-
Notifications
You must be signed in to change notification settings - Fork 0
harness: interactive proxy robustness + analytics fixes #26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
Th0rgal
wants to merge
99
commits into
main
Choose a base branch
from
harness/interactive-robustness-fixes
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from all commits
Commits
Show all changes
99 commits
Select commit
Hold shift + click to select a range
503a065
harness: interactive proxy robustness + analytics fixes
claude 5cef246
fix: address codex review feedback
claude 9ff078d
fix: make auto-heal lake build actually rebuild on cache hit
claude 950d7e3
fix: address additional bugbot review feedback
claude 3ddda64
fix: accept HTTP-date form of Retry-After
claude df1004c
fix: narrow environment_error + honour longer Retry-After
claude 894a285
fix: only bump temperature per new failure + match 'of module' form
claude 42efe75
fix: require benchmark source file to exist before env classification
claude 89b890e
fix: fall back on all transient HTTP statuses
claude f8d43bb
fix: rfind Benchmark marker + extra_body cannot clobber overrides
claude 07c3880
fix: bound length-retry budget + ignore env_error in temp schedule
claude 47e8084
fix: retry on socket TimeoutError instead of hard-failing task
claude c5f118c
fix: make length-retry token cap configurable via extra_body
claude 54571ce
fix: defensively parse fallback_models and length_retry_token_cap
claude 0cd7869
fix: retry on non-JSON 200 + skip candidate fallback when trace present
claude 1666e40
fix: guard non-iterable fallback_models + jitter Retry-After
claude 7427d4c
fix: strip non-schema keys from try_tactic_at_hole evaluation
claude b2bd74f
refactor: fold run_lean_check into write_editable_proof
claude 3fa4c09
feat: surface preflight failure modes as distinct failure_class
claude 896665f
feat: classify omega_failed and emit nonlinear arithmetic hints
claude 0632894
feat: classify constructor/module/synthesis failures with targeted hints
claude b975570
feat: dedupe repeated repair hints + pivot directive on 3+ stagnations
claude 33b3bdb
feat: detect no-progress loops via error-text fingerprinting
claude d91d9da
feat: priority directive when Lean check fails with ?_ still in proof
claude a142ad8
feat: context-aware substitution in try_tactic_at_hole
claude db69515
feat: strip linter.unusedSimpArgs noise from Lean output
claude 6df49e3
feat: sync tool-surface descriptions with actual runtime behavior
claude 740ef8a
feat: cache run_lean_check result when proof text is unchanged
claude 4f8632d
feat: add scope-clarifying hint when search_public_defs returns empty
claude 7e2df67
feat: encode search_public_defs scope limit upstream in tool surface
claude f5ceebe
feat: stop instructing agents to call run_lean_check after write_edit…
claude 6f45164
refactor: consolidate repair-hint generation into single builder
claude 804a00a
docs: align run_lean_check API-tool description with prompt and runtime
claude 2a2b615
feat: emit repair_hints on failed try_tactic_at_hole
claude 39adfdf
feat: cap Lean output at 16 KB to bound context consumption
claude e1af718
feat: stop re-truncating try_tactic_at_hole details to 2000 chars
claude 53b68c2
feat: strip Lean noise and normalize fingerprints for any source path
claude b9ce6aa
fix: drop stale 'before run_lean_check' advice in placeholder warning
claude 0f9b1f8
fix: stop truncating theorem signatures at first `:=` inside `let`
claude 19bb732
