feat: soundness of FRI-Binius protocols by chung-thai-nguyen · Pull Request #417 · Verified-zkEVM/ArkLib

chung-thai-nguyen · 2026-03-10T05:16:12Z

New version of #296
[x] rbrKnowledgeSoundness of Binary Basefold, Ring-switching, FRI-Binius, simple ring-switching construction (BBFSmallFieldIOPCS), completeness of BBFSmallFieldIOPCS
[x] All soundness lemmas except Lemma 4.25 (Soundness.lean)

github-actions · 2026-03-10T05:18:02Z

🤖 Gemini PR Summary

Mathematical Formalization

Establishes round-by-round (RBR) knowledge soundness and perfect completeness for the FRI-Binius protocol suite, including Binary Basefold (BBF), Ring-switching, and their composition into a small-field IOPCS (BBFSmallFieldIOPCS).
Develops foundational probabilistic tools: specialized Schwartz-Zippel bounds for low-degree polynomials, union bounds, and product rules for independent repetitions.
Introduces algebraic lemmas for multilinear polynomial evaluations over Boolean hypercubes and establishes congruence rules for iterated quotient maps in Additive NTT settings.
Defines "strict" variants of compatibility and sumcheck relations to separate requirements for perfect completeness from general knowledge soundness.
Characterizes the embedding of univariate polynomials into multivariate rings, proving preservation of degree bounds and non-zero properties.

Protocol Infrastructure & Refactoring

Refines the OracleReduction framework with "unroll" lemmas and simplification theorems bridging high-level probabilistic events (Pr_) with low-level oracle computations.
Transitions protocol verifiers from imperative logic to logical predicates to facilitate formal reasoning about state properties and oracle consistency.
Updates the VCVio simulation layer to support stateful forIn loops and path extraction for multi-round interactive proofs.
Introduces the rbrKnowledgeSoundness_of_eq_error theorem, enabling security proofs via simplified "flat" error functions.
Refactors witness extractor logic to incorporate post-decoding UDR-closeness checks and incremental "bad event" tracking.
Streamlines protocol specifications by centralizing common definitions (e.g., final sumcheck steps) and automating OracleInterface and SampleableType instances.

Proof Status and Critical Gaps

Completes soundness proofs for Ring-switching and FRI-Binius core interaction phases, removing several previous sorry placeholders.
CRITICAL: This PR introduces or retains numerous sorry and admit placeholders, primarily within Binary Basefold (BBF) sub-modules. Unverified components include:
- Fundamental BBF lemmas regarding fiberwise closeness and unique decoding radius (UDR) checks.
- Structural proofs for multilinear evaluations and iterated folding decompositions.
- Intermediate consistency guards and distance preservation logic in BBF Query and Soundness phases.
- Foundational typeclass instances for domain-related function types in the protocol specification.

Statistics

Metric	Count
📝 Files Changed	28
✅ Lines Added	14701
❌ Lines Removed	2232

Lean Declarations

✏️ **Removed:** 28 declaration(s)

def strictFinalFoldingStateProp (t : MultilinearPoly L ℓ) {h_le : ϑ ≤ ℓ} in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
lemma k_succ_mul_ϑ_le_ℓ {k : Fin (ℓ / ϑ)} : (k.val + 1) * ϑ ≤ ℓ in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
def commitStepHEq (i : Fin ℓ) (hCR : isCommitmentRound ℓ ϑ i) : in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
def extractSuffixFromChallenge (v : sDomain 𝔽q β h_ℓ_add_R_rate ⟨0, by omega⟩) in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
def challengeSuffixToFin (k : Fin (ℓ / ϑ)) in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
def finalFoldingStateProp {h_le : ϑ ≤ ℓ} in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
lemma lt_r_of_lt_ℓ {h_ℓ_add_R_rate : ℓ + 𝓡 < r} {x : ℕ} (h : x < ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
instance instOracleStatementFiniteRange {i : Fin (ℓ + 1)} : in ArkLib/ProofSystem/Binius/BinaryBasefold/Spec.lean
def finalSumcheckRbrKnowledgeError : ℝ≥0 in ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean
def oracleWitnessConsistency in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
def commitStepEmbed (i : Fin ℓ) (hCR : isCommitmentRound ℓ ϑ i) : in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
def badEventExistsProp in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
lemma k_mul_ϑ_lt_ℓ {k : Fin (ℓ / ϑ)} : in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
def queryRbrKnowledgeError in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
lemma k_succ_mul_ϑ_le_ℓ_₂ {k : Fin (ℓ / ϑ)} : (k.val * ϑ + ϑ) ≤ ℓ in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
lemma OptionT.liftComp_forIn {ι ι' : Type _} {spec : OracleSpec ι} {superSpec : OracleSpec ι'} in ArkLib/ToVCVio/Simulation.lean
def queryCodeword (j : Fin (toOutCodewordsCount ℓ ϑ (Fin.last ℓ))) in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
def NBlockMessages in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean
def proximityChecksSpec (γ_challenges : in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
def decomposeChallenge (v : sDomain 𝔽q β h_ℓ_add_R_rate ⟨0, by omega⟩) in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
lemma oracleWitnessConsistency_relay_preserved in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
abbrev fullInputRelation in ArkLib/ProofSystem/Binius/RingSwitching/General.lean
def getChallengeSuffix (k : Fin (ℓ / ϑ)) (v : sDomain 𝔽q β h_ℓ_add_R_rate ⟨0, by omega⟩) : in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
lemma lt_r_of_le_ℓ {h_ℓ_add_R_rate : ℓ + 𝓡 < r} {x : ℕ} (h : x ≤ ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
abbrev fullOutputRelation in ArkLib/ProofSystem/Binius/RingSwitching/General.lean
lemma extractSuffixFromChallenge_congr_destIdx in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
lemma polyToOracleFunc_eq_getFirstOracle in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
abbrev MLPEvalStatement in ArkLib/ProofSystem/Binius/RingSwitching/Prelude.lean

✏️ **Added:** 246 declaration(s)

