What’s Formal Verification?

What’s Formal Verification?

Formal verification is a technique of mathematically proving that a pc program purposes as supposed. It comes to expressing this system’s houses and anticipated conduct as mathematical formulation, after which the usage of automatic equipment to test that those formulation hang true. This procedure is helping make sure that this system meets its desired specs.

What’s Formal Verification?

Formal verification is a device that may be carried out to many techniques, together with:

  • Laptop {hardware} design: Making sure that built-in circuits and virtual techniques meet their desired specs and behave as it should be.
  • Device engineering: Verifying the correctness and reliability of instrument techniques, particularly in mission-critical programs comparable to aviation, scientific gadgets, and fiscal techniques.
  • Cybersecurity: Comparing the protection of cryptographic algorithms and protocols, and figuring out vulnerabilities in security-sensitive techniques.
  • Synthetic intelligence and device studying: Verifying the houses and behaviour of AI and ML fashions, making sure that they perform as supposed and make correct predictions.
  • Automatic theorem proving: Verifying mathematical theorems and proving mathematical conjectures, which has programs in fields comparable to arithmetic, physics, and laptop science.
  • Blockchain and good contracts: Making sure the correctness, safety, and reliability of blockchain techniques and good contracts.

Formal Verification of Sensible Contracts

Formal verification of good contracts works by means of representing the good judgment and desired conduct of good contracts as mathematical statements, after which the usage of automatic equipment to test if those statements are right kind.

The method comes to:

  1. Defining the specs and desired houses of a freelance in a proper language.
  2. Translating the code of the contract into a proper illustration, comparable to mathematical good judgment or fashions.
  3. The use of automatic theorem provers or fashion checkers to validate that the specs and houses of the contract hang true.
  4. Repeating the verification procedure to seek out and connect any mistakes or deviations from the specified houses.

Infrequently the automatic theorem provers or fashion checkers can’t end up or disprove {that a} assets holds true. On this case, the specs and desired houses would possibly wish to be subtle and the verification procedure repeated.

The specs and desired houses may also be subtle by means of making use of extra specs to smaller items of code or making the specs extra detailed. This may make it more uncomplicated for the theory provers and fashion checkers to validate that specs and houses hang true.

Formal verification may also be carried out to 1 contract or to a couple of contracts at a time. Web3 tasks ceaselessly use a couple of contracts, and you will need to ensure that the contracts paintings in combination and enforce the specified undertaking capability as it should be.

This use of mathematical reasoning is helping to make sure that good contracts are loose from insects, vulnerabilities, and different accidental conduct. It additionally is helping to extend agree with and self assurance within the contract, as its houses had been conscientiously confirmed to be right kind.

Translating Code right into a Formal Illustration

Code Snippet 1 displays a simplified program that implements a token switch serve as. There are two customers that every have a stability of tokens (stability and balance2). The serve as transferFromUser1 transfers tokens from Consumer 1 to Consumer 2. This system has an invariant that the whole provide of tokens at all times equals the sum of the balances.

uint balance1;
uint balance2;
uint totalSupply;

// Switch cash from Consumer 1 to Consumer 2.
serve as transferFromUser1(uint quantity) {
balance1 = balance1 – quantity;
balance2 = balance2 + quantity;
Code Snippet 1: A easy program illustrating a switch

We constitute the invariant as a mathematical method. We quantity formulation to stay observe of them. As a result of formulation are mathematical, = method “equals”, now not project, in them:

Formulation 1: totalSupply = balance1 + balance2 // sum of balances

Code Snippet 2 displays how we will be able to upload logical formulation representing what is right at every level within the serve as (for simplicity, we forget about the potential for integer overflow. Dealing with that might make the formulation for much longer).

serve as transferFromUser1(uint quantity) {

// Formulation 1: totalSupply = balance1 + balance2

balance1 = balance1 – quantity;

// outdated(balance1) represents the price of balance1 when coming into the serve as.
// Formulation 2: totalSupply = outdated(balance1) + balance2
// Formulation 3: balance1 = outdated(balance1) – quantity // implied by means of the project
// Formulation 4: Formulation 2 ^ Formulation 3

balance2 = balance2 + quantity;

// outdated(balance2) represents the price of balance2 when coming into the serve as.
// Replace outdated(balance2) into Formulation 4, changing balance2.
// Formulation 5: (totalSupply = outdated(balance1) + outdated(balance2)) ^
// (balance1 = outdated(balance1) – quantity)
// Formulation 6: balance2 = outdated(balance2) + quantity // implied by means of the project
// Formulation 7: Formulation 5 ^ Formal 6.
// Formulation 7 expands to:
// (totalSupply = outdated(balance1) + outdated(balance2)) ^
// (balance1 = outdated(balance1) – quantity) ^
// (balance2 = outdated(balance2) + quantity)

Code Snippet 2: Serve as with logical formulation representing the that means of the code.

If we need to test that transferFromUser1 maintains this system invariant, we will be able to test that Formulation 7 (on the finish of the serve as) implies the invariant (Formulation 1). This is the evidence, the usage of high-school algebra simplification laws.

Suppose Formulation 7 is right
Clear up for outdated(balance1) and outdated(balance2) the usage of the final 2 clauses of Formulation 7:
outdated(balance1) = balance1 + quantity
outdated(balance2) = balance2 - quantity
Replace that into the primary clause of Formulation 7:
totalSupply = (balance1 + quantity) + (balance2 - quantity)
Cancel addition and subtraction of quantity:
totalSupply = balance1 + balance2
How formal verification and handbook auditing paintings in combination
Formal verification and handbook auditing supplement every different in making sure the protection of good contracts.

Formal verification supplies a scientific and automatic approach to test the contract’s good judgment and behaviour towards its desired houses, making it more uncomplicated to spot and connect any possible mistakes or insects. It’s particularly helpful for locating advanced and refined problems that can be tough to hit upon thru handbook inspection. When coping with advanced or a couple of contracts, it could grow to be tough for a human to explanation why about the entire imaginable mixtures and circumstances that wish to be checked. Machines, then again, are well-suited to this job.

Guide auditing supplies a human knowledgeable assessment of the contract’s code, design, and deployment. The auditor can use their revel in and experience to spot possible safety dangers and assessment the contract’s total safety posture. They may be able to additionally examine that the formal verification procedure used to be carried out as it should be, and test for problems that might not be detectable with automatic equipment. Their knowledgeable perception is helping make sure that the specs and desired houses utilized in formal verification are certainly the correct ones.

Combining formal verification and handbook auditing supplies a complete and thorough analysis of a sensible contract’s safety, expanding the possibilities of discovering and solving any vulnerabilities. The result’s a defense-in-depth way to safety that leverages the original features of each people and machines.


That is an outline of what formal verification is and the way it may be carried out to extend the protection of good contracts and decentralized programs. Keep tuned for a drawing close technical deep dive into the formal verification of ERC-20 tokens.

It is a visitor publish from CertiK initially revealed right here.

What’s CertiK:

CertiK is a blockchain safety company that is helping tasks determine and get rid of safety vulnerabilities in blockchains, good contracts, and Web3 programs the usage of its products and services, merchandise, and cybersecurity ways.

The place to seek out CertiK:

Web page | Twitter | Medium | Telegram | YouTube |

Leave a Reply