verify_proof exploits

## verify_proof Limitations

In the interest of scalability, `verify_proof` trusts the Lean environment to behave correctly. That's usually fine, but a sufficiently creative adversary can exploit this to make invalid proofs appear valid with Lean metaprogramming.

This is a known limitation that we don't expect to address, since the alternatives below cover adversarial use cases.

If you're verifying untrusted code, consider additionally using these other resources which perform a similar check. These run proofs in isolated environments and are less susceptible to known exploits, at the cost of speed:

- [lean4checker](https://github.com/leanprover/lean4checker): Lean FRO-developed .olean verifier
- [Comparator](https://github.com/leanprover/comparator): Lean FRO-developed gold standard for proof judges
- [SafeVerify](https://github.com/GasStationManager/SafeVerify): battle-tested public proof checker

We recommend reading the [Lean4 reference page on this topic](https://lean-lang.org/doc/reference/latest/ValidatingProofs/) for more discussion.

## Example Attack Patterns

[Malformed declaration exploit](https://leanprover.zulipchat.com/#narrow/channel/270676-lean4/topic/SafeVerify-passing.20kernel.20soundness.20exploit/with/566348973) with [verify_proof URL](https://axle.axiommath.ai/verify_proof#data=eyJmb3JtYWxfc3RhdGVtZW50IjoiaW1wb3J0IE1hdGhsaWJcblxub3BlbiBMZWFuXG5cbnRoZW9yZW0gRkxUIDogRmVybWF0TGFzdFRoZW9yZW0gOj0gc29ycnkiLCJjb250ZW50IjoiaW1wb3J0IE1hdGhsaWJcblxub3BlbiBMZWFuIFxuXG51bnNhZmUgZGVmIGJhZE5hdFVuc2FmZSA6IOKElSA6PSB1bnNhZmVDYXN0ICgtNDI5NDk2NzI5NiA6IOKEpClcblxuQFtpbXBsZW1lbnRlZF9ieSBiYWROYXRVbnNhZmVdIG9wYXF1ZSBiYWROYXRWYWwgOiDihJVcblxucnVuX2VsYWJcbiAgYWRkRGVjbCA8fCAuZGVmbkRlY2wge1xuICAgIG5hbWUgICAgICAgIDo9IC5zdHIgLmFub255bW91cyBcImJhZE5hdFwiXG4gICAgbGV2ZWxQYXJhbXMgOj0gW11cbiAgICB0eXBlICAgICAgICA6PSAuY29uc3QgYGBOYXQgW11cbiAgICB2YWx1ZSAgICAgICA6PSAubGl0IDx8IC5uYXRWYWwgYmFkTmF0VmFsXG4gICAgaGludHMgICAgICAgOj0gLm9wYXF1ZVxuICAgIHNhZmV0eSAgICAgIDo9IC5zYWZlXG4gIH1cblxudGhlb3JlbSBGTFQgOiBGZXJtYXRMYXN0VGhlb3JlbSA6PSBieVxuICBoYXZlIHRydWx5X21hcnZlbG91c18wIDogwqxiYWROYXQg4omkIDkyMjMzNzIwMzY4NTQ3NzU4MDcgOj0gYnkgZGVjaWRlXG4gIGhhdmUgdHJ1bHlfbWFydmVsb3VzXzEgOiDCrDkyMjMzNzIwMzY4NTQ3NzU4MDcgPCBiYWROYXQgOj0gYnkgZGVjaWRlXG4gIHNpbXBfYWxsIG9ubHkgW25vdF9sZV1cblxuI3ByaW50IGF4aW9tcyBGTFRcbi0tICdGTFQnIGRlcGVuZHMgb24gYXhpb21zOiBbcHJvcGV4dF0iLCJtYXRobGliX2xpbnRlciI6ZmFsc2UsInVzZV9kZWZfZXEiOnRydWUsImlnbm9yZV9pbXBvcnRzIjpmYWxzZSwiZW52aXJvbm1lbnQiOiJsZWFuLTQuMjguMCIsInRpbWVvdXRfc2Vjb25kcyI6MTIwfQ%3D%3D)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

verify_proof exploits #2

verify_proof Limitations

Example Attack Patterns

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

verify_proof exploits #2

Description

verify_proof Limitations

Example Attack Patterns

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions