Verifier Closure for Fixed-Core Interval Programs: A Certified Replay Architecture in Lean~4

We study certificate-based verification of straight-line interval
programs built over a fixed primitive core
$\Sprim=\{+,-,\times,\operatorname{inv},\operatorname{sqrt},\relu\}$
with polynomial specification constraints expressed over
$\{+,-,\times\}$.
Our main result is a \emph{verifier-closure theorem}: for this fixed
core, every obligation the verifier must discharge is a
quantifier-free ground integer formula, each non-trivial primitive rule
is witnessed by explicit Euclidean data, and acceptance is decided by
deterministic replay of a finite ledger without search.
The contribution is not a new interval semantics, not a decision
procedure for non-linear real arithmetic in general, and not a
verification of deployed floating-point code; it is a closure result
for a concrete verifier architecture over a fixed primitive set.
The architecture rests on a strict Galois insertion between real
intervals and an encoded fixed-point integer domain, a total
normalisation homomorphism~$\tau$ mapping certificate-side expressions
into a ground integer signature $\Sint$, closed-form witness-bearing
rules for each primitive, and a specification-side ledger replayed by
the same machinery.
Verifier acceptance implies the existence of a unique concrete real
trajectory and enclosure of every certified specification constraint;
structural replay cost is $O(n+s)$ in the ledger size.
Transfer from certified mathematical semantics to a deployed
implementation is isolated as an explicit implementation-inclusion
contract, kept outside the verifier's trusted computing base.
Core definitions and soundness theorems are mechanically verified in
Lean~4 using Mathlib.


▽Lean Proof
https://github.com/GhostDriftTheory/adic-lean-proof-replay