Short Paper: Formal Verification of Smart Contracts

Ethereum is a cryptocurrency framework that uses blockchain technology to provide an open distributed computing platform, called the Ethereum Virtual Machine (EVM). EVM programs are written in bytecode which operates on a simple stack machine. Programmers do not usually write EVM code; instead, they can program in a JavaScript-like language called Solidity that compiles to bytecode. Since the main application of EVM programs is as smart contracts that manage and transfer digital assets, security is of paramount importance. However, writing trustworthy smart contracts can be extremely difficult due to the intricate semantics of EVM and its openness: both programs and pseudonymous users can call into the public methods of other programs. This problem is best illustrated by the recent attack on TheDAO contract, which allowed roughly $50M USD worth of Ether to be transferred into the control of an attacker. Recovering the funds required a hard fork of the blockchain, contrary to the code is law premise of the system. In this paper, we outline a framework to analyze and verify both the runtime safety and the functional correctness of Solidity contracts in F, a functional programming language aimed at program verification.