Skip to content

Formally prove the correctness of Sqrt.sol and Cbrt.sol #511

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
duncancmt wants to merge 549 commits into
base: dcmt/cbrt512
Choose a base branch
from
Open

Formally prove the correctness of Sqrt.sol and Cbrt.sol #511

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
549 commits
Select commit Hold shift + click to select a range
909863c
test: add regressions from 27fd23a5 review
duncancmt Mar 11, 2026
0bca759
fix: constant-fold leave-bearing switch in helper inlining, per-model…
duncancmt Mar 11, 2026
5fc25dc
fix: skip dead code after leave in bare block (WS-L)
duncancmt Mar 11, 2026
00da622
fix: dead-code-aware reference analysis in _scope_references_any (WS2…
duncancmt Mar 11, 2026
9ffbc2b
fix: helper scope frames, nested collection, duplicate detection, alp…
duncancmt Mar 11, 2026
d713e92
fix: SSA count for zero-init returns + constant-fold in helper inlini…
duncancmt Mar 11, 2026
b49193b
fix: constant-fold if/switch at parse time to allow dead-branch memor…
duncancmt Mar 11, 2026
a304784
test: add regressions from fix review
duncancmt Mar 11, 2026
3036846
fix: 4 bugs from a3047843 review — nested homonym, rejected duplicate…
duncancmt Mar 11, 2026
8d212d5
fix: normalize exact selectors and helper shadowing
duncancmt Mar 11, 2026
67d54ca
refactor: centralize lean emission planning
duncancmt Mar 11, 2026
5bc1db2
refactor: parse helper references by lexical scope
duncancmt Mar 11, 2026
95ab6bf
refactor: extract _TokenReader base class, document find_function dis…
duncancmt Mar 12, 2026
2a9cd1c
refactor: extract _classify_if_fold to normalize if/switch constant-f…
duncancmt Mar 12, 2026
42cb11e
test: cover regressions from if fold review
duncancmt Mar 12, 2026
f267a24
fix: scope-preserving constant-true lowering in yul_function_to_model
duncancmt Mar 12, 2026
77b358b
test: cover regressions from constant true merge fix
duncancmt Mar 12, 2026
81fbeb4
fix: lexical-scope lowering for constant-folded live branches
duncancmt Mar 12, 2026
3e970d6
test: cover more live branch lowering regressions
duncancmt Mar 12, 2026
998ec5d
fix: add PlainAssignment.is_declaration for binding-kind-driven scope
duncancmt Mar 12, 2026
08d7ed4
test: cover more declaration lifetime regressions
duncancmt Mar 12, 2026
54e4d68
fix: track block-local scope as a name set, not per-statement flag
duncancmt Mar 12, 2026
b0e9b39
test: cover remaining lexical scope regressions
duncancmt Mar 12, 2026
35ef714
fix: lexical scope engine driven by is_declaration across all lowerin…
duncancmt Mar 12, 2026
dd57b53
test: bare-block alpha-rename must not collide with user identifiers
duncancmt Mar 12, 2026
e084a04
fix: collision-safe bare-block alpha-renaming via _gensym avoid set
duncancmt Mar 12, 2026
1c79a12
chore: remove working plan files
duncancmt Mar 12, 2026
694c4b2
refactor: replace synthetic __ite/__component call encodings with exp…
duncancmt Mar 12, 2026
a7e98d6
feat: scope-aware expression-statement tracking for dead-branch elimi…
duncancmt Mar 13, 2026
020dcbd
test: cover branch expr stmt regressions
duncancmt Mar 13, 2026
10edc85
fix: DRY scope-aware expr_stmt isolation via _parse_scoped_body helper
duncancmt Mar 13, 2026
7de4c54
style: apply black formatting to formal/ Python files
duncancmt Mar 13, 2026
af8874e
fix: resolve all mypy errors in formal/ Python files
duncancmt Mar 13, 2026
675ab59
refactor: replace _unreachable_expr/_unreachable_stmt with assert_never
duncancmt Mar 13, 2026
b9ad46d
Simplify
duncancmt Mar 13, 2026
7c90ace
fix: add constant propagation to _inline_yul_function
duncancmt Mar 13, 2026
6f5b5a5
test: add yul-to-lean regression cases
duncancmt Mar 25, 2026
ffb417b
fix: resolve 5 bugs in yul_to_lean.py exposed by regression tests
duncancmt Mar 25, 2026
aa40220
test: cover branch-local return shadow reassignment bug
duncancmt Mar 25, 2026
755b74f
fix: track branch-local scope in _branch_definitely_initializes_var
duncancmt Mar 25, 2026
cb14078
fix: align branch read analysis with local scope
duncancmt Mar 25, 2026
0fbe42c
test: add yul_to_lean regression coverage
duncancmt Mar 25, 2026
62f24d0
fix: resolve 4 bugs in yul_to_lean.py exposed by new regression tests
duncancmt Mar 25, 2026
06146f1
test: cover constant-switch parser regressions
duncancmt Mar 25, 2026
2b8cd4e
fix: relax constant-switch validation to branch-count and shape agnostic
duncancmt Mar 25, 2026
9e2918f
