|
|
|
|
|
|
by JonChesterfield
1105 days ago
|
|
|
I didn't know that link, searches seem to confirm. Thank you. The LCF style provers rely on the host language type system. A theorem instance can only be created by the trusted kernel. Lisp doesn't obviously lend itself to that - you could represent the proof, but I'm not clear how you'd prevent forging one. |
|
|