type ref t = id:N{witnessed (has_a_t id t)} let has (id:N) (H h _) = match h id with Used _ _ (Untyped _)→⊤ | _→⊥ abstract type uref = id:N{witnessed (has id)}type uref = id:N{witnessed (has id)} To enforce these invariants on state-manipulating operations, we define a preorder rel on heap, that constrains the heap evolution. It states that every Used identifier remains Used; every Typed refere...
