Soundness Proof

Mathematical Definitions

$Linear(x, q, r) ~ out => out = q*x + r$
$Concrete(k) ~ out => out =$
$Add(out, b) ~ a => out = a + b$
$AddCheckLinear(out, x, q, r) ~ b => out = q*x + (r + b)$
$AddCheckConcrete(out, k) ~ b => out = k + b$
$Mul(out, b) ~ a => out = a * b$
$MulCheckLinear(out, x, q, r) ~ b => out = q*b*x + r*b$
$MulCheckConcrete(out, k) ~ b => out = k*b$
$ReLU(out) ~ x => out = IF (x > 0) THEN x ELSE 0$
$Materialize(out) ~ x => out = x$

Soundness of Translation

ReLU

ONNX ReLU node is defined as:
$Y = X if X > 0 else 0$

The translation defines the interactions:
$x_i ~ ReLU(y_i)$

By definition this interaction is equal to:
$y_i = IF (x_i > 0) THEN x_i ELSE 0$

Gemm

ONNX Gemm node is defined as:
$Y = alpha * A * B + beta * C$

The translation defines the interactions:
$a_i ~ Mul(v_i, Concrete(alpha * b_i))$
$Add(...(Add(y_i, v_1), ...), v_n) ~ Concrete(beta * c_i)$

By definition this interaction is equal to:
$v_i = alpha * a_i * b_i$
$y_i = v_1 + v_2 + ... + v_n + beta * c_i$

By grouping the operations we get:
$Y = alpha * A * B + beta * C$

Identiry / Flatten / Reshape / Squeeze / Unsqueeze

Just identity mapping because wires represent a single element and they are not structured as Tensors.
$out_i ~ in_i$

MatMul

Equal to Gemm with $alpha=1$ , $beta=0$ and $C=0$ .

Add

ONNX Add node is defined as:
$C = A + B$

The translation defines the interactions:
$Add(c_i, b_i) ~ a_i$

By definition this interaction is equal to:
$c_i = a_i + b_i$

By grouping the operations we get:
$C = A + B$

Sub

ONNX Sub node is defined as:
$C = A - B$

The translation defines the interactions:
$Add(c_i, neg_b_i) ~ a_i$
$Mul(neg_b_i, Concrete(-1)) ~ b_i$

By definition this interaction is equal to:
$c_i = a_i + neg_b_i$
$neg_b_i = -1 * b_i$

By grouping the operations we get:
$C = A - B$

Slice

ONNX Slice is defined as:
$out_j = in_{start + (j * step)}$

The translations creates a wiring analog to the above definition:
$out_j ~ in_{start + (j * step)}$

Soundness of Interaction Rules

Materialize

The Materialize agent transforms a Linear agent into a tree of explicit mathematical operations
that are used as final representation for the solver.
In the Python module the terms are defined as:

def TermAdd(a, b):
    return a + b  
def TermMul(a, b):
    return a * b
def TermReLU(x):
    return z3.If(x > 0, x, 0)

Linear >< Materialize

$Linear(x, q, r) >< Materialize(out) => (1), (2), (3), (4), (5)$

LHS:
$Linear(x, q, r) ~ wire$
$Materialize(out) ~ wire$
$q*x + r = wire$
$out = wire$
$out = q*x + r$

Case 1:

$q = 0 => out ~ Concrete(r), x ~ Eraser$

RHS:
$out = r$

EQUIVALENCE:
$0*x + r = r => r = r$

Case 2:

$q = 1, r = 0 => out ~ x$

RHS:
$x = out$
$out = x$

EQUIVALENCE:
$1*x + 0 = x => x = x$

Case 3:

$q = 1 => out ~ TermAdd(x, Concrete(r))$

RHS:
$out = x + r$

EQUIVALENCE:
$1*x + r = x + r => x + r = x + r$

Case 4:

$r = 0 => out ~ TermMul(Concrete(q), x)$

RHS:
$out = q*x$

EQUIVALENCE:
$q*x + 0 = q*x => q*x = q*x$

Case 5:

$otherwise => out ~ TermAdd(TermMul(Concrete(q), x), Concrete(r))$

RHS:
$out = q*x + r$

EQUIVALENCE:
$q*x + r = q*x + r$

Concrete >< Materialize

$Concrete(k) >< Materialize(out) => out ~ Concrete(k)$

LHS:
$Concrete(k) ~ wire$
$Materialize(out) ~ wire$
$k = wire$
$out = wire$
$out = k$

RHS:
$out = k$

EQUIVALENCE:
$k = k$

Add

Linear >< Add

$Linear(x, q, r) >< Add(out, b) => b ~ AddCheckLinear(out, x, q, r)$

LHS:
$Linear(x, q, r) ~ wire$
$Add(out, b) ~ wire$
$q*x + r = wire$
$out = wire + b$
$out = q*x + r + b$

RHS:
$out = q*x + (r + b)$

EQUIVALENCE:
$q*x + r + b = q*x + (r + b) => q*x + (r + b) = q*x + (r + b)$

Concrete >< Add

$Concrete(k) >< Add(out, b) => (1), (2)$

LHS:
$Concrete(k) ~ wire$
$Add(out, b) ~ wire$
$k = wire$
$out = wire + b$
$out = k + b$