Verifying unsafe Rust code remains challenging due to the tension between safety guarantees and automation, while fully automated verification of safe Rust code often lacks expressiveness for low-level reasoning. Method: This paper proposes a hybrid verification paradigm that combines fully automated verification for safe Rust code with semi-automated verification for unsafe code. We introduce an enhanced separation logic encoding that unifies RustBelt’s lifetime logic with RustHornBelt’s parametric prophecy mechanism. Leveraging Gillian, we build Gillian-Rust—a scalable, highly automated, and API-friendly verification tool—and pioneer its integration with Creusot to enable coordinated verification across safe and unsafe code boundaries. Results: Our approach successfully verifies both type safety and functional correctness of real-world unsafe Rust code, significantly reducing manual proof effort. Empirical evaluation demonstrates the feasibility and effectiveness of the hybrid verification strategy.

While recent years have been witness to a large body of work on efficient and automated verification of safe Rust code, enabled by the rich guarantees of the Rust type system, much less progress has been made on reasoning about unsafe code due to its unique complexities. We propose a hybrid approach to end-to-end Rust verification in which powerful automated verification of safe Rust is combined with targeted semi-automated verification of unsafe~Rust. To this end, we present Gillian-Rust, a proof-of-concept semi-automated verification tool that is able to reason about type safety and functional correctness of unsafe~code. Built on top of the Gillian parametric compositional verification platform, Gillian-Rust automates a rich separation logic for real-world Rust, embedding the lifetime logic of RustBelt and the parametric propheciees of RustHornBelt. Using the unique extensibility of Gillian, our novel encoding of these features is fine-tuned to maximise automation and exposes a user-friendly API, allowing for low-effort verification of unsafe code. We link Gillian-Rust with Creusot, a state-of-the-art verifier for safe Rust, by providing a systematic encoding of unsafe code specifications that Creusot may use but not verify, demonstrating the feasibility of our hybrid~approach.