Selected topics in proof theory

8/12/2019 Selected topics in proof theory

1/60

Selected topics in proof theory

Helmut Schwichtenberg

Mathematisches Institut der Universit at M unchenSommersemester 2013


2/60

Contents

Chapter 1. Proof theory of arithmetic 11.1. Ordinals below 0 11.2. Provability of initial cases of transnite induction 4

Chapter 2. Computability in higher types 9

2.1. Abstract computability via information systems 92.2. Denotational and operational semantics 24

Chapter 3. Extracting computational content from proofs 313.1. A theory of computable functionals 313.2. Realizability interpretation 37

Bibliography 53

Index 55

i


3/60


4/60

CHAPTER 1

Proof theory of arithmetic

The goal of this chapter is to present some in a sense most complexproofs that can be done in rst-order arithmetic.

The main tool for proving theorems in arithmetic is clearly the inductionschema

A(0) x (A(x) A(Sx )) x A(x).Here A(x) is an arbitrary formula. An equivalent form of this schema iscourse-of-values or cumulative induction

x ( y


5/60

2 1. PROOF THEORY OF ARITHMETIC

based on the Cantor normal form for ordinals; cf. Bachmann (1955). Wealso introduce some elementary relations and operations for such ordinalnotations, which will be used later. For brevity we from now on use theword ordinal instead of ordinal notation.

1.1.1. Basic denitions. We dene the two notions is an ordinal < for ordinals ,

simultaneously by induction:(1) If m , . . . , 0 are ordinals, m 1 and m 0 (where

means > or = ), then

m + + 0

is an ordinal. Note that the empty sum denoted by 0 is allowed.(2) If m + + 0 and n + + 0 are ordinals, then

m + + 0 < n + + 0

iff there is an i 0 such that m i < n i , m i+1 = n i+1 , . . . , m = n , or else m < n and m = n , . . . , 0 = n m .

For proofs by induction on ordinals it is convenient to introduce the notionof level of an ordinal by the stipulations (a) if is the empty sum 0,lev( ) = 0, and (b) if = m + . . . + 0 with m . . . 0, thenlev( ) = lev( m ) + 1.

For ordinals of level k+1 we have k < k+1 , where 0 = 0, 1 = ,k+1 = k .

We shall use the notation 1 for 0, k for 0 + + 0 with k copies of 0 and k for + + again with k copies of .

It is easy to see (by induction on the levels) that < is a linear order with0 being the smallest element.

We dene addition for ordinals by

m + + 0 + n + + 0 := m + + i + n + + 0

where i is minimal such that i n .It is easy to see that + is an associative operation which is strictly mono-

tonic in the second argument and weakly monotonic in the rst argument.Note that + is not commutative: 1 + = = + 1.

There is also a commutative version on addition. The natural (or Hes-senberg) sum of two ordinals is dened by

( m + + 0 )#( n + + 0 ) := m + n + + 0 ,


6/60

1.1. ORDINALS BELOW 0 3

where m + n , . . . , 0 is a decreasing permutation of m , . . . , 0, n , . . . , 0. Itis easy to see that # is associative, commutative and strictly monotonic inboth arguments.

We will also need to know how ordinals of the form + can beapproximated from below. First note that

< + k < + .

Furthermore, for any < + we can nd a < and a k such that

< + k.

1.1.2. Enumerating ordinals. In order to work with ordinals in apurely arithmetical system we set up some effective bijection between ourordinals < 0 and non-negative integers (i.e., a G odel numbering). For itsdenition it is useful to refer to ordinals in the form

m km + + 0 k0 with m > > 0 and ki = 0 ( m 1).

(By convention, m = 1 corresponds to the empty sum.)For every ordinal we dene its G odel number inductively by

m km + + 0 k0 :=i m

pki i 1,

where pn is the n-th prime number starting with p0 := 2. For every non-negative integer x we dene its corresponding ordinal notation o( x) induc-tively by

oi l

pqii 1 :=i l

o(i)q i ,

where the sum is to be understood as the natural sum.

Lemma. (a) o( ) = ,(b) o(x) = x.

Proof. This can be proved easily by induction.

Hence we have a simple bijection between ordinals and non-negativeintegers. Using this bijection we can transfer our relations and operationson ordinals to computable relations and operations on non-negative integers.We use the following abbreviations.

x y := o( x) < o(y),

x := o(x) ,x y := o(x) + o( y) ,


7/60


xk := o(x)k ,k := k .

We leave it to the reader to verify that , x x , x,y (x y), x,k (xk)and k k are all elementary.

1.2. Provability of initial cases of transnite induction

We now derive initial cases of the principle of transnite induction inarithmetic, i.e., of

x ( y x P y P x) x a P xfor some number a and a predicate symbol P , where is the standard orderof order type 0 dened in the preceding section. One can show that our

results here are optimal in the sense that for the full system of ordinals < 0the principlex ( y x P y P x) x P x

of transnite induction is underivable. All these results are due to Gentzen(1943).

1.2.1. Arithmetical systems. By an arithmetical system Z we meana theory based on minimal logic in the -language (including equalityaxioms), with the following properties. The language of Z consists of a xed(possibly countably innite) supply of function and relation constants whichare assumed to denote xed functions and relations on the non-negative

integers for which a computation procedure is known. Among the functionconstants there must be a constant S for the successor function and 0 for(the 0-place function) zero. Among the relation constants there must bea constant = for equality and for the ordering of type 0 of the naturalnumbers, as introduced in section 1.1. In order to formulate the generalprinciple of transnite induction we also assume that a unary relation symbolP is present, which acts like a free set variable.

Terms are built up from object variables x, y, z by means of f (t1, . . . , t m ),where f is a function constant. We identify closed terms which have thesame value; this is a convenient way to express in our formal systems the as-sumption that for each function constant a computation procedure is known.Terms of the form S(S( . . . S0 . . . )) are called numerals . We use the notationSn 0 or n or (only in this chapter) even n for them. Formulas are built upfrom atomic formulas R(t1, . . . , t m ), with R a relation constant or a relationsymbol, by means of A B and x A.


8/60

1.2. PROVABILITY OF INITIAL CASES OF TRANSFINITE INDUCTION 5

The axioms of Z include compatibility of equality

x = y A(x) A(y),the Peano axioms , i.e., the universal closures of

Sx = Sy x = y,(1.1)Sx = 0 A,(1.2)A(0) x (A(x) A(Sx)) x A(x),(1.3)

with A(x) an arbitrary formula. We express our assumption that for everyrelation constant R a decision procedure is known by adding the axiom Rnwhenever Rn is true. Concerning we require as axioms irreexivity andtransitivity for

x x A,x y y z x z

and also following Schutte the universal closures of

x 0 A,(1.4)

z y 0 (z y A) (z = y A) A,(1.5)x 0 = x,(1.6)x (y z) = ( x y) z,(1.7)0 x = x,(1.8)x 0 = 0,(1.9)

x

(Sy) = x

y x

,(1.10)z y Sx z y e(x,y,z )m(x,y,z ),(1.11)

z y Sx e(x ,y,z ) Sx,(1.12)

where , x,y (x y), e and m denote the appropriate function constants andA is any formula. (The reader should check that e, m can be taken to beelementary.) These axioms are formal counterparts to the properties of theordinal notations observed in the preceding section.

1.2.2. Gentzens proof.

Theorem (Provable initial cases of transnite induction in Z) . Trans- nite induction up to

n, i.e., for arbitrary A(x) the formula

x ( y x A(y) A(x)) x n A(x),is derivable in Z .


9/60


Proof. To every formula A(x) we assign a formula A+ (x) (with respectto a xed variable x) by

A+ (x) := y( z y A(z) z y x A(z)) .

We rst show

If A(x) is progressive, then A+ (x) is progressive,

where B (x) is progressive means x ( y x B (y) B (x)). So assume thatA(x) is progressive and

(1.13) y x A+ (y).

We have to show A+ (x). So assume further

(1.14) z yA(z)

and z y x. We have to show A(z).Case x = 0. Then z y 0. By (1.5) it suffices to derive A(z) from

z y as well as from z = y. If z y, then A(z) follows from (1.14), and if z = y, then A(z) follows from (1.14) and the progressiveness of A(x).

Case Sx. From z y Sx we obtain z y e(x,y,z )m(x,y,z ) by(1.11) and e(x,y,z ) Sx by (1.12). From (1.13) we obtain A+ (e(x ,y,z )).By the denition of A+ (x) we get

u y e ( x,y,z ) vA(u) u (y e ( x,y,z ) v) e ( x,y,z ) A(u)

and hence, using (1.7) and (1.10)

u y e ( x,y,z ) vA(u) u y e ( x,y,z ) (Sv)A(u).

Also from (1.14) and (1.9), (1.6) we obtain

u y e ( x,y,z ) 0A(u).

Using an appropriate instance of the induction schema we can conclude

u y e ( x,y,z ) m (x,y,z )A(u)

and hence A(z).We now show, by induction on n, how for an arbitrary formula A(x) we

can obtain a derivation of

x ( y x A(y) A(x)) x n A(x).

So assume the left hand side, i.e., assume that A(x) is progressive.Case 0. Then x 0 and hence x 0 0 by (1.8). By (1.5) it suffices

to derive A(x) from x 0 as well as from x = 0. Now x 0 A(x) holdsby (1.4), and A(0) then follows from the progressiveness of A(x).


10/60

1.2. PROVABILITY OF INITIAL CASES OF TRANSFINITE INDUCTION 7

Case n + 1. Since A(x) is progressive, by what we have shown aboveA+ (x) is also progressive. Applying the induction hypothesis to A+ (x) yields

x n A+ (x), and hence A+ (n ) by the progressiveness of A+ (x). Now thedenition of A+ (x) (together with (1.4) and (1.8)) yields z n A(z).

Note that in the induction step of this proof we have derived transniteinduction up to n +1 for A(x) from transnite induction up to n for aformula of level higher than the level of A(x). The level of a formula A isdened by

lev(R t ) := 0 ,lev(A B ) := max(lev( A) + 1 , lev(B )) ,lev( x A) := max(1 , lev(A)) .


11/60


12/60

CHAPTER 2

Computability in higher types

In this chapter we will develop a somewhat general view of computabilitytheory, where not only numbers and functions appear as arguments, but alsofunctionals of any nite type.

2.1. Abstract computability via information systems

There are two principles on which our notion of computability will bebased: nite support and monotonicity.

It is a fundamental property of computation that evaluation must benite. So in any evaluation of ( ) the argument can be called upon onlynitely many times, and hence the value if dened must be determinedby some nite subfunction of . This is the principle of nite support.

Let us carry this discussion somewhat further and look at the situationone type higher up. Let H be a partial functional of type-3, mapping type-2functionals to natural numbers. Suppose is given and H() evaluatesto a dened value. Again, evaluation must be nite. Hence the argument can only be called on nitely many functions . Furthermore each such must be presented to in a nite form (explicitly say, as a set of orderedpairs). In other words, H and also any type-2 argument supplied to itmust satisfy the nite support principle, and this must continue to apply aswe move up through the types.

To describe this principle more precisely, we need to introduce the notionof a nite approximation 0 of a functional . By this we mean a niteset X of pairs ( 0, n ) such that (i) 0 is a nite function, (ii) ( 0) is denedwith value n, and (iii) if ( 0, n ) and ( 0, n ) belong to X where 0 and 0are consistent, then n = n . The essential idea here is that should beviewed as the union of all its nite approximations. Using this notion of anite approximation we can now formulate the

Principle of nite support . If H() is dened with valuen, then there is a nite approximation 0 of such thatH (0) is dened with value n .

9


13/60


14/60

2.1. ABSTRACT COMPUTABILITY VIA INFORMATION SYSTEMS 11

each other. We also need an entailment relation between consistent setsU of data and single tokens a, which intuitively expresses the fact that theinformation contained in U is sufficient to compute the bit of information a.The axioms below are a minor modication of Scotts (1982), due to Larsenand Winskel (1991).

Definition. An information system is a structure ( A, Con, ) where Ais a countable set (the tokens ), Con is a non-empty set of nite subsets of A(the consistent sets) and is a subset of Con A (the entailment relation),which satisfy

U V Con U Con,{a} Con,U a U { a} Con,a U Con U a,U, V Con a V (U a) V b U b.

The elements of Con are called formal neighborhoods . We use U, V,W to denote nite sets, and write

U V for U Con a V (U a),a b for {a, b} Con (a, b are consistent ),U V for a U,b V (a b).

Definition. The ideals (also called objects ) of an information systemA = ( A, Con, ) are dened to be those subsets x of A which satisfy

U x U Con (x is consistent ),x U a a x (x is deductively closed ).

For example the deductive closure U := { a A | U a } of U Con is anideal. The set of all ideals of A is denoted by |A |.

Examples. Every countable set A can be turned into a at informationsystem by letting the set of tokens be A, Con := { } { { a} | a A } andU a mean a U . In this case the ideals are just the elements of Con. ForA = N we have the following picture of the Con-sets.

{0}

{1}

{2}

. . .


15/60


16/60


We have to show that {(U 1, b1), . . . , (U n , bn ), (U, b)} Con. So let I {1, . . . , n } and suppose

U i I

U i ConA .

We must show that {b} { bi | i I } Con B . Let J { 1, . . . , n } consistof those j with U A U j . Then also

U i I

U i j J

U j ConA .

Since

i I

U i j J

U j ConA ,

from the consistency of {(U 1, b1), . . . , (U n , bn )} we can conclude that

{ bi | i I } { b j | j J } ConB .

But { b j | j J } B b by assumption. Hence

{ bi | i I } { b j | j J } { b} ConB .

For the nal property, suppose

W W and W (U, b).

We have to show W (U, b), i.e., W U B b. We obtain W U B W U bymonotonicity in the rst argument, and W U b by denition.

We shall now give two alternative characterizations of the function space:

rstly as approximable maps, and secondly as continuous maps w.r.t. theso-called Scott topology.The basic idea for approximable maps is the desire to study information

respecting maps from A into B . Such a map is given by a relation r betweenConA and B, where r (U, b) intuitively means that whenever we are giventhe information U ConA , then we know that at least the token b appearsin the value.

Definition. Let A = ( A, ConA , A) and B = ( B, ConB , B ) be infor-mation systems. A relation r ConA B is an approximable map if itsatises the following:(a) if r (U, b1), . . . , r (U, bn ), then {b1, . . . , bn } ConB ;

(b) if r (U, b1), . . . , r (U, bn ) and {b1, . . . , bn } B b, then r (U, b);(c) if r (U , b) and U A U , then r (U, b).We write r : A B to mean that r is an approximable map from A to B .


17/60


18/60


Proof. Suppose U, V Con and x O U OV . We have to ndW Con such that x O W O U OV . Choose W = U V .

Lemma. Let A be an information system and O | A |. Then the fol-lowing are equivalent.(a) O is open in the Scott topology.(b) O satises

(i) If x O and x y, then y O (Alexandrov condition).(ii) If x O , then U O for some U x (Scott condition).

(c) O = U O OU .Hence open sets O may be seen as those determined by a (possiblyinnite) system of nitely observable properties, namely all U such thatU O .

Proof. (a) (b). If O is open, then O is the union of some OU s, U Con. Since each OU is upwards closed, also O is; this proves the Alexandrovcondition. For the Scott condition assume x O . Then x O U O forsome U Con. Note that U O U , hence U O , and U x since x O U .

(b) (c). Assume that O | A | satises the Alexandrov and Scottconditions. Let x O . By the Scott condition, U O for some U x, sox O U for this U . Conversely, let x O U for some U O . Then U x.Now x O follows from U O by the Alexandrov condition.

