install kontrol using k and then run fv on kontrol #43
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: [push] | |
| jobs: | |
| foundry-test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| submodules: recursive | |
| - uses: foundry-rs/foundry-toolchain@v1 | |
| with: | |
| version: nightly | |
| - name: Install forge-std | |
| run: | | |
| forge install foundry-rs/forge-std --no-commit | |
| forge remappings > remappings.txt | |
| - name: Run non-Kontrol tests | |
| run: | | |
| forge test --no-match-path "src/test/kontrol/*" -vvv | |
| - name: Run snapshot without Kontrol tests | |
| run: forge snapshot --no-match-path "src/test/kontrol/*" | |
| formal-verification: | |
| runs-on: ubuntu-latest | |
| needs: foundry-test | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| submodules: recursive | |
| - name: Install K Framework and Kontrol | |
| run: | | |
| # Install dependencies | |
| sudo apt-get update | |
| sudo apt-get install -y curl gcc git g++ cmake maven openjdk-11-jdk flex z3 libz3-dev libsecp256k1-dev | |
| # Install K Framework via kup | |
| echo "Installing K Framework..." | |
| curl -sSL https://kframework.org/install | bash | |
| export PATH=$PATH:$HOME/.kup/bin | |
| # Verify kup installation | |
| echo "Verifying kup installation..." | |
| which kup || { echo "kup not found"; exit 1; } | |
| # Install Kontrol using kup | |
| echo "Installing Kontrol..." | |
| kup install kontrol | |
| # Add Kontrol to PATH | |
| echo "$HOME/.kup/bin" >> $GITHUB_PATH | |
| # Verify Kontrol installation | |
| echo "Verifying Kontrol installation..." | |
| kontrol --version || { echo "Kontrol installation failed"; exit 1; } | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| with: | |
| version: nightly | |
| - name: Build Contracts | |
| run: | | |
| forge build --build-info --force | |
| ls -la out/ | |
| - name: Run Formal Verification with Kontrol | |
| run: | | |
| # Create results directory | |
| mkdir -p verification-results | |
| # Initialize counter for verified specs | |
| verified_count=0 | |
| # Run verification for each specification | |
| for spec in src/test/kontrol/*.k; do | |
| if [ -f "$spec" ]; then | |
| echo "Verifying $(basename "$spec")..." | |
| # Run Kontrol verification | |
| if kontrol prove "$spec" \ | |
| --contract-dir ./src/contracts \ | |
| --output-dir ./verification-results \ | |
| --verbose; then | |
| echo "✓ Verification successful for $spec" | |
| ((verified_count++)) | |
| else | |
| echo "✗ Verification failed for $spec" | |
| cat "./verification-results/$(basename "$spec" .k).out" 2>/dev/null || echo "No output file found" | |
| exit 1 | |
| fi | |
| fi | |
| done | |
| # Check if any specs were verified | |
| if [ $verified_count -eq 0 ]; then | |
| echo "No specification files found to verify" | |
| exit 1 | |
| else | |
| echo "Successfully verified $verified_count specification(s)" | |
| fi | |
| - name: Upload Verification Results | |
| if: always() | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: kontrol-verification-results | |
| path: verification-results/ | |
| retention-days: 5 |