Formal verification really shows its value when it helps avoid just one P0 incident in production and speeds up the procurement process with solid, audit-ready evidence. Here’s a down-to-earth playbook to help you figure out when to make that investment, what to verify, and how to connect your proofs to ROI, deadlines, and SOC 2 deliverables.

Formal Verification: When is it Worth the Cost?

“We can’t justify formal verification to procurement, and we can’t afford a post‑launch incident”

So, your Solidity code is diving into some regulated workflows or managing customer balances, but budget owners often see formal verification as just something “academic” while they’re really keen on getting that SOC 2 Type II evidence instead.
You’re working with rollups and ZK stacks, where even a tiny mistake in arithmetic or something going wrong with upgradeability can blow up into a service-level incident or even freeze on-chain governance.
Engineers are raising red flags about new compiler and chain features (like EOF/“Osaka” and EIP‑4844 blobs) that shift the way we look at things, while compliance needs to have a solid paper trail before you go live. Solidity's SMTChecker has made some strides, but with blobs, blob base fees, and EOF support, the game changes on what you can prove and how you go about testing it. (soliditylang.org)

The real cost of “ship now, verify later”

When it comes to losses, they really pile up during a handful of disastrous incidents. Back in 2025, around $3.4 billion in cryptocurrency was snatched away, with three major hacks--like Bybit’s massive breach costing about $1.4 to $1.5 billion--making up nearly 69% of those losses. Companies are often judged by these outlier events rather than the average scenarios. (theblock.co)
The number of personal-wallet hacks skyrocketed, hitting about 158,000 cases with roughly 80,000 victims affected. On top of that, breaches involving private keys on centralized platforms increased too, prompting some serious discussions at the board level about how internal controls and supplier trust are managed. (theblock.co)
Nowadays, regulators and customers want to see real, demonstrable controls in place. This means having a solid mapping of invariants that can be tested or verified, continuous monitoring, and proof of incident response exercises. Your SOC 2 audit is going to require verifiable gates in your Software Development Life Cycle (SDLC) and authentic change management docs, not just empty promises.

Bottom line: Saying “skip formal methods” might seem like a cost-saving move at first, but just wait until a zero-day vulnerability hits. That’s when you'll be dealing with emergency shutdowns, customer notifications, and those pesky high-friction procurement reviews for every deal down the line.

7Block Labs’ pragmatic approach: prove what matters, automate the rest

We're all about those correctness properties that really impact how money flows, track data lineage, and keep operations running smoothly. Plus, we make sure to connect them to evidence that your procurement and security teams can actually use.

1) Invest where the probability‑impact curve is steep

Use Verification Selectively Across These Trigger Conditions:

When it comes to using verification, it's smart to be a bit choosy about when and where you apply it. Here’s a breakdown of some trigger conditions that might need a closer look:

User Actions
Only verify actions that significantly impact the system or user experience. For example, if a user changes sensitive information like their password or email, definitely run a verification check.
High-Value Transactions
For transactions that involve substantial amounts of money or critical changes (like account upgrades), applying verification is a must to avoid fraud and errors.
Suspicious Behavior
Keep an eye on any unusual activities. If something seems off--like multiple logins from different locations in a short time--it's a good idea to trigger verification.
Changes to Security Settings
Any adjustments to security settings should trigger a verification process, ensuring that the person making the change is authorized to do so.
New Device Logins
If a user logs in from an unfamiliar device, it's wise to implement verification to confirm their identity.
Unverified Accounts
For accounts that are new or haven't been verified yet, applying verification steps in certain scenarios can help bolster security.

By selectively using verification across these trigger conditions, you can enhance your overall system security without overwhelming users with unnecessary checks. Just remember to strike the right balance!

Custody or balance-affecting state machines like vaults, escrows, and RWA ledgers.
Non-linear math, rounding, and transitions that depend on time, including AMMs, interest accrual, and vesting. (arxiv.org)
Upgradability, proxy setups, and role topologies that involve complex admin processes and emergency pauses.
Cross-domain bridge and oracle dependencies where you have to balance liveness and safety trade-offs.
Ensuring circuit correctness for ZK apps, especially when under-constrained constraints can lead to silent failures. (arxiv.org)

If you’ve got two or more triggers at play, it’s a good idea to include a dedicated formal verification workstream right in your engineering plan--rather than just adding it on as an afterthought during an audit.

