├── README.md └── casper └── docs ├── ltcctbc ├── build ├── ltcctbc.bib ├── ltcctbc.pdf ├── eptcsstyle.zip ├── mathpartir.sty ├── .gitignore ├── ltcctbc.tex.orig ├── ltcctbc.tex └── acm_proc_article-sp.cls ├── pispec ├── build ├── pispec.bib ├── pispec.pdf ├── eptcsstyle.zip ├── mathpartir.sty ├── .gitignore ├── notes-on-consensus.txt └── pispec.tex ├── CasperInteraction.pdf └── CasperInteraction.graffle ├── image100.tiff ├── image101.tiff ├── image102.tiff ├── image85.jpeg ├── image86.jpeg ├── image87.jpeg ├── image88.tiff ├── image89.tiff ├── image90.pdf ├── image91.pdf ├── image92.tiff ├── image93.tiff ├── image94.tiff ├── image97.pdf ├── image98.tiff └── image99.tiff /README.md: -------------------------------------------------------------------------------- 1 | # casper 2 | -------------------------------------------------------------------------------- /casper/docs/ltcctbc/build: -------------------------------------------------------------------------------- 1 | latex hctm 2 | dvips hctm.dvi 3 | ps2pdf hctm.ps 4 | -------------------------------------------------------------------------------- /casper/docs/pispec/build: -------------------------------------------------------------------------------- 1 | latex hctm 2 | dvips hctm.dvi 3 | ps2pdf hctm.ps 4 | -------------------------------------------------------------------------------- /casper/docs/ltcctbc/ltcctbc.bib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/ltcctbc/ltcctbc.bib -------------------------------------------------------------------------------- /casper/docs/ltcctbc/ltcctbc.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/ltcctbc/ltcctbc.pdf -------------------------------------------------------------------------------- /casper/docs/pispec/pispec.bib: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/pispec/pispec.bib -------------------------------------------------------------------------------- /casper/docs/pispec/pispec.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/pispec/pispec.pdf -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.pdf -------------------------------------------------------------------------------- /casper/docs/pispec/eptcsstyle.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/pispec/eptcsstyle.zip -------------------------------------------------------------------------------- /casper/docs/pispec/mathpartir.sty: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/pispec/mathpartir.sty -------------------------------------------------------------------------------- /casper/docs/ltcctbc/eptcsstyle.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/ltcctbc/eptcsstyle.zip -------------------------------------------------------------------------------- /casper/docs/ltcctbc/mathpartir.sty: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/ltcctbc/mathpartir.sty -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image100.tiff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image100.tiff -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image101.tiff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image101.tiff -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image102.tiff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image102.tiff -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image85.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image85.jpeg -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image86.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image86.jpeg -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image87.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image87.jpeg -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image88.tiff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image88.tiff -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image89.tiff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image89.tiff -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image90.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image90.pdf -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image91.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image91.pdf -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image92.tiff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image92.tiff -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image93.tiff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image93.tiff -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image94.tiff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image94.tiff -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image97.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image97.pdf -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image98.tiff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image98.tiff -------------------------------------------------------------------------------- /casper/docs/CasperInteraction.graffle/image99.tiff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leithaus/casper/HEAD/casper/docs/CasperInteraction.graffle/image99.tiff -------------------------------------------------------------------------------- /casper/docs/ltcctbc/.gitignore: -------------------------------------------------------------------------------- 1 | ## Core latex/pdflatex auxiliary files: 2 | *.aux 3 | *.lof 4 | *.log 5 | *.lot 6 | *.fls 7 | *.out 8 | *.toc 9 | 10 | ## Intermediate documents: 11 | *.dvi 12 | *-converted-to.* 13 | # these rules might exclude image files for figures etc. 14 | # *.ps 15 | # *.eps 16 | # *.pdf 17 | 18 | ## Bibliography auxiliary files (bibtex/biblatex/biber): 19 | *.bbl 20 | *.bcf 21 | *.blg 22 | *-blx.aux 23 | *-blx.bib 24 | *.brf 25 | *.run.xml 26 | 27 | ## Build tool auxiliary files: 28 | *.fdb_latexmk 29 | *.synctex 30 | *.synctex.gz 31 | *.synctex.gz(busy) 32 | *.pdfsync 33 | 34 | ## Auxiliary and intermediate files from other packages: 35 | 36 | # algorithms 37 | *.alg 38 | *.loa 39 | 40 | # achemso 41 | acs-*.bib 42 | 43 | # amsthm 44 | *.thm 45 | 46 | # beamer 47 | *.nav 48 | *.snm 49 | *.vrb 50 | 51 | #(e)ledmac/(e)ledpar 52 | *.end 53 | *.[1-9] 54 | *.[1-9][0-9] 55 | *.[1-9][0-9][0-9] 56 | *.[1-9]R 57 | *.[1-9][0-9]R 58 | *.[1-9][0-9][0-9]R 59 | *.eledsec[1-9] 60 | *.eledsec[1-9]R 61 | *.eledsec[1-9][0-9] 62 | *.eledsec[1-9][0-9]R 63 | *.eledsec[1-9][0-9][0-9] 64 | *.eledsec[1-9][0-9][0-9]R 65 | 66 | # glossaries 67 | *.acn 68 | *.acr 69 | *.glg 70 | *.glo 71 | *.gls 72 | 73 | # gnuplottex 74 | *-gnuplottex-* 75 | 76 | # hyperref 77 | *.brf 78 | 79 | # knitr 80 | *-concordance.tex 81 | *.tikz 82 | *-tikzDictionary 83 | 84 | # listings 85 | *.lol 86 | 87 | # makeidx 88 | *.idx 89 | *.ilg 90 | *.ind 91 | *.ist 92 | 93 | # minitoc 94 | *.maf 95 | *.mtc 96 | *.mtc0 97 | 98 | # minted 99 | _minted* 100 | *.pyg 101 | 102 | # morewrites 103 | *.mw 104 | 105 | # nomencl 106 | *.nlo 107 | 108 | # sagetex 109 | *.sagetex.sage 110 | *.sagetex.py 111 | *.sagetex.scmd 112 | 113 | # sympy 114 | *.sout 115 | *.sympy 116 | sympy-plots-for-*.tex/ 117 | 118 | # todonotes 119 | *.tdo 120 | 121 | # xindy 122 | *.xdy 123 | 124 | # WinEdt 125 | *.bak 126 | *.sav 127 | -------------------------------------------------------------------------------- /casper/docs/pispec/.gitignore: -------------------------------------------------------------------------------- 1 | ## Core latex/pdflatex auxiliary files: 2 | *.aux 3 | *.lof 4 | *.log 5 | *.lot 6 | *.fls 7 | *.out 8 | *.toc 9 | 10 | ## Intermediate documents: 11 | *.dvi 12 | *-converted-to.* 13 | # these rules might exclude image files for figures etc. 14 | # *.ps 15 | # *.eps 16 | # *.pdf 17 | 18 | ## Bibliography auxiliary files (bibtex/biblatex/biber): 19 | *.bbl 20 | *.bcf 21 | *.blg 22 | *-blx.aux 23 | *-blx.bib 24 | *.brf 25 | *.run.xml 26 | 27 | ## Build tool auxiliary files: 28 | *.fdb_latexmk 29 | *.synctex 30 | *.synctex.gz 31 | *.synctex.gz(busy) 32 | *.pdfsync 33 | 34 | ## Auxiliary and intermediate files from other packages: 35 | 36 | # algorithms 37 | *.alg 38 | *.loa 39 | 40 | # achemso 41 | acs-*.bib 42 | 43 | # amsthm 44 | *.thm 45 | 46 | # beamer 47 | *.nav 48 | *.snm 49 | *.vrb 50 | 51 | #(e)ledmac/(e)ledpar 52 | *.end 53 | *.[1-9] 54 | *.[1-9][0-9] 55 | *.[1-9][0-9][0-9] 56 | *.[1-9]R 57 | *.[1-9][0-9]R 58 | *.[1-9][0-9][0-9]R 59 | *.eledsec[1-9] 60 | *.eledsec[1-9]R 61 | *.eledsec[1-9][0-9] 62 | *.eledsec[1-9][0-9]R 63 | *.eledsec[1-9][0-9][0-9] 64 | *.eledsec[1-9][0-9][0-9]R 65 | 66 | # glossaries 67 | *.acn 68 | *.acr 69 | *.glg 70 | *.glo 71 | *.gls 72 | 73 | # gnuplottex 74 | *-gnuplottex-* 75 | 76 | # hyperref 77 | *.brf 78 | 79 | # knitr 80 | *-concordance.tex 81 | *.tikz 82 | *-tikzDictionary 83 | 84 | # listings 85 | *.lol 86 | 87 | # makeidx 88 | *.idx 89 | *.ilg 90 | *.ind 91 | *.ist 92 | 93 | # minitoc 94 | *.maf 95 | *.mtc 96 | *.mtc0 97 | 98 | # minted 99 | _minted* 100 | *.pyg 101 | 102 | # morewrites 103 | *.mw 104 | 105 | # nomencl 106 | *.nlo 107 | 108 | # sagetex 109 | *.sagetex.sage 110 | *.sagetex.py 111 | *.sagetex.scmd 112 | 113 | # sympy 114 | *.sout 115 | *.sympy 116 | sympy-plots-for-*.tex/ 117 | 118 | # todonotes 119 | *.tdo 120 | 121 | # xindy 122 | *.xdy 123 | 124 | # WinEdt 125 | *.bak 126 | *.sav 127 | -------------------------------------------------------------------------------- /casper/docs/pispec/notes-on-consensus.txt: -------------------------------------------------------------------------------- 1 | Notes on Consensus 2 | Vlad Zamfir July 21th,2015 3 | 4 | Consensus protocols build reliable processes out of unreliable processes 5 | e.g. a process (or protocol) that provides a service by replicating changes to a deterministic automata across many potentially unreliable or untrusted computers 6 | 7 | 8 | 9 | 10 | Consensus is… 11 | 12 | CAP Theorem 13 | In the event of a network partition, a consensus protocol must choose between being available and being consistent 14 | 15 | CAP Theorem 16 | Consistency: every correct server has an identical copy of the state 17 | 18 | Availability: clients are able affect changes to the server’s consensus state 19 | 20 | Classes of Consensus Protocols 21 | Traditional consensus protocols tend to prefer consistency over availability in the event of a partition 22 | 23 | Blockchain-based consensus protocols can prefer availability over consistency in the event of a partition 24 | 25 | Exceptions that prove the rule 26 | Traditional consensus protocols that are available in the event of a partition tend to use a protocol extension to discover the validators in their partition, and then to proceed ‘normally’ with this subset of validators 27 | 28 | On Chaining Blocks 29 | The only consensus-critical reason to chain blocks together is to restrict the number of possible futures/histories that clients must compare when they are coming to consensus 30 | 31 | This is only necessary in consensus protocols that favour availability 32 | 33 | On Chaining Blocks 34 | We will return to blockchain-based consensus protocols after reviewing traditional consensus protocols and economic consensus protocols. 35 | 36 | Traditional Consensus Protocols 37 | aim to have the following property: 38 | Correct nodes make a change to the consensus state if and only if they are certain that in a finite amount of time all other correct nodes will make the same change 39 | 40 | Traditional Consensus Protocols 41 | They prove this property using the assumption that there exists no more than f (byzantine) faulty nodes, and that the remaining nodes are correct 42 | 43 | 44 | Traditional Consensus Protocols 45 | If a correct node sees something X that causes it to change its state, it knows that all undecided correct nodes will also process that change, when they see X 46 | 47 | Traditional Consensus Protocols 48 | If f nodes are faulty, 49 | 50 | f + 1 node signatures are required for a node to believe that the message was signed by at least one correct node 51 | 52 | Traditional Consensus Protocols 53 | …. For consensus we must know that a majority of correct nodes approve of a change to the state 54 | f 55 | 56 | Traditional Consensus Protocols 57 | Definition: 58 | 59 | A “byzantine quorum” is a set of nodes large enough such that a majority of correct nodes must be contained in that set. 60 | f 61 | 62 | Traditional Consensus Protocols 63 | faulty nodes 64 | correct nodes 65 | majority of correct nodes 66 | byzantine quorum 67 | 0% 68 | 100% 69 | >50% 70 | >50% 71 | 33% 72 | 67% 73 | >33.5% 74 | >66.5% 75 | 50% 76 | 50% 77 | >25% 78 | >75% 79 | 80% 80 | 20% 81 | >10% 82 | >90% 83 | f 84 | 85 | Traditional Consensus Protocols 86 | …. The size of the byzantine quorum is 87 | 88 | > (100% - f)/2 + f 89 | = 50% + f/2 90 | 91 | …. where f is the proportion of byzantine faults 92 | f 93 | 94 | Traditional Consensus Protocols 95 | …. Unfortunately, faulty nodes can prevent a byzantine quorum from forming …. 96 | f 97 | 98 | Traditional Consensus Protocols 99 | faulty nodes 100 | correct nodes 101 | majority of correct nodes 102 | byzantine quorum (c1 + c3) 103 | quorum surplus 104 | (c2 - c4) 105 | 0% 106 | 100% 107 | >50% 108 | >50% 109 | <50% 110 | 33% 111 | 67% 112 | >33.5% 113 | >66.5% 114 | <0.5% 115 | 50% 116 | 50% 117 | >25% 118 | >75% 119 | <-25% 120 | 80% 121 | 20% 122 | >10% 123 | >90% 124 | <-70% 125 | f 126 | 127 | Traditional Consensus Protocols 128 | A fault tolerance f > ⅓ would require a quorum size that is greater than ⅔. This quorum cannot be guaranteed to form if there are more than 1 - ⅔ = ⅓ faults, 129 | 130 | ….and we just assumed that f > ⅓. 131 | f 132 | 133 | Traditional Consensus Protocols 134 | The highest fault tolerance we can hope for is: 135 | f = ⅓ 136 | 137 | |quorum| = 50% + (f + e)/2 = ⅔ + e/2 138 | |correct| = 100% - (f + e) = ⅔ - e |correct| < |quorum| by 3e/2, and we can only tolerate faults if |correct| >= |quorum| 139 | f 140 | 141 | Traditional Consensus Protocols 142 | A correct node that sees evidence of the acceptance of a change from a byzantine quorum knows that a majority of correct nodes have accepted that change 143 | 144 | Traditional Consensus Protocols 145 | In this case it is possible for the correct node to safely commit the change to its state. 146 | 147 | 148 | 149 | Traditional Consensus Protocols 150 | We need to assume that: A correct node “knows” that other correct nodes will commit to the same change to the consensus because it knows that they are using the same logic to update their copy of the state 151 | 152 | Economic Consensus Protocols 153 | In economic consensus, we relax the previous assumption. 154 | 155 | The network’s behaviour is constrained by the economics of the protocol rather than by the correctness of all-but-f nodes. 156 | 157 | Economic Consensus Protocols.. 158 | Definition: 159 | Economic consensus protocols are consensus protocols that use economic mechanisms defined by the protocol to prevent byzantine faults. 160 | 161 | Economic Consensus Protocols.. 162 | The security of an economic consensus protocol should be demonstrated through economic analysis. Economic analysis is unfortunately much harder to conduct than byzantine fault tolerance analysis. 163 | 164 | 165 | Economic Consensus Protocols.. 166 | In general we will aim to show that an economic consensus protocol is: Incentive compatible: 167 | All nodes have a direct incentive to work together to update and secure the consensus against faults 168 | 169 | 170 | 171 | 172 | Economic Consensus Protocols.. 173 | The most common type of incentive incompatibility is a majority coalition’s incentive to censor the remaining minority to increase their profitability. 174 | 175 | In the worst case, a majority coalition has an incentive to reverse history. 176 | 177 | 178 | 179 | 180 | Economic Consensus Protocols.. 181 | In general we will aim to also show that an economic consensus protocol is: Robust against incentive attacks: 182 | It would require a large expenditure out of a large budget to break the protocol’s incentive compatibility. 183 | 184 | 185 | 186 | Economic Consensus Protocols.. 187 | The most general incentive attack is called the bribe attack. 188 | 189 | In this attack model, the attacker can directly bribe any node to deviate from its current behaviour. We assume that all (or almost all) nodes will deviate if it is profitable. 190 | 191 | 192 | 193 | Economic Consensus Protocols.. 194 | Common assumption: 195 | 196 | Economic consensus protocols enforce these fault-preventing incentive mechanisms only by specifying the behaviour of a ledger of digital assets defined in the consensus state 197 | 198 | Economic Consensus Protocols.. 199 | This common assumption, together with the also common confusion of blockchain-based consensus protocols with economic consensus protocols is why people commonly refer to blockchains as “distributed ledgers” 200 | 201 | Economic Consensus Protocols.. 202 | Example: 203 | 204 | Tendermint makes faults expensive by revoking the security deposits of faulty validators. 205 | These deposits must be placed by a validator for their blocks to represent valid changes to the consensus state. 206 | 207 | Economic Consensus Protocols.. 208 | Counter-example: 209 | 210 | Transactions-as-PoW is a consensus protocol that is expensive to attack, but which does not use an internal ledger to achieve its economics. It requires transactions to be computationally expensive and to refer to previous transactions. 211 | 212 | Blockchain-based consensus protocols 213 | Achieve consensus by having nodes choose between competing histories (called blockchains or forks) based on a common fork-choice rule. 214 | 215 | This is as opposed to achieving consensus exclusively by coordinating to extend history. 216 | 217 | Blockchain-based consensus protocols 218 | The ability to choose one version of events after having adopted another is the defining characteristic of blockchains. 219 | 220 | Chaining blocks reduces the number of possible version of histories. 221 | 222 | Blockchain-based consensus protocols 223 | This property makes it possible for blockchains to favour availability over consistency in the event of a network partition. 224 | 225 | Blockchain-based consesnsus: CA(P) 226 | Traditional consensus: CA(P) 227 | 228 | Blockchain-based consensus protocols 229 | have a kind of fault-tolerance that doesn’t exist in the context of traditional protocols: The fork-based fault-tolerance is the proportion of network resources required to create a fork that is chosen by the fork-choice rule in favour of any fork that can be created by the remaining nodes. 230 | 231 | Blockchain-based consensus protocols 232 | Traditionally, blockchain-based consensus protocols have a fork-based fault-tolerance of 50%. 233 | 234 | Traditional fault tolerance refers to the number of nodes that can be byzantine while it is still impossible for correct nodes to disagree. 235 | 236 | Blockchain-based consensus protocols 237 | Traditional fault tolerance: “How many of the nodes who made this fork would need to be byzantine for it to possibly be reverted?” Fork-based fault tolerance: “How many nodes need to be byzantine for the guarantee that the winning fork is one created by correct nodes?” 238 | 239 | Decentralization analysis 240 | Traditional: “How many nodes need to be byzantine for there to be a commitment that matches this one?” Fork-based: “How many nodes need to be correct, to guarantee that the winning fork is the one created by correct nodes?” 241 | 242 | Economic Consensus Protocols.. 243 | Example: 244 | 245 | Bitcoin makes faults expensive by making blocks computationally expensive to produce, while rewarding miners through the issuance of new bitcoin only for producing blocks on the “heaviest chain”. 246 | 247 | 248 | Economic Consensus Protocols.. 249 | Example, continued: 250 | 251 | Miners who don’t produce blocks at the head of the heaviest chain have to incur the computational expense but are not compensated for it… unless the blocks later become part of the heaviest chain. 252 | 253 | 254 | Economic Consensus Protocols.. 255 | Example, continued: 256 | 257 | By conducting a “51% attack”, Bitcoin miners can work in a majority coalition to make a “lighter” fork into the “heaviest” fork. 258 | 259 | 260 | 261 | Economic Consensus Protocols.. 262 | Example, continued: 263 | 264 | We therefore commonly say that Bitcoin has a byzantine fault tolerance of 50%. 265 | Economic analysis, on the other hand, is not that simple.. 266 | 267 | 268 | Economic Consensus Protocols.. 269 | Example, continued: If we want to show that the Bitcoin protocol is secured by economics rather than by correct nodes, we must show that it is incentive compatible and robust to incentive attacks, ideally with as few assumptions as possible. 270 | 271 | 272 | Economic Consensus Protocols.. 273 | 274 | Hence the term “distributed ledger”, which is unfortunately 275 | -------------------------------------------------------------------------------- /casper/docs/pispec/pispec.tex: -------------------------------------------------------------------------------- 1 | % ------------------------------------------------------------------------ 2 | % AMS-LaTeX Paper ******************************************************** 3 | % ------------------------------------------------------------------------ 4 | % Submitted: Dec 15 2003 5 | % Final Version: 6 | % Accepted: 7 | % ------------------------------------------------------------------------ 8 | % This is a journal top-matter template file for use with AMS-LaTeX. 9 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 10 | 11 | % TODO(mike): locating a closure at a name: how to translate a closure into a process that gets stuck into the cell 12 | 13 | 14 | 15 | %\documentclass{tran-l} 16 | %\documentclass[twocolumn]{amsart} 17 | %\documentclass[]{amsart} 18 | %\documentclass[]{sig-alternate} 19 | %\documentclass[fleqn]{acm_proc_article-sp} 20 | \documentclass[]{acm_proc_article-sp} 21 | %\documentclass[]{llncs} 22 | 23 | 24 | %\documentclass[]{prentcsmacro} 25 | 26 | %\usepackage[active]{srcltx} % SRC Specials for DVI Searching 27 | \usepackage{url} 28 | % \usepackage[pdf]{pstricks} 29 | % \usepackage{pstricks-add, pst-grad, pst-plot} 30 | % \usepackage[tiling]{pst-fill} 31 | % \psset{linewidth=0.3pt,dimen=middle} 32 | % \psset{xunit=.70cm,yunit=0.70cm} 33 | % \psset{angleA=-90,angleB=90,ArrowInside=->,arrowscale=2} 34 | 35 | 36 | % From Allen's stable. 37 | \usepackage{bigpage} 38 | \usepackage{bcprules} 39 | %\usepackage{code} 40 | \usepackage{mathpartir} 41 | \usepackage{listings} 42 | \usepackage{mathtools} 43 | %\usepackage[fleqn]{amsmath} 44 | \usepackage{amsfonts} 45 | \usepackage{cmll} 46 | \usepackage{latexsym} 47 | \usepackage{amssymb} 48 | \usepackage{caption} 49 | %\usepackage{multicol} 50 | 51 | 52 | % Math 53 | \newcommand{\maps}{\colon} 54 | \newcommand{\NN}{\mathbb{N}} 55 | % Double brackets 56 | \newcommand{\ldb}{[\![} 57 | \newcommand{\rdb}{]\!]} 58 | \newcommand{\ldrb}{(\!(} 59 | \newcommand{\rdrb}{)\!)} 60 | \newcommand{\lliftb}{\langle\!|} 61 | \newcommand{\rliftb}{|\!\rangle} 62 | % \newcommand{\lpquote}{\langle} 63 | % \newcommand{\rpquote}{\rangle} 64 | % \newcommand{\lpquote}{\lceil} 65 | % \newcommand{\rpquote}{\rceil} 66 | \newcommand{\lpquote}{\ulcorner} 67 | \newcommand{\rpquote}{\urcorner} 68 | \newcommand{\newkw}{\nu} 69 | 70 | % SYNTAX 71 | \newcommand{\id}[1]{\texttt{#1}} 72 | \newcommand{\none}{\emptyset} 73 | \newcommand{\eps}{\epsilon} 74 | \newcommand{\set}[1]{\{#1\}} 75 | \newcommand{\rep}[2]{\id{\{$#1$,$#2$\}}} 76 | \newcommand{\elt}[2]{\id{$#1$[$#2$]}} 77 | \newcommand{\infinity}{$\infty$} 78 | 79 | \newcommand{\pzero}{\mathbin{0}} 80 | \newcommand{\seq}{\mathbin{\id{,}}} 81 | \newcommand{\all}{\mathbin{\id{\&}}} 82 | \newcommand{\choice}{\mathbin{\id{|}}} 83 | \newcommand{\altern}{\mathbin{\id{+}}} 84 | \newcommand{\juxtap}{\mathbin{\id{|}}} 85 | %\newcommand{\concat}{\mathbin{.}} 86 | \newcommand{\concat}{\Rightarrow} 87 | \newcommand{\punify}{\mathbin{\id{:=:}}} 88 | \newcommand{\fuse}{\mathbin{\id{=}}} 89 | \newcommand{\scong}{\mathbin{\equiv}} 90 | \newcommand{\nameeq}{\mathbin{\equiv_N}} 91 | \newcommand{\alphaeq}{\mathbin{\equiv_{\alpha}}} 92 | \newcommand{\names}[1]{\mathbin{\mathcal{N}(#1)}} 93 | \newcommand{\freenames}[1]{\mathbin{\mathcal{FN}(#1)}} 94 | \newcommand{\boundnames}[1]{\mathbin{\mathcal{BN}(#1)}} 95 | %\newcommand{\lift}[2]{\texttt{lift} \; #1 \concat #2} 96 | \newcommand{\binpar}[2]{#1 \juxtap #2} 97 | \newcommand{\outputp}[2]{#1 ! ( * #2 )} 98 | \newcommand{\prefix}[3]{#1 ? ( #2 ) \concat #3} 99 | \newcommand{\lift}[2]{#1 ! ( #2 )} 100 | %\newcommand{\quotep}[1]{\lpquote #1 \rpquote} 101 | \newcommand{\quotep}[1]{@#1} 102 | \newcommand{\dropn}[1]{*#1} 103 | 104 | \newcommand{\newp}[2]{\id{(}\newkw \; #1 \id{)} #2} 105 | \newcommand{\bangp}[1]{\int #1} 106 | \newcommand{\xbangp}[2]{\int_{#2} #1} 107 | \newcommand{\bangxp}[2]{\int^{#2} #1} 108 | 109 | \newcommand{\substp}[2]{\id{\{} \quotep{#1} / \quotep{#2} \id{\}}} 110 | \newcommand{\substn}[2]{\id{\{} #1 / #2 \id{\}}} 111 | 112 | \newcommand{\psubstp}[2]{\widehat{\substp{#1}{#2}}} 113 | \newcommand{\psubstn}[2]{\widehat{\substn{#1}{#2}}} 114 | 115 | \newcommand{\applyp}[2]{#1 \langle #2 \rangle} 116 | \newcommand{\absp}[2]{\id{(} #1 \id{)} #2} 117 | 118 | \newcommand{\transitions}[3]{\mathbin{#1 \stackrel{#2}{\longrightarrow} #3}} 119 | \newcommand{\meaningof}[1]{\ldb #1 \rdb} 120 | \newcommand{\pmeaningof}[1]{\ldb #1 \rdb} 121 | \newcommand{\nmeaningof}[1]{\ldrb #1 \rdrb} 122 | 123 | \newcommand{\Proc}{\mathbin{Proc}} 124 | \newcommand{\QProc}{\quotep{\mathbin{Proc}}} 125 | 126 | \newcommand{\entailm}{\mathbin{\vdash_{\mathfrak m}}} %matching 127 | \newcommand{\entailp}{\mathbin{\vdash_{\mathfrak p}}} %behavioral 128 | \newcommand{\entailv}{\mathbin{\vdash_{\mathfrak v}}} %validation 129 | \newcommand{\congd}{\mathbin{\equiv_{\mathfrak d}}} 130 | \newcommand{\congs}{\mathbin{\equiv_{\mathfrak s}}} 131 | \newcommand{\congp}{\mathbin{\equiv_{\mathfrak p}}} 132 | %\newcommand{\defneqls}{:\!