Sqrt fails formal verification

Question

Sqrt fails formal verification

Gungy2 opened this issue 2 years ago · 5 comments

Describe the error

There seems to be a bug in sqrt for formal verification. The following example fails verification (irrespective of the value of tokensToReturn.

To Reproduce

const tokensToReturn = (depositInvariant * stableTokenBalance) / slbTokenBalance;
require(sqrt(tokensToReturn) * sqrt(tokensToReturn) <= tokensToReturn, "Sqrt works");

Extra information

I am using the latest version of Reach. Also, may I please ask you to prioritize this, if at all possible? My Master thesis is due in about 2 weeks, and my project has been blocked by this bug for about 3 weeks now. Thank you so much!

Answer 1 · 2023-06-01T15:55:23.000Z

What is the error you get?

Answer 2 · 2023-06-02T10:54:03.000Z

Gungy2 commented 2 years ago

Answer 3 · 2023-06-02T10:54:58.000Z

I think the conversation on Discord is also relevant.

Answer 4 · 2023-06-06T12:20:46.000Z

Alternatively, even easier:

export const main =
  Reach.App( () => {
    const A = Participant('A', { x: UInt });
    init();
      A.only(() => {
        const x = declassify(interact.x);
        assume(x > 0, "x too low");
      });
      A.publish(x);
      commit();
      assert(sqrt(x) * sqrt(x) <= x);
    }
  );

This gives:

  // Violation Witness

  const UInt.max = 4;

  const x/43 = "A".interact.x;
  //    ^ could = 3
  //      from: ./t/y/sqrt.rsh:5:34:property binding

  // Theorem Formalization

  const v51 = sqrtx/43;
  //    ^ would be 2
  const v54 = (v51 * v51) <= x/43;
  //    ^ would be false
  assert(v54);

  Verifying when NO participants are honest
Checked 5 theorems; 2 failures (and 1 omitted repeats) :'(

Answer 5 · 2023-06-06T21:57:16.000Z

If you are not able to test or use the new SMT assertion, then you can change your code from using a require to using an enforce, which will make it happen at run-time.