Morphoid Type Theory

Morphoid Type Theory A Typed Platonic Foundation for Mathematics David McAllester

arXiv:1407.7274v5 [cs.LO] 28 Dec 2015

TTI Chicago

1

Abstract Morphoid type theory (MorTT) is a typed foundation for mathematics extending classical predicate calculus under Platonic compositional semantics and supporting the concept of isomorphism. MorTT provides a formal account of the substitution of isomorphics, the distinction between general functions and natural maps, and “Voldemort’s theorem” stating that certain objects exist but cannot be named. For example, there is no natural point on a geometric circle — no point on a geometric circle can be named by a well-typed expression. Similarly it is not possible to name any particular basis for a vector space or any particular isomorphism of a finite dimensional vector space with its dual. Homotopy type theory (HoTT) also provides a formal account of isomorphism but extends constructive logic rather than classical predicate calculus. MorTT’s classical approach avoids HoTT’s propositionsas-types, path induction, squashing and higher order isomorphisms. Unlike HoTT, MorTT is designed to be compatible with Platonic mathematical thought.

1 Drawing

by Markus Maurer reproduced under the creative commons license. https://creativecommons.org/licenses/by-sa/3.0/deed.en.

1

Contents 1 Introduction 2 Rules and Semantics 2.1 The Core Rules . . . . 2.2 Isomorphism Rules . . 2.3 Semantics . . . . . . . 2.4 Natural Maps . . . . . 2.5 Voldemort’s Theorem 2.6 Cryptomorphism . . .

3

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

8 8 12 15 19 21 22

. . . . . . . . . . . . . . . . . . . . . Properties

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

23 23 32 35 45

4 Soundness Proofs 4.1 All Values are Morphoids . . . . . . . . . . . . . . . . . . . 4.2 The Soundness of Pair Type Formation . . . . . . . . . . . 4.3 The Soundness of Substitution and the Isomorphism Rules 4.4 Soundness of the Remaining Rules . . . . . . . . . . . . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

. . . .

49 49 53 55 59

. . . . . .

. . . . . .

3 Morphoids 3.1 Weak Morphoids . . . . . 3.2 Abstraction . . . . . . . . 3.3 Morphoids . . . . . . . . . 3.4 Additional Definitions and

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

. . . . . .

5 Final Comments on Platonism

66

2

1

Introduction

Morphoid type theory (MorTT) is a type-theoretic foundation for mathematics supporting isomorphism and distinguishing natural maps from general functions. Morphoid type theory has been developed independently of Voevodsky’s univalent foundations program as realized in homotopy type theory (HoTT) [HoTT-Authors, 2013]. HoTT is also a type-theoretic foundation for mathematics supporting isomorphism. This introduction is organized into two parts. The first discusses the general nature of isomorphism and the second discusses the relationship between MorTT and HoTT.

Isomorphism The notion of isomorphism in mathematics seems related to the notion of an application programming interface (API) in computer software. An API specifies what information and behavior an object provides. Two different implementations can produce identical behavior when interaction is restricted to that allowed by the API. For example, textbooks on real analysis typically start from axioms involving multiplication, addition, and ordering. Addition, multiplication and ordering define an abstract interface — the well-formed statements about real numbers are limited to those that can be defined in terms of the operations of the interface. We can implement real numbers in different ways — as Dedekind cuts or Cauchy sequences. However, these different implementations provide identical behavior as viewed through the interface — the different implementations are isomorphic as ordered fields. The axioms of real analysis specify the reals up to isomorphism for ordered fields. The second order Peano axioms similarly specify the structure of the natural numbers up to isomorphism. Isomorphism and Dependent Pair Types. The general notion of isomorphism is best illustrated by considering dependent pair types. Here we will write a dependent pair type as PairOf (x : σ, y : τ [x]) where the instances of this type are the pairs Pair(x, y) where x is an instance of the type σ and y is an instance of τ [x].2 The type of directed graphs can be written as PairOf (N : type, P : (N × N ) → Bool) where N is a type representing the set of nodes of the graph and P is a binary predicate on the nodes giving the edge relation. Two directed graphs Pair(N , P ) and Pair(M, Q) are isomorphic if there exists a bijection from N to M that carries P to Q. Some bijections will carry P to Q while others will not. Two pairs Pair(a, b) and Pair(a0 , b0 ) of a general dependent pair type PairOf (x : σ, y : τ [x]) are isomorphic if there is a σ-isomorphism from a to a0 that carries b to b0 . Again consider two instances Pair(a, b) and Pair(a0 , b0 ) of the type PairOf (x : σ, y : τ [x]). When Pair(a, b) and Pair(a0 , b0 ) are isomorphic in this type we have that some σ-isomorphisms from a to a0 will carry b to b0 while others will not. This implies that to define isomorphism at general dependent pair types we need that for any type σ, and for any two isomorphic values a and a0 of type σ, we can define the full set of σ-isomorphisms from a to a0 . As discussed in more detail below, MorTT takes type-isomorphisms to be bijections. This interpretation of type-isomorphism gives the standard notion of isomorphism for dependent pair types of the form PairOf (α : type, x : τ [α]). The types “graph”, “group” and “topological space” can all be written in this form where τ [α] is written in the language defined in section 2. Isomorphism as Observational Equivalence. Dedekind cuts and Cauchy sequences are “observationally equivalent” implementations of the real numbers — these different implementations cannot be distinguished by well-typed properties of ordered fields. We can approach the concept of isomorphism by first defining the set of well-typed properties and then seeking a notion of isomorphism which is as coarse as possible (which equates as many things as possible) while ensuring that equated objects (isomorphic objects) are indistinguishable by well-typed properties. When isomorphism is approached in this way, the concept of isomorphism (observational equivalence) arises from, or is intuitively defined by, the set of well-typed properties. 2 We avoid the more standard notation Σ x : σ τ [x] so as to make the treatment more accessible to those readers not already familiar with type theory.

3

MorTT starts by defining a core system of inference rules which intuitively define the welltyped expressions, including the well-typed properties of instances of a type τ . The well-typed properties of instances of type τ correspond to the well-typed Boolean expressions Φ[x] for a variable x of type τ . By specifying the set of observable properties for each type, and hence a notion of observational equivalence, the core inference rules (given in figures 1, 2 and 3) essentially dictate an appropriate notion of isomorphism. Natural Maps and Voldemort’s Theorem. There are many situations in mathematics where a type can be shown to be inhabited (have a member) even though there is no natural or canonical member of that type. A classical example is that for every finite dimensional vector space V there is an isomorphism (a linear bijection) between V and its dual V ∗ . However, there is no natural or canonical isomorphism. This is closely related to the fact that a vector space has no natural or canonical basis. A simpler example is that there is no natural or canonical point on the topological circle S 1 . Formally this phenomenon can be captured by distinguishing general functions, functions whose definitions may require symmetry breaking, from natural maps — functions free of choices and definable without symmetry breaking. The statement that there is no natural point on the topological circle S 1 corresponds to the fact (in MorTT) that for a variable X ranging over topological spaces there there is no well-typed expression e[X] such that e[S 1 ] is a point on S 1 — no point on the circle can be named. An expression e[X] that is well-typed for a variable X ranging over topological spaces is called a topological invariant — a property of the topology such as the fundamental homotopy group. We can prove that two topologies are different (not homeomorphic) by finding a topological invariant that distinguishes them. Section 2.4 gives inference rules defining natural maps and section 2.5 states Voldemort’s theorem which implies, for example, that there is no natural point on S 1 and no natural linear bijection between a finite dimensional vector space and its dual. Cryptomorphism. Two types σ and τ are cryptomorphic in the sense of Birkoff and Rota [Rota, 1997] if they “present the same data”. For example a group can be defined as a fourtuple of a set, a group operation, an identity element and an inverse operation satisfying certain equations. Alternatively, a group can be defined as a pair of a set and a group operation such that an identity element and an inverse elements exist. These are different types with different elements (four-tuples vs. pairs). However, these two types present the same data. Rota was fond of pointing out the large number of different ways one can formulate the concept of a matroid. Any type theoretic foundation for mathematics should account formally for this phenomenon. Here we suggest that two types are crytomorphic if there exist natural maps f : σ ,→ τ and g : τ ,→ σ such that f ◦ g and g ◦ f are the identity natural maps on τ and σ respectively. This is discussed in section 2.6. The Autonomy of Mathematics. MorTT has been developed from the perspective that mathematics exists independent of foundations. The axioms of ZFC have a distinguished status in mathematics because they reflect pre-formal human intuition. This should also be true of a type-theoretic foundation. MorTT has been developed to reflect mathematics, and possibly automate it, but not to change it.

MorTT vs. HoTT Even a high level discussion of homotopy type theory (HoTT) is technical and difficult. Readers not already familiar with HoTT should feel free to skip to section 2. The fundamental difference between MorTT and HoTT is that MorTT extends classical predicate calculus while HoTT extends constructive type theory. More specifically, HoTT extends Martin-L¨ of type theory [Martin-L¨ of, 1971, Coquand and Huet, 1988] with Voevodsky’s univalence axiom [Kapulkin et al., 2012] thus providing a treatment of isomorphism. Martin-L¨of type theory is a formulation of constructive logic following Brauwer’s constructivist program. To accommodate classical (nonconstructive) inference, HoTT can be extended with a version of the 4

law of the excluded middle and a version of the (nonconstructive) axiom of choice. Here we take the law of the excluded middle and the non-constructive axiom of choice to be self evident and consider only the classical version of HoTT. HoTT inherits legacy features of constructive logic which have consequences for the notion of isomorphism. Most significantly, HoTT inherits the representation of propositions as types. Equality propositions are particularly significant in this respect. In MorTT one writes G =Group H for the proposition that the group G is group-isomorphic to the group H. In MorTT this is a Boolean proposition — it is true or false. In HoTT the expression G =Group H is a type called an identity type — it is the type whose elements are the group-isomorphisms from G to H. This identity type is inhabited (has a member) if and only if G is group-isomorphic to H. The properties observable in MorTT (the properties observable with Boolean-equality) are more limited than the properties observable in HoTT (the properties observable with identity types). This leads to a notion of isomorphism in MorTT that is more abstract (is coarser) than that in HoTT. This is discussed in more detail below. The classical version of HoTT also inherits the feature of constructive logic that each value is a member of only a single type. In MorTT a single object can be a member of various types. For example, in MorTT a single group can be a member of the distinct types “Abelian group” and “group”. The classical version of HoTT also inherits Martin L¨off’s axiom for equality. In the HoTT community this has come to be called path induction. It has traditionally been called axiom J. This is a complex and subtle axiom. MorTT, in contrast, inherits the classical axioms of reflexivity, symmetry, transitivity and substitution with direct compositional semantics. In MorTT there is no path induction. To accommodate the classical notion of isomorphism, HoTT includes “squashing”. An identity type can be squashed to a “mere-proposition”. A mere-proposition is a type Φ (interpreted as a proposition) such that for x, y : Φ we have x =Φ y. A mere-proposition is Boolean in the sense of either being empty (false) or having only a single element (up to isomorphism). In MorTT all propositions are Boolean and the MorTT inference rules do not involve squashing. In HoTT, squashing also allows general types to be squashed to a special class of types called sets. It is important to note, however, that the set-type distinction of HoTT is different from the traditional set-class distinction of set theory. This is in contrast to MorTT where the set-class distinction corresponds to the classical set-theoretic distinction. In MorTT all sets σ (in the sense of the traditional set-class distinction) are discrete in the sense that all the equivalence classes of the equivalence relation =σ are semantically singleton sets. In MorTT only classes (and higher order types), such as the class of all groups, have non-trivial notions of isomorphism. Using the terminology of HoTT, MorTT has the property that all types in U0 are extensional in that propositional equality implies judgmental equality. MorTT also includes an axiom of infinity stating that infinite sets (infinite types in U0 ) exist. Type-Isomorphism vs. Cryptomorphism. In both MorTT and HoTT, closed types (type expressions without free variables) have groupoid structure. The groupoid denoted by a closed type expression σ consists of the set of elements of type σ together with the σ-isomorphisms between them. A groupoid is a category in which every morphism is an isomorphism. In MorTT the groupoid structure of a type α is not observable by well-typed Boolean formulas Φ[α]. In MorTT two types are type-isomorphic if they have the same cardinality (the same number of equivalence classes). The types “finite graph” and “finite total order” have different groupoid structure but the same cardinality — they both have a countably infinite number of isomorphism classes. These types are type-isomorphic in MorTT. In MorTT the difference in groupoid structure, although not observable by propositions on type variables, still blocks the existence of certain natural maps. These types are type-isomorphic but are not cryptomorphic. MorTT makes a fundamental distinction between type-isomorphism (same cardinality) and cryptomorphism (defined by a pair of natural maps). In contrast, HoTT allows the groupoid structure of a type to be observed by propositions on 5

type variables. In HoTT two types are type-isomorphic only when they have the same higherorder groupoid structure. This has the consequence that two directed graphs of type PairOf (N : type, (N × N ) → Bool) fail to be isomorphic unless the node types have the same higher order groupoid structure. Directed graphs of type PairOf (N : set, (N × N ) → Bool) have the standard notion of isomorphism. As noted above, however, the set-type distinction of HoTT is different from the familiar set-class distinction of set theory. In HoTT the cryptomorphism is not differentiated from type-isomorphism — in HoTT type-isomorphism itself is defined through the existence of a pair of natural maps. Dependent Functors vs. Morphoids. It is useful to compare the groupoid model of Martin-L¨ of type theory [Hofmann and Streicher, 1994] with the morphoid model presented here. The groupoid model of Martin L¨ of type theory is simpler than, but related to, the simplicial set model of HoTT [Kapulkin et al., 2012]. A central issue in any type-theoretic account of isomorphism is defining the semantics of type expressions with free variables. Consider a type expression τ [x] containing the single free variable x of type σ where σ is closed. In the groupoid model the closed type expression σ denotes a groupoid. The open type expression τ [x], however, is interpreted as a functor from the groupoid σ into the groupoid GRPD — the category of groupoids and their isomorphisms. For an object a in the groupoid σ we have that τ [a] is a groupoid (a type). But the functor τ [x] maps morphisms as well as objects. For any morphism (isomorphism) ρ of σ from object a to object b we have that τ [ρ] is a groupoid-isomorphism from the groupoid τ [a] to the groupoid τ [b]. Now consider a term e[x] of type τ [x]. In the groupoid model e[x] is interpreted as a “dependent functor” where for an object a of σ we have that e[a] is an object in the groupoid τ [a]. But again, the functor e[x] maps morphisms as well as objects. For a morphism ρ of the groupoid σ from object a to object b we have that e[ρ] is a morphism of τ [b] from the object τ [ρ](e[a]) to the object e[b]. The dependent functor e[x] : τ [x] satisfies the functorial equations e[ida ] = ide[a] e[γ ◦ ρ] = e[γ] ◦ τ [γ](e[ρ]). The groupoid model can be contrasted with morphoid semantics. In morphoid semantics all semantic values are “morphoids”. Morphoids are defined recursively such that a morphoid is either a point (a morphoid ur-element), a pair of morphoids, a set of morphoids satisfying certain conditions (a type), or a function from morphoids to morphoids satisfying certain conditions. Every morphoid x has a left interpretation Left(x), a right interpretation Right(x), and an inverse x−1 , all of which are also morphoids. For any two morphoids x and y with Right(x) = Left(y) we have the composition x◦y which is a morphoid. The class of all morphoids satisfies the algebraic properties of a groupoid under these operations. Since all values are morphoids, there is no need to define separate object and morphism value functions. Instead we have a classical Tarskian semantic value function where we write V JeK ρ for the semantic value of the expression e where ρ specifies a morphoid value for each free variable of e. In MorTT the semantic value of a pair type is defined by V JPairof (x : σ, y : τ [x])K ρ = {Pair(a, b) : a ∈ V JσK ρ, b ∈ V Jτ [x]K ρ[x ← a]}.

