Project Ironwood (Work In Progress)
A correct-by-construction blockchain protocol implmentation.
How to run
The author's version is Coq 8.8.0. To complie/check, run
make clean; make.
Version 2.0 [In progress]
- Add Byzantine adversaries
Version 1.1 [DONE]
- Sensible names for lemmas
- Improved proof structure and implementation
- Human-readable high-level proof
Version 1.0 [DONE]
- Synchornous network
- No adversaries
- Concensus on a boolean value
- Implmenting BOSCO concensus protocol
- Proving agreement property: all decisions made are the equal
- Not executable
- Asynchronous network
- Liveness prorperty
- More complex protocol
- Extract to executables
|High_def.v||Abstract protocol semantics|
|High_proof.v||Abstract agreement proof|
|Low_def.v||Protocol implmentation, basic properties|
|Low_proof.v||Agreement proof + readable version|
|Refinement.v||Refinement theorem (and all the lemmas)|
|Temporal.v||(A not so successful atempt) to adopt temporal logic|
The core theorem is
Refinement.v or you can try read the pretty proof
Low_proof.v which comes with comments that serves as a pen-and-paper proof.
The lemmas in
Refinement.v are ordered logically and named based on their forms. Different letters refers to properties about different formal concepts. Here's the reference list:
V = Validity S' = Step S = Steps D = Decision E = Estimate R = Round H = History M = Message L = deLivery T = sTate C = Condition Q = Quorum I = Initial _ = Arrow c? = exact step ? changed l? = local ? g? = global ? ?p = ?'s properties eq = equality
Lem_VR_E resembles a lemma that assumes validity of the global state and some constrains on the round number and concludes something about estimation.
Lemma Lem_VR_E : forall params gs r i, isValid params gs -> r <= round_no gs -> i < n gs -> exists b, extract_estimationr i gs r = Some b.
Haobin Ni, Cornell University, 2018