Cortex.Wire.AdmissionArtifact.ValidatorCoreCheck
On this page
Imports
Overview
Executable core checks for decoded Wire admission artifacts.
This module is the Lean-owned executable validator for decoded artifact rows.
The historical ValidatorReadyCore name remains as the checker-record layer,
but it now covers every field of ValidatorReady: schema and summary
invariants, component-domain and frontier cross-references, local
generated/select/phantom row validity, component-row uniqueness, primitive row
validity, and executable primitive stack replay.
Each checker has a theorem of the form check = true → predicate, so this file
tests whether replacing mirrored Haskell validator clauses with Lean-owned
executable checks scales locally.
namespace Cortex.Wirenamespace AdmissionArtifactopen Cortex.Wire.ElaborationIRDecidable Validity Leaves
namespace AdmissionPortLabelinstance validDecidable (label : AdmissionPortLabel) : Decidable label.Valid := label:AdmissionPortLabel⊢ Decidable label.Valid
cases label with
⊢ Decidable noLabel.Valid
All goals completed! 🐙
portLabel:FieldLabel⊢ Decidable (label portLabel).Valid
portLabel:FieldLabel⊢ Decidable
(match label portLabel with
| noLabel => True
| label portLabel => portLabel.Valid)
All goals completed! 🐙end AdmissionPortLabelnamespace AdmissionBoundaryPortinstance validDecidable (boundary : AdmissionBoundaryPort) : Decidable boundary.Valid := boundary:AdmissionBoundaryPort⊢ Decidable boundary.Valid
cases boundary with
node:NodeIdport:FieldLabelcontract:ContractIdlabel:AdmissionPortLabelexclusiveGroup:Option (NodeId × ℕ)⊢ Decidable { node := node, port := port, contract := contract, label := label, exclusiveGroup := exclusiveGroup }.Valid
cases label with
node:NodeIdport:FieldLabelcontract:ContractIdexclusiveGroup:Option (NodeId × ℕ)⊢ Decidable
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := exclusiveGroup }.Valid
cases exclusiveGroup with
node:NodeIdport:FieldLabelcontract:ContractId⊢ Decidable
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := none }.Valid
node:NodeIdport:FieldLabelcontract:ContractId⊢ Decidable
({ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := none }.node.Valid ∧
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := none }.port.Valid ∧
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := none }.contract.Valid ∧
(match
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := none }.label with
| AdmissionPortLabel.noLabel => True
| AdmissionPortLabel.label portLabel => portLabel.Valid) ∧
match
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := none }.exclusiveGroup with
| none => True
| some (owner, _index) =>
owner =
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := none }.node ∧
owner.Valid)
All goals completed! 🐙
node:NodeIdport:FieldLabelcontract:ContractIdgroup:NodeId × ℕ⊢ Decidable
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := some group }.Valid
node:NodeIdport:FieldLabelcontract:ContractIdfst✝:NodeIdsnd✝:ℕ⊢ Decidable
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := some (fst✝, snd✝) }.Valid
node:NodeIdport:FieldLabelcontract:ContractIdfst✝:NodeIdsnd✝:ℕ⊢ Decidable
({ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := some (fst✝, snd✝) }.node.Valid ∧
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := some (fst✝, snd✝) }.port.Valid ∧
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := some (fst✝, snd✝) }.contract.Valid ∧
(match
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := some (fst✝, snd✝) }.label with
| AdmissionPortLabel.noLabel => True
| AdmissionPortLabel.label portLabel => portLabel.Valid) ∧
match
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := some (fst✝, snd✝) }.exclusiveGroup with
| none => True
| some (owner, _index) =>
owner =
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.noLabel,
exclusiveGroup := some (fst✝, snd✝) }.node ∧
owner.Valid)
All goals completed! 🐙
node:NodeIdport:FieldLabelcontract:ContractIdexclusiveGroup:Option (NodeId × ℕ)label:FieldLabel⊢ Decidable
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := exclusiveGroup }.Valid
cases exclusiveGroup with
node:NodeIdport:FieldLabelcontract:ContractIdlabel:FieldLabel⊢ Decidable
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := none }.Valid
node:NodeIdport:FieldLabelcontract:ContractIdlabel:FieldLabel⊢ Decidable
({ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := none }.node.Valid ∧
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := none }.port.Valid ∧
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := none }.contract.Valid ∧
(match
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := none }.label with
| AdmissionPortLabel.noLabel => True
| AdmissionPortLabel.label portLabel => portLabel.Valid) ∧
match
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := none }.exclusiveGroup with
| none => True
| some (owner, _index) =>
owner =
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := none }.node ∧
owner.Valid)
All goals completed! 🐙
node:NodeIdport:FieldLabelcontract:ContractIdlabel:FieldLabelgroup:NodeId × ℕ⊢ Decidable
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := some group }.Valid
node:NodeIdport:FieldLabelcontract:ContractIdlabel:FieldLabelfst✝:NodeIdsnd✝:ℕ⊢ Decidable
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := some (fst✝, snd✝) }.Valid
node:NodeIdport:FieldLabelcontract:ContractIdlabel:FieldLabelfst✝:NodeIdsnd✝:ℕ⊢ Decidable
({ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := some (fst✝, snd✝) }.node.Valid ∧
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := some (fst✝, snd✝) }.port.Valid ∧
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := some (fst✝, snd✝) }.contract.Valid ∧
(match
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := some (fst✝, snd✝) }.label with
| AdmissionPortLabel.noLabel => True
| AdmissionPortLabel.label portLabel => portLabel.Valid) ∧
match
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := some (fst✝, snd✝) }.exclusiveGroup with
| none => True
| some (owner, _index) =>
owner =
{ node := node, port := port, contract := contract, label := AdmissionPortLabel.label label,
exclusiveGroup := some (fst✝, snd✝) }.node ∧
owner.Valid)
All goals completed! 🐙end AdmissionBoundaryPortnamespace AdmissionConnectioninstance validDecidable (connection : AdmissionConnection) : Decidable connection.Valid := connection:AdmissionConnection⊢ Decidable connection.Valid
connection:AdmissionConnection⊢ Decidable
(connection.fromPort.Valid ∧
connection.toPort.Valid ∧
connection.fromPort.label = connection.toPort.label ∧ connection.fromPort.contract = connection.toPort.contract)
All goals completed! 🐙end AdmissionConnectionnamespace AdmissionEndpointRefinstance validDecidable (endpoint : AdmissionEndpointRef) : Decidable endpoint.Valid := endpoint:AdmissionEndpointRef⊢ Decidable endpoint.Valid
cases endpoint with
node:NodeIdport:Option FieldLabel⊢ Decidable { node := node, port := port }.Valid
cases port with
node:NodeId⊢ Decidable { node := node, port := none }.Valid
node:NodeId⊢ Decidable
({ node := node, port := none }.node.Valid ∧
match { node := node, port := none }.port with
| none => True
| some port => port.Valid)
All goals completed! 🐙
node:NodeIdport:FieldLabel⊢ Decidable { node := node, port := some port }.Valid
node:NodeIdport:FieldLabel⊢ Decidable
({ node := node, port := some port }.node.Valid ∧
match { node := node, port := some port }.port with
| none => True
| some port => port.Valid)
All goals completed! 🐙end AdmissionEndpointRefnamespace AdmissionRawConnectioninstance validDecidable (connection : AdmissionRawConnection) :
Decidable connection.Valid := connection:AdmissionRawConnection⊢ Decidable connection.Valid
connection:AdmissionRawConnection⊢ Decidable (connection.fromEndpoint.Valid ∧ connection.toEndpoint.Valid)
All goals completed! 🐙end AdmissionRawConnectionBoundary Checks
namespace AdmissionArtifactCheckEvery boundary port in a decoded list is structurally valid.
def boundaryPortsValidCheck (ports : List AdmissionBoundaryPort) : Bool :=
Check.allDecide ports AdmissionBoundaryPort.ValidSuccessful boundary-port validity checking proves the relational list predicate.
theorem boundaryPortsValidCheck_sound
{ports : List AdmissionBoundaryPort}
(hCheck : boundaryPortsValidCheck ports = true) :
BoundaryPortsValid ports :=
Check.allDecide_sound hCheckEvery boundary contraction in a decoded list is structurally valid.
def connectionsValidCheck (connections : List AdmissionConnection) : Bool :=
Check.allDecide connections AdmissionConnection.ValidSuccessful connection-row validity checking proves the relational list predicate.
theorem connectionsValidCheck_sound
{connections : List AdmissionConnection}
(hCheck : connectionsValidCheck connections = true) :
ConnectionsValid connections :=
Check.allDecide_sound hCheckend AdmissionArtifactCheckPrimitive Row Checks
namespace PrimitiveGraphStepPrimitive node frontiers are owned by the node row that serializes them.
def nodeFrontiersOwnedCheck
(nodeId : NodeId)
(entries exits : List AdmissionBoundaryPort) :
Bool :=
Check.allDecide entries (fun entry => entry.node = nodeId) &&
Check.allDecide exits (fun exit => exit.node = nodeId)
Successful ownership checking proves NodeFrontiersOwned.
theorem nodeFrontiersOwnedCheck_sound
{nodeId : NodeId}
{entries exits : List AdmissionBoundaryPort}
(hCheck : nodeFrontiersOwnedCheck nodeId entries exits = true) :
NodeFrontiersOwned nodeId entries exits := nodeId:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:nodeFrontiersOwnedCheck nodeId entries exits = true⊢ NodeFrontiersOwned nodeId entries exits
nodeId:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:((Check.allDecide entries fun entry => entry.node = nodeId) && Check.allDecide exits fun exit => exit.node = nodeId) =
true⊢ NodeFrontiersOwned nodeId entries exits
nodeId:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:(Check.allDecide entries fun entry => entry.node = nodeId) = true ∧
(Check.allDecide exits fun exit => exit.node = nodeId) = true⊢ NodeFrontiersOwned nodeId entries exits
All goals completed! 🐙Primitive node frontier keys are duplicate-free per direction.
def nodeFrontiersLinearCheck
(entries exits : List AdmissionBoundaryPort) :
Bool :=
Check.nodupMapCheck entries AdmissionBoundaryPort.key &&
Check.nodupMapCheck exits AdmissionBoundaryPort.key
Successful frontier-linearity checking proves NodeFrontiersLinear.
theorem nodeFrontiersLinearCheck_sound
{entries exits : List AdmissionBoundaryPort}
(hCheck : nodeFrontiersLinearCheck entries exits = true) :
NodeFrontiersLinear entries exits := entries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:nodeFrontiersLinearCheck entries exits = true⊢ NodeFrontiersLinear entries exits
entries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:(Check.nodupMapCheck entries AdmissionBoundaryPort.key && Check.nodupMapCheck exits AdmissionBoundaryPort.key) = true⊢ NodeFrontiersLinear entries exits
entries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:Check.nodupMapCheck entries AdmissionBoundaryPort.key = true ∧
Check.nodupMapCheck exits AdmissionBoundaryPort.key = true⊢ NodeFrontiersLinear entries exits
All goals completed! 🐙Executable checker for primitive node-row validity.
def nodeValidCheck
(nodeId : NodeId)
(entries exits : List AdmissionBoundaryPort) :
Bool :=
decide nodeId.Valid &&
AdmissionArtifactCheck.boundaryPortsValidCheck entries &&
AdmissionArtifactCheck.boundaryPortsValidCheck exits &&
nodeFrontiersOwnedCheck nodeId entries exits &&
nodeFrontiersLinearCheck entries exits
Successful primitive node-row checking proves NodeValid.
theorem nodeValidCheck_sound
{nodeId : NodeId}
{entries exits : List AdmissionBoundaryPort}
(hCheck : nodeValidCheck nodeId entries exits = true) :
NodeValid nodeId entries exits := nodeId:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:nodeValidCheck nodeId entries exits = true⊢ NodeValid nodeId entries exits
nodeId:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:(decide nodeId.Valid && AdmissionArtifactCheck.boundaryPortsValidCheck entries &&
AdmissionArtifactCheck.boundaryPortsValidCheck exits &&
nodeFrontiersOwnedCheck nodeId entries exits &&
nodeFrontiersLinearCheck entries exits) =
true⊢ NodeValid nodeId entries exits
nodeId:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:(((decide nodeId.Valid = true ∧ AdmissionArtifactCheck.boundaryPortsValidCheck entries = true) ∧
AdmissionArtifactCheck.boundaryPortsValidCheck exits = true) ∧
nodeFrontiersOwnedCheck nodeId entries exits = true) ∧
nodeFrontiersLinearCheck entries exits = true⊢ NodeValid nodeId entries exits
nodeId:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthLinear:nodeFrontiersLinearCheck entries exits = truehOwned:nodeFrontiersOwnedCheck nodeId entries exits = truehExits:AdmissionArtifactCheck.boundaryPortsValidCheck exits = truehNode:decide nodeId.Valid = truehEntries:AdmissionArtifactCheck.boundaryPortsValidCheck entries = true⊢ NodeValid nodeId entries exits
All goals completed! 🐙Primitive overlay side ledgers are duplicate-free before merge.
def overlayLedgersUniqueCheck
(leftNodeIds rightNodeIds : List NodeId)
(leftBindings rightBindings : List BindingName) :
Bool :=
Check.nodupCheck leftNodeIds &&
Check.nodupCheck rightNodeIds &&
Check.nodupCheck leftBindings &&
Check.nodupCheck rightBindings
Successful overlay-uniqueness checking proves OverlayLedgersUnique.
theorem overlayLedgersUniqueCheck_sound
{leftNodeIds rightNodeIds : List NodeId}
{leftBindings rightBindings : List BindingName}
(hCheck :
overlayLedgersUniqueCheck
leftNodeIds rightNodeIds leftBindings rightBindings = true) :
OverlayLedgersUnique leftNodeIds rightNodeIds leftBindings rightBindings := leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:overlayLedgersUniqueCheck leftNodeIds rightNodeIds leftBindings rightBindings = true⊢ OverlayLedgersUnique leftNodeIds rightNodeIds leftBindings rightBindings
leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(Check.nodupCheck leftNodeIds && Check.nodupCheck rightNodeIds && Check.nodupCheck leftBindings &&
Check.nodupCheck rightBindings) =
true⊢ OverlayLedgersUnique leftNodeIds rightNodeIds leftBindings rightBindings
leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:((Check.nodupCheck leftNodeIds = true ∧ Check.nodupCheck rightNodeIds = true) ∧ Check.nodupCheck leftBindings = true) ∧
Check.nodupCheck rightBindings = true⊢ OverlayLedgersUnique leftNodeIds rightNodeIds leftBindings rightBindings
leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehRightBindings:Check.nodupCheck rightBindings = truehLeftBindings:Check.nodupCheck leftBindings = truehLeftNodes:Check.nodupCheck leftNodeIds = truehRightNodes:Check.nodupCheck rightNodeIds = true⊢ OverlayLedgersUnique leftNodeIds rightNodeIds leftBindings rightBindings
All goals completed! 🐙Primitive overlay side ledgers are disjoint before merge.
def overlayLedgersDisjointCheck
(leftNodeIds rightNodeIds : List NodeId)
(leftBindings rightBindings : List BindingName) :
Bool :=
Check.allDecide leftNodeIds (fun node => node ∉ rightNodeIds) &&
Check.allDecide leftBindings (fun binding => binding ∉ rightBindings)
Successful overlay-disjointness checking proves OverlayLedgersDisjoint.
theorem overlayLedgersDisjointCheck_sound
{leftNodeIds rightNodeIds : List NodeId}
{leftBindings rightBindings : List BindingName}
(hCheck :
overlayLedgersDisjointCheck
leftNodeIds rightNodeIds leftBindings rightBindings = true) :
OverlayLedgersDisjoint leftNodeIds rightNodeIds leftBindings rightBindings := leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:overlayLedgersDisjointCheck leftNodeIds rightNodeIds leftBindings rightBindings = true⊢ OverlayLedgersDisjoint leftNodeIds rightNodeIds leftBindings rightBindings
leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:((Check.allDecide leftNodeIds fun node => node ∉ rightNodeIds) &&
Check.allDecide leftBindings fun binding => binding ∉ rightBindings) =
true⊢ OverlayLedgersDisjoint leftNodeIds rightNodeIds leftBindings rightBindings
leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(Check.allDecide leftNodeIds fun node => node ∉ rightNodeIds) = true ∧
(Check.allDecide leftBindings fun binding => binding ∉ rightBindings) = true⊢ OverlayLedgersDisjoint leftNodeIds rightNodeIds leftBindings rightBindings
leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(Check.allDecide leftNodeIds fun node => node ∉ rightNodeIds) = true ∧
(Check.allDecide leftBindings fun binding => binding ∉ rightBindings) = true⊢ ∀ node ∈ leftNodeIds, node ∈ rightNodeIds → FalseleftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(Check.allDecide leftNodeIds fun node => node ∉ rightNodeIds) = true ∧
(Check.allDecide leftBindings fun binding => binding ∉ rightBindings) = true⊢ ∀ binding ∈ leftBindings, binding ∈ rightBindings → False
leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(Check.allDecide leftNodeIds fun node => node ∉ rightNodeIds) = true ∧
(Check.allDecide leftBindings fun binding => binding ∉ rightBindings) = true⊢ ∀ node ∈ leftNodeIds, node ∈ rightNodeIds → False intro node leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(Check.allDecide leftNodeIds fun node => node ∉ rightNodeIds) = true ∧
(Check.allDecide leftBindings fun binding => binding ∉ rightBindings) = truenode:NodeIdhLeft:node ∈ leftNodeIds⊢ node ∈ rightNodeIds → False leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(Check.allDecide leftNodeIds fun node => node ∉ rightNodeIds) = true ∧
(Check.allDecide leftBindings fun binding => binding ∉ rightBindings) = truenode:NodeIdhLeft:node ∈ leftNodeIdshRight:node ∈ rightNodeIds⊢ False
All goals completed! 🐙
leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(Check.allDecide leftNodeIds fun node => node ∉ rightNodeIds) = true ∧
(Check.allDecide leftBindings fun binding => binding ∉ rightBindings) = true⊢ ∀ binding ∈ leftBindings, binding ∈ rightBindings → False intro binding leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(Check.allDecide leftNodeIds fun node => node ∉ rightNodeIds) = true ∧
(Check.allDecide leftBindings fun binding => binding ∉ rightBindings) = truebinding:BindingNamehLeft:binding ∈ leftBindings⊢ binding ∈ rightBindings → False leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(Check.allDecide leftNodeIds fun node => node ∉ rightNodeIds) = true ∧
(Check.allDecide leftBindings fun binding => binding ∉ rightBindings) = truebinding:BindingNamehLeft:binding ∈ leftBindingshRight:binding ∈ rightBindings⊢ False
All goals completed! 🐙Executable checker for primitive overlay-row validity.
def overlayValidCheck
(leftNodeIds rightNodeIds : List NodeId)
(leftBindings rightBindings : List BindingName) :
Bool :=
Check.allDecide leftNodeIds NodeId.Valid &&
Check.allDecide rightNodeIds NodeId.Valid &&
Check.allDecide leftBindings BindingName.Valid &&
Check.allDecide rightBindings BindingName.Valid &&
overlayLedgersUniqueCheck
leftNodeIds rightNodeIds leftBindings rightBindings &&
overlayLedgersDisjointCheck
leftNodeIds rightNodeIds leftBindings rightBindings
Successful primitive overlay-row checking proves OverlayValid.
theorem overlayValidCheck_sound
{leftNodeIds rightNodeIds : List NodeId}
{leftBindings rightBindings : List BindingName}
(hCheck :
overlayValidCheck
leftNodeIds rightNodeIds leftBindings rightBindings = true) :
OverlayValid leftNodeIds rightNodeIds leftBindings rightBindings := leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:overlayValidCheck leftNodeIds rightNodeIds leftBindings rightBindings = true⊢ OverlayValid leftNodeIds rightNodeIds leftBindings rightBindings
leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(Check.allDecide leftNodeIds NodeId.Valid && Check.allDecide rightNodeIds NodeId.Valid &&
Check.allDecide leftBindings BindingName.Valid &&
Check.allDecide rightBindings BindingName.Valid &&
overlayLedgersUniqueCheck leftNodeIds rightNodeIds leftBindings rightBindings &&
overlayLedgersDisjointCheck leftNodeIds rightNodeIds leftBindings rightBindings) =
true⊢ OverlayValid leftNodeIds rightNodeIds leftBindings rightBindings
leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:((((Check.allDecide leftNodeIds NodeId.Valid = true ∧ Check.allDecide rightNodeIds NodeId.Valid = true) ∧
Check.allDecide leftBindings BindingName.Valid = true) ∧
Check.allDecide rightBindings BindingName.Valid = true) ∧
overlayLedgersUniqueCheck leftNodeIds rightNodeIds leftBindings rightBindings = true) ∧
overlayLedgersDisjointCheck leftNodeIds rightNodeIds leftBindings rightBindings = true⊢ OverlayValid leftNodeIds rightNodeIds leftBindings rightBindings
leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehDisjoint:overlayLedgersDisjointCheck leftNodeIds rightNodeIds leftBindings rightBindings = truehUnique:overlayLedgersUniqueCheck leftNodeIds rightNodeIds leftBindings rightBindings = truehRightBindings:Check.allDecide rightBindings BindingName.Valid = truehLeftBindings:Check.allDecide leftBindings BindingName.Valid = truehLeftNodes:Check.allDecide leftNodeIds NodeId.Valid = truehRightNodes:Check.allDecide rightNodeIds NodeId.Valid = true⊢ OverlayValid leftNodeIds rightNodeIds leftBindings rightBindings
All goals completed! 🐙Matched primitive connect pairs do not reuse outputs or inputs.
def connectPairsLinearCheck (matchedPairs : List AdmissionConnection) : Bool :=
Check.nodupMapCheck matchedPairs AdmissionConnection.fromKey &&
Check.nodupMapCheck matchedPairs AdmissionConnection.toKey
Successful connect-pair linearity checking proves ConnectPairsLinear.
theorem connectPairsLinearCheck_sound
{matchedPairs : List AdmissionConnection}
(hCheck : connectPairsLinearCheck matchedPairs = true) :
ConnectPairsLinear matchedPairs := matchedPairs:List AdmissionConnectionhCheck:connectPairsLinearCheck matchedPairs = true⊢ ConnectPairsLinear matchedPairs
matchedPairs:List AdmissionConnectionhCheck:(Check.nodupMapCheck matchedPairs AdmissionConnection.fromKey &&
Check.nodupMapCheck matchedPairs AdmissionConnection.toKey) =
true⊢ ConnectPairsLinear matchedPairs
matchedPairs:List AdmissionConnectionhCheck:Check.nodupMapCheck matchedPairs AdmissionConnection.fromKey = true ∧
Check.nodupMapCheck matchedPairs AdmissionConnection.toKey = true⊢ ConnectPairsLinear matchedPairs
All goals completed! 🐙Serialized primitive connect frontiers are duplicate-free per side.
def connectFrontiersLinearCheck
(leftExits rightEntries : List AdmissionBoundaryPort) :
Bool :=
Check.nodupMapCheck leftExits AdmissionBoundaryPort.key &&
Check.nodupMapCheck rightEntries AdmissionBoundaryPort.key
Successful connect-frontier linearity checking proves ConnectFrontiersLinear.
theorem connectFrontiersLinearCheck_sound
{leftExits rightEntries : List AdmissionBoundaryPort}
(hCheck : connectFrontiersLinearCheck leftExits rightEntries = true) :
ConnectFrontiersLinear leftExits rightEntries := leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPorthCheck:connectFrontiersLinearCheck leftExits rightEntries = true⊢ ConnectFrontiersLinear leftExits rightEntries
leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPorthCheck:(Check.nodupMapCheck leftExits AdmissionBoundaryPort.key &&
Check.nodupMapCheck rightEntries AdmissionBoundaryPort.key) =
true⊢ ConnectFrontiersLinear leftExits rightEntries
leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPorthCheck:Check.nodupMapCheck leftExits AdmissionBoundaryPort.key = true ∧
Check.nodupMapCheck rightEntries AdmissionBoundaryPort.key = true⊢ ConnectFrontiersLinear leftExits rightEntries
All goals completed! 🐙Matched and residual connect rows partition the serialized frontiers.
def connectFrontierPartitionCheck
(leftExits rightEntries : List AdmissionBoundaryPort)
(matchedPairs : List AdmissionConnection)
(unmatchedLeftExits unmatchedRightEntries : List AdmissionBoundaryPort) :
Bool :=
Check.permCheck
((matchedPairs.map AdmissionConnection.fromKey) ++
(unmatchedLeftExits.map AdmissionBoundaryPort.key))
(leftExits.map AdmissionBoundaryPort.key) &&
Check.permCheck
((matchedPairs.map AdmissionConnection.toKey) ++
(unmatchedRightEntries.map AdmissionBoundaryPort.key))
(rightEntries.map AdmissionBoundaryPort.key)
Successful partition checking proves ConnectFrontierPartition.
theorem connectFrontierPartitionCheck_sound
{leftExits rightEntries : List AdmissionBoundaryPort}
{matchedPairs : List AdmissionConnection}
{unmatchedLeftExits unmatchedRightEntries : List AdmissionBoundaryPort}
(hCheck :
connectFrontierPartitionCheck
leftExits rightEntries matchedPairs
unmatchedLeftExits unmatchedRightEntries = true) :
ConnectFrontierPartition
leftExits rightEntries matchedPairs
unmatchedLeftExits unmatchedRightEntries := leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthCheck:connectFrontierPartitionCheck leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries = true⊢ ConnectFrontierPartition leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries
leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthCheck:(Check.permCheck
(List.map AdmissionConnection.fromKey matchedPairs ++ List.map AdmissionBoundaryPort.key unmatchedLeftExits)
(List.map AdmissionBoundaryPort.key leftExits) &&
Check.permCheck
(List.map AdmissionConnection.toKey matchedPairs ++ List.map AdmissionBoundaryPort.key unmatchedRightEntries)
(List.map AdmissionBoundaryPort.key rightEntries)) =
true⊢ ConnectFrontierPartition leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries
leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthCheck:Check.permCheck
(List.map AdmissionConnection.fromKey matchedPairs ++ List.map AdmissionBoundaryPort.key unmatchedLeftExits)
(List.map AdmissionBoundaryPort.key leftExits) =
true ∧
Check.permCheck
(List.map AdmissionConnection.toKey matchedPairs ++ List.map AdmissionBoundaryPort.key unmatchedRightEntries)
(List.map AdmissionBoundaryPort.key rightEntries) =
true⊢ ConnectFrontierPartition leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries
All goals completed! 🐙Matched pairs are drawn from the frontiers serialized in the same connect row.
def connectPairsDrawnFromFrontiersCheck
(leftExits rightEntries : List AdmissionBoundaryPort)
(matchedPairs : List AdmissionConnection) :
Bool :=
Check.allDecide matchedPairs fun pair =>
pair.fromPort ∈ leftExits ∧ pair.toPort ∈ rightEntriesSuccessful pair-frontier checking proves the matched-pair inclusion fact.
theorem connectPairsDrawnFromFrontiersCheck_sound
{leftExits rightEntries : List AdmissionBoundaryPort}
{matchedPairs : List AdmissionConnection}
(hCheck :
connectPairsDrawnFromFrontiersCheck leftExits rightEntries matchedPairs =
true) :
∀ pair, pair ∈ matchedPairs →
pair.fromPort ∈ leftExits ∧ pair.toPort ∈ rightEntries :=
Check.allDecide_sound hCheckResidual left exits are drawn from the serialized left frontier.
def unmatchedLeftDrawnFromFrontierCheck
(leftExits unmatchedLeftExits : List AdmissionBoundaryPort) :
Bool :=
Check.allDecide unmatchedLeftExits fun boundary => boundary ∈ leftExitsSuccessful residual-left checking proves the inclusion fact.
theorem unmatchedLeftDrawnFromFrontierCheck_sound
{leftExits unmatchedLeftExits : List AdmissionBoundaryPort}
(hCheck :
unmatchedLeftDrawnFromFrontierCheck leftExits unmatchedLeftExits = true) :
∀ boundary, boundary ∈ unmatchedLeftExits → boundary ∈ leftExits :=
Check.allDecide_sound hCheckResidual right entries are drawn from the serialized right frontier.
def unmatchedRightDrawnFromFrontierCheck
(rightEntries unmatchedRightEntries : List AdmissionBoundaryPort) :
Bool :=
Check.allDecide unmatchedRightEntries fun boundary => boundary ∈ rightEntriesSuccessful residual-right checking proves the inclusion fact.
theorem unmatchedRightDrawnFromFrontierCheck_sound
{rightEntries unmatchedRightEntries : List AdmissionBoundaryPort}
(hCheck :
unmatchedRightDrawnFromFrontierCheck rightEntries unmatchedRightEntries =
true) :
∀ boundary, boundary ∈ unmatchedRightEntries → boundary ∈ rightEntries :=
Check.allDecide_sound hCheckSearch a matched-pair ledger for a concrete compatible frontier pair.
def exactMatchedPairCheck
(matchedPairs : List AdmissionConnection)
(leftExit rightEntry : AdmissionBoundaryPort) :
Bool :=
Check.anyDecide matchedPairs fun pair =>
pair.fromPort = leftExit ∧ pair.toPort = rightEntrySuccessful exact-pair search returns the matching connection row.
theorem exactMatchedPairCheck_sound
{matchedPairs : List AdmissionConnection}
{leftExit rightEntry : AdmissionBoundaryPort}
(hCheck : exactMatchedPairCheck matchedPairs leftExit rightEntry = true) :
∃ pair, pair ∈ matchedPairs ∧
pair.fromPort = leftExit ∧ pair.toPort = rightEntry := matchedPairs:List AdmissionConnectionleftExit:AdmissionBoundaryPortrightEntry:AdmissionBoundaryPorthCheck:exactMatchedPairCheck matchedPairs leftExit rightEntry = true⊢ ∃ pair ∈ matchedPairs, pair.fromPort = leftExit ∧ pair.toPort = rightEntry
matchedPairs:List AdmissionConnectionleftExit:AdmissionBoundaryPortrightEntry:AdmissionBoundaryPorthCheck:(Check.anyDecide matchedPairs fun pair => pair.fromPort = leftExit ∧ pair.toPort = rightEntry) = true⊢ ∃ pair ∈ matchedPairs, pair.fromPort = leftExit ∧ pair.toPort = rightEntry
matchedPairs:List AdmissionConnectionleftExit:AdmissionBoundaryPortrightEntry:AdmissionBoundaryPorthCheck:(Check.anyDecide matchedPairs fun pair => pair.fromPort = leftExit ∧ pair.toPort = rightEntry) = truepair:AdmissionConnectionhPair:pair ∈ matchedPairshExact:pair.fromPort = leftExit ∧ pair.toPort = rightEntry⊢ ∃ pair ∈ matchedPairs, pair.fromPort = leftExit ∧ pair.toPort = rightEntry
All goals completed! 🐙Every compatible frontier pair is recorded in the matched-pair ledger.
def connectMatchesAllCompatibleCheck
(leftExits rightEntries : List AdmissionBoundaryPort)
(matchedPairs : List AdmissionConnection) :
Bool :=
Check.allPairsWhenCheck
leftExits rightEntries
AdmissionBoundaryPort.CompatibleWith
(exactMatchedPairCheck matchedPairs)
Successful compatibility matching proves ConnectMatchesAllCompatible.
theorem connectMatchesAllCompatibleCheck_sound
{leftExits rightEntries : List AdmissionBoundaryPort}
{matchedPairs : List AdmissionConnection}
(hCheck :
connectMatchesAllCompatibleCheck leftExits rightEntries matchedPairs =
true) :
ConnectMatchesAllCompatible leftExits rightEntries matchedPairs := leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionhCheck:connectMatchesAllCompatibleCheck leftExits rightEntries matchedPairs = true⊢ ConnectMatchesAllCompatible leftExits rightEntries matchedPairs
leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionhCheck:Check.allPairsWhenCheck leftExits rightEntries AdmissionBoundaryPort.CompatibleWith
(exactMatchedPairCheck matchedPairs) =
true⊢ ConnectMatchesAllCompatible leftExits rightEntries matchedPairs
All goals completed! 🐙Boundary rows inside a primitive connect row are structurally valid.
def connectRowsValidCheck
(leftExits rightEntries : List AdmissionBoundaryPort)
(matchedPairs : List AdmissionConnection)
(unmatchedLeftExits unmatchedRightEntries : List AdmissionBoundaryPort) :
Bool :=
AdmissionArtifactCheck.boundaryPortsValidCheck leftExits &&
AdmissionArtifactCheck.boundaryPortsValidCheck rightEntries &&
AdmissionArtifactCheck.connectionsValidCheck matchedPairs &&
AdmissionArtifactCheck.boundaryPortsValidCheck unmatchedLeftExits &&
AdmissionArtifactCheck.boundaryPortsValidCheck unmatchedRightEntries
Successful connect-row boundary checking proves ConnectRowsValid.
theorem connectRowsValidCheck_sound
{leftExits rightEntries : List AdmissionBoundaryPort}
{matchedPairs : List AdmissionConnection}
{unmatchedLeftExits unmatchedRightEntries : List AdmissionBoundaryPort}
(hCheck :
connectRowsValidCheck
leftExits rightEntries matchedPairs
unmatchedLeftExits unmatchedRightEntries = true) :
ConnectRowsValid
leftExits rightEntries matchedPairs
unmatchedLeftExits unmatchedRightEntries := leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthCheck:connectRowsValidCheck leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries = true⊢ ConnectRowsValid leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries
leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthCheck:(AdmissionArtifactCheck.boundaryPortsValidCheck leftExits &&
AdmissionArtifactCheck.boundaryPortsValidCheck rightEntries &&
AdmissionArtifactCheck.connectionsValidCheck matchedPairs &&
AdmissionArtifactCheck.boundaryPortsValidCheck unmatchedLeftExits &&
AdmissionArtifactCheck.boundaryPortsValidCheck unmatchedRightEntries) =
true⊢ ConnectRowsValid leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries
leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthCheck:(((AdmissionArtifactCheck.boundaryPortsValidCheck leftExits = true ∧
AdmissionArtifactCheck.boundaryPortsValidCheck rightEntries = true) ∧
AdmissionArtifactCheck.connectionsValidCheck matchedPairs = true) ∧
AdmissionArtifactCheck.boundaryPortsValidCheck unmatchedLeftExits = true) ∧
AdmissionArtifactCheck.boundaryPortsValidCheck unmatchedRightEntries = true⊢ ConnectRowsValid leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries
leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthUnmatchedRight:AdmissionArtifactCheck.boundaryPortsValidCheck unmatchedRightEntries = truehUnmatchedLeft:AdmissionArtifactCheck.boundaryPortsValidCheck unmatchedLeftExits = truehPairs:AdmissionArtifactCheck.connectionsValidCheck matchedPairs = truehLeftExits:AdmissionArtifactCheck.boundaryPortsValidCheck leftExits = truehRightEntries:AdmissionArtifactCheck.boundaryPortsValidCheck rightEntries = true⊢ ConnectRowsValid leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries
All goals completed! 🐙Executable checker for primitive connect-row validity.
def connectValidCheck
(leftExits rightEntries : List AdmissionBoundaryPort)
(matchedPairs : List AdmissionConnection)
(unmatchedLeftExits unmatchedRightEntries : List AdmissionBoundaryPort) :
Bool :=
connectPairsDrawnFromFrontiersCheck leftExits rightEntries matchedPairs &&
unmatchedLeftDrawnFromFrontierCheck leftExits unmatchedLeftExits &&
unmatchedRightDrawnFromFrontierCheck rightEntries unmatchedRightEntries &&
connectPairsLinearCheck matchedPairs &&
connectFrontiersLinearCheck leftExits rightEntries &&
connectMatchesAllCompatibleCheck leftExits rightEntries matchedPairs &&
connectFrontierPartitionCheck
leftExits rightEntries matchedPairs
unmatchedLeftExits unmatchedRightEntries &&
connectRowsValidCheck
leftExits rightEntries matchedPairs
unmatchedLeftExits unmatchedRightEntries
Successful primitive connect-row checking proves ConnectValid.
theorem connectValidCheck_sound
{leftExits rightEntries : List AdmissionBoundaryPort}
{matchedPairs : List AdmissionConnection}
{unmatchedLeftExits unmatchedRightEntries : List AdmissionBoundaryPort}
(hCheck :
connectValidCheck
leftExits rightEntries matchedPairs
unmatchedLeftExits unmatchedRightEntries = true) :
ConnectValid
leftExits rightEntries matchedPairs
unmatchedLeftExits unmatchedRightEntries := leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthCheck:connectValidCheck leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries = true⊢ ConnectValid leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries
leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthCheck:(connectPairsDrawnFromFrontiersCheck leftExits rightEntries matchedPairs &&
unmatchedLeftDrawnFromFrontierCheck leftExits unmatchedLeftExits &&
unmatchedRightDrawnFromFrontierCheck rightEntries unmatchedRightEntries &&
connectPairsLinearCheck matchedPairs &&
connectFrontiersLinearCheck leftExits rightEntries &&
connectMatchesAllCompatibleCheck leftExits rightEntries matchedPairs &&
connectFrontierPartitionCheck leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries &&
connectRowsValidCheck leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries) =
true⊢ ConnectValid leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries
leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthCheck:((((((connectPairsDrawnFromFrontiersCheck leftExits rightEntries matchedPairs = true ∧
unmatchedLeftDrawnFromFrontierCheck leftExits unmatchedLeftExits = true) ∧
unmatchedRightDrawnFromFrontierCheck rightEntries unmatchedRightEntries = true) ∧
connectPairsLinearCheck matchedPairs = true) ∧
connectFrontiersLinearCheck leftExits rightEntries = true) ∧
connectMatchesAllCompatibleCheck leftExits rightEntries matchedPairs = true) ∧
connectFrontierPartitionCheck leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries = true) ∧
connectRowsValidCheck leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries = true⊢ ConnectValid leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries
leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthRowsValid:connectRowsValidCheck leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries = truehPartition:connectFrontierPartitionCheck leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries = truehMatchesAll:connectMatchesAllCompatibleCheck leftExits rightEntries matchedPairs = truehFrontiersLinear:connectFrontiersLinearCheck leftExits rightEntries = truehPairsLinear:connectPairsLinearCheck matchedPairs = truehUnmatchedRight:unmatchedRightDrawnFromFrontierCheck rightEntries unmatchedRightEntries = truehPairsDrawn:connectPairsDrawnFromFrontiersCheck leftExits rightEntries matchedPairs = truehUnmatchedLeft:unmatchedLeftDrawnFromFrontierCheck leftExits unmatchedLeftExits = true⊢ ConnectValid leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries
All goals completed! 🐙Executable checker for primitive graph-step row validity.
def validCheck : PrimitiveGraphStep → Bool
| PrimitiveGraphStep.empty =>
true
| PrimitiveGraphStep.node nodeId entries exits =>
nodeValidCheck nodeId entries exits
| PrimitiveGraphStep.bindingRef binding =>
decide binding.Valid
| PrimitiveGraphStep.overlay leftNodeIds rightNodeIds leftBindings rightBindings =>
overlayValidCheck leftNodeIds rightNodeIds leftBindings rightBindings
| PrimitiveGraphStep.connect
leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries =>
connectValidCheck
leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries
Successful primitive graph-step checking proves row-local Valid.
theorem validCheck_sound
{primitiveStep : PrimitiveGraphStep}
(hCheck : primitiveStep.validCheck = true) :
primitiveStep.Valid := primitiveStep:PrimitiveGraphStephCheck:primitiveStep.validCheck = true⊢ primitiveStep.Valid
cases primitiveStep with
hCheck:empty.validCheck = true⊢ empty.Valid
All goals completed! 🐙
nodeId:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:(node nodeId entries exits).validCheck = true⊢ (node nodeId entries exits).Valid
All goals completed! 🐙
binding:BindingNamehCheck:(bindingRef binding).validCheck = true⊢ (bindingRef binding).Valid
binding:BindingNamehCheck:(bindingRef binding).validCheck = true⊢ binding.Valid
All goals completed! 🐙
leftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(overlay leftNodeIds rightNodeIds leftBindings rightBindings).validCheck = true⊢ (overlay leftNodeIds rightNodeIds leftBindings rightBindings).Valid
All goals completed! 🐙
leftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthCheck:(connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries).validCheck = true⊢ (connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries).Valid
All goals completed! 🐙end PrimitiveGraphStepValidator-Ready Core
namespace WireAdmissionArtifactExecutable checker for top-level summary-key uniqueness.
def summaryKeysUniqueCheck (artifact : WireAdmissionArtifact) : Bool :=
Check.nodupCheck artifact.nodes &&
Check.nodupCheck artifact.bindingRefs &&
Check.nodupMapCheck artifact.entries AdmissionBoundaryPort.key &&
Check.nodupMapCheck artifact.exits AdmissionBoundaryPort.key &&
Check.nodupCheck artifact.connections
Successful summary-key checking proves SummaryKeysUnique.
theorem summaryKeysUniqueCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.summaryKeysUniqueCheck = true) :
artifact.SummaryKeysUnique := artifact:WireAdmissionArtifacthCheck:artifact.summaryKeysUniqueCheck = true⊢ artifact.SummaryKeysUnique
artifact:WireAdmissionArtifacthCheck:(Check.nodupCheck artifact.nodes && Check.nodupCheck artifact.bindingRefs &&
Check.nodupMapCheck artifact.entries AdmissionBoundaryPort.key &&
Check.nodupMapCheck artifact.exits AdmissionBoundaryPort.key &&
Check.nodupCheck artifact.connections) =
true⊢ artifact.SummaryKeysUnique
artifact:WireAdmissionArtifacthCheck:(((Check.nodupCheck artifact.nodes = true ∧ Check.nodupCheck artifact.bindingRefs = true) ∧
Check.nodupMapCheck artifact.entries AdmissionBoundaryPort.key = true) ∧
Check.nodupMapCheck artifact.exits AdmissionBoundaryPort.key = true) ∧
Check.nodupCheck artifact.connections = true⊢ artifact.SummaryKeysUnique
artifact:WireAdmissionArtifacthConnections:Check.nodupCheck artifact.connections = truehExits:Check.nodupMapCheck artifact.exits AdmissionBoundaryPort.key = truehEntries:Check.nodupMapCheck artifact.entries AdmissionBoundaryPort.key = truehNodes:Check.nodupCheck artifact.nodes = truehBindings:Check.nodupCheck artifact.bindingRefs = true⊢ artifact.SummaryKeysUnique
All goals completed! 🐙Executable checker for top-level summary row validity.
def summaryRowsValidCheck (artifact : WireAdmissionArtifact) : Bool :=
Check.allDecide artifact.nodes NodeId.Valid &&
Check.allDecide artifact.bindingRefs BindingName.Valid &&
AdmissionArtifactCheck.boundaryPortsValidCheck artifact.entries &&
AdmissionArtifactCheck.boundaryPortsValidCheck artifact.exits &&
Check.allDecide artifact.connections AdmissionRawConnection.Valid
Successful summary-row checking proves SummaryRowsValid.
theorem summaryRowsValidCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.summaryRowsValidCheck = true) :
artifact.SummaryRowsValid := artifact:WireAdmissionArtifacthCheck:artifact.summaryRowsValidCheck = true⊢ artifact.SummaryRowsValid
artifact:WireAdmissionArtifacthCheck:(Check.allDecide artifact.nodes NodeId.Valid && Check.allDecide artifact.bindingRefs BindingName.Valid &&
AdmissionArtifactCheck.boundaryPortsValidCheck artifact.entries &&
AdmissionArtifactCheck.boundaryPortsValidCheck artifact.exits &&
Check.allDecide artifact.connections AdmissionRawConnection.Valid) =
true⊢ artifact.SummaryRowsValid
artifact:WireAdmissionArtifacthCheck:(((Check.allDecide artifact.nodes NodeId.Valid = true ∧ Check.allDecide artifact.bindingRefs BindingName.Valid = true) ∧
AdmissionArtifactCheck.boundaryPortsValidCheck artifact.entries = true) ∧
AdmissionArtifactCheck.boundaryPortsValidCheck artifact.exits = true) ∧
Check.allDecide artifact.connections AdmissionRawConnection.Valid = true⊢ artifact.SummaryRowsValid
artifact:WireAdmissionArtifacthConnections:Check.allDecide artifact.connections AdmissionRawConnection.Valid = truehExits:AdmissionArtifactCheck.boundaryPortsValidCheck artifact.exits = truehEntries:AdmissionArtifactCheck.boundaryPortsValidCheck artifact.entries = truehNodes:Check.allDecide artifact.nodes NodeId.Valid = truehBindings:Check.allDecide artifact.bindingRefs BindingName.Valid = true⊢ artifact.SummaryRowsValid
All goals completed! 🐙Executable checker for boundary rows being closed over a node summary.
def boundaryPortClosedCheck
(nodes : List NodeId)
(port : AdmissionBoundaryPort) :
Bool :=
Check.memCheck port.node nodes &&
match port.exclusiveGroup with
| none => true
| some (owner, _index) => Check.memCheck owner nodes
Successful boundary-row closure checking proves AdmissionBoundaryPort.ClosedOver.
theorem boundaryPortClosedCheck_sound
{nodes : List NodeId}
{port : AdmissionBoundaryPort}
(hCheck : boundaryPortClosedCheck nodes port = true) :
port.ClosedOver nodes := nodes:List NodeIdport:AdmissionBoundaryPorthCheck:boundaryPortClosedCheck nodes port = true⊢ AdmissionBoundaryPort.ClosedOver nodes port
nodes:List NodeIdport:AdmissionBoundaryPorthCheck:(Check.memCheck port.node nodes &&
match port.exclusiveGroup with
| none => true
| some (owner, _index) => Check.memCheck owner nodes) =
true⊢ AdmissionBoundaryPort.ClosedOver nodes port
nodes:List NodeIdport:AdmissionBoundaryPorthCheck:Check.memCheck port.node nodes = true ∧
(match port.exclusiveGroup with
| none => true
| some (owner, _index) => Check.memCheck owner nodes) =
true⊢ AdmissionBoundaryPort.ClosedOver nodes port
nodes:List NodeIdport:AdmissionBoundaryPorthCheck:Check.memCheck port.node nodes = true ∧
(match port.exclusiveGroup with
| none => true
| some (owner, _index) => Check.memCheck owner nodes) =
true⊢ port.node ∈ nodesnodes:List NodeIdport:AdmissionBoundaryPorthCheck:Check.memCheck port.node nodes = true ∧
(match port.exclusiveGroup with
| none => true
| some (owner, _index) => Check.memCheck owner nodes) =
true⊢ match port.exclusiveGroup with
| none => True
| some (owner, _index) => owner ∈ nodes
nodes:List NodeIdport:AdmissionBoundaryPorthCheck:Check.memCheck port.node nodes = true ∧
(match port.exclusiveGroup with
| none => true
| some (owner, _index) => Check.memCheck owner nodes) =
true⊢ port.node ∈ nodes All goals completed! 🐙
nodes:List NodeIdport:AdmissionBoundaryPorthCheck:Check.memCheck port.node nodes = true ∧
(match port.exclusiveGroup with
| none => true
| some (owner, _index) => Check.memCheck owner nodes) =
true⊢ match port.exclusiveGroup with
| none => True
| some (owner, _index) => owner ∈ nodes cases hGroup : port.exclusiveGroup with
nodes:List NodeIdport:AdmissionBoundaryPorthCheck:Check.memCheck port.node nodes = true ∧
(match port.exclusiveGroup with
| none => true
| some (owner, _index) => Check.memCheck owner nodes) =
truehGroup:port.exclusiveGroup = none⊢ match none with
| none => True
| some (owner, _index) => owner ∈ nodes
All goals completed! 🐙
nodes:List NodeIdport:AdmissionBoundaryPorthCheck:Check.memCheck port.node nodes = true ∧
(match port.exclusiveGroup with
| none => true
| some (owner, _index) => Check.memCheck owner nodes) =
truegroup:NodeId × ℕhGroup:port.exclusiveGroup = some group⊢ match some group with
| none => True
| some (owner, _index) => owner ∈ nodes
cases group with
nodes:List NodeIdport:AdmissionBoundaryPorthCheck:Check.memCheck port.node nodes = true ∧
(match port.exclusiveGroup with
| none => true
| some (owner, _index) => Check.memCheck owner nodes) =
trueowner:NodeIdindex:ℕhGroup:port.exclusiveGroup = some (owner, index)⊢ match some (owner, index) with
| none => True
| some (owner, _index) => owner ∈ nodes
have hOwnerCheck : Check.memCheck owner nodes = true := nodes:List NodeIdport:AdmissionBoundaryPorthCheck:boundaryPortClosedCheck nodes port = true⊢ AdmissionBoundaryPort.ClosedOver nodes port
All goals completed! 🐙
All goals completed! 🐙Executable checker for boundary lists being closed over a node summary.
def boundaryPortsClosedCheck
(nodes : List NodeId)
(ports : List AdmissionBoundaryPort) :
Bool :=
Check.allBool ports (boundaryPortClosedCheck nodes)
Successful boundary-closure checking proves BoundaryPortsClosed.
theorem boundaryPortsClosedCheck_sound
{nodes : List NodeId}
{ports : List AdmissionBoundaryPort}
(hCheck : boundaryPortsClosedCheck nodes ports = true) :
BoundaryPortsClosed nodes ports :=
Check.allBool_sound hCheck
(fun _port _ hPortCheck => boundaryPortClosedCheck_sound hPortCheck)Executable checker for raw connection endpoints being closed over a node summary.
def rawConnectionsClosedCheck
(nodes : List NodeId)
(connections : List AdmissionRawConnection) :
Bool :=
Check.allDecide connections fun connection =>
connection.fromEndpoint.node ∈ nodes ∧ connection.toEndpoint.node ∈ nodesSuccessful raw-connection closure checking proves endpoint-node closure.
