-
Finding smart contract vulnerabilities with ConCert's property-based testing framework
Authors:
Mikkel Milo,
Eske Hoy Nielsen,
Danil Annenkov,
Bas Spitters
Abstract:
We provide three detailed case studies of vulnerabilities in smart contracts, and show how property-based testing would have found them:
1. the Dexter1 token exchange;
2. the iToken;
3. the ICO of Brave's BAT token.
The last example is, in fact, new, and was missed in the auditing process. We have implemented this testing in ConCert, a general executable model/specification of smart contra…
▽ More
We provide three detailed case studies of vulnerabilities in smart contracts, and show how property-based testing would have found them:
1. the Dexter1 token exchange;
2. the iToken;
3. the ICO of Brave's BAT token.
The last example is, in fact, new, and was missed in the auditing process. We have implemented this testing in ConCert, a general executable model/specification of smart contract execution in the Coq proof assistant. ConCert contracts can be used to generate verified smart contracts in Tezos' LIGO and Concordium's rust language. We thus show the effectiveness of combining formal verification and property-based testing of smart contracts.
△ Less
Submitted 1 August, 2022;
originally announced August 2022.
-
Formalising Decentralised Exchanges in Coq
Authors:
Eske Hoy Nielsen,
Danil Annenkov,
Bas Spitters
Abstract:
The number of attacks and accidents leading to significant losses of crypto-assets is growing. According to Chainalysis, in 2021, approx. $14 billion has been lost due to various incidents, and this number is dominated by Decentralized Finance (DeFi) applications. In order to address these issues, one can use a collection of tools ranging from auditing to formal methods. We use formal verification…
▽ More
The number of attacks and accidents leading to significant losses of crypto-assets is growing. According to Chainalysis, in 2021, approx. $14 billion has been lost due to various incidents, and this number is dominated by Decentralized Finance (DeFi) applications. In order to address these issues, one can use a collection of tools ranging from auditing to formal methods. We use formal verification and provide the first formalisation of a DeFi contract in a foundational proof assistant capturing contract interactions. We focus on Dexter2, a decentralized, non-custodial exchange for the Tezos network similar to Uniswap on Ethereum. The Dexter implementation consists of several smart contracts. This poses unique challenges for formalisation due to the complex contract interactions. Our formalisation includes proofs of functional correctness with respect to an informal specification for the contracts involved in Dexter's implementation. Moreover, our formalisation is the first to feature proofs of safety properties of the interacting smart contracts of a decentralized exchange. We have extracted our contract from Coq into CameLIGO code, so it can be deployed on the Tezos blockchain. Uniswap and Dexter are paradigmatic for a collection of similar contracts. Our methodology thus allows us to implement and verify DeFi applications featuring similar interaction patterns.
△ Less
Submitted 11 March, 2022;
originally announced March 2022.
-
Extracting functional programs from Coq, in Coq
Authors:
Danil Annenkov,
Mikkel Milo,
Jakob Botsch Nielsen,
Bas Spitters
Abstract:
We implement extraction of Coq programs to functional languages based on MetaCoq's certified erasure. We extend the MetaCoq erasure output language with typing information and use it as an intermediate representation, which we call $λ^T_\square$. We complement the extraction functionality with a full pipeline that includes several standard transformations (eta-expansion, inlining, etc) implemented…
▽ More
We implement extraction of Coq programs to functional languages based on MetaCoq's certified erasure. We extend the MetaCoq erasure output language with typing information and use it as an intermediate representation, which we call $λ^T_\square$. We complement the extraction functionality with a full pipeline that includes several standard transformations (eta-expansion, inlining, etc) implemented in a proof-generating manner along with a verified optimisation pass removing unused arguments. We prove the pass correct wrt. a conventional call-by-value operational semantics of functional languages. From the optimised $λ^T_\square$ representation, we obtain code in two functional smart contract languages (Liquidity and CameLIGO), the functional language Elm, and a subset of the multi-paradigm language for systems programming Rust. Rust is currently gaining popularity as a language for smart contracts, and we demonstrate how our extraction can be used to extract smart contract code for the Concordium network. The development is done in the context of the ConCert framework that enables smart contract verification. We contribute with two verified real-world smart contracts (boardroom voting and escrow), which we use, among other examples, to exemplify the applicability of the pipeline. In addition, we develop a verified web application and extract it to fully functional Elm code. In total, this gives us a way to write dependently typed programs in Coq, verify, and then extract them to several target languages while retaining a small trusted computing base of only MetaCoq and the pretty-printers into these languages.
△ Less
Submitted 6 August, 2021;
originally announced August 2021.
-
Extracting Smart Contracts Tested and Verified in Coq
Authors:
Danil Annenkov,
Mikkel Milo,
Jakob Botsch Nielsen,
Bas Spitters
Abstract:
We implement extraction of Coq programs to functional languages based on MetaCoq's certified erasure. As part of this, we implement an optimisation pass removing unused arguments. We prove the pass correct wrt. a conventional call-by-value operational semantics of functional languages. We apply this to two functional smart contract languages, Liquidity and Midlang, and to the functional language E…
▽ More
We implement extraction of Coq programs to functional languages based on MetaCoq's certified erasure. As part of this, we implement an optimisation pass removing unused arguments. We prove the pass correct wrt. a conventional call-by-value operational semantics of functional languages. We apply this to two functional smart contract languages, Liquidity and Midlang, and to the functional language Elm. Our development is done in the context of the ConCert framework that enables smart contract verification. We contribute a verified boardroom voting smart contract featuring maximum voter privacy such that each vote is kept private except under collusion of all other parties. We also integrate property-based testing into ConCert using QuickChick and our development is the first to support testing properties of interacting smart contracts. We test several complex contracts such as a DAO-like contract, an escrow contract, an implementation of a Decentralized Finance (DeFi) contract which includes a custom token standard (Tezos FA2), and more. In total, this gives us a way to write dependent programs in Coq, test them semi-automatically, verify, and then extract to functional smart contract languages, while retaining a small trusted computing base of only MetaCoq and the pretty-printers into these languages.
△ Less
Submitted 26 April, 2021; v1 submitted 16 December, 2020;
originally announced December 2020.
-
Formalizing Nakamoto-Style Proof of Stake
Authors:
Søren Eller Thomsen,
Bas Spitters
Abstract:
Fault-tolerant distributed systems move the trust in a single party to a majority of parties participating in the protocol. This makes blockchain based crypto-currencies possible: they allow parties to agree on a total order of transactions without a trusted third party. To trust a distributed system, the security of the protocol and the correctness of the implementation must be indisputable.
We…
▽ More
Fault-tolerant distributed systems move the trust in a single party to a majority of parties participating in the protocol. This makes blockchain based crypto-currencies possible: they allow parties to agree on a total order of transactions without a trusted third party. To trust a distributed system, the security of the protocol and the correctness of the implementation must be indisputable.
We present the first machine checked proof that guarantees both safety and liveness for a consensus algorithm. We verify a Proof of Stake (PoS) Nakamoto-style blockchain (NSB) protocol, using the foundational proof assistant Coq.
In particular, we consider a PoS NSB in a synchronous network with a static set of corrupted parties. We define execution semantics for this setting and prove chain growth, chain quality, and common prefix which together imply both safety and liveness.
△ Less
Submitted 18 May, 2021; v1 submitted 23 July, 2020;
originally announced July 2020.
-
Synthetic topology in Homotopy Type Theory for probabilistic programming
Authors:
Martin E. Bidlingmaier,
Florian Faissole,
Bas Spitters
Abstract:
The ALEA Coq library formalizes measure theory based on a variant of the Giry monad on the category of sets. This enables the interpretation of a probabilistic programming language with primitives for sampling from discrete distributions. However, continuous distributions have to be discretized because the corresponding measures cannot be defined on all subsets of their carriers.
This paper prop…
▽ More
The ALEA Coq library formalizes measure theory based on a variant of the Giry monad on the category of sets. This enables the interpretation of a probabilistic programming language with primitives for sampling from discrete distributions. However, continuous distributions have to be discretized because the corresponding measures cannot be defined on all subsets of their carriers.
