Add the ability to add post conditions to transactions

[one-hundred-proof]

The Clarinet testing framework has many useful and convenient functions for testing smart contracts such as callPublicFn, callReadOnlyFn and so on. Seeing as it uses a devnet under the hood it should also be possible to simulate the adding of post conditions.

Since many protocols now use post conditions as a vital part of the their security it seems natural to add this is a feature to Clarinet.

What would be involved in getting this feature added? How feasible is it? If it's easy enough I might be able to provide a PR if given some guidance on how to do it.

[hugocaillard]

Hey @one-hundred-proof,
Thanks for this suggestion. I think this is something we could add to the simnet*.

First of all, can you please elaborate on your use case?
My firsy thought is that post conditions are native to the protocol and that they work. So they don't need to be unit-tested at the smart contract / contract calls level.
I can so what value it would bring to having it in the simnet, but I'd like to have your take on that

It requires a bit of work:

• figure out how post conditions are implemented in stacks-core (look into StacksChainState::check_transaction_postconditions in process_transaction_payload in stacks-core/stackslib/src/chainstate/stacks/db/transactions.rs)
• implement it in the clarinet simnet
• add the binding with the JS SDK

• quick note on the semantic: the testing frameworks uses a Simnet, which is a simulated network with basically just the clartiy-vm. While the Devnet, is a full network (with bitcoind, stacks-node, api etc).

[one-hundred-proof]

My firsy thought is that post conditions are native to the protocol and that they work. So they don't need to be unit-tested at the smart contract / contract calls level.
I can so what value it would bring to having it in the simnet, but I'd like to have your take on that

Oh, this is an easy one to answer. Tests are often used as Proof of Concept when reporting a security vulnerability. As a security researcher I often use Foundry on EVM-based chains to show the feasibility of an attack. For this to be convincing I must be able to simulate every aspect of the chain.

quick note on the semantic: the testing frameworks uses a Simnet, which is a simulated network with basically just the clartiy-vm. While the Devnet, is a full network (with bitcoind, stacks-node, api etc).

Thanks for telling me about this distinction. I was not aware. Getting parity between simnet and devnets will be a must.

[hugocaillard]

Oh, this is an easy one to answer. Tests are often used as Proof of Concept when reporting a security vulnerability

I guess it's not that easy. The simnet is a "simulated network", that uses the clarity-vm and simulates everything around it.
It doesn't have have a stacks or a bitcoin node, there's no networking and everything is synchronous. It's meant for smart contract developers that need a fast feedback loop.
The future implementations of post conditions in the simnet would be as close as possible to a real network implementation.
So finding a bug or vulnerability in the simnet is important, and can help finding real bugs or vulnerabilties in the vm, but a valid proof of concept would need to happen on testnet.

parity between simnet and devnets will be a must.

The simnet tries to be as close to the real networks as it can, but parity is not wanted nor achievable.

That being said, post conditions in the simnet will probably be implemented at some point, but it might not serve your purpose as well as you expect