<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Formal-Verification on Gustavo Grieco: blockchain security researcher</title><link>https://gustavo-grieco.github.io/tags/formal-verification/</link><description>Recent content in Formal-Verification on Gustavo Grieco: blockchain security researcher</description><generator>Hugo</generator><language>en-US</language><copyright>Copyright © 2025, Gustavo Grieco.</copyright><lastBuildDate>Fri, 19 Jun 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://gustavo-grieco.github.io/tags/formal-verification/index.xml" rel="self" type="application/rss+xml"/><item><title>Adventures in Automated Smart Contract Testing: A Spark Is Born</title><link>https://gustavo-grieco.github.io/blog/a-spark-is-born/</link><pubDate>Fri, 19 Jun 2026 00:00:00 +0000</pubDate><guid>https://gustavo-grieco.github.io/blog/a-spark-is-born/</guid><description>&lt;p>&lt;strong>TL;DR.&lt;/strong> We &lt;em>proved&lt;/em> the core accounting math of &lt;a href="https://docs.spark.fi/dev/savings/spark-psm">Spark&amp;rsquo;s PSM3&lt;/a> (share price, conversions, swap quotes) against the real bytecode: sixty properties, verified for every input up to &lt;code>uint128&lt;/code>. The proofs run in Echidna&amp;rsquo;s verification mode on top of hevm&amp;rsquo;s arithmetic abstraction, which is still &lt;strong>experimental&lt;/strong> code, in review as &lt;a href="https://github.com/argotorg/hevm/pull/1075">argotorg/hevm#1075&lt;/a>. All the verification code is in &lt;a href="https://github.com/gustavo-grieco/spark-psm/tree/symbolic-conversion-proofs">our spark-psm branch&lt;/a> if you want to check it. What resisted exact proof got monotonicity and rounding bounds that still rule out the attacks; everything else went to a fuzzing campaign: some 80 hours and roughly 700 million executions against the repo&amp;rsquo;s own fuzz tests and eight stateful invariants. All clean, except one small bug in the invariant harness itself. &lt;strong>Prove the core, fuzz the rest.&lt;/strong>&lt;/p></description></item></channel></rss>