Certora #127
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Github action for verifying the contracts under src/contracts/voting using certora-cli-beta 6 | |
| name: certora-review-voting-chain | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| jobs: | |
| verify: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| with: | |
| submodules: recursive | |
| - name: Install python | |
| uses: actions/setup-python@v2 | |
| with: { python-version: 3.9 } | |
| - name: Install java | |
| uses: actions/setup-java@v1 | |
| with: { java-version: "11", java-package: jre } | |
| - name: Install certora cli | |
| run: pip3 install certora-cli==7.21.1 | |
| - name: Install solc | |
| run: | | |
| wget https://github.com/ethereum/solidity/releases/download/v0.8.20/solc-static-linux | |
| chmod +x solc-static-linux | |
| sudo mv solc-static-linux /usr/local/bin/solc8.20 | |
| - name: Verify rule ${{ matrix.rule }} | |
| run: | | |
| certoraRun --disable_auto_cache_key_gen security/certora/confs/voting/${{ matrix.rule }} | |
| env: | |
| CERTORAKEY: ${{ secrets.CERTORAKEY }} | |
| strategy: | |
| fail-fast: false | |
| max-parallel: 16 | |
| matrix: | |
| rule: | |
| - verifyLegality.conf --rule createdVoteHasNonZeroHash votedPowerIsImmutable onlyValidProposalCanChangeTally legalVote method_reachability | |
| - verifyMisc.conf | |
| - verifyPower_summary.conf --rule onlyThreeTokens method_reachability | |
| - verifyProposal_config.conf --rule startedProposalHasConfig createdProposalHasRoots proposalHasNonzeroDuration newProposalUnusedId configIsImmutable getProposalsConfigsDoesntRevert method_reachability | |
| - verifyProposal_states.conf --rule startsBeforeEnds startsStrictlyBeforeEnds proposalLegalStates proposalMethodStateTransitionCompliance proposalTimeStateTransitionCompliance proposalIdIsImmutable proposalImmutability startedProposalHasConfig proposalHasNonzeroDuration method_reachability | |
| - verifyVoting_and_tally.conf --rule votingPowerGhostIsVotingPower sumOfVotes voteTallyChangedOnlyByVoting voteUpdatesTally onlyVoteCanChangeResult votingTallyCanOnlyIncrease strangerVoteUnchanged otherProposalUnchanged otherVoterUntouched method_reachability | |
| - verifyVoting_and_tally.conf --rule cannot_vote_twice_with_submitVote_and_submitVoteAsRepresentative | |
| - verifyVoting_and_tally.conf --rule cannot_vote_twice_with_submitVoteAsRepresentative_and_submitVote | |
| - verifyVoting_and_tally.conf --rule cannot_vote_twice_with_submitVoteSingleProofAsRepresentative_and_submitVote | |