def foldStepFreshDoomPreservationEvent (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
lemma k_mul_ϑ_lt_ℓ {k : Fin (ℓ / ϑ)} : in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def strictBatchingInputRelationProp (stmt : BatchingStmtIn L ℓ) in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean
theorem probEvent_StateT_run_ignore_state {α : Type} in ArkLib/OracleReduction/Completeness.lean
def badSumcheckEventProp (r_i' : L) (h_i h_star : L⦃≤ 2⦄[X]) in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
lemma prob_schwartz_zippel_univariate_deg {R : Type} [CommRing R] [IsDomain R] [Fintype R] in ArkLib/Data/Probability/Instances.lean
theorem lemma_4_25_reject_if_suffix_in_disagreement in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma simulateQ_forIn_stateful_run_eq {ι : Type} {spec : OracleSpec ι} in ArkLib/ToVCVio/Simulation.lean
lemma k_succ_mul_ϑ_le_ℓ_₂ {k : Fin (ℓ / ϑ)} : (k.val * ϑ + ϑ) ≤ ℓ in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def projTranscriptChallenge {T C L S : Type} : ((T × C × L) × S) → T × C in ArkLib/OracleReduction/Completeness.lean
lemma OptionT.exists_path_of_mem_support_forIn_unit {σ α : Type} [spec.Fintype] in ArkLib/ToVCVio/Simulation.lean
lemma strictBatchingInputRelation_subset_batchingInputRelation : in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean
def badBatchingEventProp (y : Fin κ → L) (msg0 s_bar : TensorAlgebra K L) : Prop in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean
lemma logical_queryFiberPoints_eq_fiberEvaluations in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def queryCodeword (j : Fin (toOutCodewordsCount ℓ ϑ (Fin.last ℓ))) in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma fiberwiseClose_congr_sourceDomain_index (sourceIdx₁ sourceIdx₂ : Fin r) {destIdx : Fin r} (steps : ℕ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean
lemma lt_r_of_le_ℓ {h_ℓ_add_R_rate : ℓ + 𝓡 < r} {x : ℕ} (h : x ≤ ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def badBlockSet in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma batching_compute_s0_eq_eval_MLE in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean
lemma getFiberPoint_eq_qMap_total_fiber in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def batchingMismatchPoly (msg0 s_bar : TensorAlgebra K L) : MvPolynomial (Fin κ) L in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean
lemma prob_uniform_suffix_mem in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma getFirstOracle_mapOStmtOutRelayStep_eq (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
lemma firstOracleWitnessConsistency_unique (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
theorem largeFieldInvocationOracleReduction_perfectCompleteness (hInit : NeverFail init) : in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
lemma fiberwise_disagreement_isomorphism (i : Fin ℓ) (steps : ℕ) {destIdx : Fin r} in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma hammingDist_fin1_eq [DecidableEq (Fin 1 → A)] {u v : ι → Fin 1 → A} : in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def badBlockProp in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma foldStep_oracleWitnessConsistency_unique_witMid (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
def strictSumcheckRoundRelation (aOStmtIn : AbstractOStmtIn L ℓ') (i : Fin (ℓ' + 1)) : in ArkLib/ProofSystem/Binius/RingSwitching/Prelude.lean
lemma incrementalBadEventExistsProp_relay_preserved (i : Fin ℓ) (hNCR : ¬ isCommitmentRound ℓ ϑ i) in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
lemma fiberwiseClose_steps_zero_iff_UDRClose in ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean
def getLiftPoly (i : Fin ℓ) (steps : ℕ) {destIdx : Fin r} in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
theorem prob_pow_of_forall_finFun in ArkLib/Data/Probability/Instances.lean
lemma incrementalFoldingBadEvent_of_k_eq_0_is_false in ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean
lemma prop_4_20_case_2_fiberwise_far (i : Fin ℓ) (steps : ℕ) [NeZero steps] in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def queryRbrKnowledgeError_singleRepetition in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
theorem soundness_unroll_runToRound_1_P_to_V_pSpec_2 in ArkLib/OracleReduction/Completeness.lean
lemma batching_compute_s0_sub_eq_eval_mismatch in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean
lemma map_pure (f : α → β) (a : α) : in ArkLib/ToVCVio/Simulation.lean
theorem singleRepetition_proximityCheck_bound in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
lemma probability_bound_badSumcheckEventProp (h_i h_star : L⦃≤ 2⦄[X]) : in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
theorem rbrKnowledgeSoundness_of_eq_error in ArkLib/OracleReduction/Security/RoundByRound.lean
lemma MLPEvalRelation_of_round0_local_and_structural in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
def strictfinalSumcheckStepFoldingStateProp (t : MultilinearPoly L ℓ) {h_le : ϑ ≤ ℓ} in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
def getLiftCoeffs (i : Fin ℓ) (steps : ℕ) {destIdx : Fin r} in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma batching_compute_eq_from_hafter in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean
def decomposeChallenge (v : sDomain 𝔽q β h_ℓ_add_R_rate ⟨0, by omega⟩) in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma prop_4_20_2_case_1_fiberwise_close_incremental in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
theorem probOutput_uniform_eq_Pr in ArkLib/OracleReduction/Completeness.lean
def finalSumcheckProverComputeMsg in ArkLib/ProofSystem/Binius/FRIBinius/CoreInteractionPhase.lean
lemma not_jointProximityNat_of_not_jointProximityNat_evenOdd_split in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
theorem probOutput_uniformOfFintype_eq_Pr in ArkLib/OracleReduction/Completeness.lean
lemma folded_lifted_IC_eq_IC_row_polyToOracleFunc (i : Fin ℓ) (steps : ℕ) {destIdx : Fin r} in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma polyToOracleFunc_eq_getFirstOracle in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma finalSumcheck_honest_message_eq_f_zero in ArkLib/ProofSystem/Binius/FRIBinius/CoreInteractionPhase.lean
theorem soundness_unroll_runToRound_1_V_to_P_pSpec_2 in ArkLib/OracleReduction/Completeness.lean
lemma exists_rel_path_of_mem_support_forIn_stateful {ι : Type} {spec : OracleSpec ι} [spec.Fintype] in ArkLib/ToVCVio/Simulation.lean
def lastBlockRbrKnowledgeError (k : (pSpecLastBlock (L in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean
def bbfMLIOPCS : MLIOPCS L ℓ' where in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
theorem probEvent_PMF_eq_Pr {α : Type} (pmf : PMF α) (P : α → Prop) [DecidablePred P] : in ArkLib/OracleReduction/Completeness.lean
lemma incrementalBadEventExistsProp_commit_step_backward (i : Fin ℓ) (hCR : isCommitmentRound ℓ ϑ i) in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
theorem prop_4_23_singleRepetition_proximityCheck_bound in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def finalSumcheckStepOracleConsistencyProp {h_le : ϑ ≤ ℓ} in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
def logical_checkSingleFoldingStep in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def masterStrictKStateProp (aOStmtIn : AbstractOStmtIn L ℓ') (stmtIdx : Fin (ℓ' + 1)) in ArkLib/ProofSystem/Binius/RingSwitching/Prelude.lean
def nonLastSingleBlockFoldRelayRbrKnowledgeError (bIdx : Fin (ℓ / ϑ - 1)) in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean
lemma projectToMidSumcheckPoly_at_last_eq in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
lemma foldStepHStarFromWitMid_eq_of_oracleWitnessConsistency (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
lemma iteratedQuotientMap_congr_k in ArkLib/Data/FieldTheory/AdditiveNTT/AdditiveNTT.lean
def foldRelayKnowledgeError (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean
lemma strictSumcheckRoundRelation_subset_sumcheckRoundRelation (aOStmtIn : AbstractOStmtIn L ℓ') in ArkLib/ProofSystem/Binius/RingSwitching/Prelude.lean
def strictSumcheckRoundRelationProp (aOStmtIn : AbstractOStmtIn L ℓ') (i : Fin (ℓ' + 1)) in ArkLib/ProofSystem/Binius/RingSwitching/Prelude.lean
def incrementalBadEventExistsProp in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
theorem fullOracleVerifier_rbrKnowledgeSoundness : in ArkLib/ProofSystem/Binius/FRIBinius/General.lean
lemma support_run_simulateQ_run_fst_eq {ι : Type} in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
lemma not_badBlock_of_lt_highest in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def finalSumcheckProverWitOut : Unit in ArkLib/ProofSystem/Binius/FRIBinius/CoreInteractionPhase.lean
theorem prob_pow_bound_of_forall in ArkLib/Data/Probability/Instances.lean
def finalSumcheckStepFoldingStateProp {h_le : ϑ ≤ ℓ} in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
lemma prop_4_20_case_1_fiberwise_close (i : Fin ℓ) (steps : ℕ) [NeZero steps] in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma multilinearWeight_bitsOfIndex_eq_indicator {n : ℕ} (j k : Fin (2 ^ n)) : in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma prop_4_20_bad_event_probability (i : Fin ℓ) (steps : ℕ) [NeZero steps] in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma map_eval_sumToIter_rename_finSum_zero in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
lemma foldCommitKnowledgeError_eq (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean
lemma OptionT.support_run_simulateQ_run'_eq in ArkLib/ToVCVio/Simulation.lean
def finalSumcheckVerifierStmtOut in ArkLib/ProofSystem/Binius/FRIBinius/CoreInteractionPhase.lean
lemma batchingMismatchPoly_totalDegree_le in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean
lemma iteratedSumcheck_doom_escape_probability_bound (i : Fin ℓ') in ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean
theorem soundness_unroll_runToRound_2_pSpec_2 in ArkLib/OracleReduction/Completeness.lean
def rbrExtractionFailureEvent {ι : Type} {oSpec : OracleSpec ι} {StmtIn WitIn WitOut : Type} {n : ℕ} in ArkLib/ProofSystem/Binius/BinaryBasefold/ReductionLogic.lean
theorem QueryImpl_append_impl_inr_stateful in ArkLib/ToVCVio/Simulation.lean
def blockBadEventExistsProp in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
lemma goodBlock_implies_UDRClose in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma AbstractOStmtIn.toStrictRelInput_subset_toRelInput (aOStmtIn : AbstractOStmtIn L ℓ') : in ArkLib/ProofSystem/Binius/RingSwitching/Prelude.lean
def getRowPoly (i : Fin ℓ) (steps : ℕ) {destIdx : Fin r} in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
theorem QueryImpl_append_impl_inr_stateful_run' in ArkLib/ToVCVio/Simulation.lean
def logical_queryFiberPoints in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def strictBatchingInputRelation : in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean
lemma batchingMismatchPoly_nonzero_of_ne in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean
lemma sumcheckConsistency_at_last_simplifies in ArkLib/ProofSystem/Binius/FRIBinius/CoreInteractionPhase.lean
theorem unroll_rbrKnowledgeSoundness in ArkLib/OracleReduction/Completeness.lean
theorem probEvent_proj_transcript_challenge in ArkLib/OracleReduction/Completeness.lean
theorem qMap_total_fiber_injective (i : Fin r) {destIdx : Fin r} (steps : ℕ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Prelude.lean
theorem FullTranscript.mk1_eq_snoc {pSpec : ProtocolSpec 1} (msg0 : pSpec.«Type» 0) : in ArkLib/OracleReduction/Basic.lean
lemma prop_4_20_2_incremental_bad_event_probability in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma distFromCode_fin1_eq [DecidableEq (Fin 1 → A)] (u : ι → Fin 1 → A) (C : Set (ι → A)) : in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def foldStepHStarFromWitMid (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
theorem nonLastSingleBlockOracleVerifier_rbrKnowledgeSoundness in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean
lemma fold_preTensorCombine_eq_affineLineEvaluation_split in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma prob_poly_agreement_degree_one {R : Type} [CommRing R] [IsDomain R] [Fintype R] in ArkLib/Data/Probability/Instances.lean
lemma oracleFoldingConsistencyProp_relay_preserved (i : Fin ℓ) (hNCR : ¬ isCommitmentRound ℓ ϑ i) in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
theorem soundness_unroll_runToRound_0_pSpec_1_V_to_P in ArkLib/OracleReduction/Completeness.lean
lemma iteratedQuotientMap_succ_comp in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
instance largeFieldInvocationCtxLens_complete : in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
lemma batching_doom_escape_probability_bound in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean
def logical_proximityChecksSpec in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma fiberwiseDisagreementSet_steps_zero_eq_disagreementSet in ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean
def challengeSuffixToFin (k : Fin (ℓ / ϑ)) in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma addLift_challengeQueryImpl_input_run_eq_liftM_run in ArkLib/ToVCVio/Simulation.lean
lemma affineProximityGap_RS_interleaved_contrapositive in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma fiberwiseClose_fold_implies_affineLineEval_close in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def reducedMLPEvalStatement_to_BBF_Statement (stmt : MLPEvalStatement (L in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