2) Property‑driven development (PDD): from English requirements to machine‑checked rules

We turn business invariants into specs that you can actually execute:

In Solidity:
- The Solidity SMTChecker is great for doing bounded and CHC-style multi-transaction reasoning. You can choose different engines or solvers depending on how complex your module is, like Z3, Eldarica, or cvc5. The newer releases of Solidity have introduced support for blobs (like block.blobbasefee and blobhash) and experimental EOF, which means you can track properties that align with modern EVM semantics instead of sticking to the old pre-Dencun assumptions. Check it out here: (docs.solidity.org).
- Scribble is awesome for running specs and property-based fuzzing, helping you quickly identify violations and generate SOC 2-friendly test evidence (think coverage, seeds, and seeded regressions). You can find more info at (diligence.consensys.io).
- For protocol-level proofs, the Certora Prover comes in handy with its CVL rules and invariants (like balances, authorization, interest/fee invariants, and liquidation math). Make sure to utilize the latest CLI v5 features that offer exhaustive parametric rules and split rules to dodge those pesky timeouts. Get the details at (docs.certora.com).
- KEVM/Kontrol is perfect for symbolic debugging, especially for those low-level or assembly-heavy paths where typical dapp-tooling just doesn’t cut it. You can find it on their GitHub: (github.com).
When it comes to ZK circuits, we’ve got some cool tools and techniques:
- Static analyzers and algebraic checkers (like AC4) are super helpful for spotting those pesky under/over-constraint bugs. You can check it out here.
- Then there’s zkFuzz, a fuzzing framework that dives into trace-constraint inconsistencies that static tools might overlook. More on that can be found here.
- We’re also seeing some promising circuit verifiers emerging, such as ConsCS and CIVER, which can machine-check Circom tags, pre/postconditions, and weak-safety properties on a larger scale. If you're curious, check out the details here.

3) CI/CD gates with measurable outcomes

Pipeline stages:
- Linting/static: We use tools like Slither and Mythril alongside assembly diff checks to keep our code clean.
- Unit/integration/fuzz/invariants: Foundry is our go-to here, and we spice things up with Scribble‑instrumented properties.
- Model checking: For this step, we roll with the solc SMTChecker, leveraging CHC+BMC whenever it fits the bill.
- Deep proofs: We dive deep using Certora/Kontrol jobs, which we shard by rule to dodge timeouts (--split_rules). Check out the details in the Certora docs.
Evidence packaging: We package everything up with JUnit‑style reports, prover dashboards, counter‑example traces, and signed artifacts (commit‑pinned), all in line with SOC 2 CC 8.x and our change‑management controls.

4) “Proof budget” that respects delivery dates

We tackle sequence verification by looking at the risk involved and how tough the solving process is:

Bronze (1-2 weeks): Focus on keeping those must-hold invariants in Scribble and use fuzzing, plus run SMTChecker on the hot paths. Don’t forget to validate the incident playbook while you're at it!
Silver (2-4 weeks): Time to step it up! Introduce Certora rules for cross-contract invariants and upgrade boundaries, and dive into KEVM for the inline assembly sections.
Gold (4-8 weeks): Let’s go big! We'll tackle end-to-end protocol properties, weigh the liveness/safety trade-offs, and work on ZK circuit consistency proofs for those critical circuits--think membership, range checks, and custody proofs.

This isn’t just some needless paperwork. It’s a well-defined insurance policy that procurement can easily file, and the regulators will totally get it.

Real-Life Examples of Formal Methods at Work

Formal methods might sound a bit dry, but they're super valuable in various fields. Here are some quick snapshots that show where they really shine:

Aerospace

In the aerospace industry, safety is a top priority. For instance, companies like Boeing use formal methods to ensure that their software for flight control systems behaves correctly under all circumstances. By mathematically proving that the software will handle unexpected situations, they enhance safety and reliability.

Telecommunications

Telecom giants like Ericsson rely on formal methods to verify their protocols. They create models that simulate communications networks to check for issues like deadlocks or unexpected behavior. This ensures that your calls and data connections are smooth and reliable.

Automotive

With self-driving cars on the rise, the automotive sector is turning up the heat on safety measures. Companies such as Tesla and Waymo use formal methods to verify critical components like collision avoidance systems. By rigorously checking the software, they aim to prevent accidents and improve passenger safety.

Cybersecurity

In the tech world, security is a hot topic. Formal methods are employed to verify encryption protocols and secure systems against attacks. For example, Microsoft has utilized these methods to ensure that their critical systems are robust against potential vulnerabilities.

Robotics

In robotics, where precision is key, formal methods come into play to verify motion planning algorithms. Companies like Boston Dynamics use these techniques to guarantee that their robots can navigate complex environments without crashing into things or causing accidents.

Critical Systems

In fields like medical device manufacturing, formal methods help ensure software reliability. Organizations like Philips employ these techniques to demonstrate the safety and effectiveness of devices like pacemakers, reducing the risk of failure.

Software Development

Finally, in software development, many teams use formal methods to verify algorithms and data structures. For instance, companies like Facebook apply these practices to ensure that their backend systems are scalable and efficient, preventing bugs before they reach the end user.

By incorporating formal methods across these industries, organizations can bolster safety, enhance reliability, and ultimately improve their products.

Key Business Invariant

The fundamental principle here is that the total assets should always be greater than or equal to the product of total supply and the minimum redemption price. In simpler terms:

totalAssets >= totalSupply * minRedemptionPrice

This ensures that there's enough backing for the total supply in circulation.

Make sure to set up the CI with the Solidity model checker flags:
- Use settings.modelChecker.engine=all, and set solvers=[z3] as well as targets=[underflow,overflow,assert,arithmetic,balance] for handling multi-transaction flows like deposit → accrue → redeem.
- Just a heads-up: the latest solc version includes some blob-related features and an EOF experiment. Don’t forget to change the EVM version to "Osaka" so it lines up with your deployment target. Check out the details here.

Pseudo-assertion inside a test helper:

When it comes to writing tests, using pseudo-assertions in your test helpers can help you keep your code clean and readable. Here’s a quick rundown on how you can implement them effectively.

What Are Pseudo-Assertions?

Pseudo-assertions are basically methods that check certain conditions and return a boolean value instead of throwing an error when the condition isn't met. It’s a neat way to keep your testing flow smooth without cluttering your code with try/catch blocks.

Example

Here’s a simple example to illustrate the concept:

function assertIsTrue(condition) {
    return condition === true;
}

// Usage
if (assertIsTrue(someCondition)) {
    console.log("The condition is true!");
} else {
    console.log("The condition is false.");
}

Why Use Them?

Cleaner Code: Your tests can stay neat and tidy without lots of error handling.
Flexibility: You can swap out pseudo-assertions for actual assertions when needed.
Readability: They make your intentions clear in the tests, so it's easier to follow what you're checking.

Wrapping Up

Incorporating pseudo-assertions into your test helpers can streamline your testing process and enhance code readability. Just be mindful to use them where they make sense, and you’ll find your testing life a lot easier!

assert(vault.totalAssets() >= vault.totalSupply() * minRedemptionPrice);

Add a Scribble Property for Cross-Function Preservation:

When diving into the world of Scribble, it's pretty clear that having a solid structure can make a huge difference, especially when it comes to cross-function preservation. Here’s a quick guide on how to effectively add this property:

Why Cross-Function Preservation Matters

Cross-function preservation is all about maintaining the integrity of data across various functions in your system. This means that whatever changes are made in one area should be consistently reflected across others, preventing any chaos down the line.

Steps to Add the Scribble Property

Define the Functionality: Start by outlining what you want this property to accomplish. Think about how different functions interact with the data.
Implement the Scribble Property: Use the Scribble syntax to introduce your new property. Here’s a quick example:
```
property crossFunctionPreservation {
    ensures (output == input);
}
```
Test Thoroughly: After implementing, it's crucial to run tests to ensure that your property is doing its job. Make sure changes in one part of your application are reflected elsewhere as they should be.
Document Everything: Don't forget to keep track of your changes and document the property. This will help anyone else working on the project to understand your thought process and the purpose behind the property.

Final Thoughts

Adding a Scribble property for cross-function preservation might seem like a small task, but it can really help keep your application tidy and efficient. By following these steps, you can ensure that your functions are working in harmony, leading to a smoother experience for everyone involved. Happy coding!

