However at the time the proof was finishing, people were leaving the field, and the very people who proved it did not feel that their results were checked. They were not confident of the result. And nobody has been able to review the proof.

This began a decades long effort, which is currently incomplete, to produce a second proof that is more understandable. That effort seems to have fizzled out.

So one of the most important results in mathematics in the 20th century does not have a proof that anyone can understand or review. And this is true despite a number of very smart people devoting their entire lives to the subject.

I maintain that no amount of human verification and re-verification will result in my being as confident of this result as I am about most mathematical results that I know. The only way to actually make this into something we should be confident of is to translate the existing proofs to something computer checkable.

Or to indeed find that simpler proof, I suppose?

(Not disagreeing with anything you're saying, just checking - it's a fascinating story that I didn't know about this topic)

Wikipedia says

> The proof consists of tens of thousands of pages in several hundred journal articles

and that the second-generation simplified version might possibly run to only 5,000 pages.

5,000 pages of math is easier to understand and/or believe in than tens of thousands of pages, but it's still a pretty daunting amount even for specialists.

https://wwwf.imperial.ac.uk/~buzzard/xena/natural_number_gam...

I loved it and have been trying to make some subsequent levels about divisibility.

I think I had expectations that it would be a lot less ... tedious? Like I was hoping it would be mostly automated except needing hints whenever it got stuck. Much like how the flavor text would hint to you (the human) that you needed to use certain theorems for certain levels.

Instead, it was so low level that you had to do every step of algebra manually with a line of code each. (and to be fair, in the beginning it was necessary because you're developing the usual rules of algebra as you go, but even in the later levels after they tell you about the ring tactic there's still a lot of manual algebra you need to do) The search space seems small enough that even I was just mindlessly spamming rewrite/intro/apply/induction. Why can't a computer automate this completely.

And going in the other direction, I was hoping this would be a good tool to aid in proofwriting. But most of the "proof" I wrote was complete gibberish not meant for human consumption. I think the problem is because the code relies heavily on mutating a context that you can't see without using the lean UI.

Anyway, maybe the number game is just not a good intro to the full capabilities of lean and I am missing the point.

Your point about proof readability applies to interactive theorem provers generally. You can see a tradeoff here between Lean/Coq and more "literate" formal proof languages like TLA+, which has a prover called TLAPS (TLA+ Proof System). TLA+ proofs are written in a hierarchical style Lamport proposed in his paper How to Write a 21st Century Proof[0], and are readable by themselves. The BIG BIG tradeoff here is that when you're writing the proof in TLA+, it's very difficult to know what the prover is "thinking" and why it is stuck. Whereas with interactive provers you know exactly what the prover is "thinking" - the proof consists solely of instructions to manipulate those thoughts which you see on screen at all times! So at this time it seems there's a tradeoff between ease of writing a formal proof and ease of reading a formal proof.

[0] https://www.microsoft.com/en-us/research/publication/write-2...

But instead, for entire rest of the tutorial, you had to manually rewrite every single parenthesis yourself (with syntax that is pretty unergonomic for doing so too).

I guess I found it a little disappointing that it's not easy to instruct it on how to fill in gaps so you can skip steps the same way you would in a human proof (which would only need a note saying that you're using associativity and parens are omitted thereafter, and any human reader will accept that as valid)

I too felt it a waste of time to prove things that were clearly "obvious". Of course, in math, some of the most frightening words to encounter are "obvious" and "trivial" but in this case it really was trivial, at the level of proving `a + b = b + a` while working with integers. Tactics like auto, tauto, ring and field help here and should be given more and earlier emphasis in teaching materials. Tactics like `auto` perform like the proof search you mention and others like ring and field make cleverer use of structure.

To fill in the rest of the gap, a project like the Lean math library goes a long way. Not having to provide your own implementation of reals, differential forms or vectors over reals or complex numbers is incredibly useful. I was surprised by how difficult it was to find (I never did) a well maintained and documented library of basic common mathematical structures in Coq.

The second major issue is Formal proofs without their contexts (something like a debugger variables watch list in regular type code), are incomprehensible to most. However, a project, https://plv.csail.mit.edu/blog/alectryon.html, for Literate Formal proofs fully addressed that pain point for me. It's curious how the problem of tedium has a clear path to solution in the Lean community and the equally important flaw of write only proofs is being addressed within the Coq community.

