
Formalizing 100 theorems in Coq - peter_d_sherman
https://madiot.fr/coq100/
======
archgoon
Brief proof that the sqrt of 2 is irrational.

Suppose that sr2 is rational. Then it can be expressed as two integers with no
common factors[0], p and q, as p/q.

    
    
      sr2 = p/q   (1)
    

Thus

    
    
      2 = p^2/q^2 (2)
    
      2q^2 = p^2  (3)
    

So p^2 is divisible by 2. Since 2 is prime, and 2 divides p*p, it must also
divide p. So p = 2p'.

Plugging this back into (3) we have

    
    
      2q^2 = 4p'^2
    

Which implies

    
    
      q^2 = 2p'^2
    

Which means that q is also divisible by 2. Which means both p and q are
divisible by 2 which violates are orginal assumption [0] that p and q shared
no common factors, which can be assumed for any rational number, which means
that sr2 cannot be rational.

Compare the above with:

[https://coq.inria.fr/distrib/8.2/contribs/QArithSternBrocot....](https://coq.inria.fr/distrib/8.2/contribs/QArithSternBrocot.sqrt2.html)

and you get an idea of the work that needs to be done to make proof assistants
more ergonomic before wide adoption in mathematics. The benefit from ensuring
no mistakes were made (I'm betting I messed up somewhere above; like not
specifying that p and q are not zero) is dwarfed by the difficulty in
expressing the core intuition and thus reusability of the proof.

~~~
solidangle
The proof included with the proof assistant Isabelle is a lot shorter and much
easier to read than the Cow proof (in my opinion):

[https://www.cl.cam.ac.uk/research/hvg/Isabelle//dist/library...](https://www.cl.cam.ac.uk/research/hvg/Isabelle//dist/library/HOL/HOL-
ex/Sqrt.html)

~~~
Fede_V
Interestingly, Isabelle is the director of the INRIA institute in Paris where
a lot of coq is developed. I wonder if it's named after her :)

------
anonlastname
I find it very interesting to see how experienced Coq programmers prove
things. I have enough experience to know how deliberate there choices have to
be.

------
joseraul
All this may become much easier when we manage to merge proof assistants with
automatic provers.

Here is how you can prove the first theorem in Dafny.
[https://rise4fun.com/Dafny/GxplK](https://rise4fun.com/Dafny/GxplK)

------
anonlastname
This bug only effects proofs that use types with more than 256 constructors.
Also, it involves a command that is meant to optimize proofs so it isn't
neccessary to ever use it. Personally, I still trust the implementation
despite this edge case.

~~~
archgoon
I believe this comment is meant to be a response to another post
([https://news.ycombinator.com/item?id=18155410](https://news.ycombinator.com/item?id=18155410))
who pointed out a flaw (now fixed) in Coq that allowed false theorems to be
proved.

Github link:

[https://github.com/clarus/falso](https://github.com/clarus/falso)

