Logic in Computer Science 1 JAN, 2015

Coinductive Formal Reasoning in Exact Real Arithmetic

Coinductive Formal Reasoning in Exact Real Arithmetic

In this article we present a method for formally proving the correctness of the lazy algorithms for computing homographic and quadratic transformations – of which field operations are special cases– on a representation of real numbers by coinductive streams. The algorithms work on coinductive stream of M"{o}bius maps and form the basis of the Edalat–Potts exact real arithmetic. We use the machinery of the Coq proof assistant for the coinductive types to present the formalisation. The formalised algorithms are only partially productive, i.e., they do not output provably infinite streams for all possible inputs. We show how to deal with this partiality in the presence of syntactic restrictions posed by the constructive type theory of Coq. Furthermore we show that the type theoretic techniques that we develop are compatible with the semantics of the algorithms as continuous maps on real numbers. The resulting Coq formalisation is available for public download.

💡 Research Summary

This paper presents a comprehensive formal verification of lazy algorithms that compute homographic and quadratic transformations—both of which subsume the basic field operations—on a coinductive stream representation of real numbers. The authors build upon the Edalat‑Potts exact real arithmetic framework, where a real number is encoded as an infinite stream of Möbius maps. Each map has the form (a·x + b)/(c·x + d), and sequences of such maps converge to a real value. By treating these streams as coinductive types in the Coq proof assistant, the paper formalizes the algorithms that manipulate them.

The core contributions are threefold. First, the authors define coinductive algorithms for homographic (linear fractional) and quadratic (rational quadratic) transformations directly on streams. These algorithms are lazy: they inspect the input stream only as far as needed to produce the next output element, thereby supporting on‑demand computation with arbitrary precision. Second, they confront a subtle issue: the algorithms are only partially productive. In certain pathological input configurations the computation may stall, violating Coq’s global productivity requirement for cofix definitions. To resolve this, the paper introduces two complementary techniques. (a) Input streams are equipped with type‑level predicates that capture “well‑behaved” or “normal” inputs, ensuring that only streams satisfying these syntactic constraints can be fed to the algorithms. (b) Specialized observer and lazy combinators are defined so that productivity is checked locally, at the moment an output element is observed, rather than globally for the whole definition. This approach respects Coq’s constructive type theory while faithfully modeling the intended algorithmic behaviour.

Third, the authors prove that the formally verified stream transformations correspond exactly to continuous functions on the real numbers. They establish the continuity of individual Möbius maps, then show that composition of homographic or quadratic maps preserves continuity. Using Coq’s coinductive proof principle, they demonstrate that whenever the partial productivity conditions hold, the resulting stream is indeed infinite and converges to the mathematically correct real value. The proofs are carried out entirely within Coq, leveraging its cofix construct and the associated guardedness checks.

The paper also provides an extensive implementation discussion. The Coq development includes definitions of the coinductive stream type, the Möbius map datatype, the two transformation algorithms, the productivity predicates, and the observer machinery. Sample executions are presented for basic arithmetic operations such as addition, multiplication, and square‑root extraction, confirming that the extracted streams converge to the expected real numbers. All source files are made publicly available, enabling other researchers to reproduce the results or extend the framework to more complex operations (e.g., trigonometric functions).

In the related‑work section, the authors contrast their approach with earlier exact real arithmetic systems that either avoided coinduction altogether or enforced strict global productivity by pre‑filtering inputs. Their method stands out by handling partial productivity inside the proof assistant, thereby preserving the elegance of the coinductive representation while satisfying the syntactic constraints of constructive type theory.

In conclusion, the paper demonstrates that coinductive reasoning, when combined with carefully designed type‑level constraints and local productivity checks, can be used to formally verify sophisticated exact real arithmetic algorithms. This work bridges the gap between mathematically rigorous real‑number computation and machine‑checked correctness, opening the door for future formalizations of more advanced numerical functions within Coq.