| 12345678910111213141516171819202122232425262728 |
- methods {
- balanceOf(address, uint256) returns uint256 envfree
- isApprovedForAll(address,address) returns bool envfree
- }
- /// If a method call reduces account balances, the caller should be either the
- /// owner of the account or approved by the owner to act on its behalf.
- rule onlyApprovedCanReduceBalance {
- address holder; uint256 token; uint256 amount;
- uint256 balanceBefore = balanceOf(holder, token);
- method f; env e; calldataarg args;
- f(e, args);
- uint256 balanceAfter = balanceOf(holder, token);
- assert balanceAfter < balanceBefore => e.msg.sender == holder || isApprovedForAll(holder, e.msg.sender); // TODO add assert message
- }
- /// This rule should always fail.
- rule sanity {
- method f; env e; calldataarg args;
- f(e, args);
- assert false,
- "This rule should always fail";
- }
|