This paper addresses the challenge of formally verifying Maximum Extractable Value (MEV) attacks in DeFi protocols. We present the first mechanically verified framework for bounding MEV, implemented in the Lean theorem prover. Our approach integrates game-theoretic modeling, program logic, and formal reasoning to rigorously characterize transaction-order sensitivity and construct a machine-checkable proof system for MEV revenue upper bounds. Key contributions include: (1) the first mechanically verified formalization of MEV strategies; (2) verifiable MEV models for two canonical DeFi protocol classes; and (3) the first fully Lean-verified proof of optimality for sandwich attacks, establishing their tight theoretical revenue bound. This work provides a trustworthy, formally grounded foundation for security analysis of DeFi protocols.

Maximal Extractable Value (MEV) refers to a class of attacks to decentralized applications where the adversary profits by manipulating the ordering, inclusion, or exclusion of transactions in a blockchain. Decentralized Finance (DeFi) protocols are a primary target of these attacks, as their logic depends critically on transaction sequencing. To date, MEV attacks have already extracted billions of dollars in value, underscoring their systemic impact on blockchain security. Verifying the absence of MEV attacks requires determining suitable upper bounds, i.e. proving that no adversarial strategy can extract more value (if any) than expected by protocol designers. This problem is notoriously difficult: the space of adversarial strategies is extremely vast, making empirical studies and pen-and-paper reasoning insufficiently rigorous. In this paper, we present the first mechanized formalization of MEV in the Lean theorem prover. We introduce a methodology to construct machine-checked proofs of MEV bounds, providing correctness guarantees beyond what is possible with existing techniques. To demonstrate the generality of our approach, we model and analyse the MEV of two paradigmatic DeFi protocols. Notably, we develop the first machine-checked proof of the optimality of sandwich attacks in Automated Market Makers, a fundamental DeFi primitive.