Blockchain Project Produces Complete Formal Semantics of Ethereum Virtual Machine
Blockchain research and development company IOHK has announced that its research project with the University of Illinois at Urbana-Champaign (UIUC) has modelled complete, fully-executable formal semantics of the Ethereum Virtual Machine (EVM). The research produced a framework, called KEVM, for formal execution, analysis, and verification of EVM smart contracts.
The Ethereum Foundation and IC3, an initiative of faculty members at Cornell University, Cornell Tech, UC Berkeley, the University of Illinois at Urbana-Champaign, and the Technion, selected KEVM as the winner of its week-long blockchain development event called the ‘IC3-Ethereum Crypto Boot Camp’. Led by Professor Grigore Rosu and PhD student Everett Hildenbrandt, the IOHK-funded KEVM research project competed against nine other teams to emerge the winner.
Rosu, from the UIUC’s Siebel Center for Computer Science and CEO of Runtime Verification, said: “The pressing need to address repeated security vulnerabilities and high-profile failures in Ethereum smart contracts hasn’t been adequately addressed by existing formal verification and program analysis tools. No fully-formal, rigorous, comprehensive, and executable semantics of EVM existed until now, leaving a lack of rigor on which to base such tools. I am delighted to announce KEVM, the first complete and fully executable formal semantics of the Ethereum Virtual Machine. KEVM, which allows us to formally verify properties of EVM-based smart contracts in a correct-by-construction and cost-effective manner, is significant because Ethereum users need the guarantees of formal verification to safeguard against financial losses due to software bugs. This work serves as a foundation for the development of new smart contract analysis tools; more importantly, it gives us invaluable insight on how to design better programming languages for smart contracts,”
KEVM passes the official 40,683-test stress test suite for EVM implementations and also reveals ambiguities and potential sources of error in the existing on-paper formalization of EVM semantics.
Rosu added: “KEVM has demonstrated that our unique approach based on K formal executable semantics is feasible and not computationally restrictive. We hope our work serves as a strong basis for the development of a wide range of useful, formally-derived tools for Ethereum, like model checkers, certified compilers, and program equivalence checkers.”
Formal verification is an integral aspect of IOHK’s approach to developing cryptocurrencies, as the company recognizes that only mathematical proofs can guarantee correctness.
Development of KEVM continues to be open-source, in line with IOHK’s mission to improve and mature the blockchain industry as a whole. IOHK recognizes the importance of open development to the security of the Ethereum community at large, and is committed to ensuring this work is available to everyone for use and audit.
IOHK CEO, Charles Hoskinson said: “This research has given us a great degree of insight into what one should do to redesign the EVM to make it more secure, faster, and more efficient. It will now be easier to build tooling for the EVM, such as verified compilers. This white paper is the result of our first wave of research into this area. Based on this research, IOHK will begin building prototypes and our hope is to have an EVM 2.0 ready next year, as part of Cardano, a product we are currently building.”
Notable attendees of the IC3-Ethereum Crypto Boot Camp where the KEVM research was awarded first prize included Ethereum Co-Founder and Chief Scientist Vitalik Buterin, Ethereum Foundation Executive Director Ming Chan, and IC3 Executive Director Jim Ballingall.