I'm working in a simple library containing definitions and properties about substitutions for simple types. I'm using the following encoding for types:
data Ty (n : Nat) : Set where
var : Fin n -> Ty n
con : Ty n
app : Ty n -> Ty n -> Ty n
so, since variables are represented as finite sets, substitutions are just vectors:
Subst : Nat -> Nat -> Set
Subst n m = Vec (Ty m) n
The complete development is in the following paste: http://lpaste.net/107751
Using this encoding, I have defined several lemmas about such substitutions, but I do not know how to define a theorem that specifies that substitutions are idempotent. I believe that I must use some property like weakening in order to express this, but I can't figure out how.
Could someone give any directions or clues?
Thanks in advance.
Substitutions that produce expressions over fresh variables are indeed idempotent. But in order to express this theorem, you have to consider your substitution Subst n m as one operating on the joint variable set Subst (n + m) (n + m). Here is a variant that uses arbitrary variable sets A and B instead of Fin n and Fin m.
open import Relation.Binary.PropositionalEquality using (_≡_; refl)
-- Disjoint union.
data _+_ (A B : Set) : Set where
left : A → A + B
right : B → A + B
-- A set of variable names can be any type.
Names = Set
-- Simple expressions over a set of names.
data Tm (A : Names) : Set where
var : A → Tm A
app : Tm A → Tm A → Tm A
-- Substitute all variables from set A by terms over a name set B.
Subst : Names → Names → Set
Subst A B = A → Tm B
subst : ∀{A B} → Subst A B → Tm A → Tm B
subst σ (var x) = σ x
subst σ (app t u) = app (subst σ t) (subst σ u)
-- Rename all variables from set A to names from set B.
Rename : Names → Names → Set
Rename A B = A → B
rename : ∀{A B} → Rename A B → Tm A → Tm B
rename σ (var x) = var (σ x)
rename σ (app t u) = app (rename σ t) (rename σ u)
-- In order to speak about idempotency of substitutions whose domain A
-- is disjoint from the variable set B used in the range, we have to promote
-- them to work on the union A+B of variable sets.
-- The promoted substitution is the identity on B,
-- and the original substitution on A, but with the result transferred from B to A + B.
promote : ∀{A B} → Subst A B → Subst (A + B) (A + B)
promote σ (left x) = rename right (σ x)
promote σ (right x) = var (right x)
module _ {A B : Set} (σ₀ : Subst A B) where
-- Now assume a promoted substitution.
σ = promote σ₀
-- A promoted substitution has no effect on terms with variables only in B.
lemma : ∀ t → subst σ (rename right t) ≡ rename right t
lemma (var x) = refl
lemma (app t u) rewrite lemma t | lemma u = refl
-- Hence, it is idempotent.
idempotency : ∀ x → subst σ (σ x) ≡ σ x
idempotency (right x) = refl
idempotency (left x) = lemma (σ₀ x)
Related
Representing beta-equality in Agda
I've recently asked what is the proper way to represent beta-equality in a proof language such as Agda. The accepted answer points a standard way to do it is by defining its congruence closure,
data _~_ {n} : Tm n → Tm n → Set where
β : ∀ {t u} → app (lam t) u ~ sub u t
app : ∀ {t t' u u'} → t ~ t' → u ~ u' → app t u ~ app t' u'
lam : ∀ {t t'} → t ~ t' → lam t ~ lam t'
~refl : ∀ {t} → t ~ t
~sym : ∀ {t t'} → t ~ t' → t' ~ t
~trans : ∀ {t t' t''} → t ~ t' → t' ~ t'' → t ~ t''
Which, if I understand correctly, specifies that: 1. the application (λx.t u) is equal to t[u/x], 2. the function/argument of an application or the body of a function can be replaced by equal terms; 3. reflexivity, symmetry and transitivity hold. The answer also suggests an alternative: one can define a one-step reduction relation between terms, then define a multi-step reduction relation, and, finally, define that two terms are equal if they can be eventually reduced to an identical term. Both of those alternatives make sense.
Another alternative
While I was waiting for the answer, I was looking at this definition:
data _~_ : Term → Term → Set where
refl : (a : Term) → a ~ a
red₁ : (a b : Term) → (f : Term → Term) → f a ~ b → f (redex a) ~ b
red₂ : (a b : Term) → (f : Term → Term) → a ~ f b → a ~ f (redex b)
amp₁ : (a b : Term) → (f : Term → Term) → f (redex a) ~ b → f a ~ b
amp₂ : (a b : Term) → (f : Term → Term) → a ~ f (redex b) → a ~ f b
Where redex a applies a single substitution if a is a λ application. This says that terms are equivalent if they are identical, or if they can be made identical by reducing/de-reducing any of its sub-expressions. One can prove sym, trans, cong:
sym : (a : Term) -> (b : Term) -> a ~ b -> b ~ a
trans : (a : Term) → (b : Term) → (c : Term) → a ~ b → b ~ c → a ~ c
cong : (f : Term → Term) → (a : Term) → (b : Term) → a ~ b → f a ~ f b
The complete source is available here. Now, for curiosity sake, I'd like to know if the third solution is also a valid representation? If so, what is its relationship with the previous two? If not, why?
A minor problem with this attempt is that this relation is inconsistent:
oops : var 0 ~ var 1
oops = red₂
(var 0)
(app id id)
(λ { (lam typ (var 0)) -> var 1; t -> var 0 })
(refl (var zero))
Since we're able to use an arbitrary Agda function on b, then, as long as we have an a that reduces to b, we're able to separate them within Agda and substitute by arbitrary / non-equal values. Thanks pgiarrusso on #agda at Freenode IRC for pointing this.
I'm looking for a BetaEq type indexed on a : Term, b : Term, that can be inhabited iff a and b are identical, or if they can be turned into identical terms after a series of beta-reductions. For example, suppose id = (lam (var 0)), a = (app id (app id id)) and b = (app (app id id) id); then we should be able to construct a term of type BetaEq a b, because both sides can be reduced to (app id id). I've attempted this:
data BetaEq : (a : Term) -> (b : Term) -> Set where
refl : (a : Term) -> BetaEq a a
redl : (a : Term) -> (b : Term) -> BetaEq (apply-redex a) b -> BetaEq a b
redr : (a : Term) -> (b : Term) -> BetaEq a (apply-redex b) -> BetaEq a b
Where apply-redex performs a single reduction. But that looks a little invented, so I'm not sure if that's the right way to do it. Note that both terms could diverge, so we can't simply consider normal forms. What is the standard way of representing beta-equality?
Assuming well-scoped untyped lambda terms:
open import Data.Fin
open import Data.Nat
data Tm (n : ℕ) : Set where
var : Fin n → Tm n
app : Tm n → Tm n → Tm n
lam : Tm (suc n) → Tm n
And also a definition of single substitution for the outermost variable (but note that it is always preferable to define single substitution in terms of parallel substitution):
sub : ∀ {n} → Tm n → Tm (suc n) → Tm n
Then beta equality is the congruence closure of beta reduction:
data _~_ {n} : Tm n → Tm n → Set where
β : ∀ {t u} → app (lam t) u ~ sub u t
app : ∀ {t t' u u'} → t ~ t' → u ~ u' → app t u ~ app t' u'
lam : ∀ {t t'} → t ~ t' → lam t ~ lam t'
~refl : ∀ {t} → t ~ t
~sym : ∀ {t t'} → t ~ t' → t' ~ t
~trans : ∀ {t t' t''} → t ~ t' → t' ~ t'' → t ~ t''
By congruence closure, we mean the least relation which is:
An equivalence relation, i.e. one which is reflexive, symmetric and transitive.
A congruence with respect to term constructors, i.e. reduction can take place
inside any constructor.
Implied by one-step beta reduction.
