Paxos Consensus, Deconstructed and Abstracted (Extended Version)

by   Álvaro García-Pérez, et al.
IMDEA Networks Institute

Lamport's Paxos algorithm is a classic consensus protocol for state machine replication in environments that admit crash failures. Many versions of Paxos exploit the protocol's intrinsic properties for the sake of gaining better run-time performance, thus widening the gap between the original description of the algorithm, which was proven correct, and its real-world implementations. In this work, we address the challenge of specifying and verifying complex Paxos-based systems by (a) devising composable specifications for implementations of Paxos's single-decree version, and (b) engineering disciplines to reason about protocol-aware, semantics-preserving optimisations to single-decree Paxos. In a nutshell, our approach elaborates on the deconstruction of single-decree Paxos by Boichat et al. We provide novel non-deterministic specifications for each module in the deconstruction and prove that the implementations refine the corresponding specifications, such that the proofs of the modules that remain unchanged can be reused across different implementations. We further reuse this result and show how to obtain a verified implementation of Multi-Paxos from a verified implementation of single-decree Paxos, by a series of novel protocol-aware transformations of the network semantics, which we prove to be behaviour-preserving.


Sound Verification of Security Protocols: From Design to Interoperable Implementations (extended version)

We provide a framework consisting of tools and metatheorems for the end-...

Verification of the busy-forbidden protocol (using an extension of the cones and foci framework)

The busy-forbidden protocol is a new readers-writer lock with no resourc...

A Domain Specific Language for Testing Consensus Implementations

Large-scale, fault-tolerant, distributed systems are the backbone for ma...

Softwire Hub and Spoke Deployment Framework with Layer Two Tunneling Protocol Version 2 (L2TPv2)

This document describes the framework of the Softwire "Hub and Spoke" so...

Inferring Concise Specifications of APIs

Modern software relies on libraries and uses them via application progra...

Proofs about Network Communication: For Humans and Machines

Many concurrent and distributed systems are safety-critical and therefor...

The Closer You Look, The More You Learn: A Grey-box Approach to Protocol State Machine Learning

In this paper, we propose a new approach to infer state machine models f...

Please sign up or login with your details

Forgot password? Click here to reset