diff --git a/docs/spec/tendermint-fork-cases/001indinv-apalache.csv b/docs/spec/tendermint-fork-cases/001indinv-apalache.csv
new file mode 100644
index 000000000..39c3d1865
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/001indinv-apalache.csv
@@ -0,0 +1,31 @@
+no,filename,tool,timeout,init,inv,next,args
+1,MC_n4_f1.tla,apalache,10h,TypedInv,TypedInv,,--length=1 --cinit=ConstInit
+2,MC_n4_f2.tla,apalache,10h,TypedInv,TypedInv,,--length=1 --cinit=ConstInit
+3,MC_n4_f3.tla,apalache,10h,TypedInv,TypedInv,,--length=1 --cinit=ConstInit
+4,MC_n5_f1.tla,apalache,10h,TypedInv,TypedInv,,--length=1 --cinit=ConstInit
+5,MC_n5_f2.tla,apalache,10h,TypedInv,TypedInv,,--length=1 --cinit=ConstInit
+6,MC_n7_f2.tla,apalache,10h,TypedInv,TypedInv,,--length=1 --cinit=ConstInit
+7,MC_n7_f3.tla,apalache,10h,TypedInv,TypedInv,,--length=1 --cinit=ConstInit
+8,MC_n7_f4.tla,apalache,10h,TypedInv,TypedInv,,--length=1 --cinit=ConstInit
+9,MC_n10_f3.tla,apalache,24h,TypedInv,TypedInv,,--length=1 --cinit=ConstInit
+10,MC_n10_f4.tla,apalache,24h,TypedInv,TypedInv,,--length=1 --cinit=ConstInit
+11,MC_n4_f1.tla,apalache,10h,TypedInv,Agreement,,--length=0 --cinit=ConstInit
+12,MC_n4_f2.tla,apalache,10h,TypedInv,AgreementOrEquivocationOrAmnesia,,--length=0 --cinit=ConstInit
+13,MC_n4_f3.tla,apalache,10h,TypedInv,AgreementOrEquivocationOrAmnesia,,--length=0 --cinit=ConstInit
+14,MC_n5_f1.tla,apalache,10h,TypedInv,Agreement,,--length=0 --cinit=ConstInit
+15,MC_n5_f2.tla,apalache,10h,TypedInv,AgreementOrEquivocationOrAmnesia,,--length=0 --cinit=ConstInit
+16,MC_n7_f2.tla,apalache,10h,TypedInv,Agreement,,--length=0 --cinit=ConstInit
+17,MC_n7_f3.tla,apalache,10h,TypedInv,AgreementOrEquivocationOrAmnesia,,--length=0 --cinit=ConstInit
+18,MC_n7_f4.tla,apalache,10h,TypedInv,AgreementOrEquivocationOrAmnesia,,--length=0 --cinit=ConstInit
+19,MC_n10_f3.tla,apalache,24h,TypedInv,Agreement,,--length=0 --cinit=ConstInit
+20,MC_n10_f4.tla,apalache,24h,TypedInv,AgreementOrEquivocationOrAmnesia,,--length=0 --cinit=ConstInit
+21,MC_n4_f1.tla,apalache,10h,Init,TypedInv,,--length=0 --cinit=ConstInit
+22,MC_n4_f2.tla,apalache,10h,Init,TypedInv,,--length=0 --cinit=ConstInit
+23,MC_n4_f3.tla,apalache,10h,Init,TypedInv,,--length=0 --cinit=ConstInit
+24,MC_n5_f1.tla,apalache,10h,Init,TypedInv,,--length=0 --cinit=ConstInit
+25,MC_n5_f2.tla,apalache,10h,Init,TypedInv,,--length=0 --cinit=ConstInit
+26,MC_n7_f2.tla,apalache,10h,Init,TypedInv,,--length=0 --cinit=ConstInit
+27,MC_n7_f3.tla,apalache,10h,Init,TypedInv,,--length=0 --cinit=ConstInit
+28,MC_n7_f4.tla,apalache,10h,Init,TypedInv,,--length=0 --cinit=ConstInit
+29,MC_n10_f3.tla,apalache,24h,Init,TypedInv,,--length=0 --cinit=ConstInit
+30,MC_n10_f4.tla,apalache,24h,Init,TypedInv,,--length=0 --cinit=ConstInit
diff --git a/docs/spec/tendermint-fork-cases/001indinv-apalache.ini b/docs/spec/tendermint-fork-cases/001indinv-apalache.ini
new file mode 100644
index 000000000..da6c3a30c
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/001indinv-apalache.ini
@@ -0,0 +1,8 @@
+# a configuration file for apalache-tests/scripts/mk-run.py
+
+[apalache-unstable]
+more_args=
+
+[apalache-card]
+more_args=
+
diff --git a/docs/spec/tendermint-fork-cases/MC_n10_f3.tla b/docs/spec/tendermint-fork-cases/MC_n10_f3.tla
new file mode 100644
index 000000000..0f20f92b5
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/MC_n10_f3.tla
@@ -0,0 +1,26 @@
+----------------------------- MODULE MC_n10_f3 -------------------------------
+CONSTANT Proposer \* the proposer function from 0..NRounds to 1..N
+
+\* the variables declared in TendermintAcc3
+VARIABLES
+  round, step, decision, lockedValue, lockedRound, validValue, validRound,
+  msgsPropose, msgsPrevote, msgsPrecommit, evidence
+
+\* an operator for type annotations
+a <: b == a
+
+INSTANCE TendermintAccDebug3 WITH
+  Corr <- {"c1", "c2", "c3", "c4", "c5", "c6", "c7"},
+  Defective <- {} <: {STRING},
+  Byzantine <- {"f8", "f9", "f10"},
+  N <- 10,
+  T <- 3,
+  ValidValues <- { "v0", "v1" },
+  InvalidValues <- {"v2"},
+  MaxRound <- 2
+
+\* run Apalache with --cinit=ConstInit
+ConstInit == \* the proposer is arbitrary -- works for safety
+  Proposer \in [Rounds -> AllProcs]
+
+=============================================================================    
diff --git a/docs/spec/tendermint-fork-cases/MC_n10_f4.tla b/docs/spec/tendermint-fork-cases/MC_n10_f4.tla
new file mode 100644
index 000000000..3271dcd4c
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/MC_n10_f4.tla
@@ -0,0 +1,26 @@
+----------------------------- MODULE MC_n10_f4 -------------------------------
+CONSTANT Proposer \* the proposer function from 0..NRounds to 1..N
+
+\* the variables declared in TendermintAcc3
+VARIABLES
+  round, step, decision, lockedValue, lockedRound, validValue, validRound,
+  msgsPropose, msgsPrevote, msgsPrecommit, evidence
+
+\* an operator for type annotations
+a <: b == a
+
+INSTANCE TendermintAccDebug3 WITH
+  Corr <- {"c1", "c2", "c3", "c4", "c5", "c6"},
+  Defective <- {"f7"},
+  Byzantine <- {"f8", "f9", "f10"},
+  N <- 10,
+  T <- 3,
+  ValidValues <- { "v0", "v1" },
+  InvalidValues <- {"v2"},
+  MaxRound <- 2
+
+\* run Apalache with --cinit=ConstInit
+ConstInit == \* the proposer is arbitrary -- works for safety
+  Proposer \in [Rounds -> AllProcs]
+
+=============================================================================    
diff --git a/docs/spec/tendermint-fork-cases/MC_n4_f1.tla b/docs/spec/tendermint-fork-cases/MC_n4_f1.tla
new file mode 100644
index 000000000..94a9558d3
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/MC_n4_f1.tla
@@ -0,0 +1,26 @@
+----------------------------- MODULE MC_n4_f1 -------------------------------
+CONSTANT Proposer \* the proposer function from 0..NRounds to 1..N
+
+\* the variables declared in TendermintAcc3
+VARIABLES
+  round, step, decision, lockedValue, lockedRound, validValue, validRound,
+  msgsPropose, msgsPrevote, msgsPrecommit, evidence
+
+\* an operator for type annotations
+a <: b == a
+
+INSTANCE TendermintAccDebug3 WITH
+  Corr <- {"c1", "c2", "c3"},
+  Defective <- {} <: {STRING},
+  Byzantine <- {"f1"},
+  N <- 4,
+  T <- 1,
+  ValidValues <- { "v0", "v1" },
+  InvalidValues <- {"v2"},
+  MaxRound <- 2
+
+\* run Apalache with --cinit=ConstInit
+ConstInit == \* the proposer is arbitrary -- works for safety
+  Proposer \in [Rounds -> AllProcs]
+
+=============================================================================    
diff --git a/docs/spec/tendermint-fork-cases/MC_n4_f2.tla b/docs/spec/tendermint-fork-cases/MC_n4_f2.tla
new file mode 100644
index 000000000..91eae547f
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/MC_n4_f2.tla
@@ -0,0 +1,26 @@
+----------------------------- MODULE MC_n4_f2 -------------------------------
+CONSTANT Proposer \* the proposer function from 0..NRounds to 1..N
+
+\* the variables declared in TendermintAcc3
+VARIABLES
+  round, step, decision, lockedValue, lockedRound, validValue, validRound,
+  msgsPropose, msgsPrevote, msgsPrecommit, evidence
+
+\* an operator for type annotations
+a <: b == a
+
+INSTANCE TendermintAccDebug3 WITH
+  Corr <- {"c1", "c2"},
+  Defective <- {"f3"},
+  Byzantine <- {"f4"},
+  N <- 4,
+  T <- 1,
+  ValidValues <- { "v0", "v1" },
+  InvalidValues <- {"v2"},
+  MaxRound <- 2
+
+\* run Apalache with --cinit=ConstInit
+ConstInit == \* the proposer is arbitrary -- works for safety
+  Proposer \in [Rounds -> AllProcs]
+
+=============================================================================    
diff --git a/docs/spec/tendermint-fork-cases/MC_n4_f3.tla b/docs/spec/tendermint-fork-cases/MC_n4_f3.tla
new file mode 100644
index 000000000..4413817b5
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/MC_n4_f3.tla
@@ -0,0 +1,26 @@
+----------------------------- MODULE MC_n4_f3 -------------------------------
+CONSTANT Proposer \* the proposer function from 0..NRounds to 1..N
+
+\* the variables declared in TendermintAcc3
+VARIABLES
+  round, step, decision, lockedValue, lockedRound, validValue, validRound,
+  msgsPropose, msgsPrevote, msgsPrecommit, evidence
+
+\* an operator for type annotations
+a <: b == a
+
+INSTANCE TendermintAccDebug3 WITH
+  Corr <- {"c1"},
+  Defective <- {"a2", "a3"},
+  Byzantine <- {"f4"},
+  N <- 4,
+  T <- 1,
+  ValidValues <- { "v0", "v1" },
+  InvalidValues <- {"v2"},
+  MaxRound <- 2
+
+\* run Apalache with --cinit=ConstInit
+ConstInit == \* the proposer is arbitrary -- works for safety
+  Proposer \in [Rounds -> AllProcs]
+
+=============================================================================    
diff --git a/docs/spec/tendermint-fork-cases/MC_n5_f1.tla b/docs/spec/tendermint-fork-cases/MC_n5_f1.tla
new file mode 100644
index 000000000..156675f37
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/MC_n5_f1.tla
@@ -0,0 +1,26 @@
+----------------------------- MODULE MC_n5_f1 -------------------------------
+CONSTANT Proposer \* the proposer function from 0..NRounds to 1..N
+
+\* the variables declared in TendermintAcc3
+VARIABLES
+  round, step, decision, lockedValue, lockedRound, validValue, validRound,
+  msgsPropose, msgsPrevote, msgsPrecommit, evidence
+
+\* an operator for type annotations
+a <: b == a
+
+INSTANCE TendermintAccDebug3 WITH
+  Corr <- {"c1", "c2", "c3", "c4"},
+  Defective <- {} <: {STRING},
+  Byzantine <- {"f5"},
+  N <- 5,
+  T <- 1,
+  ValidValues <- { "v0", "v1" },
+  InvalidValues <- {"v2"},
+  MaxRound <- 2
+
+\* run Apalache with --cinit=ConstInit
+ConstInit == \* the proposer is arbitrary -- works for safety
+  Proposer \in [Rounds -> AllProcs]
+
+=============================================================================    
diff --git a/docs/spec/tendermint-fork-cases/MC_n5_f2.tla b/docs/spec/tendermint-fork-cases/MC_n5_f2.tla
new file mode 100644
index 000000000..ef40158ae
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/MC_n5_f2.tla
@@ -0,0 +1,26 @@
+----------------------------- MODULE MC_n5_f2 -------------------------------
+CONSTANT Proposer \* the proposer function from 0..NRounds to 1..N
+
+\* the variables declared in TendermintAcc3
+VARIABLES
+  round, step, decision, lockedValue, lockedRound, validValue, validRound,
+  msgsPropose, msgsPrevote, msgsPrecommit, evidence
+
+\* an operator for type annotations
+a <: b == a
+
+INSTANCE TendermintAccDebug3 WITH
+  Corr <- {"c1", "c2", "c3"},
+  Defective <- {"a4"},
+  Byzantine <- {"f5"},
+  N <- 5,
+  T <- 1,
+  ValidValues <- { "v0", "v1" },
+  InvalidValues <- {"v2"},
+  MaxRound <- 2
+
+\* run Apalache with --cinit=ConstInit
+ConstInit == \* the proposer is arbitrary -- works for safety
+  Proposer \in [Rounds -> AllProcs]
+
+=============================================================================    
diff --git a/docs/spec/tendermint-fork-cases/MC_n7_f2.tla b/docs/spec/tendermint-fork-cases/MC_n7_f2.tla
new file mode 100644
index 000000000..ac2de9437
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/MC_n7_f2.tla
@@ -0,0 +1,26 @@
+----------------------------- MODULE MC_n7_f2 -------------------------------
+CONSTANT Proposer \* the proposer function from 0..NRounds to 1..N
+
+\* the variables declared in TendermintAcc3
+VARIABLES
+  round, step, decision, lockedValue, lockedRound, validValue, validRound,
+  msgsPropose, msgsPrevote, msgsPrecommit, evidence
+
+\* an operator for type annotations
+a <: b == a
+
+INSTANCE TendermintAccDebug3 WITH
+  Corr <- {"c1", "c2", "c3", "c4", "c5"},
+  Defective <- {} <: {STRING},
+  Byzantine <- {"f6", "f7"},
+  N <- 7,
+  T <- 2,
+  ValidValues <- { "v0", "v1" },
+  InvalidValues <- {"v2"},
+  MaxRound <- 2
+
+\* run Apalache with --cinit=ConstInit
+ConstInit == \* the proposer is arbitrary -- works for safety
+  Proposer \in [Rounds -> AllProcs]
+
+=============================================================================    
diff --git a/docs/spec/tendermint-fork-cases/MC_n7_f3.tla b/docs/spec/tendermint-fork-cases/MC_n7_f3.tla
new file mode 100644
index 000000000..32e4d4ad8
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/MC_n7_f3.tla
@@ -0,0 +1,26 @@
+----------------------------- MODULE MC_n7_f3 -------------------------------
+CONSTANT Proposer \* the proposer function from 0..NRounds to 1..N
+
+\* the variables declared in TendermintAcc3
+VARIABLES
+  round, step, decision, lockedValue, lockedRound, validValue, validRound,
+  msgsPropose, msgsPrevote, msgsPrecommit, evidence
+
+\* an operator for type annotations
+a <: b == a
+
+INSTANCE TendermintAccDebug3 WITH
+  Corr <- {"c1", "c2", "c3", "c4"},
+  Defective <- {"f5"},
+  Byzantine <- {"f6", "f7"},
+  N <- 7,
+  T <- 2,
+  ValidValues <- { "v0", "v1" },
+  InvalidValues <- {"v2"},
+  MaxRound <- 2
+
+\* run Apalache with --cinit=ConstInit
+ConstInit == \* the proposer is arbitrary -- works for safety
+  Proposer \in [Rounds -> AllProcs]
+
+=============================================================================    
diff --git a/docs/spec/tendermint-fork-cases/MC_n7_f4.tla b/docs/spec/tendermint-fork-cases/MC_n7_f4.tla
new file mode 100644
index 000000000..8a0323559
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/MC_n7_f4.tla
@@ -0,0 +1,26 @@
+----------------------------- MODULE MC_n7_f4 -------------------------------
+CONSTANT Proposer \* the proposer function from 0..NRounds to 1..N
+
+\* the variables declared in TendermintAcc3
+VARIABLES
+  round, step, decision, lockedValue, lockedRound, validValue, validRound,
+  msgsPropose, msgsPrevote, msgsPrecommit, evidence
+
+\* an operator for type annotations
+a <: b == a
+
+INSTANCE TendermintAccDebug3 WITH
+  Corr <- {"c1", "c2", "c3"},
+  Defective <- {"f4", "f5"},
+  Byzantine <- {"f6", "f7"},
+  N <- 7,
+  T <- 2,
+  ValidValues <- { "v0", "v1" },
+  InvalidValues <- {"v2"},
+  MaxRound <- 2
+
+\* run Apalache with --cinit=ConstInit
+ConstInit == \* the proposer is arbitrary -- works for safety
+  Proposer \in [Rounds -> AllProcs]
+
+=============================================================================    
diff --git a/docs/spec/tendermint-fork-cases/README.md b/docs/spec/tendermint-fork-cases/README.md
new file mode 100644
index 000000000..2e0447d15
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/README.md
@@ -0,0 +1,105 @@
+# Synopsis
+ 
+ A TLA+ specification of a simplified Tendermint consensus, tuned for
+ fork accountability. The simplifications are as follows:
+
+ - the procotol runs for one height, that is, one-shot consensus
+
+ - this specification focuses on safety, so timeouts are modelled with
+   with non-determinism
+
+ - the proposer function is non-determinstic, no fairness is assumed
+
+ - the messages by the faulty processes are injected right in the initial states
+
+ - every process has the voting power of 1
+
+ - hashes are modelled as identity
+
+ Having the above assumptions in mind, the specification follows the pseudo-code
+ of the Tendermint paper: https://arxiv.org/abs/1807.04938
+
+ For the purposes of fork accountability, the faulty processes are partitioned
+ into two sets: the Byzantine processes and the defective processes.
+ While the Byzantine processes can demonstrate arbitrary behavior, including
+ no communication, the defective processes send their messages but deviate
+ from the protocol in two ways:
+
+   - Equivocation: a defective process may send two different values
+     in the same round.
+
+   - Amnesia: a defective process may lock a value, although it has locked
+     another value in the past.
+
+# TLA+ modules
+ 
+ - [TendermintAcc3](TendermintAcc3.tla) is the protocol specification,
+
+ - [TendermintAccDebug3](TendermintAccDebug3.tla) contains the useful definitions
+   for debugging the protocol specification with TLC and Apalache,
+
+ - [TendermintAccInv3](TendermintAccInv3.tla) contains an inductive invariant
+   for establishing the protocol safety as well as the forking cases,
+
+ - `MC_n<n>_f<f>`, e.g., [MC_n4_f1](MC_n4_f1.tla), contains fixed constants
+   for model checking with Apalache
+
+# Reasoning about fork scenarios
+
+The theorem statements can be found in
+[TendermintAccInv3.tla](TendermintAccInv3.tla).
+
+First, we would like to show that `TypedInv` is an inductive invariant.
+Formally, the statement looks as follows:
+
+```tla
+THEOREM TypedInvIsInductive ==
+    \/ FaultyQuorum
+    \//\ Init => TypedInv
+      /\ TypedInv /\ [Next]_vars => TypedInv'
+```
+
+When over two-thirds of processes are faulty, `TypedInv` is not inductive.
+However, there is no hope to repair the protocol in this case. We run Apalache
+to prove this theorem only for fixed instances of 4 to 10 processes.  Apalache
+does not parse theorem statements at the moment, so we ran Apalache using a
+shell script. To find a parameterized argument, one has to use a theorem
+prover, e.g., TLAPS.
+
+Second, we would like to show that the invariant implies `Agreement`, that is,
+no fork, provided that less than one third of processes is faulty. By combining
+this theorem with the previous theorem, we conclude that the protocol indeed
+satisfies Agreement under the condition `LessThanThirdFaulty`.
+
+```tla
+THEOREM AgreementWhenLessThanThirdFaulty ==
+    LessThanThirdFaulty /\ TypedInv => Agreement
+```
+
+Third, in the general case, we either have no fork, or two fork scenarios:
+
+```tla
+THEOREM AgreementOrFork ==
+    ~FaultyQuorum /\ TypedInv => AgreementOrEquivocationOrAmnesia
+```
+
+# Model checking results   
+
+Check the report on [model checking with Apalache](./results/001indinv-apalache-report.md).
+
+TODO: re-run the experiments with the updates introduced during the dev session.
+
+# Running the experiments
+
+Run the experiments by using the script:
+
+```console
+./run.sh
+```
+
+This script assumes that apalache builds are available in:
+
+ * `~/devl/apalache-card` contains the build for the branch `ik/card`,
+ * `~/devl/apalache-unstable` contains the build for branch `unstable`.
+
+
diff --git a/docs/spec/tendermint-fork-cases/TendermintAcc3.tla b/docs/spec/tendermint-fork-cases/TendermintAcc3.tla
new file mode 100644
index 000000000..581969436
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/TendermintAcc3.tla
@@ -0,0 +1,447 @@
+----------------------------- MODULE TendermintAcc3 ---------------------------
+(*
+ A TLA+ specification of a simplified Tendermint consensus, tuned for
+ fork accountability. The simplifications are as follows:
+
+ - the protocol runs for one height, that is, it is one-shot consensus
+
+ - this specification focuses on safety, so timeouts are modelled with
+   with non-determinism
+
+ - the proposer function is non-determinstic, no fairness is assumed
+
+ - the messages by the faulty processes are injected right in the initial states
+
+ - every process has the voting power of 1
+
+ - hashes are modelled as identity
+
+ Having the above assumptions in mind, the specification follows the pseudo-code
+ of the Tendermint paper: https://arxiv.org/abs/1807.04938
+
+ For the purposes of fork accountability, the faulty processes are partitioned
+ into two sets: the Byzantine processes and the defective processes.
+ While the Byzantine processes can demonstrate arbitrary behavior, including
+ no communication, the defective processes send their messages but deviate
+ from the protocol in two ways:
+
+   - Equivocation: a defective process may send two different values
+     in the same round.
+
+   - Amnesia: a defective process may lock a value, although it has locked
+     another value in the past.
+
+ TODO: as there is no clear difference between Byzantine and Defective processes anymore,
+ we will probably merge them together.
+
+ * Version 3. Modular and parameterized definitions.
+ * Version 2. Bugfixes in the spec and an inductive invariant.
+ * Version 1. A preliminary specification.
+
+ Zarko Milosevic, Igor Konnov, 2019-2020.
+ *)
+
+EXTENDS Integers, FiniteSets
+
+(********************* PROTOCOL PARAMETERS **********************************)
+CONSTANTS
+    Corr,          \* the set of correct processes 
+    Defective,     \* the set of processes that show defects, e.g, amnesia or equivocation
+    Byzantine,     \* the set of Byzantine processes, may be empty
+    N,             \* the total number of processes: correct, defective, and Byzantine
+    T,             \* an upper bound on the number of Byzantine processes
+    ValidValues,   \* the set of valid values, proposed both by correct and faulty
+    InvalidValues, \* the set of invalid values, never proposed by the correct ones
+    MaxRound,      \* the maximal round number
+    Proposer       \* the proposer function from 0..NRounds to 1..N
+
+ASSUME(N = Cardinality(Corr \union Defective \union Byzantine))
+
+(*************************** DEFINITIONS ************************************)
+Faulty == Defective \union Byzantine  \* the set of faulty processes
+AllProcs == Corr \union Faulty      \* the set of all processes
+Rounds == 0..MaxRound               \* the set of potential rounds
+NilRound == -1   \* a special value to denote a nil round, outside of Rounds
+RoundsOrNil == Rounds \union {NilRound}
+Values == ValidValues \union InvalidValues \* the set of all values
+NilValue == "None"  \* a special value for a nil round, outside of Values
+ValuesOrNil == Values \union {NilValue}
+
+\* a value hash is modeled as identity
+Id(v) == v
+
+\* The validity predicate
+IsValid(v) == v \in ValidValues
+
+\* the two thresholds that are used in the algorithm
+THRESHOLD1 == T + 1     \* at least one process is not faulty
+THRESHOLD2 == 2 * T + 1 \* a quorum when having N > 3 * T
+
+(********************* TYPE ANNOTATIONS FOR APALACHE **************************)
+\* the operator for type annotations
+a <: b == a
+
+\* the type of message records
+MT == [type |-> STRING, src |-> STRING, round |-> Int,
+       proposal |-> STRING, validRound |-> Int, id |-> STRING]
+       
+\* a type annotation for a message
+AsMsg(m) == m <: MT
+\* a type annotation for a set of messages
+SetOfMsgs(S) == S <: {MT}       
+\* a type annotation for an empty set of messages
+EmptyMsgSet == SetOfMsgs({})
+
+(********************* PROTOCOL STATE VARIABLES ******************************)
+VARIABLES
+  round,    \* a process round number: Corr -> Rounds
+  step,     \* a process step: Corr -> { "PROPOSE", "PREVOTE", "PRECOMMIT", "DECIDED" }
+  decision, \* process decision: Corr -> ValuesOrNil
+  lockedValue,  \* a locked value: Corr -> ValuesOrNil
+  lockedRound,  \* a locked round: Corr -> RoundsOrNil
+  validValue,   \* a valid value: Corr -> ValuesOrNil
+  validRound    \* a valid round: Corr -> RoundsOrNil
+
+\* book-keeping variables
+VARIABLES
+  msgsPropose,   \* PROPOSE messages broadcast in the system, Rounds -> Messages
+  msgsPrevote,   \* PREVOTE messages broadcast in the system, Rounds -> Messages
+  msgsPrecommit, \* PRECOMMIT messages broadcast in the system, Rounds -> Messages
+  evidence \* the messages that were used by the process that made a transition
+
+(* to see a type invariant, check TendermintAccInv3 *)  
+ 
+\* a handy definition used in UNCHANGED
+vars == <<round, step, decision, lockedValue, lockedRound,
+          validValue, validRound, evidence, msgsPropose, msgsPrevote, msgsPrecommit>>
+
+(********************* PROTOCOL INITIALIZATION ******************************)
+FaultyProposals(r) ==
+    SetOfMsgs([type: {"PROPOSAL"}, src: Faulty,
+               round: {r}, proposal: Values, validRound: RoundsOrNil])
+
+AllFaultyProposals ==
+    SetOfMsgs([type: {"PROPOSAL"}, src: Faulty,
+               round: Rounds, proposal: Values, validRound: RoundsOrNil])
+
+FaultyPrevotes(r) ==
+    SetOfMsgs([type: {"PREVOTE"}, src: Faulty, round: {r}, id: Values])
+
+AllFaultyPrevotes ==    
+    SetOfMsgs([type: {"PREVOTE"}, src: Faulty, round: Rounds, id: Values])
+
+FaultyPrecommits(r) ==
+    SetOfMsgs([type: {"PRECOMMIT"}, src: Faulty, round: {r}, id: Values])
+
+AllFaultyPrecommits ==
+    SetOfMsgs([type: {"PRECOMMIT"}, src: Faulty, round: Rounds, id: Values])
+   
+BenignRoundsInMessages(msgfun) ==
+  \* the message function never contains a message for a wrong round
+  \A r \in Rounds:
+    \A m \in msgfun[r]:
+      r = m.round
+
+\* The initial states of the protocol. Some faults can be in the system already.
+Init ==
+    /\ round = [p \in Corr |-> 0]
+    /\ step = [p \in Corr |-> "PROPOSE"]
+    /\ decision = [p \in Corr |-> NilValue]
+    /\ lockedValue = [p \in Corr |-> NilValue]
+    /\ lockedRound = [p \in Corr |-> NilRound]
+    /\ validValue = [p \in Corr |-> NilValue]
+    /\ validRound = [p \in Corr |-> NilRound]
+    /\ msgsPropose \in [Rounds -> SUBSET AllFaultyProposals]
+    /\ msgsPrevote \in [Rounds -> SUBSET AllFaultyPrevotes]
+    /\ msgsPrecommit \in [Rounds -> SUBSET AllFaultyPrecommits]
+    /\ BenignRoundsInMessages(msgsPropose)
+    /\ BenignRoundsInMessages(msgsPrevote)
+    /\ BenignRoundsInMessages(msgsPrecommit)
+    /\ evidence = EmptyMsgSet
+
+(************************ MESSAGE PASSING ********************************)
+BroadcastProposal(pSrc, pRound, pProposal, pValidRound) ==
+  LET newMsg ==
+    AsMsg([type |-> "PROPOSAL", src |-> pSrc, round |-> pRound,
+           proposal |-> pProposal, validRound |-> pValidRound])
+  IN
+  msgsPropose' = [msgsPropose EXCEPT ![pRound] = msgsPropose[pRound] \union {newMsg}]
+
+BroadcastPrevote(pSrc, pRound, pId) ==
+  LET newMsg == AsMsg([type |-> "PREVOTE",
+                       src |-> pSrc, round |-> pRound, id |-> pId])
+  IN
+  msgsPrevote' = [msgsPrevote EXCEPT ![pRound] = msgsPrevote[pRound] \union {newMsg}]
+
+BroadcastPrecommit(pSrc, pRound, pId) ==
+  LET newMsg == AsMsg([type |-> "PRECOMMIT",
+                       src |-> pSrc, round |-> pRound, id |-> pId])
+  IN
+  msgsPrecommit' = [msgsPrecommit EXCEPT ![pRound] = msgsPrecommit[pRound] \union {newMsg}]
+
+
+(********************* PROTOCOL TRANSITIONS ******************************)
+\* lines 12-13
+StartRound(p, r) ==
+   /\ step[p] /= "DECIDED" \* a decided process does not participate in consensus
+   /\ round' = [round EXCEPT ![p] = r]
+   /\ step' = [step EXCEPT ![p] = "PROPOSE"] 
+
+\* lines 14-19, a proposal may be sent later
+InsertProposal(p) == 
+  LET r == round[p] IN
+  /\ p = Proposer[r]
+  /\ step[p] = "PROPOSE"
+    \* if the proposer is sending a proposal, then there are no other proposals
+    \* by the correct processes for the same round
+  /\ \A m \in msgsPropose[r]: m.src /= p
+  /\ \E v \in ValidValues: 
+      LET proposal == IF validValue[p] /= NilValue THEN validValue[p] ELSE v IN
+      BroadcastProposal(p, round[p], proposal, validRound[p])
+  /\ evidence' = EmptyMsgSet
+  /\ UNCHANGED <<round, decision, lockedValue, lockedRound,
+                 validValue, step, validRound, msgsPrevote, msgsPrecommit>>
+
+\* lines 22-27
+UponProposalInPropose(p) ==
+  \E v \in Values:
+    /\ step[p] = "PROPOSE" (* line 22 *)
+    /\ LET msg ==
+        AsMsg([type |-> "PROPOSAL", src |-> Proposer[round[p]],
+               round |-> round[p], proposal |-> v, validRound |-> NilRound]) IN
+      /\ msg \in msgsPropose[round[p]] \* line 22
+      /\ evidence' = {msg}
+    /\ LET mid == (* line 23 *)
+         IF IsValid(v) /\ (lockedRound[p] = NilRound \/ lockedValue[p] = v)
+         THEN Id(v)
+         ELSE NilValue
+       IN
+       BroadcastPrevote(p, round[p], mid) \* lines 24-26
+    /\ step' = [step EXCEPT ![p] = "PREVOTE"]
+    /\ UNCHANGED <<round, decision, lockedValue, lockedRound,
+                   validValue, validRound, msgsPropose, msgsPrecommit>>
+
+\* lines 28-33        
+UponProposalInProposeAndPrevote(p) ==
+  \E v \in Values, vr \in Rounds:
+    /\ step[p] = "PROPOSE" /\ 0 <= vr /\ vr < round[p] \* line 28, the while part
+    /\ LET msg ==
+         AsMsg([type |-> "PROPOSAL", src |-> Proposer[round[p]],
+                round |-> round[p], proposal |-> v, validRound |-> vr])
+       IN
+       /\ msg \in msgsPropose[round[p]] \* line 28
+       /\ LET PV == { m \in msgsPrevote[vr]: m.id = Id(v) } IN
+          /\ Cardinality(PV) >= THRESHOLD2 \* line 28
+          /\ evidence' = PV \union {msg}
+    /\ LET mid == (* line 29 *)
+         IF IsValid(v) /\ (lockedRound[p] <= vr \/ lockedValue[p] = v)
+         THEN Id(v)
+         ELSE NilValue
+       IN
+       BroadcastPrevote(p, round[p], mid) \* lines 24-26
+    /\ step' = [step EXCEPT ![p] = "PREVOTE"]
+    /\ UNCHANGED <<round, decision, lockedValue, lockedRound,
+                   validValue, validRound, msgsPropose, msgsPrecommit>>
+                     
+ \* lines 34-35 + lines 61-64 (onTimeoutPrevote)
+UponQuorumOfPrevotesAny(p) ==
+  /\ step[p] = "PREVOTE" \* line 34 and 61
+  /\ Cardinality(msgsPrevote[round[p]]) >= THRESHOLD2 \* line 34
+  \* multiple messages from a process may trigger this rule (no effect on safety)
+  /\ evidence' = msgsPrevote[round[p]]
+  /\ BroadcastPrecommit(p, round[p], NilValue)
+  /\ step' = [step EXCEPT ![p] = "PRECOMMIT"]
+  /\ UNCHANGED <<round, decision, lockedValue, lockedRound,
+                 validValue, validRound, msgsPropose, msgsPrevote>>
+                     
+\* lines 36-46
+UponProposalInPrevoteOrCommitAndPrevote(p) ==
+  \E v \in ValidValues, vr \in RoundsOrNil:
+    /\ step[p] \in {"PREVOTE", "PRECOMMIT"} \* line 36
+    /\ LET msg ==
+         AsMsg([type |-> "PROPOSAL", src |-> Proposer[round[p]],
+                round |-> round[p], proposal |-> v, validRound |-> vr]) IN
+        /\ msg \in msgsPropose[round[p]] \* line 36
+        /\ LET PV == { m \in msgsPrevote[round[p]]: m.id = Id(v) } IN
+          /\ Cardinality(PV) >= THRESHOLD2 \* line 36
+          /\ evidence' = PV \union {msg}
+    /\  IF step[p] = "PREVOTE"
+        THEN \* lines 38-41:
+          /\ lockedValue' = [lockedValue EXCEPT ![p] = v]
+          /\ lockedRound' = [lockedRound EXCEPT ![p] = round[p]]
+          /\ BroadcastPrecommit(p, round[p], Id(v))
+          /\ step' = [step EXCEPT ![p] = "PRECOMMIT"]
+        ELSE
+          UNCHANGED <<lockedValue, lockedRound, msgsPrecommit, step>>
+      \* lines 42-43
+    /\ validValue' = [validValue EXCEPT ![p] = v]
+    /\ validRound' = [validRound EXCEPT ![p] = round[p]]
+    /\ UNCHANGED <<round, decision, msgsPropose, msgsPrevote>>
+
+\* lines 47-48 + 65-67 (onTimeoutPrecommit)
+UponQuorumOfPrecommitsAny(p) ==
+  /\ Cardinality(msgsPrecommit[round[p]]) >= THRESHOLD2 \* line 47
+  /\ evidence' = msgsPrecommit[round[p]]
+  /\ round[p] + 1 \in Rounds
+  /\ StartRound(p, round[p] + 1)   
+  /\ UNCHANGED <<decision, lockedValue, lockedRound, validValue,
+                 validRound, msgsPropose, msgsPrevote, msgsPrecommit>>
+                     
+\* lines 49-54        
+UponProposalInPrecommitNoDecision(p) ==
+  /\ decision[p] = NilValue \* line 49
+  /\ \E v \in ValidValues (* line 50*) , r \in Rounds, vr \in RoundsOrNil:
+    /\ LET msg == AsMsg([type |-> "PROPOSAL", src |-> Proposer[r],
+                           round |-> r, proposal |-> v, validRound |-> vr]) IN
+       /\ msg \in msgsPropose[r] \* line 49
+       /\ LET PV == { m \in msgsPrecommit[r]: m.id = Id(v) } IN
+           /\ Cardinality(PV) >= THRESHOLD2 \* line 49
+           /\ evidence' = PV \union {msg}
+    /\ decision' = [decision EXCEPT ![p] = v] \* update the decision, line 51
+    \* The original algorithm does not have 'DECIDED', but it increments the height.
+    \* We introduced 'DECIDED' here to prevent the process from changing its decision.
+    /\ step' = [step EXCEPT ![p] = "DECIDED"]
+    /\ UNCHANGED <<round, lockedValue, lockedRound, validValue,
+                     validRound, msgsPropose, msgsPrevote, msgsPrecommit>>
+                                                          
+\* the actions below are not essential for safety, but added for completeness
+
+\* lines 20-21 + 57-60
+OnTimeoutPropose(p) ==
+  /\ step[p] = "PROPOSE"
+  /\ p /= Proposer[round[p]]
+  /\ BroadcastPrevote(p, round[p], NilValue)
+  /\ step' = [step EXCEPT ![p] = "PREVOTE"]
+  /\ UNCHANGED <<round, lockedValue, lockedRound, validValue,
+                 validRound, decision, evidence, msgsPropose, msgsPrecommit>>
+
+\* lines 44-46
+OnQuoromOfNilPrevotes(p) ==
+  /\ step[p] = "PREVOTE"
+  /\ LET PV == { m \in msgsPrevote[round[p]]: m.id = Id(NilValue) } IN
+      /\ Cardinality(PV) >= THRESHOLD2 \* line 36
+      /\ evidence' = PV
+  /\ BroadcastPrecommit(p, round[p], Id(NilValue))
+  /\ step' = [step EXCEPT ![p] = "PREVOTE"]
+  /\ UNCHANGED <<round, lockedValue, lockedRound, validValue,
+                 validRound, decision, msgsPropose, msgsPrevote>>
+
+\* lines 55-56
+OnRoundCatchup(p) ==
+  \E r \in {rr \in Rounds: rr > round[p]}:
+    /\ LET RM == msgsPropose[r] \union msgsPrevote[r] \union msgsPrecommit[r] IN
+      /\ Cardinality(RM) >= THRESHOLD1
+      /\ evidence' = RM
+    /\ StartRound(p, r)
+    /\ UNCHANGED <<decision, lockedValue, lockedRound, validValue,
+                   validRound, msgsPropose, msgsPrevote, msgsPrecommit>>
+
+(*
+ * A system transition. In this specificatiom, the system may eventually deadlock,
+ * e.g., when all processes decide. This is expected behavior, as we focus on safety.
+ *)
+Next ==
+  \E p \in Corr:
+    \/ InsertProposal(p)
+    \/ UponProposalInPropose(p)
+    \/ UponProposalInProposeAndPrevote(p)
+    \/ UponQuorumOfPrevotesAny(p)
+    \/ UponProposalInPrevoteOrCommitAndPrevote(p)
+    \/ UponQuorumOfPrecommitsAny(p)
+    \/ UponProposalInPrecommitNoDecision(p)
+    \* the actions below are not essential for safety, but added for completeness
+    \/ OnTimeoutPropose(p)
+    \/ OnQuoromOfNilPrevotes(p)
+    \/ OnRoundCatchup(p) 
+  
+(**************************** FORK SCENARIOS  ***************************)
+\* a state that has at least one equivocation
+Equivocation ==
+  \E r \in Rounds:
+    \/ \E m1, m2 \in msgsPropose[r]:
+      m1 /= m2 /\ m1.src = m2.src
+    \/ \E m1, m2 \in msgsPrevote[r]:
+      m1 /= m2 /\ m1.src = m2.src
+    \/ \E m1, m2 \in msgsPrecommit[r]:
+      m1 /= m2 /\ m1.src = m2.src
+
+\* equivocation by amnesic processes
+EquivocationBy(p) ==
+  \E r \in Rounds:
+    \/ \E m1, m2 \in msgsPropose[r]:
+      m1.proposal /= m2.proposal /\ m1.src = p /\ m2.src = p
+    \/ \E m1, m2 \in msgsPrevote[r]:
+      m1.id /= m2.id /\ m1.src = p /\ m2.src = p
+    \/ \E m1, m2 \in msgsPrecommit[r]:
+      m1.id /= m2.id /\ m1.src = p /\ m2.src = p
+
+\* amnesic behavior by a process p
+AmnesiaBy(p) ==
+    \E r1, r2 \in Rounds:
+      /\ r1 < r2
+      /\ \E v1, v2 \in ValidValues:
+        /\ v1 /= v2
+        /\ AsMsg([type |-> "PRECOMMIT", src |-> p,
+                  round |-> r1, id |-> Id(v1)]) \in msgsPrecommit[r1]    
+        /\ AsMsg([type |-> "PREVOTE", src |-> p,
+                  round |-> r2, id |-> Id(v2)]) \in msgsPrecommit[r2]
+        /\ \A r \in { rnd \in Rounds: r1 <= rnd /\ rnd <= r2 }:
+            LET prevotes ==
+                { m \in msgsPrevote[r]:
+                  m.type = "PREVOTE" /\ m.round = r /\ m.id = Id(v2) }
+            IN
+            Cardinality(prevotes) < THRESHOLD2
+
+\* Exclude the equivocation states, that is,
+\* exclude the equivocal messages by the faulty processes
+InitNoEquivocation ==
+    Init /\ ~Equivocation
+
+(******************************** PROPERTIES  ***************************************)
+
+\* the safety property -- agreement
+Agreement == \A p, q \in Corr:
+    \/ decision[p] = NilValue
+    \/ decision[q] = NilValue
+    \/ decision[p] = decision[q]
+
+\* the protocol validity
+Validity ==
+    \A p \in Corr: decision[p] \in ValidValues \union {NilValue}
+ 
+\* either agreement holds, or the amnesic processes indeed have amnesia
+AgreementOrAmnesia ==
+    Agreement \/ (\A p \in Defective: AmnesiaBy(p))
+ 
+\* the strong agreement property that also assumes no amnesia
+AgreementNoAmnesia ==
+    Agreement /\ \A p \in Defective: ~AmnesiaBy(p)
+
+(*
+  The protocol safety. Three cases are possible:
+     1. There is no fork, that is, Agreement holds true.
+     2. The amnesic processes have sent equivocal messages.
+     3. The amnesic processes have sent messages that prove amnesia.
+
+  This property seems to be unrealistic. See AgreementOrEquivocationOrAmnesia.
+ *)    
+AgreementOrEquivocationOrAmnesiaOld ==
+    \/ Agreement
+    \/ \A p \in Defective: EquivocationBy(p)
+    \/ \A p \in Defective: AmnesiaBy(p)
+
+(*
+  The protocol safety. Two cases are possible:
+     1. There is no fork, that is, Agreement holds true.
+     2. A subset of faulty processes demonstrates equivocation or amnesia.
+ *)
+AgreementOrEquivocationOrAmnesia ==
+    \/ Agreement
+    \/ \E Detectable \in SUBSET Faulty:
+        /\ Cardinality(Detectable) >= THRESHOLD1
+        /\ \A p \in Detectable:
+            EquivocationBy(p) \/ AmnesiaBy(p)
+
+
+=============================================================================    
+ 
diff --git a/docs/spec/tendermint-fork-cases/TendermintAccDebug3.tla b/docs/spec/tendermint-fork-cases/TendermintAccDebug3.tla
new file mode 100644
index 000000000..3b03fd9c9
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/TendermintAccDebug3.tla
@@ -0,0 +1,100 @@
+----------------------- MODULE TendermintAccDebug3 -----------------------------
+(*
+ A few definitions that we use for debugging TendermintAcc3, which do not belong
+ to the specification itself.
+ 
+ * Version 3. Modular and parameterized definitions.
+
+ Igor Konnov, 2020.
+ *)
+
+EXTENDS TendermintAccInv3
+
+\* make them parameters?
+NFaultyProposals == 0   \* the number of injected faulty PROPOSE messages
+NFaultyPrevotes == 6    \* the number of injected faulty PREVOTE messages
+NFaultyPrecommits == 6  \* the number of injected faulty PRECOMMIT messages
+
+\* Given a set of allowed messages Msgs, this operator produces a function from
+\* rounds to sets of messages.
+\* Importantly, there will be exactly k messages in the image of msgFun.
+\* We use this action to produce k faults in an initial state.
+ProduceFaults(msgFun, From, k) ==
+    \E f \in [1..k -> From]:
+        msgFun = [r \in Rounds |-> {m \in {f[i]: i \in 1..k}: m.round = r}]
+
+\* As TLC explodes with faults, we may have initial states without faults    
+InitNoFaults ==
+    /\ round = [p \in Corr |-> 0]
+    /\ step = [p \in Corr |-> "PROPOSE"]
+    /\ decision = [p \in Corr |-> NilValue]
+    /\ lockedValue = [p \in Corr |-> NilValue]
+    /\ lockedRound = [p \in Corr |-> NilRound]
+    /\ validValue = [p \in Corr |-> NilValue]
+    /\ validRound = [p \in Corr |-> NilRound]
+    /\ msgsPropose = [r \in Rounds |-> EmptyMsgSet]
+    /\ msgsPrevote = [r \in Rounds |-> EmptyMsgSet]
+    /\ msgsPrecommit = [r \in Rounds |-> EmptyMsgSet]
+    /\ evidence = EmptyMsgSet
+
+(*
+ A specialized version of Init that injects NFaultyProposals proposals,
+ NFaultyPrevotes prevotes, NFaultyPrecommits precommits by the faulty processes
+ *)
+InitFewFaults ==
+    /\ round = [p \in Corr |-> 0]
+    /\ step = [p \in Corr |-> "PROPOSE"]
+    /\ decision = [p \in Corr |-> NilValue]
+    /\ lockedValue = [p \in Corr |-> NilValue]
+    /\ lockedRound = [p \in Corr |-> NilRound]
+    /\ validValue = [p \in Corr |-> NilValue]
+    /\ validRound = [p \in Corr |-> NilRound]
+    /\ ProduceFaults(msgsPrevote',
+                     SetOfMsgs([type: {"PREVOTE"}, src: Faulty, round: Rounds, id: Values]),
+                     NFaultyPrevotes)
+    /\ ProduceFaults(msgsPrecommit',
+                     SetOfMsgs([type: {"PRECOMMIT"}, src: Faulty, round: Rounds, id: Values]),
+                     NFaultyPrecommits)
+    /\ ProduceFaults(msgsPropose',
+                     SetOfMsgs([type: {"PROPOSAL"}, src: Faulty, round: Rounds,
+                                proposal: Values, validRound: Rounds \cup {NilRound}]),
+                     NFaultyProposals)
+    /\ evidence = EmptyMsgSet
+
+\* Add faults incrementally
+NextWithFaults ==
+    \* either the protocol makes a step
+    \/ Next
+    \* or a faulty process sends a message
+    \//\ UNCHANGED <<round, step, decision, lockedValue,
+                     lockedRound, validValue, validRound, evidence>>
+      /\ \E p \in Faulty:
+         \E r \in Rounds:
+           \//\ UNCHANGED <<msgsPrevote, msgsPrecommit>>
+             /\ \E proposal \in ValidValues \union {NilValue}:
+                \E vr \in RoundsOrNil:
+                  BroadcastProposal(p, r, proposal, vr)
+           \//\ UNCHANGED <<msgsPropose, msgsPrecommit>>
+             /\ \E id \in ValidValues \union {NilValue}:
+                  BroadcastPrevote(p, r, id)
+           \//\ UNCHANGED <<msgsPropose, msgsPrevote>>
+             /\ \E id \in ValidValues \union {NilValue}:
+                  BroadcastPrecommit(p, r, id)
+
+(******************************** PROPERTIES  ***************************************)
+\* simple reachability properties to see that the spec is progressing
+NoPrevote == \A p \in Corr: step[p] /= "PREVOTE" 
+
+NoPrecommit == \A p \in Corr: step[p] /= "PRECOMMIT"   
+
+NoValidPrecommit ==
+    \A r \in Rounds:
+      \A m \in msgsPrecommit[r]:
+        m.id = NilValue \/ m.src \in Faulty
+
+NoHigherRounds == \A p \in Corr: round[p] < 1
+
+NoDecision == \A p \in Corr: decision[p] = NilValue                    
+
+=============================================================================    
+ 
diff --git a/docs/spec/tendermint-fork-cases/TendermintAccInv3.tla b/docs/spec/tendermint-fork-cases/TendermintAccInv3.tla
new file mode 100644
index 000000000..8acd266c5
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/TendermintAccInv3.tla
@@ -0,0 +1,323 @@
+------------------------- MODULE TendermintAccInv3 ----------------------------
+(*
+ An inductive invariant for TendermintAcc3, which capture the forked
+ and non-forked cases.
+
+ * Version 3. Modular and parameterized definitions.
+ * Version 2. Bugfixes in the spec and an inductive invariant.
+
+ Igor Konnov, 2020.
+ *)
+
+EXTENDS TendermintAcc3
+  
+(************************** TYPE INVARIANT ***********************************)
+(* first, we define the sets of all potential messages *)
+AllProposals == 
+  [type: {"PROPOSAL"},
+   src: AllProcs,
+   round: Rounds,
+   proposal: ValuesOrNil,
+   validRound: RoundsOrNil] <: {MT}
+  
+AllPrevotes ==
+  [type: {"PREVOTE"},
+   src: AllProcs,
+   round: Rounds,
+   id: ValuesOrNil] <: {MT}
+
+AllPrecommits ==
+  [type: {"PRECOMMIT"},
+   src: AllProcs,
+   round: Rounds,
+   id: ValuesOrNil] <: {MT}
+
+(* the standard type invariant -- importantly, it is inductive *)
+TypeOK ==
+    /\ round \in [Corr -> Rounds]
+    /\ step \in [Corr -> { "PROPOSE", "PREVOTE", "PRECOMMIT", "DECIDED" }]
+    /\ decision \in [Corr -> ValidValues \union {NilValue}]
+    /\ lockedValue \in [Corr -> ValidValues \union {NilValue}]
+    /\ lockedRound \in [Corr -> RoundsOrNil]
+    /\ validValue \in [Corr -> ValidValues \union {NilValue}]
+    /\ validRound \in [Corr -> RoundsOrNil]
+    /\ msgsPropose \in [Rounds -> SUBSET AllProposals]
+    /\ BenignRoundsInMessages(msgsPropose)
+    /\ msgsPrevote \in [Rounds -> SUBSET AllPrevotes]
+    /\ BenignRoundsInMessages(msgsPrevote)
+    /\ msgsPrecommit \in [Rounds -> SUBSET AllPrecommits]
+    /\ BenignRoundsInMessages(msgsPrecommit)
+    /\ evidence \in SUBSET (AllProposals \union AllPrevotes \union AllPrecommits)
+
+(************************** INDUCTIVE INVARIANT *******************************)
+
+NoFutureMessagesForLargerRounds(p) ==
+  \* a correct process does not send messages for the future rounds
+  \A r \in { rr \in Rounds: rr > round[p] }:
+    /\ \A m \in msgsPropose[r]: m.src /= p
+    /\ \A m \in msgsPrevote[r]: m.src /= p
+    /\ \A m \in msgsPrecommit[r]: m.src /= p
+
+NoFutureMessagesForCurrentRound(p) ==
+  \* a correct process does not send messages in the future
+  LET r == round[p] IN
+    /\ Proposer[r] = p \/ \A m \in msgsPropose[r]: m.src /= p
+    /\ \/ step[p] \in {"PREVOTE", "PRECOMMIT", "DECIDED"}
+       \/ \A m \in msgsPrevote[r]: m.src /= p
+    /\ \/ step[p] \in {"PRECOMMIT", "DECIDED"}
+       \/ \A m \in msgsPrecommit[r]: m.src /= p
+          
+\* the correct processes never send future messages
+AllNoFutureMessagesSent ==
+  \A p \in Corr:
+    /\ NoFutureMessagesForCurrentRound(p)                 
+    /\ NoFutureMessagesForLargerRounds(p)
+
+\* a correct process in the PREVOTE state has sent a PREVOTE message
+IfInPrevoteThenSentPrevote(p) ==
+  step[p] = "PREVOTE" =>
+    \E m \in msgsPrevote[round[p]]:
+      /\ m.id \in ValidValues \cup { NilValue }
+      /\ m.src = p
+      
+AllIfInPrevoteThenSentPrevote ==
+  \A p \in Corr: IfInPrevoteThenSentPrevote(p)      
+
+\* a correct process in the PRECOMMIT state has sent a PRECOMMIT message
+IfInPrecommitThenSentPrecommit(p) ==
+  step[p] = "PRECOMMIT" =>
+    \E m \in msgsPrecommit[round[p]]:
+      /\ m.id \in ValidValues \cup { NilValue }
+      /\ m.src = p
+      
+AllIfInPrecommitThenSentPrecommit ==
+  \A p \in Corr: IfInPrecommitThenSentPrecommit(p)      
+
+\* a process in the PRECOMMIT state has sent a PRECOMMIT message
+IfInDecidedThenValidDecision(p) ==
+  step[p] = "DECIDED" <=> decision[p] \in ValidValues
+  
+AllIfInDecidedThenValidDecision ==
+  \A p \in Corr: IfInDecidedThenValidDecision(p)  
+
+\* a decided process should have received a proposal on its decision
+IfInDecidedThenReceivedProposal(p) ==
+  step[p] = "DECIDED" =>
+    \E r \in Rounds: \* r is not necessarily round[p]
+      /\ \E m \in msgsPropose[r]:
+          /\ m.src = Proposer[r]
+          /\ m.proposal = decision[p]
+          \* not inductive: /\ m.src \in Corr => (m.validRound <= r)
+          
+AllIfInDecidedThenReceivedProposal ==
+  \A p \in Corr: IfInDecidedThenReceivedProposal(p)          
+
+\* a decided process has received two-thirds of precommit messages
+IfInDecidedThenReceivedTwoThirds(p) ==
+  step[p] = "DECIDED" =>
+    \E r \in Rounds:
+      LET PV == { m \in msgsPrecommit[r]: m.id = decision[p] } IN
+        Cardinality(PV) >= THRESHOLD2
+        
+AllIfInDecidedThenReceivedTwoThirds ==
+  \A p \in Corr: IfInDecidedThenReceivedTwoThirds(p)        
+
+\* for a round r, there is proposal by the round proposer for a valid round vr
+ProposalInRound(r, proposedVal, vr) ==
+  \E m \in msgsPropose[r]:
+    /\ m.src = Proposer[r]
+    /\ m.proposal = proposedVal
+    /\ m.validRound = vr
+
+TwoThirdsPrevotes(vr, v) ==
+  LET PV == { mm \in msgsPrevote[vr]: mm.id = v } IN
+  Cardinality(PV) >= THRESHOLD2
+
+\* if a process sends a PREVOTE, then there are three possibilities:
+\* 1) the process is faulty, 2) the PREVOTE cotains Nil,
+\* 3) there is a proposal in an earlier (valid) round and two thirds of PREVOTES
+IfSentPrevoteThenReceivedProposalOrTwoThirds(r) ==
+  \A mpv \in msgsPrevote[r]:
+    \/ mpv.src \in Faulty
+      \* lockedRound and lockedValue is beyond my comprehension
+    \/ mpv.id = NilValue
+    \//\ mpv.src \in Corr
+      /\ mpv.id /= NilValue
+      /\ \/ ProposalInRound(r, mpv.id, NilRound)
+         \/ \E vr \in { rr \in Rounds: rr < r }:
+            /\ ProposalInRound(r, mpv.id, vr)
+            /\ TwoThirdsPrevotes(vr, mpv.id)
+
+AllIfSentPrevoteThenReceivedProposalOrTwoThirds ==
+  \A r \in Rounds:
+    IfSentPrevoteThenReceivedProposalOrTwoThirds(r)
+
+\* if a correct process has sent a PRECOMMIT, then there are two thirds,
+\* either on a valid value, or a nil value
+IfSentPrecommitThenReceivedTwoThirds ==
+  \A r \in Rounds:
+    \A mpc \in msgsPrecommit[r]:
+      \/ mpc.src \in Faulty
+      \/ /\ mpc.src \in Corr
+         /\ \/ /\ mpc.id \in ValidValues
+               /\ LET PV == { m \in msgsPrevote[r]: m.id = mpc.id } IN
+                  Cardinality(PV) >= THRESHOLD2
+            \/ /\ mpc.id = NilValue
+               /\ Cardinality(msgsPrevote[r]) >= THRESHOLD2
+
+\* there is a locked round if a only if there is a locked value
+LockedRoundIffLockedValue(p) ==
+  (lockedRound[p] = NilRound) <=> (lockedValue[p] = NilValue)
+  
+AllLockedRoundIffLockedValue ==
+  \A p \in Corr: LockedRoundIffLockedValue(p)
+            
+\* when a process locked a round, it should have seen a precommit on a locked value
+IfLockedRoundThenSentCommit(p) ==
+  lockedRound[p] /= NilRound
+    => \E r \in { rr \in Rounds: rr <= round[p] }:
+       \E m \in msgsPrecommit[r]:
+         m.src = p /\ m.id = lockedValue[p]
+         
+AllIfLockedRoundThenSentCommit ==
+  \A p \in Corr: IfLockedRoundThenSentCommit(p)
+         
+\* a process always locks the latest round, for which it has sent a PRECOMMIT
+LatestPrecommitHasLockedRound(p) ==
+  LET pPrecommits == {mm \in UNION { msgsPrecommit[r]: r \in Rounds }: mm.src = p } IN
+  pPrecommits /= {} <: {MT}
+    => LET latest ==
+         CHOOSE m \in pPrecommits:
+           \A m2 \in pPrecommits:
+             m2.round < m.round
+       IN
+       /\ lockedRound[p] = latest.round
+       /\ lockedValue[p] = latest.id
+       
+AllLatestPrecommitHasLockedRound ==
+  \A p \in Corr:
+    LatestPrecommitHasLockedRound(p)
+
+\* Every correct process sends only one value or NilValue.
+\* This test has quantifier alternation -- a threat to all decision procedures.
+\* Luckily, the sets Corr and ValidValues are small.
+NoEquivocationByCorrect(r, msgs) ==
+  \A p \in Corr:
+    \E v \in ValidValues \union {NilValue}:
+      \A m \in msgs[r]:
+        \/ m.src /= p
+        \/ m.id = v
+
+\* a proposer nevers sends two values
+ProposalsByProposer(r, msgs) ==
+  \* if the proposer is not faulty, it sends only one value
+  \E v \in ValidValues:
+    \A m \in msgs[r]:
+      \/ m.src \in Faulty
+      \/ m.src = Proposer[r] /\ m.proposal = v
+    
+AllNoEquivocationByCorrect ==
+  \A r \in Rounds:
+    /\ ProposalsByProposer(r, msgsPropose)    
+    /\ NoEquivocationByCorrect(r, msgsPrevote)    
+    /\ NoEquivocationByCorrect(r, msgsPrecommit)    
+
+\* construct the set of the message senders
+Senders(M) == { m.src: m \in M }
+
+\* The final piece by Josef Widder:
+\* if T + 1 processes precommit on the same value in a round,
+\* then in the future rounds there are less than 2T + 1 prevotes for another value
+PrecommitsLockValue ==
+  \A r \in Rounds:
+    \A v \in ValidValues \union {NilValue}:
+      \/ Cardinality(Senders({m \in msgsPrecommit[r]: m.id = v})) < THRESHOLD1
+      \/ \A fr \in { rr \in Rounds: rr > r }:  \* future rounds
+           \A w \in (ValuesOrNil) \ {v}:
+            Cardinality(Senders({m \in msgsPrevote[fr]: m.id = w})) < THRESHOLD2
+    
+\* a combination of all lemmas
+Inv ==
+    /\ AllNoFutureMessagesSent
+    /\ AllIfInPrevoteThenSentPrevote
+    /\ AllIfInPrecommitThenSentPrecommit
+    /\ AllIfInDecidedThenReceivedProposal 
+    /\ AllIfInDecidedThenReceivedTwoThirds 
+    /\ AllIfInDecidedThenValidDecision
+    /\ AllLockedRoundIffLockedValue
+    /\ AllIfLockedRoundThenSentCommit
+    /\ AllLatestPrecommitHasLockedRound
+    /\ AllIfSentPrevoteThenReceivedProposalOrTwoThirds
+    /\ IfSentPrecommitThenReceivedTwoThirds
+    /\ AllNoEquivocationByCorrect
+    /\ PrecommitsLockValue
+
+\* this is the inductive invariant we like to check
+TypedInv == TypeOK /\ Inv    
+       
+\* UNUSED FOR SAFETY
+ValidRoundNotSmallerThanLockedRound(p) ==
+  validRound[p] >= lockedRound[p]
+
+\* UNUSED FOR SAFETY
+ValidRoundIffValidValue(p) ==
+  (validRound[p] = NilRound) <=> (validValue[p] = NilValue)
+
+\* UNUSED FOR SAFETY
+AllValidRoundIffValidValue ==
+  \A p \in Corr: ValidRoundIffValidValue(p)
+
+\* if validRound is defined, then there are two-thirds of PREVOTEs
+IfValidRoundThenTwoThirds(p) ==
+  \/ validRound[p] = NilRound
+  \/ LET PV == { m \in msgsPrevote[validRound[p]]: m.id = validValue[p] } IN
+     Cardinality(PV) >= THRESHOLD2
+     
+\* UNUSED FOR SAFETY
+AllIfValidRoundThenTwoThirds ==
+  \A p \in Corr: IfValidRoundThenTwoThirds(p)     
+
+\* a valid round can be only set to a valid value that was proposed earlier
+IfValidRoundThenProposal(p) ==
+  \/ validRound[p] = NilRound
+  \/ \E m \in msgsPropose[validRound[p]]:
+       m.proposal = validValue[p]
+
+\* UNUSED FOR SAFETY
+AllIfValidRoundThenProposal ==
+  \A p \in Corr: IfValidRoundThenProposal(p)
+
+(******************************** THEOREMS ***************************************)
+(* Under this condition, the faulty processes can decide alone *)
+FaultyQuorum == Cardinality(Faulty) >= THRESHOLD2
+
+(* The standard condition of the Tendermint security model *)
+LessThanThirdFaulty == N > 3 * T /\ Cardinality(Faulty) <= T
+
+(*
+ TypedInv is an inductive invariant, provided that there is no faulty quorum.
+ We run Apalache to prove this theorem only for fixed instances of 4 to 10 processes.
+ (We run Apalache manually, as it does not parse theorem statements at the moment.)
+ To get a parameterized argument, one has to use a theorem prover, e.g., TLAPS.
+ *)
+THEOREM TypedInvIsInductive ==
+    \/ FaultyQuorum \* if there are 2 * T + 1 faulty processes, we give up
+    \//\ Init => TypedInv
+      /\ TypedInv /\ [Next]_vars => TypedInv'
+
+(*
+ There should be no fork, when there are less than 1/3 faulty processes.
+ *)
+THEOREM AgreementWhenLessThanThirdFaulty ==
+    LessThanThirdFaulty /\ TypedInv => Agreement
+
+(*
+ In a more general case, when there are less than 2/3 faulty processes,
+ there is either no fork, or two scenarios exist:
+ equivocation by Amnesic, or amnesia by Amnesic.
+ *)
+THEOREM AgreementOrFork ==
+    ~FaultyQuorum /\ TypedInv => AgreementOrEquivocationOrAmnesia
+
+=============================================================================    
+ 
diff --git a/docs/spec/tendermint-fork-cases/apalache.properties b/docs/spec/tendermint-fork-cases/apalache.properties
new file mode 100644
index 000000000..83a7e2627
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/apalache.properties
@@ -0,0 +1,11 @@
+search.idle.timeout=60
+search.split.timeout.minimum=3600
+search.split.timeout.factor=2000
+#search.split.timeout.minimum=30
+#search.split.timeout.factor=130
+#search.split.timeout.minimum=600
+#search.split.timeout.factor=170
+#f=(8|9|10)
+#search.transitionFilter=0,${f},${f},${f},${f},${f},${f},${f},${f},${f},2,0,(3|5),7,0,(3|5),7
+#search.invariantFilter=16
+#search.transitionFilter=0,[^5],[^5],[^5],[^5],[^5],[^5],[^5],[^5],[^5],[^5],5
diff --git a/docs/spec/tendermint-fork-cases/counterexample-vc0-w1.tla b/docs/spec/tendermint-fork-cases/counterexample-vc0-w1.tla
new file mode 100644
index 000000000..76414d16b
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/counterexample-vc0-w1.tla
@@ -0,0 +1,4009 @@
+------------------------- MODULE Counterexample -------------------------
+
+\* Transition 0: State 0 to State 1:
+
+ConstInit == Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "f3"
+
+\* Transition 0: State 0 to State 1:
+
+State1 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "f3"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence = {}
+    /\ lockedRound = "c1" :> -1 @@ "c2" :> -1
+    /\ lockedValue = "c1" :> "None" @@ "c2" :> "None"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 0
+    /\ step = "c1" :> "PROPOSE" @@ "c2" :> "PROPOSE"
+    /\ validRound = "c1" :> -1 @@ "c2" :> -1
+    /\ validValue = "c1" :> "None" @@ "c2" :> "None"
+
+\* Transition 0: State 1 to State 2:
+
+State2 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "f3"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence
+      = {[proposal |-> "v1",
+        round |-> 0,
+        src |-> "f3",
+        type |-> "PROPOSAL",
+        validRound |-> -1]}
+    /\ lockedRound = "c1" :> -1 @@ "c2" :> -1
+    /\ lockedValue = "c1" :> "None" @@ "c2" :> "None"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 0
+    /\ step = "c1" :> "PROPOSE" @@ "c2" :> "PREVOTE"
+    /\ validRound = "c1" :> -1 @@ "c2" :> -1
+    /\ validValue = "c1" :> "None" @@ "c2" :> "None"
+
+\* Transition 5: State 2 to State 3:
+
+State3 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "f3"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence
+      = { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    /\ lockedRound = "c1" :> -1 @@ "c2" :> -1
+    /\ lockedValue = "c1" :> "None" @@ "c2" :> "None"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 2 @@ "c2" :> 0
+    /\ step = "c1" :> "PROPOSE" @@ "c2" :> "PREVOTE"
+    /\ validRound = "c1" :> -1 @@ "c2" :> -1
+    /\ validValue = "c1" :> "None" @@ "c2" :> "None"
+
+\* Transition 9: State 3 to State 4:
+
+State4 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "f3"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence
+      = { [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0] }
+    /\ lockedRound = "c1" :> -1 @@ "c2" :> 0
+    /\ lockedValue = "c1" :> "None" @@ "c2" :> "v1"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 2 @@ "c2" :> 0
+    /\ step = "c1" :> "PROPOSE" @@ "c2" :> "PRECOMMIT"
+    /\ validRound = "c1" :> -1 @@ "c2" :> 0
+    /\ validValue = "c1" :> "None" @@ "c2" :> "v1"
+
+\* Transition 0: State 4 to State 5:
+
+State5 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "f3"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence
+      = {[proposal |-> "v0",
+        round |-> 2,
+        src |-> "f3",
+        type |-> "PROPOSAL",
+        validRound |-> -1]}
+    /\ lockedRound = "c1" :> -1 @@ "c2" :> 0
+    /\ lockedValue = "c1" :> "None" @@ "c2" :> "v1"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "c1", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 2 @@ "c2" :> 0
+    /\ step = "c1" :> "PREVOTE" @@ "c2" :> "PRECOMMIT"
+    /\ validRound = "c1" :> -1 @@ "c2" :> 0
+    /\ validValue = "c1" :> "None" @@ "c2" :> "v1"
+
+\* Transition 5: State 5 to State 6:
+
+State6 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "f3"
+    /\ decision = "c1" :> "None" @@ "c2" :> "v1"
+    /\ evidence
+      = { [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1] }
+    /\ lockedRound = "c1" :> -1 @@ "c2" :> 0
+    /\ lockedValue = "c1" :> "None" @@ "c2" :> "v1"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "c1", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 2 @@ "c2" :> 0
+    /\ step = "c1" :> "PREVOTE" @@ "c2" :> "DECIDED"
+    /\ validRound = "c1" :> -1 @@ "c2" :> 0
+    /\ validValue = "c1" :> "None" @@ "c2" :> "v1"
+
+\* Transition 7: State 6 to State 7:
+
+State7 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "f3"
+    /\ decision = "c1" :> "None" @@ "c2" :> "v1"
+    /\ evidence
+      = { [id |-> "v0", round |-> 2, src |-> "c1", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1] }
+    /\ lockedRound = "c1" :> 2 @@ "c2" :> 0
+    /\ lockedValue = "c1" :> "v0" @@ "c2" :> "v1"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "c1", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "c1", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 2 @@ "c2" :> 0
+    /\ step = "c1" :> "PRECOMMIT" @@ "c2" :> "DECIDED"
+    /\ validRound = "c1" :> 2 @@ "c2" :> 0
+    /\ validValue = "c1" :> "v0" @@ "c2" :> "v1"
+
+\* Transition 0: State 7 to State 8:
+
+State8 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "f3"
+    /\ decision = "c1" :> "None" @@ "c2" :> "v1"
+    /\ evidence
+      = { [id |-> "v0", round |-> 2, src |-> "c1", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1] }
+    /\ lockedRound = "c1" :> 2 @@ "c2" :> 0
+    /\ lockedValue = "c1" :> "v0" @@ "c2" :> "v1"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "c1", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "c1", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 2 @@ "c2" :> 0
+    /\ step = "c1" :> "PRECOMMIT" @@ "c2" :> "DECIDED"
+    /\ validRound = "c1" :> 2 @@ "c2" :> 0
+    /\ validValue = "c1" :> "v0" @@ "c2" :> "v1"
+
+\* Transition 2: State 8 to State 9:
+
+State9 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "f3"
+    /\ decision = "c1" :> "v0" @@ "c2" :> "v1"
+    /\ evidence
+      = { [id |-> "v0", round |-> 2, src |-> "c1", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    /\ lockedRound = "c1" :> 2 @@ "c2" :> 0
+    /\ lockedValue = "c1" :> "v0" @@ "c2" :> "v1"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "c1", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "c1", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 2 @@ "c2" :> 0
+    /\ step = "c1" :> "DECIDED" @@ "c2" :> "DECIDED"
+    /\ validRound = "c1" :> 2 @@ "c2" :> 0
+    /\ validValue = "c1" :> "v0" @@ "c2" :> "v1"
+
+(* The following formula holds true in State9 and violates the invariant *)
+InvariantViolation ==
+  BMC!Skolem((\E p$20 \in { "c1", "c2" }:
+    BMC!Skolem((\E q$2 \in { "c1", "c2" }:
+      ~(decision[p$20] = "None")
+        /\ ~(decision[q$2] = "None")
+        /\ ~(decision[p$20] = decision[q$2])))))
+================================================================================
+\* Created Tue Mar 10 18:32:04 CET 2020 by Apalache
+\* https://github.com/konnov/apalache
diff --git a/docs/spec/tendermint-fork-cases/counterexample-vc0-w2.tla b/docs/spec/tendermint-fork-cases/counterexample-vc0-w2.tla
new file mode 100644
index 000000000..3f5666bd2
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/counterexample-vc0-w2.tla
@@ -0,0 +1,3576 @@
+------------------------- MODULE Counterexample -------------------------
+
+\* Transition 0: State 0 to State 1:
+
+ConstInit == Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "c1"
+
+\* Transition 0: State 0 to State 1:
+
+State1 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "c1"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence = {}
+    /\ lockedRound = "c1" :> -1 @@ "c2" :> -1
+    /\ lockedValue = "c1" :> "None" @@ "c2" :> "None"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 0
+    /\ step = "c1" :> "PROPOSE" @@ "c2" :> "PROPOSE"
+    /\ validRound = "c1" :> -1 @@ "c2" :> -1
+    /\ validValue = "c1" :> "None" @@ "c2" :> "None"
+
+\* Transition 0: State 1 to State 2:
+
+State2 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "c1"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence
+      = { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    /\ lockedRound = "c1" :> -1 @@ "c2" :> -1
+    /\ lockedValue = "c1" :> "None" @@ "c2" :> "None"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 1
+    /\ step = "c1" :> "PROPOSE" @@ "c2" :> "PROPOSE"
+    /\ validRound = "c1" :> -1 @@ "c2" :> -1
+    /\ validValue = "c1" :> "None" @@ "c2" :> "None"
+
+\* Transition 9: State 2 to State 3:
+
+State3 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "c1"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence
+      = {[proposal |-> "v1",
+        round |-> 0,
+        src |-> "f3",
+        type |-> "PROPOSAL",
+        validRound |-> -1]}
+    /\ lockedRound = "c1" :> -1 @@ "c2" :> -1
+    /\ lockedValue = "c1" :> "None" @@ "c2" :> "None"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 1
+    /\ step = "c1" :> "PREVOTE" @@ "c2" :> "PROPOSE"
+    /\ validRound = "c1" :> -1 @@ "c2" :> -1
+    /\ validValue = "c1" :> "None" @@ "c2" :> "None"
+
+\* Transition 5: State 3 to State 4:
+
+State4 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "c1"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence
+      = { [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    /\ lockedRound = "c1" :> 0 @@ "c2" :> -1
+    /\ lockedValue = "c1" :> "v1" @@ "c2" :> "None"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 1
+    /\ step = "c1" :> "PRECOMMIT" @@ "c2" :> "PROPOSE"
+    /\ validRound = "c1" :> 0 @@ "c2" :> -1
+    /\ validValue = "c1" :> "v1" @@ "c2" :> "None"
+
+\* Transition 0: State 4 to State 5:
+
+State5 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "c1"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence
+      = {[proposal |-> "v0",
+        round |-> 1,
+        src |-> "f3",
+        type |-> "PROPOSAL",
+        validRound |-> -1]}
+    /\ lockedRound = "c1" :> 0 @@ "c2" :> -1
+    /\ lockedValue = "c1" :> "v1" @@ "c2" :> "None"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 1
+    /\ step = "c1" :> "PRECOMMIT" @@ "c2" :> "PREVOTE"
+    /\ validRound = "c1" :> 0 @@ "c2" :> -1
+    /\ validValue = "c1" :> "v1" @@ "c2" :> "None"
+
+\* Transition 5: State 5 to State 6:
+
+State6 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "c1"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence
+      = { [id |-> "v0", round |-> 1, src |-> "c2", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1] }
+    /\ lockedRound = "c1" :> 0 @@ "c2" :> 1
+    /\ lockedValue = "c1" :> "v1" @@ "c2" :> "v0"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "c2", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 1
+    /\ step = "c1" :> "PRECOMMIT" @@ "c2" :> "PRECOMMIT"
+    /\ validRound = "c1" :> 0 @@ "c2" :> 1
+    /\ validValue = "c1" :> "v1" @@ "c2" :> "v0"
+
+\* Transition 0: State 6 to State 7:
+
+State7 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "c1"
+    /\ decision = "c1" :> "None" @@ "c2" :> "v0"
+    /\ evidence
+      = { [id |-> "v0", round |-> 1, src |-> "c2", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    /\ lockedRound = "c1" :> 0 @@ "c2" :> 1
+    /\ lockedValue = "c1" :> "v1" @@ "c2" :> "v0"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "c2", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 1
+    /\ step = "c1" :> "PRECOMMIT" @@ "c2" :> "DECIDED"
+    /\ validRound = "c1" :> 0 @@ "c2" :> 1
+    /\ validValue = "c1" :> "v1" @@ "c2" :> "v0"
+
+\* Transition 7: State 7 to State 8:
+
+State8 ==
+  Proposer = 0 :> "f3" @@ 1 :> "f3" @@ 2 :> "c1"
+    /\ decision = "c1" :> "v1" @@ "c2" :> "v0"
+    /\ evidence
+      = { [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0] }
+    /\ lockedRound = "c1" :> 0 @@ "c2" :> 1
+    /\ lockedValue = "c1" :> "v1" @@ "c2" :> "v0"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "c2", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 1
+    /\ step = "c1" :> "DECIDED" @@ "c2" :> "DECIDED"
+    /\ validRound = "c1" :> 0 @@ "c2" :> 1
+    /\ validValue = "c1" :> "v1" @@ "c2" :> "v0"
+
+(* The following formula holds true in State8 and violates the invariant *)
+InvariantViolation ==
+  BMC!Skolem((\E p$20 \in { "c1", "c2" }:
+    BMC!Skolem((\E q$2 \in { "c1", "c2" }:
+      ~(decision[p$20] = "None")
+        /\ ~(decision[q$2] = "None")
+        /\ ~(decision[p$20] = decision[q$2])))))
+================================================================================
+\* Created Tue Mar 10 18:20:30 CET 2020 by Apalache
+\* https://github.com/konnov/apalache
diff --git a/docs/spec/tendermint-fork-cases/counterexample-vc0-w3.tla b/docs/spec/tendermint-fork-cases/counterexample-vc0-w3.tla
new file mode 100644
index 000000000..73761957b
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/counterexample-vc0-w3.tla
@@ -0,0 +1,3023 @@
+------------------------- MODULE Counterexample -------------------------
+
+\* Transition 0: State 0 to State 1:
+
+ConstInit == Proposer = 0 :> "f3" @@ 1 :> "c1" @@ 2 :> "f4"
+
+\* Transition 0: State 0 to State 1:
+
+State1 ==
+  Proposer = 0 :> "f3" @@ 1 :> "c1" @@ 2 :> "f4"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence = {}
+    /\ lockedRound = "c1" :> -1 @@ "c2" :> -1
+    /\ lockedValue = "c1" :> "None" @@ "c2" :> "None"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 0
+    /\ step = "c1" :> "PROPOSE" @@ "c2" :> "PROPOSE"
+    /\ validRound = "c1" :> -1 @@ "c2" :> -1
+    /\ validValue = "c1" :> "None" @@ "c2" :> "None"
+
+\* Transition 0: State 1 to State 2:
+
+State2 ==
+  Proposer = 0 :> "f3" @@ 1 :> "c1" @@ 2 :> "f4"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence
+      = {[proposal |-> "v0",
+        round |-> 0,
+        src |-> "f3",
+        type |-> "PROPOSAL",
+        validRound |-> -1]}
+    /\ lockedRound = "c1" :> -1 @@ "c2" :> -1
+    /\ lockedValue = "c1" :> "None" @@ "c2" :> "None"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 0
+    /\ step = "c1" :> "PROPOSE" @@ "c2" :> "PREVOTE"
+    /\ validRound = "c1" :> -1 @@ "c2" :> -1
+    /\ validValue = "c1" :> "None" @@ "c2" :> "None"
+
+\* Transition 9: State 2 to State 3:
+
+State3 ==
+  Proposer = 0 :> "f3" @@ 1 :> "c1" @@ 2 :> "f4"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence
+      = { [id |-> "v0", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1] }
+    /\ lockedRound = "c1" :> -1 @@ "c2" :> 0
+    /\ lockedValue = "c1" :> "None" @@ "c2" :> "v0"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 0
+    /\ step = "c1" :> "PROPOSE" @@ "c2" :> "PRECOMMIT"
+    /\ validRound = "c1" :> -1 @@ "c2" :> 0
+    /\ validValue = "c1" :> "None" @@ "c2" :> "v0"
+
+\* Transition 2: State 3 to State 4:
+
+State4 ==
+  Proposer = 0 :> "f3" @@ 1 :> "c1" @@ 2 :> "f4"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence
+      = {[proposal |-> "v1",
+        round |-> 0,
+        src |-> "f3",
+        type |-> "PROPOSAL",
+        validRound |-> -1]}
+    /\ lockedRound = "c1" :> -1 @@ "c2" :> 0
+    /\ lockedValue = "c1" :> "None" @@ "c2" :> "v0"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 0
+    /\ step = "c1" :> "PREVOTE" @@ "c2" :> "PRECOMMIT"
+    /\ validRound = "c1" :> -1 @@ "c2" :> 0
+    /\ validValue = "c1" :> "None" @@ "c2" :> "v0"
+
+\* Transition 9: State 4 to State 5:
+
+State5 ==
+  Proposer = 0 :> "f3" @@ 1 :> "c1" @@ 2 :> "f4"
+    /\ decision = "c1" :> "None" @@ "c2" :> "None"
+    /\ evidence
+      = { [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1] }
+    /\ lockedRound = "c1" :> 0 @@ "c2" :> 0
+    /\ lockedValue = "c1" :> "v1" @@ "c2" :> "v0"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 0
+    /\ step = "c1" :> "PRECOMMIT" @@ "c2" :> "PRECOMMIT"
+    /\ validRound = "c1" :> 0 @@ "c2" :> 0
+    /\ validValue = "c1" :> "v1" @@ "c2" :> "v0"
+
+\* Transition 2: State 5 to State 6:
+
+State6 ==
+  Proposer = 0 :> "f3" @@ 1 :> "c1" @@ 2 :> "f4"
+    /\ decision = "c1" :> "v1" @@ "c2" :> "None"
+    /\ evidence
+      = { [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0] }
+    /\ lockedRound = "c1" :> 0 @@ "c2" :> 0
+    /\ lockedValue = "c1" :> "v1" @@ "c2" :> "v0"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 0
+    /\ step = "c1" :> "DECIDED" @@ "c2" :> "PRECOMMIT"
+    /\ validRound = "c1" :> 0 @@ "c2" :> 0
+    /\ validValue = "c1" :> "v1" @@ "c2" :> "v0"
+
+\* Transition 8: State 6 to State 7:
+
+State7 ==
+  Proposer = 0 :> "f3" @@ 1 :> "c1" @@ 2 :> "f4"
+    /\ decision = "c1" :> "v1" @@ "c2" :> "v0"
+    /\ evidence
+      = { [id |-> "v0", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0] }
+    /\ lockedRound = "c1" :> 0 @@ "c2" :> 0
+    /\ lockedValue = "c1" :> "v1" @@ "c2" :> "v0"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0 @@ "c2" :> 0
+    /\ step = "c1" :> "DECIDED" @@ "c2" :> "DECIDED"
+    /\ validRound = "c1" :> 0 @@ "c2" :> 0
+    /\ validValue = "c1" :> "v1" @@ "c2" :> "v0"
+
+(* The following formula holds true in State7 and violates the invariant *)
+InvariantViolation ==
+  BMC!Skolem((\E p$20 \in { "c1", "c2" }:
+    BMC!Skolem((\E q$2 \in { "c1", "c2" }:
+      ~(decision[p$20] = "None")
+        /\ ~(decision[q$2] = "None")
+        /\ ~(decision[p$20] = decision[q$2])))))
+================================================================================
+\* Created Sat Mar 28 17:41:29 CET 2020 by Apalache
+\* https://github.com/konnov/apalache
diff --git a/docs/spec/tendermint-fork-cases/counterexample-vc31-w1.tla b/docs/spec/tendermint-fork-cases/counterexample-vc31-w1.tla
new file mode 100644
index 000000000..8331cac17
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/counterexample-vc31-w1.tla
@@ -0,0 +1,651 @@
+------------------------- MODULE Counterexample -------------------------
+
+\* Transition 0: State 0 to State 1:
+
+ConstInit == Proposer = 0 :> "a3" @@ 1 :> "f4" @@ 2 :> "c1"
+
+\* Transition 0: State 0 to State 1:
+
+State1 ==
+  Proposer = 0 :> "a3" @@ 1 :> "f4" @@ 2 :> "c1"
+    /\ decision = "c1" :> "None"
+    /\ evidence = {}
+    /\ lockedRound = "c1" :> -1
+    /\ lockedValue = "c1" :> "None"
+    /\ msgsPrecommit
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "a2", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "a3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "a2", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "a3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "a2", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "a3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "a2", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "a3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "a2", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "a3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "a2", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "a3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "a2", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "a3", type |-> "PRECOMMIT"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "a2", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "a3", type |-> "PRECOMMIT"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "a2", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "a3", type |-> "PRECOMMIT"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+    /\ msgsPrevote
+      = 0
+          :> { [id |-> "v0", round |-> 0, src |-> "a2", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "a3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "a2", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "a3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "a2", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "a3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 1
+          :> { [id |-> "v0", round |-> 1, src |-> "a2", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "a3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "a2", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "a3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "a2", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "a3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+        @@ 2
+          :> { [id |-> "v0", round |-> 2, src |-> "a2", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "a3", type |-> "PREVOTE"],
+            [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "a2", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "a3", type |-> "PREVOTE"],
+            [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "a2", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "a3", type |-> "PREVOTE"],
+            [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+    /\ msgsPropose
+      = 0
+          :> { [proposal |-> "v0",
+              round |-> 0,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 0,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 1
+          :> { [proposal |-> "v0",
+              round |-> 1,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 1,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+        @@ 2
+          :> { [proposal |-> "v0",
+              round |-> 2,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v0",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v1",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "a2",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "a3",
+              type |-> "PROPOSAL",
+              validRound |-> 2],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> -1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 0],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 1],
+            [proposal |-> "v2",
+              round |-> 2,
+              src |-> "f4",
+              type |-> "PROPOSAL",
+              validRound |-> 2] }
+    /\ round = "c1" :> 0
+    /\ step = "c1" :> "PROPOSE"
+    /\ validRound = "c1" :> -1
+    /\ validValue = "c1" :> "None"
+
+(* The following formula holds true in State1 and violates the invariant *)
+InvariantViolation ==
+  BMC!Skolem((\E r$40 \in 0 .. 2:
+    BMC!Skolem((\E v$14 \in { "v0", "v1" } \union {"None"}:
+      LET t_66 ==
+          {
+            m$53["src"]:
+              m$53 \in { m$54 \in msgsPrecommit[r$40]: m$54["id"] = v$14 }
+          }
+        IN
+        BMC!Skolem((\E t_64 \in t_66:
+          BMC!Skolem((\E t_65 \in t_66: ~(t_64 = t_65)))))
+        /\ BMC!Skolem((\E rr$13 \in 0 .. 2:
+          rr$13 > r$40
+            /\ BMC!Skolem((\E t_60$1 \in ({ "v0", "v1" } \union {"v2"})
+              \union {"None"}:
+              ~(t_60$1 \in {v$14})
+                /\ BMC!ConstCardinality((Cardinality({
+                  m$55["src"]:
+                    m$55 \in
+                      { m$56 \in msgsPrevote[rr$13]: m$56["id"] = t_60$1 }
+                })
+                  >= 3))))))))))
+================================================================================
+\* Created Sat Mar 21 11:30:17 CET 2020 by Apalache
+\* https://github.com/konnov/apalache
diff --git a/docs/spec/tendermint-fork-cases/counterexample.tla b/docs/spec/tendermint-fork-cases/counterexample.tla
new file mode 100644
index 000000000..88a0367f1
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/counterexample.tla
@@ -0,0 +1,3028 @@
+------------------------- MODULE counterexample -------------------------
+
+EXTENDS MC_n4_f2
+
+(* Initial state *)
+
+State1 ==
+/\ Proposer = 0 :> "f4" @@ 1 :> "c2" @@ 2 :> "c1"
+
+(* Transition 0 to State2 *)
+
+State2 ==
+/\ Proposer = 0 :> "f4" @@ 1 :> "c2" @@ 2 :> "c1"
+/\ decision = "c1" :> "None" @@ "c2" :> "None"
+/\ evidence = {}
+/\ lockedRound = "c1" :> -1 @@ "c2" :> -1
+/\ lockedValue = "c1" :> "None" @@ "c2" :> "None"
+/\ msgsPrecommit
+  = 0
+      :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+    @@ 1
+      :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+    @@ 2
+      :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+/\ msgsPrevote
+  = 0
+      :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+    @@ 1
+      :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+    @@ 2
+      :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+/\ msgsPropose
+  = 0
+      :> { [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    @@ 1
+      :> { [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    @@ 2
+      :> { [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+/\ round = "c1" :> 0 @@ "c2" :> 0
+/\ step = "c1" :> "PROPOSE" @@ "c2" :> "PROPOSE"
+/\ validRound = "c1" :> -1 @@ "c2" :> -1
+/\ validValue = "c1" :> "None" @@ "c2" :> "None"
+
+(* Transition 1 to State3 *)
+
+State3 ==
+/\ Proposer = 0 :> "f4" @@ 1 :> "c2" @@ 2 :> "c1"
+/\ decision = "c1" :> "None" @@ "c2" :> "None"
+/\ evidence
+  = {[proposal |-> "v0",
+    round |-> 0,
+    src |-> "f4",
+    type |-> "PROPOSAL",
+    validRound |-> -1]}
+/\ lockedRound = "c1" :> -1 @@ "c2" :> -1
+/\ lockedValue = "c1" :> "None" @@ "c2" :> "None"
+/\ msgsPrecommit
+  = 0
+      :> { [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+    @@ 1
+      :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+    @@ 2
+      :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+/\ msgsPrevote
+  = 0
+      :> { [id |-> "v0", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+    @@ 1
+      :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+    @@ 2
+      :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+/\ msgsPropose
+  = 0
+      :> { [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    @@ 1
+      :> { [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    @@ 2
+      :> { [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+/\ round = "c1" :> 0 @@ "c2" :> 0
+/\ step = "c1" :> "PREVOTE" @@ "c2" :> "PROPOSE"
+/\ validRound = "c1" :> -1 @@ "c2" :> -1
+/\ validValue = "c1" :> "None" @@ "c2" :> "None"
+
+(* Transition 5 to State4 *)
+
+State4 ==
+/\ Proposer = 0 :> "f4" @@ 1 :> "c2" @@ 2 :> "c1"
+/\ decision = "c1" :> "None" @@ "c2" :> "None"
+/\ evidence
+  = { [id |-> "v0", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+    [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+    [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+    [proposal |-> "v0",
+      round |-> 0,
+      src |-> "f4",
+      type |-> "PROPOSAL",
+      validRound |-> 0] }
+/\ lockedRound = "c1" :> 0 @@ "c2" :> -1
+/\ lockedValue = "c1" :> "v0" @@ "c2" :> "None"
+/\ msgsPrecommit
+  = 0
+      :> { [id |-> "v0", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+    @@ 1
+      :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+    @@ 2
+      :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+/\ msgsPrevote
+  = 0
+      :> { [id |-> "v0", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+    @@ 1
+      :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+    @@ 2
+      :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+/\ msgsPropose
+  = 0
+      :> { [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    @@ 1
+      :> { [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    @@ 2
+      :> { [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+/\ round = "c1" :> 0 @@ "c2" :> 0
+/\ step = "c1" :> "PRECOMMIT" @@ "c2" :> "PROPOSE"
+/\ validRound = "c1" :> 0 @@ "c2" :> -1
+/\ validValue = "c1" :> "v0" @@ "c2" :> "None"
+
+(* Transition 2 to State5 *)
+
+State5 ==
+/\ Proposer = 0 :> "f4" @@ 1 :> "c2" @@ 2 :> "c1"
+/\ decision = "c1" :> "None" @@ "c2" :> "None"
+/\ evidence
+  = {[proposal |-> "v1",
+    round |-> 0,
+    src |-> "f4",
+    type |-> "PROPOSAL",
+    validRound |-> -1]}
+/\ lockedRound = "c1" :> 0 @@ "c2" :> -1
+/\ lockedValue = "c1" :> "v0" @@ "c2" :> "None"
+/\ msgsPrecommit
+  = 0
+      :> { [id |-> "v0", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+    @@ 1
+      :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+    @@ 2
+      :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+/\ msgsPrevote
+  = 0
+      :> { [id |-> "v0", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+    @@ 1
+      :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+    @@ 2
+      :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+/\ msgsPropose
+  = 0
+      :> { [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    @@ 1
+      :> { [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    @@ 2
+      :> { [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+/\ round = "c1" :> 0 @@ "c2" :> 0
+/\ step = "c1" :> "PRECOMMIT" @@ "c2" :> "PREVOTE"
+/\ validRound = "c1" :> 0 @@ "c2" :> -1
+/\ validValue = "c1" :> "v0" @@ "c2" :> "None"
+
+(* Transition 7 to State6 *)
+
+State6 ==
+/\ Proposer = 0 :> "f4" @@ 1 :> "c2" @@ 2 :> "c1"
+/\ decision = "c1" :> "None" @@ "c2" :> "None"
+/\ evidence
+  = { [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+    [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+    [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+    [proposal |-> "v1",
+      round |-> 0,
+      src |-> "f4",
+      type |-> "PROPOSAL",
+      validRound |-> 0] }
+/\ lockedRound = "c1" :> 0 @@ "c2" :> 0
+/\ lockedValue = "c1" :> "v0" @@ "c2" :> "v1"
+/\ msgsPrecommit
+  = 0
+      :> { [id |-> "v0", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+    @@ 1
+      :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+    @@ 2
+      :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+/\ msgsPrevote
+  = 0
+      :> { [id |-> "v0", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+    @@ 1
+      :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+    @@ 2
+      :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+/\ msgsPropose
+  = 0
+      :> { [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    @@ 1
+      :> { [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    @@ 2
+      :> { [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+/\ round = "c1" :> 0 @@ "c2" :> 0
+/\ step = "c1" :> "PRECOMMIT" @@ "c2" :> "PRECOMMIT"
+/\ validRound = "c1" :> 0 @@ "c2" :> 0
+/\ validValue = "c1" :> "v0" @@ "c2" :> "v1"
+
+(* Transition 8 to State7 *)
+
+State7 ==
+/\ Proposer = 0 :> "f4" @@ 1 :> "c2" @@ 2 :> "c1"
+/\ decision = "c1" :> "v1" @@ "c2" :> "None"
+/\ evidence
+  = { [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+    [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+    [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+    [proposal |-> "v1",
+      round |-> 0,
+      src |-> "f4",
+      type |-> "PROPOSAL",
+      validRound |-> 0] }
+/\ lockedRound = "c1" :> 0 @@ "c2" :> 0
+/\ lockedValue = "c1" :> "v0" @@ "c2" :> "v1"
+/\ msgsPrecommit
+  = 0
+      :> { [id |-> "v0", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+    @@ 1
+      :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+    @@ 2
+      :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+/\ msgsPrevote
+  = 0
+      :> { [id |-> "v0", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+    @@ 1
+      :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+    @@ 2
+      :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+/\ msgsPropose
+  = 0
+      :> { [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    @@ 1
+      :> { [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    @@ 2
+      :> { [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+/\ round = "c1" :> 0 @@ "c2" :> 0
+/\ step = "c1" :> "DECIDED" @@ "c2" :> "PRECOMMIT"
+/\ validRound = "c1" :> 0 @@ "c2" :> 0
+/\ validValue = "c1" :> "v0" @@ "c2" :> "v1"
+
+(* Transition 9 to State8 *)
+
+State8 ==
+/\ Proposer = 0 :> "f4" @@ 1 :> "c2" @@ 2 :> "c1"
+/\ decision = "c1" :> "v1" @@ "c2" :> "v0"
+/\ evidence
+  = { [id |-> "v0", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+    [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+    [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+    [proposal |-> "v0",
+      round |-> 0,
+      src |-> "f4",
+      type |-> "PROPOSAL",
+      validRound |-> 0] }
+/\ lockedRound = "c1" :> 0 @@ "c2" :> 0
+/\ lockedValue = "c1" :> "v0" @@ "c2" :> "v1"
+/\ msgsPrecommit
+  = 0
+      :> { [id |-> "v0", round |-> 0, src |-> "c1", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PRECOMMIT"] }
+    @@ 1
+      :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PRECOMMIT"] }
+    @@ 2
+      :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PRECOMMIT"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PRECOMMIT"] }
+/\ msgsPrevote
+  = 0
+      :> { [id |-> "v0", round |-> 0, src |-> "c1", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "c2", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 0, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 0, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 0, src |-> "f4", type |-> "PREVOTE"] }
+    @@ 1
+      :> { [id |-> "v0", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 1, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 1, src |-> "f4", type |-> "PREVOTE"] }
+    @@ 2
+      :> { [id |-> "v0", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v0", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v1", round |-> 2, src |-> "f4", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f3", type |-> "PREVOTE"],
+        [id |-> "v2", round |-> 2, src |-> "f4", type |-> "PREVOTE"] }
+/\ msgsPropose
+  = 0
+      :> { [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 0,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    @@ 1
+      :> { [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 1,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+    @@ 2
+      :> { [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v0",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v1",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f3",
+          type |-> "PROPOSAL",
+          validRound |-> 2],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> -1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 0],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 1],
+        [proposal |-> "v2",
+          round |-> 2,
+          src |-> "f4",
+          type |-> "PROPOSAL",
+          validRound |-> 2] }
+/\ round = "c1" :> 0 @@ "c2" :> 0
+/\ step = "c1" :> "DECIDED" @@ "c2" :> "DECIDED"
+/\ validRound = "c1" :> 0 @@ "c2" :> 0
+/\ validValue = "c1" :> "v0" @@ "c2" :> "v1"
+
+(* The following formula holds true in the last state and violates the invariant *)
+
+InvariantViolation ==
+  BMC!Skolem((\E p$20 \in { "c1", "c2" }:
+    BMC!Skolem((\E q$2 \in { "c1", "c2" }:
+      ~(decision[p$20] = "None")
+        /\ ~(decision[q$2] = "None")
+        /\ ~(decision[p$20] = decision[q$2])))))
+
+================================================================================
+\* Created by Apalache on Sat Mar 28 16:57:25 CET 2020
+\* https://github.com/konnov/apalache
diff --git a/docs/spec/tendermint-fork-cases/results/001indinv-apalache-card.csv b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-card.csv
new file mode 100644
index 000000000..9af2d80d7
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-card.csv
@@ -0,0 +1,31 @@
+01:no,02:tool,03:status,04:time_sec,05:depth,05:mem_kb,10:ninit_trans,11:ninit_trans,12:ncells,13:nclauses,14:navg_clause_len
+1,apalache,NoError,757,1,6689920,0,0,255850,2916339,20
+2,apalache,NoError,715,1,7178440,0,0,241134,2878496,21
+3,apalache,NoError,580,1,7177956,0,0,227772,2854964,21
+4,apalache,NoError,1492,1,10086952,0,0,346159,4446361,21
+5,apalache,NoError,1258,1,10645452,0,0,329305,4393688,21
+6,apalache,NoError,3344,1,13707364,0,0,560069,9236533,20
+7,apalache,NoError,3288,1,13834196,0,0,531012,9216485,21
+8,apalache,NoError,2927,1,13611468,0,0,508797,9012976,21
+9,apalache,NoError,11050,1,17577780,0,0,1002795,20568977,20
+10,apalache,NoError,9356,1,17517792,0,0,940114,20062564,20
+11,apalache,NoError,286,0,4137892,0,0,148963,2161260,17
+12,apalache,NoError,849,0,17076088,0,0,2789102,8311118,10
+13,apalache,NoError,1435,0,23125812,0,0,6317013,16529247,10
+14,apalache,NoError,468,0,5417264,0,0,212357,3324811,17
+15,apalache,NoError,1397,0,21924168,0,0,4326480,12872129,10
+16,apalache,NoError,1242,0,9435876,0,0,374517,7397022,16
+17,apalache,Fail,2612,0,27951008,0,0,172254,3647560,17
+18,apalache,Fail,2625,0,28354920,0,0,160287,3600511,17
+19,apalache,NoError,3172,0,16896056,0,0,734069,17072460,16
+20,apalache,Fail,3873,0,30181108,0,0,341439,8450107,16
+21,apalache,NoError,12,0,594592,0,0,5622,33845,23
+22,apalache,NoError,17,0,860608,0,0,9690,68116,23
+23,apalache,NoError,25,0,1062868,0,0,12757,104964,22
+24,apalache,NoError,13,0,766340,0,0,5784,36940,25
+25,apalache,NoError,20,0,810136,0,0,9852,73824,25
+26,apalache,NoError,24,0,1034140,0,0,10220,85339,28
+27,apalache,NoError,33,0,1105020,0,0,14267,131054,28
+28,apalache,NoError,44,0,1365304,0,0,18352,180731,27
+29,apalache,NoError,45,0,1349440,0,0,14797,155936,32
+30,apalache,NoError,55,0,1755904,0,0,18844,213416,31
diff --git a/docs/spec/tendermint-fork-cases/results/001indinv-apalache-mem-log.svg b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-mem-log.svg
new file mode 100644
index 000000000..9864b562d
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-mem-log.svg
@@ -0,0 +1,1285 @@
+<?xml version="1.0" encoding="utf-8" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"
+  "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<!-- Created with matplotlib (http://matplotlib.org/) -->
+<svg height="345pt" version="1.1" viewBox="0 0 460 345" width="460pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+ <defs>
+  <style type="text/css">
+*{stroke-linecap:butt;stroke-linejoin:round;}
+  </style>
+ </defs>
+ <g id="figure_1">
+  <g id="patch_1">
+   <path d="M 0 345.6 
+L 460.8 345.6 
+L 460.8 0 
+L 0 0 
+z
+" style="fill:#ffffff;"/>
+  </g>
+  <g id="axes_1">
+   <g id="patch_2">
+    <path d="M 57.6 307.584 
+L 414.72 307.584 
+L 414.72 41.472 
+L 57.6 41.472 
+z
+" style="fill:#ffffff;"/>
+   </g>
+   <g id="matplotlib.axis_1">
+    <g id="xtick_1">
+     <g id="line2d_1">
+      <path clip-path="url(#pa3bcd5702b)" d="M 62.637743 307.584 
+L 62.637743 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_2">
+      <defs>
+       <path d="M 0 0 
+L 0 3.5 
+" id="m3cf5ae2b6e" style="stroke:#000000;stroke-width:0.8;"/>
+      </defs>
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="62.637743" xlink:href="#m3cf5ae2b6e" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_1">
+      <!-- 0 -->
+      <defs>
+       <path d="M 31.78125 66.40625 
+Q 24.171875 66.40625 20.328125 58.90625 
+Q 16.5 51.421875 16.5 36.375 
+Q 16.5 21.390625 20.328125 13.890625 
+Q 24.171875 6.390625 31.78125 6.390625 
+Q 39.453125 6.390625 43.28125 13.890625 
+Q 47.125 21.390625 47.125 36.375 
+Q 47.125 51.421875 43.28125 58.90625 
+Q 39.453125 66.40625 31.78125 66.40625 
+z
+M 31.78125 74.21875 
+Q 44.046875 74.21875 50.515625 64.515625 
+Q 56.984375 54.828125 56.984375 36.375 
+Q 56.984375 17.96875 50.515625 8.265625 
+Q 44.046875 -1.421875 31.78125 -1.421875 
+Q 19.53125 -1.421875 13.0625 8.265625 
+Q 6.59375 17.96875 6.59375 36.375 
+Q 6.59375 54.828125 13.0625 64.515625 
+Q 19.53125 74.21875 31.78125 74.21875 
+z
+" id="DejaVuSans-30"/>
+      </defs>
+      <g transform="translate(59.456493 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_2">
+     <g id="line2d_3">
+      <path clip-path="url(#pa3bcd5702b)" d="M 118.612665 307.584 
+L 118.612665 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_4">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="118.612665" xlink:href="#m3cf5ae2b6e" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_2">
+      <!-- 5 -->
+      <defs>
+       <path d="M 10.796875 72.90625 
+L 49.515625 72.90625 
+L 49.515625 64.59375 
+L 19.828125 64.59375 
+L 19.828125 46.734375 
+Q 21.96875 47.46875 24.109375 47.828125 
+Q 26.265625 48.1875 28.421875 48.1875 
+Q 40.625 48.1875 47.75 41.5 
+Q 54.890625 34.8125 54.890625 23.390625 
+Q 54.890625 11.625 47.5625 5.09375 
+Q 40.234375 -1.421875 26.90625 -1.421875 
+Q 22.3125 -1.421875 17.546875 -0.640625 
+Q 12.796875 0.140625 7.71875 1.703125 
+L 7.71875 11.625 
+Q 12.109375 9.234375 16.796875 8.0625 
+Q 21.484375 6.890625 26.703125 6.890625 
+Q 35.15625 6.890625 40.078125 11.328125 
+Q 45.015625 15.765625 45.015625 23.390625 
+Q 45.015625 31 40.078125 35.4375 
+Q 35.15625 39.890625 26.703125 39.890625 
+Q 22.75 39.890625 18.8125 39.015625 
+Q 14.890625 38.140625 10.796875 36.28125 
+z
+" id="DejaVuSans-35"/>
+      </defs>
+      <g transform="translate(115.431415 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_3">
+     <g id="line2d_5">
+      <path clip-path="url(#pa3bcd5702b)" d="M 174.587586 307.584 
+L 174.587586 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_6">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="174.587586" xlink:href="#m3cf5ae2b6e" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_3">
+      <!-- 10 -->
+      <defs>
+       <path d="M 12.40625 8.296875 
+L 28.515625 8.296875 
+L 28.515625 63.921875 
+L 10.984375 60.40625 
+L 10.984375 69.390625 
+L 28.421875 72.90625 
+L 38.28125 72.90625 
+L 38.28125 8.296875 
+L 54.390625 8.296875 
+L 54.390625 0 
+L 12.40625 0 
+z
+" id="DejaVuSans-31"/>
+      </defs>
+      <g transform="translate(168.225086 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_4">
+     <g id="line2d_7">
+      <path clip-path="url(#pa3bcd5702b)" d="M 230.562508 307.584 
+L 230.562508 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_8">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="230.562508" xlink:href="#m3cf5ae2b6e" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_4">
+      <!-- 15 -->
+      <g transform="translate(224.200008 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_5">
+     <g id="line2d_9">
+      <path clip-path="url(#pa3bcd5702b)" d="M 286.537429 307.584 
+L 286.537429 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_10">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="286.537429" xlink:href="#m3cf5ae2b6e" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_5">
+      <!-- 20 -->
+      <defs>
+       <path d="M 19.1875 8.296875 
+L 53.609375 8.296875 
+L 53.609375 0 
+L 7.328125 0 
+L 7.328125 8.296875 
+Q 12.9375 14.109375 22.625 23.890625 
+Q 32.328125 33.6875 34.8125 36.53125 
+Q 39.546875 41.84375 41.421875 45.53125 
+Q 43.3125 49.21875 43.3125 52.78125 
+Q 43.3125 58.59375 39.234375 62.25 
+Q 35.15625 65.921875 28.609375 65.921875 
+Q 23.96875 65.921875 18.8125 64.3125 
+Q 13.671875 62.703125 7.8125 59.421875 
+L 7.8125 69.390625 
+Q 13.765625 71.78125 18.9375 73 
+Q 24.125 74.21875 28.421875 74.21875 
+Q 39.75 74.21875 46.484375 68.546875 
+Q 53.21875 62.890625 53.21875 53.421875 
+Q 53.21875 48.921875 51.53125 44.890625 
+Q 49.859375 40.875 45.40625 35.40625 
+Q 44.1875 33.984375 37.640625 27.21875 
+Q 31.109375 20.453125 19.1875 8.296875 
+z
+" id="DejaVuSans-32"/>
+      </defs>
+      <g transform="translate(280.174929 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_6">
+     <g id="line2d_11">
+      <path clip-path="url(#pa3bcd5702b)" d="M 342.512351 307.584 
+L 342.512351 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_12">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="342.512351" xlink:href="#m3cf5ae2b6e" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_6">
+      <!-- 25 -->
+      <g transform="translate(336.149851 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_7">
+     <g id="line2d_13">
+      <path clip-path="url(#pa3bcd5702b)" d="M 398.487273 307.584 
+L 398.487273 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_14">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="398.487273" xlink:href="#m3cf5ae2b6e" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_7">
+      <!-- 30 -->
+      <defs>
+       <path d="M 40.578125 39.3125 
+Q 47.65625 37.796875 51.625 33 
+Q 55.609375 28.21875 55.609375 21.1875 
+Q 55.609375 10.40625 48.1875 4.484375 
+Q 40.765625 -1.421875 27.09375 -1.421875 
+Q 22.515625 -1.421875 17.65625 -0.515625 
+Q 12.796875 0.390625 7.625 2.203125 
+L 7.625 11.71875 
+Q 11.71875 9.328125 16.59375 8.109375 
+Q 21.484375 6.890625 26.8125 6.890625 
+Q 36.078125 6.890625 40.9375 10.546875 
+Q 45.796875 14.203125 45.796875 21.1875 
+Q 45.796875 27.640625 41.28125 31.265625 
+Q 36.765625 34.90625 28.71875 34.90625 
+L 20.21875 34.90625 
+L 20.21875 43.015625 
+L 29.109375 43.015625 
+Q 36.375 43.015625 40.234375 45.921875 
+Q 44.09375 48.828125 44.09375 54.296875 
+Q 44.09375 59.90625 40.109375 62.90625 
+Q 36.140625 65.921875 28.71875 65.921875 
+Q 24.65625 65.921875 20.015625 65.03125 
+Q 15.375 64.15625 9.8125 62.3125 
+L 9.8125 71.09375 
+Q 15.4375 72.65625 20.34375 73.4375 
+Q 25.25 74.21875 29.59375 74.21875 
+Q 40.828125 74.21875 47.359375 69.109375 
+Q 53.90625 64.015625 53.90625 55.328125 
+Q 53.90625 49.265625 50.4375 45.09375 
+Q 46.96875 40.921875 40.578125 39.3125 
+z
+" id="DejaVuSans-33"/>
+      </defs>
+      <g transform="translate(392.124773 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-33"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="text_8">
+     <!-- benchmark -->
+     <defs>
+      <path d="M 48.6875 27.296875 
+Q 48.6875 37.203125 44.609375 42.84375 
+Q 40.53125 48.484375 33.40625 48.484375 
+Q 26.265625 48.484375 22.1875 42.84375 
+Q 18.109375 37.203125 18.109375 27.296875 
+Q 18.109375 17.390625 22.1875 11.75 
+Q 26.265625 6.109375 33.40625 6.109375 
+Q 40.53125 6.109375 44.609375 11.75 
+Q 48.6875 17.390625 48.6875 27.296875 
+z
+M 18.109375 46.390625 
+Q 20.953125 51.265625 25.265625 53.625 
+Q 29.59375 56 35.59375 56 
+Q 45.5625 56 51.78125 48.09375 
+Q 58.015625 40.1875 58.015625 27.296875 
+Q 58.015625 14.40625 51.78125 6.484375 
+Q 45.5625 -1.421875 35.59375 -1.421875 
+Q 29.59375 -1.421875 25.265625 0.953125 
+Q 20.953125 3.328125 18.109375 8.203125 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 75.984375 
+L 18.109375 75.984375 
+z
+" id="DejaVuSans-62"/>
+      <path d="M 56.203125 29.59375 
+L 56.203125 25.203125 
+L 14.890625 25.203125 
+Q 15.484375 15.921875 20.484375 11.0625 
+Q 25.484375 6.203125 34.421875 6.203125 
+Q 39.59375 6.203125 44.453125 7.46875 
+Q 49.3125 8.734375 54.109375 11.28125 
+L 54.109375 2.78125 
+Q 49.265625 0.734375 44.1875 -0.34375 
+Q 39.109375 -1.421875 33.890625 -1.421875 
+Q 20.796875 -1.421875 13.15625 6.1875 
+Q 5.515625 13.8125 5.515625 26.8125 
+Q 5.515625 40.234375 12.765625 48.109375 
+Q 20.015625 56 32.328125 56 
+Q 43.359375 56 49.78125 48.890625 
+Q 56.203125 41.796875 56.203125 29.59375 
+z
+M 47.21875 32.234375 
+Q 47.125 39.59375 43.09375 43.984375 
+Q 39.0625 48.390625 32.421875 48.390625 
+Q 24.90625 48.390625 20.390625 44.140625 
+Q 15.875 39.890625 15.1875 32.171875 
+z
+" id="DejaVuSans-65"/>
+      <path d="M 54.890625 33.015625 
+L 54.890625 0 
+L 45.90625 0 
+L 45.90625 32.71875 
+Q 45.90625 40.484375 42.875 44.328125 
+Q 39.84375 48.1875 33.796875 48.1875 
+Q 26.515625 48.1875 22.3125 43.546875 
+Q 18.109375 38.921875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 21.34375 51.125 25.703125 53.5625 
+Q 30.078125 56 35.796875 56 
+Q 45.21875 56 50.046875 50.171875 
+Q 54.890625 44.34375 54.890625 33.015625 
+z
+" id="DejaVuSans-6e"/>
+      <path d="M 48.78125 52.59375 
+L 48.78125 44.1875 
+Q 44.96875 46.296875 41.140625 47.34375 
+Q 37.3125 48.390625 33.40625 48.390625 
+Q 24.65625 48.390625 19.8125 42.84375 
+Q 14.984375 37.3125 14.984375 27.296875 
+Q 14.984375 17.28125 19.8125 11.734375 
+Q 24.65625 6.203125 33.40625 6.203125 
+Q 37.3125 6.203125 41.140625 7.25 
+Q 44.96875 8.296875 48.78125 10.40625 
+L 48.78125 2.09375 
+Q 45.015625 0.34375 40.984375 -0.53125 
+Q 36.96875 -1.421875 32.421875 -1.421875 
+Q 20.0625 -1.421875 12.78125 6.34375 
+Q 5.515625 14.109375 5.515625 27.296875 
+Q 5.515625 40.671875 12.859375 48.328125 
+Q 20.21875 56 33.015625 56 
+Q 37.15625 56 41.109375 55.140625 
+Q 45.0625 54.296875 48.78125 52.59375 
+z
+" id="DejaVuSans-63"/>
+      <path d="M 54.890625 33.015625 
+L 54.890625 0 
+L 45.90625 0 
+L 45.90625 32.71875 
+Q 45.90625 40.484375 42.875 44.328125 
+Q 39.84375 48.1875 33.796875 48.1875 
+Q 26.515625 48.1875 22.3125 43.546875 
+Q 18.109375 38.921875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 75.984375 
+L 18.109375 75.984375 
+L 18.109375 46.1875 
+Q 21.34375 51.125 25.703125 53.5625 
+Q 30.078125 56 35.796875 56 
+Q 45.21875 56 50.046875 50.171875 
+Q 54.890625 44.34375 54.890625 33.015625 
+z
+" id="DejaVuSans-68"/>
+      <path d="M 52 44.1875 
+Q 55.375 50.25 60.0625 53.125 
+Q 64.75 56 71.09375 56 
+Q 79.640625 56 84.28125 50.015625 
+Q 88.921875 44.046875 88.921875 33.015625 
+L 88.921875 0 
+L 79.890625 0 
+L 79.890625 32.71875 
+Q 79.890625 40.578125 77.09375 44.375 
+Q 74.3125 48.1875 68.609375 48.1875 
+Q 61.625 48.1875 57.5625 43.546875 
+Q 53.515625 38.921875 53.515625 30.90625 
+L 53.515625 0 
+L 44.484375 0 
+L 44.484375 32.71875 
+Q 44.484375 40.625 41.703125 44.40625 
+Q 38.921875 48.1875 33.109375 48.1875 
+Q 26.21875 48.1875 22.15625 43.53125 
+Q 18.109375 38.875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 21.1875 51.21875 25.484375 53.609375 
+Q 29.78125 56 35.6875 56 
+Q 41.65625 56 45.828125 52.96875 
+Q 50 49.953125 52 44.1875 
+z
+" id="DejaVuSans-6d"/>
+      <path d="M 34.28125 27.484375 
+Q 23.390625 27.484375 19.1875 25 
+Q 14.984375 22.515625 14.984375 16.5 
+Q 14.984375 11.71875 18.140625 8.90625 
+Q 21.296875 6.109375 26.703125 6.109375 
+Q 34.1875 6.109375 38.703125 11.40625 
+Q 43.21875 16.703125 43.21875 25.484375 
+L 43.21875 27.484375 
+z
+M 52.203125 31.203125 
+L 52.203125 0 
+L 43.21875 0 
+L 43.21875 8.296875 
+Q 40.140625 3.328125 35.546875 0.953125 
+Q 30.953125 -1.421875 24.3125 -1.421875 
+Q 15.921875 -1.421875 10.953125 3.296875 
+Q 6 8.015625 6 15.921875 
+Q 6 25.140625 12.171875 29.828125 
+Q 18.359375 34.515625 30.609375 34.515625 
+L 43.21875 34.515625 
+L 43.21875 35.40625 
+Q 43.21875 41.609375 39.140625 45 
+Q 35.0625 48.390625 27.6875 48.390625 
+Q 23 48.390625 18.546875 47.265625 
+Q 14.109375 46.140625 10.015625 43.890625 
+L 10.015625 52.203125 
+Q 14.9375 54.109375 19.578125 55.046875 
+Q 24.21875 56 28.609375 56 
+Q 40.484375 56 46.34375 49.84375 
+Q 52.203125 43.703125 52.203125 31.203125 
+z
+" id="DejaVuSans-61"/>
+      <path d="M 41.109375 46.296875 
+Q 39.59375 47.171875 37.8125 47.578125 
+Q 36.03125 48 33.890625 48 
+Q 26.265625 48 22.1875 43.046875 
+Q 18.109375 38.09375 18.109375 28.8125 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 20.953125 51.171875 25.484375 53.578125 
+Q 30.03125 56 36.53125 56 
+Q 37.453125 56 38.578125 55.875 
+Q 39.703125 55.765625 41.0625 55.515625 
+z
+" id="DejaVuSans-72"/>
+      <path d="M 9.078125 75.984375 
+L 18.109375 75.984375 
+L 18.109375 31.109375 
+L 44.921875 54.6875 
+L 56.390625 54.6875 
+L 27.390625 29.109375 
+L 57.625 0 
+L 45.90625 0 
+L 18.109375 26.703125 
+L 18.109375 0 
+L 9.078125 0 
+z
+" id="DejaVuSans-6b"/>
+     </defs>
+     <g transform="translate(207.937344 335.860562)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-62"/>
+      <use x="63.476562" xlink:href="#DejaVuSans-65"/>
+      <use x="125" xlink:href="#DejaVuSans-6e"/>
+      <use x="188.378906" xlink:href="#DejaVuSans-63"/>
+      <use x="243.359375" xlink:href="#DejaVuSans-68"/>
+      <use x="306.738281" xlink:href="#DejaVuSans-6d"/>
+      <use x="404.150391" xlink:href="#DejaVuSans-61"/>
+      <use x="465.429688" xlink:href="#DejaVuSans-72"/>
+      <use x="506.542969" xlink:href="#DejaVuSans-6b"/>
+     </g>
+    </g>
+   </g>
+   <g id="matplotlib.axis_2">
+    <g id="ytick_1">
+     <g id="line2d_15">
+      <path clip-path="url(#pa3bcd5702b)" d="M 57.6 263.798493 
+L 414.72 263.798493 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_16">
+      <defs>
+       <path d="M 0 0 
+L -3.5 0 
+" id="mc596d7e99e" style="stroke:#000000;stroke-width:0.8;"/>
+      </defs>
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#mc596d7e99e" y="263.798493"/>
+      </g>
+     </g>
+     <g id="text_9">
+      <!-- $\mathdefault{10^{6}}$ -->
+      <defs>
+       <path d="M 33.015625 40.375 
+Q 26.375 40.375 22.484375 35.828125 
+Q 18.609375 31.296875 18.609375 23.390625 
+Q 18.609375 15.53125 22.484375 10.953125 
+Q 26.375 6.390625 33.015625 6.390625 
+Q 39.65625 6.390625 43.53125 10.953125 
+Q 47.40625 15.53125 47.40625 23.390625 
+Q 47.40625 31.296875 43.53125 35.828125 
+Q 39.65625 40.375 33.015625 40.375 
+z
+M 52.59375 71.296875 
+L 52.59375 62.3125 
+Q 48.875 64.0625 45.09375 64.984375 
+Q 41.3125 65.921875 37.59375 65.921875 
+Q 27.828125 65.921875 22.671875 59.328125 
+Q 17.53125 52.734375 16.796875 39.40625 
+Q 19.671875 43.65625 24.015625 45.921875 
+Q 28.375 48.1875 33.59375 48.1875 
+Q 44.578125 48.1875 50.953125 41.515625 
+Q 57.328125 34.859375 57.328125 23.390625 
+Q 57.328125 12.15625 50.6875 5.359375 
+Q 44.046875 -1.421875 33.015625 -1.421875 
+Q 20.359375 -1.421875 13.671875 8.265625 
+Q 6.984375 17.96875 6.984375 36.375 
+Q 6.984375 53.65625 15.1875 63.9375 
+Q 23.390625 74.21875 37.203125 74.21875 
+Q 40.921875 74.21875 44.703125 73.484375 
+Q 48.484375 72.75 52.59375 71.296875 
+z
+" id="DejaVuSans-36"/>
+      </defs>
+      <g transform="translate(33 267.597712)scale(0.1 -0.1)">
+       <use transform="translate(0 0.765625)" xlink:href="#DejaVuSans-31"/>
+       <use transform="translate(63.623047 0.765625)" xlink:href="#DejaVuSans-30"/>
+       <use transform="translate(128.203125 39.046875)scale(0.7)" xlink:href="#DejaVuSans-36"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_2">
+     <g id="line2d_17">
+      <path clip-path="url(#pa3bcd5702b)" d="M 57.6 123.443391 
+L 414.72 123.443391 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_18">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#mc596d7e99e" y="123.443391"/>
+      </g>
+     </g>
+     <g id="text_10">
+      <!-- $\mathdefault{10^{7}}$ -->
+      <defs>
+       <path d="M 8.203125 72.90625 
+L 55.078125 72.90625 
+L 55.078125 68.703125 
+L 28.609375 0 
+L 18.3125 0 
+L 43.21875 64.59375 
+L 8.203125 64.59375 
+z
+" id="DejaVuSans-37"/>
+      </defs>
+      <g transform="translate(33 127.242609)scale(0.1 -0.1)">
+       <use transform="translate(0 0.684375)" xlink:href="#DejaVuSans-31"/>
+       <use transform="translate(63.623047 0.684375)" xlink:href="#DejaVuSans-30"/>
+       <use transform="translate(128.203125 38.965625)scale(0.7)" xlink:href="#DejaVuSans-37"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_3">
+     <g id="line2d_19">
+      <defs>
+       <path d="M 0 0 
+L -2 0 
+" id="m8894847c4b" style="stroke:#000000;stroke-width:0.6;"/>
+      </defs>
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m8894847c4b" y="306.049589"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_4">
+     <g id="line2d_20">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m8894847c4b" y="294.936097"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_5">
+     <g id="line2d_21">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m8894847c4b" y="285.539774"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_6">
+     <g id="line2d_22">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m8894847c4b" y="277.400308"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_7">
+     <g id="line2d_23">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m8894847c4b" y="270.220791"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_8">
+     <g id="line2d_24">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m8894847c4b" y="221.547397"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_9">
+     <g id="line2d_25">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m8894847c4b" y="196.832091"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_10">
+     <g id="line2d_26">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m8894847c4b" y="179.296301"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_11">
+     <g id="line2d_27">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m8894847c4b" y="165.694487"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_12">
+     <g id="line2d_28">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m8894847c4b" y="154.580995"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_13">
+     <g id="line2d_29">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m8894847c4b" y="145.184671"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_14">
+     <g id="line2d_30">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m8894847c4b" y="137.045205"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_15">
+     <g id="line2d_31">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m8894847c4b" y="129.865688"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_16">
+     <g id="line2d_32">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m8894847c4b" y="81.192295"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_17">
+     <g id="line2d_33">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m8894847c4b" y="56.476988"/>
+      </g>
+     </g>
+    </g>
+    <g id="text_11">
+     <!-- memory, KB, logscale -->
+     <defs>
+      <path d="M 30.609375 48.390625 
+Q 23.390625 48.390625 19.1875 42.75 
+Q 14.984375 37.109375 14.984375 27.296875 
+Q 14.984375 17.484375 19.15625 11.84375 
+Q 23.34375 6.203125 30.609375 6.203125 
+Q 37.796875 6.203125 41.984375 11.859375 
+Q 46.1875 17.53125 46.1875 27.296875 
+Q 46.1875 37.015625 41.984375 42.703125 
+Q 37.796875 48.390625 30.609375 48.390625 
+z
+M 30.609375 56 
+Q 42.328125 56 49.015625 48.375 
+Q 55.71875 40.765625 55.71875 27.296875 
+Q 55.71875 13.875 49.015625 6.21875 
+Q 42.328125 -1.421875 30.609375 -1.421875 
+Q 18.84375 -1.421875 12.171875 6.21875 
+Q 5.515625 13.875 5.515625 27.296875 
+Q 5.515625 40.765625 12.171875 48.375 
+Q 18.84375 56 30.609375 56 
+z
+" id="DejaVuSans-6f"/>
+      <path d="M 32.171875 -5.078125 
+Q 28.375 -14.84375 24.75 -17.8125 
+Q 21.140625 -20.796875 15.09375 -20.796875 
+L 7.90625 -20.796875 
+L 7.90625 -13.28125 
+L 13.1875 -13.28125 
+Q 16.890625 -13.28125 18.9375 -11.515625 
+Q 21 -9.765625 23.484375 -3.21875 
+L 25.09375 0.875 
+L 2.984375 54.6875 
+L 12.5 54.6875 
+L 29.59375 11.921875 
+L 46.6875 54.6875 
+L 56.203125 54.6875 
+z
+" id="DejaVuSans-79"/>
+      <path d="M 11.71875 12.40625 
+L 22.015625 12.40625 
+L 22.015625 4 
+L 14.015625 -11.625 
+L 7.71875 -11.625 
+L 11.71875 4 
+z
+" id="DejaVuSans-2c"/>
+      <path id="DejaVuSans-20"/>
+      <path d="M 9.8125 72.90625 
+L 19.671875 72.90625 
+L 19.671875 42.09375 
+L 52.390625 72.90625 
+L 65.09375 72.90625 
+L 28.90625 38.921875 
+L 67.671875 0 
+L 54.6875 0 
+L 19.671875 35.109375 
+L 19.671875 0 
+L 9.8125 0 
+z
+" id="DejaVuSans-4b"/>
+      <path d="M 19.671875 34.8125 
+L 19.671875 8.109375 
+L 35.5 8.109375 
+Q 43.453125 8.109375 47.28125 11.40625 
+Q 51.125 14.703125 51.125 21.484375 
+Q 51.125 28.328125 47.28125 31.5625 
+Q 43.453125 34.8125 35.5 34.8125 
+z
+M 19.671875 64.796875 
+L 19.671875 42.828125 
+L 34.28125 42.828125 
+Q 41.5 42.828125 45.03125 45.53125 
+Q 48.578125 48.25 48.578125 53.8125 
+Q 48.578125 59.328125 45.03125 62.0625 
+Q 41.5 64.796875 34.28125 64.796875 
+z
+M 9.8125 72.90625 
+L 35.015625 72.90625 
+Q 46.296875 72.90625 52.390625 68.21875 
+Q 58.5 63.53125 58.5 54.890625 
+Q 58.5 48.1875 55.375 44.234375 
+Q 52.25 40.28125 46.1875 39.3125 
+Q 53.46875 37.75 57.5 32.78125 
+Q 61.53125 27.828125 61.53125 20.40625 
+Q 61.53125 10.640625 54.890625 5.3125 
+Q 48.25 0 35.984375 0 
+L 9.8125 0 
+z
+" id="DejaVuSans-42"/>
+      <path d="M 9.421875 75.984375 
+L 18.40625 75.984375 
+L 18.40625 0 
+L 9.421875 0 
+z
+" id="DejaVuSans-6c"/>
+      <path d="M 45.40625 27.984375 
+Q 45.40625 37.75 41.375 43.109375 
+Q 37.359375 48.484375 30.078125 48.484375 
+Q 22.859375 48.484375 18.828125 43.109375 
+Q 14.796875 37.75 14.796875 27.984375 
+Q 14.796875 18.265625 18.828125 12.890625 
+Q 22.859375 7.515625 30.078125 7.515625 
+Q 37.359375 7.515625 41.375 12.890625 
+Q 45.40625 18.265625 45.40625 27.984375 
+z
+M 54.390625 6.78125 
+Q 54.390625 -7.171875 48.1875 -13.984375 
+Q 42 -20.796875 29.203125 -20.796875 
+Q 24.46875 -20.796875 20.265625 -20.09375 
+Q 16.0625 -19.390625 12.109375 -17.921875 
+L 12.109375 -9.1875 
+Q 16.0625 -11.328125 19.921875 -12.34375 
+Q 23.78125 -13.375 27.78125 -13.375 
+Q 36.625 -13.375 41.015625 -8.765625 
+Q 45.40625 -4.15625 45.40625 5.171875 
+L 45.40625 9.625 
+Q 42.625 4.78125 38.28125 2.390625 
+Q 33.9375 0 27.875 0 
+Q 17.828125 0 11.671875 7.65625 
+Q 5.515625 15.328125 5.515625 27.984375 
+Q 5.515625 40.671875 11.671875 48.328125 
+Q 17.828125 56 27.875 56 
+Q 33.9375 56 38.28125 53.609375 
+Q 42.625 51.21875 45.40625 46.390625 
+L 45.40625 54.6875 
+L 54.390625 54.6875 
+z
+" id="DejaVuSans-67"/>
+      <path d="M 44.28125 53.078125 
+L 44.28125 44.578125 
+Q 40.484375 46.53125 36.375 47.5 
+Q 32.28125 48.484375 27.875 48.484375 
+Q 21.1875 48.484375 17.84375 46.4375 
+Q 14.5 44.390625 14.5 40.28125 
+Q 14.5 37.15625 16.890625 35.375 
+Q 19.28125 33.59375 26.515625 31.984375 
+L 29.59375 31.296875 
+Q 39.15625 29.25 43.1875 25.515625 
+Q 47.21875 21.78125 47.21875 15.09375 
+Q 47.21875 7.46875 41.1875 3.015625 
+Q 35.15625 -1.421875 24.609375 -1.421875 
+Q 20.21875 -1.421875 15.453125 -0.5625 
+Q 10.6875 0.296875 5.421875 2 
+L 5.421875 11.28125 
+Q 10.40625 8.6875 15.234375 7.390625 
+Q 20.0625 6.109375 24.8125 6.109375 
+Q 31.15625 6.109375 34.5625 8.28125 
+Q 37.984375 10.453125 37.984375 14.40625 
+Q 37.984375 18.0625 35.515625 20.015625 
+Q 33.0625 21.96875 24.703125 23.78125 
+L 21.578125 24.515625 
+Q 13.234375 26.265625 9.515625 29.90625 
+Q 5.8125 33.546875 5.8125 39.890625 
+Q 5.8125 47.609375 11.28125 51.796875 
+Q 16.75 56 26.8125 56 
+Q 31.78125 56 36.171875 55.265625 
+Q 40.578125 54.546875 44.28125 53.078125 
+z
+" id="DejaVuSans-73"/>
+     </defs>
+     <g transform="translate(26.920312 228.991281)rotate(-90)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-6d"/>
+      <use x="97.412109" xlink:href="#DejaVuSans-65"/>
+      <use x="158.935547" xlink:href="#DejaVuSans-6d"/>
+      <use x="256.347656" xlink:href="#DejaVuSans-6f"/>
+      <use x="317.529297" xlink:href="#DejaVuSans-72"/>
+      <use x="358.642578" xlink:href="#DejaVuSans-79"/>
+      <use x="417.822266" xlink:href="#DejaVuSans-2c"/>
+      <use x="449.609375" xlink:href="#DejaVuSans-20"/>
+      <use x="481.396484" xlink:href="#DejaVuSans-4b"/>
+      <use x="546.972656" xlink:href="#DejaVuSans-42"/>
+      <use x="615.576172" xlink:href="#DejaVuSans-2c"/>
+      <use x="647.363281" xlink:href="#DejaVuSans-20"/>
+      <use x="679.150391" xlink:href="#DejaVuSans-6c"/>
+      <use x="706.933594" xlink:href="#DejaVuSans-6f"/>
+      <use x="768.115234" xlink:href="#DejaVuSans-67"/>
+      <use x="831.591797" xlink:href="#DejaVuSans-73"/>
+      <use x="883.691406" xlink:href="#DejaVuSans-63"/>
+      <use x="938.671875" xlink:href="#DejaVuSans-61"/>
+      <use x="999.951172" xlink:href="#DejaVuSans-6c"/>
+      <use x="1027.734375" xlink:href="#DejaVuSans-65"/>
+     </g>
+    </g>
+   </g>
+   <g id="line2d_34">
+    <path clip-path="url(#pa3bcd5702b)" d="M 73.832727 133.364923 
+L 85.027712 131.319264 
+L 96.222696 134.916545 
+L 107.41768 109.609218 
+L 118.612665 109.979833 
+L 129.807649 97.042686 
+L 141.002633 95.939924 
+L 152.197618 98.526987 
+L 163.392602 76.272686 
+L 174.587586 76.865027 
+L 185.782571 159.423302 
+L 196.977555 85.554307 
+L 208.172539 70.248444 
+L 219.367524 135.343147 
+L 230.562508 72.919142 
+L 241.757492 101.028007 
+L 252.952476 58.58131 
+L 264.147461 58.905155 
+L 275.342445 80.768667 
+L 286.537429 53.568 
+L 297.732414 294.637741 
+L 308.927398 274.711406 
+L 320.122382 266.314506 
+L 331.317367 277.758251 
+L 342.512351 275.408571 
+L 353.707335 263.8241 
+L 364.90232 256.185327 
+L 376.097304 246.885302 
+L 387.292288 246.210305 
+L 398.487273 236.093372 
+" style="fill:none;opacity:0.7;stroke:#ff0000;stroke-linecap:square;stroke-width:1.5;"/>
+    <defs>
+     <path d="M -3 3 
+L 3 3 
+L 3 -3 
+L -3 -3 
+z
+" id="m891411d55d" style="stroke:#ff0000;stroke-linejoin:miter;"/>
+    </defs>
+    <g clip-path="url(#pa3bcd5702b)">
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="73.832727" xlink:href="#m891411d55d" y="133.364923"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="85.027712" xlink:href="#m891411d55d" y="131.319264"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="96.222696" xlink:href="#m891411d55d" y="134.916545"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="107.41768" xlink:href="#m891411d55d" y="109.609218"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="118.612665" xlink:href="#m891411d55d" y="109.979833"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="129.807649" xlink:href="#m891411d55d" y="97.042686"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="141.002633" xlink:href="#m891411d55d" y="95.939924"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="152.197618" xlink:href="#m891411d55d" y="98.526987"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="163.392602" xlink:href="#m891411d55d" y="76.272686"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="174.587586" xlink:href="#m891411d55d" y="76.865027"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="185.782571" xlink:href="#m891411d55d" y="159.423302"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="196.977555" xlink:href="#m891411d55d" y="85.554307"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="208.172539" xlink:href="#m891411d55d" y="70.248444"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="219.367524" xlink:href="#m891411d55d" y="135.343147"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="230.562508" xlink:href="#m891411d55d" y="72.919142"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="241.757492" xlink:href="#m891411d55d" y="101.028007"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="252.952476" xlink:href="#m891411d55d" y="58.58131"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="264.147461" xlink:href="#m891411d55d" y="58.905155"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="275.342445" xlink:href="#m891411d55d" y="80.768667"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="286.537429" xlink:href="#m891411d55d" y="53.568"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="297.732414" xlink:href="#m891411d55d" y="294.637741"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="308.927398" xlink:href="#m891411d55d" y="274.711406"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="320.122382" xlink:href="#m891411d55d" y="266.314506"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="331.317367" xlink:href="#m891411d55d" y="277.758251"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="342.512351" xlink:href="#m891411d55d" y="275.408571"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="353.707335" xlink:href="#m891411d55d" y="263.8241"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="364.90232" xlink:href="#m891411d55d" y="256.185327"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="376.097304" xlink:href="#m891411d55d" y="246.885302"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="387.292288" xlink:href="#m891411d55d" y="246.210305"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="398.487273" xlink:href="#m891411d55d" y="236.093372"/>
+    </g>
+   </g>
+   <g id="line2d_35">
+    <path clip-path="url(#pa3bcd5702b)" d="M 73.832727 147.946455 
+L 85.027712 143.650304 
+L 96.222696 143.654414 
+L 107.41768 122.915662 
+L 118.612665 119.63077 
+L 129.807649 104.221205 
+L 141.002633 103.659788 
+L 152.197618 104.649145 
+L 163.392602 89.06144 
+L 174.587586 89.269819 
+L 185.782571 177.230392 
+L 196.977555 90.826495 
+L 208.172539 72.34052 
+L 219.367524 160.808726 
+L 230.562508 75.593091 
+L 241.757492 126.982834 
+L 252.952476 60.789227 
+L 264.147461 59.914681 
+L 275.342445 91.472556 
+L 286.537429 56.11011 
+L 297.732414 295.488 
+L 308.927398 272.948891 
+L 320.122382 260.081984 
+L 331.317367 280.020526 
+L 342.512351 276.632854 
+L 353.707335 261.752209 
+L 364.90232 257.711273 
+L 376.097304 244.818362 
+L 387.292288 245.530774 
+L 398.487273 229.481563 
+" style="fill:none;opacity:0.7;stroke:#0000ff;stroke-linecap:square;stroke-width:1.5;"/>
+    <defs>
+     <path d="M 0 3 
+C 0.795609 3 1.55874 2.683901 2.12132 2.12132 
+C 2.683901 1.55874 3 0.795609 3 0 
+C 3 -0.795609 2.683901 -1.55874 2.12132 -2.12132 
+C 1.55874 -2.683901 0.795609 -3 0 -3 
+C -0.795609 -3 -1.55874 -2.683901 -2.12132 -2.12132 
+C -2.683901 -1.55874 -3 -0.795609 -3 0 
+C -3 0.795609 -2.683901 1.55874 -2.12132 2.12132 
+C -1.55874 2.683901 -0.795609 3 0 3 
+z
+" id="m5edc4157a9" style="stroke:#0000ff;"/>
+    </defs>
+    <g clip-path="url(#pa3bcd5702b)">
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="73.832727" xlink:href="#m5edc4157a9" y="147.946455"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="85.027712" xlink:href="#m5edc4157a9" y="143.650304"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="96.222696" xlink:href="#m5edc4157a9" y="143.654414"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="107.41768" xlink:href="#m5edc4157a9" y="122.915662"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="118.612665" xlink:href="#m5edc4157a9" y="119.63077"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="129.807649" xlink:href="#m5edc4157a9" y="104.221205"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="141.002633" xlink:href="#m5edc4157a9" y="103.659788"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="152.197618" xlink:href="#m5edc4157a9" y="104.649145"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="163.392602" xlink:href="#m5edc4157a9" y="89.06144"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="174.587586" xlink:href="#m5edc4157a9" y="89.269819"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="185.782571" xlink:href="#m5edc4157a9" y="177.230392"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="196.977555" xlink:href="#m5edc4157a9" y="90.826495"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="208.172539" xlink:href="#m5edc4157a9" y="72.34052"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="219.367524" xlink:href="#m5edc4157a9" y="160.808726"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="230.562508" xlink:href="#m5edc4157a9" y="75.593091"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="241.757492" xlink:href="#m5edc4157a9" y="126.982834"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="252.952476" xlink:href="#m5edc4157a9" y="60.789227"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="264.147461" xlink:href="#m5edc4157a9" y="59.914681"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="275.342445" xlink:href="#m5edc4157a9" y="91.472556"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="286.537429" xlink:href="#m5edc4157a9" y="56.11011"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="297.732414" xlink:href="#m5edc4157a9" y="295.488"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="308.927398" xlink:href="#m5edc4157a9" y="272.948891"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="320.122382" xlink:href="#m5edc4157a9" y="260.081984"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="331.317367" xlink:href="#m5edc4157a9" y="280.020526"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="342.512351" xlink:href="#m5edc4157a9" y="276.632854"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="353.707335" xlink:href="#m5edc4157a9" y="261.752209"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="364.90232" xlink:href="#m5edc4157a9" y="257.711273"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="376.097304" xlink:href="#m5edc4157a9" y="244.818362"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="387.292288" xlink:href="#m5edc4157a9" y="245.530774"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="398.487273" xlink:href="#m5edc4157a9" y="229.481563"/>
+    </g>
+   </g>
+   <g id="patch_3">
+    <path d="M 57.6 307.584 
+L 57.6 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_4">
+    <path d="M 414.72 307.584 
+L 414.72 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_5">
+    <path d="M 57.6 307.584 
+L 414.72 307.584 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_6">
+    <path d="M 57.6 41.472 
+L 414.72 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="legend_1">
+    <g id="patch_7">
+     <path d="M 64.6 302.584 
+L 242.110938 302.584 
+Q 244.110938 302.584 244.110938 300.584 
+L 244.110938 272.22775 
+Q 244.110938 270.22775 242.110938 270.22775 
+L 64.6 270.22775 
+Q 62.6 270.22775 62.6 272.22775 
+L 62.6 300.584 
+Q 62.6 302.584 64.6 302.584 
+z
+" style="fill:#ffffff;opacity:0.8;stroke:#cccccc;stroke-linejoin:miter;"/>
+    </g>
+    <g id="line2d_36">
+     <path d="M 66.6 278.326187 
+L 86.6 278.326187 
+" style="fill:none;opacity:0.7;stroke:#ff0000;stroke-linecap:square;stroke-width:1.5;"/>
+    </g>
+    <g id="line2d_37">
+     <g>
+      <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="76.6" xlink:href="#m891411d55d" y="278.326187"/>
+     </g>
+    </g>
+    <g id="text_12">
+     <!-- 001indinv-apalache-unstable -->
+     <defs>
+      <path d="M 9.421875 54.6875 
+L 18.40625 54.6875 
+L 18.40625 0 
+L 9.421875 0 
+z
+M 9.421875 75.984375 
+L 18.40625 75.984375 
+L 18.40625 64.59375 
+L 9.421875 64.59375 
+z
+" id="DejaVuSans-69"/>
+      <path d="M 45.40625 46.390625 
+L 45.40625 75.984375 
+L 54.390625 75.984375 
+L 54.390625 0 
+L 45.40625 0 
+L 45.40625 8.203125 
+Q 42.578125 3.328125 38.25 0.953125 
+Q 33.9375 -1.421875 27.875 -1.421875 
+Q 17.96875 -1.421875 11.734375 6.484375 
+Q 5.515625 14.40625 5.515625 27.296875 
+Q 5.515625 40.1875 11.734375 48.09375 
+Q 17.96875 56 27.875 56 
+Q 33.9375 56 38.25 53.625 
+Q 42.578125 51.265625 45.40625 46.390625 
+z
+M 14.796875 27.296875 
+Q 14.796875 17.390625 18.875 11.75 
+Q 22.953125 6.109375 30.078125 6.109375 
+Q 37.203125 6.109375 41.296875 11.75 
+Q 45.40625 17.390625 45.40625 27.296875 
+Q 45.40625 37.203125 41.296875 42.84375 
+Q 37.203125 48.484375 30.078125 48.484375 
+Q 22.953125 48.484375 18.875 42.84375 
+Q 14.796875 37.203125 14.796875 27.296875 
+z
+" id="DejaVuSans-64"/>
+      <path d="M 2.984375 54.6875 
+L 12.5 54.6875 
+L 29.59375 8.796875 
+L 46.6875 54.6875 
+L 56.203125 54.6875 
+L 35.6875 0 
+L 23.484375 0 
+z
+" id="DejaVuSans-76"/>
+      <path d="M 4.890625 31.390625 
+L 31.203125 31.390625 
+L 31.203125 23.390625 
+L 4.890625 23.390625 
+z
+" id="DejaVuSans-2d"/>
+      <path d="M 18.109375 8.203125 
+L 18.109375 -20.796875 
+L 9.078125 -20.796875 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.390625 
+Q 20.953125 51.265625 25.265625 53.625 
+Q 29.59375 56 35.59375 56 
+Q 45.5625 56 51.78125 48.09375 
+Q 58.015625 40.1875 58.015625 27.296875 
+Q 58.015625 14.40625 51.78125 6.484375 
+Q 45.5625 -1.421875 35.59375 -1.421875 
+Q 29.59375 -1.421875 25.265625 0.953125 
+Q 20.953125 3.328125 18.109375 8.203125 
+z
+M 48.6875 27.296875 
+Q 48.6875 37.203125 44.609375 42.84375 
+Q 40.53125 48.484375 33.40625 48.484375 
+Q 26.265625 48.484375 22.1875 42.84375 
+Q 18.109375 37.203125 18.109375 27.296875 
+Q 18.109375 17.390625 22.1875 11.75 
+Q 26.265625 6.109375 33.40625 6.109375 
+Q 40.53125 6.109375 44.609375 11.75 
+Q 48.6875 17.390625 48.6875 27.296875 
+z
+" id="DejaVuSans-70"/>
+      <path d="M 8.5 21.578125 
+L 8.5 54.6875 
+L 17.484375 54.6875 
+L 17.484375 21.921875 
+Q 17.484375 14.15625 20.5 10.265625 
+Q 23.53125 6.390625 29.59375 6.390625 
+Q 36.859375 6.390625 41.078125 11.03125 
+Q 45.3125 15.671875 45.3125 23.6875 
+L 45.3125 54.6875 
+L 54.296875 54.6875 
+L 54.296875 0 
+L 45.3125 0 
+L 45.3125 8.40625 
+Q 42.046875 3.421875 37.71875 1 
+Q 33.40625 -1.421875 27.6875 -1.421875 
+Q 18.265625 -1.421875 13.375 4.4375 
+Q 8.5 10.296875 8.5 21.578125 
+z
+M 31.109375 56 
+z
+" id="DejaVuSans-75"/>
+      <path d="M 18.3125 70.21875 
+L 18.3125 54.6875 
+L 36.8125 54.6875 
+L 36.8125 47.703125 
+L 18.3125 47.703125 
+L 18.3125 18.015625 
+Q 18.3125 11.328125 20.140625 9.421875 
+Q 21.96875 7.515625 27.59375 7.515625 
+L 36.8125 7.515625 
+L 36.8125 0 
+L 27.59375 0 
+Q 17.1875 0 13.234375 3.875 
+Q 9.28125 7.765625 9.28125 18.015625 
+L 9.28125 47.703125 
+L 2.6875 47.703125 
+L 2.6875 54.6875 
+L 9.28125 54.6875 
+L 9.28125 70.21875 
+z
+" id="DejaVuSans-74"/>
+     </defs>
+     <g transform="translate(94.6 281.826187)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-30"/>
+      <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      <use x="127.246094" xlink:href="#DejaVuSans-31"/>
+      <use x="190.869141" xlink:href="#DejaVuSans-69"/>
+      <use x="218.652344" xlink:href="#DejaVuSans-6e"/>
+      <use x="282.03125" xlink:href="#DejaVuSans-64"/>
+      <use x="345.507812" xlink:href="#DejaVuSans-69"/>
+      <use x="373.291016" xlink:href="#DejaVuSans-6e"/>
+      <use x="436.669922" xlink:href="#DejaVuSans-76"/>
+      <use x="495.818359" xlink:href="#DejaVuSans-2d"/>
+      <use x="531.902344" xlink:href="#DejaVuSans-61"/>
+      <use x="593.181641" xlink:href="#DejaVuSans-70"/>
+      <use x="656.658203" xlink:href="#DejaVuSans-61"/>
+      <use x="717.9375" xlink:href="#DejaVuSans-6c"/>
+      <use x="745.720703" xlink:href="#DejaVuSans-61"/>
+      <use x="807" xlink:href="#DejaVuSans-63"/>
+      <use x="861.980469" xlink:href="#DejaVuSans-68"/>
+      <use x="925.359375" xlink:href="#DejaVuSans-65"/>
+      <use x="986.882812" xlink:href="#DejaVuSans-2d"/>
+      <use x="1022.966797" xlink:href="#DejaVuSans-75"/>
+      <use x="1086.345703" xlink:href="#DejaVuSans-6e"/>
+      <use x="1149.724609" xlink:href="#DejaVuSans-73"/>
+      <use x="1201.824219" xlink:href="#DejaVuSans-74"/>
+      <use x="1241.033203" xlink:href="#DejaVuSans-61"/>
+      <use x="1302.3125" xlink:href="#DejaVuSans-62"/>
+      <use x="1365.789062" xlink:href="#DejaVuSans-6c"/>
+      <use x="1393.572266" xlink:href="#DejaVuSans-65"/>
+     </g>
+    </g>
+    <g id="line2d_38">
+     <path d="M 66.6 293.004312 
+L 86.6 293.004312 
+" style="fill:none;opacity:0.7;stroke:#0000ff;stroke-linecap:square;stroke-width:1.5;"/>
+    </g>
+    <g id="line2d_39">
+     <g>
+      <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="76.6" xlink:href="#m5edc4157a9" y="293.004312"/>
+     </g>
+    </g>
+    <g id="text_13">
+     <!-- 001indinv-apalache-card -->
+     <g transform="translate(94.6 296.504312)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-30"/>
+      <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      <use x="127.246094" xlink:href="#DejaVuSans-31"/>
+      <use x="190.869141" xlink:href="#DejaVuSans-69"/>
+      <use x="218.652344" xlink:href="#DejaVuSans-6e"/>
+      <use x="282.03125" xlink:href="#DejaVuSans-64"/>
+      <use x="345.507812" xlink:href="#DejaVuSans-69"/>
+      <use x="373.291016" xlink:href="#DejaVuSans-6e"/>
+      <use x="436.669922" xlink:href="#DejaVuSans-76"/>
+      <use x="495.818359" xlink:href="#DejaVuSans-2d"/>
+      <use x="531.902344" xlink:href="#DejaVuSans-61"/>
+      <use x="593.181641" xlink:href="#DejaVuSans-70"/>
+      <use x="656.658203" xlink:href="#DejaVuSans-61"/>
+      <use x="717.9375" xlink:href="#DejaVuSans-6c"/>
+      <use x="745.720703" xlink:href="#DejaVuSans-61"/>
+      <use x="807" xlink:href="#DejaVuSans-63"/>
+      <use x="861.980469" xlink:href="#DejaVuSans-68"/>
+      <use x="925.359375" xlink:href="#DejaVuSans-65"/>
+      <use x="986.882812" xlink:href="#DejaVuSans-2d"/>
+      <use x="1022.966797" xlink:href="#DejaVuSans-63"/>
+      <use x="1077.947266" xlink:href="#DejaVuSans-61"/>
+      <use x="1139.226562" xlink:href="#DejaVuSans-72"/>
+      <use x="1180.324219" xlink:href="#DejaVuSans-64"/>
+     </g>
+    </g>
+   </g>
+  </g>
+ </g>
+ <defs>
+  <clipPath id="pa3bcd5702b">
+   <rect height="266.112" width="357.12" x="57.6" y="41.472"/>
+  </clipPath>
+ </defs>
+</svg>
diff --git a/docs/spec/tendermint-fork-cases/results/001indinv-apalache-mem.svg b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-mem.svg
new file mode 100644
index 000000000..b4b5b4b8c
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-mem.svg
@@ -0,0 +1,1216 @@
+<?xml version="1.0" encoding="utf-8" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"
+  "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<!-- Created with matplotlib (http://matplotlib.org/) -->
+<svg height="345pt" version="1.1" viewBox="0 0 460 345" width="460pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+ <defs>
+  <style type="text/css">
+*{stroke-linecap:butt;stroke-linejoin:round;}
+  </style>
+ </defs>
+ <g id="figure_1">
+  <g id="patch_1">
+   <path d="M 0 345.6 
+L 460.8 345.6 
+L 460.8 0 
+L 0 0 
+z
+" style="fill:#ffffff;"/>
+  </g>
+  <g id="axes_1">
+   <g id="patch_2">
+    <path d="M 57.6 307.584 
+L 414.72 307.584 
+L 414.72 41.472 
+L 57.6 41.472 
+z
+" style="fill:#ffffff;"/>
+   </g>
+   <g id="matplotlib.axis_1">
+    <g id="xtick_1">
+     <g id="line2d_1">
+      <path clip-path="url(#p29a4bcbbaa)" d="M 62.637743 307.584 
+L 62.637743 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_2">
+      <defs>
+       <path d="M 0 0 
+L 0 3.5 
+" id="m4156316fc9" style="stroke:#000000;stroke-width:0.8;"/>
+      </defs>
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="62.637743" xlink:href="#m4156316fc9" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_1">
+      <!-- 0 -->
+      <defs>
+       <path d="M 31.78125 66.40625 
+Q 24.171875 66.40625 20.328125 58.90625 
+Q 16.5 51.421875 16.5 36.375 
+Q 16.5 21.390625 20.328125 13.890625 
+Q 24.171875 6.390625 31.78125 6.390625 
+Q 39.453125 6.390625 43.28125 13.890625 
+Q 47.125 21.390625 47.125 36.375 
+Q 47.125 51.421875 43.28125 58.90625 
+Q 39.453125 66.40625 31.78125 66.40625 
+z
+M 31.78125 74.21875 
+Q 44.046875 74.21875 50.515625 64.515625 
+Q 56.984375 54.828125 56.984375 36.375 
+Q 56.984375 17.96875 50.515625 8.265625 
+Q 44.046875 -1.421875 31.78125 -1.421875 
+Q 19.53125 -1.421875 13.0625 8.265625 
+Q 6.59375 17.96875 6.59375 36.375 
+Q 6.59375 54.828125 13.0625 64.515625 
+Q 19.53125 74.21875 31.78125 74.21875 
+z
+" id="DejaVuSans-30"/>
+      </defs>
+      <g transform="translate(59.456493 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_2">
+     <g id="line2d_3">
+      <path clip-path="url(#p29a4bcbbaa)" d="M 118.612665 307.584 
+L 118.612665 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_4">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="118.612665" xlink:href="#m4156316fc9" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_2">
+      <!-- 5 -->
+      <defs>
+       <path d="M 10.796875 72.90625 
+L 49.515625 72.90625 
+L 49.515625 64.59375 
+L 19.828125 64.59375 
+L 19.828125 46.734375 
+Q 21.96875 47.46875 24.109375 47.828125 
+Q 26.265625 48.1875 28.421875 48.1875 
+Q 40.625 48.1875 47.75 41.5 
+Q 54.890625 34.8125 54.890625 23.390625 
+Q 54.890625 11.625 47.5625 5.09375 
+Q 40.234375 -1.421875 26.90625 -1.421875 
+Q 22.3125 -1.421875 17.546875 -0.640625 
+Q 12.796875 0.140625 7.71875 1.703125 
+L 7.71875 11.625 
+Q 12.109375 9.234375 16.796875 8.0625 
+Q 21.484375 6.890625 26.703125 6.890625 
+Q 35.15625 6.890625 40.078125 11.328125 
+Q 45.015625 15.765625 45.015625 23.390625 
+Q 45.015625 31 40.078125 35.4375 
+Q 35.15625 39.890625 26.703125 39.890625 
+Q 22.75 39.890625 18.8125 39.015625 
+Q 14.890625 38.140625 10.796875 36.28125 
+z
+" id="DejaVuSans-35"/>
+      </defs>
+      <g transform="translate(115.431415 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_3">
+     <g id="line2d_5">
+      <path clip-path="url(#p29a4bcbbaa)" d="M 174.587586 307.584 
+L 174.587586 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_6">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="174.587586" xlink:href="#m4156316fc9" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_3">
+      <!-- 10 -->
+      <defs>
+       <path d="M 12.40625 8.296875 
+L 28.515625 8.296875 
+L 28.515625 63.921875 
+L 10.984375 60.40625 
+L 10.984375 69.390625 
+L 28.421875 72.90625 
+L 38.28125 72.90625 
+L 38.28125 8.296875 
+L 54.390625 8.296875 
+L 54.390625 0 
+L 12.40625 0 
+z
+" id="DejaVuSans-31"/>
+      </defs>
+      <g transform="translate(168.225086 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_4">
+     <g id="line2d_7">
+      <path clip-path="url(#p29a4bcbbaa)" d="M 230.562508 307.584 
+L 230.562508 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_8">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="230.562508" xlink:href="#m4156316fc9" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_4">
+      <!-- 15 -->
+      <g transform="translate(224.200008 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_5">
+     <g id="line2d_9">
+      <path clip-path="url(#p29a4bcbbaa)" d="M 286.537429 307.584 
+L 286.537429 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_10">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="286.537429" xlink:href="#m4156316fc9" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_5">
+      <!-- 20 -->
+      <defs>
+       <path d="M 19.1875 8.296875 
+L 53.609375 8.296875 
+L 53.609375 0 
+L 7.328125 0 
+L 7.328125 8.296875 
+Q 12.9375 14.109375 22.625 23.890625 
+Q 32.328125 33.6875 34.8125 36.53125 
+Q 39.546875 41.84375 41.421875 45.53125 
+Q 43.3125 49.21875 43.3125 52.78125 
+Q 43.3125 58.59375 39.234375 62.25 
+Q 35.15625 65.921875 28.609375 65.921875 
+Q 23.96875 65.921875 18.8125 64.3125 
+Q 13.671875 62.703125 7.8125 59.421875 
+L 7.8125 69.390625 
+Q 13.765625 71.78125 18.9375 73 
+Q 24.125 74.21875 28.421875 74.21875 
+Q 39.75 74.21875 46.484375 68.546875 
+Q 53.21875 62.890625 53.21875 53.421875 
+Q 53.21875 48.921875 51.53125 44.890625 
+Q 49.859375 40.875 45.40625 35.40625 
+Q 44.1875 33.984375 37.640625 27.21875 
+Q 31.109375 20.453125 19.1875 8.296875 
+z
+" id="DejaVuSans-32"/>
+      </defs>
+      <g transform="translate(280.174929 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_6">
+     <g id="line2d_11">
+      <path clip-path="url(#p29a4bcbbaa)" d="M 342.512351 307.584 
+L 342.512351 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_12">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="342.512351" xlink:href="#m4156316fc9" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_6">
+      <!-- 25 -->
+      <g transform="translate(336.149851 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_7">
+     <g id="line2d_13">
+      <path clip-path="url(#p29a4bcbbaa)" d="M 398.487273 307.584 
+L 398.487273 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_14">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="398.487273" xlink:href="#m4156316fc9" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_7">
+      <!-- 30 -->
+      <defs>
+       <path d="M 40.578125 39.3125 
+Q 47.65625 37.796875 51.625 33 
+Q 55.609375 28.21875 55.609375 21.1875 
+Q 55.609375 10.40625 48.1875 4.484375 
+Q 40.765625 -1.421875 27.09375 -1.421875 
+Q 22.515625 -1.421875 17.65625 -0.515625 
+Q 12.796875 0.390625 7.625 2.203125 
+L 7.625 11.71875 
+Q 11.71875 9.328125 16.59375 8.109375 
+Q 21.484375 6.890625 26.8125 6.890625 
+Q 36.078125 6.890625 40.9375 10.546875 
+Q 45.796875 14.203125 45.796875 21.1875 
+Q 45.796875 27.640625 41.28125 31.265625 
+Q 36.765625 34.90625 28.71875 34.90625 
+L 20.21875 34.90625 
+L 20.21875 43.015625 
+L 29.109375 43.015625 
+Q 36.375 43.015625 40.234375 45.921875 
+Q 44.09375 48.828125 44.09375 54.296875 
+Q 44.09375 59.90625 40.109375 62.90625 
+Q 36.140625 65.921875 28.71875 65.921875 
+Q 24.65625 65.921875 20.015625 65.03125 
+Q 15.375 64.15625 9.8125 62.3125 
+L 9.8125 71.09375 
+Q 15.4375 72.65625 20.34375 73.4375 
+Q 25.25 74.21875 29.59375 74.21875 
+Q 40.828125 74.21875 47.359375 69.109375 
+Q 53.90625 64.015625 53.90625 55.328125 
+Q 53.90625 49.265625 50.4375 45.09375 
+Q 46.96875 40.921875 40.578125 39.3125 
+z
+" id="DejaVuSans-33"/>
+      </defs>
+      <g transform="translate(392.124773 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-33"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="text_8">
+     <!-- benchmark -->
+     <defs>
+      <path d="M 48.6875 27.296875 
+Q 48.6875 37.203125 44.609375 42.84375 
+Q 40.53125 48.484375 33.40625 48.484375 
+Q 26.265625 48.484375 22.1875 42.84375 
+Q 18.109375 37.203125 18.109375 27.296875 
+Q 18.109375 17.390625 22.1875 11.75 
+Q 26.265625 6.109375 33.40625 6.109375 
+Q 40.53125 6.109375 44.609375 11.75 
+Q 48.6875 17.390625 48.6875 27.296875 
+z
+M 18.109375 46.390625 
+Q 20.953125 51.265625 25.265625 53.625 
+Q 29.59375 56 35.59375 56 
+Q 45.5625 56 51.78125 48.09375 
+Q 58.015625 40.1875 58.015625 27.296875 
+Q 58.015625 14.40625 51.78125 6.484375 
+Q 45.5625 -1.421875 35.59375 -1.421875 
+Q 29.59375 -1.421875 25.265625 0.953125 
+Q 20.953125 3.328125 18.109375 8.203125 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 75.984375 
+L 18.109375 75.984375 
+z
+" id="DejaVuSans-62"/>
+      <path d="M 56.203125 29.59375 
+L 56.203125 25.203125 
+L 14.890625 25.203125 
+Q 15.484375 15.921875 20.484375 11.0625 
+Q 25.484375 6.203125 34.421875 6.203125 
+Q 39.59375 6.203125 44.453125 7.46875 
+Q 49.3125 8.734375 54.109375 11.28125 
+L 54.109375 2.78125 
+Q 49.265625 0.734375 44.1875 -0.34375 
+Q 39.109375 -1.421875 33.890625 -1.421875 
+Q 20.796875 -1.421875 13.15625 6.1875 
+Q 5.515625 13.8125 5.515625 26.8125 
+Q 5.515625 40.234375 12.765625 48.109375 
+Q 20.015625 56 32.328125 56 
+Q 43.359375 56 49.78125 48.890625 
+Q 56.203125 41.796875 56.203125 29.59375 
+z
+M 47.21875 32.234375 
+Q 47.125 39.59375 43.09375 43.984375 
+Q 39.0625 48.390625 32.421875 48.390625 
+Q 24.90625 48.390625 20.390625 44.140625 
+Q 15.875 39.890625 15.1875 32.171875 
+z
+" id="DejaVuSans-65"/>
+      <path d="M 54.890625 33.015625 
+L 54.890625 0 
+L 45.90625 0 
+L 45.90625 32.71875 
+Q 45.90625 40.484375 42.875 44.328125 
+Q 39.84375 48.1875 33.796875 48.1875 
+Q 26.515625 48.1875 22.3125 43.546875 
+Q 18.109375 38.921875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 21.34375 51.125 25.703125 53.5625 
+Q 30.078125 56 35.796875 56 
+Q 45.21875 56 50.046875 50.171875 
+Q 54.890625 44.34375 54.890625 33.015625 
+z
+" id="DejaVuSans-6e"/>
+      <path d="M 48.78125 52.59375 
+L 48.78125 44.1875 
+Q 44.96875 46.296875 41.140625 47.34375 
+Q 37.3125 48.390625 33.40625 48.390625 
+Q 24.65625 48.390625 19.8125 42.84375 
+Q 14.984375 37.3125 14.984375 27.296875 
+Q 14.984375 17.28125 19.8125 11.734375 
+Q 24.65625 6.203125 33.40625 6.203125 
+Q 37.3125 6.203125 41.140625 7.25 
+Q 44.96875 8.296875 48.78125 10.40625 
+L 48.78125 2.09375 
+Q 45.015625 0.34375 40.984375 -0.53125 
+Q 36.96875 -1.421875 32.421875 -1.421875 
+Q 20.0625 -1.421875 12.78125 6.34375 
+Q 5.515625 14.109375 5.515625 27.296875 
+Q 5.515625 40.671875 12.859375 48.328125 
+Q 20.21875 56 33.015625 56 
+Q 37.15625 56 41.109375 55.140625 
+Q 45.0625 54.296875 48.78125 52.59375 
+z
+" id="DejaVuSans-63"/>
+      <path d="M 54.890625 33.015625 
+L 54.890625 0 
+L 45.90625 0 
+L 45.90625 32.71875 
+Q 45.90625 40.484375 42.875 44.328125 
+Q 39.84375 48.1875 33.796875 48.1875 
+Q 26.515625 48.1875 22.3125 43.546875 
+Q 18.109375 38.921875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 75.984375 
+L 18.109375 75.984375 
+L 18.109375 46.1875 
+Q 21.34375 51.125 25.703125 53.5625 
+Q 30.078125 56 35.796875 56 
+Q 45.21875 56 50.046875 50.171875 
+Q 54.890625 44.34375 54.890625 33.015625 
+z
+" id="DejaVuSans-68"/>
+      <path d="M 52 44.1875 
+Q 55.375 50.25 60.0625 53.125 
+Q 64.75 56 71.09375 56 
+Q 79.640625 56 84.28125 50.015625 
+Q 88.921875 44.046875 88.921875 33.015625 
+L 88.921875 0 
+L 79.890625 0 
+L 79.890625 32.71875 
+Q 79.890625 40.578125 77.09375 44.375 
+Q 74.3125 48.1875 68.609375 48.1875 
+Q 61.625 48.1875 57.5625 43.546875 
+Q 53.515625 38.921875 53.515625 30.90625 
+L 53.515625 0 
+L 44.484375 0 
+L 44.484375 32.71875 
+Q 44.484375 40.625 41.703125 44.40625 
+Q 38.921875 48.1875 33.109375 48.1875 
+Q 26.21875 48.1875 22.15625 43.53125 
+Q 18.109375 38.875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 21.1875 51.21875 25.484375 53.609375 
+Q 29.78125 56 35.6875 56 
+Q 41.65625 56 45.828125 52.96875 
+Q 50 49.953125 52 44.1875 
+z
+" id="DejaVuSans-6d"/>
+      <path d="M 34.28125 27.484375 
+Q 23.390625 27.484375 19.1875 25 
+Q 14.984375 22.515625 14.984375 16.5 
+Q 14.984375 11.71875 18.140625 8.90625 
+Q 21.296875 6.109375 26.703125 6.109375 
+Q 34.1875 6.109375 38.703125 11.40625 
+Q 43.21875 16.703125 43.21875 25.484375 
+L 43.21875 27.484375 
+z
+M 52.203125 31.203125 
+L 52.203125 0 
+L 43.21875 0 
+L 43.21875 8.296875 
+Q 40.140625 3.328125 35.546875 0.953125 
+Q 30.953125 -1.421875 24.3125 -1.421875 
+Q 15.921875 -1.421875 10.953125 3.296875 
+Q 6 8.015625 6 15.921875 
+Q 6 25.140625 12.171875 29.828125 
+Q 18.359375 34.515625 30.609375 34.515625 
+L 43.21875 34.515625 
+L 43.21875 35.40625 
+Q 43.21875 41.609375 39.140625 45 
+Q 35.0625 48.390625 27.6875 48.390625 
+Q 23 48.390625 18.546875 47.265625 
+Q 14.109375 46.140625 10.015625 43.890625 
+L 10.015625 52.203125 
+Q 14.9375 54.109375 19.578125 55.046875 
+Q 24.21875 56 28.609375 56 
+Q 40.484375 56 46.34375 49.84375 
+Q 52.203125 43.703125 52.203125 31.203125 
+z
+" id="DejaVuSans-61"/>
+      <path d="M 41.109375 46.296875 
+Q 39.59375 47.171875 37.8125 47.578125 
+Q 36.03125 48 33.890625 48 
+Q 26.265625 48 22.1875 43.046875 
+Q 18.109375 38.09375 18.109375 28.8125 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 20.953125 51.171875 25.484375 53.578125 
+Q 30.03125 56 36.53125 56 
+Q 37.453125 56 38.578125 55.875 
+Q 39.703125 55.765625 41.0625 55.515625 
+z
+" id="DejaVuSans-72"/>
+      <path d="M 9.078125 75.984375 
+L 18.109375 75.984375 
+L 18.109375 31.109375 
+L 44.921875 54.6875 
+L 56.390625 54.6875 
+L 27.390625 29.109375 
+L 57.625 0 
+L 45.90625 0 
+L 18.109375 26.703125 
+L 18.109375 0 
+L 9.078125 0 
+z
+" id="DejaVuSans-6b"/>
+     </defs>
+     <g transform="translate(207.937344 335.860562)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-62"/>
+      <use x="63.476562" xlink:href="#DejaVuSans-65"/>
+      <use x="125" xlink:href="#DejaVuSans-6e"/>
+      <use x="188.378906" xlink:href="#DejaVuSans-63"/>
+      <use x="243.359375" xlink:href="#DejaVuSans-68"/>
+      <use x="306.738281" xlink:href="#DejaVuSans-6d"/>
+      <use x="404.150391" xlink:href="#DejaVuSans-61"/>
+      <use x="465.429688" xlink:href="#DejaVuSans-72"/>
+      <use x="506.542969" xlink:href="#DejaVuSans-6b"/>
+     </g>
+    </g>
+   </g>
+   <g id="matplotlib.axis_2">
+    <g id="ytick_1">
+     <g id="line2d_15">
+      <path clip-path="url(#p29a4bcbbaa)" d="M 57.6 300.147386 
+L 414.72 300.147386 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_16">
+      <defs>
+       <path d="M 0 0 
+L -3.5 0 
+" id="m6256ac7755" style="stroke:#000000;stroke-width:0.8;"/>
+      </defs>
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#m6256ac7755" y="300.147386"/>
+      </g>
+     </g>
+     <g id="text_9">
+      <!-- 0.0 -->
+      <defs>
+       <path d="M 10.6875 12.40625 
+L 21 12.40625 
+L 21 0 
+L 10.6875 0 
+z
+" id="DejaVuSans-2e"/>
+      </defs>
+      <g transform="translate(34.696875 303.946604)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-30"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-2e"/>
+       <use x="95.410156" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_2">
+     <g id="line2d_17">
+      <path clip-path="url(#p29a4bcbbaa)" d="M 57.6 260.966017 
+L 414.72 260.966017 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_18">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#m6256ac7755" y="260.966017"/>
+      </g>
+     </g>
+     <g id="text_10">
+      <!-- 0.5 -->
+      <g transform="translate(34.696875 264.765236)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-30"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-2e"/>
+       <use x="95.410156" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_3">
+     <g id="line2d_19">
+      <path clip-path="url(#p29a4bcbbaa)" d="M 57.6 221.784649 
+L 414.72 221.784649 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_20">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#m6256ac7755" y="221.784649"/>
+      </g>
+     </g>
+     <g id="text_11">
+      <!-- 1.0 -->
+      <g transform="translate(34.696875 225.583867)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-2e"/>
+       <use x="95.410156" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_4">
+     <g id="line2d_21">
+      <path clip-path="url(#p29a4bcbbaa)" d="M 57.6 182.60328 
+L 414.72 182.60328 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_22">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#m6256ac7755" y="182.60328"/>
+      </g>
+     </g>
+     <g id="text_12">
+      <!-- 1.5 -->
+      <g transform="translate(34.696875 186.402499)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-2e"/>
+       <use x="95.410156" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_5">
+     <g id="line2d_23">
+      <path clip-path="url(#p29a4bcbbaa)" d="M 57.6 143.421912 
+L 414.72 143.421912 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_24">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#m6256ac7755" y="143.421912"/>
+      </g>
+     </g>
+     <g id="text_13">
+      <!-- 2.0 -->
+      <g transform="translate(34.696875 147.22113)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-2e"/>
+       <use x="95.410156" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_6">
+     <g id="line2d_25">
+      <path clip-path="url(#p29a4bcbbaa)" d="M 57.6 104.240543 
+L 414.72 104.240543 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_26">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#m6256ac7755" y="104.240543"/>
+      </g>
+     </g>
+     <g id="text_14">
+      <!-- 2.5 -->
+      <g transform="translate(34.696875 108.039762)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-2e"/>
+       <use x="95.410156" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_7">
+     <g id="line2d_27">
+      <path clip-path="url(#p29a4bcbbaa)" d="M 57.6 65.059174 
+L 414.72 65.059174 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_28">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#m6256ac7755" y="65.059174"/>
+      </g>
+     </g>
+     <g id="text_15">
+      <!-- 3.0 -->
+      <g transform="translate(34.696875 68.858393)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-33"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-2e"/>
+       <use x="95.410156" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="text_16">
+     <!-- memory, KB -->
+     <defs>
+      <path d="M 30.609375 48.390625 
+Q 23.390625 48.390625 19.1875 42.75 
+Q 14.984375 37.109375 14.984375 27.296875 
+Q 14.984375 17.484375 19.15625 11.84375 
+Q 23.34375 6.203125 30.609375 6.203125 
+Q 37.796875 6.203125 41.984375 11.859375 
+Q 46.1875 17.53125 46.1875 27.296875 
+Q 46.1875 37.015625 41.984375 42.703125 
+Q 37.796875 48.390625 30.609375 48.390625 
+z
+M 30.609375 56 
+Q 42.328125 56 49.015625 48.375 
+Q 55.71875 40.765625 55.71875 27.296875 
+Q 55.71875 13.875 49.015625 6.21875 
+Q 42.328125 -1.421875 30.609375 -1.421875 
+Q 18.84375 -1.421875 12.171875 6.21875 
+Q 5.515625 13.875 5.515625 27.296875 
+Q 5.515625 40.765625 12.171875 48.375 
+Q 18.84375 56 30.609375 56 
+z
+" id="DejaVuSans-6f"/>
+      <path d="M 32.171875 -5.078125 
+Q 28.375 -14.84375 24.75 -17.8125 
+Q 21.140625 -20.796875 15.09375 -20.796875 
+L 7.90625 -20.796875 
+L 7.90625 -13.28125 
+L 13.1875 -13.28125 
+Q 16.890625 -13.28125 18.9375 -11.515625 
+Q 21 -9.765625 23.484375 -3.21875 
+L 25.09375 0.875 
+L 2.984375 54.6875 
+L 12.5 54.6875 
+L 29.59375 11.921875 
+L 46.6875 54.6875 
+L 56.203125 54.6875 
+z
+" id="DejaVuSans-79"/>
+      <path d="M 11.71875 12.40625 
+L 22.015625 12.40625 
+L 22.015625 4 
+L 14.015625 -11.625 
+L 7.71875 -11.625 
+L 11.71875 4 
+z
+" id="DejaVuSans-2c"/>
+      <path id="DejaVuSans-20"/>
+      <path d="M 9.8125 72.90625 
+L 19.671875 72.90625 
+L 19.671875 42.09375 
+L 52.390625 72.90625 
+L 65.09375 72.90625 
+L 28.90625 38.921875 
+L 67.671875 0 
+L 54.6875 0 
+L 19.671875 35.109375 
+L 19.671875 0 
+L 9.8125 0 
+z
+" id="DejaVuSans-4b"/>
+      <path d="M 19.671875 34.8125 
+L 19.671875 8.109375 
+L 35.5 8.109375 
+Q 43.453125 8.109375 47.28125 11.40625 
+Q 51.125 14.703125 51.125 21.484375 
+Q 51.125 28.328125 47.28125 31.5625 
+Q 43.453125 34.8125 35.5 34.8125 
+z
+M 19.671875 64.796875 
+L 19.671875 42.828125 
+L 34.28125 42.828125 
+Q 41.5 42.828125 45.03125 45.53125 
+Q 48.578125 48.25 48.578125 53.8125 
+Q 48.578125 59.328125 45.03125 62.0625 
+Q 41.5 64.796875 34.28125 64.796875 
+z
+M 9.8125 72.90625 
+L 35.015625 72.90625 
+Q 46.296875 72.90625 52.390625 68.21875 
+Q 58.5 63.53125 58.5 54.890625 
+Q 58.5 48.1875 55.375 44.234375 
+Q 52.25 40.28125 46.1875 39.3125 
+Q 53.46875 37.75 57.5 32.78125 
+Q 61.53125 27.828125 61.53125 20.40625 
+Q 61.53125 10.640625 54.890625 5.3125 
+Q 48.25 0 35.984375 0 
+L 9.8125 0 
+z
+" id="DejaVuSans-42"/>
+     </defs>
+     <g transform="translate(28.617187 205.306906)rotate(-90)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-6d"/>
+      <use x="97.412109" xlink:href="#DejaVuSans-65"/>
+      <use x="158.935547" xlink:href="#DejaVuSans-6d"/>
+      <use x="256.347656" xlink:href="#DejaVuSans-6f"/>
+      <use x="317.529297" xlink:href="#DejaVuSans-72"/>
+      <use x="358.642578" xlink:href="#DejaVuSans-79"/>
+      <use x="417.822266" xlink:href="#DejaVuSans-2c"/>
+      <use x="449.609375" xlink:href="#DejaVuSans-20"/>
+      <use x="481.396484" xlink:href="#DejaVuSans-4b"/>
+      <use x="546.972656" xlink:href="#DejaVuSans-42"/>
+     </g>
+    </g>
+    <g id="text_17">
+     <!-- 1e7 -->
+     <defs>
+      <path d="M 8.203125 72.90625 
+L 55.078125 72.90625 
+L 55.078125 68.703125 
+L 28.609375 0 
+L 18.3125 0 
+L 43.21875 64.59375 
+L 8.203125 64.59375 
+z
+" id="DejaVuSans-37"/>
+     </defs>
+     <g transform="translate(57.6 38.472)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-31"/>
+      <use x="63.623047" xlink:href="#DejaVuSans-65"/>
+      <use x="125.146484" xlink:href="#DejaVuSans-37"/>
+     </g>
+    </g>
+   </g>
+   <g id="line2d_29">
+    <path clip-path="url(#p29a4bcbbaa)" d="M 73.832727 233.555578 
+L 85.027712 231.282839 
+L 96.222696 235.229281 
+L 107.41768 201.819861 
+L 118.612665 202.415888 
+L 129.807649 179.307876 
+L 141.002633 177.10184 
+L 152.197618 182.214852 
+L 163.392602 130.248414 
+L 174.587586 131.89143 
+L 185.782571 256.720324 
+L 196.977555 154.245404 
+L 208.172539 112.599496 
+L 219.367524 235.682029 
+L 230.562508 120.639294 
+L 241.757492 186.955735 
+L 252.952476 73.03647 
+L 264.147461 74.239871 
+L 275.342445 142.328908 
+L 286.537429 53.568 
+L 297.732414 295.422551 
+L 308.927398 293.595634 
+L 320.122382 292.62798 
+L 331.317367 293.915072 
+L 342.512351 293.670141 
+L 353.707335 292.314403 
+L 364.90232 291.268637 
+L 376.097304 289.805197 
+L 387.292288 289.690035 
+L 398.487273 287.802057 
+" style="fill:none;opacity:0.7;stroke:#ff0000;stroke-linecap:square;stroke-width:1.5;"/>
+    <defs>
+     <path d="M -3 3 
+L 3 3 
+L 3 -3 
+L -3 -3 
+z
+" id="m30e98023d4" style="stroke:#ff0000;stroke-linejoin:miter;"/>
+    </defs>
+    <g clip-path="url(#p29a4bcbbaa)">
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="73.832727" xlink:href="#m30e98023d4" y="233.555578"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="85.027712" xlink:href="#m30e98023d4" y="231.282839"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="96.222696" xlink:href="#m30e98023d4" y="235.229281"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="107.41768" xlink:href="#m30e98023d4" y="201.819861"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="118.612665" xlink:href="#m30e98023d4" y="202.415888"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="129.807649" xlink:href="#m30e98023d4" y="179.307876"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="141.002633" xlink:href="#m30e98023d4" y="177.10184"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="152.197618" xlink:href="#m30e98023d4" y="182.214852"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="163.392602" xlink:href="#m30e98023d4" y="130.248414"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="174.587586" xlink:href="#m30e98023d4" y="131.89143"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="185.782571" xlink:href="#m30e98023d4" y="256.720324"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="196.977555" xlink:href="#m30e98023d4" y="154.245404"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="208.172539" xlink:href="#m30e98023d4" y="112.599496"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="219.367524" xlink:href="#m30e98023d4" y="235.682029"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="230.562508" xlink:href="#m30e98023d4" y="120.639294"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="241.757492" xlink:href="#m30e98023d4" y="186.955735"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="252.952476" xlink:href="#m30e98023d4" y="73.03647"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="264.147461" xlink:href="#m30e98023d4" y="74.239871"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="275.342445" xlink:href="#m30e98023d4" y="142.328908"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="286.537429" xlink:href="#m30e98023d4" y="53.568"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="297.732414" xlink:href="#m30e98023d4" y="295.422551"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="308.927398" xlink:href="#m30e98023d4" y="293.595634"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="320.122382" xlink:href="#m30e98023d4" y="292.62798"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="331.317367" xlink:href="#m30e98023d4" y="293.915072"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="342.512351" xlink:href="#m30e98023d4" y="293.670141"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="353.707335" xlink:href="#m30e98023d4" y="292.314403"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="364.90232" xlink:href="#m30e98023d4" y="291.268637"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="376.097304" xlink:href="#m30e98023d4" y="289.805197"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="387.292288" xlink:href="#m30e98023d4" y="289.690035"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="398.487273" xlink:href="#m30e98023d4" y="287.802057"/>
+    </g>
+   </g>
+   <g id="line2d_30">
+    <path clip-path="url(#p29a4bcbbaa)" d="M 73.832727 247.723341 
+L 85.027712 243.895165 
+L 96.222696 243.898958 
+L 107.41768 221.103269 
+L 118.612665 216.72671 
+L 129.807649 192.73273 
+L 141.002633 191.738839 
+L 152.197618 193.484197 
+L 163.392602 162.40309 
+L 174.587586 162.873173 
+L 185.782571 267.721731 
+L 196.977555 166.334486 
+L 208.172539 118.927193 
+L 219.367524 257.696222 
+L 230.562508 128.343604 
+L 241.757492 226.205279 
+L 252.952476 81.115637 
+L 264.147461 77.950472 
+L 275.342445 167.745266 
+L 286.537429 63.639963 
+L 297.732414 295.488 
+L 308.927398 293.403426 
+L 320.122382 291.818461 
+L 331.317367 294.142136 
+L 342.512351 293.798938 
+L 353.707335 292.043582 
+L 364.90232 291.488146 
+L 376.097304 289.44849 
+L 387.292288 289.572804 
+L 398.487273 286.387641 
+" style="fill:none;opacity:0.7;stroke:#0000ff;stroke-linecap:square;stroke-width:1.5;"/>
+    <defs>
+     <path d="M 0 3 
+C 0.795609 3 1.55874 2.683901 2.12132 2.12132 
+C 2.683901 1.55874 3 0.795609 3 0 
+C 3 -0.795609 2.683901 -1.55874 2.12132 -2.12132 
+C 1.55874 -2.683901 0.795609 -3 0 -3 
+C -0.795609 -3 -1.55874 -2.683901 -2.12132 -2.12132 
+C -2.683901 -1.55874 -3 -0.795609 -3 0 
+C -3 0.795609 -2.683901 1.55874 -2.12132 2.12132 
+C -1.55874 2.683901 -0.795609 3 0 3 
+z
+" id="mac1ff82722" style="stroke:#0000ff;"/>
+    </defs>
+    <g clip-path="url(#p29a4bcbbaa)">
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="73.832727" xlink:href="#mac1ff82722" y="247.723341"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="85.027712" xlink:href="#mac1ff82722" y="243.895165"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="96.222696" xlink:href="#mac1ff82722" y="243.898958"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="107.41768" xlink:href="#mac1ff82722" y="221.103269"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="118.612665" xlink:href="#mac1ff82722" y="216.72671"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="129.807649" xlink:href="#mac1ff82722" y="192.73273"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="141.002633" xlink:href="#mac1ff82722" y="191.738839"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="152.197618" xlink:href="#mac1ff82722" y="193.484197"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="163.392602" xlink:href="#mac1ff82722" y="162.40309"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="174.587586" xlink:href="#mac1ff82722" y="162.873173"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="185.782571" xlink:href="#mac1ff82722" y="267.721731"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="196.977555" xlink:href="#mac1ff82722" y="166.334486"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="208.172539" xlink:href="#mac1ff82722" y="118.927193"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="219.367524" xlink:href="#mac1ff82722" y="257.696222"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="230.562508" xlink:href="#mac1ff82722" y="128.343604"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="241.757492" xlink:href="#mac1ff82722" y="226.205279"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="252.952476" xlink:href="#mac1ff82722" y="81.115637"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="264.147461" xlink:href="#mac1ff82722" y="77.950472"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="275.342445" xlink:href="#mac1ff82722" y="167.745266"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="286.537429" xlink:href="#mac1ff82722" y="63.639963"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="297.732414" xlink:href="#mac1ff82722" y="295.488"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="308.927398" xlink:href="#mac1ff82722" y="293.403426"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="320.122382" xlink:href="#mac1ff82722" y="291.818461"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="331.317367" xlink:href="#mac1ff82722" y="294.142136"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="342.512351" xlink:href="#mac1ff82722" y="293.798938"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="353.707335" xlink:href="#mac1ff82722" y="292.043582"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="364.90232" xlink:href="#mac1ff82722" y="291.488146"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="376.097304" xlink:href="#mac1ff82722" y="289.44849"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="387.292288" xlink:href="#mac1ff82722" y="289.572804"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="398.487273" xlink:href="#mac1ff82722" y="286.387641"/>
+    </g>
+   </g>
+   <g id="patch_3">
+    <path d="M 57.6 307.584 
+L 57.6 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_4">
+    <path d="M 414.72 307.584 
+L 414.72 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_5">
+    <path d="M 57.6 307.584 
+L 414.72 307.584 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_6">
+    <path d="M 57.6 41.472 
+L 414.72 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="legend_1">
+    <g id="patch_7">
+     <path d="M 64.6 78.82825 
+L 242.110938 78.82825 
+Q 244.110938 78.82825 244.110938 76.82825 
+L 244.110938 48.472 
+Q 244.110938 46.472 242.110938 46.472 
+L 64.6 46.472 
+Q 62.6 46.472 62.6 48.472 
+L 62.6 76.82825 
+Q 62.6 78.82825 64.6 78.82825 
+z
+" style="fill:#ffffff;opacity:0.8;stroke:#cccccc;stroke-linejoin:miter;"/>
+    </g>
+    <g id="line2d_31">
+     <path d="M 66.6 54.570437 
+L 86.6 54.570437 
+" style="fill:none;opacity:0.7;stroke:#ff0000;stroke-linecap:square;stroke-width:1.5;"/>
+    </g>
+    <g id="line2d_32">
+     <g>
+      <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="76.6" xlink:href="#m30e98023d4" y="54.570437"/>
+     </g>
+    </g>
+    <g id="text_18">
+     <!-- 001indinv-apalache-unstable -->
+     <defs>
+      <path d="M 9.421875 54.6875 
+L 18.40625 54.6875 
+L 18.40625 0 
+L 9.421875 0 
+z
+M 9.421875 75.984375 
+L 18.40625 75.984375 
+L 18.40625 64.59375 
+L 9.421875 64.59375 
+z
+" id="DejaVuSans-69"/>
+      <path d="M 45.40625 46.390625 
+L 45.40625 75.984375 
+L 54.390625 75.984375 
+L 54.390625 0 
+L 45.40625 0 
+L 45.40625 8.203125 
+Q 42.578125 3.328125 38.25 0.953125 
+Q 33.9375 -1.421875 27.875 -1.421875 
+Q 17.96875 -1.421875 11.734375 6.484375 
+Q 5.515625 14.40625 5.515625 27.296875 
+Q 5.515625 40.1875 11.734375 48.09375 
+Q 17.96875 56 27.875 56 
+Q 33.9375 56 38.25 53.625 
+Q 42.578125 51.265625 45.40625 46.390625 
+z
+M 14.796875 27.296875 
+Q 14.796875 17.390625 18.875 11.75 
+Q 22.953125 6.109375 30.078125 6.109375 
+Q 37.203125 6.109375 41.296875 11.75 
+Q 45.40625 17.390625 45.40625 27.296875 
+Q 45.40625 37.203125 41.296875 42.84375 
+Q 37.203125 48.484375 30.078125 48.484375 
+Q 22.953125 48.484375 18.875 42.84375 
+Q 14.796875 37.203125 14.796875 27.296875 
+z
+" id="DejaVuSans-64"/>
+      <path d="M 2.984375 54.6875 
+L 12.5 54.6875 
+L 29.59375 8.796875 
+L 46.6875 54.6875 
+L 56.203125 54.6875 
+L 35.6875 0 
+L 23.484375 0 
+z
+" id="DejaVuSans-76"/>
+      <path d="M 4.890625 31.390625 
+L 31.203125 31.390625 
+L 31.203125 23.390625 
+L 4.890625 23.390625 
+z
+" id="DejaVuSans-2d"/>
+      <path d="M 18.109375 8.203125 
+L 18.109375 -20.796875 
+L 9.078125 -20.796875 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.390625 
+Q 20.953125 51.265625 25.265625 53.625 
+Q 29.59375 56 35.59375 56 
+Q 45.5625 56 51.78125 48.09375 
+Q 58.015625 40.1875 58.015625 27.296875 
+Q 58.015625 14.40625 51.78125 6.484375 
+Q 45.5625 -1.421875 35.59375 -1.421875 
+Q 29.59375 -1.421875 25.265625 0.953125 
+Q 20.953125 3.328125 18.109375 8.203125 
+z
+M 48.6875 27.296875 
+Q 48.6875 37.203125 44.609375 42.84375 
+Q 40.53125 48.484375 33.40625 48.484375 
+Q 26.265625 48.484375 22.1875 42.84375 
+Q 18.109375 37.203125 18.109375 27.296875 
+Q 18.109375 17.390625 22.1875 11.75 
+Q 26.265625 6.109375 33.40625 6.109375 
+Q 40.53125 6.109375 44.609375 11.75 
+Q 48.6875 17.390625 48.6875 27.296875 
+z
+" id="DejaVuSans-70"/>
+      <path d="M 9.421875 75.984375 
+L 18.40625 75.984375 
+L 18.40625 0 
+L 9.421875 0 
+z
+" id="DejaVuSans-6c"/>
+      <path d="M 8.5 21.578125 
+L 8.5 54.6875 
+L 17.484375 54.6875 
+L 17.484375 21.921875 
+Q 17.484375 14.15625 20.5 10.265625 
+Q 23.53125 6.390625 29.59375 6.390625 
+Q 36.859375 6.390625 41.078125 11.03125 
+Q 45.3125 15.671875 45.3125 23.6875 
+L 45.3125 54.6875 
+L 54.296875 54.6875 
+L 54.296875 0 
+L 45.3125 0 
+L 45.3125 8.40625 
+Q 42.046875 3.421875 37.71875 1 
+Q 33.40625 -1.421875 27.6875 -1.421875 
+Q 18.265625 -1.421875 13.375 4.4375 
+Q 8.5 10.296875 8.5 21.578125 
+z
+M 31.109375 56 
+z
+" id="DejaVuSans-75"/>
+      <path d="M 44.28125 53.078125 
+L 44.28125 44.578125 
+Q 40.484375 46.53125 36.375 47.5 
+Q 32.28125 48.484375 27.875 48.484375 
+Q 21.1875 48.484375 17.84375 46.4375 
+Q 14.5 44.390625 14.5 40.28125 
+Q 14.5 37.15625 16.890625 35.375 
+Q 19.28125 33.59375 26.515625 31.984375 
+L 29.59375 31.296875 
+Q 39.15625 29.25 43.1875 25.515625 
+Q 47.21875 21.78125 47.21875 15.09375 
+Q 47.21875 7.46875 41.1875 3.015625 
+Q 35.15625 -1.421875 24.609375 -1.421875 
+Q 20.21875 -1.421875 15.453125 -0.5625 
+Q 10.6875 0.296875 5.421875 2 
+L 5.421875 11.28125 
+Q 10.40625 8.6875 15.234375 7.390625 
+Q 20.0625 6.109375 24.8125 6.109375 
+Q 31.15625 6.109375 34.5625 8.28125 
+Q 37.984375 10.453125 37.984375 14.40625 
+Q 37.984375 18.0625 35.515625 20.015625 
+Q 33.0625 21.96875 24.703125 23.78125 
+L 21.578125 24.515625 
+Q 13.234375 26.265625 9.515625 29.90625 
+Q 5.8125 33.546875 5.8125 39.890625 
+Q 5.8125 47.609375 11.28125 51.796875 
+Q 16.75 56 26.8125 56 
+Q 31.78125 56 36.171875 55.265625 
+Q 40.578125 54.546875 44.28125 53.078125 
+z
+" id="DejaVuSans-73"/>
+      <path d="M 18.3125 70.21875 
+L 18.3125 54.6875 
+L 36.8125 54.6875 
+L 36.8125 47.703125 
+L 18.3125 47.703125 
+L 18.3125 18.015625 
+Q 18.3125 11.328125 20.140625 9.421875 
+Q 21.96875 7.515625 27.59375 7.515625 
+L 36.8125 7.515625 
+L 36.8125 0 
+L 27.59375 0 
+Q 17.1875 0 13.234375 3.875 
+Q 9.28125 7.765625 9.28125 18.015625 
+L 9.28125 47.703125 
+L 2.6875 47.703125 
+L 2.6875 54.6875 
+L 9.28125 54.6875 
+L 9.28125 70.21875 
+z
+" id="DejaVuSans-74"/>
+     </defs>
+     <g transform="translate(94.6 58.070437)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-30"/>
+      <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      <use x="127.246094" xlink:href="#DejaVuSans-31"/>
+      <use x="190.869141" xlink:href="#DejaVuSans-69"/>
+      <use x="218.652344" xlink:href="#DejaVuSans-6e"/>
+      <use x="282.03125" xlink:href="#DejaVuSans-64"/>
+      <use x="345.507812" xlink:href="#DejaVuSans-69"/>
+      <use x="373.291016" xlink:href="#DejaVuSans-6e"/>
+      <use x="436.669922" xlink:href="#DejaVuSans-76"/>
+      <use x="495.818359" xlink:href="#DejaVuSans-2d"/>
+      <use x="531.902344" xlink:href="#DejaVuSans-61"/>
+      <use x="593.181641" xlink:href="#DejaVuSans-70"/>
+      <use x="656.658203" xlink:href="#DejaVuSans-61"/>
+      <use x="717.9375" xlink:href="#DejaVuSans-6c"/>
+      <use x="745.720703" xlink:href="#DejaVuSans-61"/>
+      <use x="807" xlink:href="#DejaVuSans-63"/>
+      <use x="861.980469" xlink:href="#DejaVuSans-68"/>
+      <use x="925.359375" xlink:href="#DejaVuSans-65"/>
+      <use x="986.882812" xlink:href="#DejaVuSans-2d"/>
+      <use x="1022.966797" xlink:href="#DejaVuSans-75"/>
+      <use x="1086.345703" xlink:href="#DejaVuSans-6e"/>
+      <use x="1149.724609" xlink:href="#DejaVuSans-73"/>
+      <use x="1201.824219" xlink:href="#DejaVuSans-74"/>
+      <use x="1241.033203" xlink:href="#DejaVuSans-61"/>
+      <use x="1302.3125" xlink:href="#DejaVuSans-62"/>
+      <use x="1365.789062" xlink:href="#DejaVuSans-6c"/>
+      <use x="1393.572266" xlink:href="#DejaVuSans-65"/>
+     </g>
+    </g>
+    <g id="line2d_33">
+     <path d="M 66.6 69.248562 
+L 86.6 69.248562 
+" style="fill:none;opacity:0.7;stroke:#0000ff;stroke-linecap:square;stroke-width:1.5;"/>
+    </g>
+    <g id="line2d_34">
+     <g>
+      <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="76.6" xlink:href="#mac1ff82722" y="69.248562"/>
+     </g>
+    </g>
+    <g id="text_19">
+     <!-- 001indinv-apalache-card -->
+     <g transform="translate(94.6 72.748562)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-30"/>
+      <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      <use x="127.246094" xlink:href="#DejaVuSans-31"/>
+      <use x="190.869141" xlink:href="#DejaVuSans-69"/>
+      <use x="218.652344" xlink:href="#DejaVuSans-6e"/>
+      <use x="282.03125" xlink:href="#DejaVuSans-64"/>
+      <use x="345.507812" xlink:href="#DejaVuSans-69"/>
+      <use x="373.291016" xlink:href="#DejaVuSans-6e"/>
+      <use x="436.669922" xlink:href="#DejaVuSans-76"/>
+      <use x="495.818359" xlink:href="#DejaVuSans-2d"/>
+      <use x="531.902344" xlink:href="#DejaVuSans-61"/>
+      <use x="593.181641" xlink:href="#DejaVuSans-70"/>
+      <use x="656.658203" xlink:href="#DejaVuSans-61"/>
+      <use x="717.9375" xlink:href="#DejaVuSans-6c"/>
+      <use x="745.720703" xlink:href="#DejaVuSans-61"/>
+      <use x="807" xlink:href="#DejaVuSans-63"/>
+      <use x="861.980469" xlink:href="#DejaVuSans-68"/>
+      <use x="925.359375" xlink:href="#DejaVuSans-65"/>
+      <use x="986.882812" xlink:href="#DejaVuSans-2d"/>
+      <use x="1022.966797" xlink:href="#DejaVuSans-63"/>
+      <use x="1077.947266" xlink:href="#DejaVuSans-61"/>
+      <use x="1139.226562" xlink:href="#DejaVuSans-72"/>
+      <use x="1180.324219" xlink:href="#DejaVuSans-64"/>
+     </g>
+    </g>
+   </g>
+  </g>
+ </g>
+ <defs>
+  <clipPath id="p29a4bcbbaa">
+   <rect height="266.112" width="357.12" x="57.6" y="41.472"/>
+  </clipPath>
+ </defs>
+</svg>
diff --git a/docs/spec/tendermint-fork-cases/results/001indinv-apalache-ncells.svg b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-ncells.svg
new file mode 100644
index 000000000..184a5f809
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-ncells.svg
@@ -0,0 +1,1227 @@
+<?xml version="1.0" encoding="utf-8" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"
+  "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<!-- Created with matplotlib (http://matplotlib.org/) -->
+<svg height="345pt" version="1.1" viewBox="0 0 460 345" width="460pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+ <defs>
+  <style type="text/css">
+*{stroke-linecap:butt;stroke-linejoin:round;}
+  </style>
+ </defs>
+ <g id="figure_1">
+  <g id="patch_1">
+   <path d="M 0 345.6 
+L 460.8 345.6 
+L 460.8 0 
+L 0 0 
+z
+" style="fill:#ffffff;"/>
+  </g>
+  <g id="axes_1">
+   <g id="patch_2">
+    <path d="M 57.6 307.584 
+L 414.72 307.584 
+L 414.72 41.472 
+L 57.6 41.472 
+z
+" style="fill:#ffffff;"/>
+   </g>
+   <g id="matplotlib.axis_1">
+    <g id="xtick_1">
+     <g id="line2d_1">
+      <path clip-path="url(#p244924633f)" d="M 62.637743 307.584 
+L 62.637743 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_2">
+      <defs>
+       <path d="M 0 0 
+L 0 3.5 
+" id="med40f42f76" style="stroke:#000000;stroke-width:0.8;"/>
+      </defs>
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="62.637743" xlink:href="#med40f42f76" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_1">
+      <!-- 0 -->
+      <defs>
+       <path d="M 31.78125 66.40625 
+Q 24.171875 66.40625 20.328125 58.90625 
+Q 16.5 51.421875 16.5 36.375 
+Q 16.5 21.390625 20.328125 13.890625 
+Q 24.171875 6.390625 31.78125 6.390625 
+Q 39.453125 6.390625 43.28125 13.890625 
+Q 47.125 21.390625 47.125 36.375 
+Q 47.125 51.421875 43.28125 58.90625 
+Q 39.453125 66.40625 31.78125 66.40625 
+z
+M 31.78125 74.21875 
+Q 44.046875 74.21875 50.515625 64.515625 
+Q 56.984375 54.828125 56.984375 36.375 
+Q 56.984375 17.96875 50.515625 8.265625 
+Q 44.046875 -1.421875 31.78125 -1.421875 
+Q 19.53125 -1.421875 13.0625 8.265625 
+Q 6.59375 17.96875 6.59375 36.375 
+Q 6.59375 54.828125 13.0625 64.515625 
+Q 19.53125 74.21875 31.78125 74.21875 
+z
+" id="DejaVuSans-30"/>
+      </defs>
+      <g transform="translate(59.456493 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_2">
+     <g id="line2d_3">
+      <path clip-path="url(#p244924633f)" d="M 118.612665 307.584 
+L 118.612665 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_4">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="118.612665" xlink:href="#med40f42f76" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_2">
+      <!-- 5 -->
+      <defs>
+       <path d="M 10.796875 72.90625 
+L 49.515625 72.90625 
+L 49.515625 64.59375 
