Skip to main content

🐆 Tx_rollup_gas.v

Proofs

See code, See simulations, Gitlab , OCaml

The function [hash_cost] is valid.
[Simulations.Tx_rollup_gas.check_path_cost] is equal to [check_path_cost].
#[bypass_check(guard)]
Lemma check_path_cost_eq element_size path_depth :
  Pervasives.Int.Valid.t path_depth
  0 path_depth
  Proto_alpha.Tx_rollup_gas.check_path_cost element_size path_depth =
  Simulations.Tx_rollup_gas.check_path_cost element_size (Z.to_nat path_depth).
Proof.
  intros Hv Hnn.
  rewrite <- (Z2Nat.id _ Hnn) in Hv.
  rewrite <- (Z2Nat.id _ Hnn) at 1.
  unfold Proto_alpha.Tx_rollup_gas.check_path_cost.
  unfold Simulations.Tx_rollup_gas.check_path_cost.
  apply Error.let_ext; [reflexivity| intros _].
  apply Error.let_ext; [reflexivity| intro gas1].
  apply Error.let_ext; [reflexivity| intro gas2].
  repeat f_equal.
  generalize Tx_rollup_gas.compare_blake2b_hash.
  induction (Z.to_nat path_depth); [reflexivity|intro; simpl].
  rewrite <- IHn; [|lia].
  f_equal.
  unfold "-i".
  rewrite Pervasives.normalize_identity; lia.
Qed.

The function [check_path_cost] is valid.
#[bypass_check(guard)]
Lemma check_path_cost_is_valid element_size path_depth :
  letP? cost := Proto_alpha.Tx_rollup_gas.check_path_cost element_size path_depth in
  Saturation_repr.Valid.t cost.
Proof.
  destruct (0 i path_depth) eqn:Hpd;
  unfold Tx_rollup_gas.check_path_cost.
  { apply Error.split_letP_triv; [now rewrite Hpd |].
    intros _.
    do 2 Error.split_error_with hash_cost_is_valid.
    apply Saturation_repr.add_is_valid.
  }
  { apply Error.split_letP with (P := fun _False).
    now rewrite Hpd.
    intros _ [].
  }
Qed.

The function [consume_check_path_inbox_cost] is valid.
The function [consume_check_path_commitment_cost] is valid.
The function [model_inbox_add_message_codegen] is valid.
The function [consume_add_message_cost] is valid.
The function [model_commitment_full_compact] is valid.
The function [consume_compact_commitment] is valid.
The function [hash_value] is valid.
Lemma hash_value_is_valid {A B : Set} domain hash_f ctxt encoding input :
  Raw_context.Valid.t ctxt
  Data_encoding.Valid.t domain encoding
  domain input
  letP? '(ctxt, _) :=
    Tx_rollup_gas.hash_value (A := A) (B := B) hash_f ctxt encoding input in
  Raw_context.Valid.t ctxt.
Proof.
  intros H_ctxt H_encoding H_input.
  unfold Tx_rollup_gas.hash_value.
  destruct H_encoding.
  pose proof (of_bytes_opt_to_bytes_opt input H_input).
  destruct Binary.to_bytes_opt; simpl; [|contradiction].
  eapply Error.split_letP. {
    apply hash_cost_is_valid.
  }
  intros cost H_cost.
  eapply Error.split_letP. {
    now apply Raw_context.consume_gas_is_valid.
  }
  trivial.
Qed.