-
Notifications
You must be signed in to change notification settings - Fork 10
/
transfer.tla
41 lines (34 loc) · 971 Bytes
/
transfer.tla
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
---- MODULE transfer ----
EXTENDS Variants, Integers
VARIABLES
\* @type: Str -> Int;
balances,
\* @type: Init({wallets: Set(Str)}) | Transfer({sender: Str, receiver: Str, amount: Int});
action,
\* @type: Int;
step
WALLETS == {"Alice", "Bob"}
Init ==
/\ balances = [wallet \in WALLETS |-> 100]
/\ action = Variant("Init", [wallets |-> WALLETS])
/\ step = 0
Next ==
\E sender \in WALLETS:
\E receiver \in WALLETS:
\E amount \in 1..balances[sender]:
/\ sender /= receiver
/\ balances' = [
balances EXCEPT
![sender] = @ - amount,
![receiver] = @ + amount
]
/\ action' = Variant("Transfer", [sender |-> sender, receiver |-> receiver, amount |-> amount])
/\ step' = step + 1
View ==
VariantGetOrElse(
"Transfer",
action,
[sender |-> "", receiver |-> "", amount |-> 0]
)
TestAliceZero == balances["Alice"] = 0
====