From stdpp Require Import prelude. From VLSM.Lib Require Import Preamble StdppListSet.[Loading ML file ring_plugin.cmxs (using legacy method) ... done][Loading ML file zify_plugin.cmxs (using legacy method) ... done][Loading ML file micromega_plugin.cmxs (using legacy method) ... done][Loading ML file btauto_plugin.cmxs (using legacy method) ... done][Loading ML file coq-itauto.plugin ... done]From VLSM.Core Require Import VLSM Equivocation. From VLSM.Core Require Import Equivocators.Equivocators Equivocators.EquivocatorsProjections.[Loading ML file extraction_plugin.cmxs (using legacy method) ... done][Loading ML file equations_plugin.cmxs (using legacy method) ... done]
Section sec_equivocator_vlsm_message_properties.Lifting properties about sent messages to the equivocators
Context
{message : Type}
(X : VLSM message)
.
If a projection of an equivocator_vlsm trace outputs a message, then
the original trace must do so too.
message: Type
X: VLSM message
tr, trX: list transition_item
j, i: MachineDescriptor X
HtrX: equivocator_vlsm_trace_project X tr j = Some (trX, i)
m: message
Hjbs: Exists (field_selector output m) trXExists (field_selector output m) trmessage: Type
X: VLSM message
tr, trX: list transition_item
j, i: MachineDescriptor X
HtrX: equivocator_vlsm_trace_project X tr j = Some (trX, i)
m: message
Hjbs: Exists (field_selector output m) trXExists (field_selector output m) trmessage: Type
X: VLSM message
tr: list transition_item
j: MachineDescriptor X
m: message∀ (trX : list transition_item) (i : MachineDescriptor X), equivocator_vlsm_trace_project X tr j = Some (trX, i) → Exists (field_selector output m) trX → Exists (field_selector output m) trmessage: Type
X: VLSM message
j: MachineDescriptor X
m: message
trX: list transition_item
i: MachineDescriptor X
HtrX: equivocator_vlsm_trace_project X [] j = Some (trX, i)
Hjbs: Exists (field_selector output m) trXExists (field_selector output m) []message: Type
X: VLSM message
a: transition_item
tr: list transition_item
j: MachineDescriptor X
m: message
IHtr: ∀ (trX : list transition_item) (i : MachineDescriptor X), equivocator_vlsm_trace_project X tr j = Some (trX, i) → Exists (field_selector output m) trX → Exists (field_selector output m) tr
trX: list transition_item
i: MachineDescriptor X
HtrX: equivocator_vlsm_trace_project X (a :: tr) j = Some (trX, i)
Hjbs: Exists (field_selector output m) trXExists (field_selector output m) (a :: tr)by inversion HtrX; subst; inversion Hjbs.message: Type
X: VLSM message
j: MachineDescriptor X
m: message
trX: list transition_item
i: MachineDescriptor X
HtrX: equivocator_vlsm_trace_project X [] j = Some (trX, i)
Hjbs: Exists (field_selector output m) trXExists (field_selector output m) []message: Type
X: VLSM message
a: transition_item
tr: list transition_item
j: MachineDescriptor X
m: message
IHtr: ∀ (trX : list transition_item) (i : MachineDescriptor X), equivocator_vlsm_trace_project X tr j = Some (trX, i) → Exists (field_selector output m) trX → Exists (field_selector output m) tr
trX: list transition_item
i: MachineDescriptor X
HtrX: equivocator_vlsm_trace_project X (a :: tr) j = Some (trX, i)
Hjbs: Exists (field_selector output m) trXExists (field_selector output m) (a :: tr)message: Type
X: VLSM message
a: transition_item
tr: list transition_item
j: MachineDescriptor X
m: message
IHtr: ∀ (trX : list transition_item) (i : MachineDescriptor X), equivocator_vlsm_trace_project X tr j = Some (trX, i) → Exists (field_selector output m) trX → Exists (field_selector output m) tr
trX: list transition_item
i: MachineDescriptor X
HtrX: match equivocator_vlsm_trace_project X tr j with | Some (r, idescriptor) => match equivocator_vlsm_transition_item_project X a idescriptor with | Some (Some item', odescriptor) => Some (item' :: r, odescriptor) | Some (None, odescriptor) => Some (r, odescriptor) | None => None end | None => None end = Some (trX, i)
Hjbs: Exists (field_selector output m) trXExists (field_selector output m) (a :: tr)message: Type
X: VLSM message
a: transition_item
tr: list transition_item
j: MachineDescriptor X
m: message
trX': list transition_item
i': MachineDescriptor X
Htr: equivocator_vlsm_trace_project X tr j = Some (trX', i')
IHtr: ∀ (trX : list transition_item) (i : MachineDescriptor X), Some (trX', i') = Some (trX, i) → Exists (field_selector output m) trX → Exists (field_selector output m) tr
trX: list transition_item
i: MachineDescriptor X
HtrX: match equivocator_vlsm_transition_item_project X a i' with | Some (Some item', odescriptor) => Some (item' :: trX', odescriptor) | Some (None, odescriptor) => Some (trX', odescriptor) | None => None end = Some (trX, i)
Hjbs: Exists (field_selector output m) trXExists (field_selector output m) (a :: tr)message: Type
X: VLSM message
a: transition_item
tr: list transition_item
j: MachineDescriptor X
m: message
trX': list transition_item
i': MachineDescriptor X
Htr: equivocator_vlsm_trace_project X tr j = Some (trX', i')
IHtr: ∀ i : MachineDescriptor X, Some (trX', i') = Some (trX', i) → Exists (field_selector output m) trX' → Exists (field_selector output m) tr
trX: list transition_item
i: MachineDescriptor X
HtrX: match equivocator_vlsm_transition_item_project X a i' with | Some (Some item', odescriptor) => Some (item' :: trX', odescriptor) | Some (None, odescriptor) => Some (trX', odescriptor) | None => None end = Some (trX, i)
Hjbs: Exists (field_selector output m) trXExists (field_selector output m) (a :: tr)message: Type
X: VLSM message
a: transition_item
tr: list transition_item
j: MachineDescriptor X
m: message
trX': list transition_item
i': MachineDescriptor X
Htr: equivocator_vlsm_trace_project X tr j = Some (trX', i')
IHtr: ∀ i : MachineDescriptor X, Some (trX', i') = Some (trX', i) → Exists (field_selector output m) trX' → Exists (field_selector output m) tr
i: MachineDescriptor X
item': transition_item
Hitem': equivocator_vlsm_transition_item_project X a i' = Some (Some item', i)
Hjbs: Exists (field_selector output m) (item' :: trX')Exists (field_selector output m) (a :: tr)message: Type
X: VLSM message
a: transition_item
tr: list transition_item
j: MachineDescriptor X
m: message
i': MachineDescriptor X
trX: list transition_item
IHtr: ∀ i : MachineDescriptor X, Some (trX, i') = Some (trX, i) → Exists (field_selector output m) trX → Exists (field_selector output m) tr
Htr: equivocator_vlsm_trace_project X tr j = Some (trX, i')
i: MachineDescriptor X
Hitem': equivocator_vlsm_transition_item_project X a i' = Some (None, i)
Hjbs: Exists (field_selector output m) trXExists (field_selector output m) (a :: tr)message: Type
X: VLSM message
a: transition_item
tr: list transition_item
j: MachineDescriptor X
m: message
trX': list transition_item
i': MachineDescriptor X
Htr: equivocator_vlsm_trace_project X tr j = Some (trX', i')
IHtr: ∀ i : MachineDescriptor X, Some (trX', i') = Some (trX', i) → Exists (field_selector output m) trX' → Exists (field_selector output m) tr
i: MachineDescriptor X
item': transition_item
Hitem': equivocator_vlsm_transition_item_project X a i' = Some (Some item', i)
Hjbs: Exists (field_selector output m) (item' :: trX')Exists (field_selector output m) (a :: tr)message: Type
X: VLSM message
a: transition_item
tr: list transition_item
j: MachineDescriptor X
m: message
trX': list transition_item
i': MachineDescriptor X
Htr: equivocator_vlsm_trace_project X tr j = Some (trX', i')
IHtr: ∀ i : MachineDescriptor X, Some (trX', i') = Some (trX', i) → Exists (field_selector output m) trX' → Exists (field_selector output m) tr
i: MachineDescriptor X
item': transition_item
Hitem': ∃ i : nat, i' = Existing i ∧ proper_descriptor X i' (destination a) ∧ input a = input item' ∧ output a = output item'
Hjbs: Exists (field_selector output m) (item' :: trX')Exists (field_selector output m) (a :: tr)message: Type
X: VLSM message
a: transition_item
tr: list transition_item
j: MachineDescriptor X
m: message
trX': list transition_item
i': MachineDescriptor X
Htr: equivocator_vlsm_trace_project X tr j = Some (trX', i')
IHtr: ∀ i : MachineDescriptor X, Some (trX', i') = Some (trX', i) → Exists (field_selector output m) trX' → Exists (field_selector output m) tr
i: MachineDescriptor X
item': transition_item
Ha: output a = output item'
Hjbs: Exists (field_selector output m) (item' :: trX')Exists (field_selector output m) (a :: tr)message: Type
X: VLSM message
a: transition_item
tr: list transition_item
j: MachineDescriptor X
m: message
trX': list transition_item
i': MachineDescriptor X
Htr: equivocator_vlsm_trace_project X tr j = Some (trX', i')
IHtr: ∀ i : MachineDescriptor X, Some (trX', i') = Some (trX', i) → Exists (field_selector output m) trX' → Exists (field_selector output m) tr
i: MachineDescriptor X
item': transition_item
Ha: output a = output item'
Hjbs: Exists (field_selector output m) (item' :: trX')
H0: field_selector output m item'Exists (field_selector output m) (a :: tr)message: Type
X: VLSM message
a: transition_item
tr: list transition_item
j: MachineDescriptor X
m: message
trX': list transition_item
i': MachineDescriptor X
Htr: equivocator_vlsm_trace_project X tr j = Some (trX', i')
IHtr: ∀ i : MachineDescriptor X, Some (trX', i') = Some (trX', i) → Exists (field_selector output m) trX' → Exists (field_selector output m) tr
i: MachineDescriptor X
item': transition_item
Ha: output a = output item'
Hjbs: Exists (field_selector output m) (item' :: trX')
H0: Exists (field_selector output m) trX'Exists (field_selector output m) (a :: tr)by left; cbn in *; rewrite Ha.message: Type
X: VLSM message
a: transition_item
tr: list transition_item
j: MachineDescriptor X
m: message
trX': list transition_item
i': MachineDescriptor X
Htr: equivocator_vlsm_trace_project X tr j = Some (trX', i')
IHtr: ∀ i : MachineDescriptor X, Some (trX', i') = Some (trX', i) → Exists (field_selector output m) trX' → Exists (field_selector output m) tr
i: MachineDescriptor X
item': transition_item
Ha: output a = output item'
Hjbs: Exists (field_selector output m) (item' :: trX')
H0: field_selector output m item'Exists (field_selector output m) (a :: tr)by right; eapply IHtr.message: Type
X: VLSM message
a: transition_item
tr: list transition_item
j: MachineDescriptor X
m: message
trX': list transition_item
i': MachineDescriptor X
Htr: equivocator_vlsm_trace_project X tr j = Some (trX', i')
IHtr: ∀ i : MachineDescriptor X, Some (trX', i') = Some (trX', i) → Exists (field_selector output m) trX' → Exists (field_selector output m) tr
i: MachineDescriptor X
item': transition_item
Ha: output a = output item'
Hjbs: Exists (field_selector output m) (item' :: trX')
H0: Exists (field_selector output m) trX'Exists (field_selector output m) (a :: tr)by right; eapply IHtr. Qed.message: Type
X: VLSM message
a: transition_item
tr: list transition_item
j: MachineDescriptor X
m: message
i': MachineDescriptor X
trX: list transition_item
IHtr: ∀ i : MachineDescriptor X, Some (trX, i') = Some (trX, i) → Exists (field_selector output m) trX → Exists (field_selector output m) tr
Htr: equivocator_vlsm_trace_project X tr j = Some (trX, i')
i: MachineDescriptor X
Hitem': equivocator_vlsm_transition_item_project X a i' = Some (None, i)
Hjbs: Exists (field_selector output m) trXExists (field_selector output m) (a :: tr)message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
btr: list transition_item
Hbtr: finite_constrained_trace_from (equivocator_vlsm X) bs btr
bitem: transition_item
Hitem: bitem ∈ btr
sn: state X
Hnew: l bitem = Spawn sninput bitem = None ∧ output bitem = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (None, NewMachine sn))message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
btr: list transition_item
Hbtr: finite_constrained_trace_from (equivocator_vlsm X) bs btr
bitem: transition_item
Hitem: bitem ∈ btr
sn: state X
Hnew: l bitem = Spawn sninput bitem = None ∧ output bitem = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (None, NewMachine sn))message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
btr: list transition_item
Hbtr: finite_constrained_trace_from (equivocator_vlsm X) bs btr
bitem: transition_item
Hitem: ∃ l1 l2 : list transition_item, btr = l1 ++ bitem :: l2
sn: state X
Hnew: l bitem = Spawn sninput bitem = None ∧ output bitem = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (None, NewMachine sn))message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
btr: list transition_item
Hbtr: finite_constrained_trace_from (equivocator_vlsm X) bs btr
bitem: transition_item
bprefix, bsuffix: list transition_item
Heq: btr = bprefix ++ bitem :: bsuffix
sn: state X
Hnew: l bitem = Spawn sninput bitem = None ∧ output bitem = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (None, NewMachine sn))message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
bitem: transition_item
bprefix, bsuffix: list transition_item
Hbtr: finite_constrained_trace_from (equivocator_vlsm X) bs (bprefix ++ bitem :: bsuffix)
sn: state X
Hnew: l bitem = Spawn sninput bitem = None ∧ output bitem = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (None, NewMachine sn))message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
bitem: transition_item
bprefix, bsuffix: list transition_item
Hbtr: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs bprefix ∧ finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) (bitem :: bsuffix)
sn: state X
Hnew: l bitem = Spawn sninput bitem = None ∧ output bitem = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (None, NewMachine sn))message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
bitem: transition_item
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs bprefix
Hbsuffix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) (bitem :: bsuffix)
sn: state X
