Lesson 19 of 23
In Progress

Formal Verification of Smart Contracts

Formal verification is a method of mathematically proving that a system, in this case a smart contract, meets certain specified properties. It is a way to ensure that the contract functions as intended and does not contain any unintended flaws or vulnerabilities. Formal verification can be applied to various aspects of a smart contract, including its code, behavior, and security.

Why is Formal Verification Important for Smart Contracts?

Smart contracts are immutable, meaning once they are deployed to the blockchain, they cannot be modified. This means it is crucial to ensure that the contract is correct and secure before deployment. Formal verification allows developers to catch errors and bugs early in the development process, saving time and resources.

In addition, smart contracts handle valuable assets and sensitive information, making them a target for malicious attacks. Formal verification can help identify potential vulnerabilities and security issues, ensuring that the contract is robust and resistant to attacks.

Tools and Frameworks for Formal Verification

There are several tools and frameworks available for formal verification of smart contracts. Some popular options include:

  • K Framework: An open-source framework for defining programming languages and formally verifying programs written in those languages.
  • Coq: A proof assistant for developing and formally verifying software.
  • Solidity Verifier: A tool for formally verifying Solidity contracts.
  • Mythril: A security analysis tool for Ethereum smart contracts.

Example: Formal Verification with K Framework

The K Framework is a general-purpose tool for defining programming languages and formally verifying programs written in those languages. It can be used to define a custom language for writing smart contracts, or to verify existing contracts written in languages like Solidity.

Here is an example of using the K Framework to formally verify a simple Solidity contract:

pragma solidity ^0.6.0;

import "https://github.com/kframework/k/blob/master/k-distribution/definition/src/main/resources/solidity/solidity-k.k"

contract SimpleContract {
    uint public balance;

    function add(uint amount) public {
        balance = balance.add(amount);

  imports SOLIDITY-K
  syntax Exp ::= Uint

  rule <k> Uint(x) => x </k>
  rule <k> Uint(x) => Uint(x + 1) </k>

  rule add(Uint(x), Uint(y)) => Uint(x + y)
  rule sub(Uint(x), Uint(y)) => Uint(x - y)

  rule balance(Uint(x)) => x
  rule add(Uint(x), Uint(y)) => add(x, y)


In this example, the K Framework is used to define a custom language for formally verifying Solidity contracts. The syntax and rules of the language are defined in the SIMPLE-CONTRACT-VERIFIER module. The add function of the SimpleContract is verified using the add rule, which states that the function takes in two Uint values and returns the result of their addition.


In conclusion, formal verification is a powerful tool for ensuring the security and correctness of smart contracts. By using mathematical proofs to validate the behavior of code, developers can ensure that their contracts will behave as intended, even in unforeseen circumstances. While it can be a complex process, the benefits of formal verification far outweigh the time and resources required to implement it. By incorporating formal verification into their development process, blockchain developers can greatly reduce the risk of vulnerabilities and bugs in their contracts, giving users and stakeholders greater confidence in the security and reliability of their applications.


To review these concepts, we will go through a series of exercises designed to test your understanding and apply what you have learned.

Implement a simple contract with a function that adds two integers together and returns the result. Use the Solidity assert function to verify that the result of the function is correct.

pragma solidity ^0.6.0;

contract SimpleAddition {
    function add(int a, int b) public pure returns (int result) {
        result = a + b;
        assert(result == a + b);

Use the Solidity require function to verify that the input to a function is within a certain range. Implement a function that takes an integer as input and verifies that it is between 0 and 100.

pragma solidity ^0.6.0;

contract NumberRangeChecker {
    function checkNumberInRange(int number) public {
        require(number >= 0 && number <= 100, "Number must be between 0 and 100");

Use the Solidity revert function to prevent a contract from executing if certain conditions are not met. Implement a function that takes an integer as input and verifies that it is even. If the number is odd, the function should revert the transaction.

pragma solidity ^0.6.0;

contract EvenNumberChecker {
    function checkNumberIsEven(int number) public {
        if (number % 2 != 0) {
            revert("Number must be even");

Use a third-party library, such as the OpenZeppelin SafeMath library, to prevent integer overflow and underflow in a contract. Implement a simple contract that has a function that adds two integers together and stores the result in a contract variable. Use the SafeMath library to ensure that the result is within the range of a 256-bit integer.

pragma solidity ^0.6.0;

import "https://github.com/OpenZeppelin/openzeppelin-solidity/contracts/math/SafeMath.sol";

contract SafeIntegerAddition {
    using SafeMath for uint256;

    uint256 public result;

    function add(uint256 a, uint256 b) public {
        result = a.add(b);

Use a testing framework, such as Truffle, to write unit tests for a contract. Write a test that verifies that the add function in the SafeIntegerAddition contract correctly adds two integers together and stores the result in the result variable.

const SafeIntegerAddition = artifacts.require("SafeIntegerAddition");

contract("SafeIntegerAddition", () => {
    it("should add two integers correctly", async () => {
        const instance = await SafeIntegerAddition.deployed();
        await instance.add(5, 7);
        const result = await instance.result();
        assert.equal(result, 12, "Result was not correct");