=} 133 | \newcommand{\defneqls}{\coloneqq} 134 | %\newcommand{\logequiv}{\mathbin{\leftrightarrow}} 135 | 136 | \newcommand{\barb}[2]{\mathbin{#1 \downarrow_{#2}}} 137 | \newcommand{\dbarb}[2]{\mathbin{#1 \Downarrow_{#2}}} 138 | 139 | % From pi-duce paper 140 | \newcommand{\red}{\rightarrow} 141 | \newcommand{\wred}{\Rightarrow} 142 | \newcommand{\redhat}{\hat{\longrightarrow}} 143 | \newcommand{\lred}[1]{\stackrel{#1}{\longrightarrow}} %transitions 144 | \newcommand{\wlred}[1]{\stackrel{#1}{\Longrightarrow}} 145 | 146 | \newcommand{\opm}[2]{\overline{#1} [ #2 ]} % monadic 147 | \newcommand{\ipm}[2]{{#1} ( #2 )} 148 | \newcommand{\ipmv}[2]{{#1} ( #2 )} % monadic 149 | \newcommand{\parop}{\;|\;} % parallel operator 150 | \newcommand{\patmatch}[3]{#2 \in #3 \Rightarrow #1} 151 | \newcommand{\sdot}{\, . \,} % Space around '.' 152 | \newcommand{\bang}{!\,} 153 | %\newcommand{\fuse}[1]{\langle #1 \rangle} 154 | \newcommand{\fusion}[2]{#1 = #2} % fusion prefix/action 155 | \newcommand{\rec}[2]{\mbox{\textsf{rec}} \, #1. \, #2} 156 | \newcommand{\match}[2]{\mbox{\textsf{match}} \; #1 \; \mbox{\textsf{with}} \; #2} 157 | \newcommand{\sep}{:} 158 | \newcommand{\val}[2]{\mbox{\textsf{val}} \; #1 \; \mbox{\textsf{as}} \; #2} 159 | 160 | \newcommand{\rel}[1]{\;{\mathcal #1}\;} %relation 161 | \newcommand{\bisim}{\stackrel{.}{\sim}_b} %bisimilar 162 | \newcommand{\wb}{\approx_b} %weak bisimilar 163 | \newcommand{\bbisim}{\stackrel{\centerdot}{\sim}} %barbed bisimilar 164 | \newcommand{\wbbisim}{\stackrel{\centerdot}{\approx}} %weak barbed bisimilar 165 | \newcommand{\wbbisimsem}{\approx} %weak barbed bisimilar 166 | \newcommand{\bxless}{\lesssim} %expansion less (amssymb required) 167 | \newcommand{\bxgtr}{\gtrsim} %expansion greater (amssymb required) 168 | \newcommand{\beq}{\sim} %barbed congruent 169 | \newcommand{\fwbeq}{\stackrel{\circ}{\approx}} %weak barbed congruent 170 | \newcommand{\wbeq}{\approx} %weak barbed congruent 171 | \newcommand{\sheq}{\simeq} %symbolic hypereq 172 | \newcommand{\wbc}{\approx_{cb}} 173 | 174 | % End piduce contribution 175 | 176 | % rho logic 177 | 178 | \newcommand{\ptrue}{\mathbin{true}} 179 | \newcommand{\psatisfies}[2]{#1 \models #2} 180 | \newcommand{\pdropf}[1]{\rpquote #1 \lpquote} 181 | \newcommand{\pquotep}[1]{\lpquote #1 \rpquote} 182 | \newcommand{\plift}[2]{#1 ! ( #2 )} 183 | \newcommand{\pprefix}[3]{\langle #1 ? #2 \rangle #3} 184 | \newcommand{\pgfp}[2]{\textsf{rec} \; #1 \mathbin{.} #2} 185 | \newcommand{\pquant}[3]{\forall #1 \mathbin{:} #2 \mathbin{.} #3} 186 | \newcommand{\pquantuntyped}[2]{\forall #1 \mathbin{.} #2} 187 | \newcommand{\riff}{\Leftrightarrow} 188 | 189 | \newcommand{\PFormula}{\mathbin{PForm}} 190 | \newcommand{\QFormula}{\mathbin{QForm}} 191 | \newcommand{\PropVar}{\mathbin{\mathcal{V}}} 192 | 193 | \newcommand{\typedby}{\mathbin{\:\colon}} 194 | \newcommand{\mixedgroup}[1]{\id{mixed($#1$)}} 195 | \newcommand{\cast}[2]{\id{CAST AS} \; #1 \; (#2)} 196 | \newcommand{\bslsh}{\mathbin{\id{\\}}} 197 | \newcommand{\bslshslsh}{\mathbin{\id{\\\\}}} 198 | \newcommand{\fslsh}{\mathbin{\id{/}}} 199 | \newcommand{\fslshslsh}{\mathbin{\id{//}}} 200 | \newcommand{\bb}[1]{\mbox{#1}} 201 | \newcommand{\bc}{\mathbin{\mathbf{::=}}} 202 | \newcommand{\bm}{\mathbin{\mathbf\mid}} 203 | \newcommand{\be}{\mathbin{=}} 204 | \newcommand{\bd}{\mathbin{\buildrel {\rm \scriptscriptstyle def} \over \be}} 205 | \newcommand{\ctcategory}[1]{\mbox{\bf #1}} 206 | 207 | %GRAMMAR 208 | \newlength{\ltext} 209 | \newlength{\lmath} 210 | \newlength{\cmath} 211 | \newlength{\rmath} 212 | \newlength{\rtext} 213 | 214 | \settowidth{\ltext}{complex type name} 215 | \settowidth{\lmath}{$xxx$} 216 | \settowidth{\cmath}{$::=$} 217 | \settowidth{\rmath}{\id{attributeGroup}} 218 | \settowidth{\rtext}{repetition of $g$ between $m$ and $n$ times} 219 | 220 | \newenvironment{grammar}{ 221 | \[ 222 | \begin{array}{l@{\quad}rcl@{\quad}l} 223 | \hspace{\ltext} & \hspace{\lmath} & \hspace{\cmath} & \hspace{\rmath} & \hspace{\rtext} \\ 224 | }{ 225 | \end{array}\] 226 | } 227 | 228 | % Over-full v-boxes on even pages are due to the \v{c} in author's name 229 | \vfuzz2pt % Don't report over-full v-boxes if over-edge is small 230 | 231 | % THEOREM Environments --------------------------------------------------- 232 | \newtheorem{thm}{Theorem}[subsection] 233 | \newtheorem{cor}[thm]{Corollary} 234 | \newtheorem{lem}[thm]{Lemma} 235 | \newtheorem{prop}[thm]{Proposition} 236 | % \theoremstyle{definition} 237 | \newtheorem{defn}[thm]{Definition} 238 | % \theoremstyle{remark} 239 | \newtheorem{rem}[thm]{Remark} 240 | \newtheorem{example}[thm]{Example} 241 | \numberwithin{equation}{subsection} 242 | % MATH ------------------------------------------------------------------- 243 | \DeclareMathOperator{\RE}{Re} 244 | \DeclareMathOperator{\IM}{Im} 245 | \DeclareMathOperator{\ess}{ess} 246 | \newcommand{\veps}{\varepsilon} 247 | \newcommand{\To}{\longrightarrow} 248 | \newcommand{\h}{\mathcal{H}} 249 | \newcommand{\s}{\mathcal{S}} 250 | \newcommand{\A}{\mathcal{A}} 251 | \newcommand{\J}{\mathcal{J}} 252 | \newcommand{\M}{\mathcal{M}} 253 | \newcommand{\W}{\mathcal{W}} 254 | \newcommand{\X}{\mathcal{X}} 255 | \newcommand{\BOP}{\mathbf{B}} 256 | \newcommand{\BH}{\mathbf{B}(\mathcal{H})} 257 | \newcommand{\KH}{\mathcal{K}(\mathcal{H})} 258 | \newcommand{\Real}{\mathbb{R}} 259 | \newcommand{\Complex}{\mathbb{C}} 260 | \newcommand{\Field}{\mathbb{F}} 261 | \newcommand{\RPlus}{\Real^{+}} 262 | \newcommand{\Polar}{\mathcal{P}_{\s}} 263 | \newcommand{\Poly}{\mathcal{P}(E)} 264 | \newcommand{\EssD}{\mathcal{D}} 265 | \newcommand{\Lom}{\mathcal{L}} 266 | \newcommand{\States}{\mathcal{T}} 267 | \newcommand{\abs}[1]{\left\vert#1\right\vert} 268 | % \newcommand{\set}[1]{\left\{#1\right\}} 269 | %\newcommand{\seq}[1]{\left<#1\right>} 270 | \newcommand{\norm}[1]{\left\Vert#1\right\Vert} 271 | \newcommand{\essnorm}[1]{\norm{#1}_{\ess}} 272 | 273 | %%% NAMES 274 | \newcommand{\Names}{{\mathcal N}} 275 | \newcommand{\Channels}{{\sf X}} 276 | \newcommand{\Variables}{{\mathcal V}} 277 | \newcommand{\Enames}{{\mathcal E}} 278 | \newcommand{\Nonterminals}{{\mathcal S}} 279 | \newcommand{\Pnames}{{\mathcal P}} 280 | \newcommand{\Dnames}{{\mathcal D}} 281 | \newcommand{\Types}{{\mathcal T}} 282 | 283 | \newcommand{\fcalc}{fusion calculus} 284 | \newcommand{\xcalc}{${\mathfrak x}$-calculus} 285 | \newcommand{\lcalc}{$\lambda$-calculus} 286 | \newcommand{\pic}{$\pi$-calculus} 287 | \newcommand{\rhoc}{${\textsc{rho}}$-calculus} 288 | \newcommand{\hcalc}{highwire calculus} 289 | \newcommand{\dcalc}{data calculus} 290 | %XML should be all caps, not small caps. --cb 291 | %\newcommand{\xml}{\textsc{xml}} 292 | \newcommand{\xml}{XML} 293 | 294 | \newcommand{\papertitle}{Formally introducing Casper} 295 | % use static date to preserve date of actual publication 296 | \newcommand{\paperversion}{Draft Version 0.1 - Jul 30, 2015} 297 | 298 | \newenvironment{toc} 299 | { 300 | \begin{list}{}{ 301 | \setlength{\leftmargin}{0.4in} 302 | \setlength{\rightmargin}{0.6in} 303 | \setlength{\parskip}{0pt} 304 | } \item } 305 | {\end{list}} 306 | 307 | \newenvironment{narrow} 308 | { 309 | \begin{list}{}{ 310 | \setlength{\leftmargin}{0.4in} 311 | \setlength{\rightmargin}{0.6in} 312 | } \item } 313 | {\end{list}} 314 | 315 | %%% ---------------------------------------------------------------------- 316 | 317 | %\title{\huge{\papertitle}} 318 | \title{\papertitle} 319 | 320 | %\numberofauthors{3} 321 | \author{ 322 | Vlad Zamfir\\ 323 | \affaddr{Ethereum}\\ 324 | \email{\fontsize{8}{8}\selectfont vldzmfr@gmail.com} 325 | \and 326 | L.G. Meredith\\ 327 | \affaddr{CSO, Synereo}\\ 328 | \email{\fontsize{8}{8}\selectfont greg@synereo.com} 329 | } 330 | 331 | %\address{Systems Biology, Harvard Medical School, Boston, Massachussetts, USA} 332 | 333 | %\email{lg_meredith@hms.harvard.edu} 334 | 335 | %\thanks{This work was completed during a visiting appointment at the Department of Systems Biology, Harvard Medical School.} 336 | 337 | %\subjclass{Primary 47A15; Secondary 46A32, 47D20} 338 | 339 | %\date{April 6, 2002.} 340 | 341 | %\dedicatory{} 342 | 343 | %\commby{Daniel J. Rudolph} 344 | 345 | %%% ---------------------------------------------------------------------- 346 | 347 | \begin{document} 348 | %\lstset{language=erlang} 349 | \lstset{language=} 350 | 351 | %These margin values appear to be relative to the bigpage package settings. --cb 352 | \setlength{\topmargin}{0in} 353 | \setlength{\textheight}{8.5in} 354 | \setlength{\parskip}{6pt} 355 | 356 | \keywords{ {\pic}, proof-of-stake, blockchain, types, Curry-Howard } 357 | 358 | \begin{abstract} 359 | \normalsize{ 360 | 361 | We present Casper, a proof-of-stake protocol, and it's formal specification in {\pic}. 362 | 363 | } 364 | 365 | \end{abstract} 366 | 367 | % \noindent 368 | % {\large \textbf{Submission to arXiv}}\\ 369 | % \rule{6.25in}{0.75pt}\\\\\\ 370 | 371 | %%% ---------------------------------------------------------------------- 372 | \maketitle 373 | %%% ---------------------------------------------------------------------- 374 | 375 | % \begin{center} 376 | % \paperversion\\ 377 | % \end{center} 378 | 379 | % \begin{toc} 380 | % \tableofcontents 381 | % \end{toc} 382 | 383 | % \newpage 384 | % ------------------------------------------------------------------------ 385 | 386 | \section{Introduction and Motivation} 387 | 388 | Consensus protocols build reliable processes out of unreliable 389 | processes e.g. a process (or protocol) that provides a service by 390 | replicating changes to a deterministic automata across many 391 | potentially unreliable or untrusted computers 392 | 393 | Consensus is… 394 | 395 | CAP Theorem In the event of a network partition, a consensus protocol 396 | must choose between being available and being consistent 397 | 398 | CAP Theorem Consistency: every correct server has an identical copy of 399 | the state 400 | 401 | Availability: clients are able affect changes to the server’s consensus state 402 | 403 | Classes of Consensus Protocols Traditional consensus protocols tend to 404 | prefer consistency over availability in the event of a partition 405 | 406 | Blockchain-based consensus protocols can prefer availability over 407 | consistency in the event of a partition 408 | 409 | Exceptions that prove the rule Traditional consensus protocols that 410 | are available in the event of a partition tend to use a protocol 411 | extension to discover the validators in their partition, and then to 412 | proceed ‘normally’ with this subset of validators 413 | 414 | On Chaining Blocks The only consensus-critical reason to chain blocks 415 | together is to restrict the number of possible futures/histories that 416 | clients must compare when they are coming to consensus 417 | 418 | This is only necessary in consensus protocols that favour availability 419 | 420 | On Chaining Blocks We will return to blockchain-based consensus 421 | protocols after reviewing traditional consensus protocols and economic 422 | consensus protocols. 423 | 424 | \subsubsection{Related work} 425 | 426 | \subsubsection{Organization of the rest of the paper} 427 | 428 | \section{Organizing some consensus on consensus} 429 | 430 | Traditional Consensus Protocols 431 | aim to have the following property: 432 | Correct nodes make a change to the consensus state if and only if they are certain that in a finite amount of time all other correct nodes will make the same change 433 | 434 | Traditional Consensus Protocols 435 | They prove this property using the assumption that there exists no more than f (byzantine) faulty nodes, and that the remaining nodes are correct 436 | 437 | 438 | Traditional Consensus Protocols 439 | If a correct node sees something X that causes it to change its state, it knows that all undecided correct nodes will also process that change, when they see X 440 | 441 | Traditional Consensus Protocols 442 | If f nodes are faulty, 443 | 444 | f + 1 node signatures are required for a node to believe that the message was signed by at least one correct node 445 | 446 | Traditional Consensus Protocols 447 | …. For consensus we must know that a majority of correct nodes approve of a change to the state 448 | f 449 | 450 | Traditional Consensus Protocols 451 | Definition: 452 | 453 | A “byzantine quorum” is a set of nodes large enough such that a majority of correct nodes must be contained in that set. 454 | f 455 | 456 | Traditional Consensus Protocols 457 | faulty nodes 458 | correct nodes 459 | majority of correct nodes 460 | byzantine quorum 461 | 0\% 462 | 100\% 463 | >50\% 464 | >50\% 465 | 33\% 466 | 67\% 467 | >33.5\% 468 | >66.5\% 469 | 50\% 470 | 50\% 471 | >25\% 472 | >75\% 473 | 80\% 474 | 20\% 475 | >10\% 476 | >90\% 477 | f 478 | 479 | Traditional Consensus Protocols 480 | …. The size of the byzantine quorum is 481 | 482 | > (100\% - f)/2 + f 483 | = 50\% + f/2 484 | 485 | …. where f is the proportion of byzantine faults 486 | f 487 | 488 | Traditional Consensus Protocols 489 | …. Unfortunately, faulty nodes can prevent a byzantine quorum from forming …. 490 | f 491 | 492 | Traditional Consensus Protocols 493 | faulty nodes 494 | correct nodes 495 | majority of correct nodes 496 | byzantine quorum (c1 + c3) 497 | quorum surplus 498 | (c2 - c4) 499 | 0\% 500 | 100\% 501 | >50\% 502 | >50\% 503 | <50\% 504 | 33\% 505 | 67\% 506 | >33.5\% 507 | >66.5\% 508 | <0.5\% 509 | 50\% 510 | 50\% 511 | >25\% 512 | >75\% 513 | <-25\% 514 | 80\% 515 | 20\% 516 | >10\% 517 | >90\% 518 | <-70\% 519 | f 520 | 521 | Traditional Consensus Protocols 522 | A fault tolerance f > ⅓ would require a quorum size that is greater than ⅔. This quorum cannot be guaranteed to form if there are more than 1 - ⅔ = ⅓ faults, 523 | 524 | ….and we just assumed that f > ⅓. 525 | f 526 | 527 | Traditional Consensus Protocols 528 | The highest fault tolerance we can hope for is: 529 | f = ⅓ 530 | 531 | |quorum| = 50\% + (f + e)/2 = ⅔ + e/2 532 | |correct| = 100\% - (f + e) = ⅔ - e |correct| < |quorum| by 3e/2, and we can only tolerate faults if |correct| >= |quorum| 533 | f 534 | 535 | Traditional Consensus Protocols 536 | A correct node that sees evidence of the acceptance of a change from a byzantine quorum knows that a majority of correct nodes have accepted that change 537 | 538 | Traditional Consensus Protocols 539 | In this case it is possible for the correct node to safely commit the change to its state. 540 | 541 | 542 | 543 | Traditional Consensus Protocols 544 | We need to assume that: A correct node “knows” that other correct nodes will commit to the same change to the consensus because it knows that they are using the same logic to update their copy of the state 545 | 546 | Economic Consensus Protocols 547 | In economic consensus, we relax the previous assumption. 548 | 549 | The network’s behaviour is constrained by the economics of the protocol rather than by the correctness of all-but-f nodes. 550 | 551 | Economic Consensus Protocols.. 552 | Definition: 553 | Economic consensus protocols are consensus protocols that use economic mechanisms defined by the protocol to prevent byzantine faults. 554 | 555 | Economic Consensus Protocols.. 556 | The security of an economic consensus protocol should be demonstrated through economic analysis. Economic analysis is unfortunately much harder to conduct than byzantine fault tolerance analysis. 557 | 558 | 559 | Economic Consensus Protocols.. 560 | In general we will aim to show that an economic consensus protocol is: Incentive compatible: 561 | All nodes have a direct incentive to work together to update and secure the consensus against faults 562 | 563 | 564 | 565 | 566 | Economic Consensus Protocols.. 567 | The most common type of incentive incompatibility is a majority coalition’s incentive to censor the remaining minority to increase their profitability. 568 | 569 | In the worst case, a majority coalition has an incentive to reverse history. 570 | 571 | 572 | 573 | 574 | Economic Consensus Protocols.. 575 | In general we will aim to also show that an economic consensus protocol is: Robust against incentive attacks: 576 | It would require a large expenditure out of a large budget to break the protocol’s incentive compatibility. 577 | 578 | 579 | 580 | Economic Consensus Protocols.. 581 | The most general incentive attack is called the bribe attack. 582 | 583 | In this attack model, the attacker can directly bribe any node to deviate from its current behaviour. We assume that all (or almost all) nodes will deviate if it is profitable. 584 | 585 | 586 | 587 | Economic Consensus Protocols.. 588 | Common assumption: 589 | 590 | Economic consensus protocols enforce these fault-preventing incentive mechanisms only by specifying the behaviour of a ledger of digital assets defined in the consensus state 591 | 592 | Economic Consensus Protocols.. 593 | This common assumption, together with the also common confusion of blockchain-based consensus protocols with economic consensus protocols is why people commonly refer to blockchains as “distributed ledgers” 594 | 595 | Economic Consensus Protocols.. 596 | Example: 597 | 598 | Tendermint makes faults expensive by revoking the security deposits of faulty validators. 599 | These deposits must be placed by a validator for their blocks to represent valid changes to the consensus state. 600 | 601 | Economic Consensus Protocols.. 602 | Counter-example: 603 | 604 | Transactions-as-PoW is a consensus protocol that is expensive to attack, but which does not use an internal ledger to achieve its economics. It requires transactions to be computationally expensive and to refer to previous transactions. 605 | 606 | Blockchain-based consensus protocols 607 | Achieve consensus by having nodes choose between competing histories (called blockchains or forks) based on a common fork-choice rule. 608 | 609 | This is as opposed to achieving consensus exclusively by coordinating to extend history. 610 | 611 | Blockchain-based consensus protocols 612 | The ability to choose one version of events after having adopted another is the defining characteristic of blockchains. 613 | 614 | Chaining blocks reduces the number of possible version of histories. 615 | 616 | Blockchain-based consensus protocols 617 | This property makes it possible for blockchains to favour availability over consistency in the event of a network partition. 618 | 619 | Blockchain-based consesnsus: CA(P) 620 | Traditional consensus: CA(P) 621 | 622 | Blockchain-based consensus protocols 623 | have a kind of fault-tolerance that doesn’t exist in the context of traditional protocols: The fork-based fault-tolerance is the proportion of network resources required to create a fork that is chosen by the fork-choice rule in favour of any fork that can be created by the remaining nodes. 624 | 625 | Blockchain-based consensus protocols 626 | Traditionally, blockchain-based consensus protocols have a fork-based fault-tolerance of 50\%. 627 | 628 | Traditional fault tolerance refers to the number of nodes that can be byzantine while it is still impossible for correct nodes to disagree. 629 | 630 | Blockchain-based consensus protocols 631 | Traditional fault tolerance: “How many of the nodes who made this fork would need to be byzantine for it to possibly be reverted?” Fork-based fault tolerance: “How many nodes need to be byzantine for the guarantee that the winning fork is one created by correct nodes?” 632 | 633 | Decentralization analysis 634 | Traditional: “How many nodes need to be byzantine for there to be a commitment that matches this one?” Fork-based: “How many nodes need to be correct, to guarantee that the winning fork is the one created by correct nodes?” 635 | 636 | Economic Consensus Protocols.. 637 | Example: 638 | 639 | Bitcoin makes faults expensive by making blocks computationally expensive to produce, while rewarding miners through the issuance of new bitcoin only for producing blocks on the “heaviest chain”. 640 | 641 | 642 | Economic Consensus Protocols.. 643 | Example, continued: 644 | 645 | Miners who don’t produce blocks at the head of the heaviest chain have to incur the computational expense but are not compensated for it… unless the blocks later become part of the heaviest chain. 646 | 647 | 648 | Economic Consensus Protocols.. 649 | Example, continued: 650 | 651 | By conducting a “51\% attack”, Bitcoin miners can work in a majority coalition to make a “lighter” fork into the “heaviest” fork. 652 | 653 | 654 | 655 | Economic Consensus Protocols.. 656 | Example, continued: 657 | 658 | We therefore commonly say that Bitcoin has a byzantine fault tolerance of 50\%. 659 | Economic analysis, on the other hand, is not that simple.. 660 | 661 | 662 | Economic Consensus Protocols.. 663 | Example, continued: If we want to show that the Bitcoin protocol is secured by economics rather than by correct nodes, we must show that it is incentive compatible and robust to incentive attacks, ideally with as few assumptions as possible. 664 | 665 | 666 | Economic Consensus Protocols.. 667 | 668 | Hence the term “distributed ledger”, which is unfortunately 669 | 670 | \section{Casper, informally} 671 | 672 | \section{The calculus} 673 | 674 | One notable feature of the {\pic} is its ability to succinctly and 675 | faithfully model a number of phenomena of concurrent and distributed 676 | computing. Competition for resources amongst autonomously executing 677 | processes is a case in point. The expression 678 | \begin{equation*} 679 | x?( y ) \Rightarrow P \juxtap x!( u ) \juxtap x?( v ) \Rightarrow Q 680 | \end{equation*} 681 | is made by composing three processes, two of which, $x?( y ) 682 | \Rightarrow P$ and $x?( v ) \Rightarrow Q$ are seeking input from 683 | channel $x$ before they launch their respective continuations, $P$ 684 | and/or $Q$; while the third, $x!( u )$, is supplying output on that 685 | same said channel. Only one of the input-guarded processes will win, 686 | receiving $u$ and binding it to the input variable, $y$, or 687 | respectively, $v$ in the body of the corresponding continuation -- 688 | while the loser remains in the input-guarded state awaiting input 689 | along channel $x$. The calculus is equinanimous, treating both 690 | outcomes as equally likely, and in this regard is unlike its 691 | sequential counterpart, the $\lambda$-calculus, in that it is not 692 | \emph{confluent}. There is no guarantee that the different branches of 693 | computation must eventually converge. Note that just adding a 694 | $\mathsf{new}$-scope around the expression 695 | \begin{equation*} 696 | (\mathsf{new}\; x)( x?( y ) \Rightarrow P \juxtap x!( u ) \juxtap x?( v ) \Rightarrow Q ) 697 | \end{equation*} 698 | ensures that the competition is for a local resource, hidden from any 699 | external observer. 700 | 701 | \subsection{Our running process calculus} 702 | 703 | \subsubsection{Syntax} 704 | \label{syntax} 705 | \begin{grammar} 706 | {P} \bc \pzero & \mbox{stopped process} \\ 707 | \;\;\; \bm \; {x}{?}{( y_1, \ldots, y_n )} \Rightarrow {P} & \mbox{input} \\ 708 | \;\;\; \bm \; {x}{!}{( y_1, \ldots, y_n )} & \mbox{output} \\ 709 | % \;\;\; \bm \; {M}{+}{N} & \mbox{choice} \\ 710 | %{ P, Q } \bc M & \mbox{include IO processes} \\ 711 | \;\;\; \bm \; (\mathsf{new}\; x){P} & \mbox{new channel} \\ 712 | \;\;\; \bm \; {P} \juxtap {Q} & \mbox{parallel} \\ 713 | \end{grammar} 714 | 715 | Due to space limitations we do not treat replication, $!P$. 716 | 717 | \subsubsection{Free and bound names} 718 | 719 | \begin{equation*} 720 | \begin{aligned} 721 | & \freenames{\pzero} \defneqls \emptyset \\ 722 | & \freenames{{x}{?}{( y_1, \ldots, y_n )} \Rightarrow {P}} \defneqls \\ 723 | & \;\;\;\;\;\{ x \} \cup (\freenames{P} \setminus \{ y_1, \ldots y_n \}) \\ 724 | & \freenames{{x}{!}{( y_1, \ldots, y_n )}} \defneqls \{ x, y_1, \ldots, y_n \} \\ 725 | & \freenames{(\mathsf{new}\; x){P}} \defneqls \freenames{P} \setminus \{x\} \\ 726 | & \freenames{{P} \juxtap {Q}} \defneqls \freenames{P} \cup \freenames{Q} \\ 727 | \end{aligned} 728 | \end{equation*} 729 | 730 | An occurrence of $x$ in a process $P$ is \textit{bound} if it is not 731 | free. The set of names occurring in a process (bound or free) is 732 | denoted by $\names{P}$. 733 | 734 | \subsubsection{Structural congruence} 735 | \label{congruence} 736 | 737 | The {\em structural congruence} of processes, noted $\scong$, is the 738 | least congruence containing $\alpha$-equivalence, $\alphaeq$, making 739 | $( P, |, 0 )$ into commutative monoids and satisfying 740 | 741 | \begin{equation*} 742 | (\mathsf{new}\; x)(\mathsf{new}\; x){P} \scong (\mathsf{new}\; x)P 743 | \end{equation*} 744 | \begin{equation*} 745 | (\mathsf{new}\; x)(\mathsf{new}\; y){P} \scong (\mathsf{new}\; y)(\mathsf{new}\; x)P 746 | \end{equation*} 747 | \begin{equation*} 748 | ((\mathsf{new}\; x){P}) \juxtap {Q} \scong (\mathsf{new}\; x)({P} \juxtap {Q}) 749 | \end{equation*} 750 | 751 | \subsubsection{Operational Semantics}\label{section:opsem} 752 | 753 | \infrule[Comm] 754 | { |\vec{y}| = |\vec{z}| } 755 | %{P_1 + {{ x_{0}{?}{(}{\vec{y}}{)} \concat {P}}\juxtap {x_{1}}{!}{(}{\vec{z}}{)} + P_2} 756 | {{{ x{?}{(}{\vec{y}}{)} \concat {P}}\juxtap {x}{!}{(}{\vec{z}}{)}} 757 | \red {{P}{\{}\vec{z}{/}{\vec{y}}{\}}}} 758 | 759 | In addition, we have the following context rules: 760 | 761 | \infrule[Par]{{P} \red {P}'}{{{P} \juxtap {Q}} \red {{P}' \juxtap {Q}}} 762 | 763 | \infrule[New]{{P} \red {P}'}{{(\mathsf{new}\; x){P}} \red {(\mathsf{new}\; x){P}'}} 764 | 765 | \infrule[Equiv]{{{P} \scong {P}'} \andalso {{P}' \red {Q}'} \andalso {{Q}' \scong {Q}}}{{P} \red {Q}} 766 | 767 | \subsubsection{Bisimulation} 768 | 769 | \begin{defn} 770 | An \emph{observation relation}, $\downarrow$ is the smallest relation satisfying the rules 771 | below. 772 | 773 | \infrule[Out-barb]{ } 774 | {{x}!(\vec{y}) \downarrow x} 775 | \infrule[Par-barb]{\mbox{$P\downarrow x$ or $Q\downarrow x$}} 776 | {{P} \juxtap {Q} \downarrow x} 777 | 778 | % We write $P \Downarrow x$ if there is $Q$ such that 779 | % $P \wred Q$ and $Q \downarrow x$. 780 | \end{defn} 781 | 782 | Notice that $\prefix{x}{y}{P}$ has no barb. Indeed, in {\pic} as well 783 | as other asynchronous calculi, an observer has no direct means to 784 | detect if a sent message has been received or not. 785 | 786 | \begin{defn} 787 | %\label{def.bbisim} 788 | An \emph{barbed bisimulation}, is a symmetric binary relation 789 | ${\mathcal S}$ between agents such that $P\rel{S}Q$ implies: 790 | \begin{enumerate} 791 | \item If $P \red P'$ then $Q \red Q'$ and $P'\rel{S} Q'$. 792 | \item If $P\downarrow x$, then $Q\downarrow x$. 793 | \end{enumerate} 794 | $P$ is barbed bisimilar to $Q$, written 795 | $P \wbbisim Q$, if $P \rel{S} Q$ for some barbed bisimulation ${\mathcal S}$. 796 | \end{defn} 797 | 798 | \section{Formally introducing Casper} 799 | 800 | \paragraph{Acknowledgments} 801 | We would like to acknowledge Anthony D'Onofrio for putting us in touch. 802 | 803 | % ------------------------------------------------------------------------ 804 | %GATHER{Xbib.bib} % For Gather Purpose Only 805 | %GATHER{Paper.bbl} % For Gather Purpose Only 806 | \bibliographystyle{amsplain} 807 | \bibliography{pispec} 808 | 809 | % ------------------------------------------------------------------------ 810 | 811 | \section{Appendix: because every technical paper needs an appendix} 812 | 813 | 814 | 815 | % ------------------------------------------------------------------------ 816 | 817 | \end{document} 818 | % ------------------------------------------------------------------------ 819 | -------------------------------------------------------------------------------- /casper/docs/ltcctbc/ltcctbc.tex.orig: -------------------------------------------------------------------------------- 1 | % ------------------------------------------------------------------------ 2 | % AMS-LaTeX Paper ******************************************************** 3 | % ------------------------------------------------------------------------ 4 | % Submitted: Dec 15 2003 5 | % Final Version: 6 | % Accepted: 7 | % ------------------------------------------------------------------------ 8 | % This is a journal top-matter template file for use with AMS-LaTeX. 9 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 10 | 11 | % TODO(mike): locating a closure at a name: how to translate a closure into a process that gets stuck into the cell 12 | 13 | 14 | 15 | %\documentclass{tran-l} 16 | \documentclass[twocolumn]{amsart} 17 | %\documentclass[]{amsart} 18 | %\documentclass[]{sig-alternate} 19 | %\documentclass[]{acm_proc_article-sp} 20 | %\documentclass[]{llncs} 21 | 22 | 23 | %\documentclass[]{prentcsmacro} 24 | 25 | %\usepackage[active]{srcltx} % SRC Specials for DVI Searching 26 | \usepackage{url} 27 | \usepackage[pdf]{pstricks} 28 | \usepackage{pstricks-add, pst-grad, pst-plot} 29 | \usepackage[tiling]{pst-fill} 30 | \psset{linewidth=0.3pt,dimen=middle} 31 | \psset{xunit=.70cm,yunit=0.70cm} 32 | \psset{angleA=-90,angleB=90,ArrowInside=->,arrowscale=2} 33 | 34 | 35 | % From Allen's stable. 36 | \usepackage{bigpage} 37 | \usepackage{bcprules} 38 | %\usepackage{code} 39 | \usepackage{mathpartir} 40 | \usepackage{listings} 41 | \usepackage{mathtools} 42 | %\usepackage[fleqn]{amsmath} 43 | \usepackage{amsfonts} 44 | \usepackage{latexsym} 45 | \usepackage{amssymb} 46 | \usepackage{caption} 47 | %\usepackage{multicol} 48 | 49 | % Math 50 | \newcommand{\maps}{\colon} 51 | \newcommand{\NN}{\mathbb{N}} 52 | % Double brackets 53 | \newcommand{\ldb}{[\![} 54 | \newcommand{\rdb}{]\!]} 55 | \newcommand{\ldrb}{(\!(} 56 | \newcommand{\rdrb}{)\!)} 57 | \newcommand{\lliftb}{\langle\!|} 58 | \newcommand{\rliftb}{|\!\rangle} 59 | % \newcommand{\lpquote}{\langle} 60 | % \newcommand{\rpquote}{\rangle} 61 | % \newcommand{\lpquote}{\lceil} 62 | % \newcommand{\rpquote}{\rceil} 63 | \newcommand{\lpquote}{\ulcorner} 64 | \newcommand{\rpquote}{\urcorner} 65 | \newcommand{\newkw}{\nu} 66 | 67 | % SYNTAX 68 | \newcommand{\id}[1]{\texttt{#1}} 69 | \newcommand{\none}{\emptyset} 70 | \newcommand{\eps}{\epsilon} 71 | \newcommand{\set}[1]{\{#1\}} 72 | \newcommand{\rep}[2]{\id{\{$#1$,$#2$\}}} 73 | \newcommand{\elt}[2]{\id{$#1$[$#2$]}} 74 | \newcommand{\infinity}{$\infty$} 75 | 76 | \newcommand{\pzero}{\mathbin{0}} 77 | \newcommand{\seq}{\mathbin{\id{,}}} 78 | \newcommand{\all}{\mathbin{\id{\&}}} 79 | \newcommand{\choice}{\mathbin{\id{|}}} 80 | \newcommand{\altern}{\mathbin{\id{+}}} 81 | \newcommand{\juxtap}{\mathbin{\id{|}}} 82 | %\newcommand{\concat}{\mathbin{.}} 83 | \newcommand{\concat}{\Rightarrow} 84 | \newcommand{\punify}{\mathbin{\id{:=:}}} 85 | \newcommand{\fuse}{\mathbin{\id{=}}} 86 | \newcommand{\scong}{\mathbin{\equiv}} 87 | \newcommand{\nameeq}{\mathbin{\equiv_N}} 88 | \newcommand{\alphaeq}{\mathbin{\equiv_{\alpha}}} 89 | \newcommand{\names}[1]{\mathbin{\mathcal{N}(#1)}} 90 | \newcommand{\freenames}[1]{\mathbin{\mathcal{FN}(#1)}} 91 | \newcommand{\boundnames}[1]{\mathbin{\mathcal{BN}(#1)}} 92 | %\newcommand{\lift}[2]{\texttt{lift} \; #1 \concat #2} 93 | \newcommand{\binpar}[2]{#1 \juxtap #2} 94 | \newcommand{\outputp}[2]{#1 ! ( * #2 )} 95 | \newcommand{\prefix}[3]{#1 ? ( #2 ) \concat #3} 96 | \newcommand{\lift}[2]{#1 ! ( #2 )} 97 | %\newcommand{\quotep}[1]{\lpquote #1 \rpquote} 98 | \newcommand{\quotep}[1]{@#1} 99 | \newcommand{\dropn}[1]{*#1} 100 | 101 | \newcommand{\newp}[2]{\id{(}\newkw \; #1 \id{)} #2} 102 | \newcommand{\bangp}[1]{\int #1} 103 | \newcommand{\xbangp}[2]{\int_{#2} #1} 104 | \newcommand{\bangxp}[2]{\int^{#2} #1} 105 | 106 | \newcommand{\substp}[2]{\id{\{} \quotep{#1} / \quotep{#2} \id{\}}} 107 | \newcommand{\substn}[2]{\id{\{} #1 / #2 \id{\}}} 108 | 109 | \newcommand{\psubstp}[2]{\widehat{\substp{#1}{#2}}} 110 | \newcommand{\psubstn}[2]{\widehat{\substn{#1}{#2}}} 111 | 112 | \newcommand{\applyp}[2]{#1 \langle #2 \rangle} 113 | \newcommand{\absp}[2]{\id{(} #1 \id{)} #2} 114 | 115 | \newcommand{\transitions}[3]{\mathbin{#1 \stackrel{#2}{\longrightarrow} #3}} 116 | \newcommand{\meaningof}[1]{\ldb #1 \rdb} 117 | \newcommand{\pmeaningof}[1]{\ldb #1 \rdb} 118 | \newcommand{\nmeaningof}[1]{\ldrb #1 \rdrb} 119 | 120 | \newcommand{\Proc}{\mathbin{Proc}} 121 | \newcommand{\QProc}{\quotep{\mathbin{Proc}}} 122 | 123 | \newcommand{\entailm}{\mathbin{\vdash_{\mathfrak m}}} %matching 124 | \newcommand{\entailp}{\mathbin{\vdash_{\mathfrak p}}} %behavioral 125 | \newcommand{\entailv}{\mathbin{\vdash_{\mathfrak v}}} %validation 126 | \newcommand{\congd}{\mathbin{\equiv_{\mathfrak d}}} 127 | \newcommand{\congs}{\mathbin{\equiv_{\mathfrak s}}} 128 | \newcommand{\congp}{\mathbin{\equiv_{\mathfrak p}}} 129 | %\newcommand{\defneqls}{:\!=} 130 | \newcommand{\defneqls}{\coloneqq} 131 | %\newcommand{\logequiv}{\mathbin{\leftrightarrow}} 132 | 133 | \newcommand{\barb}[2]{\mathbin{#1 \downarrow_{#2}}} 134 | \newcommand{\dbarb}[2]{\mathbin{#1 \Downarrow_{#2}}} 135 | 136 | % From pi-duce paper 137 | \renewcommand{\red}{\rightarrow} 138 | \newcommand{\wred}{\Rightarrow} 139 | \newcommand{\redhat}{\hat{\longrightarrow}} 140 | \newcommand{\lred}[1]{\stackrel{#1}{\longrightarrow}} %transitions 141 | \newcommand{\wlred}[1]{\stackrel{#1}{\Longrightarrow}} 142 | 143 | \newcommand{\opm}[2]{\overline{#1} [ #2 ]} % monadic 144 | \newcommand{\ipm}[2]{{#1} ( #2 )} 145 | \newcommand{\ipmv}[2]{{#1} ( #2 )} % monadic 146 | \newcommand{\parop}{\;|\;} % parallel operator 147 | \newcommand{\patmatch}[3]{#2 \in #3 \Rightarrow #1} 148 | \newcommand{\sdot}{\, . \,} % Space around '.' 149 | \newcommand{\bang}{!\,} 150 | %\newcommand{\fuse}[1]{\langle #1 \rangle} 151 | \newcommand{\fusion}[2]{#1 = #2} % fusion prefix/action 152 | \newcommand{\rec}[2]{\mbox{\textsf{rec}} \, #1. \, #2} 153 | \newcommand{\match}[2]{\mbox{\textsf{match}} \; #1 \; \mbox{\textsf{with}} \; #2} 154 | \newcommand{\sep}{:} 155 | \newcommand{\val}[2]{\mbox{\textsf{val}} \; #1 \; \mbox{\textsf{as}} \; #2} 156 | 157 | \newcommand{\rel}[1]{\;{\mathcal #1}\;} %relation 158 | \newcommand{\bisim}{\stackrel{.}{\sim}_b} %bisimilar 159 | \newcommand{\wb}{\approx_b} %weak bisimilar 160 | \newcommand{\bbisim}{\stackrel{\centerdot}{\sim}} %barbed bisimilar 161 | \newcommand{\wbbisim}{\stackrel{\centerdot}{\approx}} %weak barbed bisimilar 162 | \newcommand{\wbbisimsem}{\approx} %weak barbed bisimilar 163 | \newcommand{\bxless}{\lesssim} %expansion less (amssymb required) 164 | \newcommand{\bxgtr}{\gtrsim} %expansion greater (amssymb required) 165 | \newcommand{\beq}{\sim} %barbed congruent 166 | \newcommand{\fwbeq}{\stackrel{\circ}{\approx}} %weak barbed congruent 167 | \newcommand{\wbeq}{\approx} %weak barbed congruent 168 | \newcommand{\sheq}{\simeq} %symbolic hypereq 169 | \newcommand{\wbc}{\approx_{cb}} 170 | 171 | % End piduce contribution 172 | 173 | % rho logic 174 | 175 | \newcommand{\ptrue}{\mathbin{true}} 176 | \newcommand{\psatisfies}[2]{#1 \models #2} 177 | \newcommand{\pdropf}[1]{\rpquote #1 \lpquote} 178 | \newcommand{\pquotep}[1]{\lpquote #1 \rpquote} 179 | \newcommand{\plift}[2]{#1 ! ( #2 )} 180 | \newcommand{\pprefix}[3]{\langle #1 ? #2 \rangle #3} 181 | \newcommand{\pgfp}[2]{\textsf{rec} \; #1 \mathbin{.} #2} 182 | \newcommand{\pquant}[3]{\forall #1 \mathbin{:} #2 \mathbin{.} #3} 183 | \newcommand{\pquantuntyped}[2]{\forall #1 \mathbin{.} #2} 184 | \newcommand{\riff}{\Leftrightarrow} 185 | 186 | \newcommand{\PFormula}{\mathbin{PForm}} 187 | \newcommand{\QFormula}{\mathbin{QForm}} 188 | \newcommand{\PropVar}{\mathbin{\mathcal{V}}} 189 | 190 | \newcommand{\typedby}{\mathbin{\:\colon}} 191 | \newcommand{\mixedgroup}[1]{\id{mixed($#1$)}} 192 | \newcommand{\cast}[2]{\id{CAST AS} \; #1 \; (#2)} 193 | \newcommand{\bslsh}{\mathbin{\id{\\}}} 194 | \newcommand{\bslshslsh}{\mathbin{\id{\\\\}}} 195 | \newcommand{\fslsh}{\mathbin{\id{/}}} 196 | \newcommand{\fslshslsh}{\mathbin{\id{//}}} 197 | \newcommand{\bb}[1]{\mbox{#1}} 198 | \newcommand{\bc}{\mathbin{\mathbf{::=}}} 199 | \newcommand{\bm}{\mathbin{\mathbf\mid}} 200 | \newcommand{\be}{\mathbin{=}} 201 | \newcommand{\bd}{\mathbin{\buildrel {\rm \scriptscriptstyle def} \over \be}} 202 | \newcommand{\ctcategory}[1]{\mbox{\bf #1}} 203 | 204 | %GRAMMAR 205 | \newlength{\ltext} 206 | \newlength{\lmath} 207 | \newlength{\cmath} 208 | \newlength{\rmath} 209 | \newlength{\rtext} 210 | 211 | \settowidth{\ltext}{complex type name} 212 | \settowidth{\lmath}{$xxx$} 213 | \settowidth{\cmath}{$::=$} 214 | \settowidth{\rmath}{\id{attributeGroup}} 215 | \settowidth{\rtext}{repetition of $g$ between $m$ and $n$ times} 216 | 217 | \newenvironment{grammar}{ 218 | \[ 219 | \begin{array}{l@{\quad}rcl@{\quad}l} 220 | \hspace{\ltext} & \hspace{\lmath} & \hspace{\cmath} & \hspace{\rmath} & \hspace{\rtext} \\ 221 | }{ 222 | \end{array}\] 223 | } 224 | 225 | % Over-full v-boxes on even pages are due to the \v{c} in author's name 226 | \vfuzz2pt % Don't report over-full v-boxes if over-edge is small 227 | 228 | % THEOREM Environments --------------------------------------------------- 229 | \newtheorem{thm}{Theorem}[subsection] 230 | \newtheorem{cor}[thm]{Corollary} 231 | \newtheorem{lem}[thm]{Lemma} 232 | \newtheorem{prop}[thm]{Proposition} 233 | % \theoremstyle{definition} 234 | \newtheorem{defn}[thm]{Definition} 235 | % \theoremstyle{remark} 236 | \newtheorem{rem}[thm]{Remark} 237 | \newtheorem{example}[thm]{Example} 238 | \numberwithin{equation}{subsection} 239 | % MATH ------------------------------------------------------------------- 240 | \DeclareMathOperator{\RE}{Re} 241 | \DeclareMathOperator{\IM}{Im} 242 | \DeclareMathOperator{\ess}{ess} 243 | \newcommand{\veps}{\varepsilon} 244 | \newcommand{\To}{\longrightarrow} 245 | \newcommand{\h}{\mathcal{H}} 246 | \newcommand{\s}{\mathcal{S}} 247 | \newcommand{\A}{\mathcal{A}} 248 | \newcommand{\J}{\mathcal{J}} 249 | \newcommand{\M}{\mathcal{M}} 250 | \newcommand{\W}{\mathcal{W}} 251 | \newcommand{\X}{\mathcal{X}} 252 | \newcommand{\BOP}{\mathbf{B}} 253 | \newcommand{\BH}{\mathbf{B}(\mathcal{H})} 254 | \newcommand{\KH}{\mathcal{K}(\mathcal{H})} 255 | \newcommand{\Real}{\mathbb{R}} 256 | \newcommand{\Complex}{\mathbb{C}} 257 | \newcommand{\Field}{\mathbb{F}} 258 | \newcommand{\RPlus}{\Real^{+}} 259 | \renewcommand{\Polar}{\mathcal{P}_{\s}} 260 | \newcommand{\Poly}{\mathcal{P}(E)} 261 | \newcommand{\EssD}{\mathcal{D}} 262 | \newcommand{\Lom}{\mathcal{L}} 263 | \newcommand{\States}{\mathcal{T}} 264 | \newcommand{\abs}[1]{\left\vert#1\right\vert} 265 | % \newcommand{\set}[1]{\left\{#1\right\}} 266 | %\newcommand{\seq}[1]{\left<#1\right>} 267 | \newcommand{\norm}[1]{\left\Vert#1\right\Vert} 268 | \newcommand{\essnorm}[1]{\norm{#1}_{\ess}} 269 | 270 | %%% NAMES 271 | \newcommand{\Names}{{\mathcal N}} 272 | \newcommand{\Channels}{{\sf X}} 273 | \newcommand{\Variables}{{\mathcal V}} 274 | \newcommand{\Enames}{{\mathcal E}} 275 | \newcommand{\Nonterminals}{{\mathcal S}} 276 | \newcommand{\Pnames}{{\mathcal P}} 277 | \newcommand{\Dnames}{{\mathcal D}} 278 | \newcommand{\Types}{{\mathcal T}} 279 | 280 | \newcommand{\fcalc}{fusion calculus} 281 | \newcommand{\xcalc}{${\mathfrak x}$-calculus} 282 | \newcommand{\lcalc}{$\lambda$-calculus} 283 | \newcommand{\pic}{$\pi$-calculus} 284 | \newcommand{\rhoc}{${\textsc{rho}}$-calculus} 285 | \newcommand{\hcalc}{highwire calculus} 286 | \newcommand{\dcalc}{data calculus} 287 | %XML should be all caps, not small caps. --cb 288 | %\newcommand{\xml}{\textsc{xml}} 289 | \newcommand{\xml}{XML} 290 | 291 | \newcommand{\papertitle}{Linear types can change the blockchain!} 292 | % use static date to preserve date of actual publication 293 | \newcommand{\paperversion}{Draft Version 0.1 - Jan 7, 2015} 294 | 295 | \newenvironment{toc} 296 | { 297 | \begin{list}{}{ 298 | \setlength{\leftmargin}{0.4in} 299 | \setlength{\rightmargin}{0.6in} 300 | \setlength{\parskip}{0pt} 301 | } \item } 302 | {\end{list}} 303 | 304 | \newenvironment{narrow} 305 | { 306 | \begin{list}{}{ 307 | \setlength{\leftmargin}{0.4in} 308 | \setlength{\rightmargin}{0.6in} 309 | } \item } 310 | {\end{list}} 311 | 312 | %%% ---------------------------------------------------------------------- 313 | 314 | %\title{\huge{\papertitle}} 315 | \title{\papertitle} 316 | 317 | %\numberofauthors{3} 318 | \author{ 319 | L.G. Meredith\\ 320 | \affaddr{Biosimilarity, LLC}\\ 321 | \email{\fontsize{8}{8}\selectfont lgreg.meredith@biosimilarity.com} 322 | } 323 | 324 | %\address{Systems Biology, Harvard Medical School, Boston, Massachussetts, USA} 325 | 326 | %\email{lg_meredith@hms.harvard.edu} 327 | 328 | %\thanks{This work was completed during a visiting appointment at the Department of Systems Biology, Harvard Medical School.} 329 | 330 | %\subjclass{Primary 47A15; Secondary 46A32, 47D20} 331 | 332 | %\date{April 6, 2002.} 333 | 334 | %\dedicatory{} 335 | 336 | %\commby{Daniel J. Rudolph} 337 | 338 | %%% ---------------------------------------------------------------------- 339 | 340 | \begin{document} 341 | %\lstset{language=erlang} 342 | \lstset{language=} 343 | 344 | %These margin values appear to be relative to the bigpage package settings. --cb 345 | \setlength{\topmargin}{0in} 346 | \setlength{\textheight}{8.5in} 347 | \setlength{\parskip}{6pt} 348 | 349 | \keywords{ linear logic, blockchain, types, Curry-Howard } 350 | 351 | \begin{abstract} 352 | \normalsize{ 353 | 354 | We present an interpretation of classical linear logic in terms of operations on the blockchain. 355 | 356 | } 357 | 358 | \end{abstract} 359 | 360 | % \noindent 361 | % {\large \textbf{Submission to arXiv}}\\ 362 | % \rule{6.25in}{0.75pt}\\\\\\ 363 | 364 | %%% ---------------------------------------------------------------------- 365 | \maketitle 366 | %%% ---------------------------------------------------------------------- 367 | 368 | % \begin{center} 369 | % \paperversion\\ 370 | % \end{center} 371 | 372 | % \begin{toc} 373 | % \tableofcontents 374 | % \end{toc} 375 | 376 | % \newpage 377 | % ------------------------------------------------------------------------ 378 | 379 | \section{Background and Motivation} 380 | 381 | i've had a lot of time to think this week because i’ve been waiting on 382 | machines to synchronize with the blockchain. As a result, i’ve been 383 | more motivated than ever to find a scalable and reliable architecture 384 | for the blockchain. i believe i'm getting closer to a way to explain 385 | and test a hypothesis that linear proofs provide the basis for a much 386 | more scalable architecture for the blockchain. For background on what 387 | i mean by linear proofs, here's a paper that interprets them in terms 388 | of games, and here’s another that interprets them in terms of 389 | traditional computational calculi like the lambda calculus. 390 | 391 | A linear proof is a formal structure representing a proof of a formula 392 | in linear logic. The Curry-Howard isomorphism tells us that formulae 393 | are types (as in data types in a programming language), and that 394 | proofs are programs. This is a very broad and deep idea. In the 90’s, 395 | for example, Abramsky extended it to proofs as processes, which Wadler 396 | was only very recently able to realize as a correspondence between 397 | linear proofs and π-calculus processes. In this context it means that 398 | linear proofs provide a representation of both data (blocks) and 399 | program (executable transactions) that gives several advantages over 400 | the current choices made by the blockchain. 401 | 402 | The blockchain is a great example of data that is also program; it’s a 403 | giant ledger spread out over the Internet, that’s made of a bunch of 404 | distributed, but interacting servers. To become more scalable, and 405 | reliable, both ledger and servers will need certain characteristics of 406 | data/program that have to do with a property called 407 | compositionality. Scalability is always all about being able to build 408 | composite systems from components. For example, if we can prove that 409 | sections of the blockchain can be safely isolated from other sections, 410 | for example, if all blocks necessary to prove that Alice has 411 | sufficient funds to send M btc to Betty, can be isolated from the 412 | blocks necessary to prove that Alfred has sufficient funds to send N 413 | btc to Bob, then Alice and Betty, and Alfred and Bob can safely work 414 | with projections of the blockchain, and thus complete their 415 | transactions, not only in isolation of each other, but without the 416 | onerous need to sync the entire blockchain. 417 | 418 | One analogy is the use of separation logic (a child of linear logic) 419 | to prove things about the structure of the heap which can, in turn, be 420 | used to guarantee that two threads can operate at the same time 421 | safely. The blockchain is like the heap. The Alice - Betty and Alfred 422 | - Bob transactions are like the two threads. A proof that the heap is 423 | of the form H1 * H2 together with a proof that T1 : H1 -> H1', T2 : H2 424 | -> H2' constitutes a proof that T1 * T2 (thread T1 running 425 | concurrently with T2) operate effectively in isolation and thus 426 | safely. Likewise, a proof that the blockchain is of the form B1 * B2 427 | (none of the transactions in B1 connect to addresses in B2 and vice 428 | versa), together with a proof that AliceBettyTxn : B1 -> B1' (this txn 429 | uses only addresses in B1), and AlfredBobTxn : B2 -> B2' (this txn 430 | uses only addresses in B2) constitutes a proof that AliceBettyTxn * 431 | AlfredBobTxn can operate with isolated projections of the blockchain. 432 | 433 | If the blockchain is built using the primitives of linear logic, it 434 | becomes easier and easier to construct these proofs, but also to 435 | construct the blockchain, itself, in terms of smaller blockchains. 436 | 437 | \section{Interpreting Linear Proofs as Operations on the Blockchain} 438 | Here's the most basic interpretation. 439 | 440 | \begin{mathpar} 441 | \inferrule* {} {\vdash 1blkchnaddr : A \otimes \ldots \otimes A} %( with N occurrences of A ) 442 | \end{mathpar} 443 | 444 | is a statement that there are $N$ $A$'s available at the address, 445 | $1blkchnaddr$. $A$'s can be any resource, BTC's, AMP's, DogeCoin, etc. 446 | 447 | \begin{mathpar} 448 | \inferrule* {} {\vdash txn : A \otimes \ldots \otimes A \multimap B \otimes \ldots \otimes B %( with N occurrences of A in A * ... * A and M occurrences of B in B * ... * B ) 449 | \end{mathpar} 450 | 451 | is a statement that $txn$ will generate $M$ $B$'s if provided $N$ $A$'s. 452 | 453 | Terminologically, we say that $1blkchnaddr$ is a \emph{witness} or a 454 | \emph{proof} of $A \otimes \ldots \otimes A$, and similarly, that $txn$ 455 | is a witness or proof of $A \otimes \ldots \otimes A \multimap B \otimes \ldots \otimes B$. Given two such 456 | proofs we can use the cut rule of linear logic to produce a proof 457 | 458 | \begin{mathpar} 459 | \inferrule* {} {\vdash txn( 1blkchnaddr ) : B \otimes \ldots \otimes B} 460 | \end{mathpar} 461 | 462 | where $txn( 1blkchnaddr )$ is a new address in the blockchain 463 | constructed from the information in txn together with 464 | $1blkchnaddr$. This should look remarkably like function application, 465 | because it is. 466 | 467 | Notice that now we can see, recursively, what a proof of a statement like 468 | 469 | \begin{mathpar} 470 | \inferrule* {} {\vdash 1blkchnaddr : A \otimes \ldots \otimes A} 471 | \end{mathpar} 472 | 473 | looks like. In most cases it will be a proof made from a previous 474 | application of the cut rule. This tree of cuts will trace all the way 475 | back to some genesis block -- which is the only other way to have a 476 | proof of a statement like 477 | 478 | \begin{mathpar} 479 | \inferrule* {} {\vdash 1blkchnaddr : A \otimes \ldots \otimes A} 480 | \end{mathpar} 481 | 482 | Now, where does the return address associated with $txn( 1blkchnaddr )$ come from? 483 | 484 | To see this we have to look into the mechanics of $\multimap$ (called 485 | linear implication or, more affectionately, lollipop). 486 | 487 | \begin{equation*} 488 | A \multimap B = A^{\perp} \parr B 489 | \end{equation*} 490 | 491 | Linear implication is decomposed much like classical implication in 492 | terms of a negation and a disjunctive connective. It is literally an 493 | expression capturing the sentiment we need $A$ to get $B$, or $B$ 494 | comes with a cost of $A$. The use of a proof rule for these kinds of 495 | links looks like 496 | 497 | \begin{mathpar} 498 | \inferrule* {\vdash G, 1blkchnaddr : A^{\perp}, 2blkchnaddr : B}{\vdash G, txn( 1blkchnaddr, 2blkchnaddr ) : A^{\perp} \parr B} 499 | \end{mathpar} 500 | 501 | where we snuck in the rest of the blockchain as $G$. As we saw above, $A^{\perp} \parr B = A \multimap B$; so, we can write 502 | 503 | \begin{mathpar} 504 | \inferrule* {\vdash G, 1blkchnaddr : A^{\perp}, 2blkchnaddr : B}{\vdash G, txn( 1blkchnaddr, 2blkchnaddr ) : A \multimap B} 505 | \end{mathpar} 506 | 507 | Now we see that forming a $txn$ comes with the requirement to provide an 508 | address where $A$'s will be sent and an address where $B$'s will be 509 | received. Expanding on these intuitions, we can see that the rules of 510 | classical linear logic correspond exactly to a specification of 511 | operations on the blockchain. 512 | 513 | \subsection{Linear Sequents} 514 | 515 | In more detail, a proof rule in linear logic is usually written in 516 | terms of a transformation, 517 | 518 | \begin{mathpar} 519 | \inferrule* {S_1, S_2, \ldots, S_N} {S} 520 | \end{mathpar} 521 | 522 | taking \emph{sequent}s $S_1, \ldots, S_N$ to a \emph{sequent} $S$, where 523 | a sequent is of the form 524 | 525 | \begin{mathpar} 526 | \inferrule* {} {\vdash G, t_1 : A_1, \ldots, t_N : A_N} 527 | \end{mathpar} 528 | 529 | A sequent is really just a statement about what is distributed where in an instance of the blockchain. 530 | 531 | \begin{itemize} 532 | \item $t_1, \ldots, t_N$ are either addresses or programs that take addresses as input; they constitute the "focus" of the proof rule, or where the action is going to happen. 533 | \item $A_1, \ldots, A_N$ are (types built from) the different types of coin 534 | \item $G$ is the rest of the blockchain -- it is necessary to establish the distribution of resources we see at $t_1, \ldots, t_N$, but it's not the focus of the operation of the proof rule. 535 | \end{itemize} 536 | 537 | Putting it all together, a proof rule of the form 538 | 539 | \begin{mathpar} 540 | \inferrule* {S_1} {S_2} 541 | \end{mathpar} 542 | 543 | is then a statement about how the blockchain in state $S_1$ goes to a 544 | blockchain in state $S_2$. If you think about it, that's just what we 545 | need to reason about transactions. In a transaction where Alice sends 546 | Betty $N$ coin, we can think of the transaction as a rule that takes a 547 | blockchain in a state where Alice has $N$ btc to a blockchain in a 548 | state where Betty has $N$ btc. 549 | 550 | \subsection{The Multiplicatives} 551 | Linear logic, however, allows to build bigger blockchains from smaller 552 | ones, and manages the dependency and information flow so that 553 | everything remains consistent. Here's an example. The proof rule for 554 | the tensor $A \otimes B$ looks like this 555 | 556 | \begin{mathpar} 557 | \inferrule* {\vdash G, t : A, \vdash H, u : B}{\vdash G, H, t \otimes u : A \otimes B} 558 | \end{mathpar} 559 | 560 | It says that if you have one blockchain, $\vdash G, t : A$, and 561 | another completely independent blockchain, with a totally separate 562 | address space, $\vdash H, u : B$, then you can make a new one 563 | 564 | \begin{mathpar} 565 | \inferrule* {} {|- G, H, t \otimes u : A \otimes B} 566 | \end{mathpar} 567 | 568 | in which you just combine all the data of assignments of addresses to 569 | resources in $G$ and $H$ in one big blockchain, $G,H$, and you can make a 570 | kind of composite address (or program), $t \otimes u$, at which can be found 571 | the combined $A \otimes B$ resource. 572 | 573 | Now, comparison of the par ( $A \parr B$ ) rule, which establishes transaction links, is even more illuminating. 574 | 575 | \begin{mathpar} 576 | \inferrule* {\vdash G, t : A, u : B}{ G, t \parr u : A \parr B } 577 | \end{mathpar} 578 | 579 | This rule insists that the transaction link, $t \parr u$, is made in the same piece of the blockchain, $G$. 580 | 581 | The fragment of linear logic that includes, $A^{\perp}$, $A \otimes 582 | B$, $A \parr B$, $A \multimap B$, is called the multiplicative 583 | fragment of linear logic, or MLL. It talks about the basics of 584 | transactions, loading up addresses with resources and establishing 585 | dependencies between addresses, essentially recording transaction 586 | history. However, it does so in a way that keeps track of how the 587 | blockchain itself is segmented. This allows us to determine things 588 | like how much of the blockchain do i have to see in order to safely 589 | conduct this transaction, or can i conduct this transaction without 590 | needing visibility into that region of the blockchain. 591 | 592 | \subsection{The Additives} 593 | 594 | Linear logic also enjoys another fragment, called the additives. This 595 | aspect of the logic is all about conditionals and contingencies, this 596 | or that, but not both. The linear logic connective called 'with', and 597 | denoted $A \with B$, collects options together into a menu for subsequent 598 | selection by interaction with choices indicated by the linear 599 | connective 'plus', $A + B$. In symbols, 600 | 601 | \begin{mathpar} 602 | \inferrule* {\vdash G, t : A, u : B}{\vdash G, t \with u : A \with B} 603 | \end{mathpar} 604 | 605 | while 606 | 607 | \begin{mathpar} 608 | \inferrule* {\vdash G, t : A}{ inl( t ) : A + B } 609 | \end{mathpar} 610 | 611 | and 612 | 613 | \begin{mathpar} 614 | \inferrule* {G, u : B}{inr( u ) : A + B} 615 | \end{mathpar} 616 | 617 | If during a more complex transaction $t \with u$ gets tied to $inl( t' 618 | )$, via $txn( t \with u, inl( t' ) )$, then this will reduce to a 619 | transaction of the form $txn( t, t' )$. On the other hand, $txn( t 620 | \with u, inr( u' ) )$ will reduce to a transaction of the form $txn( 621 | u, u' )$. 622 | 623 | \subsection{The Exponentials} 624 | 625 | The fragment of linear logic that includes the multiplicative and 626 | additive connectives is called MALL. The remaining connectives are 627 | called the exponentials, $?A$, and $!A$. They denote copyable, 628 | non-conserved resources. When we write $\vdash G, t : !A$, we are 629 | saying that you can get as many $A$'s from the address (or program) 630 | $t$ as you want. Thus, unlike currency, that address is linked to a 631 | copyable resource like a document, or a jpeg, or audio file, or 632 | ... that can be shared widely. When we write $\vdash G, t : ?A$, we 633 | are saying that you can put as many $A$'s into the address (or 634 | program) $t$ as you want. You can think of it as a place to store 635 | $A$'s, or discard them. 636 | 637 | What’s critically important about the use of the exponentials is that 638 | they mark resources that ought not to stay on the blockchain. They 639 | indicate content and content types that can be better served by a 640 | different kind of content delivery network. This is another important 641 | function in helping with a scalable blockchain -- use blockchain 642 | technology where it makes sense and use other means where it doesn’t. 643 | 644 | Taken all together, we have an interpretation of full classical linear 645 | logic in terms of operations on the blockchain. 646 | 647 | \section{Conclusions and Future Work} 648 | 649 | We have developed a view of full classical linear logic in terms of 650 | operations against the blockchain. The view we have been developing 651 | not only extends to provide a meaningful interpretation of full 652 | classical linear logic to natural and intuitive operations on the 653 | blockchain, it also extends and expands how we think about the 654 | blockchain and what transactions on it are. Additionally, it provides 655 | guarantees, mathematical certainties about the correctness of 656 | transactions structured and executed this way. In particular, notice 657 | that we focused mostly on the connectives governing $A$'s and $B$'s (the 658 | resources to be found at addresses or programs). We didn't really talk 659 | about the structure of $t$'s and $u$'s. These provide us with a simple and 660 | intuitive syntax for transactions. Of equal importance, these 661 | transactions are \emph{typed} programs. When we write $\vdash G, t : A$, we are 662 | not only saying something about the resources produced or manipulated 663 | by $t$, we are saying something about how t can be used, and in what 664 | blockchain context we can expect t to perform correctly. 665 | 666 | Understood this way, the blockchain interpretation gives new meaning 667 | and perspective on some theorems from the linear logic literature. In 668 | particular, it is well established that there is a natural notion of 669 | execution of $t$'s. That is, when thought of as programs, we know how 670 | to run them. When they are well typed, that is, if we have established 671 | $\vdash t : A$, then $t$ is \emph{terminating}. That’s a theorem from 672 | Abramsky’s computational interpretations of linear logic. What this 673 | means for the blockchain is that proof terms and their linear 674 | connectives provide a scripting language for transactions that, on the 675 | one hand, provides termination for all well typed scripts, and on the 676 | other is highly expressive. Further, if it turns out that this 677 | scripting language is not expressive enough, then there is a natural 678 | extension of proof terms via a correspondence between linear proof 679 | terms and {$\pi$}-calculus processes that we mentioned at the top of these 680 | notes. 681 | 682 | 683 | \begin{tabular}{c|c} 684 | proof term & blockchain meaning \\ 685 | address & address \\ 686 | $t * u$ & isolated concurrent transactions \\ 687 | $t # u$ & interacting or linked concurrent transactions \\ 688 | $t \with u$ & menu of transaction options \\ 689 | $inl( t ), inr( u )$ & transaction option selection \\ 690 | $!t$ & copyable resource server \\ 691 | $?t$ & copyable resource storage \\ 692 | $txn( t, u )$ & joined transactions\\ 693 | \end{tabular} 694 | 695 | This correspondence is not just useful for extending a scripting 696 | language for blockchain transactions. It turns out the 697 | {$\pi$}-calculus the premier formalism for specifying, reasoning 698 | about, and executing protocols in distributed systems. Since one of 699 | the real values of the blockchain is the fact that it is a distributed 700 | means to conduct transactions, the need to tie this formalism to one 701 | for specifying protocols in distributed systems is plain. 702 | 703 | \subsection{Proof-of-work} 704 | 705 | The glaring lacunae in this discussion is, of course, the relationship 706 | to proof-of-work. Consider the following example. Suppose $C_1$ and $C_2$ 707 | are blockchains both of height $N$. 708 | 709 | \begin{equation*} 710 | \begin{aligned} 711 | C_1 = B_{1N} \leftarrow B_{1N-1} \leftarrow \ldots \leftarrow B_{10} \\ 712 | C_2 = B_{2N} \leftarrow B_{2N-1} \leftarrow \ldots \leftarrow B_{20} 713 | \end{aligned} 714 | \end{equation*} 715 | 716 | We can define 717 | 718 | \begin{equation*} 719 | C_1 \otimes C_2 = ( B_{1N} \otimes B_{2N} ) \leftarrow ( B_{1N-1} * B_{2N-1} ) \leftarrow \ldots \leftarrow ( B_{10} * B_{20} ) 720 | \end{equation*} 721 | 722 | Note that it is insufficient merely to guarantee for $B \otimes B$’ that all 723 | the transactions in $B$ are isolated from the transactions in $B$’. The 724 | counterexample is 725 | 726 | \begin{equation*} 727 | \begin{aligned} 728 | C_1 = Block{ 1AliceAddr \rightarrow^{5btc} 1AllanAddr } \leftarrow Block{ 1BobAddr \rightarrow^{7btc} 1BettyAddr } \\ 729 | C_2 = Block{ 1BobAddr \rightarrow^{7btc} 1BettyAddr } \leftarrow Block{ 1AliceAddr \rightarrow^{5btc} 1AllanAddr } 730 | \end{aligned} 731 | \end{equation*} 732 | 733 | Clearly $B_{11}$ is isolated from $B_{21}$, and $B_{10}$ is isolated 734 | from $B_{20}$; but, $B_{20}$ is not isolated from $B_{11}$, and 735 | $B_{10}$ is not isolated from $B_{21}$. As a result, the spends in the 736 | earlier blocks could impact the spends in the later blocks. 737 | 738 | Instead, the entire address space of $C_1$ must be isolated from 739 | $C_2$. In this case the network of servers, $N_1$, that maintain $C_1$ can 740 | be safely combined with the network of servers, $N_2$, that maintain $C_2$, 741 | and we can safely define the composite chain as above. The 742 | proof-of-work protocol organizing $N_1$ is completely separate from that 743 | in $N_2$. They do not interact. Yet, it is safe to combine the chains 744 | using a glorified zip function. In this example, 745 | 746 | \begin{equation*} 747 | \begin{aligned} 748 | C_1 = Block{ 1AliceAddr \rightarrow^{5btc} 1AllanAddr } \leftarrow Block{ 2BobAddr \rightarrow^{7btc} 2BettyAddr } 749 | C2 = Block{ 1BobAddr \rightarrow^{7btc} 1BettyAddr } \leftarrow Block{ 2AliceAddr \rightarrow^{5btc} 2AllanAddr } 750 | \end{aligned} 751 | \end{equation*} 752 | 753 | The address spaces of these chains are completely isolated (often 754 | written $addresses( C_1 ) # addresses( C_2 )$ ). We are free to calculate 755 | 756 | \begin{equation*} 757 | \begin{aligned} 758 | C_1 \otimes C_2 \\ 759 | & = \\ 760 | Block{ 1AliceAddr \rightarrow^{5btc} 1AllanAddr } \otimes Block{ 1BobAddr \rightarrow^{7btc} 1BettyAddr } \\ 761 | & \leftarrow Block{ 2BobAddr \rightarrow^{7btc} 2BettyAddr } \otimes Block{ 2AliceAddr \rightarrow^{5btc} 2AllanAddr } 762 | & = \\ 763 | Block{ 1AliceAddr \rightarrow^{5btc} 1AllanAddr ; 1BobAddr \rightarrow^{7btc} 1BettyAddr } \\ 764 | & \leftarrow Block{ 2BobAddr \rightarrow^{7btc} 2BettyAddr ; 2AliceAddr \rightarrow^{5btc} 2AllanAddr } 765 | \end{aligned} 766 | \end{equation*} 767 | 768 | The ordering of transactions provided by the two independently 769 | executing proof-of-work protocols is combined in a completely safe. 770 | 771 | Note that there are at least two possible interpretations of $C_1 * 772 | C_2$. One is that the requirement is to verify that $addresses( C_1 ) # 773 | addresses( C_2 )$. Another is to ensure this is the case by rewiring the 774 | transactions. Under this latter interpretation even the counterexample 775 | becomes safe 776 | 777 | \begin{equation*} 778 | \begin{aligned} 779 | C_1 \otimes C_2 \\ 780 | & = \\ 781 | Block{ 1AliceAddr \rightarrow^{5btc} 1AllanAddr } \otimes Block{ 1BobAddr \rightarrow^{7btc} 1BettyAddr } \\ 782 | & <- Block{ 1BobAddr \rightarrow^{7btc} 01BettyAddr } * Block{ 1AliceAddr \rightarrow^{5btc} 11AllanAddr } \\ 783 | & = \\ 784 | Block{ 01AliceAddr \rightarrow^{5btc} 01AllanAddr ; 11BobAddr \rightarrow^{7btc} 11BettyAddr } \\ 785 | & \leftarrow Block{ 01BobAddr \rightarrow^{7btc} 01BettyAddr ; 11AliceAddr \rightarrow^{5btc} 11AllanAddr } 786 | \end{aligned} 787 | \end{equation*} 788 | 789 | There is much more to be said, but that must be left to a later revision! 790 | 791 | \paragraph{Acknowledgments} 792 | We would like to acknowledge Vlad Zamfr for asking some thoughtful 793 | and stimulating conversation about the blockchain protocol. 794 | 795 | % ------------------------------------------------------------------------ 796 | %GATHER{Xbib.bib} % For Gather Purpose Only 797 | %GATHER{Paper.bbl} % For Gather Purpose Only 798 | \bibliographystyle{amsplain} 799 | \bibliography{ltcctbc} 800 | 801 | % ------------------------------------------------------------------------ 802 | 803 | 804 | 805 | % ------------------------------------------------------------------------ 806 | 807 | \end{document} 808 | % ------------------------------------------------------------------------ 809 | -------------------------------------------------------------------------------- /casper/docs/ltcctbc/ltcctbc.tex: -------------------------------------------------------------------------------- 1 | % ------------------------------------------------------------------------ 2 | % AMS-LaTeX Paper ******************************************************** 3 | % ------------------------------------------------------------------------ 4 | % Submitted: Dec 15 2003 5 | % Final Version: 6 | % Accepted: 7 | % ------------------------------------------------------------------------ 8 | % This is a journal top-matter template file for use with AMS-LaTeX. 9 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 10 | 11 | % TODO(mike): locating a closure at a name: how to translate a closure into a process that gets stuck into the cell 12 | 13 | 14 | 15 | %\documentclass{tran-l} 16 | %\documentclass[twocolumn]{amsart} 17 | %\documentclass[]{amsart} 18 | %\documentclass[]{sig-alternate} 19 | %\documentclass[fleqn]{acm_proc_article-sp} 20 | \documentclass[]{acm_proc_article-sp} 21 | %\documentclass[]{llncs} 22 | 23 | 24 | %\documentclass[]{prentcsmacro} 25 | 26 | %\usepackage[active]{srcltx} % SRC Specials for DVI Searching 27 | \usepackage{url} 28 | % \usepackage[pdf]{pstricks} 29 | % \usepackage{pstricks-add, pst-grad, pst-plot} 30 | % \usepackage[tiling]{pst-fill} 31 | % \psset{linewidth=0.3pt,dimen=middle} 32 | % \psset{xunit=.70cm,yunit=0.70cm} 33 | % \psset{angleA=-90,angleB=90,ArrowInside=->,arrowscale=2} 34 | 35 | 36 | % From Allen's stable. 37 | \usepackage{bigpage} 38 | \usepackage{bcprules} 39 | %\usepackage{code} 40 | \usepackage{mathpartir} 41 | \usepackage{listings} 42 | \usepackage{mathtools} 43 | %\usepackage[fleqn]{amsmath} 44 | \usepackage{amsfonts} 45 | \usepackage{cmll} 46 | \usepackage{latexsym} 47 | \usepackage{amssymb} 48 | \usepackage{caption} 49 | %\usepackage{multicol} 50 | 51 | 52 | % Math 53 | \newcommand{\maps}{\colon} 54 | \newcommand{\NN}{\mathbb{N}} 55 | % Double brackets 56 | \newcommand{\ldb}{[\![} 57 | \newcommand{\rdb}{]\!]} 58 | \newcommand{\ldrb}{(\!(} 59 | \newcommand{\rdrb}{)\!)} 60 | \newcommand{\lliftb}{\langle\!|} 61 | \newcommand{\rliftb}{|\!\rangle} 62 | % \newcommand{\lpquote}{\langle} 63 | % \newcommand{\rpquote}{\rangle} 64 | % \newcommand{\lpquote}{\lceil} 65 | % \newcommand{\rpquote}{\rceil} 66 | \newcommand{\lpquote}{\ulcorner} 67 | \newcommand{\rpquote}{\urcorner} 68 | \newcommand{\newkw}{\nu} 69 | 70 | % SYNTAX 71 | \newcommand{\id}[1]{\texttt{#1}} 72 | \newcommand{\none}{\emptyset} 73 | \newcommand{\eps}{\epsilon} 74 | \newcommand{\set}[1]{\{#1\}} 75 | \newcommand{\rep}[2]{\id{\{$#1$,$#2$\}}} 76 | \newcommand{\elt}[2]{\id{$#1$[$#2$]}} 77 | \newcommand{\infinity}{$\infty$} 78 | 79 | \newcommand{\pzero}{\mathbin{0}} 80 | \newcommand{\seq}{\mathbin{\id{,}}} 81 | \newcommand{\all}{\mathbin{\id{\&}}} 82 | \newcommand{\choice}{\mathbin{\id{|}}} 83 | \newcommand{\altern}{\mathbin{\id{+}}} 84 | \newcommand{\juxtap}{\mathbin{\id{|}}} 85 | %\newcommand{\concat}{\mathbin{.}} 86 | \newcommand{\concat}{\Rightarrow} 87 | \newcommand{\punify}{\mathbin{\id{:=:}}} 88 | \newcommand{\fuse}{\mathbin{\id{=}}} 89 | \newcommand{\scong}{\mathbin{\equiv}} 90 | \newcommand{\nameeq}{\mathbin{\equiv_N}} 91 | \newcommand{\alphaeq}{\mathbin{\equiv_{\alpha}}} 92 | \newcommand{\names}[1]{\mathbin{\mathcal{N}(#1)}} 93 | \newcommand{\freenames}[1]{\mathbin{\mathcal{FN}(#1)}} 94 | \newcommand{\boundnames}[1]{\mathbin{\mathcal{BN}(#1)}} 95 | %\newcommand{\lift}[2]{\texttt{lift} \; #1 \concat #2} 96 | \newcommand{\binpar}[2]{#1 \juxtap #2} 97 | \newcommand{\outputp}[2]{#1 ! ( * #2 )} 98 | \newcommand{\prefix}[3]{#1 ? ( #2 ) \concat #3} 99 | \newcommand{\lift}[2]{#1 ! ( #2 )} 100 | %\newcommand{\quotep}[1]{\lpquote #1 \rpquote} 101 | \newcommand{\quotep}[1]{@#1} 102 | \newcommand{\dropn}[1]{*#1} 103 | 104 | \newcommand{\newp}[2]{\id{(}\newkw \; #1 \id{)} #2} 105 | \newcommand{\bangp}[1]{\int #1} 106 | \newcommand{\xbangp}[2]{\int_{#2} #1} 107 | \newcommand{\bangxp}[2]{\int^{#2} #1} 108 | 109 | \newcommand{\substp}[2]{\id{\{} \quotep{#1} / \quotep{#2} \id{\}}} 110 | \newcommand{\substn}[2]{\id{\{} #1 / #2 \id{\}}} 111 | 112 | \newcommand{\psubstp}[2]{\widehat{\substp{#1}{#2}}} 113 | \newcommand{\psubstn}[2]{\widehat{\substn{#1}{#2}}} 114 | 115 | \newcommand{\applyp}[2]{#1 \langle #2 \rangle} 116 | \newcommand{\absp}[2]{\id{(} #1 \id{)} #2} 117 | 118 | \newcommand{\transitions}[3]{\mathbin{#1 \stackrel{#2}{\longrightarrow} #3}} 119 | \newcommand{\meaningof}[1]{\ldb #1 \rdb} 120 | \newcommand{\pmeaningof}[1]{\ldb #1 \rdb} 121 | \newcommand{\nmeaningof}[1]{\ldrb #1 \rdrb} 122 | 123 | \newcommand{\Proc}{\mathbin{Proc}} 124 | \newcommand{\QProc}{\quotep{\mathbin{Proc}}} 125 | 126 | \newcommand{\entailm}{\mathbin{\vdash_{\mathfrak m}}} %matching 127 | \newcommand{\entailp}{\mathbin{\vdash_{\mathfrak p}}} %behavioral 128 | \newcommand{\entailv}{\mathbin{\vdash_{\mathfrak v}}} %validation 129 | \newcommand{\congd}{\mathbin{\equiv_{\mathfrak d}}} 130 | \newcommand{\congs}{\mathbin{\equiv_{\mathfrak s}}} 131 | \newcommand{\congp}{\mathbin{\equiv_{\mathfrak p}}} 132 | %\newcommand{\defneqls}{:\!=} 133 | \newcommand{\defneqls}{\coloneqq} 134 | %\newcommand{\logequiv}{\mathbin{\leftrightarrow}} 135 | 136 | \newcommand{\barb}[2]{\mathbin{#1 \downarrow_{#2}}} 137 | \newcommand{\dbarb}[2]{\mathbin{#1 \Downarrow_{#2}}} 138 | 139 | % From pi-duce paper 140 | \newcommand{\red}{\rightarrow} 141 | \newcommand{\wred}{\Rightarrow} 142 | \newcommand{\redhat}{\hat{\longrightarrow}} 143 | \newcommand{\lred}[1]{\stackrel{#1}{\longrightarrow}} %transitions 144 | \newcommand{\wlred}[1]{\stackrel{#1}{\Longrightarrow}} 145 | 146 | \newcommand{\opm}[2]{\overline{#1} [ #2 ]} % monadic 147 | \newcommand{\ipm}[2]{{#1} ( #2 )} 148 | \newcommand{\ipmv}[2]{{#1} ( #2 )} % monadic 149 | \newcommand{\parop}{\;|\;} % parallel operator 150 | \newcommand{\patmatch}[3]{#2 \in #3 \Rightarrow #1} 151 | \newcommand{\sdot}{\, . \,} % Space around '.' 152 | \newcommand{\bang}{!\,} 153 | %\newcommand{\fuse}[1]{\langle #1 \rangle} 154 | \newcommand{\fusion}[2]{#1 = #2} % fusion prefix/action 155 | \newcommand{\rec}[2]{\mbox{\textsf{rec}} \, #1. \, #2} 156 | \newcommand{\match}[2]{\mbox{\textsf{match}} \; #1 \; \mbox{\textsf{with}} \; #2} 157 | \newcommand{\sep}{:} 158 | \newcommand{\val}[2]{\mbox{\textsf{val}} \; #1 \; \mbox{\textsf{as}} \; #2} 159 | 160 | \newcommand{\rel}[1]{\;{\mathcal #1}\;} %relation 161 | \newcommand{\bisim}{\stackrel{.}{\sim}_b} %bisimilar 162 | \newcommand{\wb}{\approx_b} %weak bisimilar 163 | \newcommand{\bbisim}{\stackrel{\centerdot}{\sim}} %barbed bisimilar 164 | \newcommand{\wbbisim}{\stackrel{\centerdot}{\approx}} %weak barbed bisimilar 165 | \newcommand{\wbbisimsem}{\approx} %weak barbed bisimilar 166 | \newcommand{\bxless}{\lesssim} %expansion less (amssymb required) 167 | \newcommand{\bxgtr}{\gtrsim} %expansion greater (amssymb required) 168 | \newcommand{\beq}{\sim} %barbed congruent 169 | \newcommand{\fwbeq}{\stackrel{\circ}{\approx}} %weak barbed congruent 170 | \newcommand{\wbeq}{\approx} %weak barbed congruent 171 | \newcommand{\sheq}{\simeq} %symbolic hypereq 172 | \newcommand{\wbc}{\approx_{cb}} 173 | 174 | % End piduce contribution 175 | 176 | % rho logic 177 | 178 | \newcommand{\ptrue}{\mathbin{true}} 179 | \newcommand{\psatisfies}[2]{#1 \models #2} 180 | \newcommand{\pdropf}[1]{\rpquote #1 \lpquote} 181 | \newcommand{\pquotep}[1]{\lpquote #1 \rpquote} 182 | \newcommand{\plift}[2]{#1 ! ( #2 )} 183 | \newcommand{\pprefix}[3]{\langle #1 ? #2 \rangle #3} 184 | \newcommand{\pgfp}[2]{\textsf{rec} \; #1 \mathbin{.} #2} 185 | \newcommand{\pquant}[3]{\forall #1 \mathbin{:} #2 \mathbin{.} #3} 186 | \newcommand{\pquantuntyped}[2]{\forall #1 \mathbin{.} #2} 187 | \newcommand{\riff}{\Leftrightarrow} 188 | 189 | \newcommand{\PFormula}{\mathbin{PForm}} 190 | \newcommand{\QFormula}{\mathbin{QForm}} 191 | \newcommand{\PropVar}{\mathbin{\mathcal{V}}} 192 | 193 | \newcommand{\typedby}{\mathbin{\:\colon}} 194 | \newcommand{\mixedgroup}[1]{\id{mixed($#1$)}} 195 | \newcommand{\cast}[2]{\id{CAST AS} \; #1 \; (#2)} 196 | \newcommand{\bslsh}{\mathbin{\id{\\}}} 197 | \newcommand{\bslshslsh}{\mathbin{\id{\\\\}}} 198 | \newcommand{\fslsh}{\mathbin{\id{/}}} 199 | \newcommand{\fslshslsh}{\mathbin{\id{//}}} 200 | \newcommand{\bb}[1]{\mbox{#1}} 201 | \newcommand{\bc}{\mathbin{\mathbf{::=}}} 202 | \newcommand{\bm}{\mathbin{\mathbf\mid}} 203 | \newcommand{\be}{\mathbin{=}} 204 | \newcommand{\bd}{\mathbin{\buildrel {\rm \scriptscriptstyle def} \over \be}} 205 | \newcommand{\ctcategory}[1]{\mbox{\bf #1}} 206 | 207 | %GRAMMAR 208 | \newlength{\ltext} 209 | \newlength{\lmath} 210 | \newlength{\cmath} 211 | \newlength{\rmath} 212 | \newlength{\rtext} 213 | 214 | \settowidth{\ltext}{complex type name} 215 | \settowidth{\lmath}{$xxx$} 216 | \settowidth{\cmath}{$::=$} 217 | \settowidth{\rmath}{\id{attributeGroup}} 218 | \settowidth{\rtext}{repetition of $g$ between $m$ and $n$ times} 219 | 220 | \newenvironment{grammar}{ 221 | \[ 222 | \begin{array}{l@{\quad}rcl@{\quad}l} 223 | \hspace{\ltext} & \hspace{\lmath} & \hspace{\cmath} & \hspace{\rmath} & \hspace{\rtext} \\ 224 | }{ 225 | \end{array}\] 226 | } 227 | 228 | % Over-full v-boxes on even pages are due to the \v{c} in author's name 229 | \vfuzz2pt % Don't report over-full v-boxes if over-edge is small 230 | 231 | % THEOREM Environments --------------------------------------------------- 232 | \newtheorem{thm}{Theorem}[subsection] 233 | \newtheorem{cor}[thm]{Corollary} 234 | \newtheorem{lem}[thm]{Lemma} 235 | \newtheorem{prop}[thm]{Proposition} 236 | % \theoremstyle{definition} 237 | \newtheorem{defn}[thm]{Definition} 238 | % \theoremstyle{remark} 239 | \newtheorem{rem}[thm]{Remark} 240 | \newtheorem{example}[thm]{Example} 241 | \numberwithin{equation}{subsection} 242 | % MATH ------------------------------------------------------------------- 243 | \DeclareMathOperator{\RE}{Re} 244 | \DeclareMathOperator{\IM}{Im} 245 | \DeclareMathOperator{\ess}{ess} 246 | \newcommand{\veps}{\varepsilon} 247 | \newcommand{\To}{\longrightarrow} 248 | \newcommand{\h}{\mathcal{H}} 249 | \newcommand{\s}{\mathcal{S}} 250 | \newcommand{\A}{\mathcal{A}} 251 | \newcommand{\J}{\mathcal{J}} 252 | \newcommand{\M}{\mathcal{M}} 253 | \newcommand{\W}{\mathcal{W}} 254 | \newcommand{\X}{\mathcal{X}} 255 | \newcommand{\BOP}{\mathbf{B}} 256 | \newcommand{\BH}{\mathbf{B}(\mathcal{H})} 257 | \newcommand{\KH}{\mathcal{K}(\mathcal{H})} 258 | \newcommand{\Real}{\mathbb{R}} 259 | \newcommand{\Complex}{\mathbb{C}} 260 | \newcommand{\Field}{\mathbb{F}} 261 | \newcommand{\RPlus}{\Real^{+}} 262 | \newcommand{\Polar}{\mathcal{P}_{\s}} 263 | \newcommand{\Poly}{\mathcal{P}(E)} 264 | \newcommand{\EssD}{\mathcal{D}} 265 | \newcommand{\Lom}{\mathcal{L}} 266 | \newcommand{\States}{\mathcal{T}} 267 | \newcommand{\abs}[1]{\left\vert#1\right\vert} 268 | % \newcommand{\set}[1]{\left\{#1\right\}} 269 | %\newcommand{\seq}[1]{\left<#1\right>} 270 | \newcommand{\norm}[1]{\left\Vert#1\right\Vert} 271 | \newcommand{\essnorm}[1]{\norm{#1}_{\ess}} 272 | 273 | %%% NAMES 274 | \newcommand{\Names}{{\mathcal N}} 275 | \newcommand{\Channels}{{\sf X}} 276 | \newcommand{\Variables}{{\mathcal V}} 277 | \newcommand{\Enames}{{\mathcal E}} 278 | \newcommand{\Nonterminals}{{\mathcal S}} 279 | \newcommand{\Pnames}{{\mathcal P}} 280 | \newcommand{\Dnames}{{\mathcal D}} 281 | \newcommand{\Types}{{\mathcal T}} 282 | 283 | \newcommand{\fcalc}{fusion calculus} 284 | \newcommand{\xcalc}{${\mathfrak x}$-calculus} 285 | \newcommand{\lcalc}{$\lambda$-calculus} 286 | \newcommand{\pic}{$\pi$-calculus} 287 | \newcommand{\rhoc}{${\textsc{rho}}$-calculus} 288 | \newcommand{\hcalc}{highwire calculus} 289 | \newcommand{\dcalc}{data calculus} 290 | %XML should be all caps, not small caps. --cb 291 | %\newcommand{\xml}{\textsc{xml}} 292 | \newcommand{\xml}{XML} 293 | 294 | \newcommand{\papertitle}{Linear types can change the blockchain!} 295 | % use static date to preserve date of actual publication 296 | \newcommand{\paperversion}{Draft Version 0.1 - Jan 7, 2015} 297 | 298 | \newenvironment{toc} 299 | { 300 | \begin{list}{}{ 301 | \setlength{\leftmargin}{0.4in} 302 | \setlength{\rightmargin}{0.6in} 303 | \setlength{\parskip}{0pt} 304 | } \item } 305 | {\end{list}} 306 | 307 | \newenvironment{narrow} 308 | { 309 | \begin{list}{}{ 310 | \setlength{\leftmargin}{0.4in} 311 | \setlength{\rightmargin}{0.6in} 312 | } \item } 313 | {\end{list}} 314 | 315 | %%% ---------------------------------------------------------------------- 316 | 317 | %\title{\huge{\papertitle}} 318 | \title{\papertitle} 319 | 320 | %\numberofauthors{3} 321 | \author{ 322 | L.G. Meredith\\ 323 | \affaddr{CSO, Synereo}\\ 324 | \email{\fontsize{8}{8}\selectfont greg@synereo.com} 325 | } 326 | 327 | %\address{Systems Biology, Harvard Medical School, Boston, Massachussetts, USA} 328 | 329 | %\email{lg_meredith@hms.harvard.edu} 330 | 331 | %\thanks{This work was completed during a visiting appointment at the Department of Systems Biology, Harvard Medical School.} 332 | 333 | %\subjclass{Primary 47A15; Secondary 46A32, 47D20} 334 | 335 | %\date{April 6, 2002.} 336 | 337 | %\dedicatory{} 338 | 339 | %\commby{Daniel J. Rudolph} 340 | 341 | %%% ---------------------------------------------------------------------- 342 | 343 | \begin{document} 344 | %\lstset{language=erlang} 345 | \lstset{language=} 346 | 347 | %These margin values appear to be relative to the bigpage package settings. --cb 348 | \setlength{\topmargin}{0in} 349 | \setlength{\textheight}{8.5in} 350 | \setlength{\parskip}{6pt} 351 | 352 | \keywords{ linear logic, blockchain, types, Curry-Howard } 353 | 354 | \begin{abstract} 355 | \normalsize{ 356 | 357 | We present an interpretation of classical linear logic in terms of operations on the blockchain. 