hol_light: Unify asm and proof filenames with exported symbols

Port of pq-code-package/mlkem-native#1663 (commit 3/4).

Signed-off-by: Matthias J. Kannwischer <matthias@zerorisc.com>

Author: mkannwischer

.github/workflows/hol_light.yml

@@ -72,38 +72,38 @@ jobs:
           gh_token: ${{ secrets.GITHUB_TOKEN }}
           nix-shell: 'hol_light'
           script: |
-            make -C proofs/hol_light/aarch64 mldsa/mldsa_poly_caddq.o
-            echo 'needs "aarch64/proofs/mldsa_poly_caddq.ml";;' | hol.sh
+            make -C proofs/hol_light/aarch64 mldsa/poly_caddq_aarch64_asm.o
+            echo 'needs "aarch64/proofs/poly_caddq_aarch64_asm.ml";;' | hol.sh
   hol_light_proofs:
     needs: [ hol_light_bytecode ]
     strategy:
       fail-fast: false
       matrix:
         proof:
           # Dependencies on {name}.{S,ml} are implicit
-          - name: mldsa_ntt
+          - name: ntt_aarch64_asm
             needs: ["mldsa_specs.ml", "mldsa_zetas.ml", "aarch64_utils.ml", "subroutine_signatures.ml"]
-          - name: mldsa_pointwise
+          - name: pointwise_montgomery_aarch64_asm
             needs: ["mldsa_specs.ml", "aarch64_utils.ml", "subroutine_signatures.ml"]
-          - name: mldsa_pointwise_acc_l4
+          - name: mld_polyvecl_pointwise_acc_montgomery_l4_aarch64_asm
             needs: ["mldsa_specs.ml", "aarch64_utils.ml", "subroutine_signatures.ml"]
-          - name: mldsa_pointwise_acc_l5
+          - name: mld_polyvecl_pointwise_acc_montgomery_l5_aarch64_asm
             needs: ["mldsa_specs.ml", "aarch64_utils.ml", "subroutine_signatures.ml"]
-          - name: mldsa_pointwise_acc_l7
+          - name: mld_polyvecl_pointwise_acc_montgomery_l7_aarch64_asm
             needs: ["mldsa_specs.ml", "aarch64_utils.ml", "subroutine_signatures.ml"]
-          - name: mldsa_poly_caddq
+          - name: poly_caddq_aarch64_asm
             needs: ["aarch64_utils.ml"]
-          - name: mldsa_poly_chknorm
+          - name: poly_chknorm_aarch64_asm
             needs: ["aarch64_utils.ml"]
-          - name: keccak_f1600_x1_scalar
+          - name: keccak_f1600_x1_scalar_aarch64_asm
             needs: ["keccak_spec.ml"]
-          - name: keccak_f1600_x1_v84a
+          - name: keccak_f1600_x1_v84a_aarch64_asm
             needs: ["keccak_spec.ml"]
-          - name: keccak_f1600_x2_v84a
+          - name: keccak_f1600_x2_v84a_aarch64_asm
             needs: ["keccak_spec.ml"]
-          - name: keccak_f1600_x4_v8a_scalar
+          - name: keccak_f1600_x4_v8a_scalar_hybrid_aarch64_asm
             needs: ["keccak_spec.ml"]
-          - name: keccak_f1600_x4_v8a_v84a_scalar
+          - name: keccak_f1600_x4_v8a_v84a_scalar_hybrid_aarch64_asm
             needs: ["keccak_spec.ml"]
     name: AArch64 HOL Light proof for ${{ matrix.proof.name }}.S
     runs-on: pqcp-arm64
@@ -175,8 +175,8 @@ jobs:
           nix-shell: 'hol_light'
           script: |
             # TODO: Enable when we have a cheaper proof
-            # make -C proofs/hol_light/x86_64 mldsa/mldsa_ntt.o
-            # echo 'needs "x86_64/proofs/mldsa_ntt.ml";;' | hol.sh
+            # make -C proofs/hol_light/x86_64 mldsa/ntt_avx2_asm.o
+            # echo 'needs "x86_64/proofs/ntt_avx2_asm.ml";;' | hol.sh
             echo 'needs "x86/proofs/base.ml";; needs "common/mldsa_specs.ml";; #quit;;' | hol.sh
   hol_light_proofs_x86_64:
     needs: [ hol_light_bytecode_x86_64 ]
@@ -185,19 +185,19 @@ jobs:
       matrix:
         proof:
           # Dependencies on {name}.{S,ml} are implicit
-          - name: mldsa_ntt
+          - name: ntt_avx2_asm
             needs: ["mldsa_specs.ml", "mldsa_utils.ml", "mldsa_zetas.ml"]
-          - name: mldsa_intt
+          - name: intt_avx2_asm
             needs: ["mldsa_specs.ml", "mldsa_utils.ml", "mldsa_zetas.ml"]
-          - name: mldsa_nttunpack
+          - name: nttunpack_avx2_asm
             needs: ["mldsa_specs.ml"]
-          - name: mldsa_pointwise
+          - name: pointwise_avx2_asm
             needs: ["mldsa_specs.ml", "mldsa_utils.ml", "mldsa_zetas.ml"]
-          - name: mldsa_pointwise_acc_l4
+          - name: pointwise_acc_l4_avx2_asm
             needs: ["mldsa_specs.ml", "mldsa_utils.ml", "mldsa_zetas.ml", "subroutine_signatures.ml"]
-          - name: mldsa_pointwise_acc_l5
+          - name: pointwise_acc_l5_avx2_asm
             needs: ["mldsa_specs.ml", "mldsa_utils.ml", "mldsa_zetas.ml", "subroutine_signatures.ml"]
-          - name: mldsa_pointwise_acc_l7
+          - name: pointwise_acc_l7_avx2_asm
             needs: ["mldsa_specs.ml", "mldsa_utils.ml", "mldsa_zetas.ml", "subroutine_signatures.ml"]
     name: x86_64 HOL Light proof for ${{ matrix.proof.name }}.S
     runs-on: pqcp-x64

