-
Money grows on (proof-)trees: the formal FA1.2 ledger standard
Authors:
Murdoch Gabbay,
Arvid Jakobsson,
Kristina Sojakova
Abstract:
Once you have invented digital money, you may need a ledger to track who owns what -- and an interface to that ledger so that users of your money can transact. On the Tezos blockchain this implies: a smart contract (distributed program), storing in its state a ledger to map owner addresses to token quantities, and standardised entrypoints to transact on accounts.
A bank does a similar job -- it…
▽ More
Once you have invented digital money, you may need a ledger to track who owns what -- and an interface to that ledger so that users of your money can transact. On the Tezos blockchain this implies: a smart contract (distributed program), storing in its state a ledger to map owner addresses to token quantities, and standardised entrypoints to transact on accounts.
A bank does a similar job -- it maps account numbers to account quantities and permits users to transact -- but in return the bank demands trust, it incurs expense to maintain a centralised server and staff, it uses a proprietary interface ... and it may speculate using your money and/or display rent-seeking behaviour. A blockchain ledger is by design decentralised, inexpensive, open, and it won't just bet your tokens on risky derivatives (unless you ask).
The FA1.2 standard is an open standard for ledger-keeping smart contracts on the Tezos blockchain. Several FA1.2 implementations already exist.
Or do they? Is the standard sensible and complete? Are the implementations correct? And what are they implementations \emph{of}? The FA1.2 standard is written in English, a specification language favoured by wet human brains but notorious for its incompleteness and ambiguity when rendered into dry and unforgiving code.
In this paper we report on a formalisation of the FA1.2 standard as a Coq specification, and on a formal verification of three FA1.2-compliant smart contracts with respect to that specification. Errors were found and ambiguities were resolved; but also, there now exists a \emph{mathematically precise} and battle-tested specification of the FA1.2 ledger standard.
We will describe FA1.2 itself, outline the structure of the Coq theories -- which in itself captures some non-trivial and novel design decisions of the development -- and review the detailed verification of the implementations.
△ Less
Submitted 1 December, 2021; v1 submitted 20 September, 2021;
originally announced September 2021.
-
Syllepsis in Homotopy Type Theory
Authors:
Kristina Sojakova
Abstract:
It is well-known that in homotopy type theory (HoTT), one can prove the Eckmann-Hilton theorem: given two 2-loops p, q : 1 = 1 on the reflexivity path at an arbitrary point a : A, we have pq = qp. If we go one dimension higher, i.e., if p and q are 3-loops, we show that a property classically known as syllepsis also holds in HoTT: namely, the Eckmann-Hilton proof for q and p is the inverse of the…
▽ More
It is well-known that in homotopy type theory (HoTT), one can prove the Eckmann-Hilton theorem: given two 2-loops p, q : 1 = 1 on the reflexivity path at an arbitrary point a : A, we have pq = qp. If we go one dimension higher, i.e., if p and q are 3-loops, we show that a property classically known as syllepsis also holds in HoTT: namely, the Eckmann-Hilton proof for q and p is the inverse of the Eckmann-Hilton proof for p and q.
△ Less
Submitted 29 July, 2021;
originally announced July 2021.
-
A General Framework for Relational Parametricity
Authors:
Kristina Sojakova,
Patricia Johann
Abstract:
Reynolds' original theory of relational parametricity was intended to capture the idea that polymorphically typed System F programs preserve all relations between inputs. But as Reynolds himself later showed, his theory can only be formalized in a meta-theory with an impredicative universe, such as the Calculus of Inductive Constructions. Abstracting from Reynolds' ideas, Dunphy and Reddy develope…
▽ More
Reynolds' original theory of relational parametricity was intended to capture the idea that polymorphically typed System F programs preserve all relations between inputs. But as Reynolds himself later showed, his theory can only be formalized in a meta-theory with an impredicative universe, such as the Calculus of Inductive Constructions. Abstracting from Reynolds' ideas, Dunphy and Reddy developed their well-known framework for parametricity that uses parametric limits in reflexive graph categories and aims to subsume a variety of parametric models. As we observe, however, their theory is not sufficiently general to subsume the very model that inspired parametricity, namely Reynolds' original model, expressed inside type theory. To correct this, we develop an abstract framework for relational parametricity that generalizes the notion of a reflexive graph categories and delivers Reynolds' model as a direct instance in a natural way. This framework is uniform with respect to a choice of meta-theory, which allows us to obtain the well-known PER model of Longo and Moggi as a direct instance in a natural way as well. In addition, we offer two novel relationally parametric models of System F: i) a categorical version of Reynolds' model, where types are functorial on isomorphisms and all polymorphic functions respect the functorial action, and ii) a proof-relevant categorical version of Reynolds' model (after Orsanigo), where, additionally, witnesses of relatedness are themselves suitably related. We show that, unlike previously existing frameworks for parametricity, ours recognizes both of these new models in a natural way. Our framework is thus descriptive, in that it accounts for well-known models, as well as prescriptive, in that it identifies abstract properties that good models of relational parametricity should satisfy and suggests new constructions of such models.