358 | 359 | } 360 | 361 | \end{abstract} 362 | 363 | % \noindent 364 | % {\large \textbf{Submission to arXiv}}\\ 365 | % \rule{6.25in}{0.75pt}\\\\\\ 366 | 367 | %%% ---------------------------------------------------------------------- 368 | \maketitle 369 | %%% ---------------------------------------------------------------------- 370 | 371 | % \begin{center} 372 | % \paperversion\\ 373 | % \end{center} 374 | 375 | % \begin{toc} 376 | % \tableofcontents 377 | % \end{toc} 378 | 379 | % \newpage 380 | % ------------------------------------------------------------------------ 381 | 382 | \section{Background and Motivation} 383 | 384 | Anyone who understands the current economic, sociological, and 385 | technological situation is likely to be very excited by what the 386 | blockchain technology promises. Anyone who has actually had to work 387 | with the blockchain in real situations with mission-critical exchanges 388 | on the line is very likely to be motivated to find a more scalable and 389 | reliable architecture for the blockchain. This paper takes a few key 390 | steps towards finding a way to explain and test a hypothesis that 391 | linear proofs provide the basis for a much more scalable architecture 392 | for the blockchain. For background on what is meant here by linear 393 | proofs, \cite{DBLP:conf/lics/AbramskyM99} interprets them in terms of 394 | games, while \cite{DBLP:journals/tcs/Abramsky93} interprets them in 395 | terms of traditional computational calculi like the lambda calculus. 396 | 397 | A linear proof is a formal structure representing a proof of a formula 398 | in linear logic \cite{DBLP:journals/tcs/Girard87}. The Curry-Howard 399 | isomorphism \cite{Sorensen98lectureson} tells us that formulae are 400 | types (as in data types in a programming language), and that proofs 401 | are programs. This is a very broad and deep idea. In the 90's, for 402 | example, Abramsky extended it to proofs as processes 403 | \cite{DBLP:journals/tcs/Abramsky94}, which Wadler was only very 404 | recently able to realize as a correspondence between linear proofs and 405 | {$\pi$}-calculus processes \cite{DBLP:journals/jfp/Wadler14}. In this 406 | context it means that linear proofs provide a representation of both 407 | data (blocks) and program (executable transactions) that gives several 408 | advantages over the current choices made by the blockchain. 409 | 410 | The blockchain is a great example of data that is also program; it's a 411 | giant ledger spread out over the Internet, that's made of a bunch of 412 | distributed, but interacting servers \cite{Nakamoto2008}. To become 413 | more scalable, and reliable, both ledger and servers will need certain 414 | characteristics of data/program that have to do with a property called 415 | compositionality. Scalability is always all about being able to build 416 | composite systems from components. For example, if we can prove that 417 | sections of the blockchain can be safely isolated from other sections, 418 | for example, if all blocks necessary to prove that Alice has 419 | sufficient funds to send M btc to Betty, can be isolated from the 420 | blocks necessary to prove that Alfred has sufficient funds to send N 421 | btc to Bob, then Alice and Betty, and Alfred and Bob can safely work 422 | with projections of the blockchain, and thus complete their 423 | transactions, not only in isolation of each other, but without the 424 | onerous need to sync the entire blockchain. 425 | 426 | One analogy is the use of separation logic (a child of linear logic) 427 | \cite{DBLP:conf/vstte/Reynolds05} to prove things about the structure 428 | of the heap which can, in turn, be used to guarantee that two threads 429 | can operate at the same time safely. The blockchain is like the 430 | heap. The Alice - Betty and Alfred - Bob transactions are like the two 431 | threads. A proof that the heap is of the form $H_1 \otimes H_2$ 432 | together with a proof that $T_1 : H_1 \rightarrow H_1'$, $T_2 : H_2 433 | \rightarrow H_2'$ constitutes a proof that $T_1 \otimes T_2$ (thread 434 | $T_1$ running concurrently with $T_2$) operate effectively in 435 | isolation and thus safely. Likewise, a proof that the blockchain is of 436 | the form $B_1 \otimes B_2$ (none of the transactions in $B_1$ connect to 437 | addresses in $B_2$ and vice versa), together with a proof that 438 | $\mathsf{AliceBetty} : B_1 \rightarrow B_1'$ (this txn uses only addresses 439 | in $B_1$), and $\mathsf{AlfredBob} : B_2 \rightarrow B_2'$ (this txn uses 440 | only addresses in $B_2$) constitutes a proof that $\mathsf{AliceBetty} 441 | \otimes \mathsf{AlfredBob}$ can operate with isolated projections of the 442 | blockchain. 443 | 444 | If the blockchain is built using the primitives of linear logic, it 445 | becomes easier and easier to construct these proofs, but also to 446 | construct the blockchain, itself, in terms of smaller blockchains. 447 | 448 | \section{Interpreting Linear Proofs as Operations on the Blockchain} 449 | Here's the most basic interpretation. 450 | 451 | \begin{mathpar} 452 | \inferrule* {} {\vdash 1blkchnaddr : \underbrace{A \otimes \ldots \otimes A}_{M}} %( with N occurrences of A ) 453 | \end{mathpar} 454 | 455 | is a statement that there are $M$ $A$'s available at the address, 456 | $1blkchnaddr$. $A$'s can be any resource, BTC's, AMP's, DogeCoin, etc. 457 | 458 | \begin{mathpar} 459 | \inferrule* {} {\vdash txn : \underbrace{A \otimes \ldots \otimes A}_{M} \multimap \underbrace{B \otimes \ldots \otimes B}_{N} } %( with N occurrences of A in A * ... * A and M occurrences of B in B * ... * B ) 460 | \end{mathpar} 461 | 462 | is a statement that $txn$ will generate $N$ $B$'s if provided $M$ $A$'s. 463 | 464 | Terminologically, we say that $1blkchnaddr$ is a \emph{witness} or a 465 | \emph{proof} of $A \otimes \ldots \otimes A$, and similarly, that $txn$ 466 | is a witness or proof of $A \otimes \ldots \otimes A \multimap B \otimes \ldots \otimes B$. Given two such 467 | proofs we can use the cut rule of linear logic to produce a proof 468 | 469 | \begin{mathpar} 470 | \inferrule* {} {\vdash txn( 1blkchnaddr ) : B \otimes \ldots \otimes B} 471 | \end{mathpar} 472 | 473 | where $txn( 1blkchnaddr )$ is a new address in the blockchain 474 | constructed from the information in txn together with 475 | $1blkchnaddr$. This should look remarkably like function application, 476 | because it is. 477 | 478 | Notice that now we can see, recursively, what a proof of a statement 479 | like $\vdash 1blkchnaddr : A \otimes \ldots \otimes A$ looks like. In 480 | most cases it will be a proof made from a previous application of the 481 | cut rule. This tree of cuts will trace all the way back to some 482 | genesis block -- which is the only other way to have a proof of a 483 | statement like $\vdash 1blkchnaddr : A \otimes \ldots \otimes A$. 484 | 485 | Now, where does the return address associated with $txn( 1blkchnaddr 486 | )$ come from? To see this we have to look into the mechanics of 487 | $\multimap$ (called linear implication or, more affectionately, 488 | lollipop). 489 | 490 | \begin{equation*} 491 | A \multimap B = A^{\perp} \parr B 492 | \end{equation*} 493 | 494 | Linear implication is decomposed much like classical implication in 495 | terms of a negation ($A^{\perp}$) and a disjunctive connective 496 | ($A \parr B$). It is literally an expression capturing the sentiment 497 | we need $A$ to get $B$, or $B$ comes with a cost of $A$. The use of a 498 | proof rule for these kinds of links looks like 499 | 500 | \begin{mathpar} 501 | \inferrule* {\vdash \Gamma, 1blkchnaddr : A^{\perp}, 2blkchnaddr : B}{\vdash \Gamma, 1blkchnaddr \parr 2blkchnaddr : A^{\perp} \parr B} 502 | \end{mathpar} 503 | 504 | where we snuck in the rest of the blockchain as $\Gamma$. As we saw above, $A^{\perp} \parr B = A \multimap B$; so, we can write 505 | 506 | \begin{mathpar} 507 | \inferrule* {\vdash \Gamma, 1blkchnaddr : A^{\perp}, 2blkchnaddr : B}{\vdash \Gamma, 1blkchnaddr \multimap 2blkchnaddr : A \multimap B} 508 | \end{mathpar} 509 | 510 | Now we see that forming a $txn$ comes with the requirement to provide 511 | an address where $A$'s will be sent and an address where $B$'s will be 512 | received. To complete the picture, applying the cut rule will create 513 | the txn that links an address, say $3blkchnaddr$ with an $A$ in it, to 514 | $1blkchnaddr$, resulting in $\vdash \Gamma, 2blkchnaddr : B$. Expanding on these 515 | intuitions, we can see that the rules of classical linear logic 516 | correspond exactly to a specification of operations on the blockchain. 517 | 518 | \subsection{Linear Sequents} 519 | 520 | In more detail, a proof rule in linear logic is usually written in 521 | terms of a transformation, 522 | 523 | \begin{mathpar} 524 | \inferrule* {S_1, S_2, \ldots, S_N} {S} 525 | \end{mathpar} 526 | 527 | taking \emph{sequent}s $S_1, \ldots, S_N$ to a \emph{sequent} $S$, where 528 | a sequent is of the form 529 | 530 | \begin{mathpar} 531 | \inferrule* {} {\vdash \Gamma, t_1 : A_1, \ldots, t_N : A_N} 532 | \end{mathpar} 533 | 534 | A sequent is really just a statement about what is distributed where in an instance of the blockchain. 535 | 536 | \begin{itemize} 537 | \item $t_1, \ldots, t_N$ are either addresses or programs that take addresses as input; they constitute the "focus" of the proof rule, or where the action is going to happen. 538 | \item $A_1, \ldots, A_N$ are (types built from) the different types of coin 539 | \item $\Gamma$ is the rest of the blockchain -- it is necessary to establish the distribution of resources we see at $t_1, \ldots, t_N$, but it's not the focus of the operation of the proof rule. 540 | \end{itemize} 541 | 542 | Putting it all together, a proof rule of the form 543 | 544 | \begin{mathpar} 545 | \inferrule* {S_1} {S_2} 546 | \end{mathpar} 547 | 548 | is then a statement about how the blockchain in state $S_1$ goes to a 549 | blockchain in state $S_2$. If you think about it, that's just what we 550 | need to reason about transactions. In a transaction where Alice sends 551 | Betty $N$ coin, we can think of the transaction as a rule that takes a 552 | blockchain in a state where Alice has $N$ btc to a blockchain in a 553 | state where Betty has $N$ btc. 554 | 555 | \subsection{The Multiplicatives} 556 | Linear logic, however, allows to build bigger blockchains from smaller 557 | ones, and manages the dependency and information flow so that 558 | everything remains consistent. Here's an example. The proof rule for 559 | the tensor $A \otimes B$ looks like this 560 | 561 | \begin{mathpar} 562 | \inferrule* {\vdash \Gamma, t : A, \vdash \Delta, u : B}{\vdash \Gamma, \Delta, t \otimes u : A \otimes B} 563 | \end{mathpar} 564 | 565 | It says that if you have one blockchain, $\vdash \Gamma, t : A$, and 566 | another completely independent blockchain, with a totally separate 567 | address space, $\vdash \Delta, u : B$, then you can make a new one 568 | 569 | \begin{mathpar} 570 | \inferrule* {} {\vdash \Gamma, \Delta, t \otimes u : A \otimes B} 571 | \end{mathpar} 572 | 573 | in which you just combine all the data of assignments of addresses to 574 | resources in $G$ and $H$ in one big blockchain, $G,H$, and you can make a 575 | kind of composite address (or program), $t \otimes u$, at which can be found 576 | the combined $A \otimes B$ resource. 577 | 578 | Now, comparison of the par ( $A \parr B$ ) rule, which establishes transaction links, is even more illuminating. 579 | 580 | \begin{mathpar} 581 | \inferrule* {\vdash \Gamma, t : A, u : B}{\vdash \Gamma, t \parr u : A \parr B } 582 | \end{mathpar} 583 | 584 | This rule insists that the transaction link, $t \parr u$, is made in the same piece of the blockchain, $\Gamma$. 585 | 586 | The piece of the puzzle that interprets commitment to and execution of 587 | transactions is the cut rule. If $1blkchnaddr \multimap 2blkchnaddr$ 588 | is a transaction waiting to happen, so to speak, $txn( 3blkchnaddr, 589 | 1blkchnaddr -o 2blkchnaddr )$ is the commitment to carry out the txn 590 | against the blockchain. Likewise, cut-elimination, also called 591 | proof-normalization, which corresponds to computation, via 592 | Curry-Howard, constitutes the execution of the transaction on the 593 | blockchain that results in the assignment $\vdash \Gamma, 2blkchnaddr 594 | : B$ after execution. Someone familiar with functional programming 595 | might interpret 596 | 597 | $txn( 3blkchnaddr, 1blkchnaddr \multimap 2blkchnaddr )$ 598 | 599 | as 600 | 601 | $apply( 1blkchnaddr \multimap 2blkchnaddr, 3blkchnaddr )$ 602 | 603 | making the correspondence to function application, and the 604 | correspondence between proof normalization and {$\beta$}-reduction 605 | explicit. 606 | 607 | 608 | The fragment of linear logic that includes, $A^{\perp}$, $A \otimes 609 | B$, $A \parr B$, $A \multimap B$, is called the multiplicative 610 | fragment of linear logic, or MLL. It talks about the basics of 611 | transactions, loading up addresses with resources and establishing 612 | dependencies between addresses, essentially recording transaction 613 | history. However, it does so in a way that keeps track of how the 614 | blockchain itself is segmented. This allows us to determine things 615 | like how much of the blockchain do i have to see in order to safely 616 | conduct this transaction, or can i conduct this transaction without 617 | needing visibility into that region of the blockchain. 618 | 619 | \subsection{The Additives} 620 | 621 | Linear logic also enjoys another fragment, called the additives. This 622 | aspect of the logic is all about conditionals and contingencies, this 623 | or that, but not both. The linear logic connective called 'with', and 624 | denoted $A \with B$, collects options together into a menu for subsequent 625 | selection by interaction with choices indicated by the linear 626 | connective 'plus', $A + B$. In symbols, 627 | 628 | \begin{mathpar} 629 | \inferrule* {\vdash \Gamma, t : A, u : B}{\vdash \Gamma, t \with u : A \with B} 630 | \end{mathpar} 631 | 632 | while 633 | 634 | \begin{mathpar} 635 | \inferrule* {\vdash \Gamma, t : A}{ \vdash inl( t ) : A + B } 636 | \end{mathpar} 637 | 638 | and 639 | 640 | \begin{mathpar} 641 | \inferrule* {\vdash \Gamma, u : B}{\vdash inr( u ) : A + B} 642 | \end{mathpar} 643 | 644 | If during a more complex transaction $t \with u$ gets tied to $inl( t' 645 | )$, via $txn( t \with u, inl( t' ) )$, then this will reduce to a 646 | transaction of the form $txn( t, t' )$. On the other hand, $txn( t 647 | \with u, inr( u' ) )$ will reduce to a transaction of the form $txn( 648 | u, u' )$. 649 | 650 | \subsection{The Exponentials} 651 | 652 | The fragment of linear logic that includes the multiplicative and 653 | additive connectives is called MALL. The remaining connectives are 654 | called the exponentials, $?A$, and $!A$. They denote copyable, 655 | non-conserved resources. When we write $\vdash \Gamma, t : !A$, we are 656 | saying that you can get as many $A$'s from the address (or program) 657 | $t$ as you want. Thus, unlike currency, that address is linked to a 658 | copyable resource like a document, or a jpeg, or audio file, or 659 | ... that can be shared widely. When we write $\vdash \Gamma, t : ?A$, we 660 | are saying that you can put as many $A$'s into the address (or 661 | program) $t$ as you want. You can think of it as a place to store 662 | $A$'s, or discard them. 663 | 664 | What's critically important about the use of the exponentials is that 665 | they mark resources that ought not to stay on the blockchain. They 666 | indicate content and content types that can be better served by a 667 | different kind of content delivery network. This is another important 668 | function in helping with a scalable blockchain -- use blockchain 669 | technology where it makes sense and use other means where it doesn't. 670 | 671 | Taken all together, we have an interpretation of full classical linear 672 | logic in terms of operations on the blockchain. 673 | 674 | \section{Conclusions and Future Work} 675 | 676 | We have developed a view of full classical linear logic in terms of 677 | operations against the blockchain. The view we have been developing 678 | not only extends to provide a meaningful interpretation of full 679 | classical linear logic to natural and intuitive operations on the 680 | blockchain, it also extends and expands how we think about the 681 | blockchain and what transactions on it are. Additionally, it provides 682 | guarantees, mathematical certainties about the correctness of 683 | transactions structured and executed this way. In particular, notice 684 | that we focused mostly on the connectives governing $A$'s and $B$'s (the 685 | resources to be found at addresses or programs). We didn't really talk 686 | about the structure of $t$'s and $u$'s. These provide us with a simple and 687 | intuitive syntax for transactions. Of equal importance, these 688 | transactions are \emph{typed} programs. When we write $\vdash \Gamma, t : A$, we are 689 | not only saying something about the resources produced or manipulated 690 | by $t$, we are saying something about how t can be used, and in what 691 | blockchain context we can expect t to perform correctly. 692 | 693 | Understood this way, the blockchain interpretation gives new meaning 694 | and perspective on some theorems from the linear logic literature. In 695 | particular, it is well established that there is a natural notion of 696 | execution of $t$'s. That is, when thought of as programs, we know how 697 | to run them. When they are well typed, that is, if we have established 698 | $\vdash t : A$, then $t$ is \emph{terminating}. That's a theorem from 699 | \cite{DBLP:journals/tcs/Abramsky93}. What this means for the 700 | blockchain is that proof terms and their linear connectives provide a 701 | scripting language for transactions that, on the one hand, provides 702 | termination for all well typed scripts, and on the other is highly 703 | expressive. Further, if it turns out that this scripting language is 704 | not expressive enough, then there is a natural extension of proof 705 | terms via a correspondence between linear proof terms and 706 | {$\pi$}-calculus processes that we mentioned at the top of these 707 | notes. 708 | 709 | 710 | \begin{tabular}{c|c} 711 | proof term & blockchain meaning \\ 712 | \hline 713 | address & address \\ 714 | $t \otimes u$ & isolated concurrent transactions \\ 715 | $t \parr u$ & interacting or linked concurrent transactions \\ 716 | $t \with u$ & menu of transaction options \\ 717 | $inl( t ), inr( u )$ & transaction option selection \\ 718 | $!t$ & copyable resource server \\ 719 | $?t$ & copyable resource storage \\ 720 | $txn( t, u )$ & joined transactions\\ 721 | \end{tabular} 722 | 723 | This correspondence is not just useful for extending a scripting 724 | language for blockchain transactions. It turns out the 725 | {$\pi$}-calculus the premier formalism for specifying, reasoning 726 | about, and executing protocols in distributed systems 727 | \cite{milner91polyadicpi} \cite{DBLP:journals/mscs/Milner92} 728 | \cite{DBLP:conf/aplas/AbadiCF06} \cite{DBLP:journals/tissec/AbadiBF07} 729 | \cite{DBLP:conf/lics/Gordon06} \cite{DBLP:conf/esop/KremerR05}. Since 730 | one of the real values of the blockchain is the fact that it is a 731 | distributed means to conduct transactions, the need to tie this 732 | formalism to one for specifying protocols in distributed systems is 733 | plain. 734 | 735 | \subsection{Proof-of-work} 736 | 737 | The glaring lacunae in this discussion is, of course, the relationship 738 | to proof-of-work. Consider the following example. Suppose $C_1$ and $C_2$ 739 | are blockchains both of height $N$. 740 | 741 | \begin{equation*} 742 | \begin{aligned} 743 | C_1 = B_{1N} \leftarrow B_{1N-1} \leftarrow \ldots \leftarrow B_{10} \\ 744 | C_2 = B_{2N} \leftarrow B_{2N-1} \leftarrow \ldots \leftarrow B_{20} 745 | \end{aligned} 746 | \end{equation*} 747 | 748 | We can define 749 | 750 | \begin{equation*} 751 | C_1 \otimes C_2 = ( B_{1N} \otimes B_{2N} ) \leftarrow ( B_{1N-1} \otimes B_{2N-1} ) \leftarrow \ldots \leftarrow ( B_{10} \otimes B_{20} ) 752 | \end{equation*} 753 | 754 | Note that it is insufficient merely to guarantee for $B \otimes B'$ that all 755 | the transactions in $B$ are isolated from the transactions in $B'$. The 756 | counterexample is 757 | 758 | \begin{equation*} 759 | \begin{aligned} 760 | C_1 = Block\{ 1AliceAddr \xrightarrow{5btc} 1AllanAddr \} \\ 761 | \leftarrow Block\{ 1BobAddr \xrightarrow{7btc} 1BettyAddr \} \\ 762 | C_2 = Block\{ 1BobAddr \xrightarrow{7btc} 1BettyAddr \} \\ 763 | \leftarrow Block\{ 1AliceAddr \xrightarrow{5btc} 1AllanAddr \} 764 | \end{aligned} 765 | \end{equation*} 766 | 767 | Clearly $B_{11}$ is isolated from $B_{21}$, and $B_{10}$ is isolated 768 | from $B_{20}$; but, $B_{20}$ is not isolated from $B_{11}$, and 769 | $B_{10}$ is not isolated from $B_{21}$. As a result, the spends in the 770 | earlier blocks could impact the spends in the later blocks. 771 | 772 | Instead, the entire address space of $C_1$ must be isolated from 773 | $C_2$. In this case the network of servers, $N_1$, that maintain $C_1$ can 774 | be safely combined with the network of servers, $N_2$, that maintain $C_2$, 775 | and we can safely define the composite chain as above. The 776 | proof-of-work protocol organizing $N_1$ is completely separate from that 777 | in $N_2$. They do not interact. Yet, it is safe to combine the chains 778 | using a glorified zip function. In this example, 779 | 780 | \begin{equation*} 781 | \begin{aligned} 782 | C_1 = Block\{ 1AliceAddr \xrightarrow{5btc} 1AllanAddr \} \\ 783 | \leftarrow Block\{ 2BobAddr \xrightarrow{7btc} 2BettyAddr \} \\ 784 | C2 = Block\{ 1BobAddr \xrightarrow{7btc} 1BettyAddr \} \\ 785 | \leftarrow Block\{ 2AliceAddr \xrightarrow{5btc} 2AllanAddr \} 786 | \end{aligned} 787 | \end{equation*} 788 | 789 | The address spaces of these chains are completely isolated (often 790 | written $addresses( C_1 ) \# addresses( C_2 )$ ). We are free to calculate 791 | 792 | \begin{equation*} 793 | \begin{aligned} 794 | C_1 \otimes C_2 = Block\{ 1AliceAddr \xrightarrow{5btc} 1AllanAddr \} \\ 795 | \otimes Block\{ 1BobAddr \xrightarrow{7btc} 1BettyAddr \} \\ 796 | \leftarrow Block\{ 2BobAddr \xrightarrow{7btc} 2BettyAddr \} \\ 797 | \otimes Block\{ 2AliceAddr \xrightarrow{5btc} 2AllanAddr \}\\ 798 | = Block\{ 1AliceAddr \xrightarrow{5btc} 1AllanAddr ; \\ 799 | 1BobAddr \xrightarrow{7btc} 1BettyAddr \} \\ 800 | \leftarrow Block\{ 2BobAddr \xrightarrow{7btc} 2BettyAddr \\ 801 | ; 2AliceAddr \xrightarrow{5btc} 2AllanAddr \} 802 | \end{aligned} 803 | \end{equation*} 804 | 805 | The ordering of transactions provided by the two independently 806 | executing proof-of-work protocols is combined in a completely safe. 807 | 808 | Note that there are at least two possible interpretations of $C_1 * 809 | C_2$. One is that the requirement is to verify that $addresses( C_1 ) \# 810 | addresses( C_2 )$. Another is to ensure this is the case by rewiring the 811 | transactions. Under this latter interpretation even the counterexample 812 | becomes safe 813 | 814 | \begin{equation*} 815 | \begin{aligned} 816 | C_1 \otimes C_2 = Block\{ 1AliceAddr \xrightarrow{5btc} 1AllanAddr \} \\ 817 | \otimes Block\{ 1BobAddr \xrightarrow{7btc} 1BettyAddr \} \\ 818 | \leftarrow Block\{ 1BobAddr \xrightarrow{7btc} 01BettyAddr \} \\ 819 | \otimes Block\{ 1AliceAddr \xrightarrow{5btc} 11AllanAddr \} \\ 820 | = Block\{ 01AliceAddr \xrightarrow{5btc} 01AllanAddr ; \\ 821 | 11BobAddr \xrightarrow{7btc} 11BettyAddr \} \\ 822 | \leftarrow Block\{ 01BobAddr \xrightarrow{7btc} 01BettyAddr ; \\ 823 | 11AliceAddr \xrightarrow{5btc} 11AllanAddr \} 824 | \end{aligned} 825 | \end{equation*} 826 | 827 | There is much more to be said, but that must be left to future work! 828 | 829 | \paragraph{Acknowledgments} 830 | We would like to acknowledge Vlad Zamfir for some thoughtful and 831 | stimulating conversation about the blockchain protocol. 832 | 833 | % ------------------------------------------------------------------------ 834 | %GATHER{Xbib.bib} % For Gather Purpose Only 835 | %GATHER{Paper.bbl} % For Gather Purpose Only 836 | \bibliographystyle{amsplain} 837 | \bibliography{ltcctbc} 838 | 839 | % ------------------------------------------------------------------------ 840 | 841 | \section{Appendix: a terminating scripting language} 842 | 843 | In the main body of the paper we presented what amounts to the high 844 | level intuitions. In this appendix we present enough of the details 845 | that a reader skilled in the art could implement the proposal to test 846 | it for themselves. This presentation follows Abramksy's proof 847 | expressions from \cite{DBLP:journals/tcs/Abramsky93} very closely. 848 | 849 | \subsection{Syntax} 850 | \begin{grammar} 851 | {p,q} \bc \mathsf{(} e_1, \ldots, e_m \mathsf{)} \mathsf{\{} t_1 \mathsf{;} \; \ldots \mathsf{;} \; t_n \mathsf{\}} & \mbox{programs} \\ 852 | {e} \bc \mathsf{satoshi} \; \bm \; \ldots \; \bm \; \mathsf{ampere} & \mbox{currency units} \\ 853 | \;\;\; \bm \; x & \mbox{address} \\ 854 | \;\;\; \bm \; e * e & \mbox{isolation} \\ 855 | \;\;\; \bm \; e \# e & \mbox{connection} \\ 856 | \;\;\; \bm \; e \multimap e & \mbox{obligation} \\ 857 | \;\;\; \bm \; \mathsf{choose}\mathsf{(} x_1, \ldots, x_n \mathsf{)}\mathsf{\{} p \mathsf{;}\; q \mathsf{\}} & \mbox{menu} \\ 858 | \;\;\; \bm \; \mathsf{inl}\mathsf{(} e \mathsf{)} \; \bm \; \mathsf{inr}\mathsf{(} e \mathsf{)} & \mbox{selection} \\ 859 | \;\;\; \bm \; \mathsf{?}e \; \bm \; \mathsf{\_} & \mbox{storage, disposal} \\ 860 | \;\;\; \bm \; e \mathsf{@} e & \mbox{contraction} \\ 861 | \;\;\; \bm \; \mathsf{!}\mathsf{(} x_1, \ldots, x_n \mathsf{)}\mathsf{\{} p \mathsf{\}} & \mbox{replication} \\ 862 | {t} \bc \mathsf{txn}\mathsf{(} e_1, e_2 \mathsf{)} & \mbox{transaction} 863 | \end{grammar} 864 | 865 | \paragraph{Discussion} 866 | $e_1 \multimap e_2$ is really just convenient syntactic sugar for 867 | $e_1^{\perp} \# e_2$, where $e^{\perp}$ is identity on addresses, but 868 | changes the \emph{polarity} of the type and otherwise operates as 869 | 870 | \begin{equation*} 871 | \begin{aligned} 872 | ( e_1 * e_2 )^{\perp} = e_1^{\perp} \# e_2^{\perp} \\ 873 | ( e_1 \# e_2 )^{\perp} = e_1^{\perp} * e_2^{\perp} 874 | \end{aligned} 875 | \end{equation*} 876 | 877 | \subsubsection{Interpretation} 878 | Programs $p$ and $q$ represent blockchain states. For $p = \mathsf{(} 879 | e_1, \ldots, e_m \mathsf{)} \mathsf{\{} t_1 \mathsf{;} \; \ldots 880 | \mathsf{;} \; t_n \mathsf{\}}$, the $e$'s represent resources 881 | available on the blockchain $p$, while the $t$'s represent 882 | transactions in progress. For example, if we write $M \cdot \mathsf{satoshi}$ for $\underbrace{\mathsf{satoshi} * \ldots * \mathsf{satoshi}}_{M}$, then 883 | 884 | $\mathsf{(} 1blkchnaddr {)} \mathsf{\{} \mathsf{txn}\mathsf{(} 1blkchnaddr, M \cdot \mathsf{satoshi} \mathsf{)} \mathsf{\}}$ 885 | 886 | represents the genesis block where $1blkchnaddr$ has been assigned $M$ 887 | $\mathsf{satoshi}$'s. At the other end of the spectrum, 888 | 889 | $\mathsf{(} 1blkchnaddr {)} \mathsf{\{} \mathsf{txn}\mathsf{(} 1blkchnaddr, \mathsf{\_} \mathsf{)} \mathsf{\}}$ 890 | 891 | represents burning the assets sent to $1blkchnaddr$. 892 | 893 | At this level of abstraction modeled by the operational semantics in 894 | the next section, addresses are more closely aligned with transaction 895 | inputs in blockchain transactions. Thus, the genesis block is more 896 | accurately represented as 897 | 898 | %\begin{equation*} 899 | \begin{alignat*}{2} 900 | &\mathsf{(} addr_1 * \ldots * addr_M {)} \mathsf{\{} && \\ 901 | &\;\;\;\;\mathsf{txn}\mathsf{(} addr_1, \mathsf{satoshi} \mathsf{)} \mathsf{;} && \\ 902 | &\;\;\;\;\ldots \mathsf{;} && \\ 903 | &\;\;\;\;\mathsf{txn}\mathsf{(}addr_M, \mathsf{satoshi} \mathsf{)} && \\ 904 | &\mathsf{\}} && 905 | \end{alignat*} 906 | %\end{equation*} 907 | 908 | which for future reference we'll write $\mathsf{genesis}$. Similarly, 909 | the second example is more accurately written as 910 | 911 | \begin{equation*} 912 | \begin{aligned} 913 | \mathsf{(} addr_1 * \ldots * addr_M {)} \mathsf{\{} \mathsf{txn}\mathsf{(} addr_1, \mathsf{\_} \mathsf{)} \mathsf{;} \ldots \mathsf{;} \; \mathsf{txn}\mathsf{(}addr_M, \mathsf{\_} \mathsf{)} \mathsf{\}} 914 | \end{aligned} 915 | \end{equation*} 916 | 917 | we'll write as $\mathsf{burn}$ in the sequel. 918 | 919 | \subsection{Operational Semantics} 920 | 921 | In what follows we use the notational conventions: 922 | \begin{itemize} 923 | \item $\vec{e}$ is a list of $e$'s of length $|\vec{e}|$; likewise $\vec{t}$ is list of $t$'s. 924 | \item $\mathsf{txn}\mathsf{(} \vec{e}, \vec{e'} \mathsf{)} = \mathsf{txn}\mathsf{(} e_1, e_1' \mathsf{)}\mathsf{;}\; \ldots \mathsf{;} \; \mathsf{txn}\mathsf{(} e_n, e_n' \mathsf{)}$ assuming $|\vec{e}| = |\vec{e'}|$ 925 | \item we have operations, $( - )^l : \mathsf{Addr} \to \mathsf{Addr}$, $( - )^r : \mathsf{Addr} \to \mathsf{Addr}$ such that given an address $x$, $x^l$, $x^r$ are distinct from $x$ and each other; these operations extend uniquely to $p$, $e$, and $t$ in the obvious manner. 926 | \end{itemize} 927 | 928 | \begin{mathpar} 929 | \inferrule* [lab=Transaction] {}{\mathsf{txn}\mathsf{(} e_1, x \mathsf{)}\mathsf{;} \; \mathsf{txn}\mathsf{(} x, e_2 \mathsf{)} \rightarrow \mathsf{txn}\mathsf{(} e_1, e_2 \mathsf{)}} 930 | \end{mathpar} 931 | 932 | \begin{mathpar} 933 | \inferrule* [lab=Pair] {}{\mathsf{txn}\mathsf{(} e_1 * e_1', e_2 \# e_2' \mathsf{)} \rightarrow \mathsf{txn}\mathsf{(} e_1, e_2 \mathsf{)}\mathsf{;} \; \mathsf{txn}\mathsf{(} e_1', e_2' \mathsf{)}} 934 | \end{mathpar} 935 | 936 | \begin{mathpar} 937 | \inferrule* [lab=Left] {}{\mathsf{txn}\mathsf{(} \mathsf{choose}\mathsf{(} x, \vec{x} \mathsf{)}\mathsf{\{} \mathsf{(} e, \vec{e} \mathsf{)} \mathsf{\{} \vec{t} \mathsf{\}} \mathsf{;} \; q \mathsf{\}}, \mathsf{inl}\mathsf{(} e' \mathsf{)} \mathsf{)} \\ \rightarrow \mathsf{txn}\mathsf{(} e, e' \mathsf{)}\mathsf{;} \; \vec{t} \mathsf{;} \; \mathsf{txn}\mathsf{(} \vec{x}, \vec{e} \mathsf{)}} 938 | \end{mathpar} 939 | 940 | \begin{mathpar} 941 | \inferrule* [lab=Right] {}{\mathsf{txn}\mathsf{(} \mathsf{choose}\mathsf{(} x, \vec{x} \mathsf{)}\mathsf{\{} p \mathsf{;}\; \mathsf{(} e, \vec{e} \mathsf{)} \mathsf{\{} \vec{t} \mathsf{\}} \mathsf{\}}, \mathsf{inr}\mathsf{(} e' \mathsf{)} \mathsf{)} \\ \rightarrow \mathsf{txn}\mathsf{(} e, e' \mathsf{)}\mathsf{;} \; \vec{t} \mathsf{;} \; \mathsf{txn}\mathsf{(} \vec{x}, \vec{e} \mathsf{)}} 942 | \end{mathpar} 943 | 944 | \begin{mathpar} 945 | \inferrule* [lab=Read] {}{\mathsf{txn}\mathsf{(} \mathsf{!}\mathsf{(} \vec{x} \mathsf{)}\mathsf{\{} \mathsf{(} e, \vec{e} \mathsf{)} \mathsf{\{} \vec{t} \mathsf{\}} \mathsf{\}}, \mathsf{?}e' \mathsf{)} \rightarrow \mathsf{txn}\mathsf{(} e, e' \mathsf{)}\mathsf{;} \; \mathsf{txn}\mathsf{(} \vec{x}, \vec{e} \mathsf{)}} 946 | \end{mathpar} 947 | 948 | \begin{mathpar} 949 | \inferrule* [lab=Dispose] {}{\mathsf{txn}\mathsf{(} \mathsf{!}\mathsf{(} \vec{x} \mathsf{)}\mathsf{\{} p \mathsf{\}}, \mathsf{\_} \mathsf{)} \rightarrow \mathsf{txn}\mathsf{(} \vec{x}, \mathsf{\_} \mathsf{)}} 950 | \end{mathpar} 951 | 952 | \begin{mathpar} 953 | \inferrule* [lab=Copy] {}{\mathsf{txn}\mathsf{(} \mathsf{!}\mathsf{(} \vec{x} \mathsf{)}\mathsf{\{} p \mathsf{\}}, e_1 \mathsf{@} e_2 \mathsf{)} \\ \rightarrow \mathsf{txn}\mathsf{(} \vec{x}, x^l \mathsf{@} x^r \mathsf{)} \mathsf{;} \; \mathsf{txn}\mathsf{(} \mathsf{!}\mathsf{(} \vec{x} \mathsf{)}\mathsf{\{} p \mathsf{\}}^l, e_1\mathsf{)} \mathsf{;} \; \mathsf{txn}\mathsf{(} \mathsf{!}\mathsf{(} \vec{x} \mathsf{)}\mathsf{\{} p \mathsf{\}}^r, e_2\mathsf{)}} 954 | \end{mathpar} 955 | 956 | \subsubsection{Interpretation} 957 | 958 | The operational semantics should be viewed as the specification of an 959 | abstract machine that needs no other registers than the program 960 | itself. Let's look at an example in some detail. 961 | 962 | Executing a transaction amounts to joining to expressions, $e_1$ and 963 | $e_2$ in $\mathsf{txn}\mathsf{(} e_1, e_2\mathsf{)}$. Thus, to send 964 | $I < M$ $\mathsf{satoshi}$ to $bddr_1 * \ldots * bddr_I$, in the context of the genesis 965 | block, first we have to turn the genesis block into an expression. 966 | 967 | $\mathsf{choose}\mathsf{(} 1spndaddr \mathsf{)}\mathsf{\{} \mathsf{genesis}\mathsf{;}\; \mathsf{burn} \mathsf{\}}$ 968 | 969 | Next, we form a spend expression $bddr_1 * \ldots * bddr_I \multimap addr_{I+1} \# addr_M$ which will consume $I$ $\mathsf{satoshi}$ from the genesis block addresses $addr_1$ through $addr_I$, and deposit them in $addr_1$ through $addr_I$. 970 | 971 | Now, we can create a transaction that selects the genesis block from 972 | the menu of blockchain states via 973 | 974 | \begin{alignat*}{2} 975 | &\mathsf{txn}\mathsf{(} && \\ 976 | &\;\;\;\;\mathsf{choose}\mathsf{(} 1spndaddr \mathsf{)}\mathsf{\{} \mathsf{genesis}\mathsf{;}\; \mathsf{burn} \mathsf{\}}, && \\ 977 | &\;\;\;\;\mathsf{inl}\mathsf{(} bddr_1 * \ldots * bddr_I \multimap addr_{I+1} \# addr_M \mathsf{)} && \\ 978 | &\mathsf{)} 979 | \end{alignat*} 980 | 981 | Using the operational semantics we see that this reduces to 982 | 983 | \begin{alignat*}{2} 984 | & \mathsf{txn}\mathsf{(} && \\ 985 | & \;\;\;\; addr_1 * \ldots * addr_M, && \\ 986 | & \;\;\;\; bddr_1 * \ldots * bddr_I \multimap addr_{I+1} \# addr_M && \\ 987 | & \mathsf{)} \mathsf{;} 988 | \end{alignat*} 989 | 990 | 991 | which then reduces to 992 | 993 | \begin{alignat*}{2} 994 | &\mathsf{txn}\mathsf{(} addr_1, bddr_1 \mathsf{)} \mathsf{;} && \\ 995 | &\ldots \mathsf{;} && \\ 996 | &\mathsf{txn}\mathsf{(} addr_I, bddr_I \mathsf{)} \mathsf{;} && \\ 997 | &\mathsf{txn}\mathsf{(} addr_{I+1}, addr_{I+1} \mathsf{)} \mathsf{;} && \\ 998 | &\ldots \mathsf{;} && \\ 999 | &\mathsf{txn}\mathsf{(} addr_M, addr_M \mathsf{)} \mathsf{;} && \\ 1000 | &\mathsf{txn}\mathsf{(} addr_1, \mathsf{satoshi} \mathsf{)} \mathsf{;} && \\ 1001 | &\ldots \mathsf{;} && \\ 1002 | &\mathsf{txn}\mathsf{(} addr_M, \mathsf{satoshi} \mathsf{)} \mathsf{;} && 1003 | \end{alignat*} 1004 | 1005 | which then reduces to 1006 | 1007 | \begin{alignat*}{2} 1008 | &\mathsf{txn}\mathsf{(} bddr_1, \mathsf{satoshi} \mathsf{)} \mathsf{;} && \\ 1009 | &\ldots \mathsf{;} && \\ 1010 | &\mathsf{txn}\mathsf{(} bddr_I, \mathsf{satoshi} \mathsf{)} \mathsf{;} && \\ 1011 | &\mathsf{txn}\mathsf{(} addr_{I+1}, \mathsf{satoshi} \mathsf{)} \mathsf{;} && \\ 1012 | &\ldots \mathsf{;} && \\ 1013 | &\mathsf{txn}\mathsf{(} addr_M, \mathsf{satoshi} \mathsf{)} \mathsf{;} && 1014 | \end{alignat*} 1015 | 1016 | This can be seen as a ledger-like representation assigning 1017 | $\mathsf{satoshi}$'s to addresses. 1018 | 1019 | Now, the final piece of the puzzle is that that spend transaction 1020 | needs to be created in the context of a blockchain state, which 1021 | constitutes the \emph{resulting} blockchain state. In point of fact, 1022 | this is a piece of context we elided when we formed the transaction to 1023 | focus on the reduction. A more complete picture of the execution looks like 1024 | 1025 | \begin{alignat*}{2} 1026 | &\mathsf{(} bddr_1 * \ldots * bddr_I * addr_{I+1} * \ldots * addr_M \mathsf{)} \mathsf{\{} && \\ 1027 | &\;\;\;\;\mathsf{txn}\mathsf{(} && \\ 1028 | &\;\;\;\;\;\;\mathsf{choose}\mathsf{(} 1spndaddr \mathsf{)}\mathsf{\{} \mathsf{genesis}\mathsf{;}\; \mathsf{burn} \mathsf{\}}, && \\ 1029 | &\;\;\;\;\;\;\mathsf{inl}\mathsf{(} bddr_1 * \ldots * bddr_I \multimap addr_{I+1} \# addr_M \mathsf{)} && \\ 1030 | &\;\;\mathsf{)} && \\ 1031 | &\mathsf{\}} && \\ 1032 | &\rightarrow* && \\ 1033 | &\mathsf{(} bddr_1 * \ldots * bddr_I * addr_{I+1} * \ldots * addr_M \mathsf{)} \mathsf{\{} && \\ 1034 | &\;\;\;\;\mathsf{txn}\mathsf{(} bddr_1, \mathsf{satoshi} \mathsf{)} \mathsf{;}&& \\ 1035 | &\;\;\;\;\ldots \mathsf{;} && \\ 1036 | &\;\;\;\;\mathsf{txn}\mathsf{(} bddr_I, \mathsf{satoshi} \mathsf{)} \mathsf{;} && \\ 1037 | &\;\;\;\;\mathsf{txn}\mathsf{(} addr_{I+1}, \mathsf{satoshi} \mathsf{)} \mathsf{;} && \\ 1038 | &\;\;\;\;\ldots \mathsf{;} && \\ 1039 | &\;\;\;\;\mathsf{txn}\mathsf{(} addr_M, \mathsf{satoshi} \mathsf{)} \mathsf{;} && \\ 1040 | &\mathsf{\}} && 1041 | \end{alignat*} 1042 | 1043 | This brings us full circle. At the beginning of the paper we 1044 | explicitly recognized the blockchain as data that is program. The 1045 | reduction above provides an explicit model of just this phenomenon. A 1046 | blockchain state, i.e. a representation of data, is a 1047 | \emph{program}. The transition from one state to the next is the 1048 | execution of the program. Any state of the program actually allows a 1049 | ``read back'' to a ledger-like representation capturing the 1050 | distribution of resources to addresses. 1051 | 1052 | \subsection{Type assignment} 1053 | 1054 | In the main body of the paper we wrote proof rules in terms of 1055 | sequents. In point of fact, that formalism amounts to a typing 1056 | discipline on the scripting language presented above. Here we present 1057 | the details of that typing discipline along with the basic result that 1058 | all well typed programs are terminating. 1059 | 1060 | \begin{mathpar} 1061 | \inferrule* [lab=Axiom] {}{\vdash \mathsf{(} x : A^{\perp}, x : A \mathsf{)} \mathsf{\{} \mathsf{\}}} 1062 | \end{mathpar} 1063 | 1064 | \begin{mathpar} 1065 | \inferrule* [lab=Tensor] {\vdash \mathsf{(} t : A, \Gamma \mathsf{)} \mathsf{\{} \vec{txn} \mathsf{\}} \\ \vdash \mathsf{(} u : B, \Delta \mathsf{)} \mathsf{\{} \vec{txn'} \mathsf{\}}}{\vdash \mathsf{(} t * u : A \otimes B, \Gamma, \Delta \mathsf{)} \mathsf{\{} \vec{txn}\mathsf{;} \; \vec{txn'} \mathsf{\}}} 1066 | \end{mathpar} 1067 | 1068 | \begin{mathpar} 1069 | \inferrule* [lab=Par] {\vdash \mathsf{(} t : A, u : B, \Gamma \mathsf{)} \mathsf{\{} \vec{txn} \mathsf{\}}}{ \vdash \mathsf{(} t \# u : A \parr B, \Gamma \mathsf{)} \mathsf{\{} \vec{txn} \mathsf{\}}} 1070 | \end{mathpar} 1071 | 1072 | \begin{mathpar} 1073 | \inferrule* [lab=With] {\vdash p \and \vdash q \\ p = \mathsf{(} t : A, \vec{t} : \vec{G} \mathsf{)} \mathsf{\{} \vec{txn} \mathsf{\}} \and q = \mathsf{(} u : B, \vec{u} : \vec{G} \mathsf{)} \mathsf{\{} \vec{txn'} \mathsf{\}}}{\vdash \mathsf{(} \mathsf{choose}\mathsf{(} \vec{x} : \vec{G} \mathsf{)}\mathsf{\{} p \mathsf{\}} \mathsf{\{} q \mathsf{\}} \mathsf{)} : A \with B, \vec{x} : \vec{G} \mathsf{)} \mathsf{\{} \mathsf{\}}} 1074 | \end{mathpar} 1075 | 1076 | \begin{mathpar} 1077 | \inferrule* [lab=Left] {\vdash \mathsf{(} t : A, \Gamma \mathsf{)} \mathsf{\{} \vec{txn} \mathsf{\}}}{ \vdash \mathsf{(} inl( t ) : A + B, \Gamma \mathsf{)} \mathsf{\{} \vec{txn} \mathsf{\}} } 1078 | \and 1079 | \inferrule* [lab=Right] {\vdash \mathsf{(} u : B, \Gamma \mathsf{)} \mathsf{\{} \vec{txn} \mathsf{\}}}{ \vdash \mathsf{(} inr( u ) : A + B, \Gamma \mathsf{)} \mathsf{\{} \vec{txn} \mathsf{\}} } 1080 | \end{mathpar} 1081 | 1082 | \begin{mathpar} 1083 | \inferrule* [lab=Storage] {\vdash \mathsf{(} t : A, \Gamma \mathsf{)} \mathsf{\{} \vec{txn} \mathsf{\}}}{ \vdash \mathsf{(} ?t : ?A, \Gamma \mathsf{)} \mathsf{\{} \vec{txn} \mathsf{\}} } 1084 | \and 1085 | \inferrule* [lab=Disposal] {\vdash \mathsf{(} t : A, \Gamma \mathsf{)} \mathsf{\{} \vec{txn} \mathsf{\}}}{ \vdash \mathsf{(} \_ : ?A, \Gamma \mathsf{)} \mathsf{\{} \vec{txn} \mathsf{\}} } 1086 | \end{mathpar} 1087 | 1088 | \begin{mathpar} 1089 | \inferrule* [lab=Contraction] {\vdash \mathsf{(} t : ?A, u : ?A, \Gamma \mathsf{)} \mathsf{\{} \vec{txn} \mathsf{\}}}{ \vdash \mathsf{(} t @ u : ?A, \Gamma \mathsf{)} \mathsf{\{} \vec{txn} \mathsf{\}}} 1090 | \end{mathpar} 1091 | 1092 | \begin{mathpar} 1093 | \inferrule* [lab=Replication] {\vdash p \\\\ p = \mathsf{(} t : A, \vec{t} : ?\vec{G}, \Gamma \mathsf{)} \mathsf{\{} \vec{txn} \mathsf{\}}}{ \vdash \mathsf{(} \mathsf{!} \mathsf{(} \vec{x} \mathsf{)} \mathsf{\{} p \mathsf{\}} : !A, \vec{x} : ?\vec{G} \mathsf{)} \mathsf{\{} \mathsf{\}}} 1094 | \end{mathpar} 1095 | 1096 | \paragraph{Discussion} 1097 | As is easily seen, this is merely a transliteration of Abramsky's 1098 | proof expressions from \cite{DBLP:journals/tcs/Abramsky93}, and as 1099 | such the scripting language enjoys all the properties of proof 1100 | expressions. In particular, theorem 7.18 pg 47 tells us that well 1101 | typed programs terminate. 1102 | 1103 | In a discussion of ``smart contract'' the types play a specially 1104 | important role. If programs in this language consitute financial 1105 | contracts, then the types provide a means by which parties can probe 1106 | the contracts for properties above and beyond termination. 1107 | 1108 | % ------------------------------------------------------------------------ 1109 | 1110 | \end{document} 1111 | % ------------------------------------------------------------------------ 1112 | -------------------------------------------------------------------------------- /casper/docs/ltcctbc/acm_proc_article-sp.cls: -------------------------------------------------------------------------------- 1 | % ACM_PROC_ARTICLE-SP.CLS - VERSION 3.2SP 2 | % COMPATIBLE WITH THE "SIG-ALTERNATE" V2.4 3 | % Gerald Murray - April 22nd. 2009 4 | % 5 | % ---- Start of 'updates' ---- 6 | % 7 | % April 22nd. 2009 - Fixed 'Natbib' incompatibility problem - Gerry 8 | % April 22nd. 2009 - Fixed 'Babel' incompatibility problem - Gerry 9 | % April 22nd. 2009 - Inserted various bug-fixes and improvements - Gerry 10 | % 11 | % To produce Type 1 fonts in the document plus allow for 'normal LaTeX accenting' in the critical areas; 12 | % title, author block, section-heads, etc. etc. 13 | % i.e. the whole purpose of this version update is to NOT resort to 'inelegant accent patches'. 14 | % After much research, three extra .sty packages were added to the the tail (ae, aecompl, aeguill) to solve, 15 | % in particular, the accenting problem(s). We _could_ ask authors (via instructions/sample file) to 'include' these in 16 | % the source .tex file - in the preamble - but if everything is already provided ('behind the scenes' - embedded IN the .cls) 17 | % then this is less work for authors and also makes everything appear 'vanilla'. 18 | % NOTE: all 'patchwork accenting" has been commented out (here) and is no longer 'used' in the sample .tex file (either). 19 | % Gerry June 2007 20 | % 21 | % Rule widths changed to .5, author count (>6) fixed, roll-back for Type 3 problem. Gerry March 20th. 2007 22 | % Changes made to 'modernize' the fontnames but esp. for MikTeX users V2.4/2.5 - Nov. 30th. 2006 23 | % Updated the \email definition to allow for its use inside of 'shared affiliations' - Nov. 30th. 2006 24 | % Fixed the 'section number depth value' - Nov. 30th. 2006 25 | % 26 | % Footnotes inside table cells using \minipage (Oct. 2002) 27 | % Georgia fixed bug in sub-sub-section numbering in paragraphs (July 29th. 2002) 28 | % JS/GM fix to vertical spacing before Proofs (July 30th. 2002) 29 | % 30 | % Allowance made to switch default fonts between those systems using 31 | % normal/modern font names and those using 'Type 1' or 'Truetype' fonts. 32 | % See LINE NUMBER 269 for details. 33 | % Also provided for enumerated/annotated Corollaries 'surrounded' by 34 | % enumerated Theorems (line 844). 35 | % Gerry November 11th. 1999 36 | % 37 | % This 'sp' version does NOT produce the permission block. 38 | % 39 | % Major change in January 2000 was to include a "blank line" in between 40 | % new paragraphs. This involved major changes to the, then, acmproc-sp.cls 1.0SP 41 | % file, precipitating a 'new' name: "acm_proc_article-sp.cls" V2.01SP. 42 | % 43 | % ---- End of 'updates' ---- 44 | % 45 | \def\fileversion{V3.2SP} % for ACM's tracking purposes 46 | \def\filedate{April 22, 2009} % Gerry Murray's tracking data 47 | \def\docdate {Wednesday 22nd. April 2009} % Gerry Murray (with deltas to doc} 48 | \usepackage{epsfig} 49 | \usepackage{amssymb} 50 | \usepackage{amsmath} 51 | \usepackage{amsfonts} 52 | % Need this for accents in Arial/Helvetica 53 | %\usepackage[T1]{fontenc} % Gerry March 12, 2007 - causes Type 3 problems (body text) 54 | %\usepackage{textcomp} 55 | % 56 | % ACM_PROC_ARTICLE-SP DOCUMENT STYLE 57 | % G.K.M. Tobin August-October 1999 58 | % adapted from ARTICLE document style by Ken Traub, Olin Shivers 59 | % also using elements of esub2acm.cls 60 | % LATEST REVISION V3.2SP - APRIL 2009 61 | % ARTICLE DOCUMENT STYLE -- Released 16 March 1988 62 | % for LaTeX version 2.09 63 | % Copyright (C) 1988 by Leslie Lamport 64 | % 65 | % 66 | %%% ACM_PROC_ARTICLE-SP is a document style for producing two-column camera-ready pages for 67 | %%% ACM conferences, according to ACM specifications. The main features of 68 | %%% this style are: 69 | %%% 70 | %%% 1) Two columns. 71 | %%% 2) Side and top margins of 4.5pc, bottom margin of 6pc, column gutter of 72 | %%% 2pc, hence columns are 20pc wide and 55.5pc tall. (6pc =3D 1in, approx) 73 | %%% 3) First page has title information, and an extra 6pc of space at the 74 | %%% bottom of the first column for the ACM copyright notice. 75 | %%% 4) Text is 9pt on 10pt baselines; titles (except main) are 9pt bold. 76 | %%% 77 | %%% 78 | %%% There are a few restrictions you must observe: 79 | %%% 80 | %%% 1) You cannot change the font size; ACM wants you to use 9pt. 81 | %%% 3) You must start your paper with the \maketitle command. Prior to the 82 | %%% \maketitle you must have \title and \author commands. If you have a 83 | %%% \date command it will be ignored; no date appears on the paper, since 84 | %%% the proceedings will have a date on the front cover. 85 | %%% 4) Marginal paragraphs, tables of contents, lists of figures and tables, 86 | %%% and page headings are all forbidden. 87 | %%% 5) The `figure' environment will produce a figure one column wide; if you 88 | %%% want one that is two columns wide, use `figure*'. 89 | %%% 90 | % 91 | %%% Copyright Space: 92 | %%% This style automatically leaves 1" blank space at the bottom of page 1/ 93 | %%% column 1. This space can optionally be filled with some text using the 94 | %%% \toappear{...} command. If used, this command must be BEFORE the \maketitle 95 | %%% command. If this command is defined AND [preprint] is on, then the 96 | %%% space is filled with the {...} text (at the bottom); otherwise, it is 97 | %%% blank. If you use \toappearbox{...} instead of \toappear{...} then a 98 | %%% box will be drawn around the text (if [preprint] is on). 99 | %%% 100 | %%% A typical usage looks like this: 101 | %%% \toappear{To appear in the Ninth AES Conference on Medievil Lithuanian 102 | %%% Embalming Technique, June 1991, Alfaretta, Georgia.} 103 | %%% This will be included in the preprint, and left out of the conference 104 | %%% version. 105 | %%% 106 | %%% WARNING: 107 | %%% Some dvi-ps converters heuristically allow chars to drift from their 108 | %%% true positions a few pixels. This may be noticeable with the 9pt sans-serif 109 | %%% bold font used for section headers. 110 | %%% You may turn this hackery off via the -e option: 111 | %%% dvips -e 0 foo.dvi >foo.ps 112 | %%% 113 | \typeout{Document Class 'acm_proc_article-sp' <22nd. April '09>. Modified by G.K.M. Tobin} 114 | \typeout{Based in part upon document Style `acmconf' <22 May 89>. Hacked 4/91 by} 115 | \typeout{shivers@cs.cmu.edu, 4/93 by theobald@cs.mcgill.ca} 116 | \typeout{Excerpts were taken from (Journal Style) 'esub2acm.cls'.} 117 | \typeout{****** Bugs/comments/suggestions to Gerry Murray -- murray@hq.acm.org ******} 118 | 119 | \oddsidemargin 4.5pc 120 | \evensidemargin 4.5pc 121 | \advance\oddsidemargin by -1in % Correct for LaTeX gratuitousness 122 | \advance\evensidemargin by -1in % Correct for LaTeX gratuitousness 123 | \marginparwidth 0pt % Margin pars are not allowed. 124 | \marginparsep 11pt % Horizontal space between outer margin and 125 | % marginal note 126 | 127 | % Top of page: 128 | \topmargin 4.5pc % Nominal distance from top of page to top of 129 | % box containing running head. 130 | \advance\topmargin by -1in % Correct for LaTeX gratuitousness 131 | \headheight 0pt % Height of box containing running head. 132 | \headsep 0pt % Space between running head and text. 133 | % Bottom of page: 134 | \footskip 30pt % Distance from baseline of box containing foot 135 | % to baseline of last line of text. 136 | \@ifundefined{footheight}{\newdimen\footheight}{}% this is for LaTeX2e 137 | \footheight 12pt % Height of box containing running foot. 138 | 139 | 140 | %% Must redefine the top margin so there's room for headers and 141 | %% page numbers if you are using the preprint option. Footers 142 | %% are OK as is. Olin. 143 | \advance\topmargin by -37pt % Leave 37pt above text for headers 144 | \headheight 12pt % Height of box containing running head. 145 | \headsep 25pt % Space between running head and text. 146 | 147 | \textheight 666pt % 9 1/4 column height 148 | \textwidth 42pc % Width of text line. 149 | % For two-column mode: 150 | \columnsep 2pc % Space between columns 151 | \columnseprule 0pt % Width of rule between columns. 152 | \hfuzz 1pt % Allow some variation in column width, otherwise it's 153 | % too hard to typeset in narrow columns. 154 | 155 | \footnotesep 5.6pt % Height of strut placed at the beginning of every 156 | % footnote =3D height of normal \footnotesize strut, 157 | % so no extra space between footnotes. 158 | 159 | \skip\footins 8.1pt plus 4pt minus 2pt % Space between last line of text and 160 | % top of first footnote. 161 | \floatsep 11pt plus 2pt minus 2pt % Space between adjacent floats moved 162 | % to top or bottom of text page. 163 | \textfloatsep 18pt plus 2pt minus 4pt % Space between main text and floats 164 | % at top or bottom of page. 165 | \intextsep 11pt plus 2pt minus 2pt % Space between in-text figures and 166 | % text. 167 | \@ifundefined{@maxsep}{\newdimen\@maxsep}{}% this is for LaTeX2e 168 | \@maxsep 18pt % The maximum of \floatsep, 169 | % \textfloatsep and \intextsep (minus 170 | % the stretch and shrink). 171 | \dblfloatsep 11pt plus 2pt minus 2pt % Same as \floatsep for double-column 172 | % figures in two-column mode. 173 | \dbltextfloatsep 18pt plus 2pt minus 4pt% \textfloatsep for double-column 174 | % floats. 175 | \@ifundefined{@dblmaxsep}{\newdimen\@dblmaxsep}{}% this is for LaTeX2e 176 | \@dblmaxsep 18pt % The maximum of \dblfloatsep and 177 | % \dbltexfloatsep. 178 | \@fptop 0pt plus 1fil % Stretch at top of float page/column. (Must be 179 | % 0pt plus ...) 180 | \@fpsep 8pt plus 2fil % Space between floats on float page/column. 181 | \@fpbot 0pt plus 1fil % Stretch at bottom of float page/column. (Must be 182 | % 0pt plus ... ) 183 | \@dblfptop 0pt plus 1fil % Stretch at top of float page. (Must be 0pt plus ...) 184 | \@dblfpsep 8pt plus 2fil % Space between floats on float page. 185 | \@dblfpbot 0pt plus 1fil % Stretch at bottom of float page. (Must be 186 | % 0pt plus ... ) 187 | \marginparpush 5pt % Minimum vertical separation between two marginal 188 | % notes. 189 | 190 | \parskip 0pt % Extra vertical space between paragraphs. 191 | % Set to 0pt outside sections, to keep section heads 192 | % uniformly spaced. The value of parskip is set 193 | % to leading value _within_ sections. 194 | % 12 Jan 2000 gkmt 195 | \parindent 0pt % Width of paragraph indentation. 196 | \partopsep 2pt plus 1pt minus 1pt% Extra vertical space, in addition to 197 | % \parskip and \topsep, added when user 198 | % leaves blank line before environment. 