%%% ATP 2008 %%% Cut Elimination in Intuitionistic Sequent Calculus %%% Author: Frank Pfenning, Carsten Schuermann % Intercalation formulation with "cut" i* : o -> type. %prefix 11 i*. e* : o -> type. %prefix 11 e*. ei* : i* A -> e* A. ie* : e* A -> i* A. iandi* : i* A -> i* B -> i* (A and B). iandel*: e* (A and B) -> e* A. iander*: e* (A and B) -> e* B. iimpi* : (e* A -> i* B) -> i* (A imp B). iimpe* : e* (A imp B) -> i* A -> e* B. ioril* : i* A -> i* (A or B). iorir* : i* B -> i* (A or B). iore* : e* (A or B) -> (e* A -> i* C) -> (e* B -> i* C) -> i* C. inoti* : ({p:o} e* A -> i* p) -> i* (not A). inote* : e* (not A) -> i* A -> i* C. itruei* : i* true. ifalsee* : e* false -> i* C. ialli* : ({a:i} i* A a) -> i* forall ([x] A x). ialle* : e* forall ([x] A x) -> {T:i} e* A T. iexi* : {T:i} i* A T -> i* exists ([x] A x). iexe* : e* exists ([x] A x) -> ({a:i} e* A a -> i* C) -> i* C. % Theorem 3.3 (Completeness of annotated deductions) ndinti : |- A -> i* A -> type. ndinte : |- A -> e* A -> type. %mode (ndinti +D -I) (ndinte +D -E). ndinti/andi : ndinti (andi D1 D2) (iandi* I1 I2) <- ndinti D1 I1 <- ndinti D2 I2. ndinte/andi : ndinte (andi D1 D2) (ei* (iandi* I1 I2)) <- ndinti D1 I1 <- ndinti D2 I2. ndinti/andel: ndinti (andel D) (ie* (iandel* E)) <- ndinte D E. ndinte/andel: ndinte (andel D) (iandel* E) <- ndinte D E. ndinti/andel: ndinti (ander D) (ie* (iander* E)) <- ndinte D E. ndinte/ander: ndinte (ander D) (iander* E) <- ndinte D E. ndinti/impi : ndinti (impi D) (iimpi* I) <- ({u}{v} ndinte u v -> ndinti u (ie* v) -> ndinti (D u) (I v)). ndinte/impi : ndinte (impi D) (ei* (iimpi* I)) <- ({u}{v} ndinte u v -> ndinti u (ie* v) -> ndinti (D u) (I v)). ndinti/impi : ndinti (impe D1 D2) (ie* (iimpe* E1 I2)) <- ndinte D1 E1 <- ndinti D2 I2. ndinti/impe : ndinte (impe D1 D2) (iimpe* E1 I2) <- ndinte D1 E1 <- ndinti D2 I2. ndinti/oril : ndinti (oril D) (ioril* I) <- ndinti D I. ndinte/oril : ndinte (oril D) (ei* (ioril* I)) <- ndinti D I. ndinti/orir : ndinti (orir D) (iorir* I) <- ndinti D I. ndinte/orir : ndinte (orir D) (ei* (iorir* I)) <- ndinti D I. ndinti/ore : ndinti (ore D1 D2 D3) (iore* E1 I2 I3) <- ndinte D1 E1 <- ({u}{v} ndinte u v -> ndinti u (ie* v) -> ndinti (D2 u) (I2 v)) <- ({u}{v} ndinte u v -> ndinti u (ie* v) -> ndinti (D3 u) (I3 v)). ndinte/ore : ndinte (ore D1 D2 D3) (ei* (iore* E1 I2 I3)) <- ndinte D1 E1 <- ({u}{v} ndinte u v -> ndinti u (ie* v) -> ndinti (D2 u) (I2 v)) <- ({u}{v} ndinte u v -> ndinti u (ie* v) -> ndinti (D3 u) (I3 v)). ndinti/noti : ndinti (noti D) (inoti* I) <- ({p:o}{u}{v} ndinte u v -> ndinti u (ie* v) -> ndinti (D p u) (I p v)). ndinte/noti : ndinte (noti D) (ei* (inoti* I)) <- ({p:o}{u}{v} ndinte u v -> ndinti u (ie* v) -> ndinti (D p u) (I p v)). ndinti/note : ndinti (note D1 D2) (inote* E1 I2) <- ndinte D1 E1 <- ndinti D2 I2. ndinte/note : ndinte (note D1 D2) (ei* (inote* E1 I2)) <- ndinte D1 E1 <- ndinti D2 I2. ndinti/truei : ndinti truei itruei*. ndinte/truei : ndinte truei (ei* itruei*). ndinti/falsee : ndinti (falsee D) (ifalsee* E) <- ndinte D E. ndinte/falsee : ndinte (falsee D) (ei* (ifalsee* E)) <- ndinte D E. ndinti/alli : ndinti (alli D) (ialli* I) <-({a} ndinti (D a) (I a)). ndinte/alli : ndinte (alli D) (ei* (ialli* I)) <-({a} ndinti (D a) (I a)). ndinti/alle : ndinti (alle D T) (ie* (ialle* E T)) <- ndinte D E. ndinte/alle : ndinte (alle D T) (ialle* E T) <- ndinte D E. ndinti/exi : ndinti (exi T D) (iexi* T I) <- ndinti D I. ndinte/exi : ndinte (exi T D) (ei* (iexi* T I)) <- ndinti D I. ndinti/exe : ndinti (exe D1 D2) (iexe* E1 I2) <- ndinte D1 E1 <- ({a} {u}{v} ndinte u v -> ndinti u (ie* v) -> ndinti (D2 a u) (I2 a v)). ndinte/exe : ndinte (exe D1 D2) (ei* (iexe* E1 I2)) <- ndinte D1 E1 <- ({a} {u}{v} ndinte u v -> ndinti u (ie* v) -> ndinti (D2 a u) (I2 a v)). %block l6 : some {A:o} block {u: |- A} {v: e* A} {w1: ndinte u v} {w2: ndinti u (ie* v)}. %worlds (l6 | l2 | l3) (ndinte _ _) (ndinti _ _). %total (D1 D2) (ndinte D1 _) (ndinti D2 _). % Sequent formulation with "cut" conc* : o -> type. % Conclusion (right) %name conc* D*. cut* : {A:o} conc* A -> (hyp A -> conc* C) -> conc* C. axiom* : (hyp A -> conc* A). andr* : conc* A -> conc* B -> conc* (A and B). andl1* : (hyp A -> conc* C) -> (hyp (A and B) -> conc* C). andl2* : (hyp B -> conc* C) -> (hyp (A and B) -> conc* C). impr* : (hyp A -> conc* B) -> conc* (A imp B). impl* : conc* A -> (hyp B -> conc* C) -> (hyp (A imp B) -> conc* C). orr1* : conc* A -> conc* (A or B). orr2* : conc* B -> conc* (A or B). orl* : (hyp A -> conc* C) -> (hyp B -> conc* C) -> (hyp (A or B) -> conc* C). notr* : ({p:o} hyp A -> conc* p) -> conc* (not A). notl* : conc* A -> (hyp (not A) -> conc* C). truer* : conc* (true). falsel* : (hyp (false) -> conc* C). forallr* : ({a:i} conc* (A a)) -> conc* (forall A). foralll* : {T:i} (hyp (A T) -> conc* C) -> (hyp (forall A) -> conc* C). existsr* : {T:i} conc* (A T) -> conc* (exists A). existsl* : ({a:i} hyp (A a) -> conc* C) -> (hyp (exists A) -> conc* C). % Theorem 3.10 (Completeness of Sequent Calculus with Cut) intseqi* : i* C -> conc* C -> type. intseqe* : e* A -> (hyp A -> conc* C) -> conc* C -> type. %mode (intseqi* +I -C) (intseqe* +E +C1 -C2). intseqe*/ei* : intseqe* (ei* I1) C2 (cut* _ C1 C2) <- intseqi* I1 