(c) (a). The OU s are the basic open sets of the Scott topology.

We now give some simple characterizations of the continuous functionsf : |A | |B |. Call f monotone if x y implies f (x) f (y).

Lemma. Let A and B be information systems and f : |A | |B |. Then the following are equivalent.(a) f is continuous w.r.t. the Scott topology.(b) f is monotone and satises the principle of nite support PFS: If

b f (x), then b f (U ) for some U x.(c) f is monotone and commutes with directed unions: for every directed

D | A | (i.e., for any x, y D there is a z D such that x, y z)

f (x D

x) =x D

f (x).

Note that in (c) the set { f (x) | x D } is directed by monotonicity of f ; hence its union is indeed an ideal in |A |. Note also that from PFS andmonotonicity of f it follows immediately that if V f (x), then V f (U )for some U x.


19/60

16 2. COMPUTABILITY IN HIGHER TYPES

Hence continuous maps f : |A | |B | are those that can be completelydescribed from the point of view of nite approximations of the abstractobjects x | A | and f (x) | B |: Whenever we are given a nite approxi-mation V to the value f (x), then there is a nite approximation U to theargument x such that already f (U ) contains the information in V ; note thatby monotonicity f (U ) f (x).

Proof. (a) (b). Let f be continuous. Then for any basic open setOV | B | (so V ConB ) the set f 1[OV ] = {x | V f (x) } is open in|A |. To prove monotonicity assume x y; we must show f (x) f (y). Solet b f (x), i.e., {b} f (x). The open set f 1[O{b}] = { z | {b} f (z) }satises the Alexandrov condition, so from x y we can infer {b} f (y),i.e., b f (y). To prove PFS assume b f (x). The open set { z | {b} f (z) }satises the Scott condition, so for some U x we have {b} f (U ).

(b) (a). Assume that f satises monotonicity and PFS. We must showthat f is continuous, i.e., that for any xed V ConB the set f 1[OV ] ={ x | V f (x) } is open. We prove

{ x | V f (x) } = { OU | U ConA and V f (U ) }.

Let V f (x). Then by PFS V f (U ) for some U ConA such that U x,and U x implies x O U . Conversely, let x O U for some U ConA suchthat V f (U ). Then U x, hence V f (x) by monotonicity.

For (b) (c) assume that f is monotone. Let f satisfy PFS, andD | A | be directed. f ( x D x)

x D f (x) follows from monotonicity.

For the reverse inclusion let b f ( x D x). Then by PFS b f (U ) for someU x D x. From the directedness and the fact that U is nite we obtainU z for some z D. From b f (U ) and monotonicity infer b f (z).Conversely, let f commute with directed unions, and assume b f (x). Then

b f (x) = f (U x

U ) =U x

f (U ),

hence b f (U ) for some U x.

Clearly the identity and constant functions are continuous, and also thecomposition g f of continuous functions f : |A | |B | and g : |B | |C |.

Theorem. Let A and B = ( B, ConB , B ) be information systems.Then the ideals of A B are in a natural bijective correspondence with the continuous functions from |A | to |B |, as follows.


20/60


(a) With any approximable map r : A B we can associate a continuous function |r | : |A | |B | by

|r |(z) := { b B | r (U, b) for some U z }.

We call |r |(z) the application of r to z.(b) Conversely, with any continuous function f : |A | |B | we can associate

an approximable map f : A B by

f (U, b) := ( b f (U )) .

These assignments are inverse to each other, i.e., f = | f | and r = |r |.Proof. Let r be an ideal of A B ; then by the theorem just provedr is an approximable map. We rst show that |r | is well-dened. So letz | A |.

|r |(z) is consistent: let b1, . . . , bn | r |(z). Then there are U 1, . . . , U n zsuch that r (U i , bi ). Hence U := U 1 U n z and r(U, bi) by ax-iom (c) of approximable maps. Now from axiom (a) we can conclude that{b1, . . . , bn } ConB .

|r |(z) is deductively closed: let b1, . . . , bn | r |(z) and {b1, . . . , bn } B b.We must show b | r |(z). As before we nd U z such that r(U, bi ). Nowfrom axiom (b) we can conclude r (U, b) and hence b | r |(z).

Continuity of |r | follows immediately from part (b) of the lemma above,since by denition |r | is monotone and satises PFS.

Now let f : |A | |B | be continuous. It is easy to verify that f is indeedan approximable map. Furthermore

b | f |(z) f (U, b) for some U z

b f (U ) for some U z b f (z) by monotonicity and PFS.

Finally, for any approximable map r : A B we have

r (U, b) V U r (V, b) by axiom (c) for approximable maps

b | r |(U )

|r |(U, b),so r = |r |.

Moreover, one can easily check that

r s := { (U, c) | V ((U, V ) s (V, c) r ) }


21/60


is an approximable map (where ( U, V ) := { (U, b) | b V }), and

|r s | = |r | | s |,

f g = f g.

We usually write r(z) for |r |(z), and similarly f (U, b) for f (U, b). Itshould always be clear from the context where the mods and hats should beinserted.

2.1.3. Algebras and types. We now consider concrete informationsystems, our basis for continuous functionals.

Types will be built from base types by the formation of function types, . As domains for the base types we choose non-at and possiblyinnitary free algebras, given by their constructors. The main reason fortaking non-at base domains is that we want the constructors to be injectiveand with disjoint ranges. This generally is not the case for at domains.

We inductively dene type forms , ::= | | ((i )


22/60


In ( ( ))


23/60


24/60


25/60


0 S

S0

S(S )

S(S0)

S(S(S ))

S(S(S0))

...

Figure 1. Tokens and entailment for N

2.1.5. Constructors as continuous functions. Let be an algebra.Every constructor C generates the following ideal in the function space:

r C := { ( U, C a ) | U a }.

Here ( U, a) abbreviates ( U 1, (U 2, . . . (U n , a) . . . )).According to the general denition of a continuous function associated

to an ideal in a function space the continuous map |r C | satises

|r C |(x ) = { C a | U x ( U a ) }.

An immediate consequence is that the (continuous maps corresponding to)constructors are injective and their ranges are disjoint, which is what wewanted to achieve by associating non-at rather than at information sys-tems with algebras.

Lemma (Constructors are injective and have disjoint ranges) . Let be an algebra and C be a constructor of . Then

|r C |(x ) | r C |(y ) x y.If C1, C2 are distinct constructors of , then |r C1 |(x ) = |r C2 |(y ), since the two ideals are non-empty and disjoint.

Proof. Immediate from the denitions.

Remark. Notice that neither property holds for at information sys-tems, since for them, by monotonicity, constructors need to be strict (i.e.,if one argument is the empty ideal, then the value is as well). But then wehave

|r C |( , y) = = |r C |(x, ),

|r C1 |( ) = = |r C2 |( )where in the rst case we have one binary and, in the second, two unaryconstructors.


26/60


2.1.6. Total and cototal ideals in a nitary algebra. In the infor-mation system C associated with an algebra , the total and cototalideals are of special interest. Here we give an explicit denition for ni-tary algebras. For general algebras totality can be dened inductively andcototality coinductively (cf. 3.2.4).

Recall that a token in is a constructor tree P possibly containing thespecial symbol . Because of the possibility of parameter arguments we needto distinguish between structure- and fully total and cototal ideals.For the denition it is easiest to refer to a constructor tree P ( ) with adistinguished occurrence of . This occurrence is called non-parametric if the path from it to the root does not pass through a parameter argumentof a constructor. For a constructor tree P ( ), an arbitrary P (C a ) is calledone-step extension of P ( ), written P (C a ) 1 P ( ).

Definition. Let be an algebra, and C its associated informationsystem. An ideal x | C | is cototal if every constructor tree P ( ) x has a

1-predecessor P (C ) x; it is called total if it is cototal and the relation1 on x is well-founded. It is called structure-cototal (structure-total ) if the

same holds with 1 dened w.r.t. P ( ) with a non-parametric distinguishedoccurrence of .

If there are no parameter arguments, we shall simply speak of totaland cototal ideals. For example, for the algebra N every total ideal isthe deductive closure of a token S(S . . . (S0) . . . ), and the set of all tokensS(S . . . (S ) . . . ) is a cototal ideal. For the algebra L(N ) of lists of natural

numbers the total ideals are the nite lists and the cototal ones the niteor innite lists. For the algebra D of derivations the total ideals can beviewed as the nite derivations, and the cototal ones as the nite or innitelocally correct derivations of Mints (1978); arbitrary ideals can be viewedas partial or incomplete derivations, with holes.

Remark. From a categorical perspective (as in Hagino (1987); Rutten(2000)) nite lists of natural numbers can be seen as making up the initialalgebra of the functor T X = 1 + ( N X ), and innite lists (or streams)of natural numbers as making up the terminal coalgebra of the functorT X = N X . In the present setting both nite and innite lists of naturalnumbers appear as cototal ideals in the algebra L(N ), with the nite onesthe total ideals. However, to properly deal with computability we needto accommodate partiality, and hence there are more ideals in the algebraL (N ).


27/60


2.2. Denotational and operational semantics

For every type , we have dened what a partial continuous functional of type is: an ideal consisting of tokens at this type. These tokens or ratherthe formal neighborhoods formed from them are syntactic in nature; they arereminiscent to Kreisels formal neighborhoods (Kreisel, 1959; Martin-L of,1983; Coquand and Spiwack, 2006). However in contrast to Martin-L of (1983) we do not have to deal separately with a notion of consistency forformal neighborhoods: this concept is built into information systems.

Let us now turn our attention to a formal (functional programming)language, in the style of Plotkins PCF (1977), and see how we can provide adenotational semantics (that is, a meaning) for the terms of this language.A closed term M of type will denote a partial continuous functional of thistype, that is, a consistent and deductively closed set of tokens of type . Wewill dene this set inductively.

It will turn out that these sets are recursively enumerable. In this senseevery closed term M of type denotes a computable partial continuousfunctional of type . However, it is not a good idea to dene a computablefunctional in this way, by providing a recursive enumeration of its tokens.We rather want to be able to use recursion equations for such denitions.Therefore we extend the term language by constants D dened by certaincomputation rules, as in (Berger et al., 2003; Berger, 2005). Our semanticswill cover these as well. The resulting term system can be seen as a commonextension of G odels T (1958) and Plotkins PCF; we call it T + .

2.2.1. Structural recursion operators and G odels T. We beginwith a discussion of particularly important examples of such constants D,the (structural) higher type recursion operators R introduced by Hilbert(1925) and G odel (1958). They are used to construct maps from the algebra to , by recursion on the structure of . For instance, R N has type N (N ) . The rst argument is the recursion argument, thesecond one gives the base value, and the third one gives the step function,mapping the recursion argument and the previous value to the next value.For example, R NN nm n,p (S p) denes addition m + n by recursion on n . Forn,p (S p) we often write ,p(S p) since the bound variable n is not used.

Generally, we dene the type of the recursion operator R for the algebra = ((i ( ))


28/60

2.2. DENOTATIONAL AND OPERATIONAL SEMANTICS 25

Here is the type of the recursion argument, and each ( i ( ))


29/60


predecessor function is written in the form [ case m of 0 | n n]. If there areexactly two cases, we also write m [if m then 0 else n n] instead.

We shall also need map operators . Let ( ) be a type and strictlypositive type parameters. We dene

M ( ) : ( ) ( ) ( )

(where ( ) ( ) means ( 1 1) . . . (n n ) ( )). If none of appears free in ( ) let

M ( )x f := x.

Otherwise we use an outer recursion on ( ) and if ( ) is ( ) an innerone on x. In case ( ) is ( ) we abbreviate M ( ) by M

or M ( ) .

The immediate cases for the outer recursion areM i x f := f ix, M

()h

fx := M (hx ) f .

It remains to consider ( ( )). In case ( ) is not let

M ( ( )) x f := M ( ) ( ) x(M

i ( ) f )i< | |

with M i ( ) f := x M i ( )x

f . In case ( ) is we use recursion onx and dene for a constructor C i : ( (, ( )))


30/60


2.2.2. Conversion. We dene a conversion relation between termsof type by

(x M (x))N M (N ),(2.1)x (Mx ) M if x / FV( M ) (M not an abstraction) ,(2.2)

R (C i N ) M M i(M ( )N x x

, R x M )


31/60


32/60


2.2.4. Ideals as denotation of terms. How can we use computationrules to dene an ideal z in a function space? The general idea is to in-ductively dene the set of tokens ( U, b) that make up z. It is convenientto dene the value [[ x M ]], where M is a term with free variables among

x . Since this value is a token set, we can dene inductively the relation( U, b) [[x M ]].

For a constructor pattern P (x ) and a list V of the same length andtypes as x we dene a list P ( V ) of formal neighborhoods of the same lengthand types as P (x ), by induction on P (x ). x(V ) is the singleton list V ,and for we take the empty list. ( P , Q )( V , W ) is covered by the inductionhypothesis. Finally

(C P )( V ) := { C b | bi P i ( V i ) if P i ( V i ) = , and bi = otherwise }.

We use the following notation. ( U, b) means ( U 1, . . . (U n , b) . . . ), and( U, V ) [[ x M ]] means ( U, b) [[x M ]] for all (nitely many) b V .

Definition (Inductive, of a [[x M ]]). Case x,y ,z M with x free in M ,but not y.

( U, W , a) [[x,z M ]]( U,V, W , a) [[x,y,z M ]]

(K ).

Case x M with x the free variables in M .

U a(U, a) [[x x]]

(V ), ( U ,V,a) [[x M ]] ( U, V ) [[ x N ]]

( U, a) [[x (MN )]](A).

For every constructor C and dened constant D : U a

( U, C a ) [[C]](C) ,

( V , a) [[x M ]] U P ( V )( U, a) [[D ]]

(D ),

with one rule ( D ) for every dening equation D P (x ) = M .

This denotational semantics has good properties; however, we do notcarry out the proofs here (cf. Schwichtenberg and Wainer (2012)). First of all, one can prove that [[ x M ]] is an ideal . Moreover, our denition aboveof the denotation of a term is reasonable in the sense that it is not changedby an application of the standard ( - and -) conversions or a computationrule. For the -conversion part of this proof it is helpful to rst introduce amore standard notation, which involves variable environments.

Definition. [[M ]] U x := { b | ( U, b) [[ x M ]]}, [[M ]]u, V x, y := U u [[M ]] U, V x, y .


33/60


34/60

CHAPTER 3

Extracting computational content from proofs

3.1. A theory of computable functionals

3.1.1. Brouwer-Heyting-Kolmogorov and G odel. The Brouwer-Heyting-Kolmogorov interpretation (BHK-interpretation for short) of intui-tionistic (and minimal) logic explains what it means to prove a logically

compound statement in terms of what it means to prove its components;the explanations use the notions of construction and constructive proof asunexplained primitive notions. For prime formulas the notion of proof issupposed to be given. The clauses of the BHK-interpretation are:

(i) p proves A B if and only if p is a pair p0, p1 and p0 proves A, p1proves B ;

(ii) p proves A B if and only if p is a construction transforming anyproof q of A into a proof p(q ) of B ;

(iii) is a proposition without proof;(iv) p proves x D A(x) if and only if p is a construction such that for all

d D, p(d) proves A(d);

(v) p proves x D A(x) if and only if p is of the form d, q with d an elementof D, and q a proof of A(d).

