Full formal verification (#4)

* Full formal specifications for the entire library

Co-authored-by: Andrei Stefanescu <[email protected]>

* light report

* .

* .

* .

* .

* Update README.md

---------

Co-authored-by: Andrei Stefanescu <[email protected]>

Author: cos

.gitignore

@@ -6,4 +6,6 @@
 node_modules
 /.vscode
 /.DS_Store
-/.env
+/.env
+*.log.*
+output/

Move.toml

@@ -5,8 +5,5 @@ name = "IntegerLibrary"
 version = "1.0.1"
 published-at = "0xab5e63352d0f05881bdfa1631cc0f7fc1669175a00d608828a924df481a9e4bd"
 
-[dependencies]
-Sui = { git = "https://github.com/MystenLabs/sui.git", subdir = "crates/sui-framework/packages/sui-framework", rev = "mainnet-v1.48.2" }
-
 [addresses]
 integer_library = "0x03637b7b60978ef4389124f7683456f0050ab015a0590d52b6e6cadb342af34a"

README.md

@@ -97,12 +97,17 @@ module integer_library::i128 {
     }
 
     public fun overflowing_sub(num1: I128, num2: I128): (I128, bool) {
-        let sub_num = wrapping_add(I128 {
-            bits: u128_neg(num2.bits)
-        }, from(1));
-        let sum = wrapping_add(num1, sub_num);
-        let overflow = (sign(num1) & sign(sub_num) & u8_neg(sign(sum))) + (u8_neg(sign(num1)) & u8_neg(sign(sub_num)) & sign(sum));
-        (sum, overflow != 0)
+        let diff = wrapping_sub(num1, num2);
+        let overflow = if (sign(num1) != sign(num2)) {
+            if (sign(num1) != sign(diff)) {
+                true
+            } else {
+                false
+            }
+        } else {
+            false
+        };
+        (diff, overflow)
     }
 
     public fun mul(num1: I128, num2: I128): I128 {

sources/i128.move

@@ -0,0 +1,46 @@
+# @generated by Move, please check-in and do not edit manually.
+
+[move]
+version = 3
+manifest_digest = "BC4FE2501E5714DD8780B061932D369DCC8BFB79C46BCADD3F0CD18558FFDD06"
+deps_digest = "F8BBB0CCB2491CA29A3DF03D6F92277A4F3574266507ACD77214D37ECA3F3082"
+dependencies = [
+  { id = "SuiProver", name = "SuiProver" },
+]
+
+[[move.package]]
+id = "MoveStdlib"
+source = { git = "https://github.com/asymptotic-code/sui.git", rev = "next", subdir = "crates/sui-framework/packages/move-stdlib" }
+
+[[move.package]]
+id = "Prover"
+source = { git = "https://github.com/asymptotic-code/sui-prover.git", rev = "main", subdir = "packages/prover" }
+
+dependencies = [
+  { id = "MoveStdlib", name = "MoveStdlib" },
+]
+
+[[move.package]]
+id = "Sui"
+source = { git = "https://github.com/asymptotic-code/sui.git", rev = "next", subdir = "crates/sui-framework/packages/sui-framework" }
+
+dependencies = [
+  { id = "MoveStdlib", name = "MoveStdlib" },
+]
+
+[[move.package]]
+id = "SuiProver"
+source = { git = "https://github.com/asymptotic-code/sui-prover.git", rev = "main", subdir = "packages/sui-prover" }
+
+dependencies = [
+  { id = "SuiSpecs", name = "SuiSpecs" },
+]
+
+[[move.package]]
+id = "SuiSpecs"
+source = { git = "https://github.com/asymptotic-code/sui-prover.git", rev = "main", subdir = "packages/sui-framework-specs" }
+
+dependencies = [
+  { id = "Prover", name = "Prover" },
+  { id = "Sui", name = "Sui" },
+]

specs-bv/Move.lock

@@ -0,0 +1,8 @@
+# mainnet
+# -------------------------------
+[package]
+name = "IntegerLibrarySpecsBV"
+edition = "2024.beta"
+
+[addresses]
+integer_library_specs_bv = "0x0"

specs-bv/Move.toml

@@ -0,0 +1,12 @@
+procedure {:inline 1} $0_i32_ashr($t0: bv32, $t1: bv32) returns ($ret0: bv32) {
+  $ret0 := $AShr'Bv32'($t0, $t1);
+}
+
+procedure {:inline 1} $0_i64_ashr($t0: bv64, $t1: bv64) returns ($ret0: bv64) {
+  $ret0 := $AShr'Bv64'($t0, $t1);
+}
+
+procedure {:inline 1} $0_i128_ashr($t0: bv128, $t1: bv128) returns ($ret0: bv128) {
+  $ret0 := $AShr'Bv128'($t0, $t1);
+}
+

specs-bv/prelude_extra.bpl

@@ -0,0 +1,71 @@
+module integer_library_specs_bv::i128;
+
+#[spec_only]
+use prover::prover::{ensures, asserts, invariant};
+
+public struct I128 has copy, drop, store {
+    bits: u128,
+}
+
+public fun wrapping_add(num1: I128, num2: I128): I128 {
+    let mut sum = num1.bits ^ num2.bits;
+    let mut carry = (num1.bits & num2.bits) << 1;
+    invariant!(|| {
+        ensures(
+            ((num1.bits as u256) + (num2.bits as u256)) % (1 << 128) == ((sum as u256) + (carry as u256)) % (1 << 128),
+        );
+    });
+    while (carry != 0) {
+        let a = sum;
+        let b = carry;
+        sum = a ^ b;
+        carry = (a & b) << 1;
+    };
+    I128 {
+        bits: sum,
+    }
+}
+
+/*
+ ✅ Computes `num1 + num2` with wrapping overflow.
+ ⏮️ The function does not abort.
+*/
+#[spec(prove, target = wrapping_add)]
+public fun wrapping_add_spec(num1: I128, num2: I128): I128 {
+    let result = wrapping_add(num1, num2);
+    ensures(result.bits == (((num1.bits as u256) + (num2.bits as u256)) % (1 << 128)) as u128);
+    result
+}
+
+public fun shr(v: I128, shift: u8): I128 {
+    if (shift == 0) {
+        return v
+    };
+    let mask = 0xffffffffffffffffffffffffffffffff << (128 - shift);
+    if (sign(v) == 1) {
+        return I128 {
+            bits: (v.bits >> shift) | mask,
+        }
+    };
+    I128 {
+        bits: v.bits >> shift,
+    }
+}
+
+public fun sign(v: I128): u8 {
+    ((v.bits >> 127) as u8)
+}
+
+public native fun ashr(x: u128, y: u128): u128;
+
+/*
+ ✅ Computes arithmetic right shift `v >> shift`.
+ ⏮️ The function aborts unless `shift < 128`.
+*/
+#[spec(prove, target = shr)]
+public fun shr_spec(v: I128, shift: u8): I128 {
+    asserts(shift < 128);
+    let result = shr(v, shift);
+    ensures(result.bits == ashr(v.bits, shift as u128));
+    result
+}

specs-bv/sources/i128.move

@@ -0,0 +1,71 @@
+module integer_library_specs_bv::i32;
+
+#[spec_only]
+use prover::prover::{ensures, asserts, invariant};
+
+public struct I32 has copy, drop, store {
+    bits: u32,
+}
+
+public fun wrapping_add(num1: I32, num2: I32): I32 {
+    let mut sum = num1.bits ^ num2.bits;
+    let mut carry = (num1.bits & num2.bits) << 1;
+    invariant!(|| {
+        ensures(
+            ((num1.bits as u64) + (num2.bits as u64)) % (1 << 32) == ((sum as u64) + (carry as u64)) % (1 << 32),
+        );
+    });
+    while (carry != 0) {
+        let a = sum;
+        let b = carry;
+        sum = a ^ b;
+        carry = (a & b) << 1;
+    };
+    I32 {
+        bits: sum,
+    }
+}
+
+/*
+ ✅ Computes `num1 + num2` with wrapping overflow.
+ ⏮️ The function does not abort.
+*/
+#[spec(prove, target = wrapping_add)]
+public fun wrapping_add_spec(num1: I32, num2: I32): I32 {
+    let result = wrapping_add(num1, num2);
+    ensures(result.bits == (((num1.bits as u64) + (num2.bits as u64)) % (1 << 32)) as u32);
+    result
+}
+
+public fun shr(v: I32, shift: u8): I32 {
+    if (shift == 0) {
+        return v
+    };
+    let mask = 0xffffffff << (32 - shift);
+    if (sign(v) == 1) {
+        return I32 {
+            bits: (v.bits >> shift) | mask,
+        }
+    };
+    I32 {
+        bits: v.bits >> shift,
+    }
+}
+
+public fun sign(v: I32): u8 {
+    ((v.bits >> 31) as u8)
+}
+
+public native fun ashr(x: u32, y: u32): u32;
+
+/*
+ ✅ Computes arithmetic right shift `v >> shift`.
+ ⏮️ The function aborts unless `shift < 32`.
+*/
+#[spec(prove, target = shr)]
+public fun shr_spec(v: I32, shift: u8): I32 {
+    asserts(shift < 32);
+    let result = shr(v, shift);
+    ensures(result.bits == ashr(v.bits, shift as u32));
+    result
+}

specs-bv/sources/i32.move

@@ -0,0 +1,71 @@
+module integer_library_specs_bv::i64;
+
+#[spec_only]
+use prover::prover::{ensures, asserts, invariant};
+
+public struct I64 has copy, drop, store {
+    bits: u64,
+}
+
+public fun wrapping_add(num1: I64, num2: I64): I64 {
+    let mut sum = num1.bits ^ num2.bits;
+    let mut carry = (num1.bits & num2.bits) << 1;
+    invariant!(|| {
+        ensures(
+            ((num1.bits as u128) + (num2.bits as u128)) % (1 << 64) == ((sum as u128) + (carry as u128)) % (1 << 64),
+        );
+    });
+    while (carry != 0) {
+        let a = sum;
+        let b = carry;
+        sum = a ^ b;
+        carry = (a & b) << 1;
+    };
+    I64 {
+        bits: sum,
+    }
+}
+
+/*
+ ✅ Computes `num1 + num2` with wrapping overflow.
+ ⏮️ The function does not abort.
+*/
+#[spec(prove, target = wrapping_add)]
+public fun wrapping_add_spec(num1: I64, num2: I64): I64 {
+    let result = wrapping_add(num1, num2);
+    ensures(result.bits == (((num1.bits as u128) + (num2.bits as u128)) % (1 << 64)) as u64);
+    result
+}
+
+public fun shr(v: I64, shift: u8): I64 {
+    if (shift == 0) {
+        return v
+    };
+    let mask = 0xffffffffffffffff << (64 - shift);
+    if (sign(v) == 1) {
+        return I64 {
+            bits: (v.bits >> shift) | mask,
+        }
+    };
+    I64 {
+        bits: v.bits >> shift,
+    }
+}
+
+public fun sign(v: I64): u8 {
+    ((v.bits >> 63) as u8)
+}
+
+public native fun ashr(x: u64, y: u64): u64;
+
+/*
+ ✅ Computes arithmetic right shift `v >> shift`.
+ ⏮️ The function aborts unless `shift < 64`.
+*/
+#[spec(prove, target = shr)]
+public fun shr_spec(v: I64, shift: u8): I64 {
+    asserts(shift < 64);
+    let result = shr(v, shift);
+    ensures(result.bits == ashr(v.bits, shift as u64));
+    result
+}