This paper proposes the use of synthetic topology to model continuous distributions for probabilistic computations in type theory. We study the initial $σ$-frame and the corresponding induced topology on arbitrary sets. Based on these intrinsic topologies we define valuations and lower integrals on sets, and prove versions of the Riesz and Fubini theorems. We then show how the Lebesgue valuation, and hence continuous distributions, can be constructed.
△ Less
Submitted 25 June, 2021; v1 submitted 16 December, 2019;
originally announced December 2019.
-
Smart Contract Interactions in Coq
Authors:
Jakob Botsch Nielsen,
Bas Spitters
Abstract:
We present a model/executable specification of smart contract execution in Coq. Our formalization allows for inter-contract communication and generalizes existing work by allowing modelling of both depth-first execution blockchains (like Ethereum) and breadth-first execution blockchains (like Tezos). We represent smart contracts programs in Coq's functional language Gallina, enabling easier reason…
▽ More
We present a model/executable specification of smart contract execution in Coq. Our formalization allows for inter-contract communication and generalizes existing work by allowing modelling of both depth-first execution blockchains (like Ethereum) and breadth-first execution blockchains (like Tezos). We represent smart contracts programs in Coq's functional language Gallina, enabling easier reasoning about functional correctness of concrete contracts than other approaches. In particular we develop a Congress contract in this style. This contract -- a simplified version of the infamous DAO -- is interesting because of its very dynamic communication pattern with other contracts. We give a high-level partial specification of the Congress's behavior, related to reentrancy, and prove that the Congress satisfies it for all possible smart contract execution orders.
△ Less
Submitted 12 November, 2019;
originally announced November 2019.
-
ConCert: A Smart Contract Certification Framework in Coq
Authors:
Danil Annenkov,
Jakob Botsch Nielsen,
Bas Spitters
Abstract:
We present a new way of embedding functional languages into the Coq proof assistant by using meta-programming. This allows us to develop the meta-theory of the language using the deep embedding and provides a convenient way for reasoning about concrete programs using the shallow embedding. We connect the deep and the shallow embeddings by a soundness theorem. As an instance of our approach, we dev…
▽ More
We present a new way of embedding functional languages into the Coq proof assistant by using meta-programming. This allows us to develop the meta-theory of the language using the deep embedding and provides a convenient way for reasoning about concrete programs using the shallow embedding. We connect the deep and the shallow embeddings by a soundness theorem. As an instance of our approach, we develop an embedding of a core smart contract language into Coq and verify several important properties of a crowdfunding contract based on a previous formalisation of smart contract execution in blockchains.
△ Less
Submitted 20 December, 2019; v1 submitted 24 July, 2019;
originally announced July 2019.
-
Normalization by gluing for free λ-theories
Authors:
Jonathan Sterling,
Bas Spitters
Abstract:
The connection between normalization by evaluation, logical predicates and semantic gluing constructions is a matter of folklore, worked out in varying degrees within the literature. In this note, we present an elementary version of the gluing technique which corresponds closely with both semantic normalization proofs and the syntactic normalization by evaluation.
The connection between normalization by evaluation, logical predicates and semantic gluing constructions is a matter of folklore, worked out in varying degrees within the literature. In this note, we present an elementary version of the gluing technique which corresponds closely with both semantic normalization proofs and the syntactic normalization by evaluation.
△ Less
Submitted 23 September, 2018;
originally announced September 2018.
-
An Application of Computable Distributions to the Semantics of Probabilistic Programs
Authors:
Daniel Huang,
Greg Morrisett,
Bas Spitters
Abstract:
In this chapter, we explore how (Type-2) computable distributions can be used to give both (algorithmic) sampling and distributional semantics to probabilistic programs with continuous distributions. Towards this end, we sketch an encoding of computable distributions in a fragment of Haskell and show how topological domains can be used to model the resulting PCF-like language. We also examine the…
▽ More
In this chapter, we explore how (Type-2) computable distributions can be used to give both (algorithmic) sampling and distributional semantics to probabilistic programs with continuous distributions. Towards this end, we sketch an encoding of computable distributions in a fragment of Haskell and show how topological domains can be used to model the resulting PCF-like language. We also examine the implications that a (Type-2) computable semantics has for implementing conditioning. We hope to draw out the connection between an approach based on (Type-2) computability and ordinary programming throughout the chapter as well as highlight the relation with constructive mathematics (via realizability).
