While the immutability of smart contracts ensures unparalleled trust and transparency, it is also a doubleedged sword, as any coding errors can lead to substantial financial losses and complex mitigation endeavours. VeriSolid is a security mitigation tool that offers a ‘correct by design’ platform, enabling developers to create and verify smart contracts using predefined property templates. After ensuring the correctness of the design, VeriSolid facilitates the automatic generation of equivalent Solidity code. Our motivational example is a prominent decentralized exchange (DEX), Uniswap, which is responsible for over 82% of DEX transactions. Our experiments uncover and resolve verification issues in two out of four VeriSolid templates. Additionally, we propose seven new templates, enhancing the VeriSolid platform through its open-source project. This research endeavor has yielded a significant enhancement in VeriSolid’s coverage percentage, which represents the percentage of available software requirement specifications that can be formally represented and verified in VeriSolid. This study increased it from 45.6% to 90.5% based on a dataset consisting of 555 requirement specifications, thus enabling the verification of a wider range of property specifications.
Revisiting Formal Verification in VeriSolid: An Analysis and Enhancements / Chahoki, A. Z.; Roveri, M.; Amyot, D.; Mylopoulos, J.. - ELETTRONICO. - 3629:(2023), pp. 55-60. (Intervento presentato al convegno 5th Workshop on Artificial Intelligence and Formal Verification, Logic, Automata, and Synthesis, OVERLAY 2023 tenutosi a Italy, Rome nel 6-9th November 2023).
Revisiting Formal Verification in VeriSolid: An Analysis and Enhancements
Roveri, M.;Mylopoulos, J.
2023-01-01
Abstract
While the immutability of smart contracts ensures unparalleled trust and transparency, it is also a doubleedged sword, as any coding errors can lead to substantial financial losses and complex mitigation endeavours. VeriSolid is a security mitigation tool that offers a ‘correct by design’ platform, enabling developers to create and verify smart contracts using predefined property templates. After ensuring the correctness of the design, VeriSolid facilitates the automatic generation of equivalent Solidity code. Our motivational example is a prominent decentralized exchange (DEX), Uniswap, which is responsible for over 82% of DEX transactions. Our experiments uncover and resolve verification issues in two out of four VeriSolid templates. Additionally, we propose seven new templates, enhancing the VeriSolid platform through its open-source project. This research endeavor has yielded a significant enhancement in VeriSolid’s coverage percentage, which represents the percentage of available software requirement specifications that can be formally represented and verified in VeriSolid. This study increased it from 45.6% to 90.5% based on a dataset consisting of 555 requirement specifications, thus enabling the verification of a wider range of property specifications.File | Dimensione | Formato | |
---|---|---|---|
paper9.pdf
accesso aperto
Descrizione: Revisiting Formal Verification in VeriSolid
Tipologia:
Versione editoriale (Publisher’s layout)
Licenza:
Creative commons
Dimensione
339.21 kB
Formato
Adobe PDF
|
339.21 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione