-- Edwin Brady, Franck Slama -- University of St Andrews -- File README -- (very) brief explanation about what's this stuff ------------------------------------------------------------------- Version 0.5 (12/12/14) ----------------------- This is the (early) implementation of a collection of tactics for Idris, in Idris. Note that this work is still in progress, so you should not (yet) use it and hope that the final build will be 100% compatible with the current state that you see now. We will explicitely mention when we consider to have something reliable and really usable. At the moment, you should use this collection of tactics for testing purpose only. If you wish to give a feedback, don't forget, that THIS IS STILL WORK IN PROGRESS. There may be bugs, the code is not clean, etc. In definitive, you should not use it a for a "real" project right now. Current state (12/12/14) : ------------------------------ ____________________ New with version 0.5 : Compiles with Idris 0.9.15.1 amongst other things ____________________ ____________________ New with version 0.4: Each solver can now deal with any equivalence relation, instead of just the syntactical equality (Leibniz's equality). ____________________ No axioms, no Meta-variable to solve. - Magma solver WORKS - Semi-group solver WORKS However, one remark : . We don't pass the totality checker at the moment - Monoid solver WORKS However, one remark : . We don't pass the totality checker at the moment - Commutative Monoid solver WORKS [Added with version 0.3] However, one remark : . We don't pass the totality checker at the moment - Group solver WORKS However, one remark : . We don't pass the totality checker at the moment - Commutative Group (=Abelian group) solver WORKS However, one remark : . We don't pass the totality checker at the moment - Ring solver : IMPLEMENTATION IN PROGRESS (roughly 90% done) - Commutative Ring solver NOT YET IMPLEMENTED How to compile it : ------------------- Simply do : idris main.idr -p contrib That will compiles the 6 tactics available yet + the tests (which includes instances of the corresponding typeclass) for each of them. How to use it : ---------------- - Automatic metaification (or reflexion) is not yet implemented. That means that you will have to encode by hand the two sides of your equality you wish to prove. See in commutativeGroup_test.idr and group_test.idr (and the other test files) for detailed examples. A fairly big example --------------------- Can be found in the file myBinary_new.idr. Simply run : idris ./Provers/myBinary_new.idr That will compile the tactics and that will generate the proof required (in the term goal_aux). Note that because there is no automatic reflexion at the moment, this file can be seen as a horrific monster. That will not be the case for a long time. About the technique : ---------------------- 0) Note that in this stuff, we are interested in the proof of correctness (which is the proof of equality) and not (really) by the algorithms implemented (which are normalizations of terms, in different algebraic structures). 1) We follow a "correct by construction" approach : rather than implementing the normalization of terms and afterwards proving that a normalized term and the original term denote the same value, we do it "bit by bit" : we construct this proof at the same time as we normalize the two terms. The result if that the proof of correctness (which is in what we are interested) is a lot easier to do : for each little step of rewriting, the proof is quite trivial. 2) We work by reflection in the langage itself (Idris), rather than implementing each tactic in the host language (Haskell). That's something nice, especially for a future bootstraping of Idris. 3) Each solver uses the algebraic solvers for the structures underneath : we don't "copy and paste" identic treatments at different levels : we convert our terms between different structures, and we reuse every bit possible. For exemple, dealing with neutral elements (which appears for the first time at the Monoid level) is NOT reimplemented in the structures above (ie, Group, CommutativeGroup...) About correctness and completeness : ---------------------------------- 1) Correctness As we mentioned, the proof of correctness if in fact what we want to obtain. Let's assume that all our methods are total (even though a few of them are not provably total in Idris *yet* : mainly because of some non-structural recursions for which we will have to encode the termination). Thus, because we don't have any axiom nor meta-variable to solve, we can be entirely sure that the proof generated is always A VALID PROOF. That mean that if the solver tells you that A = B (and gives you a proof of it), you can be shure that indeed A = B (maybe because of YOUR axioms, or because of YOUR implementation of your structure and operations). 2) Completeness However, if one solver is not able to prove for you A=B, that doesn't prove that A is not equal to B. Or at least, we can't prove this property in the system itself. Of course, we hope (and we've done everyting possible!) to have a tactic which is complete. The proof of completeness will be done a bit later on the paper since it's a meta-theoretic proof.