sound auction specification and implementation
play

Sound auction specification and implementation Marco Caminati 1 - PowerPoint PPT Presentation

Jun 21, 2023 •247 likes •507 views

Sound auction specification and implementation Marco Caminati 1 Manfred Kerber 1 Christoph Lange 2 Colin Rowat 3 1 Computer Science, University of Birmingham 2 Fraunhofer IAS and University of Bonn 3 Economics, University of Birmingham 18 June,

  1. Sound auction specification and implementation Marco Caminati 1 Manfred Kerber 1 Christoph Lange 2 Colin Rowat 3 1 Computer Science, University of Birmingham 2 Fraunhofer IAS and University of Bonn 3 Economics, University of Birmingham 18 June, 2015 EC’15 https://github.com/formare/auctions 1 / 24

  2. Introduction Outline Introduction 1 Successes of mechanised reasoning 2 Combinatorial Vickrey’s auctions 3 Sound specification 4 Code extraction 5 Conclusions 6 2 / 24

  3. Introduction Two problems & a unified solution How can we be sure that: an auction design is soundly specified, possessing the properties 1 that its designers wish it to have? an actual auction faithfully implements the intended design? 2 failure on either front can be very costly typical solution: playtest the design Dijkstra: “testing shows the presence, not the absence of bugs” our unified solution use mechanised reasoning to prove properties on the design 1 extract verified executable code to run it 2 mechanised reasoners perform logical operations check existing proofs / codify knowledge 1 search for new proofs 2 we work with Isabelle, a higher-order logic theorem prover 3 / 24

  4. Successes of mechanised reasoning Outline Introduction 1 Successes of mechanised reasoning 2 Combinatorial Vickrey’s auctions 3 Sound specification 4 Code extraction 5 Conclusions 6 4 / 24

  5. Successes of mechanised reasoning Pure maths Example (Four colour-map theorem [AH77; AHK77; Gon08]) exhaustive computations required to originally prove the theorem in doing so, corrected some human experts’ calculations mechanized proof checkers have confirmed these results formally Example (Kepler’s conjecture (1611) [Hal05; Hal12]) Hales’ original proof: 120 pages and > 500MB of computer code 12 referees took five years to become “99% certain” he was right Hales founds Project Flyspeck to establish a formal proof 2014: Flyspeck complete Example (Robbins’ conjecture [HMT71; McC97]) beguilingly simple, but open for 60 years, a favourite of Tarski McCune’s solver generated a 17-step proof, later reduced to eight 5 / 24

  6. Successes of mechanised reasoning Software verification [Woo+09] a computer programme defines a logical universe within which certain statements may or may not be true proof assistants can seek to prove or disprove these statements as theorems Example (commuter rail systems) No two trains shall occupy the same location at the same time. Example (financial transactions software) Transactions do not create or destroy value, but merely transfer it. 6 / 24

  7. Successes of mechanised reasoning Hardware verification Example (1994: Pentium floating point division bug) worst known relative error 0.006% Intel calculated typical user would be affected once in 9 billion division operations cost Intel $475mn model chips as logical systems (AND, OR, etc. gates) prove theorem for each property to be implemented [Har06] 7 / 24

  8. Successes of mechanised reasoning Economic theory Example (Subsuming Arrow’s impossibility theorem [TL09]) manual induction proof: Arrow’s theorem holds if it holds on a base case of 2 agents and 3 alternatives computer exhaustively verifies the theorem on all base cases manual inspection of the computationally generated base cases identified a new theorem subsuming Arrow’s Chatterjee and Sen [CS14]: “As far as we know . . . the only Arrow-type result . . . that does not use an axiom other than IIA” Example (Ranking sets of objects [GE11]) which axioms are mutually incompatible [BBP04]? computational sweep of small domains for each set of axioms generated 84 impossibility theorems & resolved an open question can also make statistical observations 8 / 24

  9. Combinatorial Vickrey’s auctions Outline Introduction 1 Successes of mechanised reasoning 2 Combinatorial Vickrey’s auctions 3 Sound specification 4 Code extraction 5 Conclusions 6 9 / 24

  10. Combinatorial Vickrey’s auctions A combinatorial Vickrey’s auction [q.v. AM06] agents: { 0 , . . . , N } , with 0 the seller, the rest bidders seller’s endowment: Ω � ∅ , indivisible goods allocation: pairwise disjoint subsets of Ω , X 0 , . . . , X N bids: b n ( X ) , ∀ X ⊆ Ω solve for allocations, prices in the winner determination problem: N N X ∗ ∈ arg max � � X n ⊆ Ω & X n ∩ X n ′ = ∅ for n � n ′ b n ( X n ) s.t. X 1 ,..., X N n = 1 n = 1 � b m ( X ∗ m ) (1) p n ≡ α n − m � n where    � �  � X m ⊆ Ω & X m ∩ X m ′ = ∅ for m � m ′   max b m ( X m ) α n ≡  �  �   X m    m � n m � n  m = 1 ,..., N is the value when solved without n ’s bids. rerun the WDP over random bids to break ties 10 / 24

