Content uploaded by John Power

Author content

All content in this area was uploaded by John Power on Jan 27, 2014

Content may be subject to copyright.

A preview of the PDF is not available

Given a complete and cocomplete symmetric monoidal closed category V and a symmetric monoidal V-category C with cotensors and a strong V-monad T on C, we investigate axioms under which an Ob
C-indexed family of operations of the form αx
:(Tx)v
→(Tx)w
provides semantics for algebraic operations on the computational λ-calculus. We recall a definition for which we have elsewhere given adequacy results, and we show that an enrichment of it is equivalent to a range of other possible natural definitions of algebraic operation. In particular, we define the notion of generic effect and show that to give a generic effect is equivalent to giving an algebraic operation. We further show how the usual monadic semantics of the computational λ-calculus extends uniformly to incorporate generic effects. We outline examples and non-examples and we show that our definition also enriches one for call-by-name languages with effects.

Content uploaded by John Power

Author content

All content in this area was uploaded by John Power on Jan 27, 2014

Content may be subject to copyright.

A preview of the PDF is not available

... The motivation from which this work originates is precisely that of understanding the deep reasons for the aforementioned discrepancy, at the same time giving a general account of the HOMC problem in presence of effects. In doing so, we will consider effects as being captured by algebraic operations [Plotkin and Power 2003], the latter producing some pre-defined effects or interpreted by way of effect handlers [Hillerström et al. 2017;Kammar et al. 2013;Plotkin and Pretnar 2009]. In other words, we will consider well-established ways of capturing effects in higherorder -calculi. ...

... We show that handlers are indeed harmful to decidability, at least when general, well-established notions of handlers are considered, including shallow and deep handlers. We conclude by considering a rather restricted class of handlers which are sufficiently expressive to capture generic effects [Plotkin and Power 2003] but for which model checking remains decidable. This is in Section 7 and Section 8. l e t r = ref true ; ; l e t q = ref true ; ; l e t rec f g = l e t y = ! ...

... While the -calculus is the reference paradigmatic model for pure functional programming, a standard way of raising effects from within functional programs consists in invoking algebraic operations [Plotkin and Power 2003], each of them corresponding to a particular way of producing an observable effect. Even when the underlying programming language does not offer algebraic operations natively, many impure constructs can be interpreted this way. ...

Model-checking is one of the most powerful techniques for verifying systems and programs, which since the pioneering results by Knapik et al., Ong, and Kobayashi, is known to be applicable to functional programs with higher-order types against properties expressed by formulas of monadic second-order logic. What happens when the program in question, in addition to higher-order functions, also exhibits algebraic effects such as probabilistic choice or global store? The results in the literature range from those, mostly positive, about nondeterministic effects, to those about probabilistic effects, in the presence of which even mere reachability becomes undecidable. This work takes a fresh and general look at the problem, first of all showing that there is an elegant and natural way of viewing higher-order programs producing algebraic effects as ordinary higher-order recursion schemes. We then move on to consider effect handlers, showing that in their presence the model checking problem is bound to be undecidable in the general case, while it stays decidable when handlers have a simple syntactic form, still sufficient to capture so-called generic effects. Along the way we hint at how a general specification language could look like, this way justifying some of the results in the literature, and deriving new ones.

... Plotkin and Power [90,89,86,88,85,89] later worked to generalize this connection by replacing the category Set with any λ c model, in order to give a perspective on computational effects with operations at the centre. In order to do this, it was natural to work with Lawvere theories, which are a categorical interpretation of the notion of algebraic theory which naturally allows models of a theory to be taken in any category with products. ...

... We have such a binder in our notation for update, whose continuation takes only trivial input. 16 Note, these equations between operations could also naturally be expressed via their corresponding generic effects, denoted here by !a : T S and a := v : T 1 and obtained by passing the trivial continuation in to l and u [90,89,86]. By the Yoneda lemma, these are no less general. ...

The Functional Machine Calculus (FMC) was recently introduced as a generalization of the lambda-calculus to include higher-order global state, probabilistic and non-deterministic choice, and input and output, while retaining confluence. The calculus can encode both the call-by-name and call-by-value semantics of these effects. This is enabled by two independent generalisations, both natural from the perspective of the FMC's operational semantics, which is given by a simple multi-stack machine. The first generalization decomposes the syntax of the lambda-calculus in a way that allows for sequential composition of terms and the encoding of reduction strategies. Specifically, there exist translations of the call-by-name and call-by-value lambda-calculus which preserve operational semantics. The second parameterizes application and abstraction in terms of 'locations' (corresponding to the multiple stacks of the machine), which gives a unification of the operational semantics, syntax, and reduction rules of the given effects with those of the lambda-calculus. The FMC further comes equipped with a simple type system which restricts and captures the behaviour of effects. This thesis makes two main contributions, showing that two fundamental properties of the lambda-calculus are preserved by the FMC. The first is to show that the categorical semantics of the FMC, modulo an appropriate equational theory, is given by the free Cartesian closed category. The equational theory is validated by a notion of observational equivalence. The second contribution is a proof that typed FMC-terms are strongly normalising. This is an extension (and small simplification) of Gandy's proof for the lambda-calculus, which additionally emphasizes its latent operational intuition.

... Algebraic effects [Plotkin and Power 2003] and handlers [Plotkin andPretnar 2009, 2013] are a mechanism to structure programs with computational effects in a modular way. Algebraic effects represent abstracted computational effects and handlers specify their behaviors using delimited continuations. ...

Algebraic effects and handlers are a mechanism to structure programs with computational effects in a modular way. They are recently gaining popularity and being adopted in practical languages, such as OCaml. Meanwhile, there has been substantial progress in program verification via refinement type systems. However, thus far, there has not been a satisfactory refinement type system for algebraic effects and handlers. In this paper, we fill the void by proposing a novel refinement type system for algebraic effects and handlers. The expressivity and usefulness of algebraic effects and handlers come from their ability to manipulate delimited continuations, but delimited continuations also complicate programs' control flow and make their verification harder. To address the complexity, we introduce a novel concept that we call answer refinement modification (ARM for short), which allows the refinement type system to precisely track what effects occur and in what order when a program is executed, and reflect the information as modifications to the refinements in the types of delimited continuations. We formalize our type system that supports ARM (as well as answer type modification) and prove its soundness. Additionally, as a proof of concept, we have implemented a corresponding type checking and inference algorithm for a subset of OCaml 5, and evaluated it on a number of benchmark programs. The evaluation demonstrates that ARM is conceptually simple and practically useful. Finally, a natural alternative to directly reasoning about a program with delimited continuations is to apply a continuation passing style (CPS) transformation that transforms the program to a pure program. We investigate this alternative, and show that the approach is indeed possible by proposing a novel CPS transformation for algebraic effects and handlers that enjoys bidirectional (refinement-)type-preservation.

... While having explicit continuations in operation calls, signals, interrupt handlers, and when awaiting promises to be fulfilled makes the meta-theory of the underlying calculus cleaner, in programming we prefer to use generic versions of them, i.e., ones with trivial continuations [PP03]. In particular, we define and use the following syntactic sugar: ...

We explore asynchronous programming with algebraic effects. We complement their conventional synchronous treatment by showing how to naturally also accommodate asynchrony within them, namely, by decoupling the execution of operation calls into signalling that an operation's implementation needs to be executed, and interrupting a running computation with the operation's result, to which the computation can react by installing interrupt handlers. We formalise these ideas in a small core calculus and demonstrate its flexibility using examples ranging from a multi-party web application, to pre-emptive multi-threading, to (cancellable) remote function calls, to a parallel variant of runners of algebraic effects. In addition, the paper is accompanied by a formalisation of the calculus's type safety proofs in Agda, and a prototype implementation in OCaml.

... This duality is not just of theoretical interest. For example, in implementing a system of algebraic effects and handlers [Plotkin and Power 2003;Plotkin and Pretnar 2009], we could represent effectful computations as abstract syntax trees over operations, and handlers as records of implementations of those operations. We might then hope to define a general handling combinator, which combines an effectful computation with an appropriate handler. ...

We present a novel approach to generic programming over extensible data types. Row types capture the structure of records and variants, and can be used to express record and variant subtyping, record extension, and modular composition of case branches. We extend row typing to capture generic programming over rows themselves, capturing patterns including lifting operations to records and variations from their component types, and the duality between cases blocks over variants and records of labeled functions, without placing specific requirements on the fields or constructors present in the records and variants. We formalize our approach in System R{\omega}, an extension of F{\omega} with row types, and give a denotational semantics for (stratified) R{\omega} in Agda.