△ Less
Submitted 30 July, 2019; v1 submitted 20 June, 2018;
originally announced June 2018.
-
Computer-aided proofs for multiparty computation with active security
Authors:
Helene Haagh,
Aleksandr Karbyshev,
Sabine Oechsner,
Bas Spitters,
Pierre-Yves Strub
Abstract:
Secure multi-party computation (MPC) is a general cryptographic technique that allows distrusting parties to compute a function of their individual inputs, while only revealing the output of the function. It has found applications in areas such as auctioning, email filtering, and secure teleconference. Given its importance, it is crucial that the protocols are specified and implemented correctly.…
▽ More
Secure multi-party computation (MPC) is a general cryptographic technique that allows distrusting parties to compute a function of their individual inputs, while only revealing the output of the function. It has found applications in areas such as auctioning, email filtering, and secure teleconference. Given its importance, it is crucial that the protocols are specified and implemented correctly. In the programming language community it has become good practice to use computer proof assistants to verify correctness proofs. In the field of cryptography, EasyCrypt is the state of the art proof assistant. It provides an embedded language for probabilistic programming, together with a specialized logic, embedded into an ambient general purpose higher-order logic. It allows us to conveniently express cryptographic properties. EasyCrypt has been used successfully on many applications, including public-key encryption, signatures, garbled circuits and differential privacy. Here we show for the first time that it can also be used to prove security of MPC against a malicious adversary. We formalize additive and replicated secret sharing schemes and apply them to Maurer's MPC protocol for secure addition and multiplication. Our method extends to general polynomial functions. We follow the insights from EasyCrypt that security proofs can be often be reduced to proofs about program equivalence, a topic that is well understood in the verification of programming languages. In particular, we show that in the passive case the non-interference-based definition is equivalent to a standard game-based security definition. For the active case we provide a new NI definition, which we call input independence.
△ Less
Submitted 19 June, 2018;
originally announced June 2018.
-
Modal Dependent Type Theory and Dependent Right Adjoints
Authors:
Lars Birkedal,
Ranald Clouston,
Bassel Mannaa,
Rasmus Ejlers Møgelberg,
Andrew M. Pitts,
Bas Spitters
Abstract:
In recent years we have seen several new models of dependent type theory extended with some form of modal necessity operator, including nominal type theory, guarded and clocked type theory, and spatial and cohesive type theory. In this paper we study modal dependent type theory: dependent type theory with an operator satisfying (a dependent version of) the K-axiom of modal logic. We investigate bo…
▽ More
In recent years we have seen several new models of dependent type theory extended with some form of modal necessity operator, including nominal type theory, guarded and clocked type theory, and spatial and cohesive type theory. In this paper we study modal dependent type theory: dependent type theory with an operator satisfying (a dependent version of) the K-axiom of modal logic. We investigate both semantics and syntax. For the semantics, we introduce categories with families with a dependent right adjoint (CwDRA) and show that the examples above can be presented as such. Indeed, we show that any finite limit category with an adjunction of endofunctors gives rise to a CwDRA via the local universe construction. For the syntax, we introduce a dependently typed extension of Fitch-style modal lambda-calculus, show that it can be interpreted in any CwDRA, and build a term model. We extend the syntax and semantics with universes.
△ Less
Submitted 25 July, 2019; v1 submitted 14 April, 2018;
originally announced April 2018.
-
Internal Universes in Models of Homotopy Type Theory
Authors:
Daniel R. Licata,
Ian Orton,
Andrew M. Pitts,
Bas Spitters
Abstract:
We begin by recalling the essentially global character of universes in various models of homotopy type theory, which prevents a straightforward axiomatization of their properties using the internal language of the presheaf toposes from which these model are constructed. We get around this problem by extending the internal language with a modal operator for expressing properties of global elements.…
▽ More
We begin by recalling the essentially global character of universes in various models of homotopy type theory, which prevents a straightforward axiomatization of their properties using the internal language of the presheaf toposes from which these model are constructed. We get around this problem by extending the internal language with a modal operator for expressing properties of global elements. In this setting we show how to construct a universe that classifies the Cohen-Coquand-Huber-Mörtberg (CCHM) notion of fibration from their cubical sets model, starting from the assumption that the interval is tiny - a property that the interval in cubical sets does indeed have. This leads to an elementary axiomatization of that and related models of homotopy type theory within what we call crisp type theory.
