defirisk.co
rubric v1.7.0

Formal verification coverage

A code & audits factor in the v1.7.0 rubric. Measured per protocol on a s cadence.

Methodology how we score #

**What this measures** This factor records the percentage of a protocol's declared critical invariants that are covered by formal verification proofs, using tools such as Certora Prover, Kani, Halmos, or equivalent formal methods frameworks. The measurement requires the protocol to have a published list of critical invariants (e.g., 'total collateral always exceeds total debt') and at least one formal verification report referencing those invariants. The data source is the FV report and protocol documentation.

**Why it matters** Formal verification provides mathematical proof that specified properties hold across all possible inputs and state transitions -- a qualitatively different guarantee from fuzz testing or audit review. KyberSwap Elastic ($48M, 2023) lost funds to a sub-microscopic precision failure in tick-crossing arithmetic that survived multiple audit rounds; formal verification of the tick boundary invariants would have been the only method capable of detecting the specific edge case before deployment. The MonoX self-swap bug ($31.4M, 2021) similarly exploited a mathematical property that two auditors missed but that could have been caught by a formal model of the token pricing invariants. Formal verification coverage is a P2 signal -- it adds meaningful signal for complex AMMs and lending protocols but is not yet an industry baseline.

**Green / Yellow / Red** Green: at least 80% of the protocol's declared critical invariants have formal verification proofs attached to the currently deployed code. Yellow: formal verification exists but covers less than 80% of declared critical invariants, or covers a prior code version rather than the currently deployed bytecode. Red: no formal verification of any kind exists for any critical invariant.

**Common gray cases** Most protocols do not publish an invariant list or commission formal verification; this factor is legitimately gray for the large majority of DeFi protocols at the current state of industry practice.

**Notable historical examples** - **KyberSwap Elastic** ($48M, 2023): Tick arithmetic precision failure that formal verification of boundary invariants would likely have detected. - **MonoX** ($31.4M, 2021): Self-swap token pricing bug; formal model of AMM price invariants could have surfaced the logical inconsistency. - **Value DeFi** ($10M, 2021): AMM math error in a complex multi-token pool. - **Bunni** ($8.4M, 2025): Complex concentrated-liquidity math without formal verification coverage.

Measurement what to look for #

Determine the percentage of protocol-declared critical invariants covered by a formal verification proof (Certora Prover, Kani, Halmos, or equivalent).

Data & output #

Data source
Certora/Kani/Halmos published specification files in protocol repo + FV report documents
Output format
Green / Yellow / Red
Evidence artifact
FV report URL or repo path + invariant list + coverage % as curator-computed ratio
Confidence signal
green = ≥80% of declared critical invariants verified; yellow = 20–79% or informal spec only; red = 0% / no FV; gray = protocol has not declared critical invariants (FV not applicable)

Scored protocols 80 carry this factor #

Protocol RD-F-009
Aave v3 ethereum yellow Across Protocol ethereum red Aerodrome Finance base yellow Axelar Network ethereum gray Babylon Protocol bitcoin gray Balancer (v2 + v3) ethereum yellow Beefy Finance ethereum red BENQI avalanche yellow BlackRock USD Institutional Digital Liquidity Fund (BUIDL) ethereum not_applicable Cap (cUSD / stcUSD) ethereum yellow Centrifuge ethereum yellow Chainlink CCIP ethereum red Circle USYC binance not_applicable Compound V3 (Comet) ethereum yellow Concrete ethereum red Convex Finance ethereum red crvUSD (Curve Stablecoin) ethereum red Curve Finance ethereum red deBridge ethereum red Dolomite ethereum red dYdX v4 (dYdX Chain) dydx yellow EigenLayer ethereum green Ethena ethereum gray ether.fi ethereum green Euler V2 ethereum yellow Falcon Finance ethereum red Fluid ethereum gray Frax Finance ethereum yellow GMX v2 (GMX Synthetics) arbitrum yellow Hyperlane ethereum red Hyperliquid arbitrum gray Jito solana yellow Jupiter solana red Jupiter Perpetual Exchange solana red JustLend DAO tron red Kamino Lend solana yellow Kinetiq hyperliquid red Lido ethereum green Liquid Collective (LsETH) ethereum green Liquity V1 + V2 (LUSD / BOLD) ethereum green Lista DAO bsc red Lombard Finance ethereum red M^0 ethereum green Maple Finance ethereum gray Marinade Finance solana red Meteora solana red mETH Protocol ethereum red Midas ethereum red Morpho V1 (Morpho Blue + MetaMorpho) ethereum green Multipli ethereum red Ondo Finance ethereum gray OpenEden ethereum red Orca solana gray PancakeSwap bsc red Pendle Finance ethereum red Polymarket polygon red QuickSwap polygon yellow Raydium solana gray Rocket Pool ethereum red Sanctum solana red Save (formerly Solend) solana red Sky Lending (formerly MakerDAO) ethereum yellow Spark Protocol ethereum yellow Spiko stellar red Stake DAO ethereum red StakeWise v3 ethereum red Stargate Finance ethereum red stHYPE (Valantis Labs) hyperliquid red SUNSwap (sun.io) tron red Superstate ethereum red Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap ethereum gray Symbiotic ethereum yellow Synapse Protocol ethereum not_assessed Uniswap (v2 + v3) ethereum yellow USDD (Decentralized USD) tron red Usual (USD0 / bUSD0 / USUAL) ethereum gray Veda (BoringVault) ethereum yellow Venus Protocol bsc gray Wormhole ethereum yellow Yearn Finance ethereum red
38 red · 20 yellow · 7 green

Linked hacks 4 historical incidents #

relatedBunni — Precision/Rounding Error in Custom Liquidity Distribution Function (LDF)2025-09-01 · $8M · Precision/Rounding Error in Custom Liquidity Distribution Function (LDF) · Formal verification coverage — would have caught [via cross-hack: Factor 53: Custom Proprietary AMM Math Without Independent Verification]
relatedKyberSwap Elastic — Tick Manipulation + Double Liquidity Counting — Precision Arithmetic Edge Case2023-11-22 · $48M · Tick Manipulation + Double Liquidity Counting — Precision Arithmetic Edge Case · Formal verification coverage — would have caught [via cross-hack: Factor 53: Custom Proprietary AMM Math Without Independent Verification]
relatedMonoX — Native token self-swap price inflation — tokenIn/tokenOut identity bypass2021-11-30 · $31M · Native token self-swap price inflation — tokenIn/tokenOut identity bypass · Formal verification coverage — would have caught [via cross-hack: Factor 53: Custom Proprietary AMM Math Without Independent Verification]
relatedValue DeFi — Uninitialized Pool Re-initialization (Missing initialized = true)2021-05-05 · $10M · Uninitialized Pool Re-initialization (Missing initialized = true) · Formal verification coverage — would have caught [via cross-hack: Factor 53: Custom Proprietary AMM Math Without Independent Verification]
rubric_version v1.7.0 factor RD-F-009 category 1 carried 80 critical no