BIBLIOGRAPHY.md

@@ -125,8 +125,8 @@ source code and documentation.
   - [mldsa/src/fips202/native/aarch64/src/keccak_f1600_x1_v84a_aarch64_asm.S](mldsa/src/fips202/native/aarch64/src/keccak_f1600_x1_v84a_aarch64_asm.S)
   - [mldsa/src/fips202/native/aarch64/src/keccak_f1600_x2_v84a_aarch64_asm.S](mldsa/src/fips202/native/aarch64/src/keccak_f1600_x2_v84a_aarch64_asm.S)
   - [proofs/hol_light/README.md](proofs/hol_light/README.md)
-  - [proofs/hol_light/aarch64/mldsa/keccak_f1600_x1_v84a.S](proofs/hol_light/aarch64/mldsa/keccak_f1600_x1_v84a.S)
-  - [proofs/hol_light/aarch64/mldsa/keccak_f1600_x2_v84a.S](proofs/hol_light/aarch64/mldsa/keccak_f1600_x2_v84a.S)
+  - [proofs/hol_light/aarch64/mldsa/keccak_f1600_x1_v84a_aarch64_asm.S](proofs/hol_light/aarch64/mldsa/keccak_f1600_x1_v84a_aarch64_asm.S)
+  - [proofs/hol_light/aarch64/mldsa/keccak_f1600_x2_v84a_aarch64_asm.S](proofs/hol_light/aarch64/mldsa/keccak_f1600_x2_v84a_aarch64_asm.S)
 
 ### `KyberSlash`
 
@@ -182,7 +182,7 @@ source code and documentation.
   - [dev/aarch64_opt/src/ntt_aarch64_asm.S](dev/aarch64_opt/src/ntt_aarch64_asm.S)
   - [mldsa/src/native/aarch64/src/intt_aarch64_asm.S](mldsa/src/native/aarch64/src/intt_aarch64_asm.S)
   - [mldsa/src/native/aarch64/src/ntt_aarch64_asm.S](mldsa/src/native/aarch64/src/ntt_aarch64_asm.S)
-  - [proofs/hol_light/aarch64/mldsa/mldsa_ntt.S](proofs/hol_light/aarch64/mldsa/mldsa_ntt.S)
+  - [proofs/hol_light/aarch64/mldsa/ntt_aarch64_asm.S](proofs/hol_light/aarch64/mldsa/ntt_aarch64_asm.S)
 
 ### `REF`
 
@@ -252,13 +252,13 @@ source code and documentation.
   - [mldsa/src/native/x86_64/src/rej_uniform_avx2.c](mldsa/src/native/x86_64/src/rej_uniform_avx2.c)
   - [mldsa/src/native/x86_64/src/rej_uniform_eta2_avx2.c](mldsa/src/native/x86_64/src/rej_uniform_eta2_avx2.c)
   - [mldsa/src/native/x86_64/src/rej_uniform_eta4_avx2.c](mldsa/src/native/x86_64/src/rej_uniform_eta4_avx2.c)
-  - [proofs/hol_light/x86_64/mldsa/mldsa_intt.S](proofs/hol_light/x86_64/mldsa/mldsa_intt.S)
-  - [proofs/hol_light/x86_64/mldsa/mldsa_ntt.S](proofs/hol_light/x86_64/mldsa/mldsa_ntt.S)
-  - [proofs/hol_light/x86_64/mldsa/mldsa_nttunpack.S](proofs/hol_light/x86_64/mldsa/mldsa_nttunpack.S)
-  - [proofs/hol_light/x86_64/mldsa/mldsa_pointwise.S](proofs/hol_light/x86_64/mldsa/mldsa_pointwise.S)
-  - [proofs/hol_light/x86_64/mldsa/mldsa_pointwise_acc_l4.S](proofs/hol_light/x86_64/mldsa/mldsa_pointwise_acc_l4.S)
-  - [proofs/hol_light/x86_64/mldsa/mldsa_pointwise_acc_l5.S](proofs/hol_light/x86_64/mldsa/mldsa_pointwise_acc_l5.S)
-  - [proofs/hol_light/x86_64/mldsa/mldsa_pointwise_acc_l7.S](proofs/hol_light/x86_64/mldsa/mldsa_pointwise_acc_l7.S)
+  - [proofs/hol_light/x86_64/mldsa/intt_avx2_asm.S](proofs/hol_light/x86_64/mldsa/intt_avx2_asm.S)
+  - [proofs/hol_light/x86_64/mldsa/ntt_avx2_asm.S](proofs/hol_light/x86_64/mldsa/ntt_avx2_asm.S)
+  - [proofs/hol_light/x86_64/mldsa/nttunpack_avx2_asm.S](proofs/hol_light/x86_64/mldsa/nttunpack_avx2_asm.S)
+  - [proofs/hol_light/x86_64/mldsa/pointwise_acc_l4_avx2_asm.S](proofs/hol_light/x86_64/mldsa/pointwise_acc_l4_avx2_asm.S)
+  - [proofs/hol_light/x86_64/mldsa/pointwise_acc_l5_avx2_asm.S](proofs/hol_light/x86_64/mldsa/pointwise_acc_l5_avx2_asm.S)
+  - [proofs/hol_light/x86_64/mldsa/pointwise_acc_l7_avx2_asm.S](proofs/hol_light/x86_64/mldsa/pointwise_acc_l7_avx2_asm.S)
+  - [proofs/hol_light/x86_64/mldsa/pointwise_avx2_asm.S](proofs/hol_light/x86_64/mldsa/pointwise_avx2_asm.S)
 
 ### `Round3_Spec`
 
@@ -293,7 +293,7 @@ source code and documentation.
   - [dev/aarch64_opt/src/ntt_aarch64_asm.S](dev/aarch64_opt/src/ntt_aarch64_asm.S)
   - [mldsa/src/native/aarch64/src/intt_aarch64_asm.S](mldsa/src/native/aarch64/src/intt_aarch64_asm.S)
   - [mldsa/src/native/aarch64/src/ntt_aarch64_asm.S](mldsa/src/native/aarch64/src/ntt_aarch64_asm.S)
-  - [proofs/hol_light/aarch64/mldsa/mldsa_ntt.S](proofs/hol_light/aarch64/mldsa/mldsa_ntt.S)
+  - [proofs/hol_light/aarch64/mldsa/ntt_aarch64_asm.S](proofs/hol_light/aarch64/mldsa/ntt_aarch64_asm.S)
 
