{{Short description|Interactive theorem prover software}} {{hatnote group| {{for|verification in computer science|Formal verification}} }} {{distinguish|Interactive proof system}}

thumb|upright=1.7|An interactive proof session in RocqIDE, showing the proof script on the left and the proof state on the right In computer science and mathematical logic, a '''proof assistant''' or '''interactive theorem prover''' is a software tool to assist with the development of formal proofs by human–machine collaboration. This involves some sort of interactive proof editor, or other interface, with which a human can guide the search for proofs, the details of which are stored in, and some steps provided by, a computer.

A recent effort within this field is making these tools use artificial intelligence to automate the formalization of ordinary mathematics.<ref>{{Cite web |last=Ornes |first=Stephen |date=August 27, 2020 |title=Quanta Magazine – How Close Are Computers to Automating Mathematical Reasoning? |url=https://www.quantamagazine.org/how-close-are-computers-to-automating-mathematical-reasoning-20200827/}}</ref>

== Automated proof checking == '''Automated proof checking''' is the process of using software for checking proofs for correctness. It is one of the most developed fields in automated reasoning. Automated proof checking differs from automated theorem proving in that automated proof checking simply mechanically checks the formal workings of an existing proof, instead of trying to develop new proofs or theorems itself. Because of this, the task of automated proof verification is much simpler than that of automated theorem proving, allowing automated proof checking software to be much simpler than automated theorem proving software.

Because of this small size, some automated proof checking systems can have less than a thousand lines of core code, and are thus themselves amenable to both hand-checking and automated software verification. The Mizar system, HOL Light, and Metamath are examples of automated proof checking systems. Automated proof checking can be done either as a batch operation, or interactively, as part of an interactive theorem proving system.

== History == Automath, which was developed by Nicolaas Govert de Bruijn starting in 1967, is often considered the first proof checker and the first system to utilize the Curry–Howard correspondence between programs and proofs.<ref>{{Cite journal|url=https://www.cs.ru.nl/~herman/PUBS/proofassistants.pdf|title=Proof Assistants: history, ideas and future|last=Geuvers|first=Herman|date=16 July 2009|journal=Sādhanā|volume=34|pages=3-25}}</ref> Automath was used by L.S. van Benthem Jutting in 1977 to formalize Landau's ''Foundations of Analysis'', which was the first formalization of the real numbers.<ref name="Paulson">{{cite web |last=Paulson |first=Lawrence |date=2026-04-23 |title=Why not use Lean? |url=https://lawrencecpaulson.github.io/2026/04/23/Why_not_Lean.html|access-date=2026-04-23}}</ref>

In 1973, Robert Boyer and J Moore published ''Proving Theorems about LISP Functions'' which aimed to verify programs, not mathematics.<ref>{{Cite journal|url=https://dl.acm.org/doi/10.1145/321864.321875|title=Proving Theorems about LISP Functions|last=Boyer|first=Robert|last2=Moore|first2=J.|journal=Association for Computing Machinery|volume=22|pages=129–144}}</ref> Their theorem prover is now known as ACL2.

In the 1970s, Edinburgh LCF introduced the idea of using a functional programming language as the metalanguage for a theorem prover, and led to the HOL family of proof assistants.<ref name="Paulson" />

The 1990s saw the rise of Rocq, (then known as Coq), which has been used for many large-scale formalization projects. Since the late 2010s, Lean, a proof assistant strongly influenced by Rocq, has become another popular choice, especially for formalizing mathematics.

== {{anchor|Comparison}}System comparison == {{see also|Dependent type#Comparison|Automated theorem proving#Comparison}} <!-- Need to add at least Automath, PhoX --> {| class=wikitable |- ! rowspan=2 | Name !! rowspan=2 | Latest version !! rowspan=2 | Developer(s) !! rowspan=2 | Implementation language !! colspan=6 | Features |- ! Higher-order logic !! Dependent types !! Small<br/>kernel !! Proof automation !! Proof by<br/>reflection !! Code generation |- | ACL2 || 8.3 || Matt Kaufmann, J Strother Moore || Common Lisp || {{no}} || {{n/a|Untyped}} || {{no}} || {{yes}} || {{yes}}<ref>{{cite book |last1=Hunt |first1=Warren |last2=Kaufmann |first2=Matt |author2-link=Matt Kaufmann |last3=Krug |first3=Robert Bellarmine |last4=Moore |first4=J. |last5=Smith |first5=Eric W. |year=2005 |title=Theorem Proving in Higher Order Logics |chapter=Meta Reasoning in ACL2|series=Lecture Notes in Computer Science |volume=3603 |pages=163–178 |doi=10.1007/11541868_11 |isbn=978-3-540-28372-0|chapter-url=https://www.cs.utexas.edu/~moore/publications/meta-05.pdf}}</ref> || {{n/a|Already executable}} |- | Agda || 2.8.0<ref name="github-agda"/> || Ulf Norell, Nils Anders Danielsson, and Andreas Abel (Chalmers and Gothenburg)<ref name="github-agda"/> || Haskell<ref name="github-agda"/> || {{yes}}<br/>{{Cn|date=July 2024}} || {{yes}}<br/><ref name="agdaWiki"/> || {{yes}}<br/>{{Cn|date=July 2024}} || {{no}}<br/>{{Cn|date=July 2024}} || {{partial}}<br/>{{Cn|date=July 2024}} || {{n/a|Already executable}}<br/>{{Cn|date=July 2024}} |- | Albatross || 0.4 || Helmut Brandl || OCaml || {{yes}} || {{no}} || {{yes}} || {{yes}} || {{unknown}} || {{not yet}} implemented |- | F* || repository || Microsoft Research and INRIA || F* || {{yes}} || {{yes}} || {{no}} || {{yes}} || {{yes}}<ref>Search for "proofs by reflection": {{ArXiv|1803.06547}}</ref> || {{yes}} |- | HOL Light || repository || John Harrison || OCaml || {{yes}} || {{no}} || {{yes}} || {{yes}} || {{no}} || {{no}} |- | HOL4 || Kananaskis-13 (or repo) || Michael Norrish, Konrad Slind, and others || Standard ML || {{yes}} || {{no}} || {{yes}} || {{yes}} || {{no}} || {{yes}} |- | Idris || 2 0.6.0 || Edwin Brady || Idris || {{yes}} || {{yes}} || {{yes}} || {{unknown}} || {{partial}} || {{yes}} |- | Isabelle || Isabelle2025 (March 2025) || Larry Paulson (Cambridge), Tobias Nipkow (München) and Makarius Wenzel || Standard ML, Scala || {{yes}} || {{no}} || {{yes}} || {{yes}} || {{yes}} || {{yes}} |- |Lean |v4.28.0-rc1<ref>{{Cite web|url=https://github.com/leanprover/lean4/releases|title=Lean 4 Releases Page |website=GitHub |access-date=22 September 2025}}</ref> |Leonardo de Moura (AWS) |C++, Lean |{{yes}} |{{yes}} |{{yes}} |{{yes}} |{{yes}} |{{yes}} |- | LEGO || 1.3.1 || Randy Pollack (Edinburgh) || Standard ML || {{yes}} || {{yes}} || {{yes}} || {{no}} || {{no}} || {{no}} |- | Metamath || v0.198<ref>{{cite web |url=https://github.com/metamath/metamath-exe/releases/tag/v0.198 |title=Release v0.198 metamath/Metamath-exe |website=GitHub}}</ref> || Norman Megill || ANSI C || || || || || || |- | Mizar || 8.1.11 || Białystok University || Free Pascal || {{partial}} || {{yes}} || {{no}} || {{no}} || {{no}} || {{no}} |- | Nqthm || || || || || || || || || |- | NuPRL || 5 || Cornell University || Common Lisp || {{yes}} || {{yes}} || {{yes}} || {{yes}} || {{unknown}} || {{yes}} |- | PVS || 6.0 || SRI International || Common Lisp || {{yes}} || {{yes}} || {{no}} || {{yes}} || {{no}} || {{unknown}} |- | Rocq<!-- Former 'Coq' --> || 9.0 || INRIA || OCaml || {{yes}} || {{yes}} || {{yes}} || {{yes}} || {{yes}} || {{yes}} |- | Twelf || 1.7.1 || Frank Pfenning, Carsten Schürmann || Standard ML || {{yes}} || {{yes}} || {{unknown}} || {{no}} || {{no}} || {{unknown}} |}

* ACL2 – a programming language, a first-order logical theory, and a theorem prover (with both interactive and automatic modes) in the Boyer–Moore tradition. * HOL theorem provers – A family of tools ultimately derived from the LCF theorem prover. In these systems, the logical core is a library of their programming language. Theorems represent new elements of the language and can only be introduced via "strategies" which guarantee logical correctness. Strategy composition gives users the ability to produce significant proofs with relatively few interactions with the system. Members of the family include: **HOL4 – The "primary descendant", still under active development. Support for both Moscow ML and Poly/ML. Has a BSD-style license. **HOL Light – A thriving "minimalist fork". OCaml based. **ProofPower – Went proprietary, then returned to open source. Based on Standard ML. * IMPS, An Interactive Mathematical Proof System.<ref>{{cite journal |last1=Farmer |first1=William M. |last2=Guttman |first2=Joshua D. |last3=Thayer |first3=F. Javier |title=IMPS: An interactive mathematical proof system |journal=Journal of Automated Reasoning |date=1993 |volume=11 |issue=2 |pages=213–248 |doi=10.1007/BF00881906 |s2cid=3084322 |access-date=22 January 2020|url=https://core.ac.uk/display/23376340|url-access=subscription}}</ref> * Isabelle is an interactive theorem prover where other systems can be encoded. Isabelle/HOL is its most popular instance, whose foundation is close to that of the HOL prover. Other instances include Isabelle/ZF and Isabelle/FOL<ref>Isabelle Documentation webpage. Retrieved 22 April 2026: https://isabelle.in.tum.de/documentation.html</ref>. The main code-base is BSD-licensed, but the Isabelle distribution bundles many add-on tools with different licenses. * Jape – Java based. * Lean is both an interactive theorem prover and a functional, dependently-typed programming language. It is based on the calculus of inductive constructions with non-cumulative universes. Since version 4 (released in 2023), it is self-hosting. It can be used to formalise mathematics (and has a large, coherent library for formal mathematics), but also for software and hardware verification. * LEGO * Matita – A light system based on the calculus of inductive constructions. * MINLOG – A proof assistant based on first-order minimal logic. * Mizar – A proof assistant based on first-order logic, in a natural deduction style, and Tarski–Grothendieck set theory. * PhoX – A proof assistant based on higher-order logic which is eXtensible. * Prototype Verification System (PVS) – a proof language and system based on higher-order logic. * Rocq (formerly named ''Coq'') – A popular interactive theorem prover based on the calculus of inductive constructions. * Theorem Proving System (TPS) and ETPS – Interactive theorem provers also based on simply typed lambda calculus, but based on an independent formulation of the logical theory and independent implementation.

== User interfaces == A commonly used front-end for proof assistants was the Emacs-based Proof General, developed at the University of Edinburgh. Nowadays, many provers include their own editor. Rocq includes RocqIDE, which is based on OCaml/Gtk. Isabelle includes Isabelle/jEdit, which is based on jEdit and the Isabelle/Scala infrastructure for document-oriented proof processing. More recently, Visual Studio Code extensions have been developed for Rocq,<ref>{{Cite web|url=https://github.com/coq-community/vscoq|title=coq-community/vscoq|date=July 29, 2024|via=GitHub}}</ref> Isabelle by Makarius Wenzel,<ref>{{cite web |last1=Wenzel |first1=Makarius |title=Isabelle |url=https://marketplace.visualstudio.com/items?itemName=makarius.isabelle |access-date=2 November 2019}}</ref> and for Lean 4 by the leanprover developers.<ref>{{cite web |title=VS Code Lean 4 |url=https://github.com/leanprover/vscode-lean4 |website=GitHub |access-date=15 October 2023}}</ref>

== Formalization extent == Freek Wiedijk has been keeping a ranking of proof assistants by the amount of formalized theorems out of a list of 100 well-known theorems. As of September 2025, only six systems have formalized proofs of more than 70% of the theorems, namely Isabelle, HOL Light, Lean, Rocq, Metamath and Mizar.<ref>{{cite web |url=https://www.cs.ru.nl/~freek/100/ |title=Formalizing 100 Theorems |first=Freek |last=Wiedijk |date=22 September 2025 }}</ref><ref>{{cite journal |url=https://www.ias.ac.in/article/fulltext/sadh/034/01/0003-0025 |title=Proof assistants: History, ideas and future |first=Herman |last=Geuvers |journal=Sādhanā |volume=34 |issue=1 |date=February 2009 |pages=3–25 |doi= 10.1007/s12046-009-0001-5|s2cid=14827467 |doi-access=free |hdl=2066/75958 |hdl-access=free }}</ref>

== Notable formalized proofs ==

{{See also|Computer-assisted proof#Theorems proved with the help of computer programs}}

The following is a list of notable proofs that have been formalized within proof assistants.

