Lecture 12: Building Intuitionistic and Classical proofs

Teacher: Dave Miller, INRIA

Roles of Logic in CS (Computation):

Computation-as-model: model-checking, temporal logic
Computation-as-deduction: terms, types, sequents, proofs
- Proof normalization (FP): $β$-reduction, cut-elimination
- Proof search paradigm (LP)

Terms and Formulas (Church 1940, STT)

Everything began with Church:

$o$ “type” for formulas
$ι, nat$: primitive types
$∧, ∨, ⇒$: of type $o → o → o$
$⊤, ⊥$: of type $o$
$pred: ι → nat → o$
$∀_τ, ∃_τ: (τ → o) → o$ for each $τ$

That’s what you have in HOL, Isabelle, Dedukti…

E.g.:

\[p, q: ι → o\\ \underbrace{∀_ι. \; \underbrace{(∃x. \; \underbrace{p(x) ⇒ q(x)}_{o})}_{ι → o}}_{o}\]

And if

\[B \; ≝ \; ∃x. \; p(x) ⇒ q(x)\]

$∀_ι B$ can be rewritten as (quantifier instantiation):

\[∀_ι B ⟶ B t = (∃x. \; p(x) ⇒ q(x))t ⟶_β (pt) ⇒ (qt)\]

On top of that: $α, β, η$ reductions are decidable.

Question: does there exists an $N$ such that

\[(λw,x. w)N =_{αβη} λy.y\]

? Answer: No! (with $N = x$, it $β$-reduces to $λy. x$ (capture-avoiding substitution))

Sequent Calculus (Gentzen 1935) for Classical + Intuitionistic Logics

Gentzen invented Natural Deduction to study classical/intuitionistic logic, but he failed to achieve what he wanted with it. He then came up with sequent calculus.

Two-sided Sequent:: \[\underbrace{Σ}_{\text{signature (collection of eigenvalues)}} : \underbrace{Γ}_{\text{finite collection of formulas (lists/multi-sets/sets/ ...)}} ⊢ \underbrace{Δ}_{\text{finite collection of formulas (lists/multi-sets/sets/ ...)}}\]

NB:

One-sided: $Σ: \quad ⊢ Δ$
If you don’t have exchange rules ⟶ Lambek (1956): non-commutative and

Inference Rules

Identity Rules: Initial and Cut

\[\cfrac{}{B ⊢ B} \text{init}\] \[\cfrac{Γ_1 ⊢ B, Δ_1 \qquad Γ_2, B ⊢ Δ_2}{Γ_1, Γ_2 ⊢ Δ_1, Δ_2} \text{cut}\]

In intuitionistic logic, you can settle with:

\[\cfrac{Γ ⊢ B \qquad Γ, B ⊢ C}{Γ ⊢ C} \text{intuitionistic cut}\]

NB: Going upward in the cut rule is obviously very computationally expensive, but it can also be the case for init (you have to check equality, which can be expensive for big data structures)

Structural Rules

\[\cfrac{Γ_1, C, B, Γ_2 ⊢ Δ}{Γ_1, B, C, Γ_2 ⊢ Δ} \text{exchange left (xl)}\] \[\cfrac{Γ ⊢ Δ}{Γ, B ⊢ Δ} \text{weakening left (wl)} \qquad \cfrac{Γ ⊢ Δ}{Γ ⊢ B, Δ} \text{weakening right (wr)}\] \[\cfrac{Γ, B, B ⊢ Δ}{Γ, B ⊢ Δ} \text{contraction left (cl)} \qquad \cfrac{Γ ⊢ B, B, Δ}{Γ ⊢ B, Δ} \text{contraction right (cr)}\]

NB: The reason why Gentzen struggled with Natural Deduction was because it doesn’t have a comma on the right of the sequent in “contraction right” (he needed to be able to handle at least two formulas)

Introduction Rules

Set of rules for left and right introduction.

\[\cfrac{Γ ⊢ B_1, Δ \qquad Γ ⊢ B_2, Δ}{Γ ⊢ B_1 \& B_2, Δ} \qquad \cfrac{}{Γ ⊢ ⊤, Δ}\] \[\cfrac{Γ_1 ⊢ B_1, Δ_1 \qquad Γ_2 ⊢ B_2, Δ_2}{Γ_1, Γ_2 ⊢ B_1 ⊗ B_2, Δ_1, Δ_2} \qquad \qquad \cfrac{}{ ⊢ 1}\]

NB: in the multiplicative version: then going upward:

if the $Γ$’s are multisets, there are $2^n$ possible splittings
if the $Γ$’s are sets, there are $3^n$ possible splittings (a given formula can appear in either of the premises or in both)

\[\cfrac{Γ, B_i ⊢ Δ}{Γ, B_1 \& B_2 ⊢ Δ} \quad i ∈ \lbrace 1, 2\rbrace\]

and no introduction rule for $⊤$ (you can’t pick from an empty conjunction)

\[\cfrac{Γ, B_1, B_2 ⊢ Δ}{Γ, B_1 ⊗ B_2 ⊢ Δ} \qquad \cfrac{Γ ⊢ Δ}{Γ, 1 ⊢ Δ}\]

Order of a formula (and type)

Ex:

$ι$: order $1$
$ι → o$: order $1$
$(ι → o) → o$: order $2$
$ι → (ι → ι)$: order $1$

\[ord(τ) = 0 \qquad \text{ if } τ \text{ is primitive}\\ ord(τ_1 → τ_2) = \max (ord(τ_1)+1, ord(τ_2))\\ ord(τ_1 ∧ τ_2) = \max(ord(τ_1), ord(τ_2))\\\]

Ex: $ord(((τ_1 → τ_2) → τ_3) → τ_4) = 3$

NB: In logic/functional programming, you typically rarely need more than order 2 or 3 types/formulas.

Sequent Calculus: pros and cons

Good points:

Cut-elimination ⟹ Consistency (if there is a proof of $⊢$ with cut, there is a proof without cut, and it is easliy shown to be impossible by case analysis)
Unity of logic (fuzzy, modal, hypermodal, intuitionistic, …. ⟶ what unifies them?): Gentzen’s original problem was to unify classical and intuitionistic logic.

When Girard came along, he also integrated linear logic (and the big picture improved)

Bad points:

the rules are too low-level! (assembly logic)
everything is about cut-free proofs in logic programming, but anything remotely mathematically interesting tends to have a “natural” cut-free proofs.

Rule permutation

There’s a sense in which the order of application of some rules doesn’t matter. E.g.

\[\infer{Γ, p ∨ q ⊢ r ⇒ s, Δ}{ \infer{Γ, p ⊢ r ⇒ s, Δ}{ \infer{Γ, p, r ⊢ s, Δ}{} } & \infer{Γ, q ⊢ r ⇒ s, Δ}{ \infer{Γ, q, r ⊢ s, Δ}{} } }\]

but we could have done

\[\infer{Γ, p ∨ q ⊢ r ⇒ s, Δ}{ \infer{Γ, p ∨ q, r ⊢ s, Δ}{ \infer{Γ, p, r ⊢ s, Δ}{} & \infer{Γ, q, r ⊢ s, Δ}{} } }\]

SC for Classical and Intuitionistic Logic (Chapter 4 of Lecture Notes)

\[Σ: Γ ⊢ Δ \qquad \text{ where } Γ, Δ \text{ are multisets}\]

$⊤, ⊥, ∧, ∨, ⇒, ∀, ∃$
$⇒_L$ + cut multiplicative
$∧_R$ + $∨_L$ additive
$¬ B = B ⇒ ⊥$

Classical proof (C-proof) for any proof in this system.

An Intuitionistic proof (I-proof) is a C-proof where every occurrence of a sequent has a singleton right-hand-side (= succedent)

Difference between I and C:

Excluded middle ($p ∨ ¬ p$), elimination of double negation ($¬¬p ⇒ p$) is not provable in I
Kripke models: C only care about today, I cares about all the days to come too
Constructive concerns: in I (not in C):
- Disjunction property: $⊢_I B ∨ C$ provable implies $⊢_I B$ provable or $⊢_I C$ provable.
- Witness property: $⊢_I ∃x. \; B (x)$ provable implies $⊢_I B (t)$ provable for some term $t$.
Gentzen: single-conclusion (= rhs = succedent) VS. multi-conclusion
Restart

Equivalent Restriction

In I: no weakening on the right, no contraction on the right.

i.e. in I:
\[\underbrace{Γ}_{\text{classical side}} ⊢ \underbrace{Δ}_{\text{linear side (no w, c)}}\]
\[\cfrac{Γ_1 ⊢ B, Δ_1 \qquad Γ_2, C ⊢ Δ_2}{Γ_1, Γ_2, B ⇒ C ⊢ Δ_1, Δ_2} ⇒_L\]
Problem: you could end up with two formulas in the conclusion of the first premise!

