[Conway] Discharge PoV map/coin assumptions via reusable Ledger.Prelude lemmas#1224
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR refactors the Conway preservation-of-value (PoV) proof stack by hoisting previously-assumed coin/map lemmas into Ledger.Prelude, then removing those assumptions from downstream PoV modules so the proofs rely on reusable Prelude facts instead.
Changes:
- Add reusable finite-map / coin-sum lemmas to
Ledger.Prelude(e.g., singleton coin sum, union homomorphism, constMap-zero sum, restriction decomposition). - Simplify Conway PoV proof modules (
Certs/Ledger) by dropping now-provable lemma parameters and using the Prelude versions. - Update a conformance property module signature to remove an unneeded indexed-sum union homomorphism parameter.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
src/Ledger/Prelude.lagda.md |
Adds reusable coin/map lemmas (singleton, union, restriction decomposition, constMap zero-sum, setToList membership). |
src/Ledger/Conway/Specification/Utxo/Properties/GenMinSpend.lagda.md |
Switches to the hoisted getCoin-singleton lemma (removes local helper). |
src/Ledger/Conway/Specification/Ledger/Properties/PoV.lagda.md |
Drops several previously-parameterized assumptions; keeps only the remaining injectivity-based assumption. |
src/Ledger/Conway/Specification/Certs/Properties/PoVLemmas.lagda.md |
Removes local singleton/union helpers and assumption module; qualifies IsEquivalence usage. |
src/Ledger/Conway/Specification/Certs/Properties/PoV.lagda.md |
Drops now-provable assumptions from Certs-PoV module parameters. |
src/Ledger/Conway/Conformance/Properties.lagda.md |
Removes an unused indexedSum-∪⁺-hom module parameter. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
0f848b5 to
eae6658
Compare
Split out of the LEDGER-pov work (#1203): this Conway-era properties cleanup is independent of the Dijkstra PoV proof and belongs in its own PR. - Add reusable coin/map lemmas to `Ledger.Prelude`: `getCoin-singleton`, `getCoin-cong`, `indexedSumᵛ'-∪`, `res-decomp`, `∪ˡsingleton∈dom`, `∪ˡsingleton∉dom`, `∪ˡsingleton0≡`, `sumConstZero`, `indexedSumL-proj₂-zero`, `setToList-∈`; relocate `≡ᵉ-getCoin` into the `⦃ DecEq A ⦄` module. - Drop the now-provable assumption parameters from the Conway PoV proofs, using the Prelude lemmas instead: - `Certs/Properties/PoV`: keep only `≡ᵉ-getCoinˢ'`. - `Certs/Properties/PoVLemmas`: remove the local `∪ˡsingleton*`/`getCoin-singleton` helpers and the `indexedSumᵛ'-∪` assumption module; qualify `IsEquivalence` as `Eq`. - `Ledger/Properties/PoV`: keep only `≡ᵉ-getCoinˢ`. - `Conformance/Properties`: drop the `indexedSum-∪⁺-hom` parameter. - `Utxo/Properties/GenMinSpend`: use the hoisted `getCoin-singleton`. No spec-semantic change (proof refactor only), so no CHANGELOG entry. `Ledger.Prelude` typechecks under Agda 2.8.0 via the project flake; the Conway files are their 1187 versions (which typecheck) and depend only on the hoisted lemmas. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01We2YdXX2ozJAdAbCrRwi6r
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
eae6658 to
a6e229d
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Splits the Conway-era PoV proof cleanup out of the LEDGER-pov work (#1203), where it didn't belong. This change is independent of the Dijkstra preservation-of-value proof: it proves a handful of reusable coin/map facts in
Ledger.Preludeand uses them to discharge assumption parameters that the Conway PoV proofs previously carried.What changes
Ledger.Prelude— add reusable coin/map lemmas (pure additions):getCoin-singleton,getCoin-cong,indexedSumᵛ'-∪,res-decomp,∪ˡsingleton∈dom,∪ˡsingleton∉dom,∪ˡsingleton0≡,sumConstZero,indexedSumL-proj₂-zero,setToList-∈, and a relocation of the existing≡ᵉ-getCoininto the⦃ DecEq A ⦄module (so callers no longer passA/the instance explicitly).Conway PoV proofs — drop the now-provable assumptions, using the Prelude lemmas instead:
Certs/Properties/PoVindexedSumᵛ'-∪,sumConstZero,res-decomp,getCoin-congparameters; keep only≡ᵉ-getCoinˢ'Certs/Properties/PoVLemmas∪ˡsingleton*/getCoin-singletonhelpers and theindexedSumᵛ'-∪assumption module; qualifyIsEquivalenceasEq.IsEquivalenceLedger/Properties/PoV≡ᵉ-getCoinˢConformance/PropertiesindexedSum-∪⁺-homparameterUtxo/Properties/GenMinSpendgetCoin-singletonNotes
CHANGELOG.mdentry.Ledger.Preludelemmas viaEntities/Properties/ApplyToRewardsPoV. The plan is to merge this first, then rebase1187-dijkstra-NEW-ENTITIES-ledger-povontomasterso this cleanup drops out of [Dijkstra] CIP-159-11c: Prove LEDGER preservation of value (#1187) #1203's diff. The two purely-Dijkstra helpers (sum-map-+,+-interleave) are intentionally not included here; they stay with the LEDGER-pov line where they're used.Verification
All changed/affected modules typecheck under Agda 2.8.0 via the project Nix flake:
Ledger.Prelude,Conway/…/Certs/Properties/{PoVLemmas,PoV},Conway/…/Ledger/Properties/PoV,Conway/…/Utxo/Properties/GenMinSpend, andConway/Conformance/Properties— all green.Checklist
CHANGELOG.md(n/a — proof refactor only)🤖 Generated with Claude Code
https://claude.ai/code/session_01We2YdXX2ozJAdAbCrRwi6r
Generated by Claude Code