Hnew: l bitem = Spawn sninput bitem = None ∧ output bitem = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (None, NewMachine sn))message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
bitem: transition_item
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs bprefix
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbsuffix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst (bitem :: bsuffix)
sn: state X
Hnew: l bitem = Spawn sninput bitem = None ∧ output bitem = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (None, NewMachine sn))message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
bitem: transition_item
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs bprefix
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbsuffix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst (bitem :: bsuffix)
sn: state X
Hnew: VLSM.l bitem = Spawn sn
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
tl: list transition_item
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: input_valid_transition (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) l ( lst, iom) (s, oom)
H: s' = lst
H1: {| l := l; input := iom; destination := s; output := oom |} = bitem
H2: tl = bsuffixinput {| l := l; input := iom; destination := s; output := oom |} = None ∧ output {| l := l; input := iom; destination := s; output := oom |} = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} d = Some (None, NewMachine sn))message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs bprefix
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
sn: state X
Hnew: VLSM.l {| l := l; input := iom; destination := s; output := oom |} = Spawn sn
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: input_valid_transition (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) l ( lst, iom) (s, oom)input {| l := l; input := iom; destination := s; output := oom |} = None ∧ output {| l := l; input := iom; destination := s; output := oom |} = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} d = Some (None, NewMachine sn))message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs bprefix
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
sn: state X
Hnew: VLSM.l {| l := l; input := iom; destination := s; output := oom |} = Spawn sn
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)input {| l := l; input := iom; destination := s; output := oom |} = None ∧ output {| l := l; input := iom; destination := s; output := oom |} = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} d = Some (None, NewMachine sn))message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs bprefix
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
sn: state X
Hnew: VLSM.l {| l := l; input := iom; destination := s; output := oom |} = Spawn sn
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)iom = None ∧ oom = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} d = Some (None, NewMachine sn))message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs bprefix
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
sn: state X
Hnew: VLSM.l {| l := l; input := iom; destination := s; output := oom |} = Spawn sn
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ (item := {| l := l; input := iom; destination := s; output := oom |}) (sn : state X), l = Spawn sn → ∃ (i : nat) (si : option (state X)), equivocator_state_project s i = si ∧ equivocator_vlsm_transition_item_project X item (Existing i) = Some (None, NewMachine sn)iom = None ∧ oom = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} d = Some (None, NewMachine sn))message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs bprefix
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
sn: state X
Hnew: l = Spawn sn
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ sn : state X, l = Spawn sn → ∃ (i : nat) (si : option (state X)), equivocator_state_project s i = si ∧ equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (None, NewMachine sn)iom = None ∧ oom = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} d = Some (None, NewMachine sn))message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs bprefix
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
sn: state X
Hbsuffix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst ({| l := Spawn sn; input := iom; destination := s; output := oom |} :: bsuffix)
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hpitem: ∀ sn0 : state X, Spawn sn = Spawn sn0 → ∃ (i : nat) (si : option (state X)), equivocator_state_project s i = si ∧ equivocator_vlsm_transition_item_project X {| l := Spawn sn; input := iom; destination := s; output := oom |} (Existing i) = Some (None, NewMachine sn0)
Ht: transition (Spawn sn) (lst, iom) = (s, oom)
Hv: valid (Spawn sn) (lst, iom)iom = None ∧ oom = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := Spawn sn; input := iom; destination := s; output := oom |} d = Some (None, NewMachine sn))by inversion Ht; destruct Hv as [Hsndl Hiom]; subst; eauto. Qed.message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs bprefix
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
sn: state X
Hbsuffix: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst ({| l := Spawn sn; input := iom; destination := s; output := oom |} :: bsuffix)
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition (Spawn sn) (lst, iom) = (s, oom)
Hv: valid (Spawn sn) (lst, iom)
i: nat
lst_i: option (state X)
Hi: equivocator_state_project s i = lst_i
Hpitem: equivocator_vlsm_transition_item_project X {| l := Spawn sn; input := iom; destination := s; output := oom |} (Existing i) = Some (None, NewMachine sn)iom = None ∧ oom = None ∧ (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := Spawn sn; input := iom; destination := s; output := oom |} d = Some (None, NewMachine sn))
For any transition_item in a valid trace segment of an
equivocator_vlsm there exists a projection of that trace containing
the projection of the item.
message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
btr: list transition_item
Hbtr: finite_constrained_trace_from_to (equivocator_vlsm X) bs bf btr
bitem: transition_item
Hitem: bitem ∈ btr
idl: nat
Hlbitem: equivocator_label_descriptor (l bitem) = Existing idl∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs btr) ∧ equivocator_vlsm_trace_project X btr dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
btr: list transition_item
Hbtr: finite_constrained_trace_from_to (equivocator_vlsm X) bs bf btr
bitem: transition_item
Hitem: bitem ∈ btr
idl: nat
Hlbitem: equivocator_label_descriptor (l bitem) = Existing idl∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs btr) ∧ equivocator_vlsm_trace_project X btr dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
btr: list transition_item
Hbtr: finite_constrained_trace_from_to (equivocator_vlsm X) bs bf btr
bitem: transition_item
Hitem: bitem ∈ btr
idl: nat
Hlbitem: equivocator_label_descriptor (l bitem) = Existing idl
Hinv2: btr ≠ [] → finite_constrained_trace_from_to (equivocator_vlsm X) bs bf btr → ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X btr (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs btr) ∧ equivocator_vlsm_trace_project X btr dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
btr: list transition_item
Hbtr: finite_constrained_trace_from_to (equivocator_vlsm X) bs bf btr
bitem: transition_item
Hitem: bitem ∈ btr
idl: nat
Hlbitem: equivocator_label_descriptor (l bitem) = Existing idl
Hinv2: finite_constrained_trace_from_to (equivocator_vlsm X) bs bf btr → ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X btr (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs btr) ∧ equivocator_vlsm_trace_project X btr dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
btr: list transition_item
Hbtr: finite_constrained_trace_from_to (equivocator_vlsm X) bs bf btr
bitem: transition_item
Hitem: bitem ∈ btr
idl: nat
Hlbitem: equivocator_label_descriptor (l bitem) = Existing idl
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X btr (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs btr) ∧ equivocator_vlsm_trace_project X btr dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
btr: list transition_item
Hbtr: finite_constrained_trace_from_to (equivocator_vlsm X) bs bf btr
bitem: transition_item
Hitem: ∃ l1 l2 : list transition_item, btr = l1 ++ bitem :: l2
idl: nat
Hlbitem: equivocator_label_descriptor (l bitem) = Existing idl
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X btr (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs btr) ∧ equivocator_vlsm_trace_project X btr dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
btr: list transition_item
Hbtr: finite_constrained_trace_from_to (equivocator_vlsm X) bs bf btr
bitem: transition_item
bprefix, bsuffix: list transition_item
Heq: btr = bprefix ++ bitem :: bsuffix
idl: nat
Hlbitem: equivocator_label_descriptor (l bitem) = Existing idl
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X btr (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs btr) ∧ equivocator_vlsm_trace_project X btr dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bitem: transition_item
bprefix, bsuffix: list transition_item
Hbtr: finite_constrained_trace_from_to (equivocator_vlsm X) bs bf (bprefix ++ bitem :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor (l bitem) = Existing idl
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ bitem :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bitem: transition_item
bprefix, bsuffix: list transition_item
Hbtr: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix ∧ finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf (bitem :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor (l bitem) = Existing idl
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ bitem :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bitem: transition_item
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf (bitem :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor (l bitem) = Existing idl
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ bitem :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bitem: transition_item
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf (bitem :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor (l bitem) = Existing idl
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X bitem d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ bitem :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor (VLSM.l {| l := l; input := iom; destination := s; output := oom |}) = Existing idl
Htl: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bf bsuffix
Ht: input_valid_transition (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) l ( lst, iom) (s, oom)∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor (VLSM.l {| l := l; input := iom; destination := s; output := oom |}) = Existing idl
Htl: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bf bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor (VLSM.l {| l := l; input := iom; destination := s; output := oom |}) = Existing idl
Htl: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bf bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ (item := {| l := l; input := iom; destination := s; output := oom |}) (_i : nat), equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X item (Existing i) = Some (Some itemx, Existing _i))∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bf bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bf bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)∃ item : transition_item, (∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} d = Some (Some item, Existing idl)) ∧ (∃ tr : list transition_item, item ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)(∃ d : MachineDescriptor X, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} d = Some (Some itemx, Existing idl)) ∧ (∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst)))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
dsuffix: MachineDescriptor X
Heqdsuffix: dsuffix = Existing i
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} dsuffix = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix: equivocator_vlsm_trace_project X bsuffix dsuffix = Some (suffix, dsuffix)∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
bitem: transition_item
Heqbitem: bitem = {| l := l; input := iom; destination := s; output := oom |}
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf (bitem :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X bitem (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
dsuffix: MachineDescriptor X
Heqdsuffix: dsuffix = Existing i
Hitemx: equivocator_vlsm_transition_item_project X bitem dsuffix = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix: equivocator_vlsm_trace_project X bsuffix dsuffix = Some (suffix, dsuffix)∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ bitem :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
bitem: transition_item
Heqbitem: bitem = {| l := l; input := iom; destination := s; output := oom |}
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf (bitem :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X bitem (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
dsuffix: MachineDescriptor X
Heqdsuffix: dsuffix = Existing i
Hitemx: equivocator_vlsm_transition_item_project X bitem dsuffix = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix: equivocator_vlsm_trace_project X bsuffix dsuffix = Some (suffix, dsuffix)
Hsuffix': equivocator_vlsm_trace_project X [bitem] dsuffix = Some ([itemx], Existing idl) → equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, dsuffix) → equivocator_vlsm_trace_project X ([bitem] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ bitem :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
bitem: transition_item
Heqbitem: bitem = {| l := l; input := iom; destination := s; output := oom |}
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf (bitem :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X bitem (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
dsuffix: MachineDescriptor X
Heqdsuffix: dsuffix = Existing i
Hitemx: equivocator_vlsm_transition_item_project X bitem dsuffix = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix: equivocator_vlsm_trace_project X bsuffix dsuffix = Some (suffix, dsuffix)
Hsuffix': equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, dsuffix) → equivocator_vlsm_trace_project X ([bitem] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ bitem :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
bitem: transition_item
Heqbitem: bitem = {| l := l; input := iom; destination := s; output := oom |}
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf (bitem :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X bitem (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X bitem (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i) → equivocator_vlsm_trace_project X ([bitem] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ bitem :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
bitem: transition_item
Heqbitem: bitem = {| l := l; input := iom; destination := s; output := oom |}
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf (bitem :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X bitem (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X bitem (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([bitem] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ bitem :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ bitem :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
_i: nat
_Hdsuffix: Existing i = Existing _i
s_i: state X
_Hi: equivocator_state_project s _i = Some s_i
Hd': ∃ i' : nat, Existing idl = Existing i' ∧ (∃ s'x : state X, equivocator_state_project lst i' = Some s'x ∧ (∃ Hex : existing_equivocator_label X l, let lx := existing_equivocator_label_extract X l Hex in itemx = {| l := lx; input := iom; destination := s_i; output := oom |} ∧ valid lx (s'x, iom) ∧ transition lx (s'x, iom) = (s_i, oom)))∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
_i: nat
_Hdsuffix: Existing i = Existing _i
s_i: state X
_Hi: equivocator_state_project s _i = Some s_i
Hd': ∃ i' : nat, Existing idl = Existing i' ∧ (∃ s'x : state X, equivocator_state_project lst i' = Some s'x ∧ (∃ Hex : existing_equivocator_label X l, let lx := existing_equivocator_label_extract X l Hex in itemx = {| l := lx; input := iom; destination := s_i; output := oom |} ∧ valid lx (s'x, iom) ∧ transition lx (s'x, iom) = (s_i, oom)))
H0: i = _i∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
_Hdsuffix: Existing i = Existing i
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
Hd': ∃ i' : nat, Existing idl = Existing i' ∧ (∃ s'x : state X, equivocator_state_project lst i' = Some s'x ∧ (∃ Hex : existing_equivocator_label X l, let lx := existing_equivocator_label_extract X l Hex in itemx = {| l := lx; input := iom; destination := s_i; output := oom |} ∧ valid lx (s'x, iom) ∧ transition lx (s'x, iom) = (s_i, oom)))∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
Hd': ∃ i' : nat, Existing idl = Existing i' ∧ (∃ s'x : state X, equivocator_state_project lst i' = Some s'x ∧ (∃ Hex : existing_equivocator_label X l, let lx := existing_equivocator_label_extract X l Hex in itemx = {| l := lx; input := iom; destination := s_i; output := oom |} ∧ valid lx (s'x, iom) ∧ transition lx (s'x, iom) = (s_i, oom)))∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
_i': nat
_Heq: Existing idl = Existing _i'
lst_i': state X
id: equivocator_state_project lst _i' = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
_i': nat
_Heq: Existing idl = Existing _i'
lst_i': state X
id: equivocator_state_project lst _i' = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
H0: idl = _i'∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
_Heq: Existing idl = Existing idl
lst_i': state X
id: equivocator_state_project lst idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
lst: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Heqlst: lst = finite_trace_last bs bprefix
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs lst bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) lst bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Hv: valid l (lst, iom)
Ht: transition l (lst, iom) = (s, oom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project lst idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ [{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some (prefix ++ [itemx] ++ suffix, dfirst)∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)∃ tr : list transition_item, itemx ∈ tr ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (tr, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hinv2: ∀ (j : nat) (di : MachineDescriptor X) (trX : list transition_item), equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing j) = Some (trX, di) → ∃ fsj : state X, equivocator_state_project bf j = Some fsj ∧ match di with | NewMachine sn => finite_constrained_trace_init_to X sn fsj trX | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi fsj trX ∧ (initial_state_prop bs → initial_state_prop isi) end
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)itemx ∈ prefix ++ itemx :: suffix ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (prefix ++ itemx :: suffix, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) enditemx ∈ prefix ++ itemx :: suffix ∧ (∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (prefix ++ itemx :: suffix, dfirst))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) enditemx ∈ prefix ++ itemx :: suffixmessage: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) end∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (prefix ++ itemx :: suffix, dfirst)message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) enditemx ∈ prefix ++ itemx :: suffixmessage: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) enditemx ∈ prefix ∨ itemx ∈ itemx :: suffixleft.message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) enditemx ∈ itemx :: suffixmessage: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) end∃ dfinal dfirst : MachineDescriptor X, proper_descriptor X dfirst bs ∧ existing_descriptor X dfinal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) dfinal = Some (prefix ++ itemx :: suffix, dfirst)message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) endproper_descriptor X ?Goal0 bs ∧ existing_descriptor X ?Goal (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix)) ∧ equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) ?Goal = Some (prefix ++ itemx :: suffix, ?Goal0)message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) endproper_descriptor X dfirst bsmessage: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) endexisting_descriptor X (Existing i) (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) endproper_descriptor X dfirst bsmessage: Type
X: VLSM message
bs: state (equivocator_vlsm X)
itemx: transition_item
suffix, prefix: list transition_item
dfirst: MachineDescriptor X
bfi: state X
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) endproper_descriptor X dfirst bsmessage: Type
X: VLSM message
bs: state (equivocator_vlsm X)
itemx: transition_item
suffix, prefix: list transition_item
sn, bfi: state X
Hdinitial: finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix)proper_descriptor X (NewMachine sn) bsmessage: Type
X: VLSM message
bs: state (equivocator_vlsm X)
itemx: transition_item
suffix, prefix: list transition_item
j: nat
bfi: state X
Hdinitial: ∃ isi : state X, equivocator_state_project bs j = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi)proper_descriptor X (Existing j) bsby destruct Hdinitial.message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
itemx: transition_item
suffix, prefix: list transition_item
sn, bfi: state X
Hdinitial: finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix)proper_descriptor X (NewMachine sn) bsby destruct Hdinitial as [bsj [Hdinitial _]]; exists bsj.message: Type
X: VLSM message
bs: state (equivocator_vlsm X)
itemx: transition_item
suffix, prefix: list transition_item
j: nat
bfi: state X
Hdinitial: ∃ isi : state X, equivocator_state_project bs j = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi)proper_descriptor X (Existing j) bsmessage: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) endexisting_descriptor X (Existing i) (finite_trace_last bs (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix))message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) end
btr: list transition_item
Heqbtr: btr = bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffixexisting_descriptor X (Existing i) (finite_trace_last bs btr)message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) end
btr: list transition_item
Heqbtr: btr = bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix
Hinv: btr ≠ [] → ∀ j : nat, is_Some (equivocator_vlsm_trace_project X btr (Existing j)) → ∀ is : state (equivocator_vlsm X), ∃ sj : state X, equivocator_state_project (finite_trace_last is btr) j = Some sjexisting_descriptor X (Existing i) (finite_trace_last bs btr)message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) end
btr: list transition_item
Heqbtr: btr = bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix
Hinv: ∀ j : nat, is_Some (equivocator_vlsm_trace_project X btr (Existing j)) → ∀ is : state (equivocator_vlsm X), ∃ sj : state X, equivocator_state_project (finite_trace_last is btr) j = Some sjexisting_descriptor X (Existing i) (finite_trace_last bs btr)message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) end
btr: list transition_item
Heqbtr: btr = bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix
Hinv: is_Some (equivocator_vlsm_trace_project X btr (Existing i)) → ∀ is : state (equivocator_vlsm X), ∃ sj : state X, equivocator_state_project (finite_trace_last is btr) i = Some sjexisting_descriptor X (Existing i) (finite_trace_last bs btr)message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) end
btr: list transition_item
Heqbtr: btr = bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix
Hinv: ∀ is : state (equivocator_vlsm X), ∃ sj : state X, equivocator_state_project (finite_trace_last is btr) i = Some sjexisting_descriptor X (Existing i) (finite_trace_last bs btr)by eexists. Qed.message: Type
X: VLSM message
bs, bf: state (equivocator_vlsm X)
bprefix, bsuffix: list transition_item
Hbprefix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) bs (finite_trace_last bs bprefix) bprefix
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
iom, oom: option message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hbsuffix: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) (finite_trace_last bs bprefix) bf ({| l := l; input := iom; destination := s; output := oom |} :: bsuffix)
idl: nat
Hlbitem: equivocator_label_descriptor l = Existing idl
Htl: finite_valid_trace_from (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s bsuffix
Ht: transition l (finite_trace_last bs bprefix, iom) = (s, oom)
Hv: valid l (finite_trace_last bs bprefix, iom)
Hpitem: ∀ _i : nat, equivocator_label_descriptor l = Existing _i → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ (∃ itemx : transition_item, equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing _i))
i: nat
si: state X
Hi: equivocator_state_project s i = Some si
itemx: transition_item
Hitemx: equivocator_vlsm_transition_item_project X {| l := l; input := iom; destination := s; output := oom |} (Existing i) = Some (Some itemx, Existing idl)
suffix: list transition_item
Hsuffix': equivocator_vlsm_trace_project X ([{| l := l; input := iom; destination := s; output := oom |}] ++ bsuffix) (Existing i) = Some ([itemx] ++ suffix, Existing idl)
Hsuffix: equivocator_vlsm_trace_project X bsuffix (Existing i) = Some (suffix, Existing i)
s_i: state X
_Hi: equivocator_state_project s i = Some s_i
lst_i': state X
id: equivocator_state_project (finite_trace_last bs bprefix) idl = Some lst_i'
Hex: existing_equivocator_label X l
_Hitemx: itemx = {| l := existing_equivocator_label_extract X l Hex; input := iom; destination := s_i; output := oom |}
Hvs': valid (existing_equivocator_label_extract X l Hex) (lst_i', iom)
Hts': transition (existing_equivocator_label_extract X l Hex) (lst_i', iom) = (s_i, oom)
prefix: list transition_item
dfirst: MachineDescriptor X
Hprefix: equivocator_vlsm_trace_project X bprefix (Existing idl) = Some (prefix, dfirst)
Htr: equivocator_vlsm_trace_project X (bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix) (Existing i) = Some (prefix ++ itemx :: suffix, dfirst)
bfi: state X
Hdfinal: equivocator_state_project bf i = Some bfi
Hdinitial: match dfirst with | NewMachine sn => finite_constrained_trace_init_to X sn bfi (prefix ++ itemx :: suffix) | Existing i => ∃ isi : state X, equivocator_state_project bs i = Some isi ∧ finite_constrained_trace_from_to X isi bfi (prefix ++ itemx :: suffix) ∧ (initial_state_prop bs → initial_state_prop isi) end
btr: list transition_item
Heqbtr: btr = bprefix ++ {| l := l; input := iom; destination := s; output := oom |} :: bsuffix
lst_i: state X
Hlst_i: equivocator_state_project (finite_trace_last bs btr) i = Some lst_iexisting_descriptor X (Existing i) (finite_trace_last bs btr)
If an equivocator_vlsm's valid trace segment outputs a message, then
one of its projections must do so too.