test: cover malformed constant-switch regressions
duncancmt Mar 25, 2026
ff03db8
fix: add targeted validation for constant-folded switch branches
duncancmt Mar 25, 2026
56e1a89
test: cover nonliteral switch case regression
duncancmt Mar 25, 2026
36caf10
fix: enforce literal-only case labels per Yul grammar
duncancmt Mar 25, 2026
500cc92
test: cover wrapped switch case literals
duncancmt Mar 25, 2026
713c65a
fix: wrap case literals to u256 in _parse_case_literal
duncancmt Mar 25, 2026
313250f
test: cover critical yul_to_lean regressions
duncancmt Mar 25, 2026
94d5d85
fix: restore scope invariants, nested helper collection, and selector…
duncancmt Mar 26, 2026
b67c7df
test: cover post-fix scope regressions
duncancmt Mar 26, 2026
44fa9dd
fix: structural scope fixes for conditionals and helper resolution
duncancmt Mar 26, 2026
1a64acc
test: cover remaining parser-scope regressions
duncancmt Mar 26, 2026
8d2b4e7
fix: add duplicate detection and mstore_sink deferral for scope-local…
duncancmt Mar 26, 2026
1931a5c
test: cover nested exact-from local helper regression
duncancmt Mar 26, 2026
f3a1bcd
fix: propagate deferred helpers and preserve usr$ bindings in flattening
duncancmt Mar 26, 2026
dc5ebf2
test: cover deferred exact-from scope regressions
duncancmt Mar 26, 2026
56ea4ec
fix: scope-local tracking and duplicate detection for deferred helpers
duncancmt Mar 26, 2026
4a0d29e
test: cover deferred helper shadowing regressions
duncancmt Mar 26, 2026
72add52
fix: deferred helper merge uses inner-overrides-outer shadowing
duncancmt Mar 26, 2026
3d26986
test: cover deferred helper post-scope regressions
duncancmt Mar 26, 2026
37ec414
fix: alpha-rename deferred helpers to unique binding identities
duncancmt Mar 26, 2026
78c5ace
test: cover deferred helper loss in collected helpers
duncancmt Mar 26, 2026
9bf22d7
fix: surface deferred helpers through CollectedFunctions
duncancmt Mar 26, 2026
daba07f
test: cover exact-from binding loss in helper inlining
duncancmt Mar 26, 2026
3fcfce9
fix: skip scope-local inlining for helpers that depend on deferred calls
duncancmt Mar 26, 2026
49a5de0
test: cover nested helper chain exact-from regression
duncancmt Mar 26, 2026
9490767
fix: treat deferred-dependent helpers as deferred, not silently skipped
duncancmt Mar 26, 2026
d618ad5
test: cover same-scope exact-from helper regression
duncancmt Mar 26, 2026
d84a2d8
fix: two-phase helper processing — collect all, then classify
duncancmt Mar 26, 2026
1ff2b4e
test: cover conditional exact-from helper classification
duncancmt Mar 26, 2026
6e3d5cd
fix: classify helper purity from full statement tree, not expressions…
duncancmt Mar 26, 2026
2d58bac
test: cover exact-from helper condition regression
duncancmt Mar 27, 2026
44c8e0b
fix: pass mstore_sink when inlining helper if/switch conditions
duncancmt Mar 27, 2026
4d2e877
test: cover nested deferred helper condition regression
duncancmt Mar 27, 2026
38d02e7
fix: export deferred helpers as a closed dependency subgraph
duncancmt Mar 27, 2026
1202813
test: cover nested rejected helper in deferred export
duncancmt Mar 27, 2026
86f814b
fix: propagate rejected helper closure alongside deferred helpers
duncancmt Mar 27, 2026
7fa54cd
test: cover rejected helper shadowing in deferred export
duncancmt Mar 27, 2026
52b702a
fix: alpha-rename rejected helper references in deferred export
duncancmt Mar 27, 2026
8ba13b0
test: cover deferred rejected helper diagnostics
duncancmt Mar 27, 2026
b4147d9
fix: structured rejection data for deferred helper diagnostics
duncancmt Mar 27, 2026
dfc9acd
refactor: unify rejected helper metadata
duncancmt Mar 27, 2026
25fb660
fix: satisfy yul-to-lean unit workflow
duncancmt Mar 27, 2026
8dcdaa7
test: add yul conditional lowering regressions
duncancmt Mar 27, 2026
899c3e9
fix: enable SSA inside conditional branches
duncancmt Mar 27, 2026
57c76d3
test: cover remaining conditional lowering regressions
duncancmt Mar 27, 2026
eb14d83
fix: raw-slot-based conditional merge replaces clean-name-based merge
duncancmt Mar 27, 2026
1f44322
test: add yul_to_lean review regressions
duncancmt Mar 27, 2026
2d34ac1
fix: for-loop reachability and deferred helper deduplication
duncancmt Mar 27, 2026
2c322d5
test: cover deferred helper dedup shadowing regression
duncancmt Mar 27, 2026
4e3987d
fix: dedup deferred helpers by token_idx, not yul_name
duncancmt Mar 27, 2026
1ca5a33
test: cover nested exact-target deferred helper duplication
