certora-cli-beta-mirror 7.28.0__py3-none-any.whl → 8.5.0__py3-none-any.whl

certora_cli/CertoraProver/certoraContextValidator.py

@@ -13,6 +13,7 @@
 #     You should have received a copy of the GNU General Public License
 #     along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
+
 import logging
 import os
 import re
@@ -21,7 +22,8 @@ import itertools
 import tempfile
 import fnmatch
 from pathlib import Path
-from typing import Dict, List, Tuple, Set, Any, Union, Optional
+from wcmatch import glob
+from typing import Dict, List, Tuple, Set, Any, Union, OrderedDict
 
 import CertoraProver.certoraContext as Ctx
 import CertoraProver.certoraContextAttributes as Attrs
@@ -30,6 +32,7 @@ from CertoraProver.certoraContextClass import CertoraContext
 from Shared import certoraUtils as Util
 from Shared import certoraAttrUtil as AttrUtil
 from CertoraProver.certoraProjectScanner import scan_project
+import CertoraProver.certoraApp as App
 
 scripts_dir_path = Path(__file__).parent.resolve()  # containing directory
 sys.path.insert(0, str(scripts_dir_path))
@@ -43,9 +46,60 @@ class CertoraContextValidator:
     def __init__(self, context: CertoraContext):
         self.context = context
 
+    def handle_concord_attrs(self) -> None:
+        if self.context.app == App.ConcordApp:
+            for attr in (Attrs.ConcordAttributes.unsupported_attributes()):
+                attr_name = attr.get_conf_key()
+                if getattr(self.context, attr_name):
+                    if attr.arg_type == AttrUtil.AttrArgType.BOOLEAN:
+                        setattr(self.context, attr_name, False)
+                    else:
+                        setattr(self.context, attr_name, None)
+                    raise Util.CertoraUserInputError(f"Concord does not support {attr_name}")
+            if not self.context.check_method:
+                raise Util.CertoraUserInputError("'check_method' attribute/flag is mandatory when running Concord")
+            contracts = getattr(self.context, 'contracts', None)
+            if not contracts:
+                raise Util.CertoraUserInputError("No contracts were specified for Concord")
+            if len(contracts) != 2:
+                raise Util.CertoraUserInputError(f"expecting 2 contracts for Concord, got {len(contracts)}: {contracts}")
+
+    def handle_ranger_attrs(self) -> None:
+        # unset unsupported attributes
+        if self.context.app == App.RangerApp:
+            for attr in Attrs.RangerAttributes.unsupported_attributes():
+                attr_name = attr.get_conf_key()
+                if getattr(self.context, attr_name):
+                    if attr.arg_type == AttrUtil.AttrArgType.BOOLEAN:
+                        setattr(self.context, attr_name, False)
+                    else:
+                        setattr(self.context, attr_name, None)
+                    validation_logger.info(f"Ranger does not support {attr_name}, ignoring this attribute")
+
+            # setting the default Ranger attributes
+
+            self.context.range = self.context.range or Util.DEFAULT_RANGER_RANGE
+            self.context.ranger_failure_limit = self.context.ranger_failure_limit or Util.DEFAULT_RANGER_FAILURE_LIMIT
+            if self.context.loop_iter and self.context.loop_iter != Util.DEFAULT_RANGER_LOOP_ITER:
+                validation_logger.info(f"While running Ranger, loop iter is {Util.DEFAULT_RANGER_LOOP_ITER} "
+                                       f"ignoring the set value of {self.context.loop_iter}")
+            self.context.loop_iter = self.context.loop_iter or Util.DEFAULT_RANGER_LOOP_ITER
+
+            for attr in Attrs.RangerAttributes.true_by_default_attributes():
+                attr_name = attr.get_conf_key()
+                setattr(self.context, attr_name, True)
+
+        else:
+            if self.context.range:
+                self.context.range = None
+                validation_logger.info("the 'range' attribute is ignored when not running from the Ranger App")
+            if self.context.ranger_failure_limit:
+                self.context.ranger_failure_limit = None
+                validation_logger.info("the 'ranger_failure_limit' is ignored when not running from the Ranger App")
+
     def validate(self) -> None:
 
