Abstract:In this paper we present a new "external checker" for the Lean theorem prover, written in Lean itself. This is the first complete typechecker for Lean 4 other than the reference implementation in C++ used by Lean itself, and our new checker is competitive with the original, running between 20% and 50% slower and usable to verify all of Lean's mathlib library, forming an additional step in Lean's aim to self-host the full elaborator and compiler. Moreover, because the checker is written in a language which admits formal verification, it is possible to state and prove properties about the kernel itself, and we report on some initial steps taken in this direction to formalize the Lean type theory abstractly and express the relation between the kernel functions and the type theory. We plan to use this project to help justify any future changes to the kernel and type theory and ensure unsoundness does not sneak in through either the abstract theory or implementation bugs.
What problem does this paper attempt to address?
The problem that this paper attempts to solve is to develop an external typechecker for Lean 4 to restore its reliability and correctness guarantees. Specifically, the main contributions of the paper include:
1. **Independently - implemented external typechecker**: To ensure that Lean 4 does not introduce new inconsistency problems during the rewriting process, the author has developed an external typechecker named Lean4Lean. This checker is written in the Lean language itself and can verify the entire Lean library (including the standard library and the Mathlib).
2. **Balance between performance and correctness**: Although this new checker is 20% to 50% slower than the native C++ implementation, its existence provides an additional verification step for the Lean project, ensuring the correctness of the code. This is especially important in high - risk, low - frequency areas, such as formal verification and theorem proving.
3. **Basis for formal verification**: Since the Lean language supports both programming and proof, it can be used to prove some properties about the kernel. This provides a basis for further formal verification, ensuring that any future changes to the kernel or type theory are reasonable and do not introduce inconsistency.
### Core problems of the paper
- **Background and motivation**: Lean 4 is a system that has been almost completely rewritten from scratch, and most of its components are now written in the Lean language. However, the kernel has not been completely rewritten, but some features have been added (such as large - number arithmetic, nested inductive types, etc.). Unfortunately, these changes have introduced some reliability problems. In addition, the old external checker is no longer applicable to Lean 4 because the metaprogramming infrastructure has been redesigned.
- **Solution**: The author proposes to solve these problems by developing an independent external typechecker. This checker can not only verify the correctness of existing code, but also serve as a basis for future improvement and verification.
### Summary
This paper aims to restore the reliability and correctness guarantees of Lean 4 by developing an external typechecker Lean4Lean written in the Lean language. This not only helps to verify the correctness of existing code, but also provides a basis for future formal verification and improvement.