Partial Product Updates for Agents of Detectable Failure and Logical Obstruction to Task Solvability

Daisuke Nakai Masaki Muramatsu Susumu Nishimura

Dept. Math., Graduate School of Science, Kyoto University Corresponding author: [email protected]

Abstract

The logical method proposed by Goubault, Ledent, and Rajsbaum provides a novel way to show the unsolvability of distributed tasks by means of a logical obstruction, which is an epistemic logic formula describing the reason of unsolvability. In this paper, we introduce the notion of partial product update, which refines that of product update in the original logical method, to encompass distributed tasks and protocols modeled by impure simplicial complexes. With this extended notion of partial product update, the original logical method is generalized so that it allows the application of logical obstruction to show unsolvability results in a distributed environment where the failure of agents is detectable. We demonstrate the use of the logical method by giving a concrete logical obstruction and showing that the consensus task is unsolvable by the single-round synchronous message-passing protocol.

1 Introduction

The solvability of distributed tasks is a fundamental problem in the theory of distributed computing, and several proof methods for showing unsolvability have been developed. The most classical is based on the valency argument [2, 5]: If we assume the solvability of a task, it implies a contradictory set of outputs to be produced along concurrent execution paths. Another method is the one that uses the topological model [6]: In the topological method, the computation of a distributed task or a protocol is modeled by a function over simplicial complexes representing the nondeterministic sets of states of concurrently running agents, and the unsolvability of a task is demonstrated by a topological inconsistency that is implied by a hypothetical existence of a solution to the task.

In addition to these precursors, a new method, called the logical method, has recently been proposed by Goubault, Ledent, and Rajsbaum [3]. They proposed to discuss the structure of distributed computation in a Kripke model of epistemic knowledge, which is derived from the topological model of simplicial complex. They formulated the distributed task and protocol using the so-called product update models, which originate from the study of dynamic epistemic logic [11]. The logical method provides a novel way to show the unsolvability of distributed tasks: The unsolvability follows from a logical obstruction, i.e., a formula that describes the reason for the unsolvability in the formal language of epistemic logic.

Their logical method, however, only applies to the tasks and protocols where the possible failure of distributed agents is insignificant for the discussion of unsolvability. The semantics of epistemic logic is given by the so-called epsistemic models, where an epistemic model is a Kripke model whose possible worlds are structured by equivalence relations over them. They also showed that the epistemic models used in the logical method and the pure simplicial complexes used in the topological method are isomorphic models. The purity means that each facet is of the same dimension, that is, each possible global state of a distributed system consists of the same number of live agents.

This implies that the epistemic models in [3] are unaware of failures, since we need impure simplicial complexes to model ‘dead’ agents that are missing from a facet. Despite the innocence of failure, the epistemic models can argue certain significant unsolvability results, including those for the consensus task and $k$ -set agreement tasks by a wait-free protocol in an asynchronous environment, where a ‘dead’ agent can be regarded as just infinitely slow in execution. (See Section 1.1.3 of [8] for further discussion.)

Later in [4], the same authors devised partial epistemic models, whose possible worlds are structured by partial equivalence relations (PERs), which are subordinate equivalence relations that are not necessarily reflexive, and argued that partial epistemic models are appropriate for modeling the possible failure of agents. Partial epistemic models inherit several virtues from epistemic models. They are isomorphic to the topological model of impure simplicial complexes; They provide the semantics for the epistemic logic with axiom system $\mathbf{\mathrm{KB4_{n}}}$ , as so do epistemic models for axiom system $\mathbf{\mathrm{S5_{n}}}$ [1, 11]; Furthermore, they enjoy the knowledge gain property, which states that the knowledge expressed by an adequate class of formulas never increases along a morphism over the models.

However, the framework of logical method has not been presented for partial epistemic models in [4]. The notion of product update relevant to partial epistemic models is needed for the definition of task solvability, but they did not present it.

In this paper, we introduce the notion of partial product update, which refines the original product update [3]. Using partial product update models, we give a logical definition of task solvability and thereby provide the logical method for proving task unsolvability. Furthermore we present a concrete logical obstruction and show that the consensus task is not solvable by the synchronous message passing protocol [7].

The partial product update model refines the original model to allow coherent definitions of distributed tasks and protocols in a distributed environment in which the exact set of dead agents is detectable. In a product update model ${\mathcal{I}}\left[{\mathbf{A}}\right]$ of [3], a task or a protocol is specified by a set of products $(X,t)$ where an action $t$ in $\mathbf{A}$ represents a possible output for the input $X$ in the input model $\mathcal{I}$ . In contrast, in partial epistemic models, an action $t$ should be associated with not necessarily a single input but with a set of inputs that are indistinguishable by the agents that are alive in $t$ . For this, we define a partial product update model ${\mathcal{I}}\left\{{\mathbf{A}}\right\}$ as a set of products of the form $([X]_{t},t)$ , where $[X]_{t}$ is an appropriate equivalence class of $X$ determined with respect to the set of agents that are alive in $t$ .

Using partial product update models, we define task solvability by the existence of a morphism that mediates the partial product update model of a protocol and that of a task. We will show that this definition is equivalent to the topological definition of task solvability in the following sense: Given a task and a protocol as functions over simplicial complexes, we derive an action model and a partial product update model for each of them. Then a simplicial map that defines the solvability in the topological model exists if and only if a mediating morphism over partial epistemic models exists. This definition of task solvability using partial product updates refines the one using product updates so that it allows a detectable set of failed agents. Furthermore, likewise in [3], it provides the logical method that allows a logical obstruction to show the unsolvability of a task.

We demonstrate the use of logical obstruction in partial product update models by showing that the consensus task is unsolvable by the single-round synchronous message passing protocol. In the synchronous message passing protocol [7], each agent sends copies of its local value to other agents synchronously. Unlike wait-free protocols in an asynchronous environment, a crash of an agent in a synchronous environment is detectable by other live agents, since the failure of message delivery from a dead agent can be detected within a bounded period of time. This gives rise to an impure simplicial complex model, as depicted in Figure 1. In order to argue unsolvability for such an impure simplicial complex in partial epistemic model, we construct a partial product update from an action model whose actions are represented by posets of rank at most $1$ . We present a concrete epistemic logic formula that serves as a logical obstruction that refutes the solvability of the consensus task.

Figure 1: An impure simplicial complex of the synchronous message passing protocol for

3

agents, with

0

-dimensional facets being omitted

We note that the previous work [7] analyzes more precisely the (un)solvability of $k$ -set agreement tasks by the $r$ -round synchronous message passing protocol, for varying $k$ and $r$ , using the topological method. In the present paper, we only demonstrate the unsolvability of the consensus task (i.e., the $1$ -set agreement task) by the single-round synchronous message passing protocol. To show the other unsolvability results, we would need to further refine the logical method presented in this paper, as it has been done for the logical method in asynchronous environments, e.g., [9, 12].

The rest of the paper is organized into the following sections. Section 2 reviews the two previous models of distributed computing, namely, the topological models and the epistemic models. In Section 3, we introduce the notion of partial product update and give the definition of task solvability in partial epistemic models. We also show that this definition of task solvability is equivalent to the standard one given in terms of the topological method. (The formal proof of the equivalence is given in Appendix A.) Section 4 defines the partial product update model for the synchronous message passing protocol, where the action model consists of actions that are represented by posets of rank at most $1$ . Section 5 gives a concrete logical obstruction and proves that the consensus task is not solvable by the single-round synchronous message passing protocol. Finally Section 6 concludes the paper and indicates the direction of future research.

2 Partial Epistemic Model for Epistemic Logic

Throughout this paper, we assume a distributed system consisting of $n$ ( $n>1$ ) agents, which are distinguished by the identifiers taken from the set $\mathsf{Ag}=\{0,\ldots,n-1\}$ . We say ‘agent $a$ ’ to refer to the agent with id $a\in\mathsf{Ag}$ .

2.1 Topological model of distributed computing

In the topological method [6], distributed systems are modeled by simplicial complexes. A global state of a distributed system is modeled by a simplex, i.e., a nonempty set of vertexes, where each vertex represents the local state of a particular agent. The nonderteministic set of global states of a distributed system is modeled by a simplicial complex, a set of simplexes that is closed under set inclusion. The topological model uses the so called chromatic simplicial complex, whose vertexes are properly ‘colored’ with agent ids.

Definition 2.1 (chromatic simplicial complex).

A chromatic simplicial complex $\mathcal{C}$ is a triple $\langle V,S,\chi\rangle$ consisting of a set $V$ of vertexes, a set $S$ of simplexes, and a coloring map $\chi:V\to\mathsf{Ag}$ that satisfy:

•

$S$ is the set of simplexes, i.e., a set of nonempty subsets of $V$ such that $X\in S$ and $\emptyset\subsetneq Y\subseteq X$ implies $Y\in S$ ;
•

For every $X\in S$ and $u,v\in X$ , $\chi(u)=\chi(v)$ implies $u=v$ .

For brevity, we often write complexes (resp., simplexes) to mean chromatic simplicial complexes (resp., chromatic simplexes).

A simplex $X$ is of dimension $d$ , if $\lvert X\rvert=d+1$ . The dimension of a complex $\mathcal{C}$ is the maximum dimension of the simplexes contained in $\mathcal{C}$ . A simplex $X$ is called a facet of $\mathcal{C}$ , if $X$ is a maximal simplex, i.e., $\mathcal{C}$ contains no facet that is properly larger than $X$ . We write $\mathcal{F}(\mathcal{C})$ for the set of facets of $\mathcal{C}$ . A complex is called pure (of dimension $n-1$ ) if all facets are of the same dimension $n-1$ ; otherwise, the complex is called impure. An impure complex contains a facet of dimension less than $n-1$ . Such a facet represents a global state of the distributed system where some agents are ‘dead’ due to crash.

Given complexes $\mathcal{C}=\langle V,S,\chi\rangle$ and $\mathcal{C}^{\prime}=\langle V^{\prime},S^{\prime},\chi^{\prime}\rangle$ , a simplicial map $\delta:\mathcal{C}\to\mathcal{C}^{\prime}$ is a color-preserving map from $V$ to $V^{\prime}$ such that:

•

$f(X)\in S^{\prime}$ for every $X\in S$ ;
•

$\chi^{\prime}(f(v))=\chi(v)$ for every $v\in V$ .

2.2 Partial epistemic model semantics for epistemic logic

We are concerned with the analysis of distributed computability with epistemic logic [1], a propositional logic augmented with a knowledge modality.

Definition 2.2 (The syntax of epistemic logic).

We assume the set $\mathsf{At}$ is a disjoint union of atomic propositions indexed by agents, i.e., $\mathsf{At}=\bigcup_{a\in\mathsf{Ag}}\mathsf{At}_{a}$ . For $A\subseteq\mathsf{Ag}$ , we write $\mathsf{At}_{A}$ for the set $\bigcup_{a\in A}\mathsf{At}_{a}$ of atomic propositions concerning the subset $A$ of agents.

The set $\mathcal{L}_{\mathrm{K}}$ of epistemic logic formulas are defined by the following BNF grammar:

\varphi::=p\mid\neg\varphi\mid\varphi\wedge\varphi\mid\varphi\vee\varphi\mid\mathop{\mathrm{K}_{a}}{\varphi}\qquad(p\in\mathsf{At},\>a\in\mathsf{Ag}).

As usual, the implication $\varphi\Rightarrow\varphi^{\prime}$ is logically equivalent to $\neg\varphi\vee\varphi^{\prime}$ and $\mathsf{false}$ to $p\wedge\neg p$ , for some $p\in\mathsf{At}$ . For a finite set of formulas $G=\{\varphi_{1},\cdots,\varphi_{k}\}$ , we write $\bigwedge G$ for $\bigwedge_{i=1}^{k}\varphi_{i}$ and $\bigvee G$ for $\bigvee_{i=1}^{k}\varphi_{i}$ .

For $a\in\mathsf{Ag}$ and $B\subseteq\mathsf{Ag}$ , we write $\operatorname{\mathsf{alive}}({a})$ to abbreviate the formula $\neg\mathop{\mathrm{K}_{a}}\mathsf{false}$ and also $\operatorname{\mathsf{alive}}({B})$ to abbreviate $\bigwedge_{a\in B}\operatorname{\mathsf{alive}}({a})$ . The formula $\operatorname{\mathsf{alive}}({a})$ (resp., $\operatorname{\mathsf{alive}}({B})$ ) is intended to describe that agent $a$ (resp., all agents in $B$ ) are alive.

In the subsequent discussion, we are concerned with a particular subclass $\mathcal{L}_{\mathrm{K},\mathsf{alive}}^{+}$ of formulas, called guarded positive epistemic formulas, given by:

\varphi::=\operatorname{\mathsf{alive}}({B})\Rightarrow\psi\mid\varphi\wedge\varphi\mid\varphi\vee\varphi\mid\mathop{\mathrm{K}_{a}}{\varphi}\qquad(a\in\mathsf{Ag},~{}B\subseteq\mathsf{Ag}),

where $\psi$ ranges over pure propositional formulas whose atomic formulas are restricted to those concerning agents in $B$ , namely,

\psi::=p\mid\neg\psi\mid\psi\wedge\psi\mid\psi\vee\psi\qquad(p\in\mathsf{At}_{B}).

Following [4], below we define the semantics of epistemic logic in a partial epistemic model.

Definition 2.3 (partial epistemic model).

A partial epistemic frame $\langle W,\sim\rangle$ is a pair consisting of:

•

A nonempty finite set $W$ of possible worlds;
•

An indistinguishability relation $\sim$ , which is a family of binary relations $\{{\sim_{a}}\}_{a\in\mathsf{Ag}}$ over $W$ where each $\sim_{a}$ is a partial equivalence relation (PER), i.e., $\sim_{a}$ is a symmetric and transitive, but not necessarily reflexive relation.

A partial epistemic model $\mathcal{M}=\langle W,\sim,L\rangle$ is a triple that augments a partial epistemic frame $\langle W,\sim\rangle$ with a function $L:W\to 2^{\mathsf{At}}$ . The function $L$ assigns a set $L(w)$ of true atomic propositions to each world $w\in W$ .

When $w\sim_{a}w^{\prime}$ holds in a partial epistemic model, it means that agent $a$ is alive in both of the possible worlds $w$ and $w^{\prime}$ and it cannot distinguish between these worlds. Particularly, $w\not\sim_{a}w$ implies that an agent $a$ is dead in a possible world $w$ . We write $\overline{w}$ for the set of agents that is alive in $w$ , i.e., $\overline{w}=\{a\in\mathsf{Ag}\mid w\sim_{a}w\}$ . For $A\subseteq\mathsf{Ag}$ , we also write $w\sim_{A}w^{\prime}$ to mean $w\sim_{a}w^{\prime}$ for every $a\in A$ .

Partial epistemic models generalize the usual epistemic models: Indistinguishability relations are given by equivalence relations instead of PERs, which means that every agent is alive in epistemic models.

Definition 2.4.

Let $\mathcal{M}=\langle W,\sim,L\rangle$ be a partial epistemic model. Given $w\in\mathcal{M}$ and $\varphi\in\mathcal{L}_{\mathrm{K}}$ , the satisfaction relation $\mathcal{M},w\models\varphi$ , which reads $\varphi$ is true in the possible world $w$ of $\mathcal{M}$ , is defined by induction on the structure of $\varphi$ as follows.

	$\displaystyle\mathcal{M},w\models p$	$\displaystyle\quad\text{ iff }\quad p\in L(W)$
	$\displaystyle\mathcal{M},w\models\neg\varphi$	$\displaystyle\quad\text{ iff }\quad\mathcal{M},w\not\models\varphi$
	$\displaystyle\mathcal{M},w\models\varphi\wedge\varphi^{\prime}$	$\displaystyle\quad\text{ iff }\quad\mathcal{M},w\models\varphi\text{ and }\mathcal{M},w\models\varphi^{\prime}$
	$\displaystyle\mathcal{M},w\models\varphi\vee\varphi^{\prime}$	$\displaystyle\quad\text{ iff }\quad\mathcal{M},w\models\varphi\text{ or }\mathcal{M},w\models\varphi^{\prime}$
	$\displaystyle\mathcal{M},w\models\mathop{\mathrm{K}_{a}}{\varphi}$	$\displaystyle\quad\text{ iff }\quad\mathcal{M},w^{\prime}\models\varphi\text{ for every $w^{\prime}\in W$ satisfying $w\sim_{a}w^{\prime}$}.$

We write $\mathcal{M}\models\varphi$ to mean $\varphi$ is valid in $\mathcal{M}$ , i.e., $\mathcal{M},w\models\varphi$ for every $w\in W$ .

