(no title)

Dafny implements this at the compiler level (and a curly braces syntax!).

Coq uses other methods more tailored towards recursion.

You are right that if every loop must terminate, it is not Turing complete. So some valid programs will not compile.

There are some interesting programs that potentially never terminate (like servers, daemons, OS, games, etc) formal methods can be applied too. For instance to prove that they preserve certain property or that they don't terminate or terminate only under certain conditions.

I find the theory extremely elegant and pleasurable, but it´s obviously not everyone's cup of tea, as shown by its lack of widespread use.

LLM's might create a revival in the coming years for the following reasons:

1) cost of formalization goes down 2) cost of proving goes down 3) cost of programming goes down 4) provable code quality becomes a differentiation among a sea of programs