def queryRbrKnowledgeError in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def splitEvenOddRowWiseInterleavedWords {ϑ : ℕ} in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def nonLastBlocksRbrKnowledgeError in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean
lemma logical_computeFoldedValue_eq_iterated_fold in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
theorem bbf_fullOracleVerifier_rbrKnowledgeSoundness : in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
lemma finalSumcheckStep_is_logic_complete : in ArkLib/ProofSystem/Binius/FRIBinius/CoreInteractionPhase.lean
def foldCommitKnowledgeError (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean
lemma iterated_fold_first (i : Fin r) {midIdx destIdx : Fin r} (steps : ℕ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Prelude.lean
lemma roundRelation.of_fin_eq {i j : Fin (ℓ + 1)} (h : i = j) : in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean
theorem bbf_fullOracleReduction_perfectCompleteness (hInit : NeverFail init) : in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
lemma firstOracleWitnessConsistencyProp_unique (t₁ t₂ : MultilinearPoly L ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
lemma preTensorCombine_row_eq_fold_with_binary_row_challenges in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
theorem probOutput_eq_PMF_apply in ArkLib/OracleReduction/Completeness.lean
lemma incrementalFoldingBadEvent_eq_foldingBadEvent_of_k_eq_ϑ in ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean
lemma support_simulateQ_bind_run_eq in ArkLib/ToVCVio/Simulation.lean
def finalSumcheckKnowledgeError (m : pSpecFinalSumcheckStep (L in ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean
lemma batching_rbrExtractionFailureEvent_imply_badBatchingEvent in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean
lemma extractMLP_eq_some_iff_pair_UDRClose (f : (sDomain 𝔽q β h_ℓ_add_R_rate) ⟨0, by omega⟩ → L) in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
lemma logical_checkSingleRepetition_of_mem_support_forIn_body {σ : Type} in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
lemma iterated_fold_to_const_strict in ArkLib/ProofSystem/Binius/FRIBinius/CoreInteractionPhase.lean
lemma k_succ_mul_ϑ_le_ℓ {k : Fin (ℓ / ϑ)} : (k.val + 1) * ϑ ≤ ℓ in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def AbstractOStmtIn.toStrictRelInput (aOStmtIn : AbstractOStmtIn L ℓ') : in ArkLib/ProofSystem/Binius/RingSwitching/Prelude.lean
lemma lemma_4_24_dist_folded_ge_of_last_noncompliant (i_star : Fin ℓ) (steps : ℕ) [NeZero steps] in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
theorem sumcheckLoopOracleVerifier_rbrKnowledgeSoundness : in ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean
lemma qMap_total_fiber_congr_dest in ArkLib/ProofSystem/Binius/BinaryBasefold/Prelude.lean
def incrementalFoldingBadEvent in ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean
lemma mem_support_StateT_bind_run {σ α β : Type} in ArkLib/ToVCVio/Simulation.lean
lemma support_StateT_ite_apply {σ α : Type} in ArkLib/ToVCVio/Simulation.lean
lemma Polynomial.toMvPolynomial_totalDegree_le [Nontrivial R] (p : Polynomial R) (i : σ) : in ArkLib/ToMathlib/MvPolynomial/Equiv.lean
lemma mapOStmtOut_eq_mkVerifierOStmtOut_relayStep in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
theorem prop_4_23_singleRepetition_proximityCheck_bound in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
lemma prob_poly_agreement_degree_two {R : Type} [CommRing R] [IsDomain R] [Fintype R] in ArkLib/Data/Probability/Instances.lean
lemma fiberwiseDisagreementSet_congr_sourceDomain_index (sourceIdx₁ sourceIdx₂ : Fin r) {destIdx : Fin r} (steps : ℕ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean
lemma badEventExistsProp_iff_incrementalBadEventExistsProp_last in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
lemma prop_4_20_2_case_2_fiberwise_far_incremental in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def batchingCoreRbrKnowledgeError in ArkLib/ProofSystem/Binius/FRIBinius/General.lean
lemma extractMLP_some_of_oracleFoldingConsistency in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
def finalSumcheckStepLogic : in ArkLib/ProofSystem/Binius/FRIBinius/CoreInteractionPhase.lean
lemma preTensorCombine_of_lift_interleavedCodeword_eq_self (i : Fin ℓ) (steps : ℕ) {destIdx : Fin r} in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
theorem probEvent_simulateQ_run_ignore_state {α : Type} in ArkLib/OracleReduction/Completeness.lean
lemma fixFirstVariablesOfMQP_zero_eq in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
def largeFieldInvocationExtractorLens : Extractor.Lens in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
def logical_stepCondition (oStmt : ∀ j, OracleStatement 𝔽q β (h_ℓ_add_R_rate in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def MLPEvalWitness_to_BBF_Witness (stmt : MLPEvalStatement (L in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
abbrev nBlocks : ℕ in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def foldStepWitBeforeFromWitMid (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
instance largeFieldInvocationExtractorLens_rbr_knowledge_soundness in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
lemma challengeTensorExpansion_bitsOfIndex_is_eq_indicator {n : ℕ} (k : Fin (2 ^ n)) : in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def fullRbrKnowledgeError in ArkLib/ProofSystem/Binius/FRIBinius/General.lean
def extractMLP (i : Fin ℓ) (f : (sDomain 𝔽q β h_ℓ_add_R_rate) ⟨i, by omega⟩ → L) : in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
lemma foldRelayKnowledgeError_eq (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean
lemma fun_eta_expansion_apply {α β : Type*} (f : α → β) (x : α) : (f x) = (fun x => f x) x in ArkLib/Data/Misc/Basic.lean
lemma fold_eq_multilinearCombine_preTensorCombine_step1 in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
theorem probEvent_soundness_goal_unroll_log in ArkLib/OracleReduction/Completeness.lean
lemma finalSumcheckStep_verifierCheck_passed in ArkLib/ProofSystem/Binius/FRIBinius/CoreInteractionPhase.lean
lemma foldStep_doom_escape_probability_bound (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
def projTranscriptChallengeInner {T C L : Type} : (T × C × L) → T × C in ArkLib/OracleReduction/Completeness.lean
lemma disagreement_fold_subset_fiberwiseDisagreement (i : Fin ℓ) (steps : ℕ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma oracleFoldingConsistencyProp_commit_step_backward (i : Fin ℓ) (hCR : isCommitmentRound ℓ ϑ i) in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
theorem probEvent_soundness_goal_unroll_log' in ArkLib/OracleReduction/Completeness.lean
lemma OptionT.exists_rel_path_of_mem_support_forIn_stateful {ι : Type} {spec : OracleSpec ι} in ArkLib/ToVCVio/Simulation.lean
lemma preTensorCombine_is_interleavedCodeword_of_codeword (i : Fin ℓ) (steps : ℕ) {destIdx : Fin r} in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma iterated_fold_to_level_ℓ_eval in ArkLib/ProofSystem/Binius/BinaryBasefold/Prelude.lean
def extractSuffixFromChallenge (v : sDomain 𝔽q β h_ℓ_add_R_rate ⟨0, by omega⟩) in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma exists_path_of_mem_support_forIn_unit {σ α : Type} [spec.Fintype] in ArkLib/ToVCVio/Simulation.lean
lemma extractMLP_some_of_isCompliant_at_zero in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
lemma extracted_t_poly_eval_eq_final_constant in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
def foldKStateProps {i : Fin ℓ} (m : Fin (2 + 1)) in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
lemma foldStep_rbrExtractionFailureEvent_imply_sumcheck_or_badEvent (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
lemma finalCodeword_zero_eq_t_eval in ArkLib/ProofSystem/Binius/FRIBinius/CoreInteractionPhase.lean
lemma ENNReal.tsum_mul_le_of_le_of_sum_le_one {α : Type*} {f g : α → ℝ≥0∞} {ε : ℝ≥0∞} in ArkLib/OracleReduction/Completeness.lean
lemma sumcheckConsistency_MLPEvalWitness_to_BBF_Witness_of_eval in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
lemma foldingBadEventAtBlock_snoc_castSucc_eq (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean
lemma firstOracleWitnessConsistency_unique in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
lemma fiberwiseClose_implies_jointProximityNat (i : Fin ℓ) (steps : ℕ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
theorem probEvent_StateT_run'_eq_tsum in ArkLib/OracleReduction/Completeness.lean
lemma qMap_total_fiber_congr_source in ArkLib/ProofSystem/Binius/BinaryBasefold/Prelude.lean
instance instOracleStatementFintype {i : Fin (ℓ + 1)} : in ArkLib/ProofSystem/Binius/BinaryBasefold/Spec.lean
lemma simulateQ_forIn_stateful_comp {ι : Type} {spec : OracleSpec ι} in ArkLib/ToVCVio/Simulation.lean
lemma probability_bound_badBatchingEventProp in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean
lemma OptionT.mem_support_StateT_bind_run {σ α β : Type} in ArkLib/ToVCVio/Simulation.lean
def logical_checkSingleRepetition in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma pair_fiberwiseDistance_steps_zero_eq_hammingDist in ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean
lemma extractSuffixFromChallenge_congr_destIdx in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def bbfAbstractOStmtIn : AbstractOStmtIn L ℓ' where in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
def iteratedSumcheckWitMid (i : Fin ℓ') : Fin (2 + 1) → Type in ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean
theorem Pr_or_le {α : Type} (D : PMF α) in ArkLib/Data/Probability/Instances.lean
lemma qMap_total_fiber_congr_source_apply in ArkLib/ProofSystem/Binius/BinaryBasefold/Prelude.lean
lemma fold_agreement_of_fiber_agreement (i : Fin ℓ) (steps : ℕ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def finalSumcheckVerifierCheck in ArkLib/ProofSystem/Binius/FRIBinius/CoreInteractionPhase.lean
lemma OptionT.simulateQ_forIn_stateful_comp {ι : Type} {spec : OracleSpec ι} in ArkLib/ToVCVio/Simulation.lean
instance instOracleInterfaceMessagePSpecFold : in ArkLib/ProofSystem/Binius/BinaryBasefold/Spec.lean
def foldStepWitMidOracleConsistency (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
lemma incrementalBadEventExistsProp_fold_step_backward (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
def nonLastSingleBlockRbrKnowledgeError (bIdx : Fin (ℓ / ϑ - 1)) in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean
lemma logical_consistency_checks_passed_of_mem_support_V_run {σ : Type} in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean
lemma lt_r_of_lt_ℓ {h_ℓ_add_R_rate : ℓ + 𝓡 < r} {x : ℕ} (h : x < ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma Polynomial.toMvPolynomial_ne_zero_iff (p : Polynomial R) (i : σ) : in ArkLib/ToMathlib/MvPolynomial/Equiv.lean
lemma highestBadBlock_is_bad in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma UDRClose_of_fin_eq {i j : Fin r} (hij : i = j) in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def largeFieldInvocationOracleReduction : in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
lemma tsum_mul_le_of_le_of_sum_le_one_nnreal {α : Type*} in ArkLib/OracleReduction/Completeness.lean
def fiberDiff (i : Fin ℓ) (steps : ℕ) {destIdx : Fin r} in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def getChallengeSuffix (k : Fin (ℓ / ϑ)) (v : sDomain 𝔽q β h_ℓ_add_R_rate ⟨0, by omega⟩) : in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma OptionT.simulateQ_bind_stateful {ι : Type} {spec : OracleSpec ι} in ArkLib/ToVCVio/Simulation.lean
def logical_computeFoldedValue in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma iteratedSumcheck_rbrExtractionFailureEvent_imply_badSumcheck (i : Fin ℓ') in ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean
lemma not_jointProximityNat_of_not_jointProximityNat_split in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def largeFieldInvocationStmtLens : OracleStatement.Lens in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
lemma multilinearCombine_recursive_form_first {ϑ : ℕ} in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
def foldWitMid (i : Fin ℓ) : Fin (2 + 1) → Type in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean
lemma witnessStructuralInvariant_MLPEvalWitness_to_BBF_Witness in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
theorem tsum_uniform_Pr_eq_Pr in ArkLib/OracleReduction/Completeness.lean
theorem nonLastBlocksOracleVerifier_rbrKnowledgeSoundness : in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean
theorem lastBlockOracleVerifier_rbrKnowledgeSoundness : in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean
lemma lemma_4_21_interleaved_word_UDR_far (i : Fin ℓ) (steps : ℕ) [NeZero steps] in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
theorem probEvent_runWithLogToRound_ignore_log in ArkLib/OracleReduction/Completeness.lean
def largeFieldInvocationCtxLens : OracleContext.Lens in ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean
lemma batchingMismatchPoly_nonzero_of_embed_ne in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean
def preTensorCombine_WordStack (i : Fin ℓ) (steps : ℕ) {destIdx : Fin r} in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean
lemma batching_pack_unpack_id (t' : MultilinearPoly L ℓ') : in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean
instance instOracleInterfaceMessagePSpecSumcheckRound : in ArkLib/ProofSystem/Binius/RingSwitching/Spec.lean
def nonLastSingleBlockCommitIdx (bIdx : Fin (ℓ / ϑ - 1)) : Fin ℓ in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean

✏️ **Affected:** 18 declaration(s) (line number changed)

def finalSumcheckKStateProp {m : Fin (1 + 1)} (tr : Transcript m (pSpecFinalSumcheckStep (L in ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean moved from L1182 to L1510
def sumcheckVerifierStmtOut (stmtIn : Statement (L in ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean moved from L74 to L75
def batchingRBRKnowledgeError : ℝ≥0 in ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean moved from L406 to L413
def sumcheckFoldKnowledgeError (j : (pSpecSumcheckFold 𝔽q β (ϑ in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean moved from L1171 to L1554
def firstOracleWitnessConsistencyProp (t : MultilinearPoly L ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean moved from L1283 to L831
def sumcheckProverWitOut (_stmtIn : Statement (L in ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean moved from L89 to L90
def fiberwiseClose (i : Fin r) {destIdx : Fin r} (steps : ℕ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean moved from L155 to L199
def sumcheckVerifierCheck (stmtIn : Statement (L in ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean moved from L68 to L69
def pair_fiberwiseClose (i : Fin r) {destIdx : Fin r} (steps : ℕ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean moved from L162 to L206
theorem coreInteraction_rbrKnowledgeSoundness : in ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean moved from L1331 to L1837
instance sumcheckFoldExtractorLens_rbr_knowledge_soundness in ArkLib/ProofSystem/Binius/FRIBinius/CoreInteractionPhase.lean moved from L266 to L311
theorem multilinear_eval_eq_sum_bool_hypercube (challenges : Fin ℓ → L) (t : ↥L⦃≤ 1⦄[X Fin ℓ]) : in ArkLib/ProofSystem/Binius/BinaryBasefold/Prelude.lean moved from L413 to L418
theorem queryOracleVerifier_rbrKnowledgeSoundness {σ : Type} (init : ProbComp σ) in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean moved from L2146 to L2626
def BinaryBasefoldAbstractOStmtIn : (RingSwitching.AbstractOStmtIn (L in ArkLib/ProofSystem/Binius/FRIBinius/Prelude.lean moved from L51 to L53
def pSpecFinalSumcheck in ArkLib/ProofSystem/Binius/RingSwitching/Spec.lean moved from L61 to L64
def queryKStateProp (m : Fin (1 + 1)) in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean moved from L2098 to L2465
lemma iterated_fold_to_level_ℓ_is_constant in ArkLib/ProofSystem/Binius/BinaryBasefold/Prelude.lean moved from L2267 to L2414
theorem finalSumcheckOracleVerifier_rbrKnowledgeSoundness {σ : Type} in ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean moved from L1231 to L1712

sorry Tracking

✅ **Removed:** 12 `sorry`(s)

def finalSumcheckKStateProp {m : Fin (1 + 1)} (tr : Transcript m (pSpecFinalSumcheckStep (L in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean (L1586)
def finalSumcheckKStateProp {m : Fin (1 + 1)} (tr : Transcript m (pSpecFinalSumcheckStep (L in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean (L1590)
def finalSumcheckKStateProp {m : Fin (1 + 1)} (tr : Transcript m (pSpecFinalSumcheckStep (L in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean (L1592)
theorem finalSumcheckOracleVerifier_rbrKnowledgeSoundness {σ : Type} in ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean (L1241)
lemma OptionT.liftComp_forIn {ι ι' : Type _} {spec : OracleSpec ι} {superSpec : OracleSpec ι'} in ArkLib/ToVCVio/Simulation.lean (L1494)
def iteratedSumcheckKnowledgeStateFunction (i : Fin ℓ') : in ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean (L644)
theorem finalSumcheckOracleVerifier_rbrKnowledgeSoundness [Fintype L] {σ : Type} in ArkLib/ProofSystem/Binius/FRIBinius/CoreInteractionPhase.lean (L597)
def sumcheckFoldKnowledgeError in ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean (L1176)
theorem iteratedSumcheckOracleVerifier_rbrKnowledgeSoundness (i : Fin ℓ') : in ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean (L656)
theorem fullOracleVerifier_rbrKnowledgeSoundness {𝓑 : Fin 2 ↪ L} : in ArkLib/ProofSystem/Binius/RingSwitching/General.lean (L182)
theorem fullOracleVerifier_rbrKnowledgeSoundness {𝓑 : Fin 2 ↪ L} : in ArkLib/ProofSystem/Binius/RingSwitching/General.lean (L186)
theorem queryOracleVerifier_rbrKnowledgeSoundness {σ : Type} (init : ProbComp σ) in ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean (L2157)

❌ **Added:** 16 `sorry`(s)

lemma firstOracleWitnessConsistencyProp_unique (t₁ t₂ : MultilinearPoly L ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean (L1356)
theorem lemma_4_25_reject_if_suffix_in_disagreement in ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean (L3927)
lemma extractMLP_eq_some_iff_pair_UDRClose (f : (sDomain 𝔽q β h_ℓ_add_R_rate) ⟨0, by omega⟩ → L) in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean (L976)
lemma oracleFoldingConsistencyProp_commit_step_backward (i : Fin ℓ) (hCR : isCommitmentRound ℓ ϑ i) in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean (L1589)
lemma fiberwiseDisagreementSet_steps_zero_eq_disagreementSet in ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean (L176)
lemma incrementalBadEventExistsProp_relay_preserved (i : Fin ℓ) (hNCR : ¬ isCommitmentRound ℓ ϑ i) in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean (L1511)
lemma fiberwiseClose_steps_zero_iff_UDRClose in ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean (L242)
lemma incrementalBadEventExistsProp_commit_step_backward (i : Fin ℓ) (hCR : isCommitmentRound ℓ ϑ i) in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean (L1563)
lemma mapOStmtOut_eq_mkVerifierOStmtOut_relayStep in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean (L2232)
lemma extractMLP_some_of_isCompliant_at_zero in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean (L1008)
lemma extracted_t_poly_eval_eq_final_constant in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean (L2961)
lemma extracted_t_poly_eval_eq_final_constant in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean (L2974)
lemma badEventExistsProp_iff_incrementalBadEventExistsProp_last in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean (L1487)
lemma badEventExistsProp_iff_incrementalBadEventExistsProp_last in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean (L1491)
lemma iterated_fold_first (i : Fin r) {midIdx destIdx : Fin r} (steps : ℕ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Prelude.lean (L1588)
lemma incrementalBadEventExistsProp_fold_step_backward (i : Fin ℓ) in ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean (L1036)

🎨 **Style Guide Adherence**

This code review is based on the ArkLib style guide. The following violations were identified and grouped by rule:

Function Syntax

Rule: "Functions: Prefer fun x ↦ ... over λ x, ...."
ArkLib uses the ↦ symbol (maps-to) for function definitions. The provided diff contains over 50 instances of the standard Lean 4 => syntax.

ArkLib/Data/Misc/Basic.lean: Lines 31, 33, and 37 (fun x => ...).
ArkLib/OracleReduction/Basic.lean: Line 773 and 781 (fun | ⟨0, _⟩ => msg0).
ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean: Line 835 (fun ω => ...), Line 876 (fun i => ...), and Line 1090 (fun y => ...).

Operator and Binder Spacing

Rule: "Put spaces on both sides of :, :=, and infix operators. Place them before a line break..." and "Use a space after binders (e.g., ∀ x, not ∀x,)."

ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean: Line 907: 2^(ℓ - i.val) (Missing spaces around ^).
ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean: Line 926: hp_p_eq_0: P = 0 (Missing space before :).
ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean: Line 930: n:=2 ^ (Missing spaces around :=).
ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean: Line 943: n:=ℓ - i.val and m:=w (Missing spaces around :=).
ArkLib/Data/Probability/Instances.lean: Line 606: r ←$ᵖ (Missing space around ←).

Tactic Mode and Semicolons

Rule: "Avoid using ; to separate tactics unless writing short, single-line tactic sequences."

ArkLib/Data/Probability/Instances.lean: Line 414: · rw [ENNReal.tsum_add]; (Unnecessary semicolon at end of line).
ArkLib/Data/Probability/Instances.lean: Line 452: congr 2; funext x; (Semicolon used to separate distinct logic steps).
ArkLib/Data/Probability/Instances.lean: Line 538: rw [←mul_assoc]; (Unnecessary semicolon).
ArkLib/OracleReduction/Completeness.lean: Line 144 and 145: apply forall_congr'; intro stmtIn (Semicolon used between tactics).

Line Length

Rule: "Line Length: Keep lines under 100 characters."

ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean: Line 1162 (104 characters).
ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean: Line 1374 (118 characters).
ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean: Line 1520 (112 characters).
ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean: Lines 1199, 1400, 2487 (Numerous instances throughout this new file).

Documentation Standards

Rule: "Every definition and major theorem should have a docstring."

ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean: Line 1160 (def getNextOracle lacks a docstring).
ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean: Line 1618 (def finalSumcheckStepOracleConsistencyProp lacks a docstring).
ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean: Line 119 (def disagreementSet lacks a docstring).
ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean: Multiple internal definitions (e.g., def batchingMismatchPoly, def foldStepWitBeforeFromWitMid) lack documentation.

Empty Lines

Rule: "Avoid empty lines inside definitions or proofs."

ArkLib/OracleReduction/Completeness.lean: Line 211 (Added empty line within a proof block).
ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean: Line 1115 (Empty line inside oracleFoldingConsistencyProp).
ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean: Line 1481 (Empty line inside masterKStateProp).

Naming Conventions

Rule: "Functions and Terms: lowerCamelCase... Prop-valued Classes: Use UpperCamelCase."

ArkLib/ProofSystem/Binius/FRIBinius/Prelude.lean: Line 53: def BinaryBasefoldAbstractOStmtIn (Term/Function should be binaryBasefoldAbstractOStmtIn).
ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean: Line 185: def bbfMLIOPCS (Acronyms should be words: bbfMliopcs).

