SOLC-VERIFY: A Modular Verifier for Solidity Smart Contracts

We present SOLC-VERIFY, a source-level verification tool for Ethereum smart contracts. SOLC-VERIFY takes smart contracts written in Solidity and discharges verification conditions using modular program analysis and SMT solvers. Built on top of the Solidity compiler, SOLC-VERIFY reasons at the level of the contract source code, as opposed to the more common approaches that operate at the level of Ethereum bytecode. This enables SOLC-VERIFY to effectively reason about high-level contract properties while modeling low-level language semantics precisely. The properties, such as contract invariants, loop invariants, and function pre- and post-conditions, can be provided as annotations in the code by the developer. This enables automated, yet user-friendly formal verification for smart contracts. We demonstrate SOLC-VERIFY by examining real-world examples where our tool can effectively find bugs and prove correctness of non-trivial properties with minimal user effort.