Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Certora] New spec for checking commutativity of accrueInterests #427

Merged
merged 3 commits into from
Aug 23, 2023
Merged

[Certora] New spec for checking commutativity of accrueInterests #427

merged 3 commits into from
Aug 23, 2023

Conversation

jhoenicke
Copy link
Contributor

We show for supply/withdraw/borrow/repay that calling accrueInterests before has no effect as these function already do this.

For all functions we show that calling accrueInterests before or after yields the same result, except for setFeeRecipient, for which it makes a difference (new fee recipient gets the interest if they are accrued afterwards).

Note that the view functions are not commutative, as they return the value before interest is accumulated. I also omitted withdrawCollateral and liquidate from the first function specific rules. They are included in the generic commutativity rule.

The spec is not perfect. We assume the external called functions including the user supplied callbacks won't access the storage. In reality this property is not even true, as e.g. in flashLoan the user callback could read the internal data and behave differently whether or not the interests was already accrued.

@jhoenicke
New spec for checking commutativity of accrueInterests
7869482 
We show for supply/withdraw/borrow/repay that calling accrueInterests
before has no effect as these function already do this.
For all functions we show that calling accrueInterests before or after
yields the same result, except for setFeeRecipient, for which it makes
a difference (new fee recipient gets the interest if they are accrued
afterwards).
@jhoenicke
Check revert-equivalence
4e2062a 
This also requires that transfer/transferFrom behave the same, or otherwise
safeTransfer differs in revert behaviour
@jhoenicke
Fix spec file name
740266b
QGarchery
QGarchery approved these changes Aug 23, 2023
View reviewed changes
Copy link
Contributor

@QGarchery QGarchery left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome, thanks for this PR !

@QGarchery QGarchery merged commit c410a21 into certora/dev Aug 23, 2023
11 checks passed
@QGarchery QGarchery deleted the certora/jochen branch August 23, 2023 15:32
@QGarchery QGarchery mentioned this pull request Aug 23, 2023
Merged
@QGarchery QGarchery changed the title New spec for checking commutativity of accrueInterests [Certora] New spec for checking commutativity of accrueInterests Aug 23, 2023
@QGarchery QGarchery added the verif Modifies the formal verification label Aug 23, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@QGarchery QGarchery QGarchery approved these changes

Assignees
No one assigned
Labels
verif Modifies the formal verification
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jhoenicke @QGarchery