dapphub / klab Goto Github PK

K framework proof explorer & smart contract specification format

License: GNU Affero General Public License v3.0

Makefile 1.30% JavaScript 77.24% Shell 7.66% HTML 0.52% Haskell 10.49% Nix 0.94% SCSS 1.85%

klab's Introduction

KLab

NOTE: This software is still in the early stages of development. If you are confused, find some bugs, or just want some help, please file an issue or come talk to us at https://dapphub.chat/channel/k-framework.

Klab is a tool for generating and debugging proofs in the K Framework, tailored for the formal verification of ethereum smart contracts. It includes a succinct specification language for expressing the behavior of ethereum contracts, and an interactive debugger.

Installation

Dependencies

See dependency installation instructions here

This project uses the GNU version of getopt and time. OSX and gnu have a complicated relationship but you can run:

export PATH=/usr/local/opt/gnu-getopt/bin:/usr/local/opt/gnu-time/libexec/gnubin:/usr/local/opt/coreutils/libexec/gnubin:$PATH

to make them get along.

Building

Clone the repo and install the latest stable version v0.4.0 with

git clone --branch v0.4.0 https://github.com/dapphub/klab.git
cd klab
make deps

OPTIONAL: klab has some optional Haskell components, for which the recommended installation method is nix. If you have nix, you can install the Haskell components with

make deps-haskell

Environment Setup

To make klab available from the terminal, you can either just export the path to the klab executable in bin/, or use:

make link

This installs symlinks globally at /usr/local/bin and /usr/local/libexec (will require sudo on Linux machines). You can also specify a custom directory for installation by doing:

PREFIX=/path/to/custom/prefix make link

The file env will setup the environment for you if sourced from the root directory of the repo.

source ./env

It sets three environment variables:

PATH: include the klab executable.
KLAB_EVMS_PATH: the EVM semantics to use.

OPTIONAL: If you want to use a different version of K than what the KEVM ships with, you can set:

KLAB_K_PATH: override implementation of K.

OPTIONAL: You might also want to add the K tool binaries in evm-semantics/.build/k/k-distribution/bin to your $PATH, if you didn't already have K installed.

OPTIONAL: You can also use nix-shell for a more deterministic environment experience. If you have nix installed, run nix-shell in this repo to start a deterministic shell environment.

Usage

To see how klab is used, we can explore the project in examples/SafeAdd:

cd examples/SafeAdd/

Specification

The file config.json tells klab where to look for both the specification and the implementation of our contract. In this case, our specification lives in src/, and our implementation lives in dapp/.

Note that this example includes dapp/out/SafeAdd.sol.json compiled from the solidity source. With solc installed, you can compile it yourself:

solc --combined-json=abi,bin,bin-runtime,srcmap,srcmap-runtime,ast dapp/src/SafeAdd.sol > dapp/out/SafeAdd.sol.json

Proof

Our goal is to prove that our implementation satisfies our specification. To do so, we'll start by building a set of K modules from our spec:

klab build

This will generate success and failure reachability rules for each act of our specification. We can find the results in the out/specs directory.

Now we're ready to prove each case, for example:

klab prove --dump SafeAdd_add_fail

The --dump flag outputs a log to out/data/<hash>.log, which will be needed later for interactive debugging. We can also do klab prove-all to prove all outstanding claims.

Once the proof is complete, we can explore the generated symbolic execution trace using:

klab debug <hash>

Embedded rules

klab comes with a set of pre-defined K rewrite rules, additional to the ones defined in evm-semantics. They are located in resources/rules.k.tmpl.

Key Bindings

Toggle different views by pressing any of the following keys:

View Commands:

t - display the (somewhat) pretty K term.
c - display current constraints.
k - display <k> cell.
b - display behavior tree.
s - diaplay source code.
e - display evm specific module.
m - display memory cell.
d - display debug cells (see toggling debug cells below).
r - display applied K rule.
z - display z3 feedback from attempted rule application.
Up/Dn - scroll view up and down.

Navigation Commands:

n - step to next opcode
p - step to previous opcode
Shift+n - step to next k term
Shift+p - step to previous k term
Ctrl+n - step to next branch point
Ctrl+p - step to previous branch point

Toggling Debug Cells:

The following commands are prefixed with : (and are typed at the bottom of the interface). It's possible to toggle the debug cells view for specific cells, which prints out the JSON representation of the given cells. Remember, you must turn on the debug cells view to see these (above).

