Open nrryuya opened 5 years ago
@nrryuya are you asking about what the correct implementation of keccak
is?
When doing proofs, we actually don't execute this function, only when doing concrete
execution. Instead, we hold it as an uninterpereted function symbol (which we instruct with smtlib(smt_keccak)
), and add lemmas about it being "injective enough" if needed.
#keccak(CALLER_ID: 0: CALL_VALUE)
I tried adding this in verificaton.k (like casper and gnosis) but deposit-succ spec don't pass.
syntax Int ::= symkeccak ( Int ) [function, smtlib(smt_symkeccak)]
// -------------------------------------------------------------------
rule keccak(WS) => symkeccak(#asWord(WS)) requires notBool #isConcrete(WS)
rule 0 <=Int symkeccak(N) => true
rule symkeccak(N) <Int pow256 => true
keccak serves as a wrapper around the Keccak256 in KRYPTO.
getTransactionHash
(actually don't verify hash function, just abstract it) https://github.com/runtimeverification/verified-smart-contracts/blob/master/gnosis/gnosis-spec.ini#L215