What Is Formal Verification
This blog post will cover:
- How formal verification works
- Where did formal verification come from?
- The functions of smart contract verification
- Can formal verification replace manual audits?
- The difficulties of working with formal verification
Formal verification is a rigorous method used to verify that a system or software design functions correctly by mathematically proving its properties. The formal methods are based on mathematical logic to make a conclusion about the behavior and correctness of a system. It is essential in cybersecurity, artificial intelligence, machine learning, science, and crypto, particularly smart contracts.
In this article, we are going to find out how formal verification of smart contracts works, and what its significance is in the Crypto World.
How formal verification works
Depending on the methods and tools that are used for verification, the process might look slightly different. However, there are some general steps that are common for most of them.
- Specification. First, the developers have to decide how exactly the smart contract is supposed to work. To do so, they specify the expected inputs, outputs, and any constraints or requirements.
- Modeling. Using a suitable formal language or framework, developers represent the contract's logic, state transitions, and interactions with other contracts or entities. Common formal modeling languages for smart contracts include formal specification languages like Solidity, Vyper, or the Ethereum Virtual Machine bytecode.
- Formalization. The formal model is then translated into a mathematical representation. This means that everything that is expected from the smart contract is translated into a formal language (a precise and well-defined mathematical language), such as temporal logic or first-order logic.
- Verification. Theorem proving or model checking is used at this stage to ensure that the formal model of the smart contract functions properly. The tools generate proof obligations or perform exhaustive state-space exploration to check if the specified properties hold under all possible scenarios.
If during the verification process, a vulnerability or incorrect execution of a smart contract is detected, developers identify the causes and fix the code, then check the model again until everything functions properly.
The process can take a long time because Web3 projects often use extremely complex smart contracts and/or have many of them, and in this case not only do developers have to ensure that the smart contracts work correctly on their own, but also that there are no errors in their interactions in various scenarios.
Where did formal verification come from?
Since formal verification has its roots in mathematics, its beginning is much older than the concept of smart contracts. German scientist Gottfried Wilhelm Leibniz, who lived in the 17th century, came up with the idea of utilizing a uniform symbolic language for mathematical discourse.
Then in 1954, an American mathematician Martin Davis created the first mathematical proof for a theorem that was computer-generated. In the 1960s such theorems started to be used to prove the correctness of computer programs’ functioning. They have since been a part of computer science, and Ethereum, which helped the concept of smart contracts gain much traction, recommends formal verification as one of the methods of improving the safety of self-executing programs.
The functions of smart contract verification
First of all, formal verification makes smart contracts more secure and reliable. Any vulnerabilities or flaws in the smart contract's code can have severe consequences, including financial loss, exploits, or disruption of the intended functionality. By detecting and fixing bugs, logical errors, etc. the risk of unexpected failures or malfunctions is decreased.
What is more, smart contracts are designed to operate in trustless environments, where parties rely on the contract's code and its predefined rules instead of trusting a central authority. Verification increases trust in the smart contract by providing mathematical evidence that the contract works correctly. It offers transparency and clarity, allowing users and stakeholders to understand the contract's behavior and make informed decisions.
Furthermore, smart contracts are being used more and more in various industries and sectors, such as finance, supply chain, and legal agreements. In such cases, formal verification can provide compliance with legal and regulatory requirements which is crucial for the legitimacy and enforceability of smart contracts.
Finally, identifying and fixing issues in smart contracts during the development phase is more cost-effective and time-efficient compared to discovering them after deployment.
Can formal verification replace manual audits?
Formal verification is not a means to replace manual audits by experts in smart contract security. Rather, these two instruments work together.
On one hand, formal verification is more automated and uses a wide array of methods that allows one to put the code through many different scenarios which is hard to do manually and there is a chance of missing some aspects and combinations of smart contract work.
On the other hand, the expertise of a specialist is needed to check whether the formal modeling and the outcomes contain no errors or bugs. Thus, both methods are necessary to ensure the correctness of smart contracts.
The difficulties of working with formal verification
While formal verification is vital for smart contracts it is not perfect and has its drawbacks.
First, formal verification techniques require specialized knowledge and expertise in formal methods, mathematical logic, and verification tools. The process can be complex, time-consuming, and resource-intensive.
Secondly, the effectiveness of formal verification heavily relies on the quality and capabilities of the available verification tools. If the tools have limitations in terms of supported formal languages, scalability, or accuracy, this may lead to unrecognized code vulnerabilities and consequently to loss of funds, exploits, etc.
To sum up, formal verification is a powerful method for ensuring the security, reliability, and compliance of smart contracts. It enhances trust, transparency, and confidence in smart contracts, particularly in decentralized and trustless environments. While formal verification has some drawbacks, it still remains an essential practice in the Crypto World to mitigate risks, protect assets, and foster the widespread adoption of blockchain-based applications.
If you want to keep reading about the technical aspects of blockchain technology, we have articles about optimistic and zero-knowledge rollups, layers of blockchain, automated crypto trading, and many more.