📄 **Per-File Summaries**

ArkLib.lean: This update expands the library's top-level namespace by importing new modules related to Binius soundness, Ring Switching IOPCS components, and multivariate polynomial utilities. These additions integrate recent developments in the proof system's formalization into the main ArkLib entry point.
ArkLib/Data/FieldTheory/AdditiveNTT/AdditiveNTT.lean: This Lean update introduces the lemma iteratedQuotientMap_congr_k, providing a congruence rule for the iteratedQuotientMap definition. The lemma establishes that the map's output is invariant under equal index offsets, facilitating proofs involving dependent types without introducing any sorry placeholders.
ArkLib/Data/Misc/Basic.lean: This change introduces a new lemma, fun_eta_expansion_apply, which states the applied version of functional eta expansion. The lemma is proven by reflexivity and contains no sorry placeholders.
ArkLib/Data/Probability/Instances.lean: This file introduces several new theorems for probability theory, including a union bound (Pr_or_le) and a product rule for independent repetitions (prob_pow_of_forall_finFun). It also provides specialized versions of the Schwartz-Zippel lemma to bound the agreement probability of univariate polynomials of degree one and two. No sorry or admit placeholders were added.
ArkLib/OracleReduction/Basic.lean: This update introduces the FullTranscript.mk1_eq_snoc theorem, which establishes the equivalence between creating a single-round transcript via mk1 and concatenating a message to an empty transcript. The theorem is added with a complete proof and marked as a simplification rule.
ArkLib/OracleReduction/Completeness.lean: This update introduces a comprehensive suite of "unroll" lemmas and simplification theorems for reasoning about round-by-round knowledge soundness, mirroring existing completeness infrastructure. The changes include machinery to marginalize state and query logs from probabilistic events and provide bridge lemmas between VCVio's probEvent and ArkLib's Pr_ notations. No sorry or admit placeholders are introduced.
ArkLib/OracleReduction/Security/RoundByRound.lean: This change introduces two new theorems, Verifier.rbrKnowledgeSoundness_of_eq_error and OracleVerifier.rbrKnowledgeSoundness_of_eq_error, which allow transferring round-by-round knowledge soundness properties between pointwise-equivalent error functions. These additions facilitate the use of simplified or "flat" error definitions in security proofs; no new sorry placeholders were introduced.
ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean: This PR refines the knowledge soundness and completeness predicates for the Binius Binary Basefold protocol, notably by introducing an incremental bad event tracking mechanism and updating the multilinear polynomial extractor logic to include post-decoding UDR-closeness checks. The changes include new definitions for oracle consistency and several theorems relating decoder success to unique decoding radius closeness, though several of these new lemmas currently contain sorry placeholders. Additionally, the file refactors the terminal protocol steps to more accurately handle virtual oracles and fiberwise-closeness during the final sumcheck.
ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean: This PR refines the definitions of disagreement sets and fiberwise distances to improve index handling via explicit casting and introduces incrementalFoldingBadEvent to enable granular soundness analysis of partial folding steps. It adds several supporting lemmas characterizing these definitions at step boundaries (0 and $\vartheta$), though fiberwiseDisagreementSet_steps_zero_eq_disagreementSet and fiberwiseClose_steps_zero_iff_UDRClose currently contain sorry placeholders.
ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean: This update formalizes the Round-by-Round (RBR) knowledge soundness for the core interaction phase of the Binius Basefold protocol. It introduces several new definitions for knowledge error terms (such as foldRelayKnowledgeError and sumcheckFoldKnowledgeError) and provides complete proofs for the soundness of composed oracle verifiers. Notably, the changes remove a major sorry placeholder by completing the proof for sumcheckFoldOracleVerifier_rbrKnowledgeSoundness.
ArkLib/ProofSystem/Binius/BinaryBasefold/Prelude.lean: This file introduces structural lemmas for Binius folding, including fiber map injectivity, congruence results, and a "first-step" decomposition for iterated folds. It adds a theorem relating multilinear evaluations to sums over the Boolean hypercube and proves that folding to the final level yields the expected constant polynomial evaluation. Note that multilinear_eval_eq_sum_bool_hypercube and iterated_fold_first currently contain sorry placeholders.
ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean: This refactor implements the round-by-round knowledge soundness proof for the Query Phase of the Binius Binary Basefold protocol, introducing the main soundness theorem queryOracleVerifier_rbrKnowledgeSoundness. The changes replace imperative verifier logic with logical predicates to facilitate formal reasoning and align the implementation with the protocol's soundness definitions. Note that several intermediate lemmas regarding consistency guards and folding preservation currently contain sorry placeholders.
ArkLib/ProofSystem/Binius/BinaryBasefold/ReductionLogic.lean: This update introduces the rbrExtractionFailureEvent definition to characterize round-by-round knowledge soundness failures and streamlines the namespace for Binius reduction logic. It refactors the completeness proof of the final sumcheck step by utilizing higher-level lemmas for iterated folds and updating state property names, while adding required classical instances. No sorry or admit placeholders were introduced.
ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean: This file provides the formal soundness proof for the Binius Binary Basefold protocol, introducing definitions and theorems that correspond to the mathematical foundations in Propositions 4.20–4.23 and Lemmas 4.21–4.25 of the protocol's specification. It establishes probability bounds for "bad" folding events using the Schwartz-Zippel lemma and develops a "lift" infrastructure to prove distance preservation properties for interleaved codewords. The proof for lemma_4_25_reject_if_suffix_in_disagreement currently contains a sorry placeholder.
ArkLib/ProofSystem/Binius/BinaryBasefold/Spec.lean: This change refines and expands the set of typeclass instances for OracleInterface, SampleableType, and Fintype required by the BinaryBasefold protocol specification. It introduces new instances for domain-related function types and renames an existing Fintype instance for consistency. Multiple instance definitions in this file continue to use sorry placeholders.
ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean: This update formally completes the perfect completeness and round-by-round knowledge soundness proofs for the Binary Basefold protocol's constituent steps (fold, commit, relay, and final sumcheck). The changes introduce refined definitions for knowledge error terms and extractors, alongside several new lemmas relating extraction failure to sumcheck and folding "bad events." While the high-level protocol theorems are now largely proven, some sorry placeholders remain in lower-level lemmas concerning incremental bad events and oracle consistency.
ArkLib/ProofSystem/Binius/FRIBinius/CoreInteractionPhase.lean: This file implements the core interaction phase for FRI-Binius by introducing new logic structures and supporting lemmas for the final sumcheck step. The changes significantly advance the formalization by replacing multiple sorry placeholders with complete proofs for the completeness and knowledge soundness of the phase's oracle reductions.
ArkLib/ProofSystem/Binius/FRIBinius/General.lean: This change refines the FRI-Binius general infrastructure by updating BinaryBasefold oracle statements and switching completeness proofs to use strict relations. It introduces new definitions for round-by-round (RBR) knowledge error and adds a significant new theorem, fullOracleVerifier_rbrKnowledgeSoundness, which establishes the RBR knowledge soundness of the full FRI-Binius verifier. No sorry or admit placeholders were introduced.
ArkLib/ProofSystem/Binius/FRIBinius/Prelude.lean: This refactors the BinaryBasefoldAbstractOStmtIn definition to utilize a generalized constructor from the RingSwitching module and introduces additional requirements for the basis $\beta$, specifically linear independence and the normalization of its first element to 1. No sorry or admit placeholders were added.
ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean: This module implements a small-field IOPCS by composing the Ring-Switching protocol with Binary Basefold as the underlying large-field commitment scheme. It introduces new definitions to wrap Binary Basefold into the MLIOPCS interface and provides formal theorems for the perfect completeness and RBR knowledge soundness of the combined system without any sorry placeholders.
ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean: This update formalizes the completeness and knowledge soundness proofs for the Binius batching phase by introducing strict input relations and helper lemmas for Schwartz-Zippel-based probability bounds. Key changes include the implementation of the batchingOracleVerifier_rbrKnowledgeSoundness theorem and the refinement of the knowledge state functions to handle transcript-level logic. This PR successfully removes several previously existing sorry placeholders.
ArkLib/ProofSystem/Binius/RingSwitching/General.lean: This update refines the ring-switching protocol's security proofs by transitioning to stricter versions of input relations and completeness lemmas, such as strictBatchingInputRelation. Crucially, it completes the proof for fullOracleVerifier_rbrKnowledgeSoundness and removes two existing sorry placeholders by utilizing rbrKnowledgeSoundness_of_eq_error.
ArkLib/ProofSystem/Binius/RingSwitching/Prelude.lean: The changes introduce "strict" variants of compatibility relations and sumcheck round relations to distinguish between the requirements for perfect completeness and general knowledge soundness. The MLIOPCS and AbstractOStmtIn structures are refined to incorporate these strict predicates, supported by new lemmas establishing that strict compatibility implies its relaxed counterpart. No sorry or admit placeholders were added.
ArkLib/ProofSystem/Binius/RingSwitching/Spec.lean: This change refactors the Ring-Switching protocol specification by redefining pSpecFinalSumcheck to use the pSpecFinalSumcheckStep definition from the BinaryBasefold module. It also streamlines and cleans up several OracleInterface and SampleableType instances, removing redundant manual implementations. No sorry or admit placeholders were introduced.
ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean: This update completes the formal verification of the Binius Ring Switching sumcheck phase by implementing the round-by-round (RBR) knowledge soundness infrastructure and providing full proofs for perfect completeness. The changes introduce strict round relations, define new witness extractors and knowledge state functions, and successfully resolve all previous sorry placeholders in the file.
ArkLib/ToMathlib/MvPolynomial/Equiv.lean: This file introduces new lemmas characterizing the embedding of univariate polynomials into multivariate polynomial rings via Polynomial.toMvPolynomial. Specifically, it proves that the embedding preserves non-zero values and that the total degree of the resulting multivariate polynomial is bounded by the original univariate natural degree.
ArkLib/ToVCVio/Lemmas.lean: This update introduces a collection of commented-out lemmas and theorems characterizing the behavior of StateT over OracleComp, focusing on support and map distributions. No active code is modified, as the new proofs and definitions are currently disabled.
ArkLib/ToVCVio/Simulation.lean: This update introduces several new theorems and proofs for reasoning about the support and path extraction of stateful forIn loops under simulation, facilitating formal verification of complex oracle-based computations. The changes also include simplification lemmas for oracle query implementations and remove several sorry placeholders from the existing simulation logic.

Last updated: 2026-03-10 05:27 UTC.

github-actions · 2026-03-10T05:45:20Z

🤖 AI Review (with external context)

🤖 AI Review

Overall Summary:

1. TL;DR

The mathematical foundations, protocol abstractions, and probability bounds introduced in this PR are exceptionally robust—particularly the iterated sumcheck phase, Ring-Switching, and Binary Basefold components. However, the PR currently cannot be merged due to multiple compilation-blocking issues (such as the stop command, invalid named arguments, and leftover simp? tactics), redundant/conflicting typeclass instances, and a widespread violation of the project's Hard Rule against unfinished proofs (sorry).

2. Checklist Coverage

No explicit specification checklist was provided for this PR review.