(1)

For a morpoid a ∈ σ the type τ [a] is a set of morphoids. However, every morphoid a is an isomorphism from Left(a) to Right(a). Each element of τ [a] is an isomorphism from an element of τ [Left(a)] to an element of τ [Right(a)]. We can then have b ∈ τ [a] but b−1 6∈ τ [a]. So τ [a] is a set of morphoids that is generally not closed under inverse and hence is not a groupoid. Instead, type expressions denote sets u that satisfy the morphoid closure condition that for b, c, d ∈ u, with b ◦ c−1 ◦ d defined, we have b ◦ c−1 ◦ d ∈ u. It is possible to define Left, Right, inverse and composition on morphoid-closed sets such that the groupoid equations are satisfied by these sets. The sets themselves are morphoids. 6

Abstract Homotopy Theory. Abstract homotopy theory arises in HoTT from identity types. In HoTT the elements of the identity type a =σ b are objects and for two elements x, y : (a =σ b) we can form the identity type x =(a=σ b) y. This second order identity type has members and for u, v : (x =a=σ b y) we have a third order identity type u =(x=(a=σ b) y) v. We can carry this to arbitrarily high order leading to a mathematical structure equivalent to abstract homotopy theory. In MorTT there are types of the form iso(σ, a, b) whose elements are the σisomorphisms from a to b. However, MorTT distinguishes the Boolean equation a =σ b from the type iso(σ, a, b). Also, in MorTT we have that iso(σ, a, b) is a subtype (literally a subset) of σ and for x, y : iso(σ, a, b) we have x, y : σ with x =σ y and even x =iso(σ,a,b) y. Morphoid semantics does not involve abstract homotopy theory. Of course, as with any branch of mathematics, homotopy theory can be formulated in MorTT. Consistency vs. Meaning. When formal notation is introduced in mathematics the meaning of the notation is generally defined. Equation (1) defines the meaning of the pair type notation assuming that the meanings of certain parts of the notation are already defined. The HoTT book [HoTT-Authors, 2013] attempts to give intuitions for the type formalism in terms of homotopy theory but does not attempt to rigorously define the meaning of the formal notation. While a rigorous semantics has been given for HoTT [Kapulkin et al., 2012], the existence of this semantics is only mentioned in passing in the HoTT book and only in noting that proofs of consistency exist. Practitioners are not expected to think about rigorously defined meaning. Consistency is important, but Platonic thought requires meaning. Platonic thought seems essential to the practice of mathematics.

7

2

Rules and Semantics

The core rules of morphoid type theory are described in section 2.1 and given in figures 1 through 4. Rules for deriving isomorphisms are given in section 2.2. Section 2.3 gives a top level specification of the semantics of MorTT. More specifically, section 2.3 defines a value function VΣ JeK ρ and a semantic entailment relation |= but where a few key constructs used in these definitions are defined subsequently in section 3. Sections 2.4 through 2.6 present natural maps, Voldemort’s theorem and Crypotomorphism in terms of the inference rules.

2.1

The Core Rules

Morphoid type theory starts from the syntax and semantics of classical predicate calculus. In sorted first order logic every term has a sort and each function symbol f specifies the sorts of its arguments and the sort of its value. We write f : σ1 × · · · × σn → τ to indicate that f is a function that takes n arguments of sort σ1 , . . ., σn respectively and which produces a value of sort τ . The syntax of sorted first order logic can be defined by the following grammar where function and predicate applications must satisfy the sort constraints associated with the function and predicate symbols. t Φ

::= x | c | f (t1 , . . . , tn ) ::= P (t1 , . . . , tn ) | t1 =σ t2 | Φ1 ∨ Φ2 | ¬Φ | ∀x : σ Φ[x]

Note that in the above grammar the equality symbol =σ is subscripted with a sort σ to which it applies. The labeling of equality with sorts is important for the treatment of isomorphism. Given this basic grammar it is standard to introduce the following abbreviations. Φ∧Ψ

≡

¬(¬Φ ∨ ¬Ψ)

Φ⇒Ψ

≡

¬Φ ∨ Ψ

Φ⇔Ψ

≡ (Φ ⇒ Ψ) ∧ (Ψ ⇒ Φ)

∃x : σ Φ[x] ≡

¬∀x : σ ¬Φ[x]

(∃x : σ) ≡

∃x : σ x =σ x   ∃x : σ Φ[x] ∧∀x, y : σ ∃!x : σ Φ[x] ≡  Φ[x] ∧ Φ[y] ⇒ x =σ y We now replace the word “sort” with the word “type”. To define the set of well-formed terms and formulas we need to specify primitive types and a set of typed constant and function symbols. In formal type systems this is done with symbol declarations. We write Σ ` t : σ to indicate that the symbol declarations in Σ imply that t is a well-formed expression of type σ. For example we have the following.  α : type;    β : type; ` f (c) : β c : α;    f :α → β α : type; c : α; f : α → α; P : α → Bool

   

` P (f (f (c))) : Bool

   8

 ` typej : typei for j < i

Σ ` τ : typei x not declared in Σ

 ` True Set ≡ type0 Class ≡ type1

Σ; Θ ` True Σ; Θ ` Θ

Σ ` Φ : Bool Σ ` Ψ : Bool Σ ` (Φ ∨ Ψ) : Bool Σ ` ¬Φ : Bool

 ` Bool : Set

Σ; x : τ ` True

Σ ` Φ : Bool Σ; Φ ` True

Σ; Θ ` True Σ`Ψ

Σ ` τ : typei Σ ` σ : typei

Σ ` f :σ → τ Σ ` e:σ

Σ; Θ ` Ψ

Σ ` (τ → σ) : typei

Σ ` f (e) : τ

Σ ` τ : typei Σ ` w:τ Σ ` u:τ

Σ ` τ : typei Σ; x : τ ` Φ[x] : Bool

Σ ` σ : typei Σ ` σ : typej for j > i

Σ ` (∀x : τ Φ[x]) : Bool

Σ ` (w =τ u) : Bool

Figure 1: Predicate Calculus Expressions. Here type0 , type1 , type2 , . . . are distinct constants and  is a constant denoting the empty context. The sequent Σ ` True states that Σ is a well-formed context. The sequent  ` True states that the empty context is well formed. The requirement of j < i in the second rule is needed to avoid Russel’s paradox. We will write Set as an alternate notation for type0 and Class as an alternate notion for type1 . Note that we have  ` Set : Class. The first three rules of the first row allow us to derive ; α : Set ` True thereby declaring a primitive set. We can then declare additional symbols such as c : α or P : α → Bool which together give P (c) : Bool. A rule with multiple conclusions abbreviates multiple rules each with the same antecedents. Dependent pair types, introduced in figure 3, allows us to define the type Group such that we have  ` Group : Class. The equality G =Group H states that G and H are group-isomorphic. For sets α and β the equality α =Set β states that α and β have the same cardinality.

An expression of the form Σ ` Θ is called a sequent where Σ is called the context and Θ is called the judgement. The sequent Σ ` Θ says that judgement Θ holds in context Σ. We allow a context to contain both symbol declarations and Boolean assumptions. For example we have  α : type; a : α; b : α;    f : α × α → α; ` f (a, b) =α f (b, a) ∀x : α ∀y : α    f (x, y) =α f (y, x) In higher order predicate calculus the type system is extended to include not only primitive types but also function types and we can write, for example, P (f ) where we have f : σ → τ and P : (σ → τ ) → Bool. In the higher order case we can use the following standard abbreviations due to Curry. σ1 × σ2 → τ

≡ σ1 → (σ2 → τ )

f (a, b) ≡ f (a)(b) This extends in the obvious way to abbreviations of the form σ1 × · · · × σn → τ . Without loss of generality we then need consider only single argument functions.

9

Σ; Φ ` Ψ Σ; ¬Φ ` Ψ

Σ`Φ Σ ` Ψ : Bool Σ`Φ∨Ψ Σ`Ψ∨Φ Σ ` ¬¬Φ

Σ`Ψ

Σ ` ¬Ψ Σ ` ¬Φ

Σ ` ∀x : σ Φ[x] Σ ` e:σ

Σ; x : σ ` Φ[x] : Bool Σ; x : σ ` Φ[x]

Σ ` ¬(Φ ∨ Ψ)

Σ ` Φ[e]

Σ ` ∀x : σ Φ[x]

Σ ` e:τ

Σ ` u =τ w

Σ ` e =τ e

Σ ` w =τ u

Σ ` f, g : σ → τ Σ ` ∀x : σ f (x) =τ g(x) Σ ` f =σ→τ g

Σ ` u =τ w Σ ` w =τ s Σ ` u =τ s

Σ; x : σ; y : τ ` Φ[x, y] : Bool x is not free in τ Σ ` ∀x : σ ∃y : τ Φ[x, y]

Σ; x : σ ` e[x] : τ x is not free in τ Σ ` w =σ u Σ ` e[w] =τ e[u]

  ∃α : Set ∃f : α → Set ∀x : α ∃y : α `  f (y) =Set (f (x) → Bool)

Σ ` ∃f : σ → τ ∀x : σ Φ[x, f (x)]

Figure 2: Predicate Calculus Inference Rules. The first three rules of the first row give a complete set of rules for Boolean logic. The substitution rule expresses the observational equivalence of isomorphics. The last row gives the axioms of extensionality, choice, and infinity.

Figure 1 gives a set of inference rules for forming the expressions of higher order predicate calculus. Each rule in figure 1 allows for the derivation of the sequent below the line provided that the sequents above the line are derivable. A rule with no antecedents is written as a single derivable sequent. The rules introduce the constant symbols type0 , type1 , type2 . . . where we have typej : typei for j < i. The subscripts and the restriction that j < i are needed to avoid Russell’s paradox. We will use Set as an alternate notation for type0 and Class as an alternate notation for type1 . Note that we have  ` Set : Class. Figure 1 does not include rules introducing lambda expressions. In MorTT functions are introduced with the axiom of choice given in the last row of figure 2. Functions can also be written with the definite descriptions presented in figure 4 where we have the following abbreviation. (λx : σ e[x] : τ ) ≡ The(f : σ → τ, ∀x : σ f (x) =τ e[x]) Figure 2 gives inference rules for predicate calculus and rules expressing the axioms of extensionality, choice and infinity. Figure 3 gives inference rules for dependent pair types and subtypes. A dependent pair type has the form PairOf (x : σ, y : τ [x]) and is the type whose instances are the pairs Pair(x, y) where x is an instance of σ and y is an instance of τ [x]. A subtype expression has the form SubType(x : σ, Φ[x]) where Φ[x] is a Boolean expression. This expression denotes the type whose elements are those elements x in σ such that Φ[x] holds. We let PairOf (x : σ, y : τ [x] s.t. Φ[x, y]) abbreviate SubType (z : PairOf (x : σ, y : τ [x]) , Φ[π1 (z), π2 (z)]). The type of groups, abbreviated Group, can then be written as Group ≡ PairOf (α : Set, f : (α × α) → α s.t. Φ[α, f ]) where Φ[α, f ] states the group axioms. For example, the group axiom that an identity element exists can be written as ∃x : α ∀y : α f (x, y) =α y 10

∧

f (y, x) =α y.

Σ ` PairOf (x : σ, y : τ [x]) : typei Σ ` u:σ Σ ` w : τ [u]

Σ ` σ : typei Σ; x : σ ` τ [x] : typei

Σ ` p : PairOf (x : σ, y : τ [x]) Σ ` π1 (p) : σ Σ ` π2 (p) : τ [π1 (p)] . Σ ` p = Pair(π1 (p), π2 (p))

Σ ` Pair(u, w) : PairOf (x : σ, y : τ [x]) . Σ ` π1 (Pair(u, w)) = u . Σ ` π2 (Pair(u, w)) = w

Σ ` PairOf (x : σ, y : τ [x]) : typei

Σ ` a:τ

. Σ`u=w

. Σ`a=a

. Σ`w=u

. Σ`u=w . Σ`w=s

. Σ`u=w Σ ` Θ[u]

. Σ`u=s

Σ ` Θ[w]

Σ ` τ : typei Σ; x : τ ` Φ[x] : Bool

Σ ` SubType (x : τ, Φ[x]) : typei Σ ` e:τ Σ ` Φ[e]

Σ ` SubType (x : τ, Φ[x]) : typei

Σ ` e : SubType (x : τ, Φ[x])

Σ ` e : SubType (x : τ, Φ[x]) Σ ` e:τ Σ ` Φ[e]

Figure 3: Dependent Pair Types, Absolute Equality and Subtypes. Absolute equality (judgmental equality) accounts for the fact that we can have distinct but isomorphic . groups — we can have G =Group H with G = 6 H. It is important that we do not have . . x : Group ` (G = x) : Bool as one could then derive that G =Group H implies G = H by . substitution into G = x.

Σ; x : σ ` Φ[x] : Bool Σ ` ∃!x : σ Φ[x] Σ ` σ : Set

Σ; x : σ ` Φ[x] : Bool Σ ` ∃!x : σ Φ[x] The(x : σ Φ[x]) is closed

Σ ` The(x : σ, Φ[x]) : σ Σ ` Φ[The(x : σ, Φ[x])]

Σ ` The(x : σ, Φ[x]) : σ Σ ` Φ[The(x : σ, Φ[x])]

Σ ` σ : Set Σ ` a =σ b

Σ ` f :σ → τ Σ ` a =σ b

Σ ` f, g : σ → τ . Σ; x : σ ` f (x) = g(x)

Σ; x : σ ` x : τ Σ; x : τ ` x : σ

. Σ`a=b

. Σ ` f (a) = f (b)

. Σ`f =g

. Σ`σ=τ

Figure 4: Definite Descriptions and Additional Absolute Equality Rules. The natural numbers and the reals can be written as closed definite descriptions involving axioms specifying their structure up to isomorphism. The second rule of the second row expresses that a function on classes (or higher level types) returns the same arbitrarily chosen member of the output isomorphism class for all the members of a given input isomorphism class. Functions differ in this respect from natural maps introduced in section 2.4.

11

The type of topological spaces, denoted TOP, can be written as   α : Set, TOP ≡ PairOf  Open : (α → Bool) → Bool,  s. t. Ψ[α, Open] where Ψ[α, Open] states the topology axioms. Here the open sets of the topological space are represented by predicates. Note that the types Group and TOP are closed type expressions — these type expressions do not contain free variables. We should note that subtypes are literally subsets and, for example, we can derive the sequent G : AbelianGroup ` G : Group. Figure 4 gives rules for definite descriptions. Care must be taken to ensure that these rules are sound under morphoid semantics. Soundness proofs are given in section 4. The second definite description rule can be used to define the natural numbers by N ≡ The(p : PairOf (α : Set, s : α → α), Φ[p]) where Φ[p] states Peano’s axioms (the second order version). The ordered field of real numbers can be defined similarly. Figure 4 also gives some additional rules for absolute equality. These rules provide some insight into morphoid semantics as defined in sections 2.3 and 3.

2.2

Isomorphism Rules

The core rules of MorTT in figures 1 through 4 intuitively specify a notion of isomorphism by specifying the observable properties of objects. We want a notion of isomorphism that is as coarse as possible while not equating objects distinguishable by Boolean propositions of the core rules. Note that equating a and b when Φ[a] can be proved true and Φ[b] can be proved false leads to an inconsistency. So we can alternatively say that the rules for deriving isomorphism should equates as many things as possible while still being consistent with the core rules. The rules for deriving isomorphism relations are given in figure 6. The isomorphism rules make use of the judgmental rules defined in figure 5. Judgmental rules manipulate judgements . that are not propositions. For example, as we have noted ealier, absolute equalities a = b are not . propositional — we cannot derive (a = b) : Bool. The rules in figure 5 distinguish three kinds of expressions that can appear to the right of `. Judgments. A judgement is any expression that can appear on the right hand side of `. Semantically we can think of judgements as predicates on sets of variable interpretations. The sequent Σ ` Θ is valid if the property required by Θ holds of the set of semantic interpretations of Σ. Formulas. A formula is a judgement Θ where the validity of Σ ` Θ has the form “Θ is true in every interpretation of Σ”. The validity of Σ ` e : τ is not of this form — see requirements (V1) and (V2) in figure 9. We have that e : τ is a judgement but is not a formula. A sequent of the form Σ ` e :: τ is valid if in every semantic interpretation of Σ we have that the semantic value of e is a member of the value of τ . In contrast to e : τ , the expression e :: τ is a formula. We have (e :: τ ) :: Bool but not (e : τ ) :: Bool. Propositions. A formula Φ is said to be a proposition in context Σ if we have we . have Σ ` Φ : Bool. An absolute equation x = y is a formula but not a proposition — it does not satisfy conditions (V1) and (V2) in figure 9. Figure 6 gives rules for deriving isomorphism for a subclass of the dependent pair types. Isomorphism at other dependent pair types are derives from cryptomorphic equivalences between the more general types and the types handled in figure 6. 12

Σ ` e:σ Σ ` e :: σ

Σ ` σ :: typei Σ ` a :: τ Σ ` b :: γ

Σ ` Φ :: Bool Σ ` Ψ :: Bool

. Σ ` (a = b) :: Bool Σ ` (a :: σ) :: Bool

Σ ` (Φ ∨ Ψ) :: Bool Σ ` ¬Φ :: Bool

Σ ` σ :: typei x is not declared in Σ

Σ`Φ Σ ` Ψ :: Bool Σ`Φ∨Ψ Σ`Ψ∨Φ Σ ` ¬¬Φ

Σ`Ψ

Σ ` (∀x : σ Φ[x]) :: Bool

Σ ` Θ :: Bool Σ; Θ ` True

Σ; x : σ ` True

Σ; Φ ` Ψ Σ; ¬Φ ` Ψ

Σ; x : σ ` Φ[x] :: Bool

Σ ` ¬Ψ Σ ` ¬Φ

Σ ` ∀x : τ Φ[x] Σ ` e:τ

Σ; x : σ ` Φ[x] :: Bool Σ; x : σ ` Φ[x]

Σ ` ¬(Φ ∨ Ψ)

Σ ` Φ[e]

Σ ` ∀x : σ Φ[x]

Figure 5: Judgmental Inference. We write e :: τ to indicate e ∈ τ without requiring that e satisfy conditions (V1) and (V2) of figure 9. These judgmental rules support the isomorphism rules in figure 6.

To understand the rules in figure 6 it is best to start with simple structure types. To define simple structure types we first introduce the notation PairOf (σ, τ ) as an abbreviation for PairOf (x : σ, y : τ ) where x does not occur free in τ . This is a simple pair type as opposed to a true dependent pair type. We define a simple structure type to be a type expression of the form PairOf (α : Set, y : δ[α]) where δ[α] is simple in α as defined by the following grammar. δ[α]

::= α | a type σ with α not free in σ | δ1 [α] → δ2 [α] | PairOf (δ1 [α], δ2 [α]) | SubType(x : δ[α], Φ[α, x])

We note that simple structure types include most of the familiar concepts of mathematics such as groups, topological spaces and vector spaces. For example, the type group can be written in the form PairOf (α : Set, SubType(f : α × α → α, Φ[α, f ])). Here we have placed the group axioms inside the dependent pair type. This can also be done for topological spaces and other familiar concepts. The type of vector spaces over a given field F can be written as PairOf (α : Set, SubType(PairOf (+ : α × α → α, ∗ : π1 (F ) × α → α), Φ[F, α, +, ∗])). This is a simple structure type in which the field F occurs as a free variable of the type expression. The rules in figure 6 handle simple structure types as a special case. Consider the first rule of the third row which we will call the equality generation rule. In this rule we can take σ to be Set. In that case a1 , a2 and a3 are sets where a3 represents a bijection from a1 to a2 as derived by the first rule of the first row. Such an instance of the equality generation rule states that for a type of the form PairOf (α : Set, y : τ [α]) we have that Pair(σ, b1 ) is isomorphic to Pair(δ, b2 ) if there exists a bijection f from σ to δ that carries b1 to b2 . The statement that bijecition f carries b1 to b2 is written as b1 ]τ [l(σ,δ,f )] b2 . The semantics is discussed in section 2.3. The 13

Bijection[σ, τ ] ≡ SubType(f : σ → τ, ∀y : τ ∃!x : σ f (x) =τ y) PairOf (σ, τ ) ≡ PairOf (x : σ, y : τ ) with x not free in τ a ]σ b ≡ ∃x : iso(σ, a, b) Σ ` σ, τ : typei Σ ` f : Bijection[σ, τ ] Σ `l (σ, τ, f ) :: iso(typei , σ, τ )   ∀x : σ ∀y : τ (x ]l(σ,τ,f ) y) Σ`  ⇔ f (x) =τ y

Σ ` a3 :: iso(σ, a1 , a2 ) Σ ` b3 :: iso(τ, b1 , b2 ) 

 PairOf (σ, τ ),  Pair(a1 , b1 ),  Σ ` Pair(a3 , b3 ) :: iso Pair(a2 , b2 )

Σ ` a, b : σ Σ ` a3 :: iso(σ, a1 , a2 )   a ]σ b ⇔ Σ`  a =σ b

Σ ` a3 :: σ

Σ ` Pair(a1 , b1 ), Pair(a2 , b2 ) : PairOf (x : σ, y : τ [x]) Σ ` a3 :: iso(σ, a1 , a2 ) Σ ` b1 ]τ [a3 ] b2 Σ ` Pair(a1 , b1 ) =PairOf (x : σ, y : τ [x]) Pair(a2 , b2 )

Σ ` a1 : σ, a2 : σ, a3 :: iso(σ, a1 , a2 ) Σ; x : σ ` (τ1 [x] → τ2 [x]) : typei Σ ` b1 : (τ1 [a1 ] → τ2 [a1 ]) Σ ` b2 : (τ1 [a2 ] → τ2 [a2 ])

Σ ` a1 : σ, a2 : σ, a3 :: iso(σ, a1 , a2 ) Σ; x : σ ` PairOf (τ1 [x], τ2 [x]) : typei Σ ` b1 : PairOf (τ1 [a1 ], τ2 [a1 ]) Σ ` b2 : PairOf (τ1 [a2 ], τ2 [a2 ])  (b1 ]PairOf (τ1 [a3 ], τ2 [a3 ]) b2 )    ⇔ Σ`  π1 (b1 ) ]τ1 [a3 ] π1 (b2 ) ∧   π2 (b1 ) ]τ2 [a3 ] π2 (b2 )

Σ ` a1 : σ, a2 : σ, a3 :: iso(σ, a1 , a2 ) Σ; x : σ ` SubType(y : τ [x], Φ[x, y]) : typei Σ ` b1 : SubType(y : τ [a1 ], Φ[a1 , y]) Σ ` b2 : SubType(y : τ [a2 ], Φ[a2 , y])

 (b1 ]τ1 [a3 ]→τ2 [a3 ] b2 )     ⇔    ∀x1 : τ1 [a1 ] ∀x2 : τ1 [a2 ] Σ`   (x1 ]τ1 [a3 ] x2 )   ⇒    b1 (x1 ) ]τ2 [a3 ] b2 (x2 )

  (b1 ]SubType(y : τ [a3 ], Φ[a3 ,y]) b2 ) ⇔ Σ`  (b1 ]τ [a3 ] b2 )

Figure 6: Isomorphism Rules. We have that iso(σ, x, y) is the type whose members are the isomorphisms from x to y. The first two rules introduce isomorphisms between lists of types. The first rule of third row derives equality (isomorphism) at dependent pair types PairOf (x : σ, y : τ [x]) where τ [x] is simple in x. It states that the pair Pair(a1 , b1 ) is isomorphic to the pair Pair(a2 , b2 ) if there exists an isomorphism from a1 to a2 that carries b1 to b2 . The notation b1 ]τ [a3 ] b2 indicates that the isomorphism a3 carries b1 to b2 . The carrying relaiton ]τ [a3 ] is defined in the conclusions of the last three rules plus bases cases defined by the conclusions of the first rule and the first rule of the second row. The carrying relation ]τ [a3 ] always defines a bijection between τ [a1 ] and τ [a2 ].

14

(G1) For any morphoid x we have that Left(x), Right(x) and x−1 are also morphoids. (G2) x ◦ y is defined if and only if Right(x) = Left(y) and when x ◦ y is defined we have that x ◦ y is a morphoid. (G3) Left(x−1 ) = Right(x) and Right(x−1 ) = Left(x) (G4) Left(x ◦ y) = Left(x) and Right(x ◦ y) = Right(y). (G5) (x ◦ y) ◦ z = x ◦ (y ◦ z). (G6) x−1 ◦ x ◦ y = y and x ◦ y ◦ y −1 = x. (G7) Right(x) = x−1 ◦ x and Left(x) = x ◦ x−1 (G8) (x−1 )−1 = x. (G9) (x ◦ y)−1 = y −1 ◦ x−1 . Figure 7: The Groupoid Properties of Morphoids. In MorTT all semantic values are morphoids.

rules in figure 6 recursively define the carrying relation ]τ [l(σ,δ,f )] for all type expressions τ [α] that are simple in α. In all cases ]τ [l(σ,δ,f )] is a bijective relation between τ [σ] and τ [δ]. The rules in figure 6 handle a slightly more general case. In the equality generation rule the type σ can be taken to be a pair of types, or a pair of pairs of types, or a list of types, or in general any tree over types. For example we have Σ; x : PairOf (Set, Set) ` (π1 (x) → π2 (x)) : Set. As an example consider the type of colored graphs defined to be a pair of a graph and a coloring of that graph. Graph ≡ PairOf (α : Set, Edge : (α × α) → Bool) CGraph ≡ PairOf (G : Graph, PairOf (β : Set, c : (π1 (G) → β))) We can alternatively (cryptomorphically) define a colored graph as follows.    Edge : (π1 (P ) × π1 (P )) → Bool, 0 CGraph ≡ PairOf P : PairOf (Set, Set), y : PairOf c : (π1 (P ) → π2 (P )) We can use the rules in figure 6 to derive equations at the type CGraph0 . But we also have G : CGraph0 ` Pair(Pair(π1 (π1 (G)), π1 (π2 (G))), Pair(π2 (π1 (G)), π2 (π2 (G)))) : CGraph By applying the substitution rule to the above sequent and an equation of the form G0 =CGraph0 H 0 we can generate the desired isomorphisms at the type CGraph.