Returning to the issue of what is obvious, a vast amount of mathematical knowledge is tacit, buried in the minds of the respective communities of pure mathematicians. For everyone else, especially users who cannot themselves provide proofs, mathematical knowledge is very often like a Potemkin village. Superficial and artifice, understanding that falls apart upon close inspection. This divide plays no small part in how difficult it is to properly learn mathematics outside of a mathematics department. Formalizing undergraduate math is important because it provides a solid foundation that leads to deeper understanding of mathematics when taken in aggregate across all participants. Even pure mathematicians have gaps once they step outside their field of expertise.

Well commented proofs are good to communicate intent but if you also want to be able to reproduce a similar proof, it's often useful to understand why tactics were deployed as they were. The existence of the wonderful https://plv.csail.mit.edu/blog/alectryon.html bears out the importance and utility of this.

> For understanding math

My contention, which I believe is shared by the article, is that this understanding is often flimsier than most think, particularly as one leaves well trafficked areas held together by tacit knowledge and knowledge of multiple reinforcing paths shared within communities with relevant expertise. However, even that is insufficient for less used lemmas.

This structuring of knowledge will be useful for mathematics education and research both, especially from the perspective of an individual human trying to safely use results of proofs.

> we really need tools to help us visualize structure of proofs

The output proof is a program, so the problem of visualizing proofs is much the same as visualizing programs and visual programming, sharing the same hurdles. Perhaps friendlier naming and formatting of output code in proof tools will be useful. I believe something more useful would be queryable visualizations of how theorems and lemmas connect and relate to each other.

As an economist, I sometimes want to prove things that a real mathematician could do in their sleep. There's Mathematica and friends, but they have their limitations, i.e. they can do what you tell them but can't typically "find their own way" to the proof of a theorem. Might these systems ever come down to my level?

Note that there are two distinct components that interact: (i) verification of proofs and (ii) automation of finding the proofs. The latter is very much an active field of research, but so far isn't of the level that it will prove most of your theorems for you.

That's not what proof assistants like Lean and Coq are about. Sure, they can automate some trivial things, but generally their main utility is that they check your reasoning, not come up with it for you.

https://youtu.be/8PLrxAfmC_o

    mainstream proof : constructive proof :: program code : machine code

While it's allowed, generally Metamath users do not prove constructs directly from axioms, for exactly the same reason as you don't do it in Lean or traditional informal mathematics. You're right that most Metamath tools have fewer automated tactics, but there are tools with some automation, and people are working to improve that.

It's also true that there are lots of attempts at formalisation out there; I happen to know about vdash.org , for example, but there are certainly others. I think it's good to have an abundance of formalisations, since no one formalisation style is going to appeal to everyone (for example, as already discussed above, probably the more formalisation-minded mathematicians will have a higher tolerance for minimalism).

Lean's power lies in its elaborator that breaks down complex tactic-based proofs to a core proof language. This elaboration process can be extended with custom tactics and custom syntax, making it way more powerful than metamath.

[1] https://github.com/gebner/trepplein/tree/master/src/main/sca...

I'm currently thinking about getting a degree in Maths, and I find extremely appealing the notion of having a repo of knowledge from where to gather theorems, specially useful for newer developed areas.

They do, but I would tell you that if that is your main motivation to create those databases, don't do it. The AI might spend milliseconds on work that takes man-years to compile, but get stuck on absolutely tiny issues of details it can't grok and which you can quickly explain.

If AI is the goal, I would propose to discuss with AI-researchers in the area of automated maths about what they can actually use to make progress. There are ways to have the AI learn unsupervised as much as possible, and to have it ask for supervision where needed.

In a similar way, it took a while to teach alphaGo to play go, but it only took a couple of extra years to have alphaZero play both go and chess without any database of example games.

I fully agree with the rest of the argument and I love the work that is being done to double check mathematics. But as AI researcher, I think this is a poor motivation and would warn against using it, as it might be very disappointing in the long run about how little of it turned out to be useful for AI.

Also, there has _already_ been some success on using AI to find proofs in lean.

