ethereum s recursive length prefix in acl2
play

Ethereums Recursive Length Prefix in ACL2 Alessandro Coglio - PowerPoint PPT Presentation

Jun 04, 2023 •697 likes •1.06k views

Ethereums Recursive Length Prefix in ACL2 Alessandro Coglio KESTREL INSTITUTE Ethereum is a major public blockchain with smart contracts and a cryptocurrency. Ethereum uses Recursive Length Prefix (RLP) to encode a variety of data

  1. Ethereum’s Recursive Length Prefix in ACL2 Alessandro Coglio KESTREL INSTITUTE

  2. Ethereum is a major public blockchain with smart contracts and a cryptocurrency. Ethereum uses Recursive Length Prefix (RLP) to encode a variety of data structures, including transactions and blocks. This work is a development, in ACL2, of a formal specification of RLP encoding and a verified implementation of RLP decoding.

  3. RLP encodes nested byte sequences into flat byte sequences. ⟨⟨ [1, 2, 3], ⟨ ⟩⟩ , [255], [ ] ⟩ A nested byte sequence...

  4. RLP encodes nested byte sequences into flat byte sequences. ⟨⟨ [1, 2, 3], ⟨ ⟩⟩ , [255], [ ] ⟩ A nested byte sequence... = ⟨ ⟩ ... i.e. a finitely branching ordered tree [255] [ ] ⟨ ⟩ with flat byte sequences at leaf nodes and no extra info at branching nodes... ≠ [1, 2, 3] ⟨ ⟩

  5. ⟨⟨ [1, 2, 3], ⟨ ⟩⟩ , [255], [ ] ⟩ A nested byte sequence... = ⟨ ⟩ ... i.e. a finitely branching ordered tree [255] [ ] with flat byte sequences at leaf nodes ⟨ ⟩ and no extra info at branching nodes... [1, 2, 3] ⟨ ⟩ ⟨ ⟩ ... is encoded by prepending nodes with a few bytes that describe [255] [ ] ⟨ ⟩ the node kind (leaf vs. branching) and the number of subsequent bytes. [1, 2, 3] ⟨ ⟩ • leaf tree 128 3 • length 3 + = 131

  6. ⟨⟨ [1, 2, 3], ⟨ ⟩⟩ , [255], [ ] ⟩ A nested byte sequence... = ⟨ ⟩ ... i.e. a finitely branching ordered tree [255] [ ] with flat byte sequences at leaf nodes ⟨ ⟩ and no extra info at branching nodes... [1, 2, 3] ⟨ ⟩ ⟨ ⟩ ... is encoded by prepending nodes with a few bytes that describe [255] [ ] ⟨ ⟩ the node kind (leaf vs. branching) and the number of subsequent bytes. [131, 1, 2, 3] ⟨ ⟩

  7. ⟨⟨ [1, 2, 3], ⟨ ⟩⟩ , [255], [ ] ⟩ A nested byte sequence... = ⟨ ⟩ ... i.e. a finitely branching ordered tree [255] [ ] with flat byte sequences at leaf nodes ⟨ ⟩ and no extra info at branching nodes... [1, 2, 3] ⟨ ⟩ ⟨ ⟩ ... is encoded by prepending nodes with a few bytes that describe [255] [ ] ⟨ ⟩ the node kind (leaf vs. branching) and the number of subsequent bytes. [131, 1, 2, 3] ⟨ ⟩ • branching tree 192 0 • subtree length 0 + = 192

  8. ⟨⟨ [1, 2, 3], ⟨ ⟩⟩ , [255], [ ] ⟩ A nested byte sequence... = ⟨ ⟩ ... i.e. a finitely branching ordered tree [255] [ ] with flat byte sequences at leaf nodes ⟨ ⟩ and no extra info at branching nodes... [1, 2, 3] ⟨ ⟩ ⟨ ⟩ ... is encoded by prepending nodes with a few bytes that describe [255] [ ] ⟨ ⟩ the node kind (leaf vs. branching) and the number of subsequent bytes. [131, 1, 2, 3] [192]

