Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Add option(s) to override provable relationships

See original GitHub issue

In my contract I have a relationship where each user is storing their proportion of a total quantity. Due to a provable mathematical relationship between the quantities (I increase total every time I increase mine, and I decrease total every time I decrease mine), I can maintain an invariant in my code with more minimal input validation.

How would I add comments to my code to request mythril ignore specific violations that I could provable demonstrate are invariant?

Example contract:

contract A {
  uint total;
  mapping (address => uint) mine;

  function add()
    public
  {
    require( total + 1 > total ); // Overflow protection
    // require( mine[msg.sender] <= total ); // This should be necessary to avoid integer overflow
    total += 1;
    mine[msg.sender] += 1; // Curiously, no integer overflow raised here...
  }

  function subtract()
    public
  {
    require( mine[msg.sender] > 0 ); // Underflow protection
    // require( mine[msg.sender] <= total ); // This avoids throwing integer underflow
    total -= 1; // mythril throws an integer underflow here
    mine[msg.sender] -= 1; // @myth-ignore UNDERFLOW - Example of syntax
  }
}

Some tools have a @ignore CHECK_NAME comment that can be added to a line to ignore a specific check. I could save a bit of gas by just being able to avoid having a assert(mine <= total) in my code in two spots

Issue Analytics

State:
Created 5 years ago
Reactions:1
Comments:12 (8 by maintainers)

Top GitHub Comments

1reaction

JoranHonigcommented, Feb 8, 2019

Adding invariants and statements to be proved is discussed in #405

Adding constraints to inform Mythril of possible invariants in order to prune & resolve false positives is not necessary anymore as Mythril now has a constrained memory model (vs the old unconstrained one)

Therefore I’m closing this issue if there is anything that isn’t captured in the other issue yet. Please open another issue so we can look at that separately

1reaction

rockycommented, Aug 1, 2018

A very good idea, I think. I recently noticed in one of Suhabe’s benchmarks this:

 //No underflow because of credit/balance invariant: sum (credit.values) = balance

How do people feel about this variation: in a front-end wrapper, look for comments of the form:

//invariant: sum (credit.values) = balance

And add that as a constraint to the z3 solver. Presumably this would previent Mythril from triggering the violation.

Outside of a wrapper a --constraint option could be supplied.

Top Results From Across the Web

Relationship options settings - IBM

Use this page to specify relationship options for deployable or composition units in an asset deployed as part of a business-level application.

Chapter 1: the Nature of Economics Flashcards | Quizlet

A direct relationship occurs when: A) the two variables being compared change in opposite directions, or when one goes up the other goes...

SOLID: The First 5 Principles of Object Oriented Design

SOLID stands for: S - Single-responsiblity Principle; O - Open-closed Principle; L - Liskov Substitution Principle; I - Interface Segregation ...

How to Create a real one-to-one relationship in SQL Server

First, store all the data in a single table. Then you'll have no issues in EF. Or Secondly, your entity must be smart...

9-27.000 - Principles of Federal Prosecution | JM

Among the options are: taking no position regarding the sentence; not opposing ... Second, federal prosecutors may drop readily provable charges with the ......