 ### `libmceliece`
 

dev/aarch64_clean/src/arith_native_aarch64.h

@@ -64,7 +64,7 @@ MLD_INTERNAL_DATA_DECLARATION const uint8_t mld_polyz_unpack_19_indices[64];
 void mld_ntt_aarch64_asm(int32_t *r, const int32_t *zetas_l123456,
                          const int32_t *zetas_l78)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/aarch64/proofs/mldsa_ntt.ml */
+ * in proofs/hol_light/aarch64/proofs/ntt_aarch64_asm.ml */
 __contract__(
   requires(memory_no_alias(r, sizeof(int32_t) * MLDSA_N))
   requires(array_abs_bound(r, 0, MLDSA_N, 8380417))
@@ -113,7 +113,7 @@ void mld_poly_decompose_88_aarch64_asm(int32_t *a1, int32_t *a0);
 #define mld_poly_caddq_aarch64_asm MLD_NAMESPACE(poly_caddq_aarch64_asm)
 void mld_poly_caddq_aarch64_asm(int32_t *a)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/aarch64/proofs/mldsa_poly_caddq.ml */
+ * in proofs/hol_light/aarch64/proofs/poly_caddq_aarch64_asm.ml */
 __contract__(
   requires(memory_no_alias(a, sizeof(int32_t) * MLDSA_N))
   requires(array_abs_bound(a, 0, MLDSA_N, MLDSA_Q))
@@ -137,7 +137,7 @@ void mld_poly_use_hint_88_aarch64_asm(int32_t *b, const int32_t *a,
 MLD_MUST_CHECK_RETURN_VALUE
 int mld_poly_chknorm_aarch64_asm(const int32_t *a, int32_t B)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/aarch64/proofs/mldsa_poly_chknorm.ml */
+ * in proofs/hol_light/aarch64/proofs/poly_chknorm_aarch64_asm.ml */
 __contract__(
   requires(memory_no_alias(a, sizeof(int32_t) * MLDSA_N))
   /* HOL Light precondition: abs(ival(x i)) < 2^31, i.e., a[i] != INT32_MIN */
@@ -165,7 +165,7 @@ void mld_polyz_unpack_19_aarch64_asm(int32_t *r, const uint8_t *buf,
 void mld_poly_pointwise_montgomery_aarch64_asm(int32_t *r, const int32_t *a,
                                                const int32_t *b)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/aarch64/proofs/mldsa_pointwise.ml */
+ * in proofs/hol_light/aarch64/proofs/pointwise_montgomery_aarch64_asm.ml */
 __contract__(
   requires(memory_no_alias(r, sizeof(int32_t) * MLDSA_N))
   requires(memory_no_alias(a, sizeof(int32_t) * MLDSA_N))
@@ -185,7 +185,9 @@ __contract__(
 void mld_polyvecl_pointwise_acc_montgomery_l4_aarch64_asm(
     int32_t *r, const int32_t a[4][MLDSA_N], const int32_t b[4][MLDSA_N])
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/aarch64/proofs/mldsa_pointwise_acc_l4.ml */
+ * in
+ * proofs/hol_light/aarch64/proofs/mld_polyvecl_pointwise_acc_montgomery_l4_aarch64_asm.ml
+ */
 __contract__(
   requires(memory_no_alias(r, sizeof(int32_t) * MLDSA_N))
   requires(memory_no_alias(a, sizeof(int32_t) * 4 * MLDSA_N))
@@ -203,7 +205,9 @@ __contract__(
 void mld_polyvecl_pointwise_acc_montgomery_l5_aarch64_asm(
     int32_t *r, const int32_t a[5][MLDSA_N], const int32_t b[5][MLDSA_N])
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/aarch64/proofs/mldsa_pointwise_acc_l5.ml */
+ * in
+ * proofs/hol_light/aarch64/proofs/mld_polyvecl_pointwise_acc_montgomery_l5_aarch64_asm.ml
+ */
 __contract__(
   requires(memory_no_alias(r, sizeof(int32_t) * MLDSA_N))
   requires(memory_no_alias(a, sizeof(int32_t) * 5 * MLDSA_N))
@@ -221,7 +225,9 @@ __contract__(
 void mld_polyvecl_pointwise_acc_montgomery_l7_aarch64_asm(
     int32_t *r, const int32_t a[7][MLDSA_N], const int32_t b[7][MLDSA_N])
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/aarch64/proofs/mldsa_pointwise_acc_l7.ml */
+ * in
+ * proofs/hol_light/aarch64/proofs/mld_polyvecl_pointwise_acc_montgomery_l7_aarch64_asm.ml
+ */
 __contract__(
   requires(memory_no_alias(r, sizeof(int32_t) * MLDSA_N))
   requires(memory_no_alias(a, sizeof(int32_t) * 7 * MLDSA_N))

