COGENT: Certified Compilation for a Functional Systems Language

O’Connor, Liam; Rizkallah, Christine; Chen, Zilin; Amani, Sidney; Lim, Japheth; Nagashima, Yutaka; Sewell, Thomas D.; Hixon, Alex; Keller, Gabriele; Murray, Toby; Klein, Gerwin

doi:10.48550/arxiv.1601.05520

Cited by 2 publications

(1 citation statement)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The Cogent certifying compiler [22] has shown that it is possible to use translation validation for lowering the cost of functional verification of low-level code: a program can be written and reasoned about in a high-level functional language, which is compiled down to C. The generated certificate then proves a refinement relation, capable of transporting the verification results to the corresponding C code. The situation is different from ours: the Cogent compiler goes through a range of languages with different semantic models and uses the forward-simulation technique as a consequence.…”

Section: Related Workmentioning

confidence: 99%

Translation Certification for Smart Contracts

Krijnen¹,

Chakravarty²,

Keller³

et al. 2022

Preprint

Self Cite

View full text Add to dashboard Cite

Compiler correctness is an old problem, but with the emergence of smart contracts on blockchains that problem presents itself in a new light. Smart contracts are self-contained pieces of software that control (valuable) assets in an adversarial environment; once committed to the blockchain, these smart contracts cannot be modified. Smart contracts are typically developed in a high-level contract language and compiled to low-level virtual machine code before being committed to the blockchain. For a smart contract user to trust a given piece of low-level code on the blockchain, they must convince themselves that (a) they are in possession of the matching source code and (b) that the compiler has correctly translated the source code to the given low-level code. Classic approaches to compiler correctness tackle the second point. We argue that translation certification also squarely addresses the first. We describe the proof architecture of a novel translation certification framework, implemented in Coq, for a functional smart contract language. We demonstrate that we can model the compilation pipeline as a sequence of translation relations that facilitate a modular verification methodology and are robust in the face of an evolving compiler implementation.

show abstract

Section: Related Workmentioning

confidence: 99%

Translation Certification for Smart Contracts

Krijnen¹,

Chakravarty²,

Keller³

et al. 2022

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

Modularity, Code Specialization, and Zero-Cost Abstractions for Program Verification

Ho,

Fromherz,

Protzenko

2023

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

For all the successes in verifying low-level, efficient, security-critical code, little has been said or studied about the structure, architecture and engineering of such large-scale proof developments. We present the design, implementation and evaluation of a set of language-based techniques that allow the programmer to modularly write and verify code at a high level of abstraction, while retaining control over the compilation process and producing high-quality, zero-overhead, low-level code suitable for integration into mainstream software. We implement our techniques within the F proof assistant, and specifically its shallowly-embedded Low toolchain that compiles to C. Through our evaluation, we establish that our techniques were critical in scaling the popular HACL library past 100,000 lines of verified source code, and brought about significant gains in proof engineer productivity. The exposition of our methodology converges on one final, novel case study: the streaming API, a finicky API that has historically caused many bugs in high-profile software. Using our approach, we manage to capture the streaming semantics in a generic way, and apply it “for free” to over a dozen use-cases. Six of those have made it into the reference implementation of the Python programming language, replacing the previous CVE-ridden code.

show abstract

COGENT: Certified Compilation for a Functional Systems Language

Cited by 2 publications

References 15 publications

Translation Certification for Smart Contracts

Translation Certification for Smart Contracts

Modularity, Code Specialization, and Zero-Cost Abstractions for Program Verification

Contact Info

Product

Resources

About