How Are Programs Found? Speculating About Language Ergonomics With Curry-Howard ≅ Johannes Simon Emerich
 [email protected]
 @knuton . With illustrations by Mathias Winther Madsen The Functional Club · Berlin · April 27th 2017 

“Dynamic” Languages Are Popular 

“ Popular blog post, 2011 So-called dynamic languages are perennially popular. From what I can tell, it’s largely a matter of marketing. Dyna Cola 

“ The ethos of gradual typing takes for granted that programmers choose dynamic languages for creating software Paper on gradual typing, 2015, 10+ citations 

“ Paper on optional type systems, 2010, 80+ citations Nevertheless, numerous programmers continue to choose untyped scripting languages for their work, including many who work in a functional style 

https: //github.com/blog/2047-language-trends-on-github They certainly are … 

https: //github.com/blog/2047-language-trends-on-github They certainly are … 

“Static” Languages Are Nice 

"oops" * 3 

"oops" * 3 

, ↵ ` ↵ , ↵ ` ` ↵ ! ` ↵ ! ` ↵ ` , x : ↵ ` x : ↵ , x : ↵ ` M : ` x.M : ↵ ! ` M : ↵ ! ` N : ↵ ` ( MN ) : x M x.M M N ( MN ) Curry-Howard correspondence propositions-as-types proofs-as-programs 

CONSTRUCTIVE MATHEMATICS AND COMPUTER PROGRAMMING 155 Programming program, procedure, algorithm input output, result x := e si; S a if B then Sl else S a while B do S data structure data type value of a data type a : A integer real Boolean (cis ..., cn) array [I] of T record sl:Tl; so :TB end record case s : (cl, c,) of set of T cl:(sl:Tl); Ca:(sa:Tz) end Mathematics function argument value x = e composition of functions definition by cases definition by recursion element, object set, type element of a set, object of a type a E A Z R {0,1) {ci, -, 4 TI, I+T TlX T o Ti+ T a curious situation is, I think, that the mathematical notions have gradually received an interpretation, the interpretation which we refer to as classical, which makes them unusable for programming. Fortunately, I do not need Constructive Mathematics and Computer Programming, 1985 

CONSTRUCTIVE MATHEMATICS AND COMPUTER PROGRAMMING 155 Programming program, procedure, algorithm input output, result x := e si; S a if B then Sl else S a while B do S data structure data type value of a data type a : A integer real Boolean (cis ..., cn) array [I] of T record sl:Tl; so :TB end record case s : (cl, c,) of set of T cl:(sl:Tl); Ca:(sa:Tz) end Mathematics function argument value x = e composition of functions definition by cases definition by recursion element, object set, type element of a set, object of a type a E A Z R {0,1) {ci, -, 4 TI, I+T TlX T o Ti+ T a curious situation is, I think, that the mathematical notions have gradually received an interpretation, the interpretation which we refer to as classical, which makes them unusable for programming. Fortunately, I do not need Constructive Mathematics and Computer Programming, 1985 “[programming] used to be looked down upon as the rather messy job of instructing this or that physically existing machine” 

CONSTRUCTIVE MATHEMATICS AND COMPUTER PROGRAMMING 155 Programming program, procedure, algorithm input output, result x := e si; S a if B then Sl else S a while B do S data structure data type value of a data type a : A integer real Boolean (cis ..., cn) array [I] of T record sl:Tl; so :TB end record case s : (cl, c,) of set of T cl:(sl:Tl); Ca:(sa:Tz) end Mathematics function argument value x = e composition of functions definition by cases definition by recursion element, object set, type element of a set, object of a type a E A Z R {0,1) {ci, -, 4 TI, I+T TlX T o Ti+ T a curious situation is, I think, that the mathematical notions have gradually received an interpretation, the interpretation which we refer to as classical, which makes them unusable for programming. Fortunately, I do not need Constructive Mathematics and Computer Programming, 1985 “[programming] used to be looked down upon as the rather messy job of instructing this or that physically existing machine” “It has made programming an activity akin in rigour and beauty to that of proving mathematical theorems” 

“ Propositions as Types, Philip Wadler it turns out to be remarkably robust, inspiring the design of automated proof assistants and programming languages 

