什么是索引单子?

什么是 索引单子和这个单子的动机?

我读到说这有助于跟踪副作用。但是类型签名和文档没有任何线索。

什么样的例子可以帮助跟踪副作用(或任何其他有效的例子) ?

13672 次浏览

As a simple scenario, assume you have a state monad. The state type is a complex large one, yet all these states can be partitioned into two sets: red and blue states. Some operations in this monad make sense only if the current state is a blue state. Among these, some will keep the state blue (blueToBlue), while others will make the state red (blueToRed). In a regular monad, we could write

blueToRed  :: State S ()
blueToBlue :: State S ()


foo :: State S ()
foo = do blueToRed
blueToBlue

triggering a runtime error since the second action expects a blue state. We would like to prevent this statically. Indexed monad fulfills this goal:

data Red
data Blue


-- assume a new indexed State monad
blueToRed  :: State S Blue Red  ()
blueToBlue :: State S Blue Blue ()


foo :: State S ?? ?? ()
foo = blueToRed `ibind` \_ ->
blueToBlue          -- type error

A type error is triggered because the second index of blueToRed (Red) differs from the first index of blueToBlue (Blue).

As another example, with indexed monads you can allow a state monad to change the type for its state, e.g. you could have

data State old new a = State (old -> (new, a))

You could use the above to build a state which is a statically-typed heterogeneous stack. Operations would have type

push :: a -> State old (a,old) ()
pop  :: State (a,new) new a

As another example, suppose you want a restricted IO monad which does not allow file access. You could use e.g.

openFile :: IO any FilesAccessed ()
newIORef :: a -> IO any any (IORef a)
-- no operation of type :: IO any NoAccess _

In this way, an action having type IO ... NoAccess () is statically guaranteed to be file-access-free. Instead, an action of type IO ... FilesAccessed () can access files. Having an indexed monad would mean you don't have to build a separate type for the restricted IO, which would require to duplicate every non-file-related function in both IO types.

An indexed monad isn't a specific monad like, for example, the state monad but a sort of generalization of the monad concept with extra type parameters.

Whereas a "standard" monadic value has the type Monad m => m a a value in an indexed monad would be IndexedMonad m => m i j a where i and j are index types so that i is the type of the index at the beginning of the monadic computation and j at the end of the computation. In a way, you can think of i as a sort of input type and j as the output type.

Using State as an example, a stateful computation State s a maintains a state of type s throughout the computation and returns a result of type a. An indexed version, IndexedState i j a, is a stateful computation where the state can change to a different type during the computation. The initial state has the type i and state and the end of the computation has the type j.

Using an indexed monad over a normal monad is rarely necessary but it can be used in some cases to encode stricter static guarantees.

As ever, the terminology people use is not entirely consistent. There's a variety of inspired-by-monads-but-strictly-speaking-isn't-quite notions. The term "indexed monad" is one of a number (including "monadish" and "parameterised monad" (Atkey's name for them)) of terms used to characterize one such notion. (Another such notion, if you're interested, is Katsumata's "parametric effect monad", indexed by a monoid, where return is indexed neutrally and bind accumulates in its index.)

First of all, let's check kinds.

IxMonad (m :: state -> state -> * -> *)

That is, the type of a "computation" (or "action", if you prefer, but I'll stick with "computation"), looks like

m before after value

where before, after :: state and value :: *. The idea is to capture the means to interact safely with an external system that has some predictable notion of state. A computation's type tells you what the state must be before it runs, what the state will be after it runs and (like with regular monads over *) what type of values the computation produces.

The usual bits and pieces are *-wise like a monad and state-wise like playing dominoes.

ireturn  ::  a -> m i i a    -- returning a pure value preserves state
ibind    ::  m i j a ->      -- we can go from i to j and get an a, thence
(a -> m j k b)  -- we can go from j to k and get a b, therefore
-> m i k b      -- we can indeed go from i to k and get a b