message: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_constrained_trace_from (equivocator_vlsm X) is tr
m: message
Hbbs: Exists (field_selector output m) tr∃ (j i : MachineDescriptor X) (_ : proper_descriptor X i is) (_ : existing_descriptor X j (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr j = Some (trX, i)), Exists (field_selector output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_constrained_trace_from (equivocator_vlsm X) is tr
m: message
Hbbs: Exists (field_selector output m) tr∃ (j i : MachineDescriptor X) (_ : proper_descriptor X i is) (_ : existing_descriptor X j (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr j = Some (trX, i)), Exists (field_selector output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_constrained_trace_from (equivocator_vlsm X) is tr
m: message
Hbbs: ∃ x : transition_item, x ∈ tr ∧ field_selector output m x∃ (j i : MachineDescriptor X) (_ : proper_descriptor X i is) (_ : existing_descriptor X j (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr j = Some (trX, i)), Exists (field_selector output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_constrained_trace_from (equivocator_vlsm X) is tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item∃ (j i : MachineDescriptor X) (_ : proper_descriptor X i is) (_ : existing_descriptor X j (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr j = Some (trX, i)), Exists (field_selector output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_constrained_trace_from (equivocator_vlsm X) is tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
sn: state X
Hsndl: equivocator_label_descriptor (l item) = NewMachine sn∃ (j i : MachineDescriptor X) (_ : proper_descriptor X i is) (_ : existing_descriptor X j (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr j = Some (trX, i)), Exists (field_selector output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_constrained_trace_from (equivocator_vlsm X) is tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i∃ (j i : MachineDescriptor X) (_ : proper_descriptor X i is) (_ : existing_descriptor X j (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr j = Some (trX, i)), Exists (field_selector output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_constrained_trace_from (equivocator_vlsm X) is tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
sn: state X
Hsndl: equivocator_label_descriptor (l item) = NewMachine sn∃ (j i : MachineDescriptor X) (_ : proper_descriptor X i is) (_ : existing_descriptor X j (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr j = Some (trX, i)), Exists (field_selector output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_constrained_trace_from (equivocator_vlsm X) is tr
m: message
l: label (equivocator_vlsm X)
input: option message
destination: state (equivocator_vlsm X)
output: option message
Hin: {| l := l; input := input; destination := destination; output := output |} ∈ tr
Houtput: field_selector VLSM.output m {| l := l; input := input; destination := destination; output := output |}
sn: state X
Hsndl: equivocator_label_descriptor (VLSM.l {| l := l; input := input; destination := destination; output := output |}) = NewMachine sn∃ (j i : MachineDescriptor X) (_ : proper_descriptor X i is) (_ : existing_descriptor X j (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr j = Some (trX, i)), Exists (field_selector VLSM.output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_constrained_trace_from (equivocator_vlsm X) is tr
m: message
s: state X
input: option message
destination: state (equivocator_vlsm X)
output: option message
Hin: {| l := Spawn s; input := input; destination := destination; output := output |} ∈ tr
Houtput: field_selector VLSM.output m {| l := Spawn s; input := input; destination := destination; output := output |}
sn: state X
Hsndl: equivocator_label_descriptor (l {| l := Spawn s; input := input; destination := destination; output := output |}) = NewMachine sn
H0: s = sn∃ (j i : MachineDescriptor X) (_ : proper_descriptor X i is) (_ : existing_descriptor X j (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr j = Some (trX, i)), Exists (field_selector VLSM.output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_constrained_trace_from (equivocator_vlsm X) is tr
m: message
input: option message
destination: state (equivocator_vlsm X)
output: option message
sn: state X
Hsndl: equivocator_label_descriptor (l {| l := Spawn sn; input := input; destination := destination; output := output |}) = NewMachine sn
Houtput: field_selector VLSM.output m {| l := Spawn sn; input := input; destination := destination; output := output |}
Hin: {| l := Spawn sn; input := input; destination := destination; output := output |} ∈ tr∃ (j i : MachineDescriptor X) (_ : proper_descriptor X i is) (_ : existing_descriptor X j (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr j = Some (trX, i)), Exists (field_selector VLSM.output m) trXby destruct (preloaded_equivocator_vlsm_trace_project_valid_item_new_machine _ _ Htr _ Hin _ eq_refl) as [_ [Hcontra _]]; cbn in *; congruence.message: Type
X: VLSM message
is: Equivocators.bounded_state_copies X
tr: list transition_item
Htr: finite_constrained_trace_from (equivocator_vlsm X) is tr
m: message
input: option message
destination: Equivocators.bounded_state_copies X
output: option message
sn: state X
Hsndl: NewMachine sn = NewMachine sn
Houtput: output = Some m
Hin: {| l := Spawn sn; input := input; destination := destination; output := output |} ∈ tr∃ (j i : MachineDescriptor X) (_ : proper_descriptor X i is) (_ : existing_descriptor X j (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr j = Some (trX, i)), Exists (field_selector VLSM.output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_constrained_trace_from (equivocator_vlsm X) is tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i∃ (j i : MachineDescriptor X) (_ : proper_descriptor X i is) (_ : existing_descriptor X j (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr j = Some (trX, i)), Exists (field_selector output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) is (finite_trace_last is tr) tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i∃ (j i : MachineDescriptor X) (_ : proper_descriptor X i is) (_ : existing_descriptor X j (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr j = Some (trX, i)), Exists (field_selector output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) is (finite_trace_last is tr) tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i
itemx: transition_item
d: MachineDescriptor X
Hitemx: equivocator_vlsm_transition_item_project X item d = Some (Some itemx, Existing i)
trx: list transition_item
Hinx: itemx ∈ trx
ifinal, ifirst: MachineDescriptor X
Hifirst: proper_descriptor X ifirst is
Hifinal: existing_descriptor X ifinal (finite_trace_last is tr)
Htrx: equivocator_vlsm_trace_project X tr ifinal = Some (trx, ifirst)∃ (j i : MachineDescriptor X) (_ : proper_descriptor X i is) (_ : existing_descriptor X j (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr j = Some (trX, i)), Exists (field_selector output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) is (finite_trace_last is tr) tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i
itemx: transition_item
d: MachineDescriptor X
Hitemx: equivocator_vlsm_transition_item_project X item d = Some (Some itemx, Existing i)
trx: list transition_item
Hinx: itemx ∈ trx
ifinal, ifirst: MachineDescriptor X
Hifirst: proper_descriptor X ifirst is
Hifinal: existing_descriptor X ifinal (finite_trace_last is tr)
Htrx: equivocator_vlsm_trace_project X tr ifinal = Some (trx, ifirst)∃ (i : MachineDescriptor X) (_ : proper_descriptor X i is) (_ : existing_descriptor X ifinal (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr ifinal = Some (trX, i)), Exists (field_selector output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) is (finite_trace_last is tr) tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i
itemx: transition_item
d: MachineDescriptor X
Hitemx: equivocator_vlsm_transition_item_project X item d = Some (Some itemx, Existing i)
trx: list transition_item
Hinx: itemx ∈ trx
ifinal, ifirst: MachineDescriptor X
Hifirst: proper_descriptor X ifirst is
Hifinal: existing_descriptor X ifinal (finite_trace_last is tr)
Htrx: equivocator_vlsm_trace_project X tr ifinal = Some (trx, ifirst)∃ (_ : proper_descriptor X ifirst is) (_ : existing_descriptor X ifinal (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr ifinal = Some (trX, ifirst)), Exists (field_selector output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) is (finite_trace_last is tr) tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i
itemx: transition_item
d: MachineDescriptor X
Hitemx: equivocator_vlsm_transition_item_project X item d = Some (Some itemx, Existing i)
trx: list transition_item
Hinx: itemx ∈ trx
ifinal, ifirst: MachineDescriptor X
Hifirst: proper_descriptor X ifirst is
Hifinal: existing_descriptor X ifinal (finite_trace_last is tr)
Htrx: equivocator_vlsm_trace_project X tr ifinal = Some (trx, ifirst)∃ (_ : existing_descriptor X ifinal (finite_trace_last is tr)) (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr ifinal = Some (trX, ifirst)), Exists (field_selector output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) is (finite_trace_last is tr) tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i
itemx: transition_item
d: MachineDescriptor X
Hitemx: equivocator_vlsm_transition_item_project X item d = Some (Some itemx, Existing i)
trx: list transition_item
Hinx: itemx ∈ trx
ifinal, ifirst: MachineDescriptor X
Hifirst: proper_descriptor X ifirst is
Hifinal: existing_descriptor X ifinal (finite_trace_last is tr)
Htrx: equivocator_vlsm_trace_project X tr ifinal = Some (trx, ifirst)∃ (trX : list transition_item) (_ : equivocator_vlsm_trace_project X tr ifinal = Some (trX, ifirst)), Exists (field_selector output m) trXmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) is (finite_trace_last is tr) tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i
itemx: transition_item
d: MachineDescriptor X
Hitemx: equivocator_vlsm_transition_item_project X item d = Some (Some itemx, Existing i)
trx: list transition_item
Hinx: itemx ∈ trx
ifinal, ifirst: MachineDescriptor X
Hifirst: proper_descriptor X ifirst is
Hifinal: existing_descriptor X ifinal (finite_trace_last is tr)
Htrx: equivocator_vlsm_trace_project X tr ifinal = Some (trx, ifirst)∃ _ : equivocator_vlsm_trace_project X tr ifinal = Some (trx, ifirst), Exists (field_selector output m) trxmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) is (finite_trace_last is tr) tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i
itemx: transition_item
d: MachineDescriptor X
Hitemx: equivocator_vlsm_transition_item_project X item d = Some (Some itemx, Existing i)
trx: list transition_item
Hinx: itemx ∈ trx
ifinal, ifirst: MachineDescriptor X
Hifirst: proper_descriptor X ifirst is
Hifinal: existing_descriptor X ifinal (finite_trace_last is tr)
Htrx: equivocator_vlsm_trace_project X tr ifinal = Some (trx, ifirst)Exists (field_selector output m) trxmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) is (finite_trace_last is tr) tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i
itemx: transition_item
d: MachineDescriptor X
Hitemx: equivocator_vlsm_transition_item_project X item d = Some (Some itemx, Existing i)
trx: list transition_item
Hinx: itemx ∈ trx
ifinal, ifirst: MachineDescriptor X
Hifirst: proper_descriptor X ifirst is
Hifinal: existing_descriptor X ifinal (finite_trace_last is tr)
Htrx: equivocator_vlsm_trace_project X tr ifinal = Some (trx, ifirst)∃ x : transition_item, x ∈ trx ∧ field_selector output m xmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) is (finite_trace_last is tr) tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i
itemx: transition_item
d: MachineDescriptor X
Hitemx: equivocator_vlsm_transition_item_project X item d = Some (Some itemx, Existing i)
trx: list transition_item
Hinx: itemx ∈ trx
ifinal, ifirst: MachineDescriptor X
Hifirst: proper_descriptor X ifirst is
Hifinal: existing_descriptor X ifinal (finite_trace_last is tr)
Htrx: equivocator_vlsm_trace_project X tr ifinal = Some (trx, ifirst)itemx ∈ trx ∧ field_selector output m itemxmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) is (finite_trace_last is tr) tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i
itemx: transition_item
d: MachineDescriptor X
Hitemx: equivocator_vlsm_transition_item_project X item d = Some (Some itemx, Existing i)
trx: list transition_item
Hinx: itemx ∈ trx
ifinal, ifirst: MachineDescriptor X
Hifirst: proper_descriptor X ifirst is
Hifinal: existing_descriptor X ifinal (finite_trace_last is tr)
Htrx: equivocator_vlsm_trace_project X tr ifinal = Some (trx, ifirst)field_selector output m itemxmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) is (finite_trace_last is tr) tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i
itemx: transition_item
d: MachineDescriptor X
Hitemx: ∃ i : nat, d = Existing i ∧ proper_descriptor X d (destination item) ∧ input item = input itemx ∧ output item = output itemx
trx: list transition_item
Hinx: itemx ∈ trx
ifinal, ifirst: MachineDescriptor X
Hifirst: proper_descriptor X ifirst is
Hifinal: existing_descriptor X ifinal (finite_trace_last is tr)
Htrx: equivocator_vlsm_trace_project X tr ifinal = Some (trx, ifirst)field_selector output m itemxmessage: Type
X: VLSM message
is: state (equivocator_vlsm X)
tr: list transition_item
Htr: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) is (finite_trace_last is tr) tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: field_selector output m item
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i
itemx: transition_item
d: MachineDescriptor X
Hitemx: output item = output itemx
trx: list transition_item
Hinx: itemx ∈ trx
ifinal, ifirst: MachineDescriptor X
Hifirst: proper_descriptor X ifirst is
Hifinal: existing_descriptor X ifinal (finite_trace_last is tr)
Htrx: equivocator_vlsm_trace_project X tr ifinal = Some (trx, ifirst)field_selector output m itemxby congruence. Qed. Section sec_oracle_lifting. Context (selector : message -> transition_item X -> Prop) (Hselector_io : forall l1 l2 s1 s2 im om m, selector m {| l := l1; input := im; destination := s1; output := om |} <-> selector m {| l := l2; input := im; destination := s2; output := om |}) (oracle : state X -> message -> Prop) (Hdec : RelDecision oracle) (Hstepwise : oracle_stepwise_props (vlsm := X) selector oracle). Definition equivocator_selector (m : message) (item : transition_item (equivocator_vlsm X)) : Prop := match (l item) with | Spawn _ => False | ContinueWith _ l | ForkWith _ l => selector m {| l := l ; input := input item ; destination := equivocator_state_zero (destination item) ; output := output item |} end.message: Type
X: VLSM message
is: Equivocators.bounded_state_copies X
tr: list transition_item
Htr: finite_valid_trace_from_to (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) is (finite_trace_last is tr) tr
m: message
item: transition_item
Hin: item ∈ tr
Houtput: output item = Some m
i: nat
Hsndl: equivocator_label_descriptor (l item) = Existing i
itemx: transition_item
d: MachineDescriptor X
Hitemx: output item = output itemx
trx: list transition_item
Hinx: itemx ∈ trx
ifinal, ifirst: MachineDescriptor X
Hifirst: proper_descriptor X ifirst is
Hifinal: existing_descriptor X ifinal (finite_trace_last is tr)
Htrx: equivocator_vlsm_trace_project X tr ifinal = Some (trx, ifirst)output itemx = Some m
We define equivocator_oracle for the equivocator_vlsm as being the oracle for any
of the internal machines.
Definition equivocator_oracle (s : state (equivocator_vlsm X)) (m : message) : Prop := exists i si, equivocator_state_project s i = Some si /\ oracle si m.message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracleRelDecision equivocator_oraclemessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracleRelDecision equivocator_oraclemessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
s: state (equivocator_vlsm X)
m: messageDecision (equivocator_oracle s m)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
s: state (equivocator_vlsm X)
m: messageExists (λ i : nat, from_option (λ si : state X, oracle si m) False (equivocator_state_project s i)) ?Goal ↔ equivocator_oracle s mmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
s: state (equivocator_vlsm X)
m: messageDecision (Exists (λ i : nat, from_option (λ si : state X, oracle si m) False (equivocator_state_project s i)) ?Goal)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
s: state (equivocator_vlsm X)
m: messageExists (λ i : nat, from_option (λ si : state X, oracle si m) False (equivocator_state_project s i)) ?Goal ↔ equivocator_oracle s mmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
s: state (equivocator_vlsm X)
m: message(∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si m) → ∃ x : nat, x ∈ ?Goal ∧ from_option (λ si : state X, oracle si m) False (equivocator_state_project s x)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
s: state (equivocator_vlsm X)
m: message(∃ x : nat, x ∈ ?Goal ∧ from_option (λ si : state X, oracle si m) False (equivocator_state_project s x)) → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si mmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
s: state (equivocator_vlsm X)
m: message(∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si m) → ∃ x : nat, x ∈ ?Goal ∧ from_option (λ si : state X, oracle si m) False (equivocator_state_project s x)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
s: state (equivocator_vlsm X)
m: message
i: nat
si: state X
Hsi: equivocator_state_project s i = Some si
Hi: oracle si mi ∈ ?Goal ∧ from_option (λ si : state X, oracle si m) False (equivocator_state_project s i)by eapply up_to_n_full, equivocator_state_project_Some_rev.message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
s: state (equivocator_vlsm X)
m: message
i: nat
si: state X
Hsi: equivocator_state_project s i = Some si
Hi: oracle si mi ∈ ?Goalmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
s: state (equivocator_vlsm X)
m: message(∃ x : nat, x ∈ up_to_n_listing (equivocator_state_n s) ∧ from_option (λ si : state X, oracle si m) False (equivocator_state_project s x)) → ∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si mby destruct (equivocator_state_project s i); [eexists |].message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
s: state (equivocator_vlsm X)
m: message
i: nat
Hi: from_option (λ si : state X, oracle si m) False (equivocator_state_project s i)∃ si : state X, equivocator_state_project s i = Some si ∧ oracle si mmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
s: state (equivocator_vlsm X)
m: messageDecision (Exists (λ i : nat, from_option (λ si : state X, oracle si m) False (equivocator_state_project s i)) (up_to_n_listing (equivocator_state_n s)))by destruct (equivocator_state_project s i); [apply Hdec | typeclasses eauto]. Qed.message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
s: state (equivocator_vlsm X)
m: message
i: natDecision (from_option (λ si : state X, oracle si m) False (equivocator_state_project s i))message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracleoracle_stepwise_props equivocator_selector equivocator_oraclemessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracleoracle_stepwise_props equivocator_selector equivocator_oraclemessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msgoracle_stepwise_props equivocator_selector equivocator_oraclemessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
s: state (equivocator_vlsm X)
H: initial_state_prop s
m: message¬ equivocator_oracle s mmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
H: input_constrained_transition (equivocator_vlsm X) l ( s, im) (s', om)
msg: messageequivocator_oracle s' msg ↔ equivocator_selector msg {| l := l; input := im; destination := s'; output := om |} ∨ equivocator_oracle s msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
s: state (equivocator_vlsm X)
H: initial_state_prop s
m: message¬ equivocator_oracle s mmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
s: state (equivocator_vlsm X)
Hn: is_singleton_state X s
His: initial_state_prop (equivocator_state_zero s)
m: message¬ equivocator_oracle s mmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
s: state (equivocator_vlsm X)
Hn: equivocator_state_n s = 1
His: initial_state_prop (equivocator_state_zero s)
m: message¬ equivocator_oracle s mmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
s: state (equivocator_vlsm X)
Hn: equivocator_state_n s = 1
His: initial_state_prop (equivocator_state_zero s)
m: message
j: nat
sj: state X
Hsj: equivocator_state_project s j = Some sj
Hmbrj: oracle sj mFalsemessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
s: state (equivocator_vlsm X)
Hn: equivocator_state_n s = 1
His: initial_state_prop (equivocator_state_zero s)
m: message
j: nat
sj: state X
Hsj: equivocator_state_project s j = Some sj
Hmbrj: oracle sj m
Hltj: j < equivocator_state_n sFalsemessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
s: state (equivocator_vlsm X)
Hn: equivocator_state_n s = 1
His: initial_state_prop (equivocator_state_zero s)
m: message
j: nat
sj: state X
Hsj: equivocator_state_project s j = Some sj
Hmbrj: oracle sj m
Hltj: j < equivocator_state_n s
H: j = 0Falsemessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
s: state (equivocator_vlsm X)
Hn: equivocator_state_n s = 1
His: initial_state_prop (equivocator_state_zero s)
m: message
sj: state X
Hsj: equivocator_state_project s 0 = Some sj
Hmbrj: oracle sj m
Hltj: 0 < equivocator_state_n sFalsemessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
s: state (equivocator_vlsm X)
Hn: equivocator_state_n s = 1
His: initial_state_prop (equivocator_state_zero s)
m: message
sj: state X
Hsj: Some (equivocator_state_zero s) = Some sj
Hmbrj: oracle sj m
Hltj: 0 < equivocator_state_n sFalsemessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
s: state (equivocator_vlsm X)
Hn: equivocator_state_n s = 1
His: initial_state_prop (equivocator_state_zero s)
m: message
sj: state X
Hsj: Some (equivocator_state_zero s) = Some sj
Hmbrj: oracle sj m
Hltj: 0 < equivocator_state_n s
H0: equivocator_state_zero s = sjFalseby elim (oracle_no_inits _ His m).message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
s: state (equivocator_vlsm X)
Hn: equivocator_state_n s = 1
His: initial_state_prop (equivocator_state_zero s)
m: message
Hmbrj: oracle (equivocator_state_zero s) m
Hsj: Some (equivocator_state_zero s) = Some (equivocator_state_zero s)
Hltj: 0 < equivocator_state_n sFalsemessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
H: input_constrained_transition (equivocator_vlsm X) l ( s, im) (s', om)
msg: messageequivocator_oracle s' msg ↔ equivocator_selector msg {| l := l; input := im; destination := s'; output := om |} ∨ equivocator_oracle s msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
H: input_constrained_transition (equivocator_vlsm X) l ( s, im) (s', om)
msg: message(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hv: valid l (s, im)
Ht: transition l (s, im) = (s', om)
msg: message(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hv: valid (Spawn sdesc) (s, im)
Ht: transition (Spawn sdesc) (s, im) = (s', om)
msg: message(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := Spawn sdesc; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
idesc: nat
l: label X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hv: valid (ContinueWith idesc l) (s, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
idesc: nat
l: label X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hv: valid (ForkWith idesc l) (s, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hv: valid (Spawn sdesc) (s, im)
Ht: transition (Spawn sdesc) (s, im) = (s', om)
msg: message(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := Spawn sdesc; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hv: valid (Spawn sdesc) (s, im)
Ht: transition (Spawn sdesc) (s, im) = (s', om)
msg: message
H0: equivocator_state_extend s sdesc = s'
H1: None = om(∃ (i : nat) (si : state X), equivocator_state_project (equivocator_state_extend s sdesc) i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := Spawn sdesc; input := im; destination := equivocator_state_extend s sdesc; output := None |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hv: valid (Spawn sdesc) (s, im)
Ht: transition (Spawn sdesc) (s, im) = (equivocator_state_extend s sdesc, None)
msg: message(∃ (i : nat) (si : state X), equivocator_state_project (equivocator_state_extend s sdesc) i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := Spawn sdesc; input := im; destination := equivocator_state_extend s sdesc; output := None |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hv: valid (Spawn sdesc) (s, im)
msg: message(∃ (i : nat) (si : state X), equivocator_state_project (equivocator_state_extend s sdesc) i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := Spawn sdesc; input := im; destination := equivocator_state_extend s sdesc; output := None |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hisdesc: initial_state_prop sdesc
Him: (s, im).2 = None
msg: message(∃ (i : nat) (si : state X), equivocator_state_project (equivocator_state_extend s sdesc) i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := Spawn sdesc; input := im; destination := equivocator_state_extend s sdesc; output := None |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hisdesc: initial_state_prop sdesc
Him: im = None
msg: message(∃ (i : nat) (si : state X), equivocator_state_project (equivocator_state_extend s sdesc) i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := Spawn sdesc; input := im; destination := equivocator_state_extend s sdesc; output := None |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hisdesc: initial_state_prop sdesc
msg: message(∃ (i : nat) (si : state X), equivocator_state_project (equivocator_state_extend s sdesc) i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := Spawn sdesc; input := None; destination := equivocator_state_extend s sdesc; output := None |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hisdesc: initial_state_prop sdesc
msg: message(∃ (i : nat) (si : state X), equivocator_state_project (equivocator_state_extend s sdesc) i = Some si ∧ oracle si msg) → equivocator_selector msg {| l := Spawn sdesc; input := None; destination := equivocator_state_extend s sdesc; output := None |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hisdesc: initial_state_prop sdesc
msg: messageequivocator_selector msg {| l := Spawn sdesc; input := None; destination := equivocator_state_extend s sdesc; output := None |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg) → ∃ (i : nat) (si : state X), equivocator_state_project (equivocator_state_extend s sdesc) i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hisdesc: initial_state_prop sdesc
msg: message(∃ (i : nat) (si : state X), equivocator_state_project (equivocator_state_extend s sdesc) i = Some si ∧ oracle si msg) → equivocator_selector msg {| l := Spawn sdesc; input := None; destination := equivocator_state_extend s sdesc; output := None |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hisdesc: initial_state_prop sdesc
msg: message
ins: nat
sins: state X
Hsins: equivocator_state_project (equivocator_state_extend s sdesc) ins = Some sins
Hir: oracle sins msgequivocator_selector msg {| l := Spawn sdesc; input := None; destination := equivocator_state_extend s sdesc; output := None |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hisdesc: initial_state_prop sdesc
msg: message
ins: nat
sins: state X
Hsins: equivocator_state_project (equivocator_state_extend s sdesc) ins = Some sins
Hir: oracle sins msg∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hisdesc: initial_state_prop sdesc
msg: message
ins: nat
sins: state X
Hsins: Some sdesc = Some sins
Hir: oracle sins msg
Hni: ¬ ins < equivocator_state_n s
Hins: ins = equivocator_state_n s∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hisdesc: initial_state_prop sdesc
msg: message
ins: nat
sins: state X
Hsins: Some sdesc = Some sins
Hir: oracle sins msg
Hni: ¬ ins < equivocator_state_n s
Hins: ins = equivocator_state_n s
H0: sdesc = sins∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msgby elim (oracle_no_inits _ Hisdesc msg).message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
sins: state X
Hsins: Some sins = Some sins
Hisdesc: initial_state_prop sins
msg: message
Hir: oracle sins msg
Hni: ¬ equivocator_state_n s < equivocator_state_n s∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hisdesc: initial_state_prop sdesc
msg: messageequivocator_selector msg {| l := Spawn sdesc; input := None; destination := equivocator_state_extend s sdesc; output := None |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg) → ∃ (i : nat) (si : state X), equivocator_state_project (equivocator_state_extend s sdesc) i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hisdesc: initial_state_prop sdesc
msg: message
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hir: oracle sins msg∃ (i : nat) (si : state X), equivocator_state_project (equivocator_state_extend s sdesc) i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hisdesc: initial_state_prop sdesc
msg: message
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hir: oracle sins msgequivocator_state_project (equivocator_state_extend s sdesc) ins = Some sins ∧ oracle sins msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hisdesc: initial_state_prop sdesc
msg: message
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hir: oracle sins msgequivocator_state_project (equivocator_state_extend s sdesc) ins = Some sinsby apply equivocator_state_project_Some_rev in Hsins.message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
sdesc: state X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hisdesc: initial_state_prop sdesc
msg: message
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hir: oracle sins msgins < equivocator_state_n smessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
idesc: nat
l: label X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hv: valid (ContinueWith idesc l) (s, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
idesc: nat
l: label X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hv: match equivocator_state_project s idesc with | Some si => valid l (si, im) | None => False end
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
idesc: nat
l: label X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
sidesc: state X
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
idesc: nat
l: label X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
sidesc: state X
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
sidesc': state X
om': option message
Htx: transition l (sidesc, im) = (sidesc', om')(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
oracle_step_update: input_constrained_transition X l (sidesc, im) (sidesc', om') → ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
oracle_step_update: input_constrained_transition X l (sidesc, im) (sidesc', om') → ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')input_constrained_transition X l (sidesc, im) (sidesc', om')message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')
