mirror of
https://github.com/tendermint/tendermint.git
synced 2026-01-04 20:23:59 +00:00
85636f6a00
* Update Makefile with changes from #7372 Signed-off-by: Thane Thomson <connect@thanethomson.com> * Sync main GitHub config with master and update Signed-off-by: Thane Thomson <connect@thanethomson.com> * Remove unnecesary dot folders Signed-off-by: Thane Thomson <connect@thanethomson.com> * Sync dotfiles Signed-off-by: Thane Thomson <connect@thanethomson.com> * Remove unused Jepsen tests for now Signed-off-by: Thane Thomson <connect@thanethomson.com> * tools: remove k8s (#6625) Remove mintnet as discussed on team call. closes #1941 * Restore nightly fuzz testing of P2P addrbook and pex Signed-off-by: Thane Thomson <connect@thanethomson.com> * Fix YAML lints Signed-off-by: Thane Thomson <connect@thanethomson.com> * Fix YAML formatting nits Signed-off-by: Thane Thomson <connect@thanethomson.com> * More YAML nits Signed-off-by: Thane Thomson <connect@thanethomson.com> * github: fix linter configuration errors and occluded errors (#6400) * Minor fixes to OpenAPI spec to sync with structs on main Signed-off-by: Thane Thomson <connect@thanethomson.com> * Remove .github/auto-comment.yml - does not appear to be used Signed-off-by: Thane Thomson <connect@thanethomson.com> * Add issue config with link to discussions Signed-off-by: Thane Thomson <connect@thanethomson.com> * Adjust issue/PR templates to suit current process Signed-off-by: Thane Thomson <connect@thanethomson.com> * Remove unused RC branch config from release workflow Signed-off-by: Thane Thomson <connect@thanethomson.com> * Fix wildcard matching in build jobs config Signed-off-by: Thane Thomson <connect@thanethomson.com> * Document markdownlint config Signed-off-by: Thane Thomson <connect@thanethomson.com> * Restore manual E2E test group config Signed-off-by: Thane Thomson <connect@thanethomson.com> * Document linter workflow with local execution instructions Signed-off-by: Thane Thomson <connect@thanethomson.com> * Document and fix minor nit in Super-Linter markdownlint config Signed-off-by: Thane Thomson <connect@thanethomson.com> * Update .github/ISSUE_TEMPLATE/bug-report.md Co-authored-by: William Banfield <4561443+williambanfield@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: William Banfield <4561443+williambanfield@users.noreply.github.com> * Update pull request template to add language around discussions/issues Signed-off-by: Thane Thomson <connect@thanethomson.com> * .golangci.yml: Deleted commented-out lines Signed-off-by: Thane Thomson <connect@thanethomson.com> * ci: Drop "-2" from e2e-nightly-fail workflow Signed-off-by: Thane Thomson <connect@thanethomson.com> * Address triviality concern in PR template Signed-off-by: Thane Thomson <connect@thanethomson.com> Co-authored-by: Marko <marbar3778@yahoo.com> Co-authored-by: Sam Kleinman <garen@tychoish.com> Co-authored-by: William Banfield <4561443+williambanfield@users.noreply.github.com>
Ivy Proofs
Copyright (c) 2020 Galois, Inc.
SPDX-License-Identifier: Apache-2.0
Contents
This folder contains:
tendermint.ivy, a specification of Tendermint algorithm as described in The latest gossip on BFT consensus by E. Buchman, J. Kwon, Z. Milosevic.abstract_tendermint.ivy, a more abstract specification of Tendermint that is more verification-friendly.classic_safety.ivy, a proof that Tendermint satisfies the classic safety property of BFT consensus: if every two quorums have a well-behaved node in common, then no two well-behaved nodes ever disagree.accountable_safety_1.ivy, a proof that, assuming every quorum contains at least one well-behaved node, if two well-behaved nodes disagree, then there is evidence demonstrating at least f+1 nodes misbehaved.accountable_safety_2.ivy, a proof that, regardless of any assumption about quorums, well-behaved nodes cannot be framed by malicious nodes. In other words, malicious nodes can never construct evidence that incriminates a well-behaved node.network_shim.ivy, the network model and a convenienceshimobject to interface with the Tendermint specification.domain_model.ivy, a specification of the domain model underlying the Tendermint specification, i.e. rounds, value, quorums, etc.
All specifications and proofs are written in Ivy.
The license above applies to all files in this folder.
Building and running
The easiest way to check the proofs is to use Docker.
- Install Docker and Docker Compose.
- Build a Docker image:
docker-compose build - Run the proofs inside the Docker container:
docker-compose run tendermint-proof. This will check all the proofs with theivy_checkcommand and write the output ofivy_checkto a subdirectory of `./output/'