Skip to content

andrew-johnson-4/LSTS

Repository files navigation

logo image

Crates.IO Documentation Read the Docs

LSTS is a proof assistant and maybe a programming language. Proofs in LSTS are built by connecting terms, type definitions, and quantified statements. Terms can be evaluated to obtain Values. Types describe properties of Terms. Statements describe relations between Terms and Types.

Runtime and performance are the primary constraint on theorem proving. To address these concerns we employ two strategies somewhat unique to LSTS:

Terms

Terms are Lambda Calculus expressions with some extensions.

1;
"abc";
2 + 3;
"[" + (for x in range(1,25) yield x^3).join(",") + "]";

Types

Type definitions define logical statements that are then attached to Terms. All valid Terms have at least one Type. Some Terms may have more than one Type. Types may define invariant properties. These invariant properties impose preconditions and postconditions on what values may occupy that Type. Values going into a Type must satisfy that Type's preconditions. Values coming out of a Term are then known to have satisfied each Type's invariants.

type Even: Integer
     where self % 2 | 0;
type Odd: Integer
     where self % 2 | 1;

Statements

Statements connect logic to form conclusions. Each Statement has a Term part and a Type part. Statements, when applied, provide new information to the Type of a Term. When a Statement is applied, it must match the pattern of its application context. An application context consists of a Term and a Type, which is then compared to the Term and Type of the Statement. These Term x Type relations form the basis of strict reasoning for LSTS.

forall @inc_odd x: Odd. Even = x + 1;
forall @dec_odd x: Odd. Even = x - 1;
forall @inc_even x: Even. Odd = x + 1;
forall @dec_even x: Even. Odd = x - 1;

((8: Even) + 1) @inc_even : Odd

Compiler Backend

Current effort is being directed to bring the Lambda Mountain compiler backend up to parity with LSTS logic. Further development of LSTS is effectively blocked on waiting for a suitable backend. LM is currently operational and self-hosting, just not quite at the level of LSTS logic. The LSTS frontend will be forthcoming shortly. In the meantime, if you would like a preview, then take a look at LM.

There are many open issues on LM that could use help such as adding support for new platforms.

Logic Backend

The language here is based on System F-sub with the following inference rules added.

$$abstraction \quad \frac{\Gamma \vdash a:A \quad \Gamma \vdash b:B \quad \Gamma \vdash x:X \quad \Gamma \vdash y:Y \quad λ⟨a.b⟩⟨x.y⟩}{\Gamma \vdash λ⟨a.b⟩⟨x.y⟩:(A \to B) + (X \to Y)}$$

$$application \quad \frac{\Gamma \vdash f:(A \to B) + (C \to D) + (X \to Y) \quad \Gamma \vdash x:A + X \quad f(x)}{\Gamma \vdash f(x):B + Y}$$