Towards Concurrent Type Theory

Transcription

1 Towards Concurrent Type Theory Luís Caires 1, Frank Pfenning 2, Bernardo Toninho 1,2 1 Universidade Nova de Lisboa 2 Carnegie Mellon University Workshop on Types in Language Design and Implementation (TLDI) January 28, / 1

2 Proofs and programs In intuitionistic logic: Propositions are simple types Proofs are functional programs Proof reduction is computation 2 / 1

3 Proofs and programs In intuitionistic logic: Propositions are simple types Proofs are functional programs Proof reduction is computation Curry (1934) Axiomatic proofs are combinators Proof reduction is combinatory reduction Howard (1969) Natural deductions are λ-terms Proof reduction is functional computation 2 / 1

4 Proofs and programs In intuitionistic logic: Propositions are simple types Proofs are functional programs Proof reduction is computation Curry (1934) Axiomatic proofs are combinators Proof reduction is combinatory reduction Howard (1969) Natural deductions are λ-terms Proof reduction is functional computation These are isomorphisms! 2 / 1

5 Other instances Capture computational phenomena logically Modal logic (JS4) and staged computation (Davies & Pf. 1996) Temporal logic and partial evaluation (Davies 1996) Lax logic and effects (Benton et al. 1998) Modal logic (JT) and proof irrelevance (Pf. 2008)... (but not as easy as it looks) 3 / 1

6 Other instances Capture computational phenomena logically Modal logic (JS4) and staged computation (Davies & Pf. 1996) Temporal logic and partial evaluation (Davies 1996) Lax logic and effects (Benton et al. 1998) Modal logic (JT) and proof irrelevance (Pf. 2008)... (but not as easy as it looks) This talk: Linear propositions as session types Sequent proofs as π-calculus processes Cut reduction as communication 3 / 1

7 Type theory Type theory (Martin-Löf 1980) Generalizes intuitionistic logic Types depend on programs Full integration of reasoning and programming 4 / 1

8 Type theory Type theory (Martin-Löf 1980) Generalizes intuitionistic logic Types depend on programs Full integration of reasoning and programming Co-design of language and reasoning principles! 4 / 1

9 Type theory Type theory (Martin-Löf 1980) Generalizes intuitionistic logic Types depend on programs Full integration of reasoning and programming Co-design of language and reasoning principles! This talk: Session types depend on functional values Communicate channels and values (= proofs) 4 / 1

10 Type theory Type theory (Martin-Löf 1980) Generalizes intuitionistic logic Types depend on programs Full integration of reasoning and programming Co-design of language and reasoning principles! This talk: Session types depend on functional values Communicate channels and values (= proofs) Not yet: Types do not depend on channels or processes Processes are not communicated 4 / 1

11 Outline 1 Session types for π-calculus 2 Dependent session types 3 Proof irrelevance 4 Some results 5 Conclusion 5 / 1

12 Judgment forms Judgment P :: x : A Process P offers service A along channel x Linear sequent A 1,..., A }{{} n A Cut as composition A, A C, C Identity as forwarding cut A A A id A 6 / 1

13 Judgment forms Judgment P :: x : A Process P offers service A along channel x Linear sequent P uses x i :A i and offers x:a. Cut as composition x 1 :A 1,..., x n :A }{{} n P :: x : A A Identity as forwarding, A C, C cut A A A id A 6 / 1

14 Judgment forms Judgment P :: x : A Process P offers service A along channel x Linear sequent P uses x i :A i and offers x:a. Cut as composition x 1 :A 1,..., x n :A }{{} n P :: x : A x : A, x:a z : C, z : C cut A Identity as forwarding A A id A 6 / 1

15 Judgment forms Judgment P :: x : A Process P offers service A along channel x Linear sequent P uses x i :A i and offers x:a. Cut as composition P :: x : A x 1 :A 1,..., x n :A }{{} n P :: x : A, x:a Q :: z : C, (νx)(p Q) :: z : C cut A Identity as forwarding A A id A 6 / 1

16 Judgment forms Judgment P :: x : A Process P offers service A along channel x Linear sequent x 1 :A 1,..., x n :A }{{} n P :: x : A P uses x i :A i and offers x:a. Cut as composition P :: x : A Identity as forwarding, x:a Q :: z : C, (νx)(p Q) :: z : C cut A x:a z : A id A 6 / 1

17 Judgment forms Judgment P :: x : A Process P offers service A along channel x Linear sequent x 1 :A 1,..., x n :A }{{} n P :: x : A P uses x i :A i and offers x:a. Cut as composition P :: x : A Identity as forwarding, x:a Q :: z : C, (νx)(p Q) :: z : C cut A x:a [x z] :: z : A id A 6 / 1

18 Offering input (A B) P :: x : A B P inputs an A along x and then behaves as B Right rule: offer of service, A B A B R Left rule: matching use of service A, B C,, A B C L 7 / 1

19 Offering input (A B) P :: x : A B P inputs an A along x and then behaves as B Right rule: offer of service, A B A B R Left rule: matching use of service A, B C,, A B C L 7 / 1

20 Offering input (A B) P :: x : A B P inputs an A along x and then behaves as B Right rule: offer of service, y:a x : B x : A B R Left rule: matching use of service A, B C,, A B C L 7 / 1

21 Offering input (A B) P :: x : A B P inputs an A along x and then behaves as B Right rule: offer of service, y:a P :: x : B x(y).p :: x : A B R Can reuse x, due to linearity! Left rule: matching use of service A, B C,, A B C L 7 / 1

22 Offering input (A B) P :: x : A B P inputs an A along x and then behaves as B Right rule: offer of service, y:a P :: x : B x(y).p :: x : A B R Can reuse x, due to linearity! Left rule: matching use of service A, B C,, A B C L 7 / 1

23 Offering input (A B) P :: x : A B P inputs an A along x and then behaves as B Right rule: offer of service, y:a P :: x : B x(y).p :: x : A B R Can reuse x, due to linearity! Left rule: matching use of service y : A, x:b z : C,, x:a B z : C L 7 / 1

24 Offering input (A B) P :: x : A B P inputs an A along x and then behaves as B Right rule: offer of service, y:a P :: x : B x(y).p :: x : A B R Can reuse x, due to linearity! Left rule: matching use of service P :: y : A, x:b Q :: z : C,, x:a B (νy)x y.(p Q) :: z : C L Can reuse x, due to linearity Channel y must be new (bound output) 7 / 1

25 Proof and process reduction Proof reduction, A B A B R 1 A 2, B C 1, 2, A B C 1 A, 1, 2 C, A B, 1 B cut A, 1, 2 C Corresponding process reduction 2, B C L cut A B cut B, 1, 2 (νx)(x(y).p 1 (νw)(x w.(p 2 Q))) :: z : C, 1, 2 (νx)((νw)(p 2 P 1 {w/y}) Q) :: z : C 8 / 1

26 Process reduction Corresponding process reduction (νx)(x(y).p 1 (νw)(x w.(p 2 Q))) (νx)((νw)(p 2 P 1 {w/y}) Q) Instance of (modulo structural congruence) (x(y).p x w.q) (P{w/y} Q) Synchronous π-calculus Typing modulo structural congruence 9 / 1

27 Preview Linear propositions as session types P :: x : A B P :: x : A B P :: x : 1 P :: x : A & B P :: x : A B P :: x :!A Input a y:a along x and behave as B Output new y:a along x and behave as B Terminate session on x Offer choice between A and B along x Offer either A or B along x Offer A persistently along x Sequent proofs as process expressions Proof reduction as process reduction 10 / 1

28 Offering output (A B) P :: x : A B P outputs a fresh y:a along x and then behaves as B Right rule: offer output A B, A B R Left rule: perform matching input, A, B C, A B C L 11 / 1

29 Offering output (A B) P :: x : A B P outputs a fresh y:a along x and then behaves as B Right rule: offer output A B, A B R Left rule: perform matching input, A, B C, A B C L 11 / 1

30 Offering output (A B) P :: x : A B P outputs a fresh y:a along x and then behaves as B Right rule: offer output y : A x : B, x : A B R Left rule: perform matching input, A, B C, A B C L 11 / 1

31 Offering output (A B) P :: x : A B P outputs a fresh y:a along x and then behaves as B Right rule: offer output P :: y : A Q :: x : B, (νy)x y.(p Q) :: x : A B R Left rule: perform matching input, A, B C, A B C L 11 / 1

32 Offering output (A B) P :: x : A B P outputs a fresh y:a along x and then behaves as B Right rule: offer output P :: y : A Q :: x : B, (νy)x y.(p Q) :: x : A B R Left rule: perform matching input, A, B C, A B C L 11 / 1

33 Offering output (A B) P :: x : A B P outputs a fresh y:a along x and then behaves as B Right rule: offer output P :: y : A Q :: x : B, (νy)x y.(p Q) :: x : A B R Left rule: perform matching input, y:a, x:b z : C, x:a B z : C L 11 / 1

34 Offering output (A B) P :: x : A B P outputs a fresh y:a along x and then behaves as B Right rule: offer output P :: y : A Q :: x : B, (νy)x y.(p Q) :: x : A B R Left rule: perform matching input, y:a, x:b P :: z : C, x:a B x(y).p :: z : C L 11 / 1

35 Offering output (A B) Proof reduction again corresponds to process reduction No new rules required Apparent asymmetry, but A B B A: x:a B x(y).(νw)z w.([x w] [y z]) :: z : B A 12 / 1

36 Termination (1) P :: x : 1 P terminates session on x Right rule: offer of termination (unit of ) Left rule: accept termination Reduction 1 1R C, 1 C 1L 13 / 1

37 Termination (1) P :: x : 1 P terminates session on x Right rule: offer of termination (unit of ) Left rule: accept termination Reduction 1 1R C, 1 C 1L 13 / 1

38 Termination (1) P :: x : 1 P terminates session on x Right rule: offer of termination (unit of ) Left rule: accept termination Reduction x : 1 1R C, 1 C 1L 13 / 1

39 Termination (1) P :: x : 1 P terminates session on x Right rule: offer of termination (unit of ) Left rule: accept termination Reduction x.0 :: x : 1 1R C, 1 C 1L 13 / 1

40 Termination (1) P :: x : 1 P terminates session on x Right rule: offer of termination (unit of ) Left rule: accept termination Reduction x.0 :: x : 1 1R C, 1 C 1L 13 / 1

41 Termination (1) P :: x : 1 P terminates session on x Right rule: offer of termination (unit of ) Left rule: accept termination Reduction x.0 :: x : 1 1R z : C, x:1 z : C 1L 13 / 1

42 Termination (1) P :: x : 1 P terminates session on x Right rule: offer of termination (unit of ) Left rule: accept termination Reduction x.0 :: x : 1 1R P :: z : C, x:1 x().p :: z : C 1L 13 / 1

43 Termination (1) P :: x : 1 P terminates session on x Right rule: offer of termination (unit of ) Left rule: accept termination x.0 :: x : 1 1R P :: z : C, x:1 x().p :: z : C 1L Reduction (x.0 x().p) P 13 / 1

44 Termination (1) This faithful process assignment models synchronous termination We can also model asynchronous termination Use a different process assignment (Caires & Pf. 2010) Contracting proofs to processes Some proof reductions are process identities 14 / 1

45 Example: PDF indexing Abstract away communicated values for now index 1 file (file 1) Shape of a server srv x(f ).(νy)x y.(p x.0) :: x : index 1 Shape of a client client (νpdf )x pdf.x(idx).x().q Composition of server and client srv :: x : index 1 x : index 1 client :: z : 1 (νx)(srv client) :: z : 1 cut 15 / 1

46 Taking stock I At this point we have Types A, B, C ::= A B input A B output 1 termination Processes P, Q ::= [x z] forwarding (P Q) parallel composition (νx)p name restriction x(y).p input (νy)x y.p bound output x().p (wait) x.0 (termination) 16 / 1

47 Offering external choice (A & B) P :: x : A & B P offers the choice between A and B along x Right rule: offering choice between A and B A B A & B &R Left rules: making a choice between A and B, A C, A & B C &L 1, B C, A & B C &L 2 17 / 1

48 Offering external choice (A & B) P :: x : A & B P offers the choice between A and B along x Right rule: offering choice between A and B A B A & B &R Left rules: making a choice between A and B, A C, A & B C &L 1, B C, A & B C &L 2 17 / 1

49 Offering external choice (A & B) P :: x : A & B P offers the choice between A and B along x Right rule: offering choice between A and B x : A x : B x : A & B &R Left rules: making a choice between A and B, A C, A & B C &L 1, B C, A & B C &L 2 17 / 1

50 Offering external choice (A & B) P :: x : A & B P offers the choice between A and B along x Right rule: offering choice between A and B P :: x : A Q :: x : B x.case(p, Q) :: x : A & B &R Left rules: making a choice between A and B, A C, A & B C &L 1, B C, A & B C &L 2 17 / 1

51 Offering external choice (A & B) P :: x : A & B P offers the choice between A and B along x Right rule: offering choice between A and B P :: x : A Q :: x : B x.case(p, Q) :: x : A & B &R Left rules: making a choice between A and B, A C, A & B C &L 1, B C, A & B C &L 2 17 / 1

52 Offering external choice (A & B) P :: x : A & B P offers the choice between A and B along x Right rule: offering choice between A and B P :: x : A Q :: x : B x.case(p, Q) :: x : A & B &R Left rules: making a choice between A and B, x:a z : C, x:a & B z : C &L 1, x:b z : C, x:a & B z : C &L 2 17 / 1

53 Offering external choice (A & B) P :: x : A & B P offers the choice between A and B along x Right rule: offering choice between A and B P :: x : A Q :: x : B x.case(p, Q) :: x : A & B &R Left rules: making a choice between A and B, x:a Q :: z : C, x:a & B x.inl; Q :: z : C &L 1, x:b Q :: z : C, x:a & B x.inr; Q :: z : C &L 2 17 / 1

54 Offering external choice (A & B) Need binary guarded choice construct New reductions (x.case(p, Q) x.inl; R) (P R) (x.case(p, Q) x.inr; R) (Q R) 18 / 1

55 Example: PDF compression Extend previous example Offer to index or compress the PDF server 1 (file (file 1)) & (file (file 1)) Different protocol: decision is made later server 2 file ((file & file) 1) In practice, should use labeled products & i {l i : A i } 19 / 1

56 Offering internal choice (A B) P :: x : A B P offers either A or B along x Offering either A or B: A A B R 1 B A B R 2 Accounting for either A or B:, A C, B C, A B C L No new reductions 20 / 1

57 Offering internal choice (A B) P :: x : A B P offers either A or B along x Offering either A or B: A A B R 1 B A B R 2 Accounting for either A or B:, A C, B C, A B C L No new reductions 20 / 1

58 Offering internal choice (A B) P :: x : A B P offers either A or B along x Offering either A or B: x : A x : A B R 1 x : B x : A B R 2 Accounting for either A or B:, A C, B C, A B C L No new reductions 20 / 1

59 Offering internal choice (A B) P :: x : A B P offers either A or B along x Offering either A or B: P :: x : A x.inl; P :: x : A B R 1 P :: x : B x.inr; P :: x : A B R 2 Accounting for either A or B:, A C, B C, A B C L No new reductions 20 / 1

60 Offering internal choice (A B) P :: x : A B P offers either A or B along x Offering either A or B: P :: x : A x.inl; P :: x : A B R 1 P :: x : B x.inr; P :: x : A B R 2 Accounting for either A or B:, A C, B C, A B C L No new reductions 20 / 1

61 Offering internal choice (A B) P :: x : A B P offers either A or B along x Offering either A or B: P :: x : A x.inl; P :: x : A B R 1 P :: x : B x.inr; P :: x : A B R 2 Accounting for either A or B:, x:a z : C, x:b z : C, x:a B z : C L No new reductions 20 / 1

62 Offering internal choice (A B) P :: x : A B P offers either A or B along x Offering either A or B: P :: x : A x.inl; P :: x : A B R 1 P :: x : B x.inr; P :: x : A B R 2 Accounting for either A or B:, x:a P :: z : C, x:b Q :: z : C, x:a B x.case(p, Q) :: z : C L No new reductions 20 / 1

63 Example: PDF indexing Offer to index PDF, or indicate failure index 2 (file ((file 1) 1)) In practice, should use labeled sums i {l i : A i } 21 / 1

64 Persistence To have persistent services, we generalize the judgment form (Hodas & Miller 1991; Andreoli 1992; Barber 1996) B 1,..., B k }{{} Γ persistently true ; A 1,..., A n }{{} linearly true C Label with shared channels u and linear channels x u 1 :B 1,..., u k :B k }{{} Γ shared ; x 1 :A 1,..., x n :A }{{} n P :: z : C linear 22 / 1

65 Structural rules cut! as composition with replicated input Γ ; A Γ, A ; C Γ ; C cut! A No linear channels in P except x To use u we have to send it a new channel y for x Γ, A ;, A C Γ, A ; C copy 23 / 1

66 Structural rules cut! as composition with replicated input Γ ; A Γ, A ; C Γ ; C cut! A No linear channels in P except x To use u we have to send it a new channel y for x Γ, A ;, A C Γ, A ; C copy 23 / 1

67 Structural rules cut! as composition with replicated input Γ ; x : A Γ, u:a ; z : C Γ ; z : C cut! A No linear channels in P except x To use u we have to send it a new channel y for x Γ, A ;, A C Γ, A ; C copy 23 / 1

68 Structural rules cut! as composition with replicated input Γ ; P :: x : A Γ, u:a ; Q :: z : C Γ ; (νu)(!u(x).p Q) :: z : C cut! A No linear channels in P except x To use u we have to send it a new channel y for x Γ, A ;, A C Γ, A ; C copy 23 / 1

69 Structural rules cut! as composition with replicated input Γ ; P :: x : A Γ, u:a ; Q :: z : C Γ ; (νu)(!u(x).p Q) :: z : C cut! A No linear channels in P except x To use u we have to send it a new channel y for x Γ, A ;, A C Γ, A ; C copy 23 / 1

70 Structural rules cut! as composition with replicated input Γ ; P :: x : A Γ, u:a ; Q :: z : C Γ ; (νu)(!u(x).p Q) :: z : C cut! A No linear channels in P except x To use u we have to send it a new channel y for x Γ, u:a ;, y:a z : C Γ, u:a ; z : C copy 23 / 1

71 Structural rules cut! as composition with replicated input Γ ; P :: x : A Γ, u:a ; Q :: z : C Γ ; (νu)(!u(x).p Q) :: z : C cut! A No linear channels in P except x To use u we have to send it a new channel y for x Γ, u:a ;, y:a P :: z : C Γ, u:a ; (νy)u y.p :: z : C copy y will be linear and behave according to A 23 / 1