2.3

Semantics

In morphoid semantics all values are morphoids. Morphoids are built from “points” in much the same way that sets can be built from ur-elements. A morphoid is either a point, a Boolean

15

σ  Point(a, A),     Point(˜ a, A),        Point(b, B),  Point(˜b, B),         Point(c, C),   Point(˜ c, C),

Left(σ)

˜  Point(a, A),   ˜   Point(˜ a, A),       ˜  Point(b, B), ˜ ˜ Point(b, B),        ˜  Point(c, C),    ˜ Point(˜ c, C)

 Point(a, a),     Point(˜ a, a),        Point(b, b),  Point(˜b, b),         Point(c, c),   Point(˜ c, c),

σ −1

Right(σ)  Point(A, A),    ˜ A),  Point(A,        Point(B, B), ˜ B),  Point(B,         Point(C, C),   ˜ C), Point(C,

 Point(a, a ˜),    Point(˜ a, a ˜),         Point(b, ˜b), ˜ ˜ Point(b, b),         Point(c, c˜),    Point(˜ c, c˜)

 ˜ a), Point(A, a), Point(A,    ˜ ˜ a  Point( A, a), Point( A, ˜),        ˜ b), Point(B, b), Point(B, ˜ b), Point(B, ˜ ˜b),  Point(B,        ˜ c),  Point(C, c), Point(C,   ˜ c), Point(C, ˜ c˜) Point(C,

                      

G

Point(a,A) \ Point(b,B) / Point(c,C)

G−1

Point(A,a) \ Point(B,b) / Point(C,c)

           

˜ Point(B, B), ˜ B), ˜  Point(B,       ˜  Point(C, C),    ˜ C) ˜ Point(C,

σ◦τ

τ  Point(A, X),     ˜ X),  Point(A,        Point(B, Y ), ˜ Y ),  Point(B,         Point(C, Z),    ˜ Z), Point(C,

˜ Point(A, A), ˜ A), ˜ Point(A,

 e  Point(A, X),   ˜ X), e   Point(A,        Point(B, Ye ), ˜ Ye ),  Point(B,        e  Point(C, Z),    ˜ e Point(C, Z)

Left(G)

Point(a,a) \ Point(b,b) / Point(c,c)

 Point(a, X),      Point(˜ a, X),        Point(b, Y ),  Point(˜b, Y ),         Point(c, Z),    Point(˜ c, Z),

e Point(a, X), e Point(˜ a, X),

            

Point(b, Ye ), Point(˜b, Ye ),         e  Point(c, Z),    e Point(˜ c, Z)

Right(G)

Point(A,A) \ Point(B,B) / Point(C,C)

G◦H

H

Point(A,X) \ Point(B,Y) / Point(C,Z)

Point(a,X) \ Point(b,Y) / Point(c,Z)

Figure 8: Examples of Left, Right, inverse and composition. Morphoids are built from points just as sets can be built from ur-elements. A point has the form Point(i, j) where we think of i is a left index and j as a right index. We have Point(i, j)−1 = Point(j, i) and Point(i, j) ◦ Point(j, k) = Point(i, k). For any point type σ we have that Left(σ) and Right(σ) are equivalence relations on indeces and σ defines a bijection between the equivalence classes of Left(σ) and Right(σ). The last two rows show morphoid graphs where the nodes are points.

16

Structure. A structure is defined to be a mapping from a finite set of variables to morphoids. The groupoid operations are defined on structures ρ and γ by Left(ρ)(x) = Left(ρ(x)), Right(ρ)(x) = Right(ρ(x)), ρ−1 (x) = ρ(x)−1 and for Right(ρ) = Left(γ) we define composition by (ρ ◦ γ)(x) = ρ(x) ◦ γ(x). For structures ρ and γ we define ρ  γ to mean that ρ and γ are defined on the same set of variables and ρ(x)  γ(x) for all variables x on which they are defined. For a structure ρ, variable x, and morphoid v, where x is not assigned a value in ρ, we define ρ[x ← v] to be the structure identical to ρ but with the added assignment of value v to variable x. ρ ∈ V JΣK. For a context Σ the following clauses specify whether V JΣK is defined and, if it is defined, define it to be a set of structures. • We define V JK to be the set containing the empty structure (the empty structure does not assign any value to any variables). • For Σ |= τ :: typei and x not declared in Σ, we have that V JΣ; x : τ K is defined to be the set of structures of the form ρ[x ← v] for ρ ∈ V JΣK and v ∈ VΣ Jτ K ρ.

• For Σ |= Φ :: Bool we have that V JΣ; ΦK is defined to be the set of all ρ ∈ V JΣK such that VΣ JΦK ρ = True.

Σ |= Φ. The relation Σ |= Φ is defined by the following clauses. • If V JΣK and VΣ JΦK are defined, and for all ρ ∈ V JΣK we have that VΣ JΦK ρ is a Boolean value, then we define Σ |= Φ to hold if and only if for all ρ ∈ V JΣK we have that VΣ JΦK ρ = True.

• The entailment Σ |= e : τ holds if Σ |= e :: τ and we have the following value (V) properties for e. −1 (V1) For ρ1 , ρ2 , ρ3 , ∈ V JΣK with ρ1 ◦ ρ−1 2 ◦ ρ3 defined and (ρ1 ◦ ρ2 ◦ ρ3 ) ∈ V JΣK we have −1 VΣ JeK (ρ1 ◦ ρ−1 ◦ (VΣ JeK ρ3 ). 2 ◦ ρ3 ) = (VΣ JeK ρ1 ) ◦ (VΣ JeK ρ2 )

(V2) For ρ1 , ρ2 ∈ V JΣK with ρ1  ρ2 we have VΣ JeK ρ1  VΣ JeK ρ2 .

Figure 9: Structures, the set V JΣK, and the relation |=. Figure 10 defines VΣ J(e :: τ )K ρ to be true if VΣ JeK ρ ∈ VΣ Jτ K ρ. We do not define VΣ J(e : τ )K. The relation  on morphoids is defined in figure 15.

value, a set of morphoids (a type) satisfying certain conditions, a function from morphoids to morphoids satisfying certain conditions, or a pair of morphoids. We define the operations Left, Right, ◦ and (·)−1 on morphoids and show that the class of all morphoids forms a algebraic groupoid under these operations. More specifically, these operations satisfy properties (G1) through (G9) in figure 7. Figure 8 gives examples of the groupoid operations acting on types and graphs. Morphoids are defined rigorously in section 3. The semantics of morphoid type theory is an extension of the semantics of predicate calculus. The semantics involves three concepts — variable interpretations (structures), semantic entailment, and a semantic value function. These are defined in figures 9 and 10. The definitions are mutually recursive but are well-founded by reduction of the combined syntactic complexity of Σ and e. The definitions use notation defined in later sections. This top down style of definition, common in computer code, allows for insight into the high level structure of the system without requiring full mastery of details. Figure 9 defines a structure to be a variable interpretation. This is consistent with terminology from first order logic where a structure is a thing that assigns meaning to predicate symbols, function symbols and constant symbols. In MorTT these symbols are simply the variables de-

17

• x. For x declared in Σ and for ρ ∈ V JΣK we have that VΣ JxK is defined with VΣ JxK ρ = ρ(x).

• Bool. We have that VΣ JBoolK ρ is the type containing the two Boolean values True and False.

• Set. We have VΣ JSetK ρ is the type whose members are all discrete morphoid types in the Grothendiek universe Vκ0 where κ0 is the smallest uncountable inaccessible cardinal. • typei , i > 0. For i > 0 have VΣ Jtypei K ρ is the type whose members are all morphoid types in the Grothendiek universe Vκi where κi+1 is the smallest inaccessible cardinal larger than κi . • f (e). If VΣ Jf K and VΣ JeK are defined, and for all ρ ∈ V JΣK we have that (VΣ Jf K ρ)(VΣ JeK ρ) is defined, then VΣ Jf (e)K is defined with VΣ Jf (e)K ρ = (VΣ Jf K ρ)(VΣ JeK ρ).

• σ → τ. If Σ |= σ : typei , and Σ |= τ : typei , then VΣ Jσ → τ K is defined with VΣ Jσ → τ K ρ = (VΣ JσK ρ) → (VΣ Jτ K ρ). • ∀ x : τ Φ[x]. If Σ; y : τ |= Φ[y] :: Bool then VΣ J∀ x : τ Φ[x]K is defined with VΣ J∀ x : τ Φ[x]K ρ being True if for all v ∈ VΣ Jτ K ρ we have VΣ;y : τ JΦ[y]K ρ[y ← v] = True.

• Φ ∨ Ψ. If Σ |= Φ :: Bool and Σ |= Ψ :: Bool then VΣ JΦ ∨ ΨK is defined with VΣ JΦ ∨ ΨK ρ = VΣ JΦK ρ ∨ VΣ JρK ρ.

• ¬Φ. If Σ |= Φ :: Bool then VΣ J¬ΦK is defined with VΣ J¬ΦK ρ = ¬VΣ JΦK ρ.

• s =σ w. If Σ |= s :: σ and Σ |= w :: σ then VΣ Js =σ wK is defined with VΣ Js =σ wK ρ being True if VΣ JsK ρ =VΣ JσKρ VΣ JwK ρ. . . . • s = w. If VΣ JsK and VΣ JwK are defined then VΣ Js = wK is defined with VΣ Js = wK ρ being True if VΣ JsK ρ = VΣ JwK ρ.

• e :: σ. If VΣ JeK and VΣ JσK are defined and for all ρ ∈ V JΣK we have that VΣ JσK ρ is a morphoid type, then VΣ Je :: σK is defined with VΣ Je :: σK ρ being True if VΣ JeK ρ ∈ VΣ JσK ρ.

• PairOf (x : σ, y : τ [x]) . If Σ |= σ : typei and Σ; z : σ |= τ [z] : typei then VΣ JPairOf (x : σ, y : τ [x])K is defined with VΣ JPairOf (x : σ, y : τ [x])K ρ being the type containing the pairs Pair(v, w) for v ∈ VΣ JσK ρ and w ∈ VΣ; z : σ Jτ [z]K ρ[z ← v]. • Pair(u, w). If VΣ JuK and VΣ JwK are defined then VΣ JPair(u, w)K is defined with VΣ JPair(u, w)K ρ = Pair(VΣ JuK ρ, VΣ JwK ρ).

• πi (e). If VΣ JeK is defined and for all ρ ∈ V JΣK we have that VΣ JeK ρ is a pair then VΣ Jπi (e)K is defined with VΣ Jπi (e)K ρ = πi (VΣ JeK ρ).

• SubType (x : σ, Φ[x]) . If Σ |= σ : typei and Σ; y : σ |= Φ[y] : Bool then VΣ JSubType(x : σ, Φ[x])K is defined with VΣ JSubType (x : σ, Φ[x])K ρ being the type whose members are those values v ∈ VΣ JσK ρ with VΣ; y : σ JΦ[y]K ρ[y ← v] = True.

• iso(σ, a, b). If Σ |= σ :: typei , and VΣ JaK and VΣ JbK are defined, and for all ρ ∈ V JΣK we have that iso(VΣ JσK ρ, VΣ JaK ρ, VΣ JbK ρ) is defined, then VΣ Jiso(σ, a, b)K is defined with VΣ Jiso(σ, a, b)K ρ = iso(VΣ JσK ρ, VΣ JaK ρ, VΣ JbK ρ). • l (σ, τ, f ). If Σ |= σ :: typei and Σ |= τ :: typei and Σ |= f : Bijection[σ, τ ] then VΣ Jl (σ, τ, f )K is defined with VΣ Jl (σ, τ, f )K ρ =l (VΣ JσK ρ, VΣ Jτ K ρ, VΣ Jf K ρ). • The(x : σ, Φ[x]). For Σ; x : σ |= Φ[x] : Bool and Σ ` ∃!x : σ Φ[x] we have that The(x : σ, Φ[x]) is defined with VΣ JThe(x : σ, Φ[x])K ρ = The(VΣ JSubtype(x : σ, Φ[x])K ρ).

Figure 10: The semantic value VΣ JeK ρ. The clauses specify whether VΣ JeK is defined and, if it is defined, also specify the value of VΣ JeK ρ for all ρ ∈ V JΣK. For a closed expression e we will write V JeK for V JeK . For example, we have V JSetK, V JBoolK and V JGroupK. The definitions of the semantic constructs x =σ y, l (σ, τ, f ) and iso(σ, x, y), and their use in figure 6, are discussed in the text of section 2.3 and defined formally in figures 17 and 19.

18

clared by a context Σ. Here we identify the notion of signature from first order logic with the notion of context. It is possible to include structures as first class morphoid values — this was done in earlier versions of MorTT. For simplicity we avoid that here. Figure 9 specifies when V JΣK is defined, i.e., when Σ is a well formed context, and for V JΣK defined figure 9 defines V JΣK to be a set of structures assigning values to the variables declared in Σ. Intuitively this is the class of structures with signature Σ. Figure 9 also defines groupoid operations and the ordering  on structures assuming that these are already defined on morphoids. Figure 10 defines the value of an expression under a given interpretation of the free variables of that expression. For V JΣK defined figure 10 defines when VΣ JeK is defined, i.e., when e is a well formed expression in context Σ, and if VΣ JeK is defined then for ρ ∈ V JΣK the figure defines VΣ JeK ρ. Figure 10 specifies that the value function is fully compositional. For example we have VΣ Js =σ wK ρ is true if VΣ JsK ρ =VΣ JσKρ VΣ JwK ρ. This definition is incomplete without a definition of the meaning of the semantic notation x =σ y. For a morphopid type σ and for x, y ∈ σ figure 17 defines x =σ y to mean that there exists z ∈ σ with (x@σ)◦z −1 ◦(y@σ) defined. Here the notation x@σ denotes an abstraction of x to an abstract member of σ. For example consider a permutation group G — a group whose members are permutations of an underlying set and where the group operation is composition of permutations. We have G ∈ Group. However, “abstract” groups are groups whose group elements are points. A permutation group is a group representation rather than an abstract group. Figure 15 defines the abstraction operation G@Group such that G@Group is the result of abstracting the group elements of G to points. We then have G =Group H if there exists an (abstract) group F such that (G@Group) ◦ F −1 ◦ (H@Group) is defined. We use z −1 in the definition of x =σ y to handle the case where σ not closed under composition. Types not closed under composition are needed to represent the type l (σ, τ, f ) as discussed below. In addition to the semantic notion of equality, figure 10 relies on semantic meanings for iso(σ, x, y) and l (σ, τ, f ). For a morphoid type σ and for morphoids x and y with x@σ and y@σ defined (but without requiring x ∈ σ or y ∈ σ) figure 19 defines iso(σ, x, y) to be the type whose members are those morphoids z ∈ σ such that (x@σ) ◦ z −1 ◦ (y@σ) is defined. For x, y ∈ σ we then have x =σ y if and only if iso(σ, x, y) is non-empty. This yields soundness for the inference rules in the second row of figure 6. However, consider the carrying relation b1 ]τ [a3 ] b2 used in the last two rows of figure 6. The notation b1 ]τ [a3 ] b2 is an abbreviation for ∃z : iso(τ [a3 ], b1 , b2 ). Here we do not have b1 , b2 ∈ τ [a3 ]. For morphoid types σ and τ in V Jtypei K, and a bijection f in σ → τ , figure 19 defines l (σ, τ, f ) to be a type whose members are points (a point type) such that l (σ, τ, f ) ∈ iso(V Jtypei K , σ, τ ) and such that the first rule of the first row in figure 6 is sound. The judgmental rules in figure 5 introduce “impure” contexts — contexts which contain judgements as assumptions. We can define a pure context to be either the empty context, a context of the form Σ; x : τ where Σ is pure and Σ |= τ : typei or a context of the form Σ; Φ where Σ is pure and Σ |= Φ : Bool. If Σ is pure then V JΣK is closed under the groupoid . operations and itself forms a groupoid. Impure contexts such as G : Group; H : Group; G = H are not in general closed under composition. Note that condition (V1) in figure 9 is stated so as to accommodate impure contexts. The soundness proofs of section 4 accommodate impure contexts for all rules.

