GovDepsMatch
- *Informally*. Fix a `Block`{.AgdaRecord} , a `ChainState`{.AgdaRecord}
, and a `NewEpochState`{.AgdaRecord} . Let `csLState`{.AgdaFunction}
be the ledger state of . Recall, a `ChainState`{.AgdaRecord} has just
one field, `newEpochState`{.AgdaField} : `NewEpochState`{.AgdaRecord}.
Consider the chain state `cs’`{.AgdaFunction} defined as follows:
cs' : ChainState cs' .newEpochState = record { lastEpoch = nes .lastEpoch ; epochState = record (EpochStateOf cs) {ls = LStateOf nes} ; ru = nes .ru }That is `cs’`{.AgdaFunction} is essentially , but the `EpochState`{.AgdaRecord} field is set to the `epochState`{.AgdaField} of with the exception of the `LState`{.AgdaRecord} field, which is set to that of . Let and be the respective `UTxOState`{.AgdaRecord}s of the ledger states of and `cs’`{.AgdaFunction}, respectively, and let and be their respective `GovState`{.AgdaFunction}s. Assume the following conditions hold: - let `removed’`{.AgdaFunction} : `ℙ`{.AgdaFunction}(`GovActionID`{.AgdaDatatype} × `GovActionState`{.AgdaDatatype}) be the union of - the governance actions in the `removed`{.AgdaField} field of the ratify state of , and - the orphaned governance actions in the `GovState`{.AgdaFunction} of . Let $\mathcal{G}$ be the set $\{\mbox{\texttt{@@AgdaTerm@@basename=GovActionDeposit@@class=AgdaInductiveConstructor@@} \ab{id}} : \mbox{\ab{id}} ∈ \mbox{proj}₁ \mbox{\texttt{@@AgdaTerm@@basename=removed'@@class=AgdaFunction@@}}\}$. $\mathcal{G}$ is a subset of the set of deposits of the chain state ; that is, `map`{.AgdaFunction} (`GovActionDeposit`{.AgdaInductiveConstructor} $∘$ `proj₁`{.AgdaField}) `removed’`{.AgdaFunction} `@@AgdaTerm@@basename=`$⊆$`@@class=AgdaField@@` `dom`{.AgdaFunction} (`DepositsOf`{.AgdaField} ); - the total reference script size of `csLState`{.AgdaFunction} is not greater than the maximum allowed size per block (as specified in `PParams`{.AgdaRecord}); - `⇀⦇`{.AgdaDatatype} `,CHAIN⦈`{.AgdaDatatype} `cs’`{.AgdaFunction}. Under these conditions, if the governance action deposits of equal those of , then the same holds for and . In other terms, `govDepsMatch`{.AgdaFunction} `csLState`{.AgdaFunction} implies `govDepsMatch`{.AgdaFunction} `nesState`{.AgdaFunction}. - *Formally*.
CHAIN-govDepsMatch : map (GovActionDeposit ∘ proj₁) removed' ⊆ dom (DepositsOf cs) → totalRefScriptsSize csLState ts ≤ maxRefScriptSizePerBlock → _ ⊢ cs ⇀⦇ b ,CHAIN⦈ cs' → govDepsMatch csLState → govDepsMatch (LStateOf nes)- *Proof*. See the module in the [formal ledger repository](\repourl).