Existing tools struggle to detect complex temporal vulnerabilities in smart contracts that involve multiple transactions, such as liquidity attacks and frontrunning. This work proposes an automated formal verification approach that, for the first time, integrates first-order Hennessy-Milner logic with temporal model checking. It automatically encodes Solidity contracts and their temporal specifications into the Lustre language and leverages the Kind 2 model checker for verification. The method establishes a complete toolchain capable of automatically verifying sophisticated multi-transaction attack scenarios. In benchmark evaluations, it successfully verifies non-trivial temporal properties and uncovers specification violations that existing tools fail to detect.

Smart contracts deployed on blockchains such as Ethereum routinely manage large amounts of assets, making their security critical. Empirical studies show that real-world attacks often exploit flaws in the business logic of contracts that unfold across multiple transactions, such as liquidity or front-running attacks. Detecting these attacks requires reasoning about expressive temporal properties beyond the capabilities of existing analysis tools. In this paper, we present an automated approach to the formal verification of smart contracts, enabling the specification and verification of complex temporal properties. Our approach provides a fully automated encoding into Lustre -- the specification language supported by the Kind 2 model checker -- of an expressive subset of Solidity contracts and temporal specifications based on first-order Hennessy-Milner Logic. This encoding allows us to leverage Kind 2 to determine whether the contract respects the specification or not. We implement our approach in a toolchain that integrates the translation and verification steps, and we evaluate its effectiveness and performance on a benchmark of smart contracts and temporal properties capturing complex attack scenarios. Our results show that the proposed approach can effectively verify non-trivial temporal properties of smart contracts and detect violations that are beyond the reach of existing analysis tools.