A calculus for costed computations

We develop a version of the pi-calculus, picost, where channels are interpreted as resources which have costs associated with them. Code runs under the financial responsibility of owners; they must pay to use resources, but may profit by providing them. We provide a proof methodology for processes described in picost based on bisimulations. The underlying behavioural theory is justified via a contextual characterisation. We also demonstrate its usefulness via examples.

💡 Research Summary

The paper introduces picost, a novel extension of the π‑calculus that treats communication channels as priced resources. In picost each channel carries two pieces of meta‑information: an owner (the entity financially responsible for the channel) and a cost (the amount that must be paid to use the channel). This design mirrors real‑world distributed systems where network bandwidth, storage, or API calls are billed per use.

Syntax and new primitives
The syntax retains the classic π‑calculus constructs (input, output, parallel composition, restriction) and adds two primitives:

• pay c v – the current process deducts amount v from its owner’s balance in order to use channel c.
• gain c v – the owner of channel c receives amount v as revenue when the channel is used.

Channel restriction (ν c) is also enriched: when a new channel is created the creator can assign an initial cost and designate an owner. Consequently a process can both provide a resource (earning money through gain) and consume a resource (spending money through pay).

Operational semantics
The semantics are given as a labelled transition system (LTS). Labels now contain both the communication action and the associated financial effect, e.g. c!v{+v} for sending a value on channel c while gaining v, or c?x{-v} for receiving while paying v. Transition rules enforce that a pay step is only possible if the owner’s balance is sufficient; after the step the balance is reduced accordingly. A gain step automatically increases the owner’s balance. This explicit bookkeeping makes the evolution of both process behaviour and financial state visible at each step.

Cost‑sensitive bisimulation
To reason about behavioural equivalence in the presence of money, the authors define cost‑sensitive bisimulation. A state is a pair (P, σ) where P is a process term and σ is a mapping from owners to their current balances. Two states are bisimilar if, whenever one can perform a labelled transition with a certain financial delta, the other can match it with a transition that carries the exact same label and delta, and the resulting balances remain related. This relation preserves the quantitative flow of money while retaining the qualitative aspects of ordinary bisimulation (e.g., matching input/output actions).

Contextual characterisation
A major theoretical contribution is the proof that cost‑sensitive bisimulation coincides with a contextual equivalence that allows financial contexts. A financial context may add arbitrary pay/gain operations around a process, modelling external billing policies, subsidies, or penalties. The authors show:

If two processes are cost‑sensitive bisimilar, then for any financial context they are observationally indistinguishable (same visible actions and same net cost). Conversely, if no financial context can distinguish them, they must be related by cost‑sensitive bisimulation.

Thus the bisimulation is not an ad‑hoc proof technique but a fully abstract behavioural theory for picost.

Proof methodology
The paper proposes a practical verification workflow:

1. Construct the LTS for each process, annotating every transition with its cost effect.
2. Build a cost‑tracking table that records owner balances after each transition.
3. Define a relation between the two state spaces and check the bisimulation conditions point‑wise.
4. Automate the above steps using a prototype model‑checker that explores the combined state‑cost space and reports mismatches.

This approach scales to moderately sized systems and makes the otherwise intricate bookkeeping manageable.

Illustrative examples
Two case studies demonstrate picost’s applicability:

• Cloud storage service: A storage provider offers a channel representing a block of disk space. Clients must pay per write operation; the provider gains the corresponding revenue. Using picost, the authors model a migration from provider A to provider B and prove, via cost‑sensitive bisimulation, that the migration preserves all client‑visible behaviours and that total revenue remains unchanged.

• Microservice contract: Two microservices exchange data through a pipeline where each stage incurs a processing fee. The pipeline is modelled as a series of channels, each with its own owner and cost. The authors verify that upgrading one service (changing its internal algorithm) does not break the contract: the upgraded system remains bisimilar to the original with respect to both functional actions and the net financial transfers.

These examples show that picost can capture both functional correctness and economic fairness, a combination rarely addressed in process calculi.

Conclusion and future work
Picost provides a rigorous foundation for reasoning about priced concurrent computation. By integrating financial accounting directly into the calculus, it enables formal verification of cost‑related properties such as budget compliance, profit preservation, and fair billing across component boundaries. The cost‑sensitive bisimulation, backed by a contextual equivalence theorem, offers a sound and complete proof technique.

Future directions suggested include: extending the model to support multiple currencies, dynamic price adjustments, and penalty mechanisms for contract violations; scaling the verification tools to handle large cloud‑scale deployments; and exploring connections with game‑theoretic models of resource competition. Overall, picost bridges the gap between process algebra and the economics of modern distributed systems, opening a new avenue for both theoretical research and practical system design.