2vyper is an automatic verifier for smart contracts written in Vyper, based on the Viper verification infrastructure. It is being developed at the Programming Methodology Group at ETH Zurich. 2vyper was mainly developed by Robin Sierra, Christian Bräm, and Marco Eilers.
For examples of the provided specification constructs, check out the examples folder. Note that the examples are written in Vyper 0.1.0, but 2vyper supports different versions if a version pragma is set. For documentation, read our paper about 2vyper's specification constructs; an explanation of how the specification constructs introduced in the paper can be used in the tool, as well as documentation of configuration options and other specification functions, can be found here. More information about 2vyper's encoding and implementation can be found in Robin Sierra's and Christian Bräm's Master's theses on the tool.
Install Java >= 11 (64 bit) and Python >= 3.7 (64 bit).
For usage with the Viper's verification condition generation backend Carbon, you will also need to install the .NET / the Mono runtime.
- Install Java >= 11 (64 bit) and Python >= 3.7 (64 bit).
- Install either Visual C++ Build Tools 2015 (http://go.microsoft.com/fwlink/?LinkId=691126) or Visual Studio 2015. For the latter, make sure to choose the option "Common Tools for Visual C++ 2015" in the setup (see https://blogs.msdn.microsoft.com/vcblog/2015/07/24/setup-changes-in-visual-studio-2015-affecting-c-developers/ for an explanation).
Clone the 2vyper repository:
git clone https://github.com/viperproject/2vyper cd 2vyper/
Create a virtual environment and activate it:
virtualenv env source env/bin/activate
Install 2vyper:
pip install .
To verify a specific file from the 2vyper directory, run:
2vyper [OPTIONS] path-to-file.vy
The following command line options are available:
``--verifier``
Selects the Viper backend to use for verification.
Possible options are ``silicon`` (for Symbolic Execution) and ``carbon``
(for Verification Condition Generation based on Boogie).
Default: ``silicon``.
``--viper-jar-path``
Sets the path to the required Viper binaries (``silicon.jar`` or
``carbon.jar``). Only the binary for the selected backend is
required. We recommend that you use the provided binary
packages installed by default, but you can or compile your own from
source.
Expects either a single path or a colon- (Unix) or semicolon-
(Windows) separated list of paths. Alternatively, the environment
variables ``SILICONJAR``, ``CARBONJAR`` or ``VIPERJAR`` can be set.
``--z3``
Sets the path of the Z3 executable. Alternatively, the
``Z3_EXE`` environment variable can be set.
``--boogie``
Sets the path of the Boogie executable. Required if the Carbon backend
is selected. Alternatively, the ``BOOGIE_EXE`` environment variable can be
set.
``--counterexample``
Produces a counterexample if the verification fails. Currently only works
with the default ``silicon`` backend.
``--vyper-root``
Sets the root directory for the Vyper compiler.
``--skip-vyper``
Skips type checking the given Vyper program using the Vyper compiler.
``--print-viper``
Print the generated Viper file to the command line.
To see all possible command line options, invoke 2vyper without arguments.
To use a custom version of the Viper infrastructure, follow the
instructions here. Look for
sbt assembly to find instructions for packaging the required JAR files. Use the
parameters mentioned above to instruct 2vyper to use your custom Viper version.
Note that 2vyper may not always work with the most recent Viper version.
On Windows: During the setup, you get an error like
Microsoft Visual C++ 14.0 is required.orUnable to fnd vcvarsall.bat:Python cannot find the required Visual Studio 2015 C++ installation, make sure you have either installed the Build Tools or checked the "Common Tools" option in your regular VS 2015 installation (see above).
While verifying a file, you get a stack trace ending with something like
No matching overloads found:The version of Viper you're using does not match your version of 2vyper. Try using the the one that comes with 2vyper instead.