Security Analysis and Formal Verification on Blockchain and its Applications

Blockchains have become an integrated part of our finance infrastructures. Being monetary yet fully automated, blockchains and their applications are unanimously deemed impracticable before undergoing necessary verification. This monograph reviews the previous attempts at verifying two fundamental properties of blockchains: correctness (where flaws lead to unintentional damages) and security (where vulnerabilities incur attacks and losses). First, it summarizes and categorizes the correctness and security flaws encountered by real-world blockchains. Second, it systematizes the development of formal verification to address the flaws in blockchains, covering the aspects of models, specifications, and techniques. Third, it unveils the progress of security analysis for mitigating the flaws, unveiling the analysis principles being followed, the flaw oracles being devised, and the detection methods being used. Finally, it summarizes the challenges remaining to be addressed, followed by our vision of the trend in the near future. Throughout this monograph, we anticipate shedding light on future blockchain verification advances, especially in expanding its applicability, making specification generation easier, and discovering previously unknown vulnerabilities. By identifying gaps such as missing tools for infrastructure-level components and the difficulty of writing formal specifications, this work aims to motivate the development of more automated, intelligent, and practical verification frameworks.