  11. Sound specification Outline Introduction 1 Successes of mechanised reasoning 2 Combinatorial Vickrey’s auctions 3 Sound specification 4 Code extraction 5 Conclusions 6 11 / 24

  12. Sound specification Formally defining a VCG auction the set of possible allocations 1 f () , which solves the WDP 2 vcga applies f () twice, the 2 nd time with random bids to break ties 3 vcgp solves for prices (1) 4 abbreviation “ vcgas N Ω b r == Outside { seller } ‘ (( argmax ◦ setsum ) ( randomBids N Ω b r ) (( argmax ◦ setsum ) b ( allAllocations ( { seller } ∪ N ) ( set Ω)))) ” abbreviation expands “ vcgas ” (like a preprocessor macro) vcgas takes N , Ω , b and r as arguments applies f () to bids b , returning the value-maximizing allocations 3 applies f () to the value-maximising allocations, using randomBids 2 “ Outside { seller } ” excludes { seller } from the domain 1 12 / 24

  13. Sound specification VCG auctions are functions Theorem Consider a combinatorial VCG auction. Given any set of goods and feasible bid vectors, and a random number, r, there is exactly one solution to the WDP at prices p n as defined in equation (1) . as Isabelle accepts vcgas , it is a (total) function, mapping from every element of its domain to a unique result it remains to prove that vcgas returns a singleton theorem vcgaDefiniteness : assumes “ distinct Ω ” and “ set Ω � {} ” and “ finite N ” shows “ card ( vcgas N Ω b r ) = 1” “ distinct ” states that Ω contains each good exactly once “ card ” returns the cardinality of finite sets (n.b. 0 for ∅ , ∞ sets) 13 / 24

  14. Sound specification Proving that vcgas returns a singleton 1 proof − 2 have “ card (( argmax ◦ setsum ) ( randomBids N Ω b r ) 3 (( argmax ◦ setsum ) b ( allAllocations ( N ∪ seller ) ( set Ω)))) = 1” 4 ( is “ card ? X = 1” ) using assms lm 08 by blast moreover have “ ( Outside ′ { seller } ) ‘ ? X = vcgas N Ω b r ” by blast 5 6 ultimately show ? thesis using cardOneImageCardOne by blast 7 qed proof begins the proof; the − switch selects manual inference have . . . using . . . by structures the proof: have asserts the expressions to be proved using introduces the facts to be used in discharging the proof obligation by invokes a specified proof method 14 / 24

  15. Sound specification Proving that vcgas returns a singleton lines 2, 3: claims the cardinality of the set of solutions to the second WDP (prior to removing the seller’s allocation) is 1 line 4: establishes it by applying a proof method called blast to the theorem’s assumptions, assms , and a pre-existing lemma blast manipulates ‘simple’ objects in higher-order logic Lemma cardOneImageCardOne can quantify over all functions and sets, but need only do so over function Outside ′ { seller } and set of allocations ? X line 5: Outside ′ { seller } ‘ A is a singleton whenever A is line 6: ultimately refers to previously established results prefixed by moreover show notes that we next seek to establish ? thesis , the proof obligation at the current level of reasoning 15 / 24

  16. Sound specification Other theorems formally proved Theorem Consider a combinatorial VCG auction. Then the sets X ∗ 1 , . . . , X ∗ N are pairwise disjoint. Theorem Consider a combinatorial VCG auction. Then g ∈ X ∗ m implies g ∈ Ω . Theorem For a VCG auction, the prices defined in (1) are non-negative ∀ n ∈ N. 16 / 24

  17. Code extraction Outline Introduction 1 Successes of mechanised reasoning 2 Combinatorial Vickrey’s auctions 3 Sound specification 4 Code extraction 5 Conclusions 6 17 / 24

  18. Code extraction Classical and constructive definitions classical definitions 1 often intuitive, expressed in terms of characterising properties no information on how to compute Example (Classical set maximum) � � � � ∄ y ∈ X s.t. y > x Max X ≡ x ∈ X � constructive definitions 2 less useful in proving theorems as no mention of characterising properties computable Example (Computable set maximum) define the helper function max in the usual way on pairs of objects define the base case for the inductively defined Max { a } = a define the recursive step Max ( { a } ∪ A ) = max ( a , Max a ) 18 / 24

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Auction Overview 106 single residential blocks for sale by Public Auction. Auction schedule

Auction Overview 106 single residential blocks for sale by Public Auction. Auction schedule

Auction Overview 106 single residential blocks for sale by Public Auction. Auction schedule and reserve prices are published in the sales flyer. Auction commences at 9am Saturday 27 February 2016 at the National Convention Centre,

551 views • 31 slides
The Sun Network File System (NFS) An implementation and a specification of a software system

The Sun Network File System (NFS) An implementation and a specification of a software system

The Sun Network File System (NFS) An implementation and a specification of a software system for accessing remote files across LANs . NFS The implementation is part of the Solaris and SunOS operating systems running on Sun workstations

327 views • 3 slides
SAFE Formal Specification and Implementation of a Scalable Analysis Framework for ECMAscript

SAFE Formal Specification and Implementation of a Scalable Analysis Framework for ECMAscript

SAFE Formal Specification and Implementation of a Scalable Analysis Framework for ECMAscript PLRG@KAIST Hongki Lee , Sooncheol Won, Joonho Jin, Junhee Cho, and Sukyoung Ryu Contents Introduction Big Picture Formal Specification

631 views • 25 slides
Second Price Auction A painting worth of W dollars is for sale through an auction. ! N

Second Price Auction A painting worth of W dollars is for sale through an auction. ! N

Second Price Auction A painting worth of W dollars is for sale through an auction. ! N bidders (buyers) participate in the auction. ! Each bidder i writes down his name and a bid b i 0 on a piece of paper, and submits to the

463 views • 34 slides
What is auction? Auction - Originated from Latin term Augeo means I augment or

What is auction? Auction - Originated from Latin term Augeo means I augment or

What is auction? Auction - Originated from Latin term Augeo means I augment or I increase A process of selling or buying goods by obtaining bids from prospective bidders. To sell- Forward auction, to Buy Reverse

540 views • 36 slides
"Specification-by-Example: A Cucumber Implementation" Presented by: Mary Thorn

"Specification-by-Example: A Cucumber Implementation" Presented by: Mary Thorn

AT10 Concurrent Session 11/8/2012 3:45 PM "Specification-by-Example: A Cucumber Implementation" Presented by: Mary Thorn Deutsche Bank Brought to you by: 340 Corporate Way, Suite 300, Orange Park, FL 32073 888 268 8770 904

389 views • 20 slides
Sound 1 Sound "50% of the movie experience is sound - George Lucas Sound is used

Sound 1 Sound "50% of the movie experience is sound - George Lucas Sound is used

Sound 1 Sound "50% of the movie experience is sound - George Lucas Sound is used to create: Mood Ambience Drama Environmental clues Continuity Feedback Practical Issues Real-time requirement

311 views • 17 slides
? Message sound Message P(wolf|sound) P(sound| wolf) x P(wolf) 1 9/4/19 P(sound| wolf)

? Message sound Message P(wolf|sound) P(sound| wolf) x P(wolf) 1 9/4/19 P(sound| wolf)

9/4/19 Speech Hynek Hermansky Elecrical and Computer Engineering Hackerman 324Fp ? Message sound Message P(wolf|sound) P(sound| wolf) x P(wolf) 1 9/4/19 P(sound| wolf) no wolf wolf loudness timbre (sound color) More

334 views • 14 slides
CAISO CRR Auction Efficiency Initiative Congestion Revenue Rights Auction Efficiency Working Group

CAISO CRR Auction Efficiency Initiative Congestion Revenue Rights Auction Efficiency Working Group

CAISO CRR Auction Efficiency Initiative Congestion Revenue Rights Auction Efficiency Working Group 12/19/2017 Overview 1. Comments on CAISO analysis 2. Issues with current CRR Auction design 3. Proposed Principles for a Reformed CRR Market

223 views • 10 slides
Approximating Term Rewrite Systems: a Horn Clause Specification and its Implementation John

Approximating Term Rewrite Systems: a Horn Clause Specification and its Implementation John

Approximating Term Rewrite Systems: a Horn Clause Specification and its Implementation John Gallagher Mads Rosendahl University of Roskilde, Denmark Supported by Danish Natural Science Research Council project SAFT LPAR'2008 Doha,

498 views • 30 slides
Welcome to the PASSA 2019 Fall Conference Live Auction PASSA Live Auction To Benefit the PASSA

Welcome to the PASSA 2019 Fall Conference Live Auction PASSA Live Auction To Benefit the PASSA

Welcome to the PASSA 2019 Fall Conference Live Auction PASSA Live Auction To Benefit the PASSA PAC and Legislative Funds with Auctioneer Lonnie Bickford , StorageAuctions.com and Appletree Self Storage PASSA Live Auction Item #1: Generously

338 views • 12 slides
Dont distract me while I am winning this auction! The psychology of auction fraud David Modic

Dont distract me while I am winning this auction! The psychology of auction fraud David Modic

Dont distract me while I am winning this auction! The psychology of auction fraud David Modic Collaborators (in chronological order): Stephen E. G. Lea, Ross Anderson, Jussi Paalomaki, Richard Clayton, Alice Hutchings Cambridge Cybercrime

