Formal Correctness Proofs of Functional Programs: Dijkstra’s Algorithm, a Case Study

One can argue that writing proofs might be better than writing programs, for the following simple reason: There is no algorithm that can check whether a program meets its specification, but it is easy to check whether a given proof is correct.