Foundational proof certificates in first-order logic · LKF and formulas are considered to be...
Transcript of Foundational proof certificates in first-order logic · LKF and formulas are considered to be...
![Page 1: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/1.jpg)
Foundational proof certificates in first-order logic
Zakaria Chihani, Dale Miller, and Fabien Renaud
INRIA-Saclay & LIX, Ecole Polytechnique
12 June 2013
Can we standardize, communicate, and trust formal proofs?
The topic of the ProofCert project
![Page 2: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/2.jpg)
2
How to trust a machine-generated proof
● Read the output or redo the proof
● Trust the prover● Formally prove it● Build it around a small trusted
kernel
● Have a small dedicated checker verify the proofPotentially big
Prover
&@#%!§µ*£ø€êþÿûîœôö
ŀüð’‘ëæ##{[↓¬
©»«©}]@.................................................................…..….…...
Trace or proof
![Page 3: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/3.jpg)
3
● Read the output or redo the proof
● Trust the prover● Formally prove it● Build it around a small trusted
kernel
● Have a small dedicated checker verify the proof
● How about other provers' proofs?● Previous steps● Translate their output into your
formalism and run them on your prover...
Potentially big
Prover
&@#%!§µ*£ø€êþÿûîœôö
ŀüð’‘ëæ##{[↓¬
©»«©}]@.................................................................…..….…...
Trace or proof
How to trust a machine-generated proof
![Page 4: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/4.jpg)
4
● Read the output or redo the proof
● Trust the prover● Formally prove it● Build it around a small trusted
kernel
● Have a small dedicated checker verify the proofPotentially big
Prover
&@#%!§µ*£ø€êþÿûîœôö
ŀüð’‘ëæ##{[↓¬
©»«©}]@.................................................................…..….…...
Trace or proof
How to trust a machine-generated proof
![Page 5: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/5.jpg)
5
● Read the output or redo the proof
● Trust the prover● Formally prove it● Build around small trusted
kernel
● Have a small dedicated checker verify the proofPotentially big
Prover
&@#%!§µ*£ø€êþÿûîœôö
ŀüð’‘ëæ##{[↓¬
©»«©}]@.................................................................…..….…...
Trace or proof
Human readable
Easily trusted code
How to trust a machine-generated proof
![Page 6: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/6.jpg)
6
● Read the output or redo the proof
● Trust the prover● Formally prove it● Build around small trusted
kernel
● Have a small dedicated checker verify the proofPotentially big
Prover
&@#%!§µ*£ø€êþÿûîœôö
ŀüð’‘ëæ##{[↓¬
©»«©}]@.................................................................…..….…...
Trace or proof
Easily trusted code
Checker
How to trust a machine-generated proof
![Page 7: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/7.jpg)
7
● Read the output or redo the proof
● Trust the prover● Formally prove it● Build around small trusted
kernel
● Have a small broad-range checker verify the proofPotentially big
Prover
&@#%!§µ*£ø€êþÿûîœôö
ŀüð’‘ëæ##{[↓¬
©»«©}]@.................................................................…..….…...
Trace or proof
Easily trusted code Broad range
Intuitionnistic prover
Classical prover
Model checker
Checker
How to trust a machine-generated proof
![Page 8: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/8.jpg)
8
Have a small broad-range checker verify the proof
Small while « understanding » multiple provers?
Potentially big
Prover
&@#%!§µ*£ø€êþÿûîœôö
ŀüð’‘ëæ##{[↓¬
©»«©}]@.................................................................…..….…...
Trace or proof
Easily trusted code Broad range
Intuitionnistic prover
Classical prover
Model checker
Checker
How to check a machine-generated proof
![Page 9: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/9.jpg)
9
Easily trusted code Broad range
Intuitionnistic prover
Classical prover
Model checker
Checker
Library of theorems
Potentially big
Prover
&@#%!§µ*£ø€êþÿûîœôö
ŀüð’‘ëæ##{[↓¬
©»«©}]@.................................................................…..….…...
