Some of the most significant high-level properties of currencies are the sums of certain account balances. Properties of such sums can ensure the integrity of currencies and transactions. For example, the sum of balances should not be changed by a transfer operation. Currencies manipulated by code present a verification challenge to mathematically prove their integrity by reasoning about computer programs that operate over them, e.g., in Solidity. The ability to reason about sums is essential: even the simplest ERC-20 token standard of the Ethereum community provides a way to access the total supply of balances. Unfortunately, reasoning about code written against this interface is non-trivial: the number of addresses is unbounded, and establishing global invariants like the preservation of the sum of the balances by operations like transfer requires higher-order reasoning. In particular, automated reasoners do not provide ways to specify summations of arbitrary length. In this paper, we present a generalization of first-order logic which can express the unbounded sum of balances. We prove the decidablity of one of our extensions and the undecidability of a slightly richer one. We introduce first-order encodings to automate reasoning over software transitions with summations. We demonstrate the applicability of our results by using SMT solvers and first-order provers for validating the correctness of common transitions in smart contracts.
翻译:货币中最重要的一些高水平属性是某些账户余额的总额。 此类金额的属性可以确保货币和交易的完整性。 例如, 余额的总额不应通过转移操作来改变。 由代码操纵的货币构成一个核查挑战,通过对运行于这些货币之上的计算机程序进行推理,例如 " 团结 " 来从数学上证明其完整性。 解释金额的能力至关重要: 即使Etheinum社区最简单的ERC-20标准为获取余额总供应量提供了一种途径。 不幸的是,针对这一界面的代码的推理是非三进性的:地址的数量是不受限制的,而建立全球的变异性,如通过转移等操作来维护余额的总和,则需要更高的推理。 特别是,自动化理性者并没有提供具体任意长度的比值的方法。 在本文中,我们介绍了一阶逻辑的概括化,可以表示无限制的余额。 我们证明了我们的扩展之一的衰败性,以及略微更丰富的一个界面的代码的不易变形性: 地址的数量是无限制的, 并且建立全球的变异性,例如通过转移等业务来保持平衡的平衡的平衡的平衡性,我们采用第一阶的智能加密的升级的系统,我们用SMDirstimmimmals
相关内容
微信扫码咨询专知VIP会员