Article demonstrates how formal verification can detect subtle bugs in code that pass testing and code review, using a banking application example with three classes of defects: fee calculation errors violating invariants, money conservation violations in transfers, and integer overflow edge cases that break properties for all possible inputs.
Two critical rounding errors in The Graph's smart contracts allowed attackers to avoid paying curation taxes and bypass token lock durations through batch processing of small amounts. The vulnerabilities were patched after responsible disclosure by whitehat @GregadETH, resulting in a $290,497 bug bounty.
Educational writeup on array input validation vulnerabilities in Substrate smart contracts, demonstrating how missing percentage validation in a voting function allows attackers to exceed 100% voting weight across multiple pools or repeat pool IDs to multiply voting power and drain rewards.