creusot
hacspec
Our great sponsors
| creusot | hacspec | |
|---|---|---|
| 7 | 2 | |
| 304 | 130 | |
| - | 6.2% | |
| 9.5 | 9.2 | |
| 8 days ago | 10 days ago | |
| Rust | Rust | |
| GNU Lesser General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
creusot
-
What Is Rust's Unsafe?
I’m doing my PhD on the formal verification of Rust, and while you’re right that safe code provides a lot of informal advantages it also dramatically simplified form reasoning.
In particular, the dirty secret of C verifiers is that they don’t handle pointers all that well. Either you find yourself doing a lot of manual proof work or you have to dramatically simplify the memory model.
In contrast, when verifying safe Rust, the rules of the borrow checker allow us to dramatically simplify the verification work. All of a sudden verifying a manual memory program with pointers (borrows) becomes as simple as verifying a basic imperative language. I’ve been working on a tool: https://github.com/xldenis/creusot to put this into practice
On the other hand, the moment you dive into unsafe, all bets are off and you find yourself wading through the marshes of (weak) memory models with your favorite CSL as your only friend.
> I’ve been working on a tool: https://github.com/xldenis/creusot to put this into practice
Note that there are other tools trying to deal with formal statements about Rust code. AIUI, Rust developers are working on forming a proper working group for pursuing these issues. We might get a RFC-standardized way of expressing formal/logical conditions about Rust code, which would be a meaningful first step towards supporting proof-carrying code within Rust.
-
AdaCore and Ferrous Systems Joining Forces to Support Rust
This is exciting! I've met with people from AdaCore and Ferrous systems (individually) several times and they're all serious, competent and motivated.
I'm curious what kinds of software they want to (eventually) verify, my PhD thesis is developing a verification tool for Rust (https://github.com/xldenis/creusot) and I'm always on the look out for case studies to push me forward.
The road to formally verified Rust is still long but in my unbiased opinion looking quite bright, especially compared to other languages like C.
-
Uncovered Intermediate Topics
An introduction to formal verification in Rust! The whole field is probably is probably too big to cover fully, but an introduction should fit in a single lecture :) Topics that come to mind are Prusti, Cruseot, RustBelt, RustHorn, Stacked Borrows, Miri. These also lend themselves to do follow up topics on.
-
Automatic Rust verification tools (2021)
Found another one: https://github.com/xldenis/creusot
-
From Rust to SPARK: Formally Proven Bip-Buffers
There's a couple prototypes already, such as Prusti or Creusot.
-
Safer Rust: Program Verification with Creusot [video]
Project in github for those who don't have the time to watch the video: https://github.com/xldenis/creusot
hacspec
-
Lets goo memory safe asm
†The "Rust" code would most likely need to be written in a strict subset of the language like Hacspec
-
Rustlang Cryptography Interest Group & Formal Verification Sync-up Call 2
Bas Spitter will be speaking on Hacspec and ConCert
What are some alternatives?
misra-rust - An investigation into what adhering to each MISRA-C rule looks like in Rust. The intention is to decipher how much we "get for free" from the Rust compiler.
Daikon - Dynamic detection of likely invariants
l4v - seL4 specification and proofs
ed25519-dalek - Fast and efficient ed25519 signing and verification in Rust.
rust-crypto - A (mostly) pure-Rust implementation of various cryptographic algorithms.
ConCert - A framework for smart contract verification in Coq