:show ethereum.evm.callState.gas - show the contents of the <gas> cell in the debug cells view.
:hide ethereum.evm.callStack.pc - hide the contents of the <pc> cell in the debug cells view.
:omit gas pc - omit the contents of the <gas> and <pc> cells in the term view.
:unomit pc programBytes - unomit the contents of the <pc> and <programBytes> cells in the term view.

Available klab Commands

klab build - builds a set of K reachability claims in out/specs based on the spec, lemmas and source code as specified in the projects config.json.
klab prove <hash> [--dump] - executes a K reachability claim specified as a hash to the K prover. If the --dump flag is present, the proof can be explored using klab debug.
klab prove-all - builds and executes all proof objects in the project directory.
klab debug <hash> - opens up the cli proof explorer of a particular proof execution. See key bindings above.
klab focus <hash> - focus on a hash, allowing you to leave out it as an argument to other commands.
klab hash - prints the hash of the focused proof
klab get-gas <hash> - Traverses the execution trace of a proof object to fetch its gas usage, put in out/gas/<hash>gas.k.
klab solve-gas <hash> - Constructs the gas condition necessary for an execution to succeed.
klab evm <hash> - Shows opcodes and source code side-by-side (useful for extracting pc values).
klab status <hash> - Shows whether a proof has been run, and whether it was accepted or rejected.
klab status-js <hash> - Shows the behaviour tree for an executed proof.
klab fetch <url> - Fetches the execution trace of a proof object at the url, preparing it for local debugging.
klab compress <hash> - compresses an execution trace so you can share it with a friend (or enemy).
klab storage <contractName> - Guesses what the storage layout of a given contract is
klab report - Generates a html report of the current project state in out/report/index.html.
klab help - Generates this view

Configuration

The config.json file is used to configure klab.

Here's an example:

{
  "name": "k-dss",
  "url": "https://github.com/dapphub/k-dss",
  "src": {
    "specification": "./src/dss.md",
    "smt_prelude": "./src/prelude.smt2.md",
    "rules": [
      "./src/storage.k.md",
      "./src/lemmas.k.md"
    ],
    "dirty_rules": [
      "./src/dirty_lemmas.k.md"
    ]
  },
  "implementations": {
    "Vat": {
      "src": "src/vat.sol"
    },
    "Vow": {
      "src": "src/vow.sol"
    },
  },
  "timeouts": {
    "Vat_grab_pass_rough": "16h",
  },
  "memory" : {
    "Vat_frob-diff-nonzero_fail_rough": "25G",
  },
  "dapp_root": "./dss",
  "solc_output_path": "out/dapp.sol.json",
  "host": "127.0.0.1:8080"
}

Limits

Time

By default, klab-prove sets a timeout of 1 day. This can be changed by passing the --timeout flag a value of the format [0-9]+[dhms].

klab-prove-all defaults to a per-proof timeout of 200m. This can be changed by setting timeouts to a different value in config.json, as shown above.

Memory

By default, both klab-prove and klab-prove-all run the JVM with a maximum heap size of 10GB.

This can be changed by setting the K_OPTS environment variable to something like --Xmx4G. Refer to the JVM docs for more information.

klab-prove-all also reads the config.json file, and the maximum heap size can be changed with the memory key, as shown above.

Gas

In rough specs, the amount of gas available defaults to 3,000,000. This can be changed using the gas header.

Once a pass_rough spec has been proven, the gas used for each execution path is combined into a single expression, which is the upper gas bound for the stronger pass spec.

Zsh completions

There are automatic tab completions for zsh that can be installed by adding the following to your .zshrc:

# completions for klab
fpath=(~/dapphub/klab/resources/zsh $fpath)
autoload -U compinit
compinit

Troubleshooting

Outdated npm

You might have problems due to an outdated npm, in that case try updating it with:

npm install npm@latest -g
npm install -g n
n stable

KLab server requesting files at incorrect directory

What it looks like:

