I am a Principal Researcher in the RiSE group at Microsoft Research Redmond, which I joined in Fall 2014. Previously, I was in the Gallium team at INRIA Paris from 2010 to 2014, designing and implementing Mezzo for my PhD under the direction of François Pottier.

My research focuses on advancing the theory and practice of software verification, i.e. showing with mathematical certainty that a critical piece of code exhibits the intended behavior. This is important for the software industry (e.g. cryptography), but also for society at large (e.g. the law). See our interview in Quanta Magazine for an accessible introduction, or this roundtable on verified cryptography for a research perspective.

Current projects

The Low* toolchain (2016-) compiles F* programs to C. Code written in Low* has been integrated into Windows, Firefox, mbedTLS, and the Tezos blockchain, among others. I co-lead several verified software libraries which use Low*, such as:

  • EverCrypt, a complete cryptographic library that offers abstraction, multiplexing, agility and CPU auto-detection, verified in F*, compiled to C and assembly
  • HACL*, a collection of verified cryptographic algorithms, verified in F*, compiled to C
  • EverQUIC, a verified implementation of the QUIC record layer, complete with a proof of cryptographic security

This work is part of the larger Everest Project, an ambitious research effort spanning three continents, five institutions and twelve timezones.

The Catala project (2020-) looks at the intersection of language design and computational law. I work on the design and formal aspects of the language, as well as applications in the context of US federal and local laws.

In my spare time, I maintain several open-source projects (2009-), including a Thunderbird addon that is now the 4th most-used addon with 200,000 users.

More information on the research and software pages.


  • Théophile Wallez (2021-), co-advised with Karthik Bhargavan at INRIA
  • Son Ho (2020-), co-advised with Karthik Bhargavan at INRIA
  • Denis Merigoux (2018-), co-advised with Karthik Bhargavan at INRIA


  • 2021/05/12: keynote on Catala and formalizing the law
  • 2021/05/11: more coverage of Catala: reddit, hacker news, again
  • 2021/03/11: the ML’21 workshop website is up; I’m the chair, and expect you to submit your finest work!
  • 2021/01/22: IEEE Computer Magazine publishes a roundtable on verified cryptography, where I appear
  • 2021/01/08: Our paper on formalizing the French tax code gets accepted for CC’2021. Interesting Hacker News discussion.
  • 2020/09/22: attending a virtual HACS where I’ll talk about the latest, exciting developments in Everest-land
  • 2020/08/26: thrilled to chair PriSC 2021 with the excellent Deian Stefan; submit your best work!
  • 2020/05/15: new techniques for verified cryptography: HACLxN
  • 2020/02/04: a new verified component for Everest: EverQuic, now accepted at S&P’21

Recent blog entries

subscribe via RSS