This repository contains the CT-Wasm model and mechanized proofs of soundness and security.
The CT-WASM Isabelle model may be found in CT-WASM_model.
Lemmas/definitions mentioned in paper, in order of appearance:
Running the proofs
To run the proofs end-to-end, Isabelle2017 is required; you can download an archive from: https://isabelle.in.tum.de/website-Isabelle2017/index.html
We provide a ROOT file to run all proofs and generate a summary document.
With Isabelle downloaded, run:
git clone email@example.com:PLSysSec/ct-wasm-proofs.git cd ct-wasm-proofs/CT-WASM_model <.../bin/isabelle> build -D ./
isabellebinary you want to use if you downloaded Isabelle from the above link lives in the
bindirectory. (The binary that lives in the top-level directory is for the IDE and NOT what you want.)
Note: This build will take a very long time due to the need to bootstrap the full Isabelle environment on the first execution.
Moreover, note that existing ROOT files from previous installations of Isabelle2017 may interfere with the build. These may have to be deleted from the
.isabellefolder that will have been left somewhere in the home directory.
Running the above commands will produce:
- Summary documents in the
- Executable type checker
For convenience, we supply a pre-built type checker, session graph, and summary document in the prebuilt folder.
For convenience, we provide a docker image to run the proofs without setting up Isabelle in your own environment. Simply run:
This will produce the same artifacts as the local instructions.