△ Less
Submitted 11 May, 2018; v1 submitted 30 April, 2018;
originally announced May 2018.
-
Cubical Categories for Higher-Dimensional Parametricity
Authors:
Patricia Johann,
Kristina Sojakova
Abstract:
Reynolds' theory of relational parametricity formalizes parametric polymorphism for System F, thus capturing the idea that polymorphically typed System F programs always map related inputs to related results. This paper shows that Reynolds' theory can be seen as the instantiation at dimension 1 of a theory of relational parametricity for System F that holds at all higher dimensions, including infi…
▽ More
Reynolds' theory of relational parametricity formalizes parametric polymorphism for System F, thus capturing the idea that polymorphically typed System F programs always map related inputs to related results. This paper shows that Reynolds' theory can be seen as the instantiation at dimension 1 of a theory of relational parametricity for System F that holds at all higher dimensions, including infinite dimension. This theory is formulated in terms of the new notion of a p-dimensional cubical category, which we use to define a p-dimensional parametric model of System F for any p, where p is a natural number or infinity. We show that every p-dimensional parametric model of System F yields a split $λ$ 2-fibration in which types are interpreted as face map- and degeneracy-preserving cubical functors and terms are interpreted as face map- and degeneracy-preserving cubical natural transformations. We demonstrate that our theory is "good" by showing that the PER model of Bainbridge et al. is derivable as another 1-dimensional instance, and that all instances at all dimensions derive higher-dimensional analogues of expected results for parametric models, such as a Graph Lemma and the existence of initial algebras and final coalgebras. Finally, our technical development resolves a number of significant technical issues arising in Ghani et al.'s recent bifibrational treatment of relational parametricity, which allows us to clarify their approach and strengthen their main result. Once clarified, their bifibrational framework, too, can be seen as a 1-dimensional instance of our theory.
△ Less
Submitted 22 January, 2017;
originally announced January 2017.
-
The equivalence of the torus and the product of two circles in homotopy type theory
Authors:
Kristina Sojakova
Abstract:
Homotopy type theory is a new branch of mathematics which merges insights from abstract homotopy theory and higher category theory with those of logic and type theory. It allows us to represent a variety of mathematical objects as basic type-theoretic constructions, higher inductive types. We present a proof that in homotopy type theory, the torus is equivalent to the product of two circles. This…
▽ More
Homotopy type theory is a new branch of mathematics which merges insights from abstract homotopy theory and higher category theory with those of logic and type theory. It allows us to represent a variety of mathematical objects as basic type-theoretic constructions, higher inductive types. We present a proof that in homotopy type theory, the torus is equivalent to the product of two circles. This result indicates that the synthetic definition of torus as a higher inductive type is indeed correct.
△ Less
Submitted 13 October, 2015;
originally announced October 2015.
-
Higher Inductive Types as Homotopy-Initial Algebras
Authors:
Kristina Sojakova
Abstract:
Homotopy Type Theory is a new field of mathematics based on the surprising and elegant correspondence between Martin-Lofs constructive type theory and abstract homotopy theory. We have a powerful interplay between these disciplines - we can use geometric intuition to formulate new concepts in type theory and, conversely, use type-theoretic machinery to verify and often simplify existing mathematic…
▽ More
Homotopy Type Theory is a new field of mathematics based on the surprising and elegant correspondence between Martin-Lofs constructive type theory and abstract homotopy theory. We have a powerful interplay between these disciplines - we can use geometric intuition to formulate new concepts in type theory and, conversely, use type-theoretic machinery to verify and often simplify existing mathematical proofs. A crucial ingredient in this new system are higher inductive types, which allow us to represent objects such as spheres, tori, pushouts, and quotients. We investigate a variant of higher inductive types whose computational behavior is determined up to a higher path. We show that in this setting, higher inductive types are characterized by the universal property of being a homotopy-initial algebra.
△ Less
Submitted 4 February, 2014;
originally announced February 2014.
-
Inductive types in homotopy type theory
Authors:
Steve Awodey,
Nicola Gambino,
Kristina Sojakova
Abstract:
Homotopy type theory is an interpretation of Martin-Löf's constructive type theory into abstract homotopy theory. There results a link between constructive mathematics and algebraic topology, providing topological semantics for intensional systems of type theory as well as a computational approach to algebraic topology via type theory-based proof assistants such as Coq.
The present work investig…
▽ More
Homotopy type theory is an interpretation of Martin-Löf's constructive type theory into abstract homotopy theory. There results a link between constructive mathematics and algebraic topology, providing topological semantics for intensional systems of type theory as well as a computational approach to algebraic topology via type theory-based proof assistants such as Coq.
The present work investigates inductive types in this setting. Modified rules for inductive types, including types of well-founded trees, or W-types, are presented, and the basic homotopical semantics of such types are determined. Proofs of all results have been formally verified by the Coq proof assistant, and the proof scripts for this verification form an essential component of this research.
△ Less
Submitted 2 May, 2012; v1 submitted 18 January, 2012;
originally announced January 2012.
