2024-09-17 13:28:57 +02:00
|
|
|
import "./shared.spec";
|
|
|
|
|
2024-01-24 09:39:04 +01:00
|
|
|
using ERC20A as staked;
|
2024-09-17 13:28:57 +02:00
|
|
|
|
2024-01-24 09:39:04 +01:00
|
|
|
methods {
|
|
|
|
function staked.balanceOf(address) external returns (uint256) envfree;
|
2024-11-07 10:50:13 -03:00
|
|
|
function totalStaked() external returns (uint256) envfree;
|
|
|
|
function totalMP() external returns (uint256) envfree;
|
2024-06-19 11:26:03 +02:00
|
|
|
function previousManager() external returns (address) envfree;
|
2024-01-24 16:07:23 +01:00
|
|
|
function _.migrateFrom(address, bool, StakeManager.Account) external => NONDET;
|
2024-06-19 11:26:03 +02:00
|
|
|
function _.increaseTotalMP(uint256) external => NONDET;
|
2024-09-04 09:54:45 +02:00
|
|
|
function _.migrationInitialize(uint256,uint256,uint256,uint256,uint256,uint256,uint256) external => NONDET;
|
|
|
|
function accounts(address) external returns(address, uint256, uint256, uint256, uint256, uint256, uint256, uint256) envfree;
|
2024-03-11 12:38:54 +01:00
|
|
|
function Math.mulDiv(uint256 a, uint256 b, uint256 c) internal returns uint256 => mulDivSummary(a,b,c);
|
2024-09-04 09:54:45 +02:00
|
|
|
function _._ external => DISPATCH [] default NONDET;
|
2024-01-24 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
2024-03-11 12:38:54 +01:00
|
|
|
function mulDivSummary(uint256 a, uint256 b, uint256 c) returns uint256 {
|
|
|
|
require c != 0;
|
|
|
|
return require_uint256(a*b/c);
|
2024-01-24 16:07:23 +01:00
|
|
|
}
|
|
|
|
|
2024-01-24 09:39:04 +01:00
|
|
|
function isMigrationfunction(method f) returns bool {
|
2024-01-24 16:07:23 +01:00
|
|
|
return
|
2024-11-07 10:50:13 -03:00
|
|
|
f.selector == sig:acceptUpdate().selector ||
|
|
|
|
f.selector == sig:leave().selector ||
|
2024-03-04 16:19:45 +01:00
|
|
|
f.selector == sig:transferNonPending().selector;
|
2024-01-24 09:39:04 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/* assume that migration is zero, causing the verification to take into account only
|
|
|
|
cases where it is zero. specifically no externall call to the migration contract */
|
2024-03-04 16:21:41 +01:00
|
|
|
function simplification(env e) {
|
2024-01-24 09:39:04 +01:00
|
|
|
require currentContract.migration == 0;
|
2024-06-19 11:26:03 +02:00
|
|
|
require currentContract.previousManager() == 0;
|
2024-03-04 16:21:41 +01:00
|
|
|
require e.msg.sender != 0;
|
2024-01-24 09:39:04 +01:00
|
|
|
}
|
|
|
|
|
2024-01-24 16:07:23 +01:00
|
|
|
ghost mathint sumOfEpochRewards
|
|
|
|
{
|
|
|
|
init_state axiom sumOfEpochRewards == 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
ghost mathint sumOfMultipliers /* sigma account[u].multiplier forall u */
|
|
|
|
{
|
|
|
|
init_state axiom sumOfMultipliers == 0;
|
|
|
|
}
|
|
|
|
|
2024-01-24 12:16:01 +01:00
|
|
|
ghost mathint sumOfBalances /* sigma account[u].balance forall u */ {
|
|
|
|
init_state axiom sumOfBalances == 0;
|
|
|
|
}
|
|
|
|
|
2024-03-18 12:08:50 +01:00
|
|
|