✦ Practical engineering benefits ✦ Beauty and rigour come to programming ✦ Inter-disciplinary cross-pollination and unification Typed Functional Languages Are Nice 

✦ Practical engineering benefits ✦ Beauty and rigour come to programming ✦ Inter-disciplinary cross-pollination and unification Typed Functional Languages Are Nice “Nevertheless, numerous programmers continue to choose untyped scripting languages” 

brute fact “a fact that is obtained or explained by itself rather than through other facts” “We normally cannot give a full account why the fact should be what it is, but must accept it without explanation” The Blackwell Dictionary of Western Philosophy 

programs-as-proofs 

programs-as-formal-proofs 

Formal Proof in Mathematics Poincaré New Math Speculative Math Proof Assistants 

Episode I, 1900s Two Sorts of Minds 

“The two sorts of minds are equally necessary for the progress of science; both the logicians and the intuitionalists have achieved great things that others could not have done” Poincaré 

“It must be said, if one wants to give an accurate idea of how Poincare worked, that many points of [his thesis] needed correction or explication. Poincare was an intuitif” Darboux 

Spiegel, 1974 Episode II, 1970s The New Math 

No content

“understanding is achieved intuitively and the logical presentation is at best [an] aid to learning and at worst an obstacle” Logic Versus Pedagogy 

“What is the best method to obtain the solution to a problem? The answer is, any way that works. This attitude [is] the attitude of mind of a truly creative pure mathematician. It does not appear in his final proofs […] These are the things that he publishes, but they in no way reflect the way that he works in order to obtain a guess as to what it is he is going to prove” New Textbooks for the “New” Mathematics 

Finally – who knows how? – a proof is obtained. There are no set patterns of procedure. We try this and that. We guess. We try to generalize the result in order to make the proof easier. We try special cases to see if any insight can be gained in this way. J.B. Roberts 

Episode III, 1990s Jaffe & Quinn LHC; CERN 

BULLETIN (New Series) OF THE AMERICAN MATHEMATICAL SOCIETY Volume 29, Number 1, July 1993 "THEORETICAL MATHEMATICS": TOWARD A CULTURAL SYNTHESIS OF MATHEMATICS AND THEORETICAL PHYSICS ARTHUR JAFFE AND FRANK QUINN Abstract. Is speculative mathematics dangerous? Recent interactions between physics and mathematics pose the question with some force: traditional mathe- matical norms discourage speculation, but it is the fabric of theoretical physics. In practice there can be benefits, but there can also be unpleasant and destructive consequences. Serious caution is required, and the issue should be considered before, rather than after, obvious damage occurs. With the hazards carefully in mind, we propose a framework that should allow a healthy and positive role for speculation. Modern mathematics is nearly characterized by the use of rigorous proofs. This practice, the result of literally thousands of years of refinement, has brought to mathematics a clarity and reliability unmatched by any other science. But it also makes mathematics slow and difficult; it is arguably the most disciplined of human intellectual activities. Groups and individuals within the mathematics community have from time to time tried being less compulsive about details of arguments. The results have been mixed, and they have occasionally been disastrous. Yet today in certain areas there is again a trend toward basing mathematics on intuitive reasoning without proof. To some extent this is the old pattern of history being repeated by those unfamiliar with it. But it also may be the beginning of fundamental changes in the way mathematics is organized. In either case, it is vital at this time to reexamine the role of proofs in mathematical understanding and to develop a constructive context for these trends. We begin with a discussion of physics, partially because some of the current AMS Bulletin, 1993 