$ klab server

18.07.30 14-46-50: exec dfc688db4cc98b5de315bdfaa2512b84d14c3aaf3e58581ae728247097ff300d/run.sh
18.07.30 14-47-32: out Debugg: dfc688db4cc98b5de315bdfaa2512b84d14c3aaf3e58581ae728247097ff300d

fs.js:119
throw err;
^

Error: ENOENT: no such file or directory, open '/tmp/klab/b042c99687ae5018744dc96107032b291e4a91f1ab38a6286b2aff9a78056665/abstract-semantics.k'
at Object.openSync (fs.js:443:3)
at Object.readFileSync (fs.js:348:35)
at getFileExcerpt (/home/dev/src/klab/lib/rule.js:5:4)
at Object.parseRule (/home/dev/src/klab/lib/rule.js:21:16)
at Object.getblob (/home/dev/src/klab/lib/driver/dbDriver.js:49:19)
at Object.next (/home/dev/src/klab/lib/driver/dbDriver.js:113:56)
at Stream._n (/home/dev/src/klab/node_modules/xstream/index.js:797:18)
at /home/dev/src/klab/node_modules/@cycle/run/lib/cjs/index.js:57:61
at process._tickCallback (internal/process/next_tick.js:61:11)
[1] [dev@arch-ehildenb klab]% klab server
fs.js:119
throw err;

Notice how it's requesting abstract-semantics.k from proof-hash b042... but we're actually running proof-hash dfc6.... This is a problem with how K caches compiled definitions, and must be fixed upstream.

To fix this, run:

make clean && make deps

This will remove and recompile the KEVM semantics.

License

All contributions to this repository are licensed under AGPL-3.0. Authors:

Denis Erfurt
Martin Lundfall
Everett Hildenbrandt
Lev Livnev

klab's People

Contributors

Stargazers

Watchers

klab's Issues

BYZANTIUM (not CONSTANTINOPLE)

Rebase on top of evm-semantics for CONSTANTINOPLE.

Feature: klab build: balance field

Add a balance Acct field to the specification language, for reasoning about account (ETH) balances. For example

...
balance Guy
     Bal_guy => Bal_guy + wad
...

should compile to something like:

...
          <accounts>
            <account multiplicity="*" type="Map">
              <acctID>  Guy </acctID>
              <balance> Bal_guy => Bal_guy + wad </balance>
               ...
            </account>
          </accounts>
...

At the same time it would be useful to add <value> VALUE </value> to the "template".

Support for multiple reachability rules in the same spec

Currently, klab does not allow you to toggle between the different reachability rules

this is an issue

if i click a number on an undefined behaviour the whole things should not crash, thats stupid

behaviour should display error

add evm storage display

SafeAdd klab build failed

After following the instruction of installing klab, I tried to test it on SafeAdd and it failed.

undefined:1



SyntaxError: Unexpected end of JSON input
    at JSON.parse (<anonymous>)
    at toJson (/home/chenishi/git-repos/klab/lib/config.js:15:28)
    at Object.keys.forEach.alias (/home/chenishi/git-repos/klab/lib/config.js:88:17)
    at Array.forEach (<anonymous>)
    at module.exports (/home/chenishi/git-repos/klab/lib/config.js:83:6)
    at Object.<anonymous> (/home/chenishi/git-repos/klab/lib/storage.js:16:23)
    at Module._compile (module.js:652:30)
    at Object.Module._extensions..js (module.js:663:10)
    at Module.load (module.js:565:32)
    at tryModuleLoad (module.js:505:12)

However, I apply klab build on both d0_suck and token, they both function well.

Token_transfer_pass_rough
Token_transfer_fail
write prelude
write rules.k

sloppy Int stripping

Stripping out the string Int has sloppy results when dealing with symbols that have Int as a substring, such as in this example:

where sgnerp is not the name of a function, and should instead be sgnInterp.

evm stack should display hex values

add flag that selects the spec

add flag that restricts the maximum steps in a proof and terminates automatically

errors when running klab server, issues with node.js

I cannot run klab server. 3 attempts to setup node below, all throw different errors.
My setup: didn't run make deps, just make link.

I initially installed just npm, through sudo apt-get npm; npm install
For klab server
I got:
/usr/bin/env: ‘node’: No such file or directory
Additionally installed node through: sudo apt-get nodejs-legacy. Result:

$ node --version
v4.2.6
$ klab server
/mnt/d/klab/libexec/klab-server:4
const {run} = require("@cycle/run");
      ^

SyntaxError: Unexpected token {
    at exports.runInThisContext (vm.js:53:16)
    at Module._compile (module.js:374:25)
    at Object.Module._extensions..js (module.js:417:10)
    at Module.load (module.js:344:32)
    at Function.Module._load (module.js:301:12)
    at Function.Module.runMain (module.js:442:10)
    at startup (node.js:136:18)
    at node.js:966:3

Uninstalled npm and nodejs-legacy, installed node v6 instead:

$ sudo curl -sL https://deb.nodesource.com/setup_6.x | sudo -E bash -
## Installing the NodeSource Node.js 6.x LTS Boron repo...

