We present a unification of refinement and Hoare-style reasoning in a foundational mechanized higher-order distributed separation logic. This unification enables us to prove formally in the Coq proof assistant that concrete implementations of challenging distributed systems refine more abstract models and to combine refinement-style reasoning with Hoare-style program verification. We use our logic to prove correctness of concrete implementations of two-phase commit and single-decree Paxos by showing that they refine their abstract TLA+ specifications. We further use our notion of refinement to transfer fairness assumptions on program executions to model traces and then transfer liveness properties of fair model traces back to program executions, which enables us to prove liveness properties such as strong eventual consistency of a concrete implementation of a Conflict-Free Replicated Data Type and fair termination of a concurrent program.

中文翻译：

---

Trillium：统一细化和高阶分布式分离逻辑

我们在基础机械化高阶分布式分离逻辑中提出了细化和霍尔式推理的统一。这种统一使我们能够在 Coq 证明助手中正式证明具有挑战性的分布式系统的具体实现会提炼更抽象的模型，并将提炼式推理与 Hoare 式程序验证相结合。我们使用我们的逻辑来证明两阶段提交和单判决 Paxos 的具体实现的正确性，通过展示它们改进了他们的抽象 TLA+ 规范。我们进一步使用我们的细化概念将程序执行的公平假设转移到模型跟踪，然后将公平模型跟踪的活性属性转移回程序执行，