72 Cut! reduction Replaying the proof reduction yields: (νu)(!u(x).p (νy)u y.q) (νy)(p{y/x} (νu)(!u(x).p Q)) Instance of standard rule (!u(x).p u y.q) (P{y/x} Q!u(x).P) 24 / 1

73 Offering persistent service (!A) Internalize persistence as a proposition P :: x :!A P persistently offers A along x Creating a persistent service Sharing a persistent service Γ ; A Γ ;!A!R Γ, A ; C Γ ;,!A C!L 25 / 1

74 Offering persistent service (!A) Internalize persistence as a proposition P :: x :!A P persistently offers A along x Creating a persistent service Sharing a persistent service Γ ; A Γ ;!A!R Γ, A ; C Γ ;,!A C!L 25 / 1

75 Offering persistent service (!A) Internalize persistence as a proposition P :: x :!A P persistently offers A along x Creating a persistent service Sharing a persistent service Γ ; y : A Γ ; x :!A!R Γ, A ; C Γ ;,!A C!L 25 / 1

76 Offering persistent service (!A) Internalize persistence as a proposition P :: x :!A P persistently offers A along x Creating a persistent service Sharing a persistent service Γ ; P :: y : A Γ ;!x(y).p :: x :!A!R Γ, A ; C Γ ;,!A C!L 25 / 1

77 Offering persistent service (!A) Internalize persistence as a proposition P :: x :!A P persistently offers A along x Creating a persistent service Sharing a persistent service Γ ; P :: y : A Γ ;!x(y).p :: x :!A!R Γ, A ; C Γ ;,!A C!L 25 / 1

78 Offering persistent service (!A) Internalize persistence as a proposition P :: x :!A P persistently offers A along x Creating a persistent service Sharing a persistent service Γ ; P :: y : A Γ ;!x(y).p :: x :!A!R Γ, u:a ; z : C Γ ;, x:!a z : C!L 25 / 1

79 Offering persistent service (!A) Internalize persistence as a proposition P :: x :!A P persistently offers A along x Creating a persistent service Sharing a persistent service Γ ; P :: y : A Γ ;!x(y).p :: x :!A!R Γ, u:a ; Q :: z : C Γ ;, x:!a x/u.q :: z : C!L 25 / 1

80 Promotion!L promotes linear channels to shared ones No significant operational consequences (νx)(!x(y).p x/u.q) (νu)(!u(y).p Q) 26 / 1

81 Example: persistent storage Persistent PDF indexing service index 3 :!(file file 1) Persistently offer to input a file, then output a file and terminate session. Store a file persistently store 1 :!(file!(file 1)) Persistently offer to input a file, then output a persistent handle for retrieving this file. 27 / 1

82 Taking stock II At this point we have in addition Types A, B, C ::=... A & B external choice A B internal choice!a replication Processes P, Q ::=... x.inl; P x.inr; P selection x.case(p, Q) branching!u(x).p replicating input x/u.p (promotion) 28 / 1

83 Outline 1 Session types for π-calculus 2 Dependent session types 3 Proof irrelevance 4 Some results 5 Conclusion 29 / 1

84 Passing terms Types τ from a (dependent) type theory Hypothetical judgment x 1 :τ 1,..., x k :τ }{{} k M : τ Ψ Some example type constructors Πx:τ.σ, τ σ Σx:τ.σ, τ σ nat Functions from τ to σ Pairs of a τ and a σ Natural numbers Integrate into sequent calculus Ψ }{{} ; Γ }{{} ; }{{} term variables shared channels linear channels P :: x : A }{{} linear 30 / 1

85 Offering term input ( y:τ.a) P :: x : y:τ.a P inputs an M : τ along x and then behaves as A{M/x} Right rule: offer of service Ψ, y:τ ; Γ ; A Ψ ; Γ ; y:τ.a R Left rule: matching use of service Ψ M : τ Ψ ; Γ ;, A{M/y} C Ψ ; Γ ;, y:τ.a C L Proof reduction 31 / 1