△ Less
Submitted 5 July, 2018; v1 submitted 23 January, 2018;
originally announced January 2018.
-
Modalities in homotopy type theory
Authors:
Egbert Rijke,
Michael Shulman,
Bas Spitters
Abstract:
Univalent homotopy type theory (HoTT) may be seen as a language for the category of $\infty$-groupoids. It is being developed as a new foundation for mathematics and as an internal language for (elementary) higher toposes. We develop the theory of factorization systems, reflective subuniverses, and modalities in homotopy type theory, including their construction using a "localization" higher induc…
▽ More
Univalent homotopy type theory (HoTT) may be seen as a language for the category of $\infty$-groupoids. It is being developed as a new foundation for mathematics and as an internal language for (elementary) higher toposes. We develop the theory of factorization systems, reflective subuniverses, and modalities in homotopy type theory, including their construction using a "localization" higher inductive type. This produces in particular the ($n$-connected, $n$-truncated) factorization system as well as internal presentations of subtoposes, through lex modalities. We also develop the semantics of these constructions.
△ Less
Submitted 7 January, 2020; v1 submitted 22 June, 2017;
originally announced June 2017.
-
Guarded Cubical Type Theory
Authors:
Lars Birkedal,
Aleš Bizjak,
Ranald Clouston,
Hans Bugge Grathwohl,
Bas Spitters,
Andrea Vezzosi
Abstract:
This paper improves the treatment of equality in guarded dependent type theory (GDTT), by combining it with cubical type theory (CTT). GDTT is an extensional type theory with guarded recursive types, which are useful for building models of program logics, and for programming and reasoning with coinductive types. We wish to implement GDTT with decidable type checking, while still supporting non-tri…
▽ More
This paper improves the treatment of equality in guarded dependent type theory (GDTT), by combining it with cubical type theory (CTT). GDTT is an extensional type theory with guarded recursive types, which are useful for building models of program logics, and for programming and reasoning with coinductive types. We wish to implement GDTT with decidable type checking, while still supporting non-trivial equality proofs that reason about the extensions of guarded recursive constructions. CTT is a variation of Martin-Löf type theory in which the identity type is replaced by abstract paths between terms. CTT provides a computational interpretation of functional extensionality, enjoys canonicity for the natural numbers type, and is conjectured to support decidable type-checking. Our new type theory, guarded cubical type theory (GCTT), provides a computational interpretation of extensionality for guarded recursive types. This further expands the foundations of CTT as a basis for formalisation in mathematics and computer science. We present examples to demonstrate the expressivity of our type theory, all of which have been checked using a prototype type-checker implementation. We show that CTT can be given semantics in presheaves on the product of the cube category and a small category with an initial object. We then show that the category of presheaves on the product of the cube category and omega provides semantics for GCTT.
△ Less
Submitted 6 October, 2017; v1 submitted 28 November, 2016;
originally announced November 2016.
-
Cubical sets and the topological topos
Authors:
Bas Spitters
Abstract:
Coquand's cubical set model for homotopy type theory provides the basis for a computational interpretation of the univalence axiom and some higher inductive types, as implemented in the cubical proof assistant. This paper contributes to the understanding of this model. We make three contributions:
1. Johnstone's topological topos was created to present the geometric realization of simplicial set…
▽ More
Coquand's cubical set model for homotopy type theory provides the basis for a computational interpretation of the univalence axiom and some higher inductive types, as implemented in the cubical proof assistant. This paper contributes to the understanding of this model. We make three contributions:
1. Johnstone's topological topos was created to present the geometric realization of simplicial sets as a geometric morphism between toposes. Johnstone shows that simplicial sets classify strict linear orders with disjoint endpoints and that (classically) the unit interval is such an order. Here we show that it can also be a target for cubical realization by showing that Coquand's cubical sets classify the geometric theory of flat distributive lattices. As a side result, we obtain a simplicial realization of a cubical set.
