Yes, that would be an example, though not all formalizations are written in software. I was originally talking just about standard formal logic, which is just first-order predicate calculus. Proof assistants use much more powerful systems in order to gain the same expressibility as the natural language which is used in informal proofs. (Which is kind of strange: In using natural language mathematicians don't seem to be using some advanced type theory.)

So I can't actually read these proof assistant languages, as they are using some advanced type theory based language. So just a few comments.

Lean: It looks suspicious that this seems to involve just one to two lines. Are they actually proving anything here? It doesn't look at all like Cantor's diagonal argument.

Coq: This looks better, at least from the description, and that it actually looks like a proof (Coq actually has a Qed keyword!). Though they, unlike Cantor, don't talk about real numbers here, just about sequences of natural numbers. Last time I read a discussion about it, it was mentioned that this exactly was a problem for the formal proof: Every natural number sequence (with a decimal point) corresponds to some real number, but real numbers don't necessarily have just one decimal expression, e.h. 0.999...=1. So real numbers and sequences can't straightforwardly be identified.

Isabelle: That seems to be a formalization of Cantor's powerset argument, not his diagonal argument.

Overall, this highlights a major problem with formalization of existing proofs. There is no way (at least no obvious way) to "prove", that a formal proof X actually is a formalization of some informal proof Y. X could be simply a different proof, or one which is similar but uses stronger or question begging assumptions, etc. One such example is informal proofs (like Cantor's) which didn't work in any axiomatized system, and where it isn't clear how much you can assume for a formal version without being question begging.

> No, they treat the most obvious parts as previously proven (which they are).

Well, I don't agree here. If you look at the history of mathematics, it shows that it progressed often in the opposite direction, where many "basics" were proven very late, e.g. by Dedekind, Peano, and Russell/Whitehead. Not to mention all these details which are now are getting expressed in languages for proof assistants. Many of these details couldn't even have been proved earlier, because the necessary formal systems were only invented recently.

> I really have no idea what the difference to a "fully formal" and the standard proof would be

Just look at actual formal proofs. They are very different from informal ones. To approximate the natural language of informal proofs, proof assistant languages actually have to use logics with advanced type systems, which most people who just write informal proofs wouldn't even understand.

> But saying "since a is true and we formerly proved a implies b, we know b is true" instead of "(a and (a => b)) => b", does only seem to be a pedantic difference.

It's more like they write "A, therefore B" (or even "A, then one easily sees that B") where the step from A to B is considered obvious by the guy who wrote the proof (a reviewer might reject it and ask for more intermediate steps, if he feels the "A therefore B" step isn't obvious), and where usually no commentary like "and we formerly proved A |= B" is included. Proofs are in fact not plastered with such commentaries, and if they were, people would expect a reference to where this was proven previously. But they don't expect references to obvious steps, because they are obvious, not because they necessarily expect they were proven previously somewhere. That wouldn't even make sense, since many theories were not, or are still not, axiomatized, so respective proofs have to rely on things that are considered obvious.

I already cited Yehuda Rav's 1999 paper "Why Do We Prove Theorems?"[1][2] elsewhere in this thread, and it's again relevant here.

From p. 13:

> A proof in mainstream mathematics is set forth as a sequence of claims, where the passage from one claim to another is based on drawing consequences on the basis of meanings or through accepted symbol manipulation, not by citing rules of predicate logic.4 The argument-style of a paper in mathematics usually takes the following form: '... from so and so it follows that..., hence...; as is well known, one sees that...; consequently, on the basis of Fehlermeister's Principal Theorem, taking in consideration α, β, γ, ..., ω, one concludes..., as claimed'. Why is it so difficult, in general, to understand a proof? Why does one need so much background information, training and know-how in order to follow the steps of a proof, when the purely logical skeleton is supposed to be nothing more than first-order predicate calculus with its few and simple rules of inference?

From p. 14f:

> In reading a paper or monograph it often happens—as everyone knows too well—that one arrives at an impasse, not seeing why a certain claim B is to follow from claim A, as its author affirms. Let us symbolise the author's claim by 'A —> B' . (The arrow functions iconically: there is an informal logical path from A to B. It does not denote formal implication.) Thus, in trying to understand the author's claim, one picks up paper and pencil and tries to fill in the gaps. After some reflection on the background theory, the meaning of the terms and using one's general knowledge of the topic, including eventually some symbol manipulation, one sees a path from A to A_1, from A_1 to A_2, ..., and finally from A_n to B. This analysis can be written schematically as follows:

> A —> A_1, A_1 —> A_2, ..., A_n —> B.

> Explaining the structure of the argument to a student or non-specialist, the other may still fail to see why, for instance, A_1 ought to follow from A. So again we interpolate A —> A', A' —> A_1. But the process of interpolations for a given claim has no theoretical upper bound. In other words, how far has one to analyse a claim of the form 'from property A, B follows' before assenting to it depends on the agent.

[1] https://doi.org/10.1093/philmat/7.1.5 [2] http://sgpwe.izt.uam.mx/files/users/uami/ahg/1999_Rav.pdf