@@ -504,7 +504,7 @@ data _⊢_⇀⦇_,GOVCERT⦈_ : CertEnv → GState → DCert → GState → Type
504504 ⟦ e , pp , vs , wdrls , cc ⟧ ⊢ ⟦ dReps , ccKeys ⟧ ⇀⦇ ccreghot c mc ,GOVCERT⦈ ⟦ dReps , ❴ c , mc ❵ ∪ˡ ccKeys ⟧
505505```
506506
507- ## The <span class =" AgdaDatatype " >CERTS</span > Transition System
507+ ## The <span class =" AgdaDatatype " >CERTS</span > Transition System {#sec : the-certs-transition-system }
508508
509509This section culminates in the definition of the ` CERTS ` {.AgdaDatatype} transition
510510system by bundling previously defined pieces together into a
@@ -532,19 +532,27 @@ data _⊢_⇀⦇_,CERT⦈_ : CertEnv → CertState → DCert → CertState →
532532 Γ ⊢ ⟦ stᵈ , stᵖ , stᵍ ⟧ ⇀⦇ dCert ,CERT⦈ ⟦ stᵈ , stᵖ , stᵍ' ⟧
533533```
534534
535- ### The <span class =" AgdaFunction " >CERTBASE </span > Function
535+ ### The <span class =" AgdaFunction " >PRE-CERT </span > Transition Rule
536536
537- Here we define the ` CERTBASE ` {.AgdaFunction} function which handles the following
537+ Here we define the ` PRE-CERT ` {.AgdaDatatype} transition rule. This rule is applied
538+ at the start of the ` CERTS ` {.AgdaDatatype} transition rule and handles the following
538539important housekeeping tasks:
539540
540541+ check the correctness of withdrawals and ensure that withdrawals only
541542 happen from credentials that have delegated their voting power;
542543
543- + set the rewards of the credentials that withdrew funds to zero;
544-
545- + and set the activity timer of all ` DRep ` {.AgdaInductiveConstructor}s that voted
544+ + set the activity timer of all ` DRep ` {.AgdaInductiveConstructor}s that voted
546545 to ` drepActivity ` {.AgdaField} epochs in the future.
547546
547+ + set the rewards of the credentials that withdrew funds to zero.
548+
549+ Regarding the second item, if there is a new governance proposal to vote on in this transaction,
550+ then expiry for all ` DReps ` {.AgdaInductiveConstructor} will be increased by
551+ the number of dormant epochs. However, the ` PRE-CERT ` {.AgdaDatatype} transition occurs in
552+ ` LEDGER ` {.AgdaDatatype} * before* the ` GOV ` {.AgdaDatatype} rule, so it cannot validate
553+ any governance proposal. This is not a problem since the entire transaction will
554+ fail if the proposal is not accepted in the ` GOV ` {.AgdaDatatype} rule.
555+
548556<!--
549557```agda
550558open GovVote using (voter)
@@ -565,14 +573,22 @@ data _⊢_⇀⦇_,PRE-CERT⦈_ : CertEnv → CertState → ⊤ → CertState →
565573 ⟦ e , pp , vs , wdrls , cc ⟧ ⊢ ⟦ ⟦ voteDelegs , stakeDelegs , rewards ⟧ , stᵖ , ⟦ dReps , ccHotKeys ⟧ ⟧
566574 ⇀⦇ _ ,PRE-CERT⦈
567575 ⟦ ⟦ voteDelegs , stakeDelegs , constMap wdrlCreds 0 ∪ˡ rewards ⟧ , stᵖ , ⟦ refreshedDReps , ccHotKeys ⟧ ⟧
576+ ```
568577
578+ ### The <span class =" AgdaFunction " >POST-CERT</span > Transition Rule
579+
580+ The ` POST-CERT ` {.AgdaFunction} transition rule is applied at the end of the
581+ ` CERTS ` {.AgdaDatatype} rule and it ensures that only valid registered
582+ ` DReps ` {.AgdaInductiveConstructor} are included in the final ` CertState ` {.AgdaRecord}.
583+
584+ ``` agda
569585data _⊢_⇀⦇_,POST-CERT⦈_ : CertEnv → CertState → ⊤ → CertState → Type where
570586
571587 CERT-post :
572588 ⟦ e , pp , vs , wdrls , cc ⟧
573589 ⊢ ⟦ ⟦ voteDelegs , stakeDelegs , rewards ⟧ , stᵖ , stᵍ ⟧
574590 ⇀⦇ _ ,POST-CERT⦈
575- ⟦ ⟦ voteDelegs ∣^ ( mapˢ vDelegCredential (dom (GState.dreps stᵍ)) ∪ fromList (vDelegNoConfidence ∷ vDelegAbstain ∷ []) )
591+ ⟦ ⟦ voteDelegs ∣^ ( mapˢ vDelegCredential (dom (DRepsOf stᵍ)) ∪ fromList (vDelegNoConfidence ∷ vDelegAbstain ∷ []) )
576592 , stakeDelegs , rewards ⟧ , stᵖ , stᵍ ⟧
577593
578594_⊢_⇀⦇_,CERTS⦈_ : CertEnv → CertState → List DCert → CertState → Type
0 commit comments