Formal Verification of Token Standards on Ethereum and Solana: A Comparative Analysis of Fungible Asset Models

dc.contributor.authorAbubakr, Mohammad
dc.contributor.departmentfi=Tietotekniikan laitos|en=Department of Computing|
dc.contributor.facultyfi=Teknillinen tiedekunta|en=Faculty of Technology|
dc.contributor.studysubjectfi=Tietotekniikka|en=Information and Communication Technology|
dc.date.accessioned2026-07-02T19:31:31Z
dc.date.issued2026-06-25
dc.description.abstractBlockchain-based token systems are widely used for the creation and management of economic assets. This makes their correctness a critical concern for blockchain developers, auditors and security engineers. ERC-20 and SPL tokens are amongst the largest and most used standards that define the foundation for token transfer, mint, burning and authorization. However, the architectural and developmental differences in both ecosystems pose distinct challenges in specifying and verifying token correctness. This thesis focuses on invariant-based verification across two heterogeneous blockchain ecosystems. The thesis develops a comparative framework for ERC-20 and SPL token models, focusing mainly on correctness properties like balance consistency, supply preservation, transfer validity, minting, and burning constraints. These properties are validated across six tools: Certora, Foundry, KEVM for ERC-20 and Kani, Prusti, and MIRAI for SPL tokens. It follows a qualitative, artefact-driven case study approach that evaluates tools on five benchmarks: verifiability, expressiveness, specification effort, coverage, and soundness of assumptions. The results depict that the invariant-based verification is a valuable method for checking essential token correctness properties, but its effectiveness depends on the underlying architecture, efforts, and testing tool. Ethereum verification is more contract-centric while Solana verification requires additional reasoning about account ownership, signer authority, mint account relationships and runtime assumptions. The tools provide complementary forms of assurance rather than complete standalone guarantees; deductive verification, fuzzing, bytecode-level reasoning, bounded model checking, contract-based verification and static analysis each capture different aspects of correctness Overall, this thesis shows that formal verification can strengthen confidence in token implementation when the testing procedures are followed strictly with correct specifications and scope. It also highlights the need for layered assurance pipelines that combine formal verification with testing, auditing, and runtime modeling for secure cross-platform token development.
dc.format.extent128
dc.identifier.urihttps://www.utupub.fi/handle/11111/62678
dc.identifier.urnURN:NBN:fi-fe20260701108010
dc.language.isoeng
dc.rightsfi=Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.|en=This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.|
dc.rights.accessrightsavoin
dc.subjectFormal verification
dc.subjectinvariant-based verification
dc.subjectsmart contracts
dc.subjectfungible tokens
dc.subjectERC-20
dc.subjectSPL Token
dc.subjectEthereum
dc.subjectSolana
dc.subjectblockchain security
dc.subjecttoken correctness
dc.titleFormal Verification of Token Standards on Ethereum and Solana: A Comparative Analysis of Fungible Asset Models
dc.type.ontasotfi=Pro gradu -tutkielma|en=Master's thesis|

Tiedostot

Näytetään 1 - 1 / 1
Ladataan...
Name:
Thesis.pdf
Size:
1.64 MB
Format:
Adobe Portable Document Format