Recursive Programming with Proofs

There has been a lot of work based on the paradigm “proofs as programs”, leading to sophisticated realizations (see e.g. [2,4, 133). An expected benefit is the development of correct programs, but, so far, no programming language in current use came from these works. The difficulty is the apparent distance between proofs and programs: the proofs are often complicated and the extracted programs have not always the expected behaviour (in terms of complexity, for instance). The proofs are not only programs, but also contain conceptual parts explaining why the result is what it is. One needs, therefore, to distinguish in the proofs the algorithmic content from the conceptual content. The distinction can be done at different levels: The logical operators. The propositional connectives have an algorithmic content, whereas the quantifiers can be considered as having only a conceptual role (the universal quantifier indicates a degree of generality). ~ The dejnition of the objects. The iterative and recursive definitions of the data types do not have the same algorithmic content (they correspond to different access to the data). The proofs themsehes. There are, for instance, different ways of doing proofs by induction; termination proofs often require computations which are not really necessary to compute the result. The choices made at each of these levels are crucial for the design of a programming language based on proofs. We explain in the remaining part of this introductory section the particular choices we have made to construct an experimental language called PROPRE (for PROgrammation avec des PREuves).