• Top
  • Documentation
  • Books
  • Boolean-reasoning
  • Projects
    • Apt
    • Acre
    • Milawa
    • Smtlink
    • Aleobft
      • Aleobft-static
      • Aleobft-dynamic
      • Aleobft-stake2
        • Definition
          • Initialization
          • Transitions
            • Transitions-accept
            • Transitions-create
            • Dags
              • Path-to-author+round
              • Successors
              • Certificate-causal-history
              • Dag-in-committees-p
              • Paths-in-unequivocal-closed-dags
              • Predecessors
              • Unequivocal-previous-certificates
              • Certificate-previous-in-dag-p
              • Certificates-dag-paths-p
              • Causal-histories-in-unequivocal-closed-dags
              • Dag-predecessor-quorum-p
              • Path-to-previous
              • Dag-has-committees-p
              • Path-to-author+round-set-to-path-to-author+round
              • Dag-closedp
              • Path-to-author+round-transitive
              • Path-to-author+round-to-cert-with-author+round
              • In-of-certificate-causal-history
              • Path-to-predecessor
              • Path-from-successor
              • Certificate-causal-history-subset-when-path
              • Path-to-head-of-predecessors
              • Dag-no-prodecessors-round-1-p
            • Elections
            • Event-next
            • Transitions-commit
            • Event-possiblep
            • Events-possiblep
            • Events-next
            • Transitions-advance
            • Blockchains
            • Anchors
          • States
          • Events
      • Aleobft-stake
      • Library-extensions
    • Abnf
    • Vwsim
    • Isar
    • Wp-gen
    • Dimacs-reader
    • Pfcs
    • Legacy-defrstobj
    • Proof-checker-array
    • Soft
    • Farray
    • Rp-rewriter
    • Instant-runoff-voting
    • Imp-language
    • Sidekick
    • Leftist-trees
    • C
    • Java
    • Taspi
    • Bitcoin
    • Des
    • Ethereum
    • X86isa
    • Sha-2
    • Yul
    • Riscv
    • Zcash
    • Proof-checker-itp13
    • Regex
    • ACL2-programming-language
    • Json
    • Jfkr
    • Equational
    • Cryptography
    • Poseidon
    • Where-do-i-place-my-book
    • Bigmems
    • Builtins
    • Axe
    • Execloader
    • Solidity
    • Leo
    • Paco
    • Concurrent-programs
  • Debugging
  • Std
  • Proof-automation
  • Macro-libraries
  • ACL2
  • Interfacing-tools
  • Hardware-verification
  • Software-verification
  • Math
  • Testing-utilities

• Dags

Dag-closedp

Check if a DAG is backward-closed.

That is, check if the previous certificates of each certificate in the DAG are all in the DAG. This is an invariant of the DAGs of validators, as proved elsewhere.

Adding a certificate whose previous certificates are in the DAG preserves the closure of the DAG; we prove this in dag-previous-in-dag-p-of-insert. It might be tempting to try and prove something like

(equal (dag-closedp (set::insert cert dag))
       (and (dag-closedp dag)
            (certificate-previous-in-dag-p cert dag)))

but that does not hold, because cert could be a predecessor certificate of some certificate in dag. So instead we prove the (right-to-left) implication.

Definitions and Theorems

Theorem: dag-closedp-necc

(defthm dag-closedp-necc
  (implies (dag-closedp dag)
           (implies (in cert dag)
                    (certificate-previous-in-dag-p cert dag))))

Theorem: booleanp-of-dag-closedp

(defthm booleanp-of-dag-closedp
  (b* ((yes/no (dag-closedp dag)))
    (booleanp yes/no))
  :rule-classes :rewrite)

Theorem: dag-closedp-of-nil

(defthm dag-closedp-of-nil
  (dag-closedp nil))

Theorem: dag-closedp-of-insert

(defthm dag-closedp-of-insert
  (implies (and (certificatep cert)
                (certificate-setp dag)
                (dag-closedp dag)
                (certificate-previous-in-dag-p cert dag))
           (dag-closedp (insert cert dag))))