DOWNLOAD & VERIFY
THE PROOFS
Don't trust. Verify. Download our complete formal verification proofs and run them yourself using the Rocq/Coq proof assistant. 34+ cryptographic functions mathematically proven correct—no bugs, guaranteed by mathematics.
From Stdlib Require) introduced in Coq 8.16. Ubuntu 22.04's default package (8.15) is incompatible—use Opam or Rocq Platform instead.▸QUICK START
Verify the proofs in 4 simple steps. No prior Coq experience required.
Install Rocq/Coq 8.16+
Extract Archive
$ cd proofs/
The archive contains all proof files, specifications, and a comprehensive README with detailed instructions.
Verify All Proofs
Expected output:
✓ theories/aead_spec.vo
Compiling theories/argon2_spec.v...
✓ theories/argon2_spec.vo
...
✓ All proofs compiled
Check Status
Shows verification status for each proof:
✓ aead_spec
✓ argon2_spec
✓ cbor_spec
✓ merkle_spec
✓ mldsa_spec
...
▸TESTED CONFIGURATIONS
Know before you start: Verified OS and Coq version combinations.
| Operating System | Installation Method | Coq Version | Status |
|---|---|---|---|
| Ubuntu 24.04 LTS | apt-get | 8.18+ | ✓ WORKS |
| Ubuntu 22.04 LTS | apt-get | 8.15 | ✗ INCOMPATIBLE |
| Ubuntu 22.04 LTS | Opam | 8.18.0 | ✓ RECOMMENDED |
| Ubuntu 20.04 LTS | Opam | 8.18.0 | ✓ WORKS |
| macOS 14+ (Sonoma) | Homebrew | 8.18+ | ✓ WORKS |
| macOS 13 (Ventura) | Homebrew | 8.15 | ✗ INCOMPATIBLE |
| macOS (any) | Opam | 8.18.0 | ✓ WORKS |
| Windows 11 | WSL2 + Opam | 8.18.0 | ✓ WORKS |
▸WHAT GETS VERIFIED
Every cryptographic primitive in Anubis Notary is formally verified for correctness, memory safety, and security properties.
AEAD (ChaCha20Poly1305)
Authenticated encryption correctness
Argon2id
Memory-hard key derivation
CBOR
Serialization correctness and parsing safety
Merkle Trees
Tree construction and proof verification
ML-DSA-87
Post-quantum signature correctness
Constant-Time Ops
Timing attack resistance
Nonce Generation
Uniqueness and randomness guarantees
Memory Safety
Buffer overflow prevention
▸VERIFICATION GUARANTEES
Formal verification provides mathematical proof—not just testing—that code behaves correctly.
WHAT IT PROVES
- ✓Correctness: Functions behave exactly as specified
- ✓Memory Safety: No buffer overflows, use-after-free, or memory leaks
- ✓Constant-Time: No timing side-channels
- ✓Security Properties: Cryptographic guarantees (e.g., signature unforgeability)
- ✓Zero Bugs: Mathematically proven correct (not just tested)
⚠WHAT IT DOESN'T PROVE
- ×Hardware bugs (e.g., Spectre, Meltdown)
- ×Compiler bugs (though Coq can extract to verified CompCert C)
- ×Operating system bugs
- ×Physical attacks (power analysis, fault injection)
▸REFINEDRRUST INTEGRATION
Anubis Notary uses RefinedRust to bridge Rust code and Coq proofs, ensuring the actual implementation matches the formally verified specifications.
// Constant-time equality
}
timing_invariant ∧
correctness_proof.
to match specification
▸ADDITIONAL RESOURCES
Learn more about formal verification and the tools we use.
▸TROUBLESHOOTING
Common issues and solutions when verifying the proofs.
Error: "Cannot find a physical path bound to logical path Lia with prefix Stdlib"
Ubuntu 22.04 LTS Package Manager Installs Coq 8.15
apt-get install coq on Ubuntu 22.04. Use Opam or Rocq Platform instead (see Step 1 above).Compilation Takes Too Long or Hangs
coqc -Q theories anubis_proofs theories/aead_spec.vREADY TO VERIFY?
Download the proofs and see for yourself. Don't trust—verify.