A First Step to the Categorical Logic of Quantum Programs

The long-term goal of our research is to develop a powerful quantum logic which is useful in the formal verification of quantum programs and protocols. In this paper we introduce the basic idea of our categorical logic of quantum programs (CLQP): It combines the logic of quantum programming (LQP) and categorical quantum mechanics (CQM) such that the advantages of both LQP and CQM are preserved while their disadvantages are overcome. We present the syntax, semantics and proof system of CLQP. As a proof-of-concept, we apply CLQP to verify the correctness of Deutsch’s algorithm and the concealing property of quantum bit commitment.


Introduction
Quantum programs and quantum protocols are two pillars of quantum computing. The exponential speedup provided by Shor's factoring algorithm and the quadratic speedup provided by Grover's search algorithm over their classical counterparts has brought quantum computing into the limelight. The unconditional security offered by quantum protocols such as quantum key distribution has grabbed strong interests from both the academic and the industrial community. Designing quantum programs and protocols is an error-prone task due to the counter-intuitive nature of quantum systems. Therefore, verification techniques for quantum programs and quantum protocols will be indispensable in the coming era of quantum computation. For example, a number of quantum process calculi [1][2][3][4] have been proposed for the formal verification of quantum protocols. Some quantum logics have been developed to verify both quantum programs and quantum protocols.
Quantum logic began with Birkhoff and von Neumann [5]. Traditional quantum logic [5][6][7][8][9][10] focuses on the order-theoretic structure of testable properties in the quantum world and is based on the lattice of closed subspaces of a (usually infinite dimensional) Hilbert space. The success of quantum computation and quantum information has inspired new quantum logics [11,12] which are based on finite dimensional Hilbert spaces, such as qubits. Brunet and Jorrand [13] proposed to extend the Birkhoff-von Neumann quantum logic to reasoning about quantum programs. Chadha et al. [14] presented a first attempt to develop a Hoare-like logic for quantum programs. Some useful proof rules for reasoning about quantum programs were introduced by Fenget et al. [15]. A full-fledged Hoare-like logic for both partial and total correctness of quantum programs was established in Ying [16].
The logic for quantum programs (LQP) [17][18][19][20][21] is an extension of traditional quantum logic and quantum Hoare logic. It has been used to verify quantum search algorithms [20], quantum leader election [20], quantum key distribution [21] and quantum voting [22]. The expressive power of LQP is largely determined by the constant symbols it incorporates. There is no systematic study of constant symbols in the literature of LQP. In Baltag and Smets [18], the authors chose the following unitary operators as constant symbols: X, Z, H and CNOT. In Rad et al. [22], Bell states are used as constant symbols. Those operators are not universal. Therefore, there are still many quantum states and operators that cannot be expressed in LQP. Another limitation of the presentation of constant symbols in LQP is the missing satisfying axiomatization. Different axioms for different constant symbols are introduced, depending on which programs/protocols are to be verified. These two limitations make LQP not a convenient tool in the formal verification of quantum programs and protocols: To verify a quantum program or protocol in LQP, we have to first find an appropriate set of constant symbols to express the program/protocol, then we still need to introduce a set of axioms for these constant symbols such that some desired properties of the targeting program/protocol can be proved axiomatically. This procedure usually consumes a lot of time and intelligence. We believe that LQP cannot be successful in formal verification if these two limitations are not overcome.
In this paper, we will overcome these limitations by extending LQP to the categorical logic of quantum programs (CLQP). CLQP is a combination of LQP and categorical quantum mechanics (CQM) [23][24][25][26]. The main feature of the construction of CLQP is the representation of constant symbols of LQP by morphisms in the ZX-calculus, a graphical calculus of CQM. Inherited from the universality of the ZX-calculus [24], CLQP has stronger expressive power than LQP. CLQP also inherits the graphical axiomatization of the ZX-calculus such that many properties of a quantum program and protocols can be proved concisely and graphically, when the program/protocol is specified in CLQP. On the other hand, CLQP preserves the various logical operations (for example, boolean connectives, programs constructors, epistemic modality and probabilistic modality) of LQP. These operations allow us to express various properties that are not expressible in CQM. In a nutshell, CLQP keeps the advantages of both LQP and CQM, while overcoming their limitations. These features make CLQP a powerful tool for the formal specification and verification of quantum programs and protocols.
The structure of this paper is as follows. In Section 2 we will introduce the syntax, semantics and axiomatization of CLQP. Then in Section 3 we apply CLQP to the verification of quantum programs and protocols. We conclude this paper with future work in Section 4.

