Skip to content

Leibniz OFE construction#485

Open
Kaptch wants to merge 9 commits into
leanprover-community:masterfrom
Kaptch:agree
Open

Leibniz OFE construction#485
Kaptch wants to merge 9 commits into
leanprover-community:masterfrom
Kaptch:agree

Conversation

@Kaptch

@Kaptch Kaptch commented Jun 25, 2026

Copy link
Copy Markdown
Collaborator

Description

POC: OFE constructor that takes:

  • Carrier: X: Type _;
  • Distance: dist: Nat \to X \to X \to Prop, satisfying old distance axioms.

And returns a OFE that has X/\sim carrier, where x \sim y \iff \forall n. dist n x y and lifted distance.
It trivially satisfies old equiv_dist axiom, and is Leibniz.
Tested it on agreement, and it was relatively fast to fix downstream problems (~10 lines in total).

Updated summary

Made Agree a Leibniz OFE, on Agree A, equiv is now just =.

There is a generic construction in OFE.lean (QuotientO + mkQuotient, plus a little mk/lift/map wrapper API), then a Leibniz version of Agree on top of it. Agree API is the same, except that now it requires its type argument to be OFE even for the definition.
Once Agree is Leibniz, a bunch of cameras built on it are too, so I added the instances: View, Auth, and the lib ones (DFracAgree, ExclAuth, FracAuth). Plus two tiny fixes where the refactor changed how Agree values get constructed.
The only non-Leibniz (or Leibniz-preserving) OFEs/CMRAs are related to maps, and I'll do them in a separate PR shortly.

@markusdemedeiros markusdemedeiros self-requested a review June 25, 2026 16:06
@markusdemedeiros

Copy link
Copy Markdown
Collaborator

Nice! Any reason why this touches views/agree?

@Kaptch

Kaptch commented Jun 25, 2026

Copy link
Copy Markdown
Collaborator Author

I tested it on agreement, because it is one of a few algebras, which would be changed, if we move to a new definition of OFEs without equiv. Views were a collateral damage, there was minor case of looking past the interface of agreement.
But apart from minor nits in agreement-dependent algebras, nothing changes much. We never eliminate from algebras to Lean types, so there's no need for Quotient.lift in other parts of the project.
Morally, this example shows that changing equiv -> eq would not break agreement algebra, since we could provide the same interface.
I haven't tested it with other algebras with non-trivial equiv, but it should work fine.

@markusdemedeiros

Copy link
Copy Markdown
Collaborator

That's promising!

Comment thread Iris/Iris/Algebra/OFE.lean Outdated

/-- The setoid on `X` identifying points that agree at every step index:
`x ≈ y ↔ ∀ n, dist n x y`. -/
def distSetoid {X : Type u} (dist : Nat → X → X → Prop) (heqv : ∀ n, Equivalence (dist n)) :

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Setoid is a type class. We typically use instance instead of def.

@Kaptch Kaptch requested review from MackieLoeffel and lzy0505 June 29, 2026 12:35
@Kaptch Kaptch mentioned this pull request Jun 29, 2026
Comment thread Iris/Iris/Algebra/Agree.lean Outdated
EXPERIMENT: Leibniz Agree.
https://leanprover.zulipchat.com/#narrow/channel/490604-iris-lean/topic/Evaluating.20a.20specialization.20to.20Leibnize.20OFE.27s/with/606745235

Note that the Rocq version of Agree does not require that the agreement type be an OFE. The

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Kaptch I'm a little confused as to why the type needs to be an OFE here, when the type did not need to be an OFE before. Isn't the point of the Agree quotient just to make it a set rather than a list?

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Under [OFE \alpha] it should be isomorphic to Agree := { X : FiniteSet \alpha | X \neq \empty }
The reason I used this implementation is that I thought that making our version of FiniteSet seems to be redundant, given that it will be used only in Agree, and Mathlib has a version of FiniteSet with good API, so porting it would introduce duplication of one more chunk of Mathlib.
This version of Agree can be used with non-OFE types by giving them discrete metric.
Also, it was a good usecase for a more general quotient construction, which could be reused for some client OFEs if they also required implicit quotienting via Equiv.
That being said, I can redo it with finite sets instead, I have a simple version of FiniteSet somewhere, and can use that.

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you succeeded in showing that the general quotient construction works, but yes, it sounds like we should definitely avoid the extra OFE constraint.

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oki, I will think of a good way to do it then.

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of bringing finsets for one definition, quotiented lists in-place, and restored the old interface without the OFE obligation.

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds great. Re-request when I can review it!

@Kaptch Kaptch requested a review from markusdemedeiros July 1, 2026 23:04

@markusdemedeiros markusdemedeiros left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks superb!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants