├── .github └── workflows │ └── Dafny-L1-Safety-Verification.yml ├── LICENSE ├── README.md └── dafny ├── spec └── L1 │ ├── lemmas.dfy │ ├── node.dfy │ ├── node_auxiliary_functions.dfy │ └── types.dfy └── ver ├── L1 ├── distr_system_spec │ ├── adversary.dfy │ ├── common_functions.dfy │ ├── distributed_system.dfy │ └── network.dfy ├── support_lemmas │ ├── aux_functions.dfy │ ├── axioms.dfy │ ├── basic_invariants.dfy │ ├── general_lemmas.dfy │ ├── instr_dsstate_invariants_1.dfy │ ├── instr_dsstate_invariants_2.dfy │ ├── instr_dsstate_invariants_defs.dfy │ ├── instr_dsstate_multiple_invariants.dfy │ ├── instr_dsstate_networking_common_invariants.dfy │ ├── instr_node_state_invariants.dfy │ ├── instrumented_specs.dfy │ ├── networking_invariants.dfy │ ├── networking_invariants_lemmas.dfy │ ├── networking_step_lemmas.dfy │ ├── quorum.dfy │ ├── trace_defs.dfy │ ├── trace_general_lemmas.dfy │ ├── trace_instrumented_lemmas.dfy │ └── trace_proofs_helpers.dfy ├── theorems.dfy ├── theorems_defs.dfy └── verify.sh └── common ├── maps.dfy ├── multisets.dfy ├── seqs.dfy └── sets.dfy /.github/workflows/Dafny-L1-Safety-Verification.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/.github/workflows/Dafny-L1-Safety-Verification.yml -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/README.md -------------------------------------------------------------------------------- /dafny/spec/L1/lemmas.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/spec/L1/lemmas.dfy -------------------------------------------------------------------------------- /dafny/spec/L1/node.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/spec/L1/node.dfy -------------------------------------------------------------------------------- /dafny/spec/L1/node_auxiliary_functions.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/spec/L1/node_auxiliary_functions.dfy -------------------------------------------------------------------------------- /dafny/spec/L1/types.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/spec/L1/types.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/distr_system_spec/adversary.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/distr_system_spec/adversary.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/distr_system_spec/common_functions.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/distr_system_spec/common_functions.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/distr_system_spec/distributed_system.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/distr_system_spec/distributed_system.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/distr_system_spec/network.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/distr_system_spec/network.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/aux_functions.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/aux_functions.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/axioms.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/axioms.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/basic_invariants.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/basic_invariants.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/general_lemmas.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/general_lemmas.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/instr_dsstate_invariants_1.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/instr_dsstate_invariants_1.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/instr_dsstate_invariants_2.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/instr_dsstate_invariants_2.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/instr_dsstate_invariants_defs.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/instr_dsstate_invariants_defs.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/instr_dsstate_multiple_invariants.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/instr_dsstate_multiple_invariants.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/instr_dsstate_networking_common_invariants.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/instr_dsstate_networking_common_invariants.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/instr_node_state_invariants.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/instr_node_state_invariants.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/instrumented_specs.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/instrumented_specs.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/networking_invariants.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/networking_invariants.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/networking_invariants_lemmas.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/networking_invariants_lemmas.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/networking_step_lemmas.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/networking_step_lemmas.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/quorum.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/quorum.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/trace_defs.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/trace_defs.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/trace_general_lemmas.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/trace_general_lemmas.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/trace_instrumented_lemmas.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/trace_instrumented_lemmas.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/support_lemmas/trace_proofs_helpers.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/support_lemmas/trace_proofs_helpers.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/theorems.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/theorems.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/theorems_defs.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/theorems_defs.dfy -------------------------------------------------------------------------------- /dafny/ver/L1/verify.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/L1/verify.sh -------------------------------------------------------------------------------- /dafny/ver/common/maps.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/common/maps.dfy -------------------------------------------------------------------------------- /dafny/ver/common/multisets.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/common/multisets.dfy -------------------------------------------------------------------------------- /dafny/ver/common/seqs.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/common/seqs.dfy -------------------------------------------------------------------------------- /dafny/ver/common/sets.dfy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Consensys/qbft-formal-spec-and-verification/HEAD/dafny/ver/common/sets.dfy --------------------------------------------------------------------------------