$ sudo apt-get install -y nodejs
$ node --version
v6.14.4
$ klab server
/mnt/d/klab/libexec/klab-server:39
      ...state,
      ^^^

SyntaxError: Unexpected token ...
    at createScript (vm.js:56:10)
    at Object.runInThisContext (vm.js:97:10)
    at Module._compile (module.js:549:28)
    at Object.Module._extensions..js (module.js:586:10)
    at Module.load (module.js:494:32)
    at tryModuleLoad (module.js:453:12)
    at Function.Module._load (module.js:445:3)
    at Module.runMain (module.js:611:10)
    at run (bootstrap_node.js:394:7)
    at startup (bootstrap_node.js:160:9)

OS version: Ubuntu 16.04.4 LTS

What version of node do you have?

add evm memory display

display rule choices in the behaviour/ on branching

build should import contracts mentioned in types, not just storage block

JavaScript heap out of memory on nasty proof

I've been getting this crash when investigating a nasty K crash. It's problematic because I need to be able to inspect the situation from klab in order to figure out how to fix the crash.

evm                                                                                                                                                                                                                 <--- Last few GCs --->                    Stack                                                                                                                                                                     
  0e9b  0773  AND                         00  1 + Kicks                                                                                                                                                             
[29716:0x55837e6b8860]   642720 ms: Mark-sweep 1387.9 (1462.7) -> 1387.8 (1463.7) MB, 1215.4 / 0.0 ms  allocation failure GC in old space requested                                                                 
[29716:0x55837e6b8860]   643757 ms: Mark-sweep 1387.8 (1463.7) -> 1387.8 (1427.7) MB, 1035.7 / 0.1 ms  last resort GC in old space requested                                                                        
[29716:0x55837e6b8860]   644798 ms: Mark-sweep 1387.8 (1427.7) -> 1387.8 (1426.2) MB, 1041.0 / 0.1 ms  last resort GC in old space requested                                                                        
  0e9f  0777  SSTORE                      04  ACCT_ID                                                                                                                                                               
> 0ea0  0778  POP                         05  965                                                                                                                                                                   
<--- JS stacktrace --->                   06  3085552932                                                                                                                                                            
  0ea2  077a  PUSH32 efa52d9342a19...                                                                                                                                                                               
==== JS stack trace =========================================                                                                                                                                                       
  0ec4  077c  DUP6                                                                                                                                                                                                  
Security context: 0x1d34f9799099 <JSObject>                                                                                                                                                                         
    1: /* anonymous */ [/home/lev/src/k/latest/klab/lib/pull.js:~99] [pc=0x9ecb7aa7e6d](this=0x3683692880a1 <JSGlobal Object>,/* anonymous */=0x257c20503af1 <Object map = 0x3ad1f60a2181>)                         
    2: arguments adaptor frame: 3->1                                                                                                                                                                                
    3: forEach(this=0x257c20502741 <JSArray[1]>)                                                                                                                                                                    