Check out "Automated Propositional Sequent Proofs in Your Browser with Tau Prolog" for a promising approach: https://www.philipzucker.com/javascript-automated-proving/ It's rendering LaTeX proof trees.

For example, Lean in vscode supports interactive html "widgets": https://youtu.be/8NUBQEZYuis?t=453

(at that timestamp, there's a quick introduction to their typical use at the moment).

lean4 is committed to all sorts of extensibility; here's a demonstration of the new macros: https://twitter.com/derKha/status/1354082976456441861. There have also been several instances of users implementing old lean3 features (for example, the `calc` tactic mode, which has unique syntax for proving (in)equalities) by simply defining new type classes and short macros.

If you want essentially a text version of proof trees, just write fully annotated terms for your proofs. I think you'll quickly see that this just tends to make the proof _less_ readable because they become incredibly bloated.

> Not to mention that any format that isn't just strictly text is probably doomed to fail from the start.

LaTeX is text. (I'm not being snarky.)

- - - -

The key might be in formalizing the subjective processes like what was described starting here:

> Mathematicians think in pictures

> I have a picture of the real numbers in my head. It’s a straight line. This picture provides a great intuition as to how the real numbers work. I also have a picture of what the graph of a differentiable function looks like. It’s a wobbly line with no kinks in. This is by no means a perfect picture, but it will do in many cases. ...

I don't know. Both tactics and proof terms are already quite old (for CS concepts, that is) and there hasn't been any real competition, so I imagine in the medium-term we'll just see refinements of them.

>LaTeX is text. (I'm not being snarky.)

I can't imagine anyone wanting to read latex source code over tactics/proof term code. Unless you're talking about rendered latex? But that's not something people can realistically work with. Graphical proof assistants exist, but nobody uses them. For better or worse, plain text is simply king.

>The key might be in formalizing the subjective processes like what was described starting here:

In a sense, tactics are a very weak form of this. Instead of just describing a proof as its structured in the system, they allow a proof author to also describe some of their intent or intuition. It's definitely why some people prefer tactics based proofs. I imagine we'll see some attempts to incorporate some more of this into proof terms, but I don't know how successful this will be.

But honestly, I can't even imagine would formalizing something so subjective would even look beyond this. I'm not sure if it's even possible. If it is, I imagine it's going to be a radical departure from everything we know.

So it's really more of an issue of presentation? The techniques are fine? (I'm a professional programmer but an amateur logician, I really don't know what the big kids do.)

> I can't imagine anyone wanting to read latex source code over tactics/proof term code. Unless you're talking about rendered latex?

Yeah, you would generally only be looking at LaTeX source to debug your tools.

> But that's not something people can realistically work with.

I don't understand. I rarely work with it, but I was under the impression that it's pretty standard for writing math and science papers? Are there no WYSIWYG tools for working with rendered LaTeX? How do people work with it now, I guess is what I'm asking.

> Graphical proof assistants exist, but nobody uses them.

I just did a quick search and found two but they seem obscure:

https://en.wikipedia.org/wiki/Jape_(software)

https://github.com/liamoc/holbert

I guess the question I have is why does no one use them? Is it just inertia? I mean this is a thread about promoting the use of Lean et. al., so even the non-graphical, well-known tools are still kind of a niche, no?

Are graphical proof assistants only good for students and teaching, not "heavy lifting"?

In any event, I still feel that we can do better on the presentation side of things. (That's not controversial is it? The Lean folks are working on it?) I want to understand what kinds of software would help mathematicians.

> In a sense, tactics are a very weak form of this. Instead of just describing a proof as its structured in the system, they allow a proof author to also describe some of their intent or intuition. It's definitely why some people prefer tactics-based proofs.

That's pretty cool. :)

> I can't even imagine would formalizing something so subjective would even look beyond this. I'm not sure if it's even possible.

The Turing Machine is itself a formalization of a subjective process, eh?

If we get to the point where the machines can "read our minds" then it will be really easy. :) Heck, mathematicians can just watch videos of each other's mental imagery!

In the meantime, externalizing and formalizing these subjective intuitive processes with the machinery we've got seems like a fun and useful challenge, eh?

