GitBross Home Explore Help
Register Sign In
sol_Bo8des9o
/
openzeppelin-contracts
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 3c58e4e3d3
Branches Tags
openzeppelin-co...
/
certora
/
specs
/
AccessControl.spec

AccessControl.spec 2.1 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. methods {
    2. 

  2.     grantRole(bytes32, address)
    3. 

  3.     revokeRole(bytes32, address)
    4. 

  4.     _checkRole(bytes32)
    5. 

  5.     safeTransferFrom(address, address, uint256, uint256, bytes)
    6. 

  6.     safeBatchTransferFrom(address, address, uint256[], uint256[], bytes)
    7. 

  7. 

  8.     getRoleAdmin(bytes32) returns(bytes32) envfree
    9. 

  9.     hasRole(bytes32, address) returns(bool) envfree
    10. 

  10. } 
    11. 

  11. 

  12. 

  13. // STATUS - verified
    14. 

  14. // If `onlyRole` modifier reverts then `grantRole()` reverts
    15. 

  15. rule onlyRoleModifierCheckGrant(env e){
    16. 

  16.     bytes32 role; address account;
    17. 

  17. 

  18.     _checkRole@withrevert(e, getRoleAdmin(role));
    19. 

  19.     bool checkRevert = lastReverted;
    20. 

  20. 

  21.     grantRole@withrevert(e, role, account);
    22. 

  22.     bool grantRevert = lastReverted;
    23. 

  23. 

  24.     assert checkRevert => grantRevert, "modifier goes bananas";
    25. 

  25. }
    26. 

  26. 

  27. 

  28. // STATUS - verified
    29. 

  29. // check onlyRole modifier for revokeRole()
    30. 

  30. rule onlyRoleModifierCheckRevoke(env e){
    31. 

  31.     bytes32 role; address account;
    32. 

  32. 

  33.     _checkRole@withrevert(e, getRoleAdmin(role));
    34. 

  34.     bool checkRevert = lastReverted;
    35. 

  35. 

  36.     revokeRole@withrevert(e, role, account);
    37. 

  37.     bool revokeRevert = lastReverted;
    38. 

  38. 

  39.     assert checkRevert => revokeRevert, "modifier goes bananas";
    40. 

  40. }
    41. 

  41. 

  42. 

  43. // STATUS - verified
    44. 

  44. // grantRole() does not affect another accounts 
    45. 

  45. rule grantRoleEffect(env e){
    46. 

  46.     bytes32 role; address account; 
    47. 

  47.     bytes32 anotherRole; address nonEffectedAcc;
    48. 

  48.     require account != nonEffectedAcc;
    49. 

  49. 

  50.     bool hasRoleBefore = hasRole(anotherRole, nonEffectedAcc);
    51. 

  51. 

  52.     grantRole(e, role, account);
    53. 

  53. 

  54.     bool hasRoleAfter = hasRole(anotherRole, nonEffectedAcc);
    55. 

  55. 

  56.     assert hasRoleBefore == hasRoleAfter, "modifier goes bananas";
    57. 

  57. }
    58. 

  58. 

  59. 

  60. // STATUS - verified
    61. 

  61. // revokeRole() does not affect another accounts 
    62. 

  62. rule revokeRoleEffect(env e){
    63. 

  63.     bytes32 role; address account; 
    64. 

  64.     bytes32 anotherRole; address nonEffectedAcc;
    65. 

  65.     require account != nonEffectedAcc;
    66. 

  66. 

  67.     bool hasRoleBefore = hasRole(anotherRole, nonEffectedAcc);
    68. 

  68. 

  69.     revokeRole(e, role, account);
    70. 

  70. 

  71.     bool hasRoleAfter = hasRole(anotherRole, nonEffectedAcc);
    72. 

  72. 

  73.     assert hasRoleBefore == hasRoleAfter, "modifier goes bananas";
    74. 

  74. }
    75. 

  75. 

  76. 

  77. 

  78. 

  79. 

  80. 

  81. 

  82. 

  83. 

  84. 

  85.