RISC-V binary programs lack trustworthy verification, and bridging the semantic gap between high-level source code and actual hardware execution remains challenging. Method: This paper presents the first fully automated, mathematically verifiable binary-level formal verification framework for RISC-V, built on the HOL4 theorem prover and the HolBA library. It employs the Binary Intermediate Representation (BIR) as a unifying abstraction, integrates forward symbolic execution, and leverages a complete, machine-checked formal semantics of the RISC-V instruction set architecture to enable end-to-end binary contract verification. Contribution/Results: Crucially, the framework eliminates trust dependencies introduced by compiler optimizations and inline assembly. Experimentally, it achieves full verification of the ChaCha20 encryption algorithm’s RISC-V binary implementation and OS kernel context-switching assembly code—marking the first provably correct, end-to-end verification chain from source-level specification to concrete machine-code behavior on RISC-V.

Many types of formal verification establish properties about abstract high-level program representations, leaving a large gap to programs at runtime. Although gaps can sometimes be narrowed by techniques such as refinement, a verified program's trusted computing base may still include compilers and inlined assembly. In contrast, verification of binaries following an Instruction Set Architecture (ISA) such as RISC-V can ensure that machine code behaves as expected on real hardware. While binary analysis is useful and sometimes even necessary for ensuring trustworthiness of software systems, existing tools do not have a formal foundation or lack automation for verification. We present a workflow and toolchain based on the HOL4 theorem prover and the HolBA binary analysis library for trustworthy formal verification of RISC-V binaries. The toolchain automates proofs of binary contracts by forward symbolic execution of programs in HolBA's intermediate language, BIR. We validated our toolchain by verifying correctness of RISC-V binaries with (1) an implementation of the ChaCha20 stream cipher and (2) hand-written assembly for context switching in an operating system kernel.