Partial epistemic models form a category whose objects are partial epistemic models and morphisms are the functions defined as follows. A morphism $f$ from $\mathcal{M}=\langle W,\sim,L\rangle$ to $\mathcal{M}^{\prime}=\langle W^{\prime},\sim^{\prime},L^{\prime}\rangle$ is a function $f:W\to 2^{W^{\prime}}$ satisfying the following properties:

•

(Preservation of $\sim$ ) For all $a\in\mathsf{Ag}$ and $w,w^{\prime}\in M$ , $w\sim_{a}w^{\prime}$ implies $u\sim_{a}^{\prime}u^{\prime}$ for every $u\in f(w)$ and $u^{\prime}\in f(w^{\prime})$ .
•

(Saturation) For all $w\in W$ , there exists $w^{\prime}\in f(w)$ such that $f(w)=\mathsf{sat}_{\overline{w}}(w^{\prime})$ , where $\mathsf{sat}_{U}(v)=\{w\in W\mid v\sim_{U}w\}$ is a saturation, the set of all possible worlds that cannot be distinguished from $w$ by any agent $a\in U$ .
•

(Preservation of atomic formulas) For all $w\in M$ and $w^{\prime}\in f(w)$ , $L(w)\cap\mathsf{At}_{\overline{w}}=L^{\prime}(w)\cap\mathsf{At}_{\overline{w}}$ .

In order to show unsolvability results in this paper, we will use the knowledge gain property, which states that the amount of knowledge is never increased along a morphism from one Kripke model to another. For partial epistemic models, the knowledge gain property holds for any guarded positive formula [4].

Proposition 2.5 (knowledge gain).

Let $\mathcal{M}=\langle W^{\mathcal{M}},\sim^{\mathcal{M}},L^{\mathcal{M}}\rangle$ and $\mathcal{N}=\langle W^{\mathcal{N}},\sim^{\mathcal{N}},L^{\mathcal{N}}\rangle$ be partial epistemic models. Let $f:\mathcal{M}\to\mathcal{N}$ be a morphism such that $w^{\prime}\in f(w)$ for all $w\in\mathcal{M}$ and $w^{\prime}\in\mathcal{N}$ . Then $\mathcal{N},w^{\prime}\models\varphi$ implies $\mathcal{M},w\models\varphi$ for any guarded positive epistemic formula $\varphi\in\mathcal{L}_{\mathrm{K},\mathsf{alive}}^{+}$ .

2.3 Simplicial models and the equivalence with partial epistemic models

From the topological structure of a given (not necessarily pure) simplicial complex, we can derive simplicial models [4].

Definition 2.6 (simplicial models).

A simplicial model $\mathcal{C}$ is a quadruple $\langle V,S,\chi,\ell\rangle$ consisting of:

•

The triple $\langle V,S,\chi\rangle$ of the underlying complex;
•

The labeling $\ell$ that assigns a set $\ell(X)$ of atomic propositions to each facet $X$ of the complex.

The set $\ell(X)$ of atomic propositions determines the local states of agents in a given global state represented by $X$ .

From a simplicial model $\mathcal{C}=\langle V,S,\chi,\ell\rangle$ , we can derive a partial epistemic model $\langle{\mathcal{F}(\mathcal{C}),\sim,L}\rangle$ such that

•

The set of possible worlds is $\mathcal{F}(\mathcal{C})$ , the set of facets of the complex $\mathcal{C}$ ;
•

The indistinguishability relation is defined by $X\sim_{a}Y$ if and only if $a\in\chi(X\cap Y)$ . That means, the facets $X$ and $Y$ sharing a common vertex of color $a$ are indistinguishable by the agent $a$ ;
•

The labeling $L$ on possible worlds is defined by $L(X)=\ell(X)$ for each $X\in\mathcal{F}(\mathcal{C})$ .

The partial epistemic model derived from a simplicial model in this way is a proper Kripke model. A Kripke model $\mathcal{M}=\langle W,\sim,L\rangle$ is called proper if $w\neq w^{\prime}$ implies $\exists a\in\mathsf{Ag}.~{}w\not\sim_{a}w^{\prime}$ for all $w,w^{\prime}\in W$ . It has been shown that the category $\mathcal{PM}$ of proper partial epistemic models is equivalent to the category $\mathcal{SM}$ of simplicial models [4], where a morphism $f$ from $\mathcal{C}=\langle V,S,\chi,\ell\rangle$ to $\mathcal{C}^{\prime}=\langle V^{\prime},S^{\prime},\chi^{\prime},\ell^{\prime}\rangle$ in $\mathcal{SM}$ is a simplicial map $f:\mathcal{C}\to\mathcal{C}^{\prime}$ satisfying $\ell(X)\cap\mathsf{At}_{\chi(X)}=\ell^{\prime}(Y)\cap\mathsf{At}_{\chi(X)}$ for every $X\in\mathcal{F}(\mathcal{C})$ and $Y\in\mathcal{F}(\mathcal{C}^{\prime})$ such that $f(X)\subseteq Y$ .

Due to this equivalence, in the sequel we will occasionally confuse simplicial models with proper partial epistemic models. We regard facets of a complex $\mathcal{C}$ , say $X,Y\in\mathcal{F}(\mathcal{C})$ , as possible worlds of the corresponding partial epistemic model and argue the indistinguishability by the property of the facets. For example, $X\sim_{a}Y$ in a partial equivalence model is interpreted as $a\in\chi(X\cap Y)$ ; The notation $\overline{X}$ , which denotes the set of live agents in a facet $X$ of a simplicial model, is given by $\overline{X}=\chi(X)$ .

Figure 2: An impure simplicial model and its corresponding partial epistemic model

Example 2.1.

Figure 2 depicts a simplicial model $\langle{V,S,\chi,\ell}\rangle$ (on the left) and its corresponding partial epistemic model $\langle{M,\sim,L}\rangle$ (on the right) for $3$ agents with colors $\mathsf{Ag}=\{0,1,2\}$ . In the figure, agents $0$ , $1$ , and $2$ are represented by colored nodes $\bullet$ $\circ$ , $\bullet$ $\circ$ , and $\bullet$ $\circ$ , respectively. Throughout the paper, we will follow this coloring convention.

For each $i=0,1,2,3$ , the facet $X_{i}$ in the simplicial model corresponds to the possible world $w_{i}$ in the partial epistemic model and they have the same set of atomic propositions, i.e., $\ell(X_{i})=L(w_{i})$ . If a pair of facets $X_{i}$ and $X_{j}$ share a node of color $a$ , the corresponding possible worlds $w_{i}$ and $w_{j}$ are connected by an edge associated with a node of color $a$ , meaning that $w_{i}\sim_{a}w_{j}$ . Particularly, each possible world $w_{i}$ has a self-loop colored by $a$ if and only if the agent $a$ is alive in $w_{i}$ , that is, the corresponding facet $X_{i}$ contains a vertex colored by $a$ .

3 Partial Product Update and Task Solvability

In [3], product update is used to define distributed tasks and protocols. A product update model ${\mathcal{I}}\left[{\mathbf{A}}\right]$ is an epistemic model where each possible world is a pair $(X,t)$ of a facet $X$ of the complex $\mathcal{I}$ and an action $t$ of the action model $\mathbf{A}$ such that the action $t$ stands for a possible output for the input $X$ . Task solvability is then defined by the existence of a morphism from the product update model of the protocol to that of the task.

We introduce a generalized construction called partial product update, which applies to partial epistemic models, and thereby refine the logical method so that it can be applied to a larger class of task solvability problem in which agents may die.

3.1 Partial product update

Definition 3.1 (action model).

An action model $\mathbf{A}=\langle T,\sim,\mathsf{pre}\rangle$ is a triple consisting of:

•

A partial epistemic frame $\langle T,\sim\rangle$ , where each $t\in T$ is called an action;
•

A function $\mathsf{pre}:T\to\mathcal{L}_{\mathrm{K}}$ that assigns an epistemic formula $\mathsf{pre}(t)$ , called the precondition, to each action $t\in T$ .

The precondition $\mathsf{pre}(t)$ describes the condition for the action $t$ to occur.

Definition 3.2 (partial product update).

Let $\mathcal{M}=\langle W^{\mathcal{M}},\sim^{\mathcal{M}},L^{\mathcal{M}}\rangle$ be a partial epistemic model and $\mathbf{A}=\langle W^{\mathbf{A}},\sim^{\mathbf{A}},\mathsf{pre}\rangle$ be an action model, both having a proper partial epistemic frame. A partial product update of $\mathcal{M}$ by $\mathbf{A}$ , written ${\mathcal{M}}\left\{{\mathbf{A}}\right\}$ , is a partial epistemic model $\langle W,\sim,L\rangle$ defined by:

•

$W=\{(\left[{X}\right]_{t}^{\mathsf{pre}},t)\mid X\in W^{\mathcal{M}},\>t\in W^{\mathbf{A}},\>\overline{t}\subseteq\overline{X},\text{ and }\mathcal{M},X\models\operatorname{\mathsf{pre}}{t}\}$ ,
•

$(\left[{X}\right]_{t}^{\mathsf{pre}},t)\sim_{a}(\left[{Y}\right]_{s}^{\mathsf{pre}},s)$ iff $X\sim^{\mathcal{M}}_{a}Y$ and $t\sim^{\mathbf{A}}_{a}s$ , and
•

$L\bigl{(}(\left[{X}\right]_{t}^{\mathsf{pre}},t)\bigr{)}=\displaystyle\bigcap_{X^{\prime}\in\left[{X}\right]_{t}^{\mathsf{pre}}}L^{\mathcal{M}}(X^{\prime})$ ,

where $\left[{X}\right]_{t}^{\mathsf{pre}}$ is the set of facets defined by $\left[{X}\right]_{t}^{\mathsf{pre}}=\{Y\in W^{\mathcal{M}}\mid X\sim^{\mathcal{M}}_{\overline{t}}Y\text{ and }\mathcal{M},Y\models\operatorname{\mathsf{pre}}{t}\}$ .

Proposition 3.3.

The partial product update ${\mathcal{M}}\left\{{\mathbf{A}}\right\}$ is a partial epistemic model. In particular, if both $\mathcal{M}$ and $\mathbf{A}$ are proper, so is ${\mathcal{M}}\left\{{\mathbf{A}}\right\}$ .

Proof.

Let ${\mathcal{M}}\left\{{\mathbf{A}}\right\}=\langle W,\sim,L\rangle$ be a triple, which is constructed from a partial epistemic model $\mathcal{M}=\langle W^{\mathcal{M}},\sim^{\mathcal{M}},L^{\mathcal{M}}\rangle$ and an action model $\mathbf{A}=\langle W^{\mathbf{A}},\sim^{\mathbf{A}},\mathsf{pre}\rangle$ , as in Definition 3.2.

Let us first show that the relation $\sim_{a}$ is well-defined, that is, the choice of facet $X$ in $(\left[{X}\right]_{t}^{\mathsf{pre}},t)$ does not affect the relation. Suppose $(\left[{X}\right]_{t}^{\mathsf{pre}},t)\sim_{a}(\left[{Y}\right]_{s}^{\mathsf{pre}},s)$ , $\left[{X}\right]_{t}^{\mathsf{pre}}=\left[{X^{\prime}}\right]_{t}^{\mathsf{pre}}$ , and $\left[{Y}\right]_{s}^{\mathsf{pre}}=\left[{Y^{\prime}}\right]_{s}^{\mathsf{pre}}$ . By the definition, $X\sim^{\mathcal{M}}_{a}Y$ , $\mathcal{M},X\models\mathsf{pre}(t)$ , $\mathcal{M},X^{\prime}\models\mathsf{pre}(t)$ , $\mathcal{M},Y\models\mathsf{pre}(s)$ , $\mathcal{M},Y^{\prime}\models\mathsf{pre}(s)$ , and $t\sim^{\mathbf{A}}_{a}s$ . Since $X^{\prime}\in\left[{X^{\prime}}\right]_{t}^{\mathsf{pre}}=\left[{X}\right]_{t}^{\mathsf{pre}}$ , we have $X\sim^{\mathcal{M}}_{a}X^{\prime}$ for all $a\in\overline{t}$ . Similarly, $Y\sim^{\mathcal{M}}_{a}Y^{\prime}$ for all $a\in\overline{t}$ . Hence $X^{\prime}\sim^{\mathcal{M}}_{a}X\sim^{\mathcal{M}}_{a}Y\sim^{\mathcal{M}}_{a}Y^{\prime}$ and therefore $(\left[{X^{\prime}}\right]_{t}^{\mathsf{pre}},t)\sim_{a}(\left[{Y^{\prime}}\right]_{s}^{\mathsf{pre}},s)$ .

We show that ${\mathcal{M}}\left\{{\mathbf{A}}\right\}$ is a partial epistemic model. It suffices to show that every $\sim_{a}$ is a PER. This follows immediately from the symmetry and transitivity of $\sim^{\mathcal{M}}_{a}$ and $\sim^{\mathbf{A}}_{a}$ .

Suppose $\mathcal{M}$ and $\mathbf{A}$ are both proper models. We show that ${\mathcal{M}}\left\{{\mathbf{A}}\right\}=\langle W,\sim,L\rangle$ is a proper model. Assume $(\left[{X}\right]_{t}^{\mathsf{pre}},t),(\left[{Y}\right]_{s}^{\mathsf{pre}},s)\in W$ are possible worlds such that $(\left[{X}\right]_{t}^{\mathsf{pre}},t)\neq(\left[{Y}\right]_{s}^{\mathsf{pre}},s)$ , which implies $\left[{X}\right]_{t}^{\mathsf{pre}}\neq\left[{Y}\right]_{s}^{\mathsf{pre}}$ or $t\neq s$ . It suffices to show that there exists an agent $a\in\mathsf{Ag}$ such that $(\left[{X}\right]_{t}^{\mathsf{pre}},t)\not\sim_{a}(\left[{Y}\right]_{s}^{\mathsf{pre}},s)$ . If $t\neq s$ , since $\mathbf{A}$ is proper, $t\not\sim^{\mathbf{A}}_{a}s$ for some $a\in\mathsf{Ag}$ . Thus, $(\left[{X}\right]_{t}^{\mathsf{pre}},t)\not\sim_{a}(\left[{Y}\right]_{s}^{\mathsf{pre}},s)$ . Suppose otherwise, i.e., $\left[{X}\right]_{t}^{\mathsf{pre}}\neq\left[{Y}\right]_{s}^{\mathsf{pre}}$ . We may assume, without loss of generality, that $X^{\prime}\not\in\left[{Y}\right]_{t}^{\mathsf{pre}}$ for some $X^{\prime}\in\left[{X}\right]_{t}^{\mathsf{pre}}$ . This implies $\left[{X}\right]_{t}^{\mathsf{pre}}=\left[{X^{\prime}}\right]_{t}^{\mathsf{pre}}$ and $\mathcal{M},X^{\prime}\models\operatorname{\mathsf{pre}}{t}$ . Hence, $X^{\prime}\not\in\left[{Y}\right]_{t}^{\mathsf{pre}}$ implies $X^{\prime}\not\sim^{\mathcal{M}}_{a}Y$ for some agent $a\in\overline{t}$ . Therefore we have $(\left[{X}\right]_{t}^{\mathsf{pre}},t)=(\left[{X^{\prime}}\right]_{t}^{\mathsf{pre}},t)\not\sim_{a}(\left[{Y}\right]_{t}^{\mathsf{pre}},t)=(\left[{Y}\right]_{s}^{\mathsf{pre}},s)$ . ∎

The original product update ${\mathcal{M}}\left[{\mathbf{A}}\right]$ [3] is an instance of the partial product update ${\mathcal{M}}\left\{{\mathbf{A}}\right\}$ . When the indistinguishability relations of both $\mathcal{M}$ and $\mathbf{A}$ are equivalence relations, rather than partial equivalence relations, and $\mathcal{M}$ is proper, every possible world $(\left[{X}\right]_{t}^{\mathsf{pre}},t)$ in ${\mathcal{M}}\left\{{\mathbf{A}}\right\}$ can be identified with $(X,t)$ in ${\mathcal{M}}\left[{\mathbf{A}}\right]$ . This is because $\left[{X}\right]_{t}^{\mathsf{pre}}=\{X\}$ , since $\overline{t}=\mathsf{Ag}$ for all $t\in\mathbf{A}$ and $\mathcal{M}$ is proper.

3.2 Task solvability in partial product update models

In the sequel, we assume that the set $\mathsf{At}$ of atomic propositions is given by $\mathsf{At}=\bigcup_{a\in\mathsf{Ag}}\mathsf{At}_{a}$ with $\mathsf{At}_{a}=\{\mathsf{input}_{a}^{v}\mid v\in\mathsf{Value}\}$ for each $a\in\mathsf{Ag}$ , where $\mathsf{Value}$ is the set of possible input values. Without loss of generality, we may assume that the set of input values coincides with the set of agent ids, i.e., $\mathsf{Value}=\mathsf{Ag}=\{0,\cdots,n-1\}$ .

The input model for a system with $n$ agents is given as follows.

Definition 3.4 (input simplicial model).

An input simplicial model $\mathcal{I}=\langle V,S,\chi,\ell\rangle$ consists of:

•

The complex $\langle V,S,\chi\rangle$ consisting of the set of vertexes $V=\{(a,v)\mid a\in\mathsf{Ag},$ $v\in\mathsf{Value}\}$ , the coloring map defined by $\chi\bigl{(}(a,v)\bigr{)}=a$ , and the set of simplexes $S=\{X\mid\emptyset\subsetneq X\subseteq\{(0,v_{0}),\ldots,(n-1,v_{n-1})\}$ where $v_{0},\ldots,v_{n-1}\in\mathsf{Value}\}$ ;
•

The labeling defined by $\ell(X)=\{\mathsf{input}_{a}^{v}\mid(a,v)\in X\}$ for each facet $X$ of the complex.

In the rest of the paper, we write $\mathcal{I}$ to refer to this particular input simplicial model. The underlying simplicial complex $\langle V,S,\chi\rangle$ of $\mathcal{I}$ is a pure complex of dimension $n-1$ , where each vertex $(a,v)$ represents a local state of the agent $a$ that has $v$ as the input value. The set of facets in the complex represents all the possible assignments of input values to the agents, and the labeling $\ell$ interprets such assignments by giving the relevant set of atomic propositions for each facet $X$ , so that $\mathsf{input}_{a}^{v}\in\ell(X)$ if and only if $(a,v)\in X$ .

For example, Figure 3 illustrates the underlying complex of the input simplicial model $\mathcal{I}$ for $2$ agents (i.e, $\mathsf{Ag}=\{0,1\}$ ). In the figure, we write $X_{ij}$ to stand for a facet $\{(0,i),(1,j)\}$ of $\mathcal{I}$ . The labeling is determined by $\ell(X_{ij})=\{\mathsf{input}_{0}^{i},\mathsf{input}_{1}^{j}\}$ .

Figure 3: The input simplicial model

\mathcal{I}

for

n=2

Now we define task solvability, using partial product update.

Definition 3.5.

Let $\mathcal{I}$ be the input simplicial model and let $\mathbf{P}$ and $\mathbf{T}$ be action models for a protocol and a task, respectively. A task $\mathbf{T}$ is solvable by the protocol $\mathbf{P}$ if there exists a morphism $\delta_{\mathrm{krip}}:{\mathcal{I}}\left\{{\mathbf{P}}\right\}\to{\mathcal{I}}\left\{{\mathbf{T}}\right\}$ such that

\forall([X_{p}]_{p}^{\mathrm{pre}},p)\in{\mathcal{I}}\left\{{\mathbf{P}}\right\}.\>\exists([X_{t}]_{t}^{\mathrm{pre}},t)\in\delta_{\mathrm{krip}}\bigl{(}([X_{p}]_{p}^{\mathrm{pre}},p)\bigr{)}.\>[X_{p}]_{p}^{\mathrm{pre}}\subseteq[X_{t}]_{t}^{\mathrm{pre}}.

(3.1)

Schematically, this definition of solvability can be presented by the following diagram-like picture:

where $\pi_{1}$ is the first projection.

Suppose a morphism $\delta_{\mathrm{krip}}$ associates $([X_{p}]_{p}^{\mathrm{pre}},p)\in\mathcal{I}\{\mathbf{P}\}$ with $([X_{t}]_{t}^{\mathrm{pre}},t)\in\mathcal{I}\{\mathbf{T}\}$ . Then, in order for this association to be admissible, it must respect the inclusion of (3.1), meaning that, when $\delta_{\mathrm{krip}}$ decides an output $t$ from an intermediate output $p$ by the protocol, every input contained in $[X_{p}]_{p}^{\mathrm{pre}}$ , i.e., the set of inputs from which the protocol may produce the output $p$ , must be an input contained in $[X_{t}]_{t}^{\mathrm{pre}}$ , i.e., the set of inputs that admit $t$ as the output of the task.

This generalizes the original definition of task solvability given in [3], which makes use of (non-partial) product updates. The original definition is given by the following commutative diagram, which is obtained by replacing the models by the product update models, written $\mathcal{I}[\mathbf{P}]$ and $\mathcal{I}[\mathbf{T}]$ , and the inclusion in (3.1) by equality $=$ .

This definition of the task solvability using product update models is equivalent to the topological definition using simplicial complexes [3]. We can also establish the same equivalence for partial product update models, in the following sense: Suppose we are given a pair of functions over simplicial complexes specifying a task and a protocol. From these specifications we can derive the corresponding partial product update models. Then the task is solvable by the protocol, using partial product update models as defined in Definition 3.5, if and only if the task is solvable in the topological sense, i.e., there exists a simplicial map that mediates between the complexes of the protocol and the task.

The formal argument for this equivalence is deferred to Appendix A. There we also show that the action model $\mathbf{A}$ and the partial product update model ${\mathcal{I}}\left\{{\mathbf{A}}\right\}$ have isomorphic partial epistemic frames, under a suitable condition.

3.3 Logical obstruction theorem

Combining the above task solvability with the knowledge gain property (Proposition 2.5), we obtain a proof method for refuting task solvability by a formula of epistemic logic, called a logical obstruction [3]. A logical obstruction $\varphi$ is a guarded positive formula that is valid in the partial product update model ${\mathcal{I}}\left\{{\mathbf{T}}\right\}$ of a task, but not in the model ${\mathcal{I}}\left\{{\mathbf{P}}\right\}$ of a protocol.

Theorem 3.6.

Let ${\mathcal{I}}\left\{{\mathbf{P}}\right\}$ and ${\mathcal{I}}\left\{{\mathbf{T}}\right\}$ be partial product update models of a protocol and a task, respectively. If there exists a guarded positive formula $\varphi\in\mathcal{L}_{\mathrm{K},\mathsf{alive}}^{+}$ such that ${\mathcal{I}}\left\{{\mathbf{T}}\right\}\models\varphi$ but ${\mathcal{I}}\left\{{\mathbf{P}}\right\}\not\models\varphi$ , the task is not solvable by the protocol.

Proof.

Suppose that $\varphi$ is a guarded positive formula such that ${\mathcal{I}}\left\{{\mathbf{T}}\right\}\models\varphi$ but ${\mathcal{I}}\left\{{\mathbf{P}}\right\}\not\models\varphi$ and, by contradiction, that the task is solvable, i.e., there exists a morphism $\delta$ that satisfies the condition (3.1). The invalidity for the protocol ${\mathcal{I}}\left\{{\mathbf{P}}\right\}\not\models\varphi$ means that $\varphi$ is false for some world $w$ of ${\mathcal{I}}\left\{{\mathbf{P}}\right\}$ . Then Proposition 2.5 implies that there exists a world $w^{\prime}$ of ${\mathcal{I}}\left\{{\mathbf{T}}\right\}$ such that ${\mathcal{I}}\left\{{\mathbf{T}}\right\},w^{\prime}\not\models\varphi$ . This contradicts to the validity of $\varphi$ in ${\mathcal{I}}\left\{{\mathbf{T}}\right\}$ . ∎

4 Action Model for Synchronous Message Passing Protocol

4.1 Actions as posets of rank at most $1$

In the synchronous message passing protocol, each agent sends its local private value to all the agents in the system. When an agent crashes, only the messages that have already been sent before the crash are properly delivered to other agents; the rest are not. In a synchronous distributed environment, a correct agent can detect the exact set of crashed agents in the system: An agent is dead (i.e., it has crashed), if no message is received from the agent within a sufficiently long but finite period of time. The protocol complex for the synchronous message passing protocol thus forms an impure simplicial complex [7], in which the vertexes corresponding to dead agents are missing in a facet.

In the impure protocol complex, each different facet arises from each different ‘pattern of failure’ in message delivery, where each specific pattern of failure can be described by a set of orderings of the form $a<b$ , which means that the agent $a$ has crashed and failed to send the message to the agent $b$ , a correct agent that did not crash. This motivates us to define actions by relevant orderings over the set of agents that satisfy the following properties.

•

An agent $a$ is dead after an action (i.e., the agent has crashed during the execution of the protocol) if and only if the corresponding poset of the action admits an ordering $a<b$ for some agent $b$ .
•

An agent $a$ is alive after an action if and only if the corresponding poset of the action does not admit an ordering $a<b$ for any agent $b$ .
•

If a poset contains an ordering $a<b$ , the poset does not admit an ordering $c<a$ or $b<c$ for any agent $c$ . (This is because the ordering $a<b$ indicates that $a$ is a dead agent and $b$ is a correct agent but $c<a$ or $b<c$ implies otherwise.)

This ordering can be formalized as a poset (partially ordered set) $(\mathsf{Ag},\leq)$ of rank at most $1$ . A poset is of rank $k$ , if the maximum number of elements contained in a totally ordered subset of the poset is $k+1$ . [10] As usual, the strict ordering $a<b$ holds if and only if $a\leq b$ and $a\neq b$ .

Let us define $\operatorname{lo}(\leq)=\{a\in\mathsf{Ag}\mid\exists b\in\mathsf{Ag},a<b\}$ to denote the set of dead agents. Notice that the reflexive ordering $a\leq a$ is not counted as a failure of message delivery. We are not interested in the success or failure of self-delivery of message: If successful, the agent $a$ trivially receives its own local private value; Otherwise, the agent $a$ is dead and its received messages are lost. In this respect, we indicate a poset by a set $S$ of strict orderings and write $S^{\ast}$ to denote the minimum poset containing $S$ , i.e., the reflexive closure of $S$ . For example, $\{0<1,2<3\}^{\ast}$ defines a poset ordering $\leq$ over $\mathsf{Ag}$ such that $a\leq b$ holds if and only if either $a=0$ and $b=1$ , $a=2$ and $b=3$ , or $a=b$ . In particular, $\emptyset^{\ast}$ is a discrete poset (of rank $0$ ) over $\mathsf{Ag}$ , in which any pair of distinct agents are incomparable.

4.2 Constructing the action model $\mathbf{MP}$

Let us first consider the action model for the ‘inputless’ case, where the initial inputs to the agents are insignificant. In this case, the actions for the synchronous message passing protocol is simply modeled by the posets over $\mathsf{Ag}$ of rank at most $1$ .

Definition 4.1.

The inputless action model for synchronous message passing protocol is a partial epistemic frame $\mathbf{MP}_{0}=\langle T,\sim\rangle$ consisting of:

•

The set of actions $T=\{t\mid t\text{ is a poset of rank at most $1$ over $\mathsf{Ag}$}\}$ and

•

The family of indistinguishability relation, where $t_{1}\sim_{a}t_{2}$ is defined for each $a\in\mathsf{Ag}$ by:

t_{1}\sim_{a}t_{2}~{}\text{ iff }~{}a\notin\operatorname{lo}(t_{1})\cup\operatorname{lo}(t_{2})\text{ and }\{b\in\mathsf{Ag}\mid{b}<_{t_{1}}{a}\}=\{b\in\mathsf{Ag}\mid{b}<_{t_{2}}{a}\}.

For each $t\in T$ , we denote the set of live agents by $\overline{t}=\mathsf{Ag}\setminus\operatorname{lo}(t)=\{a\in\mathsf{Ag}\mid t\sim_{a}t\}$ .

Figure 4: The inputless action model

\mathbf{MP}_{0}

of the synchronous message passing protocol for

3

agents, with facets annotated by the corresponding posets over

\mathsf{Ag}

Example 4.1.

Figure 4 illustrates the complex of the inputless action model $\mathbf{MP}_{0}$ for $3$ agents. The complex is impure, where the facet corresponding to an action $t$ is of dimension ${\lvert}\overline{t}{\rvert}-1$ . When $t\sim_{a}^{\mathbf{MP}_{0}}s$ holds, the condition $a\notin\operatorname{lo}(t)\cup\operatorname{lo}(s)$ means that the agent $a$ is alive for both actions $t$ and $s$ ; The condition $\{b\in\mathsf{Ag}\mid{b}<_{t}{a}\}=\{b\in\mathsf{Ag}\mid{b}<_{s}{a}\}$ means that $t$ and $s$ have the same set of agents that failed to send a message to $a$ and hence they know exactly the same set of delivered messages. For example, let $t_{1}={\{(\ooalign{\hss{\color[rgb]{0,0,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{0,0,0.80078125}$\bullet$\hss}\crcr$\circ$}<\ooalign{\hss{\color[rgb]{1,0.80078125,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{1,0.80078125,0.80078125}$\bullet$\hss}\crcr$\circ$})\}}^{*}$ , $t_{2}={\{(\ooalign{\hss{\color[rgb]{0,0,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{0,0,0.80078125}$\bullet$\hss}\crcr$\circ$}<\ooalign{\hss{\color[rgb]{1,1,1}\definecolor[named]{pgfstrokecolor}{rgb}{1,1,1}$\bullet$\hss}\crcr$\circ$}),(\ooalign{\hss{\color[rgb]{0,0,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{0,0,0.80078125}$\bullet$\hss}\crcr$\circ$}<\ooalign{\hss{\color[rgb]{1,0.80078125,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{1,0.80078125,0.80078125}$\bullet$\hss}\crcr$\circ$})\}}^{*}$ , $t_{3}={\{(\ooalign{\hss{\color[rgb]{0,0,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{0,0,0.80078125}$\bullet$\hss}\crcr$\circ$}<\ooalign{\hss{\color[rgb]{1,1,1}\definecolor[named]{pgfstrokecolor}{rgb}{1,1,1}$\bullet$\hss}\crcr$\circ$})\}}^{*}$ . Then $t_{1}\sim_{\ooalign{\hss{\color[rgb]{1,0.80078125,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{1,0.80078125,0.80078125}$\bullet$\hss}\crcr$\circ$}}^{\mathbf{MP}_{0}}t_{2}$ holds because, in both $t_{1}$ and $t_{2}$ , the agent $\bullet$ $\circ$ is alive and has successfully received messages from the agents other than $\bullet$ $\circ$ . On the other hand, $t_{1}\sim_{\ooalign{\hss{\color[rgb]{1,0.80078125,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{1,0.80078125,0.80078125}$\bullet$\hss}\crcr$\circ$}}^{\mathbf{MP}_{0}}t_{3}$ does not hold because the agent $\bullet$ $\circ$ in $t_{3}$ has received the messages from all the agents, but the same agent $\bullet$ $\circ$ in $t_{1}$ did not, from the agent $\bullet$ $\circ$ .

From the inputless action model, we construct a full action model of the synchronous message passing protocol, where the protocol accepts a class of sets of input values. Suppose $\mathcal{I}$ is a simplicial model, whose facets specify the allowed combinations of input values. Then one might expect that an action in the full action model would be expressed by a pair $(X,t)$ , where $X$ is a facet of $\mathcal{I}$ and $t$ is an action of the inputless action, but this does not give an appropriate model. Consider the case, say, $t={\{b<a\}}^{*}$ , $X\sim_{a}^{\mathcal{I}}Y$ , and $X\not\sim_{b}^{\mathcal{I}}Y$ . In this case, $(X,t)$ and $(Y,t)$ are different actions but the live agent $a$ should not distinguish them because the action $t$ indicates that the agent $a$ has not received a message from the agent $b$ and therefore it cannot tell which is the original input, either $X$ or $Y$ . In other words, the two facets $X$ and $Y$ should be identified.

For this identification of facets w.r.t. an action $t$ of the inputless model, we introduce an equivalence class, written $\left[{X}\right]_{\approx_{t}}$ , and define an action in the full action model by a pair $(\left[{X}\right]_{\approx_{t}},t)$ .

Definition 4.2 (action model of synchronous message passing).

Let $\mathcal{I}=\langle V^{\mathcal{I}},S^{\mathcal{I}},\chi^{\mathcal{I}},\ell^{\mathcal{I}}\rangle$ be an input simplicial model. For each facet $X,Y\in\mathcal{F}(\mathcal{I})$ and action $t\in\mathbf{MP}_{0}$ , we define an equivalence relation ${X}\approx_{t}{Y}$ by:

{X}\approx_{t}{Y}\text{ iff }\forall a\in\overline{t}.\>\forall b\in\mathsf{Ag}.\>(X\sim^{\mathcal{I}}_{b}Y\vee{b}<_{t}{a}).

We write $\left[{X}\right]_{\approx_{t}}$ to denote the equivalence class of $X$ w.r.t. $\approx_{t}$ .

We define the action model $\mathbf{MP}=\langle{T^{\mathbf{MP}},\sim^{\mathbf{MP}},\mathsf{pre}^{\mathbf{MP}}}\rangle$ of the synchronous message passing protocol as a triple consisting of:

•

The set of actions $T^{\mathbf{MP}}=\{(\left[{X}\right]_{\approx_{t}},t)\mid X\in\mathcal{F}(\mathcal{I}),~{}t\in\mathbf{MP}_{0}\}$ ;

•

The family of indistinguishability relations defined by

(\left[{X}\right]_{\approx_{t}},t)\sim^{\mathbf{MP}}_{a}(\left[{Y}\right]_{\approx_{s}},s)~{}\text{ iff }~{}t\sim^{\mathbf{MP}_{0}}_{a}s\text{ and }\forall b\in\mathsf{Ag}.\>(X\sim^{\mathcal{I}}_{b}Y\vee{b}<_{t}{a});

•

The precondition defined by $\mathsf{pre}^{\mathbf{MP}}\bigl{(}(\left[{X}\right]_{\approx_{t}},t)\bigr{)}=\bigvee\{\bigwedge\ell^{\mathcal{I}}(Y)\mid Y\in\left[{X}\right]_{\approx_{t}}\}$ .

In words, ${X}\approx_{t}{Y}$ indicates that, for every agent $a$ that is alive in the action $t$ , $X$ and $Y$ should have the same input for the agent $b$ , if ${b}\not<_{t}{a}$ , i.e., the message from $b$ is successfully received by $a$ . (Otherwise, the agent $a$ should be aware that $X$ and $Y$ are different facets.) The relation $\approx_{t}$ is an equivalence relation, as we will show below. The relation $\sim^{\mathbf{MP}}_{a}$ defines a PER, where $(\left[{X}\right]_{\approx_{t}},t)\sim^{\mathbf{MP}}_{a}(\left[{Y}\right]_{\approx_{s}},s)$ indicates that the agent $a$ is alive and every agent $b$ that successfully sends a message to $a$ (i.e., ${b}\not<_{t}{a}$ ) has the same input value that has been assigned in both $X$ and $Y$ . The precondition $\mathsf{pre}^{\mathbf{MP}}\bigl{(}(\left[{X}\right]_{\approx_{t}},t)\bigr{)}$ is intended to mean that, for an action $(\left[{X}\right]_{\approx_{t}},t)\in T^{\mathbf{MP}}$ , every atomic proposition in $\ell^{\mathcal{I}}(Y)$ is true for some $Y\in\left[{X}\right]_{\approx_{t}}$ .

Proposition 4.3.

Let $\mathcal{I}$ be an input simplicial model. For every $t\in\mathbf{MP}_{0}$ , $\approx_{t}$ is an equivalence relation. Furthermore, the relation $\sim^{\mathbf{MP}}_{a}$ is a PER and is well-defined. That is, $\sim^{\mathbf{MP}}_{a}$ is a symmetric transitive relation and is not affected by the choice of facet $X$ in $(\left[{X}\right]_{\approx_{t}},t)$ .

Proof.

Obviously, $\approx_{t}$ is a reflexive symmetric relation. For transitivity, assume ${X}\approx_{t}{Y}$ and ${Y}\approx_{t}{Z}$ . Suppose $X\not\sim^{\mathcal{I}}_{b}Z$ . By the transitivity of $\sim^{\mathcal{I}}_{b}$ , we have $X\not\sim^{\mathcal{I}}_{b}Y$ or $Y\not\sim^{\mathcal{I}}_{b}Z$ . In both cases, we have ${b}<_{t}{a}$ for all $a\in\mathsf{Ag}$ . Hence ${X}\approx_{t}{Z}$ .

To show that $\sim^{\mathbf{MP}}_{a}$ is symmetric, suppose $(\left[{X}\right]_{\approx_{t}},t)\sim^{\mathbf{MP}}_{a}(\left[{Y}\right]_{\approx_{s}},s)$ . By the definition, $t\sim^{\mathbf{MP}_{0}}_{a}s$ and $\forall b\in\mathsf{Ag}.~{}(X\sim^{\mathcal{I}}_{b}Y\vee{b}<_{t}{a})$ . Since $t\sim^{\mathbf{MP}_{0}}_{a}s$ implies $\{b\in\mathsf{Ag}\mid{b}<_{t}{a}\}=\{b\in\mathsf{Ag}\mid{b}<_{s}{a}\}$ , by the symmetry of $\sim^{\mathbf{MP}_{0}}_{a}$ and $\sim^{\mathcal{I}}_{b}$ , we have $(\left[{Y}\right]_{\approx_{s}},s)\sim^{\mathbf{MP}}_{a}(\left[{X}\right]_{\approx_{t}},t)$ . The transitivity of $\sim^{\mathbf{MP}}_{a}$ follows similarly from the transitivity of $\sim^{\mathbf{MP}_{0}}_{a}$ and $\sim^{\mathcal{I}}_{b}$ .

For the well-definedness of $\sim^{\mathbf{MP}}_{a}$ , suppose $(\left[{X}\right]_{\approx_{t}},t)\sim^{\mathbf{MP}}_{a}(\left[{Y}\right]_{\approx_{s}},s)$ , $\left[{X}\right]_{\approx_{t}}=\left[{X^{\prime}}\right]_{\approx_{t}}$ , and $\left[{Y}\right]_{\approx_{s}}=\left[{Y^{\prime}}\right]_{\approx_{s}}$ . We show $(\left[{X^{\prime}}\right]_{\approx_{t}},t)\sim^{\mathbf{MP}}_{a}(\left[{Y^{\prime}}\right]_{\approx_{s}},s)$ . Since $\sim^{\mathbf{MP}_{0}}_{a}$ is a PER, it suffices to show that $\forall b\in\mathsf{Ag}.~{}(X^{\prime}\sim^{\mathcal{I}}_{b}Y^{\prime}\vee{b}<_{t}{a})$ . Assume otherwise, i.e., $X^{\prime}\not\sim^{\mathcal{I}}_{b}Y^{\prime}$ and ${b}\not<_{t}{a}$ holds for some $b\in\mathsf{Ag}$ . Then, from $(\left[{X}\right]_{\approx_{t}},t)\sim^{\mathbf{MP}}_{a}(\left[{Y}\right]_{\approx_{s}},s)$ , we have $a\in\overline{t}$ and $a\in\overline{s}$ and also entail $X\sim^{\mathcal{I}}_{b}Y$ from ${b}\not<_{t}{a}$ . Since ${X}\approx_{t}{X^{\prime}}$ , we have $X\sim^{\mathcal{I}}_{b}X^{\prime}$ . Similarly, $Y\sim^{\mathcal{I}}_{b}Y^{\prime}$ . By the transitivity of $\sim^{\mathcal{I}}_{b}$ , we obtain $X^{\prime}\sim^{\mathcal{I}}_{b}Y^{\prime}$ , a contradiction. ∎

Figure 5: An action model

\mathbf{MP}

for

3

agents, generated from an input model consisting of two facets

Example 4.2.

Let us consider an input simplicial model $\mathcal{I}$ for $3$ agents, consisting of two facets $X=\{(\ooalign{\hss{\color[rgb]{1,1,1}\definecolor[named]{pgfstrokecolor}{rgb}{1,1,1}$\bullet$\hss}\crcr$\circ$},0),(\ooalign{\hss{\color[rgb]{1,0.80078125,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{1,0.80078125,0.80078125}$\bullet$\hss}\crcr$\circ$},0),(\ooalign{\hss{\color[rgb]{0,0,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{0,0,0.80078125}$\bullet$\hss}\crcr$\circ$},0)\}$ and $Y=\{(\ooalign{\hss{\color[rgb]{1,1,1}\definecolor[named]{pgfstrokecolor}{rgb}{1,1,1}$\bullet$\hss}\crcr$\circ$},0),(\ooalign{\hss{\color[rgb]{1,0.80078125,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{1,0.80078125,0.80078125}$\bullet$\hss}\crcr$\circ$},0),(\ooalign{\hss{\color[rgb]{0,0,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{0,0,0.80078125}$\bullet$\hss}\crcr$\circ$},1)\}$ . Then we obtain the action model $\mathbf{MP}$ as depicted in Figure 5. We obtain this complex by first making copies of the complex of the inputless action model, for each facet $X$ and $Y$ , and pasting them appropriately. For example, the action represented by the poset $t={\{\ooalign{\hss{\color[rgb]{0,0,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{0,0,0.80078125}$\bullet$\hss}\crcr$\circ$}<\ooalign{\hss{\color[rgb]{1,1,1}\definecolor[named]{pgfstrokecolor}{rgb}{1,1,1}$\bullet$\hss}\crcr$\circ$},\ooalign{\hss{\color[rgb]{0,0,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{0,0,0.80078125}$\bullet$\hss}\crcr$\circ$}<\ooalign{\hss{\color[rgb]{1,0.80078125,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{1,0.80078125,0.80078125}$\bullet$\hss}\crcr$\circ$}\}}^{*}$ generates two copies $(\left[{X}\right]_{\approx_{t}},t)$ and $(\left[{Y}\right]_{\approx_{t}},t)$ , but these are identified (as depicted by the $1$ -dimensional simplex marked by the red line in the figure) because $\left[{X}\right]_{\approx_{t}}=\left[{Y}\right]_{\approx_{t}}=\{X,Y\}$ . Similarly, the topmost node $\bullet$ $\circ$ and the bottom node $\bullet$ $\circ$ in the figure identify the corresponding $0$ -dimensional simplexes in the copies generated from $X$ and $Y$ .

Consider another action $s={\{\ooalign{\hss{\color[rgb]{0,0,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{0,0,0.80078125}$\bullet$\hss}\crcr$\circ$}<\ooalign{\hss{\color[rgb]{1,1,1}\definecolor[named]{pgfstrokecolor}{rgb}{1,1,1}$\bullet$\hss}\crcr$\circ$},\ooalign{\hss{\color[rgb]{0,0,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{0,0,0.80078125}$\bullet$\hss}\crcr$\circ$}<\ooalign{\hss{\color[rgb]{1,0.80078125,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{1,0.80078125,0.80078125}$\bullet$\hss}\crcr$\circ$}\}}^{*}$ . This generates two copies $(\left[{X}\right]_{\approx_{s}},s)$ and $(\left[{Y}\right]_{\approx_{s}},s)$ , which are depicted in the figure by the two $1$ -dimensional simplexes marked by the blue lines. These simplexes are connected via a common vertex $\bullet$ $\circ$ . That is, $(\left[{X}\right]_{\approx_{s}},s)\sim_{\ooalign{\hss{\color[rgb]{1,1,1}\definecolor[named]{pgfstrokecolor}{rgb}{1,1,1}$\bullet$\hss}\crcr$\circ$}}^{\mathbf{MP}}(\left[{Y}\right]_{\approx_{s}},s)$ holds, since $X\sim_{\ooalign{\hss{\color[rgb]{1,0.80078125,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{1,0.80078125,0.80078125}$\bullet$\hss}\crcr$\circ$}}^{\mathcal{I}}Y$ and $\bullet$ $\circ$ is the only agent $b$ that satisfies ${b}\not<_{s}{\ooalign{\hss{\color[rgb]{1,1,1}\definecolor[named]{pgfstrokecolor}{rgb}{1,1,1}$\bullet$\hss}\crcr$\circ$}}$ . The two simplexes are not identified nevertheless, since $(\left[{X}\right]_{\approx_{s}},s)\not\sim_{\ooalign{\hss{\color[rgb]{1,0.80078125,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{1,0.80078125,0.80078125}$\bullet$\hss}\crcr$\circ$}}^{\mathbf{MP}}(\left[{Y}\right]_{\approx_{s}},s)$ follows from $X\not\sim_{\ooalign{\hss{\color[rgb]{1,0.80078125,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{1,0.80078125,0.80078125}$\bullet$\hss}\crcr$\circ$}}^{\mathcal{I}}Y$ and ${\ooalign{\hss{\color[rgb]{1,0.80078125,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{1,0.80078125,0.80078125}$\bullet$\hss}\crcr$\circ$}}\not<_{s}{\ooalign{\hss{\color[rgb]{1,1,1}\definecolor[named]{pgfstrokecolor}{rgb}{1,1,1}$\bullet$\hss}\crcr$\circ$}}$ .

5 Logical Obstruction for Synchronous Message Passing Protocol

In this section, we argue the solvability of the consensus task by the single-round synchronous message passing protocol, using partial product update models.

In [7], a precise topological analysis has been given on the solvability of $k$ -set agreement tasks by synchronous message passing protocols of varying protocol rounds. We demonstrate that the techniques developed in the previous sections can be applied to reproduce a part of these results: The consensus task is solvable by a single-round execution of the synchronous message passing protocol if the number $n$ of agents in the system is $2$ or less; otherwise, when $n>2$ , it is unsolvable.

5.1 Action model for the consensus task

The consensus task is specified by the following constraints on the input and output values of the agents.

•

Agreement: Every non-faulty agent must decide on the same output value;
•

Validity: The agreed output value must be an input value to some of the agents in the system.

Without loss of generality, we may assume the set of possible inputs for the consensus task is $\{0,\ldots,n-1\}$ , the set of agent ids.

Definition 5.1 (Partial product update model of the consensus task).

The consensus task is defined by a partial product update model ${\mathcal{I}}\left\{{\mathbf{T}}\right\}$ , where $\mathcal{I}$ is the input simplicial model and $\mathbf{T}=\langle{T,\sim^{T},\mathsf{pre}^{T}}\rangle$ is the action model consisting of:

•

The set of actions $T=\mathsf{Ag}=\{0,\ldots,n-1\}$ ;
•

The family of indistinguishability relations $\{\sim^{T}_{a}\}_{a\in\mathsf{Ag}}$ defined by $v\sim^{T}_{a}v^{\prime}$ iff $v=v^{\prime}$ ;
•

The precondition defined by $\mathsf{pre}^{T}(v)=\bigvee_{a\in\mathsf{Ag}}\mathsf{input}_{a}^{v}$ for each action $v\in T$ .

