{"id":21388628,"url":"https://github.com/sec-bit/calculus-token-with-proof","last_synced_at":"2025-03-16T12:41:49.137Z","repository":{"id":117652149,"uuid":"140533982","full_name":"sec-bit/calculus-token-with-proof","owner":"sec-bit","description":null,"archived":false,"fork":false,"pushed_at":"2018-07-31T09:22:48.000Z","size":50,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-01-23T00:26:58.748Z","etag":null,"topics":["coq","erc20","formal-verification","proof","smart-contracts"],"latest_commit_sha":null,"homepage":null,"language":"Coq","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sec-bit.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-07-11T06:52:18.000Z","updated_at":"2019-02-27T08:51:14.000Z","dependencies_parsed_at":"2023-08-28T22:16:55.182Z","dependency_job_id":null,"html_url":"https://github.com/sec-bit/calculus-token-with-proof","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sec-bit%2Fcalculus-token-with-proof","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sec-bit%2Fcalculus-token-with-proof/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sec-bit%2Fcalculus-token-with-proof/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sec-bit%2Fcalculus-token-with-proof/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sec-bit","download_url":"https://codeload.github.com/sec-bit/calculus-token-with-proof/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243871524,"owners_count":20361375,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["coq","erc20","formal-verification","proof","smart-contracts"],"created_at":"2024-11-22T12:18:53.503Z","updated_at":"2025-03-16T12:41:49.117Z","avatar_url":"https://github.com/sec-bit.png","language":"Coq","readme":"# Calculus Token with Proof\n\n[中文版](README_zh.md)\n\nThis repository contains the formal correctness proofs of the Ethereum Token contract *calculus*. All are composed in the interactive proof assistant [Coq](https://coq.inria.fr/).\n\n## Contract information\n\n* Token name: **Calculus Token**\n* Token symbol: CAL\n* Contract address: [```0xf67a0910a341800b7446554102344c43883d9c78```](https://etherscan.io/address/0xf67a0910a341800b7446554102344c43883d9c78)\n* Project website: [Calculus](http://www.calculus.network/)\n\n## What are proved?\n\nThe contract is proved to have following properties, which formally define the correctness of this contract.\n\n1. [```Property_totalSupply_equal_to_sum_balances```](https://github.com/sec-bit/calculus-token-with-proof/blob/master/proof/Prop.v#L993) the total supply always equals the sum of all balances.\n\n2. [```Property_totalSupply_fixed_transfer```](https://github.com/sec-bit/calculus-token-with-proof/blob/master/proof/Prop.v#L1010) the total supply is never changed by ```transfer()```.\n\n3. [```Property_totalSupply_fixed_after_initialization```](https://github.com/sec-bit/calculus-token-with-proof/blob/master/proof/Prop.v#L1120) the total supply is never changed after the contract deployment.\n\n4. [```Property_totalSupply_fixed_delegate_transfer```](https://github.com/sec-bit/calculus-token-with-proof/blob/master/proof/Prop.v#L1134) the total supply is never changed by ```transferFrom()```.\n\n5. [```Property_from_to_balances_change```](https://github.com/sec-bit/calculus-token-with-proof/blob/master/proof/Prop.v#L1148) ```transfer()``` always transfers the specified amount tokens from the caller account to the specified receiver's account.\n\n6. [```Property_pause_only_by_owner```](https://github.com/sec-bit/calculus-token-with-proof/blob/master/proof/Prop.v#L1191) only the token owner can pause the contract.\n\n7. [```Property_unpause_only_by_owner```](https://github.com/sec-bit/calculus-token-with-proof/blob/master/proof/Prop.v#L1209) only the token owner can unpause the contract.\n\n8. [```Property_restricted_owner_for_transfer```](https://github.com/sec-bit/calculus-token-with-proof/blob/master/proof/Prop.v#L1227) the token owner cannot transfer tokens in arbitrary accounts by ```transfer()```.\n\n9. [```Property_restricted_owner_for_transferFrom```](https://github.com/sec-bit/calculus-token-with-proof/blob/master/proof/Prop.v#L1260) the token owner cannot transfer tokens in arbitrary accounts by ```transferFrom()```.\n\n## Proof structure\n\nThe proof is composed of following components. A comprehensive introduction of the proving process and structure can be found at [tokenlibs-with-proofs: Proving Process](https://github.com/sec-bit/tokenlibs-with-proofs/tree/6310c6590aaf664be47342caa3a8854b2447f05e#proving-process)\n\n* [```Model.v```](proof/Model.v) defines the contract model, which abstracts the storage, the events, the message calls, and the external environment of this contract.\n\n* [```Spec.v```](proof/Spec.v) defines the contract specification, which formally describes the expected behavior of each public function of this contract.\n\n* [```DSL.v```](proof/DSL.v) expresses the Solidity implementation of this contract in Coq and proves the implementation of each public function does implement the specification in [```Spec.v```](proof/Spec.v).\n\n* [```Prop.v```](proof/Prop.v) formally defines high-level correctness and security properties of this contract and proves the contract specification does guarantee the correctness.\n\n## Quick check the proof\n\nThe proof is accomplished in the interactive proof assistant [Coq](https://coq.inria.fr/) **8.7.0**, which can generate explicit proof objects. The proof objects can be checked by a small proof checker provided by Coq in a way independently of the proving process. The proof checker can be installed along with Coq by following the [official instructions](https://github.com/coq/coq/wiki#coq-installation).\n\nAfter Coq is installed, the proof checked can be called by the following command.\n\n``` shell\ncd proof; make\n```\n\n## Why the formal proof?\n\nThe formal proof has the following benefits over the existing test and security audit.\n\n* By defining in the unambiguous mathematical language, the formal proof can *precisely* define the scope of correctness and security.\n\n* By strict mathematical proving, the formal proof can *fully* cover every case and code path of the smart contract *w.r.t.* the given definitions of formal specification and high-level properties.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsec-bit%2Fcalculus-token-with-proof","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsec-bit%2Fcalculus-token-with-proof","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsec-bit%2Fcalculus-token-with-proof/lists"}