This work addresses the challenge that existing third-party eBPF network functions are distributed as opaque bytecode, lacking transparency into their functional correctness and interaction semantics, and making compliance verification difficult without exposing source code. To overcome this, the authors propose a novel approach based on domain-specific modeling and scalable program analysis that directly extracts semantic information from eBPF bytecode to construct formal models. These models enable assertion and querying of functional specifications and inter-component dependencies using a dedicated property language. The method achieves, for the first time, source-free verification of eBPF functional correctness and supports interaction analysis in chained deployments. Experimental evaluation demonstrates that the system can express 24 standard and non-standard properties and achieves verification speeds 200 to 1,000 times faster than the state of the art.

Many cloud infrastructure organizations increasingly rely on third-party eBPF-based network functions for use cases like security, observability, and load balancing, so that not everyone requires a team of highly skilled eBPF experts. However, the network functions from third parties (e.g., F5, Palo Alto) are available in bytecode format to cloud operators, giving little or no understanding of their functional correctness and interaction with other network functions in a chain. Also, eBPF developers want to provide proof of functional correctness for their developed network functions without disclosing the source code to the operators. We design Yaksha-Prashna, a system that allows operators/developers to assert and query bytecode's conformance to its specification and dependencies on other bytecodes. Our work builds domain-specific models that enable us to employ scalable program analysis to extract and model eBPF programs. Using Yaksha-Prashna language, we express 24 properties on standard and non-standard eBPF-based network functions with 200-1000x speedup over the state-of-the-art work.