/// #if_updated vault.totalAssets()
///     invariant __solvency: __old(vault.totalAssets()) + inflow >= vault.totalAssets();

Scribble helps your fuzzers snag any path that breaks solvency before a prover job even gets a chance to run. Check it out here: (diligence.consensys.io)

Authorization rule with Certora CVL

Critical Access Control Must Hold Across Upgrades and Delegatecalls

When dealing with smart contracts, it's super important to ensure that your access control mechanisms stay intact, even when you're upgrading the contracts or using delegate calls. Here’s a quick rundown on why this is crucial:

Consistency: Access control helps keep who can do what clear and consistent. If this control changes unexpectedly during upgrades or delegate calls, it could lead to some serious security issues.
Upgrade Safety: When you upgrade a contract, you typically want to improve functionality or fix bugs. But if access control isn't properly managed, you might accidentally give more access than intended or, worse, lock out users.
Delegate Calls: With delegate calls, you're executing code from another contract while preserving the context of the calling contract. If the called contract contains faulty access control, it could undermine the entire system's integrity.

Here are some best practices to maintain control:

Use Proven Patterns: Implement established patterns like Ownable or Role-based access control to simplify management.
Audit Regularly: Regular code audits can help catch potential vulnerabilities that might mess with access control.
Testing: Develop comprehensive test cases that cover all scenarios, especially for upgrades and delegate calls.
Limit Delegate Calls: Only use delegate calls when absolutely necessary, and ensure they're well-audited.

By focusing on these areas, you can ensure that your access control remains robust, even as your contracts evolve!

rule onlyAdminCanSetConfig(address caller) {
  env e;
  require e.msg.sender == caller;
  assume isExternallyOwnedAccount(caller);
  // try setting a sensitive config via proxy
  method setRescueRole(address newRole);
  assert invariant AdminOnly: getRole(caller) == ADMIN;
}

CVL v5 brings some cool updates, like enhanced support for parametric rules and a neat way to break down heavy rules across different jobs. This helps prevent timeouts, making your CI process way more reliable. Check out the details in the official docs!

Example C -- ZK circuit consistency (Circom) with tags + algebraic checks

For a range-proof circuit, make sure to check both bit-decomposition and non-negativity:

Include CIVER tags:

spec_tags {binary} bit { 0 <= bit && bit <= 1 }
spec_tags {maxbit} x   { 0 <= x && x <= 2**x.maxbit - 1 }

Use --check_tags and --check_postconditions to double-check your semantics and postconditions. To cover all bases, throw in AC4 to catch any under or over-constraint issues from a polynomial viewpoint. And don't forget to add zkFuzz to tweak witness generation and reveal any mismatches in trace or constraints. (github.com)

When formal verification is worth it (and when it isn’t)

Use This Quick Decision Rubric:

When you find yourself needing to make a decision, try out this handy rubric. It's designed to help you weigh your options and find clarity. Here’s what you need to consider:

Define the Problem:
- What decision are you facing? Write it down to get a clear view.
Gather Information:
- What do you know about the situation? List out the facts that can help guide your choice.
Identify Your Options:
- What are your possible paths? Jot down at least three alternatives.
Weigh the Pros and Cons:
- For each option, think about the benefits and downsides. A simple table can work wonders here:
Option Pros Cons
Option 1 - Benefit 1
- Benefit 2 - Downside 1
- Downside 2
Option 2 - Benefit 1
- Benefit 2 - Downside 1
- Downside 2
Option 3 - Benefit 1
- Benefit 2 - Downside 1
- Downside 2
Consider the Impact:
- Who will this choice affect? Think about how it might change things for you and others.
Make the Decision:
- Once you've weighed everything, go with the option that feels right.
Reflect on the Outcome:
- After you’ve made your choice, take a moment to think about how it turned out. What did you learn?

Option	Pros	Cons
Option 1	- Benefit 1 - Benefit 2	- Downside 1 - Downside 2
Option 2	- Benefit 1 - Benefit 2	- Downside 1 - Downside 2
Option 3	- Benefit 1 - Benefit 2	- Downside 1 - Downside 2

Use this rubric next time you're stuck in decision-making limbo! It can really help to clarify your thoughts and lead you toward the best choice.

