What does a lean proof prove?
4 days ago
- #Lean
- #Software Verification
- #Theorem Proving
- Lean's theory is consistent relative to ZFC.
- Lean's implementation is mostly bug-free, with non-fatal bugs being fixed.
- Independent implementations of Lean are growing, increasing trust in its proofs.
- Lean's soundness is not fully proven, but basic types behave as expected.
- Lean's software implementation is not formally proven to match its theory.
- Lean4lean, a reimplementation in Lean 4, found and fixed bugs in the original kernel.
- Few independent implementations exist, limiting cross-verification.
- Lean's proofs are highly trusted for mathematics but less so for software verification.
- Lean lacks native support for coinductive types, limiting modeling of infinite processes.
- Lean's runtime and compiler are unverified, affecting trust in software proofs.
- FFI in Lean can introduce unverified behavior, complicating the trust model.
- Hardware verification is not Lean's focus, unlike Coq.
- Pure Lean proofs are trustworthy, but deployed software verification is not guaranteed.