Skip to content

Commit 91406bb

Browse files
committed
docs: enhance roadmap with detailed progress tracking
Add comprehensive breakdown of three critical work streams: 1. 🔴 Layer 3 Statement Proofs (9 theorems) - Detailed table of 8 statement proofs + 1 composition - Difficulty, effort estimates, and status tracking - Highlights parallelizable nature of work 2. 🟡 Trust Reduction (3 components) - Function selectors verification approach - Yul→EVM bridge integration plan - EVM semantics validation strategy 3. 🟢 Ledger Sum Properties (7 properties) - Complete list of supply invariant properties - Finite address set modeling requirement - Clear blocker and impact description Benefits: - Clear visibility into what's blocking 100% completion - Actionable breakdown for contributors - Progress tracking with status indicators - Effort estimates for planning This provides a roadmap within the roadmap - showing exactly what needs to be done to go from 92% to 100%. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
1 parent c10356e commit 91406bb

1 file changed

Lines changed: 81 additions & 10 deletions

File tree

docs/ROADMAP.md

Lines changed: 81 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -20,8 +20,66 @@ DumbContracts has achieved **92% completion** toward production-ready, fully ver
2020

2121
---
2222

23+
## 🎯 Three Critical Work Streams
24+
25+
Here's what stands between current state (92%) and full completion (100%):
26+
27+
### 🔴 **Layer 3 Statement Proofs** (THE Critical Path)
28+
**What**: Prove 9 theorems showing IR → Yul compilation correctness
29+
**Status**: 0/9 complete (8 statement proofs + 1 composition)
30+
**Impact**: 92% → 98% (statements) → 100% (composition)
31+
**Effort**: 2-4 weeks
32+
**Parallelizable**: Yes! All 8 statement proofs are independent
33+
34+
| # | Statement | Difficulty | Effort | Status |
35+
|---|-----------|------------|--------|--------|
36+
| 1 | Variable Assignment | Low | 1h | ⚪ TODO |
37+
| 2 | Storage Load | Low | 1h | ⚪ TODO |
38+
| 3 | Storage Store | Low | 1h | ⚪ TODO |
39+
| 4 | Mapping Load | Medium | 2-4h | ⚪ TODO |
40+
| 5 | Mapping Store | Medium | 2-4h | ⚪ TODO |
41+
| 6 | Conditional (if) | Medium-High | 4-8h | ⚪ TODO |
42+
| 7 | Return | Low | 1-2h | ⚪ TODO |
43+
| 8 | Revert | Low-Medium | 2-3h | ⚪ TODO |
44+
| 9 | **Composition** | High | 1-2d | ⚪ TODO |
45+
46+
### 🟡 **Trust Reduction** (3 Components)
47+
**What**: Eliminate or verify all trusted components
48+
**Status**: 0/3 complete
49+
**Impact**: Achieves zero-trust end-to-end verification
50+
**Effort**: 1-4 months total
51+
52+
| # | Component | Approach | Effort | Status |
53+
|---|-----------|----------|--------|--------|
54+
| 1 | Function Selectors | keccak256 axiom + CI | 1-2w | ⚪ TODO |
55+
| 2 | Yul→EVM Bridge | Integrate KEVM | 1-3m | ⚪ TODO |
56+
| 3 | EVM Semantics | Strong testing + docs | Ongoing | ⚪ TODO |
57+
58+
### 🟢 **Ledger Sum Properties** (7 Properties)
59+
**What**: Prove total supply equals sum of all balances
60+
**Status**: 0/7 complete
61+
**Impact**: Completes Ledger contract to 100%
62+
**Effort**: 1-2 weeks
63+
**Blocker**: Need finite address set modeling first
64+
65+
| # | Property | Description | Status |
66+
|---|----------|-------------|--------|
67+
| 1 | `mint_sum_equation` | Mint increases total | ⚪ TODO |
68+
| 2 | `burn_sum_equation` | Burn decreases total | ⚪ TODO |
69+
| 3 | `transfer_sum_preservation` | Transfer preserves total | ⚪ TODO |
70+
| 4 | `totalSupply_equals_sum` | Supply = sum of balances | ⚪ TODO |
71+
| 5 | `mint_increases_supply` | Mint increases supply | ⚪ TODO |
72+
| 6 | `burn_decreases_supply` | Burn decreases supply | ⚪ TODO |
73+
| 7 | `transfer_preserves_supply` | Transfer preserves supply | ⚪ TODO |
74+
75+
**Key Insight**: Layer 3 statement proofs are the highest priority. Once complete, you have end-to-end verified contracts! Trust reduction and ledger properties are polish/completeness work.
76+
77+
---
78+
2379
## Critical Path: Layer 3 Completion (🔴 Highest Priority)
2480

81+
**Progress**: 92% → 98% (with statement proofs) → 100% (with composition)
82+
2583
### The Main Blocker
2684

2785
Complete the final verification layer proving **IR → Yul correctness**. This is the only remaining gap in the end-to-end verification chain.
@@ -35,9 +93,9 @@ Complete the final verification layer proving **IR → Yul correctness**. This i
3593
- Fuel-parametric execution models
3694
- Smoke tests demonstrating equivalence for specific cases
3795

38-
**🔄 Pending Work**:
39-
- Statement-level equivalence proofs for 6-8 statement types
40-
- Composition into full function equivalence
96+
**🔄 Pending Work**: 9 theorems remaining
97+
- **8 statement-level equivalence proofs** (parallelizable, independent)
98+
- **1 composition theorem** (depends on all 8 statement proofs)
4199

42100
### Required Theorems
43101

@@ -132,13 +190,17 @@ If the fuel-parametric approach proves too complex:
132190

133191
## Trust Reduction (🟡 High Priority)
134192

135-
### Goal
193+
**Goal**: Eliminate all trust assumptions → Zero-trust verification
136194

137-
Eliminate or verify the 3 remaining trusted components:
195+
### The 3 Remaining Trusted Components
138196

139-
1. **`solc` Yul Compiler** (Yul → EVM bytecode)
140-
2. **Function Selectors** (keccak256 hash computation)
141-
3. **EVM Semantics** (assumed to match specification)
197+
Currently, we trust:
198+
199+
1. **Function Selectors** (keccak256 hash computation) - Not proven in Lean
200+
2. **`solc` Yul Compiler** (Yul → EVM bytecode) - Compilation unverified
201+
3. **EVM Semantics** (assumed to match specification) - No formal link
202+
203+
**Impact**: Eliminating these completes end-to-end zero-trust verification EDSL → EVM
142204

143205
### 1. Function Selector Verification
144206

@@ -199,12 +261,21 @@ Eliminate or verify the 3 remaining trusted components:
199261

200262
### Remaining Addressable Work
201263

202-
#### Ledger Sum Properties (7 exclusions)
264+
#### Ledger Sum Properties (7 properties)
203265

204266
**Issue**: Properties like `mint_sum_equation` and total supply invariants require proving that the sum of all balances equals total supply.
205267

206268
**Blocker**: Requires finite address set modeling (currently addresses are unbounded).
207269

270+
**The 7 Properties**:
271+
1. `mint_sum_equation` - Minting increases total by amount
272+
2. `burn_sum_equation` - Burning decreases total by amount
273+
3. `transfer_sum_preservation` - Transfers preserve total
274+
4. `totalSupply_equals_sum` - Total supply equals sum of all balances
275+
5. `mint_increases_supply` - Minting increases total supply
276+
6. `burn_decreases_supply` - Burning decreases total supply
277+
7. `transfer_preserves_supply` - Transfers don't change total supply
278+
208279
**Solution**:
209280
```lean
210281
-- Add finite address set abstraction
@@ -219,7 +290,7 @@ theorem mint_preserves_supply_sum (s : FiniteAddressSet) :
219290

220291
**Estimated Effort**: 1-2 weeks
221292

222-
**Impact**: Enables proving supply invariants, completes Ledger contract verification
293+
**Impact**: Enables proving supply invariants, completes Ledger contract verification to 100%
223294

224295
#### Proof-Only Properties (82 exclusions)
225296

0 commit comments

Comments
 (0)