total order broadcast protocol aimed at maximizing throughput on wide-area networks (WANs), targeting permissioned and Proof-of-Stake permissionless blockchains. We show that Mir achieves unprecedented throughput on WANs without sacrificing latency, robustness to malicious behavior, or even performance in clusters. Our evaluation shows that Mir orders more than 60000 signed Bitcoin-sized transactions per second on a widely distributed 100 nodes, 1 Gbps WAN setup, while preventing a range of attacks including request duplication performance attacks. To achieve this, Mir relies on a novel protocol mechanism that allows a set of leaders to propose request batches independently, in parallel, while rotating the assignment of a partitioned request hash space to leaders. Several optimizations boost Mir throughput even further, including partial replication through a novel abstraction we call light total order (LTO) broadcast. Perhaps most importantly, Mir relies on proven BFT protocol constructs, which simplifies reasoning about Mir correctness. Specifically, Mir is a generalization of the celebrated and scrutinized PBFT protocol. In a nutshell, Mir follows PBFT ``safety-wise'', with changes needed to accommodate novel features restricted to PBFT liveness.