fix: redirect `unknown identifier '<tactic>'` hint away from search_p…
claude b24ef3f
fix: redirect `unknown identifier '<var>'` hint away from search_publ…
claude 31ff5e8
fix: warn about absent Mathlib when `unknown identifier` is Mathlib-s…
claude 0c6c7ad
fix: detect `.val` coercion asymmetry in type_mismatch details
claude 843e459
fix: propagate var-like and Mathlib routing into escalation hints
claude 99fb42e
feat: classify Lean parse errors and emit syntax-targeted hint
claude d24904d
fix: stop telling the agent to search_public_defs for EVERY unknown_i…
claude ec2c200
feat: classify `cases`/`induction` on non-inductive targets
claude 77cb481
feat: detect case-labelled unsolved_goals and stop suggesting re-split
claude d5482ba
feat: case-label-aware escalation — stop telling stuck agents to restart
claude 081794e
feat: cache search_public_defs and flag repeat queries
claude 757fbae
feat: surface Uint256 overflow lemmas when omega fails on opaque .val
claude 1fc1e29
fix: direct free_variables hint to `revert` / `+revert` instead of va…
claude 1a5b969
feat: flag monadic-trace leak in unsolved_goals and point at split_ifs
claude 76066ae
feat: flag un-reduced monadic trace in synthesis_failed holes
claude a0ddc2c
feat: pivot warning after 3 consecutive try_tactic_at_hole failures
claude 679ea76
feat: flag Mathlib-only `lemma` keyword in parse_error hints
claude f5cd8a9
feat(harness): emit .val coercion-asymmetry hint across all failure c…
claude 4e7f31c
fix(harness): persist UNFILLED HOLE warning across repeated ?_ submis…
claude c30833e
feat(harness): shape-aware hint for non-monadic synthesize-placeholder
claude 46bb0f7
feat(harness): flag un-reduced Contract.run on expected side of type_…
claude 30923f9
fix(harness): persist tactic-in-term-position warning past dedup
claude 0ff58e6
fix(harness): persist local-variable out-of-scope warning past dedup
claude a3fd27d
fix(harness): emit cross-class hint for Lean's `unused simp argument`…
claude e036941
fix(harness): parenthesize `by <tac>` in term-position hole substitution
ce89d3c
fix(harness): correct inspect_goals error message re: named holes
9784166
fix(harness): never cache environment_error results in run_lean_check
cc335c8
fix(harness): accept term-mode proofs in theorem signature extraction
3737a3e
fix(harness): reuse write_editable_proof result in no-tool-calls path
66fea29
fix(harness): restore named-hole detection in inspect_lean_goals
585bd4e
fix(harness): trim fallback model ids and keep chain going after mode…
c1f85b9
fix(harness): escape `?` in term-position regex for Lean exact? tactic
2bca670
fix(harness): preserve write-phase warnings via `write_status` in wri…
c656e8a
fix(harness): correct fully_paren_wrapped to use depth tracking, drop…
aaf90f8
fix(harness): unify failure_class_history tracking across preflight +…
4cf9005
fix(harness): normalize failed-tool evaluation records and drop redun…
0e2ea61
Sync _PREFLIGHT_FAILURE_MODES with interactive_runtime (add empty_res…
2e8acc2
Normalize no-tool-fallback evaluation to schema (fix P1 run abort)
e63e565
Rename local to avoid shadowing module-level write_result
e4c4cf5
Add interactive-gpt/-opus profiles and resumable matrix runner
claude 92053d3
grindset/s3: grind-first task skeletons + PROMPT/PROOF_PATTERNS rewrite
a70f907
grindset/s1: WIP grindset scaffolding (Attr, Monad, Tests; Test 3 fails)
e681318
grindset/a1: tag Verity invariants and case-local spec helpers with @…
f08a850
grindset/a3: add Reach grind extension (@[grind] pack + verity_reach_…
2ff4ea8
harness/agents: bump interactive-opus profile to opus-4.7
4e83119
merge(grindset): a1-invariant-tags (118 invariants tagged)
39e14a0
merge(grindset): a3-reach-grind-ext (Reach lemma pack + verity_reach_…
c756c7f
merge(grindset): s3-skeleton-gen (skeleton generator + grind-first pr…
d74321e
merge(grindset): s1-verity-grindset (Attr, Monad, Core, Tests; Test 3…
a4bfe09
grindset/s1-fix: close Test 3 flashLoanViaDeposit with simp lemma
c18f997
merge(grindset): s1-fix (ite_decide_True simp lemma closes Test 3)
820c59e
merge(harness): bump interactive-opus profile to opus-4.7
332bce4
merge(grindset): integrate all grindset branches + opus-4.7 config
6538119
harness: address P1 + medium/low review findings on PR #26
cba7fc2
grindset/a4-arith: arithmetic grind pack for lido/vaulthub_locked
162379e
merge(grindset): A4 arithmetic pack for lido/vaulthub_locked
4b4fb81
ci: add cache-salt input to rotate sticky-disk keys
b98f70f
review: align grind orientations + turn-scope failure-class dedupe
4890ee9
harness: prune stale agent profiles; keep interactive-{gpt,opus,smart}
e1544ab
review: HOME-based elan PATH + keep dry-run read-only in matrix runner
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| 1 |
22 changes: 22 additions & 0 deletions
22
Benchmark/GeneratedPreview/DamnVulnerableDeFi/SideEntrance/Tasks/DepositSetsPoolBalance.lean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| import Benchmark.Cases.DamnVulnerableDeFi.SideEntrance.Specs | ||
| import Benchmark.Grindset | ||
|
|
||
| namespace Benchmark.Cases.DamnVulnerableDeFi.SideEntrance | ||
|
|
||
| open Verity | ||
| open Verity.EVM.Uint256 | ||
|
|
||
| /-- | ||
| Executing `deposit` stores `oldPoolBalance + amount` in `poolBalance`. | ||
| -/ | ||
| theorem deposit_sets_pool_balance | ||
| (amount : Uint256) (s : ContractState) : | ||
| let s' := ((SideEntrance.deposit amount).run s).snd | ||
| deposit_sets_pool_balance_spec amount s s' := by | ||
| -- Grindset-first skeleton. See harness/PROOF_PATTERNS.md. | ||
| -- Try `grind` with contract symbol hints; fall back to `simp` / | ||
| -- `by_cases` if grind leaves goals. Use `grind?` for hints. | ||
| unfold deposit_sets_pool_balance_spec | ||
| grind [SideEntrance.deposit, SideEntrance.poolBalance, SideEntrance.totalCredits, SideEntrance.creditOf] | ||
|
|
||
| end Benchmark.Cases.DamnVulnerableDeFi.SideEntrance |
22 changes: 22 additions & 0 deletions
22
...hmark/GeneratedPreview/DamnVulnerableDeFi/SideEntrance/Tasks/DepositSetsSenderCredit.lean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| import Benchmark.Cases.DamnVulnerableDeFi.SideEntrance.Specs | ||
| import Benchmark.Grindset | ||
|
|
||
| namespace Benchmark.Cases.DamnVulnerableDeFi.SideEntrance | ||
|
|
||
| open Verity | ||
| open Verity.EVM.Uint256 | ||
|
|
||
| /-- | ||
| Executing `deposit` increases the caller's credited balance by `amount`. | ||
| -/ | ||
| theorem deposit_sets_sender_credit | ||
| (amount : Uint256) (s : ContractState) : | ||
| let s' := ((SideEntrance.deposit amount).run s).snd | ||
| deposit_sets_sender_credit_spec amount s s' := by | ||
| -- Grindset-first skeleton. See harness/PROOF_PATTERNS.md. | ||
| -- Try `grind` with contract symbol hints; fall back to `simp` / | ||
| -- `by_cases` if grind leaves goals. Use `grind?` for hints. | ||
| unfold deposit_sets_sender_credit_spec | ||
| grind [SideEntrance.deposit, SideEntrance.poolBalance, SideEntrance.totalCredits, SideEntrance.creditOf] | ||
|
|
||
| end Benchmark.Cases.DamnVulnerableDeFi.SideEntrance |
27 changes: 27 additions & 0 deletions
27
Benchmark/GeneratedPreview/DamnVulnerableDeFi/SideEntrance/Tasks/ExploitTraceDrainsPool.lean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| import Benchmark.Cases.DamnVulnerableDeFi.SideEntrance.Specs | ||
| import Benchmark.Grindset | ||
|
|
||
| namespace Benchmark.Cases.DamnVulnerableDeFi.SideEntrance | ||
|
|
||
| open Verity | ||
| open Verity.EVM.Uint256 | ||
|
|
||
| /-- | ||
| If the caller starts with zero credited balance, then borrowing `amount`, | ||
| repaying through `deposit`, and withdrawing immediately reduces pool ETH by | ||
| exactly `amount`. | ||
| -/ | ||
| theorem exploit_trace_drains_pool | ||
| (amount : Uint256) (s : ContractState) | ||
| (hBorrow : amount <= s.storage 0) | ||
| (hFresh : s.storageMap 2 s.sender = 0) : | ||
| let s' := ((SideEntrance.flashLoanViaDeposit amount).run s).snd | ||
| let s'' := ((SideEntrance.withdraw).run s').snd | ||
| exploit_trace_drains_pool_spec amount s s'' := by | ||
| -- Grindset-first skeleton. See harness/PROOF_PATTERNS.md. | ||
| -- Try `grind` with contract symbol hints; fall back to `simp` / | ||
| -- `by_cases` if grind leaves goals. Use `grind?` for hints. | ||
| unfold exploit_trace_drains_pool_spec | ||
| grind [SideEntrance.flashLoanViaDeposit, SideEntrance.withdraw, SideEntrance.poolBalance, SideEntrance.totalCredits, SideEntrance.creditOf] | ||
|
|
||
| end Benchmark.Cases.DamnVulnerableDeFi.SideEntrance |
24 changes: 24 additions & 0 deletions
24
...review/DamnVulnerableDeFi/SideEntrance/Tasks/FlashLoanViaDepositPreservesPoolBalance.lean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| import Benchmark.Cases.DamnVulnerableDeFi.SideEntrance.Specs | ||
| import Benchmark.Grindset | ||
|
|
||
| namespace Benchmark.Cases.DamnVulnerableDeFi.SideEntrance | ||
|
|
||
| open Verity | ||
| open Verity.EVM.Uint256 | ||
|
|
||
| /-- | ||
| Executing the summarized flash-loan-plus-deposit path leaves tracked pool ETH | ||
| unchanged. | ||
| -/ | ||
| theorem flashLoanViaDeposit_preserves_pool_balance | ||
| (amount : Uint256) (s : ContractState) | ||
| (hBorrow : amount <= s.storage 0) : | ||
| let s' := ((SideEntrance.flashLoanViaDeposit amount).run s).snd | ||
| flashLoanViaDeposit_preserves_pool_balance_spec amount s s' := by | ||
| -- Grindset-first skeleton. See harness/PROOF_PATTERNS.md. | ||
| -- Try `grind` with contract symbol hints; fall back to `simp` / | ||
| -- `by_cases` if grind leaves goals. Use `grind?` for hints. | ||
| unfold flashLoanViaDeposit_preserves_pool_balance_spec | ||
| grind [SideEntrance.flashLoanViaDeposit, SideEntrance.poolBalance, SideEntrance.totalCredits, SideEntrance.creditOf] | ||
|
|
||
| end Benchmark.Cases.DamnVulnerableDeFi.SideEntrance |
24 changes: 24 additions & 0 deletions
24
...tedPreview/DamnVulnerableDeFi/SideEntrance/Tasks/FlashLoanViaDepositSetsSenderCredit.lean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| import Benchmark.Cases.DamnVulnerableDeFi.SideEntrance.Specs | ||
| import Benchmark.Grindset | ||
|
|
||
| namespace Benchmark.Cases.DamnVulnerableDeFi.SideEntrance | ||
|
|
||
| open Verity | ||
| open Verity.EVM.Uint256 | ||
|
|
||
| /-- | ||
| Executing the summarized flash-loan-plus-deposit path mints caller credit | ||
| equal to the borrowed amount. | ||
| -/ | ||
| theorem flashLoanViaDeposit_sets_sender_credit | ||
| (amount : Uint256) (s : ContractState) | ||
