Abstract

Abstract

Abstract
JavaScript is a widely used programming language initially designed to make the Web more dynamic in the 1990s. In the last decade, though, its scope has extended far beyond the Web, finding utility in backend development, desktop applications, and even IoT devices. To circumvent the needs of modern programming, JavaScript has undergone a remarkable evolution since its inception, with the groundbreaking release of its sixth version in 2015 (ECMAScript 6 standard). While adopting modern JavaScript features promises several benefits (such as improved code comprehension and maintenance), little is known about which modern features of the language have been used in practice (or even ignored by the community). To fill this gap, in this paper, we report the results of an empirical study that aims to understand the adoption trends of modern JavaScript features, and whether or not developers conduct rejuvenation efforts to replace legacy JavaScript constructs and idioms with modern ones in legacy systems. To this end, we mined the source code history of 158 JavaScript open-source projects, identified contributions to rejuvenate legacy code, and used time series to characterize the adoption trends of modern JavaScript features. The results of our study reveal extensive use of JavaScript modern features which are present in more than 80% of the analyzed projects. Our findings also reveal that (a) the widespread adoption of modern features happened between one and two years after the release of ES6 and, (b) a consistent trend toward increasing the adoption of modern JavaScript language features in open-source projects and (c) large efforts to rejuvenate the source code of their programs.

Abstract

Abstract
Jasmin is a programming language for high-speed and high-assurance cryptography. Correctness proofs of Jasmin programs are typically carried out deductively in EasyCrypt. This allows generality, modularity and composable reasoning, but does not scale well for low-level architecture-specific routines. CryptoLine offers a semi-automatic approach to formally verify algebraically-rich low-level cryptographic routines. CryptoLine proofs are self-contained: they are not integrated into higher-level formal verification developments. This paper shows how to soundly use CryptoLine to discharge subgoals in functional correctness proofs for complex Jasmin programs. We extend Jasmin with annotations and provide an automatic translation into a CryptoLine model, where most complex transformations are certified. We also formalize and implement the automatic extraction of the semantics of a CryptoLine proof to EasyCrypt. Our motivating use-case is the X-Wing hybrid KEM, for which we present the first formally verified implementation. © 2025 Copyright held by the owner/author(s).

Abstract
We propose a hybrid formal verification approach that combines high-level deductive reasoning and circuit-based reasoning and apply it to highly optimized cryptographic assembly code. Our approach permits scaling up formal verification in two complementary directions: 1) it reduces the proof effort required for low-level functions where the computation logics are obfuscated by the intricate use of architecture-specific instructions and 2) it permits amortizing the effort of proving one implementation by using equivalence checking to propagate the guarantees to other implementations of the same computation using different optimizations or targeting different architectures. We demonstrate our approach via an extension to the EasyCrypt proof assistant and by revisiting formally verified implementations of ML-KEM in Jasmin. As a result, we obtain the first formally verified implementation of ML-KEM that offers performance comparable to the fastest non-verified implementation in x86-64 architectures.