1. Verus overview
  3. Getting started
  4. Getting started
    1. ... on the command line
    2. ... with VSCode
  6. Tutorial: Fundamentals
  7. Using Verus within Rust
  8. Basic specifications
    1. assert, requires, ensures, ghost code
    2. Expressions and operators for specifications
    3. Integers and arithmetic
    4. Equality
  9. Specification code, proof code, executable code
    1. spec functions
    2. proof functions, proof blocks, assert-by
    3. spec functions vs. proof functions, recommends
    4. Ghost code vs. exec code
    5. const declarations
    6. Putting it all together
  10. Recursion and loops
    1. Recursive spec functions, decreases, fuel
    2. Recursive exec and proof functions, proofs by induction
      1. Lightweight termination checking
    3. Loops and invariants
      1. Loops with break
      2. For Loops
      3. Iterators
    4. Lexicographic decreases clauses and mutual recursion
  11. Datatypes: struct and enum
    1. Struct
    2. Enum
  12. Libraries
    1. Specification libraries: Seq, Set, Map
    2. Executable libraries: Vec
  13. Spec closures
  14. Quantifiers
    1. forall and triggers
    2. Multiple variables, multiple triggers, matching loops
    3. exists and choose
    4. Proofs about forall and exists
    5. Example: binary search
    6. Ambient (broadcast) lemmas
  16. Tutorial: Proof Development
  17. Developing proofs
    1. Using assert and assume
    2. Devising loop invariants
    3. Proving absence of overflow
  18. SMT solving, automation, and where automation fails
    1. What's decidable, what's undecidable, what's fast, what's slow
    2. Integers and nonlinear arithmetic
    3. Bit vectors and bitwise operations
    4. forall and exists: writing and using triggers, inline functions
    5. Recursive functions
    6. Extensional equality
    7. Libraries: incomplete axioms for Seq, Set, Map
  19. Managing proof performance and why it's critical
    1. Measuring verification performance
    2. Quantifier profiling
    3. Modules, hiding, opaque, reveal
    4. Hiding local proofs with assert (...) by { ... }
    5. Structured proofs by calculation
    6. Proof by computation
    7. Spinning off separate SMT queries
    8. Breaking proofs into smaller pieces
  20. Using LLM assistants
    1. Using LLMs to develop proofs
    2. Using LLMs to develop specifications
  21. Checklist: what to do when proofs go wrong
  23. Tutorial: Verification and Rust
  24. Mutation, references, and borrowing
    1. Mutable references
    2. Assertions about mutable references
  25. Traits
  26. Iterator Specifications
  27. Higher-order executable functions
    1. Passing functions as values
    2. Closures
  28. Ghost and tracked variables
  29. Strings
  30. Macros
  31. Unsafe code & complex ownership
    1. Cells / interior mutability
    2. Pointers
    3. Concurrency
  32. Verifying a container library: Binary Search Tree
    1. First draft
    2. Encapsulating well-formedness with type invariants
    3. Making it generic
    4. Implementing Clone
    5. Mutable references in a container
    6. Full source for the examples
  33. Interacting with unverified code
    1. Calling unverified code from verified code
    2. Calling verified code from unverified code
  34. Understanding the guarantees of a verified program
    1. Assumptions and trusted components
    2. Memory safety is conditional on verification
    3. Calling verified code from unverified code
  36. Installation, configuration, and tooling
  37. Installation and setup
    1. IDE Support
    2. Installing and configuring Singular
  38. Project setup and development
    1. Working with crates
    2. Invoking Verus code from Rust
    3. Documentation with Rustdoc
    4. Ghost Erasure
  40. Reference
  41. Supported and unsupported Rust features
  42. Verus syntax by example
  43. Modes
    1. Function modes
    2. Variable modes
  44. Contributed Extensions
    1. Automatic spec to exec functions
    2. Spec and proof attributes for exec functions
      1. Automatic exec to spec functions
  45. Spec expressions
    1. Rust subset
    2. Operator Precedence
    3. Arithmetic
    4. Bit operators
    5. Coercion with as
    6. Spec equality (==)
    7. Extensional equality (=~=, =~~=)
    8. Prefix and/or (&&& and |||)
    9. Chained operators
    10. Implication (==>, <==, and <==>)
    11. Quantifiers (forall, exists)
    12. Such that (choose)
    13. Trigger annotations
    14. The view function @
    15. Spec index operator []
    16. decreases_to!
  46. Proof features
    1. assert and assume
    2. assert ... by
    3. assert forall ... by
    4. assert ... by(bit_vector)
    5. assert ... by(nonlinear_arith)
    6. assert ... by(compute) / by(compute_only)
    7. reveal, reveal_with_fuel, hide
  47. Function specifications
    1. Function Signatures
      1. Exec fn signature
      2. Proof fn signature
      3. Spec fn signature
    2. Signature clauses
      1. requires / ensures
      2. returns
      3. opens_invariants
      4. no_unwind
      5. recommends
    3. Traits and signature inheritance
    4. Specifications on FnOnce
  48. External trait specifications
  49. Loop specifications
    1. invariant
    2. invariant_except_break / ensures
  50. Recursion and termination
    1. decreases ... when ... via ...
    2. Datatype ordering
    3. Cyclic definitions
  51. Type invariants
  52. Attribute list
  53. Directives
    1. assume_specification
    2. global
  54. Misc. Rust features
    1. Statics
    2. char
    3. Unions
    4. Pointers and cells
  55. Command line
    1. --record
  56. Planned future work