mit-plv / bedrock2

A work-in-progress language and compiler for verified low-level programming
http://adam.chlipala.net/papers/LightbulbPLDI21/
MIT License
297 stars 45 forks source link

Add a verified full subtractor. #367

Closed wrharris closed 1 year ago

wrharris commented 1 year ago

The Bedrock2 implementation is inspired by bn_sub_with_borrow in BoringSSL but has been rewritten to simplify verification using the tactic ZnWords. Specifically:

The proof's organization roughly follows that of add_with_carry.