KEVM: Semantics of EVM in K
In this repository, we provide a model of the EVM in K.
Fast Installation
bash <(curl https://kframework.org/install)
: install kup package manager.kup install kevm
: install KEVM.kup list kevm
: list available KEVM versions.kup update kevm
: update to latest KEVM version.
NOTE: The first run will take longer to fetch all the libraries and compile sources. (30m to 1h)
Documentation/Support
These may be useful for learning KEVM and K (newest to oldest):
- K, KEVM and Foundry Integration overview
- Jello Paper, a nice presentation of this repository.
- 20 minute tour of the semantics at 2017 Devcon3.
- KEVM 1.0 technical report, especially sections 3 and 5.
- KEVM Paper at CSF'18/FLoC.
To get support for KEVM, please join our Discord Channel.
If you want to start proving with KEVM, refer to VERIFICATION.md.
Repository Structure
The following files constitute the KEVM semantics:
- network.md provides the status codes reported to an Ethereum client on execution exceptions.
- json-rpc.md is an implementation of JSON RPC in K.
- evm-types.md provides the (functional) data of EVM (256-bit words, wordstacks, etc...).
- serialization.md provides helpers for parsing and unparsing data (hex strings, recursive-length prefix, Merkle trees, etc.).
- evm.md is the main KEVM semantics, containing EVMβs configuration and transition rules.
These additional files extend the semantics to make the repository more useful:
- buf.md defines the
#buf
byte-buffer abstraction for use during symbolic execution. - abi.md defines the Contract ABI Specification for use in proofs and easy contract/function specification.
- hashed-locations.md defines the
#hashedLocation
abstraction used to specify Solidity-generated storage layouts. - edsl.md combines the previous three abstractions for ease-of-use.
- foundry.md adds Foundry capabilities to KEVM.
These files are used for testing the semantics itself:
- state-utils.md provides functionality for EVM initialization, setup, and querying.
- driver.md is an execution harness for KEVM, providing a simple language for describing tests/programs.
Building from source
There are two backends of K available: LLVM for concrete execution and Haskell for symbolic execution.
This repository generates the build-products for each backend in .build/usr/lib/kevm
.
System Dependencies
First install the following tools:
Installing Z3
KEVM requires Z3 version 4.12.1, which you may need to install from a source build if your package manager supplies a different version. To do so, follow the instructions here after checking out the correct tag in the Z3 repository:
git clone https://github.com/Z3Prover/z3.git
cd z3
git checkout z3-4.12.1
python scripts/mk_make.py
cd build
make
sudo make install
On macOS, it is easiest to install Z3 from Homebrew.
If you wish to install from the source, install it to an appropriate prefix (e.g. /usr/local
on Intel machines).
Ubuntu
On Ubuntu >= 22.04 (for example):
sudo apt-get install --yes \
autoconf bison clang-12 cmake curl flex gcc jq libboost-test-dev \
libcrypto++-dev libffi-dev libgflags-dev libjemalloc-dev libmpfr-dev \
libprocps-dev libsecp256k1-dev libssl-dev libtool libyaml-dev lld-12 \
llvm-12-tools make maven netcat-openbsd openjdk-11-jdk pkg-config \
protobuf-compiler python3 python3-dev python3-pip rapidjson-dev time \
zlib1g-dev libfmt-dev
On Ubuntu < 18.04, you'll need to skip libsecp256k1-dev
and instead build it from source (via our Makefile
):
make libsecp256k1
Arch Linux
On ArchLinux:
sudo pacman -S \
base base-devel boost clang cmake crypto++ curl git gmp \
gflags jdk-openjdk jemalloc libsecp256k1 lld llvm maven \
mpfr protobuf poetry python stack yaml-cpp zlib
macOS
After installing the Command Line Tools, Homebrew, and getting the blockchain plugin, run:
brew tap kframework/k
brew install java automake libtool gmp mpfr pkg-config maven libffi llvm@14 openssl protobuf python bash kframework/k/[email protected] poetry solidity
make libsecp256k1
NOTE: It is recommended to use the homebrew version of flex
and XCode.
If you are building on an Apple Silicon machine, ensure that your PATH
is set up correctly before running make deps
or make k-deps
.
You can do so using direnv
by copying macos-envrc
to .envrc
, then running direnv allow
.
If the build on macOS still fails, you can also try adding the following lines to the top of your Makefile
under UNAME_S
:
ifeq ($(UNAME_S), Darwin)
SHELL := /usr/local/bin/bash
PATH := $(pwd)/.build/usr/bin:$(PATH)
endif
Haskell Stack (all platforms)
- Haskell Stack.
Note that the version of the
stack
tool provided by your package manager might not be recent enough. Please follow installation instructions from the Haskell Stack website linked above.
To upgrade stack
(if needed):
stack upgrade
export PATH=$HOME/.local/bin:$PATH
Build Dependencies
K Framework
The Makefile
and kevm
will work with either a (i) globally installed K or a (ii) K submodule included in this repository.
For contributing to kevm
, it is highly recommended to go with (ii) because some of the build scripts might not work otherwise.
Follow these instructions to get and build the K submodule:
git submodule update --init --recursive -- deps/k
make k-deps
If you don't need either the LLVM or Haskell backend, there are flags to skip them:
make k-deps SKIP_LLVM=true SKIP_HASKELL=true
On an Apple Silicon machine, an additional flag to make
is required to correctly build the Haskell backend:
make k-deps APPLE_SILICON=true
Blockchain Plugin
You also need to get the blockchain plugin submodule and install it.
git submodule update --init --recursive -- deps/plugin
make plugin-deps
Building
You need to set up a virtual environment using Poetry with the prerequisites python 3.8.*
, pip >= 20.0.2
, poetry >= 1.3.2
:
make poetry
Finally, you can build the semantics.
make build
You can build specific targets using build-llvm
, build-Haskell
, or build-foundry
.
