Finish Ownable and Ownable2Step

certora/diff/access_Ownable.sol.patch

@@ -0,0 +1,11 @@
+--- access/Ownable.sol	2023-08-09 11:45:05
++++ access/Ownable.sol	2023-08-11 11:37:19
+@@ -1,7 +1,7 @@
+ // SPDX-License-Identifier: MIT
+ // OpenZeppelin Contracts (last updated v4.9.0) (access/Ownable.sol)
+ 
+-pragma solidity ^0.8.20;
++pragma solidity ^0.8.19;
+ 
+ import {Context} from "../utils/Context.sol";
+ 

certora/diff/access_Ownable2Step.sol.patch

@@ -0,0 +1,11 @@
+--- access/Ownable2Step.sol	2023-08-09 11:45:05
++++ access/Ownable2Step.sol	2023-08-11 11:37:27
+@@ -1,7 +1,7 @@
+ // SPDX-License-Identifier: MIT
+ // OpenZeppelin Contracts (last updated v4.9.0) (access/Ownable2Step.sol)
+ 
+-pragma solidity ^0.8.20;
++pragma solidity ^0.8.19;
+ 
+ import {Ownable} from "./Ownable.sol";
+ 

certora/harnesses/Ownable2StepHarness.sol

@@ -1,9 +1,11 @@
 // SPDX-License-Identifier: MIT
 
-pragma solidity ^0.8.20;
+pragma solidity ^0.8.19;
 
-import "../patched/access/Ownable2Step.sol";
+import {Ownable2Step, Ownable} from "../patched/access/Ownable2Step.sol";
 
 contract Ownable2StepHarness is Ownable2Step {
-  function restricted() external onlyOwner {}
+    constructor(address initialOwner) Ownable(initialOwner) {}
+
+    function restricted() external onlyOwner {}
 }

certora/harnesses/OwnableHarness.sol

@@ -1,9 +1,11 @@
 // SPDX-License-Identifier: MIT
 
-pragma solidity ^0.8.20;
+pragma solidity ^0.8.19;
 
-import "../patched/access/Ownable.sol";
+import {Ownable} from "../patched/access/Ownable.sol";
 
 contract OwnableHarness is Ownable {
-  function restricted() external onlyOwner {}
+    constructor(address initialOwner) Ownable(initialOwner) {}
+
+    function restricted() external onlyOwner {}
 }

certora/specs/Ownable.spec

@@ -1,8 +1,8 @@
-import "helpers/helpers.spec"
-import "methods/IOwnable.spec"
+import "helpers/helpers.spec";
+import "methods/IOwnable.spec";
 
 methods {
-    restricted()
+    function restricted() external;
 }
 
 /*
@@ -26,7 +26,6 @@ rule transferOwnership(env e) {
 /*
 ┌─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┐
 │ Function correctness: renounceOwnership removes the owner                                                           │
-
 └─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘
 */
 rule renounceOwnership(env e) {
@@ -72,7 +71,7 @@ rule onlyOwnerOrPendingOwnerCanChangeOwnership(env e) {
 
     // If owner changes, must be either transferOwnership or renounceOwnership
     assert oldCurrent != newCurrent => (
-        (e.msg.sender == oldCurrent && newCurrent != 0 && f.selector == transferOwnership(address).selector) ||
-        (e.msg.sender == oldCurrent && newCurrent == 0 && f.selector == renounceOwnership().selector)
+        (e.msg.sender == oldCurrent && newCurrent != 0 && f.selector == sig:transferOwnership(address).selector) ||
+        (e.msg.sender == oldCurrent && newCurrent == 0 && f.selector == sig:renounceOwnership().selector)
     );
 }

certora/specs/Ownable2Step.spec

@@ -1,8 +1,8 @@
-import "helpers/helpers.spec"
-import "methods/IOwnable2Step.spec"
+import "helpers/helpers.spec";
+import "methods/IOwnable2Step.spec";
 
 methods {
-    restricted()
+    function restricted() external;
 }
 
 /*
@@ -95,14 +95,14 @@ rule ownerOrPendingOwnerChange(env e, method f) {
 
     // If owner changes, must be either acceptOwnership or renounceOwnership
     assert oldCurrent != newCurrent => (
-        (e.msg.sender == oldPending && newCurrent == oldPending && newPending == 0 && f.selector == acceptOwnership().selector) ||
-        (e.msg.sender == oldCurrent && newCurrent == 0          && newPending == 0 && f.selector == renounceOwnership().selector)
+        (e.msg.sender == oldPending && newCurrent == oldPending && newPending == 0 && f.selector == sig:acceptOwnership().selector) ||
+        (e.msg.sender == oldCurrent && newCurrent == 0          && newPending == 0 && f.selector == sig:renounceOwnership().selector)
     );
 
     // If pending changes, must be either acceptance or reset
     assert oldPending != newPending => (
-        (e.msg.sender == oldCurrent && newCurrent == oldCurrent &&                    f.selector == transferOwnership(address).selector) ||
-        (e.msg.sender == oldPending && newCurrent == oldPending && newPending == 0 && f.selector == acceptOwnership().selector) ||
-        (e.msg.sender == oldCurrent && newCurrent == 0          && newPending == 0 && f.selector == renounceOwnership().selector)
+        (e.msg.sender == oldCurrent && newCurrent == oldCurrent &&                    f.selector == sig:transferOwnership(address).selector) ||
+        (e.msg.sender == oldPending && newCurrent == oldPending && newPending == 0 && f.selector == sig:acceptOwnership().selector) ||
+        (e.msg.sender == oldCurrent && newCurrent == 0          && newPending == 0 && f.selector == sig:renounceOwnership().selector)
     );
 }

certora/specs/methods/IOwnable.spec

@@ -1,5 +1,5 @@
 methods {
-    owner() returns (address) envfree
-    transferOwnership(address)
-    renounceOwnership()
+    function owner() external returns (address) envfree;
+    function transferOwnership(address) external;
+    function renounceOwnership() external;
 }

certora/specs/methods/IOwnable2Step.spec

@@ -1,7 +1,7 @@
 methods {
-    owner() returns (address) envfree
-    pendingOwner() returns (address) envfree
-    transferOwnership(address)
-    acceptOwnership()
-    renounceOwnership()
+    function owner() external returns (address) envfree;
+    function pendingOwner() external returns (address) envfree;
+    function transferOwnership(address) external;
+    function acceptOwnership() external;
+    function renounceOwnership() external;
 }