Worth the Cost Now

If you're holding custody balances or tokenized assets, or if you've got some regulatory stuff like SOX or SOC 2 going on, having solid controls can really help reduce risks in your sales cycles.
The math can get pretty complex--think AMMs, interest rates, caps, and rebates--all those factors can seriously affect your funds if you're not careful. Check out this arxiv article for more info.
Plus, there are cool features like upgrades, timelocks, and emergency switches that can help manage things in case of human mistakes or governance issues.
And let's not forget about ZK circuits; they can sometimes be under-constrained, which could lead to silently accepting invalid witnesses. You can read more about it in this arxiv article.

Defer or Stick with Bronze Tier

Focus on pure front-ends or data dashboards--think no custody and no funds movement.
Use temporary POCs where the code won’t interact with production data. Instead, keep promotion gated behind Silver tier proofs.

A Quick Note on DeFi Protocols You Might Want to Work With

Just a heads up: some popular DeFi systems have had their share of issues when it comes to public formal verification reports. For instance, DeFiSafety once mentioned “No” for Uniswap v3. On the flip side, there are others that have made some progress. For example, MetaTrust Labs has verified the swap path for Uniswap v3, and Aave's components come with Certora proofs.

So, when you're looking at vendor claims, think of them as just one piece of the puzzle--not a sure thing. It's super important to double-check and verify your integration boundaries.

You can find more details at defisafety.com.

Emerging best practices (2025-2026) you should adopt

Align solc and chain targets with proof engines:
- Solidity version 0.8.29 introduces support for blob base fee/hash in SMTChecker. Make sure to use the “Osaka” EVM along with the experimental EOF backend when it makes sense, and don’t forget to pin the versions in your CI. (soliditylang.org)
Prefer “properties first, proofs second”:
- Kick things off with Scribble macros (ERC‑20/4626) to quickly gather a list of property inventory. Once you’ve got that, focus on moving the high-value properties into Certora/Kontrol. (diligence.consensys.io)
For ZK:
- Before diving into pricey theorem proving, make sure to run algebraic constraint checkers (AC4) and fuzzers (zkFuzz). If you're working with Circom, check out ConsCS/CIVER to help scale your checks. (arxiv.org)
Treat bridges/oracles as first‑class adversaries:
- It’s important to write liveness and safety assumptions as clear properties. Also, make sure to verify pause/rescue paths and look into incident RACI during those tabletop drills.

ROI and procurement framing that actually closes deals

Decision makers aren't just looking to purchase "proofs"; they want to minimize expected losses and speed up the audit process.

Expected Loss Framing:
- So, expected loss (EL) is pretty much calculated like this: EL ≈ Probability(incident in 12 months) × Impact.
- Given that we've seen some serious outlier losses lately--like, the top 3 hacks accounted for nearly 69% of the total service losses projected for 2025--your “tail” risk really ends up dominating the EL calculation. Even if you’re looking at a small chance, say around 0.2% to 0.5% annually on a $100M at risk, you're still talking about an expected loss between $200k and $500k. Investing in a scoped Silver-tier verification that can help prevent just one major incident pays for itself almost right away. (theblock.co)
SOC 2 Alignment:
- It’s all about mapping your properties and tests to the CC 8.x change controls, SDLC, and incident response playbooks. Don’t forget to export artifacts like test runs, prover reports, and counterexamples; they’ll serve as solid audit evidence later.
Audit Cycle Compression:
- When you head into external audits, come prepared with a test suite backed by verifications and a history of counterexample triage. This strategy can really help lower finding severity, cut down on the number of review rounds, and speed up the time it takes to get signoffs.
GTM Enablement:
- Nowadays, enterprise buyers are really looking for assurance around on-chain components. Being able to present machine-checked properties can seriously speed up the process for security questionnaires and InfoSec reviews.

What 7Block Labs delivers (and how it ties to outcomes)

We combine the precision of Solidity and ZK with timely delivery and ready-to-use procurement evidence.