Inspired by algebraic effects and the principle of notions of computations as monoids, we study a categorical framework for equational theories and models of monoids equipped with operations. The framework covers not only algebraic operations but also scoped and variable-binding operations. Appealingly, in this framework both theories and models can be modularly composed. Technically, a general monoid-theory correspondence is shown, saying that the category of theories of algebraic operations is equivalent to the category of monoids. Moreover, more complex forms of operations can be coreflected into algebraic operations, in a way that preserves initial algebras. On models, we introduce modular models of a theory, which can interpret abstract syntax in the presence of other operations. We show constructions of modular models (i) from monoid transformers, (ii) from free algebras, (iii) by composition, and (iv) in symmetric monoidal categories.

We present a novel approach to generic programming over extensible data types. Row types capture the structure of records and variants, and can be used to express record and variant subtyping, record extension, and modular composition of case branches. We extend row typing to capture generic programming over rows themselves, capturing patterns including lifting operations to records and variations from their component types, and the duality between cases blocks over variants and records of labeled functions, without placing specific requirements on the fields or constructors present in the records and variants. We formalize our approach in System R𝜔, an extension of F𝜔 with row types, and give a denotational semantics for (stratified) R𝜔 in Agda.

State-separating proofs (SSP) is a recent methodology for structuring game-based cryptographic proofs in a modular way, by using algebraic laws to exploit the modular structure of composed protocols. While promising, this methodology was previously not fully formalized and came with little tool support. We address this by introducing SSProve, the first general verification framework for machine-checked state-separating proofs. SSProve combines high-level modular proofs about composed protocols, as proposed in SSP, with a probabilistic relational program logic for formalizing the lower-level details, which together enable constructing machine-checked cryptographic proofs in the Coq proof assistant. Moreover, SSProve is itself fully formalized in Coq, including the algebraic laws of SSP, the soundness of the program logic, and the connection between these two verification styles.
To illustrate SSProve we use it to mechanize the simple security proofs of ElGamal and PRF-based encryption. We also validate the SSProve approach by conducting two more substantial case studies: First, we mechanize an SSP security proof of the KEM-DEM public key encryption scheme, which led to the discovery of an error in the original paper proof that has since been fixed. Second, we use SSProve to formally prove security of the sigma-protocol zero-knowledge construction, and we moreover construct a commitment scheme from a sigma-protocol to compare with a similar development in CryptHOL. We instantiate the security proof for sigma-protocols to give concrete security bounds for Schnorr’s sigma-protocol.

We begin to develop a uniÞed account of modularity for com- putational eects. We use the notion of enriched Lawvere theory, to- gether with its relationship with strong monads, to reformulate Moggi's paradigm for modelling computational eects; we emphasise the impor- tance here of the operations that induce computational eects. Eects qua theories are then combined by appropriate bifunctors (on the cate- gory of theories). We give a theory of the commutative combination of eects, which in particular yields Moggi's side-eects monad transformer (an application is the combination of side-eects with nondeterminism). And we give a theory for the sum of computational eects, which in par- ticular yields Moggi's exceptions monad transformer (an application is the combination of exceptions with other eects).

To construct a compiler for a modern higher-level programming languagel one needs to structure the translation to a machine-like intermediate language in a way that reflects the semantics of the language. little is said about such struc turing in compiler texts that are intended to cover a wide variety of program ming languages. More is said in the Iiterature on semantics-directed compiler construction [1] but here too the viewpoint is very general (though limited to 1 languages with a finite number of syntactic types). On the other handl there is a considerable body of work using the continuation-passing transformation to structure compilers for the specific case of call-by-value languages such as SCHEME and ML [21 3]. ln this paperl we will describe a method of structuring the translation of ALGOL-like languages that is based on the functor-category semantics devel oped by Reynolds [4] and Oles [51 6]. An alternative approach using category theory to structure compilers is the early work of F. L. Morris [7]1 which anticipates our treatment of boolean expressionsl but does not deal with procedures. 2 Types and Syntax An ALGOL-like language is a typed lambda calculus with an unusual repertoire of primitive types. Throughout most of this paper we assume that the primi tive types are comm(and) int(eger)exp(ression) int(eger)acc(eptor) int(eger)var(iable) I and that the set 8 of types is the least set containing these primitive types and closed under the binary operation -.