⟹ the rhs of the conclusion sequent must move to the right premise

And on top of that, from a linear logic standpoint, as:

$\cfrac{}{!Γ \, ⊢ \, !B, Δ}!R$ is possible only if $Δ$ is empty, that suggests that there is a $!$ hiding in $⇒$ (which is indeed the case: $B ⇒ C ≡ !B ⊸ C$)

Prop: $\text{ If } Γ ⊢_I Δ \text{ then } Γ ⊢_C Δ$

To prove $⊢ p ∨ (¬p)$, the only way to start (without cut) is with a contraction (that is, the proof is classical):

\[\infer{⊢ p ∨ (¬ p)}{ \infer[cR]{⊢ p ∨ (¬ p), p ∨ (¬ p)}{ \infer{⊢ p, (p ⇒ ⊥)}{ \infer[wR]{p ⊢ p, ⊥}{ \infer{p ⊢ p}{ } } } } }\]

Other example:

\[\infer{⊢ (r(a) ∧ r(b) ⇒ q) ⇒ (∃x. (r(x) ⇒ q))}{ \infer{r(a) ∧ r(b) ⇒ q ⊢ (∃x. (r(x) ⇒ q))}{ \infer{r(a) ∧ r(b) ⇒ q ⊢ (∃x. (r(x) ⇒ q)), (∃x. (r(x) ⇒ q))}{ \infer{r(a) ∧ r(b) ⇒ q ⊢ (r(a) ⇒ q), (r(b) ⇒ q)}{ \infer{r(a) ∧ r(b) ⇒ q, r(a), r(b) ⊢ q, q}{ \infer{r(a), r(b) ⊢ r(a) ∧ r(b), q, q}{ \vdots } & \infer{q, r(a), r(b) ⊢ q, q}{ \vdots } } } } } }\]

Calssical reasoning: either $r(a)$ is true (in which case set $x \; ≝ \; a$) or it is false (in which case set $x \; ≝ \; a$, and $∃x. (r(x) ⇒ q)$ is vacuously true).

In C:

\[C ∨ (p ⇒ B) ≡ C ∨ (¬ p ∨ B) ≡ (C ∨ ¬ p) ∨ B \\ ≡ (p ⇒ C) ∨ B ≡ p ⇒ (C ∨ B)\]

so the scope of $p$ is not limited to $B$ in classical logic.

Restart rule: when you’re in a proof, you can do

\[\infer{ ⋯ ⊢ ⋯ }{ \infer{\vdots }{ \infer[Restart]{Γ ⊢ B}{ Γ ⊢ C } } }\]

if $Γ ⊢ C$ appears in the proof below (in the “history”: $C ∈ history$)

Th: I-proofs + Restart = C-proofs

Choices in building I/C-proofs

For automated proof search: weakening and contraction are usually incoporated into inference rules

Init is redefined as:

\[\cfrac{}{Γ, A ⊢ A, A}init\]

weakening is “attached to it”

What we’re going toward: uniform proofs (old terminology), aka focused proofs (new terminology).

Similarly:

\[\cfrac{Γ ⊢ B(t), Δ}{Γ ⊢ ∃x. \, B(x), Δ}\]

⟶ how do you pick $t$? There’s a notion of so-called “logic variables” and unification (you leave a hold instead of $t$ and keep it as long as possible). It’s a possible implementation, but it’s not part of the proof theory formalism.

Two kinds of non-determinism

There’re two kinds thereof:

don’t know ND
- ex: the hole matter for the existential, in the previous example
don’t care ND
- ex: $A_1 ⊗ A_2, B_1 ⊗ B_2, … ⊢$ ⟹ we don’t care which tensor to “break” first

Where’s the dynamics of computation?

Classical logic never forgets a goal on the right (and on the left (as I) too), you can always reuse it (cf. restart rule). In C and I, the lhs only grows (which is not the case in linear logic (cf. picture with switch on/off))

Horn Clauses: no notion of modularity, the lhs remains the same all along.

Share on

Twitter Facebook Google+ LinkedIn