BlockchainCSPModel
==================

CSP/FDR scripts to accompany the paper:
"Modelling and analysing a simple blockchain using CSP and FDR" 
by A.W. Roscoe and Jonathan Lawrence.

Model
=====
The CSP model and FDR assertions are split into 3 files, 
following the structure of the paper:

1) hashstorage.csp
Defines basic types including Blocks, channels used by the Hasher, 
and scale parameters for the model.
Contains the two models of the block hashing mechanism, sequential and distributed.
Only the distributed model is used in the complete blockchain model.

2) agentmodels.csp
Contains the models of the blockchain agents, good (including associated tracker)
and bad, and the assembly of the blockchain system. 

3) watchdog.csp
Contains the definition of the distributed watchdog process as described in the
paper, including the FDR assertions described in the paper.

There is a dependency between the scripts: 
watchdog.csp -> agentmodels.csp -> hashstorage.csp
where "->" denotes "depends on and includes".

Checks
======
The most interesting FDR assertions to run are in watchdog.csp:
-- Run with one bad agent:
assert STOP [T= BCWD(1) \ diff(Events,{|wooff,bark|})  -- fails with debug info
-- Run with good agents only:
assert STOP [T= BCWD(0) \ diff(Events,{|wooff,bark|})  -- succeeds.
 

uncommenting the line:
--myturn(a,(3,_)) = true  -- nondet successor
in agentmodels.csp will allow forking with only good nodes,
in which case the second check above will also fail with debug information.

The number of agents in the system can be adjusted by changing N=3 in 
hashstorage.csp. Running a check with 4 good agents is feasible.