  9. ⟨⟨ [1, 2, 3], ⟨ ⟩⟩ , [255], [ ] ⟩ A nested byte sequence... = ⟨ ⟩ ... i.e. a finitely branching ordered tree [255] [ ] with flat byte sequences at leaf nodes ⟨ ⟩ and no extra info at branching nodes... [1, 2, 3] ⟨ ⟩ ⟨ ⟩ ... is encoded by prepending nodes with a few bytes that describe [255] [ ] ⟨ ⟩ the node kind (leaf vs. branching) and the number of subsequent bytes. [131, 1, 2, 3] [192] • branching tree 192 5 • subtree length 5 + = 197

  10. ⟨⟨ [1, 2, 3], ⟨ ⟩⟩ , [255], [ ] ⟩ A nested byte sequence... = ⟨ ⟩ ... i.e. a finitely branching ordered tree [255] [ ] with flat byte sequences at leaf nodes ⟨ ⟩ and no extra info at branching nodes... [1, 2, 3] ⟨ ⟩ ⟨ ⟩ ... is encoded by prepending nodes with a few bytes that describe [197, 131, 1, 2, 3, 192] [255] [ ] the node kind (leaf vs. branching) and the number of subsequent bytes.

  11. ⟨⟨ [1, 2, 3], ⟨ ⟩⟩ , [255], [ ] ⟩ A nested byte sequence... = ⟨ ⟩ ... i.e. a finitely branching ordered tree [255] [ ] with flat byte sequences at leaf nodes ⟨ ⟩ and no extra info at branching nodes... [1, 2, 3] ⟨ ⟩ ⟨ ⟩ ... is encoded by prepending nodes with a few bytes that describe [197, 131, 1, 2, 3, 192] [129, 255] [ ] the node kind (leaf vs. branching) and the number of subsequent bytes.

  12. ⟨⟨ [1, 2, 3], ⟨ ⟩⟩ , [255], [ ] ⟩ A nested byte sequence... = ⟨ ⟩ ... i.e. a finitely branching ordered tree [255] [ ] with flat byte sequences at leaf nodes ⟨ ⟩ and no extra info at branching nodes... [1, 2, 3] ⟨ ⟩ ⟨ ⟩ ... is encoded by prepending nodes with a few bytes that describe [197, 131, 1, 2, 3, 192] [129, 255] [128] the node kind (leaf vs. branching) and the number of subsequent bytes.

  13. ⟨⟨ [1, 2, 3], ⟨ ⟩⟩ , [255], [ ] ⟩ A nested byte sequence... = ⟨ ⟩ ... i.e. a finitely branching ordered tree [255] [ ] with flat byte sequences at leaf nodes ⟨ ⟩ and no extra info at branching nodes... [1, 2, 3] ⟨ ⟩ ... is encoded by prepending nodes with a few bytes that describe [201, 197, 131, 1, 2, 3, 192, 129, 255, 128] the node kind (leaf vs. branching) and the number of subsequent bytes.

  14. RLP encodes nested byte sequences into flat byte sequences. ⟨⟨ [1, 2, 3], ⟨ ⟩⟩ , [255], [ ] ⟩ A nested byte sequence... = ⟨ ⟩ ... i.e. a finitely branching ordered tree [255] [ ] ⟨ ⟩ with flat byte sequences at leaf nodes and no extra info at branching nodes... [1, 2, 3] ⟨ ⟩ encode decode ... is encoded by prepending nodes with a few bytes that describe the node kind (leaf vs. branching) [201, 197, 131, 1, 2, 3, 192, 129, 255, 128] and the number of subsequent bytes.

  15. RLP is described in the Ethereum Wiki, using Python code.

  16. RLP is described in the Ethereum Wiki, using Python code. a leaf tree [ x ] with x < 128 is encoded as itself, i.e. [ x ] a leaf tree [ x 1 , ..., x n ] with n < 56 is encoded as [128+ n , x 1 , ..., x n ] a leaf tree [ x 1 , ..., x n ] with n < 2 64 is encoded as [183+ m , y 1 , ..., y m , x 1 , ..., x n ] where [ y 1 , ..., y m ] is n in big endian base 256 a branch tree is encoded by concatenating the subtree encodings into [ x 1 , ..., x n ] and prepending with either [192+ n ] when n < 56, or [247+ m , y 1 , ..., y m ] when n < 2 64 where [ y 1 , ..., y m ] is n in big endian base 256

  17. RLP is described in the Ethereum Wiki, using Python code. an encoding is decoded by “following the instructions” in the first (few) byte(s), recursively decoding subtrees decoding is more complicated than encoding the Python code had an error, fixed as a result of this ACL2 work

  18. RLP is described in the Ethereum Yellow Paper, formally.

  19. RLP is described in the Ethereum Yellow Paper, formally. definition of trees encoding of all trees encoding of leaf trees

  20. RLP is described in the Ethereum Yellow Paper, formally. there is no explicit definition of decoding: it goes without saying that decoding is the inverse of encoding encoding of branching trees

  21. RLP trees, in ACL2. (fty::deftypes rlp-trees (fty::deftagsum rlp-tree (:leaf ((bytes byte-list))) (:branch ((subtrees rlp-tree-list)))) (fty::deflist rlp-tree-list :elt-type rlp-tree))

  22. RLP encoding, in ACL2. (define rlp-encode-bytes ((bytes byte-listp)) :returns (mv (error? booleanp) (encoding byte-listp)) (b* ((bytes (byte-list-fix bytes))) (cond ((and (= (len bytes) 1) (< (car bytes) 128)) (mv nil bytes)) ((< (len bytes) 56) (mv nil (cons (+ 128 (len bytes)) bytes))) ((< (len bytes) (expt 2 64)) (b* ((be (nat=>bebytes* (len bytes)))) (mv nil (cons (+ 183 (len be)) (append be bytes))))) (t (mv t nil)))))

  23. RLP encoding, in ACL2. (define rlp-encode-tree ((tree rlp-treep)) :returns (mv (error? booleanp) (encoding byte-listp)) (rlp-tree-case tree :leaf (rlp-encode-bytes tree.bytes) :branch (b* (((mv error? encoding) (rlp-encode-tree-list tree.subtrees)) ((when error?) (mv t nil))) (cond ((< (len encoding) 56) (mv nil (cons (+ 192 (len encoding)) encoding))) ...) (define rlp-encode-tree-list ((trees rlp-tree-listp)) :returns (mv (error? booleanp) (encoding byte-listp)) (b* (((when (endp trees)) (mv nil nil)) ...)

  24. RLP encoding, in ACL2. byte-listp rlp-treep valid encodable encodings trees rlp-encode-tree (just the 2 nd result) rlp-tree-encoding-p (define-sk rlp-tree-encoding-p ((encoding byte-listp)) (exists (tree) (and (rlp-treep tree) (equal (rlp-encode-tree tree) (mv nil (byte-list-fix encoding))))) :skolem-name rlp-tree-encoding-witness)

  25. RLP encoding, in ACL2. byte-listp rlp-treep valid encodable encodings trees rlp-encode-tree rlp-tree-encoding-witness (right inverse) rlp-tree-encoding-p (define-sk rlp-tree-encoding-p ((encoding byte-listp)) (exists (tree) (and (rlp-treep tree) (equal (rlp-encode-tree tree) (mv nil (byte-list-fix encoding))))) :skolem-name rlp-tree-encoding-witness) rlp-tree-encoding-witness

  26. RLP decodability, in ACL2. encodable trees valid encodings ≠ ≠ rlp-encode-tree (defthm rlp-encode-tree-injective (implies (and (not (mv-nth 0 (rlp-encode-tree x))) (not (mv-nth 0 (rlp-encode-tree y)))) (equal (equal (mv-nth 1 (rlp-encode-tree x)) (mv-nth 1 (rlp-encode-tree y))) (equal (rlp-tree-fix x) (rlp-tree-fix y)))))

