Conversation
Deploying with
|
| Status | Name | Latest Commit | Updated (UTC) |
|---|---|---|---|
| ✅ Deployment successful! View logs |
commonware-mcp | 5309b74 | Mar 04 2026, 04:46 PM |
dnkolegov-ar
force-pushed
the
denis/simplex-quint
branch
from
fdd47e8 to
45ea60b
Compare
Deploying monorepo with
|
| Latest commit: |
5309b74
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://a8b4e908.monorepo-eu0.pages.dev |
| Branch Preview URL: | https://denis-simplex-quint.monorepo-eu0.pages.dev |
dnkolegov-ar
force-pushed
the
denis/simplex-quint
branch
from
45ea60b to
21c58c8
Compare
dnkolegov-ar
force-pushed
the
denis/simplex-quint
branch
from
21c58c8 to
b8d4ab4
Compare
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 6 potential issues.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
consensus/quint/scripts/invariant.sh
Outdated
| QUINT_LOGS="./out_inv" | ||
|
|
||
| # Default invariants list | ||
| DEFAULT_INVARIANTS="no_proposal_equivocation,agreement,no_vote_equivocation_inv,no_nullification_and_finalization_in_the_same_view,validity,valid_last_finalized,certificates_are_valid_inv,notarized_consistency,safe_finalization" |
There was a problem hiding this comment.
Missing invariant in default verification list
Medium Severity
DEFAULT_INVARIANTS in invariant.sh is missing finalize_requires_notarization, which is included in all_invariants in replica.qnt. Running invariant.sh without explicitly specifying invariants will skip checking this safety property, meaning it won't be verified in parallel invariant checking workflows.
Additional Locations (1)
|
|
||
| run timeoutBroadcastsNullifyTest = { | ||
| initWithLeaderAndCertify( | ||
| Map(0 -> "n0", 1 -> "n0", 2 -> "n1", 3 -> "n2", 4 -> "n3"), |
There was a problem hiding this comment.
Incomplete leader map missing views 5 and 6
Medium Severity
The leader map in timeoutBroadcastsNullifyTest only covers views 0–4, but VIEWS is 0.to(6) (views 0–6). Entries for views 5 and 6 are missing, which would cause a runtime error if any action tries to look up the leader for those views. Other tests in this file correctly provide all 7 entries.
| val cert = notarization(FIRST_VIEW, "val_b1", Set("n0", "n1", "n2"), "n0") | ||
|
|
||
| initWithLeaderAndCertify( | ||
| Map(0 -> "n0", 1 -> "n0", 2 -> "n1", 3 -> "n2", 4 -> "n3", 4 -> "n3", 5 -> "n0", 6 -> "n0"), |
There was a problem hiding this comment.
Duplicate key in leader map literal
Low Severity
The leader map in notarizationCertificateTriggersFinalizeTest has key 4 specified twice (4 -> "n3", 4 -> "n3"). While both entries have the same value so behavior is unchanged, this is a copy-paste error that could mask a missing or incorrect mapping for a different view.
| // Check this invariant to see an example of having a quorum of votes. | ||
| val votes_quorum_example = CORRECT.forall(id => { | ||
| store_vote.get(id).size() <= M | ||
| }) |
There was a problem hiding this comment.
Subquorum and quorum examples have identical logic
Low Severity
votes_subquorum_example and votes_quorum_example both use the same threshold <= M. The subquorum example likely intended < M to find a state with fewer votes than a quorum, making these two "examples" indistinguishable.
consensus/quint/scripts/smoke.sh
Outdated
| "JVM_ARGS=-Xmx40G quint run --invariant=safe main_n6f1b1.qnt --max-samples 20000 --max-steps 50" | ||
| "JVM_ARGS=-Xmx40G quint verify --invariant=safe main_n6f1b0.qnt --max-steps 7" | ||
| "./scripts/invariant.sh run ./twins_n6f1b1.qnt 18 --random-transitions" | ||
| "./scripts/verify.sh random ./main_n6f1b0.qnt safe 10 1 10" |
There was a problem hiding this comment.
Scripts reference non-existent specification files
Medium Severity
smoke.sh references main_n6f1b1.qnt, main_n6f1b0.qnt, and twins_n6f1b1.qnt, and the makefile repl target references main_n6f0.qnt. None of these files exist in the repository. Running these scripts or the make repl target will fail.
Additional Locations (1)
consensus/quint/replica.qnt
Outdated
| val can_send_nullify = and { | ||
| not(can_certify(id, cert_block_val)), | ||
| not(has_sent_nullify(id, cert_view_num)), | ||
| } |
There was a problem hiding this comment.
Missing finalize guard allows equivocation in nullify path
Medium Severity
The can_send_nullify guard is missing a not(has_sent_finalize(id, cert_view_num)) check, unlike the symmetric can_send_finalize guard which checks both not(has_sent_finalize(...)) and not(has_sent_nullify(...)). This allows a correct replica to send both finalize and nullify for the same view — when a Byzantine adversary injects a forged notarization certificate for a non-certifiable block in a view where the replica already finalized a different block. The resulting ghost_sent_votes sequence of length 3 would violate votes_seq_correct and the no_vote_equivocation_inv invariant.
This reverts commit 4d5fcf7.
Codecov Report✅ All modified and coverable lines are covered by tests. @@ Coverage Diff @@
## main #3275 +/- ##
==========================================
- Coverage 93.86% 93.00% -0.86%
==========================================
Files 419 418 -1
Lines 142507 141987 -520
Branches 0 3393 +3393
==========================================
- Hits 133759 132051 -1708
- Misses 8748 8846 +98
- Partials 0 1090 +1090 see 205 files with indirect coverage changes Continue to review full report in Codecov by Sentry.
🚀 New features to boost your workflow:
|
1 participant
No description provided.