
IELE: A Formally-Specified VM for the Blockchain (2017) - nickpsecurity
https://runtimeverification.com/blog/?p=498
======
nickpsecurity
Both @adamnemecek and I have said the blockchain ventures might be a good way
to get money into formal methods development. Rosu's group is wisely doing
just that: using their K Framework [1] to build a VM for blockchains both as a
demo of its utility and way to possibly get funding into it. The K Framework
is the tool they used to build an executable, formal semantics for C setup to
work like GCC compiler. Since it uses K, Rosu et al say those developments
automatically "yield an interpreter, debugger, state space search tool, and
model checker 'for free.'" Before blockchain stuff, Rosu spun off the tool
into a company for static analysis of C and Java programs with the one for C
claiming to catch a lot of bugs. They claim they get no false positives [3]
thanks to the semantics.

What makes me bring K up more than some tools is that the rewriting/equational
tools such as Maude [4] and K (originally done on Maude) get a lot less
attention than HOL or Coq. That's despite their model making some kinds of
verifications really easy in comparison to how people typically use the
others. Anyone wanting to play with a different style of formal method might
want to check out Maude and/or K. Rosu also keeps a list of project ideas for
K, the simplest being a new language. Rust or Nim with a translator to their C
semantics would be a nice one with a lot of benefits on the language using K's
tools or output using C-oriented tools.

[1]
[http://www.kframework.org/index.php/Main_Page](http://www.kframework.org/index.php/Main_Page)

[2]
[https://github.com/kframework/c-semantics](https://github.com/kframework/c-semantics)

[3]
[https://runtimeverification.com/match/1.0-SNAPSHOT/docs/benc...](https://runtimeverification.com/match/1.0-SNAPSHOT/docs/benchmark/)

[4]
[http://maude.cs.illinois.edu/w/index.php?title=The_Maude_Sys...](http://maude.cs.illinois.edu/w/index.php?title=The_Maude_System)

Note on title: Changed it to indicate what part of the work stands out a bit
since there's too many blockchain languages and VM's to track at this point.
People who'd like the capabilities for blockchains or a totally-unrelated use-
case might filter prematurely with original title.