86 Offering term input ( y:τ.a) P :: x : y:τ.a P inputs an M : τ along x and then behaves as A{M/x} Right rule: offer of service Ψ, y:τ ; Γ ; x : A Ψ ; Γ ; x : y:τ.a R Left rule: matching use of service Ψ M : τ Ψ ; Γ ;, A{M/y} C Ψ ; Γ ;, y:τ.a C L Proof reduction 31 / 1

87 Offering term input ( y:τ.a) P :: x : y:τ.a P inputs an M : τ along x and then behaves as A{M/x} Right rule: offer of service Ψ, y:τ ; Γ ; P :: x : A Ψ ; Γ ; x(y).p :: x : y:τ.a R Left rule: matching use of service Ψ M : τ Ψ ; Γ ;, A{M/y} C Ψ ; Γ ;, y:τ.a C L Proof reduction 31 / 1

88 Offering term input ( y:τ.a) P :: x : y:τ.a P inputs an M : τ along x and then behaves as A{M/x} Right rule: offer of service Ψ, y:τ ; Γ ; P :: x : A Ψ ; Γ ; x(y).p :: x : y:τ.a R Left rule: matching use of service Ψ M : τ Ψ ; Γ ;, x:a{m/y} z : C Ψ ; Γ ;, x: y:τ.a z : C L Proof reduction 31 / 1

89 Offering term input ( y:τ.a) P :: x : y:τ.a P inputs an M : τ along x and then behaves as A{M/x} Right rule: offer of service Ψ, y:τ ; Γ ; P :: x : A Ψ ; Γ ; x(y).p :: x : y:τ.a R Left rule: matching use of service Ψ M : τ Ψ ; Γ ;, x:a{m/y} Q :: z : C Ψ ; Γ ;, x: y:τ.a x M.Q :: z : C L Proof reduction 31 / 1

90 Offering term input ( y:τ.a) P :: x : y:τ.a P inputs an M : τ along x and then behaves as A{M/x} Right rule: offer of service Ψ, y:τ ; Γ ; P :: x : A Ψ ; Γ ; x(y).p :: x : y:τ.a R Left rule: matching use of service Ψ M : τ Ψ ; Γ ;, x:a{m/y} Q :: z : C Ψ ; Γ ;, x: y:τ.a x M.Q :: z : C L Proof reduction (νx)(x(y).p x M.Q) (νx)(p{m/y} Q) 31 / 1

91 Term passing: other connectives Quantified proposition as dependent session types x : y:τ.a x : $τ A x : y:τ.a x : $τ A Input an M : A along x and behave as A{M/y} Input an M : A along x and behave as A Output an M : A along x and behave as A{M/y} Output an M : A along x and behave as A $τ A as shorthand for y:τ.a if y not free in A $τ A as shorthand for y:τ.a if y not free in A We will omit the $ for readability 32 / 1

92 Examples, carrying proofs PDF indexing service index 3 :!(file file 1) index 4 :!( f :file. pdf(f ) g:file. pdf(g) 1) Persistently offer to input a file f, a proof that f is in PDF format, then output a PDF file g, and a proof that g is in PDF format and terminate the session. Persistent file storage store 1 :!(file!(file 1)) store 2 :!( f :file.! g:file. g. = f 1) Persistently offer to input a file, then output a persistent channel for retrieving this file and a proof that the two are equal. 33 / 1

93 Outline 1 Session types for π-calculus 2 Dependent session types 3 Proof irrelevance 4 Some results 5 Conclusion 34 / 1

94 Proof irrelevance In many examples, we want to know that proofs exist, but we do not want to transmit them We can easily check pdf(g) when using the indexing service The proof of g. = f (by reflexivity) would not be informative Use proof irrelevance in type theory M : [τ] M is a term of type τ that is computationally irrelevant 35 / 1

