Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

(Replaced by #22) [Draft] Add ERC-20 Example #20

Closed
wants to merge 71 commits into from
Closed

(Replaced by #22) [Draft] Add ERC-20 Example #20

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
71 commits
Select commit Hold shift + click to select a range
289fbdd
ERC20 code generated by VC
jkopanski Aug 5, 2024
8966ea2
totalSupply verification
jkopanski Aug 6, 2024
bb2c323
Explicitly match none case
jkopanski Aug 22, 2024
bef6cf9
Additional Address lemmas
jkopanski Aug 22, 2024
a154fbd
EVM state reasoning lemmas
jkopanski Aug 26, 2024
e9f9951
Verify helper for accessing dynamic arrays
jkopanski Aug 22, 2024
561e7f8
[wip] Useful lemmas, mostly regarding memory
jkopanski Sep 10, 2024
e748061
keccak based proof
jkopanski Sep 26, 2024
1b79eb4
Remove unneeded `aesop` Fixes build of `State.lean`
Sep 27, 2024
ee2c85c
Add `mstore_preserves_keccak_map` lemma and use it to progress the proof
Sep 27, 2024
805f3cd
Spec and proof for the address keccak helper
jkopanski Sep 27, 2024
6697b11
[wip] balance of
jkopanski Oct 1, 2024
666be98
Other kind of isPure
jkopanski Oct 1, 2024
7df27ae
Add more preserved lemmas, finish balanceOf with it
jkopanski Oct 2, 2024
ddde452
Remove unused preds from proofs
jkopanski Oct 3, 2024
313e842
ERC20 predicate
jkopanski Oct 4, 2024
25dc2aa
Total supply that works with ERC20 predicate
jkopanski Oct 4, 2024
032ec1c
[wip] rewark balance_of using ERC20 predicate
jkopanski Oct 4, 2024
5853aeb
Progess `balanceOf` proof
Oct 7, 2024
c08c17c
Updated predicate, some lemmas
jkopanski Oct 7, 2024
4ec6099
[wip]
jkopanski Oct 8, 2024
92219ee
more [wip]
jkopanski Oct 9, 2024
2ebf7f8
almost there
jkopanski Oct 14, 2024
ff583de
Use proper items from predicate
jkopanski Oct 14, 2024
2db665f
Extending keccak used range
jkopanski Oct 16, 2024
0da520c
Ensure type of `owner` and `spender` is `Address` not `UInt256`
Oct 17, 2024
7d30c37
[wip]
Coda-Coda Oct 16, 2024
c262ae1
[wip]
Oct 17, 2024
d267d41
[wip]
Oct 17, 2024
ab6bec4
keccak injectivity preservation
jkopanski Oct 17, 2024
5a68d47
possible new spec
jkopanski Oct 17, 2024
d962a22
[wip] Fill sorry for `s["var_spender"]!! = var_spender`
Oct 18, 2024
a5956ef
[wip] Main aspects of `allowance` proof finished
Oct 21, 2024
fb2e9c9
[wip] Fill final two sorries in `fun_allowance_abs_of_concrete`
Oct 21, 2024
ab1c421
[wip] Update `balanceOf` proof so that it still builds
Oct 22, 2024
4d1dfd9
[wip] Begin making proof style improvements
Oct 22, 2024
0b333cf
Merge pull request #15 from NethermindEth/allowance
jkopanski Oct 22, 2024
e33c914
[wip] Handle hash collisions properly in specifications for `allowanc…
Oct 24, 2024
cdcdb54
updated_keccak_map
jkopanski Oct 24, 2024
74d7435
[wip] a bit of adjustment for new spec
jkopanski Oct 24, 2024
2dfc22a
[wip] Correction to helper spec
Oct 25, 2024
c185534
[wip] QED on allowance, except sorries
Oct 25, 2024
c836928
[wip]
Oct 25, 2024
6840248
[wip] QED on allowance
Oct 25, 2024
2d37414
[wip] QED on `balanceOf`
Oct 25, 2024
4bd6a34
[wip] Remove some leftover commented out code
Oct 25, 2024
fa05917
Merge pull request #16 from NethermindEth/WIP-erc20-daniel-3
jkopanski Oct 25, 2024
6ee04d8
Fixed deep recursion in the panic_error_0x11
jkopanski Oct 25, 2024
f20cdff
keccak helper
jkopanski Oct 25, 2024
5dd0ad9
[wip] adjust for EVM structure split
jkopanski Oct 25, 2024
9c5e923
Make use of the keccak helper proof for the other keccak helper
Oct 29, 2024
6586986
Merge pull request #18 from NethermindEth/keccak-helper-for-allowance
jkopanski Oct 29, 2024
9df1fda
Use new tactic
jkopanski Oct 29, 2024
f223382
Add `mstore_preserves_used_range` lemma
Coda-Coda Nov 8, 2024
c243670
Add preservation of `isEVMState` to helper spec and prove it
Coda-Coda Nov 8, 2024
26439d7
Fill sorries related to preservation of `isEVMState`
Coda-Coda Nov 8, 2024
74ef5ef
Fixed some simple remaining sorrys
Julek Nov 10, 2024
1a96b5e
fix generation of double { {, credit to Daniel
Ferinko Nov 11, 2024
004ecae
Improvements to generator: switch cases. By František
Nov 18, 2024
583fd60
Improvements to generator. By František
Nov 18, 2024
4befbe0
Generate `erc20shim.yul` as described in `erc20shim-generation.md`
Nov 20, 2024
9974e69
Regenerate ERC20, excluding files with existing proofs
Nov 20, 2024
715d172
[To revert] Regenerate rest of ERC20, overwriting existing proofs
Nov 20, 2024
d9d3122
Revert "[To revert] Regenerate rest of ERC20, overwriting existing pr…
Nov 20, 2024
892c143
Improve `balanceOf` proof. By František.
Nov 20, 2024
c1b6bdc
Change `clr_varstore` tactic and include it in generator. By František.
Nov 20, 2024
ca1f0a0
Update `stack.yaml.lock` (automatic change from `stack build`)
Nov 20, 2024
0c9754a
Regenerate ERC20, excluding files with existing proofs
Nov 20, 2024
cf4e755
[To revert] Regenerate ERC20, overwriting existing proofs
Nov 20, 2024
57c033d
Revert "[To revert] Regenerate ERC20, overwriting existing proofs"
Nov 20, 2024
087fa5c
Add commas to reflect new `clr_varstore` syntax
Nov 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
248 changes: 235 additions & 13 deletions All.lean
View file
Open in desktop