duncancmt Mar 27, 2026
42d7040
fix: absolute token_idx via base offset for lexical identity
duncancmt Mar 27, 2026
07a0726
refactor: simplify exact helper selection
duncancmt Mar 28, 2026
b498885
test: cover exact target homonym leakage
duncancmt Mar 28, 2026
9f9c042
refactor: unify function-def walkers and remove dead token_idx fallback
duncancmt Mar 28, 2026
fa637ba
test: cover selected exact homonym collision
duncancmt Mar 28, 2026
6acb448
fix: resolve selected-target calls by lexical identity, not bare name
duncancmt Mar 28, 2026
8c4a148
fix: resolve all mypy strict-mode errors in formal/
duncancmt Mar 28, 2026
b5d420e
test: cover selected block-local exact helper
duncancmt Mar 28, 2026
e34a4f3
fix: protect exact-selected targets from parse-time inlining
duncancmt Mar 28, 2026
fd6c66b
test: cover exact helper overprotection
duncancmt Mar 28, 2026
25edadb
fix: resolve protected token set with exact selection logic
duncancmt Mar 28, 2026
2cf9099
refactor: remove lossy fn_map from PreparedTranslation
duncancmt Mar 28, 2026
04c10f3
test: cover selected helper scope leak
duncancmt Mar 28, 2026
292bba7
fix: scope-correct renaming for protected selected helpers
duncancmt Mar 29, 2026
559ff81
refactor: resolve selected calls by binding identity
duncancmt Mar 29, 2026
63f4104
fix: resolve mypy and black lint in new tests
duncancmt Mar 29, 2026
101b22b
Add regressions for uncovered yul_to_lean bugs
duncancmt Mar 29, 2026
a302710
Merge branch 'dcmt/newton-raphson-optimization' into dcmt/codex-prove…
duncancmt Apr 7, 2026
da0d14b
Add Yul parser regression tests
duncancmt Apr 9, 2026
6efa596
fix: add binder validation, promote multi-assigned temps, validate mo…
duncancmt Apr 9, 2026
da2091f
refactor: introduce staged pipeline with syntax AST, parser, and bind…
duncancmt Apr 9, 2026
44b76d1
fix: enable variable reference resolution and correct span offsets
duncancmt Apr 9, 2026
485ed52
test: add regression tests for undefined-variable resolution and span…
duncancmt Apr 9, 2026
43ee5f8
feat: assign unique SymbolIds and classify call targets in resolver
duncancmt Apr 9, 2026
6f3a628
fix: variable bindings no longer shadow outer functions in call lookup
duncancmt Apr 9, 2026
fe9097f
fix: reject function declarations that shadow builtin opcode names
duncancmt Apr 9, 2026
d47a3ac
fix: reject cross-scope variable shadowing to match solc behavior
duncancmt Apr 9, 2026
d065d21
fix: enforce builtin-name rejection for all identifier declarations
duncancmt Apr 9, 2026
9d8ceee
feat: add TopLevelFunctionTarget, resolve_module, and module-level pr…
duncancmt Apr 9, 2026
47f84ed
fix: validate all object blocks, not just the first
duncancmt Apr 9, 2026
25221a9
Fix module pre-pass function grouping
duncancmt Apr 9, 2026
f7dfdd4
feat: add normalized imperative IR with lowering pass and evaluator
duncancmt Apr 9, 2026
40b4f1d
fix: correct four evaluator bugs in norm_eval.py
duncancmt Apr 9, 2026
eba9a99
fix: enforce Yul function scoping — no closures, sibling visibility
duncancmt Apr 9, 2026
7943217
fix: test_same_named_helpers now exercises two distinct g helpers
duncancmt Apr 9, 2026
89f44d5
feat: add helper/effect classification pass on normalized IR
duncancmt Apr 9, 2026
89bea4c
fix: four classification bugs in norm_classify.py
duncancmt Apr 9, 2026
0011ce4
cleanup: remove dead NBuiltinCall branch from _is_known_effect_call
duncancmt Apr 9, 2026
e4537ca
fix: use complete EVM builtins set for resolver, not just modeled ops
duncancmt Apr 9, 2026
d830390
docs: cite authoritative source for _EVM_BUILTINS, add missing diffic…
duncancmt Apr 9, 2026
d0f27fd
fix: target solc 0.8.34 builtins, add 4 missing Yul-specific ops
duncancmt Apr 9, 2026
db7aaeb
fix: transitive non-pure propagation and nested helper discovery
duncancmt Apr 9, 2026
5aec9fa
feat: pure helper inlining on normalized IR
duncancmt Apr 9, 2026
a612941
fix: rewrite inliner as recursive block-to-block transform
duncancmt Apr 9, 2026
ec6231a
fix: multi-case switch lowering and zero-return helper inlining
duncancmt Apr 9, 2026
0b1e559
fix: forbid effectful conditions, preserve args in void-call elimination
duncancmt Apr 9, 2026
1f4dcee
fix: restrict switch pre-normalization to pure helper bodies only
duncancmt Apr 9, 2026
98db08f
feat: add constant propagation and dead branch elimination pass
duncancmt Apr 9, 2026
0531ff5
test: add coverage for NExprEffect, NFor, NLeave, NBlock, NFunctionDe…
