What certior-flow-check is
A Lean 4 executable built from lean4/CertiorPlan/. It takes a JSON-serialised execution plan on stdin, type-checks each delegation step against the proven Certior.Delegation and Certior.Encoding lattice operations, and emits a verdict plus a Lean-issued proof certificate when the plan is admitted.
It is the live counterpart to the offline Lean proofs that run in CI. Both share the same source modules; the binary just runs the same model on a concrete plan rather than on the universal statement.
Why it is not in the pip package
The compiled binary is ~93 MB. Shipping it inside the wheel would bloatpip install certior for every user, including those who never enable live Lean verification.
Without the binary, the runtime uses the Python implementation of the same subset and budget rule. Lean has proven that implementation sound offline. The behaviour is identical at the verdict level; only the source of the verdict differs.
Building it
Requirements:- Lean 4 toolchain (
elan+lake). Install viascripts/install-lean-toolchain.sh. - The source repo cloned at the commit you want to attest.
lean4/CertiorPlan/.lake/build/bin/certior-flow-check. The script also runs the Lean test suite and Certior.Audit to confirm the four headline guarantees still depend only on Lean’s three standard axioms.
Enabling it at runtime
Point the runtime at the produced binary:lean-binary-ci.yml workflow. Windows runs through WSL.
See also
- Configuration - the env vars governing the runtime.
- How it works - the gates the binary participates in.
- Trust package - the assurance the binary contributes to.