KindHML: formal verification of smart contracts based on Hennessy-Milner logic

TL;DR

This paper introduces an automated verification method for smart contracts using Hennessy-Milner logic, enabling the detection of complex temporal property violations beyond current tools.

Contribution

It provides a fully automated encoding of Solidity contracts into Lustre for model checking with Kind 2, supporting expressive temporal properties.

Findings

Effectively verifies complex temporal properties of smart contracts.

Detects attack scenarios beyond existing analysis tools.

Demonstrates promising performance on a benchmark of smart contracts.

Abstract

Smart contracts deployed on blockchains such as Ethereum routinely manage large amounts of assets, making their security critical. Empirical studies show that real-world attacks often exploit flaws in the business logic of contracts that unfold across multiple transactions, such as liquidity or front-running attacks. Detecting these attacks requires reasoning about expressive temporal properties beyond the capabilities of existing analysis tools. In this paper, we present an automated approach to the formal verification of smart contracts, enabling the specification and verification of complex temporal properties. Our approach provides a fully automated encoding into Lustre -- the specification language supported by the Kind 2 model checker -- of an expressive subset of Solidity contracts and temporal specifications based on first-order Hennessy-Milner Logic. This encoding allows us to leverage Kind 2 to determine whether the contract respects the specification or not. We implement our approach in a toolchain that integrates the translation and verification steps, and we evaluate its effectiveness and performance on a benchmark of smart contracts and temporal properties capturing complex attack scenarios. Our results show that the proposed approach can effectively verify non-trivial temporal properties of smart contracts and detect violations that are beyond the reach of existing analysis tools.