duncancmt Apr 9, 2026
369006f
feat: Phase 5C — leave-bearing helper inlining and uint512.from
duncancmt Apr 9, 2026
2820254
refactor: extract shared IR walker utilities into norm_walk.py
duncancmt Apr 9, 2026
5df339d
refactor: block-based inliner with InlineFragment and strategy enum
duncancmt Apr 9, 2026
b84c0d8
fix: nested BLOCK_INLINE/EFFECT_LOWER inlining and binder hygiene
duncancmt Apr 9, 2026
3d143cb
fix: for-loop condition_setup and full subtree freshening
duncancmt Apr 9, 2026
865a55b
fix: recursively rewrite block-inline preludes to inline nested helpers
duncancmt Apr 9, 2026
fbdfcf4
fix: make test helpers walk full IR tree for thorough coverage
duncancmt Apr 9, 2026
51fe243
feat: add memory model lowering pass (norm_memory.py)
duncancmt Apr 9, 2026
1377dfe
fix: reject memory ops inside control flow, add snapshot tests
duncancmt Apr 9, 2026
6ca7150
fix: complete memory model validation and value snapshotting
duncancmt Apr 9, 2026
0072a63
fix: reject memory ops in nested condition/discriminant positions
duncancmt Apr 10, 2026
e2955f5
feat: restricted IR with analysis-state memory elimination (Passes 7+8)
duncancmt Apr 10, 2026
f6e7dad
Fix restricted IR branch outputs and model calls
duncancmt Apr 10, 2026
2bf31f9
feat: SSA renaming + FunctionModel bridge (Pass 9)
duncancmt Apr 10, 2026
25edc80
fix: nested conditionals, SSA collision, name sanitization in pass 9
duncancmt Apr 10, 2026
c80b5a2
fix: delete unsound flattening, support recursive branches, fix calle…
duncancmt Apr 10, 2026
c091ff5
test: add regressions for unsound hoisting and missing module API
duncancmt Apr 10, 2026
072f597
fix: block-local model-call hoisting + module-wide naming API
duncancmt Apr 10, 2026
89edb70
test: add regressions for expr outputs, block-local CSE, NamePlan, tr…
duncancmt Apr 10, 2026
9870cbf
fix: expression outputs, block-local CSE, ModuleNamePlan, translate_m…
duncancmt Apr 10, 2026
40dce7a
Fix model bridge branch outputs and module API
duncancmt Apr 10, 2026
1d6bb25
test: add regressions for new pipeline wiring into translate_yul_to_m…
duncancmt Apr 10, 2026
e8767be
wip: wire translate_yul_to_models to new staged pipeline
duncancmt Apr 10, 2026
4e77143
docs: categorize 85 test failures from pipeline cutover
duncancmt Apr 10, 2026
e9ceef2
test: add regression tests for selection-aware staged pipeline
duncancmt Apr 10, 2026
a2b7b9a
feat: selection-aware staged pipeline with helper embedding
duncancmt Apr 10, 2026
587b627
fix: relax classifier to BLOCK_INLINE and reject surviving NExprEffect
duncancmt Apr 10, 2026
21c8cbe
fix: update test expectations for new pipeline error messages
duncancmt Apr 10, 2026
2147087
fix: update SSA naming and model structure expectations
duncancmt Apr 10, 2026
c0ce148
fix: strip dead code after leave in embedded helper bodies
duncancmt Apr 10, 2026
23b469f
Refactor staged pipeline selection and validation
duncancmt Apr 10, 2026
033657c
Tighten staged boundary and memory lowering
duncancmt Apr 10, 2026
e3ea4b9
Refine staged inline boundary policy
duncancmt Apr 10, 2026
cb18c8e
refactor: delete 1121 lines of dead legacy pipeline code
duncancmt Apr 10, 2026
c46563f
refactor: simplify API and delete dead tests + legacy scaffolding
duncancmt Apr 10, 2026
9223e52
fix: resolve all mypy and lint errors across formal/
duncancmt Apr 10, 2026
8e37bf7
fix: remove type: ignore comments from test assertions
duncancmt Apr 10, 2026
fc9ad31
Purge dead staged pipeline scaffolding
duncancmt Apr 10, 2026
4dffefe
refactor: replace bare assert with self.assertIsInstance + cast
duncancmt Apr 10, 2026
9464815
fix: handle string literals and top-level leave in staged pipeline
duncancmt Apr 10, 2026
b8fc701
test: add regressions for did_leave guard grouping bug
duncancmt Apr 10, 2026
3a48ec8
fix: group did_leave guard blocks to prevent temp scope escape
duncancmt Apr 10, 2026
ff86e16
Merge claudex/codex-prove-sqrt-cbrt into dcmt/codex-prove-sqrt-cbrt
duncancmt Apr 10, 2026
8a75853
feat: conservative copy propagation in constprop pass
duncancmt Apr 10, 2026
a0908e3
Add regressions for yul_to_lean review bugs
duncancmt Apr 10, 2026
4b280f2
Fix sqrt512 proof normalization drift
duncancmt Apr 10, 2026
874aa5d
Fix staged helper selection and Lean name validation
duncancmt Apr 10, 2026
5edefef
Add yul_to_lean regression tests
duncancmt Apr 10, 2026
1c02cbc
Remove stale formal pipeline cruft
duncancmt Apr 10, 2026
fc3b8e6
