mirror of https://github.com/logos-co/staking.git
fix(specs): make `sumOfMultiplierPointsIsMultiplierpoints` work again
This invariant failed as the prover started making wrong assumptions about the relationship between anyone's account's `totalMP` and its `balance`, as well as an account's `bonusMP` and its `balance`. This commit fixes it by adding the necessary invariants to proof the property.
This commit is contained in:
parent
df0257c343
commit
feb6dd1530
|
@ -94,6 +94,12 @@ invariant highEpochsAreNull(uint256 epochNumber)
|
|||
m -> !requiresPreviousManager(m) && !requiresNextManager(m)
|
||||
}
|
||||
|
||||
invariant accountBonusMPIsZeroIfBalanceIsZero(address addr)
|
||||
to_mathint(getAccountBalance(addr)) == 0 => to_mathint(getAccountBonusMultiplierPoints(addr)) == 0
|
||||
filtered {
|
||||
f -> f.selector != sig:migrateFrom(address,bool,StakeManager.Account).selector
|
||||
}
|
||||
|
||||
invariant accountMPIsZeroIfBalanceIsZero(address addr)
|
||||
to_mathint(getAccountBalance(addr)) == 0 => to_mathint(getAccountCurrentMultiplierPoints(addr)) == 0
|
||||
filtered {
|
||||
|
|
Loading…
Reference in New Issue