1. 06 Jun, 2019 1 commit
    • Jakob Botsch Nielsen's avatar
      Remove incoming_txs and outgoing_txs from contract view of chains · 90f0d1e4
      Jakob Botsch Nielsen authored
      This is much more realistic, as allowing contracts to efficiently access
      transaction histories for all addresses is extremely expensive. To do
      this, we
      * Add an account_balance operation in Chain instead
      * Change incoming_txs and outgoing_txs to compute transactions from
        traces
      * Require implementations to give a proof-relevant trace, and rework
        proofs to use these, as necessary
      90f0d1e4
  2. 31 May, 2019 3 commits
  3. 27 May, 2019 1 commit
  4. 24 May, 2019 1 commit
  5. 22 May, 2019 1 commit
  6. 15 May, 2019 1 commit
  7. 14 May, 2019 1 commit
  8. 10 May, 2019 1 commit
  9. 09 May, 2019 3 commits
  10. 05 May, 2019 2 commits
  11. 03 May, 2019 2 commits
  12. 02 May, 2019 2 commits
    • Jakob Botsch Nielsen's avatar
      Add a comment for permutation case · 197cbb99
      Jakob Botsch Nielsen authored
      197cbb99
    • Jakob Botsch Nielsen's avatar
      Prove a property for the Congress contract · 1b1c9908
      Jakob Botsch Nielsen authored
      This proves a concrete property about any Congress contract deployed to
      a blockchain. More specifically, we show that the count of transactions
      sent out by any Congress contract will always be less than or equal to
      the total number of actions it has receive in "create proposal"
      messages.
      Thus, this property is stated only over the transactions going in and
      out to the Congress contract.
      To prove this, we reason over incoming and outgoing transactions, the
      internal state of the congress and also the actions in the blockchain
      queue.
      1b1c9908
  13. 01 May, 2019 2 commits
  14. 29 Apr, 2019 2 commits
  15. 27 Apr, 2019 2 commits
    • Jakob Botsch Nielsen's avatar
      Move ChainStep and ChainTrace to Type · 5221931a
      Jakob Botsch Nielsen authored
      This moves ChainStep and ChainTrace to type. The reason being that our
      proofs will depend on prefixes of traces and it will be very useful (if
      not required) to be able to match on the trace and the steps.
      ChainBuilderType is changed appropriately: now, an implementation just
      needs to prove that ChainTrace empty_env [] cur_env [] is inhabited.
      Thus, ChainTrace can basically be seen as one particular way to order
      the execution so that we reach a state. When it is inhabited, it thus
      means that there exists a proper way to order actions so that we reach
      the state we are in.
      5221931a
    • Jakob Botsch Nielsen's avatar
      62aff812
  16. 26 Apr, 2019 4 commits
  17. 25 Apr, 2019 6 commits
  18. 24 Apr, 2019 1 commit
  19. 23 Apr, 2019 2 commits
    • Jakob Botsch Nielsen's avatar
      Some further cleanups · 7a5e908d
      Jakob Botsch Nielsen authored
      Refactor proof of add_new_block_header and simplify add_block proof.
      7a5e908d
    • Jakob Botsch Nielsen's avatar
      Various refactorings and cleanups · f8adfa8c
      Jakob Botsch Nielsen authored
      * Remove BlockTrace and bake everything into ChainTrace
      * Simplify ChainTrace. Its signature is now
      ChainTrace : Environment -> list Action -> Prop.
      
      These changes will make it easier to reason over traces when proving
      properties about contracts. For one, we can now talk about prefixes of
      the entire chain without the weird distinction between block traces and
      chain traces.
      f8adfa8c
  20. 22 Apr, 2019 2 commits