University/Notes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

vault backup: 2025-02-20 15:48:21

Browse Source
This commit is contained in:
Boyan
2025-02-20 15:48:21 +01:00
parent 680fb334ac
commit 7ed288dd9c
3 changed files with 58 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Software Engineering/Initial Questions.md
View File

@ -1,23 +1,24 @@
### Logistics
- Will we have access to an overview of the project roadmap, including deliverables?
- Will we have access to an overview of the project roadmap, including deliverables?\
> No. It is a research project, hence no deliverables and such.
- Do you need us to use specific project management tools (e.g. GitHub, Jira, etc.)?
- How often are you available? Is it possible to have weekly progress reports?
> Every week is good.
### Formal Verification
- What is the expected level of background in Coq or formal methods?
> It's possible to catch up to speed in a couple of months
- Can you explain the process by which a smart contract's safety properties will be validated formally?
- Are there any existing case studies or example proofs we might refer to for a better understanding of the expected output?
>
- Define the contract verification criteria
### Project scope clarifications
- Among the seven smart contracts being verified, which ones do you expect us to work on, and why those?
- Which technologies are we going to be introduced to, if any? Will we have access to guides for Coq and Solidity?
- How do you envision the high-level Coq framework integrating with existing Solidity projects?
### Optional
- How much of the formal verification process will be based on axioms versus fully constructive proofs?
- Could you elaborate on the notion of “high-level primitives” (e.g., identity, item, property) and how flexible they need to be for different types of contracts?
- "real numbers and integer approximations"?
- Could you specify what you mean by "real numbers and integer approximations"? Is it related to precision with math? How does that impact the security of a smart contract? Practical example?

33
Software Engineering/Meeting.md Normal file
View File

@ -0,0 +1,33 @@
## Intro
- Formalland 2 years old
- Formal verification for code, proofs
- Find a way to fully specify smart contracts
- Formal verification as means of security (no bugs -> no stealing)
- Alternatives include:
- Testing (Unit, Value)
- Human expertise
- Quite niche in the field of computer science
- We can be sure that the program follows intended behavior after verification
## Smart contracts
- Notion of users
- Admin - owner
- We need to look through some examples [here](https://formal.land/docs/tools/coq-of-solidity/specification-project) to get a feel for them.
- Motivated by bugs [listed here](https://github.com/kadenzipfel/smart-contract-vulnerabilities)
### Example of Smart Contract
- Stablecoins (USDC)
- Possible specification(?) is to state that the amount of coins is fixed
## Work
- Solidity
- VSC online
### Questions during the meeting
- What is the difference between a user and an admin in the context of smart contracts?
- You mentioned that one possible specification is to state that the amount of coins is fixed. How does that relate to formal verification? To our project?
- Is the idea to design a DSL? Could you elaborate on the specifics? Do you have a write-up about it or do we need to come up with it?
> Yes. We want to simplify formal verification of smart contracts by creating a DSL.