+L 19.828125 64.59375 
+L 19.828125 46.734375 
+Q 21.96875 47.46875 24.109375 47.828125 
+Q 26.265625 48.1875 28.421875 48.1875 
+Q 40.625 48.1875 47.75 41.5 
+Q 54.890625 34.8125 54.890625 23.390625 
+Q 54.890625 11.625 47.5625 5.09375 
+Q 40.234375 -1.421875 26.90625 -1.421875 
+Q 22.3125 -1.421875 17.546875 -0.640625 
+Q 12.796875 0.140625 7.71875 1.703125 
+L 7.71875 11.625 
+Q 12.109375 9.234375 16.796875 8.0625 
+Q 21.484375 6.890625 26.703125 6.890625 
+Q 35.15625 6.890625 40.078125 11.328125 
+Q 45.015625 15.765625 45.015625 23.390625 
+Q 45.015625 31 40.078125 35.4375 
+Q 35.15625 39.890625 26.703125 39.890625 
+Q 22.75 39.890625 18.8125 39.015625 
+Q 14.890625 38.140625 10.796875 36.28125 
+z
+" id="DejaVuSans-35"/>
+      </defs>
+      <g transform="translate(115.431415 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_3">
+     <g id="line2d_5">
+      <path clip-path="url(#p244924633f)" d="M 174.587586 307.584 
+L 174.587586 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_6">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="174.587586" xlink:href="#med40f42f76" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_3">
+      <!-- 10 -->
+      <defs>
+       <path d="M 12.40625 8.296875 
+L 28.515625 8.296875 
+L 28.515625 63.921875 
+L 10.984375 60.40625 
+L 10.984375 69.390625 
+L 28.421875 72.90625 
+L 38.28125 72.90625 
+L 38.28125 8.296875 
+L 54.390625 8.296875 
+L 54.390625 0 
+L 12.40625 0 
+z
+" id="DejaVuSans-31"/>
+      </defs>
+      <g transform="translate(168.225086 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_4">
+     <g id="line2d_7">
+      <path clip-path="url(#p244924633f)" d="M 230.562508 307.584 
+L 230.562508 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_8">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="230.562508" xlink:href="#med40f42f76" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_4">
+      <!-- 15 -->
+      <g transform="translate(224.200008 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_5">
+     <g id="line2d_9">
+      <path clip-path="url(#p244924633f)" d="M 286.537429 307.584 
+L 286.537429 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_10">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="286.537429" xlink:href="#med40f42f76" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_5">
+      <!-- 20 -->
+      <defs>
+       <path d="M 19.1875 8.296875 
+L 53.609375 8.296875 
+L 53.609375 0 
+L 7.328125 0 
+L 7.328125 8.296875 
+Q 12.9375 14.109375 22.625 23.890625 
+Q 32.328125 33.6875 34.8125 36.53125 
+Q 39.546875 41.84375 41.421875 45.53125 
+Q 43.3125 49.21875 43.3125 52.78125 
+Q 43.3125 58.59375 39.234375 62.25 
+Q 35.15625 65.921875 28.609375 65.921875 
+Q 23.96875 65.921875 18.8125 64.3125 
+Q 13.671875 62.703125 7.8125 59.421875 
+L 7.8125 69.390625 
+Q 13.765625 71.78125 18.9375 73 
+Q 24.125 74.21875 28.421875 74.21875 
+Q 39.75 74.21875 46.484375 68.546875 
+Q 53.21875 62.890625 53.21875 53.421875 
+Q 53.21875 48.921875 51.53125 44.890625 
+Q 49.859375 40.875 45.40625 35.40625 
+Q 44.1875 33.984375 37.640625 27.21875 
+Q 31.109375 20.453125 19.1875 8.296875 
+z
+" id="DejaVuSans-32"/>
+      </defs>
+      <g transform="translate(280.174929 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_6">
+     <g id="line2d_11">
+      <path clip-path="url(#p244924633f)" d="M 342.512351 307.584 
+L 342.512351 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_12">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="342.512351" xlink:href="#med40f42f76" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_6">
+      <!-- 25 -->
+      <g transform="translate(336.149851 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_7">
+     <g id="line2d_13">
+      <path clip-path="url(#p244924633f)" d="M 398.487273 307.584 
+L 398.487273 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_14">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="398.487273" xlink:href="#med40f42f76" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_7">
+      <!-- 30 -->
+      <defs>
+       <path d="M 40.578125 39.3125 
+Q 47.65625 37.796875 51.625 33 
+Q 55.609375 28.21875 55.609375 21.1875 
+Q 55.609375 10.40625 48.1875 4.484375 
+Q 40.765625 -1.421875 27.09375 -1.421875 
+Q 22.515625 -1.421875 17.65625 -0.515625 
+Q 12.796875 0.390625 7.625 2.203125 
+L 7.625 11.71875 
+Q 11.71875 9.328125 16.59375 8.109375 
+Q 21.484375 6.890625 26.8125 6.890625 
+Q 36.078125 6.890625 40.9375 10.546875 
+Q 45.796875 14.203125 45.796875 21.1875 
+Q 45.796875 27.640625 41.28125 31.265625 
+Q 36.765625 34.90625 28.71875 34.90625 
+L 20.21875 34.90625 
+L 20.21875 43.015625 
+L 29.109375 43.015625 
+Q 36.375 43.015625 40.234375 45.921875 
+Q 44.09375 48.828125 44.09375 54.296875 
+Q 44.09375 59.90625 40.109375 62.90625 
+Q 36.140625 65.921875 28.71875 65.921875 
+Q 24.65625 65.921875 20.015625 65.03125 
+Q 15.375 64.15625 9.8125 62.3125 
+L 9.8125 71.09375 
+Q 15.4375 72.65625 20.34375 73.4375 
+Q 25.25 74.21875 29.59375 74.21875 
+Q 40.828125 74.21875 47.359375 69.109375 
+Q 53.90625 64.015625 53.90625 55.328125 
+Q 53.90625 49.265625 50.4375 45.09375 
+Q 46.96875 40.921875 40.578125 39.3125 
+z
+" id="DejaVuSans-33"/>
+      </defs>
+      <g transform="translate(392.124773 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-33"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="text_8">
+     <!-- benchmark -->
+     <defs>
+      <path d="M 48.6875 27.296875 
+Q 48.6875 37.203125 44.609375 42.84375 
+Q 40.53125 48.484375 33.40625 48.484375 
+Q 26.265625 48.484375 22.1875 42.84375 
+Q 18.109375 37.203125 18.109375 27.296875 
+Q 18.109375 17.390625 22.1875 11.75 
+Q 26.265625 6.109375 33.40625 6.109375 
+Q 40.53125 6.109375 44.609375 11.75 
+Q 48.6875 17.390625 48.6875 27.296875 
+z
+M 18.109375 46.390625 
+Q 20.953125 51.265625 25.265625 53.625 
+Q 29.59375 56 35.59375 56 
+Q 45.5625 56 51.78125 48.09375 
+Q 58.015625 40.1875 58.015625 27.296875 
+Q 58.015625 14.40625 51.78125 6.484375 
+Q 45.5625 -1.421875 35.59375 -1.421875 
+Q 29.59375 -1.421875 25.265625 0.953125 
+Q 20.953125 3.328125 18.109375 8.203125 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 75.984375 
+L 18.109375 75.984375 
+z
+" id="DejaVuSans-62"/>
+      <path d="M 56.203125 29.59375 
+L 56.203125 25.203125 
+L 14.890625 25.203125 
+Q 15.484375 15.921875 20.484375 11.0625 
+Q 25.484375 6.203125 34.421875 6.203125 
+Q 39.59375 6.203125 44.453125 7.46875 
+Q 49.3125 8.734375 54.109375 11.28125 
+L 54.109375 2.78125 
+Q 49.265625 0.734375 44.1875 -0.34375 
+Q 39.109375 -1.421875 33.890625 -1.421875 
+Q 20.796875 -1.421875 13.15625 6.1875 
+Q 5.515625 13.8125 5.515625 26.8125 
+Q 5.515625 40.234375 12.765625 48.109375 
+Q 20.015625 56 32.328125 56 
+Q 43.359375 56 49.78125 48.890625 
+Q 56.203125 41.796875 56.203125 29.59375 
+z
+M 47.21875 32.234375 
+Q 47.125 39.59375 43.09375 43.984375 
+Q 39.0625 48.390625 32.421875 48.390625 
+Q 24.90625 48.390625 20.390625 44.140625 
+Q 15.875 39.890625 15.1875 32.171875 
+z
+" id="DejaVuSans-65"/>
+      <path d="M 54.890625 33.015625 
+L 54.890625 0 
+L 45.90625 0 
+L 45.90625 32.71875 
+Q 45.90625 40.484375 42.875 44.328125 
+Q 39.84375 48.1875 33.796875 48.1875 
+Q 26.515625 48.1875 22.3125 43.546875 
+Q 18.109375 38.921875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 21.34375 51.125 25.703125 53.5625 
+Q 30.078125 56 35.796875 56 
+Q 45.21875 56 50.046875 50.171875 
+Q 54.890625 44.34375 54.890625 33.015625 
+z
+" id="DejaVuSans-6e"/>
+      <path d="M 48.78125 52.59375 
+L 48.78125 44.1875 
+Q 44.96875 46.296875 41.140625 47.34375 
+Q 37.3125 48.390625 33.40625 48.390625 
+Q 24.65625 48.390625 19.8125 42.84375 
+Q 14.984375 37.3125 14.984375 27.296875 
+Q 14.984375 17.28125 19.8125 11.734375 
+Q 24.65625 6.203125 33.40625 6.203125 
+Q 37.3125 6.203125 41.140625 7.25 
+Q 44.96875 8.296875 48.78125 10.40625 
+L 48.78125 2.09375 
+Q 45.015625 0.34375 40.984375 -0.53125 
+Q 36.96875 -1.421875 32.421875 -1.421875 
+Q 20.0625 -1.421875 12.78125 6.34375 
+Q 5.515625 14.109375 5.515625 27.296875 
+Q 5.515625 40.671875 12.859375 48.328125 
+Q 20.21875 56 33.015625 56 
+Q 37.15625 56 41.109375 55.140625 
+Q 45.0625 54.296875 48.78125 52.59375 
+z
+" id="DejaVuSans-63"/>
+      <path d="M 54.890625 33.015625 
+L 54.890625 0 
+L 45.90625 0 
+L 45.90625 32.71875 
+Q 45.90625 40.484375 42.875 44.328125 
+Q 39.84375 48.1875 33.796875 48.1875 
+Q 26.515625 48.1875 22.3125 43.546875 
+Q 18.109375 38.921875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 75.984375 
+L 18.109375 75.984375 
+L 18.109375 46.1875 
+Q 21.34375 51.125 25.703125 53.5625 
+Q 30.078125 56 35.796875 56 
+Q 45.21875 56 50.046875 50.171875 
+Q 54.890625 44.34375 54.890625 33.015625 
+z
+" id="DejaVuSans-68"/>
+      <path d="M 52 44.1875 
+Q 55.375 50.25 60.0625 53.125 
+Q 64.75 56 71.09375 56 
+Q 79.640625 56 84.28125 50.015625 
+Q 88.921875 44.046875 88.921875 33.015625 
+L 88.921875 0 
+L 79.890625 0 
+L 79.890625 32.71875 
+Q 79.890625 40.578125 77.09375 44.375 
+Q 74.3125 48.1875 68.609375 48.1875 
+Q 61.625 48.1875 57.5625 43.546875 
+Q 53.515625 38.921875 53.515625 30.90625 
+L 53.515625 0 
+L 44.484375 0 
+L 44.484375 32.71875 
+Q 44.484375 40.625 41.703125 44.40625 
+Q 38.921875 48.1875 33.109375 48.1875 
+Q 26.21875 48.1875 22.15625 43.53125 
+Q 18.109375 38.875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 21.1875 51.21875 25.484375 53.609375 
+Q 29.78125 56 35.6875 56 
+Q 41.65625 56 45.828125 52.96875 
+Q 50 49.953125 52 44.1875 
+z
+" id="DejaVuSans-6d"/>
+      <path d="M 34.28125 27.484375 
+Q 23.390625 27.484375 19.1875 25 
+Q 14.984375 22.515625 14.984375 16.5 
+Q 14.984375 11.71875 18.140625 8.90625 
+Q 21.296875 6.109375 26.703125 6.109375 
+Q 34.1875 6.109375 38.703125 11.40625 
+Q 43.21875 16.703125 43.21875 25.484375 
+L 43.21875 27.484375 
+z
+M 52.203125 31.203125 
+L 52.203125 0 
+L 43.21875 0 
+L 43.21875 8.296875 
+Q 40.140625 3.328125 35.546875 0.953125 
+Q 30.953125 -1.421875 24.3125 -1.421875 
+Q 15.921875 -1.421875 10.953125 3.296875 
+Q 6 8.015625 6 15.921875 
+Q 6 25.140625 12.171875 29.828125 
+Q 18.359375 34.515625 30.609375 34.515625 
+L 43.21875 34.515625 
+L 43.21875 35.40625 
+Q 43.21875 41.609375 39.140625 45 
+Q 35.0625 48.390625 27.6875 48.390625 
+Q 23 48.390625 18.546875 47.265625 
+Q 14.109375 46.140625 10.015625 43.890625 
+L 10.015625 52.203125 
+Q 14.9375 54.109375 19.578125 55.046875 
+Q 24.21875 56 28.609375 56 
+Q 40.484375 56 46.34375 49.84375 
+Q 52.203125 43.703125 52.203125 31.203125 
+z
+" id="DejaVuSans-61"/>
+      <path d="M 41.109375 46.296875 
+Q 39.59375 47.171875 37.8125 47.578125 
+Q 36.03125 48 33.890625 48 
+Q 26.265625 48 22.1875 43.046875 
+Q 18.109375 38.09375 18.109375 28.8125 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 20.953125 51.171875 25.484375 53.578125 
+Q 30.03125 56 36.53125 56 
+Q 37.453125 56 38.578125 55.875 
+Q 39.703125 55.765625 41.0625 55.515625 
+z
+" id="DejaVuSans-72"/>
+      <path d="M 9.078125 75.984375 
+L 18.109375 75.984375 
+L 18.109375 31.109375 
+L 44.921875 54.6875 
+L 56.390625 54.6875 
+L 27.390625 29.109375 
+L 57.625 0 
+L 45.90625 0 
+L 18.109375 26.703125 
+L 18.109375 0 
+L 9.078125 0 
+z
+" id="DejaVuSans-6b"/>
+     </defs>
+     <g transform="translate(207.937344 335.860562)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-62"/>
+      <use x="63.476562" xlink:href="#DejaVuSans-65"/>
+      <use x="125" xlink:href="#DejaVuSans-6e"/>
+      <use x="188.378906" xlink:href="#DejaVuSans-63"/>
+      <use x="243.359375" xlink:href="#DejaVuSans-68"/>
+      <use x="306.738281" xlink:href="#DejaVuSans-6d"/>
+      <use x="404.150391" xlink:href="#DejaVuSans-61"/>
+      <use x="465.429688" xlink:href="#DejaVuSans-72"/>
+      <use x="506.542969" xlink:href="#DejaVuSans-6b"/>
+     </g>
+    </g>
+   </g>
+   <g id="matplotlib.axis_2">
+    <g id="ytick_1">
+     <g id="line2d_15">
+      <path clip-path="url(#p244924633f)" d="M 57.6 295.700447 
+L 414.72 295.700447 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_16">
+      <defs>
+       <path d="M 0 0 
+L -3.5 0 
+" id="me36ae73ad0" style="stroke:#000000;stroke-width:0.8;"/>
+      </defs>
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#me36ae73ad0" y="295.700447"/>
+      </g>
+     </g>
+     <g id="text_9">
+      <!-- 0 -->
+      <g transform="translate(44.2375 299.499666)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_2">
+     <g id="line2d_17">
+      <path clip-path="url(#p244924633f)" d="M 57.6 257.911955 
+L 414.72 257.911955 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_18">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#me36ae73ad0" y="257.911955"/>
+      </g>
+     </g>
+     <g id="text_10">
+      <!-- 1000000 -->
+      <g transform="translate(6.0625 261.711173)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+       <use x="127.246094" xlink:href="#DejaVuSans-30"/>
+       <use x="190.869141" xlink:href="#DejaVuSans-30"/>
+       <use x="254.492188" xlink:href="#DejaVuSans-30"/>
+       <use x="318.115234" xlink:href="#DejaVuSans-30"/>
+       <use x="381.738281" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_3">
+     <g id="line2d_19">
+      <path clip-path="url(#p244924633f)" d="M 57.6 220.123462 
+L 414.72 220.123462 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_20">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#me36ae73ad0" y="220.123462"/>
+      </g>
+     </g>
+     <g id="text_11">
+      <!-- 2000000 -->
+      <g transform="translate(6.0625 223.922681)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+       <use x="127.246094" xlink:href="#DejaVuSans-30"/>
+       <use x="190.869141" xlink:href="#DejaVuSans-30"/>
+       <use x="254.492188" xlink:href="#DejaVuSans-30"/>
+       <use x="318.115234" xlink:href="#DejaVuSans-30"/>
+       <use x="381.738281" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_4">
+     <g id="line2d_21">
+      <path clip-path="url(#p244924633f)" d="M 57.6 182.33497 
+L 414.72 182.33497 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_22">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#me36ae73ad0" y="182.33497"/>
+      </g>
+     </g>
+     <g id="text_12">
+      <!-- 3000000 -->
+      <g transform="translate(6.0625 186.134189)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-33"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+       <use x="127.246094" xlink:href="#DejaVuSans-30"/>
+       <use x="190.869141" xlink:href="#DejaVuSans-30"/>
+       <use x="254.492188" xlink:href="#DejaVuSans-30"/>
+       <use x="318.115234" xlink:href="#DejaVuSans-30"/>
+       <use x="381.738281" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_5">
+     <g id="line2d_23">
+      <path clip-path="url(#p244924633f)" d="M 57.6 144.546478 
+L 414.72 144.546478 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_24">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#me36ae73ad0" y="144.546478"/>
+      </g>
+     </g>
+     <g id="text_13">
+      <!-- 4000000 -->
+      <defs>
+       <path d="M 37.796875 64.3125 
+L 12.890625 25.390625 
+L 37.796875 25.390625 
+z
+M 35.203125 72.90625 
+L 47.609375 72.90625 
+L 47.609375 25.390625 
+L 58.015625 25.390625 
+L 58.015625 17.1875 
+L 47.609375 17.1875 
+L 47.609375 0 
+L 37.796875 0 
+L 37.796875 17.1875 
+L 4.890625 17.1875 
+L 4.890625 26.703125 
+z
+" id="DejaVuSans-34"/>
+      </defs>
+      <g transform="translate(6.0625 148.345697)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-34"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+       <use x="127.246094" xlink:href="#DejaVuSans-30"/>
+       <use x="190.869141" xlink:href="#DejaVuSans-30"/>
+       <use x="254.492188" xlink:href="#DejaVuSans-30"/>
+       <use x="318.115234" xlink:href="#DejaVuSans-30"/>
+       <use x="381.738281" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_6">
+     <g id="line2d_25">
+      <path clip-path="url(#p244924633f)" d="M 57.6 106.757986 
+L 414.72 106.757986 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_26">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#me36ae73ad0" y="106.757986"/>
+      </g>
+     </g>
+     <g id="text_14">
+      <!-- 5000000 -->
+      <g transform="translate(6.0625 110.557205)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-35"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+       <use x="127.246094" xlink:href="#DejaVuSans-30"/>
+       <use x="190.869141" xlink:href="#DejaVuSans-30"/>
+       <use x="254.492188" xlink:href="#DejaVuSans-30"/>
+       <use x="318.115234" xlink:href="#DejaVuSans-30"/>
+       <use x="381.738281" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_7">
+     <g id="line2d_27">
+      <path clip-path="url(#p244924633f)" d="M 57.6 68.969494 
+L 414.72 68.969494 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_28">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#me36ae73ad0" y="68.969494"/>
+      </g>
+     </g>
+     <g id="text_15">
+      <!-- 6000000 -->
+      <defs>
+       <path d="M 33.015625 40.375 
+Q 26.375 40.375 22.484375 35.828125 
+Q 18.609375 31.296875 18.609375 23.390625 
+Q 18.609375 15.53125 22.484375 10.953125 
+Q 26.375 6.390625 33.015625 6.390625 
+Q 39.65625 6.390625 43.53125 10.953125 
+Q 47.40625 15.53125 47.40625 23.390625 
+Q 47.40625 31.296875 43.53125 35.828125 
+Q 39.65625 40.375 33.015625 40.375 
+z
+M 52.59375 71.296875 
+L 52.59375 62.3125 
+Q 48.875 64.0625 45.09375 64.984375 
+Q 41.3125 65.921875 37.59375 65.921875 
+Q 27.828125 65.921875 22.671875 59.328125 
+Q 17.53125 52.734375 16.796875 39.40625 
+Q 19.671875 43.65625 24.015625 45.921875 
+Q 28.375 48.1875 33.59375 48.1875 
+Q 44.578125 48.1875 50.953125 41.515625 
+Q 57.328125 34.859375 57.328125 23.390625 
+Q 57.328125 12.15625 50.6875 5.359375 
+Q 44.046875 -1.421875 33.015625 -1.421875 
+Q 20.359375 -1.421875 13.671875 8.265625 
+Q 6.984375 17.96875 6.984375 36.375 
+Q 6.984375 53.65625 15.1875 63.9375 
+Q 23.390625 74.21875 37.203125 74.21875 
+Q 40.921875 74.21875 44.703125 73.484375 
+Q 48.484375 72.75 52.59375 71.296875 
+z
+" id="DejaVuSans-36"/>
+      </defs>
+      <g transform="translate(6.0625 72.768712)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-36"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+       <use x="127.246094" xlink:href="#DejaVuSans-30"/>
+       <use x="190.869141" xlink:href="#DejaVuSans-30"/>
+       <use x="254.492188" xlink:href="#DejaVuSans-30"/>
+       <use x="318.115234" xlink:href="#DejaVuSans-30"/>
+       <use x="381.738281" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="text_16">
+     <!-- number of arena cells -->
+     <defs>
+      <path d="M 8.5 21.578125 
+L 8.5 54.6875 
+L 17.484375 54.6875 
+L 17.484375 21.921875 
+Q 17.484375 14.15625 20.5 10.265625 
+Q 23.53125 6.390625 29.59375 6.390625 
+Q 36.859375 6.390625 41.078125 11.03125 
+Q 45.3125 15.671875 45.3125 23.6875 
+L 45.3125 54.6875 
+L 54.296875 54.6875 
+L 54.296875 0 
+L 45.3125 0 
+L 45.3125 8.40625 
+Q 42.046875 3.421875 37.71875 1 
+Q 33.40625 -1.421875 27.6875 -1.421875 
+Q 18.265625 -1.421875 13.375 4.4375 
+Q 8.5 10.296875 8.5 21.578125 
+z
+M 31.109375 56 
+z
+" id="DejaVuSans-75"/>
+      <path id="DejaVuSans-20"/>
+      <path d="M 30.609375 48.390625 
+Q 23.390625 48.390625 19.1875 42.75 
+Q 14.984375 37.109375 14.984375 27.296875 
+Q 14.984375 17.484375 19.15625 11.84375 
+Q 23.34375 6.203125 30.609375 6.203125 
+Q 37.796875 6.203125 41.984375 11.859375 
+Q 46.1875 17.53125 46.1875 27.296875 
+Q 46.1875 37.015625 41.984375 42.703125 
+Q 37.796875 48.390625 30.609375 48.390625 
+z
+M 30.609375 56 
+Q 42.328125 56 49.015625 48.375 
+Q 55.71875 40.765625 55.71875 27.296875 
+Q 55.71875 13.875 49.015625 6.21875 
+Q 42.328125 -1.421875 30.609375 -1.421875 
+Q 18.84375 -1.421875 12.171875 6.21875 
+Q 5.515625 13.875 5.515625 27.296875 
+Q 5.515625 40.765625 12.171875 48.375 
+Q 18.84375 56 30.609375 56 
+z
+" id="DejaVuSans-6f"/>
+      <path d="M 37.109375 75.984375 
+L 37.109375 68.5 
+L 28.515625 68.5 
+Q 23.6875 68.5 21.796875 66.546875 
+Q 19.921875 64.59375 19.921875 59.515625 
+L 19.921875 54.6875 
+L 34.71875 54.6875 
+L 34.71875 47.703125 
+L 19.921875 47.703125 
+L 19.921875 0 
+L 10.890625 0 
+L 10.890625 47.703125 
+L 2.296875 47.703125 
+L 2.296875 54.6875 
+L 10.890625 54.6875 
+L 10.890625 58.5 
+Q 10.890625 67.625 15.140625 71.796875 
+Q 19.390625 75.984375 28.609375 75.984375 
+z
+" id="DejaVuSans-66"/>
+      <path d="M 9.421875 75.984375 
+L 18.40625 75.984375 
+L 18.40625 0 
+L 9.421875 0 
+z
+" id="DejaVuSans-6c"/>
+      <path d="M 44.28125 53.078125 
+L 44.28125 44.578125 
+Q 40.484375 46.53125 36.375 47.5 
+Q 32.28125 48.484375 27.875 48.484375 
+Q 21.1875 48.484375 17.84375 46.4375 
+Q 14.5 44.390625 14.5 40.28125 
+Q 14.5 37.15625 16.890625 35.375 
+Q 19.28125 33.59375 26.515625 31.984375 
+L 29.59375 31.296875 
+Q 39.15625 29.25 43.1875 25.515625 
+Q 47.21875 21.78125 47.21875 15.09375 
+Q 47.21875 7.46875 41.1875 3.015625 
+Q 35.15625 -1.421875 24.609375 -1.421875 
+Q 20.21875 -1.421875 15.453125 -0.5625 
+Q 10.6875 0.296875 5.421875 2 
+L 5.421875 11.28125 
+Q 10.40625 8.6875 15.234375 7.390625 
+Q 20.0625 6.109375 24.8125 6.109375 
+Q 31.15625 6.109375 34.5625 8.28125 
+Q 37.984375 10.453125 37.984375 14.40625 
+Q 37.984375 18.0625 35.515625 20.015625 
+Q 33.0625 21.96875 24.703125 23.78125 
+L 21.578125 24.515625 
+Q 13.234375 26.265625 9.515625 29.90625 
+Q 5.8125 33.546875 5.8125 39.890625 
+Q 5.8125 47.609375 11.28125 51.796875 
+Q 16.75 56 26.8125 56 
+Q 31.78125 56 36.171875 55.265625 
+Q 40.578125 54.546875 44.28125 53.078125 
+z
+" id="DejaVuSans-73"/>
+     </defs>
+     <g transform="translate(-0.017188 229.264719)rotate(-90)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-6e"/>
+      <use x="63.378906" xlink:href="#DejaVuSans-75"/>
+      <use x="126.757812" xlink:href="#DejaVuSans-6d"/>
+      <use x="224.169922" xlink:href="#DejaVuSans-62"/>
+      <use x="287.646484" xlink:href="#DejaVuSans-65"/>
+      <use x="349.169922" xlink:href="#DejaVuSans-72"/>
+      <use x="390.283203" xlink:href="#DejaVuSans-20"/>
+      <use x="422.070312" xlink:href="#DejaVuSans-6f"/>
+      <use x="483.251953" xlink:href="#DejaVuSans-66"/>
+      <use x="518.457031" xlink:href="#DejaVuSans-20"/>
+      <use x="550.244141" xlink:href="#DejaVuSans-61"/>
+      <use x="611.523438" xlink:href="#DejaVuSans-72"/>
+      <use x="652.605469" xlink:href="#DejaVuSans-65"/>
+      <use x="714.128906" xlink:href="#DejaVuSans-6e"/>
+      <use x="777.507812" xlink:href="#DejaVuSans-61"/>
+      <use x="838.787109" xlink:href="#DejaVuSans-20"/>
+      <use x="870.574219" xlink:href="#DejaVuSans-63"/>
+      <use x="925.554688" xlink:href="#DejaVuSans-65"/>
+      <use x="987.078125" xlink:href="#DejaVuSans-6c"/>
+      <use x="1014.861328" xlink:href="#DejaVuSans-6c"/>
+      <use x="1042.644531" xlink:href="#DejaVuSans-73"/>
+     </g>
+    </g>
+   </g>
+   <g id="line2d_29">
+    <path clip-path="url(#p244924633f)" d="M 73.832727 283.211804 
+L 85.027712 283.835503 
+L 96.222696 284.383549 
+L 107.41768 278.253878 
+L 118.612665 278.856113 
+L 129.807649 266.191073 
+L 141.002633 267.179885 
+L 152.197618 268.171568 
+L 163.392602 240.840588 
+L 174.587586 243.102267 
+L 185.782571 287.408405 
+L 196.977555 187.317081 
+L 208.172539 53.568 
+L 219.367524 283.358839 
+L 230.562508 127.471748 
+L 241.757492 273.3235 
+L 252.952476 285.084375 
+L 264.147461 285.541993 
+L 275.342445 251.119889 
+L 286.537429 274.38513 
+L 297.732414 295.48698 
+L 308.927398 295.332425 
+L 320.122382 295.215507 
+L 331.317367 295.48082 
+L 342.512351 295.326265 
+L 353.707335 295.312472 
+L 364.90232 295.158522 
+L 376.097304 295.003136 
+L 387.292288 295.138608 
+L 398.487273 294.984657 
+" style="fill:none;opacity:0.7;stroke:#ff0000;stroke-linecap:square;stroke-width:1.5;"/>
+    <defs>
+     <path d="M -3 3 
+L 3 3 
+L 3 -3 
+L -3 -3 
+z
+" id="m12d7f92912" style="stroke:#ff0000;stroke-linejoin:miter;"/>
+    </defs>
+    <g clip-path="url(#p244924633f)">
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="73.832727" xlink:href="#m12d7f92912" y="283.211804"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="85.027712" xlink:href="#m12d7f92912" y="283.835503"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="96.222696" xlink:href="#m12d7f92912" y="284.383549"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="107.41768" xlink:href="#m12d7f92912" y="278.253878"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="118.612665" xlink:href="#m12d7f92912" y="278.856113"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="129.807649" xlink:href="#m12d7f92912" y="266.191073"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="141.002633" xlink:href="#m12d7f92912" y="267.179885"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="152.197618" xlink:href="#m12d7f92912" y="268.171568"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="163.392602" xlink:href="#m12d7f92912" y="240.840588"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="174.587586" xlink:href="#m12d7f92912" y="243.102267"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="185.782571" xlink:href="#m12d7f92912" y="287.408405"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="196.977555" xlink:href="#m12d7f92912" y="187.317081"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="208.172539" xlink:href="#m12d7f92912" y="53.568"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="219.367524" xlink:href="#m12d7f92912" y="283.358839"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="230.562508" xlink:href="#m12d7f92912" y="127.471748"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="241.757492" xlink:href="#m12d7f92912" y="273.3235"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="252.952476" xlink:href="#m12d7f92912" y="285.084375"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="264.147461" xlink:href="#m12d7f92912" y="285.541993"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="275.342445" xlink:href="#m12d7f92912" y="251.119889"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="286.537429" xlink:href="#m12d7f92912" y="274.38513"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="297.732414" xlink:href="#m12d7f92912" y="295.48698"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="308.927398" xlink:href="#m12d7f92912" y="295.332425"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="320.122382" xlink:href="#m12d7f92912" y="295.215507"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="331.317367" xlink:href="#m12d7f92912" y="295.48082"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="342.512351" xlink:href="#m12d7f92912" y="295.326265"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="353.707335" xlink:href="#m12d7f92912" y="295.312472"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="364.90232" xlink:href="#m12d7f92912" y="295.158522"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="376.097304" xlink:href="#m12d7f92912" y="295.003136"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="387.292288" xlink:href="#m12d7f92912" y="295.138608"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="398.487273" xlink:href="#m12d7f92912" y="294.984657"/>
+    </g>
+   </g>
+   <g id="line2d_30">
+    <path clip-path="url(#p244924633f)" d="M 73.832727 286.032261 
+L 85.027712 286.588357 
+L 96.222696 287.093286 
+L 107.41768 282.61962 
+L 118.612665 283.256507 
+L 129.807649 274.536284 
+L 141.002633 275.634304 
+L 152.197618 276.473775 
+L 163.392602 257.806336 
+L 174.587586 260.174956 
+L 185.782571 290.07136 
+L 196.977555 190.304488 
+L 208.172539 56.99005 
+L 219.367524 287.675796 
+L 230.562508 132.209291 
+L 241.757492 281.548014 
+L 252.952476 289.191228 
+L 264.147461 289.643443 
+L 275.342445 267.961086 
+L 286.537429 282.797982 
+L 297.732414 295.488 
+L 308.927398 295.334276 
+L 320.122382 295.218379 
+L 331.317367 295.481878 
+L 342.512351 295.328155 
+L 353.707335 295.314249 
+L 364.90232 295.161318 
+L 376.097304 295.006952 
+L 387.292288 295.141291 
+L 398.487273 294.988361 
+" style="fill:none;opacity:0.7;stroke:#0000ff;stroke-linecap:square;stroke-width:1.5;"/>
+    <defs>
+     <path d="M 0 3 
+C 0.795609 3 1.55874 2.683901 2.12132 2.12132 
+C 2.683901 1.55874 3 0.795609 3 0 
+C 3 -0.795609 2.683901 -1.55874 2.12132 -2.12132 
+C 1.55874 -2.683901 0.795609 -3 0 -3 
+C -0.795609 -3 -1.55874 -2.683901 -2.12132 -2.12132 
+C -2.683901 -1.55874 -3 -0.795609 -3 0 
+C -3 0.795609 -2.683901 1.55874 -2.12132 2.12132 
+C -1.55874 2.683901 -0.795609 3 0 3 
+z
+" id="m8e6576dace" style="stroke:#0000ff;"/>
+    </defs>
+    <g clip-path="url(#p244924633f)">
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="73.832727" xlink:href="#m8e6576dace" y="286.032261"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="85.027712" xlink:href="#m8e6576dace" y="286.588357"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="96.222696" xlink:href="#m8e6576dace" y="287.093286"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="107.41768" xlink:href="#m8e6576dace" y="282.61962"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="118.612665" xlink:href="#m8e6576dace" y="283.256507"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="129.807649" xlink:href="#m8e6576dace" y="274.536284"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="141.002633" xlink:href="#m8e6576dace" y="275.634304"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="152.197618" xlink:href="#m8e6576dace" y="276.473775"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="163.392602" xlink:href="#m8e6576dace" y="257.806336"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="174.587586" xlink:href="#m8e6576dace" y="260.174956"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="185.782571" xlink:href="#m8e6576dace" y="290.07136"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="196.977555" xlink:href="#m8e6576dace" y="190.304488"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="208.172539" xlink:href="#m8e6576dace" y="56.99005"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="219.367524" xlink:href="#m8e6576dace" y="287.675796"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="230.562508" xlink:href="#m8e6576dace" y="132.209291"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="241.757492" xlink:href="#m8e6576dace" y="281.548014"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="252.952476" xlink:href="#m8e6576dace" y="289.191228"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="264.147461" xlink:href="#m8e6576dace" y="289.643443"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="275.342445" xlink:href="#m8e6576dace" y="267.961086"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="286.537429" xlink:href="#m8e6576dace" y="282.797982"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="297.732414" xlink:href="#m8e6576dace" y="295.488"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="308.927398" xlink:href="#m8e6576dace" y="295.334276"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="320.122382" xlink:href="#m8e6576dace" y="295.218379"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="331.317367" xlink:href="#m8e6576dace" y="295.481878"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="342.512351" xlink:href="#m8e6576dace" y="295.328155"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="353.707335" xlink:href="#m8e6576dace" y="295.314249"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="364.90232" xlink:href="#m8e6576dace" y="295.161318"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="376.097304" xlink:href="#m8e6576dace" y="295.006952"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="387.292288" xlink:href="#m8e6576dace" y="295.141291"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="398.487273" xlink:href="#m8e6576dace" y="294.988361"/>
+    </g>
+   </g>
+   <g id="patch_3">
+    <path d="M 57.6 307.584 
+L 57.6 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_4">
+    <path d="M 414.72 307.584 
+L 414.72 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_5">
+    <path d="M 57.6 307.584 
+L 414.72 307.584 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_6">
+    <path d="M 57.6 41.472 
+L 414.72 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="legend_1">
+    <g id="patch_7">
+     <path d="M 230.209062 78.82825 
+L 407.72 78.82825 
+Q 409.72 78.82825 409.72 76.82825 
+L 409.72 48.472 
+Q 409.72 46.472 407.72 46.472 
+L 230.209062 46.472 
+Q 228.209062 46.472 228.209062 48.472 
+L 228.209062 76.82825 
+Q 228.209062 78.82825 230.209062 78.82825 
+z
+" style="fill:#ffffff;opacity:0.8;stroke:#cccccc;stroke-linejoin:miter;"/>
+    </g>
+    <g id="line2d_31">
+     <path d="M 232.209062 54.570437 
+L 252.209062 54.570437 
+" style="fill:none;opacity:0.7;stroke:#ff0000;stroke-linecap:square;stroke-width:1.5;"/>
+    </g>
+    <g id="line2d_32">
+     <g>
+      <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="242.209062" xlink:href="#m12d7f92912" y="54.570437"/>
+     </g>
+    </g>
+    <g id="text_17">
+     <!-- 001indinv-apalache-unstable -->
+     <defs>
+      <path d="M 9.421875 54.6875 
+L 18.40625 54.6875 
+L 18.40625 0 
+L 9.421875 0 
+z
+M 9.421875 75.984375 
+L 18.40625 75.984375 
+L 18.40625 64.59375 
+L 9.421875 64.59375 
+z
+" id="DejaVuSans-69"/>
+      <path d="M 45.40625 46.390625 
+L 45.40625 75.984375 
+L 54.390625 75.984375 
+L 54.390625 0 
+L 45.40625 0 
+L 45.40625 8.203125 
+Q 42.578125 3.328125 38.25 0.953125 
+Q 33.9375 -1.421875 27.875 -1.421875 
+Q 17.96875 -1.421875 11.734375 6.484375 
+Q 5.515625 14.40625 5.515625 27.296875 
+Q 5.515625 40.1875 11.734375 48.09375 
+Q 17.96875 56 27.875 56 
+Q 33.9375 56 38.25 53.625 
+Q 42.578125 51.265625 45.40625 46.390625 
+z
+M 14.796875 27.296875 
+Q 14.796875 17.390625 18.875 11.75 
+Q 22.953125 6.109375 30.078125 6.109375 
+Q 37.203125 6.109375 41.296875 11.75 
+Q 45.40625 17.390625 45.40625 27.296875 
+Q 45.40625 37.203125 41.296875 42.84375 
+Q 37.203125 48.484375 30.078125 48.484375 
+Q 22.953125 48.484375 18.875 42.84375 
+Q 14.796875 37.203125 14.796875 27.296875 
+z
+" id="DejaVuSans-64"/>
+      <path d="M 2.984375 54.6875 
+L 12.5 54.6875 
+L 29.59375 8.796875 
+L 46.6875 54.6875 
+L 56.203125 54.6875 
+L 35.6875 0 
+L 23.484375 0 
+z
+" id="DejaVuSans-76"/>
+      <path d="M 4.890625 31.390625 
+L 31.203125 31.390625 
+L 31.203125 23.390625 
+L 4.890625 23.390625 
+z
+" id="DejaVuSans-2d"/>
+      <path d="M 18.109375 8.203125 
+L 18.109375 -20.796875 
+L 9.078125 -20.796875 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.390625 
+Q 20.953125 51.265625 25.265625 53.625 
+Q 29.59375 56 35.59375 56 
+Q 45.5625 56 51.78125 48.09375 
+Q 58.015625 40.1875 58.015625 27.296875 
+Q 58.015625 14.40625 51.78125 6.484375 
+Q 45.5625 -1.421875 35.59375 -1.421875 
+Q 29.59375 -1.421875 25.265625 0.953125 
+Q 20.953125 3.328125 18.109375 8.203125 
+z
+M 48.6875 27.296875 
+Q 48.6875 37.203125 44.609375 42.84375 
+Q 40.53125 48.484375 33.40625 48.484375 
+Q 26.265625 48.484375 22.1875 42.84375 
+Q 18.109375 37.203125 18.109375 27.296875 
+Q 18.109375 17.390625 22.1875 11.75 
+Q 26.265625 6.109375 33.40625 6.109375 
+Q 40.53125 6.109375 44.609375 11.75 
+Q 48.6875 17.390625 48.6875 27.296875 
+z
+" id="DejaVuSans-70"/>
+      <path d="M 18.3125 70.21875 
+L 18.3125 54.6875 
+L 36.8125 54.6875 
+L 36.8125 47.703125 
+L 18.3125 47.703125 
+L 18.3125 18.015625 
+Q 18.3125 11.328125 20.140625 9.421875 
+Q 21.96875 7.515625 27.59375 7.515625 
+L 36.8125 7.515625 
+L 36.8125 0 
+L 27.59375 0 
+Q 17.1875 0 13.234375 3.875 
+Q 9.28125 7.765625 9.28125 18.015625 
+L 9.28125 47.703125 
+L 2.6875 47.703125 
+L 2.6875 54.6875 
+L 9.28125 54.6875 
+L 9.28125 70.21875 
+z
+" id="DejaVuSans-74"/>
+     </defs>
+     <g transform="translate(260.209062 58.070437)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-30"/>
+      <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      <use x="127.246094" xlink:href="#DejaVuSans-31"/>
+      <use x="190.869141" xlink:href="#DejaVuSans-69"/>
+      <use x="218.652344" xlink:href="#DejaVuSans-6e"/>
+      <use x="282.03125" xlink:href="#DejaVuSans-64"/>
+      <use x="345.507812" xlink:href="#DejaVuSans-69"/>
+      <use x="373.291016" xlink:href="#DejaVuSans-6e"/>
+      <use x="436.669922" xlink:href="#DejaVuSans-76"/>
+      <use x="495.818359" xlink:href="#DejaVuSans-2d"/>
+      <use x="531.902344" xlink:href="#DejaVuSans-61"/>
+      <use x="593.181641" xlink:href="#DejaVuSans-70"/>
+      <use x="656.658203" xlink:href="#DejaVuSans-61"/>
+      <use x="717.9375" xlink:href="#DejaVuSans-6c"/>
+      <use x="745.720703" xlink:href="#DejaVuSans-61"/>
+      <use x="807" xlink:href="#DejaVuSans-63"/>
+      <use x="861.980469" xlink:href="#DejaVuSans-68"/>
+      <use x="925.359375" xlink:href="#DejaVuSans-65"/>
+      <use x="986.882812" xlink:href="#DejaVuSans-2d"/>
+      <use x="1022.966797" xlink:href="#DejaVuSans-75"/>
+      <use x="1086.345703" xlink:href="#DejaVuSans-6e"/>
+      <use x="1149.724609" xlink:href="#DejaVuSans-73"/>
+      <use x="1201.824219" xlink:href="#DejaVuSans-74"/>
+      <use x="1241.033203" xlink:href="#DejaVuSans-61"/>
+      <use x="1302.3125" xlink:href="#DejaVuSans-62"/>
+      <use x="1365.789062" xlink:href="#DejaVuSans-6c"/>
+      <use x="1393.572266" xlink:href="#DejaVuSans-65"/>
+     </g>
+    </g>
+    <g id="line2d_33">
+     <path d="M 232.209062 69.248562 
+L 252.209062 69.248562 
+" style="fill:none;opacity:0.7;stroke:#0000ff;stroke-linecap:square;stroke-width:1.5;"/>
+    </g>
+    <g id="line2d_34">
+     <g>
+      <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="242.209062" xlink:href="#m8e6576dace" y="69.248562"/>
+     </g>
+    </g>
+    <g id="text_18">
+     <!-- 001indinv-apalache-card -->
+     <g transform="translate(260.209062 72.748562)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-30"/>
+      <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      <use x="127.246094" xlink:href="#DejaVuSans-31"/>
+      <use x="190.869141" xlink:href="#DejaVuSans-69"/>
+      <use x="218.652344" xlink:href="#DejaVuSans-6e"/>
+      <use x="282.03125" xlink:href="#DejaVuSans-64"/>
+      <use x="345.507812" xlink:href="#DejaVuSans-69"/>
+      <use x="373.291016" xlink:href="#DejaVuSans-6e"/>
+      <use x="436.669922" xlink:href="#DejaVuSans-76"/>
+      <use x="495.818359" xlink:href="#DejaVuSans-2d"/>
+      <use x="531.902344" xlink:href="#DejaVuSans-61"/>
+      <use x="593.181641" xlink:href="#DejaVuSans-70"/>
+      <use x="656.658203" xlink:href="#DejaVuSans-61"/>
+      <use x="717.9375" xlink:href="#DejaVuSans-6c"/>
+      <use x="745.720703" xlink:href="#DejaVuSans-61"/>
+      <use x="807" xlink:href="#DejaVuSans-63"/>
+      <use x="861.980469" xlink:href="#DejaVuSans-68"/>
+      <use x="925.359375" xlink:href="#DejaVuSans-65"/>
+      <use x="986.882812" xlink:href="#DejaVuSans-2d"/>
+      <use x="1022.966797" xlink:href="#DejaVuSans-63"/>
+      <use x="1077.947266" xlink:href="#DejaVuSans-61"/>
+      <use x="1139.226562" xlink:href="#DejaVuSans-72"/>
+      <use x="1180.324219" xlink:href="#DejaVuSans-64"/>
+     </g>
+    </g>
+   </g>
+  </g>
+ </g>
+ <defs>
+  <clipPath id="p244924633f">
+   <rect height="266.112" width="357.12" x="57.6" y="41.472"/>
+  </clipPath>
+ </defs>
+</svg>
diff --git a/docs/spec/tendermint-fork-cases/results/001indinv-apalache-nclauses.svg b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-nclauses.svg
new file mode 100644
index 000000000..67e655fa9
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-nclauses.svg
@@ -0,0 +1,1197 @@
+<?xml version="1.0" encoding="utf-8" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"
+  "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<!-- Created with matplotlib (http://matplotlib.org/) -->
+<svg height="345pt" version="1.1" viewBox="0 0 460 345" width="460pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+ <defs>
+  <style type="text/css">
+*{stroke-linecap:butt;stroke-linejoin:round;}
+  </style>
+ </defs>
+ <g id="figure_1">
+  <g id="patch_1">
+   <path d="M 0 345.6 
+L 460.8 345.6 
+L 460.8 0 
+L 0 0 
+z
+" style="fill:#ffffff;"/>
+  </g>
+  <g id="axes_1">
+   <g id="patch_2">
+    <path d="M 57.6 307.584 
+L 414.72 307.584 
+L 414.72 41.472 
+L 57.6 41.472 
+z
+" style="fill:#ffffff;"/>
+   </g>
+   <g id="matplotlib.axis_1">
+    <g id="xtick_1">
+     <g id="line2d_1">
+      <path clip-path="url(#p1f61654e5d)" d="M 62.637743 307.584 
+L 62.637743 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_2">
+      <defs>
+       <path d="M 0 0 
+L 0 3.5 
+" id="m56a3ba3ac8" style="stroke:#000000;stroke-width:0.8;"/>
+      </defs>
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="62.637743" xlink:href="#m56a3ba3ac8" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_1">
+      <!-- 0 -->
+      <defs>
+       <path d="M 31.78125 66.40625 
+Q 24.171875 66.40625 20.328125 58.90625 
+Q 16.5 51.421875 16.5 36.375 
+Q 16.5 21.390625 20.328125 13.890625 
+Q 24.171875 6.390625 31.78125 6.390625 
+Q 39.453125 6.390625 43.28125 13.890625 
+Q 47.125 21.390625 47.125 36.375 
+Q 47.125 51.421875 43.28125 58.90625 
+Q 39.453125 66.40625 31.78125 66.40625 
+z
+M 31.78125 74.21875 
+Q 44.046875 74.21875 50.515625 64.515625 
+Q 56.984375 54.828125 56.984375 36.375 
+Q 56.984375 17.96875 50.515625 8.265625 
+Q 44.046875 -1.421875 31.78125 -1.421875 
+Q 19.53125 -1.421875 13.0625 8.265625 
+Q 6.59375 17.96875 6.59375 36.375 
+Q 6.59375 54.828125 13.0625 64.515625 
+Q 19.53125 74.21875 31.78125 74.21875 
+z
+" id="DejaVuSans-30"/>
+      </defs>
+      <g transform="translate(59.456493 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_2">
+     <g id="line2d_3">
+      <path clip-path="url(#p1f61654e5d)" d="M 118.612665 307.584 
+L 118.612665 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_4">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="118.612665" xlink:href="#m56a3ba3ac8" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_2">
+      <!-- 5 -->
+      <defs>
+       <path d="M 10.796875 72.90625 
+L 49.515625 72.90625 
+L 49.515625 64.59375 
+L 19.828125 64.59375 
+L 19.828125 46.734375 
+Q 21.96875 47.46875 24.109375 47.828125 
+Q 26.265625 48.1875 28.421875 48.1875 
+Q 40.625 48.1875 47.75 41.5 
+Q 54.890625 34.8125 54.890625 23.390625 
+Q 54.890625 11.625 47.5625 5.09375 
+Q 40.234375 -1.421875 26.90625 -1.421875 
+Q 22.3125 -1.421875 17.546875 -0.640625 
+Q 12.796875 0.140625 7.71875 1.703125 
+L 7.71875 11.625 
+Q 12.109375 9.234375 16.796875 8.0625 
+Q 21.484375 6.890625 26.703125 6.890625 
+Q 35.15625 6.890625 40.078125 11.328125 
+Q 45.015625 15.765625 45.015625 23.390625 
+Q 45.015625 31 40.078125 35.4375 
+Q 35.15625 39.890625 26.703125 39.890625 
+Q 22.75 39.890625 18.8125 39.015625 
+Q 14.890625 38.140625 10.796875 36.28125 
+z
+" id="DejaVuSans-35"/>
+      </defs>
+      <g transform="translate(115.431415 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_3">
+     <g id="line2d_5">
+      <path clip-path="url(#p1f61654e5d)" d="M 174.587586 307.584 
+L 174.587586 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_6">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="174.587586" xlink:href="#m56a3ba3ac8" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_3">
+      <!-- 10 -->
+      <defs>
+       <path d="M 12.40625 8.296875 
+L 28.515625 8.296875 
+L 28.515625 63.921875 
+L 10.984375 60.40625 
+L 10.984375 69.390625 
+L 28.421875 72.90625 
+L 38.28125 72.90625 
+L 38.28125 8.296875 
+L 54.390625 8.296875 
+L 54.390625 0 
+L 12.40625 0 
+z
+" id="DejaVuSans-31"/>
+      </defs>
+      <g transform="translate(168.225086 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_4">
+     <g id="line2d_7">
+      <path clip-path="url(#p1f61654e5d)" d="M 230.562508 307.584 
+L 230.562508 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_8">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="230.562508" xlink:href="#m56a3ba3ac8" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_4">
+      <!-- 15 -->
+      <g transform="translate(224.200008 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_5">
+     <g id="line2d_9">
+      <path clip-path="url(#p1f61654e5d)" d="M 286.537429 307.584 
+L 286.537429 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_10">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="286.537429" xlink:href="#m56a3ba3ac8" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_5">
+      <!-- 20 -->
+      <defs>
+       <path d="M 19.1875 8.296875 
+L 53.609375 8.296875 
+L 53.609375 0 
+L 7.328125 0 
+L 7.328125 8.296875 
+Q 12.9375 14.109375 22.625 23.890625 
+Q 32.328125 33.6875 34.8125 36.53125 
+Q 39.546875 41.84375 41.421875 45.53125 
+Q 43.3125 49.21875 43.3125 52.78125 
+Q 43.3125 58.59375 39.234375 62.25 
+Q 35.15625 65.921875 28.609375 65.921875 
+Q 23.96875 65.921875 18.8125 64.3125 