Refactor staged Yul selection and naming
duncancmt Apr 10, 2026
c498886
Remove malformed-Yul selection fallback
duncancmt Apr 10, 2026
9992b88
Add formal regression tests for parser and emission bugs
duncancmt Apr 10, 2026
5a17b19
Adjust cbrt512 Lean proofs for normalized models
duncancmt Apr 10, 2026
cc18637
Refactor formal Yul translation pipeline
duncancmt Apr 10, 2026
e3a556d
Extract shared formal model IR and config
duncancmt Apr 11, 2026
308c110
Purge legacy yul_to_lean pipeline
duncancmt Apr 11, 2026
9690370
Refactor formal translation boundaries
duncancmt Apr 11, 2026
c817fa9
Fix yul-to-lean unit CI
duncancmt Apr 11, 2026
d724ac6
Refactor formal yul-to-lean pipeline boundaries
duncancmt Apr 11, 2026
ee9721b
Fix bugs: LetStmt import, multi-target fallthrough, NIte prelude
duncancmt Apr 11, 2026
d593426
Delete dead code, inline trivial wrappers, scrub archaeology
duncancmt Apr 11, 2026
2cabb93
Deduplicate norm_eval builtin dispatch
duncancmt Apr 11, 2026
5d103c2
Simplify FunctionSummary construction at 3 call sites
duncancmt Apr 11, 2026
62fe0ff
Reduce NormalizedFunction/NFunctionDef bouncing
duncancmt Apr 11, 2026
6db922f
Shrink _rewrite_selected_calls_in_block, move collect_reassigned
duncancmt Apr 11, 2026
57c0533
Migrate all flat-form ModelConfig calls to structured form
duncancmt Apr 11, 2026
0eb377e
Delete flat ModelConfig API, config overloads, forwarding properties
duncancmt Apr 11, 2026
60491fb
Normalize selection exactly once inside build_selection_plan
duncancmt Apr 11, 2026
ae15e0e
Collapse selection record types into SelectedFunctionInfo
duncancmt Apr 11, 2026
d708f0d
Merge staged_pipeline into yul_to_lean, rename staged_selection
duncancmt Apr 11, 2026
fd6bb8b
Refactor formal translator surface
duncancmt Apr 11, 2026
af4984e
Fix black/isort formatting in norm_eval.py
duncancmt Apr 11, 2026
fc3e780
Fix cbrt512 proof kernel recursion
duncancmt Apr 11, 2026
81aac80
Move formal Python tooling into package
duncancmt Apr 11, 2026
d224d2c
Refresh tracked sqrt finite cert header
duncancmt Apr 11, 2026
2a18ccb
Clean up formal translator walkers
duncancmt Apr 11, 2026
959551c
Refactor formal leave lowering ownership
duncancmt Apr 11, 2026
53407bc
Remove dead Yul parse helpers and loop memory lowering
duncancmt Apr 11, 2026
360f2bd
Merge branch 'master' into dcmt/codex-prove-sqrt-cbrt
duncancmt Apr 11, 2026
3bc5e1a
Merge branch 'dcmt/cbrt512' into dcmt/codex-prove-sqrt-cbrt
duncancmt Apr 11, 2026
425f8b6
Fixing CI
duncancmt Apr 11, 2026
86789f9
Fixing CI
duncancmt Apr 11, 2026
0f8435e
Fix formal model constant and naming invariants
duncancmt Apr 12, 2026
915be36
DRY formal/python walker infrastructure and remove dead code
duncancmt Apr 12, 2026
e3d4da6
Refactor normalized constprop
duncancmt Apr 12, 2026
ac2192c
Refactor normalized optimizer dead-code handling
duncancmt Apr 12, 2026
658a172
Refactor normalized IR block scoping
duncancmt Apr 12, 2026
5398aa8
Refactor raw normalized simplification
duncancmt Apr 12, 2026
fbd22ef
Generalize formal memory lowering
duncancmt Apr 12, 2026
f7255b2
Simplify yul memory lowering and drop NStore
duncancmt Apr 12, 2026
e780050
Fix yul-to-lean unit CI regressions
duncancmt Apr 12, 2026
e995408
Refactor formal Python pipeline: error hierarchy, dead code, abstract…
duncancmt Apr 12, 2026
0434745
Refactor Yul translator helper and naming passes
duncancmt Apr 12, 2026
910aec9
Refactor formal Python CI checks
duncancmt Apr 12, 2026
8a408de
Deduplicate IR walkers and add div/mod constant folding
duncancmt Apr 12, 2026
daaceb9
Fix restricted expr walk coverage
duncancmt Apr 12, 2026
3e0ab81
Deduplicate IR expression walkers and fix mload classification
duncancmt Apr 12, 2026
c217559
Deduplicate Yul expression walking
duncancmt Apr 12, 2026
2ab0051
Fix helper-boundary inlining and norm rewrites
duncancmt Apr 12, 2026
b97fba8
Refactor formal helper inlining
duncancmt Apr 12, 2026
51b3906
Fix top-level helper expr inlining
duncancmt Apr 13, 2026
d2e1ed6
Remove dead simp input from sqrt512 proof
duncancmt Apr 13, 2026
c1520e1
Fix CrossChainReceiverFactory CI
duncancmt Apr 13, 2026
2e422b7
Merge branch 'dcmt/ci'
duncancmt Apr 14, 2026
b06f081
Merge branch 'master' into dcmt/codex-prove-sqrt-cbrt
duncancmt Apr 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
76 changes: 76 additions & 0 deletions .github/workflows/cbrt-formal.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
name: Cbrt.sol Formal Check

