Skip to content

v1.105 — strict Lyapunov exponential certificate + CI-gate the orphaned Lean proofs#244

Merged
avrabe merged 3 commits into
mainfrom
feat/lean-gate-strict-lyapunov
Jun 30, 2026
Merged

v1.105 — strict Lyapunov exponential certificate + CI-gate the orphaned Lean proofs#244
avrabe merged 3 commits into
mainfrom
feat/lean-gate-strict-lyapunov

Conversation

@avrabe

@avrabe avrabe commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

P2 first slice — closed-loop Lyapunov

Two advances, one closing the deferred dynamic step, one closing an orphaned-proof gap.

1. proofs/lean/StrictLyapunov.lean — the negative-definite upgrade

GeometricLyapunov/PositionLyapunov prove the closed-loop derivative is negative semi-definite (V̇ ≤ 0) and defer "trajectory ⇒ converges" to LaSalle — which Mathlib does not have.

This follows Lee 2010 Prop. 2: a cross-term-coupled Lyapunov function makes negative-definite (certified by Sylvester's 2×2 criterion) and assembles the exponential-decay inequality c_hi·V̇ ≤ −c_D·V. That is exactly the Grönwall hypothesis — and Mathlib does have flows/Grönwall (arXiv:2602.13247). So the remaining deferred step shrinks from "formalize LaSalle" (multi-year) to "apply Grönwall to the flow".

Theorems (all in the ring/nlinarith fragment, no sorry, no axiom): quad_complete, quad_form_nonneg, quad_radial_lower/upper, exp_decay_inequality, strict_lyapunov_exp_decay, + a non-vacuity witness (concrete gains ⇒ rate γ=½).

2. .github/workflows/lean.yml — gate the orphaned Lean proofs

The proofs/lean/ proofs were authored + locally kernel-verified but never gated in any CI workflow — the same orphaned-proof gap that left the Kani control/estimator harnesses unenforced until v1.104. New lean.yml runs bazel test //proofs/lean:all (Lean 4.29.1 + Mathlib v4.29.1) as a required check, re-checking all six proofs per PR.

Also: README pin corrected 4.27.0 → 4.29.1 (matches MODULE.bazel); FV-FALCON-LYAP-002 rivet artifact.

Verification status (honest)

Local kernel-checking was unavailable this cycle — Mathlib's multi-GB build did not fit the host disk. The new lean.yml gate is the verifying oracle: this is the first run that kernel-checks StrictLyapunov.lean. The rivet artifact is implemented, moving to verified once lean.yml is green on main. If CI surfaces a tactic or Mathlib-API issue, I'll iterate on this PR.

🤖 Generated with Claude Code

avrabe and others added 3 commits June 30, 2026 21:20
…ate the orphaned Lean proofs

P2 first slice (closed-loop Lyapunov). Two advances:

1. proofs/lean/StrictLyapunov.lean — the negative-DEFINITE upgrade of the
   semidefinite V̇ ≤ 0 core. GeometricLyapunov/PositionLyapunov prove V̇ ≤ 0
   and DEFER "trajectory ⇒ converges" to LaSalle (absent from Mathlib). This
   follows Lee 2010 Prop. 2: a cross-term Lyapunov makes V̇ negative-definite
   (Sylvester 2×2 criterion) and assembles c_hi·V̇ ≤ −c_D·V — which is exactly
   the GRÖNWALL hypothesis, and Mathlib DOES have flows/Grönwall. So the
   deferred gap shrinks from "formalize LaSalle" (multi-year) to "apply
   Grönwall" (exists). Theorems: quad_complete, quad_form_nonneg,
   quad_radial_lower/upper, exp_decay_inequality, strict_lyapunov_exp_decay,
   + a non-vacuity witness (concrete gains ⇒ γ=½). No sorry, no axiom.

2. .github/workflows/lean.yml — the proofs/lean/ Lean proofs were authored +
   locally kernel-verified but NEVER gated in any CI workflow (same orphaned-
   proof gap that left the Kani control/estimator harnesses unenforced until
   v1.104). New lean.yml runs `bazel test //proofs/lean:all` (Lean 4.29.1 +
   Mathlib v4.29.1) as a required check — all six proofs re-checked per PR.

Also: README toolchain pin corrected 4.27.0 → 4.29.1 (matches MODULE.bazel)
+ PositionLyapunov/StrictLyapunov table rows; FV-FALCON-LYAP-002 rivet
artifact (status implemented — moves to verified once lean.yml is green;
local kernel-check was unavailable this cycle, Mathlib's multi-GB build did
not fit host disk, so the lean.yml gate is the verifying oracle).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
First lean.yml run failed "No space left on device" extracting the Lean
4.29.1 toolchain: ubuntu-latest's ~14 GB free could not hold the toolchain +
Mathlib oleans + the transitive rules_* toolchain graph the sibling checkouts
pull in. Free the ~25 GB of preinstalled SDKs (dotnet/android/ghc/CodeQL/…)
this job never uses, via plain rm (no third-party action — minimal CI surface).
Infra-only; the proofs were never reached.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
…proofs pass)

The lean.yml gate ran `bazel test //proofs/lean:all` green:
"Executed 6 out of 6 tests: 6 tests pass", incl strict_lyapunov_test.
StrictLyapunov.lean is kernel-checked at Lean 4.29.1 / Mathlib v4.29.1.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@avrabe avrabe merged commit b33930e into main Jun 30, 2026
43 checks passed
@avrabe avrabe deleted the feat/lean-gate-strict-lyapunov branch June 30, 2026 21:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant