This work addresses the limitations of VNN-LIB 1.0, which lacks a formal syntax, semantics, and type system and relies on informal, continually evolving ONNX models, thereby hindering trustworthy neural network verification. To overcome these challenges, the authors propose VNN-LIB 2.0, introducing an abstract “network theory” interface that decouples verification specifications from concrete model formats. For the first time, they establish a complete formal syntax, type system, and semantics for VNN-LIB, all mechanized in Agda to guarantee consistency. This effort yields a self-contained, semantically stable, and extensible verification standard, laying a rigorous theoretical foundation for a reliable ecosystem of neural network verification tools.

Neural network verification is an active and rapidly maturing research area, with a growing ecosystem of solvers and tools. The VNN-LIB standard was introduced to support interoperability in this ecosystem, but Version~1.0 has several serious short-comings as a formal foundation: it lacks a precise syntax, semantics, and type system, offers limited expressivity, and relies on externally defined ONNX models whose semantics are informal and constantly evolving. The latter distinguishes VNN-LIB from established standards such as SMT-LIB, where queries are self-contained and have fixed semantics. In this paper we address these challenges by developing the theoretical foundations of VNN-LIB~2.0. Our key contribution is the introduction of the notion of a \emph{network theory}, which abstractly characterises the minimal semantic interface required from a neural network model format. This abstraction enables VNN-LIB to be defined independently of any specific ONNX version while remaining compatible with evolving model representations. Building on this foundation, we present a formal syntax for a more expressive query language, a type system for it over the numeric domains provided by the network theory, and finally a formal semantics. To ensure internal consistency, the standard is mechanised in the Agda theorem prover. VNN-LIB~2.0 therefore provides robust and rigorous foundations for trustworthy neural network verification.