Exploring the Need for Formal Verification in Smart Contracts

# Exploring the Need for Formal Verification in Smart Contracts

Smart contracts undergo formal verification to ensure their integrity by eliminating bugs, vulnerabilities, and unintended behavior. This process involves an expert expressing the contract's logic as mathematical statements and subjecting them to automated checks against expected behavior models. By combining formal verification with manual auditing, smart contracts receive a thorough evaluation of their security.

## Basics

Smart contracts are computer programs that execute automatically based on predefined conditions within a blockchain network. They can vary in complexity and can hold significant assets of varying values. However, it is important to prioritize the security of smart contract code to prevent potential vulnerabilities.

Security issues in smart contract code can lead to serious consequences, including the theft of assets associated with the contract. Examples from recent years illustrate the risks involved. In one instance, a single typo in a smart contract resulted in the loss of \$50 million from an automated market maker (AMM). Another case involved the accidental distribution of \$80 million in unearned rewards due to a character mistake. Additionally, a bug in a smart contract led to a \$320 million theft from a blockchain bridge.

Ensuring the accuracy and integrity of smart contract programs is crucial. Once deployed, smart contract code becomes publicly accessible, making it vulnerable to exploitation if any weaknesses are discovered. It is often challenging to rectify security flaws in deployed smart contracts, as the code typically cannot be modified after deployment. Therefore, thorough evaluation and rigorous testing are vital to prevent vulnerabilities and safeguard the assets associated with smart contracts.

## The Need for Smart Contract Verification

Smart contract formal verification entails expressing the logic and intended behavior of the contracts through mathematical statements. This process involves the following steps:

• Defining the specifications and desired properties of the contract using formal language.
• Transforming the contract's code into a formal representation, such as mathematical models or logic.
• Utilizing automated theorem provers or model checkers to validate the contract's specifications and properties.
• Iterating the verification process to identify and rectify any errors or deviations from the desired properties.

## Why It's Important

Mathematical reasoning plays a crucial role in ensuring the reliability of formally verified smart contracts. By employing this approach, contracts are thoroughly scrutinized to eliminate bugs, vulnerabilities, and any unintended behavior. Moreover, the application of mathematical reasoning instills trust and confidence in the contract, as its properties are rigorously proven to be correct.

Smart contract verification has played a crucial role in averting significant financial losses and potential disasters. Here are notable examples:

### Uniswap

During the development of Uniswap V1, the smart contract underwent formal verification. This process identified and rectified rounding errors that, if left unresolved, could have drained funds from Uniswap V1.

### Balancer

Balancer V2, another AMM, underwent formal verification as well. This verification process discovered and addressed an incorrect fee calculation related to flash loan functionality within the smart contract. Correcting this vulnerability prevented potential theft.

### SafeMoon

A bug was found in SafeMoon V1 after it was deployed. The bug allowed the contract's owner to give up ownership, then get it back later. This bug was hard to find because it required analyzing specific variable values. Formal verification caught the bug, showing that machines can find vulnerabilities that humans might miss.

## Combining Formal Verification and Manual Auditing

Formal verification offers a systematic and automated method to ensure a contract's logic and behavior align with its intended properties. This approach simplifies the detection and resolution of errors and bugs, even those that are intricate and elusive, which might evade manual inspection.

Manual auditing involves expert scrutiny of a contract's code, design, and deployment. Auditors leverage their experience and proficiency to pinpoint security risks and assess the overall security of the contract. They validate the correctness of the formal verification process and uncover any potential issues that automated tools might miss.

By combining formal verification with manual auditing, a comprehensive and meticulous evaluation of a smart contract's security is achieved. This approach enhances the likelihood of identifying and remedying vulnerabilities. Ultimately, it establishes a defense-in-depth strategy that capitalizes on the unique strengths of both humans and machines.

## Conclusion

To ensure the security of smart contracts, a comprehensive approach combining formal verification and manual auditing is crucial. Formal verification rigorously checks for bugs, vulnerabilities, and unintended behavior, while manual auditing adds human expertise to identify risks. This combined approach enhances the reliability and protection of smart contracts, ensuring their security.

Manual Auditing
Formal Verification
AMM