A Solicitous Approach to Smart Contract Verification

Abstract: Smart contracts are tempting targets of attacks, since they often hold and manipulate significant financial assets, are immutable after deployment, and have publicly available source code, with assets estimated in the order of millions of US Dollars being lost in the past due to vulnerabilities. Formal verification is thus a necessity, but smart contracts challenge the existing highly efficient techniques routinely applied in the symbolic verification of software, due to specificities not present in general pr… Show more

“…CheckMate complements the state of the art in protocol verification with game-theoretic security analysis, providing economic security guarantees in addition to algorithmic correctness. CheckMate differs from existing static analyzers [4,8,16] of Ethereum smart contracts, as these techniques merely consider cryptographic security and formally verify the Solidity [1] implementation of smart contracts. Formal methods are also used in the cryptographic verification of more general protocols [2,10,14], yet without game-theoretic considerations.…”

“…Once deployed on the blockchain, vulnerabilities cannot be corrected and have the potential for significant monetary loss. Various existing approaches for the analysis and verification of blockchain protocols [2,4,8,14,16,19,20] focus on cryptographic and algorithmic correctness or, in other words, whether it is possible to steal assets or gain secret information. However, economic aspects must also be considered: whether it is possible for a group of users to profit from unintended behavior within the protocol itself, leading to vulnerabilities [12].…”

Scaling CheckMate for Game-Theoretic Security

“…CheckMate complements the state of the art in protocol verification with game-theoretic security analysis, providing economic security guarantees in addition to algorithmic correctness. CheckMate differs from existing static analyzers [4,8,16] of Ethereum smart contracts, as these techniques merely consider cryptographic security and formally verify the Solidity [1] implementation of smart contracts. Formal methods are also used in the cryptographic verification of more general protocols [2,10,14], yet without game-theoretic considerations.…”

“…Once deployed on the blockchain, vulnerabilities cannot be corrected and have the potential for significant monetary loss. Various existing approaches for the analysis and verification of blockchain protocols [2,4,8,14,16,19,20] focus on cryptographic and algorithmic correctness or, in other words, whether it is possible to steal assets or gain secret information. However, economic aspects must also be considered: whether it is possible for a group of users to profit from unintended behavior within the protocol itself, leading to vulnerabilities [12].…”

Scaling CheckMate for Game-Theoretic Security

CHC Model Validation with Proof Guarantees

Deductive verification of smart contracts with Dafny