VeriFx: Correct Replicated Data Types for the Masses

TL;DR

VeriFx is a high-level language with automated proof features that simplifies designing, implementing, and verifying correct replicated data types like CRDTs and OT functions for distributed systems.

Contribution

It introduces VeriFx, enabling automated correctness verification of RDTs, reducing complexity and reliance on expert manual proofs, and supporting code generation for mainstream languages.

Findings

Implemented and verified 35 CRDTs using VeriFx.

Reproduced a study on OT functions' correctness.

Demonstrated VeriFx's effectiveness in simplifying RDT development.

Abstract

Distributed systems adopt weak consistency to ensure high availability and low latency, but state convergence is hard to guarantee due to conflicts. Experts carefully design replicated data types (RDTs) that resemble sequential data types and embed conflict resolution mechanisms that ensure convergence. Designing RDTs is challenging as their correctness depends on subtleties such as the ordering of concurrent operations. Currently, researchers manually verify RDTs, either by paper proofs or using proof assistants. Unfortunately, paper proofs are subject to reasoning flaws and mechanized proofs verify a formalisation instead of a real-world implementation. Furthermore, writing mechanized proofs is reserved to verification experts and is extremely time consuming. To simplify the design, implementation, and verification of RDTs, we propose VeriFx, a high-level programming language with automated proof capabilities. VeriFx lets programmers implement RDTs atop functional collections and express correctness properties that are verified automatically. Verified RDTs can be transpiled to mainstream languages (currently Scala or JavaScript). VeriFx also provides libraries for implementing and verifying Conflict-free Replicated Data Types (CRDTs) and Operational Transformation (OT) functions. These libraries implement the general execution model of those approaches and define their correctness properties. We use the libraries to implement and verify an extensive portfolio of 35 CRDTs and reproduce a study on the correctness of OT functions.