199 | 200 | \@lowpenalty 51 % Produced by \nopagebreak[1] or \nolinebreak[1] 201 | \@medpenalty 151 % Produced by \nopagebreak[2] or \nolinebreak[2] 202 | \@highpenalty 301 % Produced by \nopagebreak[3] or \nolinebreak[3] 203 | 204 | \@beginparpenalty -\@lowpenalty % Before a list or paragraph environment. 205 | \@endparpenalty -\@lowpenalty % After a list or paragraph environment. 206 | \@itempenalty -\@lowpenalty % Between list items. 207 | 208 | %\@namedef{ds@10pt}{\@latexerr{The `10pt' option is not allowed in the `acmconf' 209 | \@namedef{ds@10pt}{\ClassError{The `10pt' option is not allowed in the `acmconf' % January 2008 210 | document style.}\@eha} 211 | %\@namedef{ds@11pt}{\@latexerr{The `11pt' option is not allowed in the `acmconf' 212 | \@namedef{ds@11pt}{\ClassError{The `11pt' option is not allowed in the `acmconf' % January 2008 213 | document style.}\@eha} 214 | %\@namedef{ds@12pt}{\@latexerr{The `12pt' option is not allowed in the `acmconf' 215 | \@namedef{ds@12pt}{\ClassError{The `12pt' option is not allowed in the `acmconf' % January 2008 216 | document style.}\@eha} 217 | 218 | \@options 219 | 220 | \lineskip 2pt % \lineskip is 1pt for all font sizes. 221 | \normallineskip 2pt 222 | \def\baselinestretch{1} 223 | 224 | \abovedisplayskip 9pt plus2pt minus4.5pt% 225 | \belowdisplayskip \abovedisplayskip 226 | \abovedisplayshortskip \z@ plus3pt% 227 | \belowdisplayshortskip 5.4pt plus3pt minus3pt% 228 | \let\@listi\@listI % Setting of \@listi added 9 Jun 87 229 | 230 | \def\small{\@setsize\small{9pt}\viiipt\@viiipt 231 | \abovedisplayskip 7.6pt plus 3pt minus 4pt% 232 | \belowdisplayskip \abovedisplayskip 233 | \abovedisplayshortskip \z@ plus2pt% 234 | \belowdisplayshortskip 3.6pt plus2pt minus 2pt 235 | \def\@listi{\leftmargin\leftmargini %% Added 22 Dec 87 236 | \topsep 4pt plus 2pt minus 2pt\parsep 2pt plus 1pt minus 1pt 237 | \itemsep \parsep}} 238 | 239 | \def\footnotesize{\@setsize\footnotesize{9pt}\ixpt\@ixpt 240 | \abovedisplayskip 6.4pt plus 2pt minus 4pt% 241 | \belowdisplayskip \abovedisplayskip 242 | \abovedisplayshortskip \z@ plus 1pt% 243 | \belowdisplayshortskip 2.7pt plus 1pt minus 2pt 244 | \def\@listi{\leftmargin\leftmargini %% Added 22 Dec 87 245 | \topsep 3pt plus 1pt minus 1pt\parsep 2pt plus 1pt minus 1pt 246 | \itemsep \parsep}} 247 | 248 | \newcount\aucount 249 | \newcount\originalaucount 250 | \newdimen\auwidth 251 | \auwidth=\textwidth 252 | \newdimen\auskip 253 | \newcount\auskipcount 254 | \newdimen\auskip 255 | \global\auskip=1pc 256 | \newdimen\allauboxes 257 | \allauboxes=\auwidth 258 | \newtoks\addauthors 259 | \newcount\addauflag 260 | \global\addauflag=0 %Haven't shown additional authors yet 261 | 262 | \newtoks\subtitletext 263 | \gdef\subtitle#1{\subtitletext={#1}} 264 | 265 | \gdef\additionalauthors#1{\addauthors={#1}} 266 | 267 | \gdef\numberofauthors#1{\global\aucount=#1 268 | \ifnum\aucount>3\global\originalaucount=\aucount \global\aucount=3\fi %g} % 3 OK - Gerry March 2007 269 | \global\auskipcount=\aucount\global\advance\auskipcount by 1 270 | \global\multiply\auskipcount by 2 271 | \global\multiply\auskip by \auskipcount 272 | \global\advance\auwidth by -\auskip 273 | \global\divide\auwidth by \aucount} 274 | 275 | % \and was modified to count the number of authors. GKMT 12 Aug 1999 276 | \def\alignauthor{% % \begin{tabular} 277 | \end{tabular}% 278 | \begin{tabular}[t]{p{\auwidth}}\centering}% 279 | 280 | 281 | % *** NOTE *** NOTE *** NOTE *** NOTE *** 282 | % If you have 'font problems' then you may need 283 | % to change these, e.g. 'arialb' instead of "arialbd". 284 | % Gerry Murray 11/11/1999 285 | % *** OR ** comment out block A and activate block B or vice versa. 286 | % ********************************************** 287 | % 288 | % -- Start of block A -- (Type 1 or Truetype fonts) 289 | %\newfont{\secfnt}{timesbd at 12pt} % was timenrb originally - now is timesbd 290 | %\newfont{\secit}{timesbi at 12pt} %13 Jan 00 gkmt 291 | %\newfont{\subsecfnt}{timesi at 11pt} % was timenrri originally - now is timesi 292 | %\newfont{\subsecit}{timesbi at 11pt} % 13 Jan 00 gkmt -- was times changed to timesbi gm 2/4/2000 293 | % % because "normal" is italic, "italic" is Roman 294 | %\newfont{\ttlfnt}{arialbd at 18pt} % was arialb originally - now is arialbd 295 | %\newfont{\ttlit}{arialbi at 18pt} % 13 Jan 00 gkmt 296 | %\newfont{\subttlfnt}{arial at 14pt} % was arialr originally - now is arial 297 | %\newfont{\subttlit}{ariali at 14pt} % 13 Jan 00 gkmt 298 | %\newfont{\subttlbf}{arialbd at 14pt} % 13 Jan 00 gkmt 299 | %\newfont{\aufnt}{arial at 12pt} % was arialr originally - now is arial 300 | %\newfont{\auit}{ariali at 12pt} % 13 Jan 00 gkmt 301 | %\newfont{\affaddr}{arial at 10pt} % was arialr originally - now is arial 302 | %\newfont{\affaddrit}{ariali at 10pt} %13 Jan 00 gkmt 303 | %\newfont{\eaddfnt}{arial at 12pt} % was arialr originally - now is arial 304 | %\newfont{\ixpt}{times at 9pt} % was timenrr originally - now is times 305 | %\newfont{\confname}{timesi at 8pt} % was timenrri - now is timesi 306 | %\newfont{\crnotice}{times at 8pt} % was timenrr originally - now is times 307 | %\newfont{\ninept}{times at 9pt} % was timenrr originally - now is times 308 | % ********************************************* 309 | % -- End of block A -- 310 | % 311 | % 312 | % -- Start of block B -- UPDATED FONT NAMES 313 | % ********************************************* 314 | % Gerry Murray 11/30/2006 315 | % ********************************************* 316 | \newfont{\secfnt}{ptmb8t at 12pt} 317 | \newfont{\secit}{ptmbi8t at 12pt} %13 Jan 00 gkmt 318 | \newfont{\subsecfnt}{ptmri8t at 11pt} 319 | \newfont{\subsecit}{ptmbi8t at 11pt} % 320 | \newfont{\ttlfnt}{phvb8t at 18pt} 321 | \newfont{\ttlit}{phvbo8t at 18pt} % GM 2/4/2000 322 | \newfont{\subttlfnt}{phvr8t at 14pt} 323 | \newfont{\subttlit}{phvro8t at 14pt} % GM 2/4/2000 324 | \newfont{\subttlbf}{phvb8t at 14pt} % 13 Jan 00 gkmt 325 | \newfont{\aufnt}{phvr8t at 12pt} 326 | \newfont{\auit}{phvro8t at 12pt} % GM 2/4/2000 327 | \newfont{\affaddr}{phvr8t at 10pt} 328 | \newfont{\affaddrit}{phvro8t at 10pt} % GM 2/4/2000 329 | \newfont{\eaddfnt}{phvr8t at 12pt} 330 | \newfont{\ixpt}{ptmr8t at 9pt} 331 | \newfont{\confname}{ptmri8t at 8pt} 332 | \newfont{\crnotice}{ptmr8t at 8pt} 333 | \newfont{\ninept}{ptmr8t at 9pt} 334 | % +++++++++++++++++++++++++++++++++++++++++++++ 335 | % -- End of block B -- 336 | 337 | %\def\email#1{{{\eaddfnt{\vskip 4pt#1}}}} 338 | % If we have an email, inside a "shared affiliation" then we need the following instead 339 | \def\email#1{{{\eaddfnt{\par #1}}}} % revised - GM - 11/30/2006 340 | 341 | \def\addauthorsection{\ifnum\originalaucount>6 % was 3 - Gerry March 2007 342 | \section{Additional Authors}\the\addauthors 343 | \fi} 344 | 345 | \newcount\savesection 346 | \newcount\sectioncntr 347 | \global\sectioncntr=1 348 | 349 | \setcounter{secnumdepth}{3} 350 | 351 | \def\appendix{\par 352 | \section*{APPENDIX} 353 | \setcounter{section}{0} 354 | \setcounter{subsection}{0} 355 | \def\thesection{\Alph{section}} } 356 | 357 | 358 | \leftmargini 22.5pt 359 | \leftmarginii 19.8pt % > \labelsep + width of '(m)' 360 | \leftmarginiii 16.8pt % > \labelsep + width of 'vii.' 361 | \leftmarginiv 15.3pt % > \labelsep + width of 'M.' 362 | \leftmarginv 9pt 363 | \leftmarginvi 9pt 364 | 365 | \leftmargin\leftmargini 366 | \labelsep 4.5pt 367 | \labelwidth\leftmargini\advance\labelwidth-\labelsep 368 | 369 | \def\@listI{\leftmargin\leftmargini \parsep 3.6pt plus 2pt minus 1pt% 370 | \topsep 7.2pt plus 2pt minus 4pt% 371 | \itemsep 3.6pt plus 2pt minus 1pt} 372 | 373 | \let\@listi\@listI 374 | \@listi 375 | 376 | \def\@listii{\leftmargin\leftmarginii 377 | \labelwidth\leftmarginii\advance\labelwidth-\labelsep 378 | \topsep 3.6pt plus 2pt minus 1pt 379 | \parsep 1.8pt plus 0.9pt minus 0.9pt 380 | \itemsep \parsep} 381 | 382 | \def\@listiii{\leftmargin\leftmarginiii 383 | \labelwidth\leftmarginiii\advance\labelwidth-\labelsep 384 | \topsep 1.8pt plus 0.9pt minus 0.9pt 385 | \parsep \z@ \partopsep 1pt plus 0pt minus 1pt 386 | \itemsep \topsep} 387 | 388 | \def\@listiv{\leftmargin\leftmarginiv 389 | \labelwidth\leftmarginiv\advance\labelwidth-\labelsep} 390 | 391 | \def\@listv{\leftmargin\leftmarginv 392 | \labelwidth\leftmarginv\advance\labelwidth-\labelsep} 393 | 394 | \def\@listvi{\leftmargin\leftmarginvi 395 | \labelwidth\leftmarginvi\advance\labelwidth-\labelsep} 396 | 397 | \def\labelenumi{\theenumi.} 398 | \def\theenumi{\arabic{enumi}} 399 | 400 | \def\labelenumii{(\theenumii)} 401 | \def\theenumii{\alph{enumii}} 402 | \def\p@enumii{\theenumi} 403 | 404 | \def\labelenumiii{\theenumiii.} 405 | \def\theenumiii{\roman{enumiii}} 406 | \def\p@enumiii{\theenumi(\theenumii)} 407 | 408 | \def\labelenumiv{\theenumiv.} 409 | \def\theenumiv{\Alph{enumiv}} 410 | \def\p@enumiv{\p@enumiii\theenumiii} 411 | 412 | \def\labelitemi{$\bullet$} 413 | \def\labelitemii{\bf --} 414 | \def\labelitemiii{$\ast$} 415 | \def\labelitemiv{$\cdot$} 416 | 417 | \def\verse{\let\\=\@centercr 418 | \list{}{\itemsep\z@ \itemindent -1.5em\listparindent \itemindent 419 | \rightmargin\leftmargin\advance\leftmargin 1.5em}\item[]} 420 | \let\endverse\endlist 421 | 422 | \def\quotation{\list{}{\listparindent 1.5em 423 | \itemindent\listparindent 424 | \rightmargin\leftmargin \parsep 0pt plus 1pt}\item[]} 425 | \let\endquotation=\endlist 426 | 427 | \def\quote{\list{}{\rightmargin\leftmargin}\item[]} 428 | \let\endquote=\endlist 429 | 430 | \def\descriptionlabel#1{\hspace\labelsep \bf #1} 431 | \def\description{\list{}{\labelwidth\z@ \itemindent-\leftmargin 432 | \let\makelabel\descriptionlabel}} 433 | 434 | \let\enddescription\endlist 435 | 436 | \def\theequation{\arabic{equation}} 437 | 438 | \arraycolsep 4.5pt % Half the space between columns in an array environment. 439 | \tabcolsep 5.4pt % Half the space between columns in a tabular environment. 440 | \arrayrulewidth .5pt % Width of rules in array and tabular environment. % (was .4) updated Gerry March 20 2007 441 | \doublerulesep 1.8pt % Space between adjacent rules in array or tabular env. 442 | 443 | \tabbingsep \labelsep % Space used by the \' command. (See LaTeX manual.) 444 | 445 | \skip\@mpfootins =\skip\footins 446 | 447 | \fboxsep =2.7pt % Space left between box and text by \fbox and \framebox. 448 | \fboxrule =.5pt % Width of rules in box made by \fbox and \framebox. % (was .4) updated Gerry March 20 2007 449 | 450 | \def\thepart{\Roman{part}} % Roman numeral part numbers. 451 | \def\thesection {\arabic{section}} 452 | \def\thesubsection {\thesection.\arabic{subsection}} 453 | %\def\thesubsubsection {\thesubsection.\arabic{subsubsection}} % GM 7/30/2002 454 | %\def\theparagraph {\thesubsubsection.\arabic{paragraph}} % GM 7/30/2002 455 | \def\thesubparagraph {\theparagraph.\arabic{subparagraph}} 456 | 457 | \def\@pnumwidth{1.55em} 458 | \def\@tocrmarg {2.55em} 459 | \def\@dotsep{4.5} 460 | \setcounter{tocdepth}{3} 461 | 462 | %\def\tableofcontents{\@latexerr{\tableofcontents: Tables of contents are not 463 | % allowed in the `acmconf' document style.}\@eha} 464 | 465 | \def\tableofcontents{\ClassError{% 466 | \string\tableofcontents\space is not allowed in the `acmconf' document % January 2008 467 | style}\@eha} 468 | 469 | \def\l@part#1#2{\addpenalty{\@secpenalty} 470 | \addvspace{2.25em plus 1pt} % space above part line 471 | \begingroup 472 | \@tempdima 3em % width of box holding part number, used by 473 | \parindent \z@ \rightskip \@pnumwidth %% \numberline 474 | \parfillskip -\@pnumwidth 475 | {\large \bf % set line in \large boldface 476 | \leavevmode % TeX command to enter horizontal mode. 477 | #1\hfil \hbox to\@pnumwidth{\hss #2}}\par 478 | \nobreak % Never break after part entry 479 | \endgroup} 480 | 481 | \def\l@section#1#2{\addpenalty{\@secpenalty} % good place for page break 482 | \addvspace{1.0em plus 1pt} % space above toc entry 483 | \@tempdima 1.5em % width of box holding section number 484 | \begingroup 485 | \parindent \z@ \rightskip \@pnumwidth 486 | \parfillskip -\@pnumwidth 487 | \bf % Boldface. 488 | \leavevmode % TeX command to enter horizontal mode. 489 | \advance\leftskip\@tempdima %% added 5 Feb 88 to conform to 490 | \hskip -\leftskip %% 25 Jan 88 change to \numberline 491 | #1\nobreak\hfil \nobreak\hbox to\@pnumwidth{\hss #2}\par 492 | \endgroup} 493 | 494 | 495 | \def\l@subsection{\@dottedtocline{2}{1.5em}{2.3em}} 496 | \def\l@subsubsection{\@dottedtocline{3}{3.8em}{3.2em}} 497 | \def\l@paragraph{\@dottedtocline{4}{7.0em}{4.1em}} 498 | \def\l@subparagraph{\@dottedtocline{5}{10em}{5em}} 499 | 500 | %\def\listoffigures{\@latexerr{\listoffigures: Lists of figures are not 501 | % allowed in the `acmconf' document style.}\@eha} 502 | 503 | \def\listoffigures{\ClassError{% 504 | \string\listoffigures\space is not allowed in the `acmconf' document % January 2008 505 | style}\@eha} 506 | 507 | \def\l@figure{\@dottedtocline{1}{1.5em}{2.3em}} 508 | 509 | %\def\listoftables{\@latexerr{\listoftables: Lists of tables are not 510 | % allowed in the `acmconf' document style.}\@eha} 511 | %\let\l@table\l@figure 512 | 513 | \def\listoftables{\ClassError{% 514 | \string\listoftables\space is not allowed in the `acmconf' document % January 2008 515 | style}\@eha} 516 | \let\l@table\l@figure 517 | 518 | \def\footnoterule{\kern-3\p@ 519 | \hrule width .5\columnwidth % (was .4) updated Gerry March 20 2007 520 | \kern 2.6\p@} % The \hrule has default height of .4pt % (was .4) updated Gerry March 20 2007 521 | % ------ 522 | \long\def\@makefntext#1{\noindent 523 | %\hbox to .5em{\hss$^{\@thefnmark}$}#1} % original 524 | \hbox to .5em{\hss\textsuperscript{\@thefnmark}}#1} % C. Clifton / GM Oct. 2nd. 2002 525 | % ------- 526 | 527 | \long\def\@maketntext#1{\noindent 528 | #1} 529 | 530 | \long\def\@maketitlenotetext#1#2{\noindent 531 | \hbox to 1.8em{\hss$^{#1}$}#2} 532 | 533 | \setcounter{topnumber}{2} 534 | \def\topfraction{.7} 535 | \setcounter{bottomnumber}{1} 536 | \def\bottomfraction{.3} 537 | \setcounter{totalnumber}{3} 538 | \def\textfraction{.2} 539 | \def\floatpagefraction{.5} 540 | \setcounter{dbltopnumber}{2} 541 | \def\dbltopfraction{.7} 542 | \def\dblfloatpagefraction{.5} 543 | 544 | \long\def\@makecaption#1#2{ 545 | \vskip \baselineskip 546 | \setbox\@tempboxa\hbox{\textbf{#1: #2}} 547 | \ifdim \wd\@tempboxa >\hsize % IF longer than one line: 548 | \textbf{#1: #2}\par % THEN set as ordinary paragraph. 549 | \else % ELSE center. 550 | \hbox to\hsize{\hfil\box\@tempboxa\hfil}\par 551 | \fi} 552 | 553 | \@ifundefined{figure}{\newcounter {figure}} % this is for LaTeX2e 554 | 555 | \def\fps@figure{tbp} 556 | \def\ftype@figure{1} 557 | \def\ext@figure{lof} 558 | \def\fnum@figure{Figure \thefigure} 559 | \def\figure{\@float{figure}} 560 | %\let\endfigure\end@float 561 | \def\endfigure{\end@float} % Gerry January 2008 562 | \@namedef{figure*}{\@dblfloat{figure}} 563 | \@namedef{endfigure*}{\end@dblfloat} 564 | 565 | \@ifundefined{table}{\newcounter {table}} % this is for LaTeX2e 566 | 567 | \def\fps@table{tbp} 568 | \def\ftype@table{2} 569 | \def\ext@table{lot} 570 | \def\fnum@table{Table \thetable} 571 | \def\table{\@float{table}} 572 | %\let\endtable\end@float 573 | \def\endtable{\end@float} % Gerry January 2008 574 | \@namedef{table*}{\@dblfloat{table}} 575 | \@namedef{endtable*}{\end@dblfloat} 576 | 577 | \newtoks\titleboxnotes 578 | \newcount\titleboxnoteflag 579 | 580 | \def\maketitle{\par 581 | \begingroup 582 | \def\thefootnote{\fnsymbol{footnote}} 583 | \def\@makefnmark{\hbox 584 | to 0pt{$^{\@thefnmark}$\hss}} 585 | \twocolumn[\@maketitle] 586 | \@thanks 587 | \endgroup 588 | \setcounter{footnote}{0} 589 | \let\maketitle\relax 590 | \let\@maketitle\relax 591 | \gdef\@thanks{}\gdef\@author{}\gdef\@title{}\gdef\@subtitle{}\let\thanks\relax 592 | \@copyrightspace} 593 | 594 | %% CHANGES ON NEXT LINES 595 | \newif\if@ll % to record which version of LaTeX is in use 596 | 597 | \expandafter\ifx\csname LaTeXe\endcsname\relax % LaTeX2.09 is used 598 | \else% LaTeX2e is used, so set ll to true 599 | \global\@lltrue 600 | \fi 601 | 602 | \if@ll 603 | \NeedsTeXFormat{LaTeX2e} 604 | \ProvidesClass{acm_proc_article-sp} [2009/04/22 - V3.2SP - based on esub2acm.sty <23 April 96>] 605 | \RequirePackage{latexsym}% QUERY: are these two really needed? 606 | \let\dooptions\ProcessOptions 607 | \else 608 | \let\dooptions\@options 609 | \fi 610 | %% END CHANGES 611 | 612 | \def\@height{height} 613 | \def\@width{width} 614 | \def\@minus{minus} 615 | \def\@plus{plus} 616 | \def\hb@xt@{\hbox to} 617 | \newif\if@faircopy 618 | \@faircopyfalse 619 | \def\ds@faircopy{\@faircopytrue} 620 | 621 | \def\ds@preprint{\@faircopyfalse} 622 | 623 | \@twosidetrue 624 | \@mparswitchtrue 625 | \def\ds@draft{\overfullrule 5\p@} 626 | %% CHANGE ON NEXT LINE 627 | \dooptions 628 | 629 | \lineskip \p@ 630 | \normallineskip \p@ 631 | \def\baselinestretch{1} 632 | \def\@ptsize{0} %needed for amssymbols.sty 633 | 634 | %% CHANGES ON NEXT LINES 635 | \if@ll% allow use of old-style font change commands in LaTeX2e 636 | \@maxdepth\maxdepth 637 | % 638 | \DeclareOldFontCommand{\rm}{\ninept\rmfamily}{\mathrm} 639 | \DeclareOldFontCommand{\sf}{\normalfont\sffamily}{\mathsf} 640 | \DeclareOldFontCommand{\tt}{\normalfont\ttfamily}{\mathtt} 641 | \DeclareOldFontCommand{\bf}{\normalfont\bfseries}{\mathbf} 642 | \DeclareOldFontCommand{\it}{\normalfont\itshape}{\mathit} 643 | \DeclareOldFontCommand{\sl}{\normalfont\slshape}{\@nomath\sl} 644 | \DeclareOldFontCommand{\sc}{\normalfont\scshape}{\@nomath\sc} 645 | \DeclareRobustCommand*{\cal}{\@fontswitch{\relax}{\mathcal}} 646 | \DeclareRobustCommand*{\mit}{\@fontswitch{\relax}{\mathnormal}} 647 | \fi 648 | % 649 | \if@ll 650 | \renewcommand{\rmdefault}{cmr} % was 'ttm' 651 | % Note! I have also found 'mvr' to work ESPECIALLY well. 652 | % Gerry - October 1999 653 | % You may need to change your LV1times.fd file so that sc is 654 | % mapped to cmcsc - -for smallcaps -- that is if you decide 655 | % to change {cmr} to {times} above. (Not recommended) 656 | \renewcommand{\@ptsize}{} 657 | \renewcommand{\normalsize}{% 658 | \@setfontsize\normalsize\@ixpt{10.5\p@}%\ninept% 659 | \abovedisplayskip 6\p@ \@plus2\p@ \@minus\p@ 660 | \belowdisplayskip \abovedisplayskip 661 | \abovedisplayshortskip 6\p@ \@minus 3\p@ 662 | \belowdisplayshortskip 6\p@ \@minus 3\p@ 663 | \let\@listi\@listI 664 | } 665 | \else 666 | \def\@normalsize{%changed next to 9 from 10 667 | \@setsize\normalsize{9\p@}\ixpt\@ixpt 668 | \abovedisplayskip 6\p@ \@plus2\p@ \@minus\p@ 669 | \belowdisplayskip \abovedisplayskip 670 | \abovedisplayshortskip 6\p@ \@minus 3\p@ 671 | \belowdisplayshortskip 6\p@ \@minus 3\p@ 672 | \let\@listi\@listI 673 | }% 674 | \fi 675 | \if@ll 676 | \newcommand\scriptsize{\@setfontsize\scriptsize\@viipt{8\p@}} 677 | \newcommand\tiny{\@setfontsize\tiny\@vpt{6\p@}} 678 | \newcommand\large{\@setfontsize\large\@xiipt{14\p@}} 679 | \newcommand\Large{\@setfontsize\Large\@xivpt{18\p@}} 680 | \newcommand\LARGE{\@setfontsize\LARGE\@xviipt{20\p@}} 681 | \newcommand\huge{\@setfontsize\huge\@xxpt{25\p@}} 682 | \newcommand\Huge{\@setfontsize\Huge\@xxvpt{30\p@}} 683 | \else 684 | \def\scriptsize{\@setsize\scriptsize{8\p@}\viipt\@viipt} 685 | \def\tiny{\@setsize\tiny{6\p@}\vpt\@vpt} 686 | \def\large{\@setsize\large{14\p@}\xiipt\@xiipt} 687 | \def\Large{\@setsize\Large{18\p@}\xivpt\@xivpt} 688 | \def\LARGE{\@setsize\LARGE{20\p@}\xviipt\@xviipt} 689 | \def\huge{\@setsize\huge{25\p@}\xxpt\@xxpt} 690 | \def\Huge{\@setsize\Huge{30\p@}\xxvpt\@xxvpt} 691 | \fi 692 | \normalsize 693 | 694 | % make aubox hsize/number of authors up to 3, less gutter 695 | % then showbox gutter showbox gutter showbox -- GKMT Aug 99 696 | \newbox\@acmtitlebox 697 | \def\@maketitle{\newpage 698 | \null 699 | \setbox\@acmtitlebox\vbox{% 700 | \baselineskip 20pt 701 | \vskip 2em % Vertical space above title. 702 | \begin{center} 703 | {\ttlfnt \@title\par} % Title set in 18pt Helvetica (Arial) bold size. 704 | \vskip 1.5em % Vertical space after title. 705 | %This should be the subtitle. 706 | {\subttlfnt \the\subtitletext\par}\vskip 1.25em%\fi 707 | {\baselineskip 16pt\aufnt % each author set in \12 pt Arial, in a 708 | \lineskip .5em % tabular environment 709 | \begin{tabular}[t]{c}\@author 710 | \end{tabular}\par} 711 | \vskip 1.5em % Vertical space after author. 712 | \end{center}} 713 | \dimen0=\ht\@acmtitlebox 714 | \advance\dimen0 by -12.75pc\relax % Increased space for title box -- KBT 715 | \unvbox\@acmtitlebox 716 | \ifdim\dimen0<0.0pt\relax\vskip-\dimen0\fi} 717 | 718 | 719 | \newcount\titlenotecount 720 | \global\titlenotecount=0 721 | \newtoks\tntoks 722 | \newtoks\tntokstwo 723 | \newtoks\tntoksthree 724 | \newtoks\tntoksfour 725 | \newtoks\tntoksfive 726 | 727 | \def\abstract{ 728 | \ifnum\titlenotecount>0 % was =1 729 | \insert\footins{% 730 | \reset@font\footnotesize 731 | \interlinepenalty\interfootnotelinepenalty 732 | \splittopskip\footnotesep 733 | \splitmaxdepth \dp\strutbox \floatingpenalty \@MM 734 | \hsize\columnwidth \@parboxrestore 735 | \protected@edef\@currentlabel{% 736 | }% 737 | \color@begingroup 738 | \ifnum\titlenotecount=1 739 | \@maketntext{% 740 | \raisebox{4pt}{$\ast$}\rule\z@\footnotesep\ignorespaces\the\tntoks\@finalstrut\strutbox}% 741 | \fi 742 | \ifnum\titlenotecount=2 743 | \@maketntext{% 744 | \raisebox{4pt}{$\ast$}\rule\z@\footnotesep\ignorespaces\the\tntoks\par\@finalstrut\strutbox}% 745 | \@maketntext{% 746 | \raisebox{4pt}{$\dagger$}\rule\z@\footnotesep\ignorespaces\the\tntokstwo\@finalstrut\strutbox}% 747 | \fi 748 | \ifnum\titlenotecount=3 749 | \@maketntext{% 750 | \raisebox{4pt}{$\ast$}\rule\z@\footnotesep\ignorespaces\the\tntoks\par\@finalstrut\strutbox}% 751 | \@maketntext{% 752 | \raisebox{4pt}{$\dagger$}\rule\z@\footnotesep\ignorespaces\the\tntokstwo\par\@finalstrut\strutbox}% 753 | \@maketntext{% 754 | \raisebox{4pt}{$\ddagger$}\rule\z@\footnotesep\ignorespaces\the\tntoksthree\@finalstrut\strutbox}% 755 | \fi 756 | \ifnum\titlenotecount=4 757 | \@maketntext{% 758 | \raisebox{4pt}{$\ast$}\rule\z@\footnotesep\ignorespaces\the\tntoks\par\@finalstrut\strutbox}% 759 | \@maketntext{% 760 | \raisebox{4pt}{$\dagger$}\rule\z@\footnotesep\ignorespaces\the\tntokstwo\par\@finalstrut\strutbox}% 761 | \@maketntext{% 762 | \raisebox{4pt}{$\ddagger$}\rule\z@\footnotesep\ignorespaces\the\tntoksthree\par\@finalstrut\strutbox}% 763 | \@maketntext{% 764 | \raisebox{4pt}{$\S$}\rule\z@\footnotesep\ignorespaces\the\tntoksfour\@finalstrut\strutbox}% 765 | \fi 766 | \ifnum\titlenotecount=5 767 | \@maketntext{% 768 | \raisebox{4pt}{$\ast$}\rule\z@\footnotesep\ignorespaces\the\tntoks\par\@finalstrut\strutbox}% 769 | \@maketntext{% 770 | \raisebox{4pt}{$\dagger$}\rule\z@\footnotesep\ignorespaces\the\tntokstwo\par\@finalstrut\strutbox}% 771 | \@maketntext{% 772 | \raisebox{4pt}{$\ddagger$}\rule\z@\footnotesep\ignorespaces\the\tntoksthree\par\@finalstrut\strutbox}% 773 | \@maketntext{% 774 | \raisebox{4pt}{$\S$}\rule\z@\footnotesep\ignorespaces\the\tntoksfour\par\@finalstrut\strutbox}% 775 | \@maketntext{% 776 | \raisebox{4pt}{$\P$}\rule\z@\footnotesep\ignorespaces\the\tntoksfive\@finalstrut\strutbox}% 777 | \fi 778 | \color@endgroup} %g} 779 | \fi 780 | \setcounter{footnote}{0} 781 | \section*{ABSTRACT}\normalsize %\the\parskip \the\baselineskip%\ninept 782 | } 783 | 784 | \def\endabstract{\if@twocolumn\else\endquotation\fi} 785 | 786 | \def\keywords{\if@twocolumn 787 | \section*{Keywords} 788 | \else \small 789 | \quotation 790 | \fi} 791 | 792 | % I've pulled the check for 2 cols, since proceedings are _always_ 793 | % two-column 11 Jan 2000 gkmt 794 | \def\terms{%\if@twocolumn 795 | \section*{General Terms} 796 | %\else \small 797 | %\quotation\the\parskip 798 | %\fi} 799 | } 800 | 801 | % -- Classification needs to be a bit smart due to optionals - Gerry/Georgia November 2nd. 1999 802 | \newcount\catcount 803 | \global\catcount=1 804 | 805 | \def\category#1#2#3{% 806 | \ifnum\catcount=1 807 | \section*{Categories and Subject Descriptors} 808 | \advance\catcount by 1\else{\unskip; }\fi 809 | \@ifnextchar [{\@category{#1}{#2}{#3}}{\@category{#1}{#2}{#3}[]}% 810 | } 811 | 812 | \def\@category#1#2#3[#4]{% 813 | \begingroup 814 | \let\and\relax 815 | #1 [\textbf{#2}]% 816 | \if!#4!% 817 | \if!#3!\else : #3\fi 818 | \else 819 | :\space 820 | \if!#3!\else #3\kern\z@---\hskip\z@\fi 821 | \textit{#4}% 822 | \fi 823 | \endgroup 824 | } 825 | % 826 | 827 | %%% This section (written by KBT) handles the 1" box in the lower left 828 | %%% corner of the left column of the first page by creating a picture, 829 | %%% and inserting the predefined string at the bottom (with a negative 830 | %%% displacement to offset the space allocated for a non-existent 831 | %%% caption). 832 | %%% 833 | \newtoks\copyrightnotice 834 | \def\ftype@copyrightbox{8} 835 | \def\@copyrightspace{ 836 | \@float{copyrightbox}[b] 837 | \begin{center} 838 | \setlength{\unitlength}{1pc} 839 | \begin{picture}(20,6) %Space for copyright notice 840 | \put(0,-0.95){\crnotice{\@toappear}} 841 | \end{picture} 842 | \end{center} 843 | \end@float} 844 | 845 | \def\@toappear{} % Default setting blank - commands below change this. 846 | \long\def\toappear#1{\def\@toappear{\parbox[b]{20pc}{\baselineskip 9pt#1}}} 847 | \def\toappearbox#1{\def\@toappear{\raisebox{5pt}{\framebox[20pc]{\parbox[b]{19pc}{#1}}}}} 848 | 849 | \newtoks\conf 850 | \newtoks\confinfo 851 | \def\conferenceinfo#1#2{\global\conf={#1}\global\confinfo{#2}} 852 | 853 | 854 | %\def\marginpar{\@latexerr{The \marginpar command is not allowed in the 855 | % `acmconf' document style.}\@eha} 856 | 857 | \def\marginpar{\ClassError{% 858 | \string\marginpar\space is not allowed in the `acmconf' document % January 2008 859 | style}\@eha} 860 | 861 | \mark{{}{}} % Initializes TeX's marks 862 | 863 | \def\today{\ifcase\month\or 864 | January\or February\or March\or April\or May\or June\or 865 | July\or August\or September\or October\or November\or December\fi 866 | \space\number\day, \number\year} 867 | 868 | \def\@begintheorem#1#2{% 869 | \trivlist 870 | \item[% 871 | \hskip 10\p@ 872 | \hskip \labelsep 873 | {{\sc #1}\hskip 5\p@\relax#2.