C1. intseqi*/ie* : intseqi* (ie* E) C <- intseqe* E ([u] axiom* u) C. intseqi*/iandi* : intseqi* (iandi* I1 I2) (andr* C1 C2) <- intseqi* I1 C1 <- intseqi* I2 C2. intseqe*/iandel*: intseqe* (iandel* E1) C2 C1 <- intseqe* E1 ([u] andl1* C2 u) C1. intseqe*/iandel*: intseqe* (iander* E1) C2 C1 <- intseqe* E1 ([u] andl2* C2 u) C1. intseqi*/iimpi* : intseqi* (iimpi* I) (impr* C) <- ({u}{h} ({B}{C':hyp A -> conc* B} intseqe* u C' (C' h)) -> intseqi* (I u) (C h)). intseqe*/iimpe* : intseqe* (iimpe* E1 I2) C3 C1 <- intseqi* I2 C2 <- intseqe* E1 ([u] impl* C2 C3 u) C1. intseqi*/ioril* : intseqi* (ioril* I) (orr1* C) <- intseqi* I C. intseqi*/iorir* : intseqi* (iorir* I) (orr2* C) <- intseqi* I C. intseqi*/iore* : intseqi* (iore* E1 I2 I3) C1 <- ({u}{h} ({C}{C':hyp A -> conc* C} intseqe* u C' (C' h)) -> intseqi* (I2 u) (C2 h)) <- ({u}{h} ({C}{C':hyp B -> conc* C} intseqe* u C' (C' h)) -> intseqi* (I3 u) (C3 h)) <- intseqe* E1 ([u] orl* C2 C3 u) C1. intseqi*/inoti* : intseqi* (inoti* I) (notr* C) <- ({p}{u}{h} ({B}{C':hyp A -> conc* B} intseqe* u C' (C' h)) -> intseqi* (I p u) (C p h)). intseqi*/inote* : intseqi* (inote* E1 I2) C1 <- intseqi* I2 C2 <- intseqe* E1 ([u] notl* C2 u) C1. intseqi*/itruei* : intseqi* itruei* truer*. intseqi*/ifalsee* : intseqi* (ifalsee* E) C <- intseqe* E ([u] falsel* u) C. intseqi*/ialli* : intseqi* (ialli* I) (forallr* C) <- ({a:i} intseqi* (I a) (C a)). intseqe*/ialle* : intseqe* (ialle* E1 T2) C3 C <- intseqe* E1 ([u] foralll* T2 C3 u) C. intseqi*/iexi* : intseqi* (iexi* T1 I2) (existsr* T1 C2) <- intseqi* I2 C2. intseqi*/iexe* : intseqi* (iexe* E1 I2) C1 <- ({a:i} {u} {h} ({B}{C':hyp _ -> conc* B} intseqe* u C' (C' h)) -> intseqi* (I2 a u) (C2 a h)) <- intseqe* E1 ([u] existsl* C2 u) C1. %block l7 : some {A:o} block {u: e* A} {h: hyp A} {w:{B}{C':hyp A -> conc* B} intseqe* u C' (C' h)}. %worlds (l7 | l2 | l3) (intseqi* _ _) (intseqe* _ _ _). %total (I E) (intseqi* I _) (intseqe* E _ _). ca : {A:o} conc A -> (hyp A -> conc C) -> conc C -> type. %mode ca +A +D +E -F. %% Axiom Conversions ca_axiom_l : ca A (axiom H) E (E H). ca_axiom_r : ca A D ([h:hyp A] axiom h) D. %% Essential Conversions ca_and1 : ca (A1 and A2) (andr D1 D2) ([h:hyp (A1 and A2)] andl1 (E1 h) h) F <- ({h1:hyp A1} ca (A1 and A2) (andr D1 D2) ([h:hyp (A1 and A2)] E1 h h1) (E1' h1)) <- ca A1 D1 E1' F. ca_and2 : ca (A1 and A2) (andr D1 D2) ([h:hyp (A1 and A2)] andl2 (E2 h) h) F <- ({h2:hyp A2} ca (A1 and A2) (andr D1 D2) ([h:hyp (A1 and A2)] E2 h h2) (E2' h2)) <- ca A2 D2 E2' F. ca_imp : ca (A1 imp A2) (impr D2) ([h:hyp (A1 imp A2)] impl (E1 h) (E2 h) h) F <- ca (A1 imp A2) (impr D2) E1 E1' <- ({h2:hyp