Formal Verification Solutions

Certora provides comprehensive formal verification tools and services that deliver mathematical certainty that smart contract code behaves correctly under all possible conditions. Unlike traditional testing or fuzzing approaches that can only verify specific scenarios, Certora's solutions use advanced mathematical analysis to check every possible contract state and execution path.

Certora Prover

Certora Prover is the industry's leading formal verification tool for smart contracts, providing mathematical certainty through automated theorem proving. Developers write formal specifications in the Certora Verification Language (CVL), which has syntax similar to Solidity but with additional features for expressing mathematical properties. Prover then compares these specifications against the smart contract bytecode, identifying any scenarios where the code could violate the expected behavior. The tool provides concrete call traces for any violations found, making it easy to understand and fix issues.

Key Features

• Mathematical verification of all contract states and paths (not just sampled scenarios)
• Integration into CI/CD pipelines for continuous verification on every commit
• Shareable bug reports through the Prover Dashboard
• Support for Solidity smart contracts on EVM-compatible chains
• Customizable timeout limits for complex verification jobs
• CVL specification language designed for blockchain properties

Pricing Tiers

Prover offers three tiers: Basic (free, up to 2,000 minutes/month runtime, Discord support), Premium (unlimited access, setup/onboarding support, up to 10 team members, specification review), and Enterprise (unlimited access, custom rule writing by Certora experts, training and dedicated support, incident response). The free tier allows developers to learn formal verification and run Prover on smaller projects, while Premium and Enterprise tiers serve production protocols with extensive verification needs.

Gambit Mutation Testing

Gambit is an open-source Solidity mutation testing tool designed to evaluate and strengthen testing suites for smart contracts. Mutation testing works by introducing controlled faults (called mutants) into contract code and measuring whether the test suite can detect these changes. The more mutants a test suite detects (or kills), the more robust and comprehensive it is.

Gambit automatically generates mutated versions of Solidity contracts by traversing the abstract syntax tree and identifying valid mutation points. Development teams then run their test suites against these mutants to see if the tests catch the introduced faults. One of Gambit's unique strengths is its integration with Certora Prover - teams can use Gambit-generated mutants to evaluate not just traditional tests but also formal specifications written in CVL.

Key Features

• Open-source tool that works with any Solidity project
• Fast, extensible mutation generator for Solidity smart contracts
• Adaptive mutations that identify semantically meaningful mutation points
• Integration with both testing tools (Foundry, Hardhat) and verification tools (Certora Prover)
• Gambit Dashboard for visualizing mutation testing results
• Targeted mutations with declarative configuration for focusing on specific code sections

Enterprise Formal Verification Services

Certora's Enterprise offering provides ongoing security analysis and verification for fast-moving protocol teams that need continuous, hands-on security support. Rather than one-time audits, Enterprise clients engage Certora as a long-term security partner, with dedicated experts working alongside their development team to ensure security at every stage of the development lifecycle.

What's Included

Custom Formal Specifications: Certora's team of formal verification experts crafts comprehensive CVL rules tailored to the client's specific protocol logic, economic mechanisms, and security requirements. These specifications go far beyond generic checks, encoding the unique invariants and properties that define correct behavior for the protocol.

Unlimited Prover Access: Enterprise clients receive unlimited access to Certora Prover with no restrictions on runtime minutes and the highest possible timeout limits for complex verification jobs.

Continuous Security Model: Rather than point-in-time audits, Enterprise clients work with Certora on an ongoing basis. As code evolves, Certora's team continuously updates and re-runs specifications, catching security issues before they reach production.

Training and Onboarding: Certora provides comprehensive training to help client development teams understand formal verification concepts and learn to write and maintain CVL specifications themselves. This knowledge transfer enables teams to integrate formal verification into their internal development practices.

Dedicated Support: Enterprise clients receive dedicated support channels with fast response times from Certora's security researchers and verification experts.

Incident Response: In the event of a security incident anywhere in the DeFi ecosystem that could potentially impact the client's protocol, Certora's team joins the war room to rapidly assess risk, mitigate potential vulnerabilities, and find solutions that keep users safe.

Use Cases and Benefits

Formal verification excels at catching hard-to-find bugs that emerge from complex state interactions. Certora's solutions have been instrumental in securing major DeFi protocols like Aave, Compound, and Balancer, finding vulnerabilities that traditional audits missed. The tools are particularly valuable for protocols with high TVL where security bugs could result in massive financial losses. By providing mathematical guarantees rather than probabilistic assurances, Certora gives protocol teams and users the highest level of confidence in smart contract security.