Implementability of Global Distributed Protocols modulo Network Architectures

Global protocols specify distributed, message-passing protocols from a birds-eye view, and are used as a specification for synthesizing local implementations. Implementability asks whether a given global protocol admits a distributed implementation. We present the first comprehensive investigation of global protocol implementability modulo network architectures. We propose a set of network-parametric Coherence Conditions, and exhibit sufficient assumptions under which it precisely characterizes implementability. We further reduce these assumptions to a minimal set of operational axioms describing insert and remove behavior of individual message buffers. Our reduction immediately establishes that five commonly studied asynchronous network architectures, namely peer-to-peer FIFO, mailbox, senderbox, monobox and bag, are instances of our network-parametric result. We use our characterization to derive optimal complexity results for implementability modulo networks, relationships between classes of implementable global protocols, and symbolic algorithms for deciding implementability modulo networks. We implement the latter in the first network-parametric tool Sprout(A), and show that it achieves network generality without sacrificing performance and modularity.

💡 Research Summary

The paper tackles the fundamental question of whether a global protocol—specified as a high‑level, message‑sequence chart describing the intended interactions among distributed participants—can be realized as a correct distributed implementation under a given asynchronous network architecture. While prior work has largely focused on the classic peer‑to‑peer FIFO model, the authors observe that real‑world systems employ a variety of communication semantics (mailboxes, sender‑boxes, bags, etc.) and that the implementability of a protocol may change dramatically with the underlying network.

To address this, the authors introduce a network‑parametric framework. A network architecture is formalized as a tuple (A = (C, B, ch, ins, rem, b_0)) consisting of a set of channels, a set of possible channel contents, a mapping from participants to channels, and primitive insert and remove operations on channel buffers together with an initial buffer state. This abstract representation can capture the five canonical asynchronous models studied in the literature: peer‑to‑peer FIFO, mailbox (many‑to‑one FIFO), sender‑box (one‑to‑many FIFO), monobox (one‑to‑one FIFO), and bag (unordered multiset).

On top of this, the authors define Generalized Coherence Conditions (GCC)—semantic constraints that describe when a sequence of insertions and removals is “coherent” with the intended global behavior. The GCC are first presented as language‑theoretic sufficient conditions: the set of channel words must be closed under certain algebraic operations (e.g., commutation of independent insert/remove actions, preservation of FIFO order where required). These conditions guarantee that the GCC are both sound (any implementation satisfying them respects the global protocol) and complete (if a protocol is implementable under the architecture, there exists a set of local machines satisfying the GCC).

Crucially, the authors reduce the abstract language conditions to a minimal axiomatic model of buffer operations. The axioms are: (1) insertion is always enabled; (2) removal is enabled exactly when the target message is present; (3) insertions and removals on distinct buffers commute; (4) FIFO buffers preserve insertion order for removals; (5) bag buffers ignore order. Proving that a concrete architecture satisfies these five axioms is far simpler than reasoning about the full language, and it immediately shows that the five canonical models are instances of the framework. Moreover, the axioms impose no restriction on the communication topology, allowing heterogeneous architectures that mix different buffer types.

With the theoretical foundation in place, the paper derives several algorithmic and complexity results. For finite‑state global protocols, the implementability problem is shown to be co‑NP‑complete for all five architectures, even when the protocol fragment is restricted to directed‑choice multiparty session types. This matches known lower bounds for the FIFO case and demonstrates optimality across architectures. For symbolic protocols that include first‑order constraints on data, the authors encode the GCC into the first‑order fixed‑point logic (\mu)CLP, yielding a symbolic decision procedure that can handle infinitely many states and data values.

The authors implement these ideas in Sprout(A), an extension of the existing Sprout tool that previously only handled p2p FIFO. Sprout(A) accepts a description of the network architecture (i.e., the buffer axioms) as a plug‑in and reuses the same symbolic algorithm to decide implementability. Empirical evaluation on a benchmark suite shows that Sprout(A) incurs no noticeable performance penalty compared to the original tool, while gaining the ability to verify protocols under all five architectures and arbitrary mixtures thereof.

In summary, the paper makes four major contributions: (1) it formalizes the implementability problem modulo network architectures, (2) it provides a network‑parametric characterization that is both sound and complete under clear sufficient conditions, (3) it reduces these conditions to a tiny set of operational buffer axioms, and (4) it delivers practical algorithms and a first‑of‑its‑kind tool that validates the theory. By unifying the treatment of diverse asynchronous communication models, the work opens the door for protocol designers to reason about correctness without committing early to a specific network, thereby reducing development effort and increasing confidence in distributed systems.