Predicate Logic in Coq [closed]
来源: https://stackoverflow.com/questions/64742081/predicate-logic-in-coq
coq
Equality on complex functions
来源: https://stackoverflow.com/questions/64465720/equality-on-complex-functions
How to do induction on the length of a list in Coq?
来源: https://stackoverflow.com/questions/45872719/how-to-do-induction-on-the-length-of-a-list-in-coq
How to do induction on the length of a list in Coq?
来源: https://stackoverflow.com/questions/45872719/how-to-do-induction-on-the-length-of-a-list-in-coq
用 Python 进行 DeFi 应用的开发——不同的区块链项目是如何解决安全问题的?
Tezos(特所思)作为著名的 PoS 公链,其亮点并不仅仅只是 Staking,Tezos 的形式化验证特征同样也是其主要技术亮点之一。形式化验证能让 DeFi 的安全性方面如虎添翼,让用户对资金的智能合约安全更加有信心。 形式化验证方法和 DeFi 安全 DeFi 的爆发式增长吸引了不少开发者,著名的 DeFi 协议如 Compound、Uniswap、Syntheix 累计收获了上亿美元的资金。但是,DeFi 存在一个重大漏洞:安全性。 这个漏洞的代价是昂贵的,它给一些区块链项目(比如以太坊)的网络效应带来了负面的影响。过去几个月被攻击的 DeFi 项目就包括 Curve.fi、Lendf.Me、PegNet 等,其损失从数十万美元到数千万美元不等。tBTC 在上线几天后通过自查及时发现了 bug 并冻结了存币,避免了一场灾难。 而对于注重安全性的 DeFi 开发者来说,Tezos 的形式化验证方案能够在加强安全性的同时赋能 DeFi 应用。 在传统互联网应用中,如果服务器被黑客攻击,只需要对服务器端用户数据进行回滚就可以挽回用户损失。因此,重视用户体验的传统互联网应用可以以牺牲安全性换取速度和功能上的快速迭代。 然而在 DeFi 应用中,由于区块链的不可篡改性,智能合约一旦上线并出现安全隐患,对用户造成的损失是巨大且不可挽回的。 因此,DeFi
这个预言说数学家将被计算机取代,数学家:我不信!
编译 | 龚 倩 校对 | 陈彩娴 上世纪70年代,已故数学家Paul Cohen因其在数学逻辑方面取得的成就,荣获得菲尔兹奖(Fields Medal)。Cohen曾做出了一个影响深远的预测: “在未来,数学家将被计算机取代。” 这一预测至今仍像梦魇一般萦绕在数学家们的心上,令他们既兴奋,又恼怒。Cohen在集合理论领域的研究方法极其大胆,他还预言: 数学领域里的一切都能被自动化,包括数学证明的编写。 证明(proof)是一个循序渐进的逻辑论证,用来验证一个猜想或一个数学命题的真实性。一旦猜想的真实性得到证明,猜想便成为定理。证明的过程既建立论述的效度(validity),又要解释它之所以正确的原因。不过,证明过程是抽象的,不受物质经验的束缚。来自CMU的认知科学家Simon Dedeo专注于通过分析证明结构来研究数学确定性,他说:“证明是意识世界和生物进化物种之间的奇妙联系,但我们不是为了证明才进化的。” 虽然计算机利于处理大规模计算,但并不是证明需要的必备条件。 猜想来源于归纳推理(inductive reasoning,指的是对感兴趣的问题的直觉),而证明通常是一步步地进行推理。这两者往往需要用到复杂的创造性思维,并需额外人工来填补漏掉的证明步骤,但机器无法做到这一点。 机器化的定理证明器可以分为两类:一是自动化定理证明器(Automated
Abstracting over the term … leads to a term … which is ill-typed
问题 Here is what I am trying to prove: A : Type i : nat index_f : nat → nat n : nat ip : n < i partial_index_f : nat → option nat L : partial_index_f (index_f n) ≡ Some n V : ∀ i0 : nat, i0 < i → option A l : ∀ z : nat, partial_index_f (index_f n) ≡ Some z → z < i ============================ V n ip ≡ match partial_index_f (index_f n) as fn return (partial_index_f (index_f n) ≡ fn → option A) with | Some z => λ p : partial_index_f (index_f n) ≡ Some z, V z (l z p) | None => λ _ : partial_index_f
Some help proving coq function terminates
问题 I know this is a common issue :) I will keep reading up, but I've done some searching and thing I don't fully understand how "measure" works I'm working through Benjamin Pierce's class exercises for Certified Programming with Dependent Types. Here's my code. Inductive type : Type := | Nat | Bool | Pair : type -> type -> type. Inductive tbinop : type -> type -> type -> Set := | TPlus : tbinop Nat Nat Nat | TTimes : tbinop Nat Nat Nat | TEq : forall t, tbinop t t Bool | TLt : tbinop Nat Nat
coq field tactic fails to simplify, yeilds “m <> 0%R”
问题 I'm new to Coq. I've been working through Pierce's Logical Foundations. I'm stepping into new ground. I'm trying use of the field tactic for the first time. I use it thrice in the below theorem. Twice it fails, yielding m <> 0%R where m is a term in context. I'm sure I just fail to understand proper use. May someone enlighten me? (I tried reading this doc page but didn't gain much understanding!) From Coq Require Import Reals.Reals. Require Import Field. Definition simple_compound (A r n m :
coq field tactic fails to simplify, yeilds “m <> 0%R”
问题 I'm new to Coq. I've been working through Pierce's Logical Foundations. I'm stepping into new ground. I'm trying use of the field tactic for the first time. I use it thrice in the below theorem. Twice it fails, yielding m <> 0%R where m is a term in context. I'm sure I just fail to understand proper use. May someone enlighten me? (I tried reading this doc page but didn't gain much understanding!) From Coq Require Import Reals.Reals. Require Import Field. Definition simple_compound (A r n m :