Dependent types and HOL

Dependent Types

Non-dependent types

ex: $f: A ⟶ B$, where $B$ doesn’t depend on the input $A$

Math predicates

ex: \(Even: ℕ ⟶ Prop\)

• $Even(0) = True$
• $Even(1) = False$

NB: it’s $Proof$ and not $Bool$ since the logic isn’t decidable ⟶ there are some terms that are reducible to true (we can prove) or false (wa can disprove).

As we can’t tell if a given proposition is True or False (except if we use the law of excluded middle for instance), we can’t make inductive case analysis on Prop.

Dependent type:

\[∀n: ℕ, \underbrace{∃p; (n=p+p) ∨ (n=S(p+p))}_{\text{predicate } P(n)}\]

Examples:

data List (A : Set) : Set where
    Nil : List A
    Cons : A -> List A -> List A

data option (A : Set) : Set where
    Some : A -> option A
    None : option A

HOL Light

Another proof assistant: stands for Higher Order Logic (Coq, Agda are also resorting to higher order logic).

Simple type theory

Simply typed $λ$-calculus:

\[terms := λx.u \mid uv \mid x\]

Simply typed:

basic types (here: $nat$ for numbers and $bool$ for propositions), one type constructor: $⟶$

Typing judgments:

variables, modus ponens, abstractions

It is strongly normalising (but a bit boring, we don’t have fixed points anymore).

HOL Light type system

We have polymorphic types.

Classical logic (each proposition reduces to either true or false).

Other type constructors:

• $(=): α ⟶ α ⟶ bool$

  • in particular: $α$ could be $bool$, and in this case we use the syntactic sugar $⟺$

• one constant: $ε: (α ⟶ bool) ⟶ α$

VS: Coq statements are not mere $λ$-terms but types $λ$-termes

The type checking is not done as it would be in Coq or Agda ⟶ the proofs are external derivations that ensure that types are well-formed.

In Coq/Agda: the goal is to provide a $λ$-term of a given type. Not in HOL.

Basic elementary constructors are the only ones we can use to build derivation proofs.

Typing rules:

1. Reflexivity of equality \(\cfrac{}{⊢ t=t} REFL\)

2. Transitivity of equality (could be derived from other rules, but added just for efficiency)

3. Congruence of application $s(u) = t(v)$ whenever $u=t$

4. Congruence of abstraction $λx. u = λx. v$ whenever $u=v$

5. $β$-reduction: $(λx. t)x = t$

6. Axiom rule $\lbrace p \rbrace ⊢ p$

7. Modus ponens $q$ whenever $p ⟺q$ and $p$

8. Building equivalence: \(\cfrac{Γ ⊢ p \quad Δ ⊢ q}{(Γ\backslash \lbrace q \rbrace) ∪ (Δ \backslash \lbrace p \rbrace) ⊢ p ⟺ q}\)

9. Instantiation of terms: \(\cfrac{Γ[x_1, ⋯, x_n] ⊢ p[x_1, ⋯, x_n]}{Γ[t_1, ⋯, t_n] ⊢ p[t_1, ⋯, t_n]}\)

10. Instantiation of type variables: \(\cfrac{Γ[α_1, ⋯, α_n] ⊢ p[α_1, ⋯, α_n]}{Γ[γ_1, ⋯, γ_n] ⊢ p[γ_1, ⋯, γ_n]}\)

Then, there’s some additional syntactic sugar to define $⊤, ⊥, ¬, …$

Ex:

\[⊤ ≝ (λx. x) = (λx. x)\]

inhabited by $REFL \; (λx. x)$

---

\[∧: bool → bool → bool\\ p∧q ≝ (λf. f \, p \, q) = (λf. f \, ⊤ \, ⊤)\]

Let’s show that we have the usual elimination rules:

\[\cfrac{p ∧ q}{p}\]

We begin with

\[\cfrac{}{(λf. f \, p \, q) = (λf. f \, ⊤ \, ⊤)}\]

By REFL, we have also

\[\cfrac{}{(λx,y.x) = (λx,y.x)}\]

Then we use the congruence of application:

\[\cfrac{}{p = ⊤} \text{ i.e. } \cfrac{}{p ⟺ ⊤}\]

Then by modus ponens:

\[\cfrac{}{p}\]

Conversely, from $p$ and $q$, one can derive $p ∧ q$

From $p$ (resp. $q$) and $⊤$, on derives $p = ⊤$ (resp. $q = ⊤$) from the “building equivalence” rule.

Then one applies $f$ to $p = ⊤$, then $f \, p = f \, ⊤$ to $q = ⊤$, and finally use the abstraction rule.