-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Apply FREI-PI #146
Comments
I think I found the core invariant for Flow. At the end of every execution, the following must hold true.
It also ensures that if no change in balance is observed, there should be no change in total debt as well. This also ensures that i.e. the change in total debt must be equal to the change in the stream balance. cc @sablier-labs/solidity thoughts? Re. gas: the storage is already loaded, so it won't impact gas so much. |
Nice one @smol-ninja. Basically, what goes out must be precisely recorded. |
Yes true for non-incoming payments. But it would fail for deposits so I am thinking how we can extend it to apply for deposits as well. |
Closing this with the following comments:
|
A gas cost increase is not a good reason to eschew FREI-PI. A good reason is invariants being superfluous. Could you share an example of a costly invariant to see if it's superfluous or not? |
Good point @PaulRBerg. That was an excuse on my part.
The below amount check must always hold true at the end of every function. For a given
|
Let me have a think! Wouldn't that be 15k gas extra only for those functions that touch all three variables? It should be less than that for functions that touch fewer variables. There might be other (informational) benefits to having those values in storage. |
Yes you are right. Each of Defining these variables would also mean removing |
Great, thanks for sharing the quantitative data. That ~9k gas is an acceptable cost for building an 'invariant wall' around the protocol. Are your gas estimates inclusive of the removal of |
No it does not. Plus there will be some arithmetic gas cost as well. But in the end, it seems to be well below 10k. |
Great, well in this case, I'm in favor of using FREI-PI. |
Find "one" core invariant that can be verified at the end of every execution.
Reading
The text was updated successfully, but these errors were encountered: