The specification is written or translated

sujonkumar6300 · Post by **sujonkumar6300** » Mon Feb 03, 2025 4:35 am

The model. The system must be modeled using a formal language; in many cases some kind of graph or automaton is used. A smart contract can be represented as a control graph where nodes represent blocks of code and edges denote control flows.

Into a formal language. Most approaches use some variant of Propositional Temporal Logic. The starting point is the negation of the specification.

An algorithm for transforming a formula in the specification language into a graph argentina consumer email list compatible with that used to model the system.

An algorithm that allows combining both graphs. The resulting graph accepts all the behaviors of the model that meet the negation of the specification. The expected result is the empty graph, which indicates that there is not a single behavior of the model that does not meet the specification; if the empty graph is not obtained, a traversal of the graph can be performed to obtain a counterexample or "witness", which is a behavior of the model that does not meet the specification.

In Figure 1 we can see the method schematically, where the counterexample shows the state transitions (each En is a state, and -> represents the transition from state E n to E m ) that lead to behavior that does not comply with the specification.