-        for attr_def in Attrs.get_attribute_class().attribute_list():
+        for attr_def in self.context.app.attr_class.attribute_list():
             conf_key = attr_def.get_conf_key()
             attr = getattr(self.context, conf_key, None)
             if attr_def.deprecation_msg and attr:
@@ -106,9 +160,9 @@ class CertoraContextValidator:
 
         if value is None:
             raise RuntimeError(f"calling validate_type_string with null value {conf_key}")
-        if not isinstance(value, str):
-            raise Util.CertoraUserInputError(f"value of {conf_key} {value} is not a string")
-        attr.validate_value(value)
+        if not isinstance(value, (str, int)):
+            raise Util.CertoraUserInputError(f"value of {conf_key} {value} is not a string or an integer")
+        attr.validate_value(str(value))
 
     def validate_type_boolean(self, attr: AttrUtil.AttributeDefinition) -> None:
         conf_key, value = self.__get_key_and_value(attr)
@@ -121,6 +175,20 @@ class CertoraContextValidator:
         elif value not in [True, False]:
             raise Util.CertoraUserInputError(f"value of {conf_key} {value} is not a boolean (true/false)")
 
+    def check_rust_args_post_argparse(self) -> None:
+        context = self.context
+        if context.files:
+            if context.build_script:
+                raise Util.CertoraUserInputError("'files' and 'build_script' cannot be both set for Rust projects")
+            if len(context.files) > 1:
+                raise Util.CertoraUserInputError("Rust projects must specify exactly one executable in 'files'.")
+
+        if context.url_visibility and context.local:
+            validation_logger.info("'url_visibility' has no effect in local tool runs")
+        set_attr_default(context, attr_name=Attrs.CommonAttributes.URL_VISIBILITY.name.lower(),
+                         ci_value=str(Vf.UrlVisibilityOptions.PUBLIC),
+                         default_value=str(Vf.UrlVisibilityOptions.PRIVATE))
+
     def check_args_post_argparse(self) -> None:
         """
         Performs checks over the arguments after basic argparse parsing
@@ -158,7 +226,7 @@ class CertoraContextValidator:
         check_contract_name_arg_inputs(context)  # Here context.contracts is set
         Util.check_packages_arguments(context)
         convert_to_compiler_map(context)
-        if Attrs.is_evm_app():
+        if Ctx.is_evm_app_class(context):
             if context.compiler_map is None and context.bytecode_jsons is None:  # xxx - we would need to reiterate here
                 # once we allow combining raw bytecode with Solidity
                 context.solc = Vf.is_solc_file_valid(context.solc)
@@ -175,10 +243,18 @@ class CertoraContextValidator:
         if context.compilation_steps_only and context.build_only:
             raise Util.CertoraUserInputError("cannot use both 'compilation_steps_only' and 'build_only'")
 
-        set_wait_for_results_default(context)
+        set_attr_default(context, attr_name=Attrs.CommonAttributes.WAIT_FOR_RESULTS.name.lower(),
+                         ci_value=str(Vf.WaitForResultOptions.ALL),
+                         default_value=str(Vf.WaitForResultOptions.NONE))
         if context.wait_for_results and context.wait_for_results != str(Vf.WaitForResultOptions.NONE) and context.local:
             validation_logger.warning("'wait_for_results' has no effect in local tool runs")
 
+        if context.url_visibility and context.local:
+            validation_logger.info("'url_visibility' has no effect in local tool runs")
+        set_attr_default(context, attr_name=Attrs.CommonAttributes.URL_VISIBILITY.name.lower(),
+                         ci_value=str(Vf.UrlVisibilityOptions.PUBLIC),
+                         default_value=str(Vf.UrlVisibilityOptions.PRIVATE))
+
         # packages must be in a normal form (no unneeded . or ..)
         if context.packages:
             for idx, el in enumerate(context.packages):
@@ -334,19 +410,13 @@ def convert_to_compiler_map(context: CertoraContext) -> None:
     if context.solc_map:
         context.compiler_map = context.solc_map
         context.solc_map = None
-    if context.solc:
-        context.compiler_map = {'*.sol': f'{context.solc}'}
-    if context.vyper:
-        context.compiler_map = {'*.vy': f'{context.vyper}'}
+
 
 def check_vyper_flag(context: CertoraContext) -> None:
     if context.vyper:
-        non_vy_paths = [path for path in context.files if not path.endswith(".vy")]
-        if non_vy_paths:
-            raise Util.CertoraUserInputError(f"vyper attribute can only be set for Vyper files: {non_vy_paths}")
-        if context.solc:
-            raise Util.CertoraUserInputError("cannot set both vyper attribute and solc attribute")
-        context.solc = context.vyper
+        vy_paths = [path for path in context.files if path.endswith(".vy")]
+        if not vy_paths:
+            validation_logger.warning("vyper attribute was set but no Vyper files were set")
 
 def check_contract_name_arg_inputs(context: CertoraContext) -> None:
     """
@@ -388,14 +458,6 @@ def check_contract_name_arg_inputs(context: CertoraContext) -> None:
         check_conflicting_link_args(context)
 
     context.verified_contract_files = []
-    if context.assert_contracts is not None:
-        for assert_arg in context.assert_contracts:
-            contract = Util.get_trivial_contract_name(assert_arg)
-            if contract not in contract_names:
-                __suggest_contract_name(f"'assert' argument, {contract}, doesn't match any contract name", contract,
-                                        contract_names, contract_to_file)
-            else:
-                context.verified_contract_files.append(contract_to_file[contract])
 
     context.spec_file = None
 
@@ -409,7 +471,7 @@ def check_contract_name_arg_inputs(context: CertoraContext) -> None:
         context.spec_file = spec
 
     contract_to_address = dict()
-    if context.address:
+    if getattr(context, 'address', None):
         for address_str in context.address:
             contract = address_str.split(':')[0]
             if contract not in contract_names:
@@ -425,7 +487,7 @@ def check_contract_name_arg_inputs(context: CertoraContext) -> None:
                 all_warnings.add(f'address {number} for contract {contract} defined twice')
     context.address = contract_to_address
 
-    if context.struct_link:
+    if getattr(context, 'struct_link', None):
         contract_slot_to_contract = dict()
         for link in context.struct_link:
             location = link.split('=')[0]
@@ -541,30 +603,32 @@ def check_mode_of_operation(context: CertoraContext) -> None:
 
     @param context: A namespace including all CLI arguments provided
     @raise an CertoraUserInputError when:
-        1. .conf|.tac|.json file is used with --assert_contracts flags
-        2. when both --assert_contracts and --verify flags were given
-        3. when the file is not .tac|.conf|.json and neither --assert_contracts nor --verify were used
-        4. If either --bytecode_jsons or --bytecode_spec was used without the other.
+        1. when both --equivalence_contracts and --verify flags were given
+        2. when the file is not .tac|.conf|.json and neither --equivalence_contracts nor --verify were used
+        3. If either --bytecode_jsons or --bytecode_spec was used without the other.
     """
     context.is_verify = context.verify is not None and len(context.verify) > 0
-    context.is_assert = context.assert_contracts is not None and len(context.assert_contracts) > 0
     context.is_bytecode = context.bytecode_jsons is not None and len(context.bytecode_jsons) > 0
+    context.is_equivalence = context.equivalence_contracts is not None or context.app == App.ConcordApp
 