}% 874 | ] 875 | \it 876 | } 877 | \def\@opargbegintheorem#1#2#3{% 878 | \trivlist 879 | \item[% 880 | \hskip 10\p@ 881 | \hskip \labelsep 882 | {\sc #1\ #2\ % This mod by Gerry to enumerate corollaries 883 | \setbox\@tempboxa\hbox{(#3)} % and bracket the 'corollary title' 884 | \ifdim \wd\@tempboxa>\z@ % and retain the correct numbering of e.g. theorems 885 | \hskip 5\p@\relax % if they occur 'around' said corollaries. 886 | \box\@tempboxa % Gerry - Nov. 1999. 887 | \fi.}% 888 | ] 889 | \it 890 | } 891 | \newif\if@qeded 892 | \global\@qededfalse 893 | 894 | % -- original 895 | %\def\proof{% 896 | % \vspace{-\parskip} % GM July 2000 (for tighter spacing) 897 | % \global\@qededfalse 898 | % \@ifnextchar[{\@xproof}{\@proof}% 899 | %} 900 | % -- end of original 901 | 902 | % (JSS) Fix for vertical spacing bug - Gerry Murray July 30th. 2002 903 | \def\proof{% 904 | \vspace{-\lastskip}\vspace{-\parsep}\penalty-51% 905 | \global\@qededfalse 906 | \@ifnextchar[{\@xproof}{\@proof}% 907 | } 908 | 909 | \def\endproof{% 910 | \if@qeded\else\qed\fi 911 | \endtrivlist 912 | } 913 | \def\@proof{% 914 | \trivlist 915 | \item[% 916 | \hskip 10\p@ 917 | \hskip \labelsep 918 | {\sc Proof.}% 919 | ] 920 | \ignorespaces 921 | } 922 | \def\@xproof[#1]{% 923 | \trivlist 924 | \item[\hskip 10\p@\hskip \labelsep{\sc Proof #1.}]% 925 | \ignorespaces 926 | } 927 | \def\qed{% 928 | \unskip 929 | \kern 10\p@ 930 | \begingroup 931 | \unitlength\p@ 932 | \linethickness{.4\p@}% 933 | \framebox(6,6){}% 934 | \endgroup 935 | \global\@qededtrue 936 | } 937 | 938 | \def\newdef#1#2{% 939 | \expandafter\@ifdefinable\csname #1\endcsname 940 | {\@definecounter{#1}% 941 | \expandafter\xdef\csname the#1\endcsname{\@thmcounter{#1}}% 942 | \global\@namedef{#1}{\@defthm{#1}{#2}}% 943 | \global\@namedef{end#1}{\@endtheorem}% 944 | }% 945 | } 946 | \def\@defthm#1#2{% 947 | \refstepcounter{#1}% 948 | \@ifnextchar[{\@ydefthm{#1}{#2}}{\@xdefthm{#1}{#2}}% 949 | } 950 | \def\@xdefthm#1#2{% 951 | \@begindef{#2}{\csname the#1\endcsname}% 952 | \ignorespaces 953 | } 954 | \def\@ydefthm#1#2[#3]{% 955 | \trivlist 956 | \item[% 957 | \hskip 10\p@ 958 | \hskip \labelsep 959 | {\it #2% 960 | % \savebox\@tempboxa{#3}% 961 | \saveb@x\@tempboxa{#3}% % January 2008 962 | \ifdim \wd\@tempboxa>\z@ 963 | \ \box\@tempboxa 964 | \fi.% 965 | }]% 966 | \ignorespaces 967 | } 968 | \def\@begindef#1#2{% 969 | \trivlist 970 | \item[% 971 | \hskip 10\p@ 972 | \hskip \labelsep 973 | {\it #1\ \rm #2.}% 974 | ]% 975 | } 976 | \def\theequation{\arabic{equation}} 977 | 978 | \newcounter{part} 979 | \newcounter{section} 980 | \newcounter{subsection}[section] 981 | \newcounter{subsubsection}[subsection] 982 | \newcounter{paragraph}[subsubsection] 983 | \def\thepart{\Roman{part}} 984 | \def\thesection{\arabic{section}} 985 | \def\thesubsection{\thesection.\arabic{subsection}} 986 | \def\thesubsubsection{\thesubsection.\arabic{subsubsection}} %removed \subsecfnt 29 July 2002 gkmt 987 | \def\theparagraph{\thesubsubsection.\arabic{paragraph}} %removed \subsecfnt 29 July 2002 gkmt 988 | 989 | \newif\if@uchead 990 | \@ucheadfalse 991 | 992 | %% CHANGES: NEW NOTE 993 | %% NOTE: OK to use old-style font commands below, since they were 994 | %% suitably redefined for LaTeX2e 995 | %% END CHANGES 996 | \setcounter{secnumdepth}{3} 997 | \def\part{% 998 | \@startsection{part}{9}{\z@}{-10\p@ \@plus -4\p@ \@minus -2\p@} 999 | {4\p@}{\normalsize\@ucheadtrue}% 1000 | } 1001 | 1002 | % Rationale for changes made in next four definitions: 1003 | % "Before skip" is made elastic to provide some give in setting columns (vs. 1004 | % parskip, which is non-elastic to keep section headers "anchored" to their 1005 | % subsequent text. 1006 | % 1007 | % "After skip" is minimized -- BUT setting it to 0pt resulted in run-in heads, despite 1008 | % the documentation asserted only after-skip < 0pt would have result. 1009 | % 1010 | % Baselineskip added to style to ensure multi-line section titles, and section heads 1011 | % followed by another section head rather than text, are decently spaced vertically. 1012 | % 12 Jan 2000 gkmt 1013 | \def\section{% 1014 | \@startsection{section}{1}{\z@}{-10\p@ \@plus -4\p@ \@minus -2\p@}% 1015 | {0.5pt}{\baselineskip=14pt\secfnt\@ucheadtrue}% 1016 | } 1017 | 1018 | \def\subsection{% 1019 | \@startsection{subsection}{2}{\z@}{-10\p@ \@plus -4\p@ \@minus -2\p@} 1020 | {0.5pt}{\baselineskip=14pt\secfnt}% 1021 | } 1022 | \def\subsubsection{% 1023 | \@startsection{subsubsection}{3}{\z@}{-10\p@ \@plus -4\p@ \@minus -2\p@}% 1024 | {0.5pt}{\baselineskip=14pt\subsecfnt}% 1025 | } 1026 | 1027 | %\def\paragraph{% 1028 | % \vskip 12pt\@startsection{paragraph}{3}{\z@}{6\p@ \@plus \p@}% original 1029 | % {-5\p@}{\subsecfnt}% 1030 | %} 1031 | % If one wants sections, subsections and subsubsections numbered, 1032 | % but not paragraphs, one usually sets secnumepth to 3. 1033 | % For that, the "depth" of paragraphs must be given correctly 1034 | % in the definition (``4'' instead of ``3'' as second argument 1035 | % of @startsection): 1036 | \def\paragraph{% 1037 | \vskip 12pt\@startsection{paragraph}{4}{\z@}{6\p@ \@plus \p@}% % GM and Wolfgang May - 11/30/06 1038 | {-5\p@}{\subsecfnt}% 1039 | } 1040 | 1041 | \let\@period=. 1042 | \def\@startsection#1#2#3#4#5#6{% 1043 | \if@noskipsec %gkmt, 11 aug 99 1044 | \global\let\@period\@empty 1045 | \leavevmode 1046 | \global\let\@period.% 1047 | \fi 1048 | \par 1049 | \@tempskipa #4\relax 1050 | \@afterindenttrue 1051 | \ifdim \@tempskipa <\z@ 1052 | \@tempskipa -\@tempskipa 1053 | \@afterindentfalse 1054 | \fi 1055 | %\if@nobreak 11 Jan 00 gkmt 1056 | %\everypar{} 1057 | %\else 1058 | \addpenalty\@secpenalty 1059 | \addvspace\@tempskipa 1060 | %\fi 1061 | \parskip=0pt 1062 | \@ifstar 1063 | {\@ssect{#3}{#4}{#5}{#6}} 1064 | {\@dblarg{\@sect{#1}{#2}{#3}{#4}{#5}{#6}}}% 1065 | } 1066 | 1067 | 1068 | \def\@ssect#1#2#3#4#5{% 1069 | \@tempskipa #3\relax 1070 | \ifdim \@tempskipa>\z@ 1071 | \begingroup 1072 | #4{% 1073 | \@hangfrom{\hskip #1}% 1074 | \interlinepenalty \@M #5\@@par}% 1075 | \endgroup 1076 | \else 1077 | \def\@svsechd{#4{\hskip #1\relax #5}}% 1078 | \fi 1079 | \vskip -10.5pt %gkmt, 7 jan 00 -- had been -14pt, now set to parskip 1080 | \@xsect{#3}\parskip=10.5pt} % within the starred section, parskip = leading 12 Jan 2000 gkmt 1081 | 1082 | 1083 | \def\@sect#1#2#3#4#5#6[#7]#8{% 1084 | \ifnum #2>\c@secnumdepth 1085 | \let\@svsec\@empty 1086 | \else 1087 | \refstepcounter{#1}% 1088 | \edef\@svsec{% 1089 | \begingroup 1090 | %\ifnum#2>2 \noexpand\rm \fi % changed to next 29 July 2002 gkmt 1091 | \ifnum#2>2 \noexpand#6 \fi 1092 | \csname the#1\endcsname 1093 | \endgroup 1094 | \ifnum #2=1\relax .\fi 1095 | \hskip 1em 1096 | }% 1097 | \fi 1098 | \@tempskipa #5\relax 1099 | \ifdim \@tempskipa>\z@ 1100 | \begingroup 1101 | #6\relax 1102 | \@hangfrom{\hskip #3\relax\@svsec}% 1103 | \begingroup 1104 | \interlinepenalty \@M 1105 | \if@uchead 1106 | \uppercase{#8}% 1107 | \else 1108 | #8% 1109 | \fi 1110 | \par 1111 | \endgroup 1112 | \endgroup 1113 | \csname #1mark\endcsname{#7}% 1114 | \vskip -10.5pt % -14pt gkmt, 11 aug 99 -- changed to -\parskip 11 Jan 2000 1115 | \addcontentsline{toc}{#1}{% 1116 | \ifnum #2>\c@secnumdepth \else 1117 | \protect\numberline{\csname the#1\endcsname}% 1118 | \fi 1119 | #7% 1120 | }% 1121 | \else 1122 | \def\@svsechd{% 1123 | #6% 1124 | \hskip #3\relax 1125 | \@svsec 1126 | \if@uchead 1127 | \uppercase{#8}% 1128 | \else 1129 | #8% 1130 | \fi 1131 | \csname #1mark\endcsname{#7}% 1132 | \addcontentsline{toc}{#1}{% 1133 | \ifnum #2>\c@secnumdepth \else 1134 | \protect\numberline{\csname the#1\endcsname}% 1135 | \fi 1136 | #7% 1137 | }% 1138 | }% 1139 | \fi 1140 | \@xsect{#5}\parskip=10.5pt% within the section, parskip = leading 12 Jan 2000 gkmt 1141 | } 1142 | \def\@xsect#1{% 1143 | \@tempskipa #1\relax 1144 | \ifdim \@tempskipa>\z@ 1145 | \par 1146 | \nobreak 1147 | \vskip \@tempskipa 1148 | \@afterheading 1149 | \else 1150 | \global\@nobreakfalse 1151 | \global\@noskipsectrue 1152 | \everypar{% 1153 | \if@noskipsec 1154 | \global\@noskipsecfalse 1155 | \clubpenalty\@M 1156 | \hskip -\parindent 1157 | \begingroup 1158 | \@svsechd 1159 | \@period 1160 | \endgroup 1161 | \unskip 1162 | \@tempskipa #1\relax 1163 | \hskip -\@tempskipa 1164 | \else 1165 | \clubpenalty \@clubpenalty 1166 | \everypar{}% 1167 | \fi 1168 | }% 1169 | \fi 1170 | \ignorespaces 1171 | } 1172 | 1173 | \def\@trivlist{% 1174 | \@topsepadd\topsep 1175 | \if@noskipsec 1176 | \global\let\@period\@empty 1177 | \leavevmode 1178 | \global\let\@period.% 1179 | \fi 1180 | \ifvmode 1181 | \advance\@topsepadd\partopsep 1182 | \else 1183 | \unskip 1184 | \par 1185 | \fi 1186 | \if@inlabel 1187 | \@noparitemtrue 1188 | \@noparlisttrue 1189 | \else 1190 | \@noparlistfalse 1191 | \@topsep\@topsepadd 1192 | \fi 1193 | \advance\@topsep \parskip 1194 | \leftskip\z@skip 1195 | \rightskip\@rightskip 1196 | \parfillskip\@flushglue 1197 | \@setpar{\if@newlist\else{\@@par}\fi} 1198 | \global\@newlisttrue 1199 | \@outerparskip\parskip 1200 | } 1201 | 1202 | %%% Actually, 'abbrev' works just fine as the default - Gerry Feb. 2000 1203 | %%% Bibliography style. 1204 | 1205 | \parindent 0pt 1206 | \typeout{Using 'Abbrev' bibliography style} 1207 | \newcommand\bibyear[2]{% 1208 | \unskip\quad\ignorespaces#1\unskip 1209 | \if#2..\quad \else \quad#2 \fi 1210 | } 1211 | \newcommand{\bibemph}[1]{{\em#1}} 1212 | \newcommand{\bibemphic}[1]{{\em#1\/}} 1213 | \newcommand{\bibsc}[1]{{\sc#1}} 1214 | \def\@normalcite{% 1215 | \def\@cite##1##2{[##1\if@tempswa , ##2\fi]}% 1216 | } 1217 | \def\@citeNB{% 1218 | \def\@cite##1##2{##1\if@tempswa , ##2\fi}% 1219 | } 1220 | \def\@citeRB{% 1221 | \def\@cite##1##2{##1\if@tempswa , ##2\fi]}% 1222 | } 1223 | \def\start@cite#1#2{% 1224 | \edef\citeauthoryear##1##2##3{% 1225 | ###1% 1226 | \ifnum#2=\z@ \else\ ###2\fi 1227 | }% 1228 | \ifnum#1=\thr@@ 1229 | \let\@@cite\@citeyear 1230 | \else 1231 | \let\@@cite\@citenormal 1232 | \fi 1233 | \@ifstar{\@citeNB\@@cite}{\@normalcite\@@cite}% 1234 | } 1235 | %\def\cite{\start@cite23} 1236 | \DeclareRobustCommand\cite{\start@cite23} % January 2008 1237 | \def\citeNP{\cite*} % No Parentheses e.g. 5 1238 | %\def\citeA{\start@cite10} 1239 | \DeclareRobustCommand\citeA{\start@cite10} % January 2008 1240 | \def\citeANP{\citeA*} 1241 | %\def\shortcite{\start@cite23} 1242 | \DeclareRobustCommand\shortcite{\start@cite23} % January 2008 1243 | \def\shortciteNP{\shortcite*} 1244 | %\def\shortciteA{\start@cite20} 1245 | \DeclareRobustCommand\shortciteA{\start@cite20} % January 2008 1246 | \def\shortciteANP{\shortciteA*} 1247 | %\def\citeyear{\start@cite30} 1248 | \DeclareRobustCommand\citeyear{\start@cite30} % January 2008 1249 | \def\citeyearNP{\citeyear*} 1250 | %\def\citeN{% 1251 | \DeclareRobustCommand\citeN{% % January 2008 1252 | \@citeRB 1253 | \def\citeauthoryear##1##2##3{##1\ [##3% 1254 | \def\reserved@a{##1}% 1255 | \def\citeauthoryear####1####2####3{% 1256 | \def\reserved@b{####1}% 1257 | \ifx\reserved@a\reserved@b 1258 | ####3% 1259 | \else 1260 | \errmessage{Package acmart Error: author mismatch 1261 | in \string\citeN^^J^^J% 1262 | See the acmart package documentation for explanation}% 1263 | \fi 1264 | }% 1265 | }% 1266 | \@ifstar\@citeyear\@citeyear 1267 | } 1268 | %\def\shortciteN{% 1269 | \DeclareRobustCommand\shortciteN{% % January 2008 1270 | \@citeRB 1271 | \def\citeauthoryear##1##2##3{##2\ [##3% 1272 | \def\reserved@a{##2}% 1273 | \def\citeauthoryear####1####2####3{% 1274 | \def\reserved@b{####2}% 1275 | \ifx\reserved@a\reserved@b 1276 | ####3% 1277 | \else 1278 | \errmessage{Package acmart Error: author mismatch 1279 | in \string\shortciteN^^J^^J% 1280 | See the acmart package documentation for explanation}% 1281 | \fi 1282 | }% 1283 | }% 1284 | \@ifstar\@citeyear\@citeyear % changed from "\@ifstart" 12 Jan 2000 gkmt 1285 | } 1286 | 1287 | \def\@citenormal{% 1288 | \@ifnextchar [{\@tempswatrue\@citex;}% 1289 | % original {\@tempswafalse\@citex,[]}% was ; Gerry 2/24/00 1290 | {\@tempswafalse\@citex[]}% % GERRY FIX FOR BABEL 3/20/2009 1291 | } 1292 | 1293 | \def\@citeyear{% 1294 | \@ifnextchar [{\@tempswatrue\@citex,}% 1295 | % original {\@tempswafalse\@citex,[]}% 1296 | {\@tempswafalse\@citex[]}% % GERRY FIX FOR BABEL 3/20/2009 1297 | } 1298 | 1299 | \def\@citex#1[#2]#3{% 1300 | \let\@citea\@empty 1301 | \@cite{% 1302 | \@for\@citeb:=#3\do{% 1303 | \@citea 1304 | % original \def\@citea{#1 }% 1305 | \def\@citea{#1, }% % GERRY FIX FOR BABEL 3/20/2009 -- SO THAT YOU GET [1, 2] IN THE BODY TEXT 1306 | \edef\@citeb{\expandafter\@iden\@citeb}% 1307 | \if@filesw 1308 | \immediate\write\@auxout{\string\citation{\@citeb}}% 1309 | \fi 1310 | \@ifundefined{b@\@citeb}{% 1311 | {\bf ?}% 1312 | \@warning{% 1313 | Citation `\@citeb' on page \thepage\space undefined% 1314 | }% 1315 | }% 1316 | {\csname b@\@citeb\endcsname}% 1317 | }% 1318 | }{#2}% 1319 | } 1320 | %\let\@biblabel\@gobble % Dec. 2008 - Gerry 1321 | % ---- 1322 | \def\@biblabelnum#1{[#1]} % Gerry's solution #1 - for Natbib 1323 | \let\@biblabel=\@biblabelnum % Gerry's solution #1 - for Natbib 1324 | \def\newblock{\relax} % Gerry Dec. 2008 1325 | % --- 1326 | \newdimen\bibindent 1327 | \setcounter{enumi}{1} 1328 | \bibindent=0em 1329 | \def\thebibliography#1{% 1330 | \ifnum\addauflag=0\addauthorsection\global\addauflag=1\fi 1331 | \section[References]{% <=== OPTIONAL ARGUMENT ADDED HERE 1332 | {References} % was uppercased but this affects pdf bookmarks (SP/GM October 2004) 1333 | \@mkboth{{\refname}}{{\refname}}% 1334 | }% 1335 | \list{[\arabic{enumi}]}{% 1336 | \settowidth\labelwidth{[#1]}% 1337 | \leftmargin\labelwidth 1338 | \advance\leftmargin\labelsep 1339 | \advance\leftmargin\bibindent 1340 | \parsep=0pt\itemsep=1pt % GM July 2000 1341 | \itemindent -\bibindent 1342 | \listparindent \itemindent 1343 | \usecounter{enumi} 1344 | }% 1345 | \let\newblock\@empty 1346 | \raggedright % GM July 2000 1347 | \sloppy 1348 | \sfcode`\.=1000\relax 1349 | } 1350 | 1351 | 1352 | \gdef\balancecolumns 1353 | {\vfill\eject 1354 | \global\@colht=\textheight 1355 | \global\ht\@cclv=\textheight 1356 | } 1357 | 1358 | \newcount\colcntr 1359 | \global\colcntr=0 1360 | %\newbox\savebox 1361 | \newbox\saveb@x % January 2008 1362 | 1363 | \gdef \@makecol {% 1364 | \global\advance\colcntr by 1 1365 | \ifnum\colcntr>2 \global\colcntr=1\fi 1366 | \ifvoid\footins 1367 | \setbox\@outputbox \box\@cclv 1368 | \else 1369 | \setbox\@outputbox \vbox{% 1370 | \boxmaxdepth \@maxdepth 1371 | \@tempdima\dp\@cclv 1372 | \unvbox \@cclv 1373 | \vskip-\@tempdima 1374 | \vskip \skip\footins 1375 | \color@begingroup 1376 | \normalcolor 1377 | \footnoterule 1378 | \unvbox \footins 1379 | \color@endgroup 1380 | }% 1381 | \fi 1382 | \xdef\@freelist{\@freelist\@midlist}% 1383 | \global \let \@midlist \@empty 1384 | \@combinefloats 1385 | \ifvbox\@kludgeins 1386 | \@makespecialcolbox 1387 | \else 1388 | \setbox\@outputbox \vbox to\@colht {% 1389 | \@texttop 1390 | \dimen@ \dp\@outputbox 1391 | \unvbox \@outputbox 1392 | \vskip -\dimen@ 1393 | \@textbottom 1394 | }% 1395 | \fi 1396 | \global \maxdepth \@maxdepth 1397 | } 1398 | \def\titlenote{\@ifnextchar[\@xtitlenote{\stepcounter\@mpfn 1399 | \global\advance\titlenotecount by 1 1400 | \ifnum\titlenotecount=1 1401 | \raisebox{9pt}{$\ast$} 1402 | \fi 1403 | \ifnum\titlenotecount=2 1404 | \raisebox{9pt}{$\dagger$} 1405 | \fi 1406 | \ifnum\titlenotecount=3 1407 | \raisebox{9pt}{$\ddagger$} 1408 | \fi 1409 | \ifnum\titlenotecount=4 1410 | \raisebox{9pt}{$\S$} 1411 | \fi 1412 | \ifnum\titlenotecount=5 1413 | \raisebox{9pt}{$\P$} 1414 | \fi 1415 | \@titlenotetext 1416 | }} 1417 | 1418 | \long\def\@titlenotetext#1{\insert\footins{% 1419 | \ifnum\titlenotecount=1\global\tntoks={#1}\fi 1420 | \ifnum\titlenotecount=2\global\tntokstwo={#1}\fi 1421 | \ifnum\titlenotecount=3\global\tntoksthree={#1}\fi 1422 | \ifnum\titlenotecount=4\global\tntoksfour={#1}\fi 1423 | \ifnum\titlenotecount=5\global\tntoksfive={#1}\fi 1424 | \reset@font\footnotesize 1425 | \interlinepenalty\interfootnotelinepenalty 1426 | \splittopskip\footnotesep 1427 | \splitmaxdepth \dp\strutbox \floatingpenalty \@MM 1428 | \hsize\columnwidth \@parboxrestore 1429 | \protected@edef\@currentlabel{% 1430 | }% 1431 | \color@begingroup 1432 | \color@endgroup}} 1433 | 1434 | %%%%%%%%%%%%%%%%%%%%%%%%% 1435 | \ps@plain 1436 | \baselineskip=11pt 1437 | \let\thepage\relax % For NO page numbers - Gerry Nov. 30th. 1999 1438 | \def\setpagenumber#1{\global\setcounter{page}{#1}} 1439 | %\pagenumbering{arabic} % Arabic page numbers but commented out for NO page numbes - Gerry Nov. 30th. 1999 1440 | \twocolumn % Double column. 1441 | \flushbottom % Even bottom -- alas, does not balance columns at end of document 1442 | \pagestyle{plain} 1443 | 1444 | % Need Copyright Year and Copyright Data to be user definable (in .tex file). 1445 | % Gerry Nov. 30th. 1999 1446 | \newtoks\copyrtyr 1447 | \newtoks\acmcopyr 1448 | \newtoks\boilerplate 1449 | \def\CopyrightYear#1{\global\copyrtyr{#1}} 1450 | \def\crdata#1{\global\acmcopyr{#1}} 1451 | \def\permission#1{\global\boilerplate{#1}} 1452 | % 1453 | \newtoks\copyrightetc 1454 | \global\copyrightetc{\ } % Need to have 'something' so that adequate space is left for pasting in a line if "confinfo" is supplied. 1455 | 1456 | \toappear{\the\boilerplate\par 1457 | {\confname{\the\conf}} \the\confinfo\par \the\copyrightetc} 1458 | % End of ACM_PROC_ARTICLE-SP.CLS -- V3.2SP - 04/22/2009 -- 1459 | % Gerry Murray -- Wednesday April 22nd. 2009 1460 | % 1461 | % The following section (i.e. 3 .sty inclusions) was added in May 2007 so as to fix the problems that many 1462 | % authors were having with accents. Sometimes accents would occur, but the letter-character would be of a different 1463 | % font. Conversely the letter-character font would be correct but, e.g. a 'bar' would appear superimposed on the 1464 | % character instead of, say, an unlaut/diaresis. Sometimes the letter-character would NOT appear at all. 1465 | % Using [T1]{fontenc} outright was not an option as this caused 99% of the authors to 'produce' a Type-3 (bitmapped) 1466 | % PDF file - useless for production. 1467 | % 1468 | % For proper (font) accenting we NEED these packages to be part of the .cls file i.e. 'ae', 'aecompl' and 'aeguil' 1469 | % ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1470 | %% This is file `ae.sty' 1471 | \def\fileversion{1.3} 1472 | \def\filedate{2001/02/12} 1473 | \NeedsTeXFormat{LaTeX2e} 1474 | %\ProvidesPackage{ae}[\filedate\space\fileversion\space % GM 1475 | % Almost European Computer Modern] % GM - keeping the log file clean(er) 1476 | \newif\if@ae@slides \@ae@slidesfalse 1477 | \DeclareOption{slides}{\@ae@slidestrue} 1478 | \ProcessOptions 1479 | \fontfamily{aer} 1480 | \RequirePackage[T1]{fontenc} 1481 | \if@ae@slides 1482 | \renewcommand{\sfdefault}{laess} 1483 | \renewcommand{\rmdefault}{laess} % no roman 1484 | \renewcommand{\ttdefault}{laett} 1485 | \else 1486 | \renewcommand{\sfdefault}{aess} 1487 | \renewcommand{\rmdefault}{aer} 1488 | \renewcommand{\ttdefault}{aett} 1489 | \fi 1490 | \endinput 1491 | %% 1492 | %% End of file `ae.sty'. 1493 | % 1494 | % 1495 | \def\fileversion{0.9} 1496 | \def\filedate{1998/07/23} 1497 | \NeedsTeXFormat{LaTeX2e} 1498 | %\ProvidesPackage{aecompl}[\filedate\space\fileversion\space % GM 1499 | %T1 Complements for AE fonts (D. Roegel)] % GM -- keeping the log file clean(er) 1500 | 1501 | \def\@ae@compl#1{{\fontencoding{T1}\fontfamily{cmr}\selectfont\symbol{#1}}} 1502 | \def\guillemotleft{\@ae@compl{19}} 1503 | \def\guillemotright{\@ae@compl{20}} 1504 | \def\guilsinglleft{\@ae@compl{14}} 1505 | \def\guilsinglright{\@ae@compl{15}} 1506 | \def\TH{\@ae@compl{222}} 1507 | \def\NG{\@ae@compl{141}} 1508 | \def\ng{\@ae@compl{173}} 1509 | \def\th{\@ae@compl{254}} 1510 | \def\DJ{\@ae@compl{208}} 1511 | \def\dj{\@ae@compl{158}} 1512 | \def\DH{\@ae@compl{208}} 1513 | \def\dh{\@ae@compl{240}} 1514 | \def\@perthousandzero{\@ae@compl{24}} 1515 | \def\textperthousand{\%\@perthousandzero} 1516 | \def\textpertenthousand{\%\@perthousandzero\@perthousandzero} 1517 | \endinput 1518 | % 1519 | % 1520 | %% This is file `aeguill.sty' 1521 | % This file gives french guillemets (and not guillemots!) 1522 | % built with the Polish CMR fonts (default), WNCYR fonts, the LASY fonts 1523 | % or with the EC fonts. 1524 | % This is useful in conjunction with the ae package 1525 | % (this package loads the ae package in case it has not been loaded) 1526 | % and with or without the french(le) package. 1527 | % 1528 | % In order to get the guillemets, it is necessary to either type 1529 | % \guillemotleft and \guillemotright, or to use an 8 bit encoding 1530 | % (such as ISO-Latin1) which selects these two commands, 1531 | % or, if you use the french package (but not the frenchle package), 1532 | % to type << or >>. 1533 | % 1534 | % By default, you get the Polish CMR guillemets; if this package is loaded 1535 | % with the `cm' option, you get the LASY guillemets; with `ec,' you 1536 | % get the EC guillemets, and with `cyr,' you get the cyrillic guillemets. 1537 | % 1538 | % In verbatim mode, you always get the EC/TT guillemets. 1539 | % 1540 | % The default option is interesting in conjunction with PDF, 1541 | % because there is a Type 1 version of the Polish CMR fonts 1542 | % and these guillemets are very close in shape to the EC guillemets. 1543 | % There are no free Type 1 versions of the EC fonts. 1544 | % 1545 | % Support for Polish CMR guillemets was kindly provided by 1546 | % Rolf Niepraschk in version 0.99 (2000/05/22). 1547 | % Bernd Raichle provided extensive simplifications to the code 1548 | % for version 1.00. 1549 | % 1550 | % This package is released under the LPPL. 1551 | % 1552 | % Changes: 1553 | % Date version 1554 | % 2001/04/12 1.01 the frenchle and french package are now distinguished. 1555 | % 1556 | \def\fileversion{1.01} 1557 | \def\filedate{2001/04/12} 1558 | \NeedsTeXFormat{LaTeX2e} 1559 | %\ProvidesPackage{aeguill}[2001/04/12 1.01 % % GM 1560 | %AE fonts with french guillemets (D. Roegel)] % GM - keeping the log file clean(er) 1561 | %\RequirePackage{ae} % GM May 2007 - already embedded here 1562 | 1563 | \newcommand{\@ae@switch}[4]{#4} 1564 | \DeclareOption{ec}{\renewcommand\@ae@switch[4]{#1}} 1565 | \DeclareOption{cm}{\renewcommand\@ae@switch[4]{#2}} 1566 | \DeclareOption{cyr}{\renewcommand\@ae@switch[4]{#3}} 1567 | \DeclareOption{pl}{\renewcommand\@ae@switch[4]{#4}} 1568 | \ExecuteOptions{pl} 1569 | \ProcessOptions 1570 | 1571 | % 1572 | % Load necessary packages 1573 | % 1574 | \@ae@switch{% ec 1575 | % do nothing 1576 | }{% cm 1577 | \RequirePackage{latexsym}% GM - May 2007 - already 'mentioned as required' up above 1578 | }{% cyr 1579 | \RequirePackage[OT2,T1]{fontenc}% 1580 | }{% pl 1581 | \RequirePackage[OT4,T1]{fontenc}% 1582 | } 1583 | 1584 | % The following command will be compared to \frenchname, 1585 | % as defined in french.sty and frenchle.sty. 1586 | \def\aeguillfrenchdefault{french}% 1587 | 1588 | \let\guill@verbatim@font\verbatim@font 1589 | \def\verbatim@font{\guill@verbatim@font\ecguills{cmtt}% 1590 | \let\guillemotleft\@oguills\let\guillemotright\@fguills} 1591 | 1592 | \begingroup \catcode`\<=13 \catcode`\>=13 1593 | \def\x{\endgroup 1594 | \def\ae@lfguill{<<}% 1595 | \def\ae@rfguill{>>}% 1596 | }\x 1597 | 1598 | \newcommand{\ecguills}[1]{% 1599 | \def\selectguillfont{\fontencoding{T1}\fontfamily{#1}\selectfont}% 1600 | \def\@oguills{{\selectguillfont\symbol{19}}}% 1601 | \def\@fguills{{\selectguillfont\symbol{20}}}% 1602 | } 1603 | 1604 | \newcommand{\aeguills}{% 1605 | \ae@guills 1606 | % We redefine \guillemotleft and \guillemotright 1607 | % in order to catch them when they are used 1608 | % with \DeclareInputText (in latin1.def for instance) 1609 | % We use \auxWARNINGi as a safe indicator that french.sty is used. 1610 | \gdef\guillemotleft{\ifx\auxWARNINGi\undefined 1611 | \@oguills % neither french.sty nor frenchle.sty 1612 | \else 1613 | \ifx\aeguillfrenchdefault\frenchname 1614 | \ae@lfguill % french.sty 1615 | \else 1616 | \@oguills % frenchle.sty 1617 | \fi 1618 | \fi}% 1619 | \gdef\guillemotright{\ifx\auxWARNINGi\undefined 1620 | \@fguills % neither french.sty nor frenchle.sty 1621 | \else 1622 | \ifx\aeguillfrenchdefault\frenchname 1623 | \ae@rfguill % french.sty 1624 | \else 1625 | \@fguills % frenchle.sty 1626 | \fi 1627 | \fi}% 1628 | } 1629 | 1630 | % 1631 | % Depending on the class option 1632 | % define the internal command \ae@guills 1633 | \@ae@switch{% ec 1634 | \newcommand{\ae@guills}{% 1635 | \ecguills{cmr}}% 1636 | }{% cm 1637 | \newcommand{\ae@guills}{% 1638 | \def\selectguillfont{\fontencoding{U}\fontfamily{lasy}% 1639 | \fontseries{m}\fontshape{n}\selectfont}% 1640 | \def\@oguills{\leavevmode\nobreak 1641 | \hbox{\selectguillfont (\kern-.20em(\kern.20em}\nobreak}% 1642 | \def\@fguills{\leavevmode\nobreak 1643 | \hbox{\selectguillfont \kern.20em)\kern-.2em)}% 1644 | \ifdim\fontdimen\@ne\font>\z@\/\fi}}% 1645 | }{% cyr 1646 | \newcommand{\ae@guills}{% 1647 | \def\selectguillfont{\fontencoding{OT2}\fontfamily{wncyr}\selectfont}% 1648 | \def\@oguills{{\selectguillfont\symbol{60}}}% 1649 | \def\@fguills{{\selectguillfont\symbol{62}}}} 1650 | }{% pl 1651 | \newcommand{\ae@guills}{% 1652 | \def\selectguillfont{\fontencoding{OT4}\fontfamily{cmr}\selectfont}% 1653 | \def\@oguills{{\selectguillfont\symbol{174}}}% 1654 | \def\@fguills{{\selectguillfont\symbol{175}}}} 1655 | } 1656 | 1657 | 1658 | \AtBeginDocument{% 1659 | \ifx\GOfrench\undefined 1660 | \aeguills 1661 | \else 1662 | \let\aeguill@GOfrench\GOfrench 1663 | \gdef\GOfrench{\aeguill@GOfrench \aeguills}% 1664 | \fi 1665 | } 1666 | 1667 | \endinput 1668 | % 1669 | 1670 | 1671 | --------------------------------------------------------------------------------