A Formally Verified Static Analysis Framework for Compositional Contracts

Henglein, Fritz; Larsen, Christian Kjær; Murawska, Agata

doi:10.1007/978-3-030-54455-3_42

Cited by 6 publications

(9 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Apart from the example in Figure 3, we successfully applied the developed extraction to several variants of the counter contract, to the crowdfunding contract described in [ANS20] and to an interpreter for a simple expression language. The latter example shows the possibility of extracting certified interpreters for domain-specific languages such as Marlowe [LST18], CSL [HLM20] and the CL language [BBE15,AE18]. This represents an important step towards safe smart contract programming.…”

Section: Nonementioning

confidence: 99%

Extracting smart contracts tested and verified in Coq

Annenkov

Milo

Nielsen

et al. 2021

Proceedings of the 10th ACM SIGPLAN International Conference on Certified Programs and Proofs

View full text Add to dashboard Cite

We implement extraction of Coq programs to functional languages based on MetaCoq's certified erasure. As part of this, we implement an optimisation pass removing unused arguments. We prove the pass correct wrt. a conventional call-by-value operational semantics of functional languages. We apply this to two functional smart contract languages, Liquidity and Midlang, and to the functional language Elm. Our development is done in the context of the ConCert framework that enables smart contract verification. We contribute a verified boardroom voting smart contract featuring maximum voter privacy such that each vote is kept private except under collusion of all other parties. We also integrate property-based testing into ConCert using QuickChick and our development is the first to support testing properties of interacting smart contracts. We test several complex contracts such as a DAO-like contract, an escrow contract, an implementation of a Decentralized Finance (DeFi) contract which includes a custom token standard (Tezos FA2), and more. In total, this gives us a way to write dependent programs in Coq, test them semi-automatically, verify, and then extract to functional smart contract languages, while retaining a small trusted computing base of only MetaCoq and the pretty-printers into these languages.

show abstract

Section: Nonementioning

confidence: 99%

Extracting smart contracts tested and verified in Coq

Annenkov

Milo

Nielsen

et al. 2021

Proceedings of the 10th ACM SIGPLAN International Conference on Certified Programs and Proofs

View full text Add to dashboard Cite

show abstract

“…4, we successfully applied the developed extraction to several variants of the counter contract, to the crowdfunding contract described in (Annenkov et al, 2020), the contracts from Sections 6 and 7 and to an interpreter for a simple expression language. The latter example shows the possibility of extracting certified interpreters for domain-specific languages such as Marlowe (Lamela Seijas and Thompson, 2018), CSL (Henglein et al, 2020) and the CL language (Bahr et al, 2015;Annenkov and Elsman, 2018). This represents an important step towards safe smart contract programming.…”

Section: Extracting To Liquidity and Cameligomentioning

confidence: 99%

“…However, for certain domain-specific contract languages (e.g. Marlowe (Lamela Seijas and Thompson, 2018), CSL (Henglein et al, 2020), CL (Bahr et al, 2015;Annenkov and Elsman, 2018)) the approach of (Šinkarovs and Cockx, 2021) looks promising. It would be interesting to reproduce the approach in Coq, with the additional benefit of reasoning about the semantics preservation using the MetaCoq formalisation.…”

Section: Related Workmentioning

confidence: 99%

Extracting functional programs from Coq, in Coq

Annenkov¹,

Milo²,

Nielsen³

et al. 2021

Preprint

View full text Add to dashboard Cite

We implement extraction of Coq programs to functional languages based on MetaCoq's certified erasure. We extend the MetaCoq erasure output language with typing information and use it as an intermediate representation, which we call λ T . We complement the extraction functionality with a full pipeline that includes several standard transformations (eta-expansion, inlining, etc) implemented in a proof-generating manner along with a verified optimisation pass removing unused arguments. We prove the pass correct wrt. a conventional call-by-value operational semantics of functional languages. From the optimised λ T representation, we obtain code in two functional smart contract languages, Liquidity and CameLIGO, the functional language Elm, and a subset of the multi-paradigm language for systems programming Rust. Rust is currently gaining popularity as a language for smart contracts, and we demonstrate how our extraction can be used to extract smart contract code for the Concordium network. The development is done in the context of the ConCert framework that enables smart contract verification. We contribute with two verified real-world smart contracts (boardroom voting and escrow), which we use, among other examples, to exemplify the applicability of the pipeline. In addition, we develop a verified web application and extract it to fully functional Elm code. In total, this gives us a way to write dependently typed programs in Coq, verify, and then extract them to several target languages while retaining a small trusted computing base of only MetaCoq and the pretty-printers into these languages.

show abstract

“…The latter example shows the possibility of extracting certified interpreters for domain-specific languages such as Marlowe (Lamela Seijas & Thompson 2018), CSL (Henglein et al . 2020) and the CL language (Bahr et al . 2015; Annenkov & Elsman 2018).…”

Section: Extractionmentioning

confidence: 99%

“…Marlowe (Lamela Seijas & Thompson 2018), CSL (Henglein et al . 2020), CL (Bahr et al . 2015; Annenkov & Elsman 2018), the approach of Šinkarovs & Cockx (2021) looks promising.…”

Section: Related Workmentioning

confidence: 99%

Extracting functional programs from Coq, in Coq

Annenkov¹,

Milo²,

Nielsen³

et al. 2022

J. Funct. Prog.

View full text Add to dashboard Cite

We implement extraction of Coq programs to functional languages based on MetaCoq’s certified erasure. We extend the MetaCoq erasure output language with typing information and use it as an intermediate representation, which we call ${\lambda^T_\square}$ . We complement the extraction functionality with a full pipeline that includes several standard transformations (e.g. eta-expansion and inlining) implemented in a proof-generating manner along with a verified optimisation pass removing unused arguments. We prove the pass correct wrt. a conventional call-by-value operational semantics of functional languages. From the optimised ${\lambda^T_\square}$ representation, we obtain code in two functional smart contract languages, Liquidity and CameLIGO, the functional language Elm, and a subset of the multi-paradigm language for systems programming Rust. Rust is currently gaining popularity as a language for smart contracts, and we demonstrate how our extraction can be used to extract smart contract code for the Concordium network. The development is done in the context of the ConCert framework that enables smart contract verification. We contribute with two verified real-world smart contracts (boardroom voting and escrow), which we use, among other examples, to exemplify the applicability of the pipeline. In addition, we develop a verified web application and extract it to fully functional Elm code. In total, this gives us a way to write dependently typed programs in Coq, verify, and then extract them to several target languages while retaining a small trusted computing base of only MetaCoq and the pretty-printers into these languages.

show abstract

A Formally Verified Static Analysis Framework for Compositional Contracts

Cited by 6 publications

References 28 publications

Extracting smart contracts tested and verified in Coq

Extracting smart contracts tested and verified in Coq

Extracting functional programs from Coq, in Coq

Extracting functional programs from Coq, in Coq

Contact Info

Product

Resources

About