Skip to main content

One post tagged with "abstract interpretation"

View All Tags

Introducing pallet-verifier

· 7 min read
David Semakula
Creator of pallet-verifier

I am proud to announce the successful completion of the Web3 Foundation grant for developing pallet-verifier - a tool for detecting common security vulnerabilities and insecure patterns in FRAME pallets using static program analysis techniques like data-flow analysis, abstract interpretation and symbolic execution.

Overview

At the highest level, pallet-verifier is a custom Rust compiler (rustc) driver which uses MIRAI as a backend for abstract interpretation (and in the future, also as a tag and taint analysis engine).

Additionally, for a seamless and familiar developer experience, pallet-verifier is distributed as a custom cargo sub-command (i.e. cargo verify-pallet).