Scoping with risk tiers, not blank checks:
- We choose between Bronze, Silver, and Gold verification packages that fit your budget and timeline.
Code + proofs + evidence:
- Our repos come packed with Foundry tests, Scribble properties, fuzz seeds, solc SMTChecker configs, plus optional Certora proofs. We keep commits pinned, store solver logs, and even export JUnit for auditors.
CI gates that never surprise PMO:
- We break down heavy rules to dodge timeouts, establish clear pass/fail criteria, and set up dashboards for stakeholders. (docs.certora.com)
Incident playbooks:
- We go through the motions of validating pause/upgrade paths, defining emergency procedures, and setting up monitoring hooks.

Relevant Capabilities:

If you're looking to build and strengthen your stack, check out our custom blockchain development services and security audit services.
For those production-ready application layers, we offer top-notch smart contract development and dApp development.
Planning for enterprise rollouts and integrations? Our blockchain integration and cross-chain solutions have got you covered.
When it comes to tokenized assets and compliance workflows, dive into our asset tokenization and asset management platform development.

Proof points from the ecosystem:

Aave’s got some solid backing: their components--like GHO, Vaults, and V3 upgrades--have public Certora proof reports. This shows that their formal methods do a great job of spotting bugs early and making sure everything runs smoothly. Check it out here.
The toolchain is definitely gaining momentum! With solc’s SMTChecker and EOF/“Osaka” support really coming into its own by 2025, and Certora CLI v5 stepping up coverage and parallelism, things are looking good for developers. Plus, Kontrol/KEVM is making it even easier for everyone to jump in and start coding. You can see more about it here.
ZK circuit verification is shifting from just a research topic to something practical. With algebraic checkers and fuzzing frameworks now catching those tricky under- and over-constraint bugs that usual tests can miss. If you want to dive deeper, check out the details here.

A CFO‑level checklist: is formal verification worth it for this project?

If three or more of these apply, just say “Yes”:

Custody of funds or changes in balance
Non-linear math that involves rounding thresholds
Upgradeability or proxy patterns featuring privileged roles
Dependencies on bridges or oracles, or sequencing across different domains
Zero-Knowledge circuits where accepting invalid witnesses could lead to serious problems
Well-known customers require SOC 2/ISO 27001 proof in the MSA/SOW

If the answer is “Yes,” set aside about 10-20% of your build efforts for verification. It’s best to front-load this during the property definition and CI gates. If the answer is “No,” stick with the Bronze tier and make sure to take another look during the pre-audit hardening phase or just before you add any admin or upgrade features.

Implementation timeline (example)

Week 0-1: Start by scoping out risks and taking an inventory of the property based on user stories and the threat model. We’ll set up continuous integration (CI) with tools like Scribble/Fuzzing and the solc SMTChecker. Check it out here.
Week 2-3: Time to add some CVL rules to handle cross‑contract invariants. We'll also split up the heavy jobs and kick off our initial KEVM passes, especially where there’s inline assembly involved. More info can be found here.
Week 4: Let’s dive into ZK circuits! We’ll run AC4/zkFuzz/ConsCS, tackle any under/over‑constraint issues, and lock in our SRS/verifier configurations while generating the on‑chain verifiers. Check out the details here.
Week 5: We'll focus on exporting evidence for SOC 2 and run some tabletop drills for pause/upgrade scenarios. Finally, we’ll wrap up the pre‑audit package.

We incorporate this into our delivery sprints to ensure the Gantt chart keeps us on track for the mainnet launch.

The pragmatic takeaway

You definitely don’t need “full formal verification” all over the place. What you really want are the right properties for the right modules--make sure to prove them where the big risks are and keep them enforced continuously in your CI.
Go for modern, chain-aware toolchains: you’ve got solc’s CHC engine for tackling multi-tx properties, plus Certora/Kontrol for nailing down protocol invariants, and AC4/zkFuzz/ConsCS when it comes to ZK circuits.
Think of proofs as GTM assets. They help lower expected losses, shorten audit cycles, and speed up your enterprise procurement process.

Ready to connect the dots between proofs and outcomes--think SOC 2 evidence, speedier audit sign-offs, and a reduced chance of incidents--all while keeping deadlines in check?

Book a 90-Day Pilot Strategy Call

Ready to take the next step? Let’s set up a 90-Day Pilot Strategy Call! Just click the link below to get started:

Schedule Your Call

Like what you're reading? Let's build together.

Get a free 30-minute consultation with our engineering team.

Talk to us View services