3. Key Lean 4 / Mathlib Issues

Unfinished Proofs (sorry) [Hard Rule Violation]:
The PR introduces over 20 sorry tokens across 8 files. Per the project's Hard Rule, all proofs must be completed (or formally admitted with explicit architectural justification) before merging. Affected files:
- ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean (8 sorrys)
- ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean (2 sorrys)
- ArkLib/ProofSystem/Binius/BinaryBasefold/Prelude.lean (2 sorrys)
- ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean (1 sorry)
- ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean (1 sorry)
- ArkLib/ProofSystem/Binius/BinaryBasefold/Spec.lean (1 sorry)
- ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean (2 sorrys)
- ArkLib/ToVCVio/Simulation.lean (4 sorrys)
Compilation Blockers & Invalid Syntax:
- The stop Command: In BinaryBasefold/Soundness.lean, the stop command is left immediately after := by in lemma_4_25_reject_if_suffix_in_disagreement. This entirely aborts elaboration for the rest of the file, completely bypassing compilation of subsequent theorems.
- Invalid Named Arguments & Field Projections:
  - In Data/Probability/Instances.lean, Polynomial.mem_degreeLE (f := p.val) (n := 1).mp is syntactically invalid because field notation binds tighter than application. Use (Polynomial.mem_degreeLE (p := p.val) (n := 1)).mp.
  - In BinaryBasefold/Soundness.lean, you are passing (r := r) (ℓ := ℓ) (𝓡 := 𝓡) to splitEvenOddRowWiseInterleavedWords, which doesn't accept or need these named arguments.
- Broken Identifiers: In BinaryBasefold/Steps.lean, def foldKStateProp was renamed to foldKStateProps, but downstream references (e.g., in foldKnowledgeStateFunction) still use the old name.
Typeclass and Instance Issues:
- Missing [DecidableEq R]: Implicit equality checks in Data/Probability/Instances.lean (e.g., MvPolynomial.eval r P = 0) inside the Pr_{...}[...] notation will fail typeclass synthesis for DecidablePred without [DecidableEq R] in the theorem signatures.
- Redundant / Overly Strong Typeclasses:
  - In FRIBinius/Prelude.lean, [Fact (LinearIndependent K β)] is redundantly declared as a variable since a Basis is linearly independent by definition. Lean will loop trying to synthesize this with your local instances.
  - In ToMathlib/MvPolynomial/Equiv.lean, [CommRing R] is required, but [CommSemiring R] is sufficient for the operations used.
- Conflicting & Unidiomatic Instances: In BinaryBasefold/Spec.lean, a new OracleInterface instance using instDefault directly conflicts with ProtocolSpec.challengeOracleInterface on the very next line. Additionally, local instances are introduced unidiomatically via let res := ...; use haveI or direct term synthesis to ensure proper typeclass resolution.
Leftover Interactive Tactics (simp?):
There are multiple instances of simp? left in BinaryBasefold/CoreInteractionPhase.lean. simp? is strictly for interactive discovery and generates trace messages during the build. Replace these with their suggested simp only [...] equivalents.
Redundant Architecture & Missing Attributes:
- In RingSwitching/Prelude.lean, MLIOPCS has redundant fields perfectCompleteness and strictPerfectCompleteness that now require identical proofs due to relation strictness updates. Remove the redundant field.
- In ToMathlib/MvPolynomial/Equiv.lean, the canonical reduction Polynomial.toMvPolynomial_ne_zero_iff should be marked with @[simp].

4. Overall Verdict

Changes Requested

📄 **Review for `ArkLib.lean`**

Verdict: Approved

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:
None

Nitpicks:
None

📄 **Review for `ArkLib/Data/FieldTheory/AdditiveNTT/AdditiveNTT.lean`**

Verdict: Approved

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:
None

Nitpicks:
None

📄 **Review for `ArkLib/Data/Misc/Basic.lean`**

Verdict: Approved

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:
None

Nitpicks:
None

📄 **Review for `ArkLib/Data/Probability/Instances.lean`**

Verdict: Changes Requested

Critical Misformalizations:
None. The probability bounds, union bounds, and applications of the Schwartz-Zippel lemma are mathematically sound and correctly formulated.

Lean 4 / Mathlib Issues:

Missing [DecidableEq R] Typeclass Assumptions:
The statements of prob_schwartz_zippel_univariate_deg, prob_poly_agreement_degree_one, and prob_poly_agreement_degree_two implicitly require checking polynomial evaluations for equality (e.g., MvPolynomial.eval r P = 0). The Pr_{ ... }[ ... ] notation requires a DecidablePred instance for the proposition, which in turn requires equality in R to be decidable. Without [DecidableEq R] in the theorem signature, Lean will fail to synthesize this instance during statement elaboration (before the classical tactic inside the proof has a chance to execute).
Fix: Add [DecidableEq R] to the list of typeclass arguments for these three theorems, mirroring how it is explicitly provided in prob_schwartz_zippel_mv_polynomial.
Invalid Syntax for Named Arguments and Projections:
In the proofs of prob_poly_agreement_degree_one and prob_poly_agreement_degree_two, you use the following syntax:
```
Polynomial.mem_degreeLE (f := p.val) (n := 1).mp
```
In Lean 4, this is a syntax/type error. Because field notation binds tighter than function application, Lean attempts to parse this as assigning the named argument n to the value of (1).mp, which fails since 1 has no mp field. Furthermore, the polynomial parameter in mem_degreeLE is typically named p rather than f.
Fix: Wrap the application in parentheses or use the pipeline operator:
```
(Polynomial.mem_degreeLE (p := p.val) (n := 1)).mp
-- or
Polynomial.mem_degreeLE (p := p.val) (n := 1) |>.mp
```

Nitpicks:

Trailing Semicolon:
At the very end of the proof for Pr_or_le, there is a trailing semicolon: rw [ENNReal.tsum_add];. It serves no purpose and should be removed for cleaner style.

📄 **Review for `ArkLib/OracleReduction/Basic.lean`**

Verdict: Approved

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:
None

Nitpicks:
None

📄 **Review for `ArkLib/OracleReduction/Completeness.lean`**

Verdict: Approved

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:
None

Nitpicks:

Misleading lemma name: The lemma soundness_unroll_runToRound_0_pSpec_1_V_to_P does not actually depend on the 0-th message being V_to_P (since runToRound 0 is the state before any messages are sent or challenges are received). Consider renaming it to simply soundness_unroll_runToRound_0_pSpec_1 to reflect that it applies regardless of the communication direction.
Fragile use of FullTranscript.mk1: In soundness_unroll_runToRound_1_P_to_V_pSpec_2 and its V_to_P variant, ProtocolSpec.FullTranscript.mk1 is used to construct a transcript of length 1 for a protocol specification pSpec of length 2. Because FullTranscript.mk1 strictly expects a ProtocolSpec 1, this relies on Lean's higher-order unification to synthesize a ProtocolSpec 1 metavariable on the fly (where ?pSpec1.«Type» 0 = pSpec.«Type» 0). While Lean successfully unifies this and it is semantically equivalent, it can occasionally lead to brittle proofs if types get more complex. Consider defining a dedicated Transcript.mk1 {n} {pSpec : ProtocolSpec n} (msg0 : pSpec.«Type» 0) : Transcript 1 pSpec := fun | ⟨0, _⟩ => msg0 to avoid relying on implicit struct synthesis.

📄 **Review for `ArkLib/OracleReduction/Security/RoundByRound.lean`**

Verdict: Approved

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:
None

Nitpicks:
None

📄 **Review for `ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean`**

Verdict: Changes Requested

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:

Unfinished Proofs (sorry): The PR introduces several new sorrys in ArkLib/ProofSystem/Binius/BinaryBasefold/Basic.lean. A hard rule dictates that any PR containing sorry or admit must receive a "Changes Requested" verdict. The incomplete proofs are:
- extractMLP_eq_some_iff_pair_UDRClose
- extractMLP_some_of_isCompliant_at_zero
- firstOracleWitnessConsistencyProp_unique
- badEventExistsProp_iff_incrementalBadEventExistsProp_last (contains two sorrys)
- incrementalBadEventExistsProp_relay_preserved
- oracleFoldingConsistencyProp_relay_preserved
- incrementalBadEventExistsProp_commit_step_backward
- oracleFoldingConsistencyProp_commit_step_backward

Nitpicks:

Naming Convention: strictfinalSumcheckStepFoldingStateProp should be named strictFinalSumcheckStepFoldingStateProp (with a capital F after strict) to consistently follow camelCase conventions.

📄 **Review for `ArkLib/ProofSystem/Binius/BinaryBasefold/Code.lean`**

Verdict: Changes Requested

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:

Unfinished Proofs (sorry): The following lemmas contain sorry and need to be completed:
- fiberwiseDisagreementSet_steps_zero_eq_disagreementSet
- fiberwiseClose_steps_zero_iff_UDRClose
  These incomplete proofs bypass verification and must be resolved.

Nitpicks:

In fiberwiseDisagreementSet_congr_sourceDomain_index, you are using let for defining propositions (Δ_fiber₁ and Δ_fiber₂) which behaves like local definitions, but you just prove equality between them immediately. This is fine, but idiomatic Lean usually prefers passing them directly as the equation to be proved without the lets (or using set), though it's mathematically sound.
In disagreementSet, you use have h_destIdx_eq_i : destIdx = i := Fin.ext h_destIdx directly in the term. Using Eq.rec or cast explicitly inside the set comprehension is correct but makes the term somewhat difficult to unfold or simplify in later proofs. You might want to provide simp lemmas to easily evaluate x ∈ disagreementSet ... to avoid getting stuck on cast.

📄 **Review for `ArkLib/ProofSystem/Binius/BinaryBasefold/CoreInteractionPhase.lean`**

Verdict: Changes Requested

Critical Misformalizations:
None. The abstract constructions for foldRelayKnowledgeError, foldCommitKnowledgeError, and the seqCompose structures appropriately capture the error limits over the folding blocks and eliminate the previous sorry in sumcheckFoldOracleVerifier_rbrKnowledgeSoundness.

Lean 4 / Mathlib Issues:

Leftover simp? Tactic Usages: There are multiple instances where the interactive simp? tactic was left in the code. simp? generates trace messages during compilation and is meant exclusively for interactive lemma discovery. It should be replaced with the exact simp only [...] output it suggests.

These instances are found in:
- nonLastSingleBlockOracleVerifier (e.g., simp? [Fin.castSucc, Fin.eta], ext; simp? [Fin.val_succ]).
- lastBlockOracleVerifier (e.g., ext; simp?, ext; simp? [Fin.val_last]).
- lastBlockOracleVerifier_rbrKnowledgeSoundness (simp? [lastBlockRbrKnowledgeError, bIdx, stmt, oStmt]).
Please run the build, capture the generated Try this: simp only [...] suggestions, and replace all simp? calls with their explicit simp only forms.

Nitpicks:
None. The code restructuring cleanly integrates SeqCompose and removes previous structural stubbing / sorry markers effectively.

📄 **Review for `ArkLib/ProofSystem/Binius/BinaryBasefold/Prelude.lean`**

Verdict: Changes Requested

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:

Unfinished Proofs (sorry): The diff introduces a new lemma iterated_fold_first which is entirely stubbed out with sorry. In addition, multilinear_eval_eq_sum_bool_hypercube is modified but its proof remains a sorry.
```
lemma iterated_fold_first (i : Fin r) {midIdx destIdx : Fin r} (steps : ℕ)
    (h_midIdx : midIdx.val = i.val + 1) (h_destIdx : destIdx.val = i.val + (steps + 1))
    (h_destIdx_le : destIdx ≤ ℓ)
    (f : sDomain 𝔽q β h_ℓ_add_R_rate (i := i) → L)
    (r_challenges : Fin (steps + 1) → L) :
    ... = ... := by
  sorry
```
These unfinished proofs must be completed (or temporarily admitted with justification if they are blocking an important upstream structure, though as per review guidelines sorry usage requires "Changes Requested").