2. Using the internal `interval' in the topos of cubical sets, we construct a Moore path model of identity types.
3. We construct a premodel structure internally in the cubical type theory and hence on the fibrant objects in cubical sets.
△ Less
Submitted 17 October, 2016;
originally announced October 2016.
-
The HoTT Library: A formalization of homotopy type theory in Coq
Authors:
Andrej Bauer,
Jason Gross,
Peter LeFanu Lumsdaine,
Mike Shulman,
Matthieu Sozeau,
Bas Spitters
Abstract:
We report on the development of the HoTT library, a formalization of homotopy type theory in the Coq proof assistant. It formalizes most of basic homotopy type theory, including univalence, higher inductive types, and significant amounts of synthetic homotopy theory, as well as category theory and modalities. The library has been used as a basis for several independent developments. We discuss the…
▽ More
We report on the development of the HoTT library, a formalization of homotopy type theory in the Coq proof assistant. It formalizes most of basic homotopy type theory, including univalence, higher inductive types, and significant amounts of synthetic homotopy theory, as well as category theory and modalities. The library has been used as a basis for several independent developments. We discuss the decisions that led to the design of the library, and we comment on the interaction of homotopy type theory with recently introduced features of Coq, such as universe polymorphism and private inductive types.
△ Less
Submitted 9 December, 2016; v1 submitted 14 October, 2016;
originally announced October 2016.
-
Guarded Cubical Type Theory: Path Equality for Guarded Recursion
Authors:
Lars Birkedal,
Aleš Bizjak,
Ranald Clouston,
Hans Bugge Grathwohl,
Bas Spitters,
Andrea Vezzosi
Abstract:
This paper improves the treatment of equality in guarded dependent type theory (GDTT), by combining it with cubical type theory (CTT). GDTT is an extensional type theory with guarded recursive types, which are useful for building models of program logics, and for programming and reasoning with coinductive types. We wish to implement GDTT with decidable type-checking, while still supporting non-tri…
▽ More
This paper improves the treatment of equality in guarded dependent type theory (GDTT), by combining it with cubical type theory (CTT). GDTT is an extensional type theory with guarded recursive types, which are useful for building models of program logics, and for programming and reasoning with coinductive types. We wish to implement GDTT with decidable type-checking, while still supporting non-trivial equality proofs that reason about the extensions of guarded recursive constructions. CTT is a variation of Martin-Löf type theory in which the identity type is replaced by abstract paths between terms. CTT provides a computational interpretation of functional extensionality, is conjectured to have decidable type checking, and has an implemented type-checker. Our new type theory, called guarded cubical type theory, provides a computational interpretation of extensionality for guarded recursive types. This further expands the foundations of CTT as a basis for formalisation in mathematics and computer science. We present examples to demonstrate the expressivity of our type theory, all of which have been checked using a prototype type-checker implementation, and present semantics in a presheaf category.
△ Less
Submitted 28 June, 2016; v1 submitted 16 June, 2016;
originally announced June 2016.
-
Sets in homotopy type theory
Authors:
Egbert Rijke,
Bas Spitters
Abstract:
Homotopy Type Theory may be seen as an internal language for the $\infty$-category of weak $\infty$-groupoids which in particular models the univalence axiom. Voevodsky proposes this language for weak $\infty$-groupoids as a new foundation for mathematics called the Univalent Foundations of Mathematics. It includes the sets as weak $\infty$-groupoids with contractible connected components, and the…
▽ More
Homotopy Type Theory may be seen as an internal language for the $\infty$-category of weak $\infty$-groupoids which in particular models the univalence axiom. Voevodsky proposes this language for weak $\infty$-groupoids as a new foundation for mathematics called the Univalent Foundations of Mathematics. It includes the sets as weak $\infty$-groupoids with contractible connected components, and thereby it includes (much of) the traditional set theoretical foundations as a special case. We thus wonder whether those `discrete' groupoids do in fact form a (predicative) topos. More generally, homotopy type theory is conjectured to be the internal language of `elementary' $\infty$-toposes. We prove that sets in homotopy type theory form a $ΠW$-pretopos. This is similar to the fact that the $0$-truncation of an $\infty$-topos is a topos. We show that both a subobject classifier and a $0$-object classifier are available for the type theoretical universe of sets. However, both of these are large and moreover, the $0$-object classifier for sets is a function between $1$-types (i.e. groupoids) rather than between sets. Assuming an impredicative propositional resizing rule we may render the subobject classifier small and then we actually obtain a topos of sets.