  27. RLP decodability, in ACL2. encodable trees valid encodings ≠ not prefix rlp-encode-tree (defthm rlp-encode-tree-unamb-prefix (implies (and (not (mv-nth 0 (rlp-encode-tree x))) (not (mv-nth 0 (rlp-encode-tree y)))) (equal (prefixp (mv-nth 1 (rlp-encode-tree x)) (mv-nth 1 (rlp-encode-tree y))) (equal (mv-nth 1 (rlp-encode-tree x)) (mv-nth 1 (rlp-encode-tree y))))))

Recommend

Flat Domains and Recursive Equations in ACL2 by John Cowles University of Wyoming 1 ACL2 is a

Flat Domains and Recursive Equations in ACL2 by John Cowles University of Wyoming 1 ACL2 is a

Flat Domains and Recursive Equations in ACL2 by John Cowles University of Wyoming 1 ACL2 is a logic of total functions. Some recursive equations have no satisfying ACL2 functions: No ACL2 function g satisfies this recursive equation

518 views • 35 slides
Consistently Adding Primitive Recursive Definitions in ACL2 by John Cowles University of

Consistently Adding Primitive Recursive Definitions in ACL2 by John Cowles University of

Consistently Adding Primitive Recursive Definitions in ACL2 by John Cowles University of Wyoming 1 defpun A macro for consistently introducing partial functions into CAL2. Described in Pete &amp; Js paper, Partial Functions in ACL2

295 views • 27 slides
ACL2(ml): Machine-Learning for ACL2 J. Heras and E. Komendantskaya

ACL2(ml): Machine-Learning for ACL2 J. Heras and E. Komendantskaya

ACL2(ml): Machine-Learning for ACL2 J. Heras and E. Komendantskaya http://staff.computing.dundee.ac.uk/katya/acl2ml/ 12 July 2014 ACL214 J. Heras ACL2(ml): Machine-Learning for ACL2 1/23 Outline Some Challenges in ACL2 1 An overview of

871 views • 56 slides
Recap: Prefix Sums Given A : set of n integers Find B : prefix sums A: 3 1 1 7 2 5

Recap: Prefix Sums Given A : set of n integers Find B : prefix sums A: 3 1 1 7 2 5

Recap: Prefix Sums Given A : set of n integers Find B : prefix sums A: 3 1 1 7 2 5 9 2 4 3 3 B: 3 4 5 12 14 19 28 30 34 37 40 1 / 86 Recap: Parallel Prefix Sums Recursive algorithm Recursively computes sums Use

3.11k views • 86 slides
Class 09: Recursion practice, how recursive programs work Recall the list-length procedure

Class 09: Recursion practice, how recursive programs work Recall the list-length procedure

Class 09: Recursion practice, how recursive programs work Recall the list-length procedure (define (list-length alon) (cond [(empty? alon) 0] [(cons? alon) (+ 1 (list-length (rest alon)))])) Why does it correctly compute the length of any

751 views • 56 slides
Polymorphism, Recursive Data Types, and Trees Consider the good old length function: Bjrn Lisper

Polymorphism, Recursive Data Types, and Trees Consider the good old length function: Bjrn Lisper

Polymorphic types Polymorphism, Recursive Data Types, and Trees Consider the good old length function: Bjrn Lisper let rec length l = match l with School of Innovation, Design, and Engineering | [] -&gt; 0 Mlardalen University | (x::xs)

827 views • 5 slides
This week, we are going to look again at another prefix. What is a prefix? Click on the right

This week, we are going to look again at another prefix. What is a prefix? Click on the right

This week, we are going to look again at another prefix. What is a prefix? Click on the right answer. A prefix is a word or A prefix is a group group of words that A prefix is a group of letters that goes comes at the start of of letters

462 views • 21 slides
Axiomatic Events in ACL2 ( r ) Ruben Gamboa, John Cowles, and Nadya Kuzmina University of Wyoming

Axiomatic Events in ACL2 ( r ) Ruben Gamboa, John Cowles, and Nadya Kuzmina University of Wyoming

Axiomatic Events in ACL2 ( r ) Ruben Gamboa, John Cowles, and Nadya Kuzmina University of Wyoming Introduction ACL2 ( r ) is a variant of ACL2 that supports the irrational numbers It is distributed with the ACL2 sources The foundations of ACL2