dev/aarch64_opt/src/arith_native_aarch64.h

@@ -64,7 +64,7 @@ MLD_INTERNAL_DATA_DECLARATION const uint8_t mld_polyz_unpack_19_indices[64];
 void mld_ntt_aarch64_asm(int32_t *r, const int32_t *zetas_l123456,
                          const int32_t *zetas_l78)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/aarch64/proofs/mldsa_ntt.ml */
+ * in proofs/hol_light/aarch64/proofs/ntt_aarch64_asm.ml */
 __contract__(
   requires(memory_no_alias(r, sizeof(int32_t) * MLDSA_N))
   requires(array_abs_bound(r, 0, MLDSA_N, 8380417))
@@ -113,7 +113,7 @@ void mld_poly_decompose_88_aarch64_asm(int32_t *a1, int32_t *a0);
 #define mld_poly_caddq_aarch64_asm MLD_NAMESPACE(poly_caddq_aarch64_asm)
 void mld_poly_caddq_aarch64_asm(int32_t *a)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/aarch64/proofs/mldsa_poly_caddq.ml */
+ * in proofs/hol_light/aarch64/proofs/poly_caddq_aarch64_asm.ml */
 __contract__(
   requires(memory_no_alias(a, sizeof(int32_t) * MLDSA_N))
   requires(array_abs_bound(a, 0, MLDSA_N, MLDSA_Q))
@@ -137,7 +137,7 @@ void mld_poly_use_hint_88_aarch64_asm(int32_t *b, const int32_t *a,
 MLD_MUST_CHECK_RETURN_VALUE
 int mld_poly_chknorm_aarch64_asm(const int32_t *a, int32_t B)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/aarch64/proofs/mldsa_poly_chknorm.ml */
+ * in proofs/hol_light/aarch64/proofs/poly_chknorm_aarch64_asm.ml */
 __contract__(
   requires(memory_no_alias(a, sizeof(int32_t) * MLDSA_N))
   /* HOL Light precondition: abs(ival(x i)) < 2^31, i.e., a[i] != INT32_MIN */
@@ -165,7 +165,7 @@ void mld_polyz_unpack_19_aarch64_asm(int32_t *r, const uint8_t *buf,
 void mld_poly_pointwise_montgomery_aarch64_asm(int32_t *r, const int32_t *a,
                                                const int32_t *b)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/aarch64/proofs/mldsa_pointwise.ml */
+ * in proofs/hol_light/aarch64/proofs/pointwise_montgomery_aarch64_asm.ml */
 __contract__(
   requires(memory_no_alias(r, sizeof(int32_t) * MLDSA_N))
   requires(memory_no_alias(a, sizeof(int32_t) * MLDSA_N))
@@ -185,7 +185,9 @@ __contract__(
 void mld_polyvecl_pointwise_acc_montgomery_l4_aarch64_asm(
     int32_t *r, const int32_t a[4][MLDSA_N], const int32_t b[4][MLDSA_N])
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/aarch64/proofs/mldsa_pointwise_acc_l4.ml */
+ * in
+ * proofs/hol_light/aarch64/proofs/mld_polyvecl_pointwise_acc_montgomery_l4_aarch64_asm.ml
+ */
 __contract__(
   requires(memory_no_alias(r, sizeof(int32_t) * MLDSA_N))
   requires(memory_no_alias(a, sizeof(int32_t) * 4 * MLDSA_N))
@@ -203,7 +205,9 @@ __contract__(
 void mld_polyvecl_pointwise_acc_montgomery_l5_aarch64_asm(
     int32_t *r, const int32_t a[5][MLDSA_N], const int32_t b[5][MLDSA_N])
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/aarch64/proofs/mldsa_pointwise_acc_l5.ml */
+ * in
+ * proofs/hol_light/aarch64/proofs/mld_polyvecl_pointwise_acc_montgomery_l5_aarch64_asm.ml
+ */
 __contract__(
   requires(memory_no_alias(r, sizeof(int32_t) * MLDSA_N))
   requires(memory_no_alias(a, sizeof(int32_t) * 5 * MLDSA_N))
@@ -221,7 +225,9 @@ __contract__(
 void mld_polyvecl_pointwise_acc_montgomery_l7_aarch64_asm(
     int32_t *r, const int32_t a[7][MLDSA_N], const int32_t b[7][MLDSA_N])
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/aarch64/proofs/mldsa_pointwise_acc_l7.ml */
+ * in
+ * proofs/hol_light/aarch64/proofs/mld_polyvecl_pointwise_acc_montgomery_l7_aarch64_asm.ml
+ */
 __contract__(
   requires(memory_no_alias(r, sizeof(int32_t) * MLDSA_N))
   requires(memory_no_alias(a, sizeof(int32_t) * 7 * MLDSA_N))

