We explained how we started updating our translation tool coq-of-rust in our previous blog post, to support more of the Rust language. Our goal is to provide formal verification for the Rust聽馃 language, relying on the proof system Coq聽馃悡. We will see in this post how we continue implementing changes in聽coq-of-rust to:
In our previous blog post, we stated our plan to improve our translation of Rust聽馃 to Coq聽馃悡 with coq-of-rust. We also provided a new definition for our Rust monad in Coq, and the definition of a unified type to represent any Rust values. We will now see how we modify the Rust implementation of聽coq-of-rust to make the generated code use these new definitions.
With this new translation strategy, to support more Rust code, we want:
Our tool coq-of-rust is translating Rust聽馃 programs to the proof system Coq聽馃悡 to do formal verification on Rust programs. Even if we are able to verify realistic code, such as an ERC-20 smart contract, coq-of-rust still has some limitations:
We will present how we plan to improve our tool to address these limitations.
We continue our work on the coq-of-rust tool to formally verify Rust programs with the Coq proof assistant. We have upgraded the Rust version that we support, simplified the translation of the traits, and are adding better support for the standard library of Rust.
Overall, we are now able to translate about 80% of the Rust examples from the Rust by Example book into valid Coq files. This means we support a large subset of the Rust language.
Our tool coq-of-rust enables formal verification of 馃聽Rust code to make sure that a program has no bugs. This technique checks all possible execution paths using mathematical techniques. This is important for example to ensure the security of smart contracts written in Rust language.
Our tool coq-of-rust works by translating Rust programs to the general proof system 馃悡聽Coq. Here we explain how we translate聽match patterns from Rust to Coq. The specificity of Rust patterns is to be able to match values either by value or reference.
Our tool coq-of-rust enables formal verification of 馃聽Rust code to make sure that a program has no bugs given a precise specification. We work by translating Rust programs to the general proof system 馃悡聽Coq.
Here, we show how we formally verify an ERC-20 smart contract written in Rust for the Aleph Zero blockchain. ERC-20 smart contracts are used to create new kinds of tokens in an existing blockchain. Examples are stablecoins such as the 馃挷USDT.
Our tool coq-of-rust enables formal verification of 馃聽Rust code, to make sure that a program has no bugs given a precise specification. We work by translating Rust programs to the general proof system 馃悡聽Coq.
Here, we present how we translate function bodies from Rust to Coq in an example. We also show some of the optimizations we made to reduce the size of the translation.
We continued our work on coq-of-rust, a tool to formally verify Rust programs using the proof system Coq聽馃悡. This tool translates Rust programs to an equivalent Coq program, which can then be verified using Coq's proof assistant. It opens the door to building mathematically proven bug-free Rust programs.
We present two main improvements we made to coq-of-rust:
In our project coq-of-rust we translate programs written in Rust to equivalent programs in the language of the proof system Coq聽馃悡, which will later allow us to formally verify them. Both Coq and Rust have many unique features, and there are many differences between them, so in the process of translation we need to treat the case of each language construction separately. In this post, we discuss how we translate the most complicated one: traits.
To formally verify Rust programs, we are building coq-of-rust, a translator from Rust聽馃 code to the proof system Coq聽馃悡. We generate Coq code that is as similar as possible to the original Rust code, so that the user can easily understand the generated code and write proofs about it. In this blog post, we explain how we are representing side effects in Coq.