mirror of https://github.com/logos-co/staking.git
fix(StakeManager.spec): change `simplification()` to assume no prev manager
`simplification()` is used to have some rules make certain assumptions so that they can pass. We need an additional simplification, stating that `oldManager == address(0)`. This means `oldManager` isn't set, meaning no `migrationInitialize()` and similar functions have a non-reverting path.
This commit is contained in:
parent
e9f0077488
commit
0708bdd846
|
@ -33,8 +33,10 @@ function isMigrationfunction(method f) returns bool {
|
||||||
|
|
||||||
/* assume that migration is zero, causing the verification to take into account only
|
/* assume that migration is zero, causing the verification to take into account only
|
||||||
cases where it is zero. specifically no externall call to the migration contract */
|
cases where it is zero. specifically no externall call to the migration contract */
|
||||||
function simplification() {
|
function simplification(env e) {
|
||||||
require currentContract.migration == 0;
|
require currentContract.migration == 0;
|
||||||
|
require currentContract.oldManager() == 0;
|
||||||
|
require e.msg.sender != 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
ghost mathint sumOfEpochRewards
|
ghost mathint sumOfEpochRewards
|
||||||
|
@ -63,13 +65,17 @@ hook Sstore accounts[KEY address addr].currentMP uint256 newValue (uint256 oldVa
|
||||||
sumOfMultipliers = sumOfMultipliers - oldValue + newValue;
|
sumOfMultipliers = sumOfMultipliers - oldValue + newValue;
|
||||||
}
|
}
|
||||||
|
|
||||||
invariant sumOfBalancesIsStakeSupply()
|
invariant sumOfBalancesIsTotalSupplyBalance()
|
||||||
sumOfBalances == to_mathint(totalSupplyBalance());
|
sumOfBalances == to_mathint(totalSupplyBalance())
|
||||||
|
{ preserved with (env e) {
|
||||||
|
simplification(e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
invariant sumOfMultipliersIsMultiplierSupply()
|
invariant sumOfMultipliersIsMultiplierSupply()
|
||||||
sumOfMultipliers == to_mathint(totalSupplyMP())
|
sumOfMultipliers == to_mathint(totalSupplyMP())
|
||||||
{ preserved with () {
|
{ preserved with (env e) {
|
||||||
simplification();
|
simplification(e);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -81,7 +87,11 @@ invariant sumOfEpochRewardsIsPendingRewards()
|
||||||
}
|
}
|
||||||
|
|
||||||
invariant highEpochsAreNull(uint256 epochNumber)
|
invariant highEpochsAreNull(uint256 epochNumber)
|
||||||
epochNumber >= currentContract.currentEpoch => currentContract.epochs[epochNumber].epochReward == 0;
|
epochNumber >= currentContract.currentEpoch => currentContract.epochs[epochNumber].epochReward == 0
|
||||||
|
{ preserved with (env e) {
|
||||||
|
simplification(e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
rule reachability(method f)
|
rule reachability(method f)
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue