Conversation

I'm resolving to stop using the phrase "prove code correct". You prove specific theorems about codebases relative to some domain model. "X is proven correct because it was formalized in Coq" is as inaccurate as saying "X is proven secure because it was written in Rust".

229

Joey Eremondi @ ICFP

@EremondiJoey

Apr 23, 2021

I like "prove that code meets its specification." There's still an implicit "modulo your trusted base" there, but it at least captures that the proof is only as good as the spec

Replying to

and

I like this! 👍

7:35 AM · Apr 23, 2021Twitter Web App