|
|
|
|
@ -1,7 +1,7 @@ |
|
|
|
|
import "erc20.spec" |
|
|
|
|
|
|
|
|
|
methods { |
|
|
|
|
onFlashLoan(address, address, uint256, uint256, bytes) => HAVOC_ALL // HAVOC_ECF |
|
|
|
|
onFlashLoan(address, address, uint256, uint256, bytes) => HAVOC_ALL |
|
|
|
|
|
|
|
|
|
_burn(address account, uint256 amount) returns(bool) => specBurn(account, amount); |
|
|
|
|
} |
|
|
|
|
@ -13,19 +13,11 @@ function specBurn(address account, uint256 amount) returns bool { // retuns ne |
|
|
|
|
return true; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// ghost to save args that were passed to burn function |
|
|
|
|
// summarize burn |
|
|
|
|
// assert ghost == amount + fee |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// STATUS - in progress |
|
|
|
|
// HAVOC_ALL - everything is havoced => violation |
|
|
|
|
// HAVOC_ECF - verified |
|
|
|
|
// https://vaas-stg.certora.com/output/3106/8795450b626f2ca53a2b/?anonymousKey=dd774da10cc595e4e38357af9e4f50bf2c0cb02a |
|
|
|
|
// STATUS - verified |
|
|
|
|
// fee + flashLoan amount is burned |
|
|
|
|
rule letsWatchItBurns(env e){ |
|
|
|
|
address receiver; address token; uint256 amount; bytes data; |
|
|
|
|
require amount > 0; |
|
|
|
|
|
|
|
|
|
uint256 feeBefore = flashFee(e, token, amount); |
|
|
|
|
|
|
|
|
|
|
Aleksander Kryukov
3 years ago