Well, both techniques are ultimately just a way of representing natural deduction (for a different proof calculus that isn't closely related to natural deduction you'll definitely need different techniques). Proof terms are the representation you get from the Curry-Howard Isomorphism (essentially the derivation is left implicit since it is unambiguous), while tactics based proofs are approximations of traditional proofs written in prose.

Are they 'fine'? Well, maybe there's some amazing graph-based way that will make current approaches look completely inadequate, but at the moment they work and we just don't know any better way.

>I don't understand. I rarely work with it, but I was under the impression that it's pretty standard for writing math and science papers? Are there no WYSIWYG tools for working with rendered LaTeX? How do people work with it now, I guess is what I'm asking.

It's definitely the standard, but I personally don't find working with diagrams in it pleasant (though I know some disagree). WSYIWYG tools exist, but don't find much usage. Everyone I know simply has a preview window open right next to their latex code, so it's not really an 'interactive' process. If you're fine with that, I'd just recommend generating latex code from proof objects/tactics scripts (which there already is some work on as far as I know). You should be able to generate e.g. proof trees very easily, they'll just be massive.

>I guess the question I have is why does no one use them? Is it just inertia? I mean this is a thread about promoting the use of Lean et. al., so even the non-graphical, well-known tools are still kind of a niche, no?

I imagine it's a combination of all sorts of factors. Proof assistants are very niche, the community is very academic and proof assistants require a lot of infrastructure which is why most users are concentrated among a handful of proof assistants. Proof assistants using dependent types (such as Lean) are also programming languages which I think naturally biases them towards text.

>Are graphical proof assistants only good for students and teaching, not "heavy lifting"?

I don't see any reason why that should fundamentally need to be - but I think the same applies to visual programming languages, which are essentially stuck in the same position for whatever reason.

>In any event, I still feel that we can do better on the presentation side of things. (That's not controversial is it? The Lean folks are working on it?) I want to understand what kinds of software would help mathematicians.

I don't think this is controversial at all - _how_ to improve presentation on the other hand might be.

>In the meantime, externalizing and formalizing these subjective intuitive processes with the machinery we've got seems like a fun and useful challenge, eh?

Sure, but anything beyond very incremental improvements also strike me as very hard, so it's not an area where I would expect much change for now, especially because there's still a good amount of low-hanging fruit in the area of proof assistants.

Just make the proof language similar to the standard mathematics language and possibly process it with a presentation layer that makes it even better. The examples start from Mizar [1] (since 1973), IsarMathLib [2] (disclaimer: my project), Naproche-SAD [3] (bundled with Isabelle recently) [1] http://mizar.org/ [2] https://isarmathlib.org/ [3] http://ceur-ws.org/Vol-2634/FMM4.pdf

But doesn't that bring us full-circle to Buzzard's point? Isn't that why he's saying, "Hey gang, let's do math with machines." in the first place?

But there’s a reason that when writing conditionals, we don’t put each symbol in the expression on their own line. Those also have their own tree structure, they are also part of the AST, but we put many of the nodes on the same line for ease of reading and editing.

In the Lean approach, anything not marked `noncomputable` in the Type universe and above needs to be constructible, in the sense that there is a program that can compute such an object using a functional programming language (where the function is guaranteed to terminate), but proofs don't need to be constructible in the same way. Proofs are still functions, but they're free to use things like the axiom of choice in the course of a proof. The way things are set up, even if you use non-computable things while making your inferences, this "forbidden" data will not leak out.

It seems eminently reasonable to me that you can argue a program computes the correct thing because it doesn't compute the wrong thing, and unless you're specifically studying different toposes/logics, I'm not sure what constructive logic would really give you (and it's not like mathematicians slavishly keep track of where they used the axiom of choice or its consequence the LEM).

How this all looks in Lean practice is that it's stronger to give a definition and prove it satisfies a property than to prove a "there exists" statement. mathlib authors tend to go for the first, unless the result is inherently noncomputable. There's also a facility for lifting propositions up to boolean values, which more or less amounts to giving a constructive proof -- this is used pervasively, for example with finite sets, which are constructive in the sense that if you have one there's an actual finite list backing it.

