Dependent types and multi-monadic effects in F*

We present a new, completely redesigned, version of F-star, a language that works both as a proof assistant as well as a general-purpose, verification-oriented, effectful programming language. In support of these complementary roles, F-star is a dependently typed, higher-order, call-by-value language with primitive effects including state, exceptions, divergence and IO. Although primitive, programmers choose the granularity at which to specify effects by equipping each effect with a monadic, predicate transformer semantics. F-star uses this to efficiently compute weakest preconditions and discharges the resulting proof obligations using a combination of SMT solving and manual proofs. Isolated from the effects, the core of F-star is a language of pure functions used to write specifications and proof terms its consistency is maintained by a semantic termination check based on a well-founded order. We evaluate our design on more than 55,000 lines of F-star we have authored in the last year, focusing on three main case studies. Showcasing its use as a general-purpose programming language, F-star is programmed (but not verified) in F-star, and bootstraps in both OCaml and F#. Our experience confirms F-star's pay-as-you-go cost model: writing idiomatic ML-like code with no finer specifications imposes no user burden. As a verification-oriented language, our most significant evaluation of F-star is in verifying several key modules in an implementation of the TLS-1.2 protocol standard. For the modules we considered, we are able to prove more properties, with fewer annotations using F-star than in a prior verified implementation of TLS-1.2. Finally, as a proof assistant, we discuss our use of F-star in mechanizing the metatheory of a range of lambda calculi, starting from the simply typed lambda calculus to System F-omega and even mu F-star, a sizeable fragment of F-star itself these proofs make essential use of F-star's flexible combination of SMT automation and constructive proofs, enabling a tactic-free style of programming and proving at a relatively large scale.