Jeremy Avigad

Carnegie Mellon University | CMU · Department of Philosophy and Department of Mathematical Sciences

We introduce ProofNet, a benchmark for autoformalization and formal proving of undergraduate-level mathematics. The ProofNet benchmarks consists of 371 examples, each consisting of a formal theorem statement in Lean 3, a natural language theorem statement, and a natural language proof. The problems are primarily drawn from popular undergraduate pur...

This new book on mathematical logic by Jeremy Avigad gives a thorough introduction to the fundamental results and methods of the subject from the syntactic point of view, emphasizing logic as the study of formal languages and systems and their proper use. Topics include proof theory, model theory, the theory of computability, and axiomatic foundati...

As idealized descriptions of mathematical language, there is a sense in which formal systems specify too little, and there is a sense in which they specify too much. They are silent with respect to a number of features of mathematical language that are essential to the communicative and inferential goals of the subject, while many of these features...

Of all the demands that mathematics imposes on its practitioners, one of the most fundamental is that proofs ought to be correct. It has been common since the turn of the twentieth century to take correctness to be underwritten by the existence of formal derivations in a suitable axiomatic foundation, but then it is hard to see how this normative s...

This is a draft of a chapter on mathematical logic and foundations for an upcoming handbook of computational proof assistants.

A course developed by Robert Y. Lewis, Floris van Doorn, and the author serves as an undergraduate introduction to mathematical proof, symbolic logic, and interactive theorem proving. The treatment of each topic on its own is routine, and the novelty lies in the way they are combined to form a multifaceted introduction to mathematical reasoning and...

We investigate the relative computability of exchangeable binary relational data when presented in terms of the distribution of an invariant measure on graphs, or as a graphon in either $L^1$ or the cut distance. We establish basic computable equivalences, and show that $L^1$ representations contain fundamentally more computable information than th...

Proof theory began in the 1920s as a part of Hilbert’s program, which aimed to secure the foundations of mathematics by modeling infinitary mathematics with formal axiomatic systems and proving those systems consistent using restricted, finitary means. The program thus viewed mathematics as a system of reasoning with precise linguistic norms, gover...

We describe a proof of the Central Limit Theorem that has been formally verified in the Isabelle proof assistant. Our formalization builds upon and extends Isabelle’s libraries for analysis and measure-theoretic probability. The proof of the theorem uses characteristic functions, which are a kind of Fourier transform, to demonstrate that, under sui...

Proof theory began in the 1920's as a part of Hilbert's program, which aimed to secure the foundations of mathematics by modeling infinitary mathematics with formal axiomatic systems and proving those systems consistent using restricted, finitary means. The program thus viewed mathematics as a system of reasoning with precise linguistic norms, gove...

In a wide range of fields, the word "modular" is used to describe complex systems that can be decomposed into smaller systems with limited interactions between them. This essay argues that mathematical knowledge can fruitfully be understood as having a modular structure, and explores the ways in which modularity in mathematics is epistemically adva...

We describe the metaprogramming framework currently used in Lean, an interactive theorem prover based on dependent type theory. This framework extends Lean's object language with an API to some of Lean's internal structures and procedures, and provides ways of reflecting object-level expressions into the metalanguage. We provide evidence to show th...

We describe a general method for verifying inequalities between real-valued expressions, especially the kinds of straightforward inferences that arise in interactive theorem proving. In contrast to approaches that aim to be complete with respect to a particular language or class of formulas, our method establishes claims that require heterogeneous...

Lean is a new open source theorem prover being developed at Microsoft Research and Carnegie Mellon University, with a small trusted kernel based on dependent type theory. It aims to bridge the gap between interactive and automated theorem proving, by situating automated tools and methods in a framework that supports user interaction and the constru...

This essay considers the special character of mathematical reasoning, and draws on observations from interactive theorem proving and the history of mathematics to clarify the nature of formal and informal mathematical language. It proposes that we view mathematics as a system of conventions and norms that is designed to help us make sense of the wo...

We describe the elaboration algorithm that is used in Lean, a new interactive theorem prover based on dependent type theory. To be practical, interactive theorem provers must provide mechanisms to resolve ambiguities and infer implicit information, thereby supporting convenient input of expressions and proofs. Lean's elaborator supports higher-orde...

Alan Turing was an inspirational figure who is now recognised as a genius of modern mathematics. In addition to leading the Allied forces' code-breaking effort at Bletchley Park in World War II, he proposed the theoretical foundations of modern computing and anticipated developments in areas from information theory to computer chess. His ideas have...

In 1837, Dirichlet proved that there are infinitely many primes in any arithmetic progression in which the terms do not all share a common factor. Modern presentations of the proof are explicitly of higher-order, in that they involve quantifying over and summing over Dirichlet characters , which are certain types of functions. The notion of a chara...

We describe a general method for verifying inequalities between real-valued expressions, especially the kinds of straightforward inferences that arise in interactive theorem proving. In contrast to approaches that aim to be complete with respect to a particular language or class of formulas, our method establishes claims that require heterogeneous...

The article discusses how formal verification could become the new standard for rigor in mathematics with the help of computational proof assistants. Due to developments in computer science over the past few decades, it is now possible to achieve complete formalization in practice. Working with 'computational proof assistants,' users are able to ve...

This paper reports on a six-year collaborative effort that culminated in a complete formalization of a proof of the Feit-Thompson Odd Order Theorem in the Coq proof assistant. The formalized proof is constructive, and relies on nothing but the axioms and rules of the foundational framework implemented by Coq. To support the formalization, we develo...

Working in homotopy type theory, we provide a systematic study of homotopy limits of diagrams over graphs, formalized in the Coq proof assistant. We discuss some of the challenges posed by this approach to formalizing homotopy-theoretic material. We also compare our constructions with the more classical approach to homotopy limits via fibration cat...

Working in Homotopy Type Theory, we provide a systematic study of basic homotopy limits and related constructions. The entire development has been formally verified in the Coq interactive proof assistant.

Given a convergence theorem in analysis, under very general conditions a model-theoretic compactness argument implies that there is a uniform bound on the rate of metastability. We illustrate with three examples from ergodic theory.

In 1837, Dirichlet proved that there are infinitely many primes in any arithmetic progression in which the terms do not all share a common factor. We survey implicit and explicit uses of Dirichlet characters in presentations of Dirichlet's proof in the nineteenth and early twentieth centuries, with an eye towards understanding some of the pragmatic...

We discuss the legacy of Alan Turing and his impact on computability and analysis.

Given any collection F of computable functions over the reals, we show that there exists an algorithm that, given any L_F-sentence \varphi containing only bounded quantifiers, and any positive rational number \delta, decides either "\varphi is true", or "a \delta-strengthening of \varphi is false". Under mild assumptions, for a C-computable signatu...

We introduce the notion of "\delta-complete decision procedures" for solving SMT problems over the real numbers, with the aim of handling a wide range of nonlinear functions including transcendental functions and solutions of Lipschitz-continuous ODEs. Given an SMT problem \varphi and a positive rational number \delta, a \delta-complete decision pr...

Let B be a p-uniformly convex Banach space, with p >= 2. Let T be a linear operator on B, and let A_n x denote the ergodic average (1 / n) sum_{i< n} T^n x. We prove the following variational inequality in the case where T is power bounded from above and below: for any increasing sequence (t_k)_{k in N} of natural numbers we have sum_k || A_{t_{k+1...

A seminal theorem due to Weyl states that if (a_n) is any sequence of distinct integers, then, for almost every real number x, the sequence (a_n x) is uniformly distributed modulo one. In particular, for almost every x in the unit interval, the sequence (a_n x) is uniformly distributed modulo one for every computable sequence (a_n) of distinct inte...

The dominated convergence theorem implies that if (f n ) is a sequence of functions on a probability space taking values in the interval [0, 1], and (f n ) converges pointwise a.e., then ∫(f n ) converges to the integral of the pointwise limit. T. Tao [Ergodic Theory Dyn. Syst. 28, No. 2, 657–688 (2008; Zbl 1181.37004)] has proved a quantitative ve...

In the theory of programming languages, type inference is the process of inferring the type of an expression automatically, often making use of information from the context in which the expression appears. Such mechanisms turn out to be extremely useful in the practice of interactive theorem proving, whereby users interact with a computational proo...

A central objective of the verifying compiler grand challenge is to develop a push-button verifier that generates proofs of correctness in a syntax-driven fashion similar to the way an ordinary compiler generates machine code. The software developer’s role is then to provide suitable specifications and annotated code, but otherwise to have no direc...

N. G. de Bruijn, now professor emeritus of the Eindhoven University of Technology, was a pioneer in the field of interactive theorem proving. From 1967 to the end of the 1970's, his work on the Automath system introduced the architecture that is common to most of today's proof assistants, and much of the basic technology. But de Bruijn was a mathem...

We analyze the pointwise convergence of a sequence of computable elements of L^1(2^omega) in terms of algorithmic randomness. We consider two ways of expressing the dominated convergence theorem and show that, over the base theory RCA_0, each is equivalent to the assertion that every G_delta subset of Cantor space with positive measure has an eleme...

V'yugin has shown that there are a computable shift-invariant measure on Cantor space and a simple function f such that there is no computable bound on the rate of convergence of the ergodic averages A_n f. Here it is shown that in fact one can construct an example with the property that there is no computable bound on the complexity of the limit;...

Given a sequence of subsets A_n of {0,...,n-1}, the Furstenberg correspondence principle provides a shift-invariant measure on Cantor space that encodes combinatorial information about infinitely many of the A_n's. Here it is shown that this process can be inverted, so that for any such measure there are finite sets whose combinatorial properties a...

Handbook of Practical Logic and Automated Reasoning, HarrisonJohn, Cambridge University Press, 2009. Hardcover, ISBN-13: 978-0-521-89957-4, 681 pp. + xix, $135.00. - Volume 10 Issue 2 - Jeremy Avigad

The metamathematical tradition that developed from Hilbert's pro- gram is based on syntactic characterizations of mathematics and the use of explicit, finitary methods in the metatheory. Although Godel's work in logic fits squarely in that tradition, one often finds him cu- riously at odds with the associated methodological orientation. This essay...

We present a formal system, E, which provides a faithful model of the proofs in Euclid’s Elements, including the use of diagrammatic reasoning.

According to the Furstenberg-Zimmer structure theorem, every measure-preserving system has a maximal distal factor, and is weak mixing relative to that factor. Furstenberg and Katznelson used this structural analysis of measure-preserving systems to provide a perspicuous proof of Szemer\'edi's theorem. Beleznay and Foreman showed that, in general,...

The metamathematical tradition, tracing back to Hilbert, employs syntactic modeling to study the methods of contemporary mathematics. A central goal has been, in particular, to explore the extent to which infinitary methods can be understood in computational or otherwise explicit terms. Ergodic theory provides rich opportunities for such analysis....

Almost from the inception of Hilbert's program, foundational and structural efforts in proof theory have been directed towards the goal of clarifying the computational content of modern mathematical methods. This essay surveys various methods of extracting computational information from proofs in classical first-order arithmetic, and reflects on so...

We present a formal system, E, which provides a faithful model of the proofs in Euclid's Elements, including the use of diagrammatic reasoning.

The use of computers in mathematics raises a number of questions of a generally epistemological character. This chapter surveys the ways in which computers are used in mathematics, clarifies some of the questions that arise, and assesses the philosophical methods that may be brought to bear. In particular, it explores the sense in which computation...

\Now, in calm weather, to swim in the open ocean is as easy to the practised swimmer as to ride in a spring-carriage ashore. But the awful lonesomeness is intolerable. The intense concentration of self in the middle of such a heartless immensity, my God! who can tell it? Mark, how when sailors in a dead calm bathe in the open sea|mark how closely t...

We argue that the language of Zermelo Fraenkel set theory with definitions and partial functions provides the most promising bedrock semantics for communicating and sharing mathematical knowledge. We then describe a syntactic sugaring of that language that provides a way of writing remarkably readable assertions without straying far from the set-th...

Extending G\"odel's \emph{Dialectica} interpretation, we provide a functional interpretation of classical theories of positive arithmetic inductive definitions, reducing them to theories of finite-type functionals defined using transfinite recursion on well-founded trees.

The mean ergodic theorem is equivalent to the assertion that for every function K and every epsilon, there is an n with the property that the ergodic averages A_m f are stable to within epsilon on the interval [n,K(n)]. We show that even though it is not generally possible to compute a bound on the rate of convergence of a sequence of ergodic avera...

Let $F$ be the set of functions from an infinite set, $S$, to an ordered ring, $R$. For $f$, $g$, and $h$ in $F$, the assertion $f = g + O(h)$ means that for some constant $C$, $|f(x) - g(x)| \leq C |h(x)|$ for every $x$ in $S$. Let $L$ be the first-order language with variables ranging over such functions, symbols for $0, +, -, \min, \max$, and ab...

In 1985, van den Dries showed that the theory of the reals with a predicate for the integer powers of two admits quantifier elimination in an expanded language, and is hence decidable. He gave a model-theoretical argument, which provides no apparent bounds on the complexity of a decision procedure. We provide a syntactical argument that yields a pr...

1 Kronecker, the semi-intuitionists, Poincare.- 1.1 Introduction.- 1.1.1 Mathematical prerequisites.- 1.2 Kronecker.- 1.2.1 Kronecker's conflicts.- 1.2.2 Kronecker's views.- 1.3 The French semi-intuitionists.- 1.3.1 The French semi-intuitionists' main conflict.- 1.3.2 The French semi-intuitionists' views.- 1.4 Poincare.- 1.4.1 Poincare's conflicts....

On a traditional view, the primary role of a mathematical proof is to warrant the truth of the resulting theorem. This view fails to explain why it is very often the case that a new proof of a theorem is deemed important. Three case studies from elementary arithmetic show, informally, that there are many criteria by which ordinary proofs are valued...

We develop fundamental aspects of the theory of metric, Hilbert, and Banach spaces in the context of subsystems of second-order arithmetic. In particular, we explore issues having to do with distances, closed subsets and subspaces, closures, bases, norms, and projections. We pay close attention to variations that arise when formalizing definitions...

We address the general problem of determining the validity of boolean combinations of equalities and inequalities between real-valued expressions. In particular, we consider methods of establishing such assertions using only restricted forms of distributivity. At the same time, we explore ways in which "local" decision or heuristic procedures for f...

An ecient variant of the double-negation translation explains the relationship between Shoenfield's and Godel's versions of the Dialectica interpretation. Fix a classical first-order language, based on the connectives _, ^, ¬, and 8. We will define a translation to intuitionistic (even minimal) logic, based on the usual connectives. The translation...

The prime number theorem, established by Hadamard and de la Vall'ee Poussin independently in 1896, asserts that the density of primes in the positive integers is asymptotic to 1 / ln x. Whereas their proofs made serious use of the methods of complex analysis, elementary proofs were provided by Selberg and Erd"os in 1948. We describe a formally veri...

A general method,of interpreting weak higher-type theories of nonstan- dard arithmetic in their standard counterparts is presented. In particular, this provides natural nonstandard conservative extensions of primitive recursive arithmetic, elemen- tary recursive arithmetic, and polynomial-time computable arithmetic. A means of formalizing basic rea...

Paul Cohen's method of forcing, together with Saul Kripke's related semantics for modal and intuitionistic logic, has had profound effects on a number of branches of mathematical logic, from set theory and model theory to constructive and categorical logic. Here, I argue that forcing also has a place in traditional Hilbert-style proof theory, where...

We describe a formalization of asymptotic O notation using the Isabelle/HOL proof assistant.

We discuss the development of metamathematics in the Hilbert school, and Hilbert's proof-theoretic program in particular. We place this pro- gram in a broader historical and philosophical context, especially with respect to nineteenth century developments in mathematics and logic. Finally, we show how these considerations help frame our understandi...

Elementary arithmetic (also known as ‘elementary function arithmetic’) is a fragment of first-order aritlimetic so weak that it cannot prove the totality of an iterated exponential fimction. Surprisingly, however, the theory is remarkably robust. I will discuss formal results that show that many theorems of number theory and combinatorics are deriv...

In any classical first-order theory that proves the existence of at least two elements, one can eliminate definitions with a polynomial bound on the increase in proof length. The author considers how in any classical first-order theory strong enough to code finite functions, including sequential theories, one can also eliminate Skolem functions wit...

A notion called Herbrand saturation is shown to provide the model-theoretic analogue of a proof-theoretic method, Herbrand analysis, yielding uniform model-theoretic proofs of a number of important conservation theorems. A constructive, algebraic variation of the method is described, providing yet a third approach, which is finitary but retains the...

The notion of a function from to defined by recursion on ordinal notations is fundamental in proof theory. Here this notion is generalized to functions on the universe of sets, using notations for well-orderings longer than the class of ordinals. The generalization is used to bound the rate of growth of any function on the universe of sets that is...

 Using a slight generalization, due to Palmgren, of sheaf semantics, we present a term-model construction that assigns a model to any first-order intuitionistic theory. A modification of this construction then assigns a nonstandard model to any theory of arithmetic, enabling us to reproduce conservation results of Moerdijk and Palmgren for nonstand...

The 1-consistency of arithmetic is shown to be equivalent to the ex- istence of fixed points of a certain type of update procedure, which is implicit in the epsilon-substitution method.

Algebraic proofs of the cut-elimination theorems for classical and intuitionistic logic are presented, and are used to show how one can sometimes extract a constructive proof and an algorithm from a proof that is nonconstructive. A variation of the double-negation translation is also discussed: if ϕ is provable classically, then ¬(¬ϕ)nf is provable...

As a service to our readers, SIGACT News has an agreement with Computing Reviews to reprint reviews of books and articles of interest to the theoretical computer science community. Computing Reviews is a monthly journal that publishes ...

A number of classical theories are interpreted in analogous theories that are based on intuitionistic logic. The classical theories considered include subsystems of first- and second-order arithmetic, bounded arithmetic, and admissible set theory.

A constructive realizablity interpretation for classical arithmetic is presented, enabling one to extract witnessing terms from proofs of � 1 sentences. The interpretation is shown to coincide with modified realizability, under a novel translation of classical logic to intuitionistic logic, followed by the Friedman-Dragalin translation. On the othe...

We use model-theoretic methods described in [3] to obtain ordinal analyses of a number of theories of first-and second-order arithmetic, whose proof-theoretic ordinals are less than or equal to $\Gamma_0$.

Abstract Solovay has shown,that if O is an open subset of P(ω )w ith codeS and no infinite set avoids O, then there is an infinite set hyperarithmetic in S that lands in O. We provide a direct proof of this theorem that is easily formalizable in AT R0.

In 1958 Gödel published his Dialectica interpretation, which reduces classical arithmetic to a quantifier-free theory T axiomatizing the primitive recursive functionals of finite type. Here we extend Gödel's T to theories Pn of “predicative” functionals, which are defined using Martin-Löf's universes of transfinite types. We then extend Gödel's int...

We present a simple propositional proof system which con- sists of a single axiom schema and a single rule, and use this system to construct a sequence of combinatorial tautologies that, when added to any Frege system, p-simulates extended-Frege systems.

We show that certain model-theoretic forcing arguments involving subsystems of second-order arithmetic can be formalized in the base theory, thereby converting them to effective proof-theoretic arguments. We use this method to sharpen the conservation theorems of Harrington and Brown-Simpson, giving an effective proof that WKL+0 is conservative ove...

We show that the theoryATR0 is equivalent to a second-order general- ization of the theory ID

We show that the theory ATR 0 is equivalent to a second-order generalization of the theory . As a result, ATR 0 is conservative over for arithmetic sentences, though proofs in ATR 0 can be much shorter than their counterparts.