Vest: Verified, Secure, High-Performance Parsing and Serialization for Rust
Yi Cai
34th USENIX Security Symposium (USENIX Security '25) · Day 3 · Software Security 4: Fuzzing and Other Software Analysis
Binary formats are the backbone of modern computing, underpinning everything from common document types like PDF and ZIP to executable formats like Linux ELF and WebAssembly, and critically, security-sensitive protocols such as cryptographic handshakes, X.509 certificates, and VPN configurations. Interacting with these diverse formats necessitates the use of **parsers** and **serializers**. A serializer translates high-level data structures within an application into a sequence of bytes for external communication or storage, while a parser performs the inverse operation, converting external byte sequences back into structured data for the application. This talk introduces Vest, a novel framework designed to generate verified, secure, and high-performance parsers and serializers specifically for the Rust programming language.
AI review
Vest is legitimate PL/security research that solves a real, sharp problem — parsing ambiguity and malleability in security-critical formats — with a technically credible approach: a combinator library backed by Verus formal verification, generating zero-copy Rust that benchmarks favorably against unverified industrial parsers. The work is already shipping in downstream projects (Owl, Verdict), which is the kind of traction that separates real research from paper-prototype theater.