2.4

Natural Maps

Figure 11 gives three inference rules for natural maps. These rules introduce lambda expressions of the form (Λx : σ e[x]) :: Πx : σ τ [x] and a different application notation f hai for the application of a natural map.

19

Σ; x : σ ` e[x] : τ [x] Σ ` (Λx : σ e[x]) :: Πx : σ τ [x]

σ ,→ τ

Σ ` f :: Πx : σ τ [x] Σ ` a:σ

Σ; x : σ ` e[x] : τ [x] Σ ` a:σ

Σ ` f hai : τ [a]

. Σ ` (Λx : σ e[x])hai = e[a]

≡ Πx : σ τ

x not free in τ

Figure 11: Natural Maps. Note that we do not have (Πx : σ τ [x]) : typei — in MorTT dependent function types are not first class types.

The simplest case of a natural map is a map of the form (Λα : Set λx : σ[α] e[x] : τ [α]) :: Πα : Set σ[α] → τ [α]. Natural maps of this form are polymorphic functions in the sense of system F [Girard, 1971, Reynolds, 1974]. For example the operation of composition on functions of type α → α can be written as (Λα : set λf : α → α λg : α → α λx : α f (g(x))) :: Πα : Set (α → α) × (α → α) → (α → α) We can define a more general polymorphic composition operation for composing f : α → β and g : γ → α as a natural map whose first argument is a triple of sets. Natural maps can also be defined on richer classes such as the class of groups or topological spaces. There is a natural map taking an arbitrary group G to the canonical permutation group on G achieved by taking the natural action of group elements on group elements. We can also define a natural map taking a pointed topological space to its fundamental group of loops at the selected point. More explicitly we have X : TOP; x : π1 (X) ` Pair(P [X, x], C[X, x]) : Group where π1 (X) is the type of the points of X, where P [X, x] denotes the type whose elements are equivalence classes of loops from x to x and where C[X, x] denotes the operation of composition on these classes of loops. We can then define a natural map from a pointed topological space to its fundamental group as Λp : PairOf (X : TOP, x : π1 (X)) Pair(P [π1 (p), π2 (p)], C[π1 (p), π2 (p)]). We can show that for a connected space the group structure is independent of the choice of the base point. Using the axiom of choice in figure 2 we can derive that there exists a function FUND : CTOP → Group where CTOP is the type of connected topological spaces and such that ∀X : CTOP ∀x : π1 (X)

FUND(X) =Group Pair(P [X, x], C[X, x]).

We do not have that FUND(X) is a group of equivalence classes of loops — we have that FUND(X) is an arbitrary group isomorphic to a group on loop classes. There is no natural map that takes a connected topological space to a group of loop classes because, by Voldemort’s theorem (section 2.5), there is no natural base point on a sphere or a torus. 20

2.5

Voldemort’s Theorem

Voldemort’s theorem implies that certain objects exist but cannot be named. For example, it is not possible to name any particular point on the topological (or geometric) circle S 1 . The statement of Voldemort’s theorem appears at first to be unrelated to naming, but its implications for naming are discussed below. Theorem 2.1 (Voldemort’s Theorem). The following rule can be derived from the rules in figures 1 through 3. Σ; x : σ ` e[x] : τ [x] Σ ` Pair(a, b) =PairOf (x : σ, y : τ [x]) Pair(a, e[a]) Σ ` b =τ [a] e[a] Proof. We consider the following instance of the substitution rule. Σ; p : PairOf (x : σ, y : τ [x]) ` Φ[p] : Bool Σ ` q =PairOf (x : σ, y : τ [x]) r Σ ` Φ[q] ⇔ Φ[r] Given the first antecedent of the lemma we can derive Σ; p : PairOf (x : σ, y : τ [x]) ` (π2 (p) =τ [π1 (p)] e[π1 (p)]) : Bool. Applying the above instance of the substitution rule to the pairs Pair(a, b) and Pair(a, e[a]) of the second premise of the lemma gives (b =τ [a] e[a]) ⇔ (e[a] =τ [a] e[a]) which proves the theorem. Voldemort’s theorem implies that it is not possible to name a point on the topological circle or the topological torus. Consider the topological sphere S 2 S 2 ≡ The(X : TOP X =TOP Pair(σ, O)) where σ is the set of points in R3 with unit length and O is subspace topology of the standard topology on R3 . We can also define the class of topological spaces isomorphic (homeomorphic) to S 2 by Sphere ≡ SubType(X : TOP, X =TOP S 2 ). We now have S 2 : Sphere and Sphere : Class — S 2 is a single (arbitrary) sphere while Sphere is the class of all spheres. Now suppose that we could name a point on the sphere in the sense that we have X : Sphere ` e[X] : π1 (X). There exists a point b on S 2 different from the point e[S 2 ], i.e., such that b 6=π1 (S 2 ) e[S 2 ]. But we also have Pair(S 2 , b) =PairOf (X : Sphere, z : π1 (X)) Pair(S 2 , e[S 2 ]). By Voldemort’s theorem we then have b =π1 (S 2 ) e[S 2 ] giving a contradiction. A similar argument yields that one cannot name any particular node of the complete graph or any particular isomorphism (linear bijection) of a finite dimensional vector space with its dual. 21

2.6

Cryptomorphism

Two types are cryptomorphic in the sense of Birkoff and Rota [Rota, 1997] if they “provide the same data”. For example a group can be defined to be a four-tuple of a set, a group operation, an identity element and an inverse operation satisfying certain equations. Alternatively, a group can be defined to be a pair of a set and a group operation such that an identity element and an inverse operation exist. In the later case it can be shown that the identity element and the group operation are unique. We might call these types FourTupleGroup and PairGroup. These are different types with different elements. However, every four-tuple-group can be converted to a pair-group simply by dropping the second two components. Conversely, any pair-group can be converted to a four-tuple-group by extending the pair to a four tuple whose last two elements are the unique identity element and inverse operation. Here we suggest that two classes σ and τ be considered cryptomorphic if there exists natural maps f :: σ ,→ τ and g :: τ ,→ σ such that . . ∀x : σ ghf hxii = x and ∀y : τ f hghyii = y. As discussed in section 2.2 we can use cryptomorphisms to strength the power of the rules in figure 6. More specifically, the following rule can be derived from the substitution rule. Σ ` f :: σ ,→ τ Σ ` g :: τ ,→ σ . Σ; x : σ ` x = g(f (x)) . Σ; y : τ ` y = f (g(x)) Σ ` G, H : σ Σ ` (G =σ H) ⇔ (f hGi =τ f hHi) For this rule to strengthen the power of the rules in figure 6 it is important that we use natural maps rather than morphoid functions. More specifically, to derive f hGi =τ f hHi using the rules in figure 6 it is important that the types within G are carried over to types within f hGi up to absolute equality. An example is the derivation of isomorphism equations for colored graphs as discussed in section 2.2.

22

3

Morphoids

We will define (Platonic) Morphoid theory in terms of (Platonic) set theory. In order to provide a semantics for the type constants typei we assume an infinite number of inaccessible cardinals. We will write set-theoretic equality (equality in the universe of pure sets) simply as = and use . this as the interpretation of absolute equality =. We let 0 denote the empty set and let 1 denote {0}. We represent the pair (x, y) as {x, {x, y}}. We represent lists by implementing the empty list as the empty set and implementing a nonempty list as a pair (x, r) where x is the first element of the list and r is the rest of the list (which might or might not be empty). We represent bit strings as lists of 0s and 1s. We represent a byte as a list of eight bits. We represent byte strings as lists of bytes. We define a symbol to be a list of bytes and write symbols using the standard ASCII conventions. For example, we have the symbols "FOO" and "BAR". An expression is either a symbol or a list of expressions. Left-Right Duality. Morphoid type theory involves a left-right duality. A duality is a cryptomorphism between a class and itself. For example, the reversal of a partial order is a natural map on the class of partial orders that is its own inverse. Similarly the reversal of all points in a morphoid might be interpretable as a natural map on the class of morphoids. But rather than try to apply morphoid theory to itself we will simply claim that some kind of intuitive left-right duality exists. This duality makes certain statements obvious. For example, we have VΣ JeK (ρ−1 ) = (VΣ JeK ρ)−1 and (x−1 )@T = (x@T )−1 . Also, if ρ ∈ V JΣK then ρ−1 ∈ V JΣK. We will generally use facts that follow from left-right duality without comment.

3.1

Weak Morphoids

We first define weak morphoids. The morphoids will be a subclass of the weak morphoids. Figure 12 defines the weak morphoids and figure 13 defines the groupoid operations on weak morphoids. The definitions are mutually recursive — the definition of weak morphoids involves conditions stated in terms of the groupoid operations and the groupoid operations are defined on the weak morphoids. However, as discussed in slightly more detail below, these definitions are well founded and do define the class of weak morphoids and the groupoid operations on them. Condition (T1) in figure 12 is central to morphoid type theory. Bijections are central to the concept of isomorphism and condition (T1) allows types to represent bijections. For any point type σ we have that Left(σ) is an equivalence relation on the left indeces of σ and Right(σ) is an equivalence relation on the right indices of σ. Furthermore, σ itself defines a bijection between the equivalence classes of Left(σ) and the equivalence classes of Right(σ). This can be seen in the point types in figure 8. Any point type σ satisfying condition (T1) has the structure shown in the figure where each equivalence classes of σ is a cross product of a left index set and a right index set. This is related to property ('.B) in figure 14. Morphoid types are directed from left to right. This is needed in order for types to represent bijections. For x ∈ σ we do not in general have x−1 ∈ σ. Hence a morphoid type σ is not in general a groupoid. Figure 12 also defines the notion of morphoid rank. Morphoid rank is analogous to settheoretic rank except that the rank of Boolean values and points is zero. Morphoid rank is well defined on an even larger class of tagged values not involving any conditions on types and functions. The recursive definition of morphoid rank is itself well-founded by reduction of settheoretic rank. The recursive definitions in figures 12 and 13 are mutually well founded by reduction of morphoid rank. Figure 14 states various properties of weak morphoids involving the groupoid operations. We prove the properties in figure 14 except for (∼.A) and (∼.B) by a single simultaneous induction on morphoid rank. Each instance of each property is associated with a rank. The rank of an instance of a property is the maximum rank of the weak morphoid variables in the statement of the property. For example, property (G2) states that for two weak morphoids x and y with

23

Weak Morphoid. A weak morphoid is one of the following. • A morphoid point — a pair ("POINT", (i, j)) where i and j are arbitrary values (arbitrary elements of the set-theoretic universe). We abbreviate ("POINT", (i, j)) as Point(i, j). • A Boolean value — one of two pairs ("BOOL", 0) or ("BOOL", 1). We will abbreviate ("BOOL", 0) by False and ("BOOL", 1) by True. • A weak type — a pair σ = ("TYPE", s) where s is a set of weak morphoids satisfying the following type (T) property. (T1) for x, y, x ∈ s with x ◦ y −1 ◦ z defined we have (x ◦ y −1 ◦ z) ∈ s. We will write x ∈ σ for x ∈ s. • A weak function — a pair f = ("FUN", s) where s is a functional set of pairs of weak morphoids satisfying the function (F) condition below. To state the conditions we write Dom(f ) for ("TYPE", w) where w is the set of morphoids occurring as the first component of some pair in s and for x ∈ Dom(f ) we write f [x] for the unique y such that (x, y) ∈ s. A weak function must satisfy the condition that Dom(f ) is a weak type containing only points (a point type), that for x ∈ Dom(f ) we have that f [x] is a weak morphoid, and (F1) for x, y ∈ Dom(f ) with x 'Dom(f ) y we have f [x] = f [y] (absolute equality). • A weak pair — a pair ("PAIR", (x, y)) where x and y are weak morphoids. We abbreviate ("PAIR", (x, y)) as Pair(x, y). x 'σ y. For x, y ∈ σ we defined x 'σ y to mean that there exists z ∈ σ with x ◦ z −1 ◦ y defined. Morphoid Rank R(x). For a point or Boolean value x, R(x) = 0. For a weak type σ, R(σ) is the least ordinal greater than R(x) for all x ∈ σ. For a weak function f , R(f ) is the least ordinal greater than R(Dom(f )) and greater than R(f [x]) for all x ∈ Dom(f ). R(Pair(x, y)) is the least ordinal greater than both R(x) and R(y). (∼) For weak morphoids x and y we write x ∼ y if there exists a weak morphoid z with x ◦ z ◦ y defined.

Figure 12: Weak Morphoids. Weak morphoids (and morphoids) are built from points in much the same way that sets can be built from ur-elements. Figure 17 defines morphoids to be weak morphoids that satisfy additional type and function properties. Weak morphoids satisfy the groupoid properties but do not in general satisfy the ordering properties of morphoids. Note that the domain of a weak function is always a set of points. We will define f (x) to be f [x@Point].

24

Left(("BOOL", v))

=

Right(("BOOL", v)) = ("BOOL", v)−1 = ("BOOL", v)

("BOOL", v) ◦ ("BOOL", v)

=

("BOOL", v)

Left(Point(i, j))

=

Point(i, i)

Right(Point(i, j))

=

Point(j, j)

Point(i, j)−1

=

Point(j, i)

Point(i, j) ◦ Point(j, k)

=

Point(i, k)

Left(("TYPE", s))

=

("TYPE", {p ◦ q −1 : p, q ∈ s})

Right(("TYPE", s))

=

("TYPE", {p−1 ◦ q : p, q ∈ s})

("TYPE", s)−1

=

("TYPE", {p−1 : p ∈ s})

("TYPE", s) ◦ ("TYPE", w)

=

("TYPE", {p ◦ q : p ∈ s, q ∈ w})

Left(Pair(x, y))

=

Pair(Left(x), Left(y))

Right(Pair(x, y))

=

Pair(Right(x), Right(y))

Pair(x, y)−1

=

Pair(x−1 , y −1 )

Pair(x, y) ◦ Pair(z, w)

=

Pair(x ◦ z, y ◦ w)

Left(("FUN", s))

=

−1 ("FUN", {(x1 ◦ x−1 2 , y1 ◦ y2 ) : (x1 , y1 ), (x2 , y2 ) ∈ s})

Right(("FUN", s))

=

−1 ("FUN", {(x−1 1 ◦ x2 , y1 ◦ y2 ) : (x1 , y1 ), (x2 , y2 ) ∈ s})

("FUN", s)−1

=

("FUN", {(x−1 , y −1 ) : (x, y) ∈ s})

("FUN", s) ◦ ("FUN", w)

=

("FUN", {(x1 ◦ x2 , y1 ◦ y2 ) : (x1 , y1 ) ∈ s, (x2 , y2 ) ∈ w})

Figure 13: The Groupoid Operations. We have that x ◦ y is defined if and only if Right(x) = Left(y).