| (hBorrow : amount <= s.storage 0) : | ||
| let s' := ((SideEntrance.flashLoanViaDeposit amount).run s).snd | ||
| flashLoanViaDeposit_sets_sender_credit_spec amount s s' := by | ||
| -- Grindset-first skeleton. See harness/PROOF_PATTERNS.md. | ||
| -- Try `grind` with contract symbol hints; fall back to `simp` / | ||
| -- `by_cases` if grind leaves goals. Use `grind?` for hints. | ||
| unfold flashLoanViaDeposit_sets_sender_credit_spec | ||
| grind [SideEntrance.flashLoanViaDeposit, SideEntrance.poolBalance, SideEntrance.totalCredits, SideEntrance.creditOf] | ||
|
|
||
| end Benchmark.Cases.DamnVulnerableDeFi.SideEntrance |
26 changes: 26 additions & 0 deletions
26
Benchmark/GeneratedPreview/Ethereum/DepositContractMinimal/Tasks/ChainStartThreshold.lean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| import Benchmark.Cases.Ethereum.DepositContractMinimal.Specs | ||
| import Benchmark.Grindset | ||
|
|
||
| namespace Benchmark.Cases.Ethereum.DepositContractMinimal | ||
|
|
||
| open Verity | ||
| open Verity.EVM.Uint256 | ||
|
|
||
| /-- | ||
| Executing a threshold-crossing full deposit sets `chainStarted`. | ||
| -/ | ||
| theorem full_deposit_starts_chain_at_threshold | ||
| (depositAmount : Uint256) (s : ContractState) | ||
| (hCount : s.storage 0 < 4294967295) | ||
| (hMin : depositAmount >= 1000000000) | ||
| (hFull : depositAmount >= 32000000000) | ||
| (hThreshold : add (s.storage 1) 1 = 65536) : | ||
| let s' := ((DepositContractMinimal.deposit depositAmount).run s).snd | ||
| deposit_starts_chain_at_threshold_spec depositAmount s s' := by | ||
| -- Grindset-first skeleton. See harness/PROOF_PATTERNS.md. | ||
| -- Try `grind` with contract symbol hints; fall back to `simp` / | ||
| -- `by_cases` if grind leaves goals. Use `grind?` for hints. | ||
| unfold deposit_starts_chain_at_threshold_spec | ||
| grind [DepositContractMinimal.deposit, DepositContractMinimal.depositCount, DepositContractMinimal.fullDepositCount, DepositContractMinimal.chainStarted] | ||
|
|
||
| end Benchmark.Cases.Ethereum.DepositContractMinimal |
25 changes: 25 additions & 0 deletions
25
Benchmark/GeneratedPreview/Ethereum/DepositContractMinimal/Tasks/DepositCount.lean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| import Benchmark.Cases.Ethereum.DepositContractMinimal.Specs | ||
| import Benchmark.Grindset | ||
|
|
||
| namespace Benchmark.Cases.Ethereum.DepositContractMinimal | ||
|
|
||
| open Verity | ||
| open Verity.EVM.Uint256 | ||
|
|
||
| /-- | ||
| Executing `deposit` on the successful path increments the total deposit counter | ||
| by exactly one. | ||
| -/ | ||
| theorem deposit_increments_deposit_count | ||
| (depositAmount : Uint256) (s : ContractState) | ||
| (hCount : s.storage 0 < 4294967295) | ||
| (hMin : depositAmount >= 1000000000) : | ||
| let s' := ((DepositContractMinimal.deposit depositAmount).run s).snd | ||
| deposit_increments_deposit_count_spec s s' := by | ||
| -- Grindset-first skeleton. See harness/PROOF_PATTERNS.md. | ||
| -- Try `grind` with contract symbol hints; fall back to `simp` / | ||
| -- `by_cases` if grind leaves goals. Use `grind?` for hints. | ||
| unfold deposit_increments_deposit_count_spec | ||
| grind [DepositContractMinimal.deposit, DepositContractMinimal.depositCount, DepositContractMinimal.fullDepositCount, DepositContractMinimal.chainStarted] | ||
|
|
||
| end Benchmark.Cases.Ethereum.DepositContractMinimal |
26 changes: 26 additions & 0 deletions
26