△ Less
Submitted 24 April, 2014; v1 submitted 16 May, 2013;
originally announced May 2013.
-
Proceedings 8th International Workshop on Quantum Physics and Logic
Authors:
Bart Jacobs,
Peter Selinger,
Bas Spitters
Abstract:
This volume contains the proceedings of the 8th International Workshop on Quantum Physics and Logic (QPL 2011), which was held October 27-29, 2011 at Radboud University Nijmegen. The goal of this workshop series is to bring together researchers working on mathematical foundations of quantum physics, quantum computing and spatio-temporal causal structures, and in particular those that use logical t…
▽ More
This volume contains the proceedings of the 8th International Workshop on Quantum Physics and Logic (QPL 2011), which was held October 27-29, 2011 at Radboud University Nijmegen. The goal of this workshop series is to bring together researchers working on mathematical foundations of quantum physics, quantum computing and spatio-temporal causal structures, and in particular those that use logical tools, ordered algebraic and category-theoretic structures, formal languages, semantic methods and other computer science methods for the study of physical behavior in general. Over the past few years, there has been growing activity in these foundational approaches, together with a renewed interest in the foundations of quantum theory, which complement the more mainstream research in quantum computation.
△ Less
Submitted 1 October, 2012;
originally announced October 2012.
-
Type classes for efficient exact real arithmetic in Coq
Authors:
Robbert Krebbers,
Bas Spitters
Abstract:
Floating point operations are fast, but require continuous effort on the part of the user in order to ensure that the results are correct. This burden can be shifted away from the user by providing a library of exact analysis in which the computer handles the error estimates. Previously, we [Krebbers/Spitters 2011] provided a fast implementation of the exact real numbers in the Coq proof assistant…
▽ More
Floating point operations are fast, but require continuous effort on the part of the user in order to ensure that the results are correct. This burden can be shifted away from the user by providing a library of exact analysis in which the computer handles the error estimates. Previously, we [Krebbers/Spitters 2011] provided a fast implementation of the exact real numbers in the Coq proof assistant. Our implementation improved on an earlier implementation by O'Connor by using type classes to describe an abstract specification of the underlying dense set from which the real numbers are built. In particular, we used dyadic rationals built from Coq's machine integers to obtain a 100 times speed up of the basic operations already. This article is a substantially expanded version of [Krebbers/Spitters 2011] in which the implementation is extended in the various ways. First, we implement and verify the sine and cosine function. Secondly, we create an additional implementation of the dense set based on Coq's fast rational numbers. Thirdly, we extend the hierarchy to capture order on undecidable structures, while it was limited to decidable structures before. This hierarchy, based on type classes, allows us to share theory on the naturals, integers, rationals, dyadics, and reals in a convenient way. Finally, we obtain another dramatic speed-up by avoiding evaluation of termination proofs at runtime.
△ Less
Submitted 13 February, 2013; v1 submitted 17 June, 2011;
originally announced June 2011.
-
Computer certified efficient exact reals in Coq
Authors:
Robbert Krebbers,
Bas Spitters
Abstract:
Floating point operations are fast, but require continuous effort on the part of the user in order to ensure that the results are correct. This burden can be shifted away from the user by providing a library of exact analysis in which the computer handles the error estimates. We provide an implementation of the exact real numbers in the Coq proof assistant. This improves on the earlier Coq-impleme…
▽ More
Floating point operations are fast, but require continuous effort on the part of the user in order to ensure that the results are correct. This burden can be shifted away from the user by providing a library of exact analysis in which the computer handles the error estimates. We provide an implementation of the exact real numbers in the Coq proof assistant. This improves on the earlier Coq-implementation by O'Connor in two ways: we use dyadic rationals built from the machine integers and we optimize computation of power series by using approximate division. Moreover, we use type classes for clean mathematical interfaces. This appears to be the first time that type classes are used in heavy computation. We obtain over a 100 times speed up of the basic operations and indications for improving the Coq system.