For more information, refer to the Makefile.
Running Tests
To execute tests from the Ethereum Test Set, the submodule needs to be fetched first.
git submodule update --init --recursive -- tests/ethereum-tests
The tests are run using the supplied Makefile
.
Run make build-prove
to generate tests from the markdown files.
The following subsume all other tests:
make test
: All of the quick tests.make test-all
: All of the quick and slow tests.
These are the individual test-suites (all of these can be suffixed with -all
to also run slow tests):
make test-vm
: VMTests from the Ethereum Test Set.make test-bchain
: Subset of BlockchainTests from the Ethereum Test Set.make test-proof
: Proofs from the Verified Smart Contracts.make test-interactive
: Tests of thekevm
command.
When running tests with the Makefile
, you can specify the TEST_CONCRETE_BACKEND
(for concrete tests), or TEST_SYMBOLIC_BACKEND
(for proofs).
For Developers
If built from the source, the kevm
executable will be in the .build/usr/bin
directory.
To make sure you are using the correct kevm
, add this directory to your PATH
:
export PATH=$(pwd)/.build/usr/bin:$PATH
Alternatively, if you work on multiple checkouts of evm-semantics
or other semantics, you could add the relative path .build/usr/bin
to your PATH
.
Do note, however, that this is a security concern.
You can call kevm help
to get a quick summary of how to use the script.
Run the file tests/ethereum-tests/LegacyTests/Constantinople/VMTests/vmArithmeticTest/add0.json
:
kevm run tests/ethereum-tests/LegacyTests/Constantinople/VMTests/vmArithmeticTest/add0.json --schedule DEFAULT --mode VMTESTS
To enable the debug symbols for the llvm backend, build using this command:
make build-llvm KEVM_OPTS=--enable-llvm-debug
To debug a conformance test, add the --debugger
flag to the command:
kevm interpret tests/ethereum-tests/BlockchainTests/GeneralStateTests/stExample/add11.json --backend llvm --mode NORMAL --schedule MERGE --chainid 1 --debugger
Keeping in mind while developing
Always have your build up-to-date.
- If using the kup package manager, run
kup install kevm --version .
to install the local version. - If building from source:
make poetry
needs to be re-run if you touch any of thekevm-pyk
code.make build
needs to be re-run if you touch any of this repos files.make deps
needs to be re-run if there is an update of the K submodule (you didgit submodule update --init --recursive -- deps/k
and it actually did something).- If both
deps
andbuild
need to be re-run, you need to dodeps
first. make clean
is a safe way to remove the.build
directory, but then you need to re-runmake deps
(should be quick this time) andmake build
.
Building with Nix
We now support building KEVM using nix flakes.
To set up nix flakes you will need to be on nix
2.4 or higher and follow the instructions here.
For example, if you are on a standard Linux distribution, such as Ubuntu, first install nix
and then enable flakes by editing either ~/.config/nix/nix.conf
or /etc/nix/nix.conf
and adding:
experimental-features = nix-command flakes
This is needed to expose the Nix 2.0 CLI and flakes support that are hidden behind feature-flags.
By default, Nix will build the project and its transitive dependencies from source, which can take up to an hour. We recommend setting up the binary cache to speed up the build process significantly.
To build KEVM, run:
nix build .#kevm
This will build all of KEVM and K and put a link to the resulting binaries in the result/
folder.
NOTE: Mac users, especially those running M1/M2 Macs may find nix segfaulting on occasion. If this happens, try running the nix command like this: GC_DONT_GC=1 nix build .
If you want to temporarily add the kevm
binary to the current shell, run
nix shell .#kevm
Profiling with Nix
Nix can also be used to quickly profile different versions of the Haskell backend. Simply run:
nix build github:runtimeverification/evm-semantics#profile \
--override-input k-framework/haskell-backend github:runtimeverification/haskell-backend/<HASH> \
-o prof-<HASH>
replacing <HASH>
with the commit you want to run profiling against.
If you want to profile against a working version of the Haskell backend repository, simply cd
into the root of the repo and run:
nix build github:runtimeverification/evm-semantics#profile \
--override-input k-framework/haskell-backend $(pwd) \
-o prof-my-feature
To compare profiles, you can use:
nix run github:runtimeverification/evm-semantics#compare-profiles -- prof-my-feature prof-<HASH>
This will produce a nice table with the times for both versions of the haskell-backend.
Note that #profile
pre-pends the output of kore-exec --version
to the profile run, which is then used as a tag by the #compare-profiles
script.
Therefore, any profiled local checkout of the haskell-backend will report as dirty-ghc8107
in the resulting table.
Media
This repository can build two pieces of documentation for you, the Jello Paper and the 2017 Devcon3 presentation.
System Dependencies
For the presentations in the media
directory, you'll need pdflatex
, commonly provided with texlive-full
, and pandoc
.
sudo apt install texlive-full pandoc
Building
To build all the PDFs (presentations and reports) available in the media/
directory, use:
make media
Resources
- EVM Yellowpaper: Original specification of EVM.
- LEM Semantics of EVM
- EVM Opcode Interactive Reference
- Solidity ABI Encoding
For more information about The K Framework, refer to these sources:
- The K Tutorial
- Semantics-Based Program Verifiers for All Languages
- Reachability Logic Resources
- Matching Logic Resources
- Logical Frameworks: Discussion of logical frameworks.