The problem with the BHK-interpretation clearly is its reliance on theunexplained notions of construction and constructive proof. G odel was con-cerned with this problem for more than 30 years. In 1941 he gave a lecture atYale university with the title In what sense is intuitionistic logic construc-tive?. According to Kreisel, G odel wanted to establish that intuitionisticproofs of existential theorems provide explicit realizers (Feferman et al.,1986, 1990, 1995, 2002, 2002, Vol II, p.219). Godel published his Dialec-tica interpretation in (1958), and revised this work over and over again;its state in 1972 has been published in the same volume. Troelstra, in his

introductory note to the latter two papers writes (loc. cit., pp.220/221):Godel argues that, since the nististic methods consideredare not sufficient to carry out Hilberts program, one has

31


35/60

32 3. EXTRACTING COMPUTATIONAL CONTENT FROM PROOFS

to admit at least some abstract notions in a consistencyproof; ...However, G odel did not want to go as far asadmitting Heytings abstract notion of constructive proof;hence he tried to replace the notion of constructive proof by something more denite, less abstract (that is, morenearly nitistic), his principal candidate being a notion of computable functional of nite type which is to be ac-cepted as sufficiently well understood to justify the axiomsand rules of his system T, an essentially logic-free theoryof functionals of nite type.

We intend to utilize the notion of a computable functional of nite typeas an ideal in an information system, as explained in the previous chapter.However, G odel noted that his proof interpretation is largely independent of

a precise denition of computable functional; one only needs to know thatcertain basic functionals are computable (including primitive recursion oper-ators in nite types), and that they are closed under composition. Buildingon Godel (1958), we assign to every formula A a new one x A1(x) with A1(x)

-free. Then from a derivation of A we want to extract a realizing term rsuch that A1(r ). Of course its meaning should in some sense be related tothe meaning of the original formula A. However, G odel explicitly states in(1958, p.286) that his Dialectica interpretation is not the one intended bythe BHK-interpretation.

3.1.2. Formulas and predicates. When we want to make proposi-tions about computable functionals and their domains of partial continuousfunctionals, it is perfectly natural to take, as initial propositions, ones formedinductively or coinductively. However, for simplicity we omit the treatmentof coinductive denitions and deal with inductive denitions only. For ex-ample, in the algebra N we can inductively dene totality by the clauses

T N 0, n (T N n T N (Sn)) .

Its least-xed-point scheme will now be taken in the form

n (T N n A(0) n (T N n A(n) A(Sn)) A(n)) .

The reason for writing it in this way is that it ts more conveniently withthe logical elimination rules, which will be useful in the proof of the sound-ness theorem. It expresses that every competitor {n | A(n) } satisfyingthe same clauses contains T N . This is the usual induction schema for natu-ral numbers, which clearly only holds for total numbers (i.e., total ideals


36/60

3.1. A THEORY OF COMPUTABLE FUNCTIONALS 33

in the information system for N ). Notice that we have used a strength-ened form of the step formula, namely n (T N n A(n) A(Sn)) ratherthan n (A(n) A(Sn)). In applications of the least-xed-point axiom thissimplies the proof of the induction step, since we have the additionalhypothesis T (n) available. Totality for an arbitrary algebra can be denedsimilarly. Consider for example the non-nitary algebra O (cf. 2.1.3), withconstructors 0, successor S of type O O and supremum Sup of type(N O ) O . Its clauses are

T O 0, x (T O x T O (Sx)) , f ( n T N T O (fn ) T O (Sup( f ))) ,and its least-xed-point scheme is

x (T O x A(0)

x (T O x A(x) A(Sx))

f ( n T T O (fn ) n T A(fn ) A(Sup( f ))) A(x)) .

Generally, an inductively dened predicate I is given by k clauses, whichare of the form

K i := x ((A (I ))


37/60


SP( Y, X ) SP(Y, A)SP( Y, {x | A })

SP( Y, Ai ) for all i


38/60

3.1. A THEORY OF COMPUTABLE FUNCTIONALS 35

whose axioms are the following. For each inductively dened predicate, thereare closure or introduction axioms, together with a least-xed-point orelimination axiom. In more detail, consider an inductively dened predicateI := X (K 0, . . . , K k 1). For each of the k clauses we have the introductionaxiom (3.1). Moreover, we have an elimination axiom I :

(3.2) x (Ix ( x i ((Ai (I X ))


39/60


Proof. We rst show that F Eq(x , y). To see this, we rst obtainEq( R B ff xy, R B ff xy) from the introduction axiom. Then from Eq( ff , tt ) weget Eq( R B tt xy, R B ff xy) by compatibility. Now R B tt xy converts to x andR B ff xy converts to y. Hence Eq(x , y), since we identify terms with acommon reduct.

The claim can now be proved by induction on A F. Case Is . LetK i be the nullary clause, with nal conclusion I t . By induction hypothesisfrom F we can derive all parameter premises. Hence I t . From F we alsoobtain Eq( s i , t i), by the remark above. Hence Is by compatibility. Thecases A B and x A are obvious.

A crucial use of the equality predicate Eq is that it allows us to lift aboolean term r B to a formula, using atom( r B ) := Eq( r B , tt ). This opensup a convenient way to deal with equality on nitary algebras. The com-putation rules ensure that, for instance, the boolean term S r = N Ss, ormore precisely = N (Sr, Ss), is identied with r = N s . We can now turn thisboolean term into the formula Eq(S r = N Ss, tt ), which again is abbreviatedby Sr = N Ss, but this time with the understanding that it is a formula.Then (importantly) the two formulas S r = N Ss and r = N s are identiedbecause the latter is a reduct of the rst. Consequently there is no need toprove the implication S r = N Ss r = N s explicitly.

Existence, conjunction and disjunction. One of the main points of TCFis that it allows the logical connectives existence, conjunction and disjunc-tion to be inductively dened as predicates. This was rst discovered byMartin-Lof (1971).

Ex( Y ) := X ( x (Y x X )) ,And( Y 1, Y 2) := X (Y 1 Y 2 X ),Or( Y 1, Y 2) := X (Y 1 X, Y 2 X ).

We will use the abbreviations

x A := Ex( { x | A }),A B := And( { | A }, { | B }),A B := Or( { | A }, { | B }),

The introduction axioms are

x (Y x x Y x),Y 1 Y 2 Y 1 Y 2,Y 1 Y 1 Y 2, Y 2 Y 1 Y 2.


40/60


41/60


in the solution provided by the proof (in the sense of Kolmogorov (1932)).To be able to express dependence on and independence of such parameterswe split each of our (only!) logical connectives , into two variants, acomputational one c, c and a non-computational one nc , nc . Thisdistinction (for the universal quantier) is due to Berger (1993, 2005). Thena proof of ncx

cy ( A

nc B c Ir ) provides a construction of an ideal in I independent of x and assumed proofs of A. One can view this decorationof , as turning our (minimal) logic into a computational logic, whichis able to express dependence on and independence of parameters. The rulesfor nc , nc are similar to the ones for c, c; they will be given in 3.2.2.

Now the clauses of inductive predicates can and should be decorated aswell. Without loss of generality we can assume that they have the form

nc

x c

y( A nc B c Xr ).

This will lead to a different (i.e., simplied) algebra I associated with theinductive predicate I .

Of special importance is the case when we only have nc , nc , and thereis only one clause. Such inductive predicates are called uniform one-clausedened, and their associated algebra is the unit algebra U . Examples areLeibniz equality, existence and conjunction when dened with nc , nc :

Eq( ) := X ( ncx X (x, x)) ,

ExU( Y ) := X ( ncx (Y x nc X )) ,

AndU( Y 1, Y 2) := X (Y 1 nc Y 2 nc X ).

From now on we only use this uniform one-clause denition of Leibniz equa-lity Eq, and use the abbreviationsux A := ExU( { x

| A }).A u B := AndU( { | A }, { | B }).

Prime formulas Ir with I = U only have a trivial generation tree, andin this sense are without computational content. Clearly this is also thecase for formulas with such an Ir as conclusion. These formulas are callednon-computational (n.c.) or Harrop formulas . Moreover, a Harrop formulain a premise can be ignored when we are interested in the computationalcontent of a proof of this formula: its only contribution would be of unittype. Therefore when dening the type of a formula in 3.2.5 we will use acleaned form of such a type, not involving the unit type.

