API for theorem proving strategies

Question

Are there high-level API/environments/libraries for testing the effectiveness of a particular approach (eg heuristic algorithm) for generating constructive proofs based on first-order logic/type theory?

I am trying to find a user-friendly API that can verify the correctness of proofs for formulas such as: .

If possible, I'd prefer standalone libraries instead of direct interface for languages like Coq/HOL.

Thanks in advance!

Answer 1

Not in general, no.

First-order logic is semi-decidable . In short, this means that if there's a proof you can always find it. If there isn't, you may find a refutation, or loop forever trying to find one. No system will give you an out-of-the box proof/refutation for all first-order logic formulae.

Of course, even if there's a proof, there's no guarantee that you can find it quickly. So, in practice, finding proofs in a reasonable amount of time/resources is a tricky problem, even if they exist. In theory you can always do so if you're willing to wait long enough.

That's the theory side of it. In practice, modern SMT solvers can do a lot, especially if your interest is in lemmas that arise in practice in software-hardware verification; instead of pure mathematics. For instance, the example you've used can be coded in the SMTLib language as:

(assert (not (forall ((a Int)) (=> (>= a 0) (exists ((b Int)) (> b a))))))
(check-sat)

and can be proven, for instance, by z3 easily (assuming you put the above text in a file named a.smt2 ):

$ z3 a.smt2
unsat

Here we've asserted the negation of what we wanted to prove, and z3 said unsat isfiable, meaning the original statement is actually a theorem. It takes a bit of squinting to see the correspondence, but it's well established. Additionally, if your formula is not a theorem, then the SMT solver can give you a concrete counter-example; which is good for debugging, or establishing falsehood.

This does not mean z3 (or any other SMT solver) will solve all formulas you throw at them out of-the-box. Especially with alternating quantifiers, they may come up with an answer, or give up trying by saying unknown , or they might loop forever.

No doubt you already know the proper tool to attack such problems are theorem provers such as Coq/Hol/Isabelle/ACL2 etc; but you explicitly are looking for something push-button. I think SMT solvers come close to what you want, with the caveat that they have both inherent limitations as I mentioned above, and also are limited by what their current set of heuristics and proof-engines do. They surely will improve over time, but you will never have complete automation.

To sum up, it all depends on what your goal really is. For problems that arise in practical verification tasks of software/hardware, SMT solvers will take you far; with the additional benefit that they understand a lot of "theories." (Arithmetic, arrays, data-structures, to name a few.) In addition, they can be programmed easily, as most solvers expose high-level APIs in many high-level languages, and most programming languages have bindings that make them easy to use.

If your interest is in pure mathematics, however, I don't believe you can avoid the semi-automated world of theorem-proving. Try looking into Lean , which is a modern theorem prover that's highly programmable, for instance. Note that most theorem provers already come with tactics that take advantage of SMT-solvers, so while you have to manually write the proof, there's a lot of automation out there to help you.