BULLETIN (New Series) OF THE AMERICAN MATHEMATICAL SOCIETY Volume 29, Number 1, July 1993 "THEORETICAL MATHEMATICS": TOWARD A CULTURAL SYNTHESIS OF MATHEMATICS AND THEORETICAL PHYSICS ARTHUR JAFFE AND FRANK QUINN Abstract. Is speculative mathematics dangerous? Recent interactions between physics and mathematics pose the question with some force: traditional mathe- matical norms discourage speculation, but it is the fabric of theoretical physics. In practice there can be benefits, but there can also be unpleasant and destructive consequences. Serious caution is required, and the issue should be considered before, rather than after, obvious damage occurs. With the hazards carefully in mind, we propose a framework that should allow a healthy and positive role for speculation. Modern mathematics is nearly characterized by the use of rigorous proofs. This practice, the result of literally thousands of years of refinement, has brought to mathematics a clarity and reliability unmatched by any other science. But it also makes mathematics slow and difficult; it is arguably the most disciplined of human intellectual activities. Groups and individuals within the mathematics community have from time to time tried being less compulsive about details of arguments. The results have been mixed, and they have occasionally been disastrous. Yet today in certain areas there is again a trend toward basing mathematics on intuitive reasoning without proof. To some extent this is the old pattern of history being repeated by those unfamiliar with it. But it also may be the beginning of fundamental changes in the way mathematics is organized. In either case, it is vital at this time to reexamine the role of proofs in mathematical understanding and to develop a constructive context for these trends. We begin with a discussion of physics, partially because some of the current AMS Bulletin, 1993 SPECULATION Labelling of Speculative Work 

BULLETIN (New Series) OF THE AMERICAN MATHEMATICAL SOCIETY Volume 29, Number 1, July 1993 "THEORETICAL MATHEMATICS": TOWARD A CULTURAL SYNTHESIS OF MATHEMATICS AND THEORETICAL PHYSICS ARTHUR JAFFE AND FRANK QUINN Abstract. Is speculative mathematics dangerous? Recent interactions between physics and mathematics pose the question with some force: traditional mathe- matical norms discourage speculation, but it is the fabric of theoretical physics. In practice there can be benefits, but there can also be unpleasant and destructive consequences. Serious caution is required, and the issue should be considered before, rather than after, obvious damage occurs. With the hazards carefully in mind, we propose a framework that should allow a healthy and positive role for speculation. Modern mathematics is nearly characterized by the use of rigorous proofs. This practice, the result of literally thousands of years of refinement, has brought to mathematics a clarity and reliability unmatched by any other science. But it also makes mathematics slow and difficult; it is arguably the most disciplined of human intellectual activities. Groups and individuals within the mathematics community have from time to time tried being less compulsive about details of arguments. The results have been mixed, and they have occasionally been disastrous. Yet today in certain areas there is again a trend toward basing mathematics on intuitive reasoning without proof. To some extent this is the old pattern of history being repeated by those unfamiliar with it. But it also may be the beginning of fundamental changes in the way mathematics is organized. In either case, it is vital at this time to reexamine the role of proofs in mathematical understanding and to develop a constructive context for these trends. We begin with a discussion of physics, partially because some of the current AMS Bulletin, 1993 SPECULATION Labelling of Speculative Work Standard Nomenclature “conjecture” vs “theorem” 

BULLETIN (New Series) OF THE AMERICAN MATHEMATICAL SOCIETY Volume 29, Number 1, July 1993 "THEORETICAL MATHEMATICS": TOWARD A CULTURAL SYNTHESIS OF MATHEMATICS AND THEORETICAL PHYSICS ARTHUR JAFFE AND FRANK QUINN Abstract. Is speculative mathematics dangerous? Recent interactions between physics and mathematics pose the question with some force: traditional mathe- matical norms discourage speculation, but it is the fabric of theoretical physics. In practice there can be benefits, but there can also be unpleasant and destructive consequences. Serious caution is required, and the issue should be considered before, rather than after, obvious damage occurs. With the hazards carefully in mind, we propose a framework that should allow a healthy and positive role for speculation. Modern mathematics is nearly characterized by the use of rigorous proofs. This practice, the result of literally thousands of years of refinement, has brought to mathematics a clarity and reliability unmatched by any other science. But it also makes mathematics slow and difficult; it is arguably the most disciplined of human intellectual activities. Groups and individuals within the mathematics community have from time to time tried being less compulsive about details of arguments. The results have been mixed, and they have occasionally been disastrous. Yet today in certain areas there is again a trend toward basing mathematics on intuitive reasoning without proof. To some extent this is the old pattern of history being repeated by those unfamiliar with it. But it also may be the beginning of fundamental changes in the way mathematics is organized. In either case, it is vital at this time to reexamine the role of proofs in mathematical understanding and to develop a constructive context for these trends. We begin with a discussion of physics, partially because some of the current AMS Bulletin, 1993 SPECULATION Labelling of Speculative Work Standard Nomenclature “conjecture” vs “theorem” Responsible Publication Journal of XYZ [email protected] 