Trace or proof
How to check a machine-generated proof
![Page 10: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/10.jpg)
10
The kernel of checker: focused LK
Easily trusted code Broad range
(Unfocused) sequent calculus Focused sequent calculus
![Page 11: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/11.jpg)
11
The kernel of checker: focused LK
Easily trusted code Broad range
Focusing ← Polarities ← Invertible
Conclusion ⇕
Premise
![Page 12: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/12.jpg)
12
The kernel of checker: focused LK
Easily trusted code Broad range
Focusing ← Polarities ← Invertible
Chose left!
Are you sure?
Mnemonics
+ -
Yes! I'm positive!
Simple notations. If you want the connective (or atom) to be subject to ● Invertible rule => give negative polarity● Non (necessarily) invertible rule => give positive polarity
![Page 13: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/13.jpg)
13
The kernel of checker: focused LK
Easily trusted code Broad range
Focusing ← Polarities ← Invertible
+ -
Simple notations. Connective (or atom) should be subject to ● Invertible rule => negative polarity● Non (necessarily) invertible rule => positive polarity
Sound interaction
Where there is a choice, the checker can be
guided. Without leading it to errors?
![Page 14: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/14.jpg)
14
The kernel of checker: focused LK
Easily trusted code Broad range
Focusing ← Polarities ← Invertible
Organizing proofs in layers of negative and positive (focused) phases
Negative phase
Sequents :
Focused or positive phase
Sequents :
More mnemonics
● Only non invertible rules● Selection of information● Output depends on choices● Rules applied hereditarily on
subformulas of P
● Only invertible rules● No loss of information● Same input => same output● Rules applied in any order to negative
formulas
Sound interaction
![Page 15: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/15.jpg)
15
The kernel of checker: focused LK
Easily trusted code Broad range
From the completeness of LKF:
⊢LK
A ⇔ ⊢LKF
. A⇑ p
Where Ap is the a polarized version of A (exponentially many such versions)e.g. If A = a b c∨ ∧ , Ap can be either
a ∨- b ∧+ c, a ∨- b ∧- c, a ∨+ b ∧- c, etc.(The atoms are also polarized)
From now on, is taken to be ⊢ ⊢LKF
and formulas are considered to be
polarized and in negation normal form.
Sound interaction
![Page 16: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/16.jpg)
16
The kernel of checker: focused LK
Easily trusted code Broad range
Negative phase
Focused or positive phase
Sound interaction
![Page 17: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/17.jpg)
17
The kernel of checker: focused LK
Easily trusted code Broad range
Negative phase
Focused or positive phase
In between
Sound interaction
![Page 18: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/18.jpg)
18
The kernel of checker: focused LK
Easily trusted code Broad range
Negative phase
Focused or positive phase
In between
Sound interaction
Only contract on positive
![Page 19: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/19.jpg)
19
The kernel of checker: focused LK
Easily trusted code Broad range
Negative phase
Focused or positive phase
In between
Sound interaction
Only contract on positive
,, ,
,,
,,
,,
,,,
,, ,
,,
,,
,,,,
,,,
,
,,
,, ,
,, ,
,,
,
,
,
,
,
,
, ,, ,
,
![Page 20: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/20.jpg)
20
Back to checking, LKFa (augmented LKF)
&@#%!§µ*£ø€êþÿûîœôö
ŀüð’‘ëæ##{[↓¬
©»«©}]@.................................................................…..….…...
Trace or proof
A is a theorem !
Ξ . ⊢ ⇑ Ap
Polarize
Describe
Easily trusted code Broad range Sound interaction
![Page 21: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/21.jpg)
21
Back to checking, LKFa (augmented LKF)
&@#%!§µ*£ø€êþÿûîœôö
ŀüð’‘ëæ##{[↓¬
©»«©}]@.................................................................…..….…...
Trace or proof
A is a theorem !
Ξ . ⊢ ⇑ Ap
Polarize
Describe
But how to feed information, when needed, to the kernel?
Easily trusted code Broad range Sound interaction
![Page 22: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/22.jpg)
22
Back to checking, LKFa (augmented LKF)
&@#%!§µ*£ø€êþÿûîœôö
ŀüð’‘ëæ##{[↓¬
©»«©}]@.................................................................…..….…...
Trace or proof
A is a theorem !
Ξ . ⊢ ⇑ Ap
Polarize
Describe
But how to feed information, when needed, to the kernel?
Easily trusted code Broad range Sound interaction
![Page 23: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/23.jpg)
23
Back to checking, LKFa (augmented LKF)
&@#%!§µ*£ø€êþÿûîœôö
ŀüð’‘ëæ##{[↓¬
©»«©}]@.................................................................…..….…...
Trace or proof
A is a theorem !
Ξ . ⊢ ⇑ Ap
Polarize
Describe
But how to feed information, when needed, to the kernel?
Chose left ; Ξ'
Expert
Easily trusted code Broad range Sound interaction
![Page 24: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/24.jpg)
24
Back to checking, LKFa (augmented LKF)
&@#%!§µ*£ø€êþÿûîœôö
ŀüð’‘ëæ##{[↓¬
©»«©}]@.................................................................…..….…...
Trace or proof
A is a theorem!
Ξ . ⊢ ⇑ Ap
Polarize
Describe
But how to feed information, when needed, to the kernel?What if the information is not there?
Chose left...or...or right...Definitely one of these two... Ξ'
Expert
Easily trusted code Broad range Sound interaction
![Page 25: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/25.jpg)
25
Back to checking, LKFa (augmented LKF)
&@#%!§µ*£ø€êþÿûîœôö
ŀüð’‘ëæ##{[↓¬
©»«©}]@.................................................................…..….…...
Trace or proof
A is a theorem!
Ξ . ⊢ ⇑ Ap
Polarize
Describe
But how to feed information, when needed, to the kernel?What if the information is not there?
Chose left...or...or right...Definitely one of these two... Ξ'
Expert
Easily trusted code Broad range Sound interactionFlexible reconstruction
![Page 26: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/26.jpg)
26
Positive phase
● And we do the same each time we may guide the proof checking!
Easily trusted code Broad range Flexible reconstruction Sound interaction
![Page 27: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/27.jpg)
27
Easily trusted code Broad range Flexible reconstruction Sound interaction
● The witness is t!● The witness t is in the set S, but I don't know which...● The witness is … wait, what witness?
Positive phase
● And we do the same each time we may guide the proof checking!
![Page 28: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/28.jpg)
28
Easily trusted code Broad range Flexible reconstruction Sound interaction
Unification!Backtrack!
✓Positive phase
● And we do the same each time we may guide the proof checking!
![Page 29: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/29.jpg)
29
Easily trusted code Broad range Sound interaction
Let's give him the wrong witness!
Positive phase
Flexible reconstruction✓
● And we do the same each time we may guide the proof checking!
![Page 30: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/30.jpg)
30
Negative phase
● Negative phase needs no steering. Simple bookkeeping :
Easily trusted code Broad range Flexible reconstruction Sound interaction✓
Clerk
It went left It went right
![Page 31: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/31.jpg)
31
Negative phase
● Negative phase needs no steering. Simple bookkeeping :
Easily trusted code Broad range Flexible reconstruction Sound interaction✓
Clerk
Part relative to the left branch
Part relative to the right branch
![Page 32: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/32.jpg)
32
Negative phase
● Negative phase needs no steering. Simple bookkeeping :
Easily trusted code Broad range Flexible reconstruction Sound interaction✓
Clerk
No work done No work done
![Page 33: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/33.jpg)
33
Negative phase
● Negative phase needs no steering. Simple bookkeeping :
Easily trusted code Broad range Flexible reconstruction Sound interaction✓
Succeed onany input
![Page 34: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/34.jpg)
34
Easily trusted code Broad range Flexible reconstruction Sound interaction✓
![Page 35: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/35.jpg)
35
Easily trusted code Broad range Flexible reconstruction Sound interaction✓ ✓
![Page 36: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/36.jpg)
36
Coding the kernel
● Every rule is a Horn clause in λProlog, for example, decide rule:
Easily trusted code Broad range Flexible reconstruction Sound interaction✓ ✓✓
![Page 37: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/37.jpg)
37
Coding the kernel
Easily trusted code Broad range Flexible reconstruction Sound interaction✓ ✓✓
● Every rule is a Horn clause in λProlog, for example, decide rule:
If P is given, it is checked. If it is not given, member will unify with a positive formula in the context: limited backtrack will get to the one that works.
