Specs

.gitignore

@@ -18,3 +18,4 @@ artifacts
 .DS_Store
 /contracts/dist/
 /contracts/types/
+.certora_internal

certora/conf/EntryPoint.conf

@@ -0,0 +1,28 @@
+{
+	"files": [
+		"contracts/core/EntryPoint.sol"
+	],
+	"hashing_length_bound": "96",
+	"loop_iter": "4",
+	"optimistic_fallback": true,
+	"optimistic_hashing": true,
+	"optimistic_loop": true,
+	"packages": [
+		"@openzeppelin=node_modules/@openzeppelin",
+		"@uniswap=node_modules/@uniswap"
+	],
+	"process": "emv",
+	"prover_args": [
+		"-canonicalizeTAC false",
+		"-assumeFPStrictlyMonotonic false",
+		"-enableSolidityBasedInlining true",
+		"-adaptiveSolverConfig false",
+		"-destructiveOptimizations enable",
+		"-enableFlowSensitivePartitioning true",
+		"-enableABIAnalysis true",
+		"-optimisticBufferContents true",
+		"-enableAggressiveABIOptimization true"
+	],
+	"smt_timeout": "1800",
+	"verify": "EntryPoint:certora/specs/entryPoint.spec",
+}

certora/conf/EntryPoint_sanity.conf

@@ -0,0 +1,28 @@
+{
+	"files": [
+		"contracts/core/EntryPoint.sol"
+	],
+	"hashing_length_bound": "96",
+	"loop_iter": "4",
+	"optimistic_fallback": true,
+	"optimistic_hashing": true,
+	"optimistic_loop": true,
+	"packages": [
+		"@openzeppelin=node_modules/@openzeppelin",
+		"@uniswap=node_modules/@uniswap"
+	],
+	"process": "emv",
+	"prover_args": [
+		"-canonicalizeTAC false",
+		"-assumeFPStrictlyMonotonic false",
+		"-enableSolidityBasedInlining true",
+		"-adaptiveSolverConfig false",
+		"-destructiveOptimizations enable",
+		"-enableFlowSensitivePartitioning true",
+		"-enableABIAnalysis true",
+		"-optimisticBufferContents true",
+		"-enableAggressiveABIOptimization true"
+	],
+	"smt_timeout": "1800",
+	"verify": "EntryPoint:certora/specs/entryPointSanity.spec",
+}

certora/conf/alwaysRevert.conf

@@ -0,0 +1,28 @@
+{
+	"files": [
+		"contracts/core/EntryPoint.sol"
+	],
+	"hashing_length_bound": "96",
+	"loop_iter": "3",
+	"optimistic_fallback": true,
+	"optimistic_hashing": true,
+	"optimistic_loop": true,
+	"packages": [
+		"@openzeppelin=node_modules/@openzeppelin",
+		"@uniswap=node_modules/@uniswap"
+	],
+	"process": "emv",
+	"prover_args": [
+		"-canonicalizeTAC false",
+		"-assumeFPStrictlyMonotonic false",
+		"-enableSolidityBasedInlining true",
+		"-adaptiveSolverConfig false",
+		"-destructiveOptimizations enable",
+		"-enableFlowSensitivePartitioning true",
+		"-enableABIAnalysis true",
+		"-optimisticBufferContents true",
+		"-enableAggressiveABIOptimization true"
+	],
+	"smt_timeout": "1800",
+	"verify": "EntryPoint:certora/specs/alwaysRevert.spec",
+}

certora/conf/nonHandleOps.conf

@@ -0,0 +1,24 @@
+{
+	"files": [
+		"contracts/core/EntryPoint.sol"
+	],
+	"hashing_length_bound": "96",
+	"loop_iter": "3",
+	"optimistic_fallback": true,
+	"optimistic_hashing": true,
+	"optimistic_loop": true,
+	"packages": [
+		"@openzeppelin=node_modules/@openzeppelin",
+		"@uniswap=node_modules/@uniswap"
+	],
+	"process": "emv",
+	"prover_args": [
+		"-canonicalizeTAC false",
+		"-assumeFPStrictlyMonotonic false",
+		"-enableSolidityBasedInlining true",
+		"-destructiveOptimizations enable"
+	],
+	"rule_sanity": "basic",
+	"smt_timeout": "1800",
+	"verify": "EntryPoint:certora/specs/entryPoint.spec",
+}

certora/conf/residual.conf

@@ -0,0 +1,25 @@
+{
+	"files": [
+		"contracts/core/EntryPoint.sol"
+	],
+	"hashing_length_bound": "96",
+	"independent_satisfy": true,
+	"loop_iter": "3",
+	"optimistic_fallback": true,
+	"optimistic_hashing": true,
+	"optimistic_loop": true,
+	"packages": [
+		"@openzeppelin=node_modules/@openzeppelin",
+		"@uniswap=node_modules/@uniswap"
+	],
+	"process": "emv",
+	"prover_args": [
+		"-canonicalizeTAC false",
+		"-assumeFPStrictlyMonotonic false",
+		"-enableSolidityBasedInlining true"
+	],
+	"rule_sanity": "basic",
+	"rule": ["checkInnerHandleOp"],
+	"smt_timeout": "1800",
+	"verify": "EntryPoint:certora/specs/residual.spec",
+}

certora/patch/prover_optimization.patch

@@ -0,0 +1,40 @@
+diff --git a/contracts/core/EntryPoint.sol b/contracts/core/EntryPoint.sol
+index 058d8eb..8953da2 100644
+--- a/contracts/core/EntryPoint.sol
++++ b/contracts/core/EntryPoint.sol
+@@ -108,7 +108,7 @@ contract EntryPoint is IEntryPoint, StakeManager, NonceManager, ReentrancyGuardT
+             assembly ("memory-safe") {
+                 success := call(gas(), address(), 0, add(innerCall, 0x20), mload(innerCall), 0, 32)
+                 collected := mload(0)
+-                mstore(0x40, saveFreePtr)
++                // mstore(0x40, saveFreePtr) // make analysis succeed, no-op
+             }
+         }
+         if (!success) {
+@@ -299,7 +299,7 @@ contract EntryPoint is IEntryPoint, StakeManager, NonceManager, ReentrancyGuardT
+         MemoryUserOp mUserOp;
+         bytes32 userOpHash;
+         uint256 prefund;
+-        uint256 contextOffset;
++        bytes contextOffset; // make analysis succeed, no-op
+         uint256 preOpGas;
+     }
+
+@@ -780,7 +780,7 @@ contract EntryPoint is IEntryPoint, StakeManager, NonceManager, ReentrancyGuardT
+      */
+     function getOffsetOfMemoryBytes(
+         bytes memory data
+-    ) internal pure returns (uint256 offset) {
++    ) internal pure returns (bytes memory offset /* make analysis succeed, no-op */) {
+         assembly {
+             offset := data
+         }
+@@ -791,7 +791,7 @@ contract EntryPoint is IEntryPoint, StakeManager, NonceManager, ReentrancyGuardT
+      * @param offset - The offset to get the bytes from.
+      */
+     function getMemoryBytesFromOffset(
+-        uint256 offset
++        bytes memory offset // make analysis succeed, no-op
+     ) internal pure returns (bytes memory data) {
+         assembly ("memory-safe") {
+             data := offset