A2} ca (A1 imp A2) (impr D2) ([h:hyp (A1 imp A2)] E2 h h2) (E2' h2)) <- ca A1 E1' D2 D2' <- ca A2 D2' E2' F. ca_or1 : ca (A1 or A2) (orr1 D1) ([h:hyp (A1 or A2)] orl (E1 h) (E2 h) h) F <- ({h1:hyp A1} ca (A1 or A2) (orr1 D1) ([h:hyp (A1 or A2)] E1 h h1) (E1' h1)) <- ca A1 D1 E1' F. ca_or2 : ca (A1 or A2) (orr2 D2) ([h:hyp (A1 or A2)] orl (E1 h) (E2 h) h) F <- ({h2:hyp A2} ca (A1 or A2) (orr2 D2) ([h:hyp (A1 or A2)] E2 h h2) (E2' h2)) <- ca A2 D2 E2' F. ca_not : ca (not A1) (notr D1) ([h:hyp (not A1)] notl (E1 h) h) (F2 C) <- ca (not A1) (notr D1) E1 F1 <- ({p:o} ca A1 F1 ([h1:hyp A1] D1 p h1) (F2 p)). ca_forall : ca (forall A1) (forallr D1) ([h:hyp (forall A1)] foralll T (E1 h) h) F <- ({h2:hyp (A1 T)} ca (forall A1) (forallr D1) ([h:hyp (forall A1)] E1 h h2) (E1' h2)) <- ca (A1 T) (D1 T) E1' F. ca_exists : ca (exists A1) (existsr T D1) ([h:hyp (exists A1)] existsl (E1 h) h) F <- ({a:i} {h1:hyp (A1 a)} ca (exists A1) (existsr T D1) ([h:hyp (exists A1)] E1 h a h1) (E1' a h1)) <- ca (A1 T) D1 (E1' T) F. %% Left Commutative Conversions cal_andl1 : ca A (andl1 D1 H) E (andl1 D1' H) <- {h1:hyp B1} ca A (D1 h1) E (D1' h1). cal_andl2 : ca A (andl2 D2 H) E (andl2 D2' H) <- {h2:hyp B2} ca A (D2 h2) E (D2' h2). cal_impl : ca A (impl D1 D2 H) E (impl D1 D2' H) <- ({h2:hyp B2} ca A (D2 h2) E (D2' h2)). cal_orl : ca A (orl D1 D2 H) E (orl D1' D2' H) <- ({h1:hyp B1} ca A (D1 h1) E (D1' h1)) <- ({h2:hyp B2} ca A (D2 h2) E (D2' h2)). cal_notl : ca A (notl D1 H) E (notl D1 H). cal_falsel : ca A (falsel H) E (falsel H). cal_foralll : ca A (foralll T D1 H) E (foralll T D1' H) <- ({h} ca A (D1 h) E (D1' h)). cal_existsl : ca A (existsl D1 H) E (existsl D1' H) <- ({a:i} {h:hyp (B1 a)} ca A (D1 a h) E (D1' a h)). %% Right Commutative Conversions % was commented out car_axiom : ca A D ([h:hyp A] axiom H1) (axiom H1). car_andr : ca A D ([h:hyp A] andr (E1 h) (E2 h)) (andr E1' E2') <- ca A D E1 E1' <- ca A D E2 E2'. car_andl1: ca A D ([h:hyp A] andl1 (E1 h) H) (andl1 E1' H) <- ({h1:hyp B1} ca A D ([h:hyp A] E1 h h1) (E1' h1)). car_andl2: ca A D ([h:hyp A] andl2 (E2 h) H) (andl2 E2' H) <- ({h2:hyp B2} ca A D ([h:hyp A] E2 h h2) (E2' h2)). car_impr : ca A D ([h:hyp A] impr (E2 h)) (impr E2') <- ({h1:hyp B1} ca A D ([h:hyp A] E2 h h1) (E2' h1)). car_impl : ca A D ([h:hyp A] impl (E1 h) (E2 h) H) (impl E1' E2' H) <- ca A D E1 E1' <- ({h2:hyp B2} ca A D ([h:hyp A] E2 h h2) (E2' h2)). car_orr1 : ca A D ([h:hyp A] orr1 (E1 h)) (orr1 E1') <- ca A D E1 E1'. car_orr2 : ca A D ([h:hyp A] orr2 (E2 h)) (orr2 E2') <- ca A D E2 E2'. car_orl : ca A D ([h:hyp A] orl (E1 h) (E2 h) H) (orl E1' E2' H) <- ({h1:hyp