Extracting Smart Contracts Tested and Verified in Coq

Autor: Annenkov, Danil, Milo, Mikkel, Nielsen, Jakob Botsch, Spitters, Bas
Rok vydání: 2020
Předmět:
Zdroj: CPP'2021: Proceedings of the 10th ACM SIGPLAN International Conference on Certified Programs and Proofs, January 18--19, 2021, Virtual, Denmark
Druh dokumentu: Working Paper
DOI: 10.1145/3437992.3439934
Popis: We implement extraction of Coq programs to functional languages based on MetaCoq's certified erasure. As part of this, we implement an optimisation pass removing unused arguments. We prove the pass correct wrt. a conventional call-by-value operational semantics of functional languages. We apply this to two functional smart contract languages, Liquidity and Midlang, and to the functional language Elm. Our development is done in the context of the ConCert framework that enables smart contract verification. We contribute a verified boardroom voting smart contract featuring maximum voter privacy such that each vote is kept private except under collusion of all other parties. We also integrate property-based testing into ConCert using QuickChick and our development is the first to support testing properties of interacting smart contracts. We test several complex contracts such as a DAO-like contract, an escrow contract, an implementation of a Decentralized Finance (DeFi) contract which includes a custom token standard (Tezos FA2), and more. In total, this gives us a way to write dependent programs in Coq, test them semi-automatically, verify, and then extract to functional smart contract languages, while retaining a small trusted computing base of only MetaCoq and the pretty-printers into these languages.
Comment: Coq implementation: https://github.com/AU-COBRA/ConCert/tree/artifact-2020 Update: fixed the "author running" list, fixed a mistake in an evaluation rule for lambda-box (Section 3.1, item 2)
Databáze: arXiv