    4: /* anonymous */ [/home/lev/src/k/latest/klab/lib/pull.js:~97] [pc=0x9ecb7aa7b31](this=0x3683692880a1 <JSGlobal Object...                                                                                     
101                                                                                                                                                                                                                 
FATAL ERROR: CALL_AND_RETRY_LAST Allocation failed - JavaScript heap out of memory                                                                                                                                  
 1: node::Abort() [klab]                                                                                                                                                                                            
 2: 0x55837c740f91 [klab]                                                                                                                                                                                           
 3: v8::Utils::ReportOOMFailure(char const*, bool) [klab]                                                                                                                                                           
 4: v8::internal::V8::FatalProcessOutOfMemory(char const*, bool) [klab]                                                                                                                                             
 5: v8::internal::Factory::NewFixedArray(int, v8::internal::PretenureFlag) [klab]                                                                                                                                   
 6: v8::internal::HashTable<v8::internal::NameDictionary, v8::internal::NameDictionaryShape>::New(v8::internal::Isolate*, int, v8::internal::PretenureFlag, v8::internal::MinimumCapacity) [klab]                   
 7: v8::internal::HashTable<v8::internal::NameDictionary, v8::internal::NameDictionaryShape>::EnsureCapacity(v8::internal::Handle<v8::internal::NameDictionary>, int, v8::internal::PretenureFlag) [klab]           
 8: v8::internal::Dictionary<v8::internal::NameDictionary, v8::internal::NameDictionaryShape>::Add(v8::internal::Handle<v8::internal::NameDictionary>, v8::internal::Handle<v8::internal::Name>, v8::internal::Handle<v8::internal::Object>, v8::internal::PropertyDetails, int*) [klab]( TIME + Tau,,411376139330301510538742295639337626245683966408394965837152256 ),,_&Int__INT( 411376139330301510538742295639337626245683966408394
 9: v8::internal::LookupIterator::ApplyTransitionToDataProperty(v8::internal::Handle<v8::internal::JSObject>) [klab]ic_was,,1461501637330902918203684832716283019655932542976 ) + ACCT_ID ) ) )",                   
10: v8::internal::Object::AddDataProperty(v8::internal::LookupIterator*, v8::internal::Handle<v8::internal::Object>, v8::internal::PropertyAttributes, v8::internal::Object::ShouldThrow, v8::internal::Object::StoreFromKeyed) [klab]1 + Kicks 1  )": "Sump"                                                                                                                                                                           
11: v8::internal::Object::SetProperty(v8::internal::LookupIterator*, v8::internal::Handle<v8::internal::Object>, v8::internal::LanguageMode, v8::internal::Object::StoreFromKeyed) [klab]                           
12: v8::internal::Runtime::SetObjectProperty(v8::internal::Isolate*, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, v8::internal::LanguageMode) [klab]                                                                                                                                                                                             
13: v8::internal::Runtime_SetProperty(int, v8::internal::Object**, v8::internal::Isolate*) [klab]                                                                                                                   
14: 0x9ecb78040bd                                                                                                                                                                                                   
/home/lev/.local/bin/klab: line 2: 29716 Aborted                 PATH=${0%/*/*}/libexec:$PATH "${0##*/}-${1-help}" "${@:2}"

Deal with the static cell

Should be false on passing mutating specs,
_ on every other spec (all failing, passing getters)

Klab server freezes at parsing errors

It should provide the client with the error information, and continue to listen for requests

write stop cmd - halts the java execution

Repo URI in main page should be HTTPS and not GIT.

Hello from devcon4.

hard coded paths in srchandler

just fyi

--headless should error if it cannot connect to server

Otherwise it gives false positives

Errors when try to make deps

System: OS X Mojave 10.14.2

Steps to reproduce - following instructions from readme:

brew tap caskroom/cask caskroom/version
brew cask install caskroom/versions/java8
brew install automake libtool gmp mpfr pkg-config pandoc maven opam z3 node

git clone https://github.com/dapphub/klab.git
cd klab
make deps

Expected result:
Dependencies compile.

Actual result:

git submodule update --init -- evm-semantics
Submodule 'evm-semantics' (https://github.com/dapphub/evm-semantics) registered for path 'evm-semantics'
Cloning into '/Users/tomasz_eth/Repos/klab/evm-semantics'...
Submodule path 'evm-semantics': checked out '729a406c80fce4faa16a493cb6f967a4ddc5eb4a'
cd evm-semantics \
		&& make k-deps tangle-deps -B \
		&& make build-java -B
== submodule: /Users/tomasz_eth/Repos/klab/evm-semantics/.build/k/make.timestamp
git submodule update --init -- /Users/tomasz_eth/Repos/klab/evm-semantics/.build/k
Submodule '.build/k' (https://github.com/dapphub/k) registered for path '.build/k'
Cloning into '/Users/tomasz_eth/Repos/klab/evm-semantics/.build/k'...
Submodule path '.build/k': checked out '88488853da14ed05cdbc692dbf24ce38662e3958'
cd /Users/tomasz_eth/Repos/klab/evm-semantics/.build/k \
		&& mvn package -q -DskipTests -U
[ERROR] [ERROR] Some problems were encountered while processing the POMs:
[FATAL] Non-resolvable parent POM for com.runtimeverification.k:parent:[unknown-version]: Could not transfer artifact com.runtimeverification.rv_match:parent:pom:1.0-SNAPSHOT from/to runtime.verification.snapshots (https://s3.amazonaws.com/repo.runtime.verification/repository/snapshots): Access denied to: https://s3.amazonaws.com/repo.runtime.verification/repository/snapshots/com/runtimeverification/rv_match/parent/1.0-SNAPSHOT/parent-1.0-SNAPSHOT.pom and 'parent.relativePath' points at wrong local POM @ line 5, column 11
 @ 
[ERROR] The build could not read 1 project -> [Help 1]
[ERROR]   
[ERROR]   The project com.runtimeverification.k:parent:[unknown-version] (/Users/tomasz_eth/Repos/klab/evm-semantics/.build/k/pom.xml) has 1 error
[ERROR]     Non-resolvable parent POM for com.runtimeverification.k:parent:[unknown-version]: Could not transfer artifact com.runtimeverification.rv_match:parent:pom:1.0-SNAPSHOT from/to runtime.verification.snapshots (https://s3.amazonaws.com/repo.runtime.verification/repository/snapshots): Access denied to: https://s3.amazonaws.com/repo.runtime.verification/repository/snapshots/com/runtimeverification/rv_match/parent/1.0-SNAPSHOT/parent-1.0-SNAPSHOT.pom and 'parent.relativePath' points at wrong local POM @ line 5, column 11 -> [Help 2]
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException
[ERROR] [Help 2] http://cwiki.apache.org/confluence/display/MAVEN/UnresolvableModelException
make[1]: *** [/Users/tomasz_eth/Repos/klab/evm-semantics/.build/k/make.timestamp] Error 1
make: *** [deps-kevm] Error 2

Proofs we want to have:

A proof involving signed integers (simply the overflow safe signed integer addition from https://github.com/dapphub/daim/blob/master/d0/src/SicBase.sol would be a good start)

A proof saying "there is no case this will happen". Once one has made reachability claims for all possible functions of a contract, a call with arbitrary data should reduce to all of these. But I sense this is easier in theory than in practice. However, this type of proof is essential to ensure a property like "there is no way for anybody to steal any locked collateral" in the maker contracts.

STORAGE undefined

In any klab debug proof, in the STORAGE block in the evm view I just see:

STORAGE                                                                                                                                                        
undefined

Meanwhile, the proof goes through without any problems.

I'm experiencing this issue on a fresh install of klab on a NixOS machine, and unable to reproduce it on my debian machine. @MrChico is also not experiencing it.

klab run --headless fix

stratify raw gas expression

Cannot read property 'NaN' of undefined

    at prev (/home/dan/code/klab/lib/stateHandler.js:139:20)
    at /home/dan/code/klab/node_modules/cycle-onionify/lib/onionify.js:11:54
    at Fold.f (/home/dan/code/klab/node_modules/xstream/index.js:544:40)
    at _try (/home/dan/code/klab/node_modules/xstream/index.js:31:18)
    at Fold._n (/home/dan/code/klab/node_modules/xstream/index.js:562:17)
    at Stream._n (/home/dan/code/klab/node_modules/xstream/index.js:797:18)
    at ConcatProducer._n (/home/dan/code/klab/node_modules/xstream/extra/concat.js:27:11)
    at Stream._n (/home/dan/code/klab/node_modules/xstream/index.js:797:18)
    at Merge._n (/home/dan/code/klab/node_modules/xstream/index.js:125:11)
    at Stream._n (/home/dan/code/klab/node_modules/xstream/index.js:797:18)```g

Feature: import reachability rules for composing calls

If we add another header to acts which we can call calls or imports, one should be able to reference another act to add its generated reachability rule to the .k proof file. Ideally, there should be a way of easily toggling between having imported reachability rules have the attribute [trusted] or not.

