Alice (General A)
Bob (General B)
Proof Escalation Progress
Protocol Outcome
Protocol of Theseus Test
Run parallel simulations across loss rates (0% → 99.9999%) to verify symmetric outcomes.
Proof Nesting Visualization
Each proof level embeds the previous, creating self-certifying artifacts
Probability Scale Comparison
Understanding 10-1565 in perspective
The protocol's failure probability is 1,488 orders of magnitude smaller than guessing a 256-bit key on the first try.
Risk Decomposition
Where does residual risk actually come from?
The dominant source of risk is no longer the protocol logic or channel unreliability. It's implementation fidelity—the hallmark of a solved problem in engineering.
Lean 4 Formal Verification
Machine-verified correctness, not just testing
theorem safety
Impossible for one party to ATTACK while other REJECTs
theorem attack_needs_both
ATTACK requires both parties reaching commitment
theorem bilateral_receipt_implies_common_knowledge
Bilateral receipt pair establishes full common knowledge
theorem common_knowledge_implies_coordination
Common knowledge guarantees symmetric action
Proofs available in lean4/ directory. Awaiting peer review.
How It Works
Phase 1: Commitment (C)
Each party generates and floods a signed commitment: "I will attack if you agree"
C_X = Sign_X("I will attack at dawn if you agree")
Phase 2: Double Proof (D)
Upon receiving counterparty's C, construct D embedding both commitments
D_X = Sign_X(C_X ∥ C_Y ∥ "Both committed")
Phase 3: Triple Proof (T)
Upon receiving D, construct T containing all prior proofs
T_X = Sign_X(D_X ∥ D_Y ∥ "Both have doubles")
Phase 4: Quaternary Fixpoint (Q)
The bilateral receipt pair that proves mutual constructibility
Q_X = Sign_X(T_X ∥ T_Y ∥ "Fixpoint achieved")
Q_A exists → contains T_B → Bob had D_A → Bob can construct T_B → Bob can construct Q_B
Each half cryptographically proves the other half is constructible.