|
|
|---|
|
|
|
|---|
New state resulting from a
(timeout-next val systate) → new-systate
The
The timer state is set to expired.
Function:
(defun timeout-next (val systate) (declare (xargs :guard (and (addressp val) (system-statep systate)))) (declare (xargs :guard (timeout-possiblep val systate))) (let ((__function__ 'timeout-next)) (declare (ignorable __function__)) (b* (((validator-state vstate) (get-validator-state val systate)) (new-timer (timer-expired)) (new-vstate (change-validator-state vstate :timer new-timer)) (systate (update-validator-state val new-vstate systate))) systate)))
Theorem:
(defthm system-statep-of-timeout-next (b* ((new-systate (timeout-next val systate))) (system-statep new-systate)) :rule-classes :rewrite)
Theorem:
(defthm correct-addresses-of-timeout-next (implies (timeout-possiblep val systate) (b* ((?new-systate (timeout-next val systate))) (equal (correct-addresses new-systate) (correct-addresses systate)))))
Theorem:
(defthm validator-state->round-of-timeout-next (implies (timeout-possiblep val systate) (b* ((?new-systate (timeout-next val systate))) (equal (validator-state->round (get-validator-state val1 new-systate)) (validator-state->round (get-validator-state val1 systate))))))
Theorem:
(defthm validator-state->dag-of-timeout-next (implies (timeout-possiblep val systate) (b* ((?new-systate (timeout-next val systate))) (equal (validator-state->dag (get-validator-state val1 new-systate)) (validator-state->dag (get-validator-state val1 systate))))))
Theorem:
(defthm validator-state->buffer-of-timeout-next (implies (timeout-possiblep val systate) (b* ((?new-systate (timeout-next val systate))) (equal (validator-state->buffer (get-validator-state val1 new-systate)) (validator-state->buffer (get-validator-state val1 systate))))))
Theorem:
(defthm validator-state->endorsed-of-timeout-next (implies (timeout-possiblep val systate) (b* ((?new-systate (timeout-next val systate))) (equal (validator-state->endorsed (get-validator-state val1 new-systate)) (validator-state->endorsed (get-validator-state val1 systate))))))
Theorem:
(defthm validator-state->last-of-timeout-next (implies (timeout-possiblep val systate) (b* ((?new-systate (timeout-next val systate))) (equal (validator-state->last (get-validator-state val1 new-systate)) (validator-state->last (get-validator-state val1 systate))))))
Theorem:
(defthm validator-state->blockchain-of-timeout-next (implies (timeout-possiblep val systate) (b* ((?new-systate (timeout-next val systate))) (equal (validator-state->blockchain (get-validator-state val1 new-systate)) (validator-state->blockchain (get-validator-state val1 systate))))))
Theorem:
(defthm validator-state->committed-of-timeout-next (implies (timeout-possiblep val systate) (b* ((?new-systate (timeout-next val systate))) (equal (validator-state->committed (get-validator-state val1 new-systate)) (validator-state->committed (get-validator-state val1 systate))))))
Theorem:
(defthm validator-state->timer-of-timeout-next (implies (timeout-possiblep val systate) (b* ((?new-systate (timeout-next val systate))) (equal (validator-state->timer (get-validator-state val1 new-systate)) (if (equal (address-fix val1) (address-fix val)) (timer-expired) (validator-state->timer (get-validator-state val1 systate)))))))
Theorem:
(defthm get-network-state-of-timeout-next (b* ((?new-systate (timeout-next val systate))) (equal (get-network-state new-systate) (get-network-state systate))))
Theorem:
(defthm timeout-next-of-address-fix-val (equal (timeout-next (address-fix val) systate) (timeout-next val systate)))
Theorem:
(defthm timeout-next-address-equiv-congruence-on-val (implies (address-equiv val val-equiv) (equal (timeout-next val systate) (timeout-next val-equiv systate))) :rule-classes :congruence)
Theorem:
(defthm timeout-next-of-system-state-fix-systate (equal (timeout-next val (system-state-fix systate)) (timeout-next val systate)))
Theorem:
(defthm timeout-next-system-state-equiv-congruence-on-systate (implies (system-state-equiv systate systate-equiv) (equal (timeout-next val systate) (timeout-next val systate-equiv))) :rule-classes :congruence)