Proofs of Applicative laws for haskell instances

9
votes

Have all the Haskell instances of Applicative typeclass that we get with the Haskell platform been proved to satisfy all the Applicative laws? If yes, where do we find those proofs?

The source code of Control.Applicative does not seem to contain any proof that the applicative laws for various instances do hold. It just mentions that 

-- | A functor with application.
--
--Instances should satisfy the following laws:

It then just states the laws in the comments.

I found a similar case for the instances of other typeclasses (Alternative and Monad) too.

Are the users of these libraries supposed to verify these laws by themselves?

But I was wondering whether the rigorous proofs of these laws have been given elsewhere by the developers?

Again, I am aware that a rigorous proof of Applicate (or Monad) laws for IO Monad, which involves talking with outside world, in general, may well be very much complex.

Thanks.

3
haskellproofapplicative

3 Answers

11
votes

Yes, the burden of proof is entirely on the library writers. There are some examples of implementations that violate these laws. The canonical example of a law violation is ListT, which doesn't obey the monad laws for most base monads (see examples). This gives very buggy behavior and nobody really uses ListT as a result.

I'm pretty sure most of these kinds of proofs haven't been etched in stone in a standard place. Most of the proofs have simply been repeated and checked to death by various curious members of the community so after a while we know which implementations do and do not satisfy their laws.

To give a concrete example, when I write my pipes library, I have to prove that my pipes satisfy the Category laws, but I just keep these proofs in a text file or an hpaste for future record if somebody requests them. Including them in the source is not really feasible because they can get very long, especially for associativity laws.

However, I think a good practice might be to include, when possible, machine-checked proofs in the original repositories so that users can refer to them as necessary.

1
votes

There is excellent library checkers which provides QuickCheck properties to check laws.

1
votes

The experimental library ghc-proofs allows you to use the compiler to verify such laws for you:

app_law_2 a b (c :: Succs a) = pure (.) <*> a <*> b <*> c
                           === a <*> (b <*> c)

It only works in a few cases, such as the one described in my blog post, and is best seen as an experiment, not a ready tool.