The notion of "Kleisli arrow" (function which yields computation) thus generated is

a -> m i j b   -- values a in, b out; state transition i to j

and we get a composition

icomp :: IxMonad m => (b -> m j k c) -> (a -> m i j b) -> a -> m i k c
icomp f g = \ a -> ibind (g a) f

and, as ever, the laws exactly ensure that ireturn and icomp give us a category

      ireturn `icomp` g = g
f `icomp` ireturn = f
(f `icomp` g) `icomp` h = f `icomp` (g `icomp` h)

or, in comedy fake C/Java/whatever,

      g(); skip = g()
skip; f() = f()
{h(); g()}; f() = h(); {g(); f()}

Why bother? To model "rules" of interaction. For example, you can't eject a dvd if there isn't one in the drive, and you can't put a dvd into the drive if there's one already in it. So

data DVDDrive :: Bool -> Bool -> * -> * where  -- Bool is "drive full?"
DReturn :: a -> DVDDrive i i a
DInsert :: DVD ->                   -- you have a DVD
DVDDrive True k a ->     -- you know how to continue full
DVDDrive False k a       -- so you can insert from empty
DEject  :: (DVD ->                  -- once you receive a DVD
DVDDrive False k a) ->  -- you know how to continue empty
DVDDrive True k a        -- so you can eject when full


instance IxMonad DVDDrive where  -- put these methods where they need to go
ireturn = DReturn              -- so this goes somewhere else
ibind (DReturn a)     k  = k a
ibind (DInsert dvd j) k  = DInsert dvd (ibind j k)
ibind (DEject j)      k  = DEject j $ \ dvd -> ibind (j dvd) k

With this in place, we can define the "primitive" commands

dInsert :: DVD -> DVDDrive False True ()
dInsert dvd = DInsert dvd $ DReturn ()


dEject :: DVDrive True False DVD
dEject = DEject $ \ dvd -> DReturn dvd

from which others are assembled with ireturn and ibind. Now, I can write (borrowing do-notation)

discSwap :: DVD -> DVDDrive True True DVD
discSwap dvd = do dvd' <- dEject; dInsert dvd ; ireturn dvd'

but not the physically impossible

discSwap :: DVD -> DVDDrive True True DVD
discSwap dvd = do dInsert dvd; dEject      -- ouch!

Alternatively, one can define one's primitive commands directly

data DVDCommand :: Bool -> Bool -> * -> * where
InsertC  :: DVD -> DVDCommand False True ()
EjectC   :: DVDCommand True False DVD

and then instantiate the generic template

data CommandIxMonad :: (state -> state -> * -> *) ->
state -> state -> * -> * where
CReturn  :: a -> CommandIxMonad c i i a
(:?)     :: c i j a -> (a -> CommandIxMonad c j k b) ->
CommandIxMonad c i k b


instance IxMonad (CommandIxMonad c) where
ireturn = CReturn
ibind (CReturn a) k  = k a
ibind (c :? j)    k  = c :? \ a -> ibind (j a) k

In effect, we've said what the primitive Kleisli arrows are (what one "domino" is), then built a suitable notion of "computation sequence" over them.

Note that for every indexed monad m, the "no change diagonal" m i i is a monad, but in general, m i j is not. Moreover, values are not indexed but computations are indexed, so an indexed monad is not just the usual idea of monad instantiated for some other category.

Now, look again at the type of a Kleisli arrow

a -> m i j b

We know we must be in state i to start, and we predict that any continuation will start from state j. We know a lot about this system! This isn't a risky operation! When we put the dvd in the drive, it goes in! The dvd drive doesn't get any say in what the state is after each command.

But that's not true in general, when interacting with the world. Sometimes you might need to give away some control and let the world do what it likes. For example, if you are a server, you might offer your client a choice, and your session state will depend on what they choose. The server's "offer choice" operation does not determine the resulting state, but the server should be able to carry on anyway. It's not a "primitive command" in the above sense, so indexed monads are not such a good tool to model the unpredictable scenario.

What's a better tool?

type f :-> g = forall state. f state -> g state


class MonadIx (m :: (state -> *) -> (state -> *)) where
returnIx    :: x :-> m x
flipBindIx  :: (a :-> m b) -> (m a :-> m b)  -- tidier than bindIx

Scary biscuits? Not really, for two reasons. One, it looks rather more like what a monad is, because it is a monad, but over (state -> *) rather than *. Two, if you look at the type of a Kleisli arrow,

a :-> m b   =   forall state. a state -> m b state

you get the type of computations with a precondition a and postcondition b, just like in Good Old Hoare Logic. Assertions in program logics have taken under half a century to cross the Curry-Howard correspondence and become Haskell types. The type of returnIx says "you can achieve any postcondition which holds, just by doing nothing", which is the Hoare Logic rule for "skip". The corresponding composition is the Hoare Logic rule for ";".