oracle_step_update: ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
oracle_step_update: input_constrained_transition X l (sidesc, im) (sidesc', om') → ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')input_constrained_transition X l (sidesc, im) (sidesc', om')message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
oracle_step_update: input_constrained_transition X l (sidesc, im) (sidesc', om') → ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')valid_state_prop (preloaded_with_all_messages_vlsm X) sidescmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
oracle_step_update: input_constrained_transition X l (sidesc, im) (sidesc', om') → ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')option_valid_message_prop (preloaded_with_all_messages_vlsm X) imby apply (preloaded_equivocator_state_project_valid_state X _ Hs _ _ Hidesc).message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
oracle_step_update: input_constrained_transition X l (sidesc, im) (sidesc', om') → ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')valid_state_prop (preloaded_with_all_messages_vlsm X) sidescby eexists _; apply (preloaded_with_all_messages_message_valid_initial_state_message X).message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
oracle_step_update: input_constrained_transition X l (sidesc, im) (sidesc', om') → ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')option_valid_message_prop (preloaded_with_all_messages_vlsm X) immessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')
oracle_step_update: ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')
oracle_step_update: ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')
oracle_step_update: ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hom: om' = om
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) → equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n sequivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg) → ∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) → equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msgequivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
e: idesc = iequivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: idesc ≠ iequivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
e: idesc = iequivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
s'i: state X
Hs'i: equivocator_state_project s' idesc = Some s'i
Hbri: oracle s'i msg
Hlti: idesc < equivocator_state_n s'equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
s'i: state X
Hs'i: equivocator_state_project s' idesc = Some s'i
Hbri: oracle s'i msg
Hlti: idesc < equivocator_state_n s'equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
s'i: state X
Hsame: default (equivocator_state_zero s') (Some s'i) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hs'i: equivocator_state_project s' idesc = Some s'i
Hbri: oracle s'i msg
Hlti: idesc < equivocator_state_n s'equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
s'i: state X
Hsame: s'i = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hs'i: equivocator_state_project s' idesc = Some s'i
Hbri: oracle s'i msg
Hlti: idesc < equivocator_state_n s'equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hbri: oracle sidesc' msg
Hs'i: equivocator_state_project s' idesc = Some sidesc'
Hlti: idesc < equivocator_state_n s'equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hbri: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Hs'i: equivocator_state_project s' idesc = Some sidesc'
Hlti: idesc < equivocator_state_n s'equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)by left; revert H; apply Hselector_io.message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Ht_size: equivocator_state_n s' = equivocator_state_n s
H: selector msg {| l := l; input := im; destination := sidesc'; output := om |}
Hs'i: equivocator_state_project s' idesc = Some sidesc'
Hlti: idesc < equivocator_state_n s'equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: idesc ≠ iequivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: idesc ≠ i∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: idesc ≠ iequivocator_state_project s i = Some s'i ∧ oracle s'i msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: idesc ≠ iequivocator_state_project s i = Some s'imessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
i: nat
Hnot_same: i < equivocator_state_n s → idesc ≠ i → equivocator_state_descriptor_project s' (Existing i) = equivocator_state_descriptor_project s (Existing i)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: idesc ≠ iequivocator_state_project s i = Some s'imessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
i: nat
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: idesc ≠ i
Hnot_same: idesc ≠ i → equivocator_state_descriptor_project s' (Existing i) = equivocator_state_descriptor_project s (Existing i)equivocator_state_project s i = Some s'imessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
i: nat
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: idesc ≠ i
Hnot_same: equivocator_state_descriptor_project s' (Existing i) = equivocator_state_descriptor_project s (Existing i)equivocator_state_project s i = Some s'imessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
i: nat
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: idesc ≠ i
Hnot_same: default (equivocator_state_zero s') (equivocator_state_project s' i) = default (equivocator_state_zero s) (equivocator_state_project s i)equivocator_state_project s i = Some s'imessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
i: nat
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: idesc ≠ i
Hnot_same: default (equivocator_state_zero s') (Some s'i) = default (equivocator_state_zero s) (equivocator_state_project s i)equivocator_state_project s i = Some s'iby cbn in Hnot_same; congruence.message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
i: nat
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: idesc ≠ i
si: state X
Hnot_same: default (equivocator_state_zero s') (Some s'i) = default (equivocator_state_zero s) (Some si)
Hlti': i < equivocator_state_n sSome si = Some s'imessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n sequivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg) → ∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n sequivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg) → ∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n sequivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg) → ∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
Heq_im: equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |}∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
Heq_im: equivocator_selector msg {| l := ContinueWith idesc l; input := im; destination := s'; output := om |}∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
Heq_im: match VLSM.l {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} with | Spawn _ => False | ContinueWith _ l0 | ForkWith _ l0 => selector msg {| l := l0; input := input {| l := ContinueWith idesc l; input := im; destination := s'; output := om |}; destination := equivocator_state_zero (destination {| l := ContinueWith idesc l; input := im; destination := s'; output := om |}); output := output {| l := ContinueWith idesc l; input := im; destination := s'; output := om |} |} end∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
Heq_im: selector msg {| l := l; input := im; destination := equivocator_state_zero s'; output := om |}∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
Heq_im: selector msg {| l := l; input := im; destination := sidesc'; output := om |}∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
Heq_im: selector msg {| l := l; input := im; destination := sidesc'; output := om |}∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
Heq_im: selector msg {| l := l; input := im; destination := sidesc'; output := om |}equivocator_state_project s' idesc = Some sidesc' ∧ oracle sidesc' msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
Heq_im: selector msg {| l := l; input := im; destination := sidesc'; output := om |}equivocator_state_project s' idesc = Some sidesc' ∧ oracle sidesc' msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
_sidesc': state X
Hsame: default (equivocator_state_zero s') (Some _sidesc') = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
Heq_im: selector msg {| l := l; input := im; destination := sidesc'; output := om |}
Hlst: idesc < equivocator_state_n s'Some _sidesc' = Some sidesc' ∧ oracle sidesc' msgby subst.message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
_sidesc': state X
Hsame: _sidesc' = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
Heq_im: selector msg {| l := l; input := im; destination := sidesc'; output := om |}
Hlst: idesc < equivocator_state_n s'Some _sidesc' = Some sidesc' ∧ oracle sidesc' msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: equivocator_state_descriptor_project s' (Existing idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
e: idesc = ins∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
n: idesc ≠ ins∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
ins: nat
Hidesc: equivocator_state_project s ins = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith ins l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' ins) = sidesc'
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → ins ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: ins < equivocator_state_n s
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
n: idesc ≠ ins∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
ins: nat
Hidesc: equivocator_state_project s ins = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith ins l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' ins) = sidesc'
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → ins ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: ins < equivocator_state_n s
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
ins: nat
sins: state X
Hidesc: Some sins = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith ins l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' ins) = sidesc'
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → ins ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: ins < equivocator_state_n s
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
ins: nat
sins: state X
Hidesc: Some sins = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith ins l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' ins) = sidesc'
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → ins ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: ins < equivocator_state_n s
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
H0: sins = sidesc∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc': state X
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
ins: nat
sins: state X
Hv: valid l (sins, im)
Hidesc: Some sins = Some sins
Ht: transition (ContinueWith ins l) (s, im) = (s', om)
msg: message
Htx: transition l (sins, im) = (sidesc', om)
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sins msg → oracle sidesc' msg
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' ins) = sidesc'
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → ins ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: ins < equivocator_state_n s
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc': state X
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
ins: nat
sins: state X
Hv: valid l (sins, im)
Hidesc: Some sins = Some sins
Ht: transition (ContinueWith ins l) (s, im) = (s', om)
msg: message
Htx: transition l (sins, im) = (sidesc', om)
oracle_step_update: oracle sidesc' msg
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' ins) = sidesc'
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → ins ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: ins < equivocator_state_n s
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc': state X
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
ins: nat
sins: state X
Hv: valid l (sins, im)
Hidesc: Some sins = Some sins
Ht: transition (ContinueWith ins l) (s, im) = (s', om)
msg: message
Htx: transition l (sins, im) = (sidesc', om)
oracle_step_update: oracle sidesc' msg
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' ins) = sidesc'
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → ins ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: ins < equivocator_state_n s
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n sequivocator_state_project s' ins = Some sidesc' ∧ oracle sidesc' msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc': state X
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
ins: nat
sins: state X
Hv: valid l (sins, im)
Hidesc: Some sins = Some sins
Ht: transition (ContinueWith ins l) (s, im) = (s', om)
msg: message
Htx: transition l (sins, im) = (sidesc', om)
oracle_step_update: oracle sidesc' msg
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' ins) = sidesc'
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → ins ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: ins < equivocator_state_n s
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n sequivocator_state_project s' ins = Some sidesc'by destruct_equivocator_state_project s' ins _sidesc' Hins; [subst | lia].message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc': state X
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
ins: nat
sins: state X
Hv: valid l (sins, im)
Hidesc: Some sins = Some sins
Ht: transition (ContinueWith ins l) (s, im) = (s', om)
msg: message
Htx: transition l (sins, im) = (sidesc', om)
oracle_step_update: oracle sidesc' msg
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' ins) = sidesc'
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → ins ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: ins < equivocator_state_n s
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n sequivocator_state_project s' ins = Some sidesc'message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
n: idesc ≠ ins∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
n: idesc ≠ insequivocator_state_project s' ins = Some sins ∧ oracle sins msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_same: ∀ ni : nat, ni < equivocator_state_n s → idesc ≠ ni → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
n: idesc ≠ insequivocator_state_project s' ins = Some sinsmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
ins: nat
Hnot_same: ins < equivocator_state_n s → idesc ≠ ins → equivocator_state_descriptor_project s' (Existing ins) = equivocator_state_descriptor_project s (Existing ins)
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
n: idesc ≠ insequivocator_state_project s' ins = Some sinsmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
ins: nat
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
n: idesc ≠ ins
Hnot_same: idesc ≠ ins → equivocator_state_descriptor_project s' (Existing ins) = equivocator_state_descriptor_project s (Existing ins)equivocator_state_project s' ins = Some sinsmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
ins: nat
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
n: idesc ≠ ins
Hnot_same: equivocator_state_descriptor_project s' (Existing ins) = equivocator_state_descriptor_project s (Existing ins)equivocator_state_project s' ins = Some sinsmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
ins: nat
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
n: idesc ≠ ins