Alternatively, you can give a directed notion of reduction, and then define convertibility as reduction to a common term:
open import Data.Product
open import Relation.Binary.Closure.ReflexiveTransitive
-- one-step reduction
data _~>_ {n} : Tm n → Tm n → Set where
β : ∀ {t u} → app (lam t) u ~> sub u t
app₁ : ∀ {t t' u} → t ~> t' → app t u ~> app t' u
app₂ : ∀ {t u u'} → u ~> u' → app t u ~> app t u'
lam : ∀ {t t'} → t ~> t' → lam t ~> lam t'
-- multi-step reduction as reflexive-transitive closure
_~>*_ : ∀ {n} → Tm n → Tm n → Set
_~>*_ = Star _~>_
_~_ : ∀ {n} → Tm n → Tm n → Set
t ~ u = ∃ λ t' → (t ~>* t') × (u ~>* t')
It depends on the situation which version is more convenient. It is the case that the two definitions are equivalent, but AFAIK proving this equivalence is fairly hard, as it requires showing confluence of reduction.
When dealing with equalities on types in Agda, it is often necessary to coerce the inhabitants the types using a hand-made coercion like
coerce : ∀ {ℓ} {A B : Set ℓ} → A ≡ B → A → B
coerce refl x = x
It was discussed here that explicit coercion of terms could sometimes be avoided using rewriting. I was wondering if this technique worked as well when defining types. So I wrote a little example where f,g : A → Set are two (extentionally) equal dependent types and a property p : A → Set where p x state that every element y : f x is equal to every element z : g x, that is y ≡ z. The last equality is ill-typed, as one can expect since y : f x and z : g x do not share the same type a priori, however I was hoping that rewriting could allow it. Something like:
open import Relation.Binary.PropositionalEquality
postulate A : Set
postulate B : Set
postulate f : A → Set
postulate g : A → Set
postulate f≡g : ∀ {x} → (f x) ≡ (g x)
p : {x : A} → Set
p {x} rewrite f≡g {x} = (y : f x ) (z : g x) → y ≡ z
But the error is still there, even though the rewrite advice is accepted. So, is there a way to make Agda accept this definition without using an explicit coercion, like
p {x} = (y : f x ) (z : g x) → (coerce f≡g y) ≡ z
?
Thank you
Here's a variation of your code that does what you want:
open import Relation.Binary.PropositionalEquality
postulate
A : Set
f : A → Set
g : A → Set
f≡g : ∀ x → f x ≡ g x
p : (x : A) → Set
p x = ∀ y z → R y z
where
R : f x → g x → Set
R fx gx rewrite f≡g x = fx ≡ gx
Why does this work when your version doesn't? rewrite affects two things: (a) the types of variables introduced in patterns left of the rewrite; (b) the goal type. If you look at your rewrite, when it takes effect, there is no f x to be found, so it does nothing. My rewrite, on the other hand, changes the type of fx : f x to g x because fx is introduced before the rewrite.
However, I would be surprised if this helped you much. In my experience, heterogeneous equality (i.e. equality between things of different types) remains annoying, regardless of what tricks you throw at it. For example, consider this variation of your idea, where we define a type R by rewriting:
R : ∀ {x} → f x → g x → Set
R {x} fx gx rewrite f≡g x = fx ≡ gx
R is a heterogenous relation which 'looks' reflexive. However, the closest we can come to stating reflexivity is
coerce : {A B : Set} → A ≡ B → A → B
coerce refl x = x
R-refl : ∀ {x} {fx : f x} → R fx (coerce (f≡g x) fx)
R-refl {x} rewrite f≡g x = refl
Without the coerce, fx would have the wrong type, and so we're back to the problem that we have these coercions polluting our types. This is not necessarily a deal breaker, but it complicates things. So, my advice is to avoid heterogeneous relations if possible.
I'm trying to understand some parts of the standard library of Agda, and I can't seem to figure out the definition of REL.
