Learn More
We present a way to enjoy the power of SAT and SMT provers in Coq without compromising soundness. This requires these provers to return not only a yes/no answer, but also a proof witness that can be independently rechecked. We present such a checker, written and fully certified in Coq. It is conceived in a modular way, in order to tame the proofs'(More)
We present a new, completely redesigned, version of F*, a language that works both as a proof assistant as well as a general-purpose, verification-oriented, effectful programming language. In support of these complementary roles, F* is a dependently typed, higher-order, call-by-value language with _primitive_ effects including state, exceptions, divergence(More)
This extended abstract reports on current progress of SMTCoq, a communication tool between the Coq proof assistant and external SAT and SMT solvers. Based on a checker for generic first-order certificates implemented and proved correct in Coq, SMTCoq offers facilities both to check external SAT and SMT answers and to improve Coq's automation using such(More)
Reynold's abstraction theorem is now a well-established result for a large class of type systems. We propose here a definition of relational parametricity and a proof of the abstraction theorem in the Calculus of Inductive Constructions (CIC), the underlying formal language of Coq, in which parametricity relations' codomain is the impredicative sort of(More)
We analyze a normalization function for the simply typed &#955;-calculus based on hereditary substitutions, a technique developed by Pfenning et al. The normalizer is implemented in <b>Agda</b>, a total language where all programs terminate. It requires no termination proof since it is structurally recursive which is recognized by <b>Agda's</b> termination(More)
This thesis studies the cooperation between the Coq proof assistant and external provers through proof witnesses. We concentrate on two dierent kinds of provers that can return certicates: rst, answers coming from SAT and SMT solvers can be checked in Coq to increase both the condence in these solvers and Coq's automation; second, theorems established in(More)
This paper presents BEAGLE TAC, a HOL4 tactic for using Beagle as an external ATP for discharging HOL4 goals. We implement a translation of the higher-order goals to the TFA format of TPTP and add trace output to Beagle to reconstruct the intermediate steps derived by the ATP in HOL4. Our translation combines the characteristics of existing successful(More)