+Q 13.671875 62.703125 7.8125 59.421875 
+L 7.8125 69.390625 
+Q 13.765625 71.78125 18.9375 73 
+Q 24.125 74.21875 28.421875 74.21875 
+Q 39.75 74.21875 46.484375 68.546875 
+Q 53.21875 62.890625 53.21875 53.421875 
+Q 53.21875 48.921875 51.53125 44.890625 
+Q 49.859375 40.875 45.40625 35.40625 
+Q 44.1875 33.984375 37.640625 27.21875 
+Q 31.109375 20.453125 19.1875 8.296875 
+z
+" id="DejaVuSans-32"/>
+      </defs>
+      <g transform="translate(280.174929 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_6">
+     <g id="line2d_11">
+      <path clip-path="url(#p1f61654e5d)" d="M 342.512351 307.584 
+L 342.512351 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_12">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="342.512351" xlink:href="#m56a3ba3ac8" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_6">
+      <!-- 25 -->
+      <g transform="translate(336.149851 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_7">
+     <g id="line2d_13">
+      <path clip-path="url(#p1f61654e5d)" d="M 398.487273 307.584 
+L 398.487273 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_14">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="398.487273" xlink:href="#m56a3ba3ac8" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_7">
+      <!-- 30 -->
+      <defs>
+       <path d="M 40.578125 39.3125 
+Q 47.65625 37.796875 51.625 33 
+Q 55.609375 28.21875 55.609375 21.1875 
+Q 55.609375 10.40625 48.1875 4.484375 
+Q 40.765625 -1.421875 27.09375 -1.421875 
+Q 22.515625 -1.421875 17.65625 -0.515625 
+Q 12.796875 0.390625 7.625 2.203125 
+L 7.625 11.71875 
+Q 11.71875 9.328125 16.59375 8.109375 
+Q 21.484375 6.890625 26.8125 6.890625 
+Q 36.078125 6.890625 40.9375 10.546875 
+Q 45.796875 14.203125 45.796875 21.1875 
+Q 45.796875 27.640625 41.28125 31.265625 
+Q 36.765625 34.90625 28.71875 34.90625 
+L 20.21875 34.90625 
+L 20.21875 43.015625 
+L 29.109375 43.015625 
+Q 36.375 43.015625 40.234375 45.921875 
+Q 44.09375 48.828125 44.09375 54.296875 
+Q 44.09375 59.90625 40.109375 62.90625 
+Q 36.140625 65.921875 28.71875 65.921875 
+Q 24.65625 65.921875 20.015625 65.03125 
+Q 15.375 64.15625 9.8125 62.3125 
+L 9.8125 71.09375 
+Q 15.4375 72.65625 20.34375 73.4375 
+Q 25.25 74.21875 29.59375 74.21875 
+Q 40.828125 74.21875 47.359375 69.109375 
+Q 53.90625 64.015625 53.90625 55.328125 
+Q 53.90625 49.265625 50.4375 45.09375 
+Q 46.96875 40.921875 40.578125 39.3125 
+z
+" id="DejaVuSans-33"/>
+      </defs>
+      <g transform="translate(392.124773 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-33"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="text_8">
+     <!-- benchmark -->
+     <defs>
+      <path d="M 48.6875 27.296875 
+Q 48.6875 37.203125 44.609375 42.84375 
+Q 40.53125 48.484375 33.40625 48.484375 
+Q 26.265625 48.484375 22.1875 42.84375 
+Q 18.109375 37.203125 18.109375 27.296875 
+Q 18.109375 17.390625 22.1875 11.75 
+Q 26.265625 6.109375 33.40625 6.109375 
+Q 40.53125 6.109375 44.609375 11.75 
+Q 48.6875 17.390625 48.6875 27.296875 
+z
+M 18.109375 46.390625 
+Q 20.953125 51.265625 25.265625 53.625 
+Q 29.59375 56 35.59375 56 
+Q 45.5625 56 51.78125 48.09375 
+Q 58.015625 40.1875 58.015625 27.296875 
+Q 58.015625 14.40625 51.78125 6.484375 
+Q 45.5625 -1.421875 35.59375 -1.421875 
+Q 29.59375 -1.421875 25.265625 0.953125 
+Q 20.953125 3.328125 18.109375 8.203125 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 75.984375 
+L 18.109375 75.984375 
+z
+" id="DejaVuSans-62"/>
+      <path d="M 56.203125 29.59375 
+L 56.203125 25.203125 
+L 14.890625 25.203125 
+Q 15.484375 15.921875 20.484375 11.0625 
+Q 25.484375 6.203125 34.421875 6.203125 
+Q 39.59375 6.203125 44.453125 7.46875 
+Q 49.3125 8.734375 54.109375 11.28125 
+L 54.109375 2.78125 
+Q 49.265625 0.734375 44.1875 -0.34375 
+Q 39.109375 -1.421875 33.890625 -1.421875 
+Q 20.796875 -1.421875 13.15625 6.1875 
+Q 5.515625 13.8125 5.515625 26.8125 
+Q 5.515625 40.234375 12.765625 48.109375 
+Q 20.015625 56 32.328125 56 
+Q 43.359375 56 49.78125 48.890625 
+Q 56.203125 41.796875 56.203125 29.59375 
+z
+M 47.21875 32.234375 
+Q 47.125 39.59375 43.09375 43.984375 
+Q 39.0625 48.390625 32.421875 48.390625 
+Q 24.90625 48.390625 20.390625 44.140625 
+Q 15.875 39.890625 15.1875 32.171875 
+z
+" id="DejaVuSans-65"/>
+      <path d="M 54.890625 33.015625 
+L 54.890625 0 
+L 45.90625 0 
+L 45.90625 32.71875 
+Q 45.90625 40.484375 42.875 44.328125 
+Q 39.84375 48.1875 33.796875 48.1875 
+Q 26.515625 48.1875 22.3125 43.546875 
+Q 18.109375 38.921875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 21.34375 51.125 25.703125 53.5625 
+Q 30.078125 56 35.796875 56 
+Q 45.21875 56 50.046875 50.171875 
+Q 54.890625 44.34375 54.890625 33.015625 
+z
+" id="DejaVuSans-6e"/>
+      <path d="M 48.78125 52.59375 
+L 48.78125 44.1875 
+Q 44.96875 46.296875 41.140625 47.34375 
+Q 37.3125 48.390625 33.40625 48.390625 
+Q 24.65625 48.390625 19.8125 42.84375 
+Q 14.984375 37.3125 14.984375 27.296875 
+Q 14.984375 17.28125 19.8125 11.734375 
+Q 24.65625 6.203125 33.40625 6.203125 
+Q 37.3125 6.203125 41.140625 7.25 
+Q 44.96875 8.296875 48.78125 10.40625 
+L 48.78125 2.09375 
+Q 45.015625 0.34375 40.984375 -0.53125 
+Q 36.96875 -1.421875 32.421875 -1.421875 
+Q 20.0625 -1.421875 12.78125 6.34375 
+Q 5.515625 14.109375 5.515625 27.296875 
+Q 5.515625 40.671875 12.859375 48.328125 
+Q 20.21875 56 33.015625 56 
+Q 37.15625 56 41.109375 55.140625 
+Q 45.0625 54.296875 48.78125 52.59375 
+z
+" id="DejaVuSans-63"/>
+      <path d="M 54.890625 33.015625 
+L 54.890625 0 
+L 45.90625 0 
+L 45.90625 32.71875 
+Q 45.90625 40.484375 42.875 44.328125 
+Q 39.84375 48.1875 33.796875 48.1875 
+Q 26.515625 48.1875 22.3125 43.546875 
+Q 18.109375 38.921875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 75.984375 
+L 18.109375 75.984375 
+L 18.109375 46.1875 
+Q 21.34375 51.125 25.703125 53.5625 
+Q 30.078125 56 35.796875 56 
+Q 45.21875 56 50.046875 50.171875 
+Q 54.890625 44.34375 54.890625 33.015625 
+z
+" id="DejaVuSans-68"/>
+      <path d="M 52 44.1875 
+Q 55.375 50.25 60.0625 53.125 
+Q 64.75 56 71.09375 56 
+Q 79.640625 56 84.28125 50.015625 
+Q 88.921875 44.046875 88.921875 33.015625 
+L 88.921875 0 
+L 79.890625 0 
+L 79.890625 32.71875 
+Q 79.890625 40.578125 77.09375 44.375 
+Q 74.3125 48.1875 68.609375 48.1875 
+Q 61.625 48.1875 57.5625 43.546875 
+Q 53.515625 38.921875 53.515625 30.90625 
+L 53.515625 0 
+L 44.484375 0 
+L 44.484375 32.71875 
+Q 44.484375 40.625 41.703125 44.40625 
+Q 38.921875 48.1875 33.109375 48.1875 
+Q 26.21875 48.1875 22.15625 43.53125 
+Q 18.109375 38.875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 21.1875 51.21875 25.484375 53.609375 
+Q 29.78125 56 35.6875 56 
+Q 41.65625 56 45.828125 52.96875 
+Q 50 49.953125 52 44.1875 
+z
+" id="DejaVuSans-6d"/>
+      <path d="M 34.28125 27.484375 
+Q 23.390625 27.484375 19.1875 25 
+Q 14.984375 22.515625 14.984375 16.5 
+Q 14.984375 11.71875 18.140625 8.90625 
+Q 21.296875 6.109375 26.703125 6.109375 
+Q 34.1875 6.109375 38.703125 11.40625 
+Q 43.21875 16.703125 43.21875 25.484375 
+L 43.21875 27.484375 
+z
+M 52.203125 31.203125 
+L 52.203125 0 
+L 43.21875 0 
+L 43.21875 8.296875 
+Q 40.140625 3.328125 35.546875 0.953125 
+Q 30.953125 -1.421875 24.3125 -1.421875 
+Q 15.921875 -1.421875 10.953125 3.296875 
+Q 6 8.015625 6 15.921875 
+Q 6 25.140625 12.171875 29.828125 
+Q 18.359375 34.515625 30.609375 34.515625 
+L 43.21875 34.515625 
+L 43.21875 35.40625 
+Q 43.21875 41.609375 39.140625 45 
+Q 35.0625 48.390625 27.6875 48.390625 
+Q 23 48.390625 18.546875 47.265625 
+Q 14.109375 46.140625 10.015625 43.890625 
+L 10.015625 52.203125 
+Q 14.9375 54.109375 19.578125 55.046875 
+Q 24.21875 56 28.609375 56 
+Q 40.484375 56 46.34375 49.84375 
+Q 52.203125 43.703125 52.203125 31.203125 
+z
+" id="DejaVuSans-61"/>
+      <path d="M 41.109375 46.296875 
+Q 39.59375 47.171875 37.8125 47.578125 
+Q 36.03125 48 33.890625 48 
+Q 26.265625 48 22.1875 43.046875 
+Q 18.109375 38.09375 18.109375 28.8125 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 20.953125 51.171875 25.484375 53.578125 
+Q 30.03125 56 36.53125 56 
+Q 37.453125 56 38.578125 55.875 
+Q 39.703125 55.765625 41.0625 55.515625 
+z
+" id="DejaVuSans-72"/>
+      <path d="M 9.078125 75.984375 
+L 18.109375 75.984375 
+L 18.109375 31.109375 
+L 44.921875 54.6875 
+L 56.390625 54.6875 
+L 27.390625 29.109375 
+L 57.625 0 
+L 45.90625 0 
+L 18.109375 26.703125 
+L 18.109375 0 
+L 9.078125 0 
+z
+" id="DejaVuSans-6b"/>
+     </defs>
+     <g transform="translate(207.937344 335.860562)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-62"/>
+      <use x="63.476562" xlink:href="#DejaVuSans-65"/>
+      <use x="125" xlink:href="#DejaVuSans-6e"/>
+      <use x="188.378906" xlink:href="#DejaVuSans-63"/>
+      <use x="243.359375" xlink:href="#DejaVuSans-68"/>
+      <use x="306.738281" xlink:href="#DejaVuSans-6d"/>
+      <use x="404.150391" xlink:href="#DejaVuSans-61"/>
+      <use x="465.429688" xlink:href="#DejaVuSans-72"/>
+      <use x="506.542969" xlink:href="#DejaVuSans-6b"/>
+     </g>
+    </g>
+   </g>
+   <g id="matplotlib.axis_2">
+    <g id="ytick_1">
+     <g id="line2d_15">
+      <path clip-path="url(#p1f61654e5d)" d="M 57.6 295.884927 
+L 414.72 295.884927 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_16">
+      <defs>
+       <path d="M 0 0 
+L -3.5 0 
+" id="m8a71828d2a" style="stroke:#000000;stroke-width:0.8;"/>
+      </defs>
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#m8a71828d2a" y="295.884927"/>
+      </g>
+     </g>
+     <g id="text_9">
+      <!-- 0.0 -->
+      <defs>
+       <path d="M 10.6875 12.40625 
+L 21 12.40625 
+L 21 0 
+L 10.6875 0 
+z
+" id="DejaVuSans-2e"/>
+      </defs>
+      <g transform="translate(34.696875 299.684146)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-30"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-2e"/>
+       <use x="95.410156" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_2">
+     <g id="line2d_17">
+      <path clip-path="url(#p1f61654e5d)" d="M 57.6 236.981432 
+L 414.72 236.981432 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_18">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#m8a71828d2a" y="236.981432"/>
+      </g>
+     </g>
+     <g id="text_10">
+      <!-- 0.5 -->
+      <g transform="translate(34.696875 240.780651)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-30"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-2e"/>
+       <use x="95.410156" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_3">
+     <g id="line2d_19">
+      <path clip-path="url(#p1f61654e5d)" d="M 57.6 178.077937 
+L 414.72 178.077937 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_20">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#m8a71828d2a" y="178.077937"/>
+      </g>
+     </g>
+     <g id="text_11">
+      <!-- 1.0 -->
+      <g transform="translate(34.696875 181.877156)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-2e"/>
+       <use x="95.410156" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_4">
+     <g id="line2d_21">
+      <path clip-path="url(#p1f61654e5d)" d="M 57.6 119.174442 
+L 414.72 119.174442 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_22">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#m8a71828d2a" y="119.174442"/>
+      </g>
+     </g>
+     <g id="text_12">
+      <!-- 1.5 -->
+      <g transform="translate(34.696875 122.973661)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-2e"/>
+       <use x="95.410156" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_5">
+     <g id="line2d_23">
+      <path clip-path="url(#p1f61654e5d)" d="M 57.6 60.270947 
+L 414.72 60.270947 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_24">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#m8a71828d2a" y="60.270947"/>
+      </g>
+     </g>
+     <g id="text_13">
+      <!-- 2.0 -->
+      <g transform="translate(34.696875 64.070166)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-2e"/>
+       <use x="95.410156" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="text_14">
+     <!-- number of SMT clauses -->
+     <defs>
+      <path d="M 8.5 21.578125 
+L 8.5 54.6875 
+L 17.484375 54.6875 
+L 17.484375 21.921875 
+Q 17.484375 14.15625 20.5 10.265625 
+Q 23.53125 6.390625 29.59375 6.390625 
+Q 36.859375 6.390625 41.078125 11.03125 
+Q 45.3125 15.671875 45.3125 23.6875 
+L 45.3125 54.6875 
+L 54.296875 54.6875 
+L 54.296875 0 
+L 45.3125 0 
+L 45.3125 8.40625 
+Q 42.046875 3.421875 37.71875 1 
+Q 33.40625 -1.421875 27.6875 -1.421875 
+Q 18.265625 -1.421875 13.375 4.4375 
+Q 8.5 10.296875 8.5 21.578125 
+z
+M 31.109375 56 
+z
+" id="DejaVuSans-75"/>
+      <path id="DejaVuSans-20"/>
+      <path d="M 30.609375 48.390625 
+Q 23.390625 48.390625 19.1875 42.75 
+Q 14.984375 37.109375 14.984375 27.296875 
+Q 14.984375 17.484375 19.15625 11.84375 
+Q 23.34375 6.203125 30.609375 6.203125 
+Q 37.796875 6.203125 41.984375 11.859375 
+Q 46.1875 17.53125 46.1875 27.296875 
+Q 46.1875 37.015625 41.984375 42.703125 
+Q 37.796875 48.390625 30.609375 48.390625 
+z
+M 30.609375 56 
+Q 42.328125 56 49.015625 48.375 
+Q 55.71875 40.765625 55.71875 27.296875 
+Q 55.71875 13.875 49.015625 6.21875 
+Q 42.328125 -1.421875 30.609375 -1.421875 
+Q 18.84375 -1.421875 12.171875 6.21875 
+Q 5.515625 13.875 5.515625 27.296875 
+Q 5.515625 40.765625 12.171875 48.375 
+Q 18.84375 56 30.609375 56 
+z
+" id="DejaVuSans-6f"/>
+      <path d="M 37.109375 75.984375 
+L 37.109375 68.5 
+L 28.515625 68.5 
+Q 23.6875 68.5 21.796875 66.546875 
+Q 19.921875 64.59375 19.921875 59.515625 
+L 19.921875 54.6875 
+L 34.71875 54.6875 
+L 34.71875 47.703125 
+L 19.921875 47.703125 
+L 19.921875 0 
+L 10.890625 0 
+L 10.890625 47.703125 
+L 2.296875 47.703125 
+L 2.296875 54.6875 
+L 10.890625 54.6875 
+L 10.890625 58.5 
+Q 10.890625 67.625 15.140625 71.796875 
+Q 19.390625 75.984375 28.609375 75.984375 
+z
+" id="DejaVuSans-66"/>
+      <path d="M 53.515625 70.515625 
+L 53.515625 60.890625 
+Q 47.90625 63.578125 42.921875 64.890625 
+Q 37.9375 66.21875 33.296875 66.21875 
+Q 25.25 66.21875 20.875 63.09375 
+Q 16.5 59.96875 16.5 54.203125 
+Q 16.5 49.359375 19.40625 46.890625 
+Q 22.3125 44.4375 30.421875 42.921875 
+L 36.375 41.703125 
+Q 47.40625 39.59375 52.65625 34.296875 
+Q 57.90625 29 57.90625 20.125 
+Q 57.90625 9.515625 50.796875 4.046875 
+Q 43.703125 -1.421875 29.984375 -1.421875 
+Q 24.8125 -1.421875 18.96875 -0.25 
+Q 13.140625 0.921875 6.890625 3.21875 
+L 6.890625 13.375 
+Q 12.890625 10.015625 18.65625 8.296875 
+Q 24.421875 6.59375 29.984375 6.59375 
+Q 38.421875 6.59375 43.015625 9.90625 
+Q 47.609375 13.234375 47.609375 19.390625 
+Q 47.609375 24.75 44.3125 27.78125 
+Q 41.015625 30.8125 33.5 32.328125 
+L 27.484375 33.5 
+Q 16.453125 35.6875 11.515625 40.375 
+Q 6.59375 45.0625 6.59375 53.421875 
+Q 6.59375 63.09375 13.40625 68.65625 
+Q 20.21875 74.21875 32.171875 74.21875 
+Q 37.3125 74.21875 42.625 73.28125 
+Q 47.953125 72.359375 53.515625 70.515625 
+z
+" id="DejaVuSans-53"/>
+      <path d="M 9.8125 72.90625 
+L 24.515625 72.90625 
+L 43.109375 23.296875 
+L 61.8125 72.90625 
+L 76.515625 72.90625 
+L 76.515625 0 
+L 66.890625 0 
+L 66.890625 64.015625 
+L 48.09375 14.015625 
+L 38.1875 14.015625 
+L 19.390625 64.015625 
+L 19.390625 0 
+L 9.8125 0 
+z
+" id="DejaVuSans-4d"/>
+      <path d="M -0.296875 72.90625 
+L 61.375 72.90625 
+L 61.375 64.59375 
+L 35.5 64.59375 
+L 35.5 0 
+L 25.59375 0 
+L 25.59375 64.59375 
+L -0.296875 64.59375 
+z
+" id="DejaVuSans-54"/>
+      <path d="M 9.421875 75.984375 
+L 18.40625 75.984375 
+L 18.40625 0 
+L 9.421875 0 
+z
+" id="DejaVuSans-6c"/>
+      <path d="M 44.28125 53.078125 
+L 44.28125 44.578125 
+Q 40.484375 46.53125 36.375 47.5 
+Q 32.28125 48.484375 27.875 48.484375 
+Q 21.1875 48.484375 17.84375 46.4375 
+Q 14.5 44.390625 14.5 40.28125 
+Q 14.5 37.15625 16.890625 35.375 
+Q 19.28125 33.59375 26.515625 31.984375 
+L 29.59375 31.296875 
+Q 39.15625 29.25 43.1875 25.515625 
+Q 47.21875 21.78125 47.21875 15.09375 
+Q 47.21875 7.46875 41.1875 3.015625 
+Q 35.15625 -1.421875 24.609375 -1.421875 
+Q 20.21875 -1.421875 15.453125 -0.5625 
+Q 10.6875 0.296875 5.421875 2 
+L 5.421875 11.28125 
+Q 10.40625 8.6875 15.234375 7.390625 
+Q 20.0625 6.109375 24.8125 6.109375 
+Q 31.15625 6.109375 34.5625 8.28125 
+Q 37.984375 10.453125 37.984375 14.40625 
+Q 37.984375 18.0625 35.515625 20.015625 
+Q 33.0625 21.96875 24.703125 23.78125 
+L 21.578125 24.515625 
+Q 13.234375 26.265625 9.515625 29.90625 
+Q 5.8125 33.546875 5.8125 39.890625 
+Q 5.8125 47.609375 11.28125 51.796875 
+Q 16.75 56 26.8125 56 
+Q 31.78125 56 36.171875 55.265625 
+Q 40.578125 54.546875 44.28125 53.078125 
+z
+" id="DejaVuSans-73"/>
+     </defs>
+     <g transform="translate(28.617187 232.828)rotate(-90)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-6e"/>
+      <use x="63.378906" xlink:href="#DejaVuSans-75"/>
+      <use x="126.757812" xlink:href="#DejaVuSans-6d"/>
+      <use x="224.169922" xlink:href="#DejaVuSans-62"/>
+      <use x="287.646484" xlink:href="#DejaVuSans-65"/>
+      <use x="349.169922" xlink:href="#DejaVuSans-72"/>
+      <use x="390.283203" xlink:href="#DejaVuSans-20"/>
+      <use x="422.070312" xlink:href="#DejaVuSans-6f"/>
+      <use x="483.251953" xlink:href="#DejaVuSans-66"/>
+      <use x="518.457031" xlink:href="#DejaVuSans-20"/>
+      <use x="550.244141" xlink:href="#DejaVuSans-53"/>
+      <use x="613.720703" xlink:href="#DejaVuSans-4d"/>
+      <use x="700" xlink:href="#DejaVuSans-54"/>
+      <use x="761.083984" xlink:href="#DejaVuSans-20"/>
+      <use x="792.871094" xlink:href="#DejaVuSans-63"/>
+      <use x="847.851562" xlink:href="#DejaVuSans-6c"/>
+      <use x="875.634766" xlink:href="#DejaVuSans-61"/>
+      <use x="936.914062" xlink:href="#DejaVuSans-75"/>
+      <use x="1000.292969" xlink:href="#DejaVuSans-73"/>
+      <use x="1052.392578" xlink:href="#DejaVuSans-65"/>
+      <use x="1113.916016" xlink:href="#DejaVuSans-73"/>
+     </g>
+    </g>
+    <g id="text_15">
+     <!-- 1e7 -->
+     <defs>
+      <path d="M 8.203125 72.90625 
+L 55.078125 72.90625 
+L 55.078125 68.703125 
+L 28.609375 0 
+L 18.3125 0 
+L 43.21875 64.59375 
+L 8.203125 64.59375 
+z
+" id="DejaVuSans-37"/>
+     </defs>
+     <g transform="translate(57.6 38.472)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-31"/>
+      <use x="63.623047" xlink:href="#DejaVuSans-65"/>
+      <use x="125.146484" xlink:href="#DejaVuSans-37"/>
+     </g>
+    </g>
+   </g>
+   <g id="line2d_25">
+    <path clip-path="url(#p1f61654e5d)" d="M 73.832727 266.349266 
+L 85.027712 267.3232 
+L 96.222696 267.858573 
+L 107.41768 251.523138 
+L 118.612665 252.34556 
+L 129.807649 214.589363 
+L 141.002633 214.223772 
+L 152.197618 217.194994 
+L 163.392602 136.174839 
+L 174.587586 139.080949 
+L 185.782571 275.597715 
+L 196.977555 203.784954 
+L 208.172539 107.822808 
+L 219.367524 264.707884 
+L 230.562508 153.02052 
+L 241.757492 236.675228 
+L 252.952476 266.861856 
+L 264.147461 267.397665 
+L 275.342445 176.481369 
+L 286.537429 237.159992 
+L 297.732414 295.488 
+L 308.927398 295.088917 
+L 320.122382 294.659805 
+L 331.317367 295.451315 
+L 342.512351 295.021555 
+L 353.707335 294.886972 
+L 364.90232 294.354355 
+L 376.097304 293.776017 
+L 387.292288 294.062853 
+L 398.487273 293.393545 
+" style="fill:none;opacity:0.7;stroke:#ff0000;stroke-linecap:square;stroke-width:1.5;"/>
+    <defs>
+     <path d="M -3 3 
+L 3 3 
+L 3 -3 
+L -3 -3 
+z
+" id="m7bf399d924" style="stroke:#ff0000;stroke-linejoin:miter;"/>
+    </defs>
+    <g clip-path="url(#p1f61654e5d)">
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="73.832727" xlink:href="#m7bf399d924" y="266.349266"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="85.027712" xlink:href="#m7bf399d924" y="267.3232"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="96.222696" xlink:href="#m7bf399d924" y="267.858573"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="107.41768" xlink:href="#m7bf399d924" y="251.523138"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="118.612665" xlink:href="#m7bf399d924" y="252.34556"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="129.807649" xlink:href="#m7bf399d924" y="214.589363"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="141.002633" xlink:href="#m7bf399d924" y="214.223772"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="152.197618" xlink:href="#m7bf399d924" y="217.194994"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="163.392602" xlink:href="#m7bf399d924" y="136.174839"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="174.587586" xlink:href="#m7bf399d924" y="139.080949"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="185.782571" xlink:href="#m7bf399d924" y="275.597715"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="196.977555" xlink:href="#m7bf399d924" y="203.784954"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="208.172539" xlink:href="#m7bf399d924" y="107.822808"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="219.367524" xlink:href="#m7bf399d924" y="264.707884"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="230.562508" xlink:href="#m7bf399d924" y="153.02052"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="241.757492" xlink:href="#m7bf399d924" y="236.675228"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="252.952476" xlink:href="#m7bf399d924" y="266.861856"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="264.147461" xlink:href="#m7bf399d924" y="267.397665"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="275.342445" xlink:href="#m7bf399d924" y="176.481369"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="286.537429" xlink:href="#m7bf399d924" y="237.159992"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="297.732414" xlink:href="#m7bf399d924" y="295.488"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="308.927398" xlink:href="#m7bf399d924" y="295.088917"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="320.122382" xlink:href="#m7bf399d924" y="294.659805"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="331.317367" xlink:href="#m7bf399d924" y="295.451315"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="342.512351" xlink:href="#m7bf399d924" y="295.021555"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="353.707335" xlink:href="#m7bf399d924" y="294.886972"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="364.90232" xlink:href="#m7bf399d924" y="294.354355"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="376.097304" xlink:href="#m7bf399d924" y="293.776017"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="387.292288" xlink:href="#m7bf399d924" y="294.062853"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="398.487273" xlink:href="#m7bf399d924" y="293.393545"/>
+    </g>
+   </g>
+   <g id="line2d_26">
+    <path clip-path="url(#p1f61654e5d)" d="M 73.832727 261.528415 
+L 85.027712 261.974232 
+L 96.222696 262.251456 
+L 107.41768 243.503686 
+L 118.612665 244.124211 
+L 129.807649 187.072112 
+L 141.002633 187.308291 
+L 152.197618 189.70577 
+L 163.392602 53.568 
+L 174.587586 59.533899 
+L 185.782571 270.423774 
+L 196.977555 197.974147 
+L 208.172539 101.158843 
+L 219.367524 256.716329 
+L 230.562508 144.24225 
+L 241.757492 208.742837 
+L 252.952476 252.914121 
+L 264.147461 253.468391 
+L 275.342445 94.759414 
+L 286.537429 196.33676 
+L 297.732414 295.486209 
+L 308.927398 295.082473 
+L 320.122382 294.648378 
+L 331.317367 295.449748 
+L 342.512351 295.015229 
+L 353.707335 294.879574 
+L 364.90232 294.341019 
+L 376.097304 293.75579 
+L 387.292288 294.047892 
+L 398.487273 293.370737 
+" style="fill:none;opacity:0.7;stroke:#0000ff;stroke-linecap:square;stroke-width:1.5;"/>
+    <defs>
+     <path d="M 0 3 
+C 0.795609 3 1.55874 2.683901 2.12132 2.12132 
+C 2.683901 1.55874 3 0.795609 3 0 
+C 3 -0.795609 2.683901 -1.55874 2.12132 -2.12132 
+C 1.55874 -2.683901 0.795609 -3 0 -3 
+C -0.795609 -3 -1.55874 -2.683901 -2.12132 -2.12132 
+C -2.683901 -1.55874 -3 -0.795609 -3 0 
+C -3 0.795609 -2.683901 1.55874 -2.12132 2.12132 
+C -1.55874 2.683901 -0.795609 3 0 3 
+z
+" id="m409a4b43f6" style="stroke:#0000ff;"/>
+    </defs>
+    <g clip-path="url(#p1f61654e5d)">
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="73.832727" xlink:href="#m409a4b43f6" y="261.528415"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="85.027712" xlink:href="#m409a4b43f6" y="261.974232"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="96.222696" xlink:href="#m409a4b43f6" y="262.251456"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="107.41768" xlink:href="#m409a4b43f6" y="243.503686"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="118.612665" xlink:href="#m409a4b43f6" y="244.124211"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="129.807649" xlink:href="#m409a4b43f6" y="187.072112"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="141.002633" xlink:href="#m409a4b43f6" y="187.308291"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="152.197618" xlink:href="#m409a4b43f6" y="189.70577"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="163.392602" xlink:href="#m409a4b43f6" y="53.568"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="174.587586" xlink:href="#m409a4b43f6" y="59.533899"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="185.782571" xlink:href="#m409a4b43f6" y="270.423774"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="196.977555" xlink:href="#m409a4b43f6" y="197.974147"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="208.172539" xlink:href="#m409a4b43f6" y="101.158843"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="219.367524" xlink:href="#m409a4b43f6" y="256.716329"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="230.562508" xlink:href="#m409a4b43f6" y="144.24225"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="241.757492" xlink:href="#m409a4b43f6" y="208.742837"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="252.952476" xlink:href="#m409a4b43f6" y="252.914121"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="264.147461" xlink:href="#m409a4b43f6" y="253.468391"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="275.342445" xlink:href="#m409a4b43f6" y="94.759414"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="286.537429" xlink:href="#m409a4b43f6" y="196.33676"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="297.732414" xlink:href="#m409a4b43f6" y="295.486209"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="308.927398" xlink:href="#m409a4b43f6" y="295.082473"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="320.122382" xlink:href="#m409a4b43f6" y="294.648378"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="331.317367" xlink:href="#m409a4b43f6" y="295.449748"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="342.512351" xlink:href="#m409a4b43f6" y="295.015229"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="353.707335" xlink:href="#m409a4b43f6" y="294.879574"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="364.90232" xlink:href="#m409a4b43f6" y="294.341019"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="376.097304" xlink:href="#m409a4b43f6" y="293.75579"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="387.292288" xlink:href="#m409a4b43f6" y="294.047892"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="398.487273" xlink:href="#m409a4b43f6" y="293.370737"/>
+    </g>
+   </g>
+   <g id="patch_3">
+    <path d="M 57.6 307.584 
+L 57.6 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_4">
+    <path d="M 414.72 307.584 
+L 414.72 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_5">
+    <path d="M 57.6 307.584 
+L 414.72 307.584 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_6">
+    <path d="M 57.6 41.472 
+L 414.72 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="legend_1">
+    <g id="patch_7">
+     <path d="M 230.209062 78.82825 
+L 407.72 78.82825 
+Q 409.72 78.82825 409.72 76.82825 
+L 409.72 48.472 
+Q 409.72 46.472 407.72 46.472 
+L 230.209062 46.472 
+Q 228.209062 46.472 228.209062 48.472 
+L 228.209062 76.82825 
+Q 228.209062 78.82825 230.209062 78.82825 
+z
+" style="fill:#ffffff;opacity:0.8;stroke:#cccccc;stroke-linejoin:miter;"/>
+    </g>
+    <g id="line2d_27">
+     <path d="M 232.209062 54.570437 
+L 252.209062 54.570437 
+" style="fill:none;opacity:0.7;stroke:#ff0000;stroke-linecap:square;stroke-width:1.5;"/>
+    </g>
+    <g id="line2d_28">
+     <g>
+      <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="242.209062" xlink:href="#m7bf399d924" y="54.570437"/>
+     </g>
+    </g>
+    <g id="text_16">
+     <!-- 001indinv-apalache-unstable -->
+     <defs>
+      <path d="M 9.421875 54.6875 
+L 18.40625 54.6875 
+L 18.40625 0 
+L 9.421875 0 
+z
+M 9.421875 75.984375 
+L 18.40625 75.984375 
+L 18.40625 64.59375 
+L 9.421875 64.59375 
+z
+" id="DejaVuSans-69"/>
+      <path d="M 45.40625 46.390625 
+L 45.40625 75.984375 
+L 54.390625 75.984375 
+L 54.390625 0 
+L 45.40625 0 
+L 45.40625 8.203125 
+Q 42.578125 3.328125 38.25 0.953125 
+Q 33.9375 -1.421875 27.875 -1.421875 
+Q 17.96875 -1.421875 11.734375 6.484375 
+Q 5.515625 14.40625 5.515625 27.296875 
+Q 5.515625 40.1875 11.734375 48.09375 
+Q 17.96875 56 27.875 56 
+Q 33.9375 56 38.25 53.625 
+Q 42.578125 51.265625 45.40625 46.390625 
+z
+M 14.796875 27.296875 
+Q 14.796875 17.390625 18.875 11.75 
+Q 22.953125 6.109375 30.078125 6.109375 
+Q 37.203125 6.109375 41.296875 11.75 
+Q 45.40625 17.390625 45.40625 27.296875 
+Q 45.40625 37.203125 41.296875 42.84375 
+Q 37.203125 48.484375 30.078125 48.484375 
+Q 22.953125 48.484375 18.875 42.84375 
+Q 14.796875 37.203125 14.796875 27.296875 
+z
+" id="DejaVuSans-64"/>
+      <path d="M 2.984375 54.6875 
+L 12.5 54.6875 
+L 29.59375 8.796875 
+L 46.6875 54.6875 
+L 56.203125 54.6875 
+L 35.6875 0 
+L 23.484375 0 
+z
+" id="DejaVuSans-76"/>
+      <path d="M 4.890625 31.390625 
+L 31.203125 31.390625 
+L 31.203125 23.390625 
+L 4.890625 23.390625 
+z
+" id="DejaVuSans-2d"/>
+      <path d="M 18.109375 8.203125 
+L 18.109375 -20.796875 
+L 9.078125 -20.796875 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.390625 
+Q 20.953125 51.265625 25.265625 53.625 
+Q 29.59375 56 35.59375 56 
+Q 45.5625 56 51.78125 48.09375 
+Q 58.015625 40.1875 58.015625 27.296875 
+Q 58.015625 14.40625 51.78125 6.484375 
+Q 45.5625 -1.421875 35.59375 -1.421875 
+Q 29.59375 -1.421875 25.265625 0.953125 
+Q 20.953125 3.328125 18.109375 8.203125 
+z
+M 48.6875 27.296875 
+Q 48.6875 37.203125 44.609375 42.84375 
+Q 40.53125 48.484375 33.40625 48.484375 
+Q 26.265625 48.484375 22.1875 42.84375 
+Q 18.109375 37.203125 18.109375 27.296875 
+Q 18.109375 17.390625 22.1875 11.75 
+Q 26.265625 6.109375 33.40625 6.109375 
+Q 40.53125 6.109375 44.609375 11.75 
+Q 48.6875 17.390625 48.6875 27.296875 
+z
+" id="DejaVuSans-70"/>
+      <path d="M 18.3125 70.21875 
+L 18.3125 54.6875 
+L 36.8125 54.6875 
+L 36.8125 47.703125 
+L 18.3125 47.703125 
+L 18.3125 18.015625 
+Q 18.3125 11.328125 20.140625 9.421875 
+Q 21.96875 7.515625 27.59375 7.515625 
+L 36.8125 7.515625 
+L 36.8125 0 
+L 27.59375 0 
+Q 17.1875 0 13.234375 3.875 
+Q 9.28125 7.765625 9.28125 18.015625 
+L 9.28125 47.703125 
+L 2.6875 47.703125 
+L 2.6875 54.6875 
+L 9.28125 54.6875 
+L 9.28125 70.21875 
+z
+" id="DejaVuSans-74"/>
+     </defs>
+     <g transform="translate(260.209062 58.070437)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-30"/>
+      <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      <use x="127.246094" xlink:href="#DejaVuSans-31"/>
+      <use x="190.869141" xlink:href="#DejaVuSans-69"/>
+      <use x="218.652344" xlink:href="#DejaVuSans-6e"/>
+      <use x="282.03125" xlink:href="#DejaVuSans-64"/>
+      <use x="345.507812" xlink:href="#DejaVuSans-69"/>
+      <use x="373.291016" xlink:href="#DejaVuSans-6e"/>
+      <use x="436.669922" xlink:href="#DejaVuSans-76"/>
+      <use x="495.818359" xlink:href="#DejaVuSans-2d"/>
+      <use x="531.902344" xlink:href="#DejaVuSans-61"/>
+      <use x="593.181641" xlink:href="#DejaVuSans-70"/>
+      <use x="656.658203" xlink:href="#DejaVuSans-61"/>
+      <use x="717.9375" xlink:href="#DejaVuSans-6c"/>
+      <use x="745.720703" xlink:href="#DejaVuSans-61"/>
+      <use x="807" xlink:href="#DejaVuSans-63"/>
+      <use x="861.980469" xlink:href="#DejaVuSans-68"/>
+      <use x="925.359375" xlink:href="#DejaVuSans-65"/>
+      <use x="986.882812" xlink:href="#DejaVuSans-2d"/>
+      <use x="1022.966797" xlink:href="#DejaVuSans-75"/>
+      <use x="1086.345703" xlink:href="#DejaVuSans-6e"/>
+      <use x="1149.724609" xlink:href="#DejaVuSans-73"/>
+      <use x="1201.824219" xlink:href="#DejaVuSans-74"/>
+      <use x="1241.033203" xlink:href="#DejaVuSans-61"/>
+      <use x="1302.3125" xlink:href="#DejaVuSans-62"/>
+      <use x="1365.789062" xlink:href="#DejaVuSans-6c"/>
+      <use x="1393.572266" xlink:href="#DejaVuSans-65"/>
+     </g>
+    </g>
+    <g id="line2d_29">
+     <path d="M 232.209062 69.248562 
+L 252.209062 69.248562 
+" style="fill:none;opacity:0.7;stroke:#0000ff;stroke-linecap:square;stroke-width:1.5;"/>
+    </g>
+    <g id="line2d_30">
+     <g>
+      <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="242.209062" xlink:href="#m409a4b43f6" y="69.248562"/>
+     </g>
+    </g>
+    <g id="text_17">
+     <!-- 001indinv-apalache-card -->
+     <g transform="translate(260.209062 72.748562)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-30"/>
+      <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      <use x="127.246094" xlink:href="#DejaVuSans-31"/>
+      <use x="190.869141" xlink:href="#DejaVuSans-69"/>
+      <use x="218.652344" xlink:href="#DejaVuSans-6e"/>
+      <use x="282.03125" xlink:href="#DejaVuSans-64"/>
+      <use x="345.507812" xlink:href="#DejaVuSans-69"/>
+      <use x="373.291016" xlink:href="#DejaVuSans-6e"/>
+      <use x="436.669922" xlink:href="#DejaVuSans-76"/>
+      <use x="495.818359" xlink:href="#DejaVuSans-2d"/>
+      <use x="531.902344" xlink:href="#DejaVuSans-61"/>
+      <use x="593.181641" xlink:href="#DejaVuSans-70"/>
+      <use x="656.658203" xlink:href="#DejaVuSans-61"/>
+      <use x="717.9375" xlink:href="#DejaVuSans-6c"/>
+      <use x="745.720703" xlink:href="#DejaVuSans-61"/>
+      <use x="807" xlink:href="#DejaVuSans-63"/>
+      <use x="861.980469" xlink:href="#DejaVuSans-68"/>
+      <use x="925.359375" xlink:href="#DejaVuSans-65"/>
+      <use x="986.882812" xlink:href="#DejaVuSans-2d"/>
+      <use x="1022.966797" xlink:href="#DejaVuSans-63"/>
+      <use x="1077.947266" xlink:href="#DejaVuSans-61"/>
+      <use x="1139.226562" xlink:href="#DejaVuSans-72"/>
+      <use x="1180.324219" xlink:href="#DejaVuSans-64"/>
+     </g>
+    </g>
+   </g>
+  </g>
+ </g>
+ <defs>
+  <clipPath id="p1f61654e5d">
+   <rect height="266.112" width="357.12" x="57.6" y="41.472"/>
+  </clipPath>
+ </defs>
+</svg>
diff --git a/docs/spec/tendermint-fork-cases/results/001indinv-apalache-report.md b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-report.md
new file mode 100644
index 000000000..5bad2b0c7
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-report.md
@@ -0,0 +1,133 @@
+# Results of 001indinv-apalache
+
+
+## 1. Awesome plots
+
+### 1.1. Time (logarithmic scale)
+
+![time-log](001indinv-apalache-time-log.svg "Time Log")
+
+### 1.2. Time (linear)
+
+![time-log](001indinv-apalache-time.svg "Time Log")
+
+### 1.3. Memory (logarithmic scale)
+
+![mem-log](001indinv-apalache-mem-log.svg "Memory Log")
+
+### 1.4. Memory (linear)
+
+![mem](001indinv-apalache-mem.svg "Memory Log")
+
+### 1.5. Number of arena cells (linear)
+
+![ncells](001indinv-apalache-ncells.svg "Number of arena cells")
+
+### 1.6. Number of SMT clauses (linear)
+
+![nclauses](001indinv-apalache-nclauses.svg "Number of SMT clauses")
+
+## 2. Input parameters
+
+no  |  filename       |  tool      |  timeout  |  init      |  inv                               |  next  |  args
+----|-----------------|------------|-----------|------------|------------------------------------|--------|------------------------------
+1   |  MC_n4_f1.tla   |  apalache  |  10h      |  TypedInv  |  TypedInv                          |        |  --length=1 --cinit=ConstInit
+2   |  MC_n4_f2.tla   |  apalache  |  10h      |  TypedInv  |  TypedInv                          |        |  --length=1 --cinit=ConstInit
+3   |  MC_n4_f3.tla   |  apalache  |  10h      |  TypedInv  |  TypedInv                          |        |  --length=1 --cinit=ConstInit
+4   |  MC_n5_f1.tla   |  apalache  |  10h      |  TypedInv  |  TypedInv                          |        |  --length=1 --cinit=ConstInit
+5   |  MC_n5_f2.tla   |  apalache  |  10h      |  TypedInv  |  TypedInv                          |        |  --length=1 --cinit=ConstInit
+6   |  MC_n7_f2.tla   |  apalache  |  10h      |  TypedInv  |  TypedInv                          |        |  --length=1 --cinit=ConstInit
+7   |  MC_n7_f3.tla   |  apalache  |  10h      |  TypedInv  |  TypedInv                          |        |  --length=1 --cinit=ConstInit
+8   |  MC_n7_f4.tla   |  apalache  |  10h      |  TypedInv  |  TypedInv                          |        |  --length=1 --cinit=ConstInit
+9   |  MC_n10_f3.tla  |  apalache  |  24h      |  TypedInv  |  TypedInv                          |        |  --length=1 --cinit=ConstInit
+10  |  MC_n10_f4.tla  |  apalache  |  24h      |  TypedInv  |  TypedInv                          |        |  --length=1 --cinit=ConstInit
+11  |  MC_n4_f1.tla   |  apalache  |  10h      |  TypedInv  |  Agreement                         |        |  --length=0 --cinit=ConstInit
+12  |  MC_n4_f2.tla   |  apalache  |  10h      |  TypedInv  |  AgreementOrEquivocationOrAmnesia  |        |  --length=0 --cinit=ConstInit
+13  |  MC_n4_f3.tla   |  apalache  |  10h      |  TypedInv  |  AgreementOrEquivocationOrAmnesia  |        |  --length=0 --cinit=ConstInit
+14  |  MC_n5_f1.tla   |  apalache  |  10h      |  TypedInv  |  Agreement                         |        |  --length=0 --cinit=ConstInit
+15  |  MC_n5_f2.tla   |  apalache  |  10h      |  TypedInv  |  AgreementOrEquivocationOrAmnesia  |        |  --length=0 --cinit=ConstInit
+16  |  MC_n7_f2.tla   |  apalache  |  10h      |  TypedInv  |  Agreement                         |        |  --length=0 --cinit=ConstInit
+17  |  MC_n7_f3.tla   |  apalache  |  10h      |  TypedInv  |  AgreementOrEquivocationOrAmnesia  |        |  --length=0 --cinit=ConstInit
+18  |  MC_n7_f4.tla   |  apalache  |  10h      |  TypedInv  |  AgreementOrEquivocationOrAmnesia  |        |  --length=0 --cinit=ConstInit
+19  |  MC_n10_f3.tla  |  apalache  |  24h      |  TypedInv  |  Agreement                         |        |  --length=0 --cinit=ConstInit
+20  |  MC_n10_f4.tla  |  apalache  |  24h      |  TypedInv  |  AgreementOrEquivocationOrAmnesia  |        |  --length=0 --cinit=ConstInit
+21  |  MC_n4_f1.tla   |  apalache  |  10h      |  Init      |  TypedInv                          |        |  --length=0 --cinit=ConstInit
+22  |  MC_n4_f2.tla   |  apalache  |  10h      |  Init      |  TypedInv                          |        |  --length=0 --cinit=ConstInit
+23  |  MC_n4_f3.tla   |  apalache  |  10h      |  Init      |  TypedInv                          |        |  --length=0 --cinit=ConstInit
+24  |  MC_n5_f1.tla   |  apalache  |  10h      |  Init      |  TypedInv                          |        |  --length=0 --cinit=ConstInit
+25  |  MC_n5_f2.tla   |  apalache  |  10h      |  Init      |  TypedInv                          |        |  --length=0 --cinit=ConstInit
+26  |  MC_n7_f2.tla   |  apalache  |  10h      |  Init      |  TypedInv                          |        |  --length=0 --cinit=ConstInit
+27  |  MC_n7_f3.tla   |  apalache  |  10h      |  Init      |  TypedInv                          |        |  --length=0 --cinit=ConstInit
+28  |  MC_n7_f4.tla   |  apalache  |  10h      |  Init      |  TypedInv                          |        |  --length=0 --cinit=ConstInit
+29  |  MC_n10_f3.tla  |  apalache  |  24h      |  Init      |  TypedInv                          |        |  --length=0 --cinit=ConstInit
+30  |  MC_n10_f4.tla  |  apalache  |  24h      |  Init      |  TypedInv                          |        |  --length=0 --cinit=ConstInit
+
+## 3. Detailed results: 001indinv-apalache-unstable.csv
+
+01:no  |  02:tool   |  03:status  |  04:time_sec  |  05:depth  |  05:mem_kb  |  10:ninit_trans  |  11:ninit_trans  |  12:ncells  |  13:nclauses  |  14:navg_clause_len
+-------|------------|-------------|---------------|------------|-------------|------------------|------------------|-------------|---------------|--------------------
+1      |  apalache  |  NoError    |  21m          |  1         |  8.0GB      |  0               |  0               |  330K       |  2.0M         |  25
+2      |  apalache  |  NoError    |  20m          |  1         |  8.0GB      |  0               |  0               |  313K       |  2.0M         |  25
+3      |  apalache  |  NoError    |  19m          |  1         |  7.0GB      |  0               |  0               |  299K       |  2.0M         |  25
+4      |  apalache  |  NoError    |  39m          |  1         |  11GB       |  0               |  0               |  461K       |  3.0M         |  26
+5      |  apalache  |  NoError    |  40m          |  1         |  11GB       |  0               |  0               |  445K       |  3.0M         |  27
+6      |  apalache  |  NoError    |  2h02m        |  1         |  14GB       |  0               |  0               |  780K       |  6.0M         |  28
+7      |  apalache  |  NoError    |  2h02m        |  1         |  14GB       |  0               |  0               |  754K       |  6.0M         |  29
+8      |  apalache  |  NoError    |  2h02m        |  1         |  14GB       |  0               |  0               |  728K       |  6.0M         |  29
+9      |  apalache  |  NoError    |  11h          |  1         |  20GB       |  0               |  0               |  1.0M       |  13M          |  31
+10     |  apalache  |  NoError    |  11h          |  1         |  20GB       |  0               |  0               |  1.0M       |  13M          |  32
+11     |  apalache  |  NoError    |  6m06s        |  0         |  5.0GB      |  0               |  0               |  219K       |  1.0M         |  20
+12     |  apalache  |  NoError    |  17m          |  0         |  17GB       |  0               |  0               |  2.0M       |  7.0M         |  11
+13     |  apalache  |  NoError    |  25m          |  0         |  22GB       |  0               |  0               |  6.0M       |  15M          |  10
+14     |  apalache  |  NoError    |  11m          |  0         |  7.0GB      |  0               |  0               |  326K       |  2.0M         |  22
+15     |  apalache  |  NoError    |  31m          |  0         |  21GB       |  0               |  0               |  4.0M       |  12M          |  11
+16     |  apalache  |  NoError    |  39m          |  0         |  13GB       |  0               |  0               |  592K       |  5.0M         |  24
+17     |  apalache  |  Fail       |  1h01m        |  0         |  27GB       |  0               |  0               |  280K       |  2.0M         |  24
+18     |  apalache  |  Fail       |  1h01m        |  0         |  27GB       |  0               |  0               |  268K       |  2.0M         |  24
+19     |  apalache  |  NoError    |  2h02m        |  0         |  19GB       |  0               |  0               |  1.0M       |  10M          |  27
+20     |  apalache  |  Fail       |  2h02m        |  0         |  30GB       |  0               |  0               |  564K       |  4.0M         |  28
+21     |  apalache  |  NoError    |  12s          |  0         |  588MB      |  0               |  0               |  5.0K       |  33K          |  23
+22     |  apalache  |  NoError    |  18s          |  0         |  816MB      |  0               |  0               |  9.0K       |  67K          |  23
+23     |  apalache  |  NoError    |  25s          |  0         |  937MB      |  0               |  0               |  12K        |  103K         |  22
+24     |  apalache  |  NoError    |  13s          |  0         |  776MB      |  0               |  0               |  5.0K       |  36K          |  25
+25     |  apalache  |  NoError    |  19s          |  0         |  807MB      |  0               |  0               |  9.0K       |  73K          |  25
+26     |  apalache  |  NoError    |  23s          |  0         |  976MB      |  0               |  0               |  10K        |  84K          |  29
+27     |  apalache  |  NoError    |  34s          |  0         |  1.0GB      |  0               |  0               |  14K        |  129K         |  28
+28     |  apalache  |  NoError    |  42s          |  0         |  1.0GB      |  0               |  0               |  18K        |  179K         |  27
