• Top
    • Documentation
    • Books
    • Boolean-reasoning
    • Projects
      • Apt
      • Acre
      • Milawa
      • Smtlink
      • Aleobft
        • Aleobft-static
        • Aleobft-stake2
        • Aleobft-dynamic
        • Aleobft-stake
          • Correctness
            • Unequivocal-dags-def-and-init
              • Unequivocal-dags-p
                • Unequivocal-dags-p-when-init
              • Same-committees-def-and-implied
              • Signer-records
              • Dag-omni-paths
              • Unequivocal-dags-next
              • Quorum-intersection
              • Previous-quorum-def-and-init-and-next
              • Unequivocal-signed-certificates
              • Same-associated-certificates
              • Nonforking-anchors-def-and-init-and-next
              • Signed-previous-quorum
              • Successor-predecessor-intersection
              • Fault-tolerance
              • Last-anchor-voters-def-and-init-and-next
              • Signer-quorum
              • Committed-redundant-def-and-init-and-next
              • Nonforking-blockchains-def-and-init
              • Dag-committees
              • No-self-messages
              • Blockchain-redundant-def-and-init-and-next
              • Backward-closure
              • Anchors-extension
              • Nonforking-blockchains-next
              • No-self-endorsed
              • Associated-certificates
              • Last-anchor-present
              • No-self-buffer
              • Signed-certificates
              • Last-blockchain-round
              • Dag-certificate-next
              • Omni-paths-def-and-implied
              • Simultaneous-induction
              • Ordered-even-blocks
              • Last-anchor-def-and-init
              • Last-anchor-next
              • Previous-quorum
              • Committed-anchors-sequences
              • Omni-paths
              • Last-anchor-voters
              • Unequivocal-dag
              • Signed-and-associated-cerificates
              • Nonforking-blockchains
              • Nonforking-anchors
              • Committed-redundant
              • Same-committees
              • Blockchain-redundant
            • Definition
          • Library-extensions
        • Abnf
        • Vwsim
        • Isar
        • Wp-gen
        • Dimacs-reader
        • Pfcs
        • Legacy-defrstobj
        • Proof-checker-array
        • Soft
        • Farray
        • Rp-rewriter
        • Instant-runoff-voting
        • Imp-language
        • Sidekick
        • Leftist-trees
        • C
        • Java
        • Taspi
        • Bitcoin
        • Des
        • Ethereum
        • X86isa
        • Sha-2
        • Riscv
        • Yul
        • Zcash
        • Proof-checker-itp13
        • Regex
        • ACL2-programming-language
        • Json
        • Jfkr
        • Equational
        • Cryptography
        • Poseidon
        • Where-do-i-place-my-book
        • Bigmems
        • Builtins
        • Axe
        • Execloader
        • Solidity
        • Leo
        • Paco
        • Concurrent-programs
      • Debugging
      • Std
      • Proof-automation
      • Macro-libraries
      • ACL2
      • Interfacing-tools
      • Hardware-verification
      • Software-verification
      • Math
      • Testing-utilities
    • Unequivocal-dags-def-and-init

    Unequivocal-dags-p

    Definition of the invariant: the DAGs of each pair of correct validators are mutually unequivocal.

    We prove that this invariant, which is defined as non-equivocation for two validators, implies non-equivocation for a single validator. This is similar to the -necc rule generated by the definition, but it involves a single validator; this similarity is the reason for the name of the rule.

    Definitions and Theorems

    Theorem: unequivocal-dags-p-necc

    (defthm unequivocal-dags-p-necc
 (implies
  (unequivocal-dags-p systate)
  (implies
   (and (in val1 (correct-addresses systate))
        (in val2 (correct-addresses systate)))
   (certificate-sets-unequivocalp
       (validator-state->dag (get-validator-state val1 systate))
       (validator-state->dag (get-validator-state val2 systate))))))

    Theorem: booleanp-of-unequivocal-dags-p

    (defthm booleanp-of-unequivocal-dags-p
  (b* ((yes/no (unequivocal-dags-p systate)))
    (booleanp yes/no))
  :rule-classes :rewrite)

    Theorem: unequivocal-dags-p-of-system-state-fix-systate

    (defthm unequivocal-dags-p-of-system-state-fix-systate
  (equal (unequivocal-dags-p (system-state-fix systate))
         (unequivocal-dags-p systate)))

    Theorem: unequivocal-dags-p-system-state-equiv-congruence-on-systate

    (defthm unequivocal-dags-p-system-state-equiv-congruence-on-systate
  (implies (system-state-equiv systate systate-equiv)
           (equal (unequivocal-dags-p systate)
                  (unequivocal-dags-p systate-equiv)))
  :rule-classes :congruence)

    Theorem: unequivocal-dags-p-necc-single

    (defthm unequivocal-dags-p-necc-single
 (implies
    (and (unequivocal-dags-p systate)
         (in val (correct-addresses systate)))
    (certificate-set-unequivocalp
         (validator-state->dag (get-validator-state val systate)))))