Development Update: Formal Methods | Ethereum Foundation Blog
I joined Ethereum as a full-time verification engineer. My reasoning: Formal verification only makes sense as a profession in rare circumstances:
- Verification targets follow short, simple rules (EVMs).
- The object carries a lot of value (Eth and other tokens).
- It’s tricky enough to make sure the goals are met (all minor programs).
- And the community knows it’s important to get it right (probably).
My last job as a formal verification engineer prepared me for this challenge. Additionally, I have been working on two projects related to Ethereum. Dr. Y’s Ethereum Contract Analyzer and github repository Coq proof included. These projects are at the opposite extremes of the spectrum between automated analyzers and manual calibration development.
Given the collective impact on the entire ecosystem, I am attracted to automatic analyzers integrated into compilers. Many people will run it and some will notice the warnings. On the other hand, surprising behavior can be considered a bug, so surprising things should be eliminated, but computers cannot detect human expectations. Transferring human expectations to machines requires some manual work. The contract developer must specify the contract in a machine-readable language and provide the machine with reasons why the implementation matches the specification (in most cases, the machine wants more and more hints until the human realizes a bug in the specification). This is labor intensive, but when designing multi-million dollar contracts, this manual effort is justified.
We hope that having someone dedicated to formal methods will allow us to move more quickly in this important and fruitful area, as well as better communicate with academics to connect the various single projects that have emerged over the past few weeks.
Some projects we’d like to tackle in the future include: Most projects will be carried out in collaboration with other teams.
firmness:
- Extend Why3 translation from Solidity to the full Solidity language (can also switch to F*)
- Solidity’s official specifications
- Syntax and semantics of modal logic for reasoning about multiple parties.
Community:
- Create Ethereum’s official verification project map
- Collect buggy Solidity code for automated analyzer benchmarking
- Analyze contracts deployed on the blockchain for vulnerabilities (related to: oente tools)
equipment:
- It provides a format of the EVM that is human- and machine-readable, and is also executable.
- Develop officially validated libraries in EVM bytecode or Solidity
- Developing officially validated compilers for small languages
- Exploring the potential of interaction-oriented languages (“If X happens, do Y. You can only do Z if you’ve done A”)