-    if (context.project_sanity or context.foundry) and (context.is_verify or context.is_assert or context.is_bytecode):
-        raise Util.CertoraUserInputError("The 'project_sanity' and 'foundry' options cannot coexist with the 'verify', 'assert_contract' or 'bytecode_jsons' options")
+    if (context.project_sanity or context.foundry) and \
+       (context.is_verify or context.is_bytecode or context.is_equivalence):
+        raise Util.CertoraUserInputError("The 'project_sanity' and 'foundry' options cannot coexist with the 'verify', "
+                                         "'assert_contract' or 'bytecode_jsons' options")
 
     if context.project_sanity and context.foundry:
         raise Util.CertoraUserInputError("The 'project_sanity' and 'foundry' options cannot coexist")
 
-    if context.is_verify and context.is_assert:
-        raise Util.CertoraUserInputError("only one option of 'assert_contracts' and 'verify' can be used")
+    if len(list(filter(None, [context.is_verify, context.is_equivalence]))) > 1:
+        raise Util.CertoraUserInputError("only one option of 'verify', 'equivalence' can be used")
 
     has_bytecode_spec = context.bytecode_spec is not None
     if has_bytecode_spec != context.is_bytecode:
         raise Util.CertoraUserInputError("Must use 'bytecode' together with 'bytecode_spec'")
 
     if not context.files and not any((context.is_bytecode, context.project_sanity, context.foundry)):
-        raise Util.CertoraUserInputError("Should always provide input files, unless 'bytecode_jsons' or 'project_sanity' or 'foundry' are used")
+        raise Util.CertoraUserInputError("Should always provide input files, unless 'bytecode_jsons' or "
+                                         "'project_sanity' or 'foundry' are used")
 
     if context.is_bytecode and context.files:
         raise Util.CertoraUserInputError("Cannot use 'bytecode_jsons' with other files")
@@ -578,7 +642,8 @@ def check_mode_of_operation(context: CertoraContext) -> None:
         if not context.files:
             file_contract_pairs = _get_project_file_contract_pairs(context)
             main_contract = file_contract_pairs[0][1]  # any contract
-            context.files = [f"{file}:{contract}" if file.stem != contract else str(file) for file, contract in file_contract_pairs]
+            context.files = \
+                [f"{file}:{contract}" if file.stem != contract else str(file) for file, contract in file_contract_pairs]
         else:
             first = context.files[0]
             if ':' in first:
@@ -590,12 +655,14 @@ def check_mode_of_operation(context: CertoraContext) -> None:
 
         context.verify = f"{main_contract}:{spec_file_name}"
         context.is_verify = True
-        # In this mode we want to make life easy for the user, so use the auto-dispatcher mode to avoid many unresolved calls
+        # In this mode we want to make life easy for the user,
+        # so use the auto-dispatcher mode to avoid many unresolved calls
         context.auto_dispatcher = True
 
     if context.foundry:
         file_contract_pairs = _get_project_file_contract_pairs(context)
-        test_pairs = [(file, contract) for file, contract in file_contract_pairs if file.stem.endswith(".t") and 'lib' not in file.parents]
+        test_pairs = [(file, contract) for file, contract in file_contract_pairs
+                      if file.stem.endswith(".t") and 'lib' not in file.parents]
         context.files = [f"{file}:{contract}" for file, contract in test_pairs]
         main_contract = test_pairs[0][1]  # any contract
         spec_file_name = _generate_temp_spec(context, "use builtin rule verifyFoundryFuzzTestsNoRevert;\n")
@@ -603,7 +670,8 @@ def check_mode_of_operation(context: CertoraContext) -> None:
         context.foundry_tests_mode = True
         context.verify = f"{main_contract}:{spec_file_name}"
         context.is_verify = True
-        # In this mode we want to make life easy for the user, so use the auto-dispatcher mode to avoid many unresolved calls
+        # In this mode we want to make life easy for the user,
+        # so use the auto-dispatcher mode to avoid many unresolved calls
         context.auto_dispatcher = True
 
     if context.files:
@@ -616,49 +684,30 @@ def check_mode_of_operation(context: CertoraContext) -> None:
         for input_file in context.files:
             special_file_type = next((suffix for suffix in special_file_suffixes if input_file.endswith(suffix)), None)
 