{| class=wikitable ! scope="col" | Theorem ! scope="col" | Proof assistant ! scope="col" | Year |- | Four color theorem<ref>{{Citation |last=Gonthier |first=Georges |author-link=Georges Gonthier |title=Formal Proof—The Four-Color Theorem |journal=Notices of the American Mathematical Society |volume=55 |year=2008 |url=https://www.ams.org/notices/200811/tx081101382p.pdf |archive-url=https://web.archive.org/web/20110805094909/http://www.ams.org/notices/200811/tx081101382p.pdf |archive-date=2011-08-05 |url-status=live |issue=11 |pages=1382–1393 |mr=2463991 }}</ref> || Rocq || 2005 |- | Feit–Thompson theorem<ref>{{Cite web |date=2016-11-19 |title=Feit thomson proved in coq - Microsoft Research Inria Joint Centre |url=http://www.msr-inria.fr/news/feit-thomson-proved-in-coq/ |access-date=2023-12-07 |archive-url=https://web.archive.org/web/20161119094854/http://www.msr-inria.fr/news/feit-thomson-proved-in-coq/ |archive-date=2016-11-19 }}</ref> || Rocq || 2012 |- | Fundamental group of the circle<ref>{{Cite book |title=2013 28th Annual ACM/IEEE Symposium on Logic in Computer Science |doi=10.1109/lics.2013.28 |date=2013 |last1=Licata |first1=Daniel R. |last2=Shulman |first2=Michael |chapter=Calculating the Fundamental Group of the Circle in Homotopy Type Theory |pages=223–232 |arxiv=1301.3443 |isbn=978-1-4799-0413-6 |s2cid=5661377 }}</ref> || Rocq || 2013 |- |Erdős–Graham problem<ref>{{Cite web |date=2022-03-11 |title=Math Problem 3,500 Years In The Making Finally Gets A Solution |url=https://www.iflscience.com/math-problem-3500-years-in-the-making-finally-gets-a-solution-62925 |access-date=2024-02-09 |website=IFLScience |language=en}}</ref><ref>{{Cite arXiv |last=Avigad |first=Jeremy |date=2023 |class=math.HO |title=Mathematics and the formal turn |eprint=2311.00007 }}</ref> |Lean |2022 |- | Polynomial Freiman-Ruzsa conjecture over <math>\mathbb F_2</math><ref>{{Cite web |last=Sloman |first=Leila |date=2023-12-06 |title='A-Team' of Math Proves a Critical Link Between Addition and Sets |url=https://www.quantamagazine.org/a-team-of-math-proves-a-critical-link-between-addition-and-sets-20231206/ |access-date=2023-12-07 |website=Quanta Magazine |language=en}}</ref> || Lean || 2023 |- |BB(5) = 47,176,870<ref>{{Cite web |date=2024-07-02 |title=We have proved "BB(5) = 47,176,870" |url=https://discuss.bbchallenge.org/t/july-2nd-2024-we-have-proved-bb-5-47-176-870/237 |access-date=2024-07-09 |website=The Busy Beaver Challenge |language=en}}</ref> |Rocq |2024 |}

== See also == * {{annotated link|Automated theorem proving}} * {{annotated link|Computer-assisted proof}} * {{annotated link|Formal verification}} * Prover9 – is an automated theorem prover for first-order and equational logic * {{annotated link|QED manifesto}} * {{annotated link|Satisfiability modulo theories}}

== References== {{Reflist|refs= <ref name="agdaWiki">{{cite web |title=The Agda Wiki |url=https://wiki.portal.chalmers.se/agda/pmwiki.php |access-date=31 July 2024}}</ref> <ref name="github-agda">{{cite web |title=agda/agda: Agda is a dependently typed programming language / interactive theorem prover. |url=https://github.com/agda/agda |website=GitHub |access-date=31 July 2024}}</ref> }}

