coq
Coq is a formal proof management system. It provides a formal language to write mathematical definitions, executable algorithms and theorems together with an environment for semi-interactive development of machine-checked proofs.
Top Related Projects
A Coq library for Homotopy Type Theory
Agda is a dependently typed programming language / interactive theorem prover.
Lean Theorem Prover
A Dependently Typed Functional Programming Language
The core OCaml system: compilers, runtime system, base libraries
Quick Overview
The Coq proof assistant is a formal proof management system. It provides a formal language to write mathematical definitions, executable algorithms, and theorems, together with an environment for semi-interactive development of machine-checked proofs.
Pros
- Formal Verification: Coq allows for the formal verification of software and hardware systems, ensuring their correctness and reliability.
- Theorem Proving: Coq's powerful theorem-proving capabilities enable the development of complex mathematical proofs and the verification of intricate algorithms.
- Functional Programming: Coq is based on a functional programming language, allowing for the development of concise and expressive code.
- Extensibility: Coq can be extended with user-defined libraries and tactics, making it a flexible and customizable tool for various domains.
Cons
- Steep Learning Curve: Coq has a steep learning curve, and mastering the language and proof techniques can be challenging for beginners.
- Proof Development Time: Developing formal proofs in Coq can be time-consuming, as it requires a meticulous and methodical approach.
- Limited Automation: While Coq provides some automated proof techniques, it still requires significant manual effort in many cases.
- Limited Tooling: Compared to some other programming languages, Coq's tooling ecosystem is relatively limited, which can make development and integration more difficult.
Getting Started
To get started with Coq, you can follow these steps:
-
Install Coq: You can download the latest version of Coq from the official website (https://coq.inria.fr/download.html) and install it on your system.
-
Create a new Coq file: Open a text editor and create a new file with a
.v
extension, which is the standard file extension for Coq source files. -
Write your first Coq program: Here's a simple example that defines a natural number and proves a basic theorem about it:
Inductive nat : Type :=
| O : nat
| S : nat -> nat.
Theorem plus_comm : forall n m : nat, n + m = m + n.
Proof.
intros n m.
induction n.
- simpl. reflexivity.
- simpl. rewrite IHn. reflexivity.
Qed.
-
Compile and verify the proof: Save the file and use the Coq interactive environment (coqtop) or the Coq compiler (coqc) to compile and verify the proof.
-
Explore the Coq documentation: Coq has extensive documentation, including a reference manual, user's guide, and various tutorials and examples. Familiarize yourself with the documentation to learn more about Coq's features and capabilities.
-
Participate in the Coq community: The Coq community is active and welcoming. You can join the Coq mailing list, participate in online forums, and contribute to the development of Coq and its ecosystem.
Competitor Comparisons
A Coq library for Homotopy Type Theory
Pros of Coq-HoTT
- Incorporates Homotopy Type Theory, providing a foundation for univalent mathematics
- Offers advanced features for working with higher-dimensional structures
- Enables more intuitive reasoning about equality and equivalence
Cons of Coq-HoTT
- Smaller community and fewer resources compared to the main Coq repository
- May have compatibility issues with some existing Coq libraries
- Steeper learning curve for those not familiar with HoTT concepts
Code Comparison
Coq:
Inductive nat : Type :=
| O : nat
| S : nat -> nat.
Fixpoint plus (n m : nat) : nat :=
match n with
| O => m
| S p => S (plus p m)
end.
Coq-HoTT:
Inductive hProp : Type :=
| hcontr : forall A : Type, (A -> A -> A) -> hProp
| hprop : forall A : Type, (A -> A -> Type) -> hProp.
Definition isContr (A : Type) : Type :=
{x : A & forall y : A, x = y}.
The main difference lies in the focus on homotopy type theory concepts in Coq-HoTT, such as h-levels and contractibility, while standard Coq deals with more traditional type theory constructs.
Agda is a dependently typed programming language / interactive theorem prover.
Pros of Agda
- More flexible syntax and notation, allowing for Unicode characters and mixfix operators
- Stronger support for dependent types and type-level programming
- Integrated development environment with interactive editing features
Cons of Agda
- Smaller community and ecosystem compared to Coq
- Less extensive standard library and fewer tactics for proof automation
- Steeper learning curve for beginners due to its more advanced type system
Code Comparison
Coq example:
Theorem plus_comm : forall n m : nat,
n + m = m + n.
Proof.
intros n m. induction n as [| n' IHn'].
- simpl. rewrite <- plus_n_O. reflexivity.
- simpl. rewrite -> IHn'. rewrite -> plus_n_Sm. reflexivity.
Qed.
Agda example:
+-comm : ∀ m n → m + n ≡ n + m
+-comm zero n = sym (+-identity n)
+-comm (suc m) n =
begin
suc m + n
≡⟨⟩
suc (m + n)
≡⟨ cong suc (+-comm m n) ⟩
suc (n + m)
≡⟨ sym (+-suc n m) ⟩
n + suc m
∎
Lean Theorem Prover
Pros of Lean3
- Faster proof checking and compilation times
- More intuitive syntax for mathematicians
- Better metaprogramming capabilities
Cons of Lean3
- Smaller ecosystem and library of formalized mathematics
- Less mature and stable compared to Coq
- Fewer learning resources and documentation available
Code Comparison
Coq example:
Theorem add_comm : forall n m : nat,
n + m = m + n.
