GovDepsMatch
Lemma (govDepsMatch is invariant of LEDGER rule).
Informally.
Suppose s and s' are ledger states such that
s ⇀⦇ tx ,LEDGER⦈ s'.
Let utxoSt and utxoSt' be their respective
UTxOStates and let govSt and
govSt' be their respective GovStates.
If the governance action deposits of utxoSt are equal to those of
govSt, then the same holds for utxoSt' and govSt'.
In other terms, if govDepsMatch s, then
govDepsMatch s'.
Formally.
LEDGER-govDepsMatch : LedgerInvariant _⊢_⇀⦇_,LEDGER⦈_ govDepsMatch
Proof.
LEDGER-govDepsMatch (LEDGER-I⋯ refl (UTXOW-UTXOS (Scripts-No _))) aprioriMatch = aprioriMatch LEDGER-govDepsMatch {Γ}{s}{tx}{s'} utxosts@(LEDGER-V⋯ tx-valid (UTXOW-UTXOS (Scripts-Yes x)) _ GOV-sts) aprioriMatch = let open Tx tx; open TxBody body open LEnv Γ renaming (pparams to pp) open PParams pp using (govActionDeposit) open LState s open LState s' renaming (govSt to govSt'; certState to certState') open LEDGER-PROPS tx Γ s using (utxoDeps; updateGovStates; STS→GovSt≡) open SetoidProperties tx Γ s using (|ᵒ-GAs-pres; props-dpMap-votes-invar; utxo-govst-connex; noGACerts) in begin filterˢ isGADeposit (dom (updateDeposits pp body utxoDeps)) ≈⟨ noGACerts txCerts (updateProposalDeposits txGovProposals txId govActionDeposit utxoDeps) ⟩ filterˢ isGADeposit (dom (updateProposalDeposits txGovProposals txId govActionDeposit utxoDeps)) ≈⟨ utxo-govst-connex txGovProposals aprioriMatch ⟩ fromList (dpMap (updateGovStates (map inj₂ txGovProposals) 0 govSt)) ≈˘⟨ props-dpMap-votes-invar txGovVotes txGovProposals ⟩ fromList (dpMap (updateGovStates (txgov body) 0 govSt )) ≈˘⟨ |ᵒ-GAs-pres 0 govSt certState' ⟩ fromList (dpMap (updateGovStates (txgov body) 0 (rmOrphanDRepVotes certState' govSt))) ≡˘⟨ cong (fromList ∘ dpMap ) (STS→GovSt≡ utxosts tx-valid) ⟩ fromList (dpMap govSt') ∎ LEDGER-govDepsMatch {s' = s'} utxosts@(LEDGER-V (() , UTXOW-UTXOS (Scripts-No (_ , refl)) , _ , GOV-sts)) aprioriMatch