An action in $v\in T$ stands for a single output value unanimously decided by all live agents. Each agent can distinguish any pair of distinct actions in $T$ , since all agents know the agreed value. The precondition $\mathsf{pre}^{T}(v)$ guarantees the validity condition of the consensus task, that is, the agreed value $v$ must be the input to some agent $a$ .

5.2 Solvability of the consensus task with 2 agents

Let us show that the consensus task is solvable, when $n=2$ . (The case $n=1$ is trivial.)

Remember that the input simplicial model $\mathcal{I}$ for $2$ agents consists of four facets $X_{00},X_{01},X_{10},X_{11}$ , where $X_{ij}=\{(0,i),(1,j)\}$ for each $i,j\in\{0,1\}$ . The consensus task is then given by the partial product update model ${\mathcal{I}}\left\{{\mathbf{T}}\right\}=\langle{W,\sim,L}\rangle$ consisting of:

•

$W=\{(\{X_{ij}\},0)\mid i\neq 1\text{ or }j\neq 1\}\cup\{(\{X\},1)\mid i\neq 0\text{ or }j\neq 0\}$ ;
•

The indistinguishability relation defined by $(\{X\},v)\sim_{a}(\{X^{\prime}\},v^{\prime})$ iff $X\sim^{\mathcal{I}}_{a}X^{\prime}$ and $v=v^{\prime}$ , for each $a\in\mathsf{Ag}$ ;
•

$L\bigl{(}(\{X\},v)\bigr{)}=\ell^{\mathcal{I}}(X)$ .

The underlying complex of ${\mathcal{I}}\left\{{\mathbf{T}}\right\}$ is illustrated in Figure 6. Note that the complex is pure, meaning that every agent $a\in\mathsf{Ag}$ is alive in every world of the model.

Figure 6: The partial product update model

{\mathcal{I}}\left\{{\mathbf{T}}\right\}

of the consensus task for

2

agents

Next, let us consider the partial product update model ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ for the synchronous message passing protocol, where $\mathbf{MP}$ is the action model for $2$ agents. Remember that the inputless action model for $2$ agents is given by $\mathbf{MP}_{0}=\langle{T_{2},\sim^{T_{2}}}\rangle$ , where $T_{2}=\{{\emptyset}^{\ast},{\{0<1\}}^{\ast},$ ${\{1<0\}}^{\ast}\}$ . For brevity, let us write $t_{\emptyset}$ , $t_{0}$ , and $t_{1}$ for the posets ${\emptyset}^{\ast}$ , ${\{0<1\}}^{\ast}$ , and ${\{1<0\}}^{\ast}$ , respectively. Topologically, these posets correspond to the facets in the impure simplicial complex illustrated in Figure 7.

(a) Inputless action model

\mathbf{MP}_{0}

(b) Action model

\mathbf{MP}

Figure 7: Action model of the synchronous message passing protocol for

2

agents

Following Definition 4.2, we obtain the action model $\mathbf{MP}=\langle{T^{\mathbf{MP}},\sim^{\mathbf{MP}},\mathsf{pre}^{\mathbf{MP}}}\rangle$ consisting of:

•

The set of actions

T^{\mathbf{MP}}=\{(\{X_{ij}\},t_{\emptyset})\mid i,j\in\{0,1\}\}\cup\{(\{X_{0j},X_{1j}\},t_{0})\mid j\in\{0,1\}\}\cup\{(\{X_{i0},X_{i1}\},t_{1})\mid i\in\{0,1\}\};

•

The family of indistinguishability relations defined by $(\left[{X}\right]_{\approx_{t}},t)\sim^{\mathbf{MP}}_{a}(\left[{X^{\prime}}\right]_{\approx_{t^{\prime}}},t^{\prime})$ iff $(\left[{X}\right]_{\approx_{t}},t)=(\left[{X^{\prime}}\right]_{\approx_{t^{\prime}}},t^{\prime})$ and $t\sim^{\mathbf{MP}_{0}}_{a}t^{\prime}$ ;
•

The labeling $\mathsf{pre}^{\mathbf{MP}}\bigl{(}(\left[{X}\right]_{\approx_{t}},t)\bigr{)}=\bigvee\{\bigwedge\ell^{\mathcal{I}}(X^{\prime})\mid X^{\prime}\in\left[{X}\right]_{\approx_{t}}\}$ .

The corresponding topological structure of this action model is illustrated by the simplicial complex in Figure 7.

Combining $\mathcal{I}$ and $\mathbf{MP}$ , we obtain a partial product update model of the synchronous message passing protocol ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ for $2$ agents, where its Kripke frame has a topological structure isomorphic to that of the action model $\mathbf{MP}$ and the labeling $L^{{\mathcal{I}}\left\{{\mathbf{MP}}\right\}}$ on the worlds of the Kripke frame is given by:

L^{{\mathcal{I}}\left\{{\mathbf{MP}}\right\}}\bigl{(}(\left[{X}\right]_{\approx_{t}},t)\bigr{)}=\bigcap\{\ell^{\mathcal{I}}(X^{\prime})\mid X^{\prime}\in\left[{X}\right]_{\approx_{t}}\}.

Observe that ${\mathcal{I}}\left\{{\mathbf{T}}\right\}$ corresponds to a complex comprising of two disconnected subcomponents, one for the output $0$ and the other for $1$ and that ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ corresponds to a collection of discrete facets, none of which are connected. It is easy to devise a morphism $\delta:{\mathcal{I}}\left\{{\mathbf{MP}}\right\}\to\mathcal{I}\{\mathbf{T}\}$ that satisfies the condition (3.1) in Section 3.2 for task solvability. For instance, such a morphism $\delta$ is given by:

	$\displaystyle\delta\bigl{(}(\{X_{11}\},t_{\emptyset})\bigr{)}$	$\displaystyle{}=\mathsf{sat}_{\{0,1\}}\bigl{(}(\{X_{11}\},1)\bigr{)},$
	$\displaystyle\delta\bigl{(}(\{X_{ij}\},t_{\emptyset})\bigr{)}$	$\displaystyle{}=\mathsf{sat}_{\{0,1\}}\bigl{(}(\{X_{ij}\},0)\bigr{)}\quad(i\neq 1\text{ or }j\neq 1),$
	$\displaystyle\delta\bigl{(}(\left[{X_{ij}}\right]_{\approx_{t_{0}}},t_{0})\bigr{)}$	$\displaystyle{}=\mathsf{sat}_{\{1\}}\bigl{(}(\{X_{ij}\},j)\bigr{)},$
	$\displaystyle\delta\bigl{(}(\left[{X_{ij}}\right]_{\approx_{t_{1}}},t_{1})\bigr{)}$	$\displaystyle{}=\mathsf{sat}_{\{0\}}\bigl{(}(\{X_{ij}\},i)\bigr{)}.$

Theorem 5.2.

Suppose we have a system of $2$ agents with $\mathsf{Ag}=\{0,1\}$ . Then the consensus task is solvable by the single-round synchronous message passing protocol.

5.3 Unsolvability of the consensus task with 3 agents

The consensus task is not solvable by the synchronous message passing protocol, when the number $n$ of agents is $3$ or greater. This is because, in contrast to the case where $n$ is $2$ or less, the resulting partial product update model of the protocol is more tightly connected in a topological sense.

To demonstrate this topological intuition in partial epistemic models, we first examine the case $n=3$ , where the partial product update model ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ of the synchronous message passing protocol is an impure $2$ -dimensional complex.

Let us define a guarded positive formula $\Phi_{3}\in\mathcal{L}_{\mathrm{K},\mathsf{alive}}^{+}$ by

\Phi_{3}\equiv\mathop{\mathrm{K}_{2}}\mathop{\mathrm{K}_{1}}\mathop{\mathrm{K}_{2}}\varphi_{0}\vee\mathop{\mathrm{K}_{0}}\mathop{\mathrm{K}_{2}}\mathop{\mathrm{K}_{0}}\varphi_{1}\vee\mathop{\mathrm{K}_{1}}\mathop{\mathrm{K}_{0}}\mathop{\mathrm{K}_{1}}\varphi_{2},

where $\varphi_{i}\equiv\bigvee_{a\in\mathsf{Ag}}\mathsf{alive}(a)\Rightarrow\mathsf{input}_{a}^{i}$ for $i=0,1,2$ .

We claim that $\Phi_{3}$ is a logical obstruction. That is, $\Phi_{3}$ is valid in $\mathcal{I}\{\mathbf{T}\}$ but not valid in ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ , where $\mathbf{T}$ is the action model for the consensus task and $\mathbf{MP}$ is the action model for the synchronous message passing protocol, for $3$ agents.

The input simplicial complex $\mathcal{I}$ for $3$ agents has an underlying pure $2$ -dimensional complex and we write $X_{ijk}$ to denote a facet $\{(0,i),(1,j),(2,k)\}$ of the complex, where $i,j,k\in\{0,1,2\}$ . The labeling on a facet is defined by $\ell^{\mathcal{I}}(X_{ijk})=\{\mathsf{input}_{0}^{i},\mathsf{input}_{1}^{j},\mathsf{input}_{2}^{k}\}$ . The action model of the consensus task $\mathbf{T}=\langle{T,\sim^{T},\mathsf{pre}^{T}}\rangle$ is defined similarly as in Section 5.2, except that the set of actions $T=\{0,1,2\}$ consists of the three possible outputs $0$ , $1$ , and $2$ .

The partial product update model ${\mathcal{I}}\left\{{\mathbf{T}}\right\}$ of the consensus task has an underlying complex, pure of dimension $2$ . This means that $\mathsf{alive}(a)$ is true for every agent $a\in\mathsf{Ag}$ in every world of ${\mathcal{I}}\left\{{\mathbf{T}}\right\}$ and therefore $\varphi_{i}$ is equivalent to $\mathsf{pre}^{T}(i)=\bigvee_{a\in\mathsf{Ag}}\mathsf{input}_{a}^{i}$ for each action $i\in\{0,1,2\}$ . (Remember that $T=\mathsf{Ag}=\{0,\ldots,n-1\}$ .) By the definition, ${\mathcal{I}}\left\{{\mathbf{T}}\right\},([X]_{v}^{\mathrm{pre}},v)\models\varphi_{v}$ holds. Since $([X]_{v}^{\mathrm{pre}},v)\sim^{T}_{a}([X^{\prime}]_{v^{\prime}}^{\mathrm{pre}},v^{\prime})$ implies $v=v^{\prime}$ for every $a\in\mathsf{Ag}$ , either of the disjuncts $\mathop{\mathrm{K}_{2}}\mathop{\mathrm{K}_{1}}\mathop{\mathrm{K}_{2}}\varphi_{0}$ , $\mathop{\mathrm{K}_{0}}\mathop{\mathrm{K}_{2}}\mathop{\mathrm{K}_{0}}\varphi_{1}$ , or $\mathop{\mathrm{K}_{1}}\mathop{\mathrm{K}_{0}}\mathop{\mathrm{K}_{1}}\varphi_{2}$ holds. Therefore $\Phi_{3}$ is a valid formula in ${\mathcal{I}}\left\{{\mathbf{T}}\right\}$ .

We then discuss the remaining half, i.e., $\Phi_{3}$ is invalid in the partial product update model of the synchronous message passing protocol. Remember that the inputless action model $\mathbf{MP}_{0}$ for $3$ agents has an impure $2$ -dimensional complex given in Figure 4 as the underlying complex, and that each facet in $\mathbf{MP}_{0}$ is represented by a poset.

As we have seen in Section 4.2, we can derive the action model $\mathbf{MP}$ by making copies of the inputless model $\mathbf{MP}_{0}$ for each input facet of the input model and then pasting them appropriately. To show the unsolvability of the consensus task, it suffices to consider pasting the copies for two facets $X_{012}$ and $X_{112}$ . This results in a subcomplex of $\mathbf{MP}$ given in Figure 8, which merges the result of actions on the input facet $X_{012}$ (the left half of the picture) and that on $X_{112}$ (i.e., the right half). In the figure, some facets are designated by the corresponding actions: $t_{0}=(\left[{X_{012}}\right]_{\approx_{{\emptyset}^{\ast}}},{\emptyset}^{\ast})$ , $t_{1}=(\left[{X_{012}}\right]_{\approx_{u_{1}}},u_{1})$ , $t_{2}=(\left[{X_{112}}\right]_{\approx_{u_{1}}},u_{1})$ , $t_{3}=(\left[{X_{112}}\right]_{\approx_{{\emptyset}^{\ast}}},{\emptyset}^{\ast})$ , and $t_{4}=(\left[{X_{012}}\right]_{\approx_{u_{2}}},u_{2})$ , where $u_{1}={\{0<1\}}^{\ast}={\{\ooalign{\hss{\color[rgb]{1,1,1}\definecolor[named]{pgfstrokecolor}{rgb}{1,1,1}$\bullet$\hss}\crcr$\circ$}<\ooalign{\hss{\color[rgb]{1,0.80078125,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{1,0.80078125,0.80078125}$\bullet$\hss}\crcr$\circ$}\}}^{\ast}$ and $u_{2}={\{0<1,0<2\}}^{\ast}={\{\ooalign{\hss{\color[rgb]{1,1,1}\definecolor[named]{pgfstrokecolor}{rgb}{1,1,1}$\bullet$\hss}\crcr$\circ$}<\ooalign{\hss{\color[rgb]{1,0.80078125,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{1,0.80078125,0.80078125}$\bullet$\hss}\crcr$\circ$},\ooalign{\hss{\color[rgb]{1,1,1}\definecolor[named]{pgfstrokecolor}{rgb}{1,1,1}$\bullet$\hss}\crcr$\circ$}<\ooalign{\hss{\color[rgb]{0,0,0.80078125}\definecolor[named]{pgfstrokecolor}{rgb}{0,0,0.80078125}$\bullet$\hss}\crcr$\circ$}\}}^{\ast}$ . As already discussed in Section 4.2, the two copies of the complex of $\mathbf{MP}_{0}$ are merged via the facet designated by $t_{4}$ , since $\left[{X_{012}}\right]_{\approx_{u_{2}}}=\left[{X_{112}}\right]_{\approx_{u_{2}}}$ .

Figure 8: A subcomplex of the action model

\mathbf{MP}

that merges the actions on

X_{012}

and

X_{112}

We obtain the partial product update model ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ for the synchronous message passing protocol by combining $\mathcal{I}$ with $\mathbf{MP}$ . We note that ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ has an isomorphic partial epistemic frame with that of the action model $\mathbf{MP}$ . (See Appendix A.4 for the formal discussion of this fact.) Therefore, without loss of generality, we may regard ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ as a partial epistemic model $\langle{T^{\mathbf{MP}},\sim^{\mathbf{MP}},L^{\mathbf{MP}}}\rangle$ , where $\langle{T^{\mathbf{MP}},\sim^{\mathbf{MP}}}\rangle$ is the Kripke frame of $\mathbf{MP}$ and $L^{\mathbf{MP}}$ is a labeling on the worlds of $T^{\mathbf{MP}}$ :

L^{\mathbf{MP}}\bigl{(}(\left[{X}\right]_{\approx_{t}},t)\bigr{)}=\bigcap\{\ell^{\mathcal{I}}(X^{\prime})\mid X^{\prime}\in\left[{X}\right]_{\approx_{t}}\}.

Now we show that $\Phi_{3}$ is invalid in the partial product update model ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ . We claim that $\Phi_{3}$ is false in the world $t_{0}$ in Figure 8.