Right(x) = Left(y) we have that x ◦ y is a weak morphoid. The rank of an instance of this property is the maximum of the ranks of x and y. The property (Rank-Preservation) has two kinds of instances — instances of the form R(x−1 ) = R(Left(x)) = R(Right(x)) = R(x) and instances of the form that x ◦ y defined implies that R(x) = R(y) = R(x ◦ y). The rank of an instance of the first type is the rank of x and the rank of an instance of the second type has rank equal to the maximum rank of x and y. The rank of an instance of a property is generally clear but it is also specified explicitly in the first line of the proof of each property. Under the induction hypothesis that all property instances of rank less than β hold, we show that all property instances of rank β hold. This large simultaneous induction proof is spread over most of the remainder of this subsection. At the end of section, after completion of the simultaneous induction, properties (∼.A) and (∼.B) are proved from the earlier properties. In the proof of a property instance we can assume any property instances at any rank smaller than the rank of the instance we are proving as well as previously proven lemmas at rank equal to the rank of the instance under consideration. The order of lemmas remains important. The induction hypotheses ensure that expressions built from lower-rank morphoids denote lower-rank morphoids — the lower-rank rank morphoids are closed under the groupoid operations. This means that in each proof we have access to the full algebra of the groupoid operations defined by properties (G1) through (G9) for the morphoids of lower rank. 25

(Groupoid Properties) The groupoid properties (G1) through (G9) in figure 7 where (G1) and (G2) are modified to state that the operations applied to weak morphoids yield weak morphoids. (Fun-Left-Right) For a weak function f we have that Left(f ) is the unique function with Dom(Left(f )) = Left(Dom(f )) and such that Left(f )(Left(x)) = Left(f [x]) and similarly for Right. (Funs-Composable) For weak functions f and g we have that f ◦ g is defined if and only if Dom(f ) ◦ Dom(g) is defined and for x ∈ Dom(f ) and y ∈ Dom(g) with x ◦ y defined we have f [x] ◦ g[y] defined. (Fun-Composition) For weak functions f and g with f ◦ g defined we have that f ◦ g is the unique morphoid function such that Dom(f ◦ g) = Dom(f ) ◦ Dom(g) and for x ∈ Dom(f ) and y ∈ Dom(g) with x ◦ y defined we have (f ◦ g)[x ◦ y] = f [x] ◦ g[y]. (Composables-Equivalent) For x, y ∈ σ, if either x ◦ y −1 or x−1 ◦ y are defined then x 'σ y. ('.A) For any weak type σ we have that 'σ is an equivalence relation on the members of σ. ('.B) For morphoid types σ and τ with σ ◦ τ defined and for x1 , x2 ∈ σ and y1 , y2 ∈ τ with x1 ◦ y1 and x2 ◦ y2 defined, we have (x1 ◦ y1 ) 'σ◦τ (x2 ◦ y2 ) if and only if x1 'σ x2 if and only if y1 'τ y2 . (Partner) For morphoid types σ and τ with σ ◦ τ defined we have that for all x ∈ σ there exists y ∈ τ with x ◦ y defined and, similarly, for all y ∈ τ there exists x ∈ σ with x ◦ y defined. (Rank Preservation) We have R(x−1 ) = R(Left(x)) = R(Right(x)) = R(x) and for x ◦ y defined we have R(x) = R(y) = R(x ◦ y). (∼.A) The relation ∼ is an equivalence relation on weak morphoids. (∼.B) We have x ∼ x−1 ∼ Left(x) ∼ Right(x) and for x ◦ y defined we have x ∼ y ∼ (x ◦ y).

Figure 14: Weak Morphoid Properties.

We first prove the groupoid properties (G1) through (G9). The groupoid properties are immediate for points and Boolean values. For pairs all properties follow straightforwardly from the induction hypotheses. For example, to show that Left(Pair(x, y)) is a weak morphoid (property (G1)) we note that by definition Left(Pair(x, y)) = Pair(Left(x), Left(y)) and by the induction hypothesis Left(x) and Left(y) are weak morphoids. We explicitly prove the groupoid properties only for types and functions. We first consider types. Lemma 3.1 (G1 for Types). For a weak type σ we have that σ −1 , Left(σ) and Right(σ) are also weak types. Proof. The morphoid rank of an instance of this lemma is the rank of σ. The duality of left and right implies the result for σ −1 . We will show that Left(σ) is a weak type — the case for Right(σ) is similar. We let x range over members of σ. The elements of Left(σ) are the values of the form x1 ◦ x−1 2 . By the induction hypothesis for the groupoid properties and rank preservation we have that every such value is a weak morphoid with rank less than the rank −1 −1 of σ. We must show that Left(σ) satisfies (T1). Suppose that (x1 ◦x−1 ◦(x5 ◦x−1 2 )◦(x3 ◦x4 ) 6 ) is defined. By the induction hypothesis for the groupoid properties and rank preservation we have −1 −1 −1 −1 −1 (x1 ◦ x−1 ◦ (x5 ◦ x−1 2 ) ◦ (x3 ◦ x4 ) 6 ) = (x1 ◦ x2 ◦ x4 ) ◦ (x6 ◦ x5 ◦ x3 ) which proves (T1) for Left(σ).

26

Lemma 3.2 (G2 for Types). For two morphoid types σ and τ with σ ◦ τ defined, if σ and τ are weak types then σ ◦ τ is a weak type. Proof. The rank of an instance of this lemma is the maximum rank of σ and τ . We let x range over elements of σ and y range over elements of τ . The elements of σ ◦ τ are the values of the form x ◦ y. By the induction hypotheses, all such values are weak morphoids. We must show that σ ◦ τ satisfies (T1). We must show that for (x1 ◦ y1 ) ◦ (x2 ◦ y2 )−1 ◦ (x3 ◦ y3 ) defined we have that this composition is in σ ◦ τ . Since Right(σ) = Left(τ ), every value of the form y1 ◦ y2−1 can be written as x−1 1 ◦ x2 . By the induction hypotheses we have the following. (x1 ◦ y1 ) ◦ (x2 ◦ y2 )−1 ◦ (x3 ◦ y3 )

= x1 ◦ (y1 ◦ y2−1 ) ◦ x−1 2 ◦ x3 ◦ y3 −1 = x1 ◦ (x−1 4 ◦ x5 ) ◦ x2 ◦ x3 ◦ y3

=

−1 ((x1 ◦ x−1 4 ◦ x5 ) ◦ x2 ◦ x3 ) ◦ y3

= x7 ◦ y3

Lemma 3.3 (G3 for Types). Left(σ −1 ) = Right(σ) and Right(σ −1 ) = Left(σ). −1 −1 Proof. The values in Left(σ −1 ) are the values of the form x−1 . But by the groupoid 1 ◦ (x2 ) −1 induction hypotheses these are the same as the values of the form x1 ◦ x2 . But these are exactly the values in Right(σ).

Lemma 3.4 (G4 for Types). Left(σ ◦ τ ) = Left(σ) and Right(σ ◦ τ ) = Right(τ ). Proof. We will show Left(σ ◦ τ ) = Left(σ). We will use x to range over elements of σ and y range over elements of τ . We first show that every member of Left(σ ◦ τ ) is an member of Left(σ). A member of Left(σ ◦ τ ) has the form (x1 ◦ y1 ) ◦ (x2 ◦ y2 )−1 . Since Right(σ) = Left(τ ) we have that every value of the form y1−1 ◦ y2 can be written as x1 ◦ x−1 2 . By the groupoid induction hypotheses we then have the following. (x1 ◦ y1 ) ◦ (x2 ◦ y2 )−1

= x1 ◦ (y1 ◦ y2−1 ) ◦ x−1 2 −1 = x1 ◦ (x−1 3 ◦ x4 ) ◦ x2

=

−1 (x1 ◦ x−1 3 ◦ x4 ) ◦ x2 ∈ Left(σ)

For the converse we consider a value x1 ◦ x−1 2 in Left(σ). For this we have the following. x1 ◦ x−1 2

=

−1 x1 ◦ x−1 2 ◦ x2 ◦ x2

=

−1 x1 ◦ (x−1 2 ◦ x2 ) ◦ x2

=

x1 ◦ (y1 ◦ y2−1 ) ◦ x−1 2

=

(x1 ◦ y1 ) ◦ (y2−1 ◦ x−1 2 )

=

(x1 ◦ y1 ) ◦ (x2 ◦ y2 )−1 ∈ Left(σ ◦ τ )

Lemma 3.5 (G5 for Types). (σ ◦ τ ) ◦ γ = σ ◦ (τ ◦ γ). Proof. Properties (G2) and (G4) proved above imply that (σ ◦ τ ) ◦ γ is defined if and only if σ ◦ (τ ◦ γ) is defined. The values in (σ ◦ τ ) ◦ γ are the values of the form (x ◦ y) ◦ z for x ∈ σ, y ∈ τ and z ∈ γ. But by the groupoid induction hypotheses these are the same as the members of σ ◦ (τ ◦ γ). Lemma 3.6 (G6 for Types). σ −1 ◦ σ ◦ τ = τ and σ ◦ τ ◦ τ −1 = σ. 27

Proof. We will show that if σ ◦ τ is defined then σ −1 ◦ σ ◦ τ = τ . We will let x range over elements of σ and y range over elements of τ . We first show that every value y in τ is in σ −1 ◦ σ ◦ τ . For this we note −1 y = (y ◦ y −1 ) ◦ y = (x−1 ◦σ◦τ 1 ◦ x2 ) ◦ y ∈ σ −1 −1 Conversely, consider x−1 ◦σ◦τ . For this case we have (x−1 1 ◦x2 ◦y ∈ σ 1 ◦x2 )◦y1 = (y2 ◦y3 )◦y1 ∈ τ.

Lemma 3.7 (G7 for Types). Right(σ) = σ −1 ◦ σ and Left(σ) = σ ◦ σ −1 Proof. We will show that Left(σ) = σ ◦σ −1 . Property (G3) above implies that σ ◦σ −1 is defined. The result is then immediate from the definitions of Left(σ) and σ ◦ σ −1 . It is a fact of groupoids that (G8) and (G9) follow from (G1) through (G7). Lemma 3.8 ((G1) for Functions and (Fun-Left-Right)). For a morphoid function f we have that Left(f ) is the unique weak function such that Dom(Left(f )) = Left(Dom(f )) and for x ∈ Dom(f ) we have Left(f )(Left(x)) = Left(f [x]). The dual statement holds for Right. Proof. The rank of an instance of this lemma is the rank of f . We note that Dom(f ) and every element of Dom(f ) has rank less than the rank of f . We will let x range over points in Dom(f ). For x1 ◦ x−1 defined, the induction hypothesis for 2 (Composables-Equivalent) implies x1 'Dom(f ) x2 and hence f [x1 ] = f [x2 ]. This implies that the pair −1 ((x1 ◦ x−1 ) 2 ), f [x1 ] ◦ f [x2 ]

=

−1 ((x1 ◦ x−1 ) 2 ), f [x1 ] ◦ f [x1 ]

=

((x1 ◦ x−1 2 ), Left(f [x1 ]))

is a pair of Left(f ). This implies that for each element x1 ◦ x−1 2 of Left(Dom(f )) we have that this element is a first component of some pair in Left(f ). This implies that Dom(Left(f )) = Left(Dom(f )). By the induction hypothesis for (G1) we have that Dom(Left(f )) is a point type. We now have that the pairs of Left(f ) are all pairs of the form ((x1 ◦ x−1 2 ), Left(f [x1 ])). We must show that this set of pairs satisfies condition condition (F1). Consider two elements −1 −1 −1 x1 ◦x−1 2 and x3 ◦x4 of Left(Dom(f )) with (x1 ◦x2 ) =Left(Dom(f )) (x3 ◦x4 ). To show (F1) we must show that f [x1 ] = f [x3 ]. By the definition of ' we have that there exists x5 , x6 ∈ Dom(f ) with −1 (x1 ◦ x2−1 ) ◦ (x5 ◦ x−1 ◦ (x3 ◦ x−1 6 ) 4 ) defined. By the induction hypothesis for (Composables-Equivlent) we then have x1 ' x3 which by condition (F1) for f implies that f [x1 ] = f [x3 ]. Finally, we must show uniqueness. Consider a morphoid function g with Dom(g) = Left(Dom(f )) and with g[Left(x)] = Left(f [x]) = Left(f )[Left(x)]. To show that f = g we must show that −1 −1 g[x1 ◦x2−1 ] = f [x1 ◦x−1 2 ]. But (Composables-Equivalent) implies x1 ◦x2 =Left(Dom(f )) x1 ◦x1 = −1 −1 Left(x1 ) which gives g[x1 ◦ x2 ] = g[Left(x1 )] = f [Left(x1 )] = f [x1 ◦ x2 ]. Corollary 3.9 (Funs-Composable). For two morphoid functions f and g we have that f ◦ g is defined if and only if Dom(f ) ◦ Dom(g) is defined and for x ∈ Dom(f ) and y ∈ Dom(g) with x ◦ y defined we have that f [x] ◦ g[y] is defined. Proof. The rank of an instance of this lemma is the maximum rank of f and g. We let x range over elements of Dom(f ) and y range over elements of Dom(g). First suppose that f ◦ g is defined. In this case we have Right(f ) = Left(g) and by the preceding lemma this implies that Right(Dom(f )) = Left(Dom(g)) which implies that Dom(f )◦Dom(g) is defined.

