Clear: Formal Verification Framework for Solidity Smart Contracts

The blockchain development community has been in long need of powerful approaches of smart contract security and integrity.

## Introduction and Abstract

This new formal verification system will transform the manner in which developers can establish the correctness of their Solidity smart-contracts. It is more flexible than other conventional automated methods of theorem-proving by being more human-programmable, but also provides more flexibility in the expression and demonstration of correctness properties than before.

This gives developers an easier starting position of building proofs that specifications derive out of the abstract representation.

The framework compiles computer-checkable proofs of correctness of Yul smart contracts into a sub-language of the Lean proving assistant, and it can compile specifications to execute them on the EVM compliant with tests to verify model correctness.

It takes advantage of the rich mathematical libraries and proof automation of the Lean ecosystem, and thus this method has more manual intervention than other known methods of automation, but any correctness argument writable on paper can be computer-proven.

The framework accesses effective mathematical formalization libraries and domain-specific automation options. Nevertheless, as many basic mathematical theorems illustrate, there will always be statements provable in no proven system powerful enough to prove them.

To facilitate the trust foundation to the fullest, the framework has been supported by grant funding to test semantics against Ethereum conformance test suites and to extend the model to the newest Ethereum upgrade plans. This improved model will be published as a public good.

The framework includes a verification condition generator, which is able to extract Yul programs into the Lean proof assistant. It not only breaks programs down into manageable blocks that are easy to reason about but it also generates simplified descriptions of these block semantics.

The framework also supports the writing of proofs through the provision of a library of theorems and automation tools. The proofs can then be checked with the help of the LeanCompiler, the proof-checking kernel of which is somewhat smaller, but which is currently thought to be bug-free in the sense of accepting proofs of false propositions.

This approach has the advantage that it allows writing any property that can be written and proved formally on paper and checking with the LeanCompiler, which has a relatively small proof-checking kernel and is currently believed to be bug-free in the sense of accepting proofs of false propositions. This flexibility is stronger than most of the automated methods which are constrained by in-built reasoning of methods.

Compositionality and Abstraction

Compositionality and abstraction properties imply that proved components of code are preserved by their use in new situations. This enables the replacement of large parts of the sophisticated code with simple statements of their actions.

It can even support the safe substitution of code implementations by alternative but semantically equivalent ones, e.g. optimizing algorithms and maintaining correctness guarantees.

The framework provides extensible controlled automation by means of custom procedures yielding proofs verified by the underlying system. This has a major reduction of manual work and the verification guarantees are preserved.

The framework has three key components which collaborate to offer extensive verification power:

• Model of the Yul EVM dialect which explains the semantics of the Yul code in the proof assistant environment. This is what gives reasoning about the behavior of programs its underlying semantics
• Collection of custom tactics and theorems specially crafted to make it easier to write proofs about Yul programs. These tools process common patterns and operations which occur frequently in smart contract verification
• Verification condition generator establishes proof templates with high-level structure and automatically produces proofs that simplify Yul programs to canonical forms. These verification conditions are no longer specified in terms of the Yul language, but rather in a more approachable way

The verification is a structured process. The users start with a Yul program and compile it with special compiler options to produce a code that satisfies the structural assumptions of the framework. This code is then processed by the verification condition generator to generate the required infrastructure of proof.

The framework assumes some structure of Yul codes.

Practical Implementation: Multiplication Function

To implement a multiplication function, the following structural requirements must be met by compiling the following code with specific compiler flags. This example shows how the framework is able to manage user-written functions and arbitrary control flow structures.

The multiplication process has two inputs and does a multiplication by adding one value to an accumulator the required number of times.

Running the verification condition generator on a program generates a structured file hierarchy with its generated files. The general structure consists of:

• Generated files in respect to each Yul file and a contract
• Other common subfolders of abstracted blocks of code

The framework automatically decomposes programs into units and produces integration logic to ensure that composed units are the original program. Each elementary code block produces three types of files which can be easily reasoned, reuseable components and better performance and scalability.

The Yul program code and framework-specific reasoning includes verification conditions and proofs that running block of code results in a verification condition are represented in the generated family files. These files bridge the specification/satisfaction and code execution, and special care should be taken with user family files as these are the files generated by the framework that contain the verification logic which user is required to complete.

To fill logical gaps, the system needs to give conditional behavior specifications. In order to express loop control semantics the system offers utilities do routine operations such as break out of loop and access variables in program states.

Loops are very difficult to verify with a verification system, and this is in part due to the inductive reasoning that is often required of such a system. The framework deals with this by giving systematic specifications of loop components.

The user needs to specify:

• Termination conditions
• Post-iteration behavior
• Loop body behavior
• Loop invariants in general

The framework supports the description of loop semantics of simple variable updates to elaborate conditional logic. Although this kind of technicality might not look very transparent at first, it makes sure that all execution possibilities are covered.

With specifications established, a user must demonstrate that verification conditions can prove the specified specifications. The framework offers massive automation to process typical pattern of proofs.

Custom tactics are used to process:

• Store manipulations in variables
• Control flow reasoning
• Other common verification problems

These automated methods contribute a substantial amount of reduction of the manual effort required to perform the proofs and still uphold the extreme level of verification.

The proof process usually starts by unfolding the corresponding abstractions since these proofs are directly connected to the user-defined properties. It applies the framework to automate a great deal of verification conditions with general-purpose cleanup tactics used to manage technical details such as variable store operations, and state transitions.

The framework is a complex tool to turn any Yul program into a set of statements of what the program is expected to do and prove that the code satisfies the expectations. Programs are initially translated to programs with consistency proofs in an abstract representation, giving simplifying starting points to further specification proofs.

Patterns in Yul program reasoning, like operations on a variable store, are handled by custom automation procedures.

Further Development

Further development contains a number of notable improvements:

• Reliable hash model will have correct cryptographic operation semantics
• Modeling of cross-contract call will allow the reasoning about intricate patterns of interaction
• Semantic accuracy will be checked by gas modeling through the consideration of the execution cost
• Adherence to the most recent changes of Ethereum upgrades plans will make it compatible with the existing network behavior
• Improving usability will enable users to make everyday use more efficient and user-friendly

Further work can be done to extract Ethereum execution clients out of the specifications and create formally verified Yul to EVM bytecode compilers.

The framework builds on a wide range of mathematical and computer science libraries in its underlying proof system. These libraries offer formalized concepts which often occur during reasoning about programs, greatly simplifying the effort needed to do complex proofs.

Custom tactics are based on a strong metaprogramming environment without compromising on verification. The composable nature of automation, anchored on observed usage patterns, is what ensures that usability continues to improve over time.

The architecture to encode Yul directly in the proof environment, this makes the interface transparent and natural to developers used to the language, and offer capabilities never before seen in automated verification to ensure that code is correct.