Gasket: A Lean 4 Formal Verification-Based Budget Certificate System for LLM Agents

Gasket is an open-source tool that provides static budget certificates for LLM Agent workflows, supporting mainstream frameworks like LangGraph, CrewAI, and Agents SDK. It uses the Lean4 theorem prover for machine verification, validating the upper limit of resource consumption of Agent workflows without executing code, and provides formal method support for cost control and security assurance of LLM applications.

Source Information:

• Original Author/Maintainer: hernaninverso
• Source Platform: GitHub
• Original Link: https://github.com/hernaninverso/gasket
• Release Time: 2026-06-12T08:16:39Z

With the rapid development of LLM Agent systems, multi-step and multi-round interaction workflows bring two core challenges:

1. Cost Uncontrollability: LLM APIs are charged by tokens; complex workflows may trigger dozens to hundreds of calls, making costs hard to predict and posing operational risks in production environments.
2. Behavior Uncertainty: Autonomous decision-making by Agents can easily lead to infinite loops or abnormal behaviors. Traditional testing is difficult to cover all execution paths, and out-of-control Agents may cause resource waste or security issues.

Gasket introduces the concept of "static budget certificate" and verifies resource consumption boundaries before code execution through formal methods:

• Budget Certificate: A formal proof that ensures the Agent workflow does not exceed the preset resource budget (e.g., number of tokens, API calls) during execution.
• Lean4 Machine Verification: Uses the Lean4 theorem prover for verification based on mathematical axioms and inference rules, with high credibility, composability, and auditability.
• Static Analysis: Does not execute code; covers all paths by checking workflow structure, making the verification process fast, comprehensive, and secure.

Supported Frameworks: LangGraph (multi-step workflows), CrewAI (multi-Agent collaboration), Agents SDK (OpenAI official toolkit). Budget Modeling: Accumulates the worst-case consumption of workflow nodes (LLM calls, tool execution, loops, etc.) to get the overall budget upper bound. Certificate Process:

1. Extract workflow control flow graph and data flow information;
2. Annotate resource consumption models for each component;
3. Convert to Lean4 code to generate proof certificates;
4. Runtime check whether execution complies with budget constraints.

• Enterprise-level Cost Control: Clarifying cost upper bounds before deployment facilitates approval; runtime alerts for deviations prevent cost overruns.
• Multi-tenant SaaS Platforms: Verify whether user workflows meet quotas, supporting fair scheduling and transparent billing.
• Security-critical Applications: Protect against resource exhaustion and denial-of-service attacks; provide compliance audit proofs (applicable to medical, financial, and other fields).

• vs Traditional Testing: Formal verification can prove properties hold for all inputs, while traditional testing only covers partial scenarios.
• vs Runtime Monitoring: Static verification prevents problems before deployment, while monitoring only alerts after issues occur.
• vs General Formal Tools: Gasket is optimized for the LLM Agent domain, with out-of-the-box framework integration to lower the barrier to use.

• Progressive Adoption: Start with key workflows and gradually expand coverage.
• Budget Estimation: Set initial budgets based on historical data to balance security and flexibility.
• CI/CD Integration: Add verification steps to continuous integration to prevent budget regression.
• Handling Verification Failures: Check for unbounded loops and resource model accuracy; refactor workflows if necessary.

Prospects: Promote the engineering of LLM applications, popularize formal methods, and improve resource efficiency and sustainability. Summary: Gasket provides budget certificates for LLM Agents through Lean4 formal verification, ensuring controllable resource consumption without executing code. It is a noteworthy engineering practice direction for production-level Agent systems.