on:
push:
branches:
- master
paths:
- src/vendor/Cbrt.sol
- src/wrappers/CbrtWrapper.sol
- formal/cbrt/**
- formal/python/**
- test/0.8.25/Cbrt.t.sol
- test/0.8.25/formal-model/FormalModelFFI.t.sol
- test/0.8.25/formal-model/CbrtModel.t.sol
- .github/workflows/cbrt-formal.yml
pull_request:
paths:
- src/vendor/Cbrt.sol
- src/wrappers/CbrtWrapper.sol
- formal/cbrt/**
- formal/python/**
- test/0.8.25/Cbrt.t.sol
- test/0.8.25/formal-model/FormalModelFFI.t.sol
- test/0.8.25/formal-model/CbrtModel.t.sol
- .github/workflows/cbrt-formal.yml

jobs:
cbrt-formal:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: recursive

- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1

- name: Install Python
uses: actions/setup-python@v5
with:
python-version: "3.11"

- name: Install pinned Lean toolchain
run: |
curl https://raw.githubusercontent.com/leanprover/elan/917c18d0ad52f649c2603dc8b973f5b9fa5f8f43/elan-init.sh -sSf | sh -s -- -y --default-toolchain none
echo "$HOME/.elan/bin" >> "$GITHUB_PATH"
LEAN_TOOLCHAIN="$(cat formal/cbrt/CbrtProof/lean-toolchain)"
"$HOME/.elan/bin/elan" toolchain install "$LEAN_TOOLCHAIN"
"$HOME/.elan/bin/elan" default "$LEAN_TOOLCHAIN"

- name: Install solc 0.8.34
run: forge build -- src/chains/Mainnet/TakerSubmitted.sol
env:
FOUNDRY_SOLC_VERSION: 0.8.34

- name: Generate Lean model from Cbrt.sol via Yul IR
run: |
forge inspect src/wrappers/CbrtWrapper.sol:CbrtWrapper ir | \
python3 -W error -m formal.python.cbrt.generate_cbrt_model \
--yul - \
--output formal/cbrt/CbrtProof/CbrtProof/GeneratedCbrtModel.lean

- name: Generate finite certificate from cbrt spec
run: |
python3 -m formal.python.cbrt.generate_cbrt_cert \
--output formal/cbrt/CbrtProof/CbrtProof/FiniteCert.lean

- name: Build Cbrt proof and model evaluator
working-directory: formal/cbrt/CbrtProof
run: lake build && lake build cbrt-model

- name: Fuzz-test Lean model against Solidity
run: |
FOUNDRY_PROFILE=formal-model forge test \
--skip 'src/*' --skip 'test/unit/*' --skip 'test/integration/*' --skip 'test/0.8.28/*' \
--match-contract CbrtModelTest
87 changes: 87 additions & 0 deletions .github/workflows/cbrt512-formal.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
name: 512Math cbrt Formal Check

on:
push:
branches:
- master
paths:
- src/utils/512Math.sol
- src/vendor/Cbrt.sol
- src/wrappers/CbrtWrapper.sol
- src/wrappers/Cbrt512Wrapper.sol
- formal/cbrt/**
- formal/python/**
- test/0.8.25/formal-model/FormalModelFFI.t.sol
- test/0.8.25/formal-model/Cbrt512Model.t.sol
- .github/workflows/cbrt512-formal.yml
pull_request:
paths:
- src/utils/512Math.sol
- src/vendor/Cbrt.sol
- src/wrappers/CbrtWrapper.sol
- src/wrappers/Cbrt512Wrapper.sol
- formal/cbrt/**
- formal/python/**
- test/0.8.25/formal-model/FormalModelFFI.t.sol
- test/0.8.25/formal-model/Cbrt512Model.t.sol
- .github/workflows/cbrt512-formal.yml

jobs:
cbrt512-formal:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: recursive

- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1

- name: Install Python
uses: actions/setup-python@v5
with:
python-version: "3.11"

- name: Install pinned Lean toolchain
run: |
curl https://raw.githubusercontent.com/leanprover/elan/917c18d0ad52f649c2603dc8b973f5b9fa5f8f43/elan-init.sh -sSf | sh -s -- -y --default-toolchain none
echo "$HOME/.elan/bin" >> "$GITHUB_PATH"
LEAN_TOOLCHAIN="$(cat formal/cbrt/Cbrt512Proof/lean-toolchain)"
test "$LEAN_TOOLCHAIN" = "$(cat formal/cbrt/CbrtProof/lean-toolchain)"
"$HOME/.elan/bin/elan" toolchain install "$LEAN_TOOLCHAIN"
"$HOME/.elan/bin/elan" default "$LEAN_TOOLCHAIN"

- name: Install solc 0.8.34
run: forge build -- src/chains/Mainnet/TakerSubmitted.sol
env:
FOUNDRY_SOLC_VERSION: 0.8.34

- name: Generate 256-bit Lean model (CbrtProof dependency)
run: |
forge inspect src/wrappers/CbrtWrapper.sol:CbrtWrapper ir | \
python3 -W error -m formal.python.cbrt.generate_cbrt_model \
--yul - \
--output formal/cbrt/CbrtProof/CbrtProof/GeneratedCbrtModel.lean

- name: Generate finite certificate from cbrt spec
run: |
python3 -m formal.python.cbrt.generate_cbrt_cert \
--output formal/cbrt/CbrtProof/CbrtProof/FiniteCert.lean

- name: Generate 512-bit Lean model from Cbrt512Wrapper via Yul IR
run: |
FOUNDRY_SOLC_VERSION=0.8.34 \
forge inspect src/wrappers/Cbrt512Wrapper.sol:Cbrt512Wrapper ir | \
python3 -W error -m formal.python.cbrt.generate_cbrt512_model \
--yul - \
--output formal/cbrt/Cbrt512Proof/Cbrt512Proof/GeneratedCbrt512Model.lean

- name: Build Cbrt512 proof and model evaluator
working-directory: formal/cbrt/Cbrt512Proof
run: lake build && lake build cbrt512-model

- name: Fuzz-test Lean model against Solidity
run: |
FOUNDRY_PROFILE=formal-model forge test \
--skip 'src/*' --skip 'test/unit/*' --skip 'test/integration/*' --skip 'test/0.8.28/*' \
--match-contract Cbrt512ModelTest
76 changes: 76 additions & 0 deletions .github/workflows/sqrt-formal.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
name: Sqrt.sol Formal Check

on:
push:
branches:
- master
paths:
- src/vendor/Sqrt.sol
- src/wrappers/SqrtWrapper.sol
- formal/sqrt/**
- formal/python/**
- test/0.8.25/Sqrt.t.sol
- test/0.8.25/formal-model/FormalModelFFI.t.sol
- test/0.8.25/formal-model/SqrtModel.t.sol
- .github/workflows/sqrt-formal.yml
pull_request:
paths:
- src/vendor/Sqrt.sol
- src/wrappers/SqrtWrapper.sol
- formal/sqrt/**
- formal/python/**
- test/0.8.25/Sqrt.t.sol
- test/0.8.25/formal-model/FormalModelFFI.t.sol
- test/0.8.25/formal-model/SqrtModel.t.sol
- .github/workflows/sqrt-formal.yml

jobs:
sqrt-formal:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: recursive

- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1

- name: Install Python
uses: actions/setup-python@v5
with:
python-version: "3.11"

- name: Install pinned Lean toolchain
run: |
curl https://raw.githubusercontent.com/leanprover/elan/917c18d0ad52f649c2603dc8b973f5b9fa5f8f43/elan-init.sh -sSf | sh -s -- -y --default-toolchain none
echo "$HOME/.elan/bin" >> "$GITHUB_PATH"
LEAN_TOOLCHAIN="$(cat formal/sqrt/SqrtProof/lean-toolchain)"
"$HOME/.elan/bin/elan" toolchain install "$LEAN_TOOLCHAIN"
"$HOME/.elan/bin/elan" default "$LEAN_TOOLCHAIN"

- name: Install solc 0.8.34
run: forge build -- src/chains/Mainnet/TakerSubmitted.sol
env:
FOUNDRY_SOLC_VERSION: 0.8.34

- name: Generate Lean model from Sqrt.sol via Yul IR
run: |
forge inspect src/wrappers/SqrtWrapper.sol:SqrtWrapper ir | \
python3 -W error -m formal.python.sqrt.generate_sqrt_model \
--yul - \
--output formal/sqrt/SqrtProof/SqrtProof/GeneratedSqrtModel.lean

- name: Generate finite certificate from sqrt spec
run: |
python3 -m formal.python.sqrt.generate_sqrt_cert \
--output formal/sqrt/SqrtProof/SqrtProof/FiniteCert.lean