The next thing to do is to properly accomodate the BHK-interpretationand dene what it means that a term t realizes the formula A, written


42/60

3.2. REALIZABILITY INTERPRETATION 39

t r A. In the prime formula case Ir this will involve a predicate t realizesIr , which will be dened inductively as well, following the clauses of I . Butsince this is a meta statement already containing the term t representing ageneration tree, we are not interested in the generation tree for such realizingformulas and consider them as non-computational.

Finally we will dene in 3.2.6 the extracted term et( M ) of a proof M of a formula A, and prove the soundness theorem et( M ) r A.

Remark. We have encountered two situations where inductive deni-tions do not have computational content: uniform one-clause dened pre-dicates, and realizability predicates. There is a third occasion when thiscan happen and is in fact rather useful, namely when the all clauses haveinvariant premises A only; a formula A is called invariant if x (x r A) isequivalent to A. We write ncX (K 0, . . . , K k 1) whenever an inductive predi-cate is n.c. The soundness theorem continues to hold if we restrict usage of the least-xed-point (or elimination) axiom for such n.c. inductive predicatesto Harrop formulas.

3.2.1. An informal explanation. The ideas that we develop here areillustrated by the following simple situation. The computational contentof an implication P n c P (Sn) is that demanded of an implication by theBHK interpretation, namely a function from evidence for P n to evidence forP (Sn). The universal quantier n is non-computational if it merely suppliesn as an input, whereas to say that a universal quantier is computationalmeans that a construction of input n is also supplied. Thus a realization of

ncn (P n

c

P (Sn))will be a unary function f such that if r realizes P n , then f r realizesP (Sn), for every n. On the other hand, a realization of

cn (P n

c P (Sn))

will be a binary function g which, given a number n and a realization r of P n , produces a realization g(n, r ) of P (Sn). Therefore an induction withbasis and step of the form

P 0, ncn (P n c P (Sn))

will be realized by iterates f (n ) (r 0), whereas a computational induction

P 0, cn (P n

cP (Sn))

will be realized by the primitive recusively dened h(n, r 0) where h(0, r 0) =r 0 and h(Sn, r 0) = g(n, h (n, r 0)).


43/60


Finally, a word about the non-computational implication: a realizer of A nc B will depend solely on the existence of a realizer of A, but willbe completely independent of which one it is. An example would be aninduction

P 0, cn (P n nc P (Sn))

where the realizer h(n, r 0) is given by h(0, r 0) = r0, h(Sn, r 0) = g(n), withoutrecursive calls. The point is that in this case g does not depend on a realizerfor P n , only upon the number n itself.

3.2.2. Decorating and . We adapt the denition in 3.1.2 of pre-dicates and formulas to the newly introduced decorated connectives c, cand nc , nc . Let denote either c or nc , and similarly either c or

nc . Then the denition in 3.1.2 can be read as it stands.

We also need to adapt our denition of TCF to the decorated connec-tives c, nc and c, nc . The introduction and elimination rules for cand c remain as before, and also the elimination rules for nc and nc .However, the introduction rules for nc and nc must be restricted: theabstracted (assumption or object) variable must be non-computational,in the following sense. Simultaneously with a derivation M we dene thesets CV( M ) and CA( M ) of computational object and assumption variablesof M , as follows. Let M A be a derivation. If A is non-computational (n.c.),i.e., the type (A) of A (dened below in 3.2.5) is the nulltype symbol ,then CV( M A) := CA( M A) := . Otherwise

CV( cA) := (cA an axiom),

CV( uA) := ,

CV(( u A M B )A

c B ) := CV(( uA M B )A

nc B ) := CV( M ),

CV(( M Ac B N A)B ) := CV( M ) CV( N ),

CV(( M Anc B N A)B ) := CV( M ),

CV(( x M A)cx A) := CV(( x M A)

ncx A) := CV( M ) \ { x},

CV(( M cx A(x) r )A(r )) := CV( M ) FV( r ),

CV(( M ncx A(x) r )A(r ) ) := CV( M ),

and similarly

CA( cA) := (cA an axiom),

CA( uA) := {u},


44/60


CA(( u A M B )Ac B ) := CA(( u A M B )A

nc B ) := CA( M A) \ { u},

CA(( M Ac B N A)B ) := CA( M ) CA( N ),

CA(( M Anc B N A)B ) := CA( M ),

CA(( x M A)cx A) := CA(( x M A)

ncx A) := CA( M ),

CA(( M cx A(x) r )A(r ) ) := CA(( M

ncx A(x) r )A(r )) := CA( M ).

The introduction rules for nc and nc then are(i) If M B is a derivation and uA / CA(M ) then ( uA M B )A

nc B is aderivation.

(ii) If M A is a derivation, x is not free in any formula of a free assumptionvariable of M and x / CV(M ), then ( x M A)

ncx A is a derivation.

An alternative way to formulate these rules is simultaneously with the notionof the extracted term et( M ) of a derivation M . This will be done in 3.2.6.

3.2.3. Decorating inductive denitions. Now we can and shoulddecorate inductive denitions. The introduction axioms are(3.3) K i :=

c/ ncx ((A (I ))


45/60


and for :

A c

Ad

B,A c A l B,A nc A r B,A nc A u B,

B c

Ad

B,B nc A l B,B c A r B,B nc A u B

with elimination schemes

A d B c (A c P ) c (B c P ) c P,

A l B c (A c P ) c (B nc P ) c P,A r B c (A nc P ) c (B c P ) c P,

Au

B c

(A nc

P ) c

(B nc

P ) c

P.Let be a predicate variable representing a binary relation. A compu-

tational variant of the inductively dened transitive closure TC of hasintroduction axioms

cx,y (x y

nc TC (x, y)) ,cx,y

ncz (x y

nc TC (y, z ) c TC (x, z )) ,

and the elimination scheme isncx,y (TC (x, y)

c cx,y (x y

nc P xy ) ccx,y

ncz (x y

ncTC (y, z )

cP yz

cP xz )

c

P xy ).

Consider the accessible part of a binary relation . A computationalvariant Acc is determined by the introduction axioms

cx (F

nc Acc (x)) ,ncx (

cy x Acc (y)

c Acc (x)) ,

where cy xA stands for cy(y x nc A). The elimination scheme is

ncx (Acc (x)

c cx (F

nc P x ) cncx (

cy x Acc (y)

c cy x P y

c P x ) c

P x ).


46/60


3.2.4. Totality and induction. In 2.1.6 we have dened what thetotal and structure-total ideals of a nitary algebra are. We now inductivelydene general totality predicates. Let us rst look at some examples. Theclauses dening totality for the algebra N are

T N 0, ncn (T N n c T N (Sn)) .

The least-xed-point axiom isncn (T N n c X 0 c ncn (T N n c Xn c X (Sn)) c Xn ).

Clearly the partial continuous functionals with T N interpreted as the totalideals for N provide a model of TCF extended by these axioms.

For the algebra D of derivations totality is inductively dened by theclauses

T D 0D , ncx,y

(T D x c T D y c T D (C D D D xy)) ,with least-xed-point axiom

ncx (T D x c X 0

D c

ncx,y (T D x

c T D y c Xx c Xy c X (C D D D xy)) c

Xx ).Again, the partial continuous functionals with T D interpreted as the totalideals for D (i.e., the nite derivations) provide a model.

Generally we dene(i) RT called relative totality , and its special cases

(ii) T called (absolute) totality and

(iii) ST called structural totality .The least-xed-point axiom for ST will provide us with the induction axiomfor the algebra .

The denition of RT is relative to an assigment of predicate variablesY of arity ( ) to type variables .