hook Sstore epochs[KEY uint256 epochId].epochReward uint256 newValue (uint256 oldValue) {
|
2024-01-24 16:07:23 +01:00
|
|
|
sumOfEpochRewards = sumOfEpochRewards - oldValue + newValue;
|
|
|
|
}
|
|
|
|
|
2024-03-18 12:08:50 +01:00
|
|
|
hook Sstore accounts[KEY address addr].balance uint256 newValue (uint256 oldValue) {
|
2024-01-24 16:07:23 +01:00
|
|
|
sumOfBalances = sumOfBalances - oldValue + newValue;
|
|
|
|
}
|
|
|
|
|
2024-06-25 12:48:23 +02:00
|
|
|
hook Sstore accounts[KEY address addr].totalMP uint256 newValue (uint256 oldValue) {
|
2024-01-24 16:07:23 +01:00
|
|
|
sumOfMultipliers = sumOfMultipliers - oldValue + newValue;
|
|
|
|
}
|
|
|
|
|
2024-10-03 00:24:12 -03:00
|
|
|
hook Sload uint256 newValue accounts[KEY address addr].totalMP {
|
2024-10-03 00:24:12 -03:00
|
|
|
require sumOfMultipliers >= to_mathint(newValue);
|
2024-10-03 00:24:12 -03:00
|
|
|
}
|
|
|
|
|
2024-03-04 16:21:41 +01:00
|
|
|
invariant sumOfBalancesIsTotalSupplyBalance()
|
2024-11-07 10:50:13 -03:00
|
|
|
sumOfBalances == to_mathint(totalStaked())
|
2024-03-05 09:52:40 +01:00
|
|
|
filtered {
|
|
|
|
m -> !requiresPreviousManager(m) && !requiresNextManager(m)
|
|
|
|
}
|
2024-01-24 16:07:23 +01:00
|
|
|
|
|
|
|
invariant sumOfMultipliersIsMultiplierSupply()
|
2024-11-07 10:50:13 -03:00
|
|
|
sumOfMultipliers == to_mathint(totalMP())
|
2024-03-05 09:52:40 +01:00
|
|
|
filtered {
|
|
|
|
m -> !requiresPreviousManager(m) && !requiresNextManager(m)
|
|
|
|
}
|
2024-10-03 00:24:13 -03:00
|
|
|
{ preserved with (env e){
|
|
|
|
requireInvariant accountMPIsZeroIfBalanceIsZero(e.msg.sender);
|
|
|
|
requireInvariant accountBonusMPIsZeroIfBalanceIsZero(e.msg.sender);
|
|
|
|
}
|
|
|
|
}
|
2024-01-24 16:07:23 +01:00
|
|
|
|
|
|
|
invariant sumOfEpochRewardsIsPendingRewards()
|
|
|
|
sumOfEpochRewards == to_mathint(currentContract.pendingReward)
|
|
|
|
{ preserved {
|
|
|
|
requireInvariant highEpochsAreNull(currentContract.currentEpoch);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
invariant highEpochsAreNull(uint256 epochNumber)
|
2024-03-04 16:21:41 +01:00
|
|
|
epochNumber >= currentContract.currentEpoch => currentContract.epochs[epochNumber].epochReward == 0
|
2024-03-05 09:52:40 +01:00
|
|
|
filtered {
|
|
|
|
m -> !requiresPreviousManager(m) && !requiresNextManager(m)
|
2024-03-04 16:21:41 +01:00
|
|
|
}
|
2024-01-24 16:07:23 +01:00
|
|
|
|
2024-11-07 10:50:13 -03:00
|
|
|
invariant accountBonusMPIsZeroIfBalanceIsZero(address addr)
|
|
|
|
to_mathint(getAccountBalance(addr)) == 0 => to_mathint(getAccountBonusMultiplierPoints(addr)) == 0
|
|
|
|
filtered {
|
|
|
|
f -> f.selector != sig:migrateFrom(address,bool,StakeManager.Account).selector
|
|
|
|
}
|
|
|
|
|
2024-11-07 10:50:13 -03:00
|
|
|
invariant accountMPIsZeroIfBalanceIsZero(address addr)
|
|
|
|
to_mathint(getAccountBalance(addr)) == 0 => to_mathint(getAccountCurrentMultiplierPoints(addr)) == 0
|
|
|
|
filtered {
|
|
|
|
f -> f.selector != sig:migrateFrom(address,bool,StakeManager.Account).selector
|
|
|
|
}
|
|
|
|
|
|
