Nuprl Lemma : consensus-safety1

∀V:Type
  ((∀v1,v2:V.  Dec(v1 = v2 ∈ V))
  ⇒ {∃v,v':V. (¬(v = v' ∈ V))}
  ⇒ (∀L:V List. Dec(∃v:V. (¬(v ∈ L))))
  ⇒ (∀A:Id List. ∀W:{a:Id| (a ∈ A)}  List List.
        ((||W|| ≥ 1 )
        ⇒ two-intersection(A;W)
        ⇒ (∃f:ConsensusState ⟶ consensus-state1(V)
             ((∀v:V. ∀s:ts-reachable(consensus-ts4(V;A;W)).
                 ((f s) = Decided[v] ∈ consensus-state1(V) ⇐⇒ ∃i:ℕ. in state s, inning i has committed v))
             ∧ ts-refinement(consensus-ts1(V);consensus-ts4(V;A;W);f))))))

Proof

Definitions occuring in Statement : two-intersection: two-intersection(A;W), cs-inning-committed: in state s, inning i has committed v, consensus-ts4: consensus-ts4(V;A;W), consensus-state4: ConsensusState, consensus-ts1: consensus-ts1(T), cs-decided: Decided[v], consensus-state1: consensus-state1(V), Id: Id, l_member: (x ∈ l), length: ||as||, list: T List, nat: ℕ, decidable: Dec(P), guard: {T}, ge: i ≥ j , all: ∀x:A. B[x], exists: ∃x:A. B[x], iff: P ⇐⇒ Q, not: ¬A, implies: P ⇒ Q, and: P ∧ Q, set: {x:A| B[x]} , apply: f a, function: x:A ⟶ B[x], natural_number: $n, universe: Type, equal: s = t ∈ T, ts-refinement: ts-refinement(ts1;ts2;f), ts-reachable: ts-reachable(ts)
Definitions unfolded in proof : all: ∀x:A. B[x], uall: ∀[x:A]. B[x], member: t ∈ T, implies: P ⇒ Q, uimplies: b supposing a, exists: ∃x:A. B[x], guard: {T}, prop: ℙ, ge: i ≥ j , so_lambda: λ₂x.t[x], so_apply: x[s], consensus-ts2: consensus-ts2(T), ts-type: ts-type(ts), consensus-ts3: consensus-ts3(T), pi1: fst(t), consensus-ts1: consensus-ts1(T), bool: 𝔹, unit: Unit, it: ⋅, btrue: tt, ifthenelse: if b then t else f fi , uiff: uiff(P;Q), and: P ∧ Q, subtype_rel: A ⊆r B, consensus-state2: consensus-state2(T), consensus-state1: consensus-state1(V), top: Top, bfalse: ff, or: P ∨ Q, sq_type: SQType(T), bnot: ¬_bb, assert: ↑b, false: False, consensus-ts4: consensus-ts4(V;A;W), ts-reachable: ts-reachable(ts), infix_ap: x f y, consensus-state4: ConsensusState, nat: ℕ, iff: P ⇐⇒ Q, rev_implies: P ⇐ Q, compose: f o g, list: T List, cs-ambivalent: AMBIVALENT, cs-is-decided: cs-is-decided(x), isl: isl(x), squash: ↓T, true: True, cs-predecided: PREDECIDED[v], cs-decided: Decided[v], not: ¬A, l_member: (x ∈ l), cand: A c∧ B, cs-ref-map-constraints: cs-ref-map-constraints(V;A;W;f), cs-inning-committed: in state s, inning i has committed v, one-intersection: one-intersection(A;W), cs-archived: by state s, a archived v in inning i, decidable: Dec(P), satisfiable_int_formula: satisfiable_int_formula(fmla), cs-undecided: UNDECIDED

Latex:
\mforall{}V:Type ((\mforall{}v1,v2:V. Dec(v1 = v2)) {}\mRightarrow{} \{\mexists{}v,v':V. (\mneg{}(v = v'))\} {}\mRightarrow{} (\mforall{}L:V List. Dec(\mexists{}v:V. (\mneg{}(v \mmember{} L)))) {}\mRightarrow{} (\mforall{}A:Id List. \mforall{}W:\{a:Id| (a \mmember{} A)\} List List. ((||W|| \mgeq{} 1 ) {}\mRightarrow{} two-intersection(A;W) {}\mRightarrow{} (\mexists{}f:ConsensusState {}\mrightarrow{} consensus-state1(V) ((\mforall{}v:V. \mforall{}s:ts-reachable(consensus-ts4(V;A;W)). ((f s) = Decided[v] \mLeftarrow{}{}\mRightarrow{} \mexists{}i:\mBbbN{}. in state s, inning i has committed v)) \mwedge{} ts-refinement(consensus-ts1(V);consensus-ts4(V;A;W);f)))))) Date html generated: 2016_05_16-PM-00_15_39 Last ObjectModification: 2016_01_17-PM-03_56_29 Theory : event-ordering Home Index