Declaring Lemmas
Lemmas are proof helpers that establish facts for the verifier without affecting runtime behavior.
Using Lemmas
Calling lemmas establishes facts that help the verifier prove your code correct.
Step Lemmas
Step lemmas break complex loop invariant proofs into manageable inductive steps that the SMT solver can verify.