This repository was archived by the owner on Sep 27, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 188
/
Copy pathERC20.spec
81 lines (64 loc) · 2.47 KB
/
ERC20.spec
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
/***
* # ERC20 Example
*
* This is an example specification for a generic ERC20 contract.
* To run, execute the following command in terminal/cmd:
*
* certoraRun ERC20.sol --verify ERC20:ERC20.spec --solc solc8.0
*
* A simple rule that checks the integrity of the transfer function.
*
* Understand the counter example and then rerun:
*
* certoraRun ERC20.sol: --verify ERC20:ERC20Fixed.spec --solc solc8.0
*/
methods {
// When a function is not using the environment (e.g., msg.sender), it can be declared as envfree
balanceOf(address) returns(uint) envfree
allowance(address,address) returns(uint) envfree
totalSupply() returns(uint) envfree
}
//// ## Part 1: Basic rules ////////////////////////////////////////////////////
/// Transfer must move `amount` tokens from the caller's account to `recipient`
rule transferSpec {
address recip; uint amount;
env e;
address sender = e.msg.sender;
// mathint type that represents an integer of any size;
mathint balance_sender_before = balanceOf(sender);
mathint balance_recip_before = balanceOf(recip);
transfer(e, recip, amount);
mathint balance_sender_after = balanceOf(sender);
mathint balance_recip_after = balanceOf(recip);
// operations on mathints can never overflow or underflow.
assert balance_sender_after == balance_sender_before - amount,
"transfer must decrease sender's balance by amount";
assert balance_recip_after == balance_recip_before + amount,
"transfer must increase recipient's balance by amount";
}
/// Transfer must revert if the sender's balance is too small
rule transferReverts {
env e; address recip; uint amount;
require balanceOf(e.msg.sender) < amount;
transfer@withrevert(e, recip, amount);
assert lastReverted,
"transfer(recip,amount) must revert if sender's balance is less than `amount`";
}
/// Transfer must not revert unless
/// the sender doesn't have enough funds,
/// or the message value is nonzero,
/// or the recipient's balance would overflow,
/// or the message sender is 0,
/// or the recipient is 0
///
/// @title Transfer doesn't revert
rule transferDoesntRevert {
env e; address recipient; uint amount;
require balanceOf(e.msg.sender) > amount;
require e.msg.value == 0;
require balanceOf(recipient) + amount < max_uint;
require e.msg.sender != 0;
require recipient != 0;
transfer@withrevert(e, recipient, amount);
assert !lastReverted;
}