28

Furthermore, for x◦y defined we have Right(x) = Left(y) which implies Right(f )(Right(x)) = Left(g)(Left(y)) which by the preceding lemma implies that Right(f [x]) = Left(g[y]) and hence f [x] ◦ g[y] is defined. Conversely suppose that Dom(f ) ◦ Dom(g) is defined and for x ◦ y defined we have f [x] ◦ g[y] defined. We must show that in this case Right(f ) = Left(g). We have that Right(Dom(f )) = Left(Dom(g)) which by the preceding lemma gives Dom(Right(f )) = Dom(Left(g)). Now consider z ∈ Dom(Right(f )) = Dom(Left(g)). We must show that Right(f )(z) = Left(g)[z]. −1 We have z = x−1 1 ◦x2 = y1 ◦y2 . This gives Right(f )[z] = Right(f )[Right(x2 )] = Right(f [x2 ]). Similarly Left(g)[z] = Left(g)[Left(y1 )] = Left(g[y1 ]). But we also have Right(x2 ) = Left(y1 ) and hence x2 ◦ y1 is defined and hence f [x1 ] ◦ f [y1 ] is defined and hence Right(f [x2 ]) = Left(g[y1 ]). We now have Right(f )[z] = Left(g)[z] which implies that Right(f ) = Left(g). Lemma 3.10 ((G2) for functions and (Fun-Composition)). For a morphoid functions f and g with f ◦ g defined we have that f ◦ g is the unique morphoid function such that Dom(f ◦ g) = Dom(f ) ◦ Dom(g) and for x ∈ Dom(f ) and y ∈ Dom(g) with x ◦ y defined we have (f ◦ g)[x ◦ y] = f [x] ◦ g[y]. Proof. The rank of an instance of this lemma is the maximum rank of f and g. Let x range over elements of Dom(f ) and let y range over elements of Dom(g). By definition we have that f ◦ g is the function consisting of the pairs of the form ((x ◦ y), f [x] ◦ g[y]). By the preceding lemma we have that f [x] ◦ g[y] is defined for every x and y such that x ◦ y is defined and hence Dom(f ◦ g) = Dom(f ) ◦ Dom(g). By (G2) we have that Dom(f ◦ g) is a point type. We must show that this set of pairs satisfies condition (F1). Consider x1 ◦ y1 and x2 ◦ y2 with (x1 ◦ y1 ) 'Dom(f )◦Dom(g) (x2 ◦ y2 ). By the induction hypothesis for ('.B) we have that x1 'Dom(f ) x2 and y1 'Dom(g) y2 . By condition (F1) on f and g we then have f [x1 ] = f [x2 ] and g[y1 ] = g[y2 ]. This implies that f [x1 ] ◦ g[y1 ] = f [x2 ] ◦ g[y2 ] which establishes (F1). Finally we must show uniqueness. It suffices to note that for any two point types σ and τ with σ ◦ τ defined, and two functions h1 and h2 with Dom(h1 ) = Dom(h2 ) = σ ◦ τ , if for any x ∈ σ and y ∈ τ with x ◦ y defined we have h1 [x ◦ y] = h2 [x ◦ y] then we have h1 = h2 . Lemma 3.11 ((G4) for functions). For two weak function f and g with f ◦ g defined we have Left(f ◦ g) = Left(f ) and Right(f ◦ g) = Right(g). Proof. By the preceding lemmas we have that Left(f ) is the unique weak function such that Dom(Left(f )) = Left(Dom(f )) and Left(f )[Left(x)] = Left(f [x]). But using the induction hypotheses and the preceding lemmas we have Dom(Left(f ◦ g)) = Left(Dom(f ◦ g))Left(Dom(f ) ◦ Dom(g)) = Left(Dom(f )) and Left(f ◦ g))[Left(x)]

=

(Left(f ◦ g))[Left(x ◦ y)]

= Left ((f ◦ g)[x ◦ y]) = Left(f [x] ◦ f [y]) = Left(f [x]) which proves the result. The proofs of (G3), (G5), (G6) and (G7) for functions are similarly straightforward applications of the above lemmas and the induction hypotheses. Intuitively, given lemmas 3.8, 3.9 and 3.10 we have that functions act like pairs or tuples. For pairs the groupoid properties always follow directly from the induction hypotheses.

29

Lemma 3.12 (Composables-Equivalent). For any morphoid type σ and for x, y ∈ σ with x ◦ y −1 defined or with x−1 ◦ y defined we have x 'σ y. Proof. An instance of this lemma has rank equal to the rank of σ. We consider the case of x◦y −1 defined. In this case x ◦ y −1 ◦ y is also defined which gives x 'σ y. Lemma 3.13 ('.A). For any weak type σ we have that 'σ is an equivalence relation on the elements of σ. Proof. For any x ∈ σ we have that x ◦ x−1 ◦ x is defined and hence x 'σ x. To show symmetry suppose x 'σ y with x ◦ z −1 ◦ y defined. In this case we have that y ◦ (x ◦ z −1 ◦ y)−1 ◦ x is defined. By condition (T1) we have (x ◦ z −1 ◦ y) ∈ σ and hence y 'σ x. For transitivity suppose x 'σ y 'σ z. In this case there exist s and t in σ that x ◦ s−1 ◦ y ◦ t−1 ◦ z is defined. But in this case we have x ◦ (t ◦ y −1 ◦ s)−1 ◦ z is defined. Condition (T1) implies (s ◦ y −1 ◦ t) ∈ σ and the result follows. Lemma 3.14 ('.B Helper). For a weak morphoid type σ and x, y ∈ σ we have x 'σ y if and only if Right(x) 'Right(σ) Right(y) and similarly for Left. Proof. An instance of this lemma has rank equal to the rank of σ. We show the case for Right. First suppose x 'σ y. In that case there exists z ∈ σ with x ◦ z −1 ◦ y defined. But in this case we have that Right(x) ◦ Right(z)−1 ◦ Right(y) = x−1 ◦ x ◦ z −1 ◦ z ◦ y −1 ◦ y is defined and hence Right(x) 'Right(σ) Right(y). Now suppose that Right(x) 'Right(σ) Right(y). In that case we have that there exist z1 , z2 ∈ σ with x−1 ◦ x ◦ z1−1 ◦ z2 ◦ y −1 ◦ y defined and the result follows from ('.A) and (Composables-Equivalent). Lemma 3.15 ('.B). For morphoid types σ and τ with σ ◦ τ defined and for x1 , x2 ∈ σ and y1 , y2 ∈ τ with x1 ◦ y1 and x2 ◦ y2 defined, we have (x1 ◦ y1 ) 'σ◦τ (x2 ◦ y2 ) if and only if x1 'σ x2 if and only if y1 'τ y2 . Proof. A instance of this lemma has rank equal to the maximum rank of σ and τ . We will let x range over instances of σ and y range over instances of τ . We first show that (x1 ◦ y1 ) 'σ◦τ (x2 ◦ y2 ) implies x1 'σ x2 . If (x1 ◦ y1 ) 'σ◦τ (x2 ◦ y2 ) then by definition there exists x3 and y3 with (x1 ◦ y1 ) ◦ (x3 ◦ y3 )−1 ◦ (x2 ◦ y2 ) defined. We also have x1 ◦ y1 ◦ (x3 ◦ y3 )−1 ◦ x2

= x1 ◦ (y1 ◦ y3−1 ) ◦ x−1 3 ◦ x2

Since we have Right(σ) = Left(τ ) we have that y1 ◦ y3−1 can be written as x−1 4 ◦ x5 and we get x1 ◦ y1 ◦ (x3 ◦ y3 )−1 ◦ x2

−1 = x1 ◦ (x−1 4 ◦ x5 ) ◦ x3 ◦ x2 −1 = x1 ◦ (x4 ◦ x−1 ◦ x2 5 ◦ x3 )

= x1 ◦ x−1 6 ◦ x2

This gives x1 'σ x2 . We now show that x1 'σ x2 implies y1 'τ y2 . By ('.B Helper) we have that x1 'σ x2 if and only if Right(x1 ) 'Right(σ) Right(x2 ). But Right(x1 ) = Left(y1 ), Right(x2 ) = Left(y2 ) and Right(σ) equals Left(τ ). So we have that x1 'σ x2 if and only if Left(y1 ) 'Left(τ ) Left(y2 ) if and only if y1 'τ y2 . Finally we show that if x1 'σ x2 and y1 'τ y2 then x1 ◦ y1 'σ◦τ x2 ◦ y2 . By definition −1 there exists x3 and y3 with x1 ◦ x−1 3 x2 and y2 ◦ y3 ◦ y1 defined. This implies that Right(x3 ) = Right(x1 ) = Left(y1 ) = Left(y3 ) and we have that x3 ◦ y3 is defined. We then have that (x1 ◦ y1 ) ◦ (x3 ◦ y3 )−1 ◦ (x2 ◦ y2 ) is defined and hence x1 ◦ y1 'σ◦τ x2 ◦ y2 . 30

Lemma 3.16 (Partner). For two pre-types σ and τ such that σ ◦ τ is defined we have that for all x ∈ σ there exists y ∈ τ with x ◦ y defined and for every y ∈ τ there exists x ∈ σ with x ◦ y defined. Proof. The rank of an instance of this lemma is the maximum rank of σ and τ . Consider x ∈ σ. By the induction hypotheses for the rank preservation and the groupoid properties we have x−1 ◦ x ∈ Right(σ). Since Right(σ) = Left(τ ) we have x−1 ◦ x = y1 ◦ y2−1 for some y1 , y2 ∈ τ . But by the induction hypothesis for the groupoid properties and rank preservation this implies that x ◦ (y1 ◦ y2−1 )−1 is defined and hence x ◦ y2 is defined. The proof that every y ∈ τ has a partner in σ is similar. Lemma 3.17 (Rank Preservation). For any morphoid x, we have R(x−1 ) = R(Left(x)) = R(Right(x)) = R(x) and if x ◦ y is defined then R(x) = R(y) = R(x ◦ y). Proof. The rank of an instance of the form R(x−1 ) = R(Left(x)) = R(Right(x)) = R(x) is the rank of x. The rank of an instance of the implication that if x ◦ y is defined then R(x) = R(y) = R(x ◦ y) is the maximum rank of x and y. By left-right duality we have R(x−1 ) = R(x). We will show that R(Left(x)) = R(x), R(Right(x)) = R(x) then follows by left-right duality. The result is immediate for Boolean values and points and follows straightforwardly from the induction hypothesis for pairs. Now consider a weak type σ and let x range over the elements of σ. We have that Left(σ) is the type containing the values of the form x1 ◦ x−1 2 . By the induction hypothesis for the groupoid properties all values of the form Left(x) = x ◦ x−1 are in Left(σ). The induction hypothesis that R(Left(x)) = R(x) then implies that the rank of Left(σ) is at least as large as the rank of σ. Also, by the induction hypothesis we have R(x1 ◦ x−1 2 ) = R(x) and hence the rank of Left(σ) is at most the rank of σ which proves the result. For a function f the result follows from the induction hypothesis and the previously proved result that Left(f ) is the function whose domain is Left(Dom(f )) and such that Left(f )[Left(x)] = Left(f [x]). We now consider the instance that x ◦ y defined implies R(x) = R(y) = R(x ◦ y). The case of points and Booleans is immediate and the case of pairs follows directly from the induction hypothesis. Now consider two types σ and τ with σ ◦ τ defined. The elements of this type are the values of the form x ◦ y for x ∈ σ and y ∈ τ . By the induction hypothesis we have that any such value has the property that R(x) = R(y) = R(x ◦ y). By the previously proved property (Partner) we have that for all x ∈ σ there exists y ∈ τ with x◦y defined and every y ∈ τ similarly has a partner in σ. This implies that the rank of σ ◦ τ equals the rank of σ and also the rank of τ. Now consider functions f and g with f ◦ g defined. For this case the result is implied by the previously proved fact that Dom(f ◦ g) = Dom(f ) ◦ Dom(g) and (f ◦ g)[x ◦ y] = f [x] ◦ g[y]. This ends the simultaneous induction proof establishing the properties other than (∼.A) and (∼.B). We now prove (∼.A) and (∼.B) from the earlier properties. Lemma 3.18 (∼.A). The relation ∼ is an equivalence relation on weak morphoids. Proof. For any x ∈ σ we have that x ◦ x−1 ◦ x is defined and hence x ∼ x. To show symmetry suxpose x ∼ y with x ◦ z ◦ y defined. In this case we have that y ◦ (y −1 ◦ z −1 ◦ x−1 ) ◦ x is defined which yields y ∼ x For transitivity suppose x 'σ y 'σ z. In this case there exist s and t with x ◦ s ◦ y ◦ t ◦ z is defined which gives x ∼ z. Lemma 3.19 (∼.B). We have x ∼ x−1 ∼ Left(x) ∼ Right(x) and for x ◦ y defined we have x ∼ y ∼ (x ◦ y). Proof. We not that x◦(x−1 ◦x)◦x−1 is defined which yields x ∼ x−1 . Also we have x◦x−1 ◦(x◦x−1 ) which yields x ∼ Left(x). Similarly we have x ∼ Right(x). Finally consider x and y with x ◦ y defined. We have that x ◦ x−1 ◦ (x ◦ y) is defined which yields x ∼ (x ◦ y). Similarly we have (x ◦ y) ∼ y. 31