Here is an example of what this could look like taken from k-dss:

Vat

manipulating bad debt and surplus

behavior heal of Vat
interface heal(bytes32 u, bytes32 v, int256 rad)

types

    Can   : uint256
    Dai_v : uint256
    Sin_u : uint256
    Debt  : uint256
    Vice  : uint256

storage

    #Vat.wards(CALLER_ID) |-> Can
    #Vat.dai(v)           |-> Dai_v => Dai_v - rad
    #Vat.sin(u)           |-> Sin_u => Sin_u - rad
    #Vat.debt             |-> Debt  => Debt - rad
    #Vat.vice             |-> Vice  => Vice - rad

iff

    Can == 1

iff in range uint256

    Dai_v - rad
    Sin_u - rad
    Debt - rad
    Vice - rad

Vow

cancelling bad debt and surplus

behaviour heal of Vow
interface heal(uint256 wad)

types

    Can  : uint256
    Vat  : address VatLike
    Woe  : uint256
    Dai  : uint256
    Sin  : uint256
    Vice : uint256
    Debt : uint256

storage

    #Vow.vat |-> Vat
    #Vow.Woe |-> Woe => Woe - wad

storage Vat
    
    #Vat.wards(ACCT_ID) |-> Can
    #Vat.dai(ACCT_ID)   |-> Dai  => Dai - #Ray * wad
    #Vat.sin(ACCT_ID)   |-> Sin  => Sin - #Ray * wad
    #Vat.vice           |-> Vice => Vice - #Ray * wad
    #Vat.debt           |-> Debt => Debt - #Ray * wad

iff

    Can == 1
    wad <= Dai / 1000000000000000000000000000
    wad <= Woe

iff in range uint256

    Woe - wad
    Dai - #Ray * wad
    Sin - #Ray * wad
    Vice - #Ray * wad
    Debt - #Ray * wad
    
iff in range int256

    #Ray * wad

calls 

   heal of Vow

make prove individual storage rule files which will be only imported by specified contracts

blobs/nodes directory should be shared to remove storing them redundantly on minor proof changes

"n" command very slow when debugging

I was creating a spec to verify totalSupply as below.

~/.../klab/examples (master)$git diff token/src/spec.md
diff --git a/examples/token/src/spec.md b/examples/token/src/spec.md
index 624558e..f9d55d9 100644
+
+
+act
+behaviour totalSupply of Token
+interface totalSupply()
+
+types
+
+    Supply : uint256
+
+storage
+
+    #Token.totalSupply |-> Supply
+
+// Checking payable
+iff
+
+    VCallValue == 0
+
+

~/.../klab/examples (master)$git diff token/src/storage.md
diff --git a/examples/token/src/storage.md b/examples/token/src/storage.md
index c51a2dc..f5c7571 100644
--- a/examples/token/src/storage.md
+++ b/examples/token/src/storage.md
@@ -5,3 +5,9 @@ syntax Int ::= "#Token.balances" "[" Int "]" [function]
 // doc: The token balance of `$0`
 rule #Token.balances[A] => #hashedLocation("Solidity", 0, A)
 
+
+
+syntax Int ::= "#Token.totalSupply" [function]
+// -----------------------------------------------
+rule #Token.totalSupply => 2
+

After that I ran the following command to debug.

klab build
klab prove --dump out/specs/Token_totalSupply_fail.k
klab debug --filter-oog $(klab hash out/specs/Token_totalSupply_fail.k)

When I was trying to debug on debug window, I was able to press 0 and 1 to navigate branches and press p to go back, but n command does not seem working.

The attached is the generated file with all the output

token.tar.gz

klab build: add preconditions for callable addresses

When klab build processes addresses that are going to be called (i.e. ones that have been labelled with an implementation alias), it should add some more preconditions to the spec: for example if it sees Vat : address VatLike, it should add the following:

...
  andBool #rangeAddress(Vat)
  andBool #notPrecompileAddress(Vat)
  andBool ACCT_ID =/=Int Vat
...

Note that the 2nd one should say #notPrecompileAddress (as not #rangeNotPrecompileAddress as we used before) since I want to switch to the former.

Feature request: extract pc value for internal functions

If we had a way of extracting the pc range for internal functions, we could save a lot of time by importing reachability rules for internal calls to other functions. Example:

behaviour add of Vat
interface add internal

types

    X : uint256
    Y : int256
    VGas > 300000

wordstack
    X : Y : JUMPDEST : WS => JUMPDEST : X + Y : WS

One could of course specify the pc manually for functions like these, but this would be cumbersome since they might change across implementations

call causes exponential gas explosion

due to the refund semantics VGas gets copied multiple times in the raw gas and hence the gas expression blows up exponentially with the number of calls.

