tla-rs 0.1.0

Rust implementation of the IronFleet verified distributed systems framework
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

use builtin::*;
use builtin_macros::*;
use vstd::seq::*;
use vstd::set::*;

verus!{
    // pub proof fn ThingsIKnowAboutSubset<T>(x:Set<T>, y:Set<T>)
    //     requires x.subset_of(y)
    //     ensures x.len()<y.len()
    // {
    //     if (!x.is_empty()) {
    //         let e = choose |e:T| x.contains(e);
    //         ThingsIKnowAboutSubset(x.remove(e), y.remove(e));
    //     }
    // }

    // pub proof fn SubsetCardinality<T>(x:Set<T>, y:Set<T>)
    //     ensures x.subset_of(y) ==> x.len() < y.len(),
    //             (x.subset_of(y) || x==y) ==> x.len() <= y.len()
    // {
    //     if (x.subset_of(y)) {

    //     } 
    //     if (x==y) {

    //     }
    // }
}