-            if special_file_type:
-                if len(context.files) > 1:
-                    raise Util.CertoraUserInputError(
-                        f"No other files are allowed with a file of type {special_file_type}")
-                if context.is_assert:
-                    raise Util.CertoraUserInputError(
-                        f"Option 'assert_contracts' cannot be used with a {special_file_type} file {input_file}")
+            if special_file_type and len(context.files) > 1:
+                raise Util.CertoraUserInputError(
+                    f"No other files are allowed with a file of type {special_file_type}")
 
-    if not any([context.is_assert, context.is_verify, context.is_bytecode,
-                special_file_type]) and not context.build_only:
+    if (
+        not context.app == App.ConcordApp and
+        not any([context.is_verify, context.is_bytecode,
+                 context.equivalence_contracts, special_file_type]) and not context.build_only):
         raise Util.CertoraUserInputError("You must use 'verify' when running the Certora Prover")
 
+def find_matching_contracts(context: CertoraContext, pattern: str) -> List[str]:
+    result = []
+    for contract in context.contract_to_file:
+        if fnmatch.fnmatch(contract, pattern):
+            result.append(context.contract_to_file[contract])
+    return result
 
-def _normalize_maps(context: CertoraContext, map_attr_name: str, map_attr: Dict) -> Dict[str, str]:
-    """
-
-    :param context:
-    :param map_attr_name: name of the attribute e.g. solc_optimize_map
-    :param map_attr: the value of the map attribute, a dictionary mapping contract/file to a value
-    :return:
-
-    all solc_XXX_map attributes are used to set attributes for the Solidity compiler. The value is based on the
-    Solidity file to be compiled, therefore it translates all keys to a relative path to a file
-    """
-
-    def find_matching_files(context: CertoraContext, pattern: str) -> List[str]:
-        file_part = pattern.split(':')[0]
-        if Path(file_part).suffix == "":  # no suffix means the key is a contract
-            matching_contracts = fnmatch.filter(context.contracts, pattern)  # find matching contracts
-            return [context.contract_to_file[contract] for contract in matching_contracts]
-        else:
-            return [file_part]
-
-    new_map_attr: Dict[str, str] = {}
-    for (pattern, value) in map_attr.copy().items():
-        matching_files = find_matching_files(context, pattern)
-        for file in matching_files:
-            file = str(Path(file).resolve(strict=False).relative_to(Path.cwd()))
-            attr_value = new_map_attr.get(file)
-            if attr_value is None:  # key in file paths but no mapping yet
-                new_map_attr[file] = value
-    return new_map_attr
+def find_matching_files(context: CertoraContext, pattern: str) -> List[str]:
+    result = []
 
+    for path in context.file_paths:
+        if glob.globmatch(path, pattern, flags=glob.GLOBSTAR):
+            result.append(path)
+    return result
 
 def check_map_attributes(context: CertoraContext) -> None:
 