BULLETIN (New Scries) OF THE AMERICAN MATHEMATICAL SOCIETY Volume 30, Number 2, April 1994 RESPONSES TO "THEORETICAL MATHEMATICS: TOWARD A CULTURAL SYNTHESIS OF MATHEMATICS AND THEORETICAL PHYSICS", BY A. JAFFE AND F. QUINN MICHAEL ATIYAH ET AL. Michael Atiyah The Master's Lodge Trinity College Cambridge CB2 1TQ England, U.K. I find myself agreeing with much of the detail of the Jaffe-Quinn argument, especially the importance of distinguishing between results based on rigorous proofs and those which have a heuristic basis. Overall, however, I rebel against their general tone and attitude which appears too authoritarian. My fundamental objection is that Jaffe and Quinn present a sanitized view of mathematics which condemns the subject to an arthritic old age. They see an inexorable increase in standards of rigour and are embarrassed by earlier periods of sloppy reasoning. But if mathematics is to rejuvenate itself and break exciting new ground it will have to allow for the exploration of new ideas and techniques which, in their creative phase, are likely to be as dubious as in some of the great eras of the past. Perhaps we now have high standards of proof to aim at but, in the early stages of new developments, we must be prepared to act in more buccaneering style. The history of mathematics is full of instances of happy inspiration triumph- ing over a lack of rigour. Euler's use of wildly divergent series or Ramanujan's insights are among the more obvious, and mathematics would have been poorer AMS Bulletin, 1994 1977; Oberwolfach Collection “Jaffe and Quinn present a sanitized view of mathematics which condemns the subject to an arthritic old age” “They […] are embarrassed by earlier periods of sloppy reasoning. But if mathematics is to rejuvenate itself and break exciting new ground it will have to allow for the exploration of new ideas and techniques” Michael Atiyah 

BULLETIN (New Scries) OF THE AMERICAN MATHEMATICAL SOCIETY Volume 30, Number 2, April 1994 RESPONSES TO "THEORETICAL MATHEMATICS: TOWARD A CULTURAL SYNTHESIS OF MATHEMATICS AND THEORETICAL PHYSICS", BY A. JAFFE AND F. QUINN MICHAEL ATIYAH ET AL. Michael Atiyah The Master's Lodge Trinity College Cambridge CB2 1TQ England, U.K. I find myself agreeing with much of the detail of the Jaffe-Quinn argument, especially the importance of distinguishing between results based on rigorous proofs and those which have a heuristic basis. Overall, however, I rebel against their general tone and attitude which appears too authoritarian. My fundamental objection is that Jaffe and Quinn present a sanitized view of mathematics which condemns the subject to an arthritic old age. They see an inexorable increase in standards of rigour and are embarrassed by earlier periods of sloppy reasoning. But if mathematics is to rejuvenate itself and break exciting new ground it will have to allow for the exploration of new ideas and techniques which, in their creative phase, are likely to be as dubious as in some of the great eras of the past. Perhaps we now have high standards of proof to aim at but, in the early stages of new developments, we must be prepared to act in more buccaneering style. The history of mathematics is full of instances of happy inspiration triumph- ing over a lack of rigour. Euler's use of wildly divergent series or Ramanujan's insights are among the more obvious, and mathematics would have been poorer AMS Bulletin, 1994 2007; Wikimedia Commons “I find the JQ prescription appalling because it would bring havoc into living branches of science” “[A] flow of young people […] kept being introduced to me for advice. They were acknowledged as brilliant and highly promising; but they could not stomach the Bourbaki credo, hence saw no future for themselves in mathematics” Benoît Mandelbrot 

BULLETIN (New Scries) OF THE AMERICAN MATHEMATICAL SOCIETY Volume 30, Number 2, April 1994 RESPONSES TO "THEORETICAL MATHEMATICS: TOWARD A CULTURAL SYNTHESIS OF MATHEMATICS AND THEORETICAL PHYSICS", BY A. JAFFE AND F. QUINN MICHAEL ATIYAH ET AL. Michael Atiyah The Master's Lodge Trinity College Cambridge CB2 1TQ England, U.K. I find myself agreeing with much of the detail of the Jaffe-Quinn argument, especially the importance of distinguishing between results based on rigorous proofs and those which have a heuristic basis. Overall, however, I rebel against their general tone and attitude which appears too authoritarian. My fundamental objection is that Jaffe and Quinn present a sanitized view of mathematics which condemns the subject to an arthritic old age. They see an inexorable increase in standards of rigour and are embarrassed by earlier periods of sloppy reasoning. But if mathematics is to rejuvenate itself and break exciting new ground it will have to allow for the exploration of new ideas and techniques which, in their creative phase, are likely to be as dubious as in some of the great eras of the past. Perhaps we now have high standards of proof to aim at but, in the early stages of new developments, we must be prepared to act in more buccaneering style. The history of mathematics is full of instances of happy inspiration triumph- ing over a lack of rigour. Euler's use of wildly divergent series or Ramanujan's insights are among the more obvious, and mathematics would have been poorer AMS Bulletin, 1994 ~1972; Oberwolfach Collection “The sequence for the understanding of mathematics may be: intuition, trial, error, speculation, conjecture, proof. The mixture and the sequence of these events differ widely in different domains, but there is general agreement that the end product is rigorous proof—which we know and can recognize, without the formal advice of the logicians” Saunders MacLane 

In summary of episodes I–III: There is overall agreement on the importance of rigorous proof. But a vocal group of research mathematicians insists on the vital roles of intuition, speculation and experimentation. 

In summary of episodes I–III: There is overall agreement on the importance of rigorous proof. But a vocal group of research mathematicians insists on the vital roles of intuition, speculation and experimentation. 

Episode IV, 2010s The Proof
 Assistant 

Coq IDE; Source: EPIT 2015 

Cambridge UP, 2014 Applications ✦ Formalisation of mathematics ✦ Automatic proof checking ✦ Interactive proof development ✦ Libraries of mathematical content 

Cambridge UP, 2014 Applications ✦ Formalisation of mathematics ✦ Automatic proof checking ✦ Interactive proof development ✦ Libraries of mathematical content “Our vision is that formalising a mathematical proof may become as easy as writing mathematics in a mathematical text editor such as LATEX and that a mathematical proof will only be accepted for publication when it has been formally checked.” 

Cambridge UP, 2014 Applications ✦ Formalisation of mathematics ✦ Automatic proof checking ✦ Interactive proof development ✦ Libraries of mathematical content “Our vision is that formalising a mathematical proof may become as easy as writing mathematics in a mathematical text editor such as LATEX and that a mathematical proof will only be accepted for publication when it has been formally checked.” 

informal statement A informal proof p formalize & refine interactively formal proof p formal statement A typecheck p has type T A is permissible T = A? p has type A ⇒
 p is a proof of A 

informal statement A informal proof p formalize & refine interactively formal proof p formal statement A typecheck p has type T A is permissible T = A? p has type A ⇒
 p is a proof of A 

informal statement A informal proof p formalize & refine interactively formal proof p formal statement A typecheck p has type T A is permissible T = A? p has type A ⇒
 p is a proof of A 

In summary of episode IV: Proof assistants are built as tools for codifying mathematical proofs in order to communicate mathematical insight. They enter the picture after the creative phase of mathematical discovery. 

Claim 1. PLs built with programs as proofs in mind optimise for the communication/codification phase. 2. Programmers want and need to use PLs for experimentally developing new ideas and discovering programs. Poke 

No content

No content

No content

No content

No content

No content

No content

No content

No content

‽ Which stages are programming languages made for? 

Finally – who knows how? – a proof is obtained. There are no set patterns of procedure. We try this and that. We guess. We try to generalize the result in order to make the proof easier. We try special cases to see if any insight can be gained in this way. J.B. Roberts 

Finally – who knows how? – a proof is obtained. 

Finally – who knows how? – a proof is obtained. program { 

Recommendations Christopher Phillips, The New Math: A Political History Chicago University Press, 2015 Seidel, Jhala & Weimer, Dynamic Witnesses for Static Type Errors ICFP 2016