Category Theory in Coq 8.5

We report on our experience implementing category theory in Coq 8.5. The repository of this development can be found at https://bitbucket.org/amintimany/categories/. This implementation most notably makes use of features, primitive projections for records and universe polymorphism that are new to Coq 8.5.Comment: This is the abstract for a talk accepted for a presentation at the 7th Coq Workshop, Sophia Antipolis, France on June 26, 201

Cumulative Inductive Types In Coq

In order to avoid well-known paradoxes associated with self-referential definitions, higher-order dependent type theories stratify the theory using a countably infinite hierarchy of universes (also known as sorts), Type_0 : Type_1 : *s. Such type systems are called cumulative if for any type A we have that A : Type_i implies A : Type_{i+1}. The Predicative Calculus of Inductive Constructions (pCIC) which forms the basis of the Coq proof assistant, is one such system. In this paper we present the Predicative Calculus of Cumulative Inductive Constructions (pCuIC) which extends the cumulativity relation to inductive types. We discuss cumulative inductive types as present in Coq 8.7 and their application to formalization and definitional translations

Cohérence du Calcul Prédicatif des Constructions Inductives Cumulatives

Version 2 fixes some typos from version 1.Version 3 fixes a typo in a typing rule from version 2.In order to avoid well-know paradoxes associated with self-referential definitions, higher-order dependent type theories stratify the theory using a countably infinite hierarchy of universes (also known as sorts), Type 0 : Type 1 : · · ·. Such type systems are called cumulative if for any type A we have that A : Type i implies A : Type i+1. The predicative calculus of inductive constructions (pCIC) which forms the basis of the Coq proof assistant, is one such system. In this paper we present and establish the soundness of the predicative calculus of cumulative inductive constructions (pCuIC) which extends the cumulativity relation to inductive types.Les théories des types d’ordre supérieur sont stratifiées afin d’éviter les paradoxes bien connus associés aux définitions circulaires. Elles utilisent une hiérarchie dénombrable d’univers (aussi appelé sortes), Type0 : Type1 : · · · . Ces systèmes de types sont appelés cumulatifs si pour tout type A on a A : Typei implique A : Typei+1. Le calcul prédicatif des constructions inductives (pCIC), qui forme la base de l’assistant de preuve Coq, est un tel système. Dans cet article, nous présentons une extension du calcul, dont nous prouvons la cohérence relative vis à vis de la théorie des ensembles. Ce nouveau calcul étend la relation de cumulativité aux types inductifs

Modular Verification of State-Based CRDTs in Separation Logic (Artifact)

This is the documentation of the artifact for the paper "Modular Verification of State-Based CRDTs in Separation Logic". The artifact consists of a Coq formalization of the safety proofs for state-based CRDTs described in the paper. The Coq proofs are written in the Aneris distributed separation logic

Modular Verification of State-Based CRDTs in Separation Logic

Conflict-free Replicated Datatypes (CRDTs) are a class of distributed data structures that are highly-available and weakly consistent. The CRDT taxonomy is further divided into two subclasses: state-based and operation-based (op-based). Recent prior work showed how to use separation logic to verify convergence and functional correctness of op-based CRDTs while (a) verifying implementations (as opposed to high-level protocols), (b) giving high level specifications that abstract from low-level implementation details, and (c) providing specifications that are modular (i.e. allow client code to use the CRDT like an abstract data type). We extend this separation logic approach to verification of CRDTs to handle state-based CRDTs, while respecting the desiderata (a)-(c). The key idea is to track the state of a CRDT as a function of the set of operations that produced that state. Using the observation that state-based CRDTs are automatically causally-consistent, we obtain CRDT specifications that are agnostic to whether a CRDT is state- or op-based. When taken together with prior work, our technique thus provides a unified approach to specification and verification of op- and state-based CRDTs. We have tested our approach by verifying StateLib, a library for building state-based CRDTs. Using StateLib, we have further verified convergence and functional correctness of multiple example CRDTs from the literature. Our proofs are written in the Aneris distributed separation logic and are mechanized in Coq

Theoretical Pearl: ≐≃≡ Leibniz equality is isomorphic to Martin-Löf identity, parametrically

status: publishe

Verifying Reliable Network Components in a Distributed Separation Logic with Dependent Separation Protocols

Publisher Copyright: © 2023 Owner/Author. We are grateful to Chet Murthy for helpful discussions. This work was supported in part by a Villum Investigator grant (no. 25804), Center for Basic Research in Program Verification (CPV), from the VILLUM Foundation.We present a foundationally verified implementation of a reliable communication library for asynchronous client-server communication, and a stack of formally verified components on top thereof. Our library is implemented in an OCaml-like language on top of UDP and features characteristic traits of existing protocols, such as a simple handshaking protocol, bidirectional channels, and retransmission/acknowledgement mechanisms. We verify the library in the Aneris distributed separation logic using a novel proof pattern - -dubbed the session escrow pattern - -based on the existing escrow proof pattern and the so-called dependent separation protocols, which hitherto have only been used in a non-distributed concurrent setting. We demonstrate how our specification of the reliable communication library simplifies formal reasoning about applications, such as a remote procedure call library, which we in turn use to verify a lazily replicated key-value store with leader-followers and clients thereof. Our development is highly modular - -each component is verified relative to specifications of the components it uses (not the implementation). All our results are formalized in the Coq proof assistant.publishersversionpublishe