% Carsten Schuermann
% Type preservation of a functional programming language

% First add the type
tp : type.
nat : tp.
arr : tp -> tp -> tp.

% Then the values/expression
exp : type.
z  : exp.
s  : exp -> exp. 
case : exp -> exp -> (exp -> exp) -> exp.

lam : (exp -> exp) -> exp.
app : exp -> exp -> exp.
fix : (exp -> exp) -> exp.

% Then the typing rules
of : exp -> tp -> type.
ofz : of z nat.
ofs : of E nat 
      -> of (s E) nat.
ofcase : of E nat -> of E1 T -> ({x:exp} of x nat -> of (E2 x) T)
         -> of (case E E1 E2) T.

oflam  : ({x:exp} of x T1 -> of (E x) T2)
          -> of (lam E) (arr T1 T2).
ofapp  : of E1 (arr T2 T1) -> of E2 T2
	  -> of (app E1 E2) T1.
offix  : ({x:exp} of x T -> of (E x) T)
          -> of (fix E) T.
	     


% Then the rules for evaluation
eval : exp -> exp -> type.
evz : eval z z.
evs : eval E V ->
      eval (s E) (s V). 
evalcasez: eval E z  -> eval E1 V 
	   -> eval (case E E1 E2) V. 
evalcases: eval E (s V') -> eval (E2 V') V
	   -> eval (case E E1 E2) V. 
evallam  : eval (lam E) (lam E).
evalapp  : eval E1 (lam E1') -> eval (E1' E2) V
	    -> eval (app E1 E2) V.
evalfix  : eval (E (fix E)) V
	    -> eval (fix E) V.
% Then prove type preservation

%theorem typepreservation:
	 forall {E:exp}{V:exp}{T:tp}{D:eval E V}{P:of E T}
	 exists {Q:of V T} true.
%prove 5 [D] (typepreservation E V T D P Q).