NoBey/openzeppelin-contracts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'certora/erc20' of github.com:Certora/openzeppelin-contracts into

Browse Source 
remotes/origin/certora/erc20
This commit is contained in:
Nick Armstrong
2022-03-28 12:07:21 -07:00
parent 3f1ee39910 4b9500cf25
commit 4c74b2951d
5 changed files with 18 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
certora/munged/token/ERC20/extensions/ERC20FlashMint.sol
View File

@ -72,7 +72,7 @@ abstract contract ERC20FlashMint is ERC20, IERC3156FlashLender {
uint256 fee = flashFee(token, amount); uint256 fee = flashFee(token, amount);
_mint(address(receiver), amount); _mint(address(receiver), amount);
require( require(
receiver.onFlashLoan(msg.sender, token, amount, fee, data) == _RETURN_VALUE, // HAVOC_ALL receiver.onFlashLoan(msg.sender, token, amount, fee, data) == _RETURN_VALUE,
"ERC20FlashMint: invalid return value" "ERC20FlashMint: invalid return value"
); );
uint256 currentAllowance = allowance(address(receiver), address(this)); uint256 currentAllowance = allowance(address(receiver), address(this));

2
certora/scripts/verifyERC20FlashMint.sh
View File

@ -6,5 +6,5 @@ certoraRun \
--optimistic_loop \ --optimistic_loop \
--staging \ --staging \
--rule_sanity \ --rule_sanity \
--msg "letsWatchItBurns" --msg "flashMint"

2
certora/scripts/verifyERC20Wrapper.sh
View File

@ -6,5 +6,5 @@ certoraRun \
--optimistic_loop \ --optimistic_loop \
--staging \ --staging \
--rule_sanity \ --rule_sanity \
--msg "all check" --msg "wrapper spec sanity check fixes"

