From absence of certain vulnerabilities towards security proofs: pushing the limits of formal verification.