Artifact For "Adore: Atomic Distributed Objects with Certified Reconfiguration"

This is the artifact for "Adore: Atomic Distributed Objects with Certified Reconfiguration" (PLDI '22). Source files are included in artifact.tgz. See the README for build instructions.

Abstract

Finding the right abstraction is critical for reasoning about complex systems such as distributed protocols like Paxos and Raft. Despite a recent abundance of impressive verification work in this area, we claim the abstractions used by these projects are not ideal for protocol-level reasoning and either hide important details, or leak too much complexity from the network. As evidence we point to the fact that nearly all of them avoid the complex, but important issue of reconfiguration. Reconfiguration's primary challenge lies in how it interacts with the protocol's core safety invariants. To handle this increased complexity, we introduce the novel Adore model, which abstracts away network-level communication while also capturing dependencies between committed and uncommitted states, as well as metadata, such as election quorums. It includes first-class support for a generic reconfiguration command that can be instantiated with a variety of implementations. Under this model, the subtle interactions between reconfiguration and the core protocol become clear, and with this insight we completed the first mechanized proof of safety of a reconfigurable consensus protocol.