B1} ca A D ([h:hyp A] E1 h h1) (E1' h1)) <- ({h2:hyp B2} ca A D ([h:hyp A] E2 h h2) (E2' h2)). car_notr : ca A D ([h:hyp A] notr (E1 h)) (notr E1') <- ({p:o} {h1:hyp B1} ca A D ([h:hyp A] E1 h p h1) (E1' p h1)). car_notl : ca A D ([h:hyp A] notl (E1 h) H) (notl E1' H) <- ca A D E1 E1'. car_truer: ca A D ([h:hyp A] truer) (truer). car_falsel : ca A D ([h:hyp A] falsel H) (falsel H). car_forallr : ca A D ([h:hyp A] forallr (E1 h)) (forallr E1') <- ({a:i} ca A D ([h:hyp A] E1 h a) (E1' a)). car_foralll: ca A D ([h:hyp A] foralll T (E1 h) H) (foralll T E1' H) <- ({h1} ca A D ([h:hyp A] E1 h h1) (E1' h1)). car_existsr : ca A D ([h:hyp A] existsr T (E1 h)) (existsr T E1') <- ca A D E1 E1'. car_existsl : ca A D ([h:hyp A] existsl (E1 h) H) (existsl E1' H) <- ({a:i} {h1:hyp (B1 a)} ca A D ([h:hyp A] E1 h a h1) (E1' a h1)). %block l8 : some {A:o} block {h:hyp A}. %worlds (l8 | l2 | l3) (ca A D E F). %covers ca +A +D +E -F. %terminates {A [D E]} (ca A D E _). %total {A [D E]} (ca A D E _). ce : conc* C -> conc C -> type. %mode ce +D* -D. ce_cut : ce (cut* A D1* D2*) D <- ce D1* D1 <- ({h1:hyp A} ce (D2* h1) (D2 h1)) <- ca A D1 D2 D. ce_axiom : ce (axiom* H) (axiom H). ce_andr : ce (andr* D1* D2*) (andr D1 D2) <- ce D1* D1 <- ce D2* D2. ce_andl1 : ce (andl1* D1* H) (andl1 D1 H) <- ({h1:hyp A} ce (D1* h1) (D1 h1)). ce_andl2 : ce (andl2* D2* H) (andl2 D2 H) <- ({h2:hyp B} ce (D2* h2) (D2 h2)). ce_impr : ce (impr* D1*) (impr D1) <- ({h1:hyp A} ce (D1* h1) (D1 h1)). ce_impl : ce (impl* D1* D2* H) (impl D1 D2 H) <- ce D1* D1 <- ({h2:hyp B} ce (D2* h2) (D2 h2)). ce_orr1 : ce (orr1* D1*) (orr1 D1) <- ce D1* D1. ce_orr2 : ce (orr2* D2*) (orr2 D2) <- ce D2* D2. ce_orl : ce (orl* D1* D2* H) (orl D1 D2 H) <- ({h1:hyp A} ce (D1* h1) (D1 h1)) <- ({h2:hyp B} ce (D2* h2) (D2 h2)). ce_notr : ce (notr* D1*) (notr D1) <- ({p:o} {h1:hyp A} ce (D1* p h1) (D1 p h1)). ce_notl : ce (notl* D1* H) (notl D1 H) <- ce D1* D1. ce_truer : ce (truer*) (truer). ce_falsel : ce (falsel* H) (falsel H). ce_forallr : ce (forallr* D1*) (forallr D1) <- {a:i} ce (D1* a) (D1 a). ce_foralll : ce (foralll* T D1* H) (foralll T D1 H) <- ({h1} ce (D1* h1) (D1 h1)). ce_existsr : ce (existsr* T D1*) (existsr T D1) <- ce D1* D1. ce_existsl : ce (existsl* D1* H) (existsl D1 H) <- ({a:i} {h1:hyp (A1 a)} ce (D1* a h1) (D1 a h1)). %worlds (l8 | l2 | l3) (ce D* D). %covers ce +D *D*. %terminates D (ce D _). %total D (ce D _). % Theorem 3.13 (Normalization for Natural Deduction) norm : |- A -> i- A -> type. %mode norm +D -I. proof : norm D I' <- ndinti D I <- intseqi* I C <- ce C C' <- seqintc C' I'. %worlds () (norm _ _). %total [] (norm _ _).