783 views • 30 slides
Spectrum Auctions What is a Spectrum Auction? Definition: A formal auction run by the Federal

Spectrum Auctions What is a Spectrum Auction? Definition: A formal auction run by the Federal

Spectrum Auctions What is a Spectrum Auction? Definition: A formal auction run by the Federal Communications Commission (FCC) for licenses of the electromagnetic spectrum that are open to any eligible company or individual that has submitted

495 views • 23 slides
Auctions 1. Auction off a single item (a) by open ascending bid ("English") auction

Auctions 1. Auction off a single item (a) by open ascending bid ("English") auction

Auctions 1. Auction off a single item (a) by open ascending bid ("English") auction Auctioneer raises asking price until all but one bidder drops out (b) by Dutch auction (descending asking price) Auctioneer starts a clock with

427 views • 8 slides
SOUND SOUND Wha hat is t is sound sound? Click on the image below to find out. Sounds are

SOUND SOUND Wha hat is t is sound sound? Click on the image below to find out. Sounds are

SOUND SOUND Wha hat is t is sound sound? Click on the image below to find out. Sounds are made when objects vibrate and the vibrations travel to enter you ear. You hear these vibrations as sounds. Sound is all around us We cannot

357 views • 9 slides
CS137: Today Electronic Design Automation Specification/Implementation Abstraction

CS137: Today Electronic Design Automation Specification/Implementation Abstraction

CS137: Today Electronic Design Automation Specification/Implementation Abstraction Functions Correctness Condition Day 15: February 13, 2006 Verification Processor Verification Self-Consistency 1 2 CALTECH CS137

334 views • 7 slides
Outline Motivation, Learning and Reasoning Formal Math, Theorem Proving, Machine Learning Demo

Outline Motivation, Learning and Reasoning Formal Math, Theorem Proving, Machine Learning Demo

L EARNING - ASSISTED T HEOREM P ROVING AND F ORMALIZATION Josef Urban Czech Technical University in Prague 1 / 47 Outline Motivation, Learning and Reasoning Formal Math, Theorem Proving, Machine Learning Demo High-level Reasoning Guidance:

849 views • 47 slides
s r rs t s

s r rs t s

s r rs t s s rs rts r s

972 views • 73 slides
So what are hammers (and counterexample generators) good for? Talk outline 1. Sledgehammer

So what are hammers (and counterexample generators) good for? Talk outline 1. Sledgehammer

Jasmin Christian Blanchette So what are hammers (and counterexample generators) good for? Talk outline 1. Sledgehammer 2. Nitpick 3. Nunchaku 4. Lean Forward 10 1. Sledgehammer 2. Automatic proof search 2. for Isabelle/HOL Joint work

570 views • 36 slides
s trt

s trt

s trt Ps s r rs t s rsrr r

1.52k views • 92 slides
Two Obstacles to Strong Computer Support for Math 1 Low reasoning power of automated reasoning

Two Obstacles to Strong Computer Support for Math 1 Low reasoning power of automated reasoning

P ROGRESS IN A UTOMATING F ORMALIZATION Josef Urban Ji r Vysko cil Czech Technical University in Prague AITP 2017, Obergurgl March 27, 2017 1 / 26 Two Obstacles to Strong Computer Support for Math 1 Low reasoning power of automated

452 views • 26 slides
ProgLog workshop: Formalization of Mathematics Anders M ortberg Mar 7, 2014 What is being

ProgLog workshop: Formalization of Mathematics Anders M ortberg Mar 7, 2014 What is being

ProgLog workshop: Formalization of Mathematics Anders M ortberg Mar 7, 2014 What is being done in the area? Mathematical components: Formalization of the four color theorem and Feit-Thompson theorem in Coq / SSReflect Flyspeck: Formal

830 views • 36 slides
VIPR: Verifying Integer Programming Results Ambros Gleixner, Zuse Institute Berlin 21st

VIPR: Verifying Integer Programming Results Ambros Gleixner, Zuse Institute Berlin 21st

joint work with Kevin Cheung and Daniel Steffy VIPR: Verifying Integer Programming Results Ambros Gleixner, Zuse Institute Berlin 21st Combinatorial Optimization Workshop Aussois January 9, 2017 1. Motivation and background van der

672 views • 42 slides
Interactive Theorem Proving in Industry John Harrison Intel Corporation 16 April 2012 1 Milner

Interactive Theorem Proving in Industry John Harrison Intel Corporation 16 April 2012 1 Milner

Interactive Theorem Proving in Industry John Harrison Intel Corporation 16 April 2012 1 Milner on automation and interaction I wrote an automatic theorem prover in Swansea for myself and became shattered with the difficulty of doing anything

1.16k views • 81 slides

More recommend