|
|
invariant InitialMPIsNeverSmallerThanBalance(address addr)
|
|
|
|
to_mathint(getAccountBonusMultiplierPoints(addr)) >= to_mathint(getAccountBalance(addr))
|
2024-03-11 15:34:15 +01:00
|
|
|
filtered {
|
|
|
|
f -> f.selector != sig:migrateFrom(address,bool,StakeManager.Account).selector
|
|
|
|
}
|
|
|
|
|
2024-10-08 10:19:43 +02:00
|
|
|
invariant accountMPIsZeroIfBalanceIsZero(address addr)
|
|
|
|
to_mathint(getAccountBalance(addr)) == 0 => to_mathint(getAccountCurrentMultiplierPoints(addr)) == 0
|
2024-03-11 15:34:15 +01:00
|
|
|
filtered {
|
|
|
|
f -> f.selector != sig:migrateFrom(address,bool,StakeManager.Account).selector
|
|
|
|
}
|
|
|
|
|
2024-01-24 09:39:04 +01:00
|
|
|
rule reachability(method f)
|
|
|
|
{
|
|
|
|
calldataarg args;
|
|
|
|
env e;
|
|
|
|
f(e,args);
|
|
|
|
satisfy true;
|
|
|
|
}
|
|
|
|
|
2024-03-12 16:08:28 +01:00
|
|
|
rule stakingMintsMultiplierPoints1To1Ratio {
|
|
|
|
|
|
|
|
env e;
|
|
|
|
uint256 amount;
|
|
|
|
uint256 lockupTime;
|
|
|
|
uint256 multiplierPointsBefore;
|
|
|
|
uint256 multiplierPointsAfter;
|
|
|
|
|
|
|
|
requireInvariant InitialMPIsNeverSmallerThanBalance(e.msg.sender);
|
|
|
|
requireInvariant CurrentMPIsNeverSmallerThanInitialMP(e.msg.sender);
|
2024-10-03 00:24:12 -03:00
|
|
|
requireInvariant accountMPIsZeroIfBalanceIsZero(e.msg.sender);
|
2024-03-12 16:08:28 +01:00
|
|
|
|
|
|
|
require getAccountLockUntil(e.msg.sender) <= e.block.timestamp;
|
|
|
|
|
2024-06-25 12:48:23 +02:00
|
|
|
multiplierPointsBefore = getAccountBonusMultiplierPoints(e.msg.sender);
|
2024-03-12 16:08:28 +01:00
|
|
|
stake(e, amount, lockupTime);
|
2024-06-25 12:48:23 +02:00
|
|
|
multiplierPointsAfter = getAccountBonusMultiplierPoints(e.msg.sender);
|
2024-03-12 16:08:28 +01:00
|
|
|
|
|
|
|
assert lockupTime == 0 => to_mathint(multiplierPointsAfter) == multiplierPointsBefore + amount;
|
|
|
|
assert to_mathint(multiplierPointsAfter) >= multiplierPointsBefore + amount;
|
|
|
|
}
|
|
|
|
|
2024-03-12 14:13:52 +01:00
|
|
|
rule stakingGreaterLockupTimeMeansGreaterMPs {
|
|
|
|
|
|
|
|
env e;
|
|
|
|
uint256 amount;
|
|
|
|
uint256 lockupTime1;
|
|
|
|
uint256 lockupTime2;
|
|
|
|
uint256 multiplierPointsAfter1;
|
|
|
|
uint256 multiplierPointsAfter2;
|
|
|
|
|
|
|
|
storage initalStorage = lastStorage;
|
|
|
|
|
|
|
|
stake(e, amount, lockupTime1);
|
2024-06-25 12:48:23 +02:00
|
|
|
multiplierPointsAfter1 = getAccountBonusMultiplierPoints(e.msg.sender);
|
2024-03-12 14:13:52 +01:00
|
|
|
|
|
|
|
stake(e, amount, lockupTime2) at initalStorage;
|
2024-06-25 12:48:23 +02:00
|
|
|
multiplierPointsAfter2 = getAccountBonusMultiplierPoints(e.msg.sender);
|
2024-03-12 14:13:52 +01:00
|
|
|
|
|
|
|
assert lockupTime1 >= lockupTime2 => to_mathint(multiplierPointsAfter1) >= to_mathint(multiplierPointsAfter2);
|
|
|
|
satisfy to_mathint(multiplierPointsAfter1) > to_mathint(multiplierPointsAfter2);
|
|
|
|
}
|
|
|
|
|
2024-01-24 09:39:04 +01:00
|
|
|
/**
|
|
|
|
@title when there is no migration - some functions must revert.
