Sc_rollup_arith.Makeinclude Sc_rollup_PVM_sig.S
with type context = Context.Tree.t
with type state = Context.tree
with type proof = Context.prooftype state = Context.treeThe state of the PVM denotes a state of the rollup.
The life cycle of the PVM is as follows. It starts its execution from an initial_state. The initial state is specialized at origination with a boot_sector, using the install_boot_sector function. The resulting state is call the “genesis” of the rollup.
Afterwards, we classify states into two categories: "internal states" do not require any external information to be executed while "input states" are waiting for some information from the inbox to be executable.
type context = Context.Tree.tA context represents the executable environment needed by the state to exist. Typically, the rollup node storage can be part of this context to allow the PVM state to be persistent.
type hash = Sc_rollup_repr.State_hash.tA hash characterizes the contents of a state.
type proof = Context.proofDuring interactive refutation games, a player may need to provide a proof that a given execution step is valid. The PVM implementation is responsible for ensuring that this proof type has the correct semantics.
A proof p has four parameters:
start_hash := proof_start_state pstop_hash := proof_stop_state pinput_requested := proof_input_requested pinput_given := proof_input_given pThe following predicate must hold of a valid proof:
exists start_state, stop_state.
(state_hash start_state == start_hash)
AND (Option.map state_hash stop_state == stop_hash)
AND (is_input_state start_state == input_requested)
AND (match (input_given, input_requested) with
| (None, No_input_required) -> eval start_state == stop_state
| (None, Initial) -> stop_state == None
| (None, First_after (l, n)) -> stop_state == None
| (Some input, No_input_required) -> true
| (Some input, Initial) ->
set_input input_given start_state == stop_state
| (Some input, First_after (l, n)) ->
set_input input_given start_state == stop_state)
In natural language---the two hash parameters start_hash and stop_hash must have actual state values (or possibly None in the case of stop_hash) of which they are the hashes. The input_requested parameter must be the correct request from the start_hash, given according to is_input_state. Finally there are four possibilities of input_requested and input_given.
eval step ;stop_hash must be None (the machine is blocked) ;set_input step.val proof_encoding : proof Mavryk_protocol_environment_alpha.Data_encoding.tproofs are embedded in L1 refutation game operations using proof_encoding. Given that the size of L1 operations are limited, it is of *critical* importance to make sure that no execution step of the PVM can generate proofs that do not fit in L1 operations when encoded. If such a proof existed, the rollup could get stuck.
proof_start_state proof returns the initial state hash of the proof execution step.
proof_stop_state proof returns the final state hash of the proof execution step.
val state_hash : state -> hash Mavryk_protocol_environment_alpha.Lwt.tstate_hash state returns a compressed representation of state.
val initial_state :
empty:state ->
state Mavryk_protocol_environment_alpha.Lwt.tinitial_state ~empty is the initial state of the PVM, before its specialization with a given boot_sector. The initial state is built on the empty state which must be provided.
val install_boot_sector :
state ->
string ->
state Mavryk_protocol_environment_alpha.Lwt.tinstall_boot_sector state boot_sector specializes the initial state of a PVM using a dedicated boot_sector, submitted at the origination of the rollup.
val is_input_state :
is_reveal_enabled:Sc_rollup_PVM_sig.is_reveal_enabled ->
state ->
Sc_rollup_PVM_sig.input_request Mavryk_protocol_environment_alpha.Lwt.tis_input_state ~is_reveal_enabled state returns the input expectations of the state---does it need input, and if so, how far through the inbox has it read so far?
val set_input :
Sc_rollup_PVM_sig.input ->
state ->
state Mavryk_protocol_environment_alpha.Lwt.tset_input input state sets input in state as the next input to be processed. This must answer the input_request from is_input_state state.
val eval : state -> state Mavryk_protocol_environment_alpha.Lwt.teval s0 returns a state s1 resulting from the execution of an atomic step of the rollup at state s0.
val verify_proof :
is_reveal_enabled:Sc_rollup_PVM_sig.is_reveal_enabled ->
Sc_rollup_PVM_sig.input option ->
proof ->
Sc_rollup_PVM_sig.input_request
Mavryk_protocol_environment_alpha.Error_monad.tzresult
Mavryk_protocol_environment_alpha.Lwt.tverify_proof ~is_reveal_enabled input p checks the proof p with input input and returns the input_request before the evaluation of the proof. See the doc-string for the proof type.
verify_proof input p fails when the proof is invalid in regards to the given input.
val produce_proof :
context ->
is_reveal_enabled:Sc_rollup_PVM_sig.is_reveal_enabled ->
Sc_rollup_PVM_sig.input option ->
state ->
proof Mavryk_protocol_environment_alpha.Error_monad.tzresult
Mavryk_protocol_environment_alpha.Lwt.tproduce_proof ctxt ~is_reveal_enabled input_given state should return a proof for the PVM step starting from state, if possible. This may fail for a few reasons:
input_given doesn't match the expectations of state ;context for this instance of the PVM doesn't have access to enough of the state to build the proof.The following type is inhabited by the proofs that a given output is part of the outbox of a given state.
val output_proof_encoding :
output_proof Mavryk_protocol_environment_alpha.Data_encoding.toutput_proof_encoding encoding value for output_proofs.
val output_of_output_proof : output_proof -> Sc_rollup_PVM_sig.outputoutput_of_output_proof proof returns the output that is referred to in proof's statement.
val state_of_output_proof : output_proof -> hashstate_of_output_proof proof returns the state hash that is referred to in proof's statement.
val verify_output_proof :
output_proof ->
Sc_rollup_PVM_sig.output
Mavryk_protocol_environment_alpha.Error_monad.tzresult
Mavryk_protocol_environment_alpha.Lwt.tverify_output_proof output_proof returns the output_proof's output iff the proof is a valid witness that its output is part of its state's outbox.
val produce_output_proof :
context ->
state ->
Sc_rollup_PVM_sig.output ->
(output_proof, Mavryk_protocol_environment_alpha.Error_monad.error)
Mavryk_protocol_environment_alpha.Pervasives.result
Mavryk_protocol_environment_alpha.Lwt.tproduce_output_proof ctxt state output returns a proof that witnesses the fact that output is part of state's outbox.
val check_dissection :
default_number_of_sections:int ->
start_chunk:Sc_rollup_dissection_chunk_repr.t ->
stop_chunk:Sc_rollup_dissection_chunk_repr.t ->
Sc_rollup_dissection_chunk_repr.t list ->
unit Mavryk_protocol_environment_alpha.Error_monad.tzresultcheck_dissection ~default_number_of_sections ~start_chunk
~stop_chunk chunks fails if the dissection encoded by the list [start_chunk] @ chunks @ [stop_chunk] does not satisfy the properties expected by the PVM.
val get_current_level :
state ->
Raw_level_repr.t option Mavryk_protocol_environment_alpha.Lwt.tget_current_level state returns the current level of the state, returns None if it is not possible to compute the level.
module Internal_for_tests : sig ... endparse_boot_sector s builds a boot sector from its human writable description.
val pp_boot_sector :
Mavryk_protocol_environment_alpha.Format.formatter ->
string ->
unitpp_boot_sector fmt s prints a human readable representation of a boot sector.
val pp :
state ->
(Mavryk_protocol_environment_alpha.Format.formatter ->
unit ->
unit)
Mavryk_protocol_environment_alpha.Lwt.tpp state returns a pretty-printer valid for state.
val get_tick :
state ->
Sc_rollup_tick_repr.t Mavryk_protocol_environment_alpha.Lwt.tget_tick state returns the current tick of state.
type status = | Halted| Waiting_for_input_message| Waiting_for_reveal of Sc_rollup_PVM_sig.reveal| Parsing| EvaluatingThe machine has five possible statuses:
val get_status :
is_reveal_enabled:Sc_rollup_PVM_sig.is_reveal_enabled ->
state ->
status Mavryk_protocol_environment_alpha.Lwt.tget_status ~is_reveal_enabled state returns the machine status in state.
val get_outbox :
Raw_level_repr.t ->
state ->
Sc_rollup_PVM_sig.output list Mavryk_protocol_environment_alpha.Lwt.tget_outbox outbox_level state returns the outbox in state for a given outbox_level.
The machine has only three instructions.
val equal_instruction : instruction -> instruction -> boolequal_instruction i1 i2 is true iff i1 equals i2.
val pp_instruction :
Mavryk_protocol_environment_alpha.Format.formatter ->
instruction ->
unitpp_instruction fmt i shows a human readable representation of i.
val get_parsing_result :
state ->
bool option Mavryk_protocol_environment_alpha.Lwt.tget_parsing_result state is Some true if the current message is syntactically correct, Some false when it contains a syntax error, and None when the machine is not in parsing state.
val get_code :
state ->
instruction list Mavryk_protocol_environment_alpha.Lwt.tget_code state returns the current code obtained by parsing the current input message.
val get_stack : state -> int list Mavryk_protocol_environment_alpha.Lwt.tget_stack state returns the current stack.
val get_var :
state ->
string ->
int option Mavryk_protocol_environment_alpha.Lwt.tget_var state x returns the current value of variable x. Returns None if x does not exist.
val get_evaluation_result :
state ->
bool option Mavryk_protocol_environment_alpha.Lwt.tget_evaluation_result state returns Some true if the current message evaluation succeeds, Some false if it failed, and None if the evaluation has not been done yet.
val get_is_stuck :
state ->
string option Mavryk_protocol_environment_alpha.Lwt.tget_is_stuck state returns Some err if some internal error made the machine fail during the last evaluation step. None if no internal error occurred. When a machine is stuck, it reboots, waiting for the next message to process.