theorem rawConnectionsClosedCheck_sound
{nodes : List NodeId}
{connections : List AdmissionRawConnection}
(hCheck : rawConnectionsClosedCheck nodes connections = true) :
∀ connection, connection ∈ connections →
connection.fromEndpoint.node ∈ nodes ∧ connection.toEndpoint.node ∈ nodes :=
Check.allDecide_sound hCheckExecutable checker for a boundary contraction being closed over a node summary.
def connectionClosedCheck
(nodes : List NodeId)
(connection : AdmissionConnection) :
Bool :=
boundaryPortClosedCheck nodes connection.fromPort &&
boundaryPortClosedCheck nodes connection.toPortSuccessful connection-closure checking proves both endpoints are closed.
theorem connectionClosedCheck_sound
{nodes : List NodeId}
{connection : AdmissionConnection}
(hCheck : connectionClosedCheck nodes connection = true) :
connection.fromPort.ClosedOver nodes ∧ connection.toPort.ClosedOver nodes := nodes:List NodeIdconnection:AdmissionConnectionhCheck:connectionClosedCheck nodes connection = true⊢ AdmissionBoundaryPort.ClosedOver nodes connection.fromPort ∧ AdmissionBoundaryPort.ClosedOver nodes connection.toPort
nodes:List NodeIdconnection:AdmissionConnectionhCheck:(boundaryPortClosedCheck nodes connection.fromPort && boundaryPortClosedCheck nodes connection.toPort) = true⊢ AdmissionBoundaryPort.ClosedOver nodes connection.fromPort ∧ AdmissionBoundaryPort.ClosedOver nodes connection.toPort
nodes:List NodeIdconnection:AdmissionConnectionhCheck:boundaryPortClosedCheck nodes connection.fromPort = true ∧ boundaryPortClosedCheck nodes connection.toPort = true⊢ AdmissionBoundaryPort.ClosedOver nodes connection.fromPort ∧ AdmissionBoundaryPort.ClosedOver nodes connection.toPort
All goals completed! 🐙Executable checker for boundary contraction lists being closed over a node summary.
def connectionsClosedCheck
(nodes : List NodeId)
(connections : List AdmissionConnection) :
Bool :=
Check.allBool connections (connectionClosedCheck nodes)
Successful connection-list closure checking proves ConnectionsClosed.
theorem connectionsClosedCheck_sound
{nodes : List NodeId}
{connections : List AdmissionConnection}
(hCheck : connectionsClosedCheck nodes connections = true) :
ConnectionsClosed nodes connections :=
Check.allBool_sound hCheck
(fun _connection _ hConnection =>
connectionClosedCheck_sound hConnection)Executable checker for top-level summary closure over serialized nodes.
def summaryDomainClosedCheck (artifact : WireAdmissionArtifact) : Bool :=
boundaryPortsClosedCheck artifact.nodes artifact.entries &&
boundaryPortsClosedCheck artifact.nodes artifact.exits &&
rawConnectionsClosedCheck artifact.nodes artifact.connections
Successful summary-domain checking proves SummaryDomainClosed.
theorem summaryDomainClosedCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.summaryDomainClosedCheck = true) :
artifact.SummaryDomainClosed := artifact:WireAdmissionArtifacthCheck:artifact.summaryDomainClosedCheck = true⊢ artifact.SummaryDomainClosed
artifact:WireAdmissionArtifacthCheck:(boundaryPortsClosedCheck artifact.nodes artifact.entries && boundaryPortsClosedCheck artifact.nodes artifact.exits &&
rawConnectionsClosedCheck artifact.nodes artifact.connections) =
true⊢ artifact.SummaryDomainClosed
artifact:WireAdmissionArtifacthCheck:(boundaryPortsClosedCheck artifact.nodes artifact.entries = true ∧
boundaryPortsClosedCheck artifact.nodes artifact.exits = true) ∧
rawConnectionsClosedCheck artifact.nodes artifact.connections = true⊢ artifact.SummaryDomainClosed
artifact:WireAdmissionArtifacthConnections:rawConnectionsClosedCheck artifact.nodes artifact.connections = truehEntries:boundaryPortsClosedCheck artifact.nodes artifact.entries = truehExits:boundaryPortsClosedCheck artifact.nodes artifact.exits = true⊢ artifact.SummaryDomainClosed
All goals completed! 🐙Executable checker for primitive trace rows being closed over artifact summaries.
def primitiveStepDomainClosedCheck
(nodes : List NodeId)
(bindingRefs : List BindingName) :
PrimitiveGraphStep → Bool
| PrimitiveGraphStep.empty =>
true
| PrimitiveGraphStep.node nodeId entries exits =>
Check.memCheck nodeId nodes &&
boundaryPortsClosedCheck nodes entries &&
boundaryPortsClosedCheck nodes exits
| PrimitiveGraphStep.bindingRef binding =>
Check.memCheck binding bindingRefs
| PrimitiveGraphStep.overlay leftNodeIds rightNodeIds leftBindings rightBindings =>
Check.allDecide leftNodeIds (fun node => node ∈ nodes) &&
Check.allDecide rightNodeIds (fun node => node ∈ nodes) &&
Check.allDecide leftBindings (fun binding => binding ∈ bindingRefs) &&
Check.allDecide rightBindings (fun binding => binding ∈ bindingRefs)
| PrimitiveGraphStep.connect
leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries =>
boundaryPortsClosedCheck nodes leftExits &&
boundaryPortsClosedCheck nodes rightEntries &&
connectionsClosedCheck nodes matchedPairs &&
boundaryPortsClosedCheck nodes unmatchedLeftExits &&
boundaryPortsClosedCheck nodes unmatchedRightEntries
Successful primitive-domain checking proves PrimitiveGraphStep.DomainClosed.
theorem primitiveStepDomainClosedCheck_sound
{nodes : List NodeId}
{bindingRefs : List BindingName}
{primitiveStep : PrimitiveGraphStep}
(hCheck : primitiveStepDomainClosedCheck nodes bindingRefs primitiveStep = true) :
PrimitiveGraphStep.DomainClosed nodes bindingRefs primitiveStep := nodes:List NodeIdbindingRefs:List BindingNameprimitiveStep:PrimitiveGraphStephCheck:primitiveStepDomainClosedCheck nodes bindingRefs primitiveStep = true⊢ PrimitiveGraphStep.DomainClosed nodes bindingRefs primitiveStep
cases primitiveStep with
nodes:List NodeIdbindingRefs:List BindingNamehCheck:primitiveStepDomainClosedCheck nodes bindingRefs PrimitiveGraphStep.empty = true⊢ PrimitiveGraphStep.DomainClosed nodes bindingRefs PrimitiveGraphStep.empty
All goals completed! 🐙
nodes:List NodeIdbindingRefs:List BindingNamenodeId:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:primitiveStepDomainClosedCheck nodes bindingRefs (PrimitiveGraphStep.node nodeId entries exits) = true⊢ PrimitiveGraphStep.DomainClosed nodes bindingRefs (PrimitiveGraphStep.node nodeId entries exits)
nodes:List NodeIdbindingRefs:List BindingNamenodeId:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:(match PrimitiveGraphStep.node nodeId entries exits with
| PrimitiveGraphStep.empty => true
| PrimitiveGraphStep.node nodeId entries exits =>
Check.memCheck nodeId nodes && boundaryPortsClosedCheck nodes entries && boundaryPortsClosedCheck nodes exits
| PrimitiveGraphStep.bindingRef binding => Check.memCheck binding bindingRefs
| PrimitiveGraphStep.overlay leftNodeIds rightNodeIds leftBindings rightBindings =>
(((Check.allDecide leftNodeIds fun node => node ∈ nodes) &&
Check.allDecide rightNodeIds fun node => node ∈ nodes) &&
Check.allDecide leftBindings fun binding => binding ∈ bindingRefs) &&
Check.allDecide rightBindings fun binding => binding ∈ bindingRefs
| PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries =>
boundaryPortsClosedCheck nodes leftExits && boundaryPortsClosedCheck nodes rightEntries &&
connectionsClosedCheck nodes matchedPairs &&
boundaryPortsClosedCheck nodes unmatchedLeftExits &&
boundaryPortsClosedCheck nodes unmatchedRightEntries) =
true⊢ PrimitiveGraphStep.DomainClosed nodes bindingRefs (PrimitiveGraphStep.node nodeId entries exits)
nodes:List NodeIdbindingRefs:List BindingNamenodeId:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:(Check.memCheck nodeId nodes = true ∧ boundaryPortsClosedCheck nodes entries = true) ∧
boundaryPortsClosedCheck nodes exits = true⊢ PrimitiveGraphStep.DomainClosed nodes bindingRefs (PrimitiveGraphStep.node nodeId entries exits)
nodes:List NodeIdbindingRefs:List BindingNamenodeId:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthExits:boundaryPortsClosedCheck nodes exits = truehNode:Check.memCheck nodeId nodes = truehEntries:boundaryPortsClosedCheck nodes entries = true⊢ PrimitiveGraphStep.DomainClosed nodes bindingRefs (PrimitiveGraphStep.node nodeId entries exits)
All goals completed! 🐙
nodes:List NodeIdbindingRefs:List BindingNamebinding:BindingNamehCheck:primitiveStepDomainClosedCheck nodes bindingRefs (PrimitiveGraphStep.bindingRef binding) = true⊢ PrimitiveGraphStep.DomainClosed nodes bindingRefs (PrimitiveGraphStep.bindingRef binding)
All goals completed! 🐙
nodes:List NodeIdbindingRefs:List BindingNameleftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:primitiveStepDomainClosedCheck nodes bindingRefs
(PrimitiveGraphStep.overlay leftNodeIds rightNodeIds leftBindings rightBindings) =
true⊢ PrimitiveGraphStep.DomainClosed nodes bindingRefs
(PrimitiveGraphStep.overlay leftNodeIds rightNodeIds leftBindings rightBindings)
nodes:List NodeIdbindingRefs:List BindingNameleftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(match PrimitiveGraphStep.overlay leftNodeIds rightNodeIds leftBindings rightBindings with
| PrimitiveGraphStep.empty => true
| PrimitiveGraphStep.node nodeId entries exits =>
Check.memCheck nodeId nodes && boundaryPortsClosedCheck nodes entries && boundaryPortsClosedCheck nodes exits
| PrimitiveGraphStep.bindingRef binding => Check.memCheck binding bindingRefs
| PrimitiveGraphStep.overlay leftNodeIds rightNodeIds leftBindings rightBindings =>
(((Check.allDecide leftNodeIds fun node => node ∈ nodes) &&
Check.allDecide rightNodeIds fun node => node ∈ nodes) &&
Check.allDecide leftBindings fun binding => binding ∈ bindingRefs) &&
Check.allDecide rightBindings fun binding => binding ∈ bindingRefs
| PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries =>
boundaryPortsClosedCheck nodes leftExits && boundaryPortsClosedCheck nodes rightEntries &&
connectionsClosedCheck nodes matchedPairs &&
boundaryPortsClosedCheck nodes unmatchedLeftExits &&
boundaryPortsClosedCheck nodes unmatchedRightEntries) =
true⊢ PrimitiveGraphStep.DomainClosed nodes bindingRefs
(PrimitiveGraphStep.overlay leftNodeIds rightNodeIds leftBindings rightBindings)
nodes:List NodeIdbindingRefs:List BindingNameleftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(((Check.allDecide leftNodeIds fun node => node ∈ nodes) = true ∧
(Check.allDecide rightNodeIds fun node => node ∈ nodes) = true) ∧
(Check.allDecide leftBindings fun binding => binding ∈ bindingRefs) = true) ∧
(Check.allDecide rightBindings fun binding => binding ∈ bindingRefs) = true⊢ PrimitiveGraphStep.DomainClosed nodes bindingRefs
(PrimitiveGraphStep.overlay leftNodeIds rightNodeIds leftBindings rightBindings)
nodes:List NodeIdbindingRefs:List BindingNameleftNodeIds:List NodeIdrightNodeIds:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehRightBindings:(Check.allDecide rightBindings fun binding => binding ∈ bindingRefs) = truehLeftBindings:(Check.allDecide leftBindings fun binding => binding ∈ bindingRefs) = truehLeftNodes:(Check.allDecide leftNodeIds fun node => node ∈ nodes) = truehRightNodes:(Check.allDecide rightNodeIds fun node => node ∈ nodes) = true⊢ PrimitiveGraphStep.DomainClosed nodes bindingRefs
(PrimitiveGraphStep.overlay leftNodeIds rightNodeIds leftBindings rightBindings)
All goals completed! 🐙
nodes:List NodeIdbindingRefs:List BindingNameleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthCheck:primitiveStepDomainClosedCheck nodes bindingRefs
(PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries) =
true⊢ PrimitiveGraphStep.DomainClosed nodes bindingRefs
(PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries)
nodes:List NodeIdbindingRefs:List BindingNameleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthCheck:(match PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries with
| PrimitiveGraphStep.empty => true
| PrimitiveGraphStep.node nodeId entries exits =>
Check.memCheck nodeId nodes && boundaryPortsClosedCheck nodes entries && boundaryPortsClosedCheck nodes exits
| PrimitiveGraphStep.bindingRef binding => Check.memCheck binding bindingRefs
| PrimitiveGraphStep.overlay leftNodeIds rightNodeIds leftBindings rightBindings =>
(((Check.allDecide leftNodeIds fun node => node ∈ nodes) &&
Check.allDecide rightNodeIds fun node => node ∈ nodes) &&
Check.allDecide leftBindings fun binding => binding ∈ bindingRefs) &&
Check.allDecide rightBindings fun binding => binding ∈ bindingRefs
| PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries =>
boundaryPortsClosedCheck nodes leftExits && boundaryPortsClosedCheck nodes rightEntries &&
connectionsClosedCheck nodes matchedPairs &&
boundaryPortsClosedCheck nodes unmatchedLeftExits &&
boundaryPortsClosedCheck nodes unmatchedRightEntries) =
true⊢ PrimitiveGraphStep.DomainClosed nodes bindingRefs
(PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries)
nodes:List NodeIdbindingRefs:List BindingNameleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthCheck:(((boundaryPortsClosedCheck nodes leftExits = true ∧ boundaryPortsClosedCheck nodes rightEntries = true) ∧
connectionsClosedCheck nodes matchedPairs = true) ∧
boundaryPortsClosedCheck nodes unmatchedLeftExits = true) ∧
boundaryPortsClosedCheck nodes unmatchedRightEntries = true⊢ PrimitiveGraphStep.DomainClosed nodes bindingRefs
(PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries)
nodes:List NodeIdbindingRefs:List BindingNameleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthUnmatchedRight:boundaryPortsClosedCheck nodes unmatchedRightEntries = truehUnmatchedLeft:boundaryPortsClosedCheck nodes unmatchedLeftExits = truehMatchedPairs:connectionsClosedCheck nodes matchedPairs = truehLeftExits:boundaryPortsClosedCheck nodes leftExits = truehRightEntries:boundaryPortsClosedCheck nodes rightEntries = true⊢ PrimitiveGraphStep.DomainClosed nodes bindingRefs
(PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries)
All goals completed! 🐙Executable checker that summary identities match primitive identity rows.
def summaryIdentitiesMatchPrimitiveCheck
(artifact : WireAdmissionArtifact) :
Bool :=
Check.permCheck artifact.nodes
(PrimitiveGraphStep.nodeRowsList artifact.primitiveSteps) &&
Check.permCheck artifact.bindingRefs
(PrimitiveGraphStep.bindingRowsList artifact.primitiveSteps)
Successful identity matching proves SummaryIdentitiesMatchPrimitive.
theorem summaryIdentitiesMatchPrimitiveCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.summaryIdentitiesMatchPrimitiveCheck = true) :
artifact.SummaryIdentitiesMatchPrimitive := artifact:WireAdmissionArtifacthCheck:artifact.summaryIdentitiesMatchPrimitiveCheck = true⊢ artifact.SummaryIdentitiesMatchPrimitive
artifact:WireAdmissionArtifacthCheck:(Check.permCheck artifact.nodes (PrimitiveGraphStep.nodeRowsList artifact.primitiveSteps) &&
Check.permCheck artifact.bindingRefs (PrimitiveGraphStep.bindingRowsList artifact.primitiveSteps)) =
true⊢ artifact.SummaryIdentitiesMatchPrimitive
artifact:WireAdmissionArtifacthCheck:Check.permCheck artifact.nodes (PrimitiveGraphStep.nodeRowsList artifact.primitiveSteps) = true ∧
Check.permCheck artifact.bindingRefs (PrimitiveGraphStep.bindingRowsList artifact.primitiveSteps) = true⊢ artifact.SummaryIdentitiesMatchPrimitive
All goals completed! 🐙Executable checker that summary frontiers are backed by primitive residual frontiers.
def summaryFrontiersBackedByPrimitiveCheck
(artifact : WireAdmissionArtifact) :
Bool :=
(Check.allDecide artifact.entries fun entry =>
entry.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
entry.key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps) &&
(Check.allDecide artifact.exits fun exit =>
exit.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
exit.key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps)
Successful frontier-backing checking proves SummaryFrontiersBackedByPrimitive.
theorem summaryFrontiersBackedByPrimitiveCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.summaryFrontiersBackedByPrimitiveCheck = true) :
artifact.SummaryFrontiersBackedByPrimitive := artifact:WireAdmissionArtifacthCheck:artifact.summaryFrontiersBackedByPrimitiveCheck = true⊢ artifact.SummaryFrontiersBackedByPrimitive
artifact:WireAdmissionArtifacthCheck:((Check.allDecide artifact.entries fun entry =>
entry.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
entry.key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps) &&
Check.allDecide artifact.exits fun exit =>
exit.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
exit.key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) =
true⊢ artifact.SummaryFrontiersBackedByPrimitive
artifact:WireAdmissionArtifacthCheck:(Check.allDecide artifact.entries fun entry =>
entry.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
entry.key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps) =
true ∧
(Check.allDecide artifact.exits fun exit =>
exit.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
exit.key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) =
true⊢ artifact.SummaryFrontiersBackedByPrimitive
All goals completed! 🐙Primitive entry keys that remain source-visible after primitive connection replay.
def residualPrimitiveEntryKeys (artifact : WireAdmissionArtifact) :
List (NodeId × FieldLabel × ContractId) :=
(PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps).filter fun key =>
decide (key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps)Boolean check that one exit row witnesses a select-internal key.
def selectInternalExitRowKeyCheck
(selectAdmission : SelectAdmissionArtifact)
(key : NodeId × FieldLabel × ContractId)
(exit : AdmissionBoundaryPort) :
Bool :=
decide (exit.key = key) &&
match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant =>
decide (variant.port.CompatibleWith exit)Successful row-level select-internal checking returns the matched exit and variant facts.
theorem selectInternalExitRowKeyCheck_sound
{selectAdmission : SelectAdmissionArtifact}
{key : NodeId × FieldLabel × ContractId}
{exit : AdmissionBoundaryPort}
(hCheck : selectInternalExitRowKeyCheck selectAdmission key exit = true) :
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant, variant ∈ selectAdmission.variants ∧
variant.port.CompatibleWith exit := selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthCheck:selectInternalExitRowKeyCheck selectAdmission key exit = true⊢ exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthCheck:(decide (exit.key = key) &&
match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
true⊢ exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthCheck:decide (exit.key = key) = true ∧
(match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
true⊢ exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthCheck:decide (exit.key = key) = true ∧
(match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
truehKey:exit.key = key⊢ exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
cases hGroup : exit.exclusiveGroup with
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthCheck:decide (exit.key = key) = true ∧
(match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
truehKey:exit.key = keyhGroup:exit.exclusiveGroup = none⊢ exit.key = key ∧
(∃ index, none = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
All goals completed! 🐙
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthCheck:decide (exit.key = key) = true ∧
(match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
truehKey:exit.key = keygroup:NodeId × ℕhGroup:exit.exclusiveGroup = some group⊢ exit.key = key ∧
(∃ index, some group = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
cases group with
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthCheck:decide (exit.key = key) = true ∧
(match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
truehKey:exit.key = keyowner:NodeIdindex:ℕhGroup:exit.exclusiveGroup = some (owner, index)⊢ exit.key = key ∧
(∃ index_1, some (owner, index) = some (selectAdmission.conditionNode, index_1)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
have hTail :
(decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any
(fun variant => decide (variant.port.CompatibleWith exit))) = true := selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthCheck:selectInternalExitRowKeyCheck selectAdmission key exit = true⊢ exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
All goals completed! 🐙
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthCheck:decide (exit.key = key) = true ∧
(match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
truehKey:exit.key = keyowner:NodeIdindex:ℕhGroup:exit.exclusiveGroup = some (owner, index)hTail:decide (owner = selectAdmission.conditionNode) = true ∧
(selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) = true⊢ exit.key = key ∧
(∃ index_1, some (owner, index) = some (selectAdmission.conditionNode, index_1)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthCheck:decide (exit.key = key) = true ∧
(match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
truehKey:exit.key = keyowner:NodeIdindex:ℕhGroup:exit.exclusiveGroup = some (owner, index)hTail:decide (owner = selectAdmission.conditionNode) = true ∧
(selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) = truehOwner:owner = selectAdmission.conditionNode⊢ exit.key = key ∧
(∃ index_1, some (owner, index) = some (selectAdmission.conditionNode, index_1)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthCheck:decide (exit.key = key) = true ∧
(match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
truehKey:exit.key = keyowner:NodeIdindex:ℕhGroup:exit.exclusiveGroup = some (owner, index)hTail:decide (owner = selectAdmission.conditionNode) = true ∧
(selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) = truehOwner:owner = selectAdmission.conditionNodevariant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatibleBool:decide (variant.port.CompatibleWith exit) = true⊢ exit.key = key ∧
(∃ index_1, some (owner, index) = some (selectAdmission.conditionNode, index_1)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthCheck:decide (exit.key = key) = true ∧
(match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
truehKey:exit.key = keyowner:NodeIdindex:ℕhGroup:exit.exclusiveGroup = some (owner, index)hTail:decide (owner = selectAdmission.conditionNode) = true ∧
(selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) = truehOwner:owner = selectAdmission.conditionNodevariant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatibleBool:decide (variant.port.CompatibleWith exit) = truehCompatible:variant.port.CompatibleWith exit⊢ exit.key = key ∧
(∃ index_1, some (owner, index) = some (selectAdmission.conditionNode, index_1)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
exact
⟨ hKey
, ⟨index, selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthCheck:decide (exit.key = key) = true ∧
(match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
truehKey:exit.key = keyowner:NodeIdindex:ℕhGroup:exit.exclusiveGroup = some (owner, index)hTail:decide (owner = selectAdmission.conditionNode) = true ∧
(selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) = truehOwner:owner = selectAdmission.conditionNodevariant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatibleBool:decide (variant.port.CompatibleWith exit) = truehCompatible:variant.port.CompatibleWith exit⊢ some (owner, index) = some (selectAdmission.conditionNode, index) All goals completed! 🐙⟩
, variant
, hVariant
, hCompatible
⟩Row-level select-internal key witnesses are accepted by the boolean checker.
theorem selectInternalExitRowKeyCheck_complete
{selectAdmission : SelectAdmissionArtifact}
{key : NodeId × FieldLabel × ContractId}
{exit : AdmissionBoundaryPort}
(hKey : exit.key = key)
(hGroup :
∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index))
(hVariant :
∃ variant, variant ∈ selectAdmission.variants ∧
variant.port.CompatibleWith exit) :
selectInternalExitRowKeyCheck selectAdmission key exit = true := selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthKey:exit.key = keyhGroup:∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)hVariant:∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit⊢ selectInternalExitRowKeyCheck selectAdmission key exit = true
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthKey:exit.key = keyhVariant:∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exitindex:ℕhGroupEq:exit.exclusiveGroup = some (selectAdmission.conditionNode, index)⊢ selectInternalExitRowKeyCheck selectAdmission key exit = true
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthKey:exit.key = keyindex:ℕhGroupEq:exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exit⊢ selectInternalExitRowKeyCheck selectAdmission key exit = true
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthKey:exit.key = keyindex:ℕhGroupEq:exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exit⊢ (decide (exit.key = key) &&
match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
true
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthKey:exit.key = keyindex:ℕhGroupEq:exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exit⊢ decide (exit.key = key) = true ∧
(match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
true
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthKey:exit.key = keyindex:ℕhGroupEq:exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exit⊢ decide (exit.key = key) = trueselectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthKey:exit.key = keyindex:ℕhGroupEq:exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exit⊢ (match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
true
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthKey:exit.key = keyindex:ℕhGroupEq:exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exit⊢ decide (exit.key = key) = true All goals completed! 🐙
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthKey:exit.key = keyindex:ℕhGroupEq:exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exit⊢ (match exit.exclusiveGroup with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
true selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthKey:exit.key = keyindex:ℕhGroupEq:exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exit⊢ (match some (selectAdmission.conditionNode, index) with
| none => false
| some (owner, _index) =>
decide (owner = selectAdmission.conditionNode) &&
selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) =
true
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthKey:exit.key = keyindex:ℕhGroupEq:exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exit⊢ decide (selectAdmission.conditionNode = selectAdmission.conditionNode) = true ∧
(selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) = true
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthKey:exit.key = keyindex:ℕhGroupEq:exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exit⊢ decide (selectAdmission.conditionNode = selectAdmission.conditionNode) = trueselectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthKey:exit.key = keyindex:ℕhGroupEq:exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exit⊢ (selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) = true
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthKey:exit.key = keyindex:ℕhGroupEq:exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exit⊢ decide (selectAdmission.conditionNode = selectAdmission.conditionNode) = true All goals completed! 🐙
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdexit:AdmissionBoundaryPorthKey:exit.key = keyindex:ℕhGroupEq:exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exit⊢ (selectAdmission.variants.any fun variant => decide (variant.port.CompatibleWith exit)) = true All goals completed! 🐙Boolean check that a primitive node row witnesses a select-internal key.
def selectInternalNodeKeyCheck
(selectAdmission : SelectAdmissionArtifact)
(key : NodeId × FieldLabel × ContractId) :
PrimitiveGraphStep → Bool
| PrimitiveGraphStep.node node _entries exits =>
decide (node = selectAdmission.conditionNode) &&
exits.any fun exit =>
selectInternalExitRowKeyCheck selectAdmission key exit
| PrimitiveGraphStep.empty => false
| PrimitiveGraphStep.bindingRef _binding => false
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings =>
false
| PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs
_unmatchedLeftExits _unmatchedRightEntries =>
falseSuccessful primitive-node key checking returns the primitive row and exit witness.
theorem selectInternalNodeKeyCheck_sound
{selectAdmission : SelectAdmissionArtifact}
{key : NodeId × FieldLabel × ContractId}
{primitiveStep : PrimitiveGraphStep}
(hCheck : selectInternalNodeKeyCheck selectAdmission key primitiveStep = true) :
∃ entries exits,
primitiveStep = PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∧
∃ exit, exit ∈ exits ∧
exit.key = key ∧
(∃ index,
exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant, variant ∈ selectAdmission.variants ∧
variant.port.CompatibleWith exit := selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdprimitiveStep:PrimitiveGraphStephCheck:selectInternalNodeKeyCheck selectAdmission key primitiveStep = true⊢ ∃ entries exits,
primitiveStep = PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∧
∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
cases primitiveStep with
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdhCheck:selectInternalNodeKeyCheck selectAdmission key PrimitiveGraphStep.empty = true⊢ ∃ entries exits,
PrimitiveGraphStep.empty = PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∧
∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
All goals completed! 🐙
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdbinding:BindingNamehCheck:selectInternalNodeKeyCheck selectAdmission key (PrimitiveGraphStep.bindingRef binding) = true⊢ ∃ entries exits,
PrimitiveGraphStep.bindingRef binding = PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∧
∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
All goals completed! 🐙
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdleftNodes:List NodeIdrightNodes:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:selectInternalNodeKeyCheck selectAdmission key
(PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings =
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∧
∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
All goals completed! 🐙
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthCheck:selectInternalNodeKeyCheck selectAdmission key
(PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries =
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∧
∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
All goals completed! 🐙
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdnode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:selectInternalNodeKeyCheck selectAdmission key (PrimitiveGraphStep.node node entries exits) = true⊢ ∃ entries_1 exits_1,
PrimitiveGraphStep.node node entries exits = PrimitiveGraphStep.node selectAdmission.conditionNode entries_1 exits_1 ∧
∃ exit ∈ exits_1,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdnode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:(match PrimitiveGraphStep.node node entries exits with
| PrimitiveGraphStep.node node _entries exits =>
decide (node = selectAdmission.conditionNode) &&
exits.any fun exit => selectInternalExitRowKeyCheck selectAdmission key exit
| PrimitiveGraphStep.empty => false
| PrimitiveGraphStep.bindingRef _binding => false
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings => false
| PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries =>
false) =
true⊢ ∃ entries_1 exits_1,
PrimitiveGraphStep.node node entries exits = PrimitiveGraphStep.node selectAdmission.conditionNode entries_1 exits_1 ∧
∃ exit ∈ exits_1,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdnode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:decide (node = selectAdmission.conditionNode) = true ∧
(exits.any fun exit => selectInternalExitRowKeyCheck selectAdmission key exit) = true⊢ ∃ entries_1 exits_1,
PrimitiveGraphStep.node node entries exits = PrimitiveGraphStep.node selectAdmission.conditionNode entries_1 exits_1 ∧
∃ exit ∈ exits_1,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdnode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:decide (node = selectAdmission.conditionNode) = true ∧
(exits.any fun exit => selectInternalExitRowKeyCheck selectAdmission key exit) = truehNode:node = selectAdmission.conditionNode⊢ ∃ entries_1 exits_1,
PrimitiveGraphStep.node node entries exits = PrimitiveGraphStep.node selectAdmission.conditionNode entries_1 exits_1 ∧
∃ exit ∈ exits_1,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdnode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:decide (node = selectAdmission.conditionNode) = true ∧
(exits.any fun exit => selectInternalExitRowKeyCheck selectAdmission key exit) = truehNode:node = selectAdmission.conditionNodeexit:AdmissionBoundaryPorthExit:exit ∈ exitshExitCheck:selectInternalExitRowKeyCheck selectAdmission key exit = true⊢ ∃ entries_1 exits_1,
PrimitiveGraphStep.node node entries exits = PrimitiveGraphStep.node selectAdmission.conditionNode entries_1 exits_1 ∧
∃ exit ∈ exits_1,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdnode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:decide (node = selectAdmission.conditionNode) = true ∧
(exits.any fun exit => selectInternalExitRowKeyCheck selectAdmission key exit) = truehNode:node = selectAdmission.conditionNodeexit:AdmissionBoundaryPorthExit:exit ∈ exitshExitCheck:selectInternalExitRowKeyCheck selectAdmission key exit = truehKey:exit.key = keyhGroup:∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)hVariant:∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit⊢ ∃ entries_1 exits_1,
PrimitiveGraphStep.node node entries exits = PrimitiveGraphStep.node selectAdmission.conditionNode entries_1 exits_1 ∧
∃ exit ∈ exits_1,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
exact
⟨ entries
, exits
, selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdnode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthCheck:decide (node = selectAdmission.conditionNode) = true ∧
(exits.any fun exit => selectInternalExitRowKeyCheck selectAdmission key exit) = truehNode:node = selectAdmission.conditionNodeexit:AdmissionBoundaryPorthExit:exit ∈ exitshExitCheck:selectInternalExitRowKeyCheck selectAdmission key exit = truehKey:exit.key = keyhGroup:∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)hVariant:∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit⊢ PrimitiveGraphStep.node node entries exits = PrimitiveGraphStep.node selectAdmission.conditionNode entries exits All goals completed! 🐙
, exit
, hExit
, hKey
, hGroup
, hVariant
⟩Primitive-node key witnesses are accepted by the boolean checker.
theorem selectInternalNodeKeyCheck_complete
{selectAdmission : SelectAdmissionArtifact}
{key : NodeId × FieldLabel × ContractId}
{entries exits : List AdmissionBoundaryPort}
(hExit :
∃ exit, exit ∈ exits ∧
exit.key = key ∧
(∃ index,
exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant, variant ∈ selectAdmission.variants ∧
variant.port.CompatibleWith exit) :
selectInternalNodeKeyCheck selectAdmission key
(PrimitiveGraphStep.node selectAdmission.conditionNode entries exits) = true := selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthExit:∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit⊢ selectInternalNodeKeyCheck selectAdmission key (PrimitiveGraphStep.node selectAdmission.conditionNode entries exits) =
true
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPortexit:AdmissionBoundaryPorthExitMem:exit ∈ exitshKey:exit.key = keyhGroup:∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)hVariant:∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit⊢ selectInternalNodeKeyCheck selectAdmission key (PrimitiveGraphStep.node selectAdmission.conditionNode entries exits) =
true
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPortexit:AdmissionBoundaryPorthExitMem:exit ∈ exitshKey:exit.key = keyhGroup:∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)hVariant:∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit⊢ (match PrimitiveGraphStep.node selectAdmission.conditionNode entries exits with
| PrimitiveGraphStep.node node _entries exits =>
decide (node = selectAdmission.conditionNode) &&
exits.any fun exit => selectInternalExitRowKeyCheck selectAdmission key exit
| PrimitiveGraphStep.empty => false
| PrimitiveGraphStep.bindingRef _binding => false
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings => false
| PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries =>
false) =
true
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPortexit:AdmissionBoundaryPorthExitMem:exit ∈ exitshKey:exit.key = keyhGroup:∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)hVariant:∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit⊢ decide (selectAdmission.conditionNode = selectAdmission.conditionNode) = true ∧
(exits.any fun exit => selectInternalExitRowKeyCheck selectAdmission key exit) = true
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPortexit:AdmissionBoundaryPorthExitMem:exit ∈ exitshKey:exit.key = keyhGroup:∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)hVariant:∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit⊢ decide (selectAdmission.conditionNode = selectAdmission.conditionNode) = trueselectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPortexit:AdmissionBoundaryPorthExitMem:exit ∈ exitshKey:exit.key = keyhGroup:∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)hVariant:∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit⊢ (exits.any fun exit => selectInternalExitRowKeyCheck selectAdmission key exit) = true
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPortexit:AdmissionBoundaryPorthExitMem:exit ∈ exitshKey:exit.key = keyhGroup:∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)hVariant:∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit⊢ decide (selectAdmission.conditionNode = selectAdmission.conditionNode) = true All goals completed! 🐙
selectAdmission:SelectAdmissionArtifactkey:NodeId × FieldLabel × ContractIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPortexit:AdmissionBoundaryPorthExitMem:exit ∈ exitshKey:exit.key = keyhGroup:∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)hVariant:∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit⊢ (exits.any fun exit => selectInternalExitRowKeyCheck selectAdmission key exit) = true All goals completed! 🐙Boolean form of key-level select-internal exit detection.
def selectInternalExitKeyCheck
(artifact : WireAdmissionArtifact)
(key : NodeId × FieldLabel × ContractId) :
Bool :=
artifact.selects.any fun selectAdmission =>
artifact.primitiveSteps.any fun primitiveStep =>
selectInternalNodeKeyCheck selectAdmission key primitiveStep
The key-level select-internal checker is exact for SelectInternalExitKey.
theorem selectInternalExitKeyCheck_eq_true_iff
{artifact : WireAdmissionArtifact}
{key : NodeId × FieldLabel × ContractId} :
artifact.selectInternalExitKeyCheck key = true ↔
artifact.SelectInternalExitKey key := artifact:WireAdmissionArtifactkey:NodeId × FieldLabel × ContractId⊢ artifact.selectInternalExitKeyCheck key = true ↔ artifact.SelectInternalExitKey key
artifact:WireAdmissionArtifactkey:NodeId × FieldLabel × ContractId⊢ (artifact.selects.any fun selectAdmission =>
artifact.primitiveSteps.any fun primitiveStep => selectInternalNodeKeyCheck selectAdmission key primitiveStep) =
true ↔
∃ selectAdmission ∈ artifact.selects,
∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
artifact:WireAdmissionArtifactkey:NodeId × FieldLabel × ContractId⊢ (artifact.selects.any fun selectAdmission =>
artifact.primitiveSteps.any fun primitiveStep => selectInternalNodeKeyCheck selectAdmission key primitiveStep) =
true →
∃ selectAdmission ∈ artifact.selects,
∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exitartifact:WireAdmissionArtifactkey:NodeId × FieldLabel × ContractId⊢ (∃ selectAdmission ∈ artifact.selects,
∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit) →
(artifact.selects.any fun selectAdmission =>
artifact.primitiveSteps.any fun primitiveStep => selectInternalNodeKeyCheck selectAdmission key primitiveStep) =
true
artifact:WireAdmissionArtifactkey:NodeId × FieldLabel × ContractId⊢ (artifact.selects.any fun selectAdmission =>
artifact.primitiveSteps.any fun primitiveStep => selectInternalNodeKeyCheck selectAdmission key primitiveStep) =
true →
∃ selectAdmission ∈ artifact.selects,
∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit artifact:WireAdmissionArtifactkey:NodeId × FieldLabel × ContractIdhCheck:(artifact.selects.any fun selectAdmission =>
artifact.primitiveSteps.any fun primitiveStep => selectInternalNodeKeyCheck selectAdmission key primitiveStep) =
true⊢ ∃ selectAdmission ∈ artifact.selects,
∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
artifact:WireAdmissionArtifactkey:NodeId × FieldLabel × ContractIdhCheck:(artifact.selects.any fun selectAdmission =>
artifact.primitiveSteps.any fun primitiveStep => selectInternalNodeKeyCheck selectAdmission key primitiveStep) =
trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectshPrimitiveCheck:(artifact.primitiveSteps.any fun primitiveStep => selectInternalNodeKeyCheck selectAdmission key primitiveStep) = true⊢ ∃ selectAdmission ∈ artifact.selects,
∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
artifact:WireAdmissionArtifactkey:NodeId × FieldLabel × ContractIdhCheck:(artifact.selects.any fun selectAdmission =>
artifact.primitiveSteps.any fun primitiveStep => selectInternalNodeKeyCheck selectAdmission key primitiveStep) =
trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectshPrimitiveCheck:(artifact.primitiveSteps.any fun primitiveStep => selectInternalNodeKeyCheck selectAdmission key primitiveStep) = trueprimitiveStep:PrimitiveGraphStephPrimitive:primitiveStep ∈ artifact.primitiveStepshNodeCheck:selectInternalNodeKeyCheck selectAdmission key primitiveStep = true⊢ ∃ selectAdmission ∈ artifact.selects,
∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
artifact:WireAdmissionArtifactkey:NodeId × FieldLabel × ContractIdhCheck:(artifact.selects.any fun selectAdmission =>
artifact.primitiveSteps.any fun primitiveStep => selectInternalNodeKeyCheck selectAdmission key primitiveStep) =
trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectshPrimitiveCheck:(artifact.primitiveSteps.any fun primitiveStep => selectInternalNodeKeyCheck selectAdmission key primitiveStep) = trueprimitiveStep:PrimitiveGraphStephPrimitive:primitiveStep ∈ artifact.primitiveStepshNodeCheck:selectInternalNodeKeyCheck selectAdmission key primitiveStep = trueentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthStep:primitiveStep = PrimitiveGraphStep.node selectAdmission.conditionNode entries exitsexit:AdmissionBoundaryPorthExit:exit ∈ exitshKey:exit.key = keyhGroup:∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exit⊢ ∃ selectAdmission ∈ artifact.selects,
∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
artifact:WireAdmissionArtifactkey:NodeId × FieldLabel × ContractIdhCheck:(artifact.selects.any fun selectAdmission =>
artifact.primitiveSteps.any fun primitiveStep => selectInternalNodeKeyCheck selectAdmission key primitiveStep) =
trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectshPrimitiveCheck:(artifact.primitiveSteps.any fun primitiveStep => selectInternalNodeKeyCheck selectAdmission key primitiveStep) = trueentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPortexit:AdmissionBoundaryPorthExit:exit ∈ exitshKey:exit.key = keyhGroup:∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exithPrimitive:PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveStepshNodeCheck:selectInternalNodeKeyCheck selectAdmission key (PrimitiveGraphStep.node selectAdmission.conditionNode entries exits) =
true⊢ ∃ selectAdmission ∈ artifact.selects,
∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit
All goals completed! 🐙
artifact:WireAdmissionArtifactkey:NodeId × FieldLabel × ContractId⊢ (∃ selectAdmission ∈ artifact.selects,
∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∃ exit ∈ exits,
exit.key = key ∧
(∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)) ∧
∃ variant ∈ selectAdmission.variants, variant.port.CompatibleWith exit) →
(artifact.selects.any fun selectAdmission =>
artifact.primitiveSteps.any fun primitiveStep => selectInternalNodeKeyCheck selectAdmission key primitiveStep) =
true artifact:WireAdmissionArtifactkey:NodeId × FieldLabel × ContractIdselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitive:PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveStepsexit:AdmissionBoundaryPorthExit:exit ∈ exitshKey:exit.key = keyhGroup:∃ index, exit.exclusiveGroup = some (selectAdmission.conditionNode, index)variant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshCompatible:variant.port.CompatibleWith exit⊢ (artifact.selects.any fun selectAdmission =>
artifact.primitiveSteps.any fun primitiveStep => selectInternalNodeKeyCheck selectAdmission key primitiveStep) =
true
All goals completed! 🐙Primitive exit keys that remain source-visible after replay and select erasure.
def residualPrimitiveExitKeys (artifact : WireAdmissionArtifact) :
List (NodeId × FieldLabel × ContractId) :=
(PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps).filter fun key =>
decide (key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) &&
!(artifact.selectInternalExitKeyCheck key)Executable checker that summary frontiers exactly match residual primitive frontiers.
def summaryFrontiersMatchPrimitiveCheck
(artifact : WireAdmissionArtifact) :
Bool :=
Check.sameMembersCheck
(artifact.entries.map AdmissionBoundaryPort.key)
artifact.residualPrimitiveEntryKeys &&
Check.sameMembersCheck
(artifact.exits.map AdmissionBoundaryPort.key)
artifact.residualPrimitiveExitKeys
Successful frontier-exactness checking proves SummaryFrontiersMatchPrimitive.
theorem summaryFrontiersMatchPrimitiveCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.summaryFrontiersMatchPrimitiveCheck = true) :
artifact.SummaryFrontiersMatchPrimitive := artifact:WireAdmissionArtifacthCheck:artifact.summaryFrontiersMatchPrimitiveCheck = true⊢ artifact.SummaryFrontiersMatchPrimitive
artifact:WireAdmissionArtifacthCheck:(Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys &&
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys) =
true⊢ artifact.SummaryFrontiersMatchPrimitive
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = true⊢ artifact.SummaryFrontiersMatchPrimitive
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeys⊢ artifact.SummaryFrontiersMatchPrimitive
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeys⊢ artifact.SummaryFrontiersMatchPrimitive
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeys⊢ ∀ (key : NodeId × FieldLabel × ContractId),
key ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔
key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveStepsartifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeys⊢ ∀ (key : NodeId × FieldLabel × ContractId),
key ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔
key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeys⊢ ∀ (key : NodeId × FieldLabel × ContractId),
key ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔
key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractId⊢ key ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔
key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractId⊢ key ∈ List.map AdmissionBoundaryPort.key artifact.entries →
key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveStepsartifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractId⊢ key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps →
key ∈ List.map AdmissionBoundaryPort.key artifact.entries
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractId⊢ key ∈ List.map AdmissionBoundaryPort.key artifact.entries →
key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhSummary:key ∈ List.map AdmissionBoundaryPort.key artifact.entries⊢ key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhSummary:key ∈ List.map AdmissionBoundaryPort.key artifact.entrieshResidual:key ∈ artifact.residualPrimitiveEntryKeys⊢ key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhSummary:key ∈ List.map AdmissionBoundaryPort.key artifact.entrieshResidual:key ∈
List.filter (fun key => decide (key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps))
(PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps)⊢ key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhSummary:key ∈ List.map AdmissionBoundaryPort.key artifact.entrieshResidual:key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
decide (key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps) = true⊢ key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps
All goals completed! 🐙
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractId⊢ key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps →
key ∈ List.map AdmissionBoundaryPort.key artifact.entries artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps⊢ key ∈ List.map AdmissionBoundaryPort.key artifact.entries
have hResidual : key ∈ artifact.residualPrimitiveEntryKeys := artifact:WireAdmissionArtifacthCheck:artifact.summaryFrontiersMatchPrimitiveCheck = true⊢ artifact.SummaryFrontiersMatchPrimitive
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps⊢ key ∈
List.filter (fun key => decide (key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps))
(PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps)
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps⊢ key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
decide (key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps) = true
exact ⟨hPrimitive.left, artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps⊢ decide (key ∉ PrimitiveGraphStep.consumedEntryKeysList artifact.primitiveSteps) = true All goals completed! 🐙⟩
All goals completed! 🐙
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeys⊢ ∀ (key : NodeId × FieldLabel × ContractId),
key ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔
key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractId⊢ key ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔
key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractId⊢ key ∈ List.map AdmissionBoundaryPort.key artifact.exits →
key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey keyartifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractId⊢ key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key →
key ∈ List.map AdmissionBoundaryPort.key artifact.exits
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractId⊢ key ∈ List.map AdmissionBoundaryPort.key artifact.exits →
key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhSummary:key ∈ List.map AdmissionBoundaryPort.key artifact.exits⊢ key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhSummary:key ∈ List.map AdmissionBoundaryPort.key artifact.exitshResidual:key ∈ artifact.residualPrimitiveExitKeys⊢ key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhSummary:key ∈ List.map AdmissionBoundaryPort.key artifact.exitshResidual:key ∈
List.filter
(fun key =>
decide (key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) &&
!artifact.selectInternalExitKeyCheck key)
(PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps)⊢ key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhSummary:key ∈ List.map AdmissionBoundaryPort.key artifact.exitshResidual:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
(decide (key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) &&
!artifact.selectInternalExitKeyCheck key) =
true⊢ key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhSummary:key ∈ List.map AdmissionBoundaryPort.key artifact.exitshResidual:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
decide (key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) = true ∧
(!artifact.selectInternalExitKeyCheck key) = true⊢ key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhSummary:key ∈ List.map AdmissionBoundaryPort.key artifact.exitshResidual:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
decide (key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) = true ∧
(!artifact.selectInternalExitKeyCheck key) = truehNotConsumed:key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps⊢ key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key
have hNotInternal : ¬ artifact.SelectInternalExitKey key := artifact:WireAdmissionArtifacthCheck:artifact.summaryFrontiersMatchPrimitiveCheck = true⊢ artifact.SummaryFrontiersMatchPrimitive
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhSummary:key ∈ List.map AdmissionBoundaryPort.key artifact.exitshResidual:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
decide (key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) = true ∧
(!artifact.selectInternalExitKeyCheck key) = truehNotConsumed:key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveStepshInternal:artifact.SelectInternalExitKey key⊢ False
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhSummary:key ∈ List.map AdmissionBoundaryPort.key artifact.exitshResidual:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
decide (key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) = true ∧
(!artifact.selectInternalExitKeyCheck key) = truehNotConsumed:key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveStepshInternal:artifact.SelectInternalExitKey keyhInternalCheck:artifact.selectInternalExitKeyCheck key = true⊢ False
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhSummary:key ∈ List.map AdmissionBoundaryPort.key artifact.exitshResidual:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
decide (key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) = true ∧ (!true) = truehNotConsumed:key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveStepshInternal:artifact.SelectInternalExitKey keyhInternalCheck:artifact.selectInternalExitKeyCheck key = true⊢ False
All goals completed! 🐙
All goals completed! 🐙
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractId⊢ key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key →
key ∈ List.map AdmissionBoundaryPort.key artifact.exits artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key⊢ key ∈ List.map AdmissionBoundaryPort.key artifact.exits
have hResidual : key ∈ artifact.residualPrimitiveExitKeys := artifact:WireAdmissionArtifacthCheck:artifact.summaryFrontiersMatchPrimitiveCheck = true⊢ artifact.SummaryFrontiersMatchPrimitive
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key⊢ key ∈
List.filter
(fun key =>
decide (key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) &&
!artifact.selectInternalExitKeyCheck key)
(PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps)
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key⊢ key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
(decide (key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) &&
!artifact.selectInternalExitKeyCheck key) =
true
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key⊢ (decide (key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) &&
!artifact.selectInternalExitKeyCheck key) =
true
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key⊢ decide (key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) = true ∧
(!artifact.selectInternalExitKeyCheck key) = true
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key⊢ decide (key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) = trueartifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key⊢ (!artifact.selectInternalExitKeyCheck key) = true
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key⊢ decide (key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps) = true All goals completed! 🐙
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey key⊢ (!artifact.selectInternalExitKeyCheck key) = true cases hInternalCheck : artifact.selectInternalExitKeyCheck key with
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey keyhInternalCheck:artifact.selectInternalExitKeyCheck key = false⊢ (!false) = true
All goals completed! 🐙
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey keyhInternalCheck:artifact.selectInternalExitKeyCheck key = true⊢ (!true) = true
artifact:WireAdmissionArtifacthCheck:Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.entries) artifact.residualPrimitiveEntryKeys =
true ∧
Check.sameMembersCheck (List.map AdmissionBoundaryPort.key artifact.exits) artifact.residualPrimitiveExitKeys = truehEntriesMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.entries ↔ item ∈ artifact.residualPrimitiveEntryKeyshExitsMembers:∀ (item : NodeId × FieldLabel × ContractId),
item ∈ List.map AdmissionBoundaryPort.key artifact.exits ↔ item ∈ artifact.residualPrimitiveExitKeyskey:NodeId × FieldLabel × ContractIdhPrimitive:key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
key ∉ PrimitiveGraphStep.consumedExitKeysList artifact.primitiveSteps ∧ ¬artifact.SelectInternalExitKey keyhInternalCheck:artifact.selectInternalExitKeyCheck key = truehInternal:artifact.SelectInternalExitKey key⊢ (!true) = true
All goals completed! 🐙
All goals completed! 🐙Executable checker that top-level raw connections match primitive connect projections.
def rawConnectionsMatchPrimitiveCheck
(artifact : WireAdmissionArtifact) :
Bool :=
Check.permCheck artifact.connections
(PrimitiveGraphStep.rawConnectionsList artifact.primitiveSteps)
Successful raw-connection matching proves RawConnectionsMatchPrimitive.
theorem rawConnectionsMatchPrimitiveCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.rawConnectionsMatchPrimitiveCheck = true) :
artifact.RawConnectionsMatchPrimitive :=
Check.permCheck_sound hCheckPrimitive Prefix Checks
Replay-order scan for primitive predicates whose truth depends on the trace prefix.
def primitivePrefixScanCheck
(rowCheck : List PrimitiveGraphStep → PrimitiveGraphStep → Bool)
(priorSteps : List PrimitiveGraphStep) :
List PrimitiveGraphStep → Bool
| [] =>
true
| primitiveStep :: primitiveSteps =>
rowCheck priorSteps primitiveStep &&
primitivePrefixScanCheck rowCheck (priorSteps ++ [primitiveStep]) primitiveStepsA successful prefix scan proves the row predicate at every trace position.
theorem primitivePrefixScanCheck_at_step_sound
{rowCheck : List PrimitiveGraphStep → PrimitiveGraphStep → Bool}
{rowPredicate : List PrimitiveGraphStep → PrimitiveGraphStep → Prop}
(rowSound :
∀ priorSteps primitiveStep,
rowCheck priorSteps primitiveStep = true →
rowPredicate priorSteps primitiveStep)
{priorSteps primitiveSteps : List PrimitiveGraphStep}
(hCheck :
primitivePrefixScanCheck rowCheck priorSteps primitiveSteps = true) :
∀ tracePrefix suffix primitiveStep,
primitiveSteps = tracePrefix ++ [primitiveStep] ++ suffix →
rowPredicate (priorSteps ++ tracePrefix) primitiveStep := rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveSteppriorSteps:List PrimitiveGraphStepprimitiveSteps:List PrimitiveGraphStephCheck:primitivePrefixScanCheck rowCheck priorSteps primitiveSteps = true⊢ ∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
primitiveSteps = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveStep
induction primitiveSteps generalizing priorSteps with
rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveSteppriorSteps:List PrimitiveGraphStephCheck:primitivePrefixScanCheck rowCheck priorSteps [] = true⊢ ∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
[] = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveStep
intro tracePrefix rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveSteppriorSteps:List PrimitiveGraphStephCheck:primitivePrefixScanCheck rowCheck priorSteps [] = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStep⊢ ∀ (primitiveStep : PrimitiveGraphStep),
[] = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveStep rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveSteppriorSteps:List PrimitiveGraphStephCheck:primitivePrefixScanCheck rowCheck priorSteps [] = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphStep⊢ [] = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveStep rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveSteppriorSteps:List PrimitiveGraphStephCheck:primitivePrefixScanCheck rowCheck priorSteps [] = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphStephEq:[] = tracePrefix ++ [primitiveStep] ++ suffix⊢ rowPredicate (priorSteps ++ tracePrefix) primitiveStep
cases tracePrefix with
rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveSteppriorSteps:List PrimitiveGraphStephCheck:primitivePrefixScanCheck rowCheck priorSteps [] = truesuffix:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphStephEq:[] = [] ++ [primitiveStep] ++ suffix⊢ rowPredicate (priorSteps ++ []) primitiveStep
All goals completed! 🐙
rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveSteppriorSteps:List PrimitiveGraphStephCheck:primitivePrefixScanCheck rowCheck priorSteps [] = truesuffix:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphSteptraceHead:PrimitiveGraphSteptraceTail:List PrimitiveGraphStephEq:[] = traceHead :: traceTail ++ [primitiveStep] ++ suffix⊢ rowPredicate (priorSteps ++ traceHead :: traceTail) primitiveStep
All goals completed! 🐙
rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveStephead:PrimitiveGraphSteptail:List PrimitiveGraphStepih:∀ {priorSteps : List PrimitiveGraphStep},
primitivePrefixScanCheck rowCheck priorSteps tail = true →
∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveSteppriorSteps:List PrimitiveGraphStephCheck:primitivePrefixScanCheck rowCheck priorSteps (head :: tail) = true⊢ ∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
head :: tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveStep
rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveStephead:PrimitiveGraphSteptail:List PrimitiveGraphStepih:∀ {priorSteps : List PrimitiveGraphStep},
primitivePrefixScanCheck rowCheck priorSteps tail = true →
∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveSteppriorSteps:List PrimitiveGraphStephCheck:(rowCheck priorSteps head && primitivePrefixScanCheck rowCheck (priorSteps ++ [head]) tail) = true⊢ ∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
head :: tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveStep
rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveStephead:PrimitiveGraphSteptail:List PrimitiveGraphStepih:∀ {priorSteps : List PrimitiveGraphStep},
primitivePrefixScanCheck rowCheck priorSteps tail = true →
∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveSteppriorSteps:List PrimitiveGraphStephCheck:rowCheck priorSteps head = true ∧ primitivePrefixScanCheck rowCheck (priorSteps ++ [head]) tail = true⊢ ∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
head :: tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveStep
intro tracePrefix rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveStephead:PrimitiveGraphSteptail:List PrimitiveGraphStepih:∀ {priorSteps : List PrimitiveGraphStep},
primitivePrefixScanCheck rowCheck priorSteps tail = true →
∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveSteppriorSteps:List PrimitiveGraphStephCheck:rowCheck priorSteps head = true ∧ primitivePrefixScanCheck rowCheck (priorSteps ++ [head]) tail = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStep⊢ ∀ (primitiveStep : PrimitiveGraphStep),
head :: tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveStep rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveStephead:PrimitiveGraphSteptail:List PrimitiveGraphStepih:∀ {priorSteps : List PrimitiveGraphStep},
primitivePrefixScanCheck rowCheck priorSteps tail = true →
∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveSteppriorSteps:List PrimitiveGraphStephCheck:rowCheck priorSteps head = true ∧ primitivePrefixScanCheck rowCheck (priorSteps ++ [head]) tail = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphStep⊢ head :: tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveStep rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveStephead:PrimitiveGraphSteptail:List PrimitiveGraphStepih:∀ {priorSteps : List PrimitiveGraphStep},
primitivePrefixScanCheck rowCheck priorSteps tail = true →
∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveSteppriorSteps:List PrimitiveGraphStephCheck:rowCheck priorSteps head = true ∧ primitivePrefixScanCheck rowCheck (priorSteps ++ [head]) tail = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphStephEq:head :: tail = tracePrefix ++ [primitiveStep] ++ suffix⊢ rowPredicate (priorSteps ++ tracePrefix) primitiveStep
cases tracePrefix with
rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveStephead:PrimitiveGraphSteptail:List PrimitiveGraphStepih:∀ {priorSteps : List PrimitiveGraphStep},
primitivePrefixScanCheck rowCheck priorSteps tail = true →
∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveSteppriorSteps:List PrimitiveGraphStephCheck:rowCheck priorSteps head = true ∧ primitivePrefixScanCheck rowCheck (priorSteps ++ [head]) tail = truesuffix:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphStephEq:head :: tail = [] ++ [primitiveStep] ++ suffix⊢ rowPredicate (priorSteps ++ []) primitiveStep
rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveStephead:PrimitiveGraphSteptail:List PrimitiveGraphStepih:∀ {priorSteps : List PrimitiveGraphStep},
primitivePrefixScanCheck rowCheck priorSteps tail = true →
∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveSteppriorSteps:List PrimitiveGraphStephCheck:rowCheck priorSteps head = true ∧ primitivePrefixScanCheck rowCheck (priorSteps ++ [head]) tail = truesuffix:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphStephEq:head = primitiveStep ∧ tail = suffix⊢ rowPredicate (priorSteps ++ []) primitiveStep
rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveStephead:PrimitiveGraphSteptail:List PrimitiveGraphStepih:∀ {priorSteps : List PrimitiveGraphStep},
primitivePrefixScanCheck rowCheck priorSteps tail = true →
∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveSteppriorSteps:List PrimitiveGraphStephCheck:rowCheck priorSteps head = true ∧ primitivePrefixScanCheck rowCheck (priorSteps ++ [head]) tail = truesuffix:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphStephHead:head = primitiveStep_hTail:tail = suffix⊢ rowPredicate (priorSteps ++ []) primitiveStep
rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveStephead:PrimitiveGraphSteptail:List PrimitiveGraphStepih:∀ {priorSteps : List PrimitiveGraphStep},
primitivePrefixScanCheck rowCheck priorSteps tail = true →
∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveSteppriorSteps:List PrimitiveGraphStephCheck:rowCheck priorSteps head = true ∧ primitivePrefixScanCheck rowCheck (priorSteps ++ [head]) tail = truesuffix:List PrimitiveGraphStep_hTail:tail = suffix⊢ rowPredicate (priorSteps ++ []) head
All goals completed! 🐙
rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveStephead:PrimitiveGraphSteptail:List PrimitiveGraphStepih:∀ {priorSteps : List PrimitiveGraphStep},
primitivePrefixScanCheck rowCheck priorSteps tail = true →
∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveSteppriorSteps:List PrimitiveGraphStephCheck:rowCheck priorSteps head = true ∧ primitivePrefixScanCheck rowCheck (priorSteps ++ [head]) tail = truesuffix:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphSteptraceHead:PrimitiveGraphSteptraceTail:List PrimitiveGraphStephEq:head :: tail = traceHead :: traceTail ++ [primitiveStep] ++ suffix⊢ rowPredicate (priorSteps ++ traceHead :: traceTail) primitiveStep
rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveStephead:PrimitiveGraphSteptail:List PrimitiveGraphStepih:∀ {priorSteps : List PrimitiveGraphStep},
primitivePrefixScanCheck rowCheck priorSteps tail = true →
∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveSteppriorSteps:List PrimitiveGraphStephCheck:rowCheck priorSteps head = true ∧ primitivePrefixScanCheck rowCheck (priorSteps ++ [head]) tail = truesuffix:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphSteptraceHead:PrimitiveGraphSteptraceTail:List PrimitiveGraphStephEq:head = traceHead ∧ tail = traceTail ++ primitiveStep :: suffix⊢ rowPredicate (priorSteps ++ traceHead :: traceTail) primitiveStep
rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveStephead:PrimitiveGraphSteptail:List PrimitiveGraphStepih:∀ {priorSteps : List PrimitiveGraphStep},
primitivePrefixScanCheck rowCheck priorSteps tail = true →
∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveSteppriorSteps:List PrimitiveGraphStephCheck:rowCheck priorSteps head = true ∧ primitivePrefixScanCheck rowCheck (priorSteps ++ [head]) tail = truesuffix:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphSteptraceHead:PrimitiveGraphSteptraceTail:List PrimitiveGraphStephHead:head = traceHeadhTail:tail = traceTail ++ primitiveStep :: suffix⊢ rowPredicate (priorSteps ++ traceHead :: traceTail) primitiveStep
rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveStephead:PrimitiveGraphSteptail:List PrimitiveGraphStepih:∀ {priorSteps : List PrimitiveGraphStep},
primitivePrefixScanCheck rowCheck priorSteps tail = true →
∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveSteppriorSteps:List PrimitiveGraphStephCheck:rowCheck priorSteps head = true ∧ primitivePrefixScanCheck rowCheck (priorSteps ++ [head]) tail = truesuffix:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphSteptraceTail:List PrimitiveGraphStephTail:tail = traceTail ++ primitiveStep :: suffix⊢ rowPredicate (priorSteps ++ head :: traceTail) primitiveStep
have hTailEq :
tail = traceTail ++ [primitiveStep] ++ suffix := rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveSteppriorSteps:List PrimitiveGraphStepprimitiveSteps:List PrimitiveGraphStephCheck:primitivePrefixScanCheck rowCheck priorSteps primitiveSteps = true⊢ ∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
primitiveSteps = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveStep
All goals completed! 🐙
rowCheck:List PrimitiveGraphStep → PrimitiveGraphStep → BoolrowPredicate:List PrimitiveGraphStep → PrimitiveGraphStep → ProprowSound:∀ (priorSteps : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
rowCheck priorSteps primitiveStep = true → rowPredicate priorSteps primitiveStephead:PrimitiveGraphSteptail:List PrimitiveGraphStepih:∀ {priorSteps : List PrimitiveGraphStep},
primitivePrefixScanCheck rowCheck priorSteps tail = true →
∀ (tracePrefix suffix : List PrimitiveGraphStep) (primitiveStep : PrimitiveGraphStep),
tail = tracePrefix ++ [primitiveStep] ++ suffix → rowPredicate (priorSteps ++ tracePrefix) primitiveSteppriorSteps:List PrimitiveGraphStephCheck:rowCheck priorSteps head = true ∧ primitivePrefixScanCheck rowCheck (priorSteps ++ [head]) tail = truesuffix:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphSteptraceTail:List PrimitiveGraphStephTail:tail = traceTail ++ primitiveStep :: suffixhTailEq:tail = traceTail ++ [primitiveStep] ++ suffixhTailPredicate:rowPredicate (priorSteps ++ [head] ++ traceTail) primitiveStep⊢ rowPredicate (priorSteps ++ head :: traceTail) primitiveStep
All goals completed! 🐙Row predicate for overlay ledgers being backed by primitive identity rows in prior steps.
def primitiveOverlayLedgersPrefixAvailableAt
(priorSteps : List PrimitiveGraphStep) :
PrimitiveGraphStep → Prop
| PrimitiveGraphStep.empty =>
True
| PrimitiveGraphStep.node _node _entries _exits =>
True
| PrimitiveGraphStep.bindingRef _binding =>
True
| PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings =>
(∀ node, node ∈ leftNodes ++ rightNodes →
node ∈ PrimitiveGraphStep.nodeRowsList priorSteps) ∧
(∀ binding, binding ∈ leftBindings ++ rightBindings →
binding ∈ PrimitiveGraphStep.bindingRowsList priorSteps)
| PrimitiveGraphStep.connect
_leftExits _rightEntries _matchedPairs _unmatchedLeftExits
_unmatchedRightEntries =>
TrueRow checker for overlay ledgers being backed by primitive identity rows in prior steps.
def primitiveOverlayLedgersPrefixStepCheck
(priorSteps : List PrimitiveGraphStep) :
PrimitiveGraphStep → Bool
| PrimitiveGraphStep.empty =>
true
| PrimitiveGraphStep.node _node _entries _exits =>
true
| PrimitiveGraphStep.bindingRef _binding =>
true
| PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings =>
let nodeRows := PrimitiveGraphStep.nodeRowsList priorSteps
let bindingRows := PrimitiveGraphStep.bindingRowsList priorSteps
Check.allDecide (leftNodes ++ rightNodes) (fun node => node ∈ nodeRows) &&
Check.allDecide (leftBindings ++ rightBindings)
(fun binding => binding ∈ bindingRows)
| PrimitiveGraphStep.connect
_leftExits _rightEntries _matchedPairs _unmatchedLeftExits
_unmatchedRightEntries =>
trueSuccessful row checking proves overlay ledger prefix availability at that row.
theorem primitiveOverlayLedgersPrefixStepCheck_sound
(priorSteps : List PrimitiveGraphStep)
(primitiveStep : PrimitiveGraphStep)
(hCheck : primitiveOverlayLedgersPrefixStepCheck priorSteps primitiveStep = true) :
primitiveOverlayLedgersPrefixAvailableAt priorSteps primitiveStep := priorSteps:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphStephCheck:primitiveOverlayLedgersPrefixStepCheck priorSteps primitiveStep = true⊢ primitiveOverlayLedgersPrefixAvailableAt priorSteps primitiveStep
cases primitiveStep with
priorSteps:List PrimitiveGraphStephCheck:primitiveOverlayLedgersPrefixStepCheck priorSteps PrimitiveGraphStep.empty = true⊢ primitiveOverlayLedgersPrefixAvailableAt priorSteps PrimitiveGraphStep.empty
All goals completed! 🐙
priorSteps:List PrimitiveGraphStep_node:NodeId_entries:List AdmissionBoundaryPort_exits:List AdmissionBoundaryPorthCheck:primitiveOverlayLedgersPrefixStepCheck priorSteps (PrimitiveGraphStep.node _node _entries _exits) = true⊢ primitiveOverlayLedgersPrefixAvailableAt priorSteps (PrimitiveGraphStep.node _node _entries _exits)
All goals completed! 🐙
priorSteps:List PrimitiveGraphStep_binding:BindingNamehCheck:primitiveOverlayLedgersPrefixStepCheck priorSteps (PrimitiveGraphStep.bindingRef _binding) = true⊢ primitiveOverlayLedgersPrefixAvailableAt priorSteps (PrimitiveGraphStep.bindingRef _binding)
All goals completed! 🐙
priorSteps:List PrimitiveGraphStepleftNodes:List NodeIdrightNodes:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:primitiveOverlayLedgersPrefixStepCheck priorSteps
(PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings) =
true⊢ primitiveOverlayLedgersPrefixAvailableAt priorSteps
(PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings)
priorSteps:List PrimitiveGraphStepleftNodes:List NodeIdrightNodes:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(match PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings with
| PrimitiveGraphStep.empty => true
| PrimitiveGraphStep.node _node _entries _exits => true
| PrimitiveGraphStep.bindingRef _binding => true
| PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings =>
have nodeRows := PrimitiveGraphStep.nodeRowsList priorSteps;
have bindingRows := PrimitiveGraphStep.bindingRowsList priorSteps;
(Check.allDecide (leftNodes ++ rightNodes) fun node => node ∈ nodeRows) &&
Check.allDecide (leftBindings ++ rightBindings) fun binding => binding ∈ bindingRows
| PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries =>
true) =
true⊢ primitiveOverlayLedgersPrefixAvailableAt priorSteps
(PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings)
priorSteps:List PrimitiveGraphStepleftNodes:List NodeIdrightNodes:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehCheck:(Check.allDecide (leftNodes ++ rightNodes) fun node => node ∈ PrimitiveGraphStep.nodeRowsList priorSteps) = true ∧
(Check.allDecide (leftBindings ++ rightBindings) fun binding =>
binding ∈ PrimitiveGraphStep.bindingRowsList priorSteps) =
true⊢ primitiveOverlayLedgersPrefixAvailableAt priorSteps
(PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings)
All goals completed! 🐙
priorSteps:List PrimitiveGraphStep_leftExits:List AdmissionBoundaryPort_rightEntries:List AdmissionBoundaryPort_matchedPairs:List AdmissionConnection_unmatchedLeftExits:List AdmissionBoundaryPort_unmatchedRightEntries:List AdmissionBoundaryPorthCheck:primitiveOverlayLedgersPrefixStepCheck priorSteps
(PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries) =
true⊢ primitiveOverlayLedgersPrefixAvailableAt priorSteps
(PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries)
All goals completed! 🐙Executable checker for primitive overlay ledger replay-order availability.
def primitiveOverlayLedgersPrefixAvailableCheck
(artifact : WireAdmissionArtifact) :
Bool :=
primitivePrefixScanCheck primitiveOverlayLedgersPrefixStepCheck []
artifact.primitiveSteps
Successful overlay-prefix checking proves PrimitiveOverlayLedgersPrefixAvailable.
theorem primitiveOverlayLedgersPrefixAvailableCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.primitiveOverlayLedgersPrefixAvailableCheck = true) :
artifact.PrimitiveOverlayLedgersPrefixAvailable := artifact:WireAdmissionArtifacthCheck:artifact.primitiveOverlayLedgersPrefixAvailableCheck = true⊢ artifact.PrimitiveOverlayLedgersPrefixAvailable
intro tracePrefix artifact:WireAdmissionArtifacthCheck:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStep⊢ ∀ (leftNodes rightNodes : List NodeId) (leftBindings rightBindings : List BindingName),
artifact.primitiveSteps =
tracePrefix ++ [PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings] ++ suffix →
(∀ node ∈ leftNodes ++ rightNodes, node ∈ PrimitiveGraphStep.nodeRowsList tracePrefix) ∧
∀ binding ∈ leftBindings ++ rightBindings, binding ∈ PrimitiveGraphStep.bindingRowsList tracePrefix artifact:WireAdmissionArtifacthCheck:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepleftNodes:List NodeId⊢ ∀ (rightNodes : List NodeId) (leftBindings rightBindings : List BindingName),
artifact.primitiveSteps =
tracePrefix ++ [PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings] ++ suffix →
(∀ node ∈ leftNodes ++ rightNodes, node ∈ PrimitiveGraphStep.nodeRowsList tracePrefix) ∧
∀ binding ∈ leftBindings ++ rightBindings, binding ∈ PrimitiveGraphStep.bindingRowsList tracePrefix artifact:WireAdmissionArtifacthCheck:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepleftNodes:List NodeIdrightNodes:List NodeId⊢ ∀ (leftBindings rightBindings : List BindingName),
artifact.primitiveSteps =
tracePrefix ++ [PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings] ++ suffix →
(∀ node ∈ leftNodes ++ rightNodes, node ∈ PrimitiveGraphStep.nodeRowsList tracePrefix) ∧
∀ binding ∈ leftBindings ++ rightBindings, binding ∈ PrimitiveGraphStep.bindingRowsList tracePrefix artifact:WireAdmissionArtifacthCheck:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepleftNodes:List NodeIdrightNodes:List NodeIdleftBindings:List BindingName⊢ ∀ (rightBindings : List BindingName),
artifact.primitiveSteps =
tracePrefix ++ [PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings] ++ suffix →
(∀ node ∈ leftNodes ++ rightNodes, node ∈ PrimitiveGraphStep.nodeRowsList tracePrefix) ∧
∀ binding ∈ leftBindings ++ rightBindings, binding ∈ PrimitiveGraphStep.bindingRowsList tracePrefix artifact:WireAdmissionArtifacthCheck:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepleftNodes:List NodeIdrightNodes:List NodeIdleftBindings:List BindingNamerightBindings:List BindingName⊢ artifact.primitiveSteps =
tracePrefix ++ [PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings] ++ suffix →
(∀ node ∈ leftNodes ++ rightNodes, node ∈ PrimitiveGraphStep.nodeRowsList tracePrefix) ∧
∀ binding ∈ leftBindings ++ rightBindings, binding ∈ PrimitiveGraphStep.bindingRowsList tracePrefix artifact:WireAdmissionArtifacthCheck:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepleftNodes:List NodeIdrightNodes:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehTrace:artifact.primitiveSteps =
tracePrefix ++ [PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings] ++ suffix⊢ (∀ node ∈ leftNodes ++ rightNodes, node ∈ PrimitiveGraphStep.nodeRowsList tracePrefix) ∧
∀ binding ∈ leftBindings ++ rightBindings, binding ∈ PrimitiveGraphStep.bindingRowsList tracePrefix
artifact:WireAdmissionArtifacthCheck:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepleftNodes:List NodeIdrightNodes:List NodeIdleftBindings:List BindingNamerightBindings:List BindingNamehTrace:artifact.primitiveSteps =
tracePrefix ++ [PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings] ++ suffixhAt:primitiveOverlayLedgersPrefixAvailableAt ([] ++ tracePrefix)
(PrimitiveGraphStep.overlay leftNodes rightNodes leftBindings rightBindings)⊢ (∀ node ∈ leftNodes ++ rightNodes, node ∈ PrimitiveGraphStep.nodeRowsList tracePrefix) ∧
∀ binding ∈ leftBindings ++ rightBindings, binding ∈ PrimitiveGraphStep.bindingRowsList tracePrefix
All goals completed! 🐙Row predicate for connect frontiers being backed by primitive node rows.
def primitiveConnectFrontiersBackedByNodesAt
(artifact : WireAdmissionArtifact) :
PrimitiveGraphStep → Prop
| PrimitiveGraphStep.empty =>
True
| PrimitiveGraphStep.node _node _entries _exits =>
True
| PrimitiveGraphStep.bindingRef _binding =>
True
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings =>
True
| PrimitiveGraphStep.connect
leftExits rightEntries _matchedPairs _unmatchedLeftExits
_unmatchedRightEntries =>
(∀ leftExit, leftExit ∈ leftExits →
leftExit.key ∈
PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) ∧
(∀ rightEntry, rightEntry ∈ rightEntries →
rightEntry.key ∈
PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps)Row checker for connect frontiers being backed by primitive node rows.
def primitiveConnectFrontiersBackedByNodesStepCheck
(artifact : WireAdmissionArtifact) :
PrimitiveGraphStep → Bool
| PrimitiveGraphStep.empty =>
true
| PrimitiveGraphStep.node _node _entries _exits =>
true
| PrimitiveGraphStep.bindingRef _binding =>
true
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings =>
true
| PrimitiveGraphStep.connect
leftExits rightEntries _matchedPairs _unmatchedLeftExits
_unmatchedRightEntries =>
let nodeExitKeys := PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
let nodeEntryKeys := PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
Check.allDecide leftExits (fun leftExit => leftExit.key ∈ nodeExitKeys) &&
Check.allDecide rightEntries (fun rightEntry => rightEntry.key ∈ nodeEntryKeys)Successful row checking proves connect frontier backing at that row.
theorem primitiveConnectFrontiersBackedByNodesStepCheck_sound
{artifact : WireAdmissionArtifact}
{primitiveStep : PrimitiveGraphStep}
(hCheck :
primitiveConnectFrontiersBackedByNodesStepCheck artifact primitiveStep = true) :
primitiveConnectFrontiersBackedByNodesAt artifact primitiveStep := artifact:WireAdmissionArtifactprimitiveStep:PrimitiveGraphStephCheck:artifact.primitiveConnectFrontiersBackedByNodesStepCheck primitiveStep = true⊢ artifact.primitiveConnectFrontiersBackedByNodesAt primitiveStep
cases primitiveStep with
artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersBackedByNodesStepCheck PrimitiveGraphStep.empty = true⊢ artifact.primitiveConnectFrontiersBackedByNodesAt PrimitiveGraphStep.empty
All goals completed! 🐙
artifact:WireAdmissionArtifact_node:NodeId_entries:List AdmissionBoundaryPort_exits:List AdmissionBoundaryPorthCheck:artifact.primitiveConnectFrontiersBackedByNodesStepCheck (PrimitiveGraphStep.node _node _entries _exits) = true⊢ artifact.primitiveConnectFrontiersBackedByNodesAt (PrimitiveGraphStep.node _node _entries _exits)
All goals completed! 🐙
artifact:WireAdmissionArtifact_binding:BindingNamehCheck:artifact.primitiveConnectFrontiersBackedByNodesStepCheck (PrimitiveGraphStep.bindingRef _binding) = true⊢ artifact.primitiveConnectFrontiersBackedByNodesAt (PrimitiveGraphStep.bindingRef _binding)
All goals completed! 🐙
artifact:WireAdmissionArtifact_leftNodes:List NodeId_rightNodes:List NodeId_leftBindings:List BindingName_rightBindings:List BindingNamehCheck:artifact.primitiveConnectFrontiersBackedByNodesStepCheck
(PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings) =
true⊢ artifact.primitiveConnectFrontiersBackedByNodesAt
(PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings)
All goals completed! 🐙
artifact:WireAdmissionArtifact_leftExits:List AdmissionBoundaryPort_rightEntries:List AdmissionBoundaryPort_matchedPairs:List AdmissionConnection_unmatchedLeftExits:List AdmissionBoundaryPort_unmatchedRightEntries:List AdmissionBoundaryPorthCheck:artifact.primitiveConnectFrontiersBackedByNodesStepCheck
(PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries) =
true⊢ artifact.primitiveConnectFrontiersBackedByNodesAt
(PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries)
artifact:WireAdmissionArtifact_leftExits:List AdmissionBoundaryPort_rightEntries:List AdmissionBoundaryPort_matchedPairs:List AdmissionConnection_unmatchedLeftExits:List AdmissionBoundaryPort_unmatchedRightEntries:List AdmissionBoundaryPorthCheck:(match PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries with
| PrimitiveGraphStep.empty => true
| PrimitiveGraphStep.node _node _entries _exits => true
| PrimitiveGraphStep.bindingRef _binding => true
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings => true
| PrimitiveGraphStep.connect leftExits rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries =>
have nodeExitKeys := PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps;
have nodeEntryKeys := PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps;
(Check.allDecide leftExits fun leftExit => leftExit.key ∈ nodeExitKeys) &&
Check.allDecide rightEntries fun rightEntry => rightEntry.key ∈ nodeEntryKeys) =
true⊢ artifact.primitiveConnectFrontiersBackedByNodesAt
(PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries)
artifact:WireAdmissionArtifact_leftExits:List AdmissionBoundaryPort_rightEntries:List AdmissionBoundaryPort_matchedPairs:List AdmissionConnection_unmatchedLeftExits:List AdmissionBoundaryPort_unmatchedRightEntries:List AdmissionBoundaryPorthCheck:(Check.allDecide _leftExits fun leftExit =>
leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) =
true ∧
(Check.allDecide _rightEntries fun rightEntry =>
rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps) =
true⊢ artifact.primitiveConnectFrontiersBackedByNodesAt
(PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries)
All goals completed! 🐙Executable checker for primitive connect frontier node-row backing.
def primitiveConnectFrontiersBackedByNodesCheck
(artifact : WireAdmissionArtifact) :
Bool :=
Check.allBool artifact.primitiveSteps
(primitiveConnectFrontiersBackedByNodesStepCheck artifact)
Successful connect-backing checking proves PrimitiveConnectFrontiersBackedByNodes.
theorem primitiveConnectFrontiersBackedByNodesCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.primitiveConnectFrontiersBackedByNodesCheck = true) :
artifact.PrimitiveConnectFrontiersBackedByNodes := artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersBackedByNodesCheck = true⊢ artifact.PrimitiveConnectFrontiersBackedByNodes
intro leftExits artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersBackedByNodesCheck = trueleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPort⊢ ∀ (matchedPairs : List AdmissionConnection) (unmatchedLeftExits unmatchedRightEntries : List AdmissionBoundaryPort),
PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries ∈
artifact.primitiveSteps →
(∀ leftExit ∈ leftExits, leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) ∧
∀ rightEntry ∈ rightEntries, rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersBackedByNodesCheck = trueleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnection⊢ ∀ (unmatchedLeftExits unmatchedRightEntries : List AdmissionBoundaryPort),
PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries ∈
artifact.primitiveSteps →
(∀ leftExit ∈ leftExits, leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) ∧
∀ rightEntry ∈ rightEntries, rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersBackedByNodesCheck = trueleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPort⊢ ∀ (unmatchedRightEntries : List AdmissionBoundaryPort),
PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries ∈
artifact.primitiveSteps →
(∀ leftExit ∈ leftExits, leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) ∧
∀ rightEntry ∈ rightEntries, rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersBackedByNodesCheck = trueleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPort⊢ PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries ∈
artifact.primitiveSteps →
(∀ leftExit ∈ leftExits, leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) ∧
∀ rightEntry ∈ rightEntries, rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersBackedByNodesCheck = trueleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthStep:PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries ∈
artifact.primitiveSteps⊢ (∀ leftExit ∈ leftExits, leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) ∧
∀ rightEntry ∈ rightEntries, rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersBackedByNodesCheck = trueleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthStep:PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries ∈
artifact.primitiveStepshAt:artifact.primitiveConnectFrontiersBackedByNodesAt
(PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries)⊢ (∀ leftExit ∈ leftExits, leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) ∧
∀ rightEntry ∈ rightEntries, rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
All goals completed! 🐙Row predicate for connect frontiers being available and unconsumed in prior steps.
def primitiveConnectFrontiersPrefixAvailableAt
(priorSteps : List PrimitiveGraphStep) :
PrimitiveGraphStep → Prop
| PrimitiveGraphStep.empty =>
True
| PrimitiveGraphStep.node _node _entries _exits =>
True
| PrimitiveGraphStep.bindingRef _binding =>
True
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings =>
True
| PrimitiveGraphStep.connect
leftExits rightEntries _matchedPairs _unmatchedLeftExits
_unmatchedRightEntries =>
(∀ leftExit, leftExit ∈ leftExits →
leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList priorSteps ∧
leftExit.key ∉ PrimitiveGraphStep.consumedExitKeysList priorSteps) ∧
(∀ rightEntry, rightEntry ∈ rightEntries →
rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList priorSteps ∧
rightEntry.key ∉ PrimitiveGraphStep.consumedEntryKeysList priorSteps)Row checker for connect frontiers being available and unconsumed in prior steps.
def primitiveConnectFrontiersPrefixStepCheck
(priorSteps : List PrimitiveGraphStep) :
PrimitiveGraphStep → Bool
| PrimitiveGraphStep.empty =>
true
| PrimitiveGraphStep.node _node _entries _exits =>
true
| PrimitiveGraphStep.bindingRef _binding =>
true
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings =>
true
| PrimitiveGraphStep.connect
leftExits rightEntries _matchedPairs _unmatchedLeftExits
_unmatchedRightEntries =>
let availableExits := PrimitiveGraphStep.nodeExitKeysList priorSteps
let consumedExits := PrimitiveGraphStep.consumedExitKeysList priorSteps
let availableEntries := PrimitiveGraphStep.nodeEntryKeysList priorSteps
let consumedEntries := PrimitiveGraphStep.consumedEntryKeysList priorSteps
Check.allDecide leftExits
(fun leftExit =>
leftExit.key ∈ availableExits ∧ leftExit.key ∉ consumedExits) &&
Check.allDecide rightEntries
(fun rightEntry =>
rightEntry.key ∈ availableEntries ∧ rightEntry.key ∉ consumedEntries)Successful row checking proves connect frontier prefix availability at that row.
theorem primitiveConnectFrontiersPrefixStepCheck_sound
(priorSteps : List PrimitiveGraphStep)
(primitiveStep : PrimitiveGraphStep)
(hCheck : primitiveConnectFrontiersPrefixStepCheck priorSteps primitiveStep = true) :
primitiveConnectFrontiersPrefixAvailableAt priorSteps primitiveStep := priorSteps:List PrimitiveGraphStepprimitiveStep:PrimitiveGraphStephCheck:primitiveConnectFrontiersPrefixStepCheck priorSteps primitiveStep = true⊢ primitiveConnectFrontiersPrefixAvailableAt priorSteps primitiveStep
cases primitiveStep with
priorSteps:List PrimitiveGraphStephCheck:primitiveConnectFrontiersPrefixStepCheck priorSteps PrimitiveGraphStep.empty = true⊢ primitiveConnectFrontiersPrefixAvailableAt priorSteps PrimitiveGraphStep.empty
All goals completed! 🐙
priorSteps:List PrimitiveGraphStep_node:NodeId_entries:List AdmissionBoundaryPort_exits:List AdmissionBoundaryPorthCheck:primitiveConnectFrontiersPrefixStepCheck priorSteps (PrimitiveGraphStep.node _node _entries _exits) = true⊢ primitiveConnectFrontiersPrefixAvailableAt priorSteps (PrimitiveGraphStep.node _node _entries _exits)
All goals completed! 🐙
priorSteps:List PrimitiveGraphStep_binding:BindingNamehCheck:primitiveConnectFrontiersPrefixStepCheck priorSteps (PrimitiveGraphStep.bindingRef _binding) = true⊢ primitiveConnectFrontiersPrefixAvailableAt priorSteps (PrimitiveGraphStep.bindingRef _binding)
All goals completed! 🐙
priorSteps:List PrimitiveGraphStep_leftNodes:List NodeId_rightNodes:List NodeId_leftBindings:List BindingName_rightBindings:List BindingNamehCheck:primitiveConnectFrontiersPrefixStepCheck priorSteps
(PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings) =
true⊢ primitiveConnectFrontiersPrefixAvailableAt priorSteps
(PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings)
All goals completed! 🐙
priorSteps:List PrimitiveGraphStepleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPort_matchedPairs:List AdmissionConnection_unmatchedLeftExits:List AdmissionBoundaryPort_unmatchedRightEntries:List AdmissionBoundaryPorthCheck:primitiveConnectFrontiersPrefixStepCheck priorSteps
(PrimitiveGraphStep.connect leftExits rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries) =
true⊢ primitiveConnectFrontiersPrefixAvailableAt priorSteps
(PrimitiveGraphStep.connect leftExits rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries)
priorSteps:List PrimitiveGraphStepleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPort_matchedPairs:List AdmissionConnection_unmatchedLeftExits:List AdmissionBoundaryPort_unmatchedRightEntries:List AdmissionBoundaryPorthCheck:(match PrimitiveGraphStep.connect leftExits rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries with
| PrimitiveGraphStep.empty => true
| PrimitiveGraphStep.node _node _entries _exits => true
| PrimitiveGraphStep.bindingRef _binding => true
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings => true
| PrimitiveGraphStep.connect leftExits rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries =>
have availableExits := PrimitiveGraphStep.nodeExitKeysList priorSteps;
have consumedExits := PrimitiveGraphStep.consumedExitKeysList priorSteps;
have availableEntries := PrimitiveGraphStep.nodeEntryKeysList priorSteps;
have consumedEntries := PrimitiveGraphStep.consumedEntryKeysList priorSteps;
(Check.allDecide leftExits fun leftExit => leftExit.key ∈ availableExits ∧ leftExit.key ∉ consumedExits) &&
Check.allDecide rightEntries fun rightEntry =>
rightEntry.key ∈ availableEntries ∧ rightEntry.key ∉ consumedEntries) =
true⊢ primitiveConnectFrontiersPrefixAvailableAt priorSteps
(PrimitiveGraphStep.connect leftExits rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries)
priorSteps:List PrimitiveGraphStepleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPort_matchedPairs:List AdmissionConnection_unmatchedLeftExits:List AdmissionBoundaryPort_unmatchedRightEntries:List AdmissionBoundaryPorthCheck:(Check.allDecide leftExits fun leftExit =>
leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList priorSteps ∧
leftExit.key ∉ PrimitiveGraphStep.consumedExitKeysList priorSteps) =
true ∧
(Check.allDecide rightEntries fun rightEntry =>
rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList priorSteps ∧
rightEntry.key ∉ PrimitiveGraphStep.consumedEntryKeysList priorSteps) =
true⊢ primitiveConnectFrontiersPrefixAvailableAt priorSteps
(PrimitiveGraphStep.connect leftExits rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries)
All goals completed! 🐙Executable checker for primitive connect frontier replay-order availability.
def primitiveConnectFrontiersPrefixAvailableCheck
(artifact : WireAdmissionArtifact) :
Bool :=
primitivePrefixScanCheck primitiveConnectFrontiersPrefixStepCheck []
artifact.primitiveSteps
Successful connect-prefix checking proves PrimitiveConnectFrontiersPrefixAvailable.
theorem primitiveConnectFrontiersPrefixAvailableCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.primitiveConnectFrontiersPrefixAvailableCheck = true) :
artifact.PrimitiveConnectFrontiersPrefixAvailable := artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersPrefixAvailableCheck = true⊢ artifact.PrimitiveConnectFrontiersPrefixAvailable
intro tracePrefix artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStep⊢ ∀ (leftExits rightEntries : List AdmissionBoundaryPort) (matchedPairs : List AdmissionConnection)
(unmatchedLeftExits unmatchedRightEntries : List AdmissionBoundaryPort),
artifact.primitiveSteps =
tracePrefix ++
[PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries] ++
suffix →
(∀ leftExit ∈ leftExits,
leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList tracePrefix ∧
leftExit.key ∉ PrimitiveGraphStep.consumedExitKeysList tracePrefix) ∧
∀ rightEntry ∈ rightEntries,
rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList tracePrefix ∧
rightEntry.key ∉ PrimitiveGraphStep.consumedEntryKeysList tracePrefix artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepleftExits:List AdmissionBoundaryPort⊢ ∀ (rightEntries : List AdmissionBoundaryPort) (matchedPairs : List AdmissionConnection)
(unmatchedLeftExits unmatchedRightEntries : List AdmissionBoundaryPort),
artifact.primitiveSteps =
tracePrefix ++
[PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries] ++
suffix →
(∀ leftExit ∈ leftExits,
leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList tracePrefix ∧
leftExit.key ∉ PrimitiveGraphStep.consumedExitKeysList tracePrefix) ∧
∀ rightEntry ∈ rightEntries,
rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList tracePrefix ∧
rightEntry.key ∉ PrimitiveGraphStep.consumedEntryKeysList tracePrefix artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPort⊢ ∀ (matchedPairs : List AdmissionConnection) (unmatchedLeftExits unmatchedRightEntries : List AdmissionBoundaryPort),
artifact.primitiveSteps =
tracePrefix ++
[PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries] ++
suffix →
(∀ leftExit ∈ leftExits,
leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList tracePrefix ∧
leftExit.key ∉ PrimitiveGraphStep.consumedExitKeysList tracePrefix) ∧
∀ rightEntry ∈ rightEntries,
rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList tracePrefix ∧
rightEntry.key ∉ PrimitiveGraphStep.consumedEntryKeysList tracePrefix artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnection⊢ ∀ (unmatchedLeftExits unmatchedRightEntries : List AdmissionBoundaryPort),
artifact.primitiveSteps =
tracePrefix ++
[PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries] ++
suffix →
(∀ leftExit ∈ leftExits,
leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList tracePrefix ∧
leftExit.key ∉ PrimitiveGraphStep.consumedExitKeysList tracePrefix) ∧
∀ rightEntry ∈ rightEntries,
rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList tracePrefix ∧
rightEntry.key ∉ PrimitiveGraphStep.consumedEntryKeysList tracePrefix artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPort⊢ ∀ (unmatchedRightEntries : List AdmissionBoundaryPort),
artifact.primitiveSteps =
tracePrefix ++
[PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries] ++
suffix →
(∀ leftExit ∈ leftExits,
leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList tracePrefix ∧
leftExit.key ∉ PrimitiveGraphStep.consumedExitKeysList tracePrefix) ∧
∀ rightEntry ∈ rightEntries,
rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList tracePrefix ∧
rightEntry.key ∉ PrimitiveGraphStep.consumedEntryKeysList tracePrefix
artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPort⊢ artifact.primitiveSteps =
tracePrefix ++
[PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries] ++
suffix →
(∀ leftExit ∈ leftExits,
leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList tracePrefix ∧
leftExit.key ∉ PrimitiveGraphStep.consumedExitKeysList tracePrefix) ∧
∀ rightEntry ∈ rightEntries,
rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList tracePrefix ∧
rightEntry.key ∉ PrimitiveGraphStep.consumedEntryKeysList tracePrefix artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthTrace:artifact.primitiveSteps =
tracePrefix ++
[PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries] ++
suffix⊢ (∀ leftExit ∈ leftExits,
leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList tracePrefix ∧
leftExit.key ∉ PrimitiveGraphStep.consumedExitKeysList tracePrefix) ∧
∀ rightEntry ∈ rightEntries,
rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList tracePrefix ∧
rightEntry.key ∉ PrimitiveGraphStep.consumedEntryKeysList tracePrefix
artifact:WireAdmissionArtifacthCheck:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truetracePrefix:List PrimitiveGraphStepsuffix:List PrimitiveGraphStepleftExits:List AdmissionBoundaryPortrightEntries:List AdmissionBoundaryPortmatchedPairs:List AdmissionConnectionunmatchedLeftExits:List AdmissionBoundaryPortunmatchedRightEntries:List AdmissionBoundaryPorthTrace:artifact.primitiveSteps =
tracePrefix ++
[PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries] ++
suffixhAt:primitiveConnectFrontiersPrefixAvailableAt ([] ++ tracePrefix)
(PrimitiveGraphStep.connect leftExits rightEntries matchedPairs unmatchedLeftExits unmatchedRightEntries)⊢ (∀ leftExit ∈ leftExits,
leftExit.key ∈ PrimitiveGraphStep.nodeExitKeysList tracePrefix ∧
leftExit.key ∉ PrimitiveGraphStep.consumedExitKeysList tracePrefix) ∧
∀ rightEntry ∈ rightEntries,
rightEntry.key ∈ PrimitiveGraphStep.nodeEntryKeysList tracePrefix ∧
rightEntry.key ∉ PrimitiveGraphStep.consumedEntryKeysList tracePrefix
All goals completed! 🐙Generated-Form Row Checks
mutualExecutable checker for serialized static values in generated-form source rows.
def staticValueValidCheck : AdmissionStaticValue → Bool
| AdmissionStaticValue.string _value =>
true
| AdmissionStaticValue.bool _value =>
true
| AdmissionStaticValue.nat _value =>
true
| AdmissionStaticValue.list values =>
staticValueValuesValidCheck values
| AdmissionStaticValue.record fields =>
Check.nodupMapCheck fields Prod.fst &&
staticValueFieldsValidCheck fieldsExecutable checker for serialized static-value lists.
def staticValueValuesValidCheck : List AdmissionStaticValue → Bool
| [] =>
true
| value :: values =>
staticValueValidCheck value &&
staticValueValuesValidCheck valuesExecutable checker for serialized static record fields.
def staticValueFieldsValidCheck :
List (FieldLabel × AdmissionStaticValue) → Bool
| [] =>
true
| field :: fields =>
decide field.fst.Valid &&
staticValueValidCheck field.snd &&
staticValueFieldsValidCheck fields
endmutual
Successful static-value checking proves AdmissionStaticValue.Valid.
theorem staticValueValidCheck_sound
{value : AdmissionStaticValue}
(hCheck : staticValueValidCheck value = true) :
value.Valid := value:AdmissionStaticValuehCheck:staticValueValidCheck value = true⊢ value.Valid
cases value with
value:StringhCheck:staticValueValidCheck (AdmissionStaticValue.string value) = true⊢ (AdmissionStaticValue.string value).Valid
All goals completed! 🐙
value:BoolhCheck:staticValueValidCheck (AdmissionStaticValue.bool value) = true⊢ (AdmissionStaticValue.bool value).Valid
All goals completed! 🐙
value:ℕhCheck:staticValueValidCheck (AdmissionStaticValue.nat value) = true⊢ (AdmissionStaticValue.nat value).Valid
All goals completed! 🐙
values:List AdmissionStaticValuehCheck:staticValueValidCheck (AdmissionStaticValue.list values) = true⊢ (AdmissionStaticValue.list values).Valid
All goals completed! 🐙
fields:List (FieldLabel × AdmissionStaticValue)hCheck:staticValueValidCheck (AdmissionStaticValue.record fields) = true⊢ (AdmissionStaticValue.record fields).Valid
fields:List (FieldLabel × AdmissionStaticValue)hCheck:(Check.nodupMapCheck fields Prod.fst && staticValueFieldsValidCheck fields) = true⊢ (AdmissionStaticValue.record fields).Valid
fields:List (FieldLabel × AdmissionStaticValue)hCheck:Check.nodupMapCheck fields Prod.fst = true ∧ staticValueFieldsValidCheck fields = true⊢ (AdmissionStaticValue.record fields).Valid
All goals completed! 🐙
Successful static-value-list checking proves AdmissionStaticValue.ValuesValid.
theorem staticValueValuesValidCheck_sound
{values : List AdmissionStaticValue}
(hCheck : staticValueValuesValidCheck values = true) :
AdmissionStaticValue.ValuesValid values := values:List AdmissionStaticValuehCheck:staticValueValuesValidCheck values = true⊢ AdmissionStaticValue.ValuesValid values
cases values with
hCheck:staticValueValuesValidCheck [] = true⊢ AdmissionStaticValue.ValuesValid []
All goals completed! 🐙
value:AdmissionStaticValuevalues:List AdmissionStaticValuehCheck:staticValueValuesValidCheck (value :: values) = true⊢ AdmissionStaticValue.ValuesValid (value :: values)
value:AdmissionStaticValuevalues:List AdmissionStaticValuehCheck:(staticValueValidCheck value && staticValueValuesValidCheck values) = true⊢ AdmissionStaticValue.ValuesValid (value :: values)
value:AdmissionStaticValuevalues:List AdmissionStaticValuehCheck:staticValueValidCheck value = true ∧ staticValueValuesValidCheck values = true⊢ AdmissionStaticValue.ValuesValid (value :: values)
All goals completed! 🐙
Successful static-field checking proves AdmissionStaticValue.FieldsValid.
theorem staticValueFieldsValidCheck_sound
{fields : List (FieldLabel × AdmissionStaticValue)}
(hCheck : staticValueFieldsValidCheck fields = true) :
AdmissionStaticValue.FieldsValid fields := fields:List (FieldLabel × AdmissionStaticValue)hCheck:staticValueFieldsValidCheck fields = true⊢ AdmissionStaticValue.FieldsValid fields
cases fields with
hCheck:staticValueFieldsValidCheck [] = true⊢ AdmissionStaticValue.FieldsValid []
All goals completed! 🐙
field:FieldLabel × AdmissionStaticValuefields:List (FieldLabel × AdmissionStaticValue)hCheck:staticValueFieldsValidCheck (field :: fields) = true⊢ AdmissionStaticValue.FieldsValid (field :: fields)
cases field with
fields:List (FieldLabel × AdmissionStaticValue)label:FieldLabelvalue:AdmissionStaticValuehCheck:staticValueFieldsValidCheck ((label, value) :: fields) = true⊢ AdmissionStaticValue.FieldsValid ((label, value) :: fields)
fields:List (FieldLabel × AdmissionStaticValue)label:FieldLabelvalue:AdmissionStaticValuehCheck:(decide (label, value).1.Valid && staticValueValidCheck (label, value).2 && staticValueFieldsValidCheck fields) = true⊢ AdmissionStaticValue.FieldsValid ((label, value) :: fields)
fields:List (FieldLabel × AdmissionStaticValue)label:FieldLabelvalue:AdmissionStaticValuehCheck:(decide label.Valid = true ∧ staticValueValidCheck value = true) ∧ staticValueFieldsValidCheck fields = true⊢ AdmissionStaticValue.FieldsValid ((label, value) :: fields)
fields:List (FieldLabel × AdmissionStaticValue)label:FieldLabelvalue:AdmissionStaticValuehFields:staticValueFieldsValidCheck fields = truehLabel:decide label.Valid = truehValue:staticValueValidCheck value = true⊢ AdmissionStaticValue.FieldsValid ((label, value) :: fields)
All goals completed! 🐙
endExecutable checker for optional static payloads on generated source children.