From Figure 8, it is easy to see that the facet $t_{0}$ is connected with $t_{3}$ via $t_{0}\sim^{\mathbf{MP}}_{2}t_{1}\sim^{\mathbf{MP}}_{1}t_{2}\sim^{\mathbf{MP}}_{2}t_{3}$ . We show ${\mathcal{I}}\left\{{\mathbf{MP}}\right\},t_{0}\not\models\mathop{\mathrm{K}_{2}}\mathop{\mathrm{K}_{1}}\mathop{\mathrm{K}_{2}}\varphi_{0}$ , by traversing the above path in reverse order. In $t_{3}$ , all agents are alive, that is, ${\mathcal{I}}\left\{{\mathbf{MP}}\right\},t_{3}\models\mathsf{alive}(a)$ for every $a\in\mathsf{Ag}$ . Since $L^{\mathbf{MP}}(t_{3})=\{\mathsf{input}_{0}^{1},\mathsf{input}_{1}^{1},\mathsf{input}_{2}^{2}\}$ , $\varphi_{0}\equiv\bigvee_{a\in\mathsf{Ag}}\mathsf{alive}(a)\Rightarrow\mathsf{input}_{a}^{0}$ is false, i.e., ${\mathcal{I}}\left\{{\mathbf{MP}}\right\},t_{3}\not\models\varphi_{0}$ . Since $t_{3}\sim^{\mathbf{MP}}_{2}t_{2}$ , this implies that ${\mathcal{I}}\left\{{\mathbf{MP}}\right\},t_{2}\not\models\mathop{\mathrm{K}_{2}}\varphi_{0}$ . Repeating this by traversing $t_{2}\sim^{\mathbf{MP}}_{1}t_{1}$ and then $t_{1}\sim^{\mathbf{MP}}_{2}t_{2}$ , we obtain ${\mathcal{I}}\left\{{\mathbf{MP}}\right\},t_{2}\not\models\mathop{\mathrm{K}_{2}}\mathop{\mathrm{K}_{1}}\mathop{\mathrm{K}_{2}}\varphi_{0}$ . This shows that $\mathop{\mathrm{K}_{2}}\mathop{\mathrm{K}_{1}}\mathop{\mathrm{K}_{2}}\varphi_{0}$ is an invalid formula in ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ .

Due to the symmetry of the partial product update model ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ , we can similarly show the invalidity of the remaining disjuncts in $\Phi_{3}$ . Therefore $\Phi_{3}$ is invalid in ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ .

Theorem 5.3.

For a system of $3$ agents with $\mathsf{Ag}=\{0,1,2\}$ , the consensus task is not solvable by the single-round synchronous message passing protocol.

5.4 Unsolvability of the consensus task, general case

We show the unsolvability for the general case, where the number of agents is $3$ or greater. The proof is almost the same as that for $3$ agents, but we have to argue the connectivity in a complex of higher dimension. Below we present a logical obstruction for the general case and discuss the connectivity symbolically on the formal description of actions.

Theorem 5.4.

For a system with $\mathsf{Ag}=\{0,\cdots,n-1\}$ ( $n\geq 3$ ), the consensus task is not solvable by the single-round synchronous message passing protocol.

Proof.

Let us define a guarded positive formula $\Phi_{n}$ ( $n\geq 3$ ) by:

\Phi_{n}\equiv\bigvee_{i\in\{0,\cdots,n-1\}}\mathop{\mathrm{K}_{(i+2)\bmod n}}\mathop{\mathrm{K}_{(i+1)\bmod n}}\mathop{\mathrm{K}_{(i+2)\bmod n}}\varphi_{i},

where $\varphi_{i}\equiv\bigvee_{a\in\mathsf{Ag}}\mathsf{alive}(a)\Rightarrow\mathsf{input}_{a}^{i}$ for each $i$ ( $0\leq i\leq n-1$ ).

We claim that $\Phi_{n}$ is a logical obstruction. Let $\mathcal{I}$ be the input model, $\mathbf{T}$ be the action model of the consensus task, $\mathbf{MP}$ be the action model of the synchronous message passing protocol, each defined for $n$ agents. We also let ${\mathcal{I}}\left\{{\mathbf{T}}\right\}$ and ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ be the partial product update models for the task and the protocol, respectively.

By Theorem 3.6, it suffices to show that $\Phi_{n}$ is valid in ${\mathcal{I}}\left\{{\mathbf{T}}\right\}$ but is invalid in ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ . The validity of $\Phi_{n}$ is ${\mathcal{I}}\left\{{\mathbf{T}}\right\}$ is similarly shown as we have demonstrated in Section 5.3.

Let us show that $\Phi_{n}$ is invalid in ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}=\langle{T^{\mathbf{MP}},\sim^{\mathbf{MP}},L^{\mathbf{MP}}}\rangle$ . Similarly as in Section 5.3, by symmetry, it suffices to show that $\mathop{\mathrm{K}_{2}}\mathop{\mathrm{K}_{1}}\mathop{\mathrm{K}_{2}}\varphi_{0}$ is false in some world of ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ . We show that ${\mathcal{I}}\left\{{\mathbf{MP}}\right\},(\left[{X}\right]_{\approx_{{\emptyset}^{\ast}}},{\emptyset}^{\ast})\not\models\mathop{\mathrm{K}_{2}}\mathop{\mathrm{K}_{1}}\mathop{\mathrm{K}_{2}}\varphi_{0}$ , where $X$ is a facet of $\mathcal{I}$ that is uniquely identified by the labeling $\ell^{\mathcal{I}}(X)=\{\mathsf{input}_{i}^{i}\mid 0\leq i\leq n-1\}$ .

Let us define $X^{\prime}$ be the facet of $\mathcal{I}$ that is uniquely determined by the labeling $\ell(X^{\prime})=\{\mathsf{input}_{0}^{1}\}\cup\{\mathsf{input}_{i}^{i}\mid 1\leq i\leq n-1\}$ . We show that $(\left[{X}\right]_{\approx_{{\emptyset}^{\ast}}},{\emptyset}^{\ast})$ and $(\left[{X^{\prime}}\right]_{\approx_{{\emptyset}^{\ast}}},{\emptyset}^{\ast})$ are connected along the following path:

(\left[{X}\right]_{\approx_{{\emptyset}^{\ast}}},{\emptyset}^{\ast})\sim^{\mathbf{MP}}_{2}(\left[{X}\right]_{\approx_{{\{0<1\}}^{\ast}}},{\{0<1\}}^{\ast})\sim^{\mathbf{MP}}_{1}(\left[{X^{\prime}}\right]_{\approx_{{\{0<1\}}^{\ast}}},{\{0<1\}}^{\ast})\sim^{\mathbf{MP}}_{2}(\left[{X^{\prime}}\right]_{\approx_{{\emptyset}^{\ast}}},{\emptyset}^{\ast}).

To show $(\left[{X}\right]_{\approx_{{\emptyset}^{\ast}}},{\emptyset}^{\ast})\sim^{\mathbf{MP}}_{2}(\left[{X}\right]_{\approx_{{\{0<1\}}^{\ast}}},{\{0<1\}}^{\ast})$ , it suffices to show ${\emptyset}^{\ast}\sim^{\mathbf{MP}_{0}}_{2}{\{0<1\}}^{\ast}$ , which immediately follows from $2\not\in\mathrm{lo}({\emptyset}^{\ast})\cup\mathrm{lo}({\{0<1\}}^{\ast})$ . The proof of $(\left[{X^{\prime}}\right]_{\approx_{{\{0<1\}}^{\ast}}},{\{0<1\}}^{\ast})\sim^{\mathbf{MP}}_{2}(\left[{X^{\prime}}\right]_{\approx_{{\emptyset}^{\ast}}},{\emptyset}^{\ast})$ is similar. For $(\left[{X}\right]_{\approx_{{\{0<1\}}^{\ast}}},{\{0<1\}}^{\ast})\sim^{\mathbf{MP}}_{1}(\left[{X^{\prime}}\right]_{\approx_{{\{0<1\}}^{\ast}}},{\{0<1\}}^{\ast})$ , since $X\not\sim^{\mathcal{I}}_{a}X^{\prime}$ if and only if $a\neq 0$ , it suffices to show that ${\{0<1\}}^{\ast}\sim^{\mathbf{MP}_{0}}_{1}{\{0<1\}}^{\ast}$ , which follows from $1\not\in\operatorname{lo}({\{0<1\}}^{\ast})$ .

All agents are alive in $(\left[{X^{\prime}}\right]_{\approx_{{\emptyset}^{\ast}}},{\emptyset}^{\ast})$ , that is, $\mathbf{MP},(\left[{X^{\prime}}\right]_{\approx_{{\emptyset}^{\ast}}},{\emptyset}^{\ast})\models\mathsf{alive}(a)$ holds for every $a\in\mathsf{Ag}$ . Furthermore, $L^{{\mathcal{I}}\left\{{\mathbf{MP}}\right\}}\bigl{(}(\left[{X^{\prime}}\right]_{\approx_{{\emptyset}^{\ast}}},{\emptyset}^{\ast})\bigr{)}=\{\mathsf{input}_{0}^{1}\}\cup\{\mathsf{input}_{i}^{i}\mid 1\leq i\leq n-1\}$ . These imply ${\mathcal{I}}\left\{{\mathbf{MP}}\right\},(\left[{X^{\prime}}\right]_{\approx_{{\emptyset}^{\ast}}},{\emptyset}^{\ast})\not\models\varphi_{0}$ . Traversing the above path in reverse order, we sequentially obtain ${\mathcal{I}}\left\{{\mathbf{MP}}\right\},(\left[{X^{\prime}}\right]_{\approx_{{\{0<1\}}^{\ast}}},{\{0<1\}}^{\ast})$ $\not\models\mathop{\mathrm{K}_{2}}\varphi_{0}$ , then ${\mathcal{I}}\left\{{\mathbf{MP}}\right\},(\left[{X}\right]_{\approx_{{\{0<1\}}^{\ast}}},{\{0<1\}}^{\ast})\not\models\mathop{\mathrm{K}_{1}}\mathop{\mathrm{K}_{2}}\varphi_{0}$ , and finally ${\mathcal{I}}\left\{{\mathbf{MP}}\right\},(\left[{X}\right]_{\approx_{{\emptyset}^{\ast}}},{\emptyset}^{\ast})\not\models\mathop{\mathrm{K}_{2}}\mathop{\mathrm{K}_{1}}\mathop{\mathrm{K}_{2}}\varphi_{0}$ . This proves that $\mathop{\mathrm{K}_{2}}\mathop{\mathrm{K}_{1}}\mathop{\mathrm{K}_{2}}\varphi_{0}$ is invalid in ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}$ .

Consequently, by Theorem 3.6, we conclude that the consensus task is not solvable by the synchronous message passing protocol, if the number of agents is $3$ or greater. ∎

6 Conclusion and Future Work

We have proposed the notion of partial product update models that is suitable for modeling distributed tasks and protocols in partial epistemic models, in which agents may die. Using partial product update models, we defined task solvability in partial epistemic models, thereby providing the logical method that allows a logical obstruction to prove the unsolvability of a distributed task. This logical method defined for partial product update models extends the original product update proposed for epistemic models: Given a pair of an input model $\mathcal{I}$ and an action model $\mathbf{A}$ , a partial product update model ${\mathcal{I}}\left\{{\mathbf{A}}\right\}$ refines the original product update model up to indistinguishability by the set of live agents. The unsolvability of a task is then proved by a logical obstruction. We have presented a concrete formula of epistemic logic to show that the consensus task is unsolvable by the single-round synchronous message passing protocol. We have shown that the formula is indeed a logical obstruction, where the partial product update model for the synchronous message passing protocol is constructed from an action model whose actions are posets of rank at most $1$ .

We have demonstrated an unsolvability result, but only for the consensus task and the single-round execution of the protocol. In contrast, the topological method can prove more general unsolvability results for $k$ -set agreement tasks and multiple-round execution of the protocol [7]. It is an interesting topic to pursue how to obtain these generalized results using the logical method.

The notion of partial product update itself could be of interest from the perspective of dynamic epistemic logic [11]. The original product update was developed in the context of dynamic updates of Kripke models: In terms of logic with epistemic action modalities, $\mathcal{I},X\models[\mathbf{A}]\varphi$ iff $\mathcal{I},X\models\mathsf{pre}(t)$ implies ${\mathcal{I}}\left[{\mathbf{A}}\right],(X,t)\models\varphi$ . It would be interesting to figure out an appropriate logical interpretation of partial product update.

Acknowledgment

The third author is supported by JSPS KAKENHI Grant Number 20K11678.

References

[1] Ronald Fagin, Joseph Y. Halpern, Yoram Moses, and Moshe Vardi. Reasoning About Knowledge. MIT press, 2004.
[2] Michael J. Fischer, Nancy A. Lynch, and Mike Paterson. Impossibility of distributed consensus with one faulty process. J. ACM, 32(2):374–382, 1985.
[3] Éric Goubault, Jérémy Ledent, and Sergio Rajsbaum. A simplicial complex model for dynamic epistemic logic to study distributed task computability. Inf. Comput., 278:104597, 2021.
[4] Éric Goubault, Jérémy Ledent, and Sergio Rajsbaum. A Simplicial Model for KB4 ${}_{\mbox{n}}$ : Epistemic Logic with Agents That May Die. In 39th International Symposium on Theoretical Aspects of Computer Science (STACS 2022), volume 219 of LIPIcs, pages 33:1–33:20, 2022.
[5] Maurice Herlihy. Wait-free synchronization. ACM Transactions on Programming Languages and Systems, 13(1):124–149, 1991.
[6] Maurice Herlihy, Dmitry N. Kozlov, and Sergio Rajsbaum. Distributed Computing Through Combinatorial Topology. Morgan Kaufmann, 2013.
[7] Maurice Herlihy, Sergio Rajsbaum, and Mark R. Tuttle. An overview of synchronous message-passing and topology. Electron. Notes Theor. Comput. Sci., 39(2):1–17, 2001.
[8] Jérémy Ledent. Geometric semantics for asynchronous computability. PhD thesis, University of Paris-Saclay, France, 2019. URL: https://tel.archives-ouvertes.fr/tel-02445180.
[9] Yutaro Nishida. Impossibility of $k$ -set agreement via dynamic epistemic logic (in Japanese). In Algebraic system, Logic, Language and Related Areas in Computer Sciences II, volume 2188 of RIMS Kôkyûroku, pages 96–105, Feb. 2020. URL: http://hdl.handle.net/2433/265621.
[10] Richard P. Stanley. Enumerative Combinatorics, volume 1 of Cambridge Studies in Advanced Mathematics. Cambridge University Press, 2nd edition, 2011.
[11] Hans van Ditmarsch, Wiebe van der Hoek, and Barteld Kooi. Dynamic Epistemic Logic, volume 337 of Synthese Library. Springer, 2008.
[12] Koki Yagi and Susumu Nishimura. Logical obstruction to set agreement tasks for superset-closed adversaries, 2020. URL: https://arxiv.org/abs/2011.13630.

Appendix

Appendix A Equivalence of The Two Task Solvabilities

A.1 The topological definition of task solvability

In the topological method for distributed computing, tasks and protocols are defined by means of carrier maps, where a carrier map is a color-preserving function that associates each simplex of an input complex with a subcomplex of an output complex [6]. However, the partial epistemic models in this paper are built around facets, not simplexes of arbitrary dimension, which implies that partial product update models cannot cover all aspects of carrier maps. (Partial product update models assume that all agents participate in the computation anyway, though some of them may crash during the execution.)

For this reason, in this paper we define the topological specification of a task or a protocol by a suboptimal function, which we call a facet map, that associates each facet of the input complex with a set of facets of the output complex.

In what follows, we assume the set of vertexes $V$ of a complex $\mathcal{C}=\langle{V,S,\chi}\rangle$ is a finite subset of $\mathsf{Ag}\times\mathsf{Value}$ and the coloring map is defined by $\chi\bigl{(}(a,v)\bigr{)}=a$ for each $(a,v)\in V$ . With this assumption, we can easily translate a complex $\langle{V,S,\chi}\rangle$ into the corresponding input simplicial model $\langle{V,S,\chi,\ell}\rangle$ given in Definition 3.4, by defining $\ell(X)=\{\mathsf{input}_{a}^{v}\mid(a,v)\in X\}$ , and similarly for the reverse translation. In this way, we will confuse a complex with an input simplicial model.