Large diffs are not rendered by default.

35 changes: 33 additions & 2 deletions Clear/Abstraction.lean
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ import Clear.ExecLemmas
import Clear.OutOfFuelLemmas
import Clear.JumpLemmas
import Clear.YulNotation
import Clear.Wheels

namespace Clear.Abstraction

Expand All @@ -18,7 +19,7 @@ variable {s s₀ s₁ sEnd : State}

-- | General form for relational specs (concrete and abstract).
@[aesop safe 0 unfold (rule_sets := [Clear.aesop_spec])]
def Spec (R : State → State → Prop) (s₀ s₁ : State) : Prop :=
def Spec (R : State → State → Prop) (s₀ s₁ : State) :=
match s₀ with
| OutOfFuel => ❓ s₁
| Checkpoint c => s₁.isJump c
Expand All @@ -31,6 +32,30 @@ lemma Spec_ok_unfold {P : State → State → Prop} :
unfold Spec
aesop

-- -- | Specs that are somewhat pure
-- @[aesop safe 0 unfold (rule_sets := [Clear.aesop_spec])]
-- def PureSpec (R : State → State → Prop) : State → State → Prop :=
-- Spec (R ∩ (preserved on evm))

-- lemma PureSpec_ok_unfold {P : State → State → Prop} :
-- ∀ {s s' : State}, s.isOk → ¬ ❓ s' → PureSpec P s s' → (P ∩ (preserved on evm)) s s' := by
-- intros s s' h h'
-- unfold PureSpec Spec
-- aesop

-- -- | Specs for code that might result in hash collision
-- @[aesop safe 0 unfold (rule_sets := [Clear.aesop_spec])]
-- def CollidingSpec (R : State → State → Prop) (s₀ s₁ : State) : Prop :=
-- if s₀.evm.hash_collision
-- then ❓ s₁
-- else ¬ s₁.evm.hash_collision → Spec R s₀ s₁

-- lemma CollidingSpec_ok_unfold {P : State → State → Prop} :
-- ∀ {s s' : State}, s.isOk → ¬ ❓ s' → ¬ s'.evm.hash_collision → CollidingSpec P s s' → P s s' := by
-- intros s s' h h' h''
-- unfold CollidingSpec Spec
-- aesop

open Lean Elab Tactic in
elab "clr_spec" "at" h:ident : tactic => do
evalTactic <| ← `(tactic| (
Expand All @@ -46,6 +71,12 @@ lemma not_isOutOfFuel_Spec (spec : Spec R s₀ s₁) (h : ¬ isOutOfFuel s₁) :
intros hs₀
aesop_spec

-- | No hash collision propagates backwards through specs.
-- lemma not_hashCollision_Spec
-- (spec : CollidingSpec R s₀ s₁) (h : ¬ s₁.evm.hasHashCollision) : ¬ s₀.evm.hasHashCollision := by
-- intros hs₀
-- aesop_spec

-- ============================================================================
-- TACTICS
-- ============================================================================
Expand Down Expand Up @@ -151,7 +182,7 @@ elab "clr_funargs" "at" h:ident : tactic => do
simp only [multifill_cons, multifill_nil', isOk_insert, isOk_Ok, isOutOfFuel_Ok,
not_false_eq_true, imp_false, Ok.injEq, and_imp, forall_apply_eq_imp_iff₂,
forall_apply_eq_imp_iff] at $h:ident
repeat (rw [←State.insert] at $h:ident)
repeat (rw [←State.insert] at $h:ident)
))

end Clear
Loading
Loading