Leanstral: Open-source agent for trustworthy coding and formal proof engineering

Leanstral integrates large language models with the Lean 4 proof assistant to automatically generate and verify formal proofs. The agent uses LLM reasoning to propose proof steps, which are then validated by Lean's type checker and kernel, ensuring mathematical correctness. This creates a feedback loop where failed proof attempts inform the LLM's next generation strategy, enabling iterative refinement of formal proofs without manual intervention.

Leanstral can parse informal mathematical or algorithmic descriptions in natural language and convert them into formal Lean 4 specifications with type signatures and invariant constraints. The agent uses semantic understanding to identify key concepts, relationships, and constraints, then maps them to appropriate Lean 4 types, definitions, and lemma statements. This bridges the gap between human intent and formal logic without requiring developers to manually translate specifications.

When a proof attempt fails, Leanstral analyzes the Lean kernel error messages and uses the LLM to generate potential counterexamples or identify logical gaps in the proof strategy. The agent can suggest alternative proof approaches, identify missing lemmas, or propose strengthened hypotheses. This interactive loop allows developers to understand why a proof failed and iteratively refine their approach without manually reading dense Lean error messages.

Leanstral maintains an index of available lemmas, definitions, and theorems in the Lean codebase and uses this context to inform proof synthesis. When generating proofs, the agent retrieves relevant lemmas from the index and incorporates them into the proof strategy, avoiding redundant proofs and leveraging existing mathematical infrastructure. This context-aware approach reduces proof generation time and increases success rates by grounding the LLM in the actual available tools.

Leanstral can extract properties from source code (e.g., function contracts, loop invariants, type constraints) and automatically generate Lean specifications and proofs that verify these properties hold. The agent bridges imperative or functional code with formal logic by translating code semantics into Lean definitions, then proving that the code satisfies its specification. This enables trustworthy code by providing mathematical guarantees about correctness.

Leanstral breaks down complex proof goals into smaller subgoals and generates a proof plan before attempting tactic execution. The agent uses LLM reasoning to decompose the goal structure, identify intermediate lemmas needed, and order proof steps logically. This planning phase reduces backtracking and improves proof synthesis success rates by ensuring the LLM understands the overall proof strategy before committing to specific tactics.

Leanstral analyzes proof goals and suggests relevant lemmas from the codebase or mathlib4 that might help prove the goal. The agent uses semantic similarity between the goal and available lemmas to rank suggestions, then presents them to the developer with explanations of how they might apply. This accelerates proof development by reducing the time spent searching for relevant theorems.

Leanstral can analyze existing proofs and suggest refactorings that improve clarity, reduce length, or improve performance. The agent identifies redundant tactics, suggests more efficient proof strategies, and can automatically rewrite proofs using different approaches. This enables developers to maintain clean, efficient proofs as specifications evolve and new lemmas become available.

Leanstral can analyze unit tests or property-based tests and infer formal specifications that capture the tested behavior. The agent extracts invariants and properties from test cases, then generates Lean specifications that formalize these properties. This bridges the gap between informal testing and formal verification by automatically extracting formal requirements from existing test suites.

Leanstral provides real-time feedback as developers write proofs, suggesting tactics, identifying errors, and offering corrections before proof compilation. The agent monitors the proof state and provides context-aware suggestions based on the current goal, available lemmas, and proof history. This interactive experience accelerates proof development by reducing compile-test-fix cycles.