The objective of this thread is to answer the following question:
Do some applications (resource logics) have a reason to require that an action be (independently) balanced?
At the moment, actions are required to be independently valid but not independently balanced. This post was motivated by a discussion earlier this week of the counter example, where the counter resource logic must check that the kind of the created and consumed counter resources is the same in order to ensure that counters weren’t swapped and consumed/created in different actions (which would be independently valid and not balanced, while the transaction as a whole would be balanced). While the kind equality check implements the correct behavior, the discussion made clear that intuitions are not clear here - it would be easy for a developer to write a counter resource logic without realizing that they have to perform this check - and it prompted the idea that some applications might want to enforce that balance is checked for actions, not just transactions.
However, after thinking about it, I do not think adding a way for resource logics to enforce that an action is independently balanced is the right way to improve the developer ergonomics here, for two reasons:
- The balance check is typically a stricter check than what is actually desired. For example, with a counter, the logic which must be enforced really just is that the consumed and created resources differ only by their value (which gets incremented by 1). A counter which counts something (some change to other resources) might well need to be included in the same action, and that counter shouldn’t check that the whole action is balanced, because this might prevent other desired logic (such as intent matching with other actions) from working as usual in the RM.
- Adding a flag for a resource logic to instruct the compliance logic to check that an action is independently balanced is not an increase in expressive power, as the balance condition (or whatever subset of the balance condition the resource logic wanted to ensure was checked) could simply be directly checked by the resource logic itself, which has access to all the relevant data.
Rather than going in this direction, I propose instead that we create some abstractions / standard library functions around the common case of “a resource must be created which is exactly the same as a resource consumed except for difference X”, where in this case X is that the counter value is incremented by one. If such options are obvious and recommended to developers, it is much more difficult to screw up by mistake (since what the developer specifies is what is allowed to change, not what is not allowed to change - if they forget something, the system is still safe if perhaps no longer live). In general, in our standard library and developer interface design, we should err on the side of safety in this way.
Paging @vveiln @Michael @paulcadman for input here.