95 Proof irrelevance: rules Introduction and elimination Ψ M : τ Ψ [M] : [τ] []I Ψ M : [τ] Ψ, x τ N : σ Ψ let [x] = M in N : σ Ψ promotes hypotheses x τ to x:τ In examples, may use pattern matching instead of let By agreement, terms [M] will be erased before transmission Typing guarantees this can be done consistently []E 36 / 1

96 Examples with proof irrelevance Mark proofs as computationally irrelevant PDF indexing service index 4 :!( f :file. pdf(f ) g:file. pdf(g) 1) index 5 :!( f :file. [pdf(f )] g:file. [pdf(g)] 1) Persistent file storage store 2 :!( f :file.! g:file. g =. f 1) store 3 :!( f :file.! g:file. [g =. f ] 1) After erasure, communication can be optimized further 37 / 1

97 Example: mobile code For sensitive documents we want to run indexing locally Specification index 5 :!((Πf :file. [pdf(f )] Σg:file. [pdf(g)]) 1) Service persistently offers a function for indexing Cannot leak information since only process layer can communicate 38 / 1

98 Outline 1 Session types for π-calculus 2 Dependent session types 3 Proof irrelevance 4 Some results 5 Conclusion 39 / 1

99 Some results Recall: typing is modulo (shallow) structural congruence Theorem: type preservation = session fidelity Theorem: progress = deadlock freedom Theorem: termination Via linear logical relations (Pérez et al., ESOP 2012) Some commuting conversions = behavioral equivalences Theorem: proof reduction = process reduction Permuting cut and cut! = structural equivalences Identity elimination = structural reduction (forwarding) Propositional reduction = communication Some commuting conversion needed if promotion is suppressed and termination is asynchronous 40 / 1

100 Further extensions and results Family of monads K τ = digital signatures Continuum of trust: from proofs to digital signatures (CPP 2011) Functions as session-typed processes (FoSSaCS 2012) Translate from natural deduction to sequent calculus Via linear natural deduction [T S] =![T ] [S]: copying evaluation (by name) (T S) =!(T S ): sharing evaluation (futures) By-value and by-need are particular schedules for sharing 41 / 1

101 Ongoing work Polymorphism Immediate in the functional layer Parametricity in the process layer (Pérez et al., ESOP 2012) Asynchronous session types (w. Henry DeYoung) Also via Curry-Howard isomorphism! Unlocking parallelism with commuting conversions Each channel implementable as a bidirectional queue Classical linear logic Superficially more economical Does not enforce locality of shared channels All standard session examples (and more) already expressible in intuitionistic system Less likely to lead to full type theory 42 / 1

102 Concurrent dependent type theory? At present, we have a two-layer system Communication layer (both linear and shared channels) Value layer (dependent type theory) Can we have a concurrent dependently-typed language? Problem of linear dependency Equational reasoning about processes Integrating natural deduction and sequent calculus Dependently typed functional translation? Monadic encapsulation, à la CLF? 43 / 1

103 Some related work Computational interpretations of linear logic (Abramsky 1993) Relating π-calculus and linear logic (Bellin & Scott 1994) Session types (Honda 1993) (Honda et al. 1998)... Lolliproc (Mazurak & Zdancewic 2010) Natural deduction for classical linear logic Purely linear (unrestricted version conjectured) Tighter integration of functions with processes Requires control operators and additional coercions Dependent version unlikely? 44 / 1

104 Summary A Curry-Howard isomorphism Linear propositions as session types A B (input), A B (output), 1 (termination) A & B (external choice), A B (internal choice),!a (replication) Sequent proofs as π-calculus processes with a binary guarded choice and channel forwarding Cut reduction as π-calculus reduction Term-passing extension with a type theory x:τ.a (term input), x:τ.a (term output) Additional type theory constructs [τ] for proof irrelevance (not transmitted) K τ for affirmations (evidenced by digital signatures) 45 / 1