479 views • 29 slides
Double Rewriting for Equivalential Reasoning in ACL2 Matt Kaufmann and J Strother Moore ACL2

Double Rewriting for Equivalential Reasoning in ACL2 Matt Kaufmann and J Strother Moore ACL2

Double Rewriting for Equivalential Reasoning in ACL2 Matt Kaufmann and J Strother Moore ACL2 Workshop, FLoC, Seattle, August 16, 2006 1 Introduction ACL2 provides a powerful congruence-based rewriting capability. However, some have

537 views • 19 slides
How Can I Do That with ACL2? Recent Enhancements to ACL2 Matt Kaufmann and J Strother Moore 1

How Can I Do That with ACL2? Recent Enhancements to ACL2 Matt Kaufmann and J Strother Moore 1

How Can I Do That with ACL2? Recent Enhancements to ACL2 Matt Kaufmann and J Strother Moore 1 Introduction (1) ACL2 Version 3.5 was released in May, 2009. Release note items (see :DOC release-notes) since then: (+ 41 ; 3.6 (8/2009) 3 ;

622 views • 49 slides
This week, we are going to look at another prefix. What is a prefix? Choose the right answer. A

This week, we are going to look at another prefix. What is a prefix? Choose the right answer. A

This week, we are going to look at another prefix. What is a prefix? Choose the right answer. A prefix is a word or A prefix is a group group of words that A prefix is a group of letters that goes comes at the start of of letters that goes

317 views • 21 slides
Ethereum Introduction Prof. Tom Austin San Jos State University Some Brief Ethereum Facts

Ethereum Introduction Prof. Tom Austin San Jos State University Some Brief Ethereum Facts

Cryptocurrencies &amp; Security on the Blockchain Ethereum Introduction Prof. Tom Austin San Jos State University Some Brief Ethereum Facts Number 2 cryptocurrency by market cap. Not why we are studying it Core developers

448 views • 13 slides
A Simple Java Code Generator for ACL2 Based on a Deep Embedding of ACL2 in Java Alessandro

A Simple Java Code Generator for ACL2 Based on a Deep Embedding of ACL2 in Java Alessandro

A Simple Java Code Generator for ACL2 Based on a Deep Embedding of ACL2 in Java Alessandro Coglio Kestrel Institute Workshop 2018 ATJ Java code generator for ACL2 (ACL2 To Java) based on AIJ deep embedding of ACL2 in Java (ACL2 In Java)

901 views • 38 slides
Ethereum: A blockchain-based smart contract platform Tien Dat Le Questions Bitcoin vs

Ethereum: A blockchain-based smart contract platform Tien Dat Le Questions Bitcoin vs

Ethereum: A blockchain-based smart contract platform Tien Dat Le Questions Bitcoin vs Ethereum ? Why Ethereum and Decentralized application (Dapps) ? How Ethereum work ? What is new challenges in Dapps context ? 20.03.2018 3

916 views • 44 slides
Hygienic Macros for ACL2 Carl Eastlund Matthias Felleisen cce@ccs.neu.edu matthias@ccs.neu.edu

Hygienic Macros for ACL2 Carl Eastlund Matthias Felleisen cce@ccs.neu.edu matthias@ccs.neu.edu

Hygienic Macros for ACL2 Carl Eastlund Matthias Felleisen cce@ccs.neu.edu matthias@ccs.neu.edu Northeastern University Boston, MA, USA 1 ACL2 2 ACL2 Formal verification based on pure, first-order Common Lisp. Used to model critical

909 views • 61 slides
A Mechanized Proof of the Curve Length of a Rectifiable Curve Jagadish Bapanapally and Ruben

A Mechanized Proof of the Curve Length of a Rectifiable Curve Jagadish Bapanapally and Ruben

A Mechanized Proof of the Curve Length of a Rectifiable Curve Jagadish Bapanapally and Ruben Gamboa ACL2 Workshop 2017 May 23, 2017 Theory L n i =1 | P i P i 1 | Deriving length of a continuously differentiable curve n L =

