Formal methods are essential in assuring system correctness. However, formal specification languages have steep learning curves, thus hindering broader appli- cation to system development in practice. To address this problem, we propose NetSpec, a tool that generates system specification via intuitive example-based in- terface, DeCon, a high-level language for Ethereum smart contracts that provides unified interfaces for contract implementation and specification, and DCV, a safety verification tool for DeCon. NetSpec aims to be i) highly expressive, capable of synthesizing network speci- fications with complex semantics; ii) scalable, by virtue of using a novel stochastic search algorithm to efficiently explore an unbounded solution space, and iii) robust, avoiding the need for exhaustive input-output examples by actively generating new examples. Our experiments demonstrate that NetSpec can synthesize a wide range of specifications used in network verification, analysis, and implementations. Fur- thermore, NetSpec improves upon existing approaches in terms of expressiveness, efficiency, and robustness to examples.DeCon, a specification language for Ethereum smart contracts, models a con- tract as a set of relational tables that store transaction records, driven by the ob- servation that smart contract operations and contract-level properties can be nat- urally expressed as relational constraints. This relational representation enables convenient specification of contract properties, facilitates run-time monitoring of potential property violations, and brings clarity to debugging via data provenance. DeCon programs are compiled into executable Solidity programs, with instrumen- tation for run-time property monitoring. Our case studies demonstrate that DeCon. can implement realistic smart contracts such as ERC20 and ERC721 digital tokens. The evaluation shows that DeCon has comparable efficiency with the open-source reference implementation, incurring 14% median gas overhead for execution, and another 16% median gas overhead for run-time verification. DCV is a sound and fully automatic verification tool for DeCon contracts. It proves safety properties by mathematical induction and can automatically infer in- ductive invariants without annotations from the developer. Our evaluation shows that DCV is effective in verifying smart contracts adapted from public repositories, and can verify contracts not supported by other tools. Furthermore, DCV signifi- cantly outperforms baseline tools in verification time.