• Top
  • Documentation
  • Books
  • Boolean-reasoning
  • Projects
    • Apt
    • Acre
    • Milawa
    • Smtlink
    • Aleobft
      • Aleobft-static
      • Aleobft-dynamic
        • Correctness
        • Definition
          • Initialization
          • Transitions
            • Transitions-receive-certificate
            • Transitions-create-certificate
            • Dags
              • Path-to-author+round
              • Successors
              • Certificate-causal-history
              • Paths-in-unequivocal-closed-dags
              • Predecessors
              • Unequivocal-previous-certificates
              • Certificate-previous-in-dag-p
              • Certificates-dag-paths-p
              • Causal-histories-in-unequivocal-closed-dags
              • Dag-predecessor-cardinality-p
              • Dag-rounds-in-committees-p
              • Path-to-previous
              • Path-to-author+round-set-to-path-to-author+round
              • Dag-committees-p
              • Dag-closedp
              • Path-to-author+round-transitive
              • Path-to-author+round-to-certificate-with-author+round
              • In-of-certificate-causal-history
              • Path-to-predecessor
              • Path-from-successor
              • Certificate-causal-history-subset-when-path
              • Path-to-head-of-predecessors
            • Transitions-advance-round
            • Events-next
            • Events-possiblep
            • Event-next
            • Elections
            • Transitions-commit-anchors
            • Transitions-store-certificate
            • Event-possiblep
            • Anchors
            • Blockchains
            • Transitions-timer-expires
          • States
          • Events
      • Aleobft-stake2
      • Aleobft-stake
      • Library-extensions
    • Abnf
    • Vwsim
    • Isar
    • Wp-gen
    • Dimacs-reader
    • Pfcs
    • Legacy-defrstobj
    • Proof-checker-array
    • Soft
    • Farray
    • Rp-rewriter
    • Instant-runoff-voting
    • Imp-language
    • Sidekick
    • Leftist-trees
    • C
    • Java
    • Taspi
    • Bitcoin
    • Des
    • Ethereum
    • X86isa
    • Sha-2
    • Yul
    • Riscv
    • Zcash
    • Proof-checker-itp13
    • Regex
    • ACL2-programming-language
    • Json
    • Jfkr
    • Equational
    • Cryptography
    • Poseidon
    • Where-do-i-place-my-book
    • Bigmems
    • Builtins
    • Axe
    • Execloader
    • Solidity
    • Leo
    • Paco
    • Concurrent-programs
  • Debugging
  • Std
  • Proof-automation
  • Macro-libraries
  • ACL2
  • Interfacing-tools
  • Hardware-verification
  • Software-verification
  • Math
  • Testing-utilities

• Dags

Dag-closedp

Check if a DAG is backward-closed.

That is, check if the previous certificates of each certificate in the DAG are all in the DAG.

Adding a certificate whose previous certificates are in the DAG preserves the closure of the DAG. It might be tempting to try and prove something like

(equal (dag-closedp (set::insert cert dag))
       (and (dag-closedp dag)
            (certificate-previous-in-dag-p cert dag)))

but that does not hold, because cert could be a predecessor certificate of some certificate in dag. So instead we prove the (right-to-left) implication.

Definitions and Theorems

Theorem: dag-closedp-necc

(defthm dag-closedp-necc
  (implies (dag-closedp dag)
           (implies (in cert dag)
                    (certificate-previous-in-dag-p cert dag))))

Theorem: booleanp-of-dag-closedp

(defthm booleanp-of-dag-closedp
  (b* ((yes/no (dag-closedp dag)))
    (booleanp yes/no))
  :rule-classes :rewrite)

Theorem: dag-closedp-when-emptyp

(defthm dag-closedp-when-emptyp
  (implies (emptyp dag)
           (dag-closedp dag)))

Theorem: dag-closedp-of-insert

(defthm dag-closedp-of-insert
  (implies (and (certificatep cert)
                (certificate-setp dag)
                (dag-closedp dag)
                (certificate-previous-in-dag-p cert dag))
           (dag-closedp (insert cert dag))))