Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: Add Quint model of Interchain Security #1242

Closed
wants to merge 35 commits into from
Closed

chore: Add Quint model of Interchain Security #1242

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
35 commits
Select commit Hold shift + click to select a range
e2b6407
Start new attempt on Quint model of ICS
p-offtermatt Aug 17, 2023
283dc0a
Advance quint model
p-offtermatt Aug 23, 2023
2155a4f
Add first finished draft of model
p-offtermatt Aug 24, 2023
6ca6510
Add test run to model
p-offtermatt Aug 25, 2023
e27e74b
Rename model, add test, use powerset for nondeterminism
p-offtermatt Aug 25, 2023
50fae34
Reintroduce vsc changed tracking variables
p-offtermatt Aug 25, 2023
78e890a
Add text with what expliticly is modelled
p-offtermatt Aug 25, 2023
a1d57ef
Add bluespec to ccv.qnt
p-offtermatt Aug 25, 2023
6c91866
Add bluespec to expraSpells.qnt
p-offtermatt Aug 25, 2023
2126eac
Add docstring to extraSpells module
p-offtermatt Sep 5, 2023
1320b95
Start rewriting model
p-offtermatt Sep 18, 2023
5fa449c
Revert "Start rewriting model"
p-offtermatt Sep 18, 2023
c05d9e6
Start rewriting quint model
p-offtermatt Sep 18, 2023
4bbe033
Continue seperating logic in Quint model
p-offtermatt Sep 19, 2023
5ebab39
Start debugging cryptic error message
p-offtermatt Sep 20, 2023
5bca6fc
Start adding endAndBeginBlock defs
p-offtermatt Sep 20, 2023
4f77d68
Diagnose Quint parser bug
p-offtermatt Sep 21, 2023
fa233d6
Fix type in Quint
p-offtermatt Sep 21, 2023
66663bf
Add endBlock actions
p-offtermatt Sep 21, 2023
7b489fe
Start adding state machine module
p-offtermatt Sep 26, 2023
b992f8c
Save status with crashing effect checker
p-offtermatt Sep 26, 2023
baaddb7
Resolve issue by removing undefined field
p-offtermatt Sep 26, 2023
2c1341d
Remove add
p-offtermatt Sep 27, 2023
e09968d
Fix init
p-offtermatt Sep 27, 2023
55ab595
Snapshot spec with parser crasher
p-offtermatt Sep 28, 2023
0897e8c
Snapshot model
p-offtermatt Sep 28, 2023
d227aee
Start debugging tests
p-offtermatt Sep 28, 2023
09b1b87
Finish test for quint model
p-offtermatt Sep 28, 2023
96c101f
Add README and improve folder structure
p-offtermatt Sep 29, 2023
aa2989e
Fix import
p-offtermatt Sep 29, 2023
c291303
Add some invariants
p-offtermatt Sep 29, 2023
94a0acb
Refactor Consumer advancement
p-offtermatt Sep 29, 2023
8818531
Snapshot error
p-offtermatt Sep 29, 2023
633f8bb
Make time module upper case
p-offtermatt Sep 29, 2023
f28d074
Add invariants
p-offtermatt Sep 29, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 37 additions & 0 deletions tests/difference/core/quint_model/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
This folder contains a Quint model for the core logic of Cross-Chain Validation (CCV).

### File structure
The files are as follows:
- ccv.qnt: Contains the type definitions, data structures, functional logic for CCV.
The core of the protocol.
- ccv_statemachine.qnt: Contains the state machine layer for CCV. Very roughly speaking, this could be seen as "e2e tests".
Also contains invariants.
- ccv_test.qnt: Contains unit tests for the functional layer of CCV.
- libararies/*: Libraries that don't belong to CCV, but are used by it.

### Model details

To see the data structures used in the model, see the ProtocolState type in ccv.qnt.

The "public" endpoints of the model are those functions that take as an input the protocol state, and return a Result.
Other functions are for utility.

The parameters of the protocol are defined as consts in ccv.qnt.

### Invariants

The invariants I am checking are in ccv_statemachine.qnt.
Check a single invariant by running
`quint run --invariant INVARIANT_NAME ccv_statemachine.qnt --main CCVDefaultStateMachine`,
or all invariants by running this command:

Invariants are as follows:
- ValidatorUpdatesArePropagated: When a validator power update is comitted on chain, a packet containing that change in voting power is sent to all running consumers.
- ValidatorSetHasExistedInv: Every validator set on consumer chains is/was a validator set on the provider.
- SameVSCPacketsInv: Ensure that consumer chains receive the same VSCPackets in the same order.
Because of nuances with starting/stopping consumers, this invariant is not as simple as it sounds. In detail:
For consumer chains c1, c2, if both c1 and c2 received a packet p1 sent at t1 and a packet p2 sent at t2,
then both have received ALL packets that were sent between t1 and t2 in the same order.
- MatureOnTimeInv: For every ValidatorSetChangePacket received by a consumer chain at
time t, a MaturedVSCPacket is sent back to the provider in the first block
with a timestamp >= t + UnbondingPeriod on that consumer.
Loading