Definition (Relative totality RT) . Let = (0, . . . , k 1) Alg( )with i = ( ( , ))


47/60


For important special cases of the parameter predicates Y we introducea separate notation. Suppose we want to argue about total ideals only. Notethat this only makes sense when when no type variables occur. However, toallow a certain amount of abstract reasing (involving type variables to besubstituted later by concrete closed types), we introduce special predicatevariables T which under a substitution with closed turn into theinductively dened predicate T . Using this convention we dene totalityfor an arbitrary algebra by specializing Y of arity () to T .

Definition (Absolute totality T ). Let = (0, . . . , k 1) Alg( )with i = ( ( , ))


48/60


The least-xed-point axiom for ST L ( ) is according to (3.4)ncl (ST( l)

c

X (Nil) c nc

x,l ((STd

X )l c

X (x :: l)) c

XlL ()

).Written differently (with duplication) we obtain the induction axiom

ncl (ST( l)

c X (Nil) ncx,l (ST( l) c Xl c X (x :: l)) c Xl L () )

denoted Ind l,X .Note that in all these denitions we allow usage of totality predicates for

previously introduced algebras . An example is totality T T for the algebraT of nitely branching trees. It is dened by the single clause

ncas (RT L (T )(T T )(as ) c T T (Branch( as ))) .

Clearly all three notions of totality coincide for algebras without typeparameters. Abbreviating nc

x (T x c A) by c

x T A we obtain from the

elimination axioms computational induction schemes , for example

Ind p,P : c p T (P tt c P ff c P pB ),

Ind n,P : cn T (P 0 c cn T (P n c P (Sn)) c P nN ).

The types of these formulas (as dened in 3.2.5) will be the types of therecursion operators of the respective algebras.

3.2.5. The type of a formula, realizability and witnesses. Forevery formula or predicate C we dene (C ) (a type or the nulltype symbol ). In case (C ) = proofs of C have no computational content; such C are called non-computational (n.c.) (or Harrop ); the other ones are called

computationally relevant (c.r.). The denition can be conveniently writtenif we extend the use of to the nulltype symbol :

( ) := , ( ) := , ( ) := .Definition (Type (C ) of a formula or predicate C , and I ). Assume

a global injective assignment of a type variable to every predicate variableX .

(Pr ) := (P ), (A c B ) := ( (A) (B )) , (A nc B ) := (B ), ( cx A) := ( (A)) , (

ncx A) := (A),

(X ) := , ({x | A }) := (A), (ncX (K 0, . . . , K k 1)) := ,


49/60


(X ( ncx ic yi ( Ai

nc B i c Xr i )) i


50/60


Note. Call two formulas A and A computationally equivalent if eachof them computationally implies the other, and in addition the identityrealizes each of the two derivations of A c A and of A c A . It is aneasy exercise to verify that for n.c. A, the formulas A c B and A nc Bare computationally equivalent, and hence can be identied. In the sequelwe shall simply write A B for either of them. Similarly, for n.c. A the twoformulas cxA and ncx A are n.c., and both r cx A and r ncx A are denedto be ncx ( r A). Hence they can be identied as well, and we shall simplywrite xA for either of them. Since the formula t r A is n.c., under thisconvention the , -cases in the denition of realizability can be written

t r (A c B ) := x (x r A tx r B ),t r (A nc B ) := x (x r A t r B),

t r cx A := x (tx r A),t r ncx A := x (t r A).

Here are some examples. Consider the totality predicate T for N induc-tively dened by the clauses

T 0, ncn (T n c T (Sn)) .

More precisely T := X (K 0, K 1) with K 0 := X 0, K 1 := ncn (Xn c X (Sn)).These clauses have types 0 := (K 0) = (X 0) = and 1 := (K 1) = ( ncn (Xn c X (Sn))) = . Therefore the algebra of witnesses isT := (, ), that is, N again. The witnessing predicate T

r is denedby the clauses

T r

00, n,m (T r

mn T r

(Sm, Sn))and it has as its elimination scheme

ncn

cm (T

r mn Q(0, 0) cncn,m (T

r mn Qmn c Q(Sm, Sn)) c

Qmn.

As an example involving parameters, consider the formula dx A with ac.r. formula A, and view dx A as inductively dened by the clause

cx (A c dx A).

More precisely, Ex d (Y ) := X (K 0) with K 0 := cx (Y x c X ). Then dx Aabbreviates Ex d ({ x | A }). The single clause has type 0 := (K 0) = ( cx (Y x c X )) = . Therefore the algebra of witnesses is := d

x A := ( ), that is, . We write x, u for the values


51/60


of the (only) constructor of , i.e., the pairing operator. The witnessingpredicate ( dx A)

r is dened by the clause K r0 (( dx A)r , { x | A }) :=

x,u (u r A ( dx A)r x, u )

and its elimination scheme iscw((

dx A)

r w ncx,u (u r A Q x, u ) c Qw).Definition (Leibniz equality Eq and u , u ). The introduction axioms

arencx Eq(x, x ),

ncx (A

nc ux A), A

nc B nc A u B,and the elimination schemes are

ncx,y (Eq( x, y) ncx P xx c P xy ),ux A

ncx (A

nc

P ) c

P,A u B (A nc B nc P ) c P.

An important property of the realizing formulas t r A is that they areinvariant .

Proposition. r (t r A) is the same formula as t r A.Proof. By induction on the simultaneous inductive denition of for-

mulas and predicates in 3.1.2.Case t r Is . By denition the formulas r (t r Is ), r I r ts , I r ts and

t r Is are identical.Case I r ts . By denition r ( r I r ts ) and r I r ts are identical.

Case Eq(t, s ). By denition r ( r (Eq( t, s ))) and r (Eq( t, s )) areidentical.Case uxA. The following formulas are identical.

r ( r ux A), r ux

uy (y r A),

ux ( r uy (y r A)) ,ux

uy ( r (y r A)) ,

ux

uy (y r A) by induction hypothesis ,

r ux A.

Case Au

B . The following formulas are identical. r ( r (A u B )) , r ( ux (x r A)

u uy (y r B )) ,


52/60


r ux (x r A) u r uy (y r B)) ,ux ( r (x r A))

u uy ( r (y r B )) ,

ux (x r A)

u uy (y r B ) by induction hypothesis ,

r (A u B ).

Case A c B . The following formulas are identical.

r (t r (A c B )) , r x (x r A tx r B),

x ( r (x r A) r (tx r B)) ,

x (x r A tx r B ) by induction hypothesis ,t r (A c B ).

Case A nc B . The following formulas are identical.

r (t r (A nc B )) , r x (x r A t r B ),

x ( r (x r A) r (t r B )) ,

x (x r A t r B ) by induction hypothesis ,t r (A nc B ).

Case cxA. The following formulas are identical.

r (t r cx A),

r x (tx r A),x ( r (tx r A)) ,

x (tx r A) by induction hypothesis ,t r cx A.

Case ncx A. The following formulas are identical.

r (t r ncx A), r x (t r A),

x ( r (t r A)) ,

x (t r A) by induction hypothesis ,t r ncx A.

This completes the proof.


53/60


3.2.6. Extracted terms. For a derivation M of a formula A we deneits extracted term et(M ), of type (A). This denition is relative to a xedassignment of object variables to assumption variables: to every assumptionvariable uA for a formula A we assign an object variable xu of type (A).

Definition (Extracted term et( M ) of a derivation M ). For derivationsM A with A n.c. let et( M A) := . Otherwise

et( uA) := x (A)u (x (A)u uniquely associated with uA),

et(( u A M B )A

c B ) := x ( A )u et( M ),

et(( M Ac B N A)B ) := et( M )et( N ),

et(( x M A)cx A) := x et( M ),

et(( M cx A(x) r )A(r ) ) := et( M )r,et(( u A M

B )Anc B ) := et( M ),

et(( M Anc B N A)B ) := et( M ),

et(( x M A)ncx A) := et( M ),

et(( M ncx A(x)r )A(r ) ) := et( M ).

Here x ( A )u et( M ) means just et( M ) if A is n.c.It remains to dene extracted terms for the axioms. Consider a (c.r.)

inductively dened predicate I . For its introduction axioms (3.3) and eli-

mination axiom (3.4) dene et( I +i ) := C i and et( I

) := R , where both theconstructor C i and the recursion operator R refer to the algebra I associ-ated with I .

Now consider the special non-computational inductively dened predi-cates. Since they are n.c., we only need to dene extracted terms for theirelimination axioms. For the witnessing predicate I r we dene et(( I r ) ) := R(referring to the algebra I again), and for Leibniz equality Eq, the n.c. ex-istential quantier ux A and conjunction A u B we take identities of theappropriate type.

Remark. If derivations M are dened simultaneously with their ex-tracted terms et( M ), we can formulate the introduction rules for nc and

ncby

(i) If M B is a derivation and xuA / FV(et( M )), then ( uA M B )Anc B is

a derivation.


54/60


(ii) If M A is a derivation, x is not free in any formula of a free assumptionvariable of M and x / FV(et( M )), then ( x M A)

ncx A is a derivation.

3.2.7. Soundness. One can prove that every theorem in TCF + Ax ncihas a realizer: the extracted term of its proof. Here (Ax nci ) is an arbitraryset of non-computational invariant formulas viewed as axioms.

Theorem (Soundness) . Let M be a derivation of A from assumptions u i : C i ( i < n ). Then we can derive et(M ) r A from assumptions xu i r C i(with xu i := in case C i is n.c.).

For the proof is (by induction on M ) we have to refer to the literature.


55/60


56/60

Bibliography

H. Bachmann. Transnite Zahlen . Springer Verlag, Berlin, Heidelberg, NewYork, 1955.

U. Berger. Program extraction from normalization proofs. In M. Bezem andJ. Groote, editors, Typed Lambda Calculi and Applications , volume 664of LNCS , pages 91106. Springer Verlag, Berlin, Heidelberg, New York,1993.

U. Berger. Uniform Heyting arithmetic. Annals of Pure and Applied Logic ,133:125148, 2005.

U. Berger, M. Eberl, and H. Schwichtenberg. Term rewriting for normaliza-tion by evaluation. Information and Computation , 183:1942, 2003.

T. Coquand and A. Spiwack. A proof of strong normalisation using domaintheory. In Proceedings LICS 2006 , pages 307316, 2006.

S. Feferman, J. W. Dawson, et al., editors. Kurt G odel Collected Works,Volume I-V . Oxford University Press, 1986, 1990, 1995, 2002, 2002.

G. Gentzen. Beweisbarkeit und Unbeweisbarkeit von Anfangsf allen dertransniten Induktion in der reinen Zahlentheorie. Mathematische An-

nalen , 119:140161, 1943.K. G odel. Uber eine bisher noch nicht ben utzte Erweiterung des nitenStandpunkts. Dialectica , 12:280287, 1958.

T. Hagino. A typed lambda calculus with categorical type constructions.In D. Pitt, A. Poigne, and D. Rydeheard, editors, Category Theory and Computer Science , volume 283 of LNCS , pages 140157. Springer Verlag,Berlin, Heidelberg, New York, 1987.

A. Heyting, editor. Constructivity in Mathematics , 1959. North-Holland,Amsterdam.

D. Hilbert. Uber das Unendliche. Mathematische Annalen , 95:161190,1925.

A. N. Kolmogorov. Zur Deutung der intuitionistischen Logik. Math.Zeitschr. , 35:5865, 1932.

53


57/60

54 Bibliography

G. Kreisel. Interpretation of analysis by means of constructive functionalsof nite types. In Heyting (1959), pages 101128.

K. G. Larsen and G. Winskel. Using information systems to solve recursivedomain equations. Information and Computation , 91:232258, 1991.

P. Martin-L of. Hauptsatz for the intuitionistic theory of iterated inductivedenitions. In J. Fenstad, editor, Proceedings of the Second Scandinavian Logic Symposium , pages 179216. North-Holland, Amsterdam, 1971.

P. Martin-Lof. The domain interpretation of type theory. Talk at theworkshop on semantics of programming languages, Chalmers University,Goteborg, August 1983.

G. Mints. Finite investigations of transnite derivations. Journal of Soviet Mathematics , 10:548596, 1978. Translated from: Zap. Nauchn. Semin.LOMI 49 (1975).

G. D. Plotkin. LCF considered as a programming language. Theoretical Computer Science , 5:223255, 1977.G. D. Plotkin. T as a universal domain. Journal of Computer and System

Sciences , 17:209236, 1978.J. Rutten. Universal coalgebra: a theory of systems. Theoretical Computer

Science , 249:380, 2000.H. Schwichtenberg and S. S. Wainer. Proofs and Computations . Perspectives

in Logic. Association for Symbolic Logic and Cambridge University Press,2012.

D. Scott. Domains for denotational semantics. In E. Nielsen and E. Schmidt,editors, Automata, Languages and Programming , volume 140 of LNCS ,pages 577613. Springer Verlag, Berlin, Heidelberg, New York, 1982.

A. S. Troelstra and H. Schwichtenberg. Basic Proof Theory . CambridgeUniversity Press, second edition, 2000.


58/60

Index

CV, 40Eq, 48TCF, 34

d , l , r , u , 41, 48F , 35

d , l , r , u , 41, 48d , l , r , u , 41

t r A , 46

Alexandrov condition, 15algebra, 18

explicit, 20nitary, 20initial, 23nested, 19structure-nitary, 20

unnested, 19application, 12, 17approximable map, 13arithmetical system, 4

Berger, 24, 38BHK-interpretation, 31Brouwer, 31

case-construct, 25C -operator, 25clause, 34coalgebra

terminal, 23

comprehension term, 34computation rule, 27conjunction

uniform u , 48

consistent, 11constructor

as continuous function, 22constructor pattern, 27constructor symbol, 20constructor type, 18conversion, 2729

D -, 27 -, 27-, 27R -, 27

Coquand, 24

duplication, 25

Eberl, 24effectivity principle, 10elimination axiom, 35entailment, 11equality

decidable, 28, 35Leibniz, 35

ex-falso-quodlibet, 35existential quantier

uniform u , 48

falsity F , 35nite support principle, 9, 15formal neighborhood, 11formula

computational equivalence, 47computationally relevant (c.r.), 45invariant, 48non-computational (n.c.), 40, 45

55


59/60

56 INDEX

functioncontinuous, 13

monotone, 15strict, 22functional

computable, 21partial continuous, 21

Gentzen, 1, 4Godel, 31

Hagino, 23Harrop, 45Harrop formula, 38height

of syntactic expressions, 21

Heyting, 31ideal, 11

cototal, 23structure-cototal, 23structure-total, 23total, 23

inductionstrengthened form, 33transnite, 1

inductive denitionof totality, 32

information system, 11at, 11

of a type , 20inhabitant

total, 19

Kolmogorov, 31Kreisel, 24

Larsen, 11least-xed-point axiom, 35Leibniz equality Eq, 48level

of a formula, 7of an ordinal, 2

map operator, 26Martin-Lof, 24, 36Mints, 23monotonicity principle, 10

nullterm, 46nulltype, 40, 45

numeral, 4parameter argument type, 19parameter premise, 34Peano axioms, 5Platek, 10Plotkin, 10, 24predicate

inductively dened, 34nested, 34unnested, 34

progressive, 6

realizability, 46

recursionoperator, 24

recursive argument type, 19recursive premise, 34redex

D -, 27relation

accessible part, 42Rutten, 23

Schwichtenberg, 24Scott, 11Scott condition, 15Scott topology, 14set of tokens

deductively closed, 11soundness theorem

for realizability, 51strictly positive, 18

T, 26term

extracted, 50of T+ , 27of Godels T, 26

token, 11extended, 21

totality, 32, 43absolute, 43relative, 43structural, 43


60/60

Documents

Selected topics in proof theory