|
|
|
|
Other function should have non reverting cases
|
|
|
|
**/
|
|
|
|
rule revertsWhenNoMigration(method f) {
|
|
|
|
calldataarg args;
|
|
|
|
env e;
|
|
|
|
require currentContract.migration == 0;
|
|
|
|
f@withrevert(e,args);
|
|
|
|
bool reverted = lastReverted;
|
|
|
|
if (!isMigrationfunction(f))
|
|
|
|
satisfy !reverted;
|
|
|
|
assert isMigrationfunction(f) => reverted;
|
|
|
|
}
|
2023-12-11 15:10:41 +01:00
|
|
|
|
2024-03-01 10:40:13 +01:00
|
|
|
// This rule is commented out as it's just a helper rule to easily see which
|
|
|
|
// functions change the balance of the `StakeManager` contract.
|
|
|
|
//
|
|
|
|
// rule whoChangeERC20Balance( method f ) filtered { f -> f.contract != staked }
|
|
|
|
// {
|
|
|
|
// address user;
|
|
|
|
// uint256 before = staked.balanceOf(user);
|
|
|
|
// calldataarg args;
|
|
|
|
// env e;
|
|
|
|
// f(e,args);
|
|
|
|
// assert before == staked.balanceOf(user);
|
|
|
|
// }
|
2024-01-24 16:07:23 +01:00
|
|
|
|
2024-03-04 16:23:47 +01:00
|
|
|
rule epochOnlyIncreases(method f) {
|
2024-01-24 16:07:23 +01:00
|
|
|
env e;
|
|
|
|
calldataarg args;
|
|
|
|
|
|
|
|
uint256 epochBefore = currentContract.currentEpoch;
|
|
|
|
|
|
|
|
f(e, args);
|
|
|
|
|
|
|
|
assert currentContract.currentEpoch >= epochBefore;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2024-09-28 15:21:43 -03:00
|
|
|
//TODO codehash / isTrustedCodehash
|
2024-01-24 16:07:23 +01:00
|
|
|
/*
|
|
|
|
ghost mapping(address => bytes32) codehash;
|
|
|
|
|
|
|
|
hook EXTCODEHASH(address a) bytes32 hash {
|
|
|
|
require hash == codehash[a];
|
|
|
|
}
|
|
|
|
|
|
|
|
rule checksCodeHash(method f) filtered {
|
|
|
|
f -> requiresVault(f)
|
|
|
|
} {
|
|
|
|
env e;
|
|
|
|
|
2024-09-28 15:21:43 -03:00
|
|
|
bool isWhitelisted = isTrustedCodehash(codehash[e.msg.sender]);
|
2024-01-24 16:07:23 +01:00
|
|
|
f(e);
|
|
|
|
|
|
|
|
assert isWhitelisted;
|
|
|
|
}
|
|
|
|
*/
|