△ Less
Submitted 13 May, 2011;
originally announced May 2011.
-
Type Classes for Mathematics in Type Theory
Authors:
Bas Spitters,
Eelis van der Weegen
Abstract:
The introduction of first-class type classes in the Coq system calls for re-examination of the basic interfaces used for mathematical formalization in type theory. We present a new set of type classes for mathematics and take full advantage of their unique features to make practical a particularly flexible approach formerly thought infeasible. Thus, we address both traditional proof engineering ch…
▽ More
The introduction of first-class type classes in the Coq system calls for re-examination of the basic interfaces used for mathematical formalization in type theory. We present a new set of type classes for mathematics and take full advantage of their unique features to make practical a particularly flexible approach formerly thought infeasible. Thus, we address both traditional proof engineering challenges as well as new ones resulting from our ambition to build upon this development a library of constructive analysis in which abstraction penalties inhibiting efficient computation are reduced to a minimum.
The base of our development consists of type classes representing a standard algebraic hierarchy, as well as portions of category theory and universal algebra. On this foundation we build a set of mathematically sound abstract interfaces for different kinds of numbers, succinctly expressed using categorical language and universal algebra constructions. Strategic use of type classes lets us support these high-level theory-friendly definitions while still enabling efficient implementations unhindered by gratuitous indirection, conversion or projection.
Algebra thrives on the interplay between syntax and semantics. The Prolog-like abilities of type class instance resolution allow us to conveniently define a quote function, thus facilitating the use of reflective techniques.
△ Less
Submitted 7 February, 2011;
originally announced February 2011.
-
The space of measurement outcomes as a spectrum for non-commutative algebras
Authors:
Bas Spitters
Abstract:
Bohrification defines a locale of hidden variables internal in a topos. We find that externally this is the space of partial measurement outcomes. By considering the double negation sheafification, we obtain the space of measurement outcomes which coincides with the spectrum for commutative C*-algebras.
Bohrification defines a locale of hidden variables internal in a topos. We find that externally this is the space of partial measurement outcomes. By considering the double negation sheafification, we obtain the space of measurement outcomes which coincides with the spectrum for commutative C*-algebras.
△ Less
Submitted 7 June, 2010;
originally announced June 2010.
-
A computer verified, monadic, functional implementation of the integral
Authors:
Russell O'Connor,
Bas Spitters
Abstract:
We provide a computer verified exact monadic functional implementation of the Riemann integral in type theory. Together with previous work by O'Connor, this may be seen as the beginning of the realization of Bishop's vision to use constructive mathematics as a programming language for exact analysis.
We provide a computer verified exact monadic functional implementation of the Riemann integral in type theory. Together with previous work by O'Connor, this may be seen as the beginning of the realization of Bishop's vision to use constructive mathematics as a programming language for exact analysis.
△ Less
Submitted 3 June, 2010; v1 submitted 8 September, 2008;
originally announced September 2008.
-
Almost periodic functions, constructively
Authors:
Bas Spitters
Abstract:
The almost periodic functions form a natural example of a non-separable normed space. As such, it has been a challenge for constructive mathematicians to find a natural treatment of them. Here we present a simple proof of Bohr's fundamental theorem for almost periodic functions which we then generalize to almost periodic functions on general topological groups.
The almost periodic functions form a natural example of a non-separable normed space. As such, it has been a challenge for constructive mathematicians to find a natural treatment of them. Here we present a simple proof of Bohr's fundamental theorem for almost periodic functions which we then generalize to almost periodic functions on general topological groups.
△ Less
Submitted 7 October, 2008; v1 submitted 2 December, 2005;
originally announced December 2005.