Hnot_same: default (equivocator_state_zero s') (equivocator_state_project s' ins) = default (equivocator_state_zero s) (equivocator_state_project s ins)equivocator_state_project s' ins = Some sinsmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
ins: nat
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
n: idesc ≠ ins
Hnot_same: default (equivocator_state_zero s') (equivocator_state_project s' ins) = default (equivocator_state_zero s) (Some sins)equivocator_state_project s' ins = Some sinscbn in Hnot_same; congruence.message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ContinueWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
ins: nat
Hsame: default (equivocator_state_zero s') (equivocator_state_project s' idesc) = sidesc'
Ht_size: equivocator_state_n s' = equivocator_state_n s
Hltidesc: idesc < equivocator_state_n s
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
n: idesc ≠ ins
_sins: state X
Hnot_same: default (equivocator_state_zero s') (Some _sins) = default (equivocator_state_zero s) (Some sins)
Hins: ins < equivocator_state_n s'Some _sins = Some sinsmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
idesc: nat
l: label X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hv: valid (ForkWith idesc l) (s, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
idesc: nat
l: label X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hv: match equivocator_state_project s idesc with | Some si => valid l (si, im) | None => False end
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
idesc: nat
l: label X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
sidesc: state X
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
oracle_step_update: ∀ (l : label (preloaded_with_all_messages_vlsm X)) (s : state (preloaded_with_all_messages_vlsm X)) (im : option message) (s' : state (preloaded_with_all_messages_vlsm X)) (om : option message), input_constrained_transition X l (s, im) (s', om) → ∀ msg : message, oracle s' msg ↔ selector msg {| l := l; input := im; destination := s'; output := om |} ∨ oracle s msg
idesc: nat
l: label X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
sidesc: state X
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
sidesc': state X
om': option message
Htx: transition l (sidesc, im) = (sidesc', om')(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
oracle_step_update: input_constrained_transition X l (sidesc, im) (sidesc', om') → ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
oracle_step_update: input_constrained_transition X l (sidesc, im) (sidesc', om') → ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')input_constrained_transition X l (sidesc, im) (sidesc', om')message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')
oracle_step_update: ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
oracle_step_update: input_constrained_transition X l (sidesc, im) (sidesc', om') → ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')input_constrained_transition X l (sidesc, im) (sidesc', om')message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
oracle_step_update: input_constrained_transition X l (sidesc, im) (sidesc', om') → ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')valid_state_prop (preloaded_with_all_messages_vlsm X) sidescmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
oracle_step_update: input_constrained_transition X l (sidesc, im) (sidesc', om') → ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')option_valid_message_prop (preloaded_with_all_messages_vlsm X) imby apply (preloaded_equivocator_state_project_valid_state X _ Hs _ _ Hidesc).message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
oracle_step_update: input_constrained_transition X l (sidesc, im) (sidesc', om') → ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')valid_state_prop (preloaded_with_all_messages_vlsm X) sidescby eexists _; apply (preloaded_with_all_messages_message_valid_initial_state_message X).message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
oracle_step_update: input_constrained_transition X l (sidesc, im) (sidesc', om') → ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')option_valid_message_prop (preloaded_with_all_messages_vlsm X) immessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')
oracle_step_update: ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')
oracle_step_update: ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
om': option message
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
Htx: transition l (sidesc, im) = (sidesc', om')
oracle_step_update: ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om' |} ∨ oracle sidesc msg
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hom: om' = om
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: ∀ msg : message, oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) ↔ equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) → equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg) → ∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)(∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msg) → equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msgequivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
e: i = equivocator_state_n sequivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: i ≠ equivocator_state_n sequivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
e: i = equivocator_state_n sequivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
s'i: state X
Hs'i: equivocator_state_project s' (equivocator_state_n s) = Some s'i
Hbri: oracle s'i msg
Hlti: equivocator_state_n s < equivocator_state_n s'equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: default (equivocator_state_zero s') (equivocator_state_project s' (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
s'i: state X
Hs'i: equivocator_state_project s' (equivocator_state_n s) = Some s'i
Hbri: oracle s'i msg
Hlti: equivocator_state_n s < equivocator_state_n s'equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
s'i: state X
Hlast: default (equivocator_state_zero s') (Some s'i) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
Hs'i: equivocator_state_project s' (equivocator_state_n s) = Some s'i
Hbri: oracle s'i msg
Hlti: equivocator_state_n s < equivocator_state_n s'equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
s'i: state X
Hlast: s'i = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
Hs'i: equivocator_state_project s' (equivocator_state_n s) = Some s'i
Hbri: oracle s'i msg
Hlti: equivocator_state_n s < equivocator_state_n s'equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
Hbri: oracle sidesc' msg
Hs'i: equivocator_state_project s' (equivocator_state_n s) = Some sidesc'
Hlti: equivocator_state_n s < equivocator_state_n s'equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
Hbri: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Hs'i: equivocator_state_project s' (equivocator_state_n s) = Some sidesc'
Hlti: equivocator_state_n s < equivocator_state_n s'equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)by left; revert H; apply Hselector_io.message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
H: selector msg {| l := l; input := im; destination := sidesc'; output := om |}
Hs'i: equivocator_state_project s' (equivocator_state_n s) = Some sidesc'
Hlti: equivocator_state_n s < equivocator_state_n s'equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: i ≠ equivocator_state_n sequivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg)message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: i ≠ equivocator_state_n s∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: i ≠ equivocator_state_n sequivocator_state_project s i = Some s'i ∧ oracle s'i msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
i: nat
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: i ≠ equivocator_state_n sequivocator_state_project s i = Some s'imessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
i: nat
Hnot_last: i < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing i) = equivocator_state_descriptor_project s (Existing i)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: i ≠ equivocator_state_n sequivocator_state_project s i = Some s'imessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
i: nat
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: i ≠ equivocator_state_n s
Hnot_last: equivocator_state_descriptor_project s' (Existing i) = equivocator_state_descriptor_project s (Existing i)equivocator_state_project s i = Some s'imessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
i: nat
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: i ≠ equivocator_state_n s
Hnot_last: default (equivocator_state_zero s') (equivocator_state_project s' i) = default (equivocator_state_zero s) (equivocator_state_project s i)equivocator_state_project s i = Some s'imessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
i: nat
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: i ≠ equivocator_state_n s
Hnot_last: default (equivocator_state_zero s') (Some s'i) = default (equivocator_state_zero s) (equivocator_state_project s i)equivocator_state_project s i = Some s'iby cbn in Hnot_last; congruence.message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
i: nat
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
s'i: state X
Hs'i: equivocator_state_project s' i = Some s'i
Hbri: oracle s'i msg
Hlti: i < equivocator_state_n s'
n: i ≠ equivocator_state_n s
si: state X
Hnot_last: default (equivocator_state_zero s') (Some s'i) = default (equivocator_state_zero s) (Some si)
Hlti': i < equivocator_state_n sSome si = Some s'imessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg ↔ selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg) → ∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |} ∨ (∃ (i : nat) (si : state X), equivocator_state_project s i = Some si ∧ oracle si msg) → ∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
Heq_im: equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |}∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
Heq_im: equivocator_selector msg {| l := ForkWith idesc l; input := im; destination := s'; output := om |}∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
Heq_im: match VLSM.l {| l := ForkWith idesc l; input := im; destination := s'; output := om |} with | Spawn _ => False | ContinueWith _ l0 | ForkWith _ l0 => selector msg {| l := l0; input := input {| l := ForkWith idesc l; input := im; destination := s'; output := om |}; destination := equivocator_state_zero (destination {| l := ForkWith idesc l; input := im; destination := s'; output := om |}); output := output {| l := ForkWith idesc l; input := im; destination := s'; output := om |} |} end∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
Heq_im: selector msg {| l := l; input := im; destination := equivocator_state_zero s'; output := om |}∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
Heq_im: selector msg {| l := l; input := im; destination := sidesc'; output := om |}∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
Heq_im: selector msg {| l := l; input := im; destination := sidesc'; output := om |}∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
Heq_im: selector msg {| l := l; input := im; destination := sidesc'; output := om |}equivocator_state_project s' (equivocator_state_n s) = Some sidesc' ∧ oracle sidesc' msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: default (equivocator_state_zero s') (equivocator_state_project s' (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
Heq_im: selector msg {| l := l; input := im; destination := sidesc'; output := om |}equivocator_state_project s' (equivocator_state_n s) = Some sidesc' ∧ oracle sidesc' msgby subst.message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
_sidesc': state X
Hlast: default (equivocator_state_zero s') (Some _sidesc') = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
Heq_im: selector msg {| l := l; input := im; destination := sidesc'; output := om |}
Hlst: equivocator_state_n s < equivocator_state_n s'Some _sidesc' = Some sidesc' ∧ oracle sidesc' msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
Hnot_last: ∀ ni : nat, ni < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ni) = equivocator_state_descriptor_project s (Existing ni)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
ins: nat
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
ins: nat
Hnot_last: ins < equivocator_state_n s → equivocator_state_descriptor_project s' (Existing ins) = equivocator_state_descriptor_project s (Existing ins)
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
ins: nat
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
Hnot_last: equivocator_state_descriptor_project s' (Existing ins) = equivocator_state_descriptor_project s (Existing ins)∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
ins: nat
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
Hnot_last: default (equivocator_state_zero s') (equivocator_state_project s' ins) = default (equivocator_state_zero s) (equivocator_state_project s ins)∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
ins: nat
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
Hnot_last: default (equivocator_state_zero s') (equivocator_state_project s' ins) = default (equivocator_state_zero s) (Some sins)∃ (i : nat) (si : state X), equivocator_state_project s' i = Some si ∧ oracle si msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
ins: nat
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
Hnot_last: default (equivocator_state_zero s') (equivocator_state_project s' ins) = default (equivocator_state_zero s) (Some sins)equivocator_state_project s' ins = Some sins ∧ oracle sins msgmessage: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
ins: nat
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
Hnot_last: default (equivocator_state_zero s') (equivocator_state_project s' ins) = default (equivocator_state_zero s) (Some sins)equivocator_state_project s' ins = Some sinsby cbn in Hnot_last; congruence. Qed. End sec_oracle_lifting. Section sec_has_been_received_lifting.message: Type
X: VLSM message
selector: message → transition_item → Prop
Hselector_io: ∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), selector m {| l := l1; input := im; destination := s1; output := om |} ↔ selector m {| l := l2; input := im; destination := s2; output := om |}
oracle: state X → message → Prop
Hdec: RelDecision oracle
Hstepwise: oracle_stepwise_props selector oracle
oracle_no_inits: ∀ s : state X, initial_state_prop s → ∀ m : message, ¬ oracle s m
l: label X
im: option message
sidesc, sidesc': state X
idesc: nat
s, s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
Hs: valid_state_prop (preloaded_with_all_messages_vlsm (equivocator_vlsm X)) s
Hidesc: equivocator_state_project s idesc = Some sidesc
Hv: valid l (sidesc, im)
Ht: transition (ForkWith idesc l) (s, im) = (s', om)
msg: message
oracle_step_update: selector msg {| l := l; input := im; destination := sidesc'; output := om |} ∨ oracle sidesc msg → oracle sidesc' msg
Htx: transition l (sidesc, im) = (sidesc', om)
ins: nat
Hlast: equivocator_state_descriptor_project s' (Existing (equivocator_state_n s)) = sidesc'
Ht_size: equivocator_state_n s' = S (equivocator_state_n s)
sins: state X
Hsins: equivocator_state_project s ins = Some sins
Hbri: oracle sins msg
Hltins: ins < equivocator_state_n s
_sins: state X
Hnot_last: default (equivocator_state_zero s') (Some _sins) = default (equivocator_state_zero s) (Some sins)
Hltins': ins < equivocator_state_n s'Some _sins = Some sins
Context
`{HasBeenReceivedCapability message X}
.
We define has_been_received for the equivocator_vlsm as being received by any
of the internal machines.
Definition equivocator_has_been_received := equivocator_oracle (has_been_received X). #[export] Instance equivocator_has_been_received_dec : RelDecision equivocator_has_been_received := equivocator_oracle_dec (has_been_received X) _.message: Type
X: VLSM message
H: HasBeenReceivedCapability Xhas_been_received_stepwise_prop equivocator_has_been_receivedmessage: Type
X: VLSM message
H: HasBeenReceivedCapability Xhas_been_received_stepwise_prop equivocator_has_been_receivedmessage: Type
X: VLSM message
H: HasBeenReceivedCapability Xoracle_stepwise_props ?selector equivocator_has_been_receivedmessage: Type
X: VLSM message
H: HasBeenReceivedCapability X∀ (s : state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))) (item : transition_item), input_constrained_transition_item (equivocator_vlsm X) s item → ∀ m : message, ?selector m item ↔ field_selector input m itemmessage: Type
X: VLSM message
H: HasBeenReceivedCapability Xoracle_stepwise_props ?selector equivocator_has_been_receivedby cbv; itauto.message: Type
X: VLSM message
H: HasBeenReceivedCapability X∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), field_selector input m {| l := l1; input := im; destination := s1; output := om |} ↔ field_selector input m {| l := l2; input := im; destination := s2; output := om |}message: Type
X: VLSM message
H: HasBeenReceivedCapability X∀ (s : state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))) (item : transition_item), input_constrained_transition_item (equivocator_vlsm X) s item → ∀ m : message, equivocator_selector (field_selector input) m item ↔ field_selector input m itemmessage: Type
X: VLSM message
H: HasBeenReceivedCapability X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
s0: state X
input: option message
destination: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
output: option messageinput_constrained_transition_item (equivocator_vlsm X) s {| l := Spawn s0; input := input; destination := destination; output := output |} → ∀ m : message, False ↔ input = Some mby itauto congruence. Qed.message: Type
X: VLSM message
H: HasBeenReceivedCapability X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
s0: state X
destination: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
output: option message∀ m : message, False ↔ None = Some m
Finally we define the HasBeenReceivedCapability for the equivocator_vlsm.
#[export] Instance equivocator_HasBeenReceivedCapability : HasBeenReceivedCapability (equivocator_vlsm X) := Build_HasBeenReceivedCapability (equivocator_vlsm X) equivocator_has_been_received equivocator_has_been_received_dec equivocator_has_been_received_stepwise_props. End sec_has_been_received_lifting. Section sec_has_been_sent_lifting.
Context
`{HasBeenSentCapability message X}
.
We define has_been_sent for the equivocator_vlsm as being sent by any
of the internal machines.
Definition equivocator_has_been_sent := equivocator_oracle (has_been_sent X). #[export] Instance equivocator_has_been_sent_dec : RelDecision equivocator_has_been_sent := equivocator_oracle_dec (has_been_sent X) _.message: Type
X: VLSM message
H: HasBeenSentCapability Xhas_been_sent_stepwise_prop equivocator_has_been_sentmessage: Type
X: VLSM message
H: HasBeenSentCapability Xhas_been_sent_stepwise_prop equivocator_has_been_sentmessage: Type
X: VLSM message
H: HasBeenSentCapability Xoracle_stepwise_props ?selector equivocator_has_been_sentmessage: Type
X: VLSM message
H: HasBeenSentCapability X∀ (s : state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))) (item : transition_item), input_constrained_transition_item (equivocator_vlsm X) s item → ∀ m : message, ?selector m item ↔ field_selector output m itemmessage: Type
X: VLSM message
H: HasBeenSentCapability Xoracle_stepwise_props ?selector equivocator_has_been_sentby cbv; itauto.message: Type
X: VLSM message
H: HasBeenSentCapability X∀ (l1 l2 : label X) (s1 s2 : state X) (im om : option message) (m : message), field_selector output m {| l := l1; input := im; destination := s1; output := om |} ↔ field_selector output m {| l := l2; input := im; destination := s2; output := om |}message: Type
X: VLSM message
H: HasBeenSentCapability X∀ (s : state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))) (item : transition_item), input_constrained_transition_item (equivocator_vlsm X) s item → ∀ m : message, equivocator_selector (field_selector output) m item ↔ field_selector output m itemmessage: Type
X: VLSM message
H: HasBeenSentCapability X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
s0: state X
input: option message
destination: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
output: option messageinput_constrained_transition_item (equivocator_vlsm X) s {| l := Spawn s0; input := input; destination := destination; output := output |} → ∀ m : message, False ↔ output = Some mby itauto congruence. Qed.message: Type
X: VLSM message
H: HasBeenSentCapability X
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
s0: state X
input: option message
destination: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
output: option message∀ m : message, False ↔ None = Some m
Finally we define the HasBeenSentCapability for the equivocator_vlsm.
#[export] Instance equivocator_HasBeenSentCapability : HasBeenSentCapability (equivocator_vlsm X) := Build_HasBeenSentCapability (equivocator_vlsm X) equivocator_has_been_sent equivocator_has_been_sent_dec equivocator_has_been_sent_stepwise_props. End sec_has_been_sent_lifting. Section sec_ComputableSentMessages_lifting.
Context
`{!ComputableSentMessages X}
`(EqDecision message)
.
We define the sent_messages_set for the equivocator_vlsm as the
union of all sent_messages_set for its internal machines.
Definition equivocator_sent_messages_set (s : state (equivocator_vlsm X)) : set message := fold_right set_union [] (map (fun i => match equivocator_state_project s i with | None => [] | Some si => sent_messages_set si end) (up_to_n_listing (equivocator_state_n s))).message: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message∀ (s : state (equivocator_vlsm X)) (m : message), equivocator_has_been_sent s m ↔ m ∈ equivocator_sent_messages_set smessage: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message∀ (s : state (equivocator_vlsm X)) (m : message), equivocator_has_been_sent s m ↔ m ∈ equivocator_sent_messages_set smessage: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
m: messageequivocator_has_been_sent s m → m ∈ equivocator_sent_messages_set smessage: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
m: messagem ∈ equivocator_sent_messages_set s → equivocator_has_been_sent s mmessage: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
m: messageequivocator_has_been_sent s m → m ∈ equivocator_sent_messages_set smessage: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
m: message
i: nat
si: state X
Hsi: equivocator_state_project s i = Some si
Hbs: has_been_sent X si mm ∈ equivocator_sent_messages_set smessage: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
m: message
i: nat
si: state X
Hsi: equivocator_state_project s i = Some si
Hbs: has_been_sent X si m∃ x : set message, x ∈ map (λ i : nat, match equivocator_state_project s i with | Some si => sent_messages_set si | None => [] end) (up_to_n_listing (equivocator_state_n s)) ∧ m ∈ xmessage: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
m: message
i: nat
si: state X
Hsi: equivocator_state_project s i = Some si
Hbs: has_been_sent X si msent_messages_set si ∈ map (λ i : nat, match equivocator_state_project s i with | Some si => sent_messages_set si | None => [] end) (up_to_n_listing (equivocator_state_n s))by eapply up_to_n_full, equivocator_state_project_Some_rev.message: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
m: message
i: nat
si: state X
Hsi: equivocator_state_project s i = Some si
Hbs: has_been_sent X si mi ∈ up_to_n_listing (equivocator_state_n s)message: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
m: messagem ∈ equivocator_sent_messages_set s → equivocator_has_been_sent s mmessage: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
m: message
Hm: m ∈ equivocator_sent_messages_set sequivocator_has_been_sent s mmessage: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
m: message
senti: set message
Hsenti: senti ∈ map (λ i : nat, match equivocator_state_project s i with | Some si => sent_messages_set si | None => [] end) (up_to_n_listing (equivocator_state_n s))
Hm: m ∈ sentiequivocator_has_been_sent s mmessage: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
m: message
i: nat
Hi: i ∈ up_to_n_listing (equivocator_state_n s)
Hm: m ∈ match equivocator_state_project s i with | Some si => sent_messages_set si | None => [] endequivocator_has_been_sent s mmessage: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
m: message
i: nat
Hi: i < equivocator_state_n s
Hm: m ∈ match equivocator_state_project s i with | Some si => sent_messages_set si | None => [] endequivocator_has_been_sent s mby exists i, si; split; [| apply elem_of_sent_messages_set]. Qed.message: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
m: message
i: nat
Hi: i < equivocator_state_n s
si: state X
Hsi: equivocator_state_project s i = Some si
Hm: m ∈ sent_messages_set siequivocator_has_been_sent s mmessage: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision messageComputableSentMessages (equivocator_vlsm X)message: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision messageComputableSentMessages (equivocator_vlsm X)message: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
H: initial_state_prop s
m: messagem ∉ equivocator_sent_messages_set smessage: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
H: input_constrained_transition (equivocator_vlsm X) l ( s, im) (s', om)
msg: messagemsg ∈ equivocator_sent_messages_set s' ↔ field_selector output msg {| l := l; input := im; destination := s'; output := om |} ∨ msg ∈ equivocator_sent_messages_set smessage: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
H: initial_state_prop s
m: messagem ∉ equivocator_sent_messages_set sby eapply equivocator_has_been_sent_stepwise_props.message: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
s: state (equivocator_vlsm X)
H: initial_state_prop s
m: message¬ equivocator_has_been_sent s mmessage: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
H: input_constrained_transition (equivocator_vlsm X) l ( s, im) (s', om)
msg: messagemsg ∈ equivocator_sent_messages_set s' ↔ field_selector output msg {| l := l; input := im; destination := s'; output := om |} ∨ msg ∈ equivocator_sent_messages_set sby eapply equivocator_has_been_sent_stepwise_props. Qed. End sec_ComputableSentMessages_lifting. End sec_equivocator_vlsm_message_properties.message: Type
X: VLSM message
ComputableSentMessages0: ComputableSentMessages X
EqDecision0: EqDecision message
l: label (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
s: state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
im: option message
s': state (preloaded_with_all_messages_vlsm (equivocator_vlsm X))
om: option message
H: input_constrained_transition (equivocator_vlsm X) l ( s, im) (s', om)
msg: messageequivocator_has_been_sent s' msg ↔ field_selector output msg {| l := l; input := im; destination := s'; output := om |} ∨ equivocator_has_been_sent s msg