Syntax
For each natural number n ≥ 1, we build the n-qubit categorical logic of quantum programs CLQP n . To build the language of CLQP n , we are given the following: A finite set of natural numbers N = {1, . . . , n}, a countable set of propositional variables P, a countable set of operational variables O, constants symbols of propositions and unitary operations built from the ZX-calculus.

Constants from Categorical Quantum Mechanics
Categorical quantum mechanics is the study of quantum computation and quantum foundations using category theory. The ZX-calculus, a graphical language of quantum computation developed in the framework of CQM, is introduced by Coecke and Duncan [24,27]. It is founded on a dagger symmetric monoidal category ( †-SMC) C. (A concise introduction to †-SMC is provided in the Appendix A.) The objects of C are natural numbers: 0, 1, 2, · · · ; the tensor of objects is just the addition of numbers: m ⊗ n = m + n. 0 is the unit object of C. In the matrix interpretation of the ZX-calculus, an object n is interpreted as the 2 n dimensional Hilbert space C 2 n . An identity morphism of C is interpreted as the identity map on the corresponding Hilbert space. A swap morphism σ m,n is interpreted as the map SWAP m,n to which we have SWAP m,n (|a |b ) = |b |a for all |a ∈ C 2 m and |b ∈ C 2 n . Apart from the identity morphisms and swap morphisms, the following are also the basic morphisms of C: 1. Z-spiders Z n m (α) : m → n, for every real number α ∈ R, of which the matrix interpretation and graphical representation are respectively |0 ⊗n 0| ⊗m + e iα |1 ⊗n 1| ⊗m and m n ...
We call α the phase of Z n m (α). The graph is read from bottom to top. We consider the wires at the bottom as input and those on the top as output. We usually omit the phase in the graphical representation when it is 0. 2. X-spiders X n m (α) : m → n, for every real number α ∈ R, of which the matrix interpretation and graphical representation are respectively 5. e : 0 → 0 is interpreted as the number 1. The graphical representation of e is the empty graph · · · · · · · · · · · · · · · · .
6. SWAP morphism σ : 2 → 2, of which the matrix interpretation and graphical representation are respectively 7. Bell state β : 0 → 2, of which the matrix interpretation and graphical representation are respectively and .
The morphisms of C are generated by applying sequential and parallel composition of the basic morphisms, or by applying the dagger operation † to a morphism. The matrix interpretation of sequential and parallel composition of morphisms is the matrix production and tensor product, respectively. The graphical representation of sequential composition of morphisms is to put one graph on top of another, while the parallel composition of morphisms is represented by putting graphs side-by-side. The matrix interpretation of † is the adjoint operation. The graphical representation of † is to turn the graph upside-down, meanwhile changing the sign of phases that appear in the graph.
The ZX-calculus is a universal language for quantum computing in the sense that it can represent all linear maps between qubit systems. Another impressive feature of the ZX-calculus is that it admits a sound and complete axiomatization [28][29][30] to derive equations between morphisms. The axiomatization of the ZX-calculus will play an important role in the axiomatization of CLQP. There are two kinds of axioms to determine whether two morphisms of C are equivalent: The structure axioms for C as a †-SMC, as well as the rewriting axioms listed in Figure 1. Note that we identify the basic morphism Id with the identity morphism 1 1 ∈ C(1, 1) and the basic morphism SWAP as the swap morphism σ 1,1 ∈ C(2, 2). Also note that those axioms listed in Figure 1 are only a fragment of all axioms of the ZX-calculus. We omit other axioms for the sake of simplicity. The interested readers can found all axioms of the ZX-calculus in [29,30].

