GitBross Home Explore Help
Register Sign In
sol_Bo8des9o
/
openzeppelin-contracts
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 92744a195a
Branches Tags
openzeppelin-co...
/
certora
/
specs
/
GovernorCountingSimple.spec

GovernorCountingSimple.spec 4.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 
  1. //////////////////////////////////////////////////////////////////////////////
    2. 

  2. ///////////////////// Governor.sol base definitions //////////////////////////
    3. 

  3. //////////////////////////////////////////////////////////////////////////////
    4. 

  4. methods {
    5. 

  5.     proposalSnapshot(uint256) returns uint256 envfree // matches proposalVoteStart
    6. 

  6.     proposalDeadline(uint256) returns uint256 envfree
    7. 

  7.     hashProposal(address[],uint256[],bytes[],bytes32) returns uint256 envfree
    8. 

  8.     isExecuted(uint256) returns bool envfree
    9. 

  9.     isCanceled(uint256) returns bool envfree
    10. 

  10.     // initialized(uint256) returns bool envfree
    11. 

  11. 

  12.     hasVoted(uint256, address) returns bool
    13. 

  13. 

  14.     castVote(uint256, uint8) returns uint256
    15. 

  15. 

  16.     // internal functions made public in harness:
    17. 

  17.     _quorumReached(uint256) returns bool envfre
    18. 

  18.     _voteSucceeded(uint256) returns bool envfree
    19. 

  19. 

  20.     // getter for checking the sums
    21. 

  21.     ghost_sum_vote_power_by_id(uint256) returns uint256 envfree
    22. 

  22. }
    23. 

  23. 

  24. //////////////////////////////////////////////////////////////////////////////
    25. 

  25. ///////////////////////////////// GHOSTS /////////////////////////////////////
    26. 

  26. //////////////////////////////////////////////////////////////////////////////
    27. 

  27. 

  28. ghost sum_all_votes_power() returns uint256 {
    29. 

  29.     init_state axiom sum_all_votes_power() == 0;
    30. 

  30. }
    31. 

  31. 

  32. hook Sstore ghost_sum_vote_power_by_id[KEY uint256 pId] uint256 current_power (uint256 old_power) STORAGE{
    33. 

  33.     havoc sum_all_votes_power assuming sum_all_votes_power@new() == sum_all_votes_power@old() - old_power + current_power;
    34. 

  34. }
    35. 

  35. 

  36. ghost tracked_weight(uint256) returns uint256 {
    37. 

  37.     init_state axiom forall uint256 p. tracked_weight(p) == 0;
    38. 

  38. }
    39. 

  39. ghost sum_tracked_weight() returns uint256 {
    40. 

  40.     init_state axiom sum_tracked_weight() == 0;
    41. 

  41. }
    42. 

  42. 

  43. /*
    44. 

  44. function update_tracked_weights(uint256 pId, uint256 votes, uint256 old_votes) {
    45. 

  45.     havoc tracked_weight assuming forall uint256 p. (p == pId => tracked_weight@new(p) == tracked_weight@old(p) - old_votes + votes) && 
    46. 

  46.                                                     (p != pId => tracked_weight@new(p) == tracked_weight@old(p));
    47. 

  47.     havoc sum_tracked_weight assuming sum_tracked_weight@new() == sum_tracked_weight@old() - old_votes + votes;
    48. 

  48. }*/
    49. 

  49. 

  50. hook Sstore _proposalVotes[KEY uint256 pId].againstVotes uint256 votes (uint256 old_votes) STORAGE {
    51. 

  51.     //update_tracked_weights(pId, votes, old_votes);
    52. 

  52.     havoc tracked_weight assuming forall uint256 p. (p == pId => tracked_weight@new(p) == tracked_weight@old(p) - old_votes + votes) && 
    53. 

  53.                                                     (p != pId => tracked_weight@new(p) == tracked_weight@old(p));
    54. 

  54.     havoc sum_tracked_weight assuming sum_tracked_weight@new() == sum_tracked_weight@old() - old_votes + votes;
    55. 

  55. }
    56. 

  56. 

  57. hook Sstore _proposalVotes[KEY uint256 pId].forVotes uint256 votes (uint256 old_votes) STORAGE {
    58. 

  58.     //update_tracked_weights(pId, votes, old_votes);
    59. 

  59.     havoc tracked_weight assuming forall uint256 p. (p == pId => tracked_weight@new(p) == tracked_weight@old(p) - old_votes + votes) && 
    60. 

  60.                                                     (p != pId => tracked_weight@new(p) == tracked_weight@old(p));
    61. 

  61.     havoc sum_tracked_weight assuming sum_tracked_weight@new() == sum_tracked_weight@old() - old_votes + votes;
    62. 

  62. }
    63. 

  63. 

  64. hook Sstore _proposalVotes[KEY uint256 pId].abstainVotes uint256 votes (uint256 old_votes) STORAGE {
    65. 

  65.     //update_tracked_weights(pId, votes, old_votes);
    66. 

  66.     havoc tracked_weight assuming forall uint256 p. (p == pId => tracked_weight@new(p) == tracked_weight@old(p) - old_votes + votes) && 
    67. 

  67.                                                     (p != pId => tracked_weight@new(p) == tracked_weight@old(p));
    68. 

  68.     havoc sum_tracked_weight assuming sum_tracked_weight@new() == sum_tracked_weight@old() - old_votes + votes;
    69. 

  69. }
    70. 

  70. 

  71. //////////////////////////////////////////////////////////////////////////////
    72. 

  72. ////////////////////////////// INVARIANTS ////////////////////////////////////
    73. 

  73. //////////////////////////////////////////////////////////////////////////////
    74. 

  74. 

  75. 

  76. /*
    77. 

  77.  * sum of all votes casted is equal to the sum of voting power of those who voted, per each proposal
    78. 

  78.  */
    79. 

  79. invariant SumOfVotesCastEqualSumOfPowerOfVotedPerProposal(uint256 pId)
    80. 

  80.         tracked_weight(pId) == ghost_sum_vote_power_by_id(pId)
    81. 

  81. 

  82. /*
    83. 

  83.  * sum of all votes casted is equal to the sum of voting power of those who voted
    84. 

  84.  */
    85. 

  85. invariant SumOfVotesCastEqualSumOfPowerOfVoted()
    86. 

  86.         sum_tracked_weight() == sum_all_votes_power()
    87. 

  87.