Let's finish by looking at the type of bindIx, putting all the quantifiers in.

bindIx :: forall i. m a i -> (forall j. a j -> m b j) -> m b i

These foralls have opposite polarity. We choose initial state i, and a computation which can start at i, with postcondition a. The world chooses any intermediate state j it likes, but it must give us the evidence that postcondition b holds, and from any such state, we can carry on to make b hold. So, in sequence, we can achieve condition b from state i. By releasing our grip on the "after" states, we can model unpredictable computations.

Both IxMonad and MonadIx are useful. Both model validity of interactive computations with respect to changing state, predictable and unpredictable, respectively. Predictability is valuable when you can get it, but unpredictability is sometimes a fact of life. Hopefully, then, this answer gives some indication of what indexed monads are, predicting both when they start to be useful and when they stop.

It may be important to take a look how indexing is used in dependent types (eg in agda). This can explain how indexing helps in general, then translate this experience to monads.

Indexing permits to establish relationships between particular instances of types. Then you can reason about some values to establish whether that relationship holds.

For example (in agda) you can specify that some natural numbers are related with _<_, and the type tells which numbers they are. Then you can require that some function is given a witness that m < n, because only then the function works correctly - and without providing such witness the program will not compile.

As another example, given enough perseverance and compiler support for your chosen language, you could encode that the function assumes that a certain list is sorted.

Indexed monads permit to encode some of what dependent type systems do, to manage side effects more precisely.

There are at least three ways to define an indexed monad that I know.

I'll refer to these options as indexed monads à la X, where X ranges over the computer scientists Bob Atkey, Conor McBride and Dominic Orchard, as that is how I tend to think of them. Parts of these constructions have a much longer more illustrious history and nicer interpretations through category theory, but I first learned of them associated with these names, and I'm trying to keep this answer from getting too esoteric.

Atkey

Bob Atkey's style of indexed monad is to work with 2 extra parameters to deal with the index of the monad.

With that you get the definitions folks have tossed around in other answers:

class IMonad m where
ireturn  ::  a -> m i i a
ibind    ::  m i j a -> (a -> m j k b) -> m i k b

We can also define indexed comonads à la Atkey as well. I actually get a lot of mileage out of those in the lens codebase.

McBride

The next form of indexed monad is Conor McBride's definition from his paper "Kleisli Arrows of Outrageous Fortune". He instead uses a single parameter for the index. This makes the indexed monad definition have a rather clever shape.

If we define a natural transformation using parametricity as follows

type a ~> b = forall i. a i -> b i

then we can write down McBride's definition as

class IMonad m where
ireturn :: a ~> m a
ibind :: (a ~> m b) -> (m a ~> m b)

This feels quite different than Atkey's, but it feels more like a normal Monad, instead of building a monad on (m :: * -> *), we build it on (m :: (k -> *) -> (k -> *).

Interestingly you can actually recover Atkey's style of indexed monad from McBride's by using a clever data type, which McBride in his inimitable style chooses to say you should read as "at key".

data (:=) a i j where
V :: a -> (a := i) i

Now you can work out that

ireturn :: IMonad m => (a := j) ~> m (a := j)

which expands to

ireturn :: IMonad m => (a := j) i -> m (a := j) i

can only be invoked when j = i, and then a careful reading of ibind can get you back the same as Atkey's ibind. You need to pass around these (:=) data structures, but they recover the power of the Atkey presentation.

On the other hand, the Atkey presentation isn't strong enough to recover all uses of McBride's version. Power has been strictly gained.

Another nice thing is that McBride's indexed monad is clearly a monad, it is just a monad on a different functor category. It works over endofunctors on the category of functors from (k -> *) to (k -> *) rather than the category of functors from * to *.

A fun exercise is figuring out how to do the McBride to Atkey conversion for indexed comonads. I personally use a data type 'At' for the "at key" construction in McBride's paper. I actually walked up to Bob Atkey at ICFP 2013 and mentioned that I'd turned him inside out at made him into a "Coat". He seemed visibly disturbed. The line played out better in my head. =)

Orchard

Finally, a third far-less-commonly-referenced claimant to the name of "indexed monad" is due to Dominic Orchard, where he instead uses a type level monoid to smash together indices. Rather than go through the details of the construction, I'll simply link to this talk:

https://github.com/dorchard/effect-monad/blob/master/docs/ixmonad-fita14.pdf