+29     |  apalache  |  NoError    |  43s          |  0         |  1.0GB      |  0               |  0               |  14K        |  154K         |  32
+30     |  apalache  |  NoError    |  59s          |  0         |  1.0GB      |  0               |  0               |  18K        |  211K         |  31
+
+## 4. Detailed results: 001indinv-apalache-card.csv
+
+01:no  |  02:tool   |  03:status  |  04:time_sec  |  05:depth  |  05:mem_kb  |  10:ninit_trans  |  11:ninit_trans  |  12:ncells  |  13:nclauses  |  14:navg_clause_len
+-------|------------|-------------|---------------|------------|-------------|------------------|------------------|-------------|---------------|--------------------
+1      |  apalache  |  NoError    |  12m          |  1         |  6.0GB      |  0               |  0               |  255K       |  2.0M         |  20
+2      |  apalache  |  NoError    |  11m          |  1         |  6.0GB      |  0               |  0               |  241K       |  2.0M         |  21
+3      |  apalache  |  NoError    |  9m09s        |  1         |  6.0GB      |  0               |  0               |  227K       |  2.0M         |  21
+4      |  apalache  |  NoError    |  24m          |  1         |  9.0GB      |  0               |  0               |  346K       |  4.0M         |  21
+5      |  apalache  |  NoError    |  20m          |  1         |  10GB       |  0               |  0               |  329K       |  4.0M         |  21
+6      |  apalache  |  NoError    |  55m          |  1         |  13GB       |  0               |  0               |  560K       |  9.0M         |  20
+7      |  apalache  |  NoError    |  54m          |  1         |  13GB       |  0               |  0               |  531K       |  9.0M         |  21
+8      |  apalache  |  NoError    |  48m          |  1         |  12GB       |  0               |  0               |  508K       |  9.0M         |  21
+9      |  apalache  |  NoError    |  3h03m        |  1         |  16GB       |  0               |  0               |  1.0M       |  20M          |  20
+10     |  apalache  |  NoError    |  2h02m        |  1         |  16GB       |  0               |  0               |  940K       |  20M          |  20
+11     |  apalache  |  NoError    |  4m04s        |  0         |  3.0GB      |  0               |  0               |  148K       |  2.0M         |  17
+12     |  apalache  |  NoError    |  14m          |  0         |  16GB       |  0               |  0               |  2.0M       |  8.0M         |  10
+13     |  apalache  |  NoError    |  23m          |  0         |  22GB       |  0               |  0               |  6.0M       |  16M          |  10
+14     |  apalache  |  NoError    |  7m07s        |  0         |  5.0GB      |  0               |  0               |  212K       |  3.0M         |  17
+15     |  apalache  |  NoError    |  23m          |  0         |  20GB       |  0               |  0               |  4.0M       |  12M          |  10
+16     |  apalache  |  NoError    |  20m          |  0         |  8.0GB      |  0               |  0               |  374K       |  7.0M         |  16
+17     |  apalache  |  Fail       |  43m          |  0         |  26GB       |  0               |  0               |  172K       |  3.0M         |  17
+18     |  apalache  |  Fail       |  43m          |  0         |  27GB       |  0               |  0               |  160K       |  3.0M         |  17
+19     |  apalache  |  NoError    |  52m          |  0         |  16GB       |  0               |  0               |  734K       |  17M          |  16
+20     |  apalache  |  Fail       |  1h01m        |  0         |  28GB       |  0               |  0               |  341K       |  8.0M         |  16
+21     |  apalache  |  NoError    |  12s          |  0         |  580MB      |  0               |  0               |  5.0K       |  33K          |  23
+22     |  apalache  |  NoError    |  17s          |  0         |  840MB      |  0               |  0               |  9.0K       |  68K          |  23
+23     |  apalache  |  NoError    |  25s          |  0         |  1.0GB      |  0               |  0               |  12K        |  104K         |  22
+24     |  apalache  |  NoError    |  13s          |  0         |  748MB      |  0               |  0               |  5.0K       |  36K          |  25
+25     |  apalache  |  NoError    |  20s          |  0         |  791MB      |  0               |  0               |  9.0K       |  73K          |  25
+26     |  apalache  |  NoError    |  24s          |  0         |  1009MB     |  0               |  0               |  10K        |  85K          |  28
+27     |  apalache  |  NoError    |  33s          |  0         |  1.0GB      |  0               |  0               |  14K        |  131K         |  28
+28     |  apalache  |  NoError    |  44s          |  0         |  1.0GB      |  0               |  0               |  18K        |  180K         |  27
+29     |  apalache  |  NoError    |  45s          |  0         |  1.0GB      |  0               |  0               |  14K        |  155K         |  32
+30     |  apalache  |  NoError    |  55s          |  0         |  1.0GB      |  0               |  0               |  18K        |  213K         |  31
diff --git a/docs/spec/tendermint-fork-cases/results/001indinv-apalache-time-log.svg b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-time-log.svg
new file mode 100644
index 000000000..b4d69bab9
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-time-log.svg
@@ -0,0 +1,1354 @@
+<?xml version="1.0" encoding="utf-8" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"
+  "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<!-- Created with matplotlib (http://matplotlib.org/) -->
+<svg height="345pt" version="1.1" viewBox="0 0 460 345" width="460pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+ <defs>
+  <style type="text/css">
+*{stroke-linecap:butt;stroke-linejoin:round;}
+  </style>
+ </defs>
+ <g id="figure_1">
+  <g id="patch_1">
+   <path d="M 0 345.6 
+L 460.8 345.6 
+L 460.8 0 
+L 0 0 
+z
+" style="fill:#ffffff;"/>
+  </g>
+  <g id="axes_1">
+   <g id="patch_2">
+    <path d="M 57.6 307.584 
+L 414.72 307.584 
+L 414.72 41.472 
+L 57.6 41.472 
+z
+" style="fill:#ffffff;"/>
+   </g>
+   <g id="matplotlib.axis_1">
+    <g id="xtick_1">
+     <g id="line2d_1">
+      <path clip-path="url(#pfe63dfec0c)" d="M 62.637743 307.584 
+L 62.637743 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_2">
+      <defs>
+       <path d="M 0 0 
+L 0 3.5 
+" id="maf222ef69f" style="stroke:#000000;stroke-width:0.8;"/>
+      </defs>
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="62.637743" xlink:href="#maf222ef69f" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_1">
+      <!-- 0 -->
+      <defs>
+       <path d="M 31.78125 66.40625 
+Q 24.171875 66.40625 20.328125 58.90625 
+Q 16.5 51.421875 16.5 36.375 
+Q 16.5 21.390625 20.328125 13.890625 
+Q 24.171875 6.390625 31.78125 6.390625 
+Q 39.453125 6.390625 43.28125 13.890625 
+Q 47.125 21.390625 47.125 36.375 
+Q 47.125 51.421875 43.28125 58.90625 
+Q 39.453125 66.40625 31.78125 66.40625 
+z
+M 31.78125 74.21875 
+Q 44.046875 74.21875 50.515625 64.515625 
+Q 56.984375 54.828125 56.984375 36.375 
+Q 56.984375 17.96875 50.515625 8.265625 
+Q 44.046875 -1.421875 31.78125 -1.421875 
+Q 19.53125 -1.421875 13.0625 8.265625 
+Q 6.59375 17.96875 6.59375 36.375 
+Q 6.59375 54.828125 13.0625 64.515625 
+Q 19.53125 74.21875 31.78125 74.21875 
+z
+" id="DejaVuSans-30"/>
+      </defs>
+      <g transform="translate(59.456493 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_2">
+     <g id="line2d_3">
+      <path clip-path="url(#pfe63dfec0c)" d="M 118.612665 307.584 
+L 118.612665 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_4">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="118.612665" xlink:href="#maf222ef69f" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_2">
+      <!-- 5 -->
+      <defs>
+       <path d="M 10.796875 72.90625 
+L 49.515625 72.90625 
+L 49.515625 64.59375 
+L 19.828125 64.59375 
+L 19.828125 46.734375 
+Q 21.96875 47.46875 24.109375 47.828125 
+Q 26.265625 48.1875 28.421875 48.1875 
+Q 40.625 48.1875 47.75 41.5 
+Q 54.890625 34.8125 54.890625 23.390625 
+Q 54.890625 11.625 47.5625 5.09375 
+Q 40.234375 -1.421875 26.90625 -1.421875 
+Q 22.3125 -1.421875 17.546875 -0.640625 
+Q 12.796875 0.140625 7.71875 1.703125 
+L 7.71875 11.625 
+Q 12.109375 9.234375 16.796875 8.0625 
+Q 21.484375 6.890625 26.703125 6.890625 
+Q 35.15625 6.890625 40.078125 11.328125 
+Q 45.015625 15.765625 45.015625 23.390625 
+Q 45.015625 31 40.078125 35.4375 
+Q 35.15625 39.890625 26.703125 39.890625 
+Q 22.75 39.890625 18.8125 39.015625 
+Q 14.890625 38.140625 10.796875 36.28125 
+z
+" id="DejaVuSans-35"/>
+      </defs>
+      <g transform="translate(115.431415 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_3">
+     <g id="line2d_5">
+      <path clip-path="url(#pfe63dfec0c)" d="M 174.587586 307.584 
+L 174.587586 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_6">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="174.587586" xlink:href="#maf222ef69f" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_3">
+      <!-- 10 -->
+      <defs>
+       <path d="M 12.40625 8.296875 
+L 28.515625 8.296875 
+L 28.515625 63.921875 
+L 10.984375 60.40625 
+L 10.984375 69.390625 
+L 28.421875 72.90625 
+L 38.28125 72.90625 
+L 38.28125 8.296875 
+L 54.390625 8.296875 
+L 54.390625 0 
+L 12.40625 0 
+z
+" id="DejaVuSans-31"/>
+      </defs>
+      <g transform="translate(168.225086 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_4">
+     <g id="line2d_7">
+      <path clip-path="url(#pfe63dfec0c)" d="M 230.562508 307.584 
+L 230.562508 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_8">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="230.562508" xlink:href="#maf222ef69f" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_4">
+      <!-- 15 -->
+      <g transform="translate(224.200008 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_5">
+     <g id="line2d_9">
+      <path clip-path="url(#pfe63dfec0c)" d="M 286.537429 307.584 
+L 286.537429 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_10">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="286.537429" xlink:href="#maf222ef69f" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_5">
+      <!-- 20 -->
+      <defs>
+       <path d="M 19.1875 8.296875 
+L 53.609375 8.296875 
+L 53.609375 0 
+L 7.328125 0 
+L 7.328125 8.296875 
+Q 12.9375 14.109375 22.625 23.890625 
+Q 32.328125 33.6875 34.8125 36.53125 
+Q 39.546875 41.84375 41.421875 45.53125 
+Q 43.3125 49.21875 43.3125 52.78125 
+Q 43.3125 58.59375 39.234375 62.25 
+Q 35.15625 65.921875 28.609375 65.921875 
+Q 23.96875 65.921875 18.8125 64.3125 
+Q 13.671875 62.703125 7.8125 59.421875 
+L 7.8125 69.390625 
+Q 13.765625 71.78125 18.9375 73 
+Q 24.125 74.21875 28.421875 74.21875 
+Q 39.75 74.21875 46.484375 68.546875 
+Q 53.21875 62.890625 53.21875 53.421875 
+Q 53.21875 48.921875 51.53125 44.890625 
+Q 49.859375 40.875 45.40625 35.40625 
+Q 44.1875 33.984375 37.640625 27.21875 
+Q 31.109375 20.453125 19.1875 8.296875 
+z
+" id="DejaVuSans-32"/>
+      </defs>
+      <g transform="translate(280.174929 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_6">
+     <g id="line2d_11">
+      <path clip-path="url(#pfe63dfec0c)" d="M 342.512351 307.584 
+L 342.512351 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_12">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="342.512351" xlink:href="#maf222ef69f" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_6">
+      <!-- 25 -->
+      <g transform="translate(336.149851 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_7">
+     <g id="line2d_13">
+      <path clip-path="url(#pfe63dfec0c)" d="M 398.487273 307.584 
+L 398.487273 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_14">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="398.487273" xlink:href="#maf222ef69f" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_7">
+      <!-- 30 -->
+      <defs>
+       <path d="M 40.578125 39.3125 
+Q 47.65625 37.796875 51.625 33 
+Q 55.609375 28.21875 55.609375 21.1875 
+Q 55.609375 10.40625 48.1875 4.484375 
+Q 40.765625 -1.421875 27.09375 -1.421875 
+Q 22.515625 -1.421875 17.65625 -0.515625 
+Q 12.796875 0.390625 7.625 2.203125 
+L 7.625 11.71875 
+Q 11.71875 9.328125 16.59375 8.109375 
+Q 21.484375 6.890625 26.8125 6.890625 
+Q 36.078125 6.890625 40.9375 10.546875 
+Q 45.796875 14.203125 45.796875 21.1875 
+Q 45.796875 27.640625 41.28125 31.265625 
+Q 36.765625 34.90625 28.71875 34.90625 
+L 20.21875 34.90625 
+L 20.21875 43.015625 
+L 29.109375 43.015625 
+Q 36.375 43.015625 40.234375 45.921875 
+Q 44.09375 48.828125 44.09375 54.296875 
+Q 44.09375 59.90625 40.109375 62.90625 
+Q 36.140625 65.921875 28.71875 65.921875 
+Q 24.65625 65.921875 20.015625 65.03125 
+Q 15.375 64.15625 9.8125 62.3125 
+L 9.8125 71.09375 
+Q 15.4375 72.65625 20.34375 73.4375 
+Q 25.25 74.21875 29.59375 74.21875 
+Q 40.828125 74.21875 47.359375 69.109375 
+Q 53.90625 64.015625 53.90625 55.328125 
+Q 53.90625 49.265625 50.4375 45.09375 
+Q 46.96875 40.921875 40.578125 39.3125 
+z
+" id="DejaVuSans-33"/>
+      </defs>
+      <g transform="translate(392.124773 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-33"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="text_8">
+     <!-- benchmark -->
+     <defs>
+      <path d="M 48.6875 27.296875 
+Q 48.6875 37.203125 44.609375 42.84375 
+Q 40.53125 48.484375 33.40625 48.484375 
+Q 26.265625 48.484375 22.1875 42.84375 
+Q 18.109375 37.203125 18.109375 27.296875 
+Q 18.109375 17.390625 22.1875 11.75 
+Q 26.265625 6.109375 33.40625 6.109375 
+Q 40.53125 6.109375 44.609375 11.75 
+Q 48.6875 17.390625 48.6875 27.296875 
+z
+M 18.109375 46.390625 
+Q 20.953125 51.265625 25.265625 53.625 
+Q 29.59375 56 35.59375 56 
+Q 45.5625 56 51.78125 48.09375 
+Q 58.015625 40.1875 58.015625 27.296875 
+Q 58.015625 14.40625 51.78125 6.484375 
+Q 45.5625 -1.421875 35.59375 -1.421875 
+Q 29.59375 -1.421875 25.265625 0.953125 
+Q 20.953125 3.328125 18.109375 8.203125 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 75.984375 
+L 18.109375 75.984375 
+z
+" id="DejaVuSans-62"/>
+      <path d="M 56.203125 29.59375 
+L 56.203125 25.203125 
+L 14.890625 25.203125 
+Q 15.484375 15.921875 20.484375 11.0625 
+Q 25.484375 6.203125 34.421875 6.203125 
+Q 39.59375 6.203125 44.453125 7.46875 
+Q 49.3125 8.734375 54.109375 11.28125 
+L 54.109375 2.78125 
+Q 49.265625 0.734375 44.1875 -0.34375 
+Q 39.109375 -1.421875 33.890625 -1.421875 
+Q 20.796875 -1.421875 13.15625 6.1875 
+Q 5.515625 13.8125 5.515625 26.8125 
+Q 5.515625 40.234375 12.765625 48.109375 
+Q 20.015625 56 32.328125 56 
+Q 43.359375 56 49.78125 48.890625 
+Q 56.203125 41.796875 56.203125 29.59375 
+z
+M 47.21875 32.234375 
+Q 47.125 39.59375 43.09375 43.984375 
+Q 39.0625 48.390625 32.421875 48.390625 
+Q 24.90625 48.390625 20.390625 44.140625 
+Q 15.875 39.890625 15.1875 32.171875 
+z
+" id="DejaVuSans-65"/>
+      <path d="M 54.890625 33.015625 
+L 54.890625 0 
+L 45.90625 0 
+L 45.90625 32.71875 
+Q 45.90625 40.484375 42.875 44.328125 
+Q 39.84375 48.1875 33.796875 48.1875 
+Q 26.515625 48.1875 22.3125 43.546875 
+Q 18.109375 38.921875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 21.34375 51.125 25.703125 53.5625 
+Q 30.078125 56 35.796875 56 
+Q 45.21875 56 50.046875 50.171875 
+Q 54.890625 44.34375 54.890625 33.015625 
+z
+" id="DejaVuSans-6e"/>
+      <path d="M 48.78125 52.59375 
+L 48.78125 44.1875 
+Q 44.96875 46.296875 41.140625 47.34375 
+Q 37.3125 48.390625 33.40625 48.390625 
+Q 24.65625 48.390625 19.8125 42.84375 
+Q 14.984375 37.3125 14.984375 27.296875 
+Q 14.984375 17.28125 19.8125 11.734375 
+Q 24.65625 6.203125 33.40625 6.203125 
+Q 37.3125 6.203125 41.140625 7.25 
+Q 44.96875 8.296875 48.78125 10.40625 
+L 48.78125 2.09375 
+Q 45.015625 0.34375 40.984375 -0.53125 
+Q 36.96875 -1.421875 32.421875 -1.421875 
+Q 20.0625 -1.421875 12.78125 6.34375 
+Q 5.515625 14.109375 5.515625 27.296875 
+Q 5.515625 40.671875 12.859375 48.328125 
+Q 20.21875 56 33.015625 56 
+Q 37.15625 56 41.109375 55.140625 
+Q 45.0625 54.296875 48.78125 52.59375 
+z
+" id="DejaVuSans-63"/>
+      <path d="M 54.890625 33.015625 
+L 54.890625 0 
+L 45.90625 0 
+L 45.90625 32.71875 
+Q 45.90625 40.484375 42.875 44.328125 
+Q 39.84375 48.1875 33.796875 48.1875 
+Q 26.515625 48.1875 22.3125 43.546875 
+Q 18.109375 38.921875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 75.984375 
+L 18.109375 75.984375 
+L 18.109375 46.1875 
+Q 21.34375 51.125 25.703125 53.5625 
+Q 30.078125 56 35.796875 56 
+Q 45.21875 56 50.046875 50.171875 
+Q 54.890625 44.34375 54.890625 33.015625 
+z
+" id="DejaVuSans-68"/>
+      <path d="M 52 44.1875 
+Q 55.375 50.25 60.0625 53.125 
+Q 64.75 56 71.09375 56 
+Q 79.640625 56 84.28125 50.015625 
+Q 88.921875 44.046875 88.921875 33.015625 
+L 88.921875 0 
+L 79.890625 0 
+L 79.890625 32.71875 
+Q 79.890625 40.578125 77.09375 44.375 
+Q 74.3125 48.1875 68.609375 48.1875 
+Q 61.625 48.1875 57.5625 43.546875 
+Q 53.515625 38.921875 53.515625 30.90625 
+L 53.515625 0 
+L 44.484375 0 
+L 44.484375 32.71875 
+Q 44.484375 40.625 41.703125 44.40625 
+Q 38.921875 48.1875 33.109375 48.1875 
+Q 26.21875 48.1875 22.15625 43.53125 
+Q 18.109375 38.875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 21.1875 51.21875 25.484375 53.609375 
+Q 29.78125 56 35.6875 56 
+Q 41.65625 56 45.828125 52.96875 
+Q 50 49.953125 52 44.1875 
+z
+" id="DejaVuSans-6d"/>
+      <path d="M 34.28125 27.484375 
+Q 23.390625 27.484375 19.1875 25 
+Q 14.984375 22.515625 14.984375 16.5 
+Q 14.984375 11.71875 18.140625 8.90625 
+Q 21.296875 6.109375 26.703125 6.109375 
+Q 34.1875 6.109375 38.703125 11.40625 
+Q 43.21875 16.703125 43.21875 25.484375 
+L 43.21875 27.484375 
+z
+M 52.203125 31.203125 
+L 52.203125 0 
+L 43.21875 0 
+L 43.21875 8.296875 
+Q 40.140625 3.328125 35.546875 0.953125 
+Q 30.953125 -1.421875 24.3125 -1.421875 
+Q 15.921875 -1.421875 10.953125 3.296875 
+Q 6 8.015625 6 15.921875 
+Q 6 25.140625 12.171875 29.828125 
+Q 18.359375 34.515625 30.609375 34.515625 
+L 43.21875 34.515625 
+L 43.21875 35.40625 
+Q 43.21875 41.609375 39.140625 45 
+Q 35.0625 48.390625 27.6875 48.390625 
+Q 23 48.390625 18.546875 47.265625 
+Q 14.109375 46.140625 10.015625 43.890625 
+L 10.015625 52.203125 
+Q 14.9375 54.109375 19.578125 55.046875 
+Q 24.21875 56 28.609375 56 
+Q 40.484375 56 46.34375 49.84375 
+Q 52.203125 43.703125 52.203125 31.203125 
+z
+" id="DejaVuSans-61"/>
+      <path d="M 41.109375 46.296875 
+Q 39.59375 47.171875 37.8125 47.578125 
+Q 36.03125 48 33.890625 48 
+Q 26.265625 48 22.1875 43.046875 
+Q 18.109375 38.09375 18.109375 28.8125 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 20.953125 51.171875 25.484375 53.578125 
+Q 30.03125 56 36.53125 56 
+Q 37.453125 56 38.578125 55.875 
+Q 39.703125 55.765625 41.0625 55.515625 
+z
+" id="DejaVuSans-72"/>
+      <path d="M 9.078125 75.984375 
+L 18.109375 75.984375 
+L 18.109375 31.109375 
+L 44.921875 54.6875 
+L 56.390625 54.6875 
+L 27.390625 29.109375 
+L 57.625 0 
+L 45.90625 0 
+L 18.109375 26.703125 
+L 18.109375 0 
+L 9.078125 0 
+z
+" id="DejaVuSans-6b"/>
+     </defs>
+     <g transform="translate(207.937344 335.860562)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-62"/>
+      <use x="63.476562" xlink:href="#DejaVuSans-65"/>
+      <use x="125" xlink:href="#DejaVuSans-6e"/>
+      <use x="188.378906" xlink:href="#DejaVuSans-63"/>
+      <use x="243.359375" xlink:href="#DejaVuSans-68"/>
+      <use x="306.738281" xlink:href="#DejaVuSans-6d"/>
+      <use x="404.150391" xlink:href="#DejaVuSans-61"/>
+      <use x="465.429688" xlink:href="#DejaVuSans-72"/>
+      <use x="506.542969" xlink:href="#DejaVuSans-6b"/>
+     </g>
+    </g>
+   </g>
+   <g id="matplotlib.axis_2">
+    <g id="ytick_1">
+     <g id="line2d_15">
+      <path clip-path="url(#pfe63dfec0c)" d="M 57.6 300.888135 
+L 414.72 300.888135 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_16">
+      <defs>
+       <path d="M 0 0 
+L -3.5 0 
+" id="mf3f74c5a7b" style="stroke:#000000;stroke-width:0.8;"/>
+      </defs>
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#mf3f74c5a7b" y="300.888135"/>
+      </g>
+     </g>
+     <g id="text_9">
+      <!-- $\mathdefault{10^{1}}$ -->
+      <g transform="translate(33 304.687354)scale(0.1 -0.1)">
+       <use transform="translate(0 0.684375)" xlink:href="#DejaVuSans-31"/>
+       <use transform="translate(63.623047 0.684375)" xlink:href="#DejaVuSans-30"/>
+       <use transform="translate(128.203125 38.965625)scale(0.7)" xlink:href="#DejaVuSans-31"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_2">
+     <g id="line2d_17">
+      <path clip-path="url(#pfe63dfec0c)" d="M 57.6 232.68846 
+L 414.72 232.68846 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_18">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#mf3f74c5a7b" y="232.68846"/>
+      </g>
+     </g>
+     <g id="text_10">
+      <!-- $\mathdefault{10^{2}}$ -->
+      <g transform="translate(33 236.487679)scale(0.1 -0.1)">
+       <use transform="translate(0 0.765625)" xlink:href="#DejaVuSans-31"/>
+       <use transform="translate(63.623047 0.765625)" xlink:href="#DejaVuSans-30"/>
+       <use transform="translate(128.203125 39.046875)scale(0.7)" xlink:href="#DejaVuSans-32"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_3">
+     <g id="line2d_19">
+      <path clip-path="url(#pfe63dfec0c)" d="M 57.6 164.488785 
+L 414.72 164.488785 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_20">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#mf3f74c5a7b" y="164.488785"/>
+      </g>
+     </g>
+     <g id="text_11">
+      <!-- $\mathdefault{10^{3}}$ -->
+      <g transform="translate(33 168.288004)scale(0.1 -0.1)">
+       <use transform="translate(0 0.765625)" xlink:href="#DejaVuSans-31"/>
+       <use transform="translate(63.623047 0.765625)" xlink:href="#DejaVuSans-30"/>
+       <use transform="translate(128.203125 39.046875)scale(0.7)" xlink:href="#DejaVuSans-33"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_4">
+     <g id="line2d_21">
+      <path clip-path="url(#pfe63dfec0c)" d="M 57.6 96.28911 
+L 414.72 96.28911 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_22">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#mf3f74c5a7b" y="96.28911"/>
+      </g>
+     </g>
+     <g id="text_12">
+      <!-- $\mathdefault{10^{4}}$ -->
+      <defs>
+       <path d="M 37.796875 64.3125 
+L 12.890625 25.390625 
+L 37.796875 25.390625 
+z
+M 35.203125 72.90625 
+L 47.609375 72.90625 
+L 47.609375 25.390625 
+L 58.015625 25.390625 
+L 58.015625 17.1875 
+L 47.609375 17.1875 
+L 47.609375 0 
+L 37.796875 0 
+L 37.796875 17.1875 
+L 4.890625 17.1875 
+L 4.890625 26.703125 
+z
+" id="DejaVuSans-34"/>
+      </defs>
+      <g transform="translate(33 100.088329)scale(0.1 -0.1)">
+       <use transform="translate(0 0.684375)" xlink:href="#DejaVuSans-31"/>
+       <use transform="translate(63.623047 0.684375)" xlink:href="#DejaVuSans-30"/>
+       <use transform="translate(128.203125 38.965625)scale(0.7)" xlink:href="#DejaVuSans-34"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_5">
+     <g id="line2d_23">
+      <defs>
+       <path d="M 0 0 
+L -2 0 
+" id="m163af7a352" style="stroke:#000000;stroke-width:0.6;"/>
+      </defs>
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="307.497367"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_6">
+     <g id="line2d_24">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="304.008781"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_7">
+     <g id="line2d_25">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="280.357987"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_8">
+     <g id="line2d_26">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="268.348621"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_9">
+     <g id="line2d_27">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="259.82784"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_10">
+     <g id="line2d_28">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="253.218608"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_11">
+     <g id="line2d_29">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="247.818473"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_12">
+     <g id="line2d_30">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="243.252724"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_13">
+     <g id="line2d_31">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="239.297692"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_14">
+     <g id="line2d_32">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="235.809106"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_15">
+     <g id="line2d_33">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="212.158312"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_16">
+     <g id="line2d_34">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="200.148946"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_17">
+     <g id="line2d_35">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="191.628165"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_18">
+     <g id="line2d_36">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="185.018933"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_19">
+     <g id="line2d_37">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="179.618798"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_20">
+     <g id="line2d_38">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="175.053049"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_21">
+     <g id="line2d_39">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="171.098017"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_22">
+     <g id="line2d_40">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="167.609431"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_23">
+     <g id="line2d_41">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="143.958638"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_24">
+     <g id="line2d_42">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="131.949271"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_25">
+     <g id="line2d_43">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="123.42849"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_26">
+     <g id="line2d_44">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="116.819258"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_27">
+     <g id="line2d_45">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="111.419123"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_28">
+     <g id="line2d_46">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="106.853374"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_29">
+     <g id="line2d_47">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="102.898342"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_30">
+     <g id="line2d_48">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="99.409756"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_31">
+     <g id="line2d_49">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="75.758963"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_32">
+     <g id="line2d_50">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="63.749596"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_33">
+     <g id="line2d_51">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="55.228815"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_34">
+     <g id="line2d_52">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="48.619583"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_35">
+     <g id="line2d_53">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.6;" x="57.6" xlink:href="#m163af7a352" y="43.219448"/>
+      </g>
+     </g>
+    </g>
+    <g id="text_13">
+     <!-- time, sec, logscale -->
+     <defs>
+      <path d="M 18.3125 70.21875 
+L 18.3125 54.6875 
+L 36.8125 54.6875 
+L 36.8125 47.703125 
+L 18.3125 47.703125 
+L 18.3125 18.015625 
+Q 18.3125 11.328125 20.140625 9.421875 
+Q 21.96875 7.515625 27.59375 7.515625 
+L 36.8125 7.515625 
+L 36.8125 0 
+L 27.59375 0 
+Q 17.1875 0 13.234375 3.875 
+Q 9.28125 7.765625 9.28125 18.015625 
+L 9.28125 47.703125 
+L 2.6875 47.703125 
+L 2.6875 54.6875 
+L 9.28125 54.6875 
+L 9.28125 70.21875 
+z
+" id="DejaVuSans-74"/>
+      <path d="M 9.421875 54.6875 
+L 18.40625 54.6875 
+L 18.40625 0 
+L 9.421875 0 
+z
+M 9.421875 75.984375 
+L 18.40625 75.984375 
+L 18.40625 64.59375 
+L 9.421875 64.59375 
+z
+" id="DejaVuSans-69"/>
+      <path d="M 11.71875 12.40625 
+L 22.015625 12.40625 
+L 22.015625 4 
+L 14.015625 -11.625 
+L 7.71875 -11.625 
+L 11.71875 4 
+z
+" id="DejaVuSans-2c"/>
+      <path id="DejaVuSans-20"/>
+      <path d="M 44.28125 53.078125 
+L 44.28125 44.578125 
+Q 40.484375 46.53125 36.375 47.5 
+Q 32.28125 48.484375 27.875 48.484375 
+Q 21.1875 48.484375 17.84375 46.4375 
+Q 14.5 44.390625 14.5 40.28125 
+Q 14.5 37.15625 16.890625 35.375 
+Q 19.28125 33.59375 26.515625 31.984375 
+L 29.59375 31.296875 
+Q 39.15625 29.25 43.1875 25.515625 
+Q 47.21875 21.78125 47.21875 15.09375 
+Q 47.21875 7.46875 41.1875 3.015625 
+Q 35.15625 -1.421875 24.609375 -1.421875 
+Q 20.21875 -1.421875 15.453125 -0.5625 
+Q 10.6875 0.296875 5.421875 2 
+L 5.421875 11.28125 
+Q 10.40625 8.6875 15.234375 7.390625 
+Q 20.0625 6.109375 24.8125 6.109375 
+Q 31.15625 6.109375 34.5625 8.28125 
+Q 37.984375 10.453125 37.984375 14.40625 
+Q 37.984375 18.0625 35.515625 20.015625 
+Q 33.0625 21.96875 24.703125 23.78125 
+L 21.578125 24.515625 
+Q 13.234375 26.265625 9.515625 29.90625 
+Q 5.8125 33.546875 5.8125 39.890625 
+Q 5.8125 47.609375 11.28125 51.796875 
+Q 16.75 56 26.8125 56 
+Q 31.78125 56 36.171875 55.265625 
+Q 40.578125 54.546875 44.28125 53.078125 
+z
+" id="DejaVuSans-73"/>
+      <path d="M 9.421875 75.984375 
+L 18.40625 75.984375 
+L 18.40625 0 
+L 9.421875 0 
+z
+" id="DejaVuSans-6c"/>
+      <path d="M 30.609375 48.390625 
+Q 23.390625 48.390625 19.1875 42.75 
+Q 14.984375 37.109375 14.984375 27.296875 
+Q 14.984375 17.484375 19.15625 11.84375 
+Q 23.34375 6.203125 30.609375 6.203125 
+Q 37.796875 6.203125 41.984375 11.859375 
+Q 46.1875 17.53125 46.1875 27.296875 
+Q 46.1875 37.015625 41.984375 42.703125 
+Q 37.796875 48.390625 30.609375 48.390625 
+z
+M 30.609375 56 
+Q 42.328125 56 49.015625 48.375 
+Q 55.71875 40.765625 55.71875 27.296875 
+Q 55.71875 13.875 49.015625 6.21875 
+Q 42.328125 -1.421875 30.609375 -1.421875 
+Q 18.84375 -1.421875 12.171875 6.21875 
+Q 5.515625 13.875 5.515625 27.296875 
+Q 5.515625 40.765625 12.171875 48.375 
+Q 18.84375 56 30.609375 56 
+z
+" id="DejaVuSans-6f"/>
+      <path d="M 45.40625 27.984375 
+Q 45.40625 37.75 41.375 43.109375 
+Q 37.359375 48.484375 30.078125 48.484375 
+Q 22.859375 48.484375 18.828125 43.109375 
+Q 14.796875 37.75 14.796875 27.984375 
+Q 14.796875 18.265625 18.828125 12.890625 
+Q 22.859375 7.515625 30.078125 7.515625 
+Q 37.359375 7.515625 41.375 12.890625 
+Q 45.40625 18.265625 45.40625 27.984375 
+z
+M 54.390625 6.78125 
+Q 54.390625 -7.171875 48.1875 -13.984375 
+Q 42 -20.796875 29.203125 -20.796875 
+Q 24.46875 -20.796875 20.265625 -20.09375 
+Q 16.0625 -19.390625 12.109375 -17.921875 
+L 12.109375 -9.1875 
+Q 16.0625 -11.328125 19.921875 -12.34375 
+Q 23.78125 -13.375 27.78125 -13.375 
+Q 36.625 -13.375 41.015625 -8.765625 
+Q 45.40625 -4.15625 45.40625 5.171875 
+L 45.40625 9.625 
+Q 42.625 4.78125 38.28125 2.390625 
+Q 33.9375 0 27.875 0 
+Q 17.828125 0 11.671875 7.65625 
+Q 5.515625 15.328125 5.515625 27.984375 
+Q 5.515625 40.671875 11.671875 48.328125 
+Q 17.828125 56 27.875 56 
+Q 33.9375 56 38.28125 53.609375 
+Q 42.625 51.21875 45.40625 46.390625 
+L 45.40625 54.6875 
+L 54.390625 54.6875 
+z
+" id="DejaVuSans-67"/>
+     </defs>
+     <g transform="translate(26.920312 221.117063)rotate(-90)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-74"/>
+      <use x="39.208984" xlink:href="#DejaVuSans-69"/>
+      <use x="66.992188" xlink:href="#DejaVuSans-6d"/>
+      <use x="164.404297" xlink:href="#DejaVuSans-65"/>
+      <use x="225.927734" xlink:href="#DejaVuSans-2c"/>
+      <use x="257.714844" xlink:href="#DejaVuSans-20"/>
+      <use x="289.501953" xlink:href="#DejaVuSans-73"/>
+      <use x="341.601562" xlink:href="#DejaVuSans-65"/>
+      <use x="403.125" xlink:href="#DejaVuSans-63"/>
+      <use x="458.105469" xlink:href="#DejaVuSans-2c"/>
+      <use x="489.892578" xlink:href="#DejaVuSans-20"/>
+      <use x="521.679688" xlink:href="#DejaVuSans-6c"/>
+      <use x="549.462891" xlink:href="#DejaVuSans-6f"/>
+      <use x="610.644531" xlink:href="#DejaVuSans-67"/>
+      <use x="674.121094" xlink:href="#DejaVuSans-73"/>
+      <use x="726.220703" xlink:href="#DejaVuSans-63"/>
+      <use x="781.201172" xlink:href="#DejaVuSans-61"/>
+      <use x="842.480469" xlink:href="#DejaVuSans-6c"/>
+      <use x="870.263672" xlink:href="#DejaVuSans-65"/>
+     </g>
+    </g>
+   </g>
+   <g id="line2d_54">
+    <path clip-path="url(#pfe63dfec0c)" d="M 73.832727 156.695111 
+L 85.027712 158.477933 
+L 96.222696 160.452414 
+L 107.41768 138.669781 
+L 118.612665 137.947785 
+L 129.807649 96.37513 
+L 141.002633 97.197381 
+L 152.197618 98.438563 
+L 163.392602 53.568 
+L 174.587586 54.164136 
+L 185.782571 191.77663 
+L 196.977555 162.457153 
+L 208.172539 151.931632 
+L 219.367524 175.308018 
+L 230.562508 146.044462 
+L 241.757492 138.843717 
+L 252.952476 125.434971 
+L 264.147461 125.569981 
+L 275.342445 98.707303 
+L 286.537429 97.154655 
+L 297.732414 295.488 
+L 308.927398 283.478633 
+L 320.122382 273.748756 
+L 331.317367 293.117236 
+L 342.512351 281.87723 
+L 353.707335 276.218414 
+L 364.90232 264.641446 
+L 376.097304 258.382736 
+L 387.292288 257.685792 
+L 398.487273 248.316279 
+" style="fill:none;opacity:0.7;stroke:#ff0000;stroke-linecap:square;stroke-width:1.5;"/>
+    <defs>
+     <path d="M -3 3 
+L 3 3 
+L 3 -3 
+L -3 -3 
+z
+" id="m8b6071f1b3" style="stroke:#ff0000;stroke-linejoin:miter;"/>
+    </defs>
+    <g clip-path="url(#pfe63dfec0c)">
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="73.832727" xlink:href="#m8b6071f1b3" y="156.695111"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="85.027712" xlink:href="#m8b6071f1b3" y="158.477933"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="96.222696" xlink:href="#m8b6071f1b3" y="160.452414"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="107.41768" xlink:href="#m8b6071f1b3" y="138.669781"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="118.612665" xlink:href="#m8b6071f1b3" y="137.947785"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="129.807649" xlink:href="#m8b6071f1b3" y="96.37513"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="141.002633" xlink:href="#m8b6071f1b3" y="97.197381"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="152.197618" xlink:href="#m8b6071f1b3" y="98.438563"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="163.392602" xlink:href="#m8b6071f1b3" y="53.568"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="174.587586" xlink:href="#m8b6071f1b3" y="54.164136"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="185.782571" xlink:href="#m8b6071f1b3" y="191.77663"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="196.977555" xlink:href="#m8b6071f1b3" y="162.457153"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="208.172539" xlink:href="#m8b6071f1b3" y="151.931632"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="219.367524" xlink:href="#m8b6071f1b3" y="175.308018"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="230.562508" xlink:href="#m8b6071f1b3" y="146.044462"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="241.757492" xlink:href="#m8b6071f1b3" y="138.843717"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="252.952476" xlink:href="#m8b6071f1b3" y="125.434971"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="264.147461" xlink:href="#m8b6071f1b3" y="125.569981"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="275.342445" xlink:href="#m8b6071f1b3" y="98.707303"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="286.537429" xlink:href="#m8b6071f1b3" y="97.154655"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="297.732414" xlink:href="#m8b6071f1b3" y="295.488"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="308.927398" xlink:href="#m8b6071f1b3" y="283.478633"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="320.122382" xlink:href="#m8b6071f1b3" y="273.748756"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="331.317367" xlink:href="#m8b6071f1b3" y="293.117236"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="342.512351" xlink:href="#m8b6071f1b3" y="281.87723"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="353.707335" xlink:href="#m8b6071f1b3" y="276.218414"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="364.90232" xlink:href="#m8b6071f1b3" y="264.641446"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="376.097304" xlink:href="#m8b6071f1b3" y="258.382736"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="387.292288" xlink:href="#m8b6071f1b3" y="257.685792"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="398.487273" xlink:href="#m8b6071f1b3" y="248.316279"/>
+    </g>
+   </g>
+   <g id="line2d_55">
+    <path clip-path="url(#pfe63dfec0c)" d="M 73.832727 172.734407 
+L 85.027712 174.425066 
+L 96.222696 180.622919 
+L 107.41768 152.637808 
+L 118.612665 157.690598 
+L 129.807649 128.733996 
+L 141.002633 129.234204 
+L 152.197618 132.678907 
+L 163.392602 93.331817 
+L 174.587586 98.260749 
+L 185.782571 201.564445 
+L 196.977555 169.337258 
+L 208.172539 153.791537 
+L 219.367524 186.977911 
+L 230.562508 154.586438 
+L 241.757492 158.069723 
+L 252.952476 136.051351 
+L 264.147461 135.904303 
+L 275.342445 130.298026 
+L 286.537429 124.384137 
+L 297.732414 295.488 
+L 308.927398 285.171594 
+L 320.122382 273.748756 
+L 331.317367 293.117236 
+L 342.512351 280.357987 
+L 353.707335 274.957852 
+L 364.90232 265.525653 
+L 376.097304 257.004872 
+L 387.292288 256.339254 
+L 398.487273 250.39564 
+" style="fill:none;opacity:0.7;stroke:#0000ff;stroke-linecap:square;stroke-width:1.5;"/>
+    <defs>
+     <path d="M 0 3 
+C 0.795609 3 1.55874 2.683901 2.12132 2.12132 
+C 2.683901 1.55874 3 0.795609 3 0 
+C 3 -0.795609 2.683901 -1.55874 2.12132 -2.12132 
+C 1.55874 -2.683901 0.795609 -3 0 -3 
+C -0.795609 -3 -1.55874 -2.683901 -2.12132 -2.12132 
+C -2.683901 -1.55874 -3 -0.795609 -3 0 
+C -3 0.795609 -2.683901 1.55874 -2.12132 2.12132 
+C -1.55874 2.683901 -0.795609 3 0 3 
+z
+" id="m7ccf6d2c0e" style="stroke:#0000ff;"/>
+    </defs>
+    <g clip-path="url(#pfe63dfec0c)">
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="73.832727" xlink:href="#m7ccf6d2c0e" y="172.734407"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="85.027712" xlink:href="#m7ccf6d2c0e" y="174.425066"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="96.222696" xlink:href="#m7ccf6d2c0e" y="180.622919"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="107.41768" xlink:href="#m7ccf6d2c0e" y="152.637808"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="118.612665" xlink:href="#m7ccf6d2c0e" y="157.690598"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="129.807649" xlink:href="#m7ccf6d2c0e" y="128.733996"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="141.002633" xlink:href="#m7ccf6d2c0e" y="129.234204"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="152.197618" xlink:href="#m7ccf6d2c0e" y="132.678907"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="163.392602" xlink:href="#m7ccf6d2c0e" y="93.331817"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="174.587586" xlink:href="#m7ccf6d2c0e" y="98.260749"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="185.782571" xlink:href="#m7ccf6d2c0e" y="201.564445"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="196.977555" xlink:href="#m7ccf6d2c0e" y="169.337258"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="208.172539" xlink:href="#m7ccf6d2c0e" y="153.791537"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="219.367524" xlink:href="#m7ccf6d2c0e" y="186.977911"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="230.562508" xlink:href="#m7ccf6d2c0e" y="154.586438"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="241.757492" xlink:href="#m7ccf6d2c0e" y="158.069723"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="252.952476" xlink:href="#m7ccf6d2c0e" y="136.051351"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="264.147461" xlink:href="#m7ccf6d2c0e" y="135.904303"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="275.342445" xlink:href="#m7ccf6d2c0e" y="130.298026"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="286.537429" xlink:href="#m7ccf6d2c0e" y="124.384137"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="297.732414" xlink:href="#m7ccf6d2c0e" y="295.488"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="308.927398" xlink:href="#m7ccf6d2c0e" y="285.171594"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="320.122382" xlink:href="#m7ccf6d2c0e" y="273.748756"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="331.317367" xlink:href="#m7ccf6d2c0e" y="293.117236"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="342.512351" xlink:href="#m7ccf6d2c0e" y="280.357987"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="353.707335" xlink:href="#m7ccf6d2c0e" y="274.957852"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="364.90232" xlink:href="#m7ccf6d2c0e" y="265.525653"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="376.097304" xlink:href="#m7ccf6d2c0e" y="257.004872"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="387.292288" xlink:href="#m7ccf6d2c0e" y="256.339254"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="398.487273" xlink:href="#m7ccf6d2c0e" y="250.39564"/>
+    </g>
+   </g>
+   <g id="patch_3">
+    <path d="M 57.6 307.584 
+L 57.6 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_4">
+    <path d="M 414.72 307.584 
+L 414.72 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_5">
+    <path d="M 57.6 307.584 
+L 414.72 307.584 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_6">
+    <path d="M 57.6 41.472 
+L 414.72 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="legend_1">
+    <g id="patch_7">
+     <path d="M 230.209062 78.82825 
+L 407.72 78.82825 
+Q 409.72 78.82825 409.72 76.82825 
+L 409.72 48.472 
+Q 409.72 46.472 407.72 46.472 
+L 230.209062 46.472 
+Q 228.209062 46.472 228.209062 48.472 
+L 228.209062 76.82825 
+Q 228.209062 78.82825 230.209062 78.82825 
+z
+" style="fill:#ffffff;opacity:0.8;stroke:#cccccc;stroke-linejoin:miter;"/>
+    </g>
+    <g id="line2d_56">
+     <path d="M 232.209062 54.570437 
+L 252.209062 54.570437 
+" style="fill:none;opacity:0.7;stroke:#ff0000;stroke-linecap:square;stroke-width:1.5;"/>
+    </g>
+    <g id="line2d_57">
+     <g>
+      <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="242.209062" xlink:href="#m8b6071f1b3" y="54.570437"/>
+     </g>
+    </g>
+    <g id="text_14">
+     <!-- 001indinv-apalache-unstable -->
+     <defs>
+      <path d="M 45.40625 46.390625 
+L 45.40625 75.984375 
+L 54.390625 75.984375 
+L 54.390625 0 
+L 45.40625 0 
+L 45.40625 8.203125 
+Q 42.578125 3.328125 38.25 0.953125 
+Q 33.9375 -1.421875 27.875 -1.421875 
+Q 17.96875 -1.421875 11.734375 6.484375 
+Q 5.515625 14.40625 5.515625 27.296875 
+Q 5.515625 40.1875 11.734375 48.09375 
+Q 17.96875 56 27.875 56 
+Q 33.9375 56 38.25 53.625 
+Q 42.578125 51.265625 45.40625 46.390625 
+z
+M 14.796875 27.296875 
+Q 14.796875 17.390625 18.875 11.75 
+Q 22.953125 6.109375 30.078125 6.109375 
+Q 37.203125 6.109375 41.296875 11.75 
+Q 45.40625 17.390625 45.40625 27.296875 
+Q 45.40625 37.203125 41.296875 42.84375 
+Q 37.203125 48.484375 30.078125 48.484375 
+Q 22.953125 48.484375 18.875 42.84375 
+Q 14.796875 37.203125 14.796875 27.296875 
+z
+" id="DejaVuSans-64"/>
+      <path d="M 2.984375 54.6875 
+L 12.5 54.6875 
+L 29.59375 8.796875 
+L 46.6875 54.6875 
+L 56.203125 54.6875 
+L 35.6875 0 
+L 23.484375 0 
+z
+" id="DejaVuSans-76"/>
+      <path d="M 4.890625 31.390625 
+L 31.203125 31.390625 
+L 31.203125 23.390625 
+L 4.890625 23.390625 
+z
+" id="DejaVuSans-2d"/>
+      <path d="M 18.109375 8.203125 
+L 18.109375 -20.796875 
+L 9.078125 -20.796875 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.390625 
+Q 20.953125 51.265625 25.265625 53.625 
+Q 29.59375 56 35.59375 56 
+Q 45.5625 56 51.78125 48.09375 
+Q 58.015625 40.1875 58.015625 27.296875 
+Q 58.015625 14.40625 51.78125 6.484375 
+Q 45.5625 -1.421875 35.59375 -1.421875 
+Q 29.59375 -1.421875 25.265625 0.953125 