Much of theoretical computer science is based on use of inductive complete partially ordered sets (or ipos). The aim of this thesis is to extend this successful theory to make it applicable to probabilistic computations. The method is to construct a "probabilistic powerdomain" on any ipo to represent the outcome of a probabilistic program which has outputs in the original ipo. In this thesis it is shown that evaluations (functions which assign a probability to open sets with various conditions) form such a powerdomain. Further, the powerdomain is a monadic functor on the categoy Ipo.
For restricted classes of ipos a powerdomain of probability distributions, or measures which only take values less than one, has been constructed (by Saheb-Djahromi). In the thesis we show that this powerdomain may be constructed for continuous ipos where it is isomorphic to that of evaluations.
The powerdomain of evaluations is shown to have a simple Stone type duality between it and sets of upper continuous functions. This is then used to give a Hoare style logic for an imperative probabilistic language, which is the dual of the probabilistic semantics.
Finally the powerdomain is used to give a denotational semantics of a probabilistic metalanguage which is an extension of Moggi's lambda-c-calculus for the powerdomain monad. This semantics is then shown to be equivalent to an operational semantics.

I. Categories, Functors and Natural Transformations.- 1. Axioms for Categories.- 2. Categories.- 3. Functors.- 4. Natural Transformations.- 5. Monics, Epis, and Zeros.- 6. Foundations.- 7. Large Categories.- 8. Hom-sets.- II. Constructions on Categories.- 1. Duality.- 2. Contravariance and Opposites.- 3. Products of Categories.- 4. Functor Categories.- 5. The Category of All Categories.- 6. Comma Categories.- 7. Graphs and Free Categories.- 8. Quotient Categories.- III. Universals and Limits.- 1. Universal Arrows.- 2. The Yoneda Lemma.- 3. Coproducts and Colimits.- 4. Products and Limits.- 5. Categories with Finite Products.- 6. Groups in Categories.- IV. Adjoints.- 1. Adjunctions.- 2. Examples of Adjoints.- 3. Reflective Subcategories.- 4. Equivalence of Categories.- 5. Adjoints for Preorders.- 6. Cartesian Closed Categories.- 7. Transformations of Adjoints.- 8. Composition of Adjoints.- V. Limits.- 1. Creation of Limits.- 2. Limits by Products and Equalizers.- 3. Limits with Parameters.- 4. Preservation of Limits.- 5. Adjoints on Limits.- 6. Freyd's Adjoint Functor Theorem.- 7. Subobjects and Generators.- 8. The Special Adjoint Functor Theorem.- 9. Adjoints in Topology.- VI. Monads and Algebras.- 1. Monads in a Category.- 2. Algebras for a Monad.- 3. The Comparison with Algebras.- 4. Words and Free Semigroups.- 5. Free Algebras for a Monad.- 6. Split Coequalizers.- 7. Beck's Theorem.- 8. Algebras are T-algebras.- 9. Compact Hausdorff Spaces.- VII. Monoids.- 1. Monoidal Categories.- 2. Coherence.- 3. Monoids.- 4. Actions.- 5. The Simplicial Category.- 6. Monads and Homology.- 7. Closed Categories.- 8. Compactly Generated Spaces.- 9. Loops and Suspensions.- VIII. Abelian Categories.- 1. Kernels and Cokernels.- 2. Additive Categories.- 3. Abelian Categories.- 4. Diagram Lemmas.- IX. Special Limits.- 1. Filtered Limits.- 2. Interchange of Limits.- 3. Final Functors.- 4. Diagonal Naturality.- 5. Ends.- 6. Coends.- 7. Ends with Parameters.- 8. Iterated Ends and Limits.- X. Kan Extensions.- 1. Adjoints and Limits.- 2. Weak Universality.- 3. The Kan Extension.- 4. Kan Extensions as Coends.- 5. Pointwise Kan Extensions.- 6. Density.- 7. All Concepts are Kan Extensions.- Table of Terminology.