Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
concordium
smartcontractinteractions
Commits
65b99ce6
Commit
65b99ce6
authored
Oct 13, 2019
by
Jakob Botsch Nielsen
Browse files
Prove account balances are nonnegative
parent
71b1a654
Pipeline
#13808
passed with stage
in 7 minutes and 32 seconds
Changes
1
Pipelines
1
Hide whitespace changes
Inline
Sidebyside
theories/Blockchain.v
View file @
65b99ce6
...
...
@@ 632,6 +632,14 @@ Proof.
cbn
in
*
.
destruct_address_eq
;
congruence
.
Qed
.
Lemma
eval_amount_nonnegative
:
eval_amount
eval
>=
0.
Proof
.
now
destruct
eval
.
Qed
.
Lemma
eval_amount_le_account_balance
:
eval_amount
eval
<=
account_balance
pre
(
eval_from
eval
).
Proof
.
now
destruct
eval
.
Qed
.
End
Theories
.
Section
Trace
.
...
...
@@ 993,6 +1001,29 @@ Proof.
contract_no_created_blocks
;
auto
.
Qed
.
Lemma
account_balance_nonnegative
state
addr
:
reachable
state
>
account_balance
state
addr
>=
0.
Proof
.
intros
[
trace
].
remember
empty_state
eqn
:
eq
.
induction
trace
;
subst
;
cbn
;
try
lia
.
specialize
(
IHtrace
eq_refl
).
destruct_chain_step
.

(
*
New
block
*
)
rewrite_environment_equiv
.
cbn
.
unfold
add_balance
.
inversion
valid_header
.
destruct_address_eq
;
lia
.

(
*
Action
evaluation
*
)
rewrite
(
account_balance_post
eval
addr
).
pose
proof
(
eval_amount_nonnegative
eval
).
pose
proof
(
eval_amount_le_account_balance
eval
).
destruct_address_eq
;
subst
;
cbn
in
*
;
lia
.

now
rewrite
<
prev_next
.
Qed
.
End
Theories
.
End
Trace
.
End
Semantics
.
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment