Formal Verification: Definition, Smart Contract Example & Audit Notes

Formal Verification

Formal verification uses mathematical methods to prove that code satisfies specified properties under stated assumptions.

Formal verification tries to prove a contract always follows a rule, not just test examples.

Formal Verification Explained in Detail

Formal verification checks code against precise properties. Instead of testing selected examples, it tries to prove that a property always holds within a defined model.

The quality of the result depends on the quality of the specification and assumptions.

Smart contract example

For all users: userBalance <= totalAssets

This kind of property can be modeled and checked more rigorously than a few hand-picked tests.

Formal Verification in Auditing

Formal verification is useful for critical invariants, token accounting, state machines, access-control rules, and upgrade safety.

It does not replace manual review. A proof can be correct and still prove the wrong property.

Red flags in code

Specifications are vague or incomplete.
Assumptions exclude realistic attacker behavior.
Properties prove implementation behavior instead of intended behavior.
External calls and integrations are oversimplified.
Counterexamples are not investigated.

How to test or review it

Write properties in plain language before encoding them.
Review every assumption.
Check counterexamples and reproduce feasible ones.
Pair formal methods with fuzzing and manual review.
Focus on core invariants around funds, permissions, and state transitions.

Sources

https://docs.soliditylang.org/en/latest/smtchecker.html