def generatedChildSourceStaticValueValidCheck
(child : GeneratedChildSourceArtifact) :
Bool :=
match child.value with
| none => true
| some value => staticValueValidCheck valueSuccessful optional-payload checking proves source-child static payload validity.
theorem generatedChildSourceStaticValueValidCheck_sound
{child : GeneratedChildSourceArtifact}
(hCheck : generatedChildSourceStaticValueValidCheck child = true) :
child.StaticValueValid := child:GeneratedChildSourceArtifacthCheck:generatedChildSourceStaticValueValidCheck child = true⊢ child.StaticValueValid
cases hValue : child.value with
child:GeneratedChildSourceArtifacthCheck:generatedChildSourceStaticValueValidCheck child = truehValue:child.value = none⊢ child.StaticValueValid
All goals completed! 🐙
child:GeneratedChildSourceArtifacthCheck:generatedChildSourceStaticValueValidCheck child = truevalue:AdmissionStaticValuehValue:child.value = some value⊢ child.StaticValueValid
have hValueCheck : staticValueValidCheck value = true := child:GeneratedChildSourceArtifacthCheck:generatedChildSourceStaticValueValidCheck child = true⊢ child.StaticValueValid
All goals completed! 🐙
All goals completed! 🐙Executable checker for source generated-child row validity.
def generatedChildSourceValidCheck
(child : GeneratedChildSourceArtifact) :
Bool :=
decide child.node.Valid &&
decide child.label.Valid &&
generatedChildSourceStaticValueValidCheck child
Successful source-child checking proves GeneratedChildSourceArtifact.Valid.
theorem generatedChildSourceValidCheck_sound
{child : GeneratedChildSourceArtifact}
(hCheck : generatedChildSourceValidCheck child = true) :
child.Valid := child:GeneratedChildSourceArtifacthCheck:generatedChildSourceValidCheck child = true⊢ child.Valid
child:GeneratedChildSourceArtifacthCheck:(decide child.node.Valid && decide child.label.Valid && generatedChildSourceStaticValueValidCheck child) = true⊢ child.Valid
child:GeneratedChildSourceArtifacthCheck:(decide child.node.Valid = true ∧ decide child.label.Valid = true) ∧
generatedChildSourceStaticValueValidCheck child = true⊢ child.Valid
child:GeneratedChildSourceArtifacthStatic:generatedChildSourceStaticValueValidCheck child = truehNode:decide child.node.Valid = truehLabel:decide child.label.Valid = true⊢ child.Valid
All goals completed! 🐙Executable checker that generated-child frontiers are owned by the child node.
def generatedChildFrontiersOwnedCheck
(child : GeneratedChildArtifact) :
Bool :=
Check.allDecide child.outputs (fun output => output.node = child.node) &&
Check.allDecide child.inputs (fun input => input.node = child.node)
Successful generated-child frontier ownership proves FrontiersOwnedByChild.
theorem generatedChildFrontiersOwnedCheck_sound
{child : GeneratedChildArtifact}
(hCheck : generatedChildFrontiersOwnedCheck child = true) :
child.FrontiersOwnedByChild := child:GeneratedChildArtifacthCheck:generatedChildFrontiersOwnedCheck child = true⊢ child.FrontiersOwnedByChild
child:GeneratedChildArtifacthCheck:((Check.allDecide child.outputs fun output => output.node = child.node) &&
Check.allDecide child.inputs fun input => input.node = child.node) =
true⊢ child.FrontiersOwnedByChild
child:GeneratedChildArtifacthCheck:(Check.allDecide child.outputs fun output => output.node = child.node) = true ∧
(Check.allDecide child.inputs fun input => input.node = child.node) = true⊢ child.FrontiersOwnedByChild
All goals completed! 🐙Executable checker that generated-child frontier keys are unique per direction.
def generatedChildFrontierKeysUniqueCheck
(child : GeneratedChildArtifact) :
Bool :=
Check.nodupMapCheck child.outputs AdmissionBoundaryPort.key &&
Check.nodupMapCheck child.inputs AdmissionBoundaryPort.key
Successful generated-child frontier uniqueness proves FrontierKeysUnique.
theorem generatedChildFrontierKeysUniqueCheck_sound
{child : GeneratedChildArtifact}
(hCheck : generatedChildFrontierKeysUniqueCheck child = true) :
child.FrontierKeysUnique := child:GeneratedChildArtifacthCheck:generatedChildFrontierKeysUniqueCheck child = true⊢ child.FrontierKeysUnique
child:GeneratedChildArtifacthCheck:(Check.nodupMapCheck child.outputs AdmissionBoundaryPort.key &&
Check.nodupMapCheck child.inputs AdmissionBoundaryPort.key) =
true⊢ child.FrontierKeysUnique
child:GeneratedChildArtifacthCheck:Check.nodupMapCheck child.outputs AdmissionBoundaryPort.key = true ∧
Check.nodupMapCheck child.inputs AdmissionBoundaryPort.key = true⊢ child.FrontierKeysUnique
All goals completed! 🐙Executable checker for used generated-child row validity.
def generatedChildValidCheck
(child : GeneratedChildArtifact) :
Bool :=
decide child.node.Valid &&
decide child.label.Valid &&
generatedChildFrontiersOwnedCheck child &&
generatedChildFrontierKeysUniqueCheck child &&
AdmissionArtifactCheck.boundaryPortsValidCheck child.outputs &&
AdmissionArtifactCheck.boundaryPortsValidCheck child.inputs
Successful used-child checking proves GeneratedChildArtifact.Valid.
theorem generatedChildValidCheck_sound
{child : GeneratedChildArtifact}
(hCheck : generatedChildValidCheck child = true) :
child.Valid := child:GeneratedChildArtifacthCheck:generatedChildValidCheck child = true⊢ child.Valid
child:GeneratedChildArtifacthCheck:(decide child.node.Valid && decide child.label.Valid && generatedChildFrontiersOwnedCheck child &&
generatedChildFrontierKeysUniqueCheck child &&
AdmissionArtifactCheck.boundaryPortsValidCheck child.outputs &&
AdmissionArtifactCheck.boundaryPortsValidCheck child.inputs) =
true⊢ child.Valid
child:GeneratedChildArtifacthCheck:((((decide child.node.Valid = true ∧ decide child.label.Valid = true) ∧
generatedChildFrontiersOwnedCheck child = true) ∧
generatedChildFrontierKeysUniqueCheck child = true) ∧
AdmissionArtifactCheck.boundaryPortsValidCheck child.outputs = true) ∧
AdmissionArtifactCheck.boundaryPortsValidCheck child.inputs = true⊢ child.Valid
child:GeneratedChildArtifacthInputs:AdmissionArtifactCheck.boundaryPortsValidCheck child.inputs = truehOutputs:AdmissionArtifactCheck.boundaryPortsValidCheck child.outputs = truehUnique:generatedChildFrontierKeysUniqueCheck child = truehOwned:generatedChildFrontiersOwnedCheck child = truehNode:decide child.node.Valid = truehLabel:decide child.label.Valid = true⊢ child.Valid
All goals completed! 🐙Executable checker for used generated-child domain closure.
def generatedChildDomainClosedCheck
(nodes : List NodeId)
(child : GeneratedChildArtifact) :
Bool :=
Check.memCheck child.node nodes &&
boundaryPortsClosedCheck nodes child.outputs &&
boundaryPortsClosedCheck nodes child.inputs
Successful used-child closure checking proves GeneratedChildArtifact.DomainClosed.
theorem generatedChildDomainClosedCheck_sound
{nodes : List NodeId}
{child : GeneratedChildArtifact}
(hCheck : generatedChildDomainClosedCheck nodes child = true) :
child.DomainClosed nodes := nodes:List NodeIdchild:GeneratedChildArtifacthCheck:generatedChildDomainClosedCheck nodes child = true⊢ GeneratedChildArtifact.DomainClosed nodes child
nodes:List NodeIdchild:GeneratedChildArtifacthCheck:(Check.memCheck child.node nodes && boundaryPortsClosedCheck nodes child.outputs &&
boundaryPortsClosedCheck nodes child.inputs) =
true⊢ GeneratedChildArtifact.DomainClosed nodes child
nodes:List NodeIdchild:GeneratedChildArtifacthCheck:(Check.memCheck child.node nodes = true ∧ boundaryPortsClosedCheck nodes child.outputs = true) ∧
boundaryPortsClosedCheck nodes child.inputs = true⊢ GeneratedChildArtifact.DomainClosed nodes child
nodes:List NodeIdchild:GeneratedChildArtifacthInputs:boundaryPortsClosedCheck nodes child.inputs = truehNode:Check.memCheck child.node nodes = truehOutputs:boundaryPortsClosedCheck nodes child.outputs = true⊢ GeneratedChildArtifact.DomainClosed nodes child
All goals completed! 🐙Executable checker that used generated children are backed by source rows.
def generatedUsedChildrenFromSourceCheck
(artifact : GeneratedFormArtifact) :
Bool :=
Check.allDecide artifact.usedChildren fun child =>
child.key ∈ artifact.sourceChildKeys
Successful source-backing checking proves UsedChildrenFromSource.
theorem generatedUsedChildrenFromSourceCheck_sound
{artifact : GeneratedFormArtifact}
(hCheck : generatedUsedChildrenFromSourceCheck artifact = true) :
artifact.UsedChildrenFromSource :=
Check.allDecide_sound hCheckExecutable checker that generated child names follow the binding/label policy.
def generatedChildrenOwnedByBindingCheck
(artifact : GeneratedFormArtifact) :
Bool :=
Check.allDecide artifact.sourceChildren
(fun child =>
child.node = GeneratedFormArtifact.childNodeFor artifact.binding child.label) &&
Check.allDecide artifact.usedChildren
(fun child =>
child.node = GeneratedFormArtifact.childNodeFor artifact.binding child.label)
Successful generated-name checking proves ChildrenOwnedByBinding.
theorem generatedChildrenOwnedByBindingCheck_sound
{artifact : GeneratedFormArtifact}
(hCheck : generatedChildrenOwnedByBindingCheck artifact = true) :
artifact.ChildrenOwnedByBinding := artifact:GeneratedFormArtifacthCheck:generatedChildrenOwnedByBindingCheck artifact = true⊢ artifact.ChildrenOwnedByBinding
artifact:GeneratedFormArtifacthCheck:((Check.allDecide artifact.sourceChildren fun child =>
child.node = GeneratedFormArtifact.childNodeFor artifact.binding child.label) &&
Check.allDecide artifact.usedChildren fun child =>
child.node = GeneratedFormArtifact.childNodeFor artifact.binding child.label) =
true⊢ artifact.ChildrenOwnedByBinding
artifact:GeneratedFormArtifacthCheck:(Check.allDecide artifact.sourceChildren fun child =>
child.node = GeneratedFormArtifact.childNodeFor artifact.binding child.label) =
true ∧
(Check.allDecide artifact.usedChildren fun child =>
child.node = GeneratedFormArtifact.childNodeFor artifact.binding child.label) =
true⊢ artifact.ChildrenOwnedByBinding
All goals completed! 🐙Executable checker that source and used generated child keys are duplicate-free.
def generatedChildKeysUniqueCheck
(artifact : GeneratedFormArtifact) :
Bool :=
Check.nodupCheck artifact.sourceChildKeys &&
Check.nodupCheck artifact.usedChildKeys
Successful generated-key checking proves ChildKeysUnique.
theorem generatedChildKeysUniqueCheck_sound
{artifact : GeneratedFormArtifact}
(hCheck : generatedChildKeysUniqueCheck artifact = true) :
artifact.ChildKeysUnique := artifact:GeneratedFormArtifacthCheck:generatedChildKeysUniqueCheck artifact = true⊢ artifact.ChildKeysUnique
artifact:GeneratedFormArtifacthCheck:(Check.nodupCheck artifact.sourceChildKeys && Check.nodupCheck artifact.usedChildKeys) = true⊢ artifact.ChildKeysUnique
artifact:GeneratedFormArtifacthCheck:Check.nodupCheck artifact.sourceChildKeys = true ∧ Check.nodupCheck artifact.usedChildKeys = true⊢ artifact.ChildKeysUnique
All goals completed! 🐙Executable checker that every generated source payload is structurally valid.
def generatedSourceValuesValidCheck
(artifact : GeneratedFormArtifact) :
Bool :=
Check.allBool artifact.sourceChildren generatedChildSourceStaticValueValidCheck
Successful generated source-payload checking proves SourceValuesValid.
theorem generatedSourceValuesValidCheck_sound
{artifact : GeneratedFormArtifact}
(hCheck : generatedSourceValuesValidCheck artifact = true) :
artifact.SourceValuesValid :=
Check.allBool_sound hCheck
(fun _child _ hChild =>
generatedChildSourceStaticValueValidCheck_sound hChild)
Executable checker that make source labels are canonical.
def makeSourceLabelsCanonicalCheck
(artifact : GeneratedFormArtifact) :
Bool :=
decide
(artifact.sourceLabels =
(List.range artifact.sourceChildren.length).map (fun index => ⟨toString index⟩))
Successful canonical-label checking proves MakeSourceLabelsCanonical.
theorem makeSourceLabelsCanonicalCheck_sound
{artifact : GeneratedFormArtifact}
(hCheck : makeSourceLabelsCanonicalCheck artifact = true) :
artifact.MakeSourceLabelsCanonical := artifact:GeneratedFormArtifacthCheck:makeSourceLabelsCanonicalCheck artifact = true⊢ artifact.MakeSourceLabelsCanonical
artifact:GeneratedFormArtifacthCheck:makeSourceLabelsCanonicalCheck artifact = true⊢ artifact.sourceLabels = List.map (fun index => { name := toString index }) (List.range artifact.sourceChildren.length)
All goals completed! 🐙Executable checker that a source child carries no static payload.
def generatedSourceValueEmptyCheck
(child : GeneratedChildSourceArtifact) :
Bool :=
match child.value with
| none => true
| some _value => falseSuccessful empty-payload checking proves the child payload is absent.
theorem generatedSourceValueEmptyCheck_sound
{child : GeneratedChildSourceArtifact}
(hCheck : generatedSourceValueEmptyCheck child = true) :
child.value = none := child:GeneratedChildSourceArtifacthCheck:generatedSourceValueEmptyCheck child = true⊢ child.value = none
cases hValue : child.value with
child:GeneratedChildSourceArtifacthCheck:generatedSourceValueEmptyCheck child = truehValue:child.value = none⊢ none = none
All goals completed! 🐙
child:GeneratedChildSourceArtifacthCheck:generatedSourceValueEmptyCheck child = truevalue:AdmissionStaticValuehValue:child.value = some value⊢ some value = none
All goals completed! 🐙Executable checker that all source children carry no static payload.
def makeSourceValuesEmptyCheck
(artifact : GeneratedFormArtifact) :
Bool :=
Check.allBool artifact.sourceChildren generatedSourceValueEmptyCheck
Successful empty-payload-list checking proves MakeSourceValuesEmpty.
theorem makeSourceValuesEmptyCheck_sound
{artifact : GeneratedFormArtifact}
(hCheck : makeSourceValuesEmptyCheck artifact = true) :
artifact.MakeSourceValuesEmpty :=
Check.allBool_sound hCheck
(fun _child _ hChild =>
generatedSourceValueEmptyCheck_sound hChild)Executable checker that generated-form payload shape matches its source form.
def generatedKindShapeMatchesCheck
(artifact : GeneratedFormArtifact) :
Bool :=
match artifact.kind with
| GeneratedFormKind.make =>
makeSourceLabelsCanonicalCheck artifact &&
makeSourceValuesEmptyCheck artifact
| GeneratedFormKind.makeEach =>
true
Successful generated-kind-shape checking proves KindShapeMatches.
theorem generatedKindShapeMatchesCheck_sound
{artifact : GeneratedFormArtifact}
(hCheck : generatedKindShapeMatchesCheck artifact = true) :
artifact.KindShapeMatches := artifact:GeneratedFormArtifacthCheck:generatedKindShapeMatchesCheck artifact = true⊢ artifact.KindShapeMatches
cases hKind : artifact.kind with
artifact:GeneratedFormArtifacthCheck:generatedKindShapeMatchesCheck artifact = truehKind:artifact.kind = GeneratedFormKind.make⊢ artifact.KindShapeMatches
artifact:GeneratedFormArtifacthCheck:(match artifact.kind with
| GeneratedFormKind.make => makeSourceLabelsCanonicalCheck artifact && makeSourceValuesEmptyCheck artifact
| GeneratedFormKind.makeEach => true) =
truehKind:artifact.kind = GeneratedFormKind.make⊢ artifact.KindShapeMatches
artifact:GeneratedFormArtifacthCheck:(match GeneratedFormKind.make with
| GeneratedFormKind.make => makeSourceLabelsCanonicalCheck artifact && makeSourceValuesEmptyCheck artifact
| GeneratedFormKind.makeEach => true) =
truehKind:artifact.kind = GeneratedFormKind.make⊢ artifact.KindShapeMatches
artifact:GeneratedFormArtifacthCheck:makeSourceLabelsCanonicalCheck artifact = true ∧ makeSourceValuesEmptyCheck artifact = truehKind:artifact.kind = GeneratedFormKind.make⊢ artifact.KindShapeMatches
artifact:GeneratedFormArtifacthCheck:makeSourceLabelsCanonicalCheck artifact = true ∧ makeSourceValuesEmptyCheck artifact = truehKind:artifact.kind = GeneratedFormKind.make⊢ match artifact.kind with
| GeneratedFormKind.make => artifact.MakeSourceLabelsCanonical ∧ artifact.MakeSourceValuesEmpty
| GeneratedFormKind.makeEach => True
artifact:GeneratedFormArtifacthCheck:makeSourceLabelsCanonicalCheck artifact = true ∧ makeSourceValuesEmptyCheck artifact = truehKind:artifact.kind = GeneratedFormKind.make⊢ match GeneratedFormKind.make with
| GeneratedFormKind.make => artifact.MakeSourceLabelsCanonical ∧ artifact.MakeSourceValuesEmpty
| GeneratedFormKind.makeEach => True
All goals completed! 🐙
artifact:GeneratedFormArtifacthCheck:generatedKindShapeMatchesCheck artifact = truehKind:artifact.kind = GeneratedFormKind.makeEach⊢ artifact.KindShapeMatches
artifact:GeneratedFormArtifacthCheck:generatedKindShapeMatchesCheck artifact = truehKind:artifact.kind = GeneratedFormKind.makeEach⊢ match artifact.kind with
| GeneratedFormKind.make => artifact.MakeSourceLabelsCanonical ∧ artifact.MakeSourceValuesEmpty
| GeneratedFormKind.makeEach => True
artifact:GeneratedFormArtifacthCheck:generatedKindShapeMatchesCheck artifact = truehKind:artifact.kind = GeneratedFormKind.makeEach⊢ match GeneratedFormKind.makeEach with
| GeneratedFormKind.make => artifact.MakeSourceLabelsCanonical ∧ artifact.MakeSourceValuesEmpty
| GeneratedFormKind.makeEach => True
All goals completed! 🐙Executable checker for generated-form row-local facts.
def generatedFormRowsValidCheck
(artifact : GeneratedFormArtifact) :
Bool :=
decide artifact.kindName.Valid &&
decide artifact.binding.Valid &&
Check.allBool artifact.sourceChildren generatedChildSourceValidCheck &&
Check.allBool artifact.usedChildren generatedChildValidCheck
Successful generated-form row checking proves GeneratedFormArtifact.RowsValid.
theorem generatedFormRowsValidCheck_sound
{artifact : GeneratedFormArtifact}
(hCheck : generatedFormRowsValidCheck artifact = true) :
artifact.RowsValid := artifact:GeneratedFormArtifacthCheck:generatedFormRowsValidCheck artifact = true⊢ artifact.RowsValid
artifact:GeneratedFormArtifacthCheck:(decide artifact.kindName.Valid && decide artifact.binding.Valid &&
Check.allBool artifact.sourceChildren generatedChildSourceValidCheck &&
Check.allBool artifact.usedChildren generatedChildValidCheck) =
true⊢ artifact.RowsValid
artifact:GeneratedFormArtifacthCheck:((decide artifact.kindName.Valid = true ∧ decide artifact.binding.Valid = true) ∧
Check.allBool artifact.sourceChildren generatedChildSourceValidCheck = true) ∧
Check.allBool artifact.usedChildren generatedChildValidCheck = true⊢ artifact.RowsValid
artifact:GeneratedFormArtifacthUsedChildren:Check.allBool artifact.usedChildren generatedChildValidCheck = truehSourceChildren:Check.allBool artifact.sourceChildren generatedChildSourceValidCheck = truehKind:decide artifact.kindName.Valid = truehBinding:decide artifact.binding.Valid = true⊢ artifact.RowsValid
All goals completed! 🐙Executable checker for one generated-form artifact.
def generatedFormValidCheck
(artifact : GeneratedFormArtifact) :
Bool :=
generatedUsedChildrenFromSourceCheck artifact &&
generatedChildrenOwnedByBindingCheck artifact &&
generatedChildKeysUniqueCheck artifact &&
generatedSourceValuesValidCheck artifact &&
generatedKindShapeMatchesCheck artifact &&
generatedFormRowsValidCheck artifact
Successful generated-form checking proves GeneratedFormArtifact.Valid.
theorem generatedFormValidCheck_sound
{artifact : GeneratedFormArtifact}
(hCheck : generatedFormValidCheck artifact = true) :
artifact.Valid := artifact:GeneratedFormArtifacthCheck:generatedFormValidCheck artifact = true⊢ artifact.Valid
artifact:GeneratedFormArtifacthCheck:(generatedUsedChildrenFromSourceCheck artifact && generatedChildrenOwnedByBindingCheck artifact &&
generatedChildKeysUniqueCheck artifact &&
generatedSourceValuesValidCheck artifact &&
generatedKindShapeMatchesCheck artifact &&
generatedFormRowsValidCheck artifact) =
true⊢ artifact.Valid
artifact:GeneratedFormArtifacthCheck:((((generatedUsedChildrenFromSourceCheck artifact = true ∧ generatedChildrenOwnedByBindingCheck artifact = true) ∧
generatedChildKeysUniqueCheck artifact = true) ∧
generatedSourceValuesValidCheck artifact = true) ∧
generatedKindShapeMatchesCheck artifact = true) ∧
generatedFormRowsValidCheck artifact = true⊢ artifact.Valid
artifact:GeneratedFormArtifacthRows:generatedFormRowsValidCheck artifact = truehShape:generatedKindShapeMatchesCheck artifact = truehValues:generatedSourceValuesValidCheck artifact = truehUnique:generatedChildKeysUniqueCheck artifact = truehSource:generatedUsedChildrenFromSourceCheck artifact = truehOwned:generatedChildrenOwnedByBindingCheck artifact = true⊢ artifact.Valid
All goals completed! 🐙Executable checker for generated-form domain closure over the top-level node summary.
def generatedFormDomainClosedCheck
(nodes : List NodeId)
(artifact : GeneratedFormArtifact) :
Bool :=
Check.allBool artifact.usedChildren (generatedChildDomainClosedCheck nodes)
Successful generated-form closure checking proves GeneratedFormArtifact.DomainClosed.
theorem generatedFormDomainClosedCheck_sound
{nodes : List NodeId}
{artifact : GeneratedFormArtifact}
(hCheck : generatedFormDomainClosedCheck nodes artifact = true) :
artifact.DomainClosed nodes :=
Check.allBool_sound hCheck
(fun _child _ hChild =>
generatedChildDomainClosedCheck_sound hChild)Executable checker that a generated-form row is anchored by used children or an empty binding.
def generatedFormReferencedCheck
(bindingRefs : List BindingName)
(artifact : GeneratedFormArtifact) :
Bool :=
match artifact.usedChildren with
| _child :: _children => true
| [] =>
match artifact.sourceChildren with
| [] => Check.memCheck artifact.binding bindingRefs
| _source :: _sources => falseSuccessful generated-form reference checking proves the row is replay-addressable.
theorem generatedFormReferencedCheck_sound
{bindingRefs : List BindingName}
{artifact : GeneratedFormArtifact}
(hCheck : generatedFormReferencedCheck bindingRefs artifact = true) :
artifact.usedChildren ≠ [] ∨
(artifact.sourceChildren = [] ∧ artifact.binding ∈ bindingRefs) := bindingRefs:List BindingNameartifact:GeneratedFormArtifacthCheck:generatedFormReferencedCheck bindingRefs artifact = true⊢ artifact.usedChildren ≠ [] ∨ artifact.sourceChildren = [] ∧ artifact.binding ∈ bindingRefs
bindingRefs:List BindingNamekind:GeneratedFormKindkindName:KindNamebinding:BindingNamesourceChildren:List GeneratedChildSourceArtifactusedChildren:List GeneratedChildArtifacthCheck:generatedFormReferencedCheck bindingRefs
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren,
usedChildren := usedChildren } =
true⊢ { kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren,
usedChildren := usedChildren }.usedChildren ≠
[] ∨
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren,
usedChildren := usedChildren }.sourceChildren =
[] ∧
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren,
usedChildren := usedChildren }.binding ∈
bindingRefs
cases usedChildren with
bindingRefs:List BindingNamekind:GeneratedFormKindkindName:KindNamebinding:BindingNamesourceChildren:List GeneratedChildSourceArtifacthCheck:generatedFormReferencedCheck bindingRefs
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren, usedChildren := [] } =
true⊢ { kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren,
usedChildren := [] }.usedChildren ≠
[] ∨
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren,
usedChildren := [] }.sourceChildren =
[] ∧
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren,
usedChildren := [] }.binding ∈
bindingRefs
cases sourceChildren with
bindingRefs:List BindingNamekind:GeneratedFormKindkindName:KindNamebinding:BindingNamehCheck:generatedFormReferencedCheck bindingRefs
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := [], usedChildren := [] } =
true⊢ { kind := kind, kindName := kindName, binding := binding, sourceChildren := [], usedChildren := [] }.usedChildren ≠ [] ∨
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := [], usedChildren := [] }.sourceChildren =
[] ∧
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := [], usedChildren := [] }.binding ∈
bindingRefs
have hBinding : Check.memCheck binding bindingRefs = true := bindingRefs:List BindingNameartifact:GeneratedFormArtifacthCheck:generatedFormReferencedCheck bindingRefs artifact = true⊢ artifact.usedChildren ≠ [] ∨ artifact.sourceChildren = [] ∧ artifact.binding ∈ bindingRefs
All goals completed! 🐙
All goals completed! 🐙
bindingRefs:List BindingNamekind:GeneratedFormKindkindName:KindNamebinding:BindingNamesource:GeneratedChildSourceArtifactsources:List GeneratedChildSourceArtifacthCheck:generatedFormReferencedCheck bindingRefs
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := source :: sources,
usedChildren := [] } =
true⊢ { kind := kind, kindName := kindName, binding := binding, sourceChildren := source :: sources,
usedChildren := [] }.usedChildren ≠
[] ∨
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := source :: sources,
usedChildren := [] }.sourceChildren =
[] ∧
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := source :: sources,
usedChildren := [] }.binding ∈
bindingRefs
All goals completed! 🐙
bindingRefs:List BindingNamekind:GeneratedFormKindkindName:KindNamebinding:BindingNamesourceChildren:List GeneratedChildSourceArtifactchild:GeneratedChildArtifactchildren:List GeneratedChildArtifacthCheck:generatedFormReferencedCheck bindingRefs
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren,
usedChildren := child :: children } =
true⊢ { kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren,
usedChildren := child :: children }.usedChildren ≠
[] ∨
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren,
usedChildren := child :: children }.sourceChildren =
[] ∧
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren,
usedChildren := child :: children }.binding ∈
bindingRefs
exact Or.inl (bindingRefs:List BindingNamekind:GeneratedFormKindkindName:KindNamebinding:BindingNamesourceChildren:List GeneratedChildSourceArtifactchild:GeneratedChildArtifactchildren:List GeneratedChildArtifacthCheck:generatedFormReferencedCheck bindingRefs
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren,
usedChildren := child :: children } =
true⊢ { kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren,
usedChildren := child :: children }.usedChildren ≠
[] bindingRefs:List BindingNamekind:GeneratedFormKindkindName:KindNamebinding:BindingNamesourceChildren:List GeneratedChildSourceArtifactchild:GeneratedChildArtifactchildren:List GeneratedChildArtifacthCheck:generatedFormReferencedCheck bindingRefs
{ kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren,
usedChildren := child :: children } =
truehEmpty:{ kind := kind, kindName := kindName, binding := binding, sourceChildren := sourceChildren,
usedChildren := child :: children }.usedChildren =
[]⊢ False; All goals completed! 🐙)Phantom Adapter Row Checks
Executable checker for duplicate-free record field labels in product-shape rows.
def productShapeFieldLabelsUniqueCheck
(shape : ProductShapeArtifact) :
Bool :=
match shape with
| ProductShapeArtifact.record _contract fields =>
Check.nodupMapCheck fields Prod.fst
| ProductShapeArtifact.indexed _element _count =>
true
Successful product field-label checking proves ProductShapeArtifact.FieldLabelsUnique.
theorem productShapeFieldLabelsUniqueCheck_sound
{shape : ProductShapeArtifact}
(hCheck : productShapeFieldLabelsUniqueCheck shape = true) :
shape.FieldLabelsUnique := shape:ProductShapeArtifacthCheck:productShapeFieldLabelsUniqueCheck shape = true⊢ shape.FieldLabelsUnique
cases shape with
contract:ContractIdfields:List (FieldLabel × ContractId)hCheck:productShapeFieldLabelsUniqueCheck (ProductShapeArtifact.record contract fields) = true⊢ (ProductShapeArtifact.record contract fields).FieldLabelsUnique
All goals completed! 🐙
element:ContractIdcount:ℕhCheck:productShapeFieldLabelsUniqueCheck (ProductShapeArtifact.indexed element count) = true⊢ (ProductShapeArtifact.indexed element count).FieldLabelsUnique
All goals completed! 🐙Executable checker for product-shape contract and field-row validity.
def productShapeRowsValidCheck
(shape : ProductShapeArtifact) :
Bool :=
match shape with
| ProductShapeArtifact.record contract fields =>
decide contract.Valid &&
Check.allDecide fields (fun field => field.fst.Valid ∧ field.snd.Valid)
| ProductShapeArtifact.indexed element _count =>
decide element.Valid
Successful product row checking proves ProductShapeArtifact.RowsValid.
theorem productShapeRowsValidCheck_sound
{shape : ProductShapeArtifact}
(hCheck : productShapeRowsValidCheck shape = true) :
shape.RowsValid := shape:ProductShapeArtifacthCheck:productShapeRowsValidCheck shape = true⊢ shape.RowsValid
cases shape with
contract:ContractIdfields:List (FieldLabel × ContractId)hCheck:productShapeRowsValidCheck (ProductShapeArtifact.record contract fields) = true⊢ (ProductShapeArtifact.record contract fields).RowsValid
contract:ContractIdfields:List (FieldLabel × ContractId)hCheck:(match ProductShapeArtifact.record contract fields with
| ProductShapeArtifact.record contract fields =>
decide contract.Valid && Check.allDecide fields fun field => field.1.Valid ∧ field.2.Valid
| ProductShapeArtifact.indexed element _count => decide element.Valid) =
true⊢ (ProductShapeArtifact.record contract fields).RowsValid
contract:ContractIdfields:List (FieldLabel × ContractId)hCheck:decide contract.Valid = true ∧ (Check.allDecide fields fun field => field.1.Valid ∧ field.2.Valid) = true⊢ (ProductShapeArtifact.record contract fields).RowsValid
All goals completed! 🐙
element:ContractIdcount:ℕhCheck:productShapeRowsValidCheck (ProductShapeArtifact.indexed element count) = true⊢ (ProductShapeArtifact.indexed element count).RowsValid
element:ContractIdcount:ℕhCheck:productShapeRowsValidCheck (ProductShapeArtifact.indexed element count) = true⊢ element.Valid
All goals completed! 🐙Executable checker that indexed product elements are not serialized nested products.
def productShapeIndexedElementNominalCheck
(shape : ProductShapeArtifact) :
Bool :=
match shape with
| ProductShapeArtifact.record _contract _fields =>
true
| ProductShapeArtifact.indexed element _count =>
decide (element.name.startsWith "[" = false)
Successful nested-product rejection proves ProductShapeArtifact.IndexedElementNominal.
theorem productShapeIndexedElementNominalCheck_sound
{shape : ProductShapeArtifact}
(hCheck : productShapeIndexedElementNominalCheck shape = true) :
shape.IndexedElementNominal := shape:ProductShapeArtifacthCheck:productShapeIndexedElementNominalCheck shape = true⊢ shape.IndexedElementNominal
cases shape with
contract:ContractIdfields:List (FieldLabel × ContractId)hCheck:productShapeIndexedElementNominalCheck (ProductShapeArtifact.record contract fields) = true⊢ (ProductShapeArtifact.record contract fields).IndexedElementNominal
All goals completed! 🐙
element:ContractIdcount:ℕhCheck:productShapeIndexedElementNominalCheck (ProductShapeArtifact.indexed element count) = true⊢ (ProductShapeArtifact.indexed element count).IndexedElementNominal
element:ContractIdcount:ℕhCheck:productShapeIndexedElementNominalCheck (ProductShapeArtifact.indexed element count) = true⊢ element.name.startsWith "[" = false
All goals completed! 🐙Executable checker for serialized product-shape validity.
def productShapeValidCheck
(shape : ProductShapeArtifact) :
Bool :=
productShapeFieldLabelsUniqueCheck shape &&
productShapeRowsValidCheck shape &&
productShapeIndexedElementNominalCheck shape
Successful product-shape checking proves ProductShapeArtifact.Valid.
theorem productShapeValidCheck_sound
{shape : ProductShapeArtifact}
(hCheck : productShapeValidCheck shape = true) :
shape.Valid := shape:ProductShapeArtifacthCheck:productShapeValidCheck shape = true⊢ shape.Valid
shape:ProductShapeArtifacthCheck:(productShapeFieldLabelsUniqueCheck shape && productShapeRowsValidCheck shape &&
productShapeIndexedElementNominalCheck shape) =
true⊢ shape.Valid
shape:ProductShapeArtifacthCheck:(productShapeFieldLabelsUniqueCheck shape = true ∧ productShapeRowsValidCheck shape = true) ∧
productShapeIndexedElementNominalCheck shape = true⊢ shape.Valid
shape:ProductShapeArtifacthNominal:productShapeIndexedElementNominalCheck shape = truehFields:productShapeFieldLabelsUniqueCheck shape = truehRows:productShapeRowsValidCheck shape = true⊢ shape.Valid
All goals completed! 🐙Executable checker that multi-side boundaries match the serialized product shape.
def productShapeBoundariesMatchCheck
(shape : ProductShapeArtifact)
(multi : List AdmissionBoundaryPort) :
Bool :=
match shape with
| ProductShapeArtifact.record _contract fields =>
Check.permCheck (multi.filterMap AdmissionBoundaryPort.recordField) fields
| ProductShapeArtifact.indexed element _count =>
Check.allDecide multi (fun boundary => boundary.contract = element)
Successful multi-side boundary checking proves ProductShapeArtifact.BoundariesMatch.
theorem productShapeBoundariesMatchCheck_sound
{shape : ProductShapeArtifact}
{multi : List AdmissionBoundaryPort}
(hCheck : productShapeBoundariesMatchCheck shape multi = true) :
shape.BoundariesMatch multi := shape:ProductShapeArtifactmulti:List AdmissionBoundaryPorthCheck:productShapeBoundariesMatchCheck shape multi = true⊢ shape.BoundariesMatch multi
cases shape with
multi:List AdmissionBoundaryPortcontract:ContractIdfields:List (FieldLabel × ContractId)hCheck:productShapeBoundariesMatchCheck (ProductShapeArtifact.record contract fields) multi = true⊢ (ProductShapeArtifact.record contract fields).BoundariesMatch multi
All goals completed! 🐙
multi:List AdmissionBoundaryPortelement:ContractIdcount:ℕhCheck:productShapeBoundariesMatchCheck (ProductShapeArtifact.indexed element count) multi = true⊢ (ProductShapeArtifact.indexed element count).BoundariesMatch multi
All goals completed! 🐙Executable checker that a phantom row's multi-side length matches its product arity.
def phantomProductArityMatchesCheck
(artifact : PhantomAdapterArtifact) :
Bool :=
decide (artifact.multi.length = artifact.productShape.arity)
Successful arity checking proves ProductArityMatches.
theorem phantomProductArityMatchesCheck_sound
{artifact : PhantomAdapterArtifact}
(hCheck : phantomProductArityMatchesCheck artifact = true) :
artifact.ProductArityMatches := artifact:PhantomAdapterArtifacthCheck:phantomProductArityMatchesCheck artifact = true⊢ artifact.ProductArityMatches
artifact:PhantomAdapterArtifacthCheck:phantomProductArityMatchesCheck artifact = true⊢ artifact.multi.length = artifact.productShape.arity
All goals completed! 🐙Executable checker that a phantom row's multi-side boundary matches its product shape.
def phantomProductShapeMatchesMultiCheck
(artifact : PhantomAdapterArtifact) :
Bool :=
productShapeBoundariesMatchCheck artifact.productShape artifact.multi
Successful multi-side shape checking proves ProductShapeMatchesMulti.
theorem phantomProductShapeMatchesMultiCheck_sound
{artifact : PhantomAdapterArtifact}
(hCheck : phantomProductShapeMatchesMultiCheck artifact = true) :
artifact.ProductShapeMatchesMulti :=
productShapeBoundariesMatchCheck_sound hCheckExecutable checker that the singular endpoint uses the aggregate product contract.
def phantomProductContractMatchesSingularCheck
(artifact : PhantomAdapterArtifact) :
Bool :=
decide (artifact.singular.contract = artifact.productShape.contract)
Successful singular-contract checking proves ProductContractMatchesSingular.
theorem phantomProductContractMatchesSingularCheck_sound
{artifact : PhantomAdapterArtifact}
(hCheck : phantomProductContractMatchesSingularCheck artifact = true) :
artifact.ProductContractMatchesSingular := artifact:PhantomAdapterArtifacthCheck:phantomProductContractMatchesSingularCheck artifact = true⊢ artifact.ProductContractMatchesSingular
artifact:PhantomAdapterArtifacthCheck:phantomProductContractMatchesSingularCheck artifact = true⊢ artifact.singular.contract = artifact.productShape.contract
All goals completed! 🐙Executable checker that source-visible multi-side endpoints are duplicate-free.
def phantomMultiEndpointKeysUniqueCheck
(artifact : PhantomAdapterArtifact) :
Bool :=
Check.nodupMapCheck artifact.multi AdmissionBoundaryPort.key
Successful multi-endpoint checking proves MultiEndpointKeysUnique.
theorem phantomMultiEndpointKeysUniqueCheck_sound
{artifact : PhantomAdapterArtifact}
(hCheck : phantomMultiEndpointKeysUniqueCheck artifact = true) :
artifact.MultiEndpointKeysUnique :=
Check.nodupMapCheck_sound hCheckExecutable checker that bulk endpoints match the phantom adapter direction.
def phantomBulkEndpointsMatchCheck
(artifact : PhantomAdapterArtifact) :
Bool :=
match artifact.direction with
| PhantomAdapterDirection.gather =>
Check.allDecide artifact.leftBulk (fun pair =>
pair.fromPort ∈ artifact.multi ∧ pair.toPort.node = artifact.node) &&
Check.allDecide artifact.rightBulk (fun pair =>
pair.fromPort.node = artifact.node ∧ pair.toPort = artifact.singular)
| PhantomAdapterDirection.scatter =>
Check.allDecide artifact.leftBulk (fun pair =>
pair.fromPort = artifact.singular ∧ pair.toPort.node = artifact.node) &&
Check.allDecide artifact.rightBulk (fun pair =>
pair.fromPort.node = artifact.node ∧ pair.toPort ∈ artifact.multi)
Successful bulk-endpoint checking proves BulkEndpointsMatch.
theorem phantomBulkEndpointsMatchCheck_sound
{artifact : PhantomAdapterArtifact}
(hCheck : phantomBulkEndpointsMatchCheck artifact = true) :
artifact.BulkEndpointsMatch := artifact:PhantomAdapterArtifacthCheck:phantomBulkEndpointsMatchCheck artifact = true⊢ artifact.BulkEndpointsMatch
cases hDirection : artifact.direction with
artifact:PhantomAdapterArtifacthCheck:phantomBulkEndpointsMatchCheck artifact = truehDirection:artifact.direction = PhantomAdapterDirection.gather⊢ artifact.BulkEndpointsMatch
artifact:PhantomAdapterArtifacthCheck:(match artifact.direction with
| PhantomAdapterDirection.gather =>
(Check.allDecide artifact.leftBulk fun pair => pair.fromPort ∈ artifact.multi ∧ pair.toPort.node = artifact.node) &&
Check.allDecide artifact.rightBulk fun pair =>
pair.fromPort.node = artifact.node ∧ pair.toPort = artifact.singular
| PhantomAdapterDirection.scatter =>
(Check.allDecide artifact.leftBulk fun pair =>
pair.fromPort = artifact.singular ∧ pair.toPort.node = artifact.node) &&
Check.allDecide artifact.rightBulk fun pair =>
pair.fromPort.node = artifact.node ∧ pair.toPort ∈ artifact.multi) =
truehDirection:artifact.direction = PhantomAdapterDirection.gather⊢ artifact.BulkEndpointsMatch
artifact:PhantomAdapterArtifacthCheck:(match PhantomAdapterDirection.gather with
| PhantomAdapterDirection.gather =>
(Check.allDecide artifact.leftBulk fun pair => pair.fromPort ∈ artifact.multi ∧ pair.toPort.node = artifact.node) &&
Check.allDecide artifact.rightBulk fun pair =>
pair.fromPort.node = artifact.node ∧ pair.toPort = artifact.singular
| PhantomAdapterDirection.scatter =>
(Check.allDecide artifact.leftBulk fun pair =>
pair.fromPort = artifact.singular ∧ pair.toPort.node = artifact.node) &&
Check.allDecide artifact.rightBulk fun pair =>
pair.fromPort.node = artifact.node ∧ pair.toPort ∈ artifact.multi) =
truehDirection:artifact.direction = PhantomAdapterDirection.gather⊢ artifact.BulkEndpointsMatch
artifact:PhantomAdapterArtifacthCheck:(Check.allDecide artifact.leftBulk fun pair => pair.fromPort ∈ artifact.multi ∧ pair.toPort.node = artifact.node) =
true ∧
(Check.allDecide artifact.rightBulk fun pair =>
pair.fromPort.node = artifact.node ∧ pair.toPort = artifact.singular) =
truehDirection:artifact.direction = PhantomAdapterDirection.gather⊢ artifact.BulkEndpointsMatch
artifact:PhantomAdapterArtifacthCheck:(Check.allDecide artifact.leftBulk fun pair => pair.fromPort ∈ artifact.multi ∧ pair.toPort.node = artifact.node) =
true ∧
(Check.allDecide artifact.rightBulk fun pair =>
pair.fromPort.node = artifact.node ∧ pair.toPort = artifact.singular) =
truehDirection:artifact.direction = PhantomAdapterDirection.gather⊢ match artifact.direction with
| PhantomAdapterDirection.gather =>
(∀ pair ∈ artifact.leftBulk, pair.fromPort ∈ artifact.multi ∧ pair.toPort.node = artifact.node) ∧
∀ pair ∈ artifact.rightBulk, pair.fromPort.node = artifact.node ∧ pair.toPort = artifact.singular
| PhantomAdapterDirection.scatter =>
(∀ pair ∈ artifact.leftBulk, pair.fromPort = artifact.singular ∧ pair.toPort.node = artifact.node) ∧
∀ pair ∈ artifact.rightBulk, pair.fromPort.node = artifact.node ∧ pair.toPort ∈ artifact.multi
artifact:PhantomAdapterArtifacthCheck:(Check.allDecide artifact.leftBulk fun pair => pair.fromPort ∈ artifact.multi ∧ pair.toPort.node = artifact.node) =
true ∧
(Check.allDecide artifact.rightBulk fun pair =>
pair.fromPort.node = artifact.node ∧ pair.toPort = artifact.singular) =
truehDirection:artifact.direction = PhantomAdapterDirection.gather⊢ match PhantomAdapterDirection.gather with
| PhantomAdapterDirection.gather =>
(∀ pair ∈ artifact.leftBulk, pair.fromPort ∈ artifact.multi ∧ pair.toPort.node = artifact.node) ∧
∀ pair ∈ artifact.rightBulk, pair.fromPort.node = artifact.node ∧ pair.toPort = artifact.singular
| PhantomAdapterDirection.scatter =>
(∀ pair ∈ artifact.leftBulk, pair.fromPort = artifact.singular ∧ pair.toPort.node = artifact.node) ∧
∀ pair ∈ artifact.rightBulk, pair.fromPort.node = artifact.node ∧ pair.toPort ∈ artifact.multi
All goals completed! 🐙
artifact:PhantomAdapterArtifacthCheck:phantomBulkEndpointsMatchCheck artifact = truehDirection:artifact.direction = PhantomAdapterDirection.scatter⊢ artifact.BulkEndpointsMatch
artifact:PhantomAdapterArtifacthCheck:(match artifact.direction with
| PhantomAdapterDirection.gather =>
(Check.allDecide artifact.leftBulk fun pair => pair.fromPort ∈ artifact.multi ∧ pair.toPort.node = artifact.node) &&
Check.allDecide artifact.rightBulk fun pair =>
pair.fromPort.node = artifact.node ∧ pair.toPort = artifact.singular
| PhantomAdapterDirection.scatter =>
(Check.allDecide artifact.leftBulk fun pair =>
pair.fromPort = artifact.singular ∧ pair.toPort.node = artifact.node) &&
Check.allDecide artifact.rightBulk fun pair =>
pair.fromPort.node = artifact.node ∧ pair.toPort ∈ artifact.multi) =
truehDirection:artifact.direction = PhantomAdapterDirection.scatter⊢ artifact.BulkEndpointsMatch
artifact:PhantomAdapterArtifacthCheck:(match PhantomAdapterDirection.scatter with
| PhantomAdapterDirection.gather =>
(Check.allDecide artifact.leftBulk fun pair => pair.fromPort ∈ artifact.multi ∧ pair.toPort.node = artifact.node) &&
Check.allDecide artifact.rightBulk fun pair =>
pair.fromPort.node = artifact.node ∧ pair.toPort = artifact.singular
| PhantomAdapterDirection.scatter =>
(Check.allDecide artifact.leftBulk fun pair =>
pair.fromPort = artifact.singular ∧ pair.toPort.node = artifact.node) &&
Check.allDecide artifact.rightBulk fun pair =>
pair.fromPort.node = artifact.node ∧ pair.toPort ∈ artifact.multi) =
truehDirection:artifact.direction = PhantomAdapterDirection.scatter⊢ artifact.BulkEndpointsMatch
artifact:PhantomAdapterArtifacthCheck:(Check.allDecide artifact.leftBulk fun pair => pair.fromPort = artifact.singular ∧ pair.toPort.node = artifact.node) =
true ∧
(Check.allDecide artifact.rightBulk fun pair => pair.fromPort.node = artifact.node ∧ pair.toPort ∈ artifact.multi) =
truehDirection:artifact.direction = PhantomAdapterDirection.scatter⊢ artifact.BulkEndpointsMatch
artifact:PhantomAdapterArtifacthCheck:(Check.allDecide artifact.leftBulk fun pair => pair.fromPort = artifact.singular ∧ pair.toPort.node = artifact.node) =
true ∧
(Check.allDecide artifact.rightBulk fun pair => pair.fromPort.node = artifact.node ∧ pair.toPort ∈ artifact.multi) =
truehDirection:artifact.direction = PhantomAdapterDirection.scatter⊢ match artifact.direction with
| PhantomAdapterDirection.gather =>
(∀ pair ∈ artifact.leftBulk, pair.fromPort ∈ artifact.multi ∧ pair.toPort.node = artifact.node) ∧
∀ pair ∈ artifact.rightBulk, pair.fromPort.node = artifact.node ∧ pair.toPort = artifact.singular
| PhantomAdapterDirection.scatter =>
(∀ pair ∈ artifact.leftBulk, pair.fromPort = artifact.singular ∧ pair.toPort.node = artifact.node) ∧
∀ pair ∈ artifact.rightBulk, pair.fromPort.node = artifact.node ∧ pair.toPort ∈ artifact.multi
artifact:PhantomAdapterArtifacthCheck:(Check.allDecide artifact.leftBulk fun pair => pair.fromPort = artifact.singular ∧ pair.toPort.node = artifact.node) =
true ∧
(Check.allDecide artifact.rightBulk fun pair => pair.fromPort.node = artifact.node ∧ pair.toPort ∈ artifact.multi) =
truehDirection:artifact.direction = PhantomAdapterDirection.scatter⊢ match PhantomAdapterDirection.scatter with
| PhantomAdapterDirection.gather =>
(∀ pair ∈ artifact.leftBulk, pair.fromPort ∈ artifact.multi ∧ pair.toPort.node = artifact.node) ∧
∀ pair ∈ artifact.rightBulk, pair.fromPort.node = artifact.node ∧ pair.toPort = artifact.singular
| PhantomAdapterDirection.scatter =>
(∀ pair ∈ artifact.leftBulk, pair.fromPort = artifact.singular ∧ pair.toPort.node = artifact.node) ∧
∀ pair ∈ artifact.rightBulk, pair.fromPort.node = artifact.node ∧ pair.toPort ∈ artifact.multi
All goals completed! 🐙Executable checker that bulk ledgers cover the source-visible endpoints exactly.
