Scale or Die at Accelerate 2025: Kompass: Navigating Formal Verification for SPL Token at Scale

Runtime Verification unveils Compass, a revolutionary formal verification tool set to transform the landscape of Solana smart contract security. This groundbreaking development promises to elevate the robustness and reliability of decentralized applications on the Solana blockchain.

Summary

Top Projects

Lulo

Score: 7,586.13

Bonk

Score: 4,806.12

Sphere

Score: 2,544.42

Moonwalk

Score: 2,026.11

Danny from Runtime Verification introduced Compass, an innovative formal verification platform designed specifically for Solana smart contracts. Developed in collaboration with the Solana Foundation, Compass aims to provide developers with a powerful tool to enhance the security and reliability of their code.

Formal verification, as explained by Danny, is a rigorous mathematical approach to proving the correctness of software. It goes beyond traditional testing methods by exhaustively exploring all possible states and transitions within a smart contract. This comprehensive analysis allows developers to catch unknown bugs and edge cases that might be missed by conventional testing techniques.

The introduction of Compass to the Solana ecosystem represents a significant leap forward in smart contract security. By making formal verification more accessible to developers, Runtime Verification is paving the way for a new era of high-assurance decentralized applications on Solana. This tool has the potential to dramatically reduce the occurrence of costly bugs and vulnerabilities, ultimately fostering greater trust and adoption of Solana-based projects.

Key Points:

Benefits of Formal Verification

Formal verification offers several advantages over traditional testing methods. While unit testing and fuzzing are quick to implement and can find some bugs, they don't provide a guarantee of catching all potential issues. Formal verification, on the other hand, offers a high level of assurance by mathematically proving the correctness of code.

This approach is particularly valuable in the blockchain space, where smart contract vulnerabilities can have severe financial consequences. By implementing formal verification, developers can significantly reduce the risk of unknown bugs and edge cases that might otherwise go undetected. Additionally, formal verification proofs can be integrated into continuous integration (CI) pipelines, providing ongoing guarantees throughout the development lifecycle.

Compass: Runtime Verification's Solution for Solana

Compass is Runtime Verification's formal verification platform specifically designed for Solana smart contracts. Developed with support from the Solana Foundation, Compass brings the power of formal verification to the Solana ecosystem. The tool is open-source and accessible to all developers, aligning with Runtime Verification's commitment to transparency and community-driven development.

Compass utilizes symbolic execution to analyze smart contracts. It treats Solana as a state machine, where accounts store data that is manipulated by transactions. By exhaustively exploring all possible paths and states within a smart contract, Compass can identify potential vulnerabilities and edge cases that might be missed by traditional testing methods.

Accessibility and Integration for Developers

One of the key goals of Compass is to make formal verification more accessible to developers. Runtime Verification aims to "meet developers where they are at" by providing tools that can be easily integrated into existing development workflows. This approach allows developers to take ownership of the verification process, leveraging their deep understanding of their own code and business logic.

Compass operates at the MIR (Mid-level Intermediate Representation) level, which strikes a balance between low-level precision and high-level expressiveness. This design choice allows for reasonable proof sizes, improving performance and scalability. Additionally, working at the MIR level makes it easier for developers to map verification results back to their original source code.

Ongoing Development and Future Plans

Runtime Verification is currently in the process of verifying the SPL Token program using Compass. The team is taking an "as-needed" approach to developing the semantics and prover capabilities, implementing features as they are required for the verification of SPL Token.

Following the completion of the SPL Token verification, Runtime Verification plans to tackle the staking program. The team is also open to verifying other smart contracts in the Solana ecosystem, inviting interested parties to get in touch about potential collaboration opportunities.

Facts + Figures

• Runtime Verification has been delivering formal verification solutions in the blockchain space since 2017
• The company has worked with major players in the industry, including Optimism, Arbitrum, and Term Finance
• Compass is being developed with funding support from the Solana Foundation
• The tool operates at the MIR (Mid-level Intermediate Representation) level of Rust code
• Formal verification can explore all possible paths and states within a smart contract
• Major tech companies like Microsoft and Amazon have been using formal verification teams for years
• Implementing formal verification has led to improved performance, reliability, and lower maintenance costs for these companies
• Runtime Verification has successfully delivered verification at scale for other blockchain ecosystems, including Ethereum, MultiversX, and Stellar
• The team is currently in the process of verifying the SPL Token program
• Future plans include verifying the Solana staking program

Top quotes

1. "Formal verification is the solution to all of your software woes."
2. "It is probably-- no, I argue it is the most effective tool in your toolbox to guarantee software security."
3. "We take a transparency first approach to the way that we provide this tooling and allow developers to go and access it freely themselves."
4. "Solana is a state machine. On chain, there are some accounts that are storing some data. And it gets manipulated into another state by a transaction, which performs a state transition."
5. "We define the bug. It allows us to explore all of the paths and reconcile with all of them. This enables us to catch unknown bugs, bugs we don't know about."
6. "Developers can write their own specifications better than people who aren't familiar with their code. They already understand the business logic."
7. "We want to bring to Solana through Compass verification at the MIR level."
8. "These formal verification proofs are stopping bugs going into production."

Questions Answered

What is Compass and why is it important for Solana developers?

Compass is a formal verification platform developed by Runtime Verification specifically for Solana smart contracts. It's important because it provides developers with a powerful tool to enhance the security and reliability of their code. By using mathematical proofs to verify the correctness of smart contracts, Compass can catch unknown bugs and edge cases that might be missed by traditional testing methods, ultimately leading to more robust and secure decentralized applications on Solana.

How does formal verification differ from traditional testing methods?

Formal verification differs from traditional testing methods like unit testing and fuzzing by providing a mathematical proof of a program's correctness. While traditional methods test specific scenarios, formal verification exhaustively explores all possible states and transitions within a smart contract. This comprehensive approach allows developers to catch unknown bugs and edge cases that might be missed by conventional testing techniques, offering a higher level of assurance about the security and reliability of the code.

Why did Runtime Verification choose to implement Compass at the MIR level?

Runtime Verification chose to implement Compass at the MIR (Mid-level Intermediate Representation) level for several reasons. Working at the MIR level strikes a balance between low-level precision and high-level expressiveness. It allows for reasonable proof sizes, which improves performance and scalability. Additionally, the MIR level makes it easier for developers to map verification results back to their original source code. This choice also allows Compass to benefit from improvements made to MIR by other teams working on Rust verification.

How can developers integrate Compass into their workflow?

Developers can integrate Compass into their workflow by incorporating formal verification proofs into their continuous integration (CI) pipelines. This allows for ongoing verification throughout the development lifecycle. Compass is designed to be accessible and user-friendly, enabling developers to take ownership of the verification process. By leveraging their deep understanding of their own code and business logic, developers can write specifications and verify their smart contracts more effectively.

What are the future plans for Compass and formal verification on Solana?

Runtime Verification is currently focusing on verifying the SPL Token program using Compass. After completing this, they plan to verify the Solana staking program. The team is also open to verifying other smart contracts in the Solana ecosystem and invites interested parties to get in touch about potential collaboration opportunities. The long-term goal is to make formal verification a standard practice in Solana smart contract development, enhancing the overall security and reliability of the ecosystem.