2025-11-15T14:52:11.063010

Flavors of Quantifiers in Hyperlogics

Chalupa, Henzinger, da Costa

Hypertrace logic is a sorted first-order logic with separate sorts for time and execution traces. Its formulas specify hyperproperties, which are properties relating multiple traces. In this work, we extend hypertrace logic by introducing trace quantifiers that range over the set of all possible traces. In this extended logic, formulas can quantify over two kinds of trace variables: constrained trace variables, which range over a fixed set of traces defined by the model, and unconstrained trace variables, which can be assigned to any trace. In comparison, hyperlogics such as HyperLTL have only constrained trace quantifiers. We use hypertrace logic to study how different quantifier patterns affect the decidability of the satisfiability problem. We prove that hypertrace logic without constrained trace quantifiers is equivalent to monadic second-order logic of one successor (S1S), and therefore satisfiable, and that the trace-prefixed fragment (all trace quantifiers precede all time quantifiers) is equivalent to HyperQPTL. Moreover, we show that all hypertrace formulas where the only alternation between constrained trace quantifiers is from an existential to a universal quantifier are equisatisfiable to formulas without constraints on their trace variables and, therefore, decidable as well. Our framework allows us to study also time-prefixed hyperlogics, for which we provide new decidability and undecidability results

academic

Flavors of Quantifiers in Hyperlogics

Basic Information

Paper ID: 2510.12298
Title: Flavors of Quantifiers in Hyperlogics
Authors: Marek Chalupa, Thomas A. Henzinger, Ana Oliveira da Costa (IST Austria)
Classification: cs.LO (Logic in Computer Science), cs.FL (Formal Languages)
Conference: FSTTCS 2025 (45th IARCS Annual Conference on Foundations of Software Technology and Theoretical Computer Science)
Paper Link: https://arxiv.org/abs/2510.12298

Abstract

This paper extends hypertrace logic by introducing trace quantifiers that can quantify over all possible sets of traces. In this extended logic, formulas can quantify over two types of trace variables: constrained trace variables (quantifying over a fixed set of traces defined by a model) and unconstrained trace variables (assignable to any trace). The authors prove that unconstrained hypertrace logic is equivalent to monadic second-order logic of one successor (S1S) and thus satisfiable; the trace prefix fragment is equivalent to HyperQPTL; and for constrained trace quantifier alternations restricted to formulas with existential quantifiers preceding universal quantifiers, the satisfiability is decidable, equivalent to unconstrained formulas.

Research Background and Motivation

Problem Background

Expressiveness Requirements for Hyperproperties: Traditional temporal logics (such as LTL) can only reason about single execution traces and cannot express hyperproperties involving comparisons across multiple executions, such as information flow security and consistency.
Limitations of Existing Hyperlogics: Existing hyperlogics (such as HyperLTL) only have constrained trace quantifiers, meaning they can only quantify over the trace set of a given system, which limits their expressive power.
Decidability Issues: The satisfiability problem for hyperlogics is typically undecidable, necessitating the identification of fragments with decidable satisfiability.

Research Motivation

The core motivation of this paper is to enhance the expressive power of hypertrace logic by introducing unconstrained trace quantifiers while systematically studying the impact of different quantifier patterns on decidability. This extension allows quantification over the universe of all possible traces, rather than merely the trace set of a system.

Core Contributions

Extension of Hypertrace Logic: Introduces unconstrained trace quantifiers, enabling formulas to quantify over all possible traces, significantly enhancing expressive power.
Establishment of Equivalence Relations:
- Proves that unconstrained hypertrace logic is equivalent to S1S
- Proves that the trace prefix hypertrace logic is equivalent to HyperQPTL
Decidability Results: Identifies new fragments with decidable satisfiability problems, particularly the fragment with constrained quantifier alternation pattern ∃∀.
Analysis of Temporal Prefix Fragments: Provides the first systematic study of temporal quantifier-prioritized hyperlogic fragments, yielding new decidability and undecidability results.

Methodology Details

Task Definition

Study the satisfiability problem for hypertrace logic formulas: given a hypertrace logic formula φ, does there exist a trace set T such that T ⊨ φ?

Logical Framework Design

Syntax Definition

The syntax of hypertrace logic formula φ:

φ ::= ∃π φ | ∃π::T φ | ∃i φ | ¬φ | φ ∨ φ | i < i | i = i | X(π,i)

Where:

∃π φ: unconstrained trace quantifier
∃π::T φ: constrained trace quantifier
∃i φ: temporal quantifier
X(π,i): binary predicate representing the property of trace π at time i

Semantic Definition

The satisfaction relation of formulas over trace sets is defined through standard first-order logic semantics:

Unconstrained quantifier: (T,(ΠT,ΠN)) ⊨ ∃π φ if and only if there exists τ ∈ (2^X)^ω such that (T,(ΠT[π↦τ],ΠN)) ⊨ φ
Constrained quantifier: (T,(ΠT,ΠN)) ⊨ ∃π::T φ if and only if there exists τ ∈ T such that (T,(ΠT[π↦τ],ΠN)) ⊨ φ

Technical Innovations

1. Flatten Function

Introduces a flatten function to rewrite hypertrace formulas, leveraging the independence of variable assignments in unconstrained trace variables:

flatten(∃π φ, {x₀,...,xₙ}, Vc) = ∃πx₀...∃πxₙ flatten(φ, {x₀,...,xₙ}, Vc∪{π})

Key Insight: Different propositional variables of unconstrained trace variables can be quantified independently, establishing the foundation for equivalence with S1S.

2. Equivalence Proof with S1S

Establishes bidirectional equivalence between unconstrained hypertrace logic and S1S through the following translation:

From Hypertrace to S1S:

Rewrite formulas using flatten
Reinterpret each πx as a second-order variable
Apply substitution σ = {x(πx,i) ↦ πx(i)}

From S1S to Hypertrace:

Each second-order variable X becomes a trace variable τX
Use standard translation from Succ to ≤

3. Constrained Quantifier Elimination Technique

For formulas with quantifier pattern ∃::T ∀::T, provides a method for eliminating universal constrained quantifiers:

By expanding universal quantifiers into combinations of all existing existential trace variables:

∀π₁::T...∀πₘ::T φ ≡ ⋀ⱼ₁₌₁ⁿ...⋀ⱼₘ₌₁ⁿ φ[π₁↦πⱼ₁,...,πₘ↦πⱼₘ]

Experimental Setup

Theoretical Verification Methods

This work is primarily theoretical, with results verified through rigorous mathematical proofs:

Constructive Proofs: Prove equivalence through explicit construction of translation functions
Inductive Proofs: Use structural induction to prove correctness of translations
Reduction Proofs: Prove undecidability through reduction from known undecidable problems

Decidability Analysis Framework

Establishes a systematic analysis framework:

Trace Prefix Fragment: All trace quantifiers precede temporal quantifiers
Temporal Prefix Fragment: All temporal quantifiers precede trace quantifiers
Quantifier Alternation Patterns: Analyze different ∃ and ∀ alternation patterns

Experimental Results

Main Theoretical Results

1. Equivalence Theorems

Theorem 7: Unconstrained hypertrace logic is expressively equivalent to S1S
Theorem 20: Trace prefix hypertrace logic is equivalent to HyperQPTL

2. Decidability Results Summary

Fragment	Quantifier Pattern	Decidability	Reference
Trace Prefix	∃T(∃T::T)(∀T::T)QTQ*N<	Decidable	Corollary 16
Trace Prefix	(∀T::T)²∃T::TQ+N<	Undecidable	Proposition 15
Temporal Prefix	∃N<∃T(∃T::T)*(∀T::T)QT	Decidable	Corollary 21
Temporal Prefix	∃N<∀N<∃²N<∀N<∀T::T(∃T::T)²∃T	Undecidable	Theorem 22

3. Key Technical Results

Lemma 5: The flatten function preserves equisatisfiability of formulas
Theorem 12: Formulas with ∃::T ∀::T pattern can be transformed to unconstrained formulas
Proposition 17: Removing constraints on existential constrained quantifiers preserves models

Undecidability Proofs

Theorem 22 proves undecidability of specific temporal prefix fragments through reduction from the non-halting problem of 2-counter Minsky machines. The core idea of the reduction:

Each trace encodes a configuration and transition relation
Uses unconstrained trace quantifiers to guess the time points where operations occur
Employs complex constraints to ensure correct encoding

Development of Hyperlogics

HyperLTL: The earliest hypertemporal logic, supporting only constrained trace quantifiers
HyperQPTL: Extends HyperLTL with propositional quantification
Hypertrace Logic: Two-sorted first-order logic approach proposed by Bartocci et al.
FO<,E: Ranked predicate approach by Finkbeiner and Zimmermann

Positioning of This Work

Building upon existing hypertrace logic, this paper:

Introduces unconstrained quantifiers to enhance expressive power
Systematically analyzes the impact of quantifier patterns on decidability
Provides the first study of temporal prefix fragments

Conclusions and Discussion

Main Conclusions

Enhanced Expressive Power: Unconstrained trace quantifiers significantly enhance the expressive power of hypertrace logic
Decidability Boundaries: Identifies new decidable fragments, particularly those with ∃∀ pattern
Theoretical Unification: Establishes connections between hypertrace logic and classical logic (S1S) and hypertemporal logic (HyperQPTL)

Limitations

Practical Considerations: The practical applicability of theoretical results requires further verification
Complexity Analysis: Lacks complexity analysis for decidable fragments
Tool Support: Requires development of corresponding automated verification tools

Future Directions

Comparative Expressiveness: Relative expressive power of trace prefix versus temporal prefix fragments
Complexity Theory: Precise complexity analysis of decidable fragments
Practical Implementation: Development of efficient solving algorithms and tools

In-Depth Evaluation

Strengths

Theoretical Depth: Provides in-depth theoretical analysis with several important equivalence results
Systematicity: Comprehensively analyzes the impact of different quantifier patterns on decidability
Novelty: The idea of introducing unconstrained quantifiers is novel and significantly extends expressive power
Rigor: All results are supported by complete mathematical proofs

Weaknesses

Absence of Experimental Validation: As purely theoretical work, lacks verification through practical application cases
Complexity Analysis Gap: Insufficient analysis of computational complexity for decidable fragments
Low Level of Tool Implementation: Theoretical results have not yet been implemented as tools

Impact

Theoretical Contribution: Provides important theoretical foundations for hyperlogic theory
Methodological Value: The flatten technique and quantifier elimination methods have general applicability
Foundation for Future Work: Establishes basis for subsequent complexity analysis and tool development

Applicable Scenarios

Formal Verification: Formal specification and verification of system security properties
Concurrent Systems: Consistency analysis of multithreaded programs
Information Flow Control: Verification of information flow properties in secure systems

References

The paper cites important works in the field, including:

Kamp (1968): Equivalence between temporal logic and first-order logic
Finkbeiner & Hahn (2016): HyperLTL decidability
Bartocci et al. (2022): Foundational theory of hypertrace logic
Büchi (1960): Decidability theory of S1S

This paper makes important theoretical contributions to hyperlogic theory, particularly in quantifier expressiveness and decidability analysis. While lacking practical application validation, its theoretical depth and systematic analysis provide a solid foundation for subsequent research in this field.