568 views • 24 slides
Hint Orchestration Using ACL2's Simplifier Sol Swords Centaur Technology, Inc. ACL2 Workshop

Hint Orchestration Using ACL2's Simplifier Sol Swords Centaur Technology, Inc. ACL2 Workshop

Hint Orchestration Using ACL2's Simplifier Sol Swords Centaur Technology, Inc. ACL2 Workshop 2018 This talk is for hint abusers This might be you if: You cant be bothered to figure out a good rewriting strategy You just dont know

541 views • 30 slides
Adding a typing Adding a typing mechanism to ACL2 mechanism to ACL2 Vernon Austel Vernon

Adding a typing Adding a typing mechanism to ACL2 mechanism to ACL2 Vernon Austel Vernon

Adding a typing Adding a typing mechanism to ACL2 mechanism to ACL2 Vernon Austel Vernon Austel IBM IBM Outline Outline What a typed ACL2 might look like Vague proposal concerning how to change ACL2 to allow experimentation with type

873 views • 19 slides
Recursive Methods Noter ch.2 Recursive Methods Recursive problem solution Problems

Recursive Methods Noter ch.2 Recursive Methods Recursive problem solution Problems

Recursive Methods Noter ch.2 Recursive Methods Recursive problem solution Problems that are naturally solved by recursion Examples: Recursive function: Fibonacci numbers Recursive graphics: Fractals Mutual recursion:

796 views • 61 slides
DrACuLa: ACL2 in DrScheme Dale Vaillancourt Rex Page Matthias Felleisen ACL2 Workshop August

DrACuLa: ACL2 in DrScheme Dale Vaillancourt Rex Page Matthias Felleisen ACL2 Workshop August

DrACuLa: ACL2 in DrScheme Dale Vaillancourt Rex Page Matthias Felleisen ACL2 Workshop August 16, 2006 1 Undergraduate Software Engineering Page teaches two SE courses at Oklahoma U. Covers usual topics - specification, documentation,

557 views • 51 slides
Parallel prefix adders Kostas Vitoroulis, 2006. Presented to Dr. A. J. Al-Khalili. Concordia

Parallel prefix adders Kostas Vitoroulis, 2006. Presented to Dr. A. J. Al-Khalili. Concordia

Parallel prefix adders Kostas Vitoroulis, 2006. Presented to Dr. A. J. Al-Khalili. Concordia University. Overview of presentation Parallel prefix operations Binary addition as a parallel prefix operation Prefix graphs Adder

764 views • 35 slides
Defining the Ethereum Virtual Machine for Interactive Theorem Provers Yoichi Hirai Ethereum

Defining the Ethereum Virtual Machine for Interactive Theorem Provers Yoichi Hirai Ethereum

Overview Some Technicality Own Evaluation Summary Defining the Ethereum Virtual Machine for Interactive Theorem Provers Yoichi Hirai Ethereum Foundation Workshop on Trusted Smart Contracts Malta, Apr. 7, 2017 1/32 Yoichi Hirai Defining

538 views • 32 slides
Ethereum and smart contracts Prof. Raluca Ada Popa Sept 12, 2018 Material based on the Ethereum

Ethereum and smart contracts Prof. Raluca Ada Popa Sept 12, 2018 Material based on the Ethereum

CS261: Security in Computer Systems Ethereum and smart contracts Prof. Raluca Ada Popa Sept 12, 2018 Material based on the Ethereum white paper Cryptocurrencies we cover in this class Four very di ff erent cryptocurrencies each introducing di

472 views • 16 slides
IP Prefix Advertisement in EVPN draft-rabadan-l2vpn-evpn-prefix-advertisement-01 Jorge Rabadan

IP Prefix Advertisement in EVPN draft-rabadan-l2vpn-evpn-prefix-advertisement-01 Jorge Rabadan

IP Prefix Advertisement in EVPN draft-rabadan-l2vpn-evpn-prefix-advertisement-01 Jorge Rabadan Wim Hendericks Florin Balus Senad Palislamovic Aldrin Isaac IETF 88, November 2013 Vancouver, Canada The prefix-advertisement route (route-type

244 views • 8 slides

More recommend