Nitpicks:

Function Casting vs. Output Casting: In qMap_total_fiber_congr_source and qMap_total_fiber_congr_dest, the cast is applied to the entire function (of type Fin (2 ^ steps) → sDomain ...). While mathematically correct and perfectly valid in Lean 4, casting function types can sometimes make rewriting clunky because it obscures the application. You correctly provided qMap_total_fiber_congr_source_apply which casts the output instead; this pointwise version will likely be much easier to use in practice via ext or funext. You might find that the unapplied function-cast versions are rarely needed.

📄 **Review for `ArkLib/ProofSystem/Binius/BinaryBasefold/QueryPhase.lean`**

Verdict: Changes Requested

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:

Unfinished Proof: The lemma query_phase_consistency_guard_safe still contains a sorry. While the PR refactored getFiberPoint to use qMap_total_fiber (which is a vast improvement that should make this proof much simpler by avoiding bit-level joinBits manipulation!), the proof is still left incomplete. Under the Hard Rule, any PR modifying or introducing a sorry must be flagged.

  have h_point_eq : extractSuffixFromChallenge 𝔽q β v ⟨↑k * ϑ, by omega⟩ (by simp only; omega) =
      getFiberPoint 𝔽q β k v (extractMiddleFinMask 𝔽q β v ⟨↑k * ϑ, by omega⟩ ϑ) := by
    -- ...
    sorry

Nitpicks:

Shadowed Variable: In support_run_simulateQ_run_fst_eq, the parameter s is shadowed inside the binder for hImplSupp. It would be cleaner to rename the inner bound variable to s':

    (hImplSupp : ∀ {β} (q : OracleQuery oSpec β) s',
      Prod.fst <$> support ((QueryImpl.mapQuery impl q).run s')
        = support (liftM q : OracleComp oSpec β)) :

Outdated Comments: The comments directly above the sorry in query_phase_consistency_guard_safe still reference joinBits, sDomainToFin, and finToSDomain. However, this PR wonderfully refactored getFiberPoint to no longer use those definitions, opting instead for the algebraic qMap_total_fiber. The comment should be updated to reflect the new definition so that whoever tackles the sorry isn't misled.

📄 **Review for `ArkLib/ProofSystem/Binius/BinaryBasefold/ReductionLogic.lean`**

Verdict: Needs Minor Revisions

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:
None

Nitpicks:

In rbrExtractionFailureEvent, the docstring is abruptly cut off at the end:
```
**Usage:** Instantiate with protocol-specific `kSF`, `extractor`, and transcript to get the -/
```
It should be completed (e.g., "...to get the failure predicate/event").

📄 **Review for `ArkLib/ProofSystem/Binius/BinaryBasefold/Soundness.lean`**

Verdict: Changes Requested

Critical Misformalizations:
None. The reduction of the query phase's RBR knowledge soundness to the DG25 tensor and affine proximity gap bounds is mathematically sound. The abstractions (fiberwiseClose, preTensorCombine, etc.) and the distance tracking align perfectly with the paper's logic.

Lean 4 / Mathlib Issues:

stop Command Aborts Compilation: The lemma_4_25_reject_if_suffix_in_disagreement theorem contains the stop command right after := by. This command entirely aborts the elaboration of the file from that point onwards. This means the rest of the proof, as well as the subsequent and final prop_4_23_singleRepetition_proximityCheck_bound theorem, are completely ignored by the compiler.
Unfinished Proofs (sorry): There is an explicit sorry left inside the h_propagates_to_last block in lemma_4_25_reject_if_suffix_in_disagreement.
Invalid Named Arguments: You repeatedly pass (r := r) (ℓ := ℓ) (𝓡 := 𝓡) to splitEvenOddRowWiseInterleavedWords (e.g., in multilinearCombine_recursive_form_first, not_jointProximityNat_of_not_jointProximityNat_evenOdd_split, fold_preTensorCombine_eq_affineLineEvaluation_split, etc.). However, splitEvenOddRowWiseInterleavedWords depends only on {A : Type*}, [Module L A], {ι : Type*}, {ϑ : ℕ}, and u. It does not take r, ℓ, or 𝓡 in its signature, nor does it pull them in from the environment. This results in an unknown named argument compilation error.
Fix: Simply remove (r := r) (ℓ := ℓ) (𝓡 := 𝓡) from these calls:
```
let U_even := (splitEvenOddRowWiseInterleavedWords (ϑ := s) U).1
```

Nitpicks:

In splitEvenOddRowWiseInterleavedWords, the indices are cleanly separated into even and odd, but it is idiomatic to use Fin.mul and Fin.add directly instead of passing into the constructor ⟨2 * j.val + 1, ...⟩. This isn't strictly necessary since you've proven the bounds using omega, but utilizing standard Fin combinators could slightly reduce boilerplate.

📄 **Review for `ArkLib/ProofSystem/Binius/BinaryBasefold/Spec.lean`**

Verdict: Changes Requested

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:

Duplicate and Conflicting Instances: The diff introduces the following instance:
```
instance : ∀ j, OracleInterface ((pSpecFold (L:=L)).Challenge j) :=
  fun _ => OracleInterface.instDefault
```
However, immediately below this on the very next line in the file, the correct instance is already defined:
```
instance : ∀ j, OracleInterface ((pSpecFold (L := L)).Challenge j) :=
  ProtocolSpec.challengeOracleInterface
```
This creates an overlapping instance with conflicting implementations, which can lead to unpredictable typeclass resolution or errors. The newly added instance using instDefault should be removed.

Unidiomatic Local Instance Synthesis: In the newly added SampleableType instance, you use a let binding to introduce a local instance:

instance : SampleableType (Fin γ_repetitions → ↥(sDomain 𝔽q β h_ℓ_add_R_rate 0)) := by
  let res := instSDomain 𝔽q β (h_ℓ_add_R_rate := h_ℓ_add_R_rate) (i := 0) (h_i := by
    apply Nat.lt_add_of_pos_right_of_le; simp only [Fin.coe_ofNat_eq_mod, Nat.zero_mod, zero_le])
  exact instSampleableTypeFinFunc

Using let res := ... without an explicit class type is fragile for typeclass resolution and unidiomatic. Lean 4 relies on context bindings having the appropriate class type to pick them up. It is much cleaner to use haveI or supply the instance directly in term mode:

instance : SampleableType (Fin γ_repetitions → ↥(sDomain 𝔽q β h_ℓ_add_R_rate 0)) :=
  haveI : SampleableType (sDomain 𝔽q β h_ℓ_add_R_rate 0) := 
    instSDomain 𝔽q β (i := 0) (by apply Nat.lt_add_of_pos_right_of_le; simp)
  instSampleableTypeFinFunc

Unfinished Proofs (sorry): The renamed instance instOracleStatementFintype continues to use sorry. Per the project's hard rule, any PR introducing or modifying lines that contain sorry must be flagged for changes.

Nitpicks:
None

📄 **Review for `ArkLib/ProofSystem/Binius/BinaryBasefold/Steps.lean`**

Verdict: Changes Requested

Critical Misformalizations:
None. The logic updates to KState properties correctly support the new unified extraction scheme, and the use of foldStep_doom_escape_probability_bound robustly encapsulates the probability reasoning over sumcheckBadEvent and incrementalBadFoldEvent.

Lean 4 / Mathlib Issues:

Broken Identifier (foldKStateProps): In the diff, def foldKStateProp was renamed to def foldKStateProps, but subsequent code in the same file (such as the toFun assignment inside foldKnowledgeStateFunction and the unfold tactic inside toFun_next) still references foldKStateProp. This will result in an "unknown identifier" compilation error. Please revert the name to foldKStateProp or update all downstream references.
Unfinished Proofs (sorry): The diff introduces two new sorryed lemmas that need to be proven before merging:
- incrementalBadEventExistsProp_fold_step_backward
- mapOStmtOut_eq_mkVerifierOStmtOut_relayStep

Nitpicks:

Comment Typo in foldKnowledgeError: The docstring for foldKnowledgeError contains the line - err_SC = 2/|L| (Schwartz-Zippel for degree 1). The round polynomial has degree $\le 2$, so the bound $2/|L|$ is mathematically correct, but the comment should say "Schwartz-Zippel for degree 2" to match the bound.

📄 **Review for `ArkLib/ProofSystem/Binius/FRIBinius/CoreInteractionPhase.lean`**

Verdict: Approved

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:
None

Nitpicks:

In sumcheckFoldCtxLens_complete, the argument oStmtIn in the lambda fun stmtIn oStmtIn hRelIn => is used to bind the input witness (of type SumcheckWitness L ℓ' 0), as evidenced by rcases oStmtIn with ⟨t', H⟩. Naming it witIn would be more accurate and avoid confusion with the actual oracle statement component extracted via rcases stmtIn with ⟨stmtIn, oStmtIn'⟩.
In sumcheckFoldOracleVerifier_rbrKnowledgeSoundness, when satisfying the local Inhabited instances via letI : Inhabited ... := ⟨{ ... = 0 }⟩, utilizing 0 for function types relies on the Pi.instZero typeclass. While correct, writing it explicitly as fun _ => 0 can occasionally prevent unexpected typeclass inference hiccups in deeply nested structures.

📄 **Review for `ArkLib/ProofSystem/Binius/FRIBinius/General.lean`**

Verdict: Approved

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:
None

Nitpicks:
In fullOracleVerifier_rbrKnowledgeSoundness and a few other places, the indentation for the aOStmtIn arguments is slightly misaligned:

              (aOStmtIn :=  (BinaryBasefoldAbstractOStmtIn (β := β)
        (ϑ := ϑ) (h_ℓ_add_R_rate := h_ℓ_add_R_rate))))

This is purely cosmetic, but aligning (ϑ := ϑ) with (β := β) would slightly improve readability.

📄 **Review for `ArkLib/ProofSystem/Binius/FRIBinius/Prelude.lean`**

Verdict: Changes Requested

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:

Redundant Typeclass Assumption: The variable β is defined as a Basis (Fin (2 ^ κ)) K L. By definition, a Basis is linearly independent. Adding [hβ_lin_indep : Fact (LinearIndependent K β)] to the variable declaration is redundant and forces all external callers of this file's definitions to manually provide a proof of linear independence that is already bundled.
Additionally, this file already contains the instance linearIndependentBooleanHypercubeBasis which derives Fact (LinearIndependent K ⇑β) directly from β.linearIndependent. Because hβ_lin_indep is now declared as a variable, Lean will insert it as an implicit argument into this instance, turning it into a trivial [Fact ...] → Fact ... loop.
Resolution: Remove [hβ_lin_indep : Fact (LinearIndependent K β)] from the variable command. The existing local instance will correctly synthesize the Fact required by the bbfAbstractOStmtIn call without polluting your API. (Keep [h_β₀_eq_1 : Fact (β 0 = 1)], as that is a genuine extra assumption not guaranteed by Basis).

