In mechanism design, the gold standard solution concepts are dominant strategy incentive compatibility, and Bayesian incentive compatibility. These simple solution concepts relieve the (possibly unsophisticated) bidders from the need to engage in complicated strategizing. This is a clean story when the mechanism is "obviously" incentive compatible, as with a simple second price auction. However, when the proof of incentive compatibility is complex, unsophisticated agents may strategize in unpredictable ways if they are not convinced of the incentive properties. In practice, this concern may limit the mechanism designer to \emph{simple} mechanisms, simple enough that agents can easily understand. To alleviate this problem, we propose to use techniques from computer-aided verification in order to construct formal proofs of incentive properties. Because formal proofs can be automatically checked by (trustworthy) computer programs, agents do not need to verify complicated paper proofs by themselves.

To confirm the viability of this approach, we present the verification of one sophisticated mechanism: the generic reduction from Bayesian incentive compatible mechanism design to algorithm design given by Hartline, Kleinberg, and Malekian (2011). This mechanism presents new challenges for formal verification, including essential use of randomness from both the execution of the mechanism and from prior type distributions. As a by-product, we also verify the entire family of mechanisms derived via this reduction.