zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
122 Commits
183 Branches
291 MiB
Tree: 97928e190a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '97928e190a'
${ noResults }
tendermint/rust-spec/fastsync/Tinychain.tla

113 lines
4.8 KiB
Raw Normal View History

Fastsync spec from tendermint-rs (#157) * fastsync spec from tendermint-rs * fixed broken link * fixed linting * more fixes * markdown lint * move fast_sync to rust-spec Co-authored-by: Marko Baricevic <marbar3778@yahoo.com>
4 years ago
 
  1. -------------------------- MODULE Tinychain ----------------------------------
  2. (* A very abstract model of Tendermint blockchain. Its only purpose is to highlight
  3.    the relation between validator sets, next validator sets, and last commits.
  4.  *)
  5. 

  6. EXTENDS Integers
  7. 

  8. \* type annotation
  9. a <: b == a
  10. 

  11. \* the type of validator sets, e.g., STRING
  12. VST == STRING
  13. 

  14. \* LastCommit type.
  15. \* It contains:
  16. \* 1) the flag of whether the block id equals to the hash of the previous block, and
  17. \* 2) the set of the validators who have committed the block.
  18. \* In the implementation, blockId is the hash of the previous block, which cannot be forged.
  19. \* We abstract block id into whether it equals to the hash of the previous block or not.
  20. LCT == [blockIdEqRef |-> BOOLEAN, committers |-> VST]
  21. 

  22. \* Block type.
  23. \* A block contains its height, validator set, next validator set, and last commit.
  24. \* Moreover, it contains the flag that tells us whether the block is equal to the one
  25. \* on the reference chain (this is an abstraction of hash).
  26. BT == [height |-> Int, hashEqRef |-> BOOLEAN, wellFormed |-> BOOLEAN,
  27.        VS |-> VST, NextVS |-> VST, lastCommit |-> LCT]
  28. 

  29. CONSTANTS
  30.     (*
  31.        A set of abstract values, each value representing a set of validators.
  32.        For the purposes of this specification, they can be any values,
  33.        e.g., "s1", "s2", etc.
  34.      *)
  35.     VALIDATOR_SETS,
  36.     (* a nil validator set that is outside of VALIDATOR_SETS *)
  37.     NIL_VS,
  38.     (* The maximal height, up to which the blockchain may grow *)
  39.     MAX_HEIGHT
  40.     
  41. Heights == 1..MAX_HEIGHT    
  42. 

  43. \* the set of all potential commits
  44. Commits == [blockIdEqRef: BOOLEAN, committers: VALIDATOR_SETS]
  45. 

  46. \* the set of all potential blocks, not necessarily coming from the blockchain
  47. Blocks ==
  48.   [height: Heights, hashEqRef: BOOLEAN, wellFormed: BOOLEAN,
  49.    VS: VALIDATOR_SETS, NextVS: VALIDATOR_SETS, lastCommit: Commits]
  50. 

  51. \* Does the chain contain a sound sequence of blocks that could be produced by
  52. \* a 2/3 of faulty validators. This operator can be used to initialise the chain!
  53. \* Since we are abstracting validator sets with VALIDATOR_SETS, which are
  54. \* 2/3 quorums, we just compare committers to those sets. In a more detailed
  55. \* specification, one would write the \subseteq operator instead of equality.
  56. IsCorrectChain(chain) ==
  57.     \* restrict the structure of the blocks, to decrease the TLC search space
  58.     LET OkCommits == [blockIdEqRef: {TRUE}, committers: VALIDATOR_SETS]
  59.         OkBlocks == [height: Heights, hashEqRef: {TRUE}, wellFormed: {TRUE},
  60.                      VS: VALIDATOR_SETS, NextVS: VALIDATOR_SETS, lastCommit: OkCommits]
  61.     IN
  62.     /\ chain \in [1..MAX_HEIGHT -> OkBlocks]
  63.     /\ \A h \in 1..MAX_HEIGHT:
  64.         LET b == chain[h] IN
  65.         /\ b.height = h     \* the height is correct
  66.         /\ h > 1 =>
  67.              LET p == chain[h - 1] IN
  68.              /\ b.VS = p.NextVS     \* the validators propagate from the previous block
  69.              /\ b.lastCommit.committers = p.VS  \* and they are the committers
  70.     
  71. 

  72. \* The basic properties of blocks on the blockchain:
  73. \* They should pass the validity check and they may verify the next block.    
  74. 

  75. \* Does the block pass the consistency check against the next validators of the previous block
  76. IsMatchingValidators(block, nextVS) ==
  77.     \* simply check that the validator set is propagated correctly.
  78.     \* (the implementation tests hashes and the application state)
  79.     block.VS = nextVS
  80. 

  81. \* Does the block verify the commit (of the next block)
  82. PossibleCommit(block, commit) ==
  83.     \* the commits are signed by the block validators
  84.     /\ commit.committers = block.VS
  85.     \* The block id in the commit matches the block hash (abstract comparison).
  86.     \* (The implementation has extensive tests for that.)
  87.     \* this is an abstraction of: commit.blockId = hash(block)
  88.     \* 
  89.     \* These are possible scenarios on the concrete hashes:
  90.     \*
  91.     \* scenario 1: commit.blockId = 10 /\ hash(block) = 10 /\ hash(ref) = 10
  92.     \* scenario 2: commit.blockId = 20 /\ hash(block) = 20 /\ block.VS /= ref.VS
  93.     \* scenario 3: commit.blockId = 50 /\ hash(block) = 100
  94.     \* scenario 4: commit.blockId = 10 /\ hash(block) = 100
  95.     \* scenario 5: commit.blockId = 100 /\ hash(block) = 10
  96.     /\ commit.blockIdEqRef = block.hashEqRef
  97.     \* the following test would be cheating, as we do not have access to the
  98.     \* reference chain:
  99.     \* /\ commit.blockIdEqRef
  100. 

  101. \* Basic invariants
  102. 

  103. \* every block has the validator set that is chosen by its predecessor
  104. ValidBlockInv(chain) ==
  105.     \A h \in 2..MAX_HEIGHT:
  106.         IsMatchingValidators(chain[h], chain[h - 1].NextVS)
  107. 

  108. \* last commit of every block is signed by the validators of the predecessor     
  109. VerifiedBlockInv(chain) ==
  110.     \A h \in 2..MAX_HEIGHT:
  111.         PossibleCommit(chain[h - 1], chain[h].lastCommit)
  112. 

  113. ==================================================================================