def phantomBulkEndpointPartitionCheck
(artifact : PhantomAdapterArtifact) :
Bool :=
match artifact.direction with
| PhantomAdapterDirection.gather =>
Check.permCheck artifact.leftBulkSourceKeys
(artifact.multi.map AdmissionBoundaryPort.key) &&
Check.permCheck artifact.rightBulkTargetKeys [artifact.singular.key]
| PhantomAdapterDirection.scatter =>
Check.permCheck artifact.leftBulkSourceKeys [artifact.singular.key] &&
Check.permCheck artifact.rightBulkTargetKeys
(artifact.multi.map AdmissionBoundaryPort.key)
Successful bulk-partition checking proves BulkEndpointPartition.
theorem phantomBulkEndpointPartitionCheck_sound
{artifact : PhantomAdapterArtifact}
(hCheck : phantomBulkEndpointPartitionCheck artifact = true) :
artifact.BulkEndpointPartition := artifact:PhantomAdapterArtifacthCheck:phantomBulkEndpointPartitionCheck artifact = true⊢ artifact.BulkEndpointPartition
cases hDirection : artifact.direction with
artifact:PhantomAdapterArtifacthCheck:phantomBulkEndpointPartitionCheck artifact = truehDirection:artifact.direction = PhantomAdapterDirection.gather⊢ artifact.BulkEndpointPartition
artifact:PhantomAdapterArtifacthCheck:(match artifact.direction with
| PhantomAdapterDirection.gather =>
Check.permCheck artifact.leftBulkSourceKeys (List.map AdmissionBoundaryPort.key artifact.multi) &&
Check.permCheck artifact.rightBulkTargetKeys [artifact.singular.key]
| PhantomAdapterDirection.scatter =>
Check.permCheck artifact.leftBulkSourceKeys [artifact.singular.key] &&
Check.permCheck artifact.rightBulkTargetKeys (List.map AdmissionBoundaryPort.key artifact.multi)) =
truehDirection:artifact.direction = PhantomAdapterDirection.gather⊢ artifact.BulkEndpointPartition
artifact:PhantomAdapterArtifacthCheck:(match PhantomAdapterDirection.gather with
| PhantomAdapterDirection.gather =>
Check.permCheck artifact.leftBulkSourceKeys (List.map AdmissionBoundaryPort.key artifact.multi) &&
Check.permCheck artifact.rightBulkTargetKeys [artifact.singular.key]
| PhantomAdapterDirection.scatter =>
Check.permCheck artifact.leftBulkSourceKeys [artifact.singular.key] &&
Check.permCheck artifact.rightBulkTargetKeys (List.map AdmissionBoundaryPort.key artifact.multi)) =
truehDirection:artifact.direction = PhantomAdapterDirection.gather⊢ artifact.BulkEndpointPartition
artifact:PhantomAdapterArtifacthCheck:Check.permCheck artifact.leftBulkSourceKeys (List.map AdmissionBoundaryPort.key artifact.multi) = true ∧
Check.permCheck artifact.rightBulkTargetKeys [artifact.singular.key] = truehDirection:artifact.direction = PhantomAdapterDirection.gather⊢ artifact.BulkEndpointPartition
artifact:PhantomAdapterArtifacthCheck:Check.permCheck artifact.leftBulkSourceKeys (List.map AdmissionBoundaryPort.key artifact.multi) = true ∧
Check.permCheck artifact.rightBulkTargetKeys [artifact.singular.key] = truehDirection:artifact.direction = PhantomAdapterDirection.gather⊢ match artifact.direction with
| PhantomAdapterDirection.gather =>
artifact.leftBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key artifact.multi) ∧
artifact.rightBulkTargetKeys.Perm [artifact.singular.key]
| PhantomAdapterDirection.scatter =>
artifact.leftBulkSourceKeys.Perm [artifact.singular.key] ∧
artifact.rightBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key artifact.multi)
artifact:PhantomAdapterArtifacthCheck:Check.permCheck artifact.leftBulkSourceKeys (List.map AdmissionBoundaryPort.key artifact.multi) = true ∧
Check.permCheck artifact.rightBulkTargetKeys [artifact.singular.key] = truehDirection:artifact.direction = PhantomAdapterDirection.gather⊢ match PhantomAdapterDirection.gather with
| PhantomAdapterDirection.gather =>
artifact.leftBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key artifact.multi) ∧
artifact.rightBulkTargetKeys.Perm [artifact.singular.key]
| PhantomAdapterDirection.scatter =>
artifact.leftBulkSourceKeys.Perm [artifact.singular.key] ∧
artifact.rightBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key artifact.multi)
All goals completed! 🐙
artifact:PhantomAdapterArtifacthCheck:phantomBulkEndpointPartitionCheck artifact = truehDirection:artifact.direction = PhantomAdapterDirection.scatter⊢ artifact.BulkEndpointPartition
artifact:PhantomAdapterArtifacthCheck:(match artifact.direction with
| PhantomAdapterDirection.gather =>
Check.permCheck artifact.leftBulkSourceKeys (List.map AdmissionBoundaryPort.key artifact.multi) &&
Check.permCheck artifact.rightBulkTargetKeys [artifact.singular.key]
| PhantomAdapterDirection.scatter =>
Check.permCheck artifact.leftBulkSourceKeys [artifact.singular.key] &&
Check.permCheck artifact.rightBulkTargetKeys (List.map AdmissionBoundaryPort.key artifact.multi)) =
truehDirection:artifact.direction = PhantomAdapterDirection.scatter⊢ artifact.BulkEndpointPartition
artifact:PhantomAdapterArtifacthCheck:(match PhantomAdapterDirection.scatter with
| PhantomAdapterDirection.gather =>
Check.permCheck artifact.leftBulkSourceKeys (List.map AdmissionBoundaryPort.key artifact.multi) &&
Check.permCheck artifact.rightBulkTargetKeys [artifact.singular.key]
| PhantomAdapterDirection.scatter =>
Check.permCheck artifact.leftBulkSourceKeys [artifact.singular.key] &&
Check.permCheck artifact.rightBulkTargetKeys (List.map AdmissionBoundaryPort.key artifact.multi)) =
truehDirection:artifact.direction = PhantomAdapterDirection.scatter⊢ artifact.BulkEndpointPartition
artifact:PhantomAdapterArtifacthCheck:Check.permCheck artifact.leftBulkSourceKeys [artifact.singular.key] = true ∧
Check.permCheck artifact.rightBulkTargetKeys (List.map AdmissionBoundaryPort.key artifact.multi) = truehDirection:artifact.direction = PhantomAdapterDirection.scatter⊢ artifact.BulkEndpointPartition
artifact:PhantomAdapterArtifacthCheck:Check.permCheck artifact.leftBulkSourceKeys [artifact.singular.key] = true ∧
Check.permCheck artifact.rightBulkTargetKeys (List.map AdmissionBoundaryPort.key artifact.multi) = truehDirection:artifact.direction = PhantomAdapterDirection.scatter⊢ match artifact.direction with
| PhantomAdapterDirection.gather =>
artifact.leftBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key artifact.multi) ∧
artifact.rightBulkTargetKeys.Perm [artifact.singular.key]
| PhantomAdapterDirection.scatter =>
artifact.leftBulkSourceKeys.Perm [artifact.singular.key] ∧
artifact.rightBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key artifact.multi)
artifact:PhantomAdapterArtifacthCheck:Check.permCheck artifact.leftBulkSourceKeys [artifact.singular.key] = true ∧
Check.permCheck artifact.rightBulkTargetKeys (List.map AdmissionBoundaryPort.key artifact.multi) = truehDirection:artifact.direction = PhantomAdapterDirection.scatter⊢ match PhantomAdapterDirection.scatter with
| PhantomAdapterDirection.gather =>
artifact.leftBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key artifact.multi) ∧
artifact.rightBulkTargetKeys.Perm [artifact.singular.key]
| PhantomAdapterDirection.scatter =>
artifact.leftBulkSourceKeys.Perm [artifact.singular.key] ∧
artifact.rightBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key artifact.multi)
All goals completed! 🐙Executable checker for indexed multi-side compatibility-key uniqueness.
def phantomIndexedMultiCompatibilityKeysUniqueCheck
(artifact : PhantomAdapterArtifact) :
Bool :=
match artifact.productShape with
| ProductShapeArtifact.record _contract _fields =>
true
| ProductShapeArtifact.indexed _element _count =>
Check.nodupMapCheck artifact.multi AdmissionBoundaryPort.compatibilityShapeSuccessful indexed compatibility-key checking proves the indexed uniqueness obligation.
theorem phantomIndexedMultiCompatibilityKeysUniqueCheck_sound
{artifact : PhantomAdapterArtifact}
(hCheck : phantomIndexedMultiCompatibilityKeysUniqueCheck artifact = true) :
artifact.IndexedMultiCompatibilityKeysUnique := artifact:PhantomAdapterArtifacthCheck:phantomIndexedMultiCompatibilityKeysUniqueCheck artifact = true⊢ artifact.IndexedMultiCompatibilityKeysUnique
cases hShape : artifact.productShape with
artifact:PhantomAdapterArtifacthCheck:phantomIndexedMultiCompatibilityKeysUniqueCheck artifact = truecontract:ContractIdfields:List (FieldLabel × ContractId)hShape:artifact.productShape = ProductShapeArtifact.record contract fields⊢ artifact.IndexedMultiCompatibilityKeysUnique
artifact:PhantomAdapterArtifacthCheck:phantomIndexedMultiCompatibilityKeysUniqueCheck artifact = truecontract:ContractIdfields:List (FieldLabel × ContractId)hShape:artifact.productShape = ProductShapeArtifact.record contract fields⊢ match artifact.productShape with
| ProductShapeArtifact.record contract fields => True
| ProductShapeArtifact.indexed elementContract count =>
(List.map AdmissionBoundaryPort.compatibilityShape artifact.multi).Nodup
artifact:PhantomAdapterArtifacthCheck:phantomIndexedMultiCompatibilityKeysUniqueCheck artifact = truecontract:ContractIdfields:List (FieldLabel × ContractId)hShape:artifact.productShape = ProductShapeArtifact.record contract fields⊢ match ProductShapeArtifact.record contract fields with
| ProductShapeArtifact.record contract fields => True
| ProductShapeArtifact.indexed elementContract count =>
(List.map AdmissionBoundaryPort.compatibilityShape artifact.multi).Nodup
All goals completed! 🐙
artifact:PhantomAdapterArtifacthCheck:phantomIndexedMultiCompatibilityKeysUniqueCheck artifact = trueelement:ContractIdcount:ℕhShape:artifact.productShape = ProductShapeArtifact.indexed element count⊢ artifact.IndexedMultiCompatibilityKeysUnique
artifact:PhantomAdapterArtifacthCheck:(match artifact.productShape with
| ProductShapeArtifact.record _contract _fields => true
| ProductShapeArtifact.indexed _element _count =>
Check.nodupMapCheck artifact.multi AdmissionBoundaryPort.compatibilityShape) =
trueelement:ContractIdcount:ℕhShape:artifact.productShape = ProductShapeArtifact.indexed element count⊢ artifact.IndexedMultiCompatibilityKeysUnique
artifact:PhantomAdapterArtifactelement:ContractIdcount:ℕhCheck:(match ProductShapeArtifact.indexed element count with
| ProductShapeArtifact.record _contract _fields => true
| ProductShapeArtifact.indexed _element _count =>
Check.nodupMapCheck artifact.multi AdmissionBoundaryPort.compatibilityShape) =
truehShape:artifact.productShape = ProductShapeArtifact.indexed element count⊢ artifact.IndexedMultiCompatibilityKeysUnique
artifact:PhantomAdapterArtifactelement:ContractIdcount:ℕhCheck:(match ProductShapeArtifact.indexed element count with
| ProductShapeArtifact.record _contract _fields => true
| ProductShapeArtifact.indexed _element _count =>
Check.nodupMapCheck artifact.multi AdmissionBoundaryPort.compatibilityShape) =
truehShape:artifact.productShape = ProductShapeArtifact.indexed element count⊢ match artifact.productShape with
| ProductShapeArtifact.record contract fields => True
| ProductShapeArtifact.indexed elementContract count =>
(List.map AdmissionBoundaryPort.compatibilityShape artifact.multi).Nodup
artifact:PhantomAdapterArtifactelement:ContractIdcount:ℕhCheck:(match ProductShapeArtifact.indexed element count with
| ProductShapeArtifact.record _contract _fields => true
| ProductShapeArtifact.indexed _element _count =>
Check.nodupMapCheck artifact.multi AdmissionBoundaryPort.compatibilityShape) =
truehShape:artifact.productShape = ProductShapeArtifact.indexed element count⊢ match ProductShapeArtifact.indexed element count with
| ProductShapeArtifact.record contract fields => True
| ProductShapeArtifact.indexed elementContract count =>
(List.map AdmissionBoundaryPort.compatibilityShape artifact.multi).Nodup
All goals completed! 🐙Executable checker for phantom-adapter row-local facts.
def phantomAdapterRowsValidCheck
(artifact : PhantomAdapterArtifact) :
Bool :=
decide artifact.node.Valid &&
decide artifact.singular.Valid &&
AdmissionArtifactCheck.boundaryPortsValidCheck artifact.multi &&
AdmissionArtifactCheck.connectionsValidCheck artifact.leftBulk &&
AdmissionArtifactCheck.connectionsValidCheck artifact.rightBulk
Successful phantom row-local checking proves PhantomAdapterArtifact.RowsValid.
theorem phantomAdapterRowsValidCheck_sound
{artifact : PhantomAdapterArtifact}
(hCheck : phantomAdapterRowsValidCheck artifact = true) :
artifact.RowsValid := artifact:PhantomAdapterArtifacthCheck:phantomAdapterRowsValidCheck artifact = true⊢ artifact.RowsValid
artifact:PhantomAdapterArtifacthCheck:(decide artifact.node.Valid && decide artifact.singular.Valid &&
AdmissionArtifactCheck.boundaryPortsValidCheck artifact.multi &&
AdmissionArtifactCheck.connectionsValidCheck artifact.leftBulk &&
AdmissionArtifactCheck.connectionsValidCheck artifact.rightBulk) =
true⊢ artifact.RowsValid
artifact:PhantomAdapterArtifacthCheck:(((decide artifact.node.Valid = true ∧ decide artifact.singular.Valid = true) ∧
AdmissionArtifactCheck.boundaryPortsValidCheck artifact.multi = true) ∧
AdmissionArtifactCheck.connectionsValidCheck artifact.leftBulk = true) ∧
AdmissionArtifactCheck.connectionsValidCheck artifact.rightBulk = true⊢ artifact.RowsValid
artifact:PhantomAdapterArtifacthRightBulk:AdmissionArtifactCheck.connectionsValidCheck artifact.rightBulk = truehLeftBulk:AdmissionArtifactCheck.connectionsValidCheck artifact.leftBulk = truehMulti:AdmissionArtifactCheck.boundaryPortsValidCheck artifact.multi = truehNode:decide artifact.node.Valid = truehSingular:decide artifact.singular.Valid = true⊢ artifact.RowsValid
All goals completed! 🐙Executable checker for one phantom-adapter artifact.
def phantomAdapterValidCheck
(artifact : PhantomAdapterArtifact) :
Bool :=
productShapeValidCheck artifact.productShape &&
phantomProductArityMatchesCheck artifact &&
phantomProductShapeMatchesMultiCheck artifact &&
phantomProductContractMatchesSingularCheck artifact &&
phantomMultiEndpointKeysUniqueCheck artifact &&
phantomBulkEndpointsMatchCheck artifact &&
phantomBulkEndpointPartitionCheck artifact &&
phantomIndexedMultiCompatibilityKeysUniqueCheck artifact &&
phantomAdapterRowsValidCheck artifact
Successful phantom-adapter checking proves PhantomAdapterArtifact.Valid.
theorem phantomAdapterValidCheck_sound
{artifact : PhantomAdapterArtifact}
(hCheck : phantomAdapterValidCheck artifact = true) :
artifact.Valid := artifact:PhantomAdapterArtifacthCheck:phantomAdapterValidCheck artifact = true⊢ artifact.Valid
artifact:PhantomAdapterArtifacthCheck:(productShapeValidCheck artifact.productShape && phantomProductArityMatchesCheck artifact &&
phantomProductShapeMatchesMultiCheck artifact &&
phantomProductContractMatchesSingularCheck artifact &&
phantomMultiEndpointKeysUniqueCheck artifact &&
phantomBulkEndpointsMatchCheck artifact &&
phantomBulkEndpointPartitionCheck artifact &&
phantomIndexedMultiCompatibilityKeysUniqueCheck artifact &&
phantomAdapterRowsValidCheck artifact) =
true⊢ artifact.Valid
artifact:PhantomAdapterArtifacthCheck:(((((((productShapeValidCheck artifact.productShape = true ∧ phantomProductArityMatchesCheck artifact = true) ∧
phantomProductShapeMatchesMultiCheck artifact = true) ∧
phantomProductContractMatchesSingularCheck artifact = true) ∧
phantomMultiEndpointKeysUniqueCheck artifact = true) ∧
phantomBulkEndpointsMatchCheck artifact = true) ∧
phantomBulkEndpointPartitionCheck artifact = true) ∧
phantomIndexedMultiCompatibilityKeysUniqueCheck artifact = true) ∧
phantomAdapterRowsValidCheck artifact = true⊢ artifact.Valid
artifact:PhantomAdapterArtifacthRows:phantomAdapterRowsValidCheck artifact = truehIndexedUnique:phantomIndexedMultiCompatibilityKeysUniqueCheck artifact = truehBulkPartition:phantomBulkEndpointPartitionCheck artifact = truehBulkMatch:phantomBulkEndpointsMatchCheck artifact = truehMultiUnique:phantomMultiEndpointKeysUniqueCheck artifact = truehSingularContract:phantomProductContractMatchesSingularCheck artifact = truehMultiShape:phantomProductShapeMatchesMultiCheck artifact = truehShape:productShapeValidCheck artifact.productShape = truehArity:phantomProductArityMatchesCheck artifact = true⊢ artifact.Valid
All goals completed! 🐙Executable checker for phantom-adapter domain closure over the top-level node summary.
def phantomAdapterDomainClosedCheck
(nodes : List NodeId)
(artifact : PhantomAdapterArtifact) :
Bool :=
Check.memCheck artifact.node nodes &&
boundaryPortClosedCheck nodes artifact.singular &&
boundaryPortsClosedCheck nodes artifact.multi &&
connectionsClosedCheck nodes artifact.leftBulk &&
connectionsClosedCheck nodes artifact.rightBulk
Successful phantom-adapter closure checking proves PhantomAdapterArtifact.DomainClosed.
theorem phantomAdapterDomainClosedCheck_sound
{nodes : List NodeId}
{artifact : PhantomAdapterArtifact}
(hCheck : phantomAdapterDomainClosedCheck nodes artifact = true) :
artifact.DomainClosed nodes := nodes:List NodeIdartifact:PhantomAdapterArtifacthCheck:phantomAdapterDomainClosedCheck nodes artifact = true⊢ PhantomAdapterArtifact.DomainClosed nodes artifact
nodes:List NodeIdartifact:PhantomAdapterArtifacthCheck:(Check.memCheck artifact.node nodes && boundaryPortClosedCheck nodes artifact.singular &&
boundaryPortsClosedCheck nodes artifact.multi &&
connectionsClosedCheck nodes artifact.leftBulk &&
connectionsClosedCheck nodes artifact.rightBulk) =
true⊢ PhantomAdapterArtifact.DomainClosed nodes artifact
nodes:List NodeIdartifact:PhantomAdapterArtifacthCheck:(((Check.memCheck artifact.node nodes = true ∧ boundaryPortClosedCheck nodes artifact.singular = true) ∧
boundaryPortsClosedCheck nodes artifact.multi = true) ∧
connectionsClosedCheck nodes artifact.leftBulk = true) ∧
connectionsClosedCheck nodes artifact.rightBulk = true⊢ PhantomAdapterArtifact.DomainClosed nodes artifact
nodes:List NodeIdartifact:PhantomAdapterArtifacthRightBulk:connectionsClosedCheck nodes artifact.rightBulk = truehLeftBulk:connectionsClosedCheck nodes artifact.leftBulk = truehMulti:boundaryPortsClosedCheck nodes artifact.multi = truehNode:Check.memCheck artifact.node nodes = truehSingular:boundaryPortClosedCheck nodes artifact.singular = true⊢ PhantomAdapterArtifact.DomainClosed nodes artifact
All goals completed! 🐙Select Row Checks
Executable checker for one select variant row.
def selectVariantValidCheck (variant : SelectVariantArtifact) : Bool :=
decide variant.key.Valid &&
decide variant.port.Valid &&
decide (variant.key = variant.port.selectKey)
Successful select-variant checking proves SelectVariantArtifact.Valid.
theorem selectVariantValidCheck_sound
{variant : SelectVariantArtifact}
(hCheck : selectVariantValidCheck variant = true) :
variant.Valid := variant:SelectVariantArtifacthCheck:selectVariantValidCheck variant = true⊢ variant.Valid
variant:SelectVariantArtifacthCheck:(decide variant.key.Valid && decide variant.port.Valid && decide (variant.key = variant.port.selectKey)) = true⊢ variant.Valid
variant:SelectVariantArtifacthCheck:(decide variant.key.Valid = true ∧ decide variant.port.Valid = true) ∧
decide (variant.key = variant.port.selectKey) = true⊢ variant.Valid
variant:SelectVariantArtifacthCanonical:decide (variant.key = variant.port.selectKey) = truehKey:decide variant.key.Valid = truehPort:decide variant.port.Valid = true⊢ variant.Valid
exact
{ keyValid := of_decide_eq_true hKey
, portValid := of_decide_eq_true hPort
, keyCanonical := variant:SelectVariantArtifacthCanonical:decide (variant.key = variant.port.selectKey) = truehKey:decide variant.key.Valid = truehPort:decide variant.port.Valid = true⊢ variant.KeyCanonical
variant:SelectVariantArtifacthCanonical:decide (variant.key = variant.port.selectKey) = truehKey:decide variant.key.Valid = truehPort:decide variant.port.Valid = true⊢ variant.key = variant.port.selectKey
All goals completed! 🐙
}Executable checker for one select arm row.
def selectArmValidCheck (arm : SelectArmAdmissionArtifact) : Bool :=
decide arm.sourceKey.Valid &&
decide arm.canonicalKey.Valid &&
boundaryPortsClosedCheck arm.bodyNodes arm.bodyEntries &&
boundaryPortsClosedCheck arm.bodyNodes arm.bodyExits &&
Check.nodupCheck arm.bodyNodes &&
Check.nodupCheck arm.bodyEntryKeys &&
Check.nodupCheck arm.bodyExitKeys &&
Check.allDecide arm.bodyNodes NodeId.Valid &&
AdmissionArtifactCheck.boundaryPortsValidCheck arm.bodyEntries &&
AdmissionArtifactCheck.boundaryPortsValidCheck arm.bodyExits
Successful select-arm checking proves SelectArmAdmissionArtifact.Valid.
theorem selectArmValidCheck_sound
{arm : SelectArmAdmissionArtifact}
(hCheck : selectArmValidCheck arm = true) :
arm.Valid := arm:SelectArmAdmissionArtifacthCheck:selectArmValidCheck arm = true⊢ arm.Valid
arm:SelectArmAdmissionArtifacthCheck:(decide arm.sourceKey.Valid && decide arm.canonicalKey.Valid &&
boundaryPortsClosedCheck arm.bodyNodes arm.bodyEntries &&
boundaryPortsClosedCheck arm.bodyNodes arm.bodyExits &&
Check.nodupCheck arm.bodyNodes &&
Check.nodupCheck arm.bodyEntryKeys &&
Check.nodupCheck arm.bodyExitKeys &&
Check.allDecide arm.bodyNodes NodeId.Valid &&
AdmissionArtifactCheck.boundaryPortsValidCheck arm.bodyEntries &&
AdmissionArtifactCheck.boundaryPortsValidCheck arm.bodyExits) =
true⊢ arm.Valid
arm:SelectArmAdmissionArtifacthCheck:((((((((decide arm.sourceKey.Valid = true ∧ decide arm.canonicalKey.Valid = true) ∧
boundaryPortsClosedCheck arm.bodyNodes arm.bodyEntries = true) ∧
boundaryPortsClosedCheck arm.bodyNodes arm.bodyExits = true) ∧
Check.nodupCheck arm.bodyNodes = true) ∧
Check.nodupCheck arm.bodyEntryKeys = true) ∧
Check.nodupCheck arm.bodyExitKeys = true) ∧
Check.allDecide arm.bodyNodes NodeId.Valid = true) ∧
AdmissionArtifactCheck.boundaryPortsValidCheck arm.bodyEntries = true) ∧
AdmissionArtifactCheck.boundaryPortsValidCheck arm.bodyExits = true⊢ arm.Valid
arm:SelectArmAdmissionArtifacthBodyExitsValid:AdmissionArtifactCheck.boundaryPortsValidCheck arm.bodyExits = truehBodyEntriesValid:AdmissionArtifactCheck.boundaryPortsValidCheck arm.bodyEntries = truehBodyNodesValid:Check.allDecide arm.bodyNodes NodeId.Valid = truehBodyExitsUnique:Check.nodupCheck arm.bodyExitKeys = truehBodyEntriesUnique:Check.nodupCheck arm.bodyEntryKeys = truehBodyNodesUnique:Check.nodupCheck arm.bodyNodes = truehBodyExitsClosed:boundaryPortsClosedCheck arm.bodyNodes arm.bodyExits = truehBodyEntriesClosed:boundaryPortsClosedCheck arm.bodyNodes arm.bodyEntries = truehSourceKey:decide arm.sourceKey.Valid = truehCanonicalKey:decide arm.canonicalKey.Valid = true⊢ arm.Valid
All goals completed! 🐙Executable checker that all variant ports share one exclusive output group.
def :
List SelectVariantArtifact → Bool
| [] => false
| variant :: variants =>
match variant.port.exclusiveGroup with
| none => false
| some group =>
Check.allDecide variants fun other =>
other.port.exclusiveGroup = some group
Successful exclusive-group checking proves VariantsShareExclusiveGroup.
theorem
{variants : List SelectVariantArtifact}
(hCheck : selectVariantsShareExclusiveGroupCheck variants = true) :
∃ owner index,
∀ variant, variant ∈ variants →
variant.port.exclusiveGroup = some (owner, index) := variants:List SelectVariantArtifacthCheck:selectVariantsShareExclusiveGroupCheck variants = true⊢ ∃ owner index, ∀ variant ∈ variants, variant.port.exclusiveGroup = some (owner, index)
cases variants with
hCheck:selectVariantsShareExclusiveGroupCheck [] = true⊢ ∃ owner index, ∀ variant ∈ [], variant.port.exclusiveGroup = some (owner, index)
All goals completed! 🐙
variant:SelectVariantArtifactvariants:List SelectVariantArtifacthCheck:selectVariantsShareExclusiveGroupCheck (variant :: variants) = true⊢ ∃ owner index, ∀ variant_1 ∈ variant :: variants, variant_1.port.exclusiveGroup = some (owner, index)
cases hGroup : variant.port.exclusiveGroup with
variant:SelectVariantArtifactvariants:List SelectVariantArtifacthCheck:selectVariantsShareExclusiveGroupCheck (variant :: variants) = truehGroup:variant.port.exclusiveGroup = none⊢ ∃ owner index, ∀ variant_1 ∈ variant :: variants, variant_1.port.exclusiveGroup = some (owner, index)
All goals completed! 🐙
variant:SelectVariantArtifactvariants:List SelectVariantArtifacthCheck:selectVariantsShareExclusiveGroupCheck (variant :: variants) = truegroup:NodeId × ℕhGroup:variant.port.exclusiveGroup = some group⊢ ∃ owner index, ∀ variant_1 ∈ variant :: variants, variant_1.port.exclusiveGroup = some (owner, index)
cases group with
variant:SelectVariantArtifactvariants:List SelectVariantArtifacthCheck:selectVariantsShareExclusiveGroupCheck (variant :: variants) = trueowner:NodeIdindex:ℕhGroup:variant.port.exclusiveGroup = some (owner, index)⊢ ∃ owner index, ∀ variant_1 ∈ variant :: variants, variant_1.port.exclusiveGroup = some (owner, index)
have hTail :
Check.allDecide variants
(fun other =>
other.port.exclusiveGroup = some (owner, index)) = true := variants:List SelectVariantArtifacthCheck:selectVariantsShareExclusiveGroupCheck variants = true⊢ ∃ owner index, ∀ variant ∈ variants, variant.port.exclusiveGroup = some (owner, index)
All goals completed! 🐙
variant:SelectVariantArtifactvariants:List SelectVariantArtifacthCheck:selectVariantsShareExclusiveGroupCheck (variant :: variants) = trueowner:NodeIdindex:ℕhGroup:variant.port.exclusiveGroup = some (owner, index)hTail:(Check.allDecide variants fun other => other.port.exclusiveGroup = some (owner, index)) = true⊢ ∀ variant_1 ∈ variant :: variants, variant_1.port.exclusiveGroup = some (owner, index)
intro candidate variant:SelectVariantArtifactvariants:List SelectVariantArtifacthCheck:selectVariantsShareExclusiveGroupCheck (variant :: variants) = trueowner:NodeIdindex:ℕhGroup:variant.port.exclusiveGroup = some (owner, index)hTail:(Check.allDecide variants fun other => other.port.exclusiveGroup = some (owner, index)) = truecandidate:SelectVariantArtifacthCandidate:candidate ∈ variant :: variants⊢ candidate.port.exclusiveGroup = some (owner, index)
variant:SelectVariantArtifactvariants:List SelectVariantArtifacthCheck:selectVariantsShareExclusiveGroupCheck (variant :: variants) = trueowner:NodeIdindex:ℕhGroup:variant.port.exclusiveGroup = some (owner, index)hTail:(Check.allDecide variants fun other => other.port.exclusiveGroup = some (owner, index)) = truecandidate:SelectVariantArtifacthCandidate:candidate = variant ∨ candidate ∈ variants⊢ candidate.port.exclusiveGroup = some (owner, index)
variant:SelectVariantArtifactvariants:List SelectVariantArtifacthCheck:selectVariantsShareExclusiveGroupCheck (variant :: variants) = trueowner:NodeIdindex:ℕhGroup:variant.port.exclusiveGroup = some (owner, index)hTail:(Check.allDecide variants fun other => other.port.exclusiveGroup = some (owner, index)) = truecandidate:SelectVariantArtifacthHead:candidate = variant⊢ candidate.port.exclusiveGroup = some (owner, index)variant:SelectVariantArtifactvariants:List SelectVariantArtifacthCheck:selectVariantsShareExclusiveGroupCheck (variant :: variants) = trueowner:NodeIdindex:ℕhGroup:variant.port.exclusiveGroup = some (owner, index)hTail:(Check.allDecide variants fun other => other.port.exclusiveGroup = some (owner, index)) = truecandidate:SelectVariantArtifacthTailMem:candidate ∈ variants⊢ candidate.port.exclusiveGroup = some (owner, index)
variant:SelectVariantArtifactvariants:List SelectVariantArtifacthCheck:selectVariantsShareExclusiveGroupCheck (variant :: variants) = trueowner:NodeIdindex:ℕhGroup:variant.port.exclusiveGroup = some (owner, index)hTail:(Check.allDecide variants fun other => other.port.exclusiveGroup = some (owner, index)) = truecandidate:SelectVariantArtifacthHead:candidate = variant⊢ candidate.port.exclusiveGroup = some (owner, index)
variant:SelectVariantArtifactvariants:List SelectVariantArtifacthCheck:selectVariantsShareExclusiveGroupCheck (variant :: variants) = trueowner:NodeIdindex:ℕhGroup:variant.port.exclusiveGroup = some (owner, index)hTail:(Check.allDecide variants fun other => other.port.exclusiveGroup = some (owner, index)) = true⊢ variant.port.exclusiveGroup = some (owner, index)
All goals completed! 🐙
variant:SelectVariantArtifactvariants:List SelectVariantArtifacthCheck:selectVariantsShareExclusiveGroupCheck (variant :: variants) = trueowner:NodeIdindex:ℕhGroup:variant.port.exclusiveGroup = some (owner, index)hTail:(Check.allDecide variants fun other => other.port.exclusiveGroup = some (owner, index)) = truecandidate:SelectVariantArtifacthTailMem:candidate ∈ variants⊢ candidate.port.exclusiveGroup = some (owner, index)
All goals completed! 🐙Executable checker for one select arm's persisted resolution mode.
def selectArmResolutionSoundCheck
(variants : List SelectVariantArtifact)
(arm : SelectArmAdmissionArtifact) :
Bool :=
match arm.mode with
| SelectResolutionMode.resolvedByLabel =>
decide (arm.sourceKey = arm.canonicalKey) &&
Check.anyDecide variants (fun variant =>
variant.key = arm.canonicalKey ∧
variant.port.label = AdmissionPortLabel.label arm.sourceKey)
| SelectResolutionMode.resolvedByContract =>
Check.allDecide variants (fun variant =>
variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) &&
Check.allDecide variants (fun variant =>
(variant.port.contract.name = arm.sourceKey.name ↔
variant.key = arm.canonicalKey))Successful resolution-mode checking proves the relational resolution contract.
theorem selectArmResolutionSoundCheck_sound
{variants : List SelectVariantArtifact}
{arm : SelectArmAdmissionArtifact}
(hCheck : selectArmResolutionSoundCheck variants arm = true) :
match arm.mode with
| SelectResolutionMode.resolvedByLabel =>
arm.sourceKey = arm.canonicalKey ∧
∃ variant, variant ∈ variants ∧
variant.key = arm.canonicalKey ∧
variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(∀ variant, variant ∈ variants →
variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) ∧
(∀ variant, variant ∈ variants →
(variant.port.contract.name = arm.sourceKey.name ↔
variant.key = arm.canonicalKey)) := variants:List SelectVariantArtifactarm:SelectArmAdmissionArtifacthCheck:selectArmResolutionSoundCheck variants arm = true⊢ match arm.mode with
| SelectResolutionMode.resolvedByLabel =>
arm.sourceKey = arm.canonicalKey ∧
∃ variant ∈ variants, variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(∀ variant ∈ variants, variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) ∧
∀ variant ∈ variants, variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey
cases hMode : arm.mode with
variants:List SelectVariantArtifactarm:SelectArmAdmissionArtifacthCheck:selectArmResolutionSoundCheck variants arm = truehMode:arm.mode = SelectResolutionMode.resolvedByLabel⊢ match SelectResolutionMode.resolvedByLabel with
| SelectResolutionMode.resolvedByLabel =>
arm.sourceKey = arm.canonicalKey ∧
∃ variant ∈ variants, variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(∀ variant ∈ variants, variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) ∧
∀ variant ∈ variants, variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey
variants:List SelectVariantArtifactarm:SelectArmAdmissionArtifacthCheck:(match arm.mode with
| SelectResolutionMode.resolvedByLabel =>
decide (arm.sourceKey = arm.canonicalKey) &&
Check.anyDecide variants fun variant =>
variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(Check.allDecide variants fun variant => variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) &&
Check.allDecide variants fun variant =>
variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey) =
truehMode:arm.mode = SelectResolutionMode.resolvedByLabel⊢ match SelectResolutionMode.resolvedByLabel with
| SelectResolutionMode.resolvedByLabel =>
arm.sourceKey = arm.canonicalKey ∧
∃ variant ∈ variants, variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(∀ variant ∈ variants, variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) ∧
∀ variant ∈ variants, variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey
variants:List SelectVariantArtifactarm:SelectArmAdmissionArtifacthCheck:(match SelectResolutionMode.resolvedByLabel with
| SelectResolutionMode.resolvedByLabel =>
decide (arm.sourceKey = arm.canonicalKey) &&
Check.anyDecide variants fun variant =>
variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(Check.allDecide variants fun variant => variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) &&
Check.allDecide variants fun variant =>
variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey) =
truehMode:arm.mode = SelectResolutionMode.resolvedByLabel⊢ match SelectResolutionMode.resolvedByLabel with
| SelectResolutionMode.resolvedByLabel =>
arm.sourceKey = arm.canonicalKey ∧
∃ variant ∈ variants, variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(∀ variant ∈ variants, variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) ∧
∀ variant ∈ variants, variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey
variants:List SelectVariantArtifactarm:SelectArmAdmissionArtifacthCheck:decide (arm.sourceKey = arm.canonicalKey) = true ∧
(Check.anyDecide variants fun variant =>
variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey) =
truehMode:arm.mode = SelectResolutionMode.resolvedByLabel⊢ match SelectResolutionMode.resolvedByLabel with
| SelectResolutionMode.resolvedByLabel =>
arm.sourceKey = arm.canonicalKey ∧
∃ variant ∈ variants, variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(∀ variant ∈ variants, variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) ∧
∀ variant ∈ variants, variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey
variants:List SelectVariantArtifactarm:SelectArmAdmissionArtifacthCheck:decide (arm.sourceKey = arm.canonicalKey) = true ∧
(Check.anyDecide variants fun variant =>
variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey) =
truehMode:arm.mode = SelectResolutionMode.resolvedByLabelhResult:arm.sourceKey = arm.canonicalKey ∧
∃ variant ∈ variants, variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey⊢ match SelectResolutionMode.resolvedByLabel with
| SelectResolutionMode.resolvedByLabel =>
arm.sourceKey = arm.canonicalKey ∧
∃ variant ∈ variants, variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(∀ variant ∈ variants, variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) ∧
∀ variant ∈ variants, variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey
All goals completed! 🐙
variants:List SelectVariantArtifactarm:SelectArmAdmissionArtifacthCheck:selectArmResolutionSoundCheck variants arm = truehMode:arm.mode = SelectResolutionMode.resolvedByContract⊢ match SelectResolutionMode.resolvedByContract with
| SelectResolutionMode.resolvedByLabel =>
arm.sourceKey = arm.canonicalKey ∧
∃ variant ∈ variants, variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(∀ variant ∈ variants, variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) ∧
∀ variant ∈ variants, variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey
variants:List SelectVariantArtifactarm:SelectArmAdmissionArtifacthCheck:(match arm.mode with
| SelectResolutionMode.resolvedByLabel =>
decide (arm.sourceKey = arm.canonicalKey) &&
Check.anyDecide variants fun variant =>
variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(Check.allDecide variants fun variant => variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) &&
Check.allDecide variants fun variant =>
variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey) =
truehMode:arm.mode = SelectResolutionMode.resolvedByContract⊢ match SelectResolutionMode.resolvedByContract with
| SelectResolutionMode.resolvedByLabel =>
arm.sourceKey = arm.canonicalKey ∧
∃ variant ∈ variants, variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(∀ variant ∈ variants, variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) ∧
∀ variant ∈ variants, variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey
variants:List SelectVariantArtifactarm:SelectArmAdmissionArtifacthCheck:(match SelectResolutionMode.resolvedByContract with
| SelectResolutionMode.resolvedByLabel =>
decide (arm.sourceKey = arm.canonicalKey) &&
Check.anyDecide variants fun variant =>
variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(Check.allDecide variants fun variant => variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) &&
Check.allDecide variants fun variant =>
variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey) =
truehMode:arm.mode = SelectResolutionMode.resolvedByContract⊢ match SelectResolutionMode.resolvedByContract with
| SelectResolutionMode.resolvedByLabel =>
arm.sourceKey = arm.canonicalKey ∧
∃ variant ∈ variants, variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(∀ variant ∈ variants, variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) ∧
∀ variant ∈ variants, variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey
variants:List SelectVariantArtifactarm:SelectArmAdmissionArtifacthCheck:(Check.allDecide variants fun variant => variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) = true ∧
(Check.allDecide variants fun variant =>
variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey) =
truehMode:arm.mode = SelectResolutionMode.resolvedByContract⊢ match SelectResolutionMode.resolvedByContract with
| SelectResolutionMode.resolvedByLabel =>
arm.sourceKey = arm.canonicalKey ∧
∃ variant ∈ variants, variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(∀ variant ∈ variants, variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) ∧
∀ variant ∈ variants, variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey
variants:List SelectVariantArtifactarm:SelectArmAdmissionArtifacthCheck:(Check.allDecide variants fun variant => variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) = true ∧
(Check.allDecide variants fun variant =>
variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey) =
truehMode:arm.mode = SelectResolutionMode.resolvedByContracthResult:(∀ variant ∈ variants, variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) ∧
∀ variant ∈ variants, variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey⊢ match SelectResolutionMode.resolvedByContract with
| SelectResolutionMode.resolvedByLabel =>
arm.sourceKey = arm.canonicalKey ∧
∃ variant ∈ variants, variant.key = arm.canonicalKey ∧ variant.port.label = AdmissionPortLabel.label arm.sourceKey
| SelectResolutionMode.resolvedByContract =>
(∀ variant ∈ variants, variant.port.label ≠ AdmissionPortLabel.label arm.sourceKey) ∧
∀ variant ∈ variants, variant.port.contract.name = arm.sourceKey.name ↔ variant.key = arm.canonicalKey
All goals completed! 🐙Executable checker for select-admission row-local facts.
def selectAdmissionRowsValidCheck
(selectAdmission : SelectAdmissionArtifact) :
Bool :=
decide selectAdmission.owner.Valid &&
decide selectAdmission.conditionNode.Valid &&
Check.allBool selectAdmission.variants selectVariantValidCheck &&
Check.allBool selectAdmission.arms selectArmValidCheck
Successful row-local checking proves SelectAdmissionArtifact.RowsValid.
theorem selectAdmissionRowsValidCheck_sound
{selectAdmission : SelectAdmissionArtifact}
(hCheck : selectAdmissionRowsValidCheck selectAdmission = true) :
selectAdmission.RowsValid := selectAdmission:SelectAdmissionArtifacthCheck:selectAdmissionRowsValidCheck selectAdmission = true⊢ selectAdmission.RowsValid
selectAdmission:SelectAdmissionArtifacthCheck:(decide selectAdmission.owner.Valid && decide selectAdmission.conditionNode.Valid &&
Check.allBool selectAdmission.variants selectVariantValidCheck &&
Check.allBool selectAdmission.arms selectArmValidCheck) =
true⊢ selectAdmission.RowsValid
selectAdmission:SelectAdmissionArtifacthCheck:((decide selectAdmission.owner.Valid = true ∧ decide selectAdmission.conditionNode.Valid = true) ∧
Check.allBool selectAdmission.variants selectVariantValidCheck = true) ∧
Check.allBool selectAdmission.arms selectArmValidCheck = true⊢ selectAdmission.RowsValid
selectAdmission:SelectAdmissionArtifacthArms:Check.allBool selectAdmission.arms selectArmValidCheck = truehVariants:Check.allBool selectAdmission.variants selectVariantValidCheck = truehOwner:decide selectAdmission.owner.Valid = truehCondition:decide selectAdmission.conditionNode.Valid = true⊢ selectAdmission.RowsValid
All goals completed! 🐙Executable checker for one select-admission artifact.
def selectAdmissionValidCheck
(selectAdmission : SelectAdmissionArtifact) :
Bool :=
decide (selectAdmission.owner = selectAdmission.conditionNode) &&
Check.permCheck selectAdmission.armCanonicalKeys
selectAdmission.variantKeys &&
Check.nodupCheck selectAdmission.variantKeys &&
decide (2 ≤ selectAdmission.variants.length) &&
selectVariantsShareExclusiveGroupCheck selectAdmission.variants &&
Check.nodupCheck selectAdmission.armCanonicalKeys &&
Check.nodupCheck selectAdmission.armSourceIndexes &&
decide
(selectAdmission.armSourceIndexes =
List.range selectAdmission.arms.length) &&
selectAdmissionRowsValidCheck selectAdmission &&
Check.allBool selectAdmission.arms
(selectArmResolutionSoundCheck selectAdmission.variants)
Successful select-admission checking proves SelectAdmissionArtifact.Valid.
theorem selectAdmissionValidCheck_sound
{selectAdmission : SelectAdmissionArtifact}
(hCheck : selectAdmissionValidCheck selectAdmission = true) :
selectAdmission.Valid := selectAdmission:SelectAdmissionArtifacthCheck:selectAdmissionValidCheck selectAdmission = true⊢ selectAdmission.Valid
selectAdmission:SelectAdmissionArtifacthCheck:(decide (selectAdmission.owner = selectAdmission.conditionNode) &&
Check.permCheck selectAdmission.armCanonicalKeys selectAdmission.variantKeys &&
Check.nodupCheck selectAdmission.variantKeys &&
decide (2 ≤ selectAdmission.variants.length) &&
selectVariantsShareExclusiveGroupCheck selectAdmission.variants &&
Check.nodupCheck selectAdmission.armCanonicalKeys &&
Check.nodupCheck selectAdmission.armSourceIndexes &&
decide (selectAdmission.armSourceIndexes = List.range selectAdmission.arms.length) &&
selectAdmissionRowsValidCheck selectAdmission &&
Check.allBool selectAdmission.arms (selectArmResolutionSoundCheck selectAdmission.variants)) =
true⊢ selectAdmission.Valid
selectAdmission:SelectAdmissionArtifacthCheck:((((((((decide (selectAdmission.owner = selectAdmission.conditionNode) = true ∧
Check.permCheck selectAdmission.armCanonicalKeys selectAdmission.variantKeys = true) ∧
Check.nodupCheck selectAdmission.variantKeys = true) ∧
decide (2 ≤ selectAdmission.variants.length) = true) ∧
selectVariantsShareExclusiveGroupCheck selectAdmission.variants = true) ∧
Check.nodupCheck selectAdmission.armCanonicalKeys = true) ∧
Check.nodupCheck selectAdmission.armSourceIndexes = true) ∧
decide (selectAdmission.armSourceIndexes = List.range selectAdmission.arms.length) = true) ∧
selectAdmissionRowsValidCheck selectAdmission = true) ∧
Check.allBool selectAdmission.arms (selectArmResolutionSoundCheck selectAdmission.variants) = true⊢ selectAdmission.Valid
selectAdmission:SelectAdmissionArtifacthResolution:Check.allBool selectAdmission.arms (selectArmResolutionSoundCheck selectAdmission.variants) = truehRows:selectAdmissionRowsValidCheck selectAdmission = truehArmIndexesCanonical:decide (selectAdmission.armSourceIndexes = List.range selectAdmission.arms.length) = truehArmIndexes:Check.nodupCheck selectAdmission.armSourceIndexes = truehArmKeys:Check.nodupCheck selectAdmission.armCanonicalKeys = truehExclusiveGroup:selectVariantsShareExclusiveGroupCheck selectAdmission.variants = truehAtLeastTwo:decide (2 ≤ selectAdmission.variants.length) = truehVariantKeys:Check.nodupCheck selectAdmission.variantKeys = truehOwner:decide (selectAdmission.owner = selectAdmission.conditionNode) = truehCovered:Check.permCheck selectAdmission.armCanonicalKeys selectAdmission.variantKeys = true⊢ selectAdmission.Valid
exact
{ ownerMatchesCondition := selectAdmission:SelectAdmissionArtifacthResolution:Check.allBool selectAdmission.arms (selectArmResolutionSoundCheck selectAdmission.variants) = truehRows:selectAdmissionRowsValidCheck selectAdmission = truehArmIndexesCanonical:decide (selectAdmission.armSourceIndexes = List.range selectAdmission.arms.length) = truehArmIndexes:Check.nodupCheck selectAdmission.armSourceIndexes = truehArmKeys:Check.nodupCheck selectAdmission.armCanonicalKeys = truehExclusiveGroup:selectVariantsShareExclusiveGroupCheck selectAdmission.variants = truehAtLeastTwo:decide (2 ≤ selectAdmission.variants.length) = truehVariantKeys:Check.nodupCheck selectAdmission.variantKeys = truehOwner:decide (selectAdmission.owner = selectAdmission.conditionNode) = truehCovered:Check.permCheck selectAdmission.armCanonicalKeys selectAdmission.variantKeys = true⊢ selectAdmission.OwnerMatchesCondition
selectAdmission:SelectAdmissionArtifacthResolution:Check.allBool selectAdmission.arms (selectArmResolutionSoundCheck selectAdmission.variants) = truehRows:selectAdmissionRowsValidCheck selectAdmission = truehArmIndexesCanonical:decide (selectAdmission.armSourceIndexes = List.range selectAdmission.arms.length) = truehArmIndexes:Check.nodupCheck selectAdmission.armSourceIndexes = truehArmKeys:Check.nodupCheck selectAdmission.armCanonicalKeys = truehExclusiveGroup:selectVariantsShareExclusiveGroupCheck selectAdmission.variants = truehAtLeastTwo:decide (2 ≤ selectAdmission.variants.length) = truehVariantKeys:Check.nodupCheck selectAdmission.variantKeys = truehOwner:decide (selectAdmission.owner = selectAdmission.conditionNode) = truehCovered:Check.permCheck selectAdmission.armCanonicalKeys selectAdmission.variantKeys = true⊢ selectAdmission.owner = selectAdmission.conditionNode
All goals completed! 🐙
, keysCovered := Check.permCheck_sound hCovered
, variantKeysUnique := Check.nodupCheck_sound hVariantKeys
, variantsAtLeastTwo := selectAdmission:SelectAdmissionArtifacthResolution:Check.allBool selectAdmission.arms (selectArmResolutionSoundCheck selectAdmission.variants) = truehRows:selectAdmissionRowsValidCheck selectAdmission = truehArmIndexesCanonical:decide (selectAdmission.armSourceIndexes = List.range selectAdmission.arms.length) = truehArmIndexes:Check.nodupCheck selectAdmission.armSourceIndexes = truehArmKeys:Check.nodupCheck selectAdmission.armCanonicalKeys = truehExclusiveGroup:selectVariantsShareExclusiveGroupCheck selectAdmission.variants = truehAtLeastTwo:decide (2 ≤ selectAdmission.variants.length) = truehVariantKeys:Check.nodupCheck selectAdmission.variantKeys = truehOwner:decide (selectAdmission.owner = selectAdmission.conditionNode) = truehCovered:Check.permCheck selectAdmission.armCanonicalKeys selectAdmission.variantKeys = true⊢ selectAdmission.VariantsAtLeastTwo
selectAdmission:SelectAdmissionArtifacthResolution:Check.allBool selectAdmission.arms (selectArmResolutionSoundCheck selectAdmission.variants) = truehRows:selectAdmissionRowsValidCheck selectAdmission = truehArmIndexesCanonical:decide (selectAdmission.armSourceIndexes = List.range selectAdmission.arms.length) = truehArmIndexes:Check.nodupCheck selectAdmission.armSourceIndexes = truehArmKeys:Check.nodupCheck selectAdmission.armCanonicalKeys = truehExclusiveGroup:selectVariantsShareExclusiveGroupCheck selectAdmission.variants = truehAtLeastTwo:decide (2 ≤ selectAdmission.variants.length) = truehVariantKeys:Check.nodupCheck selectAdmission.variantKeys = truehOwner:decide (selectAdmission.owner = selectAdmission.conditionNode) = truehCovered:Check.permCheck selectAdmission.armCanonicalKeys selectAdmission.variantKeys = true⊢ 2 ≤ selectAdmission.variants.length
All goals completed! 🐙
, variantsShareExclusiveGroup :=
selectVariantsShareExclusiveGroupCheck_sound hExclusiveGroup
, armCanonicalKeysUnique := Check.nodupCheck_sound hArmKeys
, armSourceIndexesUnique := Check.nodupCheck_sound hArmIndexes
, armSourceIndexesCanonical := selectAdmission:SelectAdmissionArtifacthResolution:Check.allBool selectAdmission.arms (selectArmResolutionSoundCheck selectAdmission.variants) = truehRows:selectAdmissionRowsValidCheck selectAdmission = truehArmIndexesCanonical:decide (selectAdmission.armSourceIndexes = List.range selectAdmission.arms.length) = truehArmIndexes:Check.nodupCheck selectAdmission.armSourceIndexes = truehArmKeys:Check.nodupCheck selectAdmission.armCanonicalKeys = truehExclusiveGroup:selectVariantsShareExclusiveGroupCheck selectAdmission.variants = truehAtLeastTwo:decide (2 ≤ selectAdmission.variants.length) = truehVariantKeys:Check.nodupCheck selectAdmission.variantKeys = truehOwner:decide (selectAdmission.owner = selectAdmission.conditionNode) = truehCovered:Check.permCheck selectAdmission.armCanonicalKeys selectAdmission.variantKeys = true⊢ selectAdmission.ArmSourceIndexesCanonical
selectAdmission:SelectAdmissionArtifacthResolution:Check.allBool selectAdmission.arms (selectArmResolutionSoundCheck selectAdmission.variants) = truehRows:selectAdmissionRowsValidCheck selectAdmission = truehArmIndexesCanonical:decide (selectAdmission.armSourceIndexes = List.range selectAdmission.arms.length) = truehArmIndexes:Check.nodupCheck selectAdmission.armSourceIndexes = truehArmKeys:Check.nodupCheck selectAdmission.armCanonicalKeys = truehExclusiveGroup:selectVariantsShareExclusiveGroupCheck selectAdmission.variants = truehAtLeastTwo:decide (2 ≤ selectAdmission.variants.length) = truehVariantKeys:Check.nodupCheck selectAdmission.variantKeys = truehOwner:decide (selectAdmission.owner = selectAdmission.conditionNode) = truehCovered:Check.permCheck selectAdmission.armCanonicalKeys selectAdmission.variantKeys = true⊢ selectAdmission.armSourceIndexes = List.range selectAdmission.arms.length
All goals completed! 🐙
, rowsValid := selectAdmissionRowsValidCheck_sound hRows
, armResolutionSound :=
Check.allBool_sound hResolution
(fun _arm _ hArm =>
selectArmResolutionSoundCheck_sound hArm)
}Executable checker that all select-admission artifacts are locally valid.
