Security Analysis and Formal Verification on Blockchain and its Applications
Kang Li, Ronghui Gu, Jun Xu, Zhaofeng Chen, Siwei Wu, Yajin Zhou, Mu Zhang, Xiapu Luo, Yuzhe Tang, Yi Li, Xiaokuan Zhang, and Yibo Wang
Foundations and Trends in Privacy and Security, 2025
Abstract: Blockchains have become an integrated part of our finance infrastructures. Being monetary yet fully automated, blockchains and their applications are unanimously deemed impracticable before undergoing necessary verification. This monograph reviews the previous attempts at verifying two fundamental properties of blockchains: correctness (where flaws lead to unintentional damages) and security (where vulnerabilities incur attacks and losses). First, it summarizes and categorizes the correctness and security flaws encountered by real-world blockchains. Second, it systematizes the development of formal verification to address the flaws in blockchains, covering the aspects of models, specifications, and techniques. Third, it unveils the progress of security analysis for mitigating the flaws, unveiling the analysis principles being followed, the flaw oracles being devised, and the detection methods being used. Finally, it summarizes the challenges remaining to be addressed, followed by our vision of the trend in the near future. Throughout this monograph, we anticipate shedding light on future blockchain verification advances, especially in expanding its applicability, making specification generation easier, and discovering previously unknown vulnerabilities. By identifying gaps such as missing tools for infrastructure-level components and the difficulty of writing formal specifications, this work aims to motivate the development of more automated, intelligent, and practical verification frameworks.
Cite:
@article{Li2025SAF,
author = {Li, Kang and Gu, Ronghui and Xu, Jun and Chen, Zhaofeng and Wu, Siwei and Zhou, Yajin and Zhang, Mu and Luo, Xiapu and Tang, Yuzhe and Li, Yi and Zhang, Xiaokuan and Wang, Yibo},
doi = {10.1561/3300000044},
issn = {2474-1558},
journal = {Foundations and Trends in Privacy and Security},
number = {1},
pages = {1-121},
title = {Security Analysis and Formal Verification on Blockchain and its Applications},
url = {http://dx.doi.org/10.1561/3300000044},
volume = {8},
year = {2025},
bdsk-url-1 = {http://dx.doi.org/10.1561/3300000044}
}