Former colleagues of mine recently released Scribble which I believe is a very exciting step forward for the usability of specification and verification techniques on Solidity smart contracts.
The major benefit is that it allows developers to write properties using inline comments their code, with no need to manage a separate set of test files.
Scribble is first and foremost a language, but also includes a tool for processing and instrumenting solidity code.
Here’s a basic example:
contract Foo {
int x;
/// if_succeeds {:msg "test"} x == old(x) + y;
function add(int y) public {
require(y > 0);
x += y;
}
}
The text following the ///
is written in Scribble, it defines the property to check:
- If the function returns properly (ie. without
INVALID
orREVERT
) - then the new value of
x
should incremented by the amounty
. - if the property does not hold, then an event will be emitted with the text “test”.
The scribble tool can then instrument the code, to emit an AssertionFailed
event if the property is broken (an assert
is also added by default, but can be optionally removed which is advantageous for fuzzing campaigns).
contract Foo {
event AssertionFailed(string message);
struct vars0 {
int256 old_0;
}
int internal x;
function add(int y) public {
vars0 memory _v;
_v.old_0 = x;
_original_Foo_add(y);
if ((!((x == (_v.old_0 + y))))) {
emit AssertionFailed("0: test");
assert(false);
}
}
function _original_Foo_add(int y) private {
require((y > 0));
x += y;
}
}
I’ll let my colleagues know I’ve posted this here, and would love to see feedback and discussion.