Skip to content
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

CT-Wasm Proofs

This repository contains the CT-Wasm model and mechanized proofs of soundness and security.

The CT-WASM Isabelle model may be found in CT-WASM_model.

Lemmas/definitions mentioned in paper, in order of appearance:

Running the proofs

To run the proofs end-to-end, Isabelle2017 is required; you can download an archive from:

We provide a ROOT file to run all proofs and generate a summary document.

With Isabelle downloaded, run:

git clone
cd ct-wasm-proofs/CT-WASM_model
<.../bin/isabelle> build -D ./

Note: the isabelle binary you want to use if you downloaded Isabelle from the above link lives in the bin directory. (The binary that lives in the top-level directory is for the IDE and NOT what you want.)

Note: This build will take a very long time due to the need to bootstrap the full Isabelle environment on the first execution.

Moreover, note that existing ROOT files from previous installations of Isabelle2017 may interfere with the build. These may have to be deleted from the .isabelle folder that will have been left somewhere in the home directory.

Running the above commands will produce:

  • Summary documents in the CT-WASM_model/output directory.
  • Executable type checker CT-WASM_model/Wasm_Printing/Wasm_Extracted/

For convenience, we supply a pre-built type checker, session graph, and summary document in the prebuilt folder.

Using docker

For convenience, we provide a docker image to run the proofs without setting up Isabelle in your own environment. Simply run:


This will produce the same artifacts as the local instructions.


Proofs about the soundness and timing properties of CT-Wasm



No releases published


No packages published

Contributors 4