Nitpicks:

Misleading Instance Name: The instance linearIndependentBooleanHypercubeBasis actually proves Fact (LinearIndependent K ⇑β), not linear independence for the newly defined booleanHypercubeBasis. Consider renaming it to something like instFactLinearIndependentβ to accurately reflect its type.

📄 **Review for `ArkLib/ProofSystem/Binius/RingSwitching/BBFSmallFieldIOPCS.lean`**

Verdict: Approved

Critical Misformalizations:
None. The composition of the Ring-Switching outer protocol with the Binary Basefold inner protocol as an MLIOPCS is modeled robustly. The translation between MLPEvalStatement and Statement (SumcheckBaseContext ...) is mathematically correct and naturally reflects the substitution of the initial sumcheck target with the target polynomial claim.

Lean 4 / Mathlib Issues:
None. The code leverages Mathlib typeclasses appropriately (e.g., Field, Fintype, Algebra, CharP L 2). Implicit/explicit arguments and universes are handled cleanly throughout. There are no sorry or admit tokens present in the added file.

Nitpicks:
None. The naming convention successfully separates the logical layers of the bbf_ prefixed functions. largeFieldInvocationCtxLens_complete and its Extractor.Lens.IsKnowledgeSound instance beautifully encapsulate the context-lifting logic. Very clean work.

📄 **Review for `ArkLib/ProofSystem/Binius/RingSwitching/BatchingPhase.lean`**

Verdict: Approved

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:
None

Nitpicks:

In batchingStep_is_logic_complete:
```
      · -- ⊢ aOStmtIn.initialCompatibility (proverWitOut.t', verifierOStmtOut)
        exact h_compat
```
The comment still references initialCompatibility, but since the code was migrated to use strictBatchingInputRelationProp and strictSumcheckRoundRelation, it should actually say strictInitialCompatibility. A very minor leftover from the refactor.

📄 **Review for `ArkLib/ProofSystem/Binius/RingSwitching/General.lean`**

Verdict: Approved

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:
None. The removal of sorry blocks by leveraging OracleVerifier.rbrKnowledgeSoundness_of_eq_error instead of relying on convert ... sorry is a very good and idiomatic Lean 4 refactor. Replacing the shared fullInputRelation with the contextually appropriate strict vs. relaxed relations (strictBatchingInputRelation for perfect completeness vs. batchingInputRelation for knowledge soundness) is exactly the mathematically correct approach here.

Nitpicks:
In fullOracleVerifier_rbrKnowledgeSoundness, the line break for rel₁ is a bit awkward:

    (rel₁:=BatchingPhase.batchingInputRelation κ L K β ℓ ℓ'
  h_l mlIOPCS.toAbstractOStmtIn)

Consider indenting h_l so that it clearly aligns as an argument to batchingInputRelation.

📄 **Review for `ArkLib/ProofSystem/Binius/RingSwitching/Prelude.lean`**

Verdict: Changes Requested

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:
The MLIOPCS structure now contains two identical fields: perfectCompleteness and strictPerfectCompleteness. Both are defined with relIn := toAbstractOStmtIn.toStrictRelInput and require the exact same type.

  perfectCompleteness : ∀ {σ : Type} {init : ProbComp σ} {impl : QueryImpl []ₒ (StateT σ ProbComp)},
    NeverFail init →
    OracleReduction.perfectCompleteness (oSpec:=[]ₒ)
      ...
      (relIn := toAbstractOStmtIn.toStrictRelInput)
      (relOut := acceptRejectOracleRel)
      (oracleReduction := oracleReduction)

  strictPerfectCompleteness : ∀ {σ : Type} {init : ProbComp σ}
      {impl : QueryImpl []ₒ (StateT σ ProbComp)},
    NeverFail init →
    OracleReduction.perfectCompleteness (oSpec:=[]ₒ)
      ...
      (relIn := toAbstractOStmtIn.toStrictRelInput)
      (relOut := acceptRejectOracleRel)
      (oracleReduction := oracleReduction)

This forces users constructing an MLIOPCS to provide the exact same proof twice. Since perfect completeness is typically only proven over the strict relation (and perfectCompleteness was modified to use toStrictRelInput in this PR), you should remove the redundant strictPerfectCompleteness field and just keep perfectCompleteness updated with the strict relation.

Nitpicks:
The changes to masterKStateProp to accept localChecks directly as an argument, and the addition of strictSumcheckRoundRelation cleanly follow the dual-relation pattern established in BinaryBasefold/Basic.lean.

📄 **Review for `ArkLib/ProofSystem/Binius/RingSwitching/Spec.lean`**

Verdict: Approved

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:
None

Nitpicks:
None

📄 **Review for `ArkLib/ProofSystem/Binius/RingSwitching/SumcheckPhase.lean`**

Verdict: Approved

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:
None

Nitpicks:
None

General Comments:
Excellent work on this PR. You successfully completed the heavy lifting required for the iterated sumcheck phase, seamlessly replacing all sorry instances with solid, fully-formalized proofs.

The application of the dual-relation framework (properly switching between strictSumcheckRoundRelation for completeness and sumcheckRoundRelation for knowledge soundness) is done immaculately.
The definition of iteratedSumcheckWitMid and updating iteratedSumcheckKStateProp to strongly type the witMid depending on m is extremely robust and avoids painful type-casting.
The approach to bounding rbrExtractionFailureEvent using prob_mono and dispatching the empty compatPred branch (when no valid ML extension exists) to a probability 0 is a very clever and correct probability argument.

Great job getting this fully verified!

📄 **Review for `ArkLib/ToMathlib/MvPolynomial/Equiv.lean`**

Verdict: Needs Minor Revisions

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:

Overly strong typeclass assumption: The file declares variable {σ : Type*} {R : Type*} [CommRing R]. However, [CommRing R] is unnecessarily strong; [CommSemiring R] is entirely sufficient. Polynomials, multivariate polynomials, their degrees, and the natural algebra map toMvPolynomial are all well-defined and behave as expected over commutative semirings (since negation is not fundamentally required here).
Missing @[simp]: Polynomial.toMvPolynomial_ne_zero_iff is a canonical simplification lemma that reduces a property about a transformed expression to a simpler property about the original expression. It should be tagged with @[simp].

Nitpicks:

Unnecessary parentheses / Dot notation: (Polynomial.toMvPolynomial i) p has redundant parentheses around the function application. You can use dot notation to make this much more readable.
- In the first lemma: p.toMvPolynomial i ≠ 0 ↔ p ≠ 0
- In the second lemma: ((Polynomial.toMvPolynomial i) p).totalDegree can be written cleanly as (p.toMvPolynomial i).totalDegree.
One-line proof potential: Since toMvPolynomial is (presumably) bundled as a RingHom or AlgHom, and you already have Polynomial.toMvPolynomial_injective, the proof of the first lemma could likely just be exact (map_ne_zero_iff _ (Polynomial.toMvPolynomial_injective i)).symm. (The manual proof is also fine, just slightly verbose).

📄 **Review for `ArkLib/ToVCVio/Lemmas.lean`**

Verdict: Needs Minor Revisions

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:
None

Nitpicks:

Dead Code: The diff consists entirely of commented-out code blocks (the MapLemmas section and some mem_support lemmas). Committing large blocks of dead code clutters the codebase and can be confusing for future readers. If these lemmas are no longer needed, it is best practice to remove them completely. If they represent incomplete work in progress, consider tracking them in a separate branch, issue, or an explicitly designated scratchpad file rather than commenting them out in a main file.

📄 **Review for `ArkLib/ToVCVio/Simulation.lean`**

Verdict: Changes Requested

Critical Misformalizations:
None

Lean 4 / Mathlib Issues:

Unfinished Proofs (sorry): There are 4 instances of sorry introduced in this diff, which violates the Hard Rule. They are:
1. simulateQ_vector_mapM
2. mem_support_vector_mapM
3. OptionT.simulateQ_vector_mapM
4. OptionT.mem_support_vector_mapM
As noted in your comment for simulateQ_vector_mapM, proving properties of Vector.mapM over monads in Lean 4 can be tricky due to its underlying implementation (either via List.mapM or Array.mapM.go). A standard approach to circumvent the mapM.go complexity is to prove an equivalence between Vector.mapM and List.mapM (if not already available), and then proceed by induction on the underlying List. Alternatively, if you do not strictly require Vector for the structural bounds at this specific compilation stage, mapping over a List along with a separate length-invariant check can sometimes ease the monadic verification burdens.

Nitpicks:

Naming: The lemma exists_path_of_mem_support_forIn_unit and OptionT.exists_path_of_mem_support_forIn_unit both use PUnit and Unit concepts. Consider ensuring naming consistency (e.g., _forIn_punit) if you rely heavily on PUnit rather than Unit in the types.

chung-thai-nguyen added 7 commits March 10, 2026 05:25

feat: soundness of binarybasefold

a9fba2c

incremental bad fold events

c8f9df7

fill sorrys

a396c35

updates on iterated_fold identities

2b610d6

simple ring-switching-binary-basefold composition

4b3ffc6

incremental bad event proofs

f706e86

feat: migrate to OptionT APIs

9e0a0ef

chung-thai-nguyen force-pushed the soundness-of-binius branch from 43e8aa7 to 9e0a0ef Compare March 10, 2026 05:25

chung-thai-nguyen requested review from alexanderlhicks, dtumad and quangvdao and removed request for quangvdao March 10, 2026 05:25

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: soundness of FRI-Binius protocols#417

feat: soundness of FRI-Binius protocols#417
chung-thai-nguyen wants to merge 7 commits intocompleteness-of-biniusfrom
soundness-of-binius

chung-thai-nguyen commented Mar 10, 2026 •

edited

Loading

Uh oh!

github-actions bot commented Mar 10, 2026 •

edited

Loading

Function Syntax

Operator and Binder Spacing

Tactic Mode and Semicolons

Line Length

Documentation Standards

Empty Lines

Naming Conventions

Uh oh!

github-actions bot commented Mar 10, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

chung-thai-nguyen commented Mar 10, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

github-actions bot commented Mar 10, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

🤖 Gemini PR Summary

Mathematical Formalization

Protocol Infrastructure & Refactoring

Proof Status and Critical Gaps

Function Syntax

Operator and Binder Spacing

Tactic Mode and Semicolons

Line Length

Documentation Standards

Empty Lines

Naming Conventions

Uh oh!

github-actions bot commented Mar 10, 2026

🤖 AI Review (with external context)

🤖 AI Review

1. TL;DR

2. Checklist Coverage

3. Key Lean 4 / Mathlib Issues

4. Overall Verdict

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

chung-thai-nguyen commented Mar 10, 2026 •

edited

Loading

github-actions bot commented Mar 10, 2026 •

edited

Loading