feat(lean4): add formal verification specs for ensemble models

Lean 4 formalization of the decision tree + MLP ensemble architecture. Axiomatizes Float properties (sigmoid bounds, ReLU nonnegativity) since Lean's Float ops are extern-backed. Proves MLP output is bounded in (0,1) and ensemble output is always a valid decision. No mathlib dependency. Signed-off-by: Sienna Meridian Satterwhite <sienna@sunbeam.pt>
2026-03-10 23:38:21 +00:00
parent 5daed3ecb0
commit 982cf5755d
12 changed files with 314 additions and 0 deletions
--- a/lean4/Sunbeam/Model/Basic.lean
+++ b/lean4/Sunbeam/Model/Basic.lean
@@ -0,0 +1,25 @@
+namespace Sunbeam
+
+/-- Decisions that a model component can output. -/
+inductive Decision where
+  | block : Decision
+  | allow : Decision
+  | defer : Decision
+  deriving Repr, DecidableEq
+
+/-- A fixed-size vector of floats. -/
+def FloatVec (n : Nat) := Fin n → Float
+
+/-- Dot product of two float vectors. -/
+def dot {n : Nat} (a b : FloatVec n) : Float :=
+  (List.finRange n).foldl (fun acc i => acc + a i * b i) 0.0
+
+/-- Matrix-vector product. Matrix is row-major: m rows × n cols. -/
+def matVecMul {m n : Nat} (mat : Fin m → FloatVec n) (v : FloatVec n) : FloatVec m :=
+  fun i => dot (mat i) v
+
+/-- Vector addition. -/
+def vecAdd {n : Nat} (a b : FloatVec n) : FloatVec n :=
+  fun i => a i + b i
+
+end Sunbeam