def selectsValidCheck (artifact : WireAdmissionArtifact) : Bool :=
Check.allBool artifact.selects selectAdmissionValidCheck
Successful select-list checking proves SelectsValid.
theorem selectsValidCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.selectsValidCheck = true) :
artifact.SelectsValid :=
Check.allBool_sound hCheck
(fun _selectAdmission _ hSelect =>
selectAdmissionValidCheck_sound hSelect)Executable checker for select-admission domain closure over the top-level node summary.
def selectAdmissionDomainClosedCheck
(nodes : List NodeId)
(selectAdmission : SelectAdmissionArtifact) :
Bool :=
Check.memCheck selectAdmission.owner nodes &&
Check.memCheck selectAdmission.conditionNode nodes &&
Check.allDecide selectAdmission.variants fun variant =>
variant.port.node ∈ nodes
Successful select-domain checking proves SelectAdmissionArtifact.DomainClosed.
theorem selectAdmissionDomainClosedCheck_sound
{nodes : List NodeId}
{selectAdmission : SelectAdmissionArtifact}
(hCheck : selectAdmissionDomainClosedCheck nodes selectAdmission = true) :
selectAdmission.DomainClosed nodes := nodes:List NodeIdselectAdmission:SelectAdmissionArtifacthCheck:selectAdmissionDomainClosedCheck nodes selectAdmission = true⊢ SelectAdmissionArtifact.DomainClosed nodes selectAdmission
nodes:List NodeIdselectAdmission:SelectAdmissionArtifacthCheck:(Check.memCheck selectAdmission.owner nodes && Check.memCheck selectAdmission.conditionNode nodes &&
Check.allDecide selectAdmission.variants fun variant => variant.port.node ∈ nodes) =
true⊢ SelectAdmissionArtifact.DomainClosed nodes selectAdmission
nodes:List NodeIdselectAdmission:SelectAdmissionArtifacthCheck:(Check.memCheck selectAdmission.owner nodes = true ∧ Check.memCheck selectAdmission.conditionNode nodes = true) ∧
(Check.allDecide selectAdmission.variants fun variant => variant.port.node ∈ nodes) = true⊢ SelectAdmissionArtifact.DomainClosed nodes selectAdmission
nodes:List NodeIdselectAdmission:SelectAdmissionArtifacthVariants:(Check.allDecide selectAdmission.variants fun variant => variant.port.node ∈ nodes) = truehOwner:Check.memCheck selectAdmission.owner nodes = truehCondition:Check.memCheck selectAdmission.conditionNode nodes = true⊢ SelectAdmissionArtifact.DomainClosed nodes selectAdmission
All goals completed! 🐙Boolean exclusive-group ownership check for select condition-node internal exits.
def selectExitOwnedByConditionCheck
(conditionNode : NodeId)
(exit : AdmissionBoundaryPort) :
Bool :=
match exit.exclusiveGroup with
| none => false
| some (owner, _index) => decide (owner = conditionNode)Successful condition-owner checking returns the serialized exclusive-group index.
theorem selectExitOwnedByConditionCheck_sound
{conditionNode : NodeId}
{exit : AdmissionBoundaryPort}
(hCheck : selectExitOwnedByConditionCheck conditionNode exit = true) :
∃ index, exit.exclusiveGroup = some (conditionNode, index) := conditionNode:NodeIdexit:AdmissionBoundaryPorthCheck:selectExitOwnedByConditionCheck conditionNode exit = true⊢ ∃ index, exit.exclusiveGroup = some (conditionNode, index)
conditionNode:NodeIdexit:AdmissionBoundaryPorthCheck:(match exit.exclusiveGroup with
| none => false
| some (owner, _index) => decide (owner = conditionNode)) =
true⊢ ∃ index, exit.exclusiveGroup = some (conditionNode, index)
cases hGroup : exit.exclusiveGroup with
conditionNode:NodeIdexit:AdmissionBoundaryPorthCheck:(match exit.exclusiveGroup with
| none => false
| some (owner, _index) => decide (owner = conditionNode)) =
truehGroup:exit.exclusiveGroup = none⊢ ∃ index, none = some (conditionNode, index)
All goals completed! 🐙
conditionNode:NodeIdexit:AdmissionBoundaryPorthCheck:(match exit.exclusiveGroup with
| none => false
| some (owner, _index) => decide (owner = conditionNode)) =
truegroup:NodeId × ℕhGroup:exit.exclusiveGroup = some group⊢ ∃ index, some group = some (conditionNode, index)
cases group with
conditionNode:NodeIdexit:AdmissionBoundaryPorthCheck:(match exit.exclusiveGroup with
| none => false
| some (owner, _index) => decide (owner = conditionNode)) =
trueowner:NodeIdindex:ℕhGroup:exit.exclusiveGroup = some (owner, index)⊢ ∃ index_1, some (owner, index) = some (conditionNode, index_1)
have hOwner : owner = conditionNode := conditionNode:NodeIdexit:AdmissionBoundaryPorthCheck:selectExitOwnedByConditionCheck conditionNode exit = true⊢ ∃ index, exit.exclusiveGroup = some (conditionNode, index)
have hOwnerCheck : decide (owner = conditionNode) = true := conditionNode:NodeIdexit:AdmissionBoundaryPorthCheck:selectExitOwnedByConditionCheck conditionNode exit = true⊢ ∃ index, exit.exclusiveGroup = some (conditionNode, index)
All goals completed! 🐙
All goals completed! 🐙
exact ⟨index, conditionNode:NodeIdexit:AdmissionBoundaryPorthCheck:(match exit.exclusiveGroup with
| none => false
| some (owner, _index) => decide (owner = conditionNode)) =
trueowner:NodeIdindex:ℕhGroup:exit.exclusiveGroup = some (owner, index)hOwner:owner = conditionNode⊢ some (owner, index) = some (conditionNode, index) All goals completed! 🐙⟩Serialized condition-owned exits are accepted by the boolean owner check.
theorem selectExitOwnedByConditionCheck_complete
{conditionNode : NodeId}
{exit : AdmissionBoundaryPort}
(hGroup : ∃ index, exit.exclusiveGroup = some (conditionNode, index)) :
selectExitOwnedByConditionCheck conditionNode exit = true := conditionNode:NodeIdexit:AdmissionBoundaryPorthGroup:∃ index, exit.exclusiveGroup = some (conditionNode, index)⊢ selectExitOwnedByConditionCheck conditionNode exit = true
conditionNode:NodeIdexit:AdmissionBoundaryPortindex:ℕhGroupEq:exit.exclusiveGroup = some (conditionNode, index)⊢ selectExitOwnedByConditionCheck conditionNode exit = true
conditionNode:NodeIdexit:AdmissionBoundaryPortindex:ℕhGroupEq:exit.exclusiveGroup = some (conditionNode, index)⊢ (match exit.exclusiveGroup with
| none => false
| some (owner, _index) => decide (owner = conditionNode)) =
true
conditionNode:NodeIdexit:AdmissionBoundaryPortindex:ℕhGroupEq:exit.exclusiveGroup = some (conditionNode, index)⊢ (match some (conditionNode, index) with
| none => false
| some (owner, _index) => decide (owner = conditionNode)) =
true
All goals completed! 🐙
Boolean check that a finite list contains exactly one row satisfying matchCheck.
def uniqueBoolCheck
{α : Type}
[DecidableEq α]
(items : List α)
(matchCheck : α → Bool) :
Bool :=
match items.find? matchCheck with
| none => false
| some selected =>
Check.allDecide items fun item =>
matchCheck item = true → item = selected
List.find? over a boolean predicate returns an item from the scanned list.
theorem find?_bool_mem
{α : Type}
{items : List α}
{matchCheck : α → Bool}
{selected : α}
(hFind : items.find? matchCheck = some selected) :
selected ∈ items ∧ matchCheck selected = true := α:Typeitems:List αmatchCheck:α → Boolselected:αhFind:List.find? matchCheck items = some selected⊢ selected ∈ items ∧ matchCheck selected = true
induction items with
α:TypematchCheck:α → Boolselected:αhFind:List.find? matchCheck [] = some selected⊢ selected ∈ [] ∧ matchCheck selected = true
All goals completed! 🐙
α:TypematchCheck:α → Boolselected:αhead:αtail:List αih:List.find? matchCheck tail = some selected → selected ∈ tail ∧ matchCheck selected = truehFind:List.find? matchCheck (head :: tail) = some selected⊢ selected ∈ head :: tail ∧ matchCheck selected = true
α:TypematchCheck:α → Boolselected:αhead:αtail:List αih:List.find? matchCheck tail = some selected → selected ∈ tail ∧ matchCheck selected = truehFind:(match matchCheck head with
| true => some head
| false => List.find? matchCheck tail) =
some selected⊢ selected ∈ head :: tail ∧ matchCheck selected = true
cases hHead : matchCheck head with
α:TypematchCheck:α → Boolselected:αhead:αtail:List αih:List.find? matchCheck tail = some selected → selected ∈ tail ∧ matchCheck selected = truehFind:(match matchCheck head with
| true => some head
| false => List.find? matchCheck tail) =
some selectedhHead:matchCheck head = false⊢ selected ∈ head :: tail ∧ matchCheck selected = true
α:TypematchCheck:α → Boolselected:αhead:αtail:List αih:List.find? matchCheck tail = some selected → selected ∈ tail ∧ matchCheck selected = truehFind:(match false with
| true => some head
| false => List.find? matchCheck tail) =
some selectedhHead:matchCheck head = false⊢ selected ∈ head :: tail ∧ matchCheck selected = true
α:TypematchCheck:α → Boolselected:αhead:αtail:List αih:List.find? matchCheck tail = some selected → selected ∈ tail ∧ matchCheck selected = truehFind:(match false with
| true => some head
| false => List.find? matchCheck tail) =
some selectedhHead:matchCheck head = falsehTail:selected ∈ tail ∧ matchCheck selected = true⊢ selected ∈ head :: tail ∧ matchCheck selected = true
All goals completed! 🐙
α:TypematchCheck:α → Boolselected:αhead:αtail:List αih:List.find? matchCheck tail = some selected → selected ∈ tail ∧ matchCheck selected = truehFind:(match matchCheck head with
| true => some head
| false => List.find? matchCheck tail) =
some selectedhHead:matchCheck head = true⊢ selected ∈ head :: tail ∧ matchCheck selected = true
α:TypematchCheck:α → Boolselected:αhead:αtail:List αih:List.find? matchCheck tail = some selected → selected ∈ tail ∧ matchCheck selected = truehFind:(match true with
| true => some head
| false => List.find? matchCheck tail) =
some selectedhHead:matchCheck head = true⊢ selected ∈ head :: tail ∧ matchCheck selected = true
α:TypematchCheck:α → Boolselected:αtail:List αih:List.find? matchCheck tail = some selected → selected ∈ tail ∧ matchCheck selected = truehHead:matchCheck selected = true⊢ selected ∈ selected :: tail ∧ matchCheck selected = true
All goals completed! 🐙Successful finite uniqueness checking returns the unique matched item.
theorem uniqueBoolCheck_sound
{α : Type}
[DecidableEq α]
{items : List α}
{matchCheck : α → Bool}
(hCheck : uniqueBoolCheck items matchCheck = true) :
∃ selected, selected ∈ items ∧ matchCheck selected = true ∧
∀ item, item ∈ items → matchCheck item = true → item = selected := α:Typeinst✝:DecidableEq αitems:List αmatchCheck:α → BoolhCheck:uniqueBoolCheck items matchCheck = true⊢ ∃ selected ∈ items, matchCheck selected = true ∧ ∀ item ∈ items, matchCheck item = true → item = selected
α:Typeinst✝:DecidableEq αitems:List αmatchCheck:α → BoolhCheck:(match List.find? matchCheck items with
| none => false
| some selected => Check.allDecide items fun item => matchCheck item = true → item = selected) =
true⊢ ∃ selected ∈ items, matchCheck selected = true ∧ ∀ item ∈ items, matchCheck item = true → item = selected
cases hFind : items.find? matchCheck with
α:Typeinst✝:DecidableEq αitems:List αmatchCheck:α → BoolhCheck:(match List.find? matchCheck items with
| none => false
| some selected => Check.allDecide items fun item => matchCheck item = true → item = selected) =
truehFind:List.find? matchCheck items = none⊢ ∃ selected ∈ items, matchCheck selected = true ∧ ∀ item ∈ items, matchCheck item = true → item = selected
α:Typeinst✝:DecidableEq αitems:List αmatchCheck:α → BoolhCheck:(match none with
| none => false
| some selected => Check.allDecide items fun item => matchCheck item = true → item = selected) =
truehFind:List.find? matchCheck items = none⊢ ∃ selected ∈ items, matchCheck selected = true ∧ ∀ item ∈ items, matchCheck item = true → item = selected
All goals completed! 🐙
α:Typeinst✝:DecidableEq αitems:List αmatchCheck:α → BoolhCheck:(match List.find? matchCheck items with
| none => false
| some selected => Check.allDecide items fun item => matchCheck item = true → item = selected) =
trueselected:αhFind:List.find? matchCheck items = some selected⊢ ∃ selected ∈ items, matchCheck selected = true ∧ ∀ item ∈ items, matchCheck item = true → item = selected
α:Typeinst✝:DecidableEq αitems:List αmatchCheck:α → Boolselected:αhCheck:(match some selected with
| none => false
| some selected => Check.allDecide items fun item => matchCheck item = true → item = selected) =
truehFind:List.find? matchCheck items = some selected⊢ ∃ selected ∈ items, matchCheck selected = true ∧ ∀ item ∈ items, matchCheck item = true → item = selected
α:Typeinst✝:DecidableEq αitems:List αmatchCheck:α → Boolselected:αhCheck:(match some selected with
| none => false
| some selected => Check.allDecide items fun item => matchCheck item = true → item = selected) =
truehFind:List.find? matchCheck items = some selectedhSelected:selected ∈ items ∧ matchCheck selected = true⊢ ∃ selected ∈ items, matchCheck selected = true ∧ ∀ item ∈ items, matchCheck item = true → item = selected
All goals completed! 🐙Boolean predicate for a variant-compatible select bridge entry.
def selectBridgeEntryMatchCheck
(variant : SelectVariantArtifact)
(entry : AdmissionBoundaryPort) :
Bool :=
decide (variant.port.CompatibleWith entry)Executable checker for unique select bridge entries.
def selectBridgeEntryUniqueCheck
(variant : SelectVariantArtifact)
(entries : List AdmissionBoundaryPort) :
Bool :=
uniqueBoolCheck entries (selectBridgeEntryMatchCheck variant)
Successful bridge-entry uniqueness checking proves SelectBridgeEntryUnique.
theorem selectBridgeEntryUniqueCheck_sound
{variant : SelectVariantArtifact}
{entries : List AdmissionBoundaryPort}
(hCheck : selectBridgeEntryUniqueCheck variant entries = true) :
SelectBridgeEntryUnique variant entries := variant:SelectVariantArtifactentries:List AdmissionBoundaryPorthCheck:selectBridgeEntryUniqueCheck variant entries = true⊢ SelectBridgeEntryUnique variant entries
variant:SelectVariantArtifactentries:List AdmissionBoundaryPorthCheck:selectBridgeEntryUniqueCheck variant entries = trueentry:AdmissionBoundaryPorthEntry:entry ∈ entrieshMatch:selectBridgeEntryMatchCheck variant entry = truehUnique:∀ item ∈ entries, selectBridgeEntryMatchCheck variant item = true → item = entry⊢ SelectBridgeEntryUnique variant entries
variant:SelectVariantArtifactentries:List AdmissionBoundaryPorthCheck:selectBridgeEntryUniqueCheck variant entries = trueentry:AdmissionBoundaryPorthEntry:entry ∈ entrieshMatch:selectBridgeEntryMatchCheck variant entry = truehUnique:∀ item ∈ entries, selectBridgeEntryMatchCheck variant item = true → item = entryhCompatible:variant.port.CompatibleWith entry⊢ SelectBridgeEntryUnique variant entries
All goals completed! 🐙Boolean predicate for a variant-compatible, condition-owned select bridge exit.
def selectBridgeInternalExitMatchCheck
(conditionNode : NodeId)
(variant : SelectVariantArtifact)
(exit : AdmissionBoundaryPort) :
Bool :=
decide (variant.port.CompatibleWith exit) &&
selectExitOwnedByConditionCheck conditionNode exitExecutable checker for unique select internal branch-choice exits.
def selectBridgeInternalExitUniqueCheck
(conditionNode : NodeId)
(variant : SelectVariantArtifact)
(exits : List AdmissionBoundaryPort) :
Bool :=
uniqueBoolCheck exits
(selectBridgeInternalExitMatchCheck conditionNode variant)
Successful internal-exit uniqueness checking proves SelectBridgeInternalExitUnique.
theorem selectBridgeInternalExitUniqueCheck_sound
{conditionNode : NodeId}
{variant : SelectVariantArtifact}
{exits : List AdmissionBoundaryPort}
(hCheck :
selectBridgeInternalExitUniqueCheck conditionNode variant exits = true) :
SelectBridgeInternalExitUnique conditionNode variant exits := conditionNode:NodeIdvariant:SelectVariantArtifactexits:List AdmissionBoundaryPorthCheck:selectBridgeInternalExitUniqueCheck conditionNode variant exits = true⊢ SelectBridgeInternalExitUnique conditionNode variant exits
conditionNode:NodeIdvariant:SelectVariantArtifactexits:List AdmissionBoundaryPorthCheck:selectBridgeInternalExitUniqueCheck conditionNode variant exits = trueexit:AdmissionBoundaryPorthExit:exit ∈ exitshMatch:selectBridgeInternalExitMatchCheck conditionNode variant exit = truehUnique:∀ item ∈ exits, selectBridgeInternalExitMatchCheck conditionNode variant item = true → item = exit⊢ SelectBridgeInternalExitUnique conditionNode variant exits
conditionNode:NodeIdvariant:SelectVariantArtifactexits:List AdmissionBoundaryPorthCheck:selectBridgeInternalExitUniqueCheck conditionNode variant exits = trueexit:AdmissionBoundaryPorthExit:exit ∈ exitshMatch:(decide (variant.port.CompatibleWith exit) && selectExitOwnedByConditionCheck conditionNode exit) = truehUnique:∀ item ∈ exits, selectBridgeInternalExitMatchCheck conditionNode variant item = true → item = exit⊢ SelectBridgeInternalExitUnique conditionNode variant exits
conditionNode:NodeIdvariant:SelectVariantArtifactexits:List AdmissionBoundaryPorthCheck:selectBridgeInternalExitUniqueCheck conditionNode variant exits = trueexit:AdmissionBoundaryPorthExit:exit ∈ exitshMatch:decide (variant.port.CompatibleWith exit) = true ∧ selectExitOwnedByConditionCheck conditionNode exit = truehUnique:∀ item ∈ exits, selectBridgeInternalExitMatchCheck conditionNode variant item = true → item = exit⊢ SelectBridgeInternalExitUnique conditionNode variant exits
conditionNode:NodeIdvariant:SelectVariantArtifactexits:List AdmissionBoundaryPorthCheck:selectBridgeInternalExitUniqueCheck conditionNode variant exits = trueexit:AdmissionBoundaryPorthExit:exit ∈ exitshMatch:decide (variant.port.CompatibleWith exit) = true ∧ selectExitOwnedByConditionCheck conditionNode exit = truehUnique:∀ item ∈ exits, selectBridgeInternalExitMatchCheck conditionNode variant item = true → item = exithCompatible:variant.port.CompatibleWith exit⊢ SelectBridgeInternalExitUnique conditionNode variant exits
conditionNode:NodeIdvariant:SelectVariantArtifactexits:List AdmissionBoundaryPorthCheck:selectBridgeInternalExitUniqueCheck conditionNode variant exits = trueexit:AdmissionBoundaryPorthExit:exit ∈ exitshMatch:decide (variant.port.CompatibleWith exit) = true ∧ selectExitOwnedByConditionCheck conditionNode exit = truehUnique:∀ item ∈ exits, selectBridgeInternalExitMatchCheck conditionNode variant item = true → item = exithCompatible:variant.port.CompatibleWith exithGroup:∃ index, exit.exclusiveGroup = some (conditionNode, index)⊢ SelectBridgeInternalExitUnique conditionNode variant exits
exact
⟨ exit
, hExit
, hCompatible
, hGroup
, fun other hOther hOtherCompatible hOtherGroup =>
hUnique other hOther (conditionNode:NodeIdvariant:SelectVariantArtifactexits:List AdmissionBoundaryPorthCheck:selectBridgeInternalExitUniqueCheck conditionNode variant exits = trueexit:AdmissionBoundaryPorthExit:exit ∈ exitshMatch:decide (variant.port.CompatibleWith exit) = true ∧ selectExitOwnedByConditionCheck conditionNode exit = truehUnique:∀ item ∈ exits, selectBridgeInternalExitMatchCheck conditionNode variant item = true → item = exithCompatible:variant.port.CompatibleWith exithGroup:∃ index, exit.exclusiveGroup = some (conditionNode, index)other:AdmissionBoundaryPorthOther:other ∈ exitshOtherCompatible:variant.port.CompatibleWith otherhOtherGroup:∃ index, other.exclusiveGroup = some (conditionNode, index)⊢ selectBridgeInternalExitMatchCheck conditionNode variant other = true
conditionNode:NodeIdvariant:SelectVariantArtifactexits:List AdmissionBoundaryPorthCheck:selectBridgeInternalExitUniqueCheck conditionNode variant exits = trueexit:AdmissionBoundaryPorthExit:exit ∈ exitshMatch:decide (variant.port.CompatibleWith exit) = true ∧ selectExitOwnedByConditionCheck conditionNode exit = truehUnique:∀ item ∈ exits, selectBridgeInternalExitMatchCheck conditionNode variant item = true → item = exithCompatible:variant.port.CompatibleWith exithGroup:∃ index, exit.exclusiveGroup = some (conditionNode, index)other:AdmissionBoundaryPorthOther:other ∈ exitshOtherCompatible:variant.port.CompatibleWith otherhOtherGroup:∃ index, other.exclusiveGroup = some (conditionNode, index)⊢ (decide (variant.port.CompatibleWith other) && selectExitOwnedByConditionCheck conditionNode other) = true
conditionNode:NodeIdvariant:SelectVariantArtifactexits:List AdmissionBoundaryPorthCheck:selectBridgeInternalExitUniqueCheck conditionNode variant exits = trueexit:AdmissionBoundaryPorthExit:exit ∈ exitshMatch:decide (variant.port.CompatibleWith exit) = true ∧ selectExitOwnedByConditionCheck conditionNode exit = truehUnique:∀ item ∈ exits, selectBridgeInternalExitMatchCheck conditionNode variant item = true → item = exithCompatible:variant.port.CompatibleWith exithGroup:∃ index, exit.exclusiveGroup = some (conditionNode, index)other:AdmissionBoundaryPorthOther:other ∈ exitshOtherCompatible:variant.port.CompatibleWith otherhOtherGroup:∃ index, other.exclusiveGroup = some (conditionNode, index)⊢ decide (variant.port.CompatibleWith other) = true ∧ selectExitOwnedByConditionCheck conditionNode other = true
All goals completed! 🐙)
⟩Row checker for one select condition-node primitive frontier row.
def selectBridgeFrontiersPrimitiveStepCheck
(selectAdmission : SelectAdmissionArtifact) :
PrimitiveGraphStep → Bool
| PrimitiveGraphStep.node node _entries exits =>
decide (node = selectAdmission.conditionNode) &&
Check.allBool selectAdmission.variants fun variant =>
selectBridgeEntryUniqueCheck variant _entries &&
selectBridgeInternalExitUniqueCheck
selectAdmission.conditionNode variant exits
| PrimitiveGraphStep.empty =>
false
| PrimitiveGraphStep.bindingRef _binding =>
false
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings =>
false
| PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs
_unmatchedLeftExits _unmatchedRightEntries =>
falseExecutable checker for one select row's primitive bridge frontier backing.
def selectBridgeFrontiersBackedByPrimitiveRowCheck
(artifact : WireAdmissionArtifact)
(selectAdmission : SelectAdmissionArtifact) :
Bool :=
artifact.primitiveSteps.any
(selectBridgeFrontiersPrimitiveStepCheck selectAdmission)Successful row checking proves primitive bridge frontier backing for one select row.
theorem selectBridgeFrontiersBackedByPrimitiveRowCheck_sound
{artifact : WireAdmissionArtifact}
{selectAdmission : SelectAdmissionArtifact}
(hCheck :
selectBridgeFrontiersBackedByPrimitiveRowCheck artifact selectAdmission = true) :
∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈
artifact.primitiveSteps ∧
∀ variant, variant ∈ selectAdmission.variants →
SelectBridgeEntryUnique variant entries ∧
SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits := artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.selectBridgeFrontiersBackedByPrimitiveRowCheck selectAdmission = true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ variant ∈ selectAdmission.variants,
SelectBridgeEntryUnique variant entries ∧
SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ variant ∈ selectAdmission.variants,
SelectBridgeEntryUnique variant entries ∧
SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = trueprimitiveStep:PrimitiveGraphStephPrimitiveStep:primitiveStep ∈ artifact.primitiveStepshPrimitiveCheck:selectBridgeFrontiersPrimitiveStepCheck selectAdmission primitiveStep = true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ variant ∈ selectAdmission.variants,
SelectBridgeEntryUnique variant entries ∧
SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits
cases primitiveStep with
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = truehPrimitiveStep:PrimitiveGraphStep.empty ∈ artifact.primitiveStepshPrimitiveCheck:selectBridgeFrontiersPrimitiveStepCheck selectAdmission PrimitiveGraphStep.empty = true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ variant ∈ selectAdmission.variants,
SelectBridgeEntryUnique variant entries ∧
SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits
All goals completed! 🐙
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = true_binding:BindingNamehPrimitiveStep:PrimitiveGraphStep.bindingRef _binding ∈ artifact.primitiveStepshPrimitiveCheck:selectBridgeFrontiersPrimitiveStepCheck selectAdmission (PrimitiveGraphStep.bindingRef _binding) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ variant ∈ selectAdmission.variants,
SelectBridgeEntryUnique variant entries ∧
SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits
All goals completed! 🐙
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = true_leftNodes:List NodeId_rightNodes:List NodeId_leftBindings:List BindingName_rightBindings:List BindingNamehPrimitiveStep:PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings ∈ artifact.primitiveStepshPrimitiveCheck:selectBridgeFrontiersPrimitiveStepCheck selectAdmission
(PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ variant ∈ selectAdmission.variants,
SelectBridgeEntryUnique variant entries ∧
SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits
All goals completed! 🐙
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = true_leftExits:List AdmissionBoundaryPort_rightEntries:List AdmissionBoundaryPort_matchedPairs:List AdmissionConnection_unmatchedLeftExits:List AdmissionBoundaryPort_unmatchedRightEntries:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries ∈
artifact.primitiveStepshPrimitiveCheck:selectBridgeFrontiersPrimitiveStepCheck selectAdmission
(PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ variant ∈ selectAdmission.variants,
SelectBridgeEntryUnique variant entries ∧
SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits
All goals completed! 🐙
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:selectBridgeFrontiersPrimitiveStepCheck selectAdmission (PrimitiveGraphStep.node primitiveNode entries exits) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ variant ∈ selectAdmission.variants,
SelectBridgeEntryUnique variant entries ∧
SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:(match PrimitiveGraphStep.node primitiveNode entries exits with
| PrimitiveGraphStep.node node _entries exits =>
decide (node = selectAdmission.conditionNode) &&
Check.allBool selectAdmission.variants fun variant =>
selectBridgeEntryUniqueCheck variant _entries &&
selectBridgeInternalExitUniqueCheck selectAdmission.conditionNode variant exits
| PrimitiveGraphStep.empty => false
| PrimitiveGraphStep.bindingRef _binding => false
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings => false
| PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries =>
false) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ variant ∈ selectAdmission.variants,
SelectBridgeEntryUnique variant entries ∧
SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.variants fun variant =>
selectBridgeEntryUniqueCheck variant entries &&
selectBridgeInternalExitUniqueCheck selectAdmission.conditionNode variant exits) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ variant ∈ selectAdmission.variants,
SelectBridgeEntryUnique variant entries ∧
SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.variants fun variant =>
selectBridgeEntryUniqueCheck variant entries &&
selectBridgeInternalExitUniqueCheck selectAdmission.conditionNode variant exits) =
truehNode:primitiveNode = selectAdmission.conditionNode⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ variant ∈ selectAdmission.variants,
SelectBridgeEntryUnique variant entries ∧
SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.variants fun variant =>
selectBridgeEntryUniqueCheck variant entries &&
selectBridgeInternalExitUniqueCheck selectAdmission.conditionNode variant exits) =
truehNode:primitiveNode = selectAdmission.conditionNode⊢ PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveStepsartifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.variants fun variant =>
selectBridgeEntryUniqueCheck variant entries &&
selectBridgeInternalExitUniqueCheck selectAdmission.conditionNode variant exits) =
truehNode:primitiveNode = selectAdmission.conditionNode⊢ ∀ variant ∈ selectAdmission.variants,
SelectBridgeEntryUnique variant entries ∧ SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.variants fun variant =>
selectBridgeEntryUniqueCheck variant entries &&
selectBridgeInternalExitUniqueCheck selectAdmission.conditionNode variant exits) =
truehNode:primitiveNode = selectAdmission.conditionNode⊢ PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps All goals completed! 🐙
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.variants fun variant =>
selectBridgeEntryUniqueCheck variant entries &&
selectBridgeInternalExitUniqueCheck selectAdmission.conditionNode variant exits) =
truehNode:primitiveNode = selectAdmission.conditionNode⊢ ∀ variant ∈ selectAdmission.variants,
SelectBridgeEntryUnique variant entries ∧ SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits intro variant artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.variants fun variant =>
selectBridgeEntryUniqueCheck variant entries &&
selectBridgeInternalExitUniqueCheck selectAdmission.conditionNode variant exits) =
truehNode:primitiveNode = selectAdmission.conditionNodevariant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variants⊢ SelectBridgeEntryUnique variant entries ∧ SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits
have hVariantCheck :=
Check.allBool_sound hPrimitiveCheck.right
(fun checkedVariant _ hCheck =>
show
SelectBridgeEntryUnique checkedVariant entries ∧
SelectBridgeInternalExitUnique
selectAdmission.conditionNode checkedVariant exits
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.selectBridgeFrontiersBackedByPrimitiveRowCheck selectAdmission = true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ variant ∈ selectAdmission.variants,
SelectBridgeEntryUnique variant entries ∧
SelectBridgeInternalExitUnique selectAdmission.conditionNode variant exits
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck✝:artifact.primitiveSteps.any (selectBridgeFrontiersPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.variants fun variant =>
selectBridgeEntryUniqueCheck variant entries &&
selectBridgeInternalExitUniqueCheck selectAdmission.conditionNode variant exits) =
truehNode:primitiveNode = selectAdmission.conditionNodevariant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantscheckedVariant:SelectVariantArtifactx✝:checkedVariant ∈ selectAdmission.variantshCheck:selectBridgeEntryUniqueCheck checkedVariant entries = true ∧
selectBridgeInternalExitUniqueCheck selectAdmission.conditionNode checkedVariant exits = true⊢ SelectBridgeEntryUnique checkedVariant entries ∧
SelectBridgeInternalExitUnique selectAdmission.conditionNode checkedVariant exits
All goals completed! 🐙)
variant hVariant
All goals completed! 🐙Executable checker for primitive backing of all select condition bridge frontiers.
def selectBridgeFrontiersBackedByPrimitiveCheck
(artifact : WireAdmissionArtifact) :
Bool :=
Check.allBool artifact.selects
(selectBridgeFrontiersBackedByPrimitiveRowCheck artifact)
Successful select bridge-frontier checking proves SelectBridgeFrontiersBackedByPrimitive.
theorem selectBridgeFrontiersBackedByPrimitiveCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.selectBridgeFrontiersBackedByPrimitiveCheck = true) :
artifact.SelectBridgeFrontiersBackedByPrimitive :=
Check.allBool_sound hCheck
(fun _selectAdmission _ hSelect =>
selectBridgeFrontiersBackedByPrimitiveRowCheck_sound hSelect)Row checker for condition-node bridge entries being consumed by primitive replay.
def selectBridgeEntriesConsumedPrimitiveStepCheck
(artifact : WireAdmissionArtifact)
(selectAdmission : SelectAdmissionArtifact) :
PrimitiveGraphStep → Bool
| PrimitiveGraphStep.node node entries _exits =>
if node = selectAdmission.conditionNode then
let matchedConnections :=
PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps
Check.allBool selectAdmission.variants fun variant =>
Check.allDecide entries fun entry =>
variant.port.CompatibleWith entry →
{ fromPort := variant.port, toPort := entry } ∈ matchedConnections
else
true
| PrimitiveGraphStep.empty =>
true
| PrimitiveGraphStep.bindingRef _binding =>
true
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings =>
true
| PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs
_unmatchedLeftExits _unmatchedRightEntries =>
trueExecutable checker for consumed select bridge entries.
def selectBridgeEntriesConsumedCheck (artifact : WireAdmissionArtifact) : Bool :=
Check.allBool artifact.selects fun selectAdmission =>
Check.allBool artifact.primitiveSteps
(selectBridgeEntriesConsumedPrimitiveStepCheck artifact selectAdmission)
Successful select bridge-entry consumption checking proves SelectBridgeEntriesConsumed.
theorem selectBridgeEntriesConsumedCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.selectBridgeEntriesConsumedCheck = true) :
artifact.SelectBridgeEntriesConsumed := artifact:WireAdmissionArtifacthCheck:artifact.selectBridgeEntriesConsumedCheck = true⊢ artifact.SelectBridgeEntriesConsumed
intro selectAdmission artifact:WireAdmissionArtifacthCheck:artifact.selectBridgeEntriesConsumedCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selects⊢ ∀ (entries exits : List AdmissionBoundaryPort),
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps →
∀ variant ∈ selectAdmission.variants,
∀ entry ∈ entries,
variant.port.CompatibleWith entry →
{ fromPort := variant.port, toPort := entry } ∈
PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps artifact:WireAdmissionArtifacthCheck:artifact.selectBridgeEntriesConsumedCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsentries:List AdmissionBoundaryPort⊢ ∀ (exits : List AdmissionBoundaryPort),
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps →
∀ variant ∈ selectAdmission.variants,
∀ entry ∈ entries,
variant.port.CompatibleWith entry →
{ fromPort := variant.port, toPort := entry } ∈
PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps artifact:WireAdmissionArtifacthCheck:artifact.selectBridgeEntriesConsumedCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPort⊢ PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps →
∀ variant ∈ selectAdmission.variants,
∀ entry ∈ entries,
variant.port.CompatibleWith entry →
{ fromPort := variant.port, toPort := entry } ∈
PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps artifact:WireAdmissionArtifacthCheck:artifact.selectBridgeEntriesConsumedCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthNode:PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps⊢ ∀ variant ∈ selectAdmission.variants,
∀ entry ∈ entries,
variant.port.CompatibleWith entry →
{ fromPort := variant.port, toPort := entry } ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps artifact:WireAdmissionArtifacthCheck:artifact.selectBridgeEntriesConsumedCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthNode:PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveStepsvariant:SelectVariantArtifact⊢ variant ∈ selectAdmission.variants →
∀ entry ∈ entries,
variant.port.CompatibleWith entry →
{ fromPort := variant.port, toPort := entry } ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps artifact:WireAdmissionArtifacthCheck:artifact.selectBridgeEntriesConsumedCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthNode:PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveStepsvariant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variants⊢ ∀ entry ∈ entries,
variant.port.CompatibleWith entry →
{ fromPort := variant.port, toPort := entry } ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps artifact:WireAdmissionArtifacthCheck:artifact.selectBridgeEntriesConsumedCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthNode:PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveStepsvariant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantsentry:AdmissionBoundaryPort⊢ entry ∈ entries →
variant.port.CompatibleWith entry →
{ fromPort := variant.port, toPort := entry } ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps artifact:WireAdmissionArtifacthCheck:artifact.selectBridgeEntriesConsumedCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthNode:PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveStepsvariant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantsentry:AdmissionBoundaryPorthEntry:entry ∈ entries⊢ variant.port.CompatibleWith entry →
{ fromPort := variant.port, toPort := entry } ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps
artifact:WireAdmissionArtifacthCheck:artifact.selectBridgeEntriesConsumedCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthNode:PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveStepsvariant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantsentry:AdmissionBoundaryPorthEntry:entry ∈ entrieshCompatible:variant.port.CompatibleWith entry⊢ { fromPort := variant.port, toPort := entry } ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps
have hSelectCheck :=
Check.allBool_sound hCheck
(fun checkedSelect _ hCheckedSelect =>
Check.allBool_sound hCheckedSelect
(fun primitiveStep _ hPrimitiveStep =>
show
selectBridgeEntriesConsumedPrimitiveStepCheck
artifact checkedSelect primitiveStep = true artifact:WireAdmissionArtifacthCheck:artifact.selectBridgeEntriesConsumedCheck = true⊢ artifact.SelectBridgeEntriesConsumed
All goals completed! 🐙))
selectAdmission hSelect
artifact:WireAdmissionArtifacthCheck:artifact.selectBridgeEntriesConsumedCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthNode:PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveStepsvariant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantsentry:AdmissionBoundaryPorthEntry:entry ∈ entrieshCompatible:variant.port.CompatibleWith entryhSelectCheck:∀ item ∈ artifact.primitiveSteps, artifact.selectBridgeEntriesConsumedPrimitiveStepCheck selectAdmission item = truehStepCheck:artifact.selectBridgeEntriesConsumedPrimitiveStepCheck selectAdmission
(PrimitiveGraphStep.node selectAdmission.conditionNode entries exits) =
true⊢ { fromPort := variant.port, toPort := entry } ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps
artifact:WireAdmissionArtifacthCheck:artifact.selectBridgeEntriesConsumedCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthNode:PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveStepsvariant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantsentry:AdmissionBoundaryPorthEntry:entry ∈ entrieshCompatible:variant.port.CompatibleWith entryhSelectCheck:∀ item ∈ artifact.primitiveSteps, artifact.selectBridgeEntriesConsumedPrimitiveStepCheck selectAdmission item = truehStepCheck:(match PrimitiveGraphStep.node selectAdmission.conditionNode entries exits with
| PrimitiveGraphStep.node node entries _exits =>
if node = selectAdmission.conditionNode then
have matchedConnections := PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps;
Check.allBool selectAdmission.variants fun variant =>
Check.allDecide entries fun entry =>
variant.port.CompatibleWith entry → { fromPort := variant.port, toPort := entry } ∈ matchedConnections
else true
| PrimitiveGraphStep.empty => true
| PrimitiveGraphStep.bindingRef _binding => true
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings => true
| PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries =>
true) =
true⊢ { fromPort := variant.port, toPort := entry } ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps
artifact:WireAdmissionArtifacthCheck:artifact.selectBridgeEntriesConsumedCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthNode:PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveStepsvariant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantsentry:AdmissionBoundaryPorthEntry:entry ∈ entrieshCompatible:variant.port.CompatibleWith entryhSelectCheck:∀ item ∈ artifact.primitiveSteps, artifact.selectBridgeEntriesConsumedPrimitiveStepCheck selectAdmission item = truehStepCheck:(Check.allBool selectAdmission.variants fun variant =>
Check.allDecide entries fun entry =>
variant.port.CompatibleWith entry →
{ fromPort := variant.port, toPort := entry } ∈
PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps) =
true⊢ { fromPort := variant.port, toPort := entry } ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps
artifact:WireAdmissionArtifacthCheck:artifact.selectBridgeEntriesConsumedCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthNode:PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveStepsvariant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantsentry:AdmissionBoundaryPorthEntry:entry ∈ entrieshCompatible:variant.port.CompatibleWith entryhSelectCheck:∀ item ∈ artifact.primitiveSteps, artifact.selectBridgeEntriesConsumedPrimitiveStepCheck selectAdmission item = truehStepCheck:(Check.allBool selectAdmission.variants fun variant =>
Check.allDecide entries fun entry =>
variant.port.CompatibleWith entry →
{ fromPort := variant.port, toPort := entry } ∈
PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps) =
truehVariantCheck:∀ item ∈ entries,
variant.port.CompatibleWith item →
{ fromPort := variant.port, toPort := item } ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps⊢ { fromPort := variant.port, toPort := entry } ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps
All goals completed! 🐙Executable checker for the select identity-arm bridge-output branch.
def selectArmIdentityBodyShapeCheck
(selectAdmission : SelectAdmissionArtifact)
(exits : List AdmissionBoundaryPort)
(arm : SelectArmAdmissionArtifact)
(variant : SelectVariantArtifact) :
Bool :=
decide (arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) &&
decide
(SelectConditionBridgeOutputShapes selectAdmission exits =
[variant.port.identityOutputShape])Successful identity-arm shape checking proves the identity branch.
theorem selectArmIdentityBodyShapeCheck_sound
{selectAdmission : SelectAdmissionArtifact}
{exits : List AdmissionBoundaryPort}
{arm : SelectArmAdmissionArtifact}
{variant : SelectVariantArtifact}
(hCheck :
selectArmIdentityBodyShapeCheck selectAdmission exits arm variant = true) :
(arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits =
[variant.port.identityOutputShape] := selectAdmission:SelectAdmissionArtifactexits:List AdmissionBoundaryPortarm:SelectArmAdmissionArtifactvariant:SelectVariantArtifacthCheck:selectArmIdentityBodyShapeCheck selectAdmission exits arm variant = true⊢ (arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape]
selectAdmission:SelectAdmissionArtifactexits:List AdmissionBoundaryPortarm:SelectArmAdmissionArtifactvariant:SelectVariantArtifacthCheck:(decide (arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) &&
decide (SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape])) =
true⊢ (arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape]
selectAdmission:SelectAdmissionArtifactexits:List AdmissionBoundaryPortarm:SelectArmAdmissionArtifactvariant:SelectVariantArtifacthCheck:decide (arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) = true ∧
decide (SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape]) = true⊢ (arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape]
All goals completed! 🐙Executable checker for the non-identity select-arm bridge-output branch.
def selectArmNonIdentityBodyShapeCheck
(selectAdmission : SelectAdmissionArtifact)
(exits : List AdmissionBoundaryPort)
(arm : SelectArmAdmissionArtifact)
(variant : SelectVariantArtifact) :
Bool :=
decide
(arm.bodyEntries.map AdmissionBoundaryPort.compatibilityShape =
[variant.port.compatibilityShape]) &&
Check.permCheck
(arm.bodyExits.map AdmissionBoundaryPort.outputShape)
(SelectConditionBridgeOutputShapes selectAdmission exits)Successful non-identity arm shape checking proves the body-boundary branch.
theorem selectArmNonIdentityBodyShapeCheck_sound
{selectAdmission : SelectAdmissionArtifact}
{exits : List AdmissionBoundaryPort}
{arm : SelectArmAdmissionArtifact}
{variant : SelectVariantArtifact}
(hCheck :
selectArmNonIdentityBodyShapeCheck selectAdmission exits arm variant = true) :
arm.bodyEntries.map AdmissionBoundaryPort.compatibilityShape =
[variant.port.compatibilityShape] ∧
(arm.bodyExits.map AdmissionBoundaryPort.outputShape).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits) := selectAdmission:SelectAdmissionArtifactexits:List AdmissionBoundaryPortarm:SelectArmAdmissionArtifactvariant:SelectVariantArtifacthCheck:selectArmNonIdentityBodyShapeCheck selectAdmission exits arm variant = true⊢ List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits)
selectAdmission:SelectAdmissionArtifactexits:List AdmissionBoundaryPortarm:SelectArmAdmissionArtifactvariant:SelectVariantArtifacthCheck:(decide (List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape]) &&
Check.permCheck (List.map AdmissionBoundaryPort.outputShape arm.bodyExits)
(SelectConditionBridgeOutputShapes selectAdmission exits)) =
true⊢ List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits)
selectAdmission:SelectAdmissionArtifactexits:List AdmissionBoundaryPortarm:SelectArmAdmissionArtifactvariant:SelectVariantArtifacthCheck:decide (List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape]) = true ∧
Check.permCheck (List.map AdmissionBoundaryPort.outputShape arm.bodyExits)
(SelectConditionBridgeOutputShapes selectAdmission exits) =
true⊢ List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits)
All goals completed! 🐙Executable checker for one select arm's body boundary shape.
def selectArmBodyBoundaryShapeCheck
(selectAdmission : SelectAdmissionArtifact)
(exits : List AdmissionBoundaryPort)
(arm : SelectArmAdmissionArtifact)
(variant : SelectVariantArtifact) :
Bool :=
decide (variant.key = arm.canonicalKey) &&
(selectArmIdentityBodyShapeCheck selectAdmission exits arm variant ||
selectArmNonIdentityBodyShapeCheck selectAdmission exits arm variant)Successful arm-boundary shape checking proves the relational branch shape.
theorem selectArmBodyBoundaryShapeCheck_sound
{selectAdmission : SelectAdmissionArtifact}
{exits : List AdmissionBoundaryPort}
{arm : SelectArmAdmissionArtifact}
{variant : SelectVariantArtifact}
(hCheck :
selectArmBodyBoundaryShapeCheck selectAdmission exits arm variant = true) :
variant.key = arm.canonicalKey ∧
(((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits =
[variant.port.identityOutputShape]) ∨
(arm.bodyEntries.map AdmissionBoundaryPort.compatibilityShape =
[variant.port.compatibilityShape] ∧
(arm.bodyExits.map AdmissionBoundaryPort.outputShape).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))) := selectAdmission:SelectAdmissionArtifactexits:List AdmissionBoundaryPortarm:SelectArmAdmissionArtifactvariant:SelectVariantArtifacthCheck:selectArmBodyBoundaryShapeCheck selectAdmission exits arm variant = true⊢ variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
selectAdmission:SelectAdmissionArtifactexits:List AdmissionBoundaryPortarm:SelectArmAdmissionArtifactvariant:SelectVariantArtifacthCheck:(decide (variant.key = arm.canonicalKey) &&
(selectArmIdentityBodyShapeCheck selectAdmission exits arm variant ||
selectArmNonIdentityBodyShapeCheck selectAdmission exits arm variant)) =
true⊢ variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
selectAdmission:SelectAdmissionArtifactexits:List AdmissionBoundaryPortarm:SelectArmAdmissionArtifactvariant:SelectVariantArtifacthCheck:decide (variant.key = arm.canonicalKey) = true ∧
(selectArmIdentityBodyShapeCheck selectAdmission exits arm variant ||
selectArmNonIdentityBodyShapeCheck selectAdmission exits arm variant) =
true⊢ variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
selectAdmission:SelectAdmissionArtifactexits:List AdmissionBoundaryPortarm:SelectArmAdmissionArtifactvariant:SelectVariantArtifacthCheck:decide (variant.key = arm.canonicalKey) = true ∧
(selectArmIdentityBodyShapeCheck selectAdmission exits arm variant ||
selectArmNonIdentityBodyShapeCheck selectAdmission exits arm variant) =
truehKey:variant.key = arm.canonicalKey⊢ variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
cases hIdentity :
selectArmIdentityBodyShapeCheck selectAdmission exits arm variant with
selectAdmission:SelectAdmissionArtifactexits:List AdmissionBoundaryPortarm:SelectArmAdmissionArtifactvariant:SelectVariantArtifacthCheck:decide (variant.key = arm.canonicalKey) = true ∧
(selectArmIdentityBodyShapeCheck selectAdmission exits arm variant ||
selectArmNonIdentityBodyShapeCheck selectAdmission exits arm variant) =
truehKey:variant.key = arm.canonicalKeyhIdentity:selectArmIdentityBodyShapeCheck selectAdmission exits arm variant = true⊢ variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
All goals completed! 🐙
selectAdmission:SelectAdmissionArtifactexits:List AdmissionBoundaryPortarm:SelectArmAdmissionArtifactvariant:SelectVariantArtifacthCheck:decide (variant.key = arm.canonicalKey) = true ∧
(selectArmIdentityBodyShapeCheck selectAdmission exits arm variant ||
selectArmNonIdentityBodyShapeCheck selectAdmission exits arm variant) =
truehKey:variant.key = arm.canonicalKeyhIdentity:selectArmIdentityBodyShapeCheck selectAdmission exits arm variant = false⊢ variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
have hBody :
selectArmNonIdentityBodyShapeCheck selectAdmission exits arm variant =
true := selectAdmission:SelectAdmissionArtifactexits:List AdmissionBoundaryPortarm:SelectArmAdmissionArtifactvariant:SelectVariantArtifacthCheck:selectArmBodyBoundaryShapeCheck selectAdmission exits arm variant = true⊢ variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
All goals completed! 🐙
All goals completed! 🐙Row checker for all select-arm bodies against one condition-node primitive row.
def selectArmBodyBoundariesPrimitiveStepCheck
(selectAdmission : SelectAdmissionArtifact) :
PrimitiveGraphStep → Bool
| PrimitiveGraphStep.node node _entries exits =>
decide (node = selectAdmission.conditionNode) &&
Check.allBool selectAdmission.arms fun arm =>
selectAdmission.variants.any fun variant =>
selectArmBodyBoundaryShapeCheck selectAdmission exits arm variant
| PrimitiveGraphStep.empty =>
false
| PrimitiveGraphStep.bindingRef _binding =>
false
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings =>
false
| PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs
_unmatchedLeftExits _unmatchedRightEntries =>
falseExecutable checker for one select row's latent arm body boundary facts.
def selectArmBodyBoundariesMatchConditionRowCheck
(artifact : WireAdmissionArtifact)
(selectAdmission : SelectAdmissionArtifact) :
Bool :=
artifact.primitiveSteps.any
(selectArmBodyBoundariesPrimitiveStepCheck selectAdmission)Successful row checking proves body-boundary facts for one select row.
theorem selectArmBodyBoundariesMatchConditionRowCheck_sound
{artifact : WireAdmissionArtifact}
{selectAdmission : SelectAdmissionArtifact}
(hCheck :
selectArmBodyBoundariesMatchConditionRowCheck artifact selectAdmission =
true) :
∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈
artifact.primitiveSteps ∧
∀ arm, arm ∈ selectAdmission.arms →
∃ variant, variant ∈ selectAdmission.variants ∧
variant.key = arm.canonicalKey ∧
(((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits =
[variant.port.identityOutputShape]) ∨
(arm.bodyEntries.map AdmissionBoundaryPort.compatibilityShape =
[variant.port.compatibilityShape] ∧
(arm.bodyExits.map AdmissionBoundaryPort.outputShape).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))) := artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.selectArmBodyBoundariesMatchConditionRowCheck selectAdmission = true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ arm ∈ selectAdmission.arms,
∃ variant ∈ selectAdmission.variants,
variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ arm ∈ selectAdmission.arms,
∃ variant ∈ selectAdmission.variants,
variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = trueprimitiveStep:PrimitiveGraphStephPrimitiveStep:primitiveStep ∈ artifact.primitiveStepshPrimitiveCheck:selectArmBodyBoundariesPrimitiveStepCheck selectAdmission primitiveStep = true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ arm ∈ selectAdmission.arms,
∃ variant ∈ selectAdmission.variants,
variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
cases primitiveStep with
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = truehPrimitiveStep:PrimitiveGraphStep.empty ∈ artifact.primitiveStepshPrimitiveCheck:selectArmBodyBoundariesPrimitiveStepCheck selectAdmission PrimitiveGraphStep.empty = true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ arm ∈ selectAdmission.arms,
∃ variant ∈ selectAdmission.variants,
variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
All goals completed! 🐙
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = true_binding:BindingNamehPrimitiveStep:PrimitiveGraphStep.bindingRef _binding ∈ artifact.primitiveStepshPrimitiveCheck:selectArmBodyBoundariesPrimitiveStepCheck selectAdmission (PrimitiveGraphStep.bindingRef _binding) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ arm ∈ selectAdmission.arms,
∃ variant ∈ selectAdmission.variants,
variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
All goals completed! 🐙
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = true_leftNodes:List NodeId_rightNodes:List NodeId_leftBindings:List BindingName_rightBindings:List BindingNamehPrimitiveStep:PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings ∈ artifact.primitiveStepshPrimitiveCheck:selectArmBodyBoundariesPrimitiveStepCheck selectAdmission
(PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ arm ∈ selectAdmission.arms,
∃ variant ∈ selectAdmission.variants,
variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
All goals completed! 🐙
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = true_leftExits:List AdmissionBoundaryPort_rightEntries:List AdmissionBoundaryPort_matchedPairs:List AdmissionConnection_unmatchedLeftExits:List AdmissionBoundaryPort_unmatchedRightEntries:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries ∈
artifact.primitiveStepshPrimitiveCheck:selectArmBodyBoundariesPrimitiveStepCheck selectAdmission
(PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ arm ∈ selectAdmission.arms,
∃ variant ∈ selectAdmission.variants,
variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
All goals completed! 🐙
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:selectArmBodyBoundariesPrimitiveStepCheck selectAdmission (PrimitiveGraphStep.node primitiveNode entries exits) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ arm ∈ selectAdmission.arms,
∃ variant ∈ selectAdmission.variants,
variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:(match PrimitiveGraphStep.node primitiveNode entries exits with
| PrimitiveGraphStep.node node _entries exits =>
decide (node = selectAdmission.conditionNode) &&
Check.allBool selectAdmission.arms fun arm =>
selectAdmission.variants.any fun variant => selectArmBodyBoundaryShapeCheck selectAdmission exits arm variant
| PrimitiveGraphStep.empty => false
| PrimitiveGraphStep.bindingRef _binding => false
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings => false
| PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries =>
false) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ arm ∈ selectAdmission.arms,
∃ variant ∈ selectAdmission.variants,
variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.arms fun arm =>
selectAdmission.variants.any fun variant => selectArmBodyBoundaryShapeCheck selectAdmission exits arm variant) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ arm ∈ selectAdmission.arms,
∃ variant ∈ selectAdmission.variants,
variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.arms fun arm =>
selectAdmission.variants.any fun variant => selectArmBodyBoundaryShapeCheck selectAdmission exits arm variant) =
truehNode:primitiveNode = selectAdmission.conditionNode⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ arm ∈ selectAdmission.arms,
∃ variant ∈ selectAdmission.variants,
variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.arms fun arm =>
selectAdmission.variants.any fun variant => selectArmBodyBoundaryShapeCheck selectAdmission exits arm variant) =
truehNode:primitiveNode = selectAdmission.conditionNode⊢ PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveStepsartifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.arms fun arm =>
selectAdmission.variants.any fun variant => selectArmBodyBoundaryShapeCheck selectAdmission exits arm variant) =
truehNode:primitiveNode = selectAdmission.conditionNode⊢ ∀ arm ∈ selectAdmission.arms,
∃ variant ∈ selectAdmission.variants,
variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.arms fun arm =>
selectAdmission.variants.any fun variant => selectArmBodyBoundaryShapeCheck selectAdmission exits arm variant) =
truehNode:primitiveNode = selectAdmission.conditionNode⊢ PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps All goals completed! 🐙
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.arms fun arm =>
selectAdmission.variants.any fun variant => selectArmBodyBoundaryShapeCheck selectAdmission exits arm variant) =
truehNode:primitiveNode = selectAdmission.conditionNode⊢ ∀ arm ∈ selectAdmission.arms,
∃ variant ∈ selectAdmission.variants,
variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits)) intro arm artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.arms fun arm =>
selectAdmission.variants.any fun variant => selectArmBodyBoundaryShapeCheck selectAdmission exits arm variant) =
truehNode:primitiveNode = selectAdmission.conditionNodearm:SelectArmAdmissionArtifacthArm:arm ∈ selectAdmission.arms⊢ ∃ variant ∈ selectAdmission.variants,
variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
have hArmCheck :=
Check.allBool_sound hPrimitiveCheck.right
(fun checkedArm _ hCheckedArm =>
show
∃ variant, variant ∈ selectAdmission.variants ∧
variant.key = checkedArm.canonicalKey ∧
(((checkedArm.bodyNodes = [] ∧ checkedArm.bodyEntries = [] ∧
checkedArm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits =
[variant.port.identityOutputShape]) ∨
(checkedArm.bodyEntries.map
AdmissionBoundaryPort.compatibilityShape =
[variant.port.compatibilityShape] ∧
(checkedArm.bodyExits.map
AdmissionBoundaryPort.outputShape).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))) artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.selectArmBodyBoundariesMatchConditionRowCheck selectAdmission = true⊢ ∃ entries exits,
PrimitiveGraphStep.node selectAdmission.conditionNode entries exits ∈ artifact.primitiveSteps ∧
∀ arm ∈ selectAdmission.arms,
∃ variant ∈ selectAdmission.variants,
variant.key = arm.canonicalKey ∧
((arm.bodyNodes = [] ∧ arm.bodyEntries = [] ∧ arm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape arm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape arm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
artifact:WireAdmissionArtifactselectAdmission:SelectAdmissionArtifacthCheck:artifact.primitiveSteps.any (selectArmBodyBoundariesPrimitiveStepCheck selectAdmission) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:decide (primitiveNode = selectAdmission.conditionNode) = true ∧
(Check.allBool selectAdmission.arms fun arm =>
selectAdmission.variants.any fun variant => selectArmBodyBoundaryShapeCheck selectAdmission exits arm variant) =
truehNode:primitiveNode = selectAdmission.conditionNodearm:SelectArmAdmissionArtifacthArm:arm ∈ selectAdmission.armscheckedArm:SelectArmAdmissionArtifactx✝:checkedArm ∈ selectAdmission.armshCheckedArm:(selectAdmission.variants.any fun variant => selectArmBodyBoundaryShapeCheck selectAdmission exits checkedArm variant) =
truevariant:SelectVariantArtifacthVariant:variant ∈ selectAdmission.variantshVariantCheck:selectArmBodyBoundaryShapeCheck selectAdmission exits checkedArm variant = true⊢ ∃ variant ∈ selectAdmission.variants,
variant.key = checkedArm.canonicalKey ∧
((checkedArm.bodyNodes = [] ∧ checkedArm.bodyEntries = [] ∧ checkedArm.bodyExits = []) ∧
SelectConditionBridgeOutputShapes selectAdmission exits = [variant.port.identityOutputShape] ∨
List.map AdmissionBoundaryPort.compatibilityShape checkedArm.bodyEntries = [variant.port.compatibilityShape] ∧
(List.map AdmissionBoundaryPort.outputShape checkedArm.bodyExits).Perm
(SelectConditionBridgeOutputShapes selectAdmission exits))
All goals completed! 🐙)
arm hArm
All goals completed! 🐙Executable checker for all select arm body boundary facts.
def selectArmBodyBoundariesMatchConditionCheck
(artifact : WireAdmissionArtifact) :
Bool :=
Check.allBool artifact.selects
(selectArmBodyBoundariesMatchConditionRowCheck artifact)
Successful select arm body-boundary checking proves SelectArmBodyBoundariesMatchCondition.
theorem selectArmBodyBoundariesMatchConditionCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.selectArmBodyBoundariesMatchConditionCheck = true) :
artifact.SelectArmBodyBoundariesMatchCondition :=
Check.allBool_sound hCheck
(fun _selectAdmission _ hSelect =>
selectArmBodyBoundariesMatchConditionRowCheck_sound hSelect)Executable checker that latent select body nodes are fresh from the top-level summary.
def selectArmBodyNodesFreshFromSummaryCheck
(artifact : WireAdmissionArtifact) :
Bool :=
Check.allBool artifact.selects fun selectAdmission =>
Check.allBool selectAdmission.arms fun arm =>
Check.allDecide arm.bodyNodes fun node =>
node ∉ artifact.nodes
Successful freshness checking proves SelectArmBodyNodesFreshFromSummary.
theorem selectArmBodyNodesFreshFromSummaryCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.selectArmBodyNodesFreshFromSummaryCheck = true) :
artifact.SelectArmBodyNodesFreshFromSummary := artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesFreshFromSummaryCheck = true⊢ artifact.SelectArmBodyNodesFreshFromSummary
intro selectAdmission artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesFreshFromSummaryCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selects⊢ ∀ arm ∈ selectAdmission.arms, ∀ node ∈ arm.bodyNodes, node ∉ artifact.nodes artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesFreshFromSummaryCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsarm:SelectArmAdmissionArtifact⊢ arm ∈ selectAdmission.arms → ∀ node ∈ arm.bodyNodes, node ∉ artifact.nodes artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesFreshFromSummaryCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsarm:SelectArmAdmissionArtifacthArm:arm ∈ selectAdmission.arms⊢ ∀ node ∈ arm.bodyNodes, node ∉ artifact.nodes artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesFreshFromSummaryCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsarm:SelectArmAdmissionArtifacthArm:arm ∈ selectAdmission.armsnode:NodeId⊢ node ∈ arm.bodyNodes → node ∉ artifact.nodes artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesFreshFromSummaryCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsarm:SelectArmAdmissionArtifacthArm:arm ∈ selectAdmission.armsnode:NodeIdhNode:node ∈ arm.bodyNodes⊢ node ∉ artifact.nodes
artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesFreshFromSummaryCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsarm:SelectArmAdmissionArtifacthArm:arm ∈ selectAdmission.armsnode:NodeIdhNode:node ∈ arm.bodyNodeshSelectCheck:∀ item ∈ selectAdmission.arms, ∀ item_1 ∈ item.bodyNodes, item_1 ∉ artifact.nodes⊢ node ∉ artifact.nodes
artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesFreshFromSummaryCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsarm:SelectArmAdmissionArtifacthArm:arm ∈ selectAdmission.armsnode:NodeIdhNode:node ∈ arm.bodyNodeshSelectCheck:∀ item ∈ selectAdmission.arms, ∀ item_1 ∈ item.bodyNodes, item_1 ∉ artifact.nodeshArmCheck:∀ item ∈ arm.bodyNodes, item ∉ artifact.nodes⊢ node ∉ artifact.nodes
All goals completed! 🐙Row-pair checker that latent select arm body nodes are pairwise disjoint.
def selectArmBodyNodesDisjointPairCheck
(left right : SelectArmAdmissionArtifact) :
Bool :=
if left.canonicalKey = right.canonicalKey then
true
else
Check.allDecide left.bodyNodes fun node =>
node ∉ right.bodyNodesSuccessful row-pair checking proves body-node disjointness for distinct canonical keys.
theorem selectArmBodyNodesDisjointPairCheck_sound
{left right : SelectArmAdmissionArtifact}
(hCheck : selectArmBodyNodesDisjointPairCheck left right = true)
(hKeys : left.canonicalKey ≠ right.canonicalKey) :
∀ node, node ∈ left.bodyNodes → node ∉ right.bodyNodes := left:SelectArmAdmissionArtifactright:SelectArmAdmissionArtifacthCheck:selectArmBodyNodesDisjointPairCheck left right = truehKeys:left.canonicalKey ≠ right.canonicalKey⊢ ∀ node ∈ left.bodyNodes, node ∉ right.bodyNodes
left:SelectArmAdmissionArtifactright:SelectArmAdmissionArtifacthCheck:(if left.canonicalKey = right.canonicalKey then true
else Check.allDecide left.bodyNodes fun node => node ∉ right.bodyNodes) =
truehKeys:left.canonicalKey ≠ right.canonicalKey⊢ ∀ node ∈ left.bodyNodes, node ∉ right.bodyNodes
left:SelectArmAdmissionArtifactright:SelectArmAdmissionArtifacthCheck:(Check.allDecide left.bodyNodes fun node => node ∉ right.bodyNodes) = truehKeys:left.canonicalKey ≠ right.canonicalKey⊢ ∀ node ∈ left.bodyNodes, node ∉ right.bodyNodes
All goals completed! 🐙Executable checker that latent select arm body-node domains are pairwise disjoint.
def selectArmBodyNodesPairwiseDisjointCheck
(artifact : WireAdmissionArtifact) :
Bool :=
Check.allBool artifact.selects fun selectAdmission =>
Check.allBool selectAdmission.arms fun left =>
Check.allBool selectAdmission.arms fun right =>
selectArmBodyNodesDisjointPairCheck left right
Successful body-node disjointness checking proves SelectArmBodyNodesPairwiseDisjoint.
theorem selectArmBodyNodesPairwiseDisjointCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.selectArmBodyNodesPairwiseDisjointCheck = true) :
artifact.SelectArmBodyNodesPairwiseDisjoint := artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesPairwiseDisjointCheck = true⊢ artifact.SelectArmBodyNodesPairwiseDisjoint
intro selectAdmission artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesPairwiseDisjointCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selects⊢ ∀ left ∈ selectAdmission.arms,
∀ right ∈ selectAdmission.arms,
left.canonicalKey ≠ right.canonicalKey → ∀ node ∈ left.bodyNodes, node ∉ right.bodyNodes artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesPairwiseDisjointCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsleft:SelectArmAdmissionArtifact⊢ left ∈ selectAdmission.arms →
∀ right ∈ selectAdmission.arms,
left.canonicalKey ≠ right.canonicalKey → ∀ node ∈ left.bodyNodes, node ∉ right.bodyNodes artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesPairwiseDisjointCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsleft:SelectArmAdmissionArtifacthLeft:left ∈ selectAdmission.arms⊢ ∀ right ∈ selectAdmission.arms, left.canonicalKey ≠ right.canonicalKey → ∀ node ∈ left.bodyNodes, node ∉ right.bodyNodes artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesPairwiseDisjointCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsleft:SelectArmAdmissionArtifacthLeft:left ∈ selectAdmission.armsright:SelectArmAdmissionArtifact⊢ right ∈ selectAdmission.arms → left.canonicalKey ≠ right.canonicalKey → ∀ node ∈ left.bodyNodes, node ∉ right.bodyNodes artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesPairwiseDisjointCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsleft:SelectArmAdmissionArtifacthLeft:left ∈ selectAdmission.armsright:SelectArmAdmissionArtifacthRight:right ∈ selectAdmission.arms⊢ left.canonicalKey ≠ right.canonicalKey → ∀ node ∈ left.bodyNodes, node ∉ right.bodyNodes artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesPairwiseDisjointCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsleft:SelectArmAdmissionArtifacthLeft:left ∈ selectAdmission.armsright:SelectArmAdmissionArtifacthRight:right ∈ selectAdmission.armshKeys:left.canonicalKey ≠ right.canonicalKey⊢ ∀ node ∈ left.bodyNodes, node ∉ right.bodyNodes artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesPairwiseDisjointCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsleft:SelectArmAdmissionArtifacthLeft:left ∈ selectAdmission.armsright:SelectArmAdmissionArtifacthRight:right ∈ selectAdmission.armshKeys:left.canonicalKey ≠ right.canonicalKeynode:NodeId⊢ node ∈ left.bodyNodes → node ∉ right.bodyNodes artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesPairwiseDisjointCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsleft:SelectArmAdmissionArtifacthLeft:left ∈ selectAdmission.armsright:SelectArmAdmissionArtifacthRight:right ∈ selectAdmission.armshKeys:left.canonicalKey ≠ right.canonicalKeynode:NodeIdhNode:node ∈ left.bodyNodes⊢ node ∉ right.bodyNodes
have hSelectCheck :=
Check.allBool_sound hCheck
(fun checkedSelect _ hCheckedSelect =>
Check.allBool_sound hCheckedSelect
(fun checkedLeft _ hCheckedLeft =>
Check.allBool_sound hCheckedLeft
(fun checkedRight _ hCheckedRight =>
show
selectArmBodyNodesDisjointPairCheck
checkedLeft checkedRight = true artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesPairwiseDisjointCheck = true⊢ artifact.SelectArmBodyNodesPairwiseDisjoint
All goals completed! 🐙)))
selectAdmission hSelect
artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesPairwiseDisjointCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsleft:SelectArmAdmissionArtifacthLeft:left ∈ selectAdmission.armsright:SelectArmAdmissionArtifacthRight:right ∈ selectAdmission.armshKeys:left.canonicalKey ≠ right.canonicalKeynode:NodeIdhNode:node ∈ left.bodyNodeshSelectCheck:∀ item ∈ selectAdmission.arms, ∀ item_1 ∈ selectAdmission.arms, selectArmBodyNodesDisjointPairCheck item item_1 = truehLeftCheck:∀ item ∈ selectAdmission.arms, selectArmBodyNodesDisjointPairCheck left item = true⊢ node ∉ right.bodyNodes
artifact:WireAdmissionArtifacthCheck:artifact.selectArmBodyNodesPairwiseDisjointCheck = trueselectAdmission:SelectAdmissionArtifacthSelect:selectAdmission ∈ artifact.selectsleft:SelectArmAdmissionArtifacthLeft:left ∈ selectAdmission.armsright:SelectArmAdmissionArtifacthRight:right ∈ selectAdmission.armshKeys:left.canonicalKey ≠ right.canonicalKeynode:NodeIdhNode:node ∈ left.bodyNodeshSelectCheck:∀ item ∈ selectAdmission.arms, ∀ item_1 ∈ selectAdmission.arms, selectArmBodyNodesDisjointPairCheck item item_1 = truehLeftCheck:∀ item ∈ selectAdmission.arms, selectArmBodyNodesDisjointPairCheck left item = truehRightCheck:selectArmBodyNodesDisjointPairCheck left right = true⊢ node ∉ right.bodyNodes
All goals completed! 🐙Component Frontier Cross-Reference Checks
Executable checker that generated-child frontiers are primitive-backed.
def generatedChildComponentFrontiersBackedByPrimitiveCheck
(artifact : WireAdmissionArtifact)
(child : GeneratedChildArtifact) :
Bool :=
let exitKeys := PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
let entryKeys := PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
(Check.allDecide child.outputs fun output => output.key ∈ exitKeys) &&
(Check.allDecide child.inputs fun input => input.key ∈ entryKeys)Successful generated-child component-frontier checking proves primitive backing.
theorem generatedChildComponentFrontiersBackedByPrimitiveCheck_sound
{artifact : WireAdmissionArtifact}
{child : GeneratedChildArtifact}
(hCheck :
generatedChildComponentFrontiersBackedByPrimitiveCheck artifact child =
true) :
(∀ output, output ∈ child.outputs →
output.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) ∧
(∀ input, input ∈ child.inputs →
input.key ∈
PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps) := artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.generatedChildComponentFrontiersBackedByPrimitiveCheck child = true⊢ (∀ output ∈ child.outputs, output.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) ∧
∀ input ∈ child.inputs, input.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:(have exitKeys := PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps;
have entryKeys := PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps;
(Check.allDecide child.outputs fun output => output.key ∈ exitKeys) &&
Check.allDecide child.inputs fun input => input.key ∈ entryKeys) =
true⊢ (∀ output ∈ child.outputs, output.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) ∧
∀ input ∈ child.inputs, input.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:(Check.allDecide child.outputs fun output => output.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) =
true ∧
(Check.allDecide child.inputs fun input => input.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps) =
true⊢ (∀ output ∈ child.outputs, output.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) ∧
∀ input ∈ child.inputs, input.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
All goals completed! 🐙Executable checker that all used children in one generated row are primitive-backed.
def generatedFormComponentFrontiersBackedByPrimitiveCheck
(artifact : WireAdmissionArtifact)
(generated : GeneratedFormArtifact) :
Bool :=
Check.allBool generated.usedChildren
(generatedChildComponentFrontiersBackedByPrimitiveCheck artifact)Successful generated-row checking proves primitive backing for every used child.
theorem generatedFormComponentFrontiersBackedByPrimitiveCheck_sound
{artifact : WireAdmissionArtifact}
{generated : GeneratedFormArtifact}
(hCheck :
generatedFormComponentFrontiersBackedByPrimitiveCheck artifact generated =
true) :
∀ child, child ∈ generated.usedChildren →
(∀ output, output ∈ child.outputs →
output.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) ∧
(∀ input, input ∈ child.inputs →
input.key ∈
PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps) :=
Check.allBool_sound hCheck
(fun _child _ hChild =>
generatedChildComponentFrontiersBackedByPrimitiveCheck_sound hChild)Executable checker that source-visible phantom frontiers are primitive-backed.
def phantomAdapterComponentFrontiersBackedByPrimitiveCheck
(artifact : WireAdmissionArtifact)
(phantom : PhantomAdapterArtifact) :
Bool :=
let entryKeys := PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
let exitKeys := PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
match phantom.direction with
| PhantomAdapterDirection.gather =>
decide (phantom.singular.key ∈ entryKeys) &&
Check.allDecide phantom.multi fun multi => multi.key ∈ exitKeys
| PhantomAdapterDirection.scatter =>
decide (phantom.singular.key ∈ exitKeys) &&
Check.allDecide phantom.multi fun multi => multi.key ∈ entryKeysSuccessful phantom component-frontier checking proves primitive backing.
theorem phantomAdapterComponentFrontiersBackedByPrimitiveCheck_sound
{artifact : WireAdmissionArtifact}
{phantom : PhantomAdapterArtifact}
(hCheck :
phantomAdapterComponentFrontiersBackedByPrimitiveCheck artifact phantom =
true) :
match phantom.direction with
| PhantomAdapterDirection.gather =>
phantom.singular.key ∈
PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
∀ multi, multi ∈ phantom.multi →
multi.key ∈
PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
| PhantomAdapterDirection.scatter =>
phantom.singular.key ∈
PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
∀ multi, multi ∈ phantom.multi →
multi.key ∈
PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps := artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.phantomAdapterComponentFrontiersBackedByPrimitiveCheck phantom = true⊢ match phantom.direction with
| PhantomAdapterDirection.gather =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
| PhantomAdapterDirection.scatter =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
cases hDirection : phantom.direction with
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.phantomAdapterComponentFrontiersBackedByPrimitiveCheck phantom = truehDirection:phantom.direction = PhantomAdapterDirection.gather⊢ match PhantomAdapterDirection.gather with
| PhantomAdapterDirection.gather =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
| PhantomAdapterDirection.scatter =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:(have entryKeys := PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps;
have exitKeys := PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps;
match phantom.direction with
| PhantomAdapterDirection.gather =>
decide (phantom.singular.key ∈ entryKeys) && Check.allDecide phantom.multi fun multi => multi.key ∈ exitKeys
| PhantomAdapterDirection.scatter =>
decide (phantom.singular.key ∈ exitKeys) && Check.allDecide phantom.multi fun multi => multi.key ∈ entryKeys) =
truehDirection:phantom.direction = PhantomAdapterDirection.gather⊢ match PhantomAdapterDirection.gather with
| PhantomAdapterDirection.gather =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
| PhantomAdapterDirection.scatter =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:(have entryKeys := PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps;
have exitKeys := PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps;
match PhantomAdapterDirection.gather with
| PhantomAdapterDirection.gather =>
decide (phantom.singular.key ∈ entryKeys) && Check.allDecide phantom.multi fun multi => multi.key ∈ exitKeys
| PhantomAdapterDirection.scatter =>
decide (phantom.singular.key ∈ exitKeys) && Check.allDecide phantom.multi fun multi => multi.key ∈ entryKeys) =
truehDirection:phantom.direction = PhantomAdapterDirection.gather⊢ match PhantomAdapterDirection.gather with
| PhantomAdapterDirection.gather =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
| PhantomAdapterDirection.scatter =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:decide (phantom.singular.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps) = true ∧
(Check.allDecide phantom.multi fun multi => multi.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) =
truehDirection:phantom.direction = PhantomAdapterDirection.gather⊢ match PhantomAdapterDirection.gather with
| PhantomAdapterDirection.gather =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
| PhantomAdapterDirection.scatter =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
All goals completed! 🐙
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.phantomAdapterComponentFrontiersBackedByPrimitiveCheck phantom = truehDirection:phantom.direction = PhantomAdapterDirection.scatter⊢ match PhantomAdapterDirection.scatter with
| PhantomAdapterDirection.gather =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
| PhantomAdapterDirection.scatter =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:(have entryKeys := PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps;
have exitKeys := PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps;
match phantom.direction with
| PhantomAdapterDirection.gather =>
decide (phantom.singular.key ∈ entryKeys) && Check.allDecide phantom.multi fun multi => multi.key ∈ exitKeys
| PhantomAdapterDirection.scatter =>
decide (phantom.singular.key ∈ exitKeys) && Check.allDecide phantom.multi fun multi => multi.key ∈ entryKeys) =
truehDirection:phantom.direction = PhantomAdapterDirection.scatter⊢ match PhantomAdapterDirection.scatter with
| PhantomAdapterDirection.gather =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
| PhantomAdapterDirection.scatter =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:(have entryKeys := PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps;
have exitKeys := PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps;
match PhantomAdapterDirection.scatter with
| PhantomAdapterDirection.gather =>
decide (phantom.singular.key ∈ entryKeys) && Check.allDecide phantom.multi fun multi => multi.key ∈ exitKeys
| PhantomAdapterDirection.scatter =>
decide (phantom.singular.key ∈ exitKeys) && Check.allDecide phantom.multi fun multi => multi.key ∈ entryKeys) =
truehDirection:phantom.direction = PhantomAdapterDirection.scatter⊢ match PhantomAdapterDirection.scatter with
| PhantomAdapterDirection.gather =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
| PhantomAdapterDirection.scatter =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:decide (phantom.singular.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) = true ∧
(Check.allDecide phantom.multi fun multi =>
multi.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps) =
truehDirection:phantom.direction = PhantomAdapterDirection.scatter⊢ match PhantomAdapterDirection.scatter with
| PhantomAdapterDirection.gather =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
| PhantomAdapterDirection.scatter =>
phantom.singular.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps ∧
∀ multi ∈ phantom.multi, multi.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
All goals completed! 🐙Executable checker that select variant frontiers are primitive-backed.
def selectVariantsComponentFrontiersBackedByPrimitiveCheck
(artifact : WireAdmissionArtifact)
(selectAdmission : SelectAdmissionArtifact) :
Bool :=
let exitKeys := PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
Check.allDecide selectAdmission.variants fun variant => variant.port.key ∈ exitKeysSuccessful select-row checking proves primitive backing for every variant.
theorem selectVariantsComponentFrontiersBackedByPrimitiveCheck_sound
{artifact : WireAdmissionArtifact}
{selectAdmission : SelectAdmissionArtifact}
(hCheck :
selectVariantsComponentFrontiersBackedByPrimitiveCheck
artifact selectAdmission = true) :
∀ variant, variant ∈ selectAdmission.variants →
variant.port.key ∈
PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps :=
Check.allDecide_sound hCheckExecutable checker for component-specific primitive frontier backing.
def componentFrontiersBackedByPrimitiveCheck
(artifact : WireAdmissionArtifact) :
Bool :=
Check.allBool artifact.generatedForms
(generatedFormComponentFrontiersBackedByPrimitiveCheck artifact) &&
Check.allBool artifact.phantomAdapters
(phantomAdapterComponentFrontiersBackedByPrimitiveCheck artifact) &&
Check.allBool artifact.selects
(selectVariantsComponentFrontiersBackedByPrimitiveCheck artifact)
Successful component-frontier checking proves ComponentFrontiersBackedByPrimitive.
theorem componentFrontiersBackedByPrimitiveCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.componentFrontiersBackedByPrimitiveCheck = true) :
artifact.ComponentFrontiersBackedByPrimitive := artifact:WireAdmissionArtifacthCheck:artifact.componentFrontiersBackedByPrimitiveCheck = true⊢ artifact.ComponentFrontiersBackedByPrimitive
artifact:WireAdmissionArtifacthCheck:(Check.allBool artifact.generatedForms artifact.generatedFormComponentFrontiersBackedByPrimitiveCheck &&
Check.allBool artifact.phantomAdapters artifact.phantomAdapterComponentFrontiersBackedByPrimitiveCheck &&
Check.allBool artifact.selects artifact.selectVariantsComponentFrontiersBackedByPrimitiveCheck) =
true⊢ artifact.ComponentFrontiersBackedByPrimitive
artifact:WireAdmissionArtifacthCheck:(Check.allBool artifact.generatedForms artifact.generatedFormComponentFrontiersBackedByPrimitiveCheck &&
Check.allBool artifact.phantomAdapters artifact.phantomAdapterComponentFrontiersBackedByPrimitiveCheck) =
true ∧
Check.allBool artifact.selects artifact.selectVariantsComponentFrontiersBackedByPrimitiveCheck = true⊢ artifact.ComponentFrontiersBackedByPrimitive
artifact:WireAdmissionArtifacthCheck:(Check.allBool artifact.generatedForms artifact.generatedFormComponentFrontiersBackedByPrimitiveCheck = true ∧
Check.allBool artifact.phantomAdapters artifact.phantomAdapterComponentFrontiersBackedByPrimitiveCheck = true) ∧
Check.allBool artifact.selects artifact.selectVariantsComponentFrontiersBackedByPrimitiveCheck = true⊢ artifact.ComponentFrontiersBackedByPrimitive
All goals completed! 🐙Row checker for the primitive node frontier row behind a generated child.
def generatedChildFrontiersPrimitiveStepCheck
(child : GeneratedChildArtifact) :
PrimitiveGraphStep → Bool
| PrimitiveGraphStep.node node entries exits =>
decide (node = child.node) &&
Check.permCheck child.inputKeys
(entries.map AdmissionBoundaryPort.key) &&
Check.permCheck child.outputKeys
(exits.map AdmissionBoundaryPort.key)
| PrimitiveGraphStep.empty =>
false
| PrimitiveGraphStep.bindingRef _binding =>
false
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings =>
false
| PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs
_unmatchedLeftExits _unmatchedRightEntries =>
falseExecutable checker that one generated child matches its primitive node frontier row.
def generatedChildFrontiersMatchPrimitiveChildCheck
(artifact : WireAdmissionArtifact)
(child : GeneratedChildArtifact) :
Bool :=
artifact.primitiveSteps.any
(generatedChildFrontiersPrimitiveStepCheck child)Successful child checking proves exact primitive frontier matching.
theorem generatedChildFrontiersMatchPrimitiveChildCheck_sound
{artifact : WireAdmissionArtifact}
{child : GeneratedChildArtifact}
(hCheck :
generatedChildFrontiersMatchPrimitiveChildCheck artifact child = true) :
∃ entries exits,
PrimitiveGraphStep.node child.node entries exits ∈ artifact.primitiveSteps ∧
child.inputKeys.Perm (entries.map AdmissionBoundaryPort.key) ∧
child.outputKeys.Perm (exits.map AdmissionBoundaryPort.key) := artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.generatedChildFrontiersMatchPrimitiveChildCheck child = true⊢ ∃ entries exits,
PrimitiveGraphStep.node child.node entries exits ∈ artifact.primitiveSteps ∧
child.inputKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
child.outputKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node child.node entries exits ∈ artifact.primitiveSteps ∧
child.inputKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
child.outputKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = trueprimitiveStep:PrimitiveGraphStephPrimitiveStep:primitiveStep ∈ artifact.primitiveStepshPrimitiveCheck:generatedChildFrontiersPrimitiveStepCheck child primitiveStep = true⊢ ∃ entries exits,
PrimitiveGraphStep.node child.node entries exits ∈ artifact.primitiveSteps ∧
child.inputKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
child.outputKeys.Perm (List.map AdmissionBoundaryPort.key exits)
cases primitiveStep with
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = truehPrimitiveStep:PrimitiveGraphStep.empty ∈ artifact.primitiveStepshPrimitiveCheck:generatedChildFrontiersPrimitiveStepCheck child PrimitiveGraphStep.empty = true⊢ ∃ entries exits,
PrimitiveGraphStep.node child.node entries exits ∈ artifact.primitiveSteps ∧
child.inputKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
child.outputKeys.Perm (List.map AdmissionBoundaryPort.key exits)
All goals completed! 🐙
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = true_binding:BindingNamehPrimitiveStep:PrimitiveGraphStep.bindingRef _binding ∈ artifact.primitiveStepshPrimitiveCheck:generatedChildFrontiersPrimitiveStepCheck child (PrimitiveGraphStep.bindingRef _binding) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node child.node entries exits ∈ artifact.primitiveSteps ∧
child.inputKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
child.outputKeys.Perm (List.map AdmissionBoundaryPort.key exits)
All goals completed! 🐙
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = true_leftNodes:List NodeId_rightNodes:List NodeId_leftBindings:List BindingName_rightBindings:List BindingNamehPrimitiveStep:PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings ∈ artifact.primitiveStepshPrimitiveCheck:generatedChildFrontiersPrimitiveStepCheck child
(PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.node child.node entries exits ∈ artifact.primitiveSteps ∧
child.inputKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
child.outputKeys.Perm (List.map AdmissionBoundaryPort.key exits)
All goals completed! 🐙
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = true_leftExits:List AdmissionBoundaryPort_rightEntries:List AdmissionBoundaryPort_matchedPairs:List AdmissionConnection_unmatchedLeftExits:List AdmissionBoundaryPort_unmatchedRightEntries:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries ∈
artifact.primitiveStepshPrimitiveCheck:generatedChildFrontiersPrimitiveStepCheck child
(PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.node child.node entries exits ∈ artifact.primitiveSteps ∧
child.inputKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
child.outputKeys.Perm (List.map AdmissionBoundaryPort.key exits)
All goals completed! 🐙
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:generatedChildFrontiersPrimitiveStepCheck child (PrimitiveGraphStep.node primitiveNode entries exits) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node child.node entries exits ∈ artifact.primitiveSteps ∧
child.inputKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
child.outputKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:(match PrimitiveGraphStep.node primitiveNode entries exits with
| PrimitiveGraphStep.node node entries exits =>
decide (node = child.node) && Check.permCheck child.inputKeys (List.map AdmissionBoundaryPort.key entries) &&
Check.permCheck child.outputKeys (List.map AdmissionBoundaryPort.key exits)
| PrimitiveGraphStep.empty => false
| PrimitiveGraphStep.bindingRef _binding => false
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings => false
| PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries =>
false) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.node child.node entries exits ∈ artifact.primitiveSteps ∧
child.inputKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
child.outputKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:(decide (primitiveNode = child.node) = true ∧
Check.permCheck child.inputKeys (List.map AdmissionBoundaryPort.key entries) = true) ∧
Check.permCheck child.outputKeys (List.map AdmissionBoundaryPort.key exits) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node child.node entries exits ∈ artifact.primitiveSteps ∧
child.inputKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
child.outputKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshOutputs:Check.permCheck child.outputKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = child.node) = truehInputs:Check.permCheck child.inputKeys (List.map AdmissionBoundaryPort.key entries) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node child.node entries exits ∈ artifact.primitiveSteps ∧
child.inputKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
child.outputKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshOutputs:Check.permCheck child.outputKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = child.node) = truehInputs:Check.permCheck child.inputKeys (List.map AdmissionBoundaryPort.key entries) = truehNodeEq:primitiveNode = child.node⊢ ∃ entries exits,
PrimitiveGraphStep.node child.node entries exits ∈ artifact.primitiveSteps ∧
child.inputKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
child.outputKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshOutputs:Check.permCheck child.outputKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = child.node) = truehInputs:Check.permCheck child.inputKeys (List.map AdmissionBoundaryPort.key entries) = truehNodeEq:primitiveNode = child.node⊢ PrimitiveGraphStep.node child.node entries exits ∈ artifact.primitiveStepsartifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshOutputs:Check.permCheck child.outputKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = child.node) = truehInputs:Check.permCheck child.inputKeys (List.map AdmissionBoundaryPort.key entries) = truehNodeEq:primitiveNode = child.node⊢ child.inputKeys.Perm (List.map AdmissionBoundaryPort.key entries)artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshOutputs:Check.permCheck child.outputKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = child.node) = truehInputs:Check.permCheck child.inputKeys (List.map AdmissionBoundaryPort.key entries) = truehNodeEq:primitiveNode = child.node⊢ child.outputKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshOutputs:Check.permCheck child.outputKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = child.node) = truehInputs:Check.permCheck child.inputKeys (List.map AdmissionBoundaryPort.key entries) = truehNodeEq:primitiveNode = child.node⊢ PrimitiveGraphStep.node child.node entries exits ∈ artifact.primitiveSteps All goals completed! 🐙
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshOutputs:Check.permCheck child.outputKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = child.node) = truehInputs:Check.permCheck child.inputKeys (List.map AdmissionBoundaryPort.key entries) = truehNodeEq:primitiveNode = child.node⊢ child.inputKeys.Perm (List.map AdmissionBoundaryPort.key entries) All goals completed! 🐙
artifact:WireAdmissionArtifactchild:GeneratedChildArtifacthCheck:artifact.primitiveSteps.any (generatedChildFrontiersPrimitiveStepCheck child) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshOutputs:Check.permCheck child.outputKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = child.node) = truehInputs:Check.permCheck child.inputKeys (List.map AdmissionBoundaryPort.key entries) = truehNodeEq:primitiveNode = child.node⊢ child.outputKeys.Perm (List.map AdmissionBoundaryPort.key exits) All goals completed! 🐙Executable checker that all used children in one generated row match primitive rows.
def generatedFormChildFrontiersMatchPrimitiveCheck
(artifact : WireAdmissionArtifact)
(generated : GeneratedFormArtifact) :
Bool :=
Check.allBool generated.usedChildren
(generatedChildFrontiersMatchPrimitiveChildCheck artifact)Successful generated-row checking proves primitive frontier exactness for every child.
theorem generatedFormChildFrontiersMatchPrimitiveCheck_sound
{artifact : WireAdmissionArtifact}
{generated : GeneratedFormArtifact}
(hCheck :
generatedFormChildFrontiersMatchPrimitiveCheck artifact generated = true) :
∀ child, child ∈ generated.usedChildren →
∃ entries exits,
PrimitiveGraphStep.node child.node entries exits ∈
artifact.primitiveSteps ∧
child.inputKeys.Perm (entries.map AdmissionBoundaryPort.key) ∧
child.outputKeys.Perm (exits.map AdmissionBoundaryPort.key) :=
Check.allBool_sound hCheck
(fun _child _ hChild =>
generatedChildFrontiersMatchPrimitiveChildCheck_sound hChild)Executable checker for generated-child primitive frontier exactness.
def generatedChildFrontiersMatchPrimitiveCheck
(artifact : WireAdmissionArtifact) :
Bool :=
Check.allBool artifact.generatedForms
(generatedFormChildFrontiersMatchPrimitiveCheck artifact)
Successful generated-frontier checking proves GeneratedChildFrontiersMatchPrimitive.
theorem generatedChildFrontiersMatchPrimitiveCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.generatedChildFrontiersMatchPrimitiveCheck = true) :
artifact.GeneratedChildFrontiersMatchPrimitive :=
Check.allBool_sound hCheck
(fun _generated _ hGenerated =>
generatedFormChildFrontiersMatchPrimitiveCheck_sound hGenerated)Phantom Bridge Cross-Reference Checks
Executable checker that one phantom row's internal bridge endpoints are primitive-backed.
def phantomBridgeFrontiersBackedByPrimitiveRowCheck
(artifact : WireAdmissionArtifact)
(phantom : PhantomAdapterArtifact) :
Bool :=
let entryKeys := PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps
let exitKeys := PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
(Check.allDecide phantom.leftBulk fun pair => pair.toPort.key ∈ entryKeys) &&
(Check.allDecide phantom.rightBulk fun pair => pair.fromPort.key ∈ exitKeys)Successful phantom bridge-frontier backing checking proves one phantom row.
theorem phantomBridgeFrontiersBackedByPrimitiveRowCheck_sound
{artifact : WireAdmissionArtifact}
{phantom : PhantomAdapterArtifact}
(hCheck :
phantomBridgeFrontiersBackedByPrimitiveRowCheck artifact phantom = true) :
(∀ pair, pair ∈ phantom.leftBulk →
pair.toPort.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps) ∧
(∀ pair, pair ∈ phantom.rightBulk →
pair.fromPort.key ∈
PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) := artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.phantomBridgeFrontiersBackedByPrimitiveRowCheck phantom = true⊢ (∀ pair ∈ phantom.leftBulk, pair.toPort.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps) ∧
∀ pair ∈ phantom.rightBulk, pair.fromPort.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:(have entryKeys := PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps;
have exitKeys := PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps;
(Check.allDecide phantom.leftBulk fun pair => pair.toPort.key ∈ entryKeys) &&
Check.allDecide phantom.rightBulk fun pair => pair.fromPort.key ∈ exitKeys) =
true⊢ (∀ pair ∈ phantom.leftBulk, pair.toPort.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps) ∧
∀ pair ∈ phantom.rightBulk, pair.fromPort.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:(Check.allDecide phantom.leftBulk fun pair =>
pair.toPort.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps) =
true ∧
(Check.allDecide phantom.rightBulk fun pair =>
pair.fromPort.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps) =
true⊢ (∀ pair ∈ phantom.leftBulk, pair.toPort.key ∈ PrimitiveGraphStep.nodeEntryKeysList artifact.primitiveSteps) ∧
∀ pair ∈ phantom.rightBulk, pair.fromPort.key ∈ PrimitiveGraphStep.nodeExitKeysList artifact.primitiveSteps
All goals completed! 🐙Executable checker for all phantom bridge endpoint primitive backing.
def phantomBridgeFrontiersBackedByPrimitiveCheck
(artifact : WireAdmissionArtifact) :
Bool :=
Check.allBool artifact.phantomAdapters
(phantomBridgeFrontiersBackedByPrimitiveRowCheck artifact)
Successful backing checking proves PhantomBridgeFrontiersBackedByPrimitive.
theorem phantomBridgeFrontiersBackedByPrimitiveCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = true) :
artifact.PhantomBridgeFrontiersBackedByPrimitive :=
Check.allBool_sound hCheck
(fun _phantom _ hPhantom =>
phantomBridgeFrontiersBackedByPrimitiveRowCheck_sound hPhantom)Row checker for the primitive node frontier row behind one phantom adapter.
def phantomBridgeFrontiersPrimitiveStepCheck
(phantom : PhantomAdapterArtifact) :
PrimitiveGraphStep → Bool
| PrimitiveGraphStep.node node entries exits =>
decide (node = phantom.node) &&
Check.permCheck phantom.leftBulkTargetKeys
(entries.map AdmissionBoundaryPort.key) &&
Check.permCheck phantom.rightBulkSourceKeys
(exits.map AdmissionBoundaryPort.key)
| PrimitiveGraphStep.empty =>
false
| PrimitiveGraphStep.bindingRef _binding =>
false
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings =>
false
| PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs
_unmatchedLeftExits _unmatchedRightEntries =>
falseExecutable checker that one phantom row exactly matches its primitive node frontier row.
def phantomBridgeFrontiersMatchPrimitiveRowCheck
(artifact : WireAdmissionArtifact)
(phantom : PhantomAdapterArtifact) :
Bool :=
artifact.primitiveSteps.any
(phantomBridgeFrontiersPrimitiveStepCheck phantom)Successful row checking proves one phantom bridge frontier match.
theorem phantomBridgeFrontiersMatchPrimitiveRowCheck_sound
{artifact : WireAdmissionArtifact}
{phantom : PhantomAdapterArtifact}
(hCheck :
phantomBridgeFrontiersMatchPrimitiveRowCheck artifact phantom = true) :
∃ entries exits,
PrimitiveGraphStep.node phantom.node entries exits ∈ artifact.primitiveSteps ∧
phantom.leftBulkTargetKeys.Perm (entries.map AdmissionBoundaryPort.key) ∧
phantom.rightBulkSourceKeys.Perm (exits.map AdmissionBoundaryPort.key) := artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.phantomBridgeFrontiersMatchPrimitiveRowCheck phantom = true⊢ ∃ entries exits,
PrimitiveGraphStep.node phantom.node entries exits ∈ artifact.primitiveSteps ∧
phantom.leftBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
phantom.rightBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node phantom.node entries exits ∈ artifact.primitiveSteps ∧
phantom.leftBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
phantom.rightBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = trueprimitiveStep:PrimitiveGraphStephPrimitiveStep:primitiveStep ∈ artifact.primitiveStepshPrimitiveCheck:phantomBridgeFrontiersPrimitiveStepCheck phantom primitiveStep = true⊢ ∃ entries exits,
PrimitiveGraphStep.node phantom.node entries exits ∈ artifact.primitiveSteps ∧
phantom.leftBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
phantom.rightBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key exits)
cases primitiveStep with
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = truehPrimitiveStep:PrimitiveGraphStep.empty ∈ artifact.primitiveStepshPrimitiveCheck:phantomBridgeFrontiersPrimitiveStepCheck phantom PrimitiveGraphStep.empty = true⊢ ∃ entries exits,
PrimitiveGraphStep.node phantom.node entries exits ∈ artifact.primitiveSteps ∧
phantom.leftBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
phantom.rightBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key exits)
All goals completed! 🐙
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = true_binding:BindingNamehPrimitiveStep:PrimitiveGraphStep.bindingRef _binding ∈ artifact.primitiveStepshPrimitiveCheck:phantomBridgeFrontiersPrimitiveStepCheck phantom (PrimitiveGraphStep.bindingRef _binding) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node phantom.node entries exits ∈ artifact.primitiveSteps ∧
phantom.leftBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
phantom.rightBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key exits)
All goals completed! 🐙
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = true_leftNodes:List NodeId_rightNodes:List NodeId_leftBindings:List BindingName_rightBindings:List BindingNamehPrimitiveStep:PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings ∈ artifact.primitiveStepshPrimitiveCheck:phantomBridgeFrontiersPrimitiveStepCheck phantom
(PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.node phantom.node entries exits ∈ artifact.primitiveSteps ∧
phantom.leftBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
phantom.rightBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key exits)
All goals completed! 🐙
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = true_leftExits:List AdmissionBoundaryPort_rightEntries:List AdmissionBoundaryPort_matchedPairs:List AdmissionConnection_unmatchedLeftExits:List AdmissionBoundaryPort_unmatchedRightEntries:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries ∈
artifact.primitiveStepshPrimitiveCheck:phantomBridgeFrontiersPrimitiveStepCheck phantom
(PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.node phantom.node entries exits ∈ artifact.primitiveSteps ∧
phantom.leftBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
phantom.rightBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key exits)
All goals completed! 🐙
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:phantomBridgeFrontiersPrimitiveStepCheck phantom (PrimitiveGraphStep.node primitiveNode entries exits) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node phantom.node entries exits ∈ artifact.primitiveSteps ∧
phantom.leftBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
phantom.rightBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:(match PrimitiveGraphStep.node primitiveNode entries exits with
| PrimitiveGraphStep.node node entries exits =>
decide (node = phantom.node) &&
Check.permCheck phantom.leftBulkTargetKeys (List.map AdmissionBoundaryPort.key entries) &&
Check.permCheck phantom.rightBulkSourceKeys (List.map AdmissionBoundaryPort.key exits)
| PrimitiveGraphStep.empty => false
| PrimitiveGraphStep.bindingRef _binding => false
| PrimitiveGraphStep.overlay _leftNodes _rightNodes _leftBindings _rightBindings => false
| PrimitiveGraphStep.connect _leftExits _rightEntries _matchedPairs _unmatchedLeftExits _unmatchedRightEntries =>
false) =
true⊢ ∃ entries exits,
PrimitiveGraphStep.node phantom.node entries exits ∈ artifact.primitiveSteps ∧
phantom.leftBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
phantom.rightBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshPrimitiveCheck:(decide (primitiveNode = phantom.node) = true ∧
Check.permCheck phantom.leftBulkTargetKeys (List.map AdmissionBoundaryPort.key entries) = true) ∧
Check.permCheck phantom.rightBulkSourceKeys (List.map AdmissionBoundaryPort.key exits) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node phantom.node entries exits ∈ artifact.primitiveSteps ∧
phantom.leftBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
phantom.rightBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshRight:Check.permCheck phantom.rightBulkSourceKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = phantom.node) = truehLeft:Check.permCheck phantom.leftBulkTargetKeys (List.map AdmissionBoundaryPort.key entries) = true⊢ ∃ entries exits,
PrimitiveGraphStep.node phantom.node entries exits ∈ artifact.primitiveSteps ∧
phantom.leftBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
phantom.rightBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshRight:Check.permCheck phantom.rightBulkSourceKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = phantom.node) = truehLeft:Check.permCheck phantom.leftBulkTargetKeys (List.map AdmissionBoundaryPort.key entries) = truehNodeEq:primitiveNode = phantom.node⊢ ∃ entries exits,
PrimitiveGraphStep.node phantom.node entries exits ∈ artifact.primitiveSteps ∧
phantom.leftBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key entries) ∧
phantom.rightBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshRight:Check.permCheck phantom.rightBulkSourceKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = phantom.node) = truehLeft:Check.permCheck phantom.leftBulkTargetKeys (List.map AdmissionBoundaryPort.key entries) = truehNodeEq:primitiveNode = phantom.node⊢ PrimitiveGraphStep.node phantom.node entries exits ∈ artifact.primitiveStepsartifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshRight:Check.permCheck phantom.rightBulkSourceKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = phantom.node) = truehLeft:Check.permCheck phantom.leftBulkTargetKeys (List.map AdmissionBoundaryPort.key entries) = truehNodeEq:primitiveNode = phantom.node⊢ phantom.leftBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key entries)artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshRight:Check.permCheck phantom.rightBulkSourceKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = phantom.node) = truehLeft:Check.permCheck phantom.leftBulkTargetKeys (List.map AdmissionBoundaryPort.key entries) = truehNodeEq:primitiveNode = phantom.node⊢ phantom.rightBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key exits)
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshRight:Check.permCheck phantom.rightBulkSourceKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = phantom.node) = truehLeft:Check.permCheck phantom.leftBulkTargetKeys (List.map AdmissionBoundaryPort.key entries) = truehNodeEq:primitiveNode = phantom.node⊢ PrimitiveGraphStep.node phantom.node entries exits ∈ artifact.primitiveSteps All goals completed! 🐙
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshRight:Check.permCheck phantom.rightBulkSourceKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = phantom.node) = truehLeft:Check.permCheck phantom.leftBulkTargetKeys (List.map AdmissionBoundaryPort.key entries) = truehNodeEq:primitiveNode = phantom.node⊢ phantom.leftBulkTargetKeys.Perm (List.map AdmissionBoundaryPort.key entries) All goals completed! 🐙
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.primitiveSteps.any (phantomBridgeFrontiersPrimitiveStepCheck phantom) = trueprimitiveNode:NodeIdentries:List AdmissionBoundaryPortexits:List AdmissionBoundaryPorthPrimitiveStep:PrimitiveGraphStep.node primitiveNode entries exits ∈ artifact.primitiveStepshRight:Check.permCheck phantom.rightBulkSourceKeys (List.map AdmissionBoundaryPort.key exits) = truehNode:decide (primitiveNode = phantom.node) = truehLeft:Check.permCheck phantom.leftBulkTargetKeys (List.map AdmissionBoundaryPort.key entries) = truehNodeEq:primitiveNode = phantom.node⊢ phantom.rightBulkSourceKeys.Perm (List.map AdmissionBoundaryPort.key exits) All goals completed! 🐙Executable checker for all phantom bridge frontier exactness rows.
def phantomBridgeFrontiersMatchPrimitiveCheck
(artifact : WireAdmissionArtifact) :
Bool :=
Check.allBool artifact.phantomAdapters
(phantomBridgeFrontiersMatchPrimitiveRowCheck artifact)
Successful frontier-match checking proves PhantomBridgeFrontiersMatchPrimitive.
theorem phantomBridgeFrontiersMatchPrimitiveCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.phantomBridgeFrontiersMatchPrimitiveCheck = true) :
artifact.PhantomBridgeFrontiersMatchPrimitive :=
Check.allBool_sound hCheck
(fun _phantom _ hPhantom =>
phantomBridgeFrontiersMatchPrimitiveRowCheck_sound hPhantom)Executable checker that one phantom row's bulk contractions were replayed.
def phantomBridgeBulkConnectionsReplayedRowCheck
(artifact : WireAdmissionArtifact)
(phantom : PhantomAdapterArtifact) :
Bool :=
let matchedConnections :=
PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps
(Check.allDecide phantom.leftBulk fun pair => pair ∈ matchedConnections) &&
(Check.allDecide phantom.rightBulk fun pair => pair ∈ matchedConnections)Successful replay checking proves one phantom row's bulk contractions were replayed.
theorem phantomBridgeBulkConnectionsReplayedRowCheck_sound
{artifact : WireAdmissionArtifact}
{phantom : PhantomAdapterArtifact}
(hCheck :
phantomBridgeBulkConnectionsReplayedRowCheck artifact phantom = true) :
(∀ pair, pair ∈ phantom.leftBulk →
pair ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps) ∧
(∀ pair, pair ∈ phantom.rightBulk →
pair ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps) := artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:artifact.phantomBridgeBulkConnectionsReplayedRowCheck phantom = true⊢ (∀ pair ∈ phantom.leftBulk, pair ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps) ∧
∀ pair ∈ phantom.rightBulk, pair ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:(have matchedConnections := PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps;
(Check.allDecide phantom.leftBulk fun pair => pair ∈ matchedConnections) &&
Check.allDecide phantom.rightBulk fun pair => pair ∈ matchedConnections) =
true⊢ (∀ pair ∈ phantom.leftBulk, pair ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps) ∧
∀ pair ∈ phantom.rightBulk, pair ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps
artifact:WireAdmissionArtifactphantom:PhantomAdapterArtifacthCheck:(Check.allDecide phantom.leftBulk fun pair =>
pair ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps) =
true ∧
(Check.allDecide phantom.rightBulk fun pair =>
pair ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps) =
true⊢ (∀ pair ∈ phantom.leftBulk, pair ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps) ∧
∀ pair ∈ phantom.rightBulk, pair ∈ PrimitiveGraphStep.matchedConnectionsList artifact.primitiveSteps
All goals completed! 🐙Executable checker for all phantom bridge bulk replay rows.
def phantomBridgeBulkConnectionsReplayedCheck
(artifact : WireAdmissionArtifact) :
Bool :=
Check.allBool artifact.phantomAdapters
(phantomBridgeBulkConnectionsReplayedRowCheck artifact)
Successful replay checking proves PhantomBridgeBulkConnectionsReplayed.
theorem phantomBridgeBulkConnectionsReplayedCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.phantomBridgeBulkConnectionsReplayedCheck = true) :
artifact.PhantomBridgeBulkConnectionsReplayed :=
Check.allBool_sound hCheck
(fun _phantom _ hPhantom =>
phantomBridgeBulkConnectionsReplayedRowCheck_sound hPhantom)Executable checker for all component-domain closure obligations.
def componentDomainsClosedCheck (artifact : WireAdmissionArtifact) : Bool :=
Check.allBool artifact.primitiveSteps
(primitiveStepDomainClosedCheck artifact.nodes artifact.bindingRefs) &&
Check.allBool artifact.generatedForms
(generatedFormDomainClosedCheck artifact.nodes) &&
Check.allBool artifact.phantomAdapters
(phantomAdapterDomainClosedCheck artifact.nodes) &&
Check.allBool artifact.selects
(selectAdmissionDomainClosedCheck artifact.nodes)
Successful component-domain checking proves ComponentDomainsClosed.
theorem componentDomainsClosedCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.componentDomainsClosedCheck = true) :
artifact.ComponentDomainsClosed := artifact:WireAdmissionArtifacthCheck:artifact.componentDomainsClosedCheck = true⊢ artifact.ComponentDomainsClosed
artifact:WireAdmissionArtifacthCheck:(Check.allBool artifact.primitiveSteps (primitiveStepDomainClosedCheck artifact.nodes artifact.bindingRefs) &&
Check.allBool artifact.generatedForms (generatedFormDomainClosedCheck artifact.nodes) &&
Check.allBool artifact.phantomAdapters (phantomAdapterDomainClosedCheck artifact.nodes) &&
Check.allBool artifact.selects (selectAdmissionDomainClosedCheck artifact.nodes)) =
true⊢ artifact.ComponentDomainsClosed
artifact:WireAdmissionArtifacthCheck:((Check.allBool artifact.primitiveSteps (primitiveStepDomainClosedCheck artifact.nodes artifact.bindingRefs) = true ∧
Check.allBool artifact.generatedForms (generatedFormDomainClosedCheck artifact.nodes) = true) ∧
Check.allBool artifact.phantomAdapters (phantomAdapterDomainClosedCheck artifact.nodes) = true) ∧
Check.allBool artifact.selects (selectAdmissionDomainClosedCheck artifact.nodes) = true⊢ artifact.ComponentDomainsClosed
artifact:WireAdmissionArtifacthSelects:Check.allBool artifact.selects (selectAdmissionDomainClosedCheck artifact.nodes) = truehPhantom:Check.allBool artifact.phantomAdapters (phantomAdapterDomainClosedCheck artifact.nodes) = truehPrimitive:Check.allBool artifact.primitiveSteps (primitiveStepDomainClosedCheck artifact.nodes artifact.bindingRefs) = truehGenerated:Check.allBool artifact.generatedForms (generatedFormDomainClosedCheck artifact.nodes) = true⊢ artifact.ComponentDomainsClosed
All goals completed! 🐙Executable checker that generated-form rows are replay-addressable.
def generatedFormsReferencedCheck (artifact : WireAdmissionArtifact) : Bool :=
Check.allBool artifact.generatedForms
(generatedFormReferencedCheck artifact.bindingRefs)
Successful generated-form reference checking proves GeneratedFormsReferenced.
theorem generatedFormsReferencedCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.generatedFormsReferencedCheck = true) :
artifact.GeneratedFormsReferenced :=
Check.allBool_sound hCheck
(fun _generated _ hGenerated =>
generatedFormReferencedCheck_sound hGenerated)Executable checker that all generated-form rows are locally valid.
def generatedFormsValidCheck (artifact : WireAdmissionArtifact) : Bool :=
Check.allBool artifact.generatedForms generatedFormValidCheck
Successful generated-form list checking proves GeneratedFormsValid.
theorem generatedFormsValidCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.generatedFormsValidCheck = true) :
artifact.GeneratedFormsValid :=
Check.allBool_sound hCheck
(fun _generated _ hGenerated =>
generatedFormValidCheck_sound hGenerated)Executable checker that all phantom-adapter rows are locally valid.
def phantomAdaptersValidCheck (artifact : WireAdmissionArtifact) : Bool :=
Check.allBool artifact.phantomAdapters phantomAdapterValidCheck
Successful phantom-adapter list checking proves PhantomAdaptersValid.
theorem phantomAdaptersValidCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.phantomAdaptersValidCheck = true) :
artifact.PhantomAdaptersValid :=
Check.allBool_sound hCheck
(fun _phantom _ hPhantom =>
phantomAdapterValidCheck_sound hPhantom)Executable checker for component-row identity uniqueness.
def componentRowsUniqueCheck (artifact : WireAdmissionArtifact) : Bool :=
Check.nodupMapCheck artifact.generatedForms GeneratedFormArtifact.binding &&
Check.nodupMapCheck artifact.phantomAdapters PhantomAdapterArtifact.node &&
Check.nodupMapCheck artifact.selects SelectAdmissionArtifact.conditionNode &&
Check.nodupCheck artifact.componentRoleNodes
Successful component-row checking proves ComponentRowsUnique.
theorem componentRowsUniqueCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.componentRowsUniqueCheck = true) :
artifact.ComponentRowsUnique := artifact:WireAdmissionArtifacthCheck:artifact.componentRowsUniqueCheck = true⊢ artifact.ComponentRowsUnique
artifact:WireAdmissionArtifacthCheck:(Check.nodupMapCheck artifact.generatedForms GeneratedFormArtifact.binding &&
Check.nodupMapCheck artifact.phantomAdapters PhantomAdapterArtifact.node &&
Check.nodupMapCheck artifact.selects SelectAdmissionArtifact.conditionNode &&
Check.nodupCheck artifact.componentRoleNodes) =
true⊢ artifact.ComponentRowsUnique
artifact:WireAdmissionArtifacthCheck:((Check.nodupMapCheck artifact.generatedForms GeneratedFormArtifact.binding = true ∧
Check.nodupMapCheck artifact.phantomAdapters PhantomAdapterArtifact.node = true) ∧
Check.nodupMapCheck artifact.selects SelectAdmissionArtifact.conditionNode = true) ∧
Check.nodupCheck artifact.componentRoleNodes = true⊢ artifact.ComponentRowsUnique
artifact:WireAdmissionArtifacthRoles:Check.nodupCheck artifact.componentRoleNodes = truehSelect:Check.nodupMapCheck artifact.selects SelectAdmissionArtifact.conditionNode = truehGenerated:Check.nodupMapCheck artifact.generatedForms GeneratedFormArtifact.binding = truehPhantom:Check.nodupMapCheck artifact.phantomAdapters PhantomAdapterArtifact.node = true⊢ artifact.ComponentRowsUnique
All goals completed! 🐙Executable checker for primitive graph-step row-local validity.
def primitiveStepsValidCheck (artifact : WireAdmissionArtifact) : Bool :=
Check.allBool artifact.primitiveSteps PrimitiveGraphStep.validCheck
Successful primitive-step checking proves PrimitiveStepsValid.
theorem primitiveStepsValidCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.primitiveStepsValidCheck = true) :
artifact.PrimitiveStepsValid := artifact:WireAdmissionArtifacthCheck:artifact.primitiveStepsValidCheck = true⊢ artifact.PrimitiveStepsValid
All goals completed! 🐙
Executable checker-record counterpart of ValidatorReady.
The name is retained from the earlier staged checker slices. At this point it
contains every field needed to construct ValidatorReady.
structure ValidatorReadyCore (artifact : WireAdmissionArtifact) : Prop where
schemaCurrent : artifact.SchemaCurrent
summaryKeysUnique : artifact.SummaryKeysUnique
summaryRowsValid : artifact.SummaryRowsValid
summaryDomainClosed : artifact.SummaryDomainClosed
summaryIdentitiesMatchPrimitive : artifact.SummaryIdentitiesMatchPrimitive
summaryFrontiersBackedByPrimitive : artifact.SummaryFrontiersBackedByPrimitive
summaryFrontiersMatchPrimitive : artifact.SummaryFrontiersMatchPrimitive
rawConnectionsMatchPrimitive : artifact.RawConnectionsMatchPrimitive
componentDomainsClosed : artifact.ComponentDomainsClosed
selectsValid : artifact.SelectsValid
componentRowsUnique : artifact.ComponentRowsUnique
generatedFormsReferenced : artifact.GeneratedFormsReferenced
componentFrontiersBackedByPrimitive :
artifact.ComponentFrontiersBackedByPrimitive
generatedChildFrontiersMatchPrimitive :
artifact.GeneratedChildFrontiersMatchPrimitive
generatedFormsValid : artifact.GeneratedFormsValid
phantomAdaptersValid : artifact.PhantomAdaptersValid
primitiveStepsValid : artifact.PrimitiveStepsValid
primitiveTraceStackValid : artifact.PrimitiveTraceStackValid
primitiveOverlayLedgersPrefixAvailable :
artifact.PrimitiveOverlayLedgersPrefixAvailable
primitiveConnectFrontiersBackedByNodes :
artifact.PrimitiveConnectFrontiersBackedByNodes
primitiveConnectFrontiersPrefixAvailable :
artifact.PrimitiveConnectFrontiersPrefixAvailable
selectBridgeFrontiersBackedByPrimitive :
artifact.SelectBridgeFrontiersBackedByPrimitive
selectBridgeEntriesConsumed : artifact.SelectBridgeEntriesConsumed
selectArmBodyBoundariesMatchCondition :
artifact.SelectArmBodyBoundariesMatchCondition
selectArmBodyNodesFreshFromSummary :
artifact.SelectArmBodyNodesFreshFromSummary
selectArmBodyNodesPairwiseDisjoint :
artifact.SelectArmBodyNodesPairwiseDisjoint
phantomBridgeFrontiersBackedByPrimitive :
artifact.PhantomBridgeFrontiersBackedByPrimitive
phantomBridgeFrontiersMatchPrimitive :
artifact.PhantomBridgeFrontiersMatchPrimitive
phantomBridgeBulkConnectionsReplayed :
artifact.PhantomBridgeBulkConnectionsReplayedFull validator readiness implies the executable core contract.
theorem validatorReady_core
{artifact : WireAdmissionArtifact}
(hReady : artifact.ValidatorReady) :
artifact.ValidatorReadyCore where
schemaCurrent := hReady.schemaCurrent
summaryKeysUnique := hReady.summaryKeysUnique
summaryRowsValid := hReady.summaryRowsValid
summaryDomainClosed := hReady.summaryDomainClosed
summaryIdentitiesMatchPrimitive := hReady.summaryIdentitiesMatchPrimitive
summaryFrontiersBackedByPrimitive := hReady.summaryFrontiersBackedByPrimitive
summaryFrontiersMatchPrimitive := hReady.summaryFrontiersMatchPrimitive
rawConnectionsMatchPrimitive := hReady.rawConnectionsMatchPrimitive
componentDomainsClosed := hReady.componentDomainsClosed
selectsValid := hReady.selectsValid
componentRowsUnique := hReady.componentRowsUnique
generatedFormsReferenced := hReady.generatedFormsReferenced
componentFrontiersBackedByPrimitive :=
hReady.componentFrontiersBackedByPrimitive
generatedChildFrontiersMatchPrimitive :=
hReady.generatedChildFrontiersMatchPrimitive
generatedFormsValid := hReady.generatedFormsValid
phantomAdaptersValid := hReady.phantomAdaptersValid
primitiveStepsValid := hReady.primitiveStepsValid
primitiveTraceStackValid := hReady.primitiveTraceStackValid
primitiveOverlayLedgersPrefixAvailable :=
hReady.primitiveOverlayLedgersPrefixAvailable
primitiveConnectFrontiersBackedByNodes :=
hReady.primitiveConnectFrontiersBackedByNodes
primitiveConnectFrontiersPrefixAvailable :=
hReady.primitiveConnectFrontiersPrefixAvailable
selectBridgeFrontiersBackedByPrimitive :=
hReady.selectBridgeFrontiersBackedByPrimitive
selectBridgeEntriesConsumed := hReady.selectBridgeEntriesConsumed
selectArmBodyBoundariesMatchCondition :=
hReady.selectArmBodyBoundariesMatchCondition
selectArmBodyNodesFreshFromSummary := hReady.selectArmBodyNodesFreshFromSummary
selectArmBodyNodesPairwiseDisjoint := hReady.selectArmBodyNodesPairwiseDisjoint
phantomBridgeFrontiersBackedByPrimitive :=
hReady.phantomBridgeFrontiersBackedByPrimitive
phantomBridgeFrontiersMatchPrimitive :=
hReady.phantomBridgeFrontiersMatchPrimitive
phantomBridgeBulkConnectionsReplayed :=
hReady.phantomBridgeBulkConnectionsReplayedExecutable checker for the validator-ready checker-record layer.
def validatorReadyCoreCheck (artifact : WireAdmissionArtifact) : Bool :=
decide artifact.SchemaCurrent &&
artifact.summaryKeysUniqueCheck &&
artifact.summaryRowsValidCheck &&
artifact.summaryDomainClosedCheck &&
artifact.summaryIdentitiesMatchPrimitiveCheck &&
artifact.summaryFrontiersBackedByPrimitiveCheck &&
artifact.summaryFrontiersMatchPrimitiveCheck &&
artifact.rawConnectionsMatchPrimitiveCheck &&
artifact.componentDomainsClosedCheck &&
artifact.selectsValidCheck &&
artifact.componentRowsUniqueCheck &&
artifact.generatedFormsReferencedCheck &&
artifact.componentFrontiersBackedByPrimitiveCheck &&
artifact.generatedChildFrontiersMatchPrimitiveCheck &&
artifact.generatedFormsValidCheck &&
artifact.phantomAdaptersValidCheck &&
artifact.primitiveStepsValidCheck &&
artifact.primitiveTraceStackValidCheck &&
artifact.primitiveOverlayLedgersPrefixAvailableCheck &&
artifact.primitiveConnectFrontiersBackedByNodesCheck &&
artifact.primitiveConnectFrontiersPrefixAvailableCheck &&
artifact.selectBridgeFrontiersBackedByPrimitiveCheck &&
artifact.selectBridgeEntriesConsumedCheck &&
artifact.selectArmBodyBoundariesMatchConditionCheck &&
artifact.selectArmBodyNodesFreshFromSummaryCheck &&
artifact.selectArmBodyNodesPairwiseDisjointCheck &&
artifact.phantomBridgeFrontiersBackedByPrimitiveCheck &&
artifact.phantomBridgeFrontiersMatchPrimitiveCheck &&
artifact.phantomBridgeBulkConnectionsReplayedCheckSuccessful core checking proves the validator-ready checker-record layer.
theorem validatorReadyCoreCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.validatorReadyCoreCheck = true) :
artifact.ValidatorReadyCore := artifact:WireAdmissionArtifacthCheck:artifact.validatorReadyCoreCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthCheck:(decide artifact.SchemaCurrent && artifact.summaryKeysUniqueCheck && artifact.summaryRowsValidCheck &&
artifact.summaryDomainClosedCheck &&
artifact.summaryIdentitiesMatchPrimitiveCheck &&
artifact.summaryFrontiersBackedByPrimitiveCheck &&
artifact.summaryFrontiersMatchPrimitiveCheck &&
artifact.rawConnectionsMatchPrimitiveCheck &&
artifact.componentDomainsClosedCheck &&
artifact.selectsValidCheck &&
artifact.componentRowsUniqueCheck &&
artifact.generatedFormsReferencedCheck &&
artifact.componentFrontiersBackedByPrimitiveCheck &&
artifact.generatedChildFrontiersMatchPrimitiveCheck &&
artifact.generatedFormsValidCheck &&
artifact.phantomAdaptersValidCheck &&
artifact.primitiveStepsValidCheck &&
artifact.primitiveTraceStackValidCheck &&
artifact.primitiveOverlayLedgersPrefixAvailableCheck &&
artifact.primitiveConnectFrontiersBackedByNodesCheck &&
artifact.primitiveConnectFrontiersPrefixAvailableCheck &&
artifact.selectBridgeFrontiersBackedByPrimitiveCheck &&
artifact.selectBridgeEntriesConsumedCheck &&
artifact.selectArmBodyBoundariesMatchConditionCheck &&
artifact.selectArmBodyNodesFreshFromSummaryCheck &&
artifact.selectArmBodyNodesPairwiseDisjointCheck &&
artifact.phantomBridgeFrontiersBackedByPrimitiveCheck &&
artifact.phantomBridgeFrontiersMatchPrimitiveCheck &&
artifact.phantomBridgeBulkConnectionsReplayedCheck) =
true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthCheck:(((((((((((((((((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = true) ∧
artifact.generatedFormsValidCheck = true) ∧
artifact.phantomAdaptersValidCheck = true) ∧
artifact.primitiveStepsValidCheck = true) ∧
artifact.primitiveTraceStackValidCheck = true) ∧
artifact.primitiveOverlayLedgersPrefixAvailableCheck = true) ∧
artifact.primitiveConnectFrontiersBackedByNodesCheck = true) ∧
artifact.primitiveConnectFrontiersPrefixAvailableCheck = true) ∧
artifact.selectBridgeFrontiersBackedByPrimitiveCheck = true) ∧
artifact.selectBridgeEntriesConsumedCheck = true) ∧
artifact.selectArmBodyBoundariesMatchConditionCheck = true) ∧
artifact.selectArmBodyNodesFreshFromSummaryCheck = true) ∧
artifact.selectArmBodyNodesPairwiseDisjointCheck = true) ∧
artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = true) ∧
artifact.phantomBridgeFrontiersMatchPrimitiveCheck = true) ∧
artifact.phantomBridgeBulkConnectionsReplayedCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthCheck:((((((((((((((((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = true) ∧
artifact.generatedFormsValidCheck = true) ∧
artifact.phantomAdaptersValidCheck = true) ∧
artifact.primitiveStepsValidCheck = true) ∧
artifact.primitiveTraceStackValidCheck = true) ∧
artifact.primitiveOverlayLedgersPrefixAvailableCheck = true) ∧
artifact.primitiveConnectFrontiersBackedByNodesCheck = true) ∧
artifact.primitiveConnectFrontiersPrefixAvailableCheck = true) ∧
artifact.selectBridgeFrontiersBackedByPrimitiveCheck = true) ∧
artifact.selectBridgeEntriesConsumedCheck = true) ∧
artifact.selectArmBodyBoundariesMatchConditionCheck = true) ∧
artifact.selectArmBodyNodesFreshFromSummaryCheck = true) ∧
artifact.selectArmBodyNodesPairwiseDisjointCheck = true) ∧
artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = true) ∧
artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehCheck:(((((((((((((((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = true) ∧
artifact.generatedFormsValidCheck = true) ∧
artifact.phantomAdaptersValidCheck = true) ∧
artifact.primitiveStepsValidCheck = true) ∧
artifact.primitiveTraceStackValidCheck = true) ∧
artifact.primitiveOverlayLedgersPrefixAvailableCheck = true) ∧
artifact.primitiveConnectFrontiersBackedByNodesCheck = true) ∧
artifact.primitiveConnectFrontiersPrefixAvailableCheck = true) ∧
artifact.selectBridgeFrontiersBackedByPrimitiveCheck = true) ∧
artifact.selectBridgeEntriesConsumedCheck = true) ∧
artifact.selectArmBodyBoundariesMatchConditionCheck = true) ∧
artifact.selectArmBodyNodesFreshFromSummaryCheck = true) ∧
artifact.selectArmBodyNodesPairwiseDisjointCheck = true) ∧
artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehCheck:((((((((((((((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = true) ∧
artifact.generatedFormsValidCheck = true) ∧
artifact.phantomAdaptersValidCheck = true) ∧
artifact.primitiveStepsValidCheck = true) ∧
artifact.primitiveTraceStackValidCheck = true) ∧
artifact.primitiveOverlayLedgersPrefixAvailableCheck = true) ∧
artifact.primitiveConnectFrontiersBackedByNodesCheck = true) ∧
artifact.primitiveConnectFrontiersPrefixAvailableCheck = true) ∧
artifact.selectBridgeFrontiersBackedByPrimitiveCheck = true) ∧
artifact.selectBridgeEntriesConsumedCheck = true) ∧
artifact.selectArmBodyBoundariesMatchConditionCheck = true) ∧
artifact.selectArmBodyNodesFreshFromSummaryCheck = true) ∧
artifact.selectArmBodyNodesPairwiseDisjointCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehCheck:(((((((((((((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = true) ∧
artifact.generatedFormsValidCheck = true) ∧
artifact.phantomAdaptersValidCheck = true) ∧
artifact.primitiveStepsValidCheck = true) ∧
artifact.primitiveTraceStackValidCheck = true) ∧
artifact.primitiveOverlayLedgersPrefixAvailableCheck = true) ∧
artifact.primitiveConnectFrontiersBackedByNodesCheck = true) ∧
artifact.primitiveConnectFrontiersPrefixAvailableCheck = true) ∧
artifact.selectBridgeFrontiersBackedByPrimitiveCheck = true) ∧
artifact.selectBridgeEntriesConsumedCheck = true) ∧
artifact.selectArmBodyBoundariesMatchConditionCheck = true) ∧
artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehCheck:((((((((((((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = true) ∧
artifact.generatedFormsValidCheck = true) ∧
artifact.phantomAdaptersValidCheck = true) ∧
artifact.primitiveStepsValidCheck = true) ∧
artifact.primitiveTraceStackValidCheck = true) ∧
artifact.primitiveOverlayLedgersPrefixAvailableCheck = true) ∧
artifact.primitiveConnectFrontiersBackedByNodesCheck = true) ∧
artifact.primitiveConnectFrontiersPrefixAvailableCheck = true) ∧
artifact.selectBridgeFrontiersBackedByPrimitiveCheck = true) ∧
artifact.selectBridgeEntriesConsumedCheck = true) ∧
artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehCheck:(((((((((((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = true) ∧
artifact.generatedFormsValidCheck = true) ∧
artifact.phantomAdaptersValidCheck = true) ∧
artifact.primitiveStepsValidCheck = true) ∧
artifact.primitiveTraceStackValidCheck = true) ∧
artifact.primitiveOverlayLedgersPrefixAvailableCheck = true) ∧
artifact.primitiveConnectFrontiersBackedByNodesCheck = true) ∧
artifact.primitiveConnectFrontiersPrefixAvailableCheck = true) ∧
artifact.selectBridgeFrontiersBackedByPrimitiveCheck = true) ∧
artifact.selectBridgeEntriesConsumedCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehCheck:((((((((((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = true) ∧
artifact.generatedFormsValidCheck = true) ∧
artifact.phantomAdaptersValidCheck = true) ∧
artifact.primitiveStepsValidCheck = true) ∧
artifact.primitiveTraceStackValidCheck = true) ∧
artifact.primitiveOverlayLedgersPrefixAvailableCheck = true) ∧
artifact.primitiveConnectFrontiersBackedByNodesCheck = true) ∧
artifact.primitiveConnectFrontiersPrefixAvailableCheck = true) ∧
artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehCheck:(((((((((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = true) ∧
artifact.generatedFormsValidCheck = true) ∧
artifact.phantomAdaptersValidCheck = true) ∧
artifact.primitiveStepsValidCheck = true) ∧
artifact.primitiveTraceStackValidCheck = true) ∧
artifact.primitiveOverlayLedgersPrefixAvailableCheck = true) ∧
artifact.primitiveConnectFrontiersBackedByNodesCheck = true) ∧
artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehCheck:((((((((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = true) ∧
artifact.generatedFormsValidCheck = true) ∧
artifact.phantomAdaptersValidCheck = true) ∧
artifact.primitiveStepsValidCheck = true) ∧
artifact.primitiveTraceStackValidCheck = true) ∧
artifact.primitiveOverlayLedgersPrefixAvailableCheck = true) ∧
artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehCheck:(((((((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = true) ∧
artifact.generatedFormsValidCheck = true) ∧
artifact.phantomAdaptersValidCheck = true) ∧
artifact.primitiveStepsValidCheck = true) ∧
artifact.primitiveTraceStackValidCheck = true) ∧
artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehCheck:((((((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = true) ∧
artifact.generatedFormsValidCheck = true) ∧
artifact.phantomAdaptersValidCheck = true) ∧
artifact.primitiveStepsValidCheck = true) ∧
artifact.primitiveTraceStackValidCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehCheck:(((((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = true) ∧
artifact.generatedFormsValidCheck = true) ∧
artifact.phantomAdaptersValidCheck = true) ∧
artifact.primitiveStepsValidCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehCheck:((((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = true) ∧
artifact.generatedFormsValidCheck = true) ∧
artifact.phantomAdaptersValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = truehCheck:(((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = true) ∧
artifact.generatedFormsValidCheck = truehPhantomValid:artifact.phantomAdaptersValidCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = truehPhantomValid:artifact.phantomAdaptersValidCheck = truehCheck:((((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = true) ∧
artifact.generatedChildFrontiersMatchPrimitiveCheck = truehGeneratedValid:artifact.generatedFormsValidCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = truehPhantomValid:artifact.phantomAdaptersValidCheck = truehGeneratedValid:artifact.generatedFormsValidCheck = truehCheck:(((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = true) ∧
artifact.componentFrontiersBackedByPrimitiveCheck = truehGeneratedChildFrontiers:artifact.generatedChildFrontiersMatchPrimitiveCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = truehPhantomValid:artifact.phantomAdaptersValidCheck = truehGeneratedValid:artifact.generatedFormsValidCheck = truehGeneratedChildFrontiers:artifact.generatedChildFrontiersMatchPrimitiveCheck = truehCheck:((((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = true) ∧
artifact.generatedFormsReferencedCheck = truehComponentFrontiers:artifact.componentFrontiersBackedByPrimitiveCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = truehPhantomValid:artifact.phantomAdaptersValidCheck = truehGeneratedValid:artifact.generatedFormsValidCheck = truehGeneratedChildFrontiers:artifact.generatedChildFrontiersMatchPrimitiveCheck = truehComponentFrontiers:artifact.componentFrontiersBackedByPrimitiveCheck = truehCheck:(((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = true) ∧
artifact.componentRowsUniqueCheck = truehGeneratedReferenced:artifact.generatedFormsReferencedCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = truehPhantomValid:artifact.phantomAdaptersValidCheck = truehGeneratedValid:artifact.generatedFormsValidCheck = truehGeneratedChildFrontiers:artifact.generatedChildFrontiersMatchPrimitiveCheck = truehComponentFrontiers:artifact.componentFrontiersBackedByPrimitiveCheck = truehGeneratedReferenced:artifact.generatedFormsReferencedCheck = truehCheck:((((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = true) ∧
artifact.selectsValidCheck = truehComponentRows:artifact.componentRowsUniqueCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = truehPhantomValid:artifact.phantomAdaptersValidCheck = truehGeneratedValid:artifact.generatedFormsValidCheck = truehGeneratedChildFrontiers:artifact.generatedChildFrontiersMatchPrimitiveCheck = truehComponentFrontiers:artifact.componentFrontiersBackedByPrimitiveCheck = truehGeneratedReferenced:artifact.generatedFormsReferencedCheck = truehComponentRows:artifact.componentRowsUniqueCheck = truehCheck:(((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = true) ∧
artifact.componentDomainsClosedCheck = truehSelects:artifact.selectsValidCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = truehPhantomValid:artifact.phantomAdaptersValidCheck = truehGeneratedValid:artifact.generatedFormsValidCheck = truehGeneratedChildFrontiers:artifact.generatedChildFrontiersMatchPrimitiveCheck = truehComponentFrontiers:artifact.componentFrontiersBackedByPrimitiveCheck = truehGeneratedReferenced:artifact.generatedFormsReferencedCheck = truehComponentRows:artifact.componentRowsUniqueCheck = truehSelects:artifact.selectsValidCheck = truehCheck:((((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = true) ∧
artifact.rawConnectionsMatchPrimitiveCheck = truehComponentDomains:artifact.componentDomainsClosedCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = truehPhantomValid:artifact.phantomAdaptersValidCheck = truehGeneratedValid:artifact.generatedFormsValidCheck = truehGeneratedChildFrontiers:artifact.generatedChildFrontiersMatchPrimitiveCheck = truehComponentFrontiers:artifact.componentFrontiersBackedByPrimitiveCheck = truehGeneratedReferenced:artifact.generatedFormsReferencedCheck = truehComponentRows:artifact.componentRowsUniqueCheck = truehSelects:artifact.selectsValidCheck = truehComponentDomains:artifact.componentDomainsClosedCheck = truehCheck:(((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = true) ∧
artifact.summaryFrontiersMatchPrimitiveCheck = truehRawConnections:artifact.rawConnectionsMatchPrimitiveCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = truehPhantomValid:artifact.phantomAdaptersValidCheck = truehGeneratedValid:artifact.generatedFormsValidCheck = truehGeneratedChildFrontiers:artifact.generatedChildFrontiersMatchPrimitiveCheck = truehComponentFrontiers:artifact.componentFrontiersBackedByPrimitiveCheck = truehGeneratedReferenced:artifact.generatedFormsReferencedCheck = truehComponentRows:artifact.componentRowsUniqueCheck = truehSelects:artifact.selectsValidCheck = truehComponentDomains:artifact.componentDomainsClosedCheck = truehRawConnections:artifact.rawConnectionsMatchPrimitiveCheck = truehCheck:((((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = true) ∧
artifact.summaryFrontiersBackedByPrimitiveCheck = truehSummaryFrontiers:artifact.summaryFrontiersMatchPrimitiveCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = truehPhantomValid:artifact.phantomAdaptersValidCheck = truehGeneratedValid:artifact.generatedFormsValidCheck = truehGeneratedChildFrontiers:artifact.generatedChildFrontiersMatchPrimitiveCheck = truehComponentFrontiers:artifact.componentFrontiersBackedByPrimitiveCheck = truehGeneratedReferenced:artifact.generatedFormsReferencedCheck = truehComponentRows:artifact.componentRowsUniqueCheck = truehSelects:artifact.selectsValidCheck = truehComponentDomains:artifact.componentDomainsClosedCheck = truehRawConnections:artifact.rawConnectionsMatchPrimitiveCheck = truehSummaryFrontiers:artifact.summaryFrontiersMatchPrimitiveCheck = truehCheck:(((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = true) ∧
artifact.summaryIdentitiesMatchPrimitiveCheck = truehSummaryBacked:artifact.summaryFrontiersBackedByPrimitiveCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = truehPhantomValid:artifact.phantomAdaptersValidCheck = truehGeneratedValid:artifact.generatedFormsValidCheck = truehGeneratedChildFrontiers:artifact.generatedChildFrontiersMatchPrimitiveCheck = truehComponentFrontiers:artifact.componentFrontiersBackedByPrimitiveCheck = truehGeneratedReferenced:artifact.generatedFormsReferencedCheck = truehComponentRows:artifact.componentRowsUniqueCheck = truehSelects:artifact.selectsValidCheck = truehComponentDomains:artifact.componentDomainsClosedCheck = truehRawConnections:artifact.rawConnectionsMatchPrimitiveCheck = truehSummaryFrontiers:artifact.summaryFrontiersMatchPrimitiveCheck = truehSummaryBacked:artifact.summaryFrontiersBackedByPrimitiveCheck = truehCheck:((decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧
artifact.summaryRowsValidCheck = true) ∧
artifact.summaryDomainClosedCheck = truehSummaryIdentities:artifact.summaryIdentitiesMatchPrimitiveCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = truehPhantomValid:artifact.phantomAdaptersValidCheck = truehGeneratedValid:artifact.generatedFormsValidCheck = truehGeneratedChildFrontiers:artifact.generatedChildFrontiersMatchPrimitiveCheck = truehComponentFrontiers:artifact.componentFrontiersBackedByPrimitiveCheck = truehGeneratedReferenced:artifact.generatedFormsReferencedCheck = truehComponentRows:artifact.componentRowsUniqueCheck = truehSelects:artifact.selectsValidCheck = truehComponentDomains:artifact.componentDomainsClosedCheck = truehRawConnections:artifact.rawConnectionsMatchPrimitiveCheck = truehSummaryFrontiers:artifact.summaryFrontiersMatchPrimitiveCheck = truehSummaryBacked:artifact.summaryFrontiersBackedByPrimitiveCheck = truehSummaryIdentities:artifact.summaryIdentitiesMatchPrimitiveCheck = truehCheck:(decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = true) ∧ artifact.summaryRowsValidCheck = truehSummaryDomain:artifact.summaryDomainClosedCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = truehPhantomValid:artifact.phantomAdaptersValidCheck = truehGeneratedValid:artifact.generatedFormsValidCheck = truehGeneratedChildFrontiers:artifact.generatedChildFrontiersMatchPrimitiveCheck = truehComponentFrontiers:artifact.componentFrontiersBackedByPrimitiveCheck = truehGeneratedReferenced:artifact.generatedFormsReferencedCheck = truehComponentRows:artifact.componentRowsUniqueCheck = truehSelects:artifact.selectsValidCheck = truehComponentDomains:artifact.componentDomainsClosedCheck = truehRawConnections:artifact.rawConnectionsMatchPrimitiveCheck = truehSummaryFrontiers:artifact.summaryFrontiersMatchPrimitiveCheck = truehSummaryBacked:artifact.summaryFrontiersBackedByPrimitiveCheck = truehSummaryIdentities:artifact.summaryIdentitiesMatchPrimitiveCheck = truehSummaryDomain:artifact.summaryDomainClosedCheck = truehCheck:decide artifact.SchemaCurrent = true ∧ artifact.summaryKeysUniqueCheck = truehSummaryRows:artifact.summaryRowsValidCheck = true⊢ artifact.ValidatorReadyCore
artifact:WireAdmissionArtifacthPhantomBridgeBulkReplayed:artifact.phantomBridgeBulkConnectionsReplayedCheck = truehPhantomBridgeFrontiersMatch:artifact.phantomBridgeFrontiersMatchPrimitiveCheck = truehPhantomBridgeFrontiersBacked:artifact.phantomBridgeFrontiersBackedByPrimitiveCheck = truehSelectArmBodyDisjoint:artifact.selectArmBodyNodesPairwiseDisjointCheck = truehSelectArmBodyFresh:artifact.selectArmBodyNodesFreshFromSummaryCheck = truehSelectArmBodyBoundaries:artifact.selectArmBodyBoundariesMatchConditionCheck = truehSelectBridgeEntries:artifact.selectBridgeEntriesConsumedCheck = truehSelectBridgeFrontiers:artifact.selectBridgeFrontiersBackedByPrimitiveCheck = truehPrimitiveConnectPrefix:artifact.primitiveConnectFrontiersPrefixAvailableCheck = truehPrimitiveConnectBacked:artifact.primitiveConnectFrontiersBackedByNodesCheck = truehPrimitiveOverlayPrefix:artifact.primitiveOverlayLedgersPrefixAvailableCheck = truehPrimitiveTrace:artifact.primitiveTraceStackValidCheck = truehPrimitiveSteps:artifact.primitiveStepsValidCheck = truehPhantomValid:artifact.phantomAdaptersValidCheck = truehGeneratedValid:artifact.generatedFormsValidCheck = truehGeneratedChildFrontiers:artifact.generatedChildFrontiersMatchPrimitiveCheck = truehComponentFrontiers:artifact.componentFrontiersBackedByPrimitiveCheck = truehGeneratedReferenced:artifact.generatedFormsReferencedCheck = truehComponentRows:artifact.componentRowsUniqueCheck = truehSelects:artifact.selectsValidCheck = truehComponentDomains:artifact.componentDomainsClosedCheck = truehRawConnections:artifact.rawConnectionsMatchPrimitiveCheck = truehSummaryFrontiers:artifact.summaryFrontiersMatchPrimitiveCheck = truehSummaryBacked:artifact.summaryFrontiersBackedByPrimitiveCheck = truehSummaryIdentities:artifact.summaryIdentitiesMatchPrimitiveCheck = truehSummaryDomain:artifact.summaryDomainClosedCheck = truehSummaryRows:artifact.summaryRowsValidCheck = truehSchema:decide artifact.SchemaCurrent = truehSummaryKeys:artifact.summaryKeysUniqueCheck = true⊢ artifact.ValidatorReadyCore
All goals completed! 🐙
The executable core now covers every field of ValidatorReady.
theorem validatorReadyCore_toValidatorReady
{artifact : WireAdmissionArtifact}
(hCore : artifact.ValidatorReadyCore) :
artifact.ValidatorReady where
schemaCurrent := hCore.schemaCurrent
summaryKeysUnique := hCore.summaryKeysUnique
summaryRowsValid := hCore.summaryRowsValid
summaryDomainClosed := hCore.summaryDomainClosed
summaryIdentitiesMatchPrimitive := hCore.summaryIdentitiesMatchPrimitive
summaryFrontiersBackedByPrimitive := hCore.summaryFrontiersBackedByPrimitive
summaryFrontiersMatchPrimitive := hCore.summaryFrontiersMatchPrimitive
rawConnectionsMatchPrimitive := hCore.rawConnectionsMatchPrimitive
componentDomainsClosed := hCore.componentDomainsClosed
componentRowsUnique := hCore.componentRowsUnique
generatedFormsReferenced := hCore.generatedFormsReferenced
componentFrontiersBackedByPrimitive :=
hCore.componentFrontiersBackedByPrimitive
generatedChildFrontiersMatchPrimitive :=
hCore.generatedChildFrontiersMatchPrimitive
primitiveTraceStackValid := hCore.primitiveTraceStackValid
primitiveOverlayLedgersPrefixAvailable :=
hCore.primitiveOverlayLedgersPrefixAvailable
primitiveConnectFrontiersBackedByNodes :=
hCore.primitiveConnectFrontiersBackedByNodes
primitiveConnectFrontiersPrefixAvailable :=
hCore.primitiveConnectFrontiersPrefixAvailable
selectBridgeFrontiersBackedByPrimitive :=
hCore.selectBridgeFrontiersBackedByPrimitive
selectBridgeEntriesConsumed := hCore.selectBridgeEntriesConsumed
selectArmBodyBoundariesMatchCondition :=
hCore.selectArmBodyBoundariesMatchCondition
selectArmBodyNodesFreshFromSummary := hCore.selectArmBodyNodesFreshFromSummary
selectArmBodyNodesPairwiseDisjoint := hCore.selectArmBodyNodesPairwiseDisjoint
phantomBridgeFrontiersBackedByPrimitive :=
hCore.phantomBridgeFrontiersBackedByPrimitive
phantomBridgeFrontiersMatchPrimitive :=
hCore.phantomBridgeFrontiersMatchPrimitive
phantomBridgeBulkConnectionsReplayed :=
hCore.phantomBridgeBulkConnectionsReplayed
primitiveStepsValid := hCore.primitiveStepsValid
generatedFormsValid := hCore.generatedFormsValid
phantomAdaptersValid := hCore.phantomAdaptersValid
selectsValid := hCore.selectsValidFull Lean-owned executable checker for decoded Wire admission artifacts.
def validatorReadyCheck (artifact : WireAdmissionArtifact) : Bool :=
artifact.validatorReadyCoreCheckSuccessful executable validator checking proves the full validator-ready contract.
theorem validatorReadyCheck_sound
{artifact : WireAdmissionArtifact}
(hCheck : artifact.validatorReadyCheck = true) :
artifact.ValidatorReady :=
validatorReadyCore_toValidatorReady (validatorReadyCoreCheck_sound hCheck)Successful executable validator checking supplies the theorem-facing soundness cutline.
theorem validatorReadyCheck_soundness
{artifact : WireAdmissionArtifact}
(hCheck : artifact.validatorReadyCheck = true) :
artifact.Sound :=
validatorReady_sound (validatorReadyCheck_sound hCheck)end WireAdmissionArtifactend AdmissionArtifactend Cortex.Wire