- name: Build Sqrt proof and model evaluator
working-directory: formal/sqrt/SqrtProof
run: lake build && lake build sqrt-model

- name: Fuzz-test Lean model against Solidity
run: |
FOUNDRY_PROFILE=formal-model forge test \
--skip 'src/*' --skip 'test/unit/*' --skip 'test/integration/*' --skip 'test/0.8.28/*' \
--match-contract SqrtModelTest
85 changes: 85 additions & 0 deletions .github/workflows/sqrt512-formal.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
name: 512Math sqrt Formal Check

on:
push:
branches:
- master
paths:
- src/utils/512Math.sol
- src/vendor/Sqrt.sol
- src/wrappers/Sqrt512Wrapper.sol
- formal/sqrt/**
- formal/python/**
- test/0.8.25/formal-model/FormalModelFFI.t.sol
- test/0.8.25/formal-model/Sqrt512Model.t.sol
- .github/workflows/sqrt512-formal.yml
pull_request:
paths:
- src/utils/512Math.sol
- src/vendor/Sqrt.sol
- src/wrappers/Sqrt512Wrapper.sol
- formal/sqrt/**
- formal/python/**
- test/0.8.25/formal-model/FormalModelFFI.t.sol
- test/0.8.25/formal-model/Sqrt512Model.t.sol
- .github/workflows/sqrt512-formal.yml

jobs:
sqrt512-formal:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: recursive

- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1

- name: Install Python
uses: actions/setup-python@v5
with:
python-version: "3.11"

- name: Install pinned Lean toolchain
run: |
curl https://raw.githubusercontent.com/leanprover/elan/917c18d0ad52f649c2603dc8b973f5b9fa5f8f43/elan-init.sh -sSf | sh -s -- -y --default-toolchain none
echo "$HOME/.elan/bin" >> "$GITHUB_PATH"
LEAN_TOOLCHAIN="$(cat formal/sqrt/Sqrt512Proof/lean-toolchain)"
test "$LEAN_TOOLCHAIN" = "$(cat formal/sqrt/SqrtProof/lean-toolchain)"
"$HOME/.elan/bin/elan" toolchain install "$LEAN_TOOLCHAIN"
"$HOME/.elan/bin/elan" default "$LEAN_TOOLCHAIN"

- name: Install solc 0.8.34
run: forge build -- src/chains/Mainnet/TakerSubmitted.sol
env:
FOUNDRY_SOLC_VERSION: 0.8.34

- name: Generate 256-bit Lean model (SqrtProof dependency)
run: |
forge inspect src/wrappers/SqrtWrapper.sol:SqrtWrapper ir | \
python3 -W error -m formal.python.sqrt.generate_sqrt_model \
--yul - \
--output formal/sqrt/SqrtProof/SqrtProof/GeneratedSqrtModel.lean

- name: Generate finite certificate from sqrt spec
run: |
python3 -m formal.python.sqrt.generate_sqrt_cert \
--output formal/sqrt/SqrtProof/SqrtProof/FiniteCert.lean

- name: Generate 512-bit Lean model from Sqrt512Wrapper via Yul IR
run: |
FOUNDRY_SOLC_VERSION=0.8.34 \
forge inspect src/wrappers/Sqrt512Wrapper.sol:Sqrt512Wrapper ir | \
python3 -W error -m formal.python.sqrt.generate_sqrt512_model \
--yul - \
--output formal/sqrt/Sqrt512Proof/Sqrt512Proof/GeneratedSqrt512Model.lean

- name: Build Sqrt512 proof and model evaluator
working-directory: formal/sqrt/Sqrt512Proof
run: lake build && lake build sqrt512-model

- name: Fuzz-test Lean model against Solidity
run: |
FOUNDRY_PROFILE=formal-model forge test \
--skip 'src/*' --skip 'test/unit/*' --skip 'test/integration/*' --skip 'test/0.8.28/*' \
--match-contract Sqrt512ModelTest
45 changes: 45 additions & 0 deletions .github/workflows/yul-to-lean-unit.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
name: Translator Unit Tests

on:
push:
branches:
- master
paths:
- formal/**/*.py
- pyproject.toml
- .github/workflows/yul-to-lean-unit.yml
pull_request:
paths:
- formal/**/*.py
- pyproject.toml
- .github/workflows/yul-to-lean-unit.yml

jobs:
yul-to-lean-unit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4

- name: Install Python
uses: actions/setup-python@v5
with:
python-version: "3.11"

- name: Install Python tooling
run: |
python3 -m pip install \
black==26.3.0 \
isort==7.0.0 \
mypy==1.19.1

- name: Check formatting with black
run: python3 -m black --check formal

- name: Check import ordering with isort
run: python3 -m isort --check-only --filter-files formal

- name: Type-check formal Python
run: python3 -m mypy formal

- name: Run translator unit tests
run: python3 -m unittest formal.python.test_yul_to_lean -v
3 changes: 3 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,3 +30,6 @@ node_modules

# user-specific local configuration
/config/

# Python bytecode cache directories
__pycache__/
Loading
Loading