RT @VitalikButerin: The best way to build an L2 is to lean into the L1's offerings (security, censorship resistance, proofs, data avail. )….

RT @guillaumeclaret: Currently working on the translation of MLIR code to Rocq, to formally verify ZK circuits written in LLZK. It is quit….

Formal verification is about taking a lot of risks (niche market) to prevent others from taking some (finding all bugs)!

A goal of formal verification is to actually reduce your security cost by putting a robot 🤖 in your CI auditing every input, all the time.

It differs from what we were doing before, which was generating a typed and executable Rocq version, but without making explicit the non-aliasing and with a quite verbose version, making it difficult to use for the proofs.

We are currently writing a whole EVM specification in the Rocq language that we prove equivalent to the original implementation in Revm. This specification is in idiomatic Rocq but follows the structure of the Rust code. It includes the gas and versioning! 👇

Summer is good free time to code and focus more 😂.

Is formally verifying a whole zkVM for the end of the summer realistic? ☀️.

Formal verification can help you reach your goals faster, as you can trust your code more. 🤝.

A good reason not to write tests.

RT @Oxidefier: We did not win this Hackathon, but we were happy to participate! Thank you @SuperteamFRANCE for all the guidance, encouragem….

1. Continue to verify a functional definition for the rest if the EVM instructions. 2. Show that this functional definition is equivalent to a semantics for the EVM in Rocq. There is at least one such project that we could show as equivalent to a reference implementation.

For the rest of the instructions, we have a typed representation in Rocq generated with the help of "coq-of-rust". However, we do not have a clear idiomatic and functional definition like that of the instruction ADD. From there, we can go in two directions:.

Finally, we update the top of the stack with the result of "Impl_Uint.wrapping_add" applied to the two top elements!.

We first try to consume a "VERYLOW" amount of gas. If it fails, we return the "OutOfGas" error message. Otherwise, we pop one element from the stack and ask for a reference to the next one. If there are not enough elements, we return "StackUnderflow".

In our functional specification, the first line:. Output.Success tt. says that there can be no runtime failures (no panics!), assuming none of the provided methods panic. This is an important safety property. The rest describes how the ADD instruction behaves.

One of the difficulties here is that the code is very abstract. The types of the stack or gas field are not defined, nor are the functions to manipulate them. Instead, they are provided as trait implementations. We needed to specify that they admit a functional specification.

The functional specification (more verbose, partly because we unroll the macros):

The ADD instruction as implemented in Rust:. pub fn add<WIRE: InterpreterTypes, H: Host + ?Sized>(. interpreter: &mut Interpreter<WIRE>,. _host: &mut H,.) {. gas!(interpreter, gas::VERYLOW);. popn_top!([op1], op2, interpreter);. *op2 = op1.wrapping_add(*op2);.}.

One of our primary targets these days (months) is to make a functional specification for the Rust implementation of the EVM (Ethereum Virtual Machine) named Revm. We finally achieved that for the ADD instruction! Here is what it looks like: 👇.