47 research outputs found
Sur la conception d'un service de changement de contexte et de sa preuve dans le proto-noyau Pip
International audienceThe Pip protokernel is a kernel whose trusted computing base is reduced to its bare bones. The goal of such minimisation is twofold: reduce the attack surface and reduce the cost of the formal proof of security. In particular, multiplexing is not implemented in the kernel but in a partition whose code is executed in user mode. This of course assumes that the kernel provides minimal services dedicated to signal sending. In this paper, we describe a streamlined service designed to allow for inter-partition communication through userland structures that mimic the traditional Interrupt Descriptor Table
Turning Catala into a Proof Platform for the Law
International audienc
Learning to Prove Theorems by Learning to Generate Theorems
We consider the task of automated theorem proving, a key AI task. Deep
learning has shown promise for training theorem provers, but there are limited
human-written theorems and proofs available for supervised learning. To address
this limitation, we propose to learn a neural generator that automatically
synthesizes theorems and proofs for the purpose of training a theorem prover.
Experiments on real-world tasks demonstrate that synthetic data from our
approach improves the theorem prover and advances the state of the art of
automated theorem proving in Metamath. Code is available at
https://github.com/princeton-vl/MetaGen
End-to-End Formal Verification of Ethereum 2.0 Deposit Smart Contract
We report our experience in the formal verification of the deposit smart contract, whose correctness is critical for the security of Ethereum 2.0, a new Proof-of-Stake protocol for the Ethereum blockchain. The deposit contract implements an incremental Merkle tree algorithm whose correctness is highly nontrivial, and had not been proved before. We have verified the correctness of the compiled bytecode of the deposit contract to avoid the need to trust the underlying compiler. We found several critical issues of the deposit contract during the verification process, some of which were due to subtle hidden bugs of the compiler.Ope