Definition A.1.

Given complexes $\mathcal{C}=\langle{V,S,\chi}\rangle$ and $\mathcal{D}=\langle{V^{\prime},S^{\prime},\chi^{\prime}}\rangle$ , a function $\Theta:\mathcal{F}(\mathcal{C})\to 2^{\mathcal{F}(\mathcal{D})}$ is called a facet map if it satisfies the following conditions.

•

$\Theta$ is color-preserving, that is, $\displaystyle\bigcup_{Y\in\Theta(X)}\chi^{\prime}(Y)\subseteq\chi(X)$ for every facet $X\in\mathcal{F}(\mathcal{C})$ ;
•

$\Theta$ is surjective, i.e., $\mathcal{F}(\mathcal{D})=\bigcup_{X\in\mathcal{F}(\mathcal{C})}\Psi(X)$ .

In order to define a task and a protocol, let $\mathcal{I}=\langle{V^{\mathcal{I}},S^{\mathcal{I}},\chi^{\mathcal{I}}}\rangle$ be the common input complex of them. A task is defined by a triple $\langle{\mathcal{I},\mathcal{O},\Delta}\rangle$ , which we call a simplicial task, where $\mathcal{O}=\langle{V^{\mathcal{O}},S^{\mathcal{O}},\chi^{\mathcal{O}}}\rangle$ is an output complex and $\Delta:\mathcal{F}(\mathcal{I})\mathrel{\to}2^{\mathcal{F}(\mathcal{O})}$ is a facet map. A protocol is defined by a triple $\langle{\mathcal{I},\mathcal{P},\Psi}\rangle$ , which we call a simplicial protocol, where $\mathcal{P}=\langle{V^{\mathcal{P}},S^{\mathcal{P}},\chi^{\mathcal{P}}}\rangle$ is an output complex and $\Psi:\mathcal{F}(\mathcal{I})\mathrel{\to}2^{\mathcal{F}(\mathcal{P})}$ is a facet map satisfying the following condition:

(A.1)

The condition (A.1) is a natural requirement for the protocol: If an agent $a$ observes the same output of the protocol in two facets $Y$ and $Y^{\prime}$ , the agent $a$ must also have agreed on the input in two facets $X$ and $X^{\prime}$ , where $Y$ (resp., $Y^{\prime}$ ) represents a possible global state of the system that is reachable from the global state of the initial input represented by $X$ (resp., $X^{\prime}$ ).

Definition A.2.

We say a protocol $\langle{\mathcal{I},\mathcal{P},\Psi}\rangle$ solves a task $\langle{\mathcal{I},\mathcal{O},\Delta}\rangle$ , if there exists a descision map, i.e., a chromatic simplicial map $\delta_{\mathrm{top}}:\mathcal{P}\to\mathcal{O}$ that satisfies

(A.2)

where $\delta_{\mathrm{top}}(\Psi(X))=\{\delta_{\mathrm{top}}(Y)\mid Y\in\Psi(X)\}$ , and the inclusion $\mathcal{S}\subseteq\mathcal{S^{\prime}}$ means that for any $X\in\mathcal{S}$ there exists $X^{\prime}\in\mathcal{S^{\prime}}$ such that $X\subseteq X^{\prime}$ .

A.2 Equivalence of two task solvabilities

We will show that the above topological task solvability using simplicial complexes can be translated to that using partial product update models (Definition 3.2). For this, we introduce a translation function $\overline{\kappa}$ as below.

Definition A.3.

Let $\mathcal{I}=\langle{V^{\mathcal{I}},S^{\mathcal{I}},\chi^{\mathcal{I}},\ell^{\mathcal{I}}}\rangle$ be an input simplicial model. We define a translation function $\overline{\kappa}$ that assigns an action model for a simplicial task or protocol $\langle{\mathcal{I},\mathcal{D},\Theta}\rangle$ by

\overline{\kappa}(\langle{\mathcal{I},\mathcal{D},\Theta}\rangle)=\mathbf{A}

where $\mathbf{A}=\langle{A,\sim^{A},\mathsf{pre}^{A}}\rangle$ is an action model consisting of:

•

The set of actions $A=\mathcal{F}(\mathcal{D})$ ;
•

The family of indistinguishability relations defined by $X\sim_{a}^{A}Y$ iff $a\in\chi^{A}(X\cap Y)$ ;
•

The precondition defined by $\mathsf{pre}^{A}(Y)=\bigvee\{\bigwedge\ell^{\mathcal{I}}(X)\mid X\in\mathcal{F}(\mathcal{I}),Y\in\Theta(X)\}$ .

The translation function $\overline{\kappa}$ is an augmentation of the functor $\kappa$ , which has been introduced in [4] to show the association of simplicial complexes with their corresponding partial epistemic frames, for the purpose of establishing the categorical equivalence of these two structures. As such, $\overline{\kappa}$ preserves the partial epistemic frame $\langle{\mathcal{F}(\mathcal{D}),\sim^{\mathcal{D}}}\rangle$ induced from $\mathcal{D}$ . Furthermore, the precondition $\mathsf{pre}^{A}$ gives the condition for $Y\in\mathcal{F}(\mathcal{D})$ to be a possible output of $\Theta$ for an input $X\in\mathcal{F}(\mathcal{I})$ , that is, $\mathcal{I},X\models\mathsf{pre}^{A}(Y)$ if and only if $Y\in\Theta(X)$ . In this sense, $\overline{\kappa}$ associates an action model that is equivalent to a given simplicial task or protocol.

Particularly for an action model $\mathbf{P}$ that is translated from a simplicial protocol $\langle{\mathcal{I},\mathcal{P},\Phi}\rangle$ , the partial product update model ${\mathcal{I}}\left\{{\mathbf{P}}\right\}$ has a partial epistemic frame that is isomorphic to that of $\mathbf{P}$ .

Proposition A.4.

Let $\mathcal{I}=\langle{V^{\mathcal{I}},S^{\mathcal{I}},\chi^{\mathcal{I}},\ell^{\mathcal{I}}}\rangle$ be an input simplicial model, $\langle{\mathcal{I},\mathcal{P},\Psi}\rangle$ be a simplicial protocol, and $\mathbf{P}=\overline{\kappa}(\langle{\mathcal{I},\mathcal{P},\Psi}\rangle)$ be the translated action model. Then the action model $\mathbf{P}$ and the partial product update model ${\mathcal{I}}\left\{{\mathbf{P}}\right\}$ have isomorphic partial epistemic frames.

Proof.

Let $\mathbf{P}=\langle{P,\sim^{P},\mathsf{pre}^{P}}\rangle$ and ${\mathcal{I}}\left\{{\mathbf{MP}}\right\}=\langle{W^{{\mathcal{I}}\left\{{\mathbf{MP}}\right\}},\sim^{{\mathcal{I}}\left\{{\mathbf{MP}}\right\}},L^{{\mathcal{I}}\left\{{\mathbf{MP}}\right\}}}\rangle$ . We define a pair of maps $f:P\to W^{{\mathcal{I}}\left\{{\mathbf{MP}}\right\}}$ and $g:W^{{\mathcal{I}}\left\{{\mathbf{MP}}\right\}}\to P$ by

f(Y)=([X]_{Y}^{\mathrm{pre}},Y)~{}~{}\text{and}~{}~{}g\bigl{(}([X]_{Y}^{\mathrm{pre}},Y)\bigr{)}=Y,

where $X,Y\in\mathcal{F}(\mathcal{I})$ .

We show that $f$ is well-defined, that is, the set $[X]_{Y}^{\mathrm{pre}}$ is not affected by the choice of $X$ . Suppose $([X]_{Y}^{\mathrm{pre}},Y),([X^{\prime}]_{Y}^{\mathrm{pre}},Y)\in W^{{\mathcal{I}}\left\{{\mathbf{MP}}\right\}}$ . By the definition of $[-]_{Y}^{\mathrm{pre}}$ , we have $\mathcal{I},X\models\mathsf{pre}^{P}(Y)$ and $\mathcal{I},X^{\prime}\models\mathsf{pre}^{P}(Y)$ , which implies $Y\in\Psi(X)$ and $Y\in\Psi(X^{\prime})$ . Then, by the condition (A.1) of the simplicial protocol, $X\sim^{\mathcal{I}}_{a}X^{\prime}$ for all $a\in\overline{Y}$ and therefore $[X]_{Y}^{\mathrm{pre}}=[X^{\prime}]_{Y}^{\mathrm{pre}}$ .

It is easy to see that $f$ and $g$ are inverses of each other, namely, $f\circ g=\mathrm{id}_{W^{{\mathcal{I}}\left\{{\mathbf{MP}}\right\}}}$ and $g\circ f=\mathrm{id}_{P}$ . Furthermore they preserve the indistinguishability relation. For $f$ , suppose $Y\sim^{P}_{a}Y^{\prime}$ , where $f(Y)=([X]_{Y}^{\mathrm{pre}},Y)$ and $f(Y^{\prime})=([X^{\prime}]_{Y^{\prime}}^{\mathrm{pre}},Y^{\prime})$ . By a similar discussion above, it follows that $Y\in\Psi(X)$ and $Y^{\prime}\in\Psi(X^{\prime})$ from the definition of $[-]_{Y}^{\mathrm{pre}}$ . This implies that $X\sim^{\mathcal{I}}_{a}X^{\prime}$ and therefore $f(Y)\sim^{{\mathcal{I}}\left\{{\mathbf{P}}\right\}}_{a}f^{\prime}(Y^{\prime})$ . For the converse, suppose $[X]_{Y}^{\mathrm{pre}}\sim^{{\mathcal{I}}\left\{{\mathbf{P}}\right\}}_{a}[X^{\prime}]_{Y^{\prime}}^{\mathrm{pre}}$ . Then, $Y\sim^{\mathcal{I}}_{a}Y^{\prime}$ and therefore $g(Y)\sim^{\mathcal{I}}_{a}g(Y^{\prime})$ .

The isomorphisms $f$ and $g$ can be regarded as morphisms over partial epistemic frames, defining $\hat{f}(Y)=\mathsf{sat}_{\overline{Y}}(f(Y))$ and $\hat{g}\bigl{(}([X]_{Y}^{\mathrm{pre}},Y)\bigr{)}=\mathsf{sat}_{\overline{Y}}\bigl{(}g\bigl{(}([X]_{Y}^{\mathrm{pre}},Y)\bigr{)}\bigr{)}$ . Hence $\langle{P,\sim^{P}}\rangle$ and ${\mathcal{I}}\left\{{\mathbf{P}}\right\}$ are isomorphic partial epistemic frames. ∎

We show the task solvability defined using simplicial complexes implies that defined using partial product update models. That is, the existence of a morphism $\delta_{\mathrm{top}}$ in Definition 3.5 implies the existence of a morphism $\delta_{\mathrm{krip}}$ in Definition A.2, and vice versa.

Lemma A.5.

Suppose a simplicial task $\langle{\mathcal{I},\mathcal{P},\Psi}\rangle$ and a simplicial protocol $\langle{\mathcal{I},\mathcal{O},\Delta}\rangle$ are given, where $\mathcal{I}=\langle{V^{\mathcal{I}},S^{\mathcal{I}},\chi^{\mathcal{I}},\ell^{\mathcal{I}}}\rangle$ is an input simplicial model. Let $\mathbf{P}=\overline{\kappa}(\langle{\mathcal{I},\mathcal{P},\Psi}\rangle)$ and $\mathbf{T}=\overline{\kappa}(\langle{\mathcal{I},\mathcal{O},\Delta}\rangle)$ be the action models for the protocol and the task, respectively. If there exists a morphism over partial epistemic models $\delta_{\mathrm{krip}}:{\mathcal{I}}\left\{{\mathbf{P}}\right\}\mathrel{\to}{\mathcal{I}}\left\{{\mathbf{T}}\right\}$ that satisfies the condition (3.1) in Definition 3.5, there exists a simplicial map $\delta_{\mathrm{top}}:\mathcal{P}\mathrel{\to}\mathcal{O}$ that satisfies the condition (A.2) in Definition A.2.

Proof.

Let $\mathbf{P}=\langle{P,\sim^{P},\mathsf{pre}^{P}}\rangle$ and $\mathbf{T}=\langle{T,\sim^{T},\mathsf{pre}^{T}}\rangle$ and also let $\mathcal{P}=\langle{V^{\mathcal{P}},S^{\mathcal{P}},\chi^{\mathcal{P}}}\rangle$ and $\mathcal{O}=\langle{V^{\mathcal{O}},S^{\mathcal{O}},\chi^{\mathcal{O}}}\rangle$ .

Using $\delta_{\mathrm{krip}}$ , we define a map $\delta_{\mathrm{top}}:V^{\mathcal{P}}\to V^{\mathcal{O}}$ by

\delta_{\mathrm{top}}(v)=u,

where $v$ and $u$ is any pair of vertexes such that $\chi^{\mathcal{P}}(v)=\chi^{\mathcal{O}}(u)$ and furthermore $v\in X$ , $u\in Y$ , and $([Z^{\prime}]_{Y}^{\mathrm{pre}},Y)\in\delta_{\mathrm{krip}}\bigl{(}([Z]_{X}^{\mathrm{pre}},X)\bigr{)}$ holds for some $X\in\mathcal{F}(\mathbf{P})$ , $Y\in\mathcal{F}(\mathbf{O})$ , and $Z,Z^{\prime}\in\mathcal{F}(\mathcal{I})$ .

We show $\chi^{\mathcal{P}}(v)$ is defined for every $v\in V^{\mathcal{P}}$ . Suppose $X$ is a facet satisfying $v\in X$ . By the surjectivity of $\Psi$ , there exists $Z\in\mathcal{F}(\mathcal{I})$ such that $X\in\Psi(Z)$ . This implies $([Z]_{X}^{\mathrm{pre}},X)$ is defined. Furthermore we have $\overline{X}\subseteq\overline{Y}$ , since $\delta_{\mathrm{krip}}$ preserves the indistinguishability, $\overline{X}\subseteq\overline{Y}$ . Let us define $\chi^{\mathcal{P}}(v)=u$ , where $u\in Y$ be the vertex such that $\chi^{\mathcal{O}}(u)=\chi^{\mathcal{P}}(v)$ . We show this uniquely defines $u$ . Suppose $u_{1},u_{2}\in V^{\mathcal{O}}$ are vertexes given by the definition, that is, $\chi^{\mathcal{P}}(v)=\chi^{\mathcal{O}}(u_{1})=\chi^{\mathcal{O}}(u_{2})$ and furthermore there exists $X_{1},X_{2}\in\mathcal{F}(\mathcal{P})$ , $Y_{1},Y_{2}\in\mathcal{F}(\mathcal{O})$ , and $Z_{1},Z_{2},Z_{1}^{\prime},Z_{2}^{\prime}\in\mathcal{F}(\mathcal{I})$ such that $v\in X_{i}$ , $u_{i}\in Y_{i}$ , and $([Z_{i}^{\prime}]_{Y_{i}}^{\mathrm{pre}},Y_{i})\in\delta_{\mathrm{krip}}\bigl{(}([Z_{i}]_{X_{i}}^{\mathrm{pre}},X_{i})\bigr{)}$ for each $i=1,2$ . By the definition of $\delta_{\mathrm{krip}}$ , we have $\overline{X_{i}}\subseteq\overline{Y_{i}}$ ( $i=1,2$ ) and hence $\overline{X_{1}\cap X_{2}}\subseteq\overline{Y_{1}\cap Y_{2}}$ . Since $v\in X_{1}\cap X_{2}$ , $\chi^{\mathcal{P}}(v)=\chi^{\mathcal{O}}(u_{1})=\chi^{\mathcal{O}}(u_{2})\in\overline{Y_{1}\cap Y_{2}}$ . This implies $u_{1},u_{2}\in Y_{1}\cap Y_{2}$ and hence $u_{1}=u_{2}$ .