Here is an example from Vow.cage Gas cell before vat.dai lemma is applied:

 (VGas - 17080)

and after the application:

(((VGas - 17080) - (700 + ((VGas - 17780) - ((VGas - 17780) / 64)))) + (((VGas - 17780) - ((VGas - 17780) / 64)) - 636))

due to many calls in this proof the gas expression blows up to a degree where the proof almost stops to make progress (java object copy + garbage collection). We need to simplify stuff like this DURING a run with lemmas like:

rule A - (B + C) + (C - D) => (A - B) - D

as well as linearize and propagate VGas out of #if expressions to the top with k-lemmas.

`klab prove-all` ignores failures

https://buildbot.dapp.ci/#/builders/2/builds/124/steps/6/logs/stdio

^ scroll through this output, and you'll see that e.g. Token_totalSupply_pass_rough.k actually fails but the entire ends up being reported as successful.

individual timeouts

this would be niiccee

EVM display for multiple contract files

When doing a CALL, the klab e display does not display the called contracts OPcodes and source code, but still the calling contracts OPcoe and source code

lemmas that touches storage require dealing with abstract memory

we need to be able to write lemmas that write or read from storage.
e.g. wish.
The problem is that during such a lemma memory might be non-empty and needs to be abstract. That means that computing keccac hashes won't simplify in memory since memory key collisions for abstract prefixes can't be simplified.
Maybe a workaround is possible where writing followed by reading to an abstract memory is possible.
This would help with large proofs big times.

evm-view crashes in multiple contract calls

But only under specific scenarios which I don't really understand. Will create a branch of k-dss that replicates this issue.

klab build --act MYSPEC --startFrom BLOB_ID

Add feature to klab build to be able to start from an initial term given by a blob id

add Balance field to specs

Range error: invalid count value

When exploring proofs with lots of fail cases, I can only go so far as my terminal width allows for the branch to be displayed:

if k or klab is updated klab server should reject a cached proof

klab-init: update or remove

resolve "passing" and "succeeding" naming confusion

Currently pass and passing are words that are used to both describe a non-reverting case of an act spec and also when kprove has succeeded in proving a reachability rule. This is confusing.

ReferenceError: moment is not defined

Ran into this strange error, with klab server crashing unexpectedly:

18.07.24 00-54-03: out Debugg: /tmp/klab/b87ea886502a47666d3a993205cb6a40a04f3c1b7de47d433ddd3aa928089277

18.07.24 00-54-23: error missing SMTLib translation for _&Int__INT
 b87ea886502a47666d3a993205cb6a40a04f3c1b7de47d433ddd3aa928089277
18.07.24 00-54-24: error missing SMTLib translation for _&Int__INT
 b87ea886502a47666d3a993205cb6a40a04f3c1b7de47d433ddd3aa928089277
18.07.24 00-54-24: error missing SMTLib translation for _&Int__INT
 b87ea886502a47666d3a993205cb6a40a04f3c1b7de47d433ddd3aa928089277
18.07.24 00-54-24: error missing SMTLib translation for _&Int__INT
 b87ea886502a47666d3a993205cb6a40a04f3c1b7de47d433ddd3aa928089277
18.07.24 00-54-24: error missing SMTLib translation for _&Int__INT
 b87ea886502a47666d3a993205cb6a40a04f3c1b7de47d433ddd3aa928089277
18.07.24 00-54-24: error missing SMTLib translation for _&Int__INT
 b87ea886502a47666d3a993205cb6a40a04f3c1b7de47d433ddd3aa928089277
/home/lev/src/k/latest/klab/lib/driver/dbDriver.js:21
  let now = moment().format("YY.MM.DD HH-mm-ss")
            ^

ReferenceError: moment is not defined
    at log (/home/lev/src/k/latest/klab/lib/driver/dbDriver.js:21:13)
    at getBlob (/home/lev/src/k/latest/klab/lib/driver/dbDriver.js:33:5)
    at Object.getblob (/home/lev/src/k/latest/klab/lib/driver/dbDriver.js:39:14)
    at Object.next (/home/lev/src/k/latest/klab/lib/driver/dbDriver.js:112:56)
    at Stream._n (/home/lev/src/k/latest/klab/node_modules/xstream/index.js:797:18)
    at /home/lev/src/k/latest/klab/node_modules/@cycle/run/lib/cjs/index.js:57:61
    at _combinedTickCallback (internal/process/next_tick.js:131:7)
    at process._tickCallback (internal/process/next_tick.js:180:9)```