Formal Methods

Practical verification for systems engineers: model the smallest thing that can break, prove what matters, and test the rest with adversarial harnesses.

View tag listing

Best starting points

The KelpDAO Exploit Was Not a Bug
April 19, 2026 · 22 min
Incident memo (April 2026): the 116,500 rsETH release via LayerZero EndpointV2 was a semantic guard failure. Signatures are not truth unless they bind to a unique, finalized source-chain debit.
PQC Research Series — Part 3
April 30, 2026 · 19 min
QROM is not “ROM but stronger.” It changes the oracle interface (superposition queries), breaks classical proof tactics (rewinding/programming), and turns Fiat–Shamir security into a tighter, system-bound claim.
PQC Research Series — Part 4
May 2, 2026 · 18 min
Reduction tightness is where PQC security meets operations: loose reductions consume margin, force parameter inflation, and turn “provably secure” into a bandwidth/RAM/latency problem.
PQC Research Series — Part 1
April 24, 2026 · 17 min
A formal adversary taxonomy for PQC deployments: classical vs quantum vs QROM, with explicit resource accounting (queries, memory, time) and system-boundary assumptions.
PQC Research Series — Part 2
April 26, 2026 · 13 min
LWE/SIS are not “magic hardness.” They are interface contracts with worst-case/average-case reductions, structural trade-offs (Ring/Module), and concrete security heuristics (BKZ/sieving) that real systems routinely violate.

Roadmap

Write the model (minimal, falsifiable)
State safety/liveness + refinement boundaries
Property-based + differential testing as oracles
Operationalize invariants (alerts, budgets, runbooks)

Browse topics

Best starting points

The KelpDAO Exploit Was Not a Bug

PQC Research Series — Part 3

PQC Research Series — Part 4

PQC Research Series — Part 1

PQC Research Series — Part 2

Roadmap