Policies for Fair Exchanges of Resources

People increasingly use digital platforms to exchange resources in accordance with some policies stating what resources users offer and what they require in return. In this paper, we propose a formal model of these environments, focussing on how users’ policies are defined and enforced, so ensuring that malicious users cannot take advantage of honest ones. To that end, we introduce the declarative policy language MuAC and equip it with a formal semantics. To determine if a resource exchange is fair, i.e., if it respects the MuAC policies in force, we introduce the non-standard logic MuACL that combines non-linear, linear and contractual aspects, and prove it decidable. Notably, the operator for contractual implication of MuACL is not expressible in linear logic. We define a semantics preserving compilation of MuAC policies into MuACL, thus establishing that exchange fairness is reduced to finding a proof in MuACL. Finally, we show how this approach can be put to work on a blockchain to exchange non-fungible tokens.

💡 Research Summary

**
The paper addresses the problem of guaranteeing fairness in resource exchanges on digital platforms, where users specify what they are willing to give and what they expect in return. The authors introduce a formal model of such environments, a declarative policy language called MuAC, and a novel logic MuACL that can be used to verify whether a proposed exchange respects all users’ policies.

First, the authors define an “exchange environment” as a labeled transition system. Each state records the ownership of resources among users, and each transition represents a transfer of resources. The model deliberately abstracts away user registration, profile management, and negotiation mechanisms, focusing instead on the core notions of ownership, transfer, and fairness. Resources are treated as consumable: once transferred, they are no longer available to the original owner unless they are returned. The model also allows for circular agreements, where a chain of transfers loops back to the original participant.

To let users express their expectations, the paper proposes MuAC, a Datalog‑like declarative language. A MuAC rule has the form “I give X if I get Y”, possibly qualified with additional predicates (e.g., guild membership). Policies are written in isolation by each user, and the collection of all policies constitutes the global contract governing the platform. MuAC can express simple one‑to‑one swaps, multi‑party circular trades, and conditional promises that depend on other users’ actions.

The central technical contribution is MuACL, a logic that combines three aspects: (1) a non‑linear fragment that behaves like classical propositional logic, (2) a linear fragment that tracks consumable resources, and (3) a contractual implication operator (linear contractual implication) that captures conditional promises requiring circular reasoning. The contractual implication is not encodable in the standard computational fragment of linear logic, a fact proved in the paper (Theorem 5.14). MuACL formulas can therefore express statements such as “if I receive a sword, then I must give a shield, and this obligation may be satisfied by a chain of other obligations”.

A key result is that the satisfiability problem for MuACL is decidable (Theorem 5.6). The authors achieve this by restricting the syntax to a well‑behaved set of operators and by providing a decision procedure that reduces MuACL formulas to a finite search space. They also present a semantics‑preserving compilation from MuAC policies to MuACL formulas, proving that the translation is both sound (every compiled formula is a correct representation of the original policy) and complete (every valid MuACL proof corresponds to a policy satisfaction). Consequently, checking the fairness of an exchange reduces to finding a proof in MuACL.

The paper then demonstrates how this theoretical framework can be instantiated on a blockchain platform. Using non‑fungible tokens (NFTs) as the resource type, the authors implement a smart contract that stores users’ MuAC policies and the current ownership ledger. When a user proposes an exchange, the contract automatically compiles the relevant policies into MuACL, invokes the decision procedure, and, if a proof is found, executes the transfer atomically. If no proof exists, the transaction is rejected, preventing unfair trades, double‑spending, or policy violations. To keep on‑chain costs low, an off‑chain client performs the heavy logical reasoning and submits only the proof (or its hash) to the contract.

Through several illustrative scenarios—direct swaps, “pay‑for‑you” arrangements, circular trades involving three participants, and cases of double‑spending—the paper shows how MuAC and MuACL correctly accept fair exchanges and reject unfair ones. The authors also discuss how the trusted third party (the smart contract) enforces policies during execution, thereby addressing the second major fairness issue identified in the introduction.

In summary, the contributions are: (1) a minimalist formal model of exchange platforms; (2) the MuAC policy language, the first access‑control language capable of expressing promises over consumable resources; (3) the MuACL logic, the first decidable system that unifies linear, non‑linear, and contractual reasoning, together with proofs of decidability and non‑encodability in standard linear logic; (4) a concrete blockchain implementation that demonstrates practical enforcement of fair exchanges of NFTs. The work bridges formal methods, logic, and decentralized system design, offering a solid foundation for building trustworthy resource‑exchange marketplaces.