28
certora/specs/ERC20Wrapper.spec
View File

@ -19,24 +19,22 @@ invariant whatAboutTotal(env e)
{ {
preserved { preserved {
require underlyingBalanceOf(currentContract) <= underlyingTotalSupply(); require underlyingBalanceOf(currentContract) <= underlyingTotalSupply();
require underlying() != currentContract;
} }
preserved depositFor(address account, uint256 amount) with (env e2){ preserved depositFor(address account, uint256 amount) with (env e2){
require underlyingBalanceOf(currentContract) <= underlyingTotalSupply();
require totalSupply(e) + amount <= underlyingTotalSupply(); require totalSupply(e) + amount <= underlyingTotalSupply();
require underlying() != currentContract;
} }
} }
// STATUS - in progress // STATUS - verified
// https://vaas-stg.certora.com/output/3106/a5f4943cd2987dccab94/?anonymousKey=9428fb1588845c0222c2abe5b00dedd59c925870
// totalsupply of wrapped should be less than or equal to the underlying balanceOf contract (assuming no external transfer) - solvency // totalsupply of wrapped should be less than or equal to the underlying balanceOf contract (assuming no external transfer) - solvency
invariant underTotalAndContractBalanceOfCorrelation(env e) invariant underTotalAndContractBalanceOfCorrelation(env e)
totalSupply(e) <= underlyingBalanceOf(currentContract) totalSupply(e) <= underlyingBalanceOf(currentContract)
{ {
preserved { preserved with (env e2) {
require underlying() != currentContract; require underlying() != currentContract;
require e.msg.sender != currentContract;
require e.msg.sender == e2.msg.sender;
} }
} }
@ -65,10 +63,12 @@ rule depositForSpecBasic(env e){
} }
// STATUS - verified
// check correct values update by depositFor()
rule depositForSpecWrapper(env e){ rule depositForSpecWrapper(env e){
address account; uint256 amount; address account; uint256 amount;
require e.msg.sender != currentContract; // require e.msg.sender != currentContract;
require underlying() != currentContract; require underlying() != currentContract;
uint256 wrapperUserBalanceBefore = balanceOf(e, account); uint256 wrapperUserBalanceBefore = balanceOf(e, account);
@ -87,6 +87,8 @@ rule depositForSpecWrapper(env e){
} }
// STATUS - verified
// check correct values update by depositFor()
rule depositForSpecUnderlying(env e){ rule depositForSpecUnderlying(env e){
address account; uint256 amount; address account; uint256 amount;
@ -118,7 +120,6 @@ rule depositForSpecUnderlying(env e){
rule withdrawToSpecBasic(env e){ rule withdrawToSpecBasic(env e){
address account; uint256 amount; address account; uint256 amount;
require e.msg.sender != currentContract;
require underlying() != currentContract; require underlying() != currentContract;
uint256 wrapperTotalBefore = totalSupply(e); uint256 wrapperTotalBefore = totalSupply(e);
@ -134,10 +135,11 @@ rule withdrawToSpecBasic(env e){
} }
// STATUS - verified
// check correct values update by withdrawTo()
rule withdrawToSpecWrapper(env e){ rule withdrawToSpecWrapper(env e){
address account; uint256 amount; address account; uint256 amount;
require e.msg.sender != currentContract;
require underlying() != currentContract; require underlying() != currentContract;
uint256 wrapperUserBalanceBefore = balanceOf(e, account); uint256 wrapperUserBalanceBefore = balanceOf(e, account);
@ -156,6 +158,8 @@ rule withdrawToSpecWrapper(env e){
} }
// STATUS - verified
// check correct values update by withdrawTo()
rule withdrawToSpecUnderlying(env e){ rule withdrawToSpecUnderlying(env e){
address account; uint256 amount; address account; uint256 amount;
@ -187,15 +191,11 @@ rule withdrawToSpecUnderlying(env e){
// STATUS - verified // STATUS - verified
// check correct values update by _recover() // check correct values update by _recover()
rule recoverSpec(env e){ rule recoverSpec(env e){
address account; uint256 amount; // e.msg.sender address account; uint256 amount;
require underlying() != currentContract;
require e.msg.sender != currentContract;
uint256 wrapperTotalBefore = totalSupply(e); uint256 wrapperTotalBefore = totalSupply(e);
uint256 wrapperUserBalanceBefore = balanceOf(e, account); uint256 wrapperUserBalanceBefore = balanceOf(e, account);
uint256 wrapperSenderBalanceBefore = balanceOf(e, e.msg.sender); uint256 wrapperSenderBalanceBefore = balanceOf(e, e.msg.sender);
uint256 underlyingThisBalanceBefore = underlyingBalanceOf(currentContract); uint256 underlyingThisBalanceBefore = underlyingBalanceOf(currentContract);
mathint value = underlyingThisBalanceBefore - wrapperTotalBefore; mathint value = underlyingThisBalanceBefore - wrapperTotalBefore;

16
certora/specs/TimelockController.spec
View File

@ -177,20 +177,6 @@ rule minDealyOnlyChange(method f, env e){
} }
// STATUS - verified
// Only proposers can schedule an operation
rule scheduleOnlyWay(method f, env e){
uint256 delayBefore = _minDelay();
calldataarg args;
f(e, args);
uint256 delayAfter = _minDelay();
assert delayBefore != delayAfter => e.msg.sender == currentContract, "You cannot change your destiny! Only I can!";
}
// STATUS - in progress (need working hash) // STATUS - in progress (need working hash)
// execute() is the only way to set timestamp to 1 // execute() is the only way to set timestamp to 1
rule getTimestampOnlyChange(method f, env e){ rule getTimestampOnlyChange(method f, env e){
@ -291,7 +277,7 @@ rule cancelledNotExecuted(method f, env e){
} }
// STATUS - in progress // STATUS - in progress (add schedule batch)
// Only proposers can schedule an operation // Only proposers can schedule an operation
rule onlyProposer(method f, env e){ rule onlyProposer(method f, env e){
bytes32 id; bytes32 id;