![Page 38: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/38.jpg)
38
Coding the kernel
Easily trusted code Broad range Flexible reconstruction Sound interaction✓ ✓✓
● Every rule is a Horn clause in λProlog, for example, decide rule:
If P is given, it is checked. If it is not given, member will unify with a positive formula in the context: limited backtrack will get to the one that works.
n
n-1
![Page 39: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/39.jpg)
39
Coding the kernel
Easily trusted code Broad range Flexible reconstruction Sound interaction✓ ✓✓
● Every rule is a Horn clause in λProlog, for example, decide rule:
If P is given, it is checked. If it is not given, member will unify with a positive formula in the context: limited backtrack will get to the one that works.
Decide on anything but P
![Page 40: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/40.jpg)
40
Coding the kernel
Easily trusted code Broad range Flexible reconstruction Sound interaction✓ ✓✓
● Every rule is a Horn clause in λProlog, for example, decide rule:
If P is given, it is checked. If it is not given, member will unify with a positive formula in the context: limited backtrack will get to the one that works.
Readline
![Page 41: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/41.jpg)
41
Coding the kernel
Easily trusted code Broad range Flexible reconstruction Sound interaction✓ ✓✓
● Every rule is a Horn clause in λProlog, for example, decide rule:
If P is given, it is checked. If it is not given, member will unify with a positive formula in the context: limited backtrack will get to the one that works.
Read from the pointer
Pointer to a file
![Page 42: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/42.jpg)
42
Coding the kernel
Easily trusted code Broad range Flexible reconstruction Sound interaction✓ ✓✓
● Every rule is a Horn clause in λProlog, for example, decide rule:
If P is given, it is checked. If it is not given, member will unify with a positive formula in the context: limited backtrack will get to the one that works.
Call another program
![Page 43: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/43.jpg)
43
Interaction summary
&@#%!§µ*£ø€êþÿûîœôö
ŀüð’‘ëæ##{[↓¬
©»«©}]@.................................................................…..….…...
Trace or proof
A is a theorem!
Ξ . ⊢ ⇑ Ap
Polarize
Describe
Easily trusted code Broad range Flexible reconstruction Sound interaction✓ ✓✓
Positive phase
Negative phase
Experts
Clerks
Observes
Lear
ns fr
omObser
ves
Communicate
Can change
![Page 44: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/44.jpg)
44
Certificate « constellation »
Easily trusted code Broad range Flexible reconstruction Sound interaction✓ ✓✓
Polarize
Describe
Experts
Clerks
![Page 45: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/45.jpg)
45
The (current) actual kernel
Easily trusted code Broad range Flexible reconstruction Sound interaction✓ ✓✓
● LKU is a framework of which LKF, LJF and MALLF are subsets.
● Can describe resolution refutation, mating, dependently typed lambda calculus, expansion trees, rewriting …
● Ongoing work for LFSC, LF-modulo, tabled proofs …
● Delighted to work with you!
?
![Page 46: Foundational proof certificates in first-order logic · LKF and formulas are considered to be polarized and in negation normal form. Sound interaction. 16 The kernel of checker: focused](https://reader034.fdocuments.us/reader034/viewer/2022043021/5f3d45f44e0f02783c178736/html5/thumbnails/46.jpg)
46
Future and related work
● Future work– Fixpoints, model checkers, improving performance
– Counter-examples and partial proofs
– Better formalization of the LKU framework
● Related work– Logosphere and OpenTheory
– TPTP
– Dedukti