Syntax of Clqp
We use L n to denote the language of CLQP n . L n is defined by the following BNF: Definition 1 (Language of CLQP n ). For p ∈ P and U ∈ O, Here c o and c p are respectively an operational constant and a propositional constant expressed by the ZX-calculus. More precisely, c o is a morphism from n to n, while c p is a morphism from 0 to n. For example, Z 2 2 (π) is an operational constant of L 2 and X 3 0 (π) is a propositional constant of L 3 . For all I ⊆ N and I = ∅, K I is an epistemic modality. For all r ∈ [0, 1], P ≥r is a probabilistic modality.
The intended meaning of those formulas is the following: • a is a program.
• U is an operational variable that refers to a unitary operation on C 2 n .
• U † is the adjoint of U.
• c o is an operational constant that refers to a specific operation on C 2 n .
• φ? is the program that refers to the test of proposition φ.
• a 1 ; a 2 is the sequential composition of a 1 and a 2 (applying first a 1 and then a 2 ).
• a 1 ∪ a 2 is the non-deterministic choice between of a 1 and a 2 (applying either a 1 or a 2 ).
• a * is the iteration of a, meaning that to repeat a a finite, but non-deterministically determined, number of times. • φ is a formula.
• is a propositional constant representing logical truth. • p is a propositional variable.
• c p is a propositional constant that refers to a specific state on C 2 n . • ¬ is the classical negation. • ∧ is the classical conjunction.
• [a]φ means that "φ will be the case after every execution of a".
• K I φ means that "subsystem I carries the information that φ is the case".
• P ≥r φ means that "testing property φ (on the current state) will succeed with probability ≥ r".
Comparing to LQP, the syntax of CLQP is an extension of LQP with the following additional components: operational constants, propositional constants and the iteration * . The iteration * is not included in LQP. We put it back into our logic such that it can be used to verify quantum programs with the while-loop, for example the quantum walk algorithm [31] and the famous HHL (Harrow-Hassidim-Lloyd) quantum algorithms for solving systems of linear equations, which is a cornerstone of quantum machine learning.

Semantics
The semantics of CLQP n is based on the following structure. [18]). Let H = C 2 n be the 2 n dimensional Hilbert space. The n-qubit quantum dynamic frame build on H is the following structure:

Definition 2 (Quantum Dynamic Frame
1. Σ is the set of all one-dimensional subspace of H, called the set of states. We denote a state s = x of H using any of the non-zero vector x ∈ H that generates it. 2. Call two states s and t orthogonal and write s⊥t if and only if ∀x ∈ s and ∀y ∈ t, x|y = 0. For a set of states S ⊆ Σ, we put S ⊥ := {t ∈ Σ : t⊥s, ∀s ∈ S} and we denote S = (S ⊥ ) ⊥ the biorthogonal closure of S. 3. A set of states S ⊆ Σ is called a testable property iff it is biorthogonally closed, i.e., S = S. We denote T ⊆ P (Σ) the set of all testable properties. 4. Every testable property S uniquely corresponds to a subspaces W S of H by taking W S := S. 5. For every testable property S, there is a partial map S? on Σ, called a quantum test, induced by P W S the projector onto the subspace W S : We denote by S? →⊆ Σ × Σ the binary relation corresponding to the partial map S?, i.e., given by s S? → t iff S?(s) = t. 6. U is the set of all unitary maps on H. For every unitary map U on H, the corresponding binary relation U →⊆ Σ × Σ is given by s U → t iff U(x) = y for some vector x ∈ s, y ∈ t. . The adjoint of a program U † is interpreted by the relation The relational interpretation is extend to arbitrary quantum programs as follows: • R(a * ) = (R(a)) * , i.e., the reflexive transitive closure of R(a). • M, s n K I φ iff for all t, if s ∼ I t then M, t n φ. Here the relation ∼ I is defined as follows. For all unit vector x ∈ s and y ∈ t, let ρ x = |x x| and ρ y = |y y| be the density operator of x and y respectively. Let tr N\I be the partial trace over the environment N \ I. Then s ∼ I t holds iff tr N\I (ρ x ) = tr N\I (ρ y ). • M, s n P ≥r φ iff for all unit vector x ∈ s, x|P W V(φ) |x ≥ r.
The semantics of CLQP n largely coincides with the semantics of LQP: For all formulas that appear in both LQP and CLQP n , their semantics in CLQP are the same as their semantics in LQP. As usual, by Φ n φ we mean for all n-qubit quantum dynamic model M and all state s in M, if M, s n ψ for all ψ ∈ Φ, then M, s n φ. We say that φ is valid in CLQP n if ∅ n φ.

Axiomatization
Now we introduce a sound proof system for CLQP. This proof system is an extension of the proof system of LQP with axioms of the ZX-calculus. It consists of the following axioms and rules: • Axioms of dynamic logic: -All propositional tautologies.
-S5: ¬K I p → K I ¬K I p.
• Axioms of probability: Proof. (sketch) Axioms of dynamic logic are valid because they are valid in every dynamic logic and CLQP is a special dynamic logic. The validity of axioms of quantum systems is shown in [17,18]. Axioms of epistemic logic are valid because ∼ I is an equivalence relation. The validity of axioms of probability can be found in [21]. The rules MP and US are valid in all logical systems. The rule Nec is valid because [a] is a necessity modality. The rule ZX equivalence is valid because if a 1 = a 2 in the ZX-calculus, then by the soundness of the ZX calculus we know they represent the same linear map.

Remark 1.
In CLQP 1 , axioms of the ZX-calculus are simplified. Those axioms of single-qubit ZX-calculus can be found in Backens [32].

CLQP for Verification
In this section we are going to demonstrate the usage of CLQP by applying it to the formal verification of quantum programs and protocols. For the sake of simplicity, we choose to verify the correctness of Deutsch's algorithm and the concealing property of quantum bit commitment protocols.

Deutsch'S Algorithm
Deutsch's algorithm is a simple algorithm that solves a slightly contrived problem [33]. It determines whether a function f from {0, 1} to {0, 1} is constant or balanced, where f being constant means that f (0) = f (1) and balanced otherwise. We can formalize Deutsch's algorithm in CLQP 2 . First, as it is shown in Chapter 12 of [26], we build an oracle U f as the following: Note that up to a non-zero scalar, we have The correctness of Deutsch's Algorithm can be expressed by the following deduction: Equivalently, it can be characterized by the validity of the following formula of CLQP 2 : Bearing this common knowledge in mind, a rigorous and simple formalization of quantum bit commitment is given as follows.

Definition 4.
A quantum bit commitment protocol consists of the following: This formalization provides a high level description of quantum bit commitment. Initially, Alice (possibly with the help of Bob) prepares a state |L or |R of quantum system A ⊗ B depending on the value of Alice's bit. (Note that |L and |R are not the initial state of the QBC protocol, but the final state of the commit phase. Starting from a pure state, a commit phase may involve many rounds of actions and communications). Alice sends Tr A (|L L|) or Tr A (|R R|) to Bob to perform the commitment. At the opening stage, Alice sends the rest sub-state of |L or |R to Bob to allow him to verify her commitment. Bob applies the completely positive map Open to determine Alice's commitment. The QBC protocol is concealing if Tr A (|L L|) = Tr A (|R R|). It is binding if there is no unitary map U on A such that (U ⊗ I)|L = |R .
In CLQP, the concealing property of the QBC protocol can be characterized by the validity of the following formula: Here c L and c R are respectively the propositional constant that characterized the state |L and |R . The universality of the ZX calculus ensures that c L and c R can be characterized in CLQP. The validity of this formula implies that {|L } ∼ B {|R }, which further entails that Tr A (|L L|) = Tr A (|R R|). It seems the binding property cannot be characterized by formulas of CLQP. However, we can still use the ZX-calculus to prove non-binding since the ZX-calculus is universal and sound.

Conclusions and Future Work
In this paper we introduce the basic ideas of the categorical logic of quantum programs. We present the syntax, semantics and proof system of this logic and demonstrate its usage in the formal verification of quantum programs and protocols. In a nutshell, CLQP is an extension of LQP with a universal set of constant symbols and iteration * .
Our long-term goal is to develop CLQP as a powerful tool for the verification of quantum programs and protocols. In the recent future, we will study the decidability and complexity of CLQP. We will also apply CLQP to the formal verification of more complicated quantum programs and protocols, for example the HHL algorithm in quantum machine learning. The semantics of CLQP presented in this paper is based on pure quantum states. The development of mixed-state semantics is in our agenda.