...eneratedPreview/Ethereum/DepositContractMinimal/Tasks/FullDepositIncrementsFullCount.lean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| import Benchmark.Cases.Ethereum.DepositContractMinimal.Specs | ||
| import Benchmark.Grindset | ||
|
|
||
| namespace Benchmark.Cases.Ethereum.DepositContractMinimal | ||
|
|
||
| open Verity | ||
| open Verity.EVM.Uint256 | ||
|
|
||
| /-- | ||
| Executing `deposit` at or above the full threshold increments | ||
| `fullDepositCount` by one. | ||
| -/ | ||
| theorem full_deposit_increments_full_count | ||
| (depositAmount : Uint256) (s : ContractState) | ||
| (hCount : s.storage 0 < 4294967295) | ||
| (hMin : depositAmount >= 1000000000) | ||
| (hFull : depositAmount >= 32000000000) : | ||
| let s' := ((DepositContractMinimal.deposit depositAmount).run s).snd | ||
| deposit_increments_full_count_for_full_deposit_spec depositAmount s s' := by | ||
| -- Grindset-first skeleton. See harness/PROOF_PATTERNS.md. | ||
| -- Try `grind` with contract symbol hints; fall back to `simp` / | ||
| -- `by_cases` if grind leaves goals. Use `grind?` for hints. | ||
| unfold deposit_increments_full_count_for_full_deposit_spec | ||
| grind [DepositContractMinimal.deposit, DepositContractMinimal.depositCount, DepositContractMinimal.fullDepositCount, DepositContractMinimal.chainStarted] | ||
|
|
||
| end Benchmark.Cases.Ethereum.DepositContractMinimal |
25 changes: 25 additions & 0 deletions
25
...eneratedPreview/Ethereum/DepositContractMinimal/Tasks/FullDepositPreservesPartialGap.lean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| import Benchmark.Cases.Ethereum.DepositContractMinimal.Specs | ||
| import Benchmark.Grindset | ||
|
|
||
| namespace Benchmark.Cases.Ethereum.DepositContractMinimal | ||
|
|
||
| open Verity | ||
| open Verity.EVM.Uint256 | ||
|
|
||
| /-- | ||
| Executing a full deposit increments both counters in lockstep, so the gap | ||
| between all deposits and full deposits is preserved. | ||
| -/ | ||
| theorem full_deposit_preserves_partial_gap | ||
| (depositAmount : Uint256) (s : ContractState) | ||
| (hCount : s.storage 0 < 4294967295) | ||
| (hMin : depositAmount >= 1000000000) | ||
| (hFull : depositAmount >= 32000000000) : | ||
| let s' := ((DepositContractMinimal.deposit depositAmount).run s).snd | ||
| s'.storage 0 - s'.storage 1 = s.storage 0 - s.storage 1 := by | ||
| -- Grindset-first skeleton. See harness/PROOF_PATTERNS.md. | ||
| -- Try `grind` with contract symbol hints; fall back to `simp` / | ||
| -- `by_cases` if grind leaves goals. Use `grind?` for hints. | ||
| grind [DepositContractMinimal.deposit, DepositContractMinimal.depositCount, DepositContractMinimal.fullDepositCount, DepositContractMinimal.chainStarted] | ||
|
|
||
| end Benchmark.Cases.Ethereum.DepositContractMinimal |
26 changes: 26 additions & 0 deletions
26
...eneratedPreview/Ethereum/DepositContractMinimal/Tasks/SmallDepositPreservesFullCount.lean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| import Benchmark.Cases.Ethereum.DepositContractMinimal.Specs | ||
| import Benchmark.Grindset | ||
|
|
||
| namespace Benchmark.Cases.Ethereum.DepositContractMinimal | ||
|
|
||
| open Verity | ||
| open Verity.EVM.Uint256 | ||
|
|
||
| /-- | ||
| Executing `deposit` below the full threshold leaves `fullDepositCount` | ||
| unchanged. | ||
| -/ | ||
| theorem small_deposit_preserves_full_count | ||
| (depositAmount : Uint256) (s : ContractState) | ||
| (hCount : s.storage 0 < 4294967295) | ||
| (hMin : depositAmount >= 1000000000) | ||
