|
|
|---|
|
|
|
|---|
Definition of the invariant: for each certificate in the DAG of each validator, either the certificate's round is 1 and the certificate has no references to previous certificates, or the certificate's round is not 1 and the references to previous certificates form a non-zero quorum in the committee of the preceding round of the certificate.
This invariant, along with backward closure and non-equivocation,
guarantees that dag-predecessor-quorum-p holds, as we prove here.
The key lemma is
Theorem:
(defthm previous-quorum-p-necc (implies (previous-quorum-p systate) (implies (and (in val (correct-addresses systate)) (in cert (validator-state->dag (get-validator-state val systate)))) (validator-previous-quorum-p cert (get-validator-state val systate)))))
Theorem:
(defthm booleanp-of-previous-quorum-p (b* ((yes/no (previous-quorum-p systate))) (booleanp yes/no)) :rule-classes :rewrite)
Theorem:
(defthm previous-quorum-p-of-system-state-fix-systate (equal (previous-quorum-p (system-state-fix systate)) (previous-quorum-p systate)))
Theorem:
(defthm previous-quorum-p-system-state-equiv-congruence-on-systate (implies (system-state-equiv systate systate-equiv) (equal (previous-quorum-p systate) (previous-quorum-p systate-equiv))) :rule-classes :congruence)
Theorem:
(defthm dag-predecessor-quorum-p-when-previous-quorum-p (implies (and (previous-quorum-p systate) (backward-closed-p systate) (in val (correct-addresses systate))) (dag-predecessor-quorum-p (validator-state->dag (get-validator-state val systate)) (validator-state->blockchain (get-validator-state val systate)))))