FWIW here's the definition of REL:
-- Binary relations
-- Heterogeneous binary relations
REL : ∀ {a b} → Set a → Set b → (ℓ : Level) → Set (a ⊔ b ⊔ suc ℓ)
REL A B ℓ = A → B → Set ℓ
I can't find any documentation online explaining this, which is why I'm asking here. How does this define a binary relation?
#RodrigoRibeiro's answer explains the Level bits, but once you get rid of universe levels, what does the type Set → Set → Set have to do with binary relations?
Suppose you have a binary relation R ⊆ A × B. The propositional way of modeling it is to create some indexed type R : A → B → Set such that for any a : A, b : B, R a b has inhabitants iff (a, b) ∈ R. So if you want to talk about all relations over A and B, you have to talk about all A- and B- indexed types, i.e. you have to talk about RelationOverAandB = A → B → Set.
If you then want to abstract over the relation's left- and right-hand base type, that means the choice of A and B are not fixed anymore. So you have to talk about REL, such that REL A B = A → B → Set.
What, then, is the type of REL? As we have seen from the REL A B example, it takes the choice of A and B as two arguments; and its result is the type A → B → Set.
So to summarize: given
A : Set
B : Set
we have
REL A B = A → B → Set
which itself has type Set (remember, we're ignoring universe levels here).
And thus,
REL : Set → Set → Set ∎
I guess it's easier to look at an example:
import Level
open import Relation.Binary
open import Data.Nat.Base hiding (_≤_)
data _≤_ : REL ℕ ℕ Level.zero where
z≤n : ∀ {n} -> 0 ≤ n
s≤s : ∀ {n m} -> n ≤ m -> suc n ≤ suc m
The type signature is equivalent to
data _≤_ : ℕ -> ℕ -> Set where
So _≤_ is a relation between two natural numbers. It contains all pairs of numbers such that the first number is less or equal than the second. In the same way we can write
open import Data.List.Base
data _∈_ {α} {A : Set α} : REL A (List A) Level.zero where
here : ∀ {x xs} -> x ∈ x ∷ xs
there : ∀ {x y xs} -> x ∈ xs -> x ∈ y ∷ xs
The type signature is equivalent to
data _∈_ {α} {A : Set α} : A -> List A -> Set where
_∈_ is a relation between elements of type A and lists of elements of type A.
The universe monomorphic variant of REL is itself a binary relation:
MonoREL : REL Set Set (Level.suc Level.zero)
MonoREL A B = A → B → Set
To define a binary relation we need two sets, so REL needs, at least, two types. The type of REL:
REL : ∀ {a b} → Set a → Set b → (ℓ : Level) → Set (a ⊔ b ⊔ suc ℓ)
This type is a bit polluted due to universe level stuff. If you allow yourself a bit of informality, you can disable universe levels (more information about this here) and write REL as:
REL : Set -> Set -> Set
which is a type that expects two types as parameters.
The use of universes in type theory is to avoid paradoxes like Russell's Paradox of set theory.
I'm not a type theory expert, but the interpretation of REL type can be summarised as:
Set a and Set b are parameters types of universe levels a andb, respectively.
The operator ⊔ returns the maximum of two parameter levels.
Hope that this can help you.
All negations, i.e. conclusions of the form A -> Bottom in agda that I've seen came from absurd pattern matchings. Are there any other cases where it's possible to get negation in agda? Are there any other cases in dependent type theory where it's possible?
Type theories usually don't have a notion of pattern matching (and by extension absurd patterns) and yet they can prove negation of the sort you are describing.
First of all, we'll have to look at data types. Without pattern matching, you characterise them by introduction and elimination rules. Introduction rules are basically constructors, they tell you how to construct a value of that type. On the other hand, elimination rules tell you how to use a value of that type. There are also associated computation rules (β-reduction and sometimes η-reduction), but we needn't deal with those now.
Elimination rules look a bit like folds (at least for positive types). For example, here's how an elimination rule for natural numbers would look like in Agda:
ℕ-elim : ∀ {p} (P : ℕ → Set p)
(s : ∀ {n} → P n → P (suc n))
(z : P 0) →
∀ n → P n
ℕ-elim P s z zero = z
ℕ-elim P s z (suc n) = s (ℕ-elim P s z n)
While Agda does have introduction rules (constructors), it doesn't have elimination rules. Instead, it has pattern matching and as you can see above, we can recover the elimination rule with it. However, we can also do the converse: we can simulate pattern matching using elimination rules. Truth be told, it's usually much more inconvenient, but it can be done - the elimination rule mentioned above basically does pattern matching on the outermost constructor and if we need to go deeper, we can just apply the elimination rule again.
So, we can sort of simulate pattern matching. What about absurd patterns? As an example, we'll take fourth Peano axiom:
peano : ∀ n → suc n ≡ zero → ⊥
However, there's a trick involved (and in fact, it's quite crucial; in Martin-Löf's type theory without universes you cannot do it without the trick, see this paper). We need to construct a function that will return two different types based on its arguments:
Nope : (m n : ℕ) → Set
Nope (suc _) zero = ⊥
Nope _ _ = ⊤
If m ≡ n, we should be able to prove that Nope m n holds (is inhabitated). And indeed, this is quite easy:
nope : ∀ m n → m ≡ n → Nope m n
nope zero ._ refl = _
nope (suc m) ._ refl = _
You can now sort of see where this is heading. If we apply nope to the "bad" proof that suc n ≡ zero, Nope (suc n) zero will reduce to ⊥ and we'll get the desired function:
peano : ∀ n → suc n ≡ zero → ⊥
peano _ p = nope _ _ p
Now, you might notice that I cheated a bit. I used pattern matching even though I said earlier that these type theories don't come with pattern matching. I'll remedy that for the next example, but I suggest you try to prove peano without pattern matching on the numbers (use ℕ-elim given above); if you really want a hardcore version, do it without pattern matching on equality as well and use this eliminator instead:
J : ∀ {a p} {A : Set a} (P : ∀ (x : A) y → x ≡ y → Set p)
(f : ∀ x → P x x refl) → ∀ x y → (p : x ≡ y) → P x y p
J P f x .x refl = f x
Another popular absurd pattern is on something of type Fin 0 (and from this example, you'll get the idea how other such absurd matches could be simulated). So, first of all, we'll need eliminator for Fin.
Fin-elim : ∀ {p} (P : ∀ n → Fin n → Set p)
(s : ∀ {n} {fn : Fin n} → P n fn → P (suc n) (fsuc fn))
(z : ∀ {n} → P (suc n) fzero) →
∀ {n} (fn : Fin n) → P n fn
Fin-elim P s z fzero = z
Fin-elim P s z (fsuc x) = s (Fin-elim P s z x)
Yes, the type is really ugly. Anyways, we're going to use the same trick, but this time, we only need to depend on one number:
Nope : ℕ → Set
Nope = ℕ-elim (λ _ → Set) (λ _ → ⊤) ⊥
Note that is equivalent to:
Nope zero = ⊥
Nope (suc _) = ⊤
Now, notice that both cases for the eliminator above (that is, s and z case) return something of type P (suc n) _. If we choose P = λ n _ → Nope n, we'll have to return something of type ⊤ for both cases - but that's easy! And indeed, it was easy:
bad : Fin 0 → ⊥
bad = Fin-elim (λ n _ → Nope n) (λ _ → _) _
The last thing you might be wondering about is how do we get value of any type from ⊥ (known as ex falso quodlibet in logic). In Agda, we obviously have:
⊥-elim : ∀ {w} {Whatever : Set w} → ⊥ → Whatever
⊥-elim ()
But it turns out that this is precisely the eliminator for ⊥, so it is given when defining this type in type theory.
Are you asking for something like
open import Relation.Nullary
→-transposition : {P Q : Set} → (P → Q) → ¬ Q → ¬ P
→-transposition p→q ¬q p = ¬q (p→q p)
?