Even though the SCION protocol has been proven to have strong security properties, its implementation can, in principle, still suffer from errors that invalidate core properties of the protocol. To ensure the correctness of SCION’s Go implementation, Peter Müller’s research group developed Gobra, a program verifier for Go. Gobra verifies specification compliance, memory safety, and crash freedom of the SCION implementation and ensures its trustworthiness.