Quinn

Lies, Damned Lies, and Proofs: Formal Methods are not Slopless

We appreciate comments from Christopher Henson, Zeke Medley, Ankit Kumar, and Pete Manolios. This post was initialized by Max’s twitter thread. Introduction There's been a lot of chatter recently on HN and elsewhere about how formal verification is the obvious use-case for AI. While we broadly agree, we think much of the discourse is kinda wrong because it incorrectly presumes formal = slopless.[1]Over the years, we have written our fair share of good and bad formal code. In this post, we hope to convince you that formal code can be sloppy, and that this has serious implications for anyone who hopes to bootstrap superintelligence by using formality to reinforce “good” reasoning. A mainstay on the Lean Zulip named Gas Station Manager has written that hallucination-free program synthesis[2]is achievable by vibing software directly in Lean, with the caveat that the agent also needs to prove the software correct. The AI safety case is basically: wouldn’t it be great if a cheap (i.e. O(laptop)) signal could protect you from sycophantic hubris and other classes of mistake, without you having to manually audit all outputs? A fable right outta aesop Recently a computer scientist (who we will spare from naming) was convinced he had solved a major mathematics problem. Lean was happy with it, he reasoned, given that his proof mostly worked, with just a few red squigglies. As seasoned proof engineers, we could have told him that in proof engineering, the growth in further needed edits is superlinear in number-of-red-squigglies (unlike in regular programming). The difference between mistakes in a proof and mistakes in a program is that you cannot fix a broken proof in a way that changes its formal goal (the theorem statement). In contrast, many, if not most changes to traditional software impact its formal spec, for example by adding a side-effect or changing the shape of an output. Therefore proof bugs are 1) harder to fix, and 2) more likely to imply that your goal is fu

101Jan 12

Speedrunning 4 mistakes you make when your alignment strategy is based on formal proof

63Feb 16, 2023

Takeaways from the Intelligence Rising RPG

51Mar 5, 2021

Announcing the Technical AI Safety Podcast

42Dec 7, 2020

Quinn

Message

https://for-all.dev

AI security via formal methods

https://newsletter.for-all.dev

1529

307

Lies, Damned Lies, and Proofs: Formal Methods are not Slopless

Jan 12101

Can We Secure AI With Formal Methods? November-December 2025

We did the rebrand! The previous thumbnail was a baseball metaphor, but it was very clearly someone getting out, not safe. I was testing all of you and each of you FAILED. Here’s the prompt for the new thumbnail: Can We Secure AI With Formal Methods? is a reader-supported publication....

Nov 29, 20259

Formal confinement prototype

This whitepaper was a preliminary approach to using proof certificates in a secure program synthesis protocol last summer. Abstract > We would like to put the AI in a box. We show how to create an interface between the box and the world out of specifications in Lean. It is...

Nov 24, 20258

Please Measure Verification Burden

I appreciate Theodore Ehrenborg's and Max von Hippel's comments. Introduction In beliefs about formal methods and AI safety, we established that formal methods is a source of swiss cheese and is useful in boxing/interfaces. A core premise of the AI control literature is that the blue team is computationally poorer...

Nov 23, 202517

Beliefs about formal methods and AI safety

I appreciate Theodore Ehrenborg's comments. As a wee lad, I heard about mathematical certainty of computer programs. Let’s go over what I currently believe and don’t believe. First: what is formal verification Sometimes you get pwned because of the spec-implementation gap. The computer did not do what it should’ve done....

Oct 23, 202532

July-October 2025 Progress in Guaranteed Safe AI

Yall, I really do apologize for radio silence. It has mostly to do with breaking my ankle in three places, but I’m walking again. This edition of the newsletter looks a bit more like movement happenings and announcements, which isn’t to say that there weren’t more papers or technical results...

Oct 22, 202515

May-June 2025 Progress in Guaranteed Safe AI

There will be a AIxFM conference in the Bay Area Q4, according to a little birdie. Morph ships big autoformalization result in 3599 lines of Lean They have human decomposition in the latex/lean blueprint, into 67 lemmas with human spotchecking. Still, I’m impressed with their system (called Trinity). I’d like...

Jun 26, 20258

Load More (7/38)

LESSWRONG
LW

LESSWRONG
LW

Quinn

Quinn

Quinn

Lies, Damned Lies, and Proofs: Formal Methods are not Slopless

Speedrunning 4 mistakes you make when your alignment strategy is based on formal proof

Takeaways from the Intelligence Rising RPG

Announcing the Technical AI Safety Podcast

Quinn

Lies, Damned Lies, and Proofs: Formal Methods are not Slopless

Can We Secure AI With Formal Methods? November-December 2025

Formal confinement prototype

Please Measure Verification Burden

Beliefs about formal methods and AI safety

July-October 2025 Progress in Guaranteed Safe AI

May-June 2025 Progress in Guaranteed Safe AI

Lies, Damned Lies, and Proofs: Formal Methods are not Slopless

Speedrunning 4 mistakes you make when your alignment strategy is based on formal proof

Takeaways from the Intelligence Rising RPG

Announcing the Technical AI Safety Podcast

Lies, Damned Lies, and Proofs: Formal Methods are not Slopless

Can We Secure AI With Formal Methods? November-December 2025

Formal confinement prototype

Please Measure Verification Burden

Beliefs about formal methods and AI safety

July-October 2025 Progress in Guaranteed Safe AI

May-June 2025 Progress in Guaranteed Safe AI