@@ -676,27 +725,24 @@ def check_map_attributes(context: CertoraContext) -> None:
         # we also check the map value was not set to False explicitly in the conf file
         if base_attr and map_attr and not (base_attr is False and context.conf_options.get(base_attr) is not None):
             raise Util.CertoraUserInputError(f"You cannot use both '{attr_prefix}' and '{map_attr_name}' arguments")
-        if not isinstance(map_attr, dict):
-            raise RuntimeError(f"map_attr is not dictionary, got {map_attr}")
-        map_attr = _normalize_maps(context, map_attr_name, map_attr)
-        setattr(context, f"{map_attr_name}", map_attr)
-
-        sources_mappings: Dict[str, Optional[str]] = {file_path: None for file_path in context.file_paths}  # initially mapping files to None
-        for file in sources_mappings.keys():
-            match: Optional[str] = None
-            for (pattern, value) in map_attr.items():
-                if fnmatch.fnmatch(file, pattern):
-                    match = pattern
-                    break
-            if not match:
-                raise Util.CertoraUserInputError(f"No matching for {file} in {map_attr_name}. Pattens: {map_attr}")
-            elif not sources_mappings.get(file):  # key in file paths but no mapping yet
-                sources_mappings[file] = match
-
-        # Now we check if all sources were mapped
-        paths_not_set = [path for path, value in sources_mappings.items() if value is None]
-        if paths_not_set:
-            raise Util.CertoraUserInputError(f"{' '.join(paths_not_set)} was not set in {map_attr_name}")
+        if not isinstance(map_attr, OrderedDict):
+            raise RuntimeError(f"`map_attr` is not an ordered dictionary, got {map_attr}")
+
+        # will check that all the contract files are matched
+        file_list: Dict[str, bool] = {path: False for path in context.file_paths}
+
+        for key, value in map_attr.items():
+            pattern = key.split(':')[0]  # ignore the contract part
+            if Path(pattern).suffix == "":
+                for path in find_matching_contracts(context, pattern):
+                    file_list[path] = True
+            else:
+                for path in find_matching_files(context, pattern):
+                    file_list[path] = True
+
+        none_keys = [k for k, v in file_list.items() if v is False]
+        if none_keys:
+            raise Util.CertoraUserInputError(f"The following files are not matched in {map_attr_name}: {none_keys}")
 
 
 def check_parametric_contracts(context: CertoraContext) -> None:
@@ -863,16 +909,17 @@ def check_files_input(file_list: List[str]) -> None:
             if file.endswith(Util.SOROBAN_EXEC_EXTENSION):
                 raise Util.CertoraUserInputError(f'The Soroban file {file} cannot be accompanied with other files')
 
-def set_wait_for_results_default(context: CertoraContext) -> None:
-    if context.wait_for_results is None:
+
+def set_attr_default(context: CertoraContext, attr_name: str, ci_value: str, default_value: str) -> None:
+    if getattr(context, attr_name, None) is None:
         if Util.is_ci_or_git_action():
-            context.wait_for_results = str(Vf.WaitForResultOptions.ALL)
+            setattr(context, attr_name, ci_value)
         else:
-            context.wait_for_results = str(Vf.WaitForResultOptions.NONE)
+            setattr(context, attr_name, default_value)
 
 
 def mode_has_spec_file(context: CertoraContext) -> bool:
-    return not context.is_assert and not context.is_tac
+    return not (context.is_tac or context.is_equivalence)
 
 
 def to_relative_paths(paths: Union[str, List[str]]) -> Union[str, List[str]]:

certora_cli/CertoraProver/certoraContractFuncs.py

@@ -13,7 +13,7 @@
 #     You should have received a copy of the GNU General Public License
 #     along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
-from typing import List, Optional, Tuple, Dict, Any
+from typing import List, Optional, Tuple, Dict, Any, cast
 from CertoraProver import certoraType as CT
 from Shared import certoraUtils as Util
 
@@ -46,6 +46,30 @@ class SourceBytes:
         except (KeyError, ValueError):
             return None
 
+class VyperMetadata:
+    def __init__(
+        self,
+        frame_size: Optional[int] = None,
+        frame_start: Optional[int] = None,
+        venom_via_stack: Optional[List[str]] = None,
+        venom_return_via_stack: bool = False,
+        runtime_start_pc: Optional[int] = None,
+    ):
+        self.frame_size = frame_size
+        self.frame_start = frame_start
+        self.venom_via_stack = venom_via_stack
+        self.venom_return_via_stack = venom_return_via_stack
+        self.runtime_start_pc = runtime_start_pc
+
+    def as_dict(self) -> Dict[str, Any]:
+        return {
+            "frame_size": self.frame_size,
+            "frame_start": self.frame_start,
+            "venom_via_stack": self.venom_via_stack,
+            "venom_return_via_stack": self.venom_return_via_stack,
+            "runtime_start_pc": self.runtime_start_pc,
+        }
+
 
