RTLPreCheck reads raw SystemVerilog and generates formally proven properties automatically. No specifications. No manual assertions. No naming conventions. Just structure.
Traditional formal verification asks: given this spec, does the design comply? RTLPreCheck asks the opposite: given this design, what must be true? The structure reveals buffers, arbiters, pipelines, and exactly which formal properties each one must satisfy.
Reads raw RTL. Classifies every register cluster by behavioral role using AST topology, graph structure, and IR metadata alone.
Selects formal property templates for each classification. Register stability, deadlock freedom, drain liveness, mutual exclusion — all generated from structure.
Every property is proven via k-induction. Sound abstract models are built automatically for large modules. Anti-vacuity covers verify every proof is exercised.
Cross-module assume-guarantee contracts are extracted from proven probes and discharged automatically via geometry-based port matching.
130 primitive modules from the lowRISC silicon root-of-trust. Arbiters, FIFOs, counters, alert/escalation protocol, SECDED encoders, LFSRs, edge detectors. Input: SystemVerilog only.
April 25, 2026
No spec documents, no testbench, no human-written assertions provided. Every run is deterministic — same RTL in, same results out. Zero AI in assertion generation. 2,327 properties formally proven by Z3 from RTL structure alone — over 20x what OpenTitan's verification team wrote by hand.
33 Solver-Verified — Z3 proves OT's assertion follows from RTLPreCheck's facts
14 Discovered — intent candidate covers same signals and goal
21 Flagged — coverage scanner explicitly flags the gap
13 Covered Signals — proven properties exist on same signals
81 of 81 design RTL assertions accounted for. 100% coverage visibility.
2 additional OT assertions reference FPV testbench signals not in design RTL — excluded from scope.
Proven: 2,327 solver-verified properties. Counter bounds, grant exclusivity, arbiter completeness, per-requester liveness, FSM return-to-idle, handshake stability, output equivalence, XOR differential. Proven by Z3 or it doesn't make the report.
Design Intent: 136 verification goals identified from RTL structure. Specific signals, specific properties, specific evidence. Data integrity, protocol compliance, usage constraints, liveness, algebraic correctness. Engineer reviews and decides in minutes.
Uncovered Signals: Every output, control input, and observable register with zero functional coverage — explicitly flagged. Nothing silent.
If you're working on a design that needs formal verification coverage, or if you'd like to see RTLPreCheck run on your RTL, reach out.
taylor@rtlprecheck.com