Proof.
intros n m. induction n as [| n' IHn'].
- simpl. rewrite -> plus_n_O. reflexivity.
- simpl. rewrite -> IHn'. rewrite -> plus_n_Sm. reflexivity.
Qed.
Lean3 example:
theorem add_comm (n m : ℕ) : n + m = m + n :=
begin
induction n with n' ih,
{ simp },
{ simp [ih, nat.add_succ] }
end
Both examples prove the commutativity of addition for natural numbers. Lean3's syntax is more concise and uses tactics that are closer to mathematical reasoning. Coq's proof is more verbose but provides explicit steps in the proof construction.
A Dependently Typed Functional Programming Language
Pros of Idris-dev
- More focused on general-purpose programming with dependent types
- Easier learning curve for programmers familiar with Haskell-like syntax
- Better support for effects and IO operations
Cons of Idris-dev
- Smaller community and ecosystem compared to Coq
- Less mature and stable, with more frequent breaking changes
- Fewer advanced proof automation tools
Code Comparison
Idris-dev:
vect : Nat -> Type -> Type
vect Z a = ()
vect (S k) a = (a, vect k a)
Coq:
Inductive vect (A : Type) : nat -> Type :=
| nil : vect A 0
| cons : forall n, A -> vect A n -> vect A (S n).
Both examples define a vector type, but Idris uses a more concise syntax with pattern matching on the length parameter, while Coq uses a more explicit inductive definition.
Idris-dev is designed for general-purpose programming with dependent types, making it more accessible for developers coming from functional programming backgrounds. It offers better support for effects and IO operations, which can be beneficial for practical applications.
On the other hand, Coq has a larger community, more stability, and advanced proof automation tools, making it more suitable for formal verification and theorem proving tasks. The choice between the two depends on the specific use case and the user's background.
The core OCaml system: compilers, runtime system, base libraries
Pros of OCaml
- More widely used in industry and practical applications
- Faster execution speed for general-purpose programming
- Simpler learning curve for developers familiar with functional programming
Cons of OCaml
- Less powerful for formal verification and theorem proving
- Limited support for dependent types compared to Coq
- Smaller ecosystem for proof-related libraries and tools
Code Comparison
OCaml:
let rec factorial n =
if n = 0 then 1
else n * factorial (n - 1)
let result = factorial 5
Coq:
Fixpoint factorial (n : nat) : nat :=
match n with
| 0 => 1
| S n' => n * factorial n'
end.
Definition result := factorial 5.
Summary
OCaml is a general-purpose functional programming language, while Coq is a proof assistant and dependently typed language. OCaml excels in practical software development, offering better performance and a more familiar syntax for many developers. Coq, on the other hand, provides superior capabilities for formal verification and theorem proving, with a focus on mathematical correctness. The code comparison illustrates the syntactical differences, with Coq's approach being more formal and precise, reflecting its emphasis on provable correctness.
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual CopilotREADME
Coq
Coq is a formal proof management system. It provides a formal language to write mathematical definitions, executable algorithms and theorems together with an environment for semi-interactive development of machine-checked proofs.
Installation
Please see https://coq.inria.fr/download.
Information on how to build and install from sources can be found in
INSTALL.md
.
Documentation
The sources of the documentation can be found in directory doc
.
See doc/README.md
to learn more about the documentation,
in particular how to build it. The
documentation of the last released version is available on the Coq
web site at coq.inria.fr/documentation.
See also Cocorico (the Coq wiki),
and the Coq FAQ,
for additional user-contributed documentation.
The documentation of the master branch is continuously deployed. See:
- Reference Manual (master)
- Documentation of the standard library (master)
- Documentation of the ML API (master)
Changes
The Recent changes chapter of the reference manual explains the differences and the incompatibilities of each new version of Coq. If you upgrade Coq, please read it carefully as it contains important advice on how to approach some problems you may encounter.
Questions and discussion
We have a number of channels to reach the user community and the development team:
- Our Zulip chat, for casual and high traffic discussions.
- Our Discourse forum, for more structured and easily browsable discussions and Q&A.
- Our historical mailing list, the Coq-Club.
See also coq.inria.fr/community, which lists several other active platforms.
Bug reports
Please report any bug / feature request in our issue tracker.
To be effective, bug reports should mention the OCaml version used
to compile and run Coq, the Coq version (coqtop -v
), the configuration
used, and include a complete source example leading to the bug.
Contributing to Coq
Guidelines for contributing to Coq in various ways are listed in the contributor's guide.
Information about release plans is at https://github.com/coq/coq/wiki/Release-Plan
Supporting Coq
Help the Coq community grow and prosper by becoming a sponsor! The Coq Consortium can establish sponsorship contracts or receive donations. If you want to take an active role in shaping Coq's future, you can also become a Consortium member. If you are interested, please get in touch!
Top Related Projects
A Coq library for Homotopy Type Theory
Agda is a dependently typed programming language / interactive theorem prover.
Lean Theorem Prover
A Dependently Typed Functional Programming Language
The core OCaml system: compilers, runtime system, base libraries
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual Copilot