Skip to content
Smart contracts which are formally verified
Branch: master
Clone or download
Latest commit 79de062 Jun 13, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.build .k.rev: 302f3831b7ab70a6626a84178027a8f16054185b All the fixes in Con… Jun 4, 2019
bihu Full migration to kevm-imap. Projects using old map model now depend … Apr 30, 2019
casper Full migration to kevm-imap. Projects using old map model now depend … Apr 30, 2019
deposit Update README.md Jun 12, 2019
erc20 .k.rev: 302f3831b7ab70a6626a84178027a8f16054185b All the fixes in Con… Jun 4, 2019
gnosis Full migration to kevm-imap. Projects using old map model now depend … Apr 30, 2019
k-test Full migration to kevm-imap. Projects using old map model now depend … Apr 30, 2019
proxied-token Full migration to kevm-imap. Projects using old map model now depend … Apr 30, 2019
resources kprove.mak: cloning K submodules. Required for more recent K. Jun 4, 2019
script scripts: integration with --debugg option for log dumping. Jul 6, 2018
uniswap .k.rev: 302f3831b7ab70a6626a84178027a8f16054185b All the fixes in Con… Jun 4, 2019
.editorconfig success-no_return Feb 6, 2019
.gitignore .gitignore Mar 19, 2018
.gitmodules remove submodule .build/evm-semantics Nov 1, 2018
.travis.yml .travis.yml Dec 10, 2018
Dockerfile Dockerfile: install Haskell stack Feb 5, 2019
Jenkinsfile Jenkinsfile: increasing stack to -Xss48m to eliminate occasional Stac… Apr 18, 2019
LICENSE.md License under The Reproducibility License 1.1.0 (#226) May 28, 2019
Makefile Makefile: added Bihu to Jenkins suite. Apr 18, 2019
Makefile.bak add .NOTPARALLEL to top-level makefile Nov 30, 2018
README.md License under The Reproducibility License 1.1.0 (#226) May 28, 2019
run-proofs.sh Proxied token formal verification #71 (#75) Nov 23, 2018

README.md

Formally Verified Smart Contracts

This repository contains smart contracts that have been formally verified by Runtime Verification and/or collaborators.

To verify a smart contract, we need to first produce a formal specification stating what the smart contract is supposed to do. This is often the most difficult part of the verification effort, requiring sometimes several rounds of discussions and meetings with the owners of the smart contract, to ensure that everybody is on the same page regarding the intended functionality of the smart contract. Not surprisingly, many bugs or opportunities for improvement in the smart contract code are found at this early stage. Then we need to show that the binary or low-level code (e.g., EVM binary or IELE code) generated by the compiler from the smart contract high level code (e.g., Solidity or Vyper) indeed satisfies the specification. In our approach the proofs use reachability logic, a generalization of Hoare logic, separation logic and modal logic, and are performed using the K-framework. The K framework takes a formal semantics of a language as trusted input (e.g., that of EVM or IELE), and then uses it to symbolically execute the smart contract exhaustively on all paths, making use of SMT solvers like Z3 to solve the mathematical domain constraints.

List of Verified Smart Contracts

Resources

We use the K-framework and its verification infrastructure throughout the formal verification effort. All of the formal specifications are mechanized within the K-framework as well. Therefore, some background knowledge about the K-framework would be necessary for reading and fully understanding the formal specifications and reproducing the mechanized proofs. We refer the reader to the following resources for background knowledge about the K-framework and its verification infrastructure.

License

Copyrightable work in this repository is licensed by Runtime Verification, Inc. under the terms of The Reproducibility License 1.1.0, a restrictive license. That license is very readable, and you should read it. Most will want to pay special attention to its Reproducibility section.

Other parts of the proof toolchain, including the K-framework, are licensed under different, open source terms, like those of The University of Illinois/NCSA Open Source License.

Disclaimer

This repository does not constitute legal or investment advice. The preparers of this repository present it as an informational exercise documenting the due diligence involved in the secure development of the target contract only, and make no material claims or guarantees concerning the contract's operation post-deployment. The preparers of this repository assume no liability for any and all potential consequences of the deployment or use of this contract.

The formal verification results presented here only show that the target contract behaviors meet the formal (functional) specifications. Moreover, the correctness of the generated formal proofs assumes the correctness of the specifications and their refinement, the correctness of KEVM, the correctness of the K-framework's reachability logic theorem prover, and the correctness of the Z3 SMT solver. The presented result makes no guarantee about properties not specified in the formal specification. Importantly, the presented formal specification considers only the behaviors within the EVM, without considering the block/transaction level properties or off-chain behaviors, meaning that the verification result does not completely rule out the possibility of the contract being vulnerable to existing and/or unknown attacks.

Smart contracts are still a nascent software arena, and their deployment and public offering carries substantial risk. This repository makes no claims that its analysis is fully comprehensive, and recommends always seeking multiple opinions and audits.

This repository is also not comprehensive in scope, excluding a number of components critical to the correct operation of this system.

The possibility of human error in the manual review process is very real, and we recommend seeking multiple independent opinions on any claims which impact a large quantity of funds.

You can’t perform that action at this time.