+Q 20.953125 3.328125 18.109375 8.203125 
+z
+M 48.6875 27.296875 
+Q 48.6875 37.203125 44.609375 42.84375 
+Q 40.53125 48.484375 33.40625 48.484375 
+Q 26.265625 48.484375 22.1875 42.84375 
+Q 18.109375 37.203125 18.109375 27.296875 
+Q 18.109375 17.390625 22.1875 11.75 
+Q 26.265625 6.109375 33.40625 6.109375 
+Q 40.53125 6.109375 44.609375 11.75 
+Q 48.6875 17.390625 48.6875 27.296875 
+z
+" id="DejaVuSans-70"/>
+      <path d="M 8.5 21.578125 
+L 8.5 54.6875 
+L 17.484375 54.6875 
+L 17.484375 21.921875 
+Q 17.484375 14.15625 20.5 10.265625 
+Q 23.53125 6.390625 29.59375 6.390625 
+Q 36.859375 6.390625 41.078125 11.03125 
+Q 45.3125 15.671875 45.3125 23.6875 
+L 45.3125 54.6875 
+L 54.296875 54.6875 
+L 54.296875 0 
+L 45.3125 0 
+L 45.3125 8.40625 
+Q 42.046875 3.421875 37.71875 1 
+Q 33.40625 -1.421875 27.6875 -1.421875 
+Q 18.265625 -1.421875 13.375 4.4375 
+Q 8.5 10.296875 8.5 21.578125 
+z
+M 31.109375 56 
+z
+" id="DejaVuSans-75"/>
+     </defs>
+     <g transform="translate(260.209062 58.070437)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-30"/>
+      <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      <use x="127.246094" xlink:href="#DejaVuSans-31"/>
+      <use x="190.869141" xlink:href="#DejaVuSans-69"/>
+      <use x="218.652344" xlink:href="#DejaVuSans-6e"/>
+      <use x="282.03125" xlink:href="#DejaVuSans-64"/>
+      <use x="345.507812" xlink:href="#DejaVuSans-69"/>
+      <use x="373.291016" xlink:href="#DejaVuSans-6e"/>
+      <use x="436.669922" xlink:href="#DejaVuSans-76"/>
+      <use x="495.818359" xlink:href="#DejaVuSans-2d"/>
+      <use x="531.902344" xlink:href="#DejaVuSans-61"/>
+      <use x="593.181641" xlink:href="#DejaVuSans-70"/>
+      <use x="656.658203" xlink:href="#DejaVuSans-61"/>
+      <use x="717.9375" xlink:href="#DejaVuSans-6c"/>
+      <use x="745.720703" xlink:href="#DejaVuSans-61"/>
+      <use x="807" xlink:href="#DejaVuSans-63"/>
+      <use x="861.980469" xlink:href="#DejaVuSans-68"/>
+      <use x="925.359375" xlink:href="#DejaVuSans-65"/>
+      <use x="986.882812" xlink:href="#DejaVuSans-2d"/>
+      <use x="1022.966797" xlink:href="#DejaVuSans-75"/>
+      <use x="1086.345703" xlink:href="#DejaVuSans-6e"/>
+      <use x="1149.724609" xlink:href="#DejaVuSans-73"/>
+      <use x="1201.824219" xlink:href="#DejaVuSans-74"/>
+      <use x="1241.033203" xlink:href="#DejaVuSans-61"/>
+      <use x="1302.3125" xlink:href="#DejaVuSans-62"/>
+      <use x="1365.789062" xlink:href="#DejaVuSans-6c"/>
+      <use x="1393.572266" xlink:href="#DejaVuSans-65"/>
+     </g>
+    </g>
+    <g id="line2d_58">
+     <path d="M 232.209062 69.248562 
+L 252.209062 69.248562 
+" style="fill:none;opacity:0.7;stroke:#0000ff;stroke-linecap:square;stroke-width:1.5;"/>
+    </g>
+    <g id="line2d_59">
+     <g>
+      <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="242.209062" xlink:href="#m7ccf6d2c0e" y="69.248562"/>
+     </g>
+    </g>
+    <g id="text_15">
+     <!-- 001indinv-apalache-card -->
+     <g transform="translate(260.209062 72.748562)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-30"/>
+      <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      <use x="127.246094" xlink:href="#DejaVuSans-31"/>
+      <use x="190.869141" xlink:href="#DejaVuSans-69"/>
+      <use x="218.652344" xlink:href="#DejaVuSans-6e"/>
+      <use x="282.03125" xlink:href="#DejaVuSans-64"/>
+      <use x="345.507812" xlink:href="#DejaVuSans-69"/>
+      <use x="373.291016" xlink:href="#DejaVuSans-6e"/>
+      <use x="436.669922" xlink:href="#DejaVuSans-76"/>
+      <use x="495.818359" xlink:href="#DejaVuSans-2d"/>
+      <use x="531.902344" xlink:href="#DejaVuSans-61"/>
+      <use x="593.181641" xlink:href="#DejaVuSans-70"/>
+      <use x="656.658203" xlink:href="#DejaVuSans-61"/>
+      <use x="717.9375" xlink:href="#DejaVuSans-6c"/>
+      <use x="745.720703" xlink:href="#DejaVuSans-61"/>
+      <use x="807" xlink:href="#DejaVuSans-63"/>
+      <use x="861.980469" xlink:href="#DejaVuSans-68"/>
+      <use x="925.359375" xlink:href="#DejaVuSans-65"/>
+      <use x="986.882812" xlink:href="#DejaVuSans-2d"/>
+      <use x="1022.966797" xlink:href="#DejaVuSans-63"/>
+      <use x="1077.947266" xlink:href="#DejaVuSans-61"/>
+      <use x="1139.226562" xlink:href="#DejaVuSans-72"/>
+      <use x="1180.324219" xlink:href="#DejaVuSans-64"/>
+     </g>
+    </g>
+   </g>
+  </g>
+ </g>
+ <defs>
+  <clipPath id="pfe63dfec0c">
+   <rect height="266.112" width="357.12" x="57.6" y="41.472"/>
+  </clipPath>
+ </defs>
+</svg>
diff --git a/docs/spec/tendermint-fork-cases/results/001indinv-apalache-time.svg b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-time.svg
new file mode 100644
index 000000000..20d5e1a8b
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-time.svg
@@ -0,0 +1,1094 @@
+<?xml version="1.0" encoding="utf-8" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"
+  "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<!-- Created with matplotlib (http://matplotlib.org/) -->
+<svg height="345pt" version="1.1" viewBox="0 0 460 345" width="460pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+ <defs>
+  <style type="text/css">
+*{stroke-linecap:butt;stroke-linejoin:round;}
+  </style>
+ </defs>
+ <g id="figure_1">
+  <g id="patch_1">
+   <path d="M 0 345.6 
+L 460.8 345.6 
+L 460.8 0 
+L 0 0 
+z
+" style="fill:#ffffff;"/>
+  </g>
+  <g id="axes_1">
+   <g id="patch_2">
+    <path d="M 57.6 307.584 
+L 414.72 307.584 
+L 414.72 41.472 
+L 57.6 41.472 
+z
+" style="fill:#ffffff;"/>
+   </g>
+   <g id="matplotlib.axis_1">
+    <g id="xtick_1">
+     <g id="line2d_1">
+      <path clip-path="url(#p3e66d6cd1e)" d="M 62.637743 307.584 
+L 62.637743 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_2">
+      <defs>
+       <path d="M 0 0 
+L 0 3.5 
+" id="m07e11130a7" style="stroke:#000000;stroke-width:0.8;"/>
+      </defs>
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="62.637743" xlink:href="#m07e11130a7" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_1">
+      <!-- 0 -->
+      <defs>
+       <path d="M 31.78125 66.40625 
+Q 24.171875 66.40625 20.328125 58.90625 
+Q 16.5 51.421875 16.5 36.375 
+Q 16.5 21.390625 20.328125 13.890625 
+Q 24.171875 6.390625 31.78125 6.390625 
+Q 39.453125 6.390625 43.28125 13.890625 
+Q 47.125 21.390625 47.125 36.375 
+Q 47.125 51.421875 43.28125 58.90625 
+Q 39.453125 66.40625 31.78125 66.40625 
+z
+M 31.78125 74.21875 
+Q 44.046875 74.21875 50.515625 64.515625 
+Q 56.984375 54.828125 56.984375 36.375 
+Q 56.984375 17.96875 50.515625 8.265625 
+Q 44.046875 -1.421875 31.78125 -1.421875 
+Q 19.53125 -1.421875 13.0625 8.265625 
+Q 6.59375 17.96875 6.59375 36.375 
+Q 6.59375 54.828125 13.0625 64.515625 
+Q 19.53125 74.21875 31.78125 74.21875 
+z
+" id="DejaVuSans-30"/>
+      </defs>
+      <g transform="translate(59.456493 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_2">
+     <g id="line2d_3">
+      <path clip-path="url(#p3e66d6cd1e)" d="M 118.612665 307.584 
+L 118.612665 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_4">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="118.612665" xlink:href="#m07e11130a7" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_2">
+      <!-- 5 -->
+      <defs>
+       <path d="M 10.796875 72.90625 
+L 49.515625 72.90625 
+L 49.515625 64.59375 
+L 19.828125 64.59375 
+L 19.828125 46.734375 
+Q 21.96875 47.46875 24.109375 47.828125 
+Q 26.265625 48.1875 28.421875 48.1875 
+Q 40.625 48.1875 47.75 41.5 
+Q 54.890625 34.8125 54.890625 23.390625 
+Q 54.890625 11.625 47.5625 5.09375 
+Q 40.234375 -1.421875 26.90625 -1.421875 
+Q 22.3125 -1.421875 17.546875 -0.640625 
+Q 12.796875 0.140625 7.71875 1.703125 
+L 7.71875 11.625 
+Q 12.109375 9.234375 16.796875 8.0625 
+Q 21.484375 6.890625 26.703125 6.890625 
+Q 35.15625 6.890625 40.078125 11.328125 
+Q 45.015625 15.765625 45.015625 23.390625 
+Q 45.015625 31 40.078125 35.4375 
+Q 35.15625 39.890625 26.703125 39.890625 
+Q 22.75 39.890625 18.8125 39.015625 
+Q 14.890625 38.140625 10.796875 36.28125 
+z
+" id="DejaVuSans-35"/>
+      </defs>
+      <g transform="translate(115.431415 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_3">
+     <g id="line2d_5">
+      <path clip-path="url(#p3e66d6cd1e)" d="M 174.587586 307.584 
+L 174.587586 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_6">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="174.587586" xlink:href="#m07e11130a7" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_3">
+      <!-- 10 -->
+      <defs>
+       <path d="M 12.40625 8.296875 
+L 28.515625 8.296875 
+L 28.515625 63.921875 
+L 10.984375 60.40625 
+L 10.984375 69.390625 
+L 28.421875 72.90625 
+L 38.28125 72.90625 
+L 38.28125 8.296875 
+L 54.390625 8.296875 
+L 54.390625 0 
+L 12.40625 0 
+z
+" id="DejaVuSans-31"/>
+      </defs>
+      <g transform="translate(168.225086 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_4">
+     <g id="line2d_7">
+      <path clip-path="url(#p3e66d6cd1e)" d="M 230.562508 307.584 
+L 230.562508 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_8">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="230.562508" xlink:href="#m07e11130a7" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_4">
+      <!-- 15 -->
+      <g transform="translate(224.200008 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_5">
+     <g id="line2d_9">
+      <path clip-path="url(#p3e66d6cd1e)" d="M 286.537429 307.584 
+L 286.537429 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_10">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="286.537429" xlink:href="#m07e11130a7" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_5">
+      <!-- 20 -->
+      <defs>
+       <path d="M 19.1875 8.296875 
+L 53.609375 8.296875 
+L 53.609375 0 
+L 7.328125 0 
+L 7.328125 8.296875 
+Q 12.9375 14.109375 22.625 23.890625 
+Q 32.328125 33.6875 34.8125 36.53125 
+Q 39.546875 41.84375 41.421875 45.53125 
+Q 43.3125 49.21875 43.3125 52.78125 
+Q 43.3125 58.59375 39.234375 62.25 
+Q 35.15625 65.921875 28.609375 65.921875 
+Q 23.96875 65.921875 18.8125 64.3125 
+Q 13.671875 62.703125 7.8125 59.421875 
+L 7.8125 69.390625 
+Q 13.765625 71.78125 18.9375 73 
+Q 24.125 74.21875 28.421875 74.21875 
+Q 39.75 74.21875 46.484375 68.546875 
+Q 53.21875 62.890625 53.21875 53.421875 
+Q 53.21875 48.921875 51.53125 44.890625 
+Q 49.859375 40.875 45.40625 35.40625 
+Q 44.1875 33.984375 37.640625 27.21875 
+Q 31.109375 20.453125 19.1875 8.296875 
+z
+" id="DejaVuSans-32"/>
+      </defs>
+      <g transform="translate(280.174929 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_6">
+     <g id="line2d_11">
+      <path clip-path="url(#p3e66d6cd1e)" d="M 342.512351 307.584 
+L 342.512351 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_12">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="342.512351" xlink:href="#m07e11130a7" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_6">
+      <!-- 25 -->
+      <g transform="translate(336.149851 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-35"/>
+      </g>
+     </g>
+    </g>
+    <g id="xtick_7">
+     <g id="line2d_13">
+      <path clip-path="url(#p3e66d6cd1e)" d="M 398.487273 307.584 
+L 398.487273 41.472 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_14">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="398.487273" xlink:href="#m07e11130a7" y="307.584"/>
+      </g>
+     </g>
+     <g id="text_7">
+      <!-- 30 -->
+      <defs>
+       <path d="M 40.578125 39.3125 
+Q 47.65625 37.796875 51.625 33 
+Q 55.609375 28.21875 55.609375 21.1875 
+Q 55.609375 10.40625 48.1875 4.484375 
+Q 40.765625 -1.421875 27.09375 -1.421875 
+Q 22.515625 -1.421875 17.65625 -0.515625 
+Q 12.796875 0.390625 7.625 2.203125 
+L 7.625 11.71875 
+Q 11.71875 9.328125 16.59375 8.109375 
+Q 21.484375 6.890625 26.8125 6.890625 
+Q 36.078125 6.890625 40.9375 10.546875 
+Q 45.796875 14.203125 45.796875 21.1875 
+Q 45.796875 27.640625 41.28125 31.265625 
+Q 36.765625 34.90625 28.71875 34.90625 
+L 20.21875 34.90625 
+L 20.21875 43.015625 
+L 29.109375 43.015625 
+Q 36.375 43.015625 40.234375 45.921875 
+Q 44.09375 48.828125 44.09375 54.296875 
+Q 44.09375 59.90625 40.109375 62.90625 
+Q 36.140625 65.921875 28.71875 65.921875 
+Q 24.65625 65.921875 20.015625 65.03125 
+Q 15.375 64.15625 9.8125 62.3125 
+L 9.8125 71.09375 
+Q 15.4375 72.65625 20.34375 73.4375 
+Q 25.25 74.21875 29.59375 74.21875 
+Q 40.828125 74.21875 47.359375 69.109375 
+Q 53.90625 64.015625 53.90625 55.328125 
+Q 53.90625 49.265625 50.4375 45.09375 
+Q 46.96875 40.921875 40.578125 39.3125 
+z
+" id="DejaVuSans-33"/>
+      </defs>
+      <g transform="translate(392.124773 322.182437)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-33"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="text_8">
+     <!-- benchmark -->
+     <defs>
+      <path d="M 48.6875 27.296875 
+Q 48.6875 37.203125 44.609375 42.84375 
+Q 40.53125 48.484375 33.40625 48.484375 
+Q 26.265625 48.484375 22.1875 42.84375 
+Q 18.109375 37.203125 18.109375 27.296875 
+Q 18.109375 17.390625 22.1875 11.75 
+Q 26.265625 6.109375 33.40625 6.109375 
+Q 40.53125 6.109375 44.609375 11.75 
+Q 48.6875 17.390625 48.6875 27.296875 
+z
+M 18.109375 46.390625 
+Q 20.953125 51.265625 25.265625 53.625 
+Q 29.59375 56 35.59375 56 
+Q 45.5625 56 51.78125 48.09375 
+Q 58.015625 40.1875 58.015625 27.296875 
+Q 58.015625 14.40625 51.78125 6.484375 
+Q 45.5625 -1.421875 35.59375 -1.421875 
+Q 29.59375 -1.421875 25.265625 0.953125 
+Q 20.953125 3.328125 18.109375 8.203125 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 75.984375 
+L 18.109375 75.984375 
+z
+" id="DejaVuSans-62"/>
+      <path d="M 56.203125 29.59375 
+L 56.203125 25.203125 
+L 14.890625 25.203125 
+Q 15.484375 15.921875 20.484375 11.0625 
+Q 25.484375 6.203125 34.421875 6.203125 
+Q 39.59375 6.203125 44.453125 7.46875 
+Q 49.3125 8.734375 54.109375 11.28125 
+L 54.109375 2.78125 
+Q 49.265625 0.734375 44.1875 -0.34375 
+Q 39.109375 -1.421875 33.890625 -1.421875 
+Q 20.796875 -1.421875 13.15625 6.1875 
+Q 5.515625 13.8125 5.515625 26.8125 
+Q 5.515625 40.234375 12.765625 48.109375 
+Q 20.015625 56 32.328125 56 
+Q 43.359375 56 49.78125 48.890625 
+Q 56.203125 41.796875 56.203125 29.59375 
+z
+M 47.21875 32.234375 
+Q 47.125 39.59375 43.09375 43.984375 
+Q 39.0625 48.390625 32.421875 48.390625 
+Q 24.90625 48.390625 20.390625 44.140625 
+Q 15.875 39.890625 15.1875 32.171875 
+z
+" id="DejaVuSans-65"/>
+      <path d="M 54.890625 33.015625 
+L 54.890625 0 
+L 45.90625 0 
+L 45.90625 32.71875 
+Q 45.90625 40.484375 42.875 44.328125 
+Q 39.84375 48.1875 33.796875 48.1875 
+Q 26.515625 48.1875 22.3125 43.546875 
+Q 18.109375 38.921875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 21.34375 51.125 25.703125 53.5625 
+Q 30.078125 56 35.796875 56 
+Q 45.21875 56 50.046875 50.171875 
+Q 54.890625 44.34375 54.890625 33.015625 
+z
+" id="DejaVuSans-6e"/>
+      <path d="M 48.78125 52.59375 
+L 48.78125 44.1875 
+Q 44.96875 46.296875 41.140625 47.34375 
+Q 37.3125 48.390625 33.40625 48.390625 
+Q 24.65625 48.390625 19.8125 42.84375 
+Q 14.984375 37.3125 14.984375 27.296875 
+Q 14.984375 17.28125 19.8125 11.734375 
+Q 24.65625 6.203125 33.40625 6.203125 
+Q 37.3125 6.203125 41.140625 7.25 
+Q 44.96875 8.296875 48.78125 10.40625 
+L 48.78125 2.09375 
+Q 45.015625 0.34375 40.984375 -0.53125 
+Q 36.96875 -1.421875 32.421875 -1.421875 
+Q 20.0625 -1.421875 12.78125 6.34375 
+Q 5.515625 14.109375 5.515625 27.296875 
+Q 5.515625 40.671875 12.859375 48.328125 
+Q 20.21875 56 33.015625 56 
+Q 37.15625 56 41.109375 55.140625 
+Q 45.0625 54.296875 48.78125 52.59375 
+z
+" id="DejaVuSans-63"/>
+      <path d="M 54.890625 33.015625 
+L 54.890625 0 
+L 45.90625 0 
+L 45.90625 32.71875 
+Q 45.90625 40.484375 42.875 44.328125 
+Q 39.84375 48.1875 33.796875 48.1875 
+Q 26.515625 48.1875 22.3125 43.546875 
+Q 18.109375 38.921875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 75.984375 
+L 18.109375 75.984375 
+L 18.109375 46.1875 
+Q 21.34375 51.125 25.703125 53.5625 
+Q 30.078125 56 35.796875 56 
+Q 45.21875 56 50.046875 50.171875 
+Q 54.890625 44.34375 54.890625 33.015625 
+z
+" id="DejaVuSans-68"/>
+      <path d="M 52 44.1875 
+Q 55.375 50.25 60.0625 53.125 
+Q 64.75 56 71.09375 56 
+Q 79.640625 56 84.28125 50.015625 
+Q 88.921875 44.046875 88.921875 33.015625 
+L 88.921875 0 
+L 79.890625 0 
+L 79.890625 32.71875 
+Q 79.890625 40.578125 77.09375 44.375 
+Q 74.3125 48.1875 68.609375 48.1875 
+Q 61.625 48.1875 57.5625 43.546875 
+Q 53.515625 38.921875 53.515625 30.90625 
+L 53.515625 0 
+L 44.484375 0 
+L 44.484375 32.71875 
+Q 44.484375 40.625 41.703125 44.40625 
+Q 38.921875 48.1875 33.109375 48.1875 
+Q 26.21875 48.1875 22.15625 43.53125 
+Q 18.109375 38.875 18.109375 30.90625 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 21.1875 51.21875 25.484375 53.609375 
+Q 29.78125 56 35.6875 56 
+Q 41.65625 56 45.828125 52.96875 
+Q 50 49.953125 52 44.1875 
+z
+" id="DejaVuSans-6d"/>
+      <path d="M 34.28125 27.484375 
+Q 23.390625 27.484375 19.1875 25 
+Q 14.984375 22.515625 14.984375 16.5 
+Q 14.984375 11.71875 18.140625 8.90625 
+Q 21.296875 6.109375 26.703125 6.109375 
+Q 34.1875 6.109375 38.703125 11.40625 
+Q 43.21875 16.703125 43.21875 25.484375 
+L 43.21875 27.484375 
+z
+M 52.203125 31.203125 
+L 52.203125 0 
+L 43.21875 0 
+L 43.21875 8.296875 
+Q 40.140625 3.328125 35.546875 0.953125 
+Q 30.953125 -1.421875 24.3125 -1.421875 
+Q 15.921875 -1.421875 10.953125 3.296875 
+Q 6 8.015625 6 15.921875 
+Q 6 25.140625 12.171875 29.828125 
+Q 18.359375 34.515625 30.609375 34.515625 
+L 43.21875 34.515625 
+L 43.21875 35.40625 
+Q 43.21875 41.609375 39.140625 45 
+Q 35.0625 48.390625 27.6875 48.390625 
+Q 23 48.390625 18.546875 47.265625 
+Q 14.109375 46.140625 10.015625 43.890625 
+L 10.015625 52.203125 
+Q 14.9375 54.109375 19.578125 55.046875 
+Q 24.21875 56 28.609375 56 
+Q 40.484375 56 46.34375 49.84375 
+Q 52.203125 43.703125 52.203125 31.203125 
+z
+" id="DejaVuSans-61"/>
+      <path d="M 41.109375 46.296875 
+Q 39.59375 47.171875 37.8125 47.578125 
+Q 36.03125 48 33.890625 48 
+Q 26.265625 48 22.1875 43.046875 
+Q 18.109375 38.09375 18.109375 28.8125 
+L 18.109375 0 
+L 9.078125 0 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.1875 
+Q 20.953125 51.171875 25.484375 53.578125 
+Q 30.03125 56 36.53125 56 
+Q 37.453125 56 38.578125 55.875 
+Q 39.703125 55.765625 41.0625 55.515625 
+z
+" id="DejaVuSans-72"/>
+      <path d="M 9.078125 75.984375 
+L 18.109375 75.984375 
+L 18.109375 31.109375 
+L 44.921875 54.6875 
+L 56.390625 54.6875 
+L 27.390625 29.109375 
+L 57.625 0 
+L 45.90625 0 
+L 18.109375 26.703125 
+L 18.109375 0 
+L 9.078125 0 
+z
+" id="DejaVuSans-6b"/>
+     </defs>
+     <g transform="translate(207.937344 335.860562)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-62"/>
+      <use x="63.476562" xlink:href="#DejaVuSans-65"/>
+      <use x="125" xlink:href="#DejaVuSans-6e"/>
+      <use x="188.378906" xlink:href="#DejaVuSans-63"/>
+      <use x="243.359375" xlink:href="#DejaVuSans-68"/>
+      <use x="306.738281" xlink:href="#DejaVuSans-6d"/>
+      <use x="404.150391" xlink:href="#DejaVuSans-61"/>
+      <use x="465.429688" xlink:href="#DejaVuSans-72"/>
+      <use x="506.542969" xlink:href="#DejaVuSans-6b"/>
+     </g>
+    </g>
+   </g>
+   <g id="matplotlib.axis_2">
+    <g id="ytick_1">
+     <g id="line2d_15">
+      <path clip-path="url(#p3e66d6cd1e)" d="M 57.6 295.556638 
+L 414.72 295.556638 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_16">
+      <defs>
+       <path d="M 0 0 
+L -3.5 0 
+" id="mbff5fb4a69" style="stroke:#000000;stroke-width:0.8;"/>
+      </defs>
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#mbff5fb4a69" y="295.556638"/>
+      </g>
+     </g>
+     <g id="text_9">
+      <!-- 0 -->
+      <g transform="translate(44.2375 299.355857)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_2">
+     <g id="line2d_17">
+      <path clip-path="url(#p3e66d6cd1e)" d="M 57.6 238.358388 
+L 414.72 238.358388 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_18">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#mbff5fb4a69" y="238.358388"/>
+      </g>
+     </g>
+     <g id="text_10">
+      <!-- 10000 -->
+      <g transform="translate(18.7875 242.157606)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-31"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+       <use x="127.246094" xlink:href="#DejaVuSans-30"/>
+       <use x="190.869141" xlink:href="#DejaVuSans-30"/>
+       <use x="254.492188" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_3">
+     <g id="line2d_19">
+      <path clip-path="url(#p3e66d6cd1e)" d="M 57.6 181.160137 
+L 414.72 181.160137 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_20">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#mbff5fb4a69" y="181.160137"/>
+      </g>
+     </g>
+     <g id="text_11">
+      <!-- 20000 -->
+      <g transform="translate(18.7875 184.959356)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-32"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+       <use x="127.246094" xlink:href="#DejaVuSans-30"/>
+       <use x="190.869141" xlink:href="#DejaVuSans-30"/>
+       <use x="254.492188" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_4">
+     <g id="line2d_21">
+      <path clip-path="url(#p3e66d6cd1e)" d="M 57.6 123.961887 
+L 414.72 123.961887 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_22">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#mbff5fb4a69" y="123.961887"/>
+      </g>
+     </g>
+     <g id="text_12">
+      <!-- 30000 -->
+      <g transform="translate(18.7875 127.761105)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-33"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+       <use x="127.246094" xlink:href="#DejaVuSans-30"/>
+       <use x="190.869141" xlink:href="#DejaVuSans-30"/>
+       <use x="254.492188" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="ytick_5">
+     <g id="line2d_23">
+      <path clip-path="url(#p3e66d6cd1e)" d="M 57.6 66.763636 
+L 414.72 66.763636 
+" style="fill:none;opacity:0.2;stroke:#b0b0b0;stroke-linecap:square;stroke-width:0.8;"/>
+     </g>
+     <g id="line2d_24">
+      <g>
+       <use style="stroke:#000000;stroke-width:0.8;" x="57.6" xlink:href="#mbff5fb4a69" y="66.763636"/>
+      </g>
+     </g>
+     <g id="text_13">
+      <!-- 40000 -->
+      <defs>
+       <path d="M 37.796875 64.3125 
+L 12.890625 25.390625 
+L 37.796875 25.390625 
+z
+M 35.203125 72.90625 
+L 47.609375 72.90625 
+L 47.609375 25.390625 
+L 58.015625 25.390625 
+L 58.015625 17.1875 
+L 47.609375 17.1875 
+L 47.609375 0 
+L 37.796875 0 
+L 37.796875 17.1875 
+L 4.890625 17.1875 
+L 4.890625 26.703125 
+z
+" id="DejaVuSans-34"/>
+      </defs>
+      <g transform="translate(18.7875 70.562855)scale(0.1 -0.1)">
+       <use xlink:href="#DejaVuSans-34"/>
+       <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+       <use x="127.246094" xlink:href="#DejaVuSans-30"/>
+       <use x="190.869141" xlink:href="#DejaVuSans-30"/>
+       <use x="254.492188" xlink:href="#DejaVuSans-30"/>
+      </g>
+     </g>
+    </g>
+    <g id="text_14">
+     <!-- time, sec -->
+     <defs>
+      <path d="M 18.3125 70.21875 
+L 18.3125 54.6875 
+L 36.8125 54.6875 
+L 36.8125 47.703125 
+L 18.3125 47.703125 
+L 18.3125 18.015625 
+Q 18.3125 11.328125 20.140625 9.421875 
+Q 21.96875 7.515625 27.59375 7.515625 
+L 36.8125 7.515625 
+L 36.8125 0 
+L 27.59375 0 
+Q 17.1875 0 13.234375 3.875 
+Q 9.28125 7.765625 9.28125 18.015625 
+L 9.28125 47.703125 
+L 2.6875 47.703125 
+L 2.6875 54.6875 
+L 9.28125 54.6875 
+L 9.28125 70.21875 
+z
+" id="DejaVuSans-74"/>
+      <path d="M 9.421875 54.6875 
+L 18.40625 54.6875 
+L 18.40625 0 
+L 9.421875 0 
+z
+M 9.421875 75.984375 
+L 18.40625 75.984375 
+L 18.40625 64.59375 
+L 9.421875 64.59375 
+z
+" id="DejaVuSans-69"/>
+      <path d="M 11.71875 12.40625 
+L 22.015625 12.40625 
+L 22.015625 4 
+L 14.015625 -11.625 
+L 7.71875 -11.625 
+L 11.71875 4 
+z
+" id="DejaVuSans-2c"/>
+      <path id="DejaVuSans-20"/>
+      <path d="M 44.28125 53.078125 
+L 44.28125 44.578125 
+Q 40.484375 46.53125 36.375 47.5 
+Q 32.28125 48.484375 27.875 48.484375 
+Q 21.1875 48.484375 17.84375 46.4375 
+Q 14.5 44.390625 14.5 40.28125 
+Q 14.5 37.15625 16.890625 35.375 
+Q 19.28125 33.59375 26.515625 31.984375 
+L 29.59375 31.296875 
+Q 39.15625 29.25 43.1875 25.515625 
+Q 47.21875 21.78125 47.21875 15.09375 
+Q 47.21875 7.46875 41.1875 3.015625 
+Q 35.15625 -1.421875 24.609375 -1.421875 
+Q 20.21875 -1.421875 15.453125 -0.5625 
+Q 10.6875 0.296875 5.421875 2 
+L 5.421875 11.28125 
+Q 10.40625 8.6875 15.234375 7.390625 
+Q 20.0625 6.109375 24.8125 6.109375 
+Q 31.15625 6.109375 34.5625 8.28125 
+Q 37.984375 10.453125 37.984375 14.40625 
+Q 37.984375 18.0625 35.515625 20.015625 
+Q 33.0625 21.96875 24.703125 23.78125 
+L 21.578125 24.515625 
+Q 13.234375 26.265625 9.515625 29.90625 
+Q 5.8125 33.546875 5.8125 39.890625 
+Q 5.8125 47.609375 11.28125 51.796875 
+Q 16.75 56 26.8125 56 
+Q 31.78125 56 36.171875 55.265625 
+Q 40.578125 54.546875 44.28125 53.078125 
+z
+" id="DejaVuSans-73"/>
+     </defs>
+     <g transform="translate(12.707812 197.432687)rotate(-90)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-74"/>
+      <use x="39.208984" xlink:href="#DejaVuSans-69"/>
+      <use x="66.992188" xlink:href="#DejaVuSans-6d"/>
+      <use x="164.404297" xlink:href="#DejaVuSans-65"/>
+      <use x="225.927734" xlink:href="#DejaVuSans-2c"/>
+      <use x="257.714844" xlink:href="#DejaVuSans-20"/>
+      <use x="289.501953" xlink:href="#DejaVuSans-73"/>
+      <use x="341.601562" xlink:href="#DejaVuSans-65"/>
+      <use x="403.125" xlink:href="#DejaVuSans-63"/>
+     </g>
+    </g>
+   </g>
+   <g id="line2d_25">
+    <path clip-path="url(#p3e66d6cd1e)" d="M 73.832727 288.115146 
+L 85.027712 288.549852 
+L 96.222696 289.001718 
+L 107.41768 281.880536 
+L 118.612665 281.543067 
+L 129.807649 238.524262 
+L 141.002633 240.085775 
+L 152.197618 242.362265 
+L 163.392602 53.568 
+L 174.587586 58.389813 
+L 185.782571 293.280148 
+L 196.977555 289.430705 
+L 208.172539 286.816745 
+L 219.367524 291.587079 
+L 230.562508 284.894884 
+L 241.757492 281.960614 
+L 252.952476 274.175932 
+L 264.147461 274.273169 
+L 275.342445 242.84273 
+L 286.537429 240.005697 
+L 297.732414 295.488 
+L 308.927398 295.453681 
+L 320.122382 295.413642 
+L 331.317367 295.48228 
+L 342.512351 295.447961 
+L 353.707335 295.425082 
+L 364.90232 295.362164 
+L 376.097304 295.316405 
+L 387.292288 295.310685 
+L 398.487273 295.219168 
+" style="fill:none;opacity:0.7;stroke:#ff0000;stroke-linecap:square;stroke-width:1.5;"/>
+    <defs>
+     <path d="M -3 3 
+L 3 3 
+L 3 -3 
+L -3 -3 
+z
+" id="mb2140b6ad0" style="stroke:#ff0000;stroke-linejoin:miter;"/>
+    </defs>
+    <g clip-path="url(#p3e66d6cd1e)">
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="73.832727" xlink:href="#mb2140b6ad0" y="288.115146"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="85.027712" xlink:href="#mb2140b6ad0" y="288.549852"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="96.222696" xlink:href="#mb2140b6ad0" y="289.001718"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="107.41768" xlink:href="#mb2140b6ad0" y="281.880536"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="118.612665" xlink:href="#mb2140b6ad0" y="281.543067"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="129.807649" xlink:href="#mb2140b6ad0" y="238.524262"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="141.002633" xlink:href="#mb2140b6ad0" y="240.085775"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="152.197618" xlink:href="#mb2140b6ad0" y="242.362265"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="163.392602" xlink:href="#mb2140b6ad0" y="53.568"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="174.587586" xlink:href="#mb2140b6ad0" y="58.389813"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="185.782571" xlink:href="#mb2140b6ad0" y="293.280148"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="196.977555" xlink:href="#mb2140b6ad0" y="289.430705"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="208.172539" xlink:href="#mb2140b6ad0" y="286.816745"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="219.367524" xlink:href="#mb2140b6ad0" y="291.587079"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="230.562508" xlink:href="#mb2140b6ad0" y="284.894884"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="241.757492" xlink:href="#mb2140b6ad0" y="281.960614"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="252.952476" xlink:href="#mb2140b6ad0" y="274.175932"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="264.147461" xlink:href="#mb2140b6ad0" y="274.273169"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="275.342445" xlink:href="#mb2140b6ad0" y="242.84273"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="286.537429" xlink:href="#mb2140b6ad0" y="240.005697"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="297.732414" xlink:href="#mb2140b6ad0" y="295.488"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="308.927398" xlink:href="#mb2140b6ad0" y="295.453681"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="320.122382" xlink:href="#mb2140b6ad0" y="295.413642"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="331.317367" xlink:href="#mb2140b6ad0" y="295.48228"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="342.512351" xlink:href="#mb2140b6ad0" y="295.447961"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="353.707335" xlink:href="#mb2140b6ad0" y="295.425082"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="364.90232" xlink:href="#mb2140b6ad0" y="295.362164"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="376.097304" xlink:href="#mb2140b6ad0" y="295.316405"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="387.292288" xlink:href="#mb2140b6ad0" y="295.310685"/>
+     <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="398.487273" xlink:href="#mb2140b6ad0" y="295.219168"/>
+    </g>
+   </g>
+   <g id="line2d_26">
+    <path clip-path="url(#p3e66d6cd1e)" d="M 73.832727 291.22673 
+L 85.027712 291.466963 
+L 96.222696 292.239139 
+L 107.41768 287.022659 
+L 118.612665 288.361098 
+L 129.807649 276.429543 
+L 141.002633 276.749853 
+L 152.197618 278.81471 
+L 163.392602 232.352571 
+L 174.587586 242.041955 
+L 185.782571 293.920768 
+L 196.977555 290.700506 
+L 208.172539 287.348689 
+L 219.367524 292.87976 
+L 230.562508 287.566042 
+L 241.757492 288.452615 
+L 252.952476 280.616455 
+L 264.147461 280.542097 
+L 275.342445 277.413353 
+L 286.537429 273.403756 
+L 297.732414 295.488 
+L 308.927398 295.459401 
+L 320.122382 295.413642 
+L 331.317367 295.48228 
+L 342.512351 295.442241 
+L 353.707335 295.419362 
+L 364.90232 295.367884 
+L 376.097304 295.304966 
+L 387.292288 295.299246 
+L 398.487273 295.242048 
+" style="fill:none;opacity:0.7;stroke:#0000ff;stroke-linecap:square;stroke-width:1.5;"/>
+    <defs>
+     <path d="M 0 3 
+C 0.795609 3 1.55874 2.683901 2.12132 2.12132 
+C 2.683901 1.55874 3 0.795609 3 0 
+C 3 -0.795609 2.683901 -1.55874 2.12132 -2.12132 
+C 1.55874 -2.683901 0.795609 -3 0 -3 
+C -0.795609 -3 -1.55874 -2.683901 -2.12132 -2.12132 
+C -2.683901 -1.55874 -3 -0.795609 -3 0 
+C -3 0.795609 -2.683901 1.55874 -2.12132 2.12132 
+C -1.55874 2.683901 -0.795609 3 0 3 
+z
+" id="m5ea1edcaa3" style="stroke:#0000ff;"/>
+    </defs>
+    <g clip-path="url(#p3e66d6cd1e)">
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="73.832727" xlink:href="#m5ea1edcaa3" y="291.22673"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="85.027712" xlink:href="#m5ea1edcaa3" y="291.466963"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="96.222696" xlink:href="#m5ea1edcaa3" y="292.239139"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="107.41768" xlink:href="#m5ea1edcaa3" y="287.022659"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="118.612665" xlink:href="#m5ea1edcaa3" y="288.361098"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="129.807649" xlink:href="#m5ea1edcaa3" y="276.429543"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="141.002633" xlink:href="#m5ea1edcaa3" y="276.749853"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="152.197618" xlink:href="#m5ea1edcaa3" y="278.81471"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="163.392602" xlink:href="#m5ea1edcaa3" y="232.352571"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="174.587586" xlink:href="#m5ea1edcaa3" y="242.041955"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="185.782571" xlink:href="#m5ea1edcaa3" y="293.920768"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="196.977555" xlink:href="#m5ea1edcaa3" y="290.700506"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="208.172539" xlink:href="#m5ea1edcaa3" y="287.348689"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="219.367524" xlink:href="#m5ea1edcaa3" y="292.87976"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="230.562508" xlink:href="#m5ea1edcaa3" y="287.566042"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="241.757492" xlink:href="#m5ea1edcaa3" y="288.452615"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="252.952476" xlink:href="#m5ea1edcaa3" y="280.616455"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="264.147461" xlink:href="#m5ea1edcaa3" y="280.542097"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="275.342445" xlink:href="#m5ea1edcaa3" y="277.413353"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="286.537429" xlink:href="#m5ea1edcaa3" y="273.403756"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="297.732414" xlink:href="#m5ea1edcaa3" y="295.488"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="308.927398" xlink:href="#m5ea1edcaa3" y="295.459401"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="320.122382" xlink:href="#m5ea1edcaa3" y="295.413642"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="331.317367" xlink:href="#m5ea1edcaa3" y="295.48228"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="342.512351" xlink:href="#m5ea1edcaa3" y="295.442241"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="353.707335" xlink:href="#m5ea1edcaa3" y="295.419362"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="364.90232" xlink:href="#m5ea1edcaa3" y="295.367884"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="376.097304" xlink:href="#m5ea1edcaa3" y="295.304966"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="387.292288" xlink:href="#m5ea1edcaa3" y="295.299246"/>
+     <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="398.487273" xlink:href="#m5ea1edcaa3" y="295.242048"/>
+    </g>
+   </g>
+   <g id="patch_3">
+    <path d="M 57.6 307.584 
+L 57.6 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_4">
+    <path d="M 414.72 307.584 
+L 414.72 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_5">
+    <path d="M 57.6 307.584 
+L 414.72 307.584 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="patch_6">
+    <path d="M 57.6 41.472 
+L 414.72 41.472 
+" style="fill:none;stroke:#000000;stroke-linecap:square;stroke-linejoin:miter;stroke-width:0.8;"/>
+   </g>
+   <g id="legend_1">
+    <g id="patch_7">
+     <path d="M 230.209062 78.82825 
+L 407.72 78.82825 
+Q 409.72 78.82825 409.72 76.82825 
+L 409.72 48.472 
+Q 409.72 46.472 407.72 46.472 
+L 230.209062 46.472 
+Q 228.209062 46.472 228.209062 48.472 
+L 228.209062 76.82825 
+Q 228.209062 78.82825 230.209062 78.82825 
+z
+" style="fill:#ffffff;opacity:0.8;stroke:#cccccc;stroke-linejoin:miter;"/>
+    </g>
+    <g id="line2d_27">
+     <path d="M 232.209062 54.570437 
+L 252.209062 54.570437 
+" style="fill:none;opacity:0.7;stroke:#ff0000;stroke-linecap:square;stroke-width:1.5;"/>
+    </g>
+    <g id="line2d_28">
+     <g>
+      <use style="fill:#ff0000;opacity:0.7;stroke:#ff0000;stroke-linejoin:miter;" x="242.209062" xlink:href="#mb2140b6ad0" y="54.570437"/>
+     </g>
+    </g>
+    <g id="text_15">
+     <!-- 001indinv-apalache-unstable -->
+     <defs>
+      <path d="M 45.40625 46.390625 
+L 45.40625 75.984375 
+L 54.390625 75.984375 
+L 54.390625 0 
+L 45.40625 0 
+L 45.40625 8.203125 
+Q 42.578125 3.328125 38.25 0.953125 
+Q 33.9375 -1.421875 27.875 -1.421875 
+Q 17.96875 -1.421875 11.734375 6.484375 
+Q 5.515625 14.40625 5.515625 27.296875 
+Q 5.515625 40.1875 11.734375 48.09375 
+Q 17.96875 56 27.875 56 
+Q 33.9375 56 38.25 53.625 
+Q 42.578125 51.265625 45.40625 46.390625 
+z
+M 14.796875 27.296875 
+Q 14.796875 17.390625 18.875 11.75 
+Q 22.953125 6.109375 30.078125 6.109375 
+Q 37.203125 6.109375 41.296875 11.75 
+Q 45.40625 17.390625 45.40625 27.296875 
+Q 45.40625 37.203125 41.296875 42.84375 
+Q 37.203125 48.484375 30.078125 48.484375 
+Q 22.953125 48.484375 18.875 42.84375 
+Q 14.796875 37.203125 14.796875 27.296875 
+z
+" id="DejaVuSans-64"/>
+      <path d="M 2.984375 54.6875 
+L 12.5 54.6875 
+L 29.59375 8.796875 
+L 46.6875 54.6875 
+L 56.203125 54.6875 
+L 35.6875 0 
+L 23.484375 0 
+z
+" id="DejaVuSans-76"/>
+      <path d="M 4.890625 31.390625 
+L 31.203125 31.390625 
+L 31.203125 23.390625 
+L 4.890625 23.390625 
+z
+" id="DejaVuSans-2d"/>
+      <path d="M 18.109375 8.203125 
+L 18.109375 -20.796875 
+L 9.078125 -20.796875 
+L 9.078125 54.6875 
+L 18.109375 54.6875 
+L 18.109375 46.390625 
+Q 20.953125 51.265625 25.265625 53.625 
+Q 29.59375 56 35.59375 56 
+Q 45.5625 56 51.78125 48.09375 
+Q 58.015625 40.1875 58.015625 27.296875 
+Q 58.015625 14.40625 51.78125 6.484375 
+Q 45.5625 -1.421875 35.59375 -1.421875 
+Q 29.59375 -1.421875 25.265625 0.953125 
+Q 20.953125 3.328125 18.109375 8.203125 
+z
+M 48.6875 27.296875 
+Q 48.6875 37.203125 44.609375 42.84375 
+Q 40.53125 48.484375 33.40625 48.484375 
+Q 26.265625 48.484375 22.1875 42.84375 
+Q 18.109375 37.203125 18.109375 27.296875 
+Q 18.109375 17.390625 22.1875 11.75 
+Q 26.265625 6.109375 33.40625 6.109375 
+Q 40.53125 6.109375 44.609375 11.75 
+Q 48.6875 17.390625 48.6875 27.296875 
+z
+" id="DejaVuSans-70"/>
+      <path d="M 9.421875 75.984375 
+L 18.40625 75.984375 
+L 18.40625 0 
+L 9.421875 0 
+z
+" id="DejaVuSans-6c"/>
+      <path d="M 8.5 21.578125 
+L 8.5 54.6875 
+L 17.484375 54.6875 
+L 17.484375 21.921875 
+Q 17.484375 14.15625 20.5 10.265625 
+Q 23.53125 6.390625 29.59375 6.390625 
+Q 36.859375 6.390625 41.078125 11.03125 
+Q 45.3125 15.671875 45.3125 23.6875 
+L 45.3125 54.6875 
+L 54.296875 54.6875 
+L 54.296875 0 
+L 45.3125 0 
+L 45.3125 8.40625 
+Q 42.046875 3.421875 37.71875 1 
+Q 33.40625 -1.421875 27.6875 -1.421875 
+Q 18.265625 -1.421875 13.375 4.4375 
+Q 8.5 10.296875 8.5 21.578125 
+z
+M 31.109375 56 
+z
+" id="DejaVuSans-75"/>
+     </defs>
+     <g transform="translate(260.209062 58.070437)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-30"/>
+      <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      <use x="127.246094" xlink:href="#DejaVuSans-31"/>
+      <use x="190.869141" xlink:href="#DejaVuSans-69"/>
+      <use x="218.652344" xlink:href="#DejaVuSans-6e"/>
+      <use x="282.03125" xlink:href="#DejaVuSans-64"/>
+      <use x="345.507812" xlink:href="#DejaVuSans-69"/>
+      <use x="373.291016" xlink:href="#DejaVuSans-6e"/>
+      <use x="436.669922" xlink:href="#DejaVuSans-76"/>
+      <use x="495.818359" xlink:href="#DejaVuSans-2d"/>
+      <use x="531.902344" xlink:href="#DejaVuSans-61"/>
+      <use x="593.181641" xlink:href="#DejaVuSans-70"/>
+      <use x="656.658203" xlink:href="#DejaVuSans-61"/>
+      <use x="717.9375" xlink:href="#DejaVuSans-6c"/>
+      <use x="745.720703" xlink:href="#DejaVuSans-61"/>
+      <use x="807" xlink:href="#DejaVuSans-63"/>
+      <use x="861.980469" xlink:href="#DejaVuSans-68"/>
+      <use x="925.359375" xlink:href="#DejaVuSans-65"/>
+      <use x="986.882812" xlink:href="#DejaVuSans-2d"/>
+      <use x="1022.966797" xlink:href="#DejaVuSans-75"/>
+      <use x="1086.345703" xlink:href="#DejaVuSans-6e"/>
+      <use x="1149.724609" xlink:href="#DejaVuSans-73"/>
+      <use x="1201.824219" xlink:href="#DejaVuSans-74"/>
+      <use x="1241.033203" xlink:href="#DejaVuSans-61"/>
+      <use x="1302.3125" xlink:href="#DejaVuSans-62"/>
+      <use x="1365.789062" xlink:href="#DejaVuSans-6c"/>
+      <use x="1393.572266" xlink:href="#DejaVuSans-65"/>
+     </g>
+    </g>
+    <g id="line2d_29">
+     <path d="M 232.209062 69.248562 
+L 252.209062 69.248562 
+" style="fill:none;opacity:0.7;stroke:#0000ff;stroke-linecap:square;stroke-width:1.5;"/>
+    </g>
+    <g id="line2d_30">
+     <g>
+      <use style="fill:#0000ff;opacity:0.7;stroke:#0000ff;" x="242.209062" xlink:href="#m5ea1edcaa3" y="69.248562"/>
+     </g>
+    </g>
+    <g id="text_16">
+     <!-- 001indinv-apalache-card -->
+     <g transform="translate(260.209062 72.748562)scale(0.1 -0.1)">
+      <use xlink:href="#DejaVuSans-30"/>
+      <use x="63.623047" xlink:href="#DejaVuSans-30"/>
+      <use x="127.246094" xlink:href="#DejaVuSans-31"/>
+      <use x="190.869141" xlink:href="#DejaVuSans-69"/>
+      <use x="218.652344" xlink:href="#DejaVuSans-6e"/>
+      <use x="282.03125" xlink:href="#DejaVuSans-64"/>
+      <use x="345.507812" xlink:href="#DejaVuSans-69"/>
+      <use x="373.291016" xlink:href="#DejaVuSans-6e"/>
+      <use x="436.669922" xlink:href="#DejaVuSans-76"/>
+      <use x="495.818359" xlink:href="#DejaVuSans-2d"/>
+      <use x="531.902344" xlink:href="#DejaVuSans-61"/>
+      <use x="593.181641" xlink:href="#DejaVuSans-70"/>
+      <use x="656.658203" xlink:href="#DejaVuSans-61"/>
+      <use x="717.9375" xlink:href="#DejaVuSans-6c"/>
+      <use x="745.720703" xlink:href="#DejaVuSans-61"/>
+      <use x="807" xlink:href="#DejaVuSans-63"/>
+      <use x="861.980469" xlink:href="#DejaVuSans-68"/>
+      <use x="925.359375" xlink:href="#DejaVuSans-65"/>
+      <use x="986.882812" xlink:href="#DejaVuSans-2d"/>
+      <use x="1022.966797" xlink:href="#DejaVuSans-63"/>
+      <use x="1077.947266" xlink:href="#DejaVuSans-61"/>
+      <use x="1139.226562" xlink:href="#DejaVuSans-72"/>
+      <use x="1180.324219" xlink:href="#DejaVuSans-64"/>
+     </g>
+    </g>
+   </g>
+  </g>
+ </g>
+ <defs>
+  <clipPath id="p3e66d6cd1e">
+   <rect height="266.112" width="357.12" x="57.6" y="41.472"/>
+  </clipPath>
+ </defs>
+</svg>
diff --git a/docs/spec/tendermint-fork-cases/results/001indinv-apalache-unstable.csv b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-unstable.csv
new file mode 100644
index 000000000..7d46072d8
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/results/001indinv-apalache-unstable.csv
@@ -0,0 +1,31 @@
+01:no,02:tool,03:status,04:time_sec,05:depth,05:mem_kb,10:ninit_trans,11:ninit_trans,12:ncells,13:nclauses,14:navg_clause_len
+1,apalache,NoError,1301,1,8497892,0,0,330488,2507123,25
+2,apalache,NoError,1225,1,8787920,0,0,313983,2424451,25
+3,apalache,NoError,1146,1,8284308,0,0,299480,2379006,25
+4,apalache,NoError,2391,1,12547740,0,0,461690,3765633,26
+5,apalache,NoError,2450,1,12471680,0,0,445753,3695822,27
+6,apalache,NoError,9971,1,15420532,0,0,780909,6900742,28
+7,apalache,NoError,9698,1,15702048,0,0,754742,6931775,29
+8,apalache,NoError,9300,1,15049568,0,0,728499,6679564,29
+9,apalache,NoError,42307,1,21681092,0,0,1451761,13556928,31
+10,apalache,NoError,41464,1,21471424,0,0,1391910,13310244,32
+11,apalache,NoError,398,0,5541800,0,0,219433,1722072,20
+12,apalache,NoError,1071,0,18618796,0,0,2868158,7817870,11
+13,apalache,NoError,1528,0,23933300,0,0,6407571,15963579,10
+14,apalache,NoError,694,0,8226532,0,0,326597,2646451,22
+15,apalache,NoError,1864,0,22907328,0,0,4451850,12126989,11
+16,apalache,NoError,2377,0,14444576,0,0,592163,5025992,24
+17,apalache,Fail,3738,0,28982004,0,0,280934,2463612,24
+18,apalache,Fail,3721,0,28828436,0,0,268824,2418130,24
+19,apalache,NoError,9216,0,20139480,0,0,1179739,10135524,27
+20,apalache,Fail,9712,0,31466408,0,0,564069,4984843,28
+21,apalache,NoError,12,0,602944,0,0,5649,33693,23
+22,apalache,NoError,18,0,836080,0,0,9739,67569,23
+23,apalache,NoError,25,0,959564,0,0,12833,103994,22
+24,apalache,NoError,13,0,795316,0,0,5812,36807,25
+25,apalache,NoError,19,0,826572,0,0,9902,73287,25
+26,apalache,NoError,23,0,999580,0,0,10267,84711,29
+27,apalache,NoError,34,0,1133032,0,0,14341,129922,28
+28,apalache,NoError,42,0,1319784,0,0,18453,179014,27
+29,apalache,NoError,43,0,1334480,0,0,14868,154666,32
+30,apalache,NoError,59,0,1575408,0,0,18942,211480,31
diff --git a/docs/spec/tendermint-fork-cases/run.sh b/docs/spec/tendermint-fork-cases/run.sh
new file mode 100755
index 000000000..929d7ba91
--- /dev/null
+++ b/docs/spec/tendermint-fork-cases/run.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# The script to run all experiments at once
+
+export SCRIPTS_DIR=~/devl/apalache-tests/scripts
+export BUILDS="unstable card"
+export BENCHMARK=001indinv-apalache
+export RUN_SCRIPT=./run-all.sh # alternatively, use ./run-parallel.sh
+make -e -f ~/devl/apalache-tests/Makefile.common