| (hSmall : depositAmount < 32000000000) : | ||
| let s' := ((DepositContractMinimal.deposit depositAmount).run s).snd | ||
| deposit_preserves_full_count_for_small_deposit_spec depositAmount s s' := by | ||
| -- Grindset-first skeleton. See harness/PROOF_PATTERNS.md. | ||
| -- Try `grind` with contract symbol hints; fall back to `simp` / | ||
| -- `by_cases` if grind leaves goals. Use `grind?` for hints. | ||
| unfold deposit_preserves_full_count_for_small_deposit_spec | ||
| grind [DepositContractMinimal.deposit, DepositContractMinimal.depositCount, DepositContractMinimal.fullDepositCount, DepositContractMinimal.chainStarted] | ||
|
|
||
| end Benchmark.Cases.Ethereum.DepositContractMinimal |
25 changes: 25 additions & 0 deletions
25
Benchmark/GeneratedPreview/Kleros/SortitionTrees/Tasks/DrawIntervalMatchesWeights.lean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| import Benchmark.Cases.Kleros.SortitionTrees.Specs | ||
| import Benchmark.Grindset | ||
|
|
||
| namespace Benchmark.Cases.Kleros.SortitionTrees | ||
|
|
||
| open Verity | ||
| open Verity.EVM.Uint256 | ||
|
|
||
| /-- | ||
| Executing `draw` follows the encoded ticket intervals used by the | ||
| implementation. | ||
| -/ | ||
| theorem draw_interval_matches_weights | ||
| (ticket : Uint256) (s : ContractState) | ||
| (hRoot : s.storage 0 != 0) | ||
| (hInRange : ticket < s.storage 0) : | ||
| let s' := ((SortitionTrees.draw ticket).run s).snd | ||
| draw_interval_matches_weights_spec ticket s s' := by | ||
| -- Grindset-first skeleton. See harness/PROOF_PATTERNS.md. | ||
| -- Try `grind` with contract symbol hints; fall back to `simp` / | ||
| -- `by_cases` if grind leaves goals. Use `grind?` for hints. | ||
| unfold draw_interval_matches_weights_spec | ||
| grind [SortitionTrees.draw, SortitionTrees.rootSum, SortitionTrees.leftSum, SortitionTrees.rightSum, SortitionTrees.leaf0, SortitionTrees.leaf1, SortitionTrees.leaf2, SortitionTrees.leaf3, SortitionTrees.nodeIndexesToIDs, SortitionTrees.IDsToNodeIndexes, SortitionTrees.selectedNode] | ||
|
|
||
| end Benchmark.Cases.Kleros.SortitionTrees |
24 changes: 24 additions & 0 deletions
24
Benchmark/GeneratedPreview/Kleros/SortitionTrees/Tasks/DrawSelectsValidLeaf.lean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| import Benchmark.Cases.Kleros.SortitionTrees.Specs | ||
| import Benchmark.Grindset | ||
|
|
||
| namespace Benchmark.Cases.Kleros.SortitionTrees | ||
|
|
||
| open Verity | ||
| open Verity.EVM.Uint256 | ||
|
|
||
| /-- | ||
| Any successful `draw` resolves to one of the four leaf node indices. | ||
| -/ | ||
| theorem draw_selects_valid_leaf | ||
| (ticket : Uint256) (s : ContractState) | ||
| (hRoot : s.storage 0 != 0) | ||
| (hInRange : ticket < s.storage 0) : | ||
| let s' := ((SortitionTrees.draw ticket).run s).snd | ||
| draw_selects_valid_leaf_spec s' := by | ||
| -- Grindset-first skeleton. See harness/PROOF_PATTERNS.md. | ||
| -- Try `grind` with contract symbol hints; fall back to `simp` / | ||
| -- `by_cases` if grind leaves goals. Use `grind?` for hints. | ||
| unfold draw_selects_valid_leaf_spec | ||
| grind [SortitionTrees.draw, SortitionTrees.rootSum, SortitionTrees.leftSum, SortitionTrees.rightSum, SortitionTrees.leaf0, SortitionTrees.leaf1, SortitionTrees.leaf2, SortitionTrees.leaf3, SortitionTrees.nodeIndexesToIDs, SortitionTrees.IDsToNodeIndexes, SortitionTrees.selectedNode] | ||
|
|
||
| end Benchmark.Cases.Kleros.SortitionTrees |
25 changes: 25 additions & 0 deletions
25
Benchmark/GeneratedPreview/Kleros/SortitionTrees/Tasks/NodeIdBijection.lean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| import Benchmark.Cases.Kleros.SortitionTrees.Specs | ||
| import Benchmark.Grindset | ||
|
|
||
| namespace Benchmark.Cases.Kleros.SortitionTrees | ||
|
|
||
| open Verity | ||
| open Verity.EVM.Uint256 | ||
|
|
||
| /-- | ||
| Executing `setLeaf` writes matching forward and reverse mapping entries for the | ||
| updated node and stake-path id. | ||
| -/ | ||
| theorem node_id_bijection | ||
| (nodeIndex stakePathID weight : Uint256) (s : ContractState) | ||
| (hLow : nodeIndex >= 3) | ||
| (hHigh : nodeIndex <= 6) : | ||
| let s' := ((SortitionTrees.setLeaf nodeIndex stakePathID weight).run s).snd | ||
| node_id_bijection_spec nodeIndex stakePathID s' := by | ||
| -- Grindset-first skeleton. See harness/PROOF_PATTERNS.md. | ||
| -- Try `grind` with contract symbol hints; fall back to `simp` / | ||
| -- `by_cases` if grind leaves goals. Use `grind?` for hints. | ||
| unfold node_id_bijection_spec | ||
| grind [SortitionTrees.setLeaf, SortitionTrees.rootSum, SortitionTrees.leftSum, SortitionTrees.rightSum, SortitionTrees.leaf0, SortitionTrees.leaf1, SortitionTrees.leaf2, SortitionTrees.leaf3, SortitionTrees.nodeIndexesToIDs, SortitionTrees.IDsToNodeIndexes, SortitionTrees.selectedNode] | ||
|
|
||
| end Benchmark.Cases.Kleros.SortitionTrees |
24 changes: 24 additions & 0 deletions
24
Benchmark/GeneratedPreview/Kleros/SortitionTrees/Tasks/ParentEqualsSumOfChildren.lean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| import Benchmark.Cases.Kleros.SortitionTrees.Specs | ||
| import Benchmark.Grindset | ||
|
|
||
| namespace Benchmark.Cases.Kleros.SortitionTrees | ||
|
|
||
| open Verity | ||
| open Verity.EVM.Uint256 | ||
|
|
||
| /-- | ||
| Executing `setLeaf` recomputes each parent node from its direct children. | ||
| -/ | ||
| theorem parent_equals_sum_of_children | ||
| (nodeIndex stakePathID weight : Uint256) (s : ContractState) | ||
| (hLow : nodeIndex >= 3) | ||
| (hHigh : nodeIndex <= 6) : | ||
| let s' := ((SortitionTrees.setLeaf nodeIndex stakePathID weight).run s).snd | ||
| parent_equals_sum_of_children_spec s' := by | ||
| -- Grindset-first skeleton. See harness/PROOF_PATTERNS.md. | ||
| -- Try `grind` with contract symbol hints; fall back to `simp` / | ||
| -- `by_cases` if grind leaves goals. Use `grind?` for hints. | ||
| unfold parent_equals_sum_of_children_spec | ||
| grind [SortitionTrees.setLeaf, SortitionTrees.rootSum, SortitionTrees.leftSum, SortitionTrees.rightSum, SortitionTrees.leaf0, SortitionTrees.leaf1, SortitionTrees.leaf2, SortitionTrees.leaf3, SortitionTrees.nodeIndexesToIDs, SortitionTrees.IDsToNodeIndexes, SortitionTrees.selectedNode] | ||
|
|
||
| end Benchmark.Cases.Kleros.SortitionTrees |
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Cache salt missing from GitHub Actions fallback keys
Medium Severity
The new
CACHE_SALT_HASHis appended to all sticky-disk cache keys (lines 35–39) but is not added to the GitHub Actions cache fallback keys at line 65 (elan-${{ runner.os }}-...) and line 170 (lake-${{ runner.os }}-...). Bumping.github/cache-saltwill bust caches only for workflows using sticky disks; workflows on the non-sticky path will continue hitting stale caches, defeating the cache-busting mechanism.Additional Locations (1)
.github/actions/setup-lean/action.yml#L64-L65Reviewed by Cursor Bugbot for commit e1544ab. Configure here.