In this blog post, we present what we do at Formal Land 🌲, what tools and services we are developing to provide more security for our customers 🦸. We believe that for critical applications such as blockchains (L1, L2, dApps) you should always use the most advanced technologies to find bugs, otherwise bad actors will do and overtake you in the never-ending race for security 🏎️.
Formal verification is one of the best techniques to ensure that your code is correct, as it checks every possible input ✨ of your program. For a long, formal verification was reserved for specific fields, such as the space industry 🧑🚀. We are making this technology accessible for the blockchain industry and general programming thanks to tools and services we develop, like coq-of-solidity and coq-of-rust.
To ensure your code is secure today, contact us at 📧contact@formal.land! 🚀
Formal verification goes further than traditional audits to make 100% sure you cannot lose your funds. It can be integrated into your CI pipeline to make sure that every commit is correct without running a full audit again.
We make bugs such as the DAO hack ($60 million stolen) virtually impossible to happen again.
Company
We have existed for three years, focusing on formal verification for the web3 industry to validate software 🛡️ where safety is of paramount importance. Formal verification is a technique to analyze the code of a program, which relies on making a mathematical proof that the code is correct, proof that is furthermore checked by a computer 🤓 to make sure there are absolutely no missing cases! As programs are made of 0 and 1 and fully deterministic, obtaining perfect programs is something we can reach.
We need to rely on a proof system. We exclusively use the 🐓 Coq proof system as it is both:
- 🌌 A generic proof system We can represent any programming languages and security properties in Coq.
- 💕 A well known system Coq is taught in many universities and has a large community of users, with complex software such as the C compiler CompCert fully implemented and verified in it.
We choose to verify existing 🗿 code rather than to develop new code written in a style simplifying formal verification. This is generally harder, but it is also more useful for many of our customers who have already written code and want to ensure it is correct without rewriting it. Verifying the existing code also enables the verification of the optimizations, which generally involve low-level operations that would be forbidden when rewriting the code in a formal verification language.
We verify the actual 🌍 implementation of programs rather than a 🗺️ model of them. This is to capture all the implementation details, such as integer overflows or the use of specific data structures or libraries. We believe that a lot of bugs are hidden in the details (the devil is in the details), in addition to the high-level bugs of design. Verifying the implementation also helps to follow code updates 🪜 as we are able to say that we verified the code for a precise commit hash.