Core Concepts
A novel methodology that extends a modular program verifier to support user-defined first-class resources, allowing resource-related operations and properties to be expressed directly and eliminating the need to reify implicit knowledge in the specifications.
Abstract
The paper presents a methodology to address the challenges that arise when writing specifications for resource-manipulating programs. The key idea is to introduce first-class resources into the specification language, allowing resource-related operations and properties to be expressed directly.
The main highlights are:
The authors demonstrate the typical problems that arise when writing specifications of resource-manipulating programs in terms of program states, such as the need for complex frame conditions, difficulty in composing specifications, and inability to enforce inherent resource properties.
They present a methodology that extends a modular program verifier (Prusti) to support user-defined first-class resources. This allows resource-related operations and properties to be expressed directly, eliminating the need to reify implicit knowledge in the specifications.
The methodology introduces the concept of resource state, which tracks the resources held by each stack frame. Resource operations like creation, destruction, and transfer are defined, and coupling invariants are used to relate the resource state to the concrete program state.
The authors implement their methodology as an extension of the Prusti verifier and use it to verify real-world smart contracts and a key part of a blockchain application.
The evaluation shows that specifications written with the proposed methodology are more concise and substantially simpler than specifications written purely in terms of program states.