There is arguably no other domain in which the prospect of formal verification is as promising as in the area of smart contracts. Smart contracts are small- to medium-sized programs which are strongly isolated from external components. They handle high-value digital assets, and correctness is of utmost importance. Many large-impact bugs and exploits have been documented over the years. Bug bounty programs for contracts are common in the industry, offering awards in the millions of dollars, making the cost of bugs exorbitant, and the motivation for better solutions high. Move is a newer smart contract language used by multiple blockchains and has been designed at Meta from the ground up with formal verification in mind, featuring an integrated specification language and semantics well suited for formal reasoning. This opportunity resulted in the Move Prover [Dill et al., 2022], a tool that has been successfully used in the exhaustive formal verification of Diem at Meta, as well as for the frameworks of the Aptos protocol [Park et al., 2024]. However, even though extensive work has been invested in the Move Prover to make it feasible for regular developers, most applications of the prover required specifically skilled engineers and tedious detail work to succeed, preventing it from going mainstream. In this talk, we explore the state-of-the-art of formal verification for Move. We identify the challenges that users face when trying to apply formal verification and point out future research directions to improve the expressiveness and usability of the Move Prover.
@InProceedings{grieskamp:OASIcs.FMBC.2025.1, author = {Grieskamp, Wolfgang}, title = {{Is Formal Verification Practical?}}, booktitle = {6th International Workshop on Formal Methods for Blockchains (FMBC 2025)}, pages = {1:1--1:2}, series = {Open Access Series in Informatics (OASIcs)}, ISBN = {978-3-95977-371-3}, ISSN = {2190-6807}, year = {2025}, volume = {129}, editor = {Marmsoler, Diego and Xu, Meng}, publisher = {Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik}, address = {Dagstuhl, Germany}, URL = {https://drops.dagstuhl.de/entities/document/10.4230/OASIcs.FMBC.2025.1}, URN = {urn:nbn:de:0030-drops-230287}, doi = {10.4230/OASIcs.FMBC.2025.1}, annote = {Keywords: Formal verification, smart contracts, Move} }
Feedback for Dagstuhl Publishing