== References == *{{cite book |author1-link=Henk Barendregt |first1=Henk |last1=Barendregt |first2=Herman |last2=Geuvers |chapter=18. Proof-assistants using Dependent Type Systems |chapter-url=http://www.ncc.up.pt/~nam/aulas/0506/t_coq/barendregt01proofassistants.pdf |editor1-first=Alan J. A. |editor1-last=Robinson |editor2-first=Andrei |editor2-last=Voronkov |title=Handbook of Automated Reasoning |publisher=Elsevier |volume=2 |date=2001 |isbn=978-0-444-50812-6 |pages=1149– |archive-url=https://web.archive.org/web/20070727062855/http://www.ncc.up.pt/~nam/aulas/0506/t_coq/barendregt01proofassistants.pdf |archive-date=2007-07-27 |ref={{harvid|Handbook vol 2|2001}}}} *{{cite book |author1-link=Frank Pfenning |first1=Frank |last1=Pfenning |chapter-url=https://www.cs.cmu.edu/~fp/papers/handbook01.pdf |chapter=17. Logical frameworks |title={{harvnb|Handbook vol 2|2001}} |pages=1065–1148}} *{{cite book |first=Frank |last=Pfenning |chapter=The practice of logical frameworks |chapter-url= |editor-first=H. |editor-last=Kirchner |title=Trees in Algebra and Programming – CAAP '96 |publisher=Springer |series=Lecture Notes in Computer Science |volume=1059 |date=1996 |isbn=3-540-61064-2 |pages=119–134 |doi=10.1007/3-540-61064-2_33}} *{{cite book |author1-link=Robert L. Constable |first=Robert L. |last=Constable |chapter=X. Types in computer science, philosophy and logic |chapter-url={{GBurl|MfTMDeCq7ukC|p=683}} |editor-first=S. R. |editor-last=Buss |title=Handbook of Proof Theory |publisher=Elsevier |series=Studies in Logic |volume=137 |date=1998 |isbn=978-0-08-053318-6 |pages=683–786 |url=}} *{{cite web |first=Freek |last=Wiedijk |title=The Seventeen Provers of the World |date=2005 |publisher=Radboud University Nijmegen |url=https://www.cs.ru.nl/~freek/comparison/comparison.pdf }}

== External links == {{external links|date=December 2022}} * [https://theoremprover-museum.github.io/ Theorem Prover Museum] * [http://adam.chlipala.net/cpdt/html/Intro.html "Introduction"] in ''Certified Programming with Dependent Types''. * [https://video.ias.edu/univalent/appel Introduction to the Coq Proof Assistant] (with a general introduction to interactive theorem proving) * [http://www.cs.swan.ac.uk/~csetzer/lectures/intertheo/07/interactiveTheoremProvingForAgdaUsers.html Interactive Theorem Proving for Agda Users] * [https://github.com/johnyf/tool_lists/blob/master/verification_synthesis.md#theorem-provers A list of theorem proving tools]

; Catalogues * [https://www.cs.ru.nl/~freek/digimath/bycategory.html#tacticprover Digital Math by Category: Tactic Provers] * [http://www.mcs.anl.gov/research/projects/AR/others.html Automated Deduction Systems and Groups] * [https://www.cs.cmu.edu/afs/cs/project/ai-repository/ai/areas/reasonng/atp/systems/0.html Theorem Proving and Automated Reasoning Systems] * [http://www-formal.stanford.edu/clt/ARS/Pages/systems.html Database of Existing Mechanized Reasoning Systems] * [http://www.nuprl.org/Intro/others.html NuPRL: Other Systems] * {{cite web | title=Specific Logical Frameworks and Implementations | url=https://www.cs.cmu.edu/~fp/lfs-impl.html | access-date=15 February 2024 | archive-date=10 April 2022 | archive-url=https://web.archive.org/web/20220410151836/https://www.cs.cmu.edu/~fp/lfs-impl.html | url-status=dead }} (By Frank Pfenning). * DMOZ: [http://www.dmoz.org/Science/Math/Logic_and_Foundations/Computational_Logic/Logical_Frameworks/ Science: Math: Logic and Foundations: Computational Logic: Logical Frameworks]

Category:Argument technology Category:Automated theorem proving Category:Proof assistants

de:Maschinengestütztes Beweisen