I guess in short: it's a useful middle ground being able to prove something exists without having to construct it, but if you want to "have" the thing that purportedly exists you need to construct it.

Calling this 'non-classical' is interesting—it's definitely non-classical from the point of view of formalisation, but I'm not sure formalisation has been around long enough to have classics ….

As of course you know but non-mathematicians may not, from a non-formalising mathematician's point of view, it's the non-constructive logic that's classical, to the extent that it's actually sometimes called classical logic (https://en.wikipedia.org/wiki/Classical_logic).

See, that is one of the problems with constructive mathematics. It not only requires you to write down the algorithm, but also to prove it constructively, although a non-constructive proof would be perfectly fine. In other words: constructivism is often overkill.

Let's say you need an algorithm for a real-life situation, and you manage to write one down.

Ok then, you are good to go, just use it!

But ... how do you know that the algorithm you have written down is correct?

Now, a constructive mathematician would require you to also provide a constructive proof for your algorithm. A mainstream mathematician would additionally also be fine with a non-constructive proof for your algorithm. So, who is more real-life?

In general, my hypothesis is that if you restrict yourself to constructive mathematics, you are limiting yourself. And that is true whether your chosen field is algorithms, or not.

Now, if you offer me for a given algorithm a constructive proof, that's great. But if you needed 10 years to give me that proof, and a non-constructive one can be had in 10 minutes, I might not be so enthusiastic if I had to pay your salary, or if I needed that result really urgently, or both. But on the other hand, IBM probably doesn't care.

And you should have seen the answer that I wrote before that, and then deleted. Now THAT answer was impolite. Goodnight to you as well.

> I'm sure they would much prefer that it was constructive, rather than non-constructive

One point against constructivism is that the proof could be less readable.

> can produce a usable algorithm from the constructive proof

No. Between the automated tactics and inductive propositions constructed to carry all kinds of redundant state helpful in proving your properties, your proof objects won't be anywhere near production level. And constructive proof checkers don't intend that to happen anyway: you pretty much define an efficient function in a DSL, then use a different DSL to prove that the function fulfils the properties. The proof object is pretty much a black box with unclear efficiency that wasn't meant for humans to read.

My algorithm: If a + b == c then output 1. If a^2 + b^2 == c^2 then output 2. Stop.

This algorithm is correct, because Fermat's last theorem holds. Now, try to come up with a simpler algorithm than that, and one that in addition has a constructive proof.

And we are done, because the statement of the theorem in the "classical fragment" of constructive logic is identical to the constructive statement as it does not involve any existentials or disjunctions. However if the theorem did involve a limited use of these connectives, we could use Goedel's Dialectica interpretation[3] to turn them in to their constructive counterparts, as long as the theorem is Pi_2 or lower, which is going to be the case for the vast majority of theorems about software.

[1] https://news.ycombinator.com/item?id=26217587

[2] https://en.wikipedia.org/wiki/Absoluteness#Shoenfield%27s_ab...

[3] https://www.andrew.cmu.edu/user/avigad/Papers/dialect.pdf

That is very cool! So, even less reason to demand a constructive proof, a non-constructive one is then often good enough even for hard-core constructivists.

Do you know if this has been implemented in any actual (interactive) theorem proving system, for example Lean? It sounds like a great feature to me to allow non-constructive proofs in certain situations, but to have the theorem hold even in a constructive setting.

And dependent type theory is gleaming when things that normal mathematicians think of as propositions are not only values, but functions! For example a list l1 being a subset of a list l2 is a function from memberships of l1 (which, remember is data) to memberships of l2. Now you get partial evaluation when working on your proofs and things just magically unify.

I write about these examples in experience I had in "Taking Propositions as Types seriously" @ <http://r6.ca/blog/20171008T222703Z.html>.

There is a practical difference between Principia Mathematica taking 370 pages to prove 1 + 1 = 2 versus dependent type theory's proof `refl_equal 2`. (I'm exaggerating, but only a little).

But yes, being able to work with functions as data is also very important! That's why I am pursuing a combination of simple type theory and set theory as the foundation of a theorem prover, as I have outlined here: http://www.practal.com

Myself, I've never seen an automated theorem prover that will perform this sort of translation automatically. I have, on rare occasion, gone through by hand to remove uses of classical axioms in Coq proofs of theorems than ought not to be using them. Usually the uses are pretty superficial.

However finite graph theory is not remotely mainstream mathematics. Take your favourite super-prestigious maths prize, for example the Abel Prize or the Fields Medal. Now look at everyone who has won this prize in the last 10 years. That is the definition of mainstream mathematics. And as you will see if you do this, the areas which these people are working on are a million miles away from finite graph theory. This is precisely the problem. Computer scientists sometimes have a very twisted view of exactly what kind of mathematics is regarded as important in 2021. The experiment I outline above will give you some idea of what is mainstream, and believe me, it's not the four colour theorem.

And I say this as someone with no interest in graph theory, or combinatorics in general.

Further, I don't think it is "elite provincialism" to point out this readily verifiable fact. Besides looking at the big prizes, we can look at any of the top journals (Annals, IHES, Inventiones, Journal of the AMS, Acta, whatever). You're not going to find a lot of finite graph theory there.

Now, I think we should separate the question whether it is the case that he's right about what mathematicians value from the question of whether it ought to be the case that the world is this way. As I just said, the answer to the first question is yes. I'd argue that the answer to the second question is also yes, but that's a whole different discussion.

The irony is that I suspect every single mathematician, elite or not, knows what the four-color theorem is, far more than could tell you what chromatic homotopy is, or state anything about the Langlands program beyond "Uh, it's something about number theory? And groups? Maybe?"

Further, it's not like no finite combinatorics/graph theory gets published in these journals. Just not a lot, because it's not sufficiently interesting/valuable to the broader community. (Annals of Math almost published Hales's proof of the Kepler conjecture, after all; eventually a proof appeared in another top journal.)

Also, re: connections, you can easily check the author affiliations for papers in these journals. There are plenty of people from universities that are not so well known. It's hardly an "old boys club."

You can see a letter to the editor of the Bulletin about it. Look at the affiliations of the people protesting the decision, and the affiliations of the editors defending it: http://www.ams.org/notices/200706/tx070600694p.pdf

Again, whether you think the criteria should be the way they are is a separate conversation.

Here is the reason why it's obvious for mathematicians. If you're trying to prove a theorem (e.g. the theorem that class numbers of imaginary quadratic fields tend to infinity), and then someone comes up with a proof which assumes that a certain generalisation of the Riemann hypothesis is true, and then someone else comes up with a proof which assumes that the exact same generalisation is false, then we mathematicians say "great, the theorem is now proved". This actually happened.

However if your boss asks you to write some code which does a calculation, and the next day you show up in their office with two USB sticks and say "this code is guaranteed to produce the correct answer if the Riemann hypothesis is true, and this other code is guaranteed to produce the correct answer if the Riemann hypothesis is false" then you are going to lose your job, because all you did was prove that the code exists, which is less helpful than it could be.

For me one of the biggest problems with the area of formalisation of mathematics is that for decades it has been dominated by computer scientists, whose view of what is important and beautiful in mathematics does not really coincide with that of the working mathematician. This is what I am fighting to change.

Oh wow! Was it an interesting theorem that got proved this way? Did it get proved in another, less controversial manner as well? Could you provide a pointer to it?

If you assume P, derive a contradiction, then conclude not P, that is a direct proof of negation not a proof by contradiction.

In Kevin's example where you have two programs, one which depends on the Riemann hypothesis being true and the other which depends on it being false, is that you can't just execute the programs -- they might have undefined behavior since they depend on the truth of some statement during their executions, and there's no general algorithm to decide whether undefined behavior is happening. They depend on undecided facts, so you can't put them together into a single program that decides the result. (Maybe a slogan is "truth can be contingent, but data cannot be.")

In Lean syntax, this is an example type signature of something that takes two programs (h and h') that respectively take in the truth/proof of a proposition or its negation, along with a proof that there is at most one element of α, and produces that element. I don't think there's a way to write this definition in Lean without marking the definition noncomputable:

  def extract {p : Prop} {α : Type*}
    (h : p → α) (h' : ¬p → α)
    (unique : ∀ (x y : α), x = y) : α := sorry

That’s where opinions will differ. That’s only true if you accept the law of the excluded middle.

Mainstream math does, but most constructive math does not.

Yes, Kripke semantics makes sense of constructive logic. Topos theory, too. But I really think of all of these embedded in classical logic, and assuming that the law of excluded middle doesn't hold for general reasoning just doesn't make any kind of sense to me.

p.s. could you let me know your e-mail so I can keep for future reference, as I'm also working on a hobby project for automated theorem solving.

If you are familiar with "Classical" logic, constructive math omits the law of excluded middle (e.g. "A or not A" must be true). In ZFC, the axiom of choice is omitted.

This leads to proofs that are not only a verification of some idea but also gives you the mechanism to compute the evidence. This is often described as "the computational content of proofs" and is especially valuable in the context of the Curry-Howard isomorphism: for every proof, there is a corresponding program (and vice-versa). This is the basis for formal verification of constructive proofs. When creating a proof in Coq, you are actually writing the corresponding program. And you can even extract the program in another general purpose programming language (usually OCaml in the context of Coq, but Haskell is also supported).

In a non-constructive mathematics it is true that 'either A or not A is true' and that allows you to prove existence of objects with certain properties by disproving their non-existence (if it cannot not-exist then it has to exist, by the law of excluded middle). Constructive mathematics, on the other hand, says that that's not enough and to prove that there exist objects with some properties you have to prove their existence.

The way I understand it is that if you have the law of excluded middle you cannot discard 'non-constructive' proofs as invalid since they follow straight from the axioms.

So we can't claim constructive mathematicians reject excluded middle, since they reject the rejection of excluded middle. I admit this will be confusing for people used to classical logic at first, even those for whom English is their native language.

> The way I understand it is that if you have the law of excluded middle you cannot discard 'non-constructive' proofs as invalid since they follow straight from the axioms.

This is accurate, my above point is just a pedantic one about semantics.

“reject” would mean that if, given their set of axioms, it could be proven, they would try and tweak their axioms in order to make it unprovable or provably false in their system (“we think this cannot and should not be true”)

So, “not reject” means they would happily use it in their proofs, if it could be proven from their set of axioms (“interesting. That gives us a powerful tool to do proofs”)

Similarly, all classical uses of LEM (A ∨ B) can be understood as constructive statements of the form ¬(¬A ∧ ¬B).

The constructive logic used in constructive mathematics is classical logic with two new connectives added: the constructive existential, and the constructive disjunction (which could be defined in terms of the constructive existential).

The constructive disjunction and constructive existential connective has semantics given by the BKH interpretation[1]. A proof of the constructive disjunction A + B is either a proof of A or a proof of B. A proof of the constructive existential Σn:N. P(n) is a pair <n,p> where n is a natural number and p is a proof of P(n).

So constructive mathematics isn't classical mathematics hindered, but constructive mathematics is mathematics enhanced with a more expressive language. Naturally constructive mathematics tends to focus on theorems written in this more expressive language that make use of these new constructive connectives, rather than focusing on the classical fragment which is already well studied.

For the non-layman: we can see that the above interpretation is correct because the fundamental logical rules for universal quantification, implication, conjunction, false and true are all identical between classical and constructive logic. And, according to classical mathematicians at least, this set of logical combinatorics is complete. Thus the law of excluded middle holds, even in constructive logic, so long as you use the classical disjunction, which is defined in terms of conjunction, implication, and false. Similarly you can prove that proof by contraction, i.e. double negation elimination ¬ ¬A -> A is a theorem of constructive logic whenever A is a formula that does not use the constructive disjunction or constructive existential (where negation is defined in terms of implication and false).

For the all of the above, I'm particularly focused on first-order number theory, however all of the above carries over to higher-order theories, and I think it even holds for set theory (or at least some large part of set theory such as Zermelo set theory; I forget what happens with the replacement axiom). Higher-order constructive mathematics does come with the caveat that the Axiom of Choice is not a theorem of constructive mathematics even when it is phrased only using the classical existential.

[1]https://en.wikipedia.org/wiki/Brouwer%E2%80%93Heyting%E2%80%...

[0]: https://en.wikipedia.org/wiki/Diaconescu%27s_theorem#:~:text....