To show that $\delta_{\mathrm{top}}$ defined above is a simplicial map, suppose $X=\{v_{0},\ldots,v_{m}\}\in\mathcal{F}(\mathcal{P})$ . By the surjectivity of $\Psi$ , there exists $Z\in\mathcal{F}(\mathcal{I})$ such that $X\in\Psi(Z)$ . This implies $([Z]_{X}^{\mathrm{pre}},X)\in\mathcal{F}({\mathcal{I}}\left\{{\mathbf{P}}\right\})$ . By the condition (3.1) for $\delta_{\mathrm{krip}}$ , $([Z^{\prime}]_{Y}^{\mathrm{pre}},Y)\in\delta_{\mathrm{krip}}\bigl{(}([Z]_{X}^{\mathrm{pre}},X)\bigr{)}$ for some $Y\in\mathcal{F}(\mathcal{O})$ and $Z^{\prime}\in\mathcal{F}(\mathcal{I})$ . By the definition of $\delta_{\mathrm{top}}$ , for each $v_{i}$ , we have $\delta_{\mathrm{top}}(v_{i})=u_{i}$ where $u_{i}$ is the unique vertex satisfying $u_{i}\in Y$ and $\chi^{\mathcal{O}}(u_{i})=\chi^{\mathcal{P}}(v_{i})$ . Therefore $\delta_{\mathrm{top}}(X)\subseteq Y\in\mathcal{F}(\mathcal{O})$ .

Let us show that $\delta_{\mathrm{top}}$ also satisfies (A.2). Suppose $X\in\mathcal{F}(\mathcal{I})$ and also $Y\in\Psi(X)$ . The latter implies $\mathcal{I},X\models\mathsf{pre}^{\mathbf{P}}(Y)$ and therefore $([X]_{Y}^{\mathrm{pre}},Y)$ is defined. Then by (3.1), there exists $([X^{\prime}]_{Y^{\prime}}^{\mathrm{pre}},Y^{\prime})\in\delta_{\mathrm{krip}}\bigl{(}([X]_{Y}^{\mathrm{pre}},Y)\bigr{)}$ such that $[X]_{Y}^{\mathrm{pre}}\subseteq[X^{\prime}]_{Y^{\prime}}^{\mathrm{pre}}$ . Since $X\in[X]_{Y}^{\mathrm{pre}}\subseteq[X^{\prime}]_{Y^{\prime}}^{\mathrm{pre}}$ , $[X^{\prime}]_{Y^{\prime}}^{\mathrm{pre}}=[X^{\prime}]_{Y^{\prime}}^{\mathrm{pre}}$ and henceforth $([X^{\prime}]_{Y^{\prime}}^{\mathrm{pre}},Y^{\prime})\in\mathcal{F}({\mathcal{I}}\left\{{\mathbf{T}}\right\})$ . This implies that $\mathcal{I},X\models\mathsf{pre}^{\mathbf{T}}(Y^{\prime})$ and hence $Y^{\prime}\in\Delta(X)$ . By the definition of $\delta_{\mathrm{top}}$ , $\delta_{\mathrm{top}}(X)\subseteq Y^{\prime}$ . Therefore $\delta_{\mathrm{top}}(\Psi(X))\subseteq\Delta(X)$ . ∎

The converse direction is proven as follows.

Lemma A.6.

Let $\mathbf{P}=\overline{\kappa}(\langle{\mathcal{I},\mathcal{P},\Psi}\rangle)$ and $\mathbf{T}=\overline{\kappa}(\langle{\mathcal{I},\mathcal{O},\Delta}\rangle)$ be the translated action model for a simplicial protocol $\langle{\mathcal{I},\mathcal{P},\Psi}\rangle$ and a simplicial task $\langle{\mathcal{I},\mathcal{O},\Delta}\rangle$ , respectively. If there exists a simplicial map $\delta_{\mathrm{top}}:\mathcal{P}\mathrel{\to}\mathcal{O}$ that satisfies (A.2), then there exists a morphism over partial epistemic models $\delta_{\mathrm{krip}}:{\mathcal{I}}\left\{{\mathbf{P}}\right\}\mathrel{\to}{\mathcal{I}}\left\{{\mathbf{T}}\right\}$ that satisfies (3.1).

Proof.

Let $\mathbf{P}=\langle{P,\sim^{P},\mathsf{pre}^{P}}\rangle$ and $\mathbf{T}=\langle{T,\sim^{T},\mathsf{pre}^{T}}\rangle$ . Using $\delta_{\mathrm{top}}$ , we define $\delta_{\mathrm{krip}}:{\mathcal{I}}\left\{{\mathbf{P}}\right\}\mathrel{\to}{\mathcal{I}}\left\{{\mathbf{T}}\right\}$ by

\delta_{\mathrm{krip}}\bigl{(}([X]_{Y}^{\mathrm{pre}},Y)\bigr{)}=\mathsf{sat}_{\overline{Y}}\bigl{(}([X]_{Z}^{\mathrm{pre}},Z)\bigr{)},

where $Z\in T$ , $\delta_{\mathrm{top}}(Y)\subseteq Z$ , $\overline{Z}\subseteq\overline{X}$ , and $\mathcal{I},X\models\mathsf{pre}^{T}(Z)$ .

There exists $Z\in T$ that satisfies this condition. By the definition of $[X]_{Y}^{\mathrm{pre}}$ , we have $\mathcal{I},X\models\mathsf{pre}^{P}(Y)$ , which implies $Y\in\Psi(X)$ . By the condition (A.2), there exists $Z\in\Delta(X)$ such that $\delta_{\mathrm{top}}(Y)\subseteq Z$ . This means $Z\in T$ and $\mathcal{I},X\models\mathsf{pre}^{T}(Z)$ . Furthermore, $\overline{Z}\subseteq\overline{X}$ because $\Delta$ is color-preserving.

The definition of $\delta_{\mathrm{krip}}$ is not affected by the choice of $Z$ . To show this, suppose $Z_{1},Z_{2}\in T$ such that $\delta_{\mathrm{top}}(Y)\subseteq Z_{i}$ , $\overline{Z_{i}}\subseteq\overline{X}$ , and $\mathcal{I},X\models\mathsf{pre}^{T}(Z_{i})$ ( $i=1,2$ ). From $\delta_{\mathrm{top}}(Y)\subseteq Z_{i}$ ( $i=1,2$ ), we have $\chi^{T}(Z_{1}\cap Z_{2})\supseteq\chi^{T}(\delta_{\mathrm{top}}(Y))=\chi^{P}(Y)$ . Hence $Z_{1}\sim_{\overline{Y}}^{T}Z_{2}$ . This implies $[X]_{Z_{1}}^{\mathrm{pre}}\sim_{\overline{Y}}^{{\mathcal{I}}\left\{{\mathbf{T}}\right\}}[X]_{Z_{2}}^{\mathrm{pre}}$ and therefore $\mathsf{sat}_{\overline{Y}}\bigl{(}([X]_{Z_{1}}^{\mathrm{pre}},Z_{1})\bigr{)}=\mathsf{sat}_{\overline{Y}}\bigl{(}([X]_{Z_{2}}^{\mathrm{pre}},Z_{2})\bigr{)}$ .

We show that $\delta_{\mathrm{krip}}$ is a morphism over partial epistemic models. Obviously it satisfies the saturation property by definition. To show that $\delta_{\mathrm{krip}}$ preserves the indistinguishability, suppose $([X_{1}]_{Y_{1}}^{\mathrm{pre}},Y_{1})\sim_{a}^{{\mathcal{I}}\left\{{\mathbf{P}}\right\}}([X_{2}]_{Y_{2}}^{\mathrm{pre}},Y_{2})$ . This implies $X_{1}\sim^{\mathcal{I}}_{a}X_{2}$ and $Y_{1}\sim_{a}^{P}Y_{2}$ , and in particular $a\in\chi^{\mathcal{P}}(Y_{1}\cap Y_{2})$ . For all $([X_{1}]_{Z_{1}}^{\mathrm{pre}},Z_{1})\in\delta_{\mathrm{krip}}\bigl{(}([X_{1}]_{Y_{1}}^{\mathrm{pre}},Y_{1})\bigr{)}$ and $([X_{2}]_{Z_{2}}^{\mathrm{pre}},Z_{2})\in\delta_{\mathrm{krip}}\bigl{(}([X_{2}]_{Y_{2}}^{\mathrm{pre}},Y_{2})\bigr{)}$ , we have $Z_{1}\sim^{T}_{\overline{Y_{1}\cap Y_{2}}}Z_{2}$ by the definition of $\delta_{\mathrm{krip}}$ . In particular, $Z_{1}\sim^{T}_{a}Z_{2}$ . Hence $([X_{1}]_{Z_{1}}^{\mathrm{pre}},Z_{1})\sim^{{\mathcal{I}}\left\{{\mathbf{T}}\right\}}_{a}([X_{2}]_{Z_{2}}^{\mathrm{pre}},Z_{2})$ . For the preservation of atomic propositions, suppose $([X]_{Y}^{\mathrm{pre}},Y)\in{\mathcal{I}}\left\{{\mathbf{P}}\right\}$ , $([X]_{Z}^{\mathrm{pre}},Z)\in\delta_{\mathrm{krip}}\bigl{(}([X]_{Y}^{\mathrm{pre}},Y)\bigr{)}$ , and $a\in\overline{Y}$ . By definition, $X\sim^{\mathcal{I}}_{a}X^{\prime}$ holds for every $X^{\prime}\in[X]_{Y}^{\mathrm{pre}}$ . This implies that $L^{{\mathcal{I}}\left\{{\mathbf{P}}\right\}}\bigl{(}([X]_{Y}^{\mathrm{pre}},Y)\bigr{)}\cap\mathsf{AP}_{a}=\ell^{\mathcal{I}}(X)\cap\mathsf{AP}_{a}$ . Similarly, $L^{{\mathcal{I}}\left\{{\mathbf{T}}\right\}}\bigl{(}([X]_{Z}^{\mathrm{pre}},Z)\bigr{)}\cap\mathsf{AP}_{a}=\ell^{\mathcal{I}}(X)\cap\mathsf{AP}_{a}$ . Therefore $L^{{\mathcal{I}}\left\{{\mathbf{P}}\right\}}\bigl{(}([X]_{Y}^{\mathrm{pre}},Y)\bigr{)}\cap\mathsf{AP}_{a}=L^{{\mathcal{I}}\left\{{\mathbf{T}}\right\}}\bigl{(}([X]_{Z}^{\mathrm{pre}},Z)\bigr{)}\cap\mathsf{AP}_{a}$ .

Finally, let us show that $\delta_{\mathrm{krip}}$ satisfies the condition (3.1). Suppose $\delta_{\mathrm{krip}}\bigl{(}([X]_{Y}^{\mathrm{pre}},Y)\bigr{)}=$ $\mathsf{sat}_{\overline{Y}}\bigl{(}([X]_{Z}^{\mathrm{pre}}$ , $Z)\bigr{)}$ where $Z\in T$ , $\delta_{\mathrm{top}}(Y)\subseteq Z$ , $\overline{Z}\subseteq\overline{X}=\mathsf{Ag}$ . Assume $X^{\prime}\in[X]_{Y}^{\mathrm{pre}}$ . By definition, $X\sim_{\overline{Y}}^{\mathcal{I}}X^{\prime}$ and $\mathcal{I},X^{\prime}\models\mathsf{pre}^{P}(Y)$ . The latter implies $Y\in\Psi(X^{\prime})$ and thus $\delta_{\mathrm{top}}(Y)\in\delta_{\mathrm{top}}(\Psi(X^{\prime}))$ . Since $\delta_{\mathrm{top}}(\Psi(X^{\prime}))\subseteq\Delta(X^{\prime})$ by (A.2), there exists $Z^{\prime}\in T$ such that $\delta_{\mathrm{top}}(Y)\subseteq Z^{\prime}$ and $Z^{\prime}\in\Delta(X^{\prime})$ . The former implies $\delta_{\mathrm{top}}(Y)\subseteq Z\cap Z^{\prime}$ and thus $Z\sim^{T}_{\overline{Y}}Z^{\prime}$ ; The latter implies $\mathcal{I},X^{\prime}\models\mathsf{pre}^{T}(Z^{\prime})$ and hence $[X^{\prime}]_{Z^{\prime}}^{\mathrm{pre}}$ . By these, we obtain $([X]_{Z}^{\mathrm{pre}},Z)\sim_{\overline{Y}}^{{\mathcal{I}}\left\{{\mathbf{T}}\right\}}([X^{\prime}]_{Z^{\prime}}^{\mathrm{pre}},Z^{\prime})$ . Therefore we have $([X^{\prime}]_{Z^{\prime}}^{\mathrm{pre}},Z^{\prime})\in\delta_{\mathrm{krip}}\bigl{(}([X]_{Y}^{\mathrm{pre}},Y)\bigr{)}$ , where $X^{\prime}\in[X^{\prime}]_{Z^{\prime}}^{\mathrm{pre}}$ trivially holds.

∎

Theorem A.7.

Suppose a simplicial task $\langle{\mathcal{I},\mathcal{P},\Psi}\rangle$ and a simplicial protocol $\langle{\mathcal{I},\mathcal{O},\Delta}\rangle$ are given, where $\mathcal{I}=\langle{V^{\mathcal{I}},S^{\mathcal{I}},\chi^{\mathcal{I}},\ell^{\mathcal{I}}}\rangle$ is an input simplicial model. Let $\mathbf{P}=\overline{\kappa}(\langle{\mathcal{I},\mathcal{P},\Psi}\rangle)$ and $\mathbf{T}=\overline{\kappa}(\langle{\mathcal{I},\mathcal{O},\Delta}\rangle)$ . Then a task $\langle{\mathcal{I},\mathcal{O},\Delta}\rangle$ is solvable by a protocol $\langle{\mathcal{I},\mathcal{P},\Psi}\rangle$ if and only if $\mathbf{T}$ is solvable by $\mathbf{P}$ .

Proof.

Follows from Lemma A.5 and A.6. ∎

Partial Product Updates for Agents of Detectable Failure and Logical Obstruction to Task Solvability

Abstract

1 Introduction

2 Partial Epistemic Model for Epistemic Logic

2.1 Topological model of distributed computing

Definition 2.1 (chromatic simplicial complex).

2.2 Partial epistemic model semantics for epistemic logic

Definition 2.2 (The syntax of epistemic logic).

Definition 2.3 (partial epistemic model).

Definition 2.4.

Proposition 2.5 (knowledge gain).

2.3 Simplicial models and the equivalence with partial epistemic models

Definition 2.6 (simplicial models).

Example 2.1.

3 Partial Product Update and Task Solvability

3.1 Partial product update

Definition 3.1 (action model).

Definition 3.2 (partial product update).

Proposition 3.3.

Proof.

3.2 Task solvability in partial product update models

Definition 3.4 (input simplicial model).

Definition 3.5.

3.3 Logical obstruction theorem

Theorem 3.6.

Proof.

4 Action Model for Synchronous Message Passing Protocol

4.1 Actions as posets of rank at most 11

4.2 Constructing the action model 𝐌𝐏\mathbf{MP}

Definition 4.1.

Example 4.1.

Definition 4.2 (action model of synchronous message passing).

Proposition 4.3.

Proof.

Example 4.2.

5 Logical Obstruction for Synchronous Message Passing Protocol

5.1 Action model for the consensus task

Definition 5.1 (Partial product update model of the consensus task).

5.2 Solvability of the consensus task with 2 agents

Theorem 5.2.

5.3 Unsolvability of the consensus task with 3 agents

Theorem 5.3.

5.4 Unsolvability of the consensus task, general case

Theorem 5.4.

Proof.

6 Conclusion and Future Work

Acknowledgment

References

Appendix

Appendix A Equivalence of The Two Task Solvabilities

A.1 The topological definition of task solvability

Definition A.1.

Definition A.2.

A.2 Equivalence of two task solvabilities

Definition A.3.

Proposition A.4.

Proof.

Lemma A.5.

Proof.

Lemma A.6.

Proof.

Theorem A.7.

Proof.

4.1 Actions as posets of rank at most $1$

4.2 Constructing the action model $\mathbf{MP}$