| CompCert is also very impressive. It's not, however, free software / open source (the source is available though) https://www.absint.com/compcert/structure.htm A problem with both seL4 and CompCert is that the code written to express the proofs is huge, much larger than code that actually does stuff. This puts a ceiling on the size of the projects we can verify. F* is a language that tries to address that, by finding proofs with z3, a smt prover; z3 can't prove everything on its own but it cuts down proof code by orders of magnitude. They have written a verified cryptography stack and TLS stack, and want to write a whole verified http stack. https://www.fstar-lang.org/ https://github.com/project-everest/hacl-star https://www.mitls.org/ https://project-everest.github.io/ F* (through Low, a verified low-level subset of F) can extract verified code to C, which is kind of the inverse than the seL4 proof: seL4 begins with C code and enriches it with proofs of correctness; hacl* (a verified crypto F* lib) begins with a proven correct F* code and extracts C code (I gather the actual crypto primitives is compiled directly to asm code because C has some problems with constant time stuff). This enables hacl* to make bindings to other languages that can just call C code, like this Rust binding https://github.com/franziskuskiefer/evercrypt-rust Also this F* stuff is all free software / open source, so it might become a very prevalent crypto and TLS stack |