|
|
|---|
|
|
|
|---|
Create messages for an endorsement from given endorsers.
(make-endorsement-messages prop endors) → msgs
For each given address, we create an endorsement message with the proposal and with the address as endorser.
These are the messages consumed from the network when a faulty validator creates a certificate: see transitions-certify.
Function:
(defun make-endorsement-messages (prop endors) (declare (xargs :guard (and (proposalp prop) (address-setp endors)))) (let ((__function__ 'make-endorsement-messages)) (declare (ignorable __function__)) (cond ((emptyp (address-set-fix endors)) nil) (t (insert (make-message-endorsement :proposal prop :endorser (head endors)) (make-endorsement-messages prop (tail endors)))))))
Theorem:
(defthm message-setp-of-make-endorsement-messages (b* ((msgs (make-endorsement-messages prop endors))) (message-setp msgs)) :rule-classes :rewrite)
Theorem:
(defthm in-of-make-endorsement-messages (equal (in msg (make-endorsement-messages prop endors)) (and (messagep msg) (message-case msg :endorsement) (equal (message-endorsement->proposal msg) (proposal-fix prop)) (in (message-endorsement->endorser msg) (address-set-fix endors)))))
Theorem:
(defthm make-endorsement-messages-of-proposal-fix-prop (equal (make-endorsement-messages (proposal-fix prop) endors) (make-endorsement-messages prop endors)))
Theorem:
(defthm make-endorsement-messages-proposal-equiv-congruence-on-prop (implies (proposal-equiv prop prop-equiv) (equal (make-endorsement-messages prop endors) (make-endorsement-messages prop-equiv endors))) :rule-classes :congruence)
Theorem:
(defthm make-endorsement-messages-of-address-set-fix-endors (equal (make-endorsement-messages prop (address-set-fix endors)) (make-endorsement-messages prop endors)))
Theorem:
(defthm make-endorsement-messages-address-set-equiv-congruence-on-endors (implies (address-set-equiv endors endors-equiv) (equal (make-endorsement-messages prop endors) (make-endorsement-messages prop endors-equiv))) :rule-classes :congruence)