Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(Certora specs): ensure prover runs rules on currentContract #75

Merged
merged 1 commit into from
Mar 1, 2024
Merged

fix(Certora specs): ensure prover runs rules on currentContract #75

merged 1 commit into from
Mar 1, 2024

Conversation

0x-r4bbit
Copy link
Collaborator

Since we're implementing rules for StakeManager migrations, we need multiple instances inside the certora specs.

This results in the prover trying to run rules on the other StakeManager instance as well, which isn't always desired, as it causes some rules to fail, even though they'd pass if they'd be executed only on the currentContract.

This commit makes the filter condition for relevant rules stronger, such that the prover will not run them on the newStakeManager contract instance.

Checklist

Ensure you completed all of the steps below before submitting your pull request:

  • Added natspec comments?
  • Ran forge snapshot?
  • Ran pnpm gas-report?
  • Ran pnpm lint?
  • Ran forge test?
  • Ran pnpm verify?

@0x-r4bbit 0x-r4bbit requested a review from 3esmit March 1, 2024 10:48
@0x-r4bbit 0x-r4bbit force-pushed the fix/certora-compile branch 2 times, most recently from b81e370 to 109b684 Compare March 1, 2024 12:18
@0x-r4bbit 0x-r4bbit changed the base branch from fix/certora-compile to chore/certora-rule-comment March 1, 2024 12:20
@0x-r4bbit
fix(Certora specs): ensure prover runs rules on currentContract
ad224c4 
Since we're implementing rules for `StakeManager` migrations, we need
multiple instances inside the certora specs.

This results in the prover trying to run rules on the other
`StakeManager` instance as well, which isn't always desired,
as it causes some rules to fail, even though they'd pass if they'd be
executed only on the `currentContract`.

This commit makes the filter condition for relevant rules stronger, such
that the prover will not run them on the `newStakeManager` contract
instance.
3esmit
3esmit approved these changes Mar 1, 2024
View reviewed changes
Copy link
Collaborator

@3esmit 3esmit left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This makes sense, caused by the new modifier blocking calls while in migration:

    /**
     * @notice Only callable when migration is not initialized.
     */
    modifier noMigration() {
        if (address(migration) != address(0)) {
            revert StakeManager__PendingMigration();
        }
        _;
    }

As the prover would havoc the address storage of migration StakeManager public migration, this would impact the call of function startMigration(StakeManager _migration) external, which after refactor uses this new modifier noMigration .

@3esmit 3esmit merged commit 450831a into chore/certora-rule-comment Mar 1, 2024
6 of 7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@3esmit 3esmit 3esmit approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@0x-r4bbit @3esmit