 class Func:
     def __init__(self,
@@ -57,15 +81,19 @@ class Func:
                  notpayable: bool,
                  fromLib: bool,  # actually serialized
                  isConstructor: bool,  # not serialized
+                 is_free_func: bool,
                  stateMutability: str,
                  visibility: str,
                  implemented: bool,  # does this function have a body? (false for interface functions)
                  overrides: bool,  # does this function override an interface declaration or super-contract definition?
+                 virtual: bool,
                  contractName: str,
                  source_bytes: Optional[SourceBytes],
                  ast_id: Optional[int],
                  original_file: Optional[str],
+                 location: Optional[str],
                  body_location: Optional[str],
+                 vyper_metadata: Optional[VyperMetadata] = None
                  ):
         self.name = name
         self.fullArgs = fullArgs
@@ -75,15 +103,19 @@ class Func:
         self.notpayable = notpayable
         self.fromLib = fromLib
         self.isConstructor = isConstructor
+        self.is_free_func = is_free_func
         self.stateMutability = stateMutability
         self.visibility = visibility
         self.original_file = original_file
+        self.location = location
         self.body_location = body_location
         self.implemented = implemented
         self.ast_id = ast_id
         self.overrides = overrides
+        self.virtual = virtual
         self.contractName = contractName
         self.source_bytes = source_bytes
+        self.vyper_metadata = vyper_metadata
 
     def as_dict(self) -> Dict[str, Any]:
         return {
@@ -99,6 +131,7 @@ class Func:
             "contractName": self.contractName,
             "sourceBytes": None if self.source_bytes is None else self.source_bytes.as_dict(),
             "originalFile": None if self.original_file is None else Util.resolve_original_file(self.original_file),
+            "vyper_metadata": cast(VyperMetadata, self.vyper_metadata).as_dict() if self.vyper_metadata is not None else None
         }
 
     def name_for_contract(self, contract_name: str) -> str:

certora_cli/CertoraProver/certoraParseBuildScript.py

@@ -17,6 +17,7 @@ import subprocess
 import json
 import logging
 import os
+from typing import List
 
 from CertoraProver.certoraContextClass import CertoraContext
 from Shared import certoraUtils as Util
@@ -56,17 +57,11 @@ def add_solana_files_to_context(context: CertoraContext, json_obj: dict) -> None
                 update_metadata(context, solana_files_attr)
 
 
-def run_script_and_parse_json(context: CertoraContext) -> None:
-    if not context.build_script:
-        return
+def run_rust_build(context: CertoraContext, build_cmd: List[str]) -> None:
+
     try:
-        build_script_logger.info(f"Building from script {context.build_script}")
-        run_cmd = [context.build_script, '--json']
-        if context.cargo_features is not None:
-            run_cmd.append('--cargo_features')
-            for feature in context.cargo_features:
-                run_cmd.append(feature)
-        result = subprocess.run(run_cmd, capture_output=True, text=True)
+        build_script_logger.info(f"Building by calling `{' '.join(build_cmd)}`")
+        result = subprocess.run(build_cmd, capture_output=True, text=True)
 
         # Check if the script executed successfully
         if result.returncode != 0:
@@ -95,6 +90,9 @@ def run_script_and_parse_json(context: CertoraContext) -> None:
 
         add_solana_files_to_context(context, json_obj)
 
+        assert not context.files, f"run_rust_build: expecting files to be empty, got: {context.files}"
+        context.files = [os.path.join(context.rust_project_directory, context.rust_executables)]
+
         if context.test == str(Util.TestValue.AFTER_BUILD_RUST):
             raise Util.TestResultsReady(context)
 

certora_cli/CertoraProver/certoraType.py

@@ -158,6 +158,15 @@ class Type(ABC):
             ast_logger.fatal(f"unexpected AST Type Name Node: {name}")
         return ret
 
+    def contains_mapping(self) -> bool:
+        if isinstance(self, MappingType):
+            return True
+        if isinstance(self, StructType):
+            return any(member.contains_mapping() for member in self.members)
+        if isinstance(self, ArrayType):
+            return self.elementType.contains_mapping()
+        return False
+
 
 class PrimitiveType(Type):
     allowed_primitive_type_names = {
@@ -204,7 +213,7 @@ class PrimitiveType(Type):
         return PrimitiveType.canonical_primitive_name(self.name)
 
     def get_source_str(self) -> str:
-        return self.name
+        return self.type_string  # this is different from `self.name` in the case of a payable address
 
 
 class StringType(Type):

certora_cli/CertoraProver/certoraVerifyGenerator.py

@@ -23,6 +23,7 @@ from typing import Dict, Any, Set, List, Tuple, Optional
 from CertoraProver.certoraMiniSpecParser import SpecImportLexer, SpecImportParser, SpecWithImports
 from CertoraProver.certoraContextClass import CertoraContext
 from Shared import certoraUtils as Util
+import CertoraProver.certoraApp as App
 
 build_logger = logging.getLogger("build_conf")
 
@@ -47,10 +48,27 @@ class CertoraVerifyGenerator:
             # we need to build once because of the early typechecking...
             self.update_certora_verify_struct(False)
 
-        elif self.context.assert_contracts is not None:
-            contract_to_check_asserts_for = self.context.assert_contracts
-            self.certora_verify_struct = {"type": "assertion",
-                                          "primaryContracts": contract_to_check_asserts_for}
+        elif self.context.equivalence_contracts is not None:
+            if self.context.method is None:
+                raise Util.CertoraUserInputError("Argument `method` is required for equivalence checks")
+            if len(self.context.method) != 1:
+                raise Util.CertoraUserInputError("Can only check equivalence on one method")
+            equivalence_query = context.equivalence_contracts
+            equiv_contracts = equivalence_query.split("=")
+            self.certora_verify_struct = {
+                "type": "equivalence",
+                "primary_contract": equiv_contracts[0],
+                "secondary_contract": equiv_contracts[1]
+            }
+        elif context.app == App.ConcordApp:
+            if len(context.contracts) != 2:
+                raise Util.CertoraUserInputError(f"Expecting 2 contracts but got {len(context.contracts)}: {context.contracts}")
+            contract_list = list(context.contracts)
+            self.certora_verify_struct = {
+                "type": "equivalence",
+                "primary_contract": contract_list[0],
+                "secondary_contract": contract_list[1]
+            }
 
     def update_certora_verify_struct(self, in_certora_sources: bool) -> None:
         """

certora_cli/CertoraProver/erc7201.py

@@ -0,0 +1,45 @@
+#     The Certora Prover
+#     Copyright (C) 2025  Certora Ltd.
+#
+#     This program is free software: you can redistribute it and/or modify
+#     it under the terms of the GNU General Public License as published by
+#     the Free Software Foundation, version 3 of the License.
+#
+#     This program is distributed in the hope that it will be useful,
+#     but WITHOUT ANY WARRANTY; without even the implied warranty of
+#     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#     GNU General Public License for more details.
+#
+#     You should have received a copy of the GNU General Public License
+#     along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+from Crypto.Hash import keccak
+
+
+def calculate_keccak_hash(x: bytes) -> int:
+    """
+    Calculates the Keccak-256 hash of the input bytes and returns it as an integer.
+
+    Args:
+        x (bytes): The input bytes to be hashed.
+    Returns:
+        int: The Keccak-256 hash value as an integer.
+    """
+    k = keccak.new(digest_bits=256)
+    k.update(x)
+    return int(k.hexdigest(), base=16)
+
+def erc7201(x: bytes) -> int:
+    """
+    Hashes the input bytes using the Keccak-256 algorithm and returns
+    the result as an integer. The input is first hashed, then decremented
+    by 1, and the resulting hash is used to compute the final hash.
+    The final hash is masked to 256 bits and the last byte is cleared
+    (set to zero).
+
+    Args:
+        x (bytes): The input bytes to be hashed.
+    Returns:
+        int: The final hash value as an integer.
+    """
+    return calculate_keccak_hash((calculate_keccak_hash(x) - 1).to_bytes(32, byteorder='big')) & (~0xff)