dev/x86_64/src/arith_native_x86_64.h

@@ -34,7 +34,7 @@ MLD_INTERNAL_DATA_DECLARATION const uint8_t mld_rej_uniform_table[256][8];
 #define mld_ntt_avx2_asm MLD_NAMESPACE(ntt_avx2_asm)
 void mld_ntt_avx2_asm(int32_t *r, const int32_t *qdata)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/x86_64/proofs/mldsa_ntt.ml */
+ * in proofs/hol_light/x86_64/proofs/ntt_avx2_asm.ml */
 __contract__(
   requires(memory_no_alias(r, sizeof(int32_t) * MLDSA_N))
   requires(array_abs_bound(r, 0, MLDSA_N, 8380417))
@@ -48,7 +48,7 @@ __contract__(
 #define mld_invntt_avx2_asm MLD_NAMESPACE(invntt_avx2_asm)
 void mld_invntt_avx2_asm(int32_t *r, const int32_t *qdata)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/x86_64/proofs/mldsa_intt.ml */
+ * in proofs/hol_light/x86_64/proofs/intt_avx2_asm.ml */
 __contract__(
   requires(memory_no_alias(r, sizeof(int32_t) * MLDSA_N))
   requires(array_abs_bound(r, 0, MLDSA_N, 8380417))
@@ -62,7 +62,7 @@ __contract__(
 #define mld_nttunpack_avx2_asm MLD_NAMESPACE(nttunpack_avx2_asm)
 void mld_nttunpack_avx2_asm(int32_t *r)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/x86_64/proofs/mldsa_nttunpack.ml */
+ * in proofs/hol_light/x86_64/proofs/nttunpack_avx2_asm.ml */
 __contract__(
   requires(memory_no_alias(r, sizeof(int32_t) * MLDSA_N))
   requires(array_abs_bound(r, 0, MLDSA_N, 8380417))
@@ -125,7 +125,7 @@ void mld_polyz_unpack_19_avx2(int32_t *r, const uint8_t *a);
 void mld_pointwise_avx2_asm(int32_t *c, const int32_t *a, const int32_t *b,
                             const int32_t *qdata)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/x86_64/proofs/mldsa_pointwise.ml */
+ * in proofs/hol_light/x86_64/proofs/pointwise_avx2_asm.ml */
 __contract__(
   requires(memory_no_alias(c, sizeof(int32_t) * MLDSA_N))
   requires(memory_no_alias(a, sizeof(int32_t) * MLDSA_N))
@@ -145,7 +145,7 @@ void mld_pointwise_acc_l4_avx2_asm(int32_t c[MLDSA_N],
                                    const int32_t b[4][MLDSA_N],
                                    const int32_t *qdata)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/x86_64/proofs/mldsa_pointwise_acc_l4.ml */
+ * in proofs/hol_light/x86_64/proofs/pointwise_acc_l4_avx2_asm.ml */
 __contract__(
   requires(memory_no_alias(c, sizeof(int32_t) * MLDSA_N))
   requires(memory_no_alias(a, sizeof(int32_t) * 4 * MLDSA_N))
@@ -165,7 +165,7 @@ void mld_pointwise_acc_l5_avx2_asm(int32_t c[MLDSA_N],
                                    const int32_t b[5][MLDSA_N],
                                    const int32_t *qdata)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/x86_64/proofs/mldsa_pointwise_acc_l5.ml */
+ * in proofs/hol_light/x86_64/proofs/pointwise_acc_l5_avx2_asm.ml */
 __contract__(
   requires(memory_no_alias(c, sizeof(int32_t) * MLDSA_N))
   requires(memory_no_alias(a, sizeof(int32_t) * 5 * MLDSA_N))
@@ -185,7 +185,7 @@ void mld_pointwise_acc_l7_avx2_asm(int32_t c[MLDSA_N],
                                    const int32_t b[7][MLDSA_N],
                                    const int32_t *qdata)
 /* This must be kept in sync with the HOL-Light specification
- * in proofs/hol_light/x86_64/proofs/mldsa_pointwise_acc_l7.ml */
+ * in proofs/hol_light/x86_64/proofs/pointwise_acc_l7_avx2_asm.ml */
 __contract__(
   requires(memory_no_alias(c, sizeof(int32_t) * MLDSA_N))
   requires(memory_no_alias(a, sizeof(int32_t) * 7 * MLDSA_N))