3.2

Abstraction

Figure 15 defines templates and the abstraction operation. We will have that for any (strong) morphoid type, as defined in figure 17, there exists an abstract template Aσ , where the concept of an abstract template is defined in figure 15, such that for all x ∈ σ we have x =σ x@Aσ . The template Aσ will be called an interface template for σ. For example any group G, such as a permutation group, or a group of linear transformations on a vector space, can be abstracted to a group G@AGroup where the group elements of G@AGroup are points. We can abbreviate G@AGroup as G@Group and more generally for any (strong) morphoid type σ and x ∈ σ we have x@σ ∈ σ and x =σ x@σ. In general the abstraction from x to x@σ replaces all types occuring inside x with point types. This conversion of all types to point types is embodied in the definition of an abstract template in figure 15. The definition of an abstract template in figure 15 also embodies the fact that all morphoid functions have the property that their domain type is a point type. The fundamental requirement is that for x ∈ σ we have that the abstraction from x to x@σ replaces all types occuring in x with point types. This must include the domain types of functions. This conversion of types to point types is “forgetful” and this forgetting of function domain types is required for property (Abs-Distributes-Out) in figure 18. The property (Abs-Distributes-Out) is fundamental to the soundness theorems of morphoid type theory. It is not necessary to require that the domain type of every morphoid function is a point type. However, the domain type of every morphoid function occurring in an object of the form x@σ must be a point type and it is more convenient to simply require this of all functions. Functions are introduced with the axiom of choice and the axiom of choice remains sound under this restriction. For a function f on groups and a group G we define f (G) to be f [G@Point]. We can get away with this because of property (=.C) in figure 18 which gives that G =Group H if and only if G@Point =Group@TypeOf (Point) H@Point. The above discussion motivates abstract templates but does not motivate more general templates of the form TypeOf (A). These more general templates are needed for abstract interpretation as defined in figure 21. Abstract interpretation plays an important role in the proof that all values are morphoids — that if VΣ JeK ρ is defined then VΣ JeK ρ is a morphoid. Like the morphoid composition operation, the morphoid abstraction operation is partial — for a weak morphoid x and template T the abstraction x@T may or may not be defined. For example, for a weak function f the abstraction f @TypeOf (Point) is undefined — functions cannot be abstracted to types. Functions can only be abstracted to points or to functions. A similar observation applies to Booleans, pairs and types. For abstraction of a type to a type or a function to a function to be defined, the abstraction must carry forward all elements of the type or all input-ouput pairs of the function. See figure 15. Figure 16 gives properties of abstraction that hold for all weak morphoids. Stronger properties hold over (strong) morphoids. The properties that hold over weak morphoids are fairly straightforward. The property (At-Point-Defined) states that x@Point is defined for all weak morphoids x. This can be proved by a very straightforward induction on the morphoid rank of x. The property (Abs-Expansion) states that if x@T is defined then x@T @T is also defined. This can be proved by a straightforward structural induction on the template T . The proof of (Abs-Compression) is somewhat more involved and is given explicitly below. Property (AbsAlternation) states that if x@T1 @T2 is defined and x@T2 @T1 is defined then x@T1 = x@T2 . This can be proved by a straightforward structural induction on T1 . The property (Abs-RankPreservation) states that R(x@T ) ≤ R(x). This can be proved by a straightforward structural induction on T . Property (∼.C) states that if x ∼ y then x@T is defined if and only if y@T is defined. For this it suffices to prove that if x ◦ y is defined then x@T is defined if and only if y@T is defined. This can be proved by a straightfoward structural induction on T where the case of types and functions uses property (Partner) in figure 14. The proofs of (∼.D) and (∼.E) are similar. We now turn to the explicit proof of (Abs-Compression). We start with the following helper

32

Template. A template is an expression generated by the nonterminal T of the following grammar. T

::=

A | TypeOf (A) | | Pair(T1 , T2 )

A

::=

Point | TypeOf (Point) | Bool | Point → A | Pair(A1 , A2 )

Abstract Template. A template is called abstract if it is generated by the nonterminal A in the above grammar. x@T . For a morphoid x and a template T we have that x@T is specified by the following rules where the abstraction is undefined if no rule applies or if the right hand side of the rule is itself undefined. For σ@TypeOf (A) to be defined we need that x@A is defined for all x ∈ σ and for f @(Point → A) to be defined we must have f [x]@A defined for every x ∈ Dom(f ).  x for x a point x@Point = (Point, (Left(SubPoint(x)), Right(SubPoint(x)))) otherwise SubPoint(("BOOL", v))

=

("BOOL", v)

SubPoint(("PAIR", (x, y)))

=

("PAIR", (x@Point, y@Point))

SubPoint(("TYPE", s))

=

("TYPE", {x@Point, ; x ∈ s})

SubPoint(("FUN", s))

=

("FUN", {(x, y@Point), (x, y) ∈ s)

("BOOL", v)@Bool

=

("BOOL", v)

("PAIR", (x, y))@Pair(A1 , A2 )

=

("PAIR", (x@A1 , y@A2 ))

("TYPE", s)@TypeOf (A)

=

("TYPE", {x@A, ; x ∈ s})

("FUN", s)@(Point → A)

=

("FUN", {(x, y@A), (x, y) ∈ s})

x  y. For morphoids x and y we define x  y to mean that for any template T such that y@T is defined we have that x@T is also defined and x@T = y@T . Minimal Template. We say that T is a minimal template for morphoid x if x@T  x, or equivalently, if every abstraction of x factors through T . Figure 15: Abstraction. Each template T defines an abstraction operation mapping x to x@T . A justification for this particular grammar of abstractions is discussed in the text. The operation SubPoint is needed for property (Abs-Compression) in figure 16. In particular we need that (x@T )@Point = x@Point. Minimal templates are typically unique but are not unique in general. A simple example is that any template of the form TypeOf (A) is a minimal template of the empty type.

33

(At-Point-Defined) For any morphoid x we have that x@Point is defined. (Abs-Expansion) If x@T is defined then x@T @T is also defined. (Abs-Compression) For (x@T1 )@T2 defined we have (x@T1 )@T2 = x@T2 . (Abs-Alternation) For (x@T1 )@T2 defined and (x@T2 )@T1 defined we have x@T1 = x@T2 . (Abs-Rank-Preservation) R(x@T ) ≤ R(x). (.A) The relation  is a preorder (reflexive and transitive). (.B) For x@T defined we have x  x@T . (∼.C) For morphoids x and y with x ∼ y we have that x@T is defined if and only if y@T

is defined. (∼.D) For morphoids x and y with x ∼ y we have that x@T = x if and only if y@T = y. (∼.E) If x ∼ y then x and y have the same minimal templates.

Figure 16: Weak Morphoid Abstraction Properties.

lemma. Lemma 3.20 (Abs-Compression Helper). For a weak morphoid x and template T with x@T defined we have x@T @Point = x@Point. Proof. The proof is by structural induction on T . The result is immediate for T = Bool. For T = Point we have x@Point is a point and we have x@Point@Point = x@Point. For T 6= Point we have x@T @Point

=

(Point, (Left(SubPoint(x@T )), Right(SubPoint(x@T ))))

x@Point

=

(Point, (Left(SubPoint(x)), Right(SubPoint(x))))

So for T = 6 Point it suffices to show that SubPoint(x@T ) = SubPoint(x). For pairs we have the following. SubPoint(Pair(x, y)@Pair(T1 , T2 )) =

Pair(x@T1 @Point, y@T2 @Point)

=

Pair(x@Point, y@Point)

=

SubPoint(Pair(x, y))

For f @(Point → A) we have that SubPoint(f ) consists of pairs of the form (x, y@Point) for (x, y) a pair of f and SubPoint(f @(Point → A)) consists of the pairs (x, y@A@Point) for (x, y) a pair of f . By the induction hypothesis these are the same set of pairs. The case of types is similar. The property (Abs-Compression) states that for x@T1 @T2 defined we have x@T1 @T2 = x@T2 . Given lemma 3.20 to handle the base case, we can now prove (Abs-Compression) by a straightforward structural induction on T2 .

34

Interface Template. An interface template for a weak type σ is an abstract template A such that for all x ∈ σ we have x@A is defined and x@A ∈ σ. Range Template. A range template for weak function f is an abstract template A such that for all x ∈ Dom(f ) we have f [x]@A = f [x]. Morphoid. A morphoid is one of the following. • A morphoid point or Boolean value. • A morphoid type — a weak type σ such that every member of σ is a morphoid and (T2) there exists an interface template for σ. • A morphoid function — a weak function f such that for x ∈ Dom(f ) we have that f [x] is a morphoid and (F2) there exists a range template for f . • A pair Pair(x, y) where x and y are morphoids. x@σ. For a morphoid type σ and for x ∈ σ we define x@σ to be x@A for any interface A for σ. (Abs-Alternation) implies that this is independent of the choice of A. x =σ y. For a morphoid type σ and for x, y ∈ σ we define x =σ y to mean x@σ 'σ y@σ.

Figure 17: Morphoids. The morphoids are the weak morphoids which hereditarily satisfy the conditions (T2) for types and (F2) for functions.

3.3

Morphoids

The class of (strong) morphoids is defined in figure 17. Morphoids are weak morphoids that hereditarily satisfy the conditions that types have interface templates and functions have range templates. An interface template for a weak type σ is an abstract template A such that for x ∈ σ we have that x@A is defined and x@A ∈ σ. We have previously discussed the idea that the type Group has an interface template AGroup such that for any group G we have that G@AGroup is a group whose group elements are points. For the type Group the interface template is unique and is Pair(TypeOf (Point), Point → (Point → Point)). In general, however, interface templates are not unique. Any abstract template is vacuously an interface template of the empty type. This ambiguity at the empty type propagates to create other examples of types with multiple interface templates. For example, consider a type of pairs where the second component of every pair is the empty type. Typically, however, the interface template for a type is unique. Even when the interface template for σ is not unique, for x ∈ σ we can define x@σ to be x@A where A is any interface template for σ. This is well defined because for any two interface templates A and B and for x ∈ σ we must have that x@A@B and x@B@A are both defined and by (Abs-Alternation) we then have that x@A = x@B. Interface templates are central to defining isomorphism. More specifically, we have that x =σ y is defined to be x@σ 'σ y@σ. Property ('.A) states that the relation 'σ is an equivalence relation on the elements of σ. This immediately implies property (=.A) in figure 18 which states that =σ is also an equivalience relation on the elements of σ. It is useful to consider groups. We have that G =Group H is defined to mean that there exists an (abstract) group F such that (G@Group) ◦ F −1 ◦ (H@Group) is defined. The domain of F can be taken to be the point type l (π1 (G), π1 (H), f ) for some appropriate bijection f from π1 (G) to π1 (H). A range template for a function f is an abstract template A such that for all x ∈ Dom(f ) we

35

(Min-Template.A) TypeOf (A) is a minimal template for a morphoid type σ if and only if A is an interface template for σ. (Min-Template.B) Point → A is a minimal template for morphoid function f if and only if A is a range template for f . (Min-Template.C) Every morphoid has a minimal template. (Morphoid-Closure) Morphoids are closed under the groupoid operations and abstraction. (Abs-Distributes-In) For (x ◦ y)@T defined we have (x ◦ y)@T = (x@T ) ◦ (y@T ). (Abs-Distributes-Out) For A and B abstract with (x@A@B) ◦ (y@A@B) defined we have (x@A@B) ◦ (y@A@B) = ((x@A) ◦ (y@A))@B. (=.A) The relation =σ is an equivalence relation on the elements of σ. (=.B) We have that x 'σ y implies x =σ y. (=.C) We have x =σ y if and only if (x@Point) =σ@TypeOf (Point) (y@Point). (=.D) For x ∈ σ we have x =σ x@σ. (=.V1) For morphoid types σ and τ and for x1 , x2 ∈ σ and y1 , y2 ∈ τ with σ ◦ τ , x1 ◦ y1 and x2 ◦ y2 defined, we have (x1 ◦ y1 ) =σ◦τ (x2 ◦ y2 ) if and only if x1 =σ x2 if and only if y1 =τ y2 . (=.V2) For morphoid types σ and σ ˜ with σ  σ ˜ and x1 , x2 ∈ σ and x ˜1 , x ˜2 ∈ σ ˜ with x1  x ˜1 and x2  x ˜2 we have x1 =σ x2 if and only if x ˜1 =σ˜ x ˜2 . (typei ) We have that V Jtypei K is a morphoid type with interface template TypeOf (Point).

Figure 18: Morphoid Properties. The restriction on (Abs-Distributes-Out) is needed. A counter example to unrestricted outward distribution is discussed in the text.

have that f [x]@A = f [x]. While requiring the existence of a range template for every function may seem like a severe restriction, it remains consistent the with axiom of choice where the range template of a function f in σ → τ can be taken to the (or any) interface template for τ . Range templates for functions are important for the abstract interpretation defined in figure 21. As mentioned above, this abstract interpretation is needed for proving that all values are morphoids. Lemma 3.21 (Min-Template.A). TypeOf (A) is a minimal template for a morphoid type σ if and only if A is an interface template for σ. Proof. First consider an interface template A for σ and consider a template TypeOf (B) with σ@TypeOf (B) defined. We have σ@TypeOf (A) ⊆ σ which implies that σ@TypeOf (A)@TypeOf (B) is defined and hence TypeOf (A) is a minimal template for σ. Now suppose that TypeOf (A) is a minimal template for σ and let B be an interface template for σ. We then have that σ@TypeOf (B) is defined. By the definition of a minimal template we then have that σ@TypeOf (A)@TypeOf (B) is defined. This implies that for x ∈ σ we have that x@A@B is defined. But we also have that σ@TypeOf (B) ⊆ σ which implies that σ@TypeOf (B)@TypeOf (A) is defined. This implies that for x ∈ σ we have that x@B@A is defined. But by (Abs-Alternation) we then have that x@A = x@B and therefore A is an interface template for σ. 36

Lemma 3.22 (Min-Template.B). Point → A is a minimal template for morphoid function f if and only if A is a range template for f . Proof. It is easy to check that for a range template A for f we have that f @(Point → A) = f which implies that (Point → A is a minimal template for f . Conversely suppose that Point → A is a minimal template for f and let B be a range template for f . We then get that for x ∈ Dom(f ) we have that f [x]@B = f [x]@A@B is defined and also f [x]@(Point → B)@(Point → A) is defined and hence f [x]@B@A is defined. (Abs-Alternation) then gives that f [x]@A = f [x]@B which gives that A is a range template for f . Lemma 3.23 (Min-Template.C). Every morphoid has a minimal template. Proof. The proof is by induction on morphoid rank. The result is immediate for Booleans and points and follows straightforwardly form the induction hypothesis for pairs. The cases for types and functions are implied by (Min-Template.A) and (Min-Template.B) respectively. We now prove (Abs-closure), (Abs-Distributes-In) and (Abs-Distributes-Out) by a simultaneous induction on morphoid rank of the same style as the simultaneous induction in section 3.1. Each instance of these properties is assigned a rank and we prove that all instances of rank β hold assuming all instances of rank less than β hold. We start by proving closure under the groupoid operations — that groupoid properties (G1) and (G2) hold over (strong) morphoids. As in section 3.1, (G1) and (G2) are immediate for points and Booleans and follow immediately from the induction hypothesis for pairs. We explicitly prove (G1) and (G2) only for types and functions. Lemma 3.24 (G1 for Types). For a mophoid type σ we have that σ −1 , Left(σ) and Right(σ) are also morphoid types. Proof. The morphoid rank of an instance of this lemma is the rank of σ. The duality of left and right implies the result for σ −1 . We will show that Left(σ) is a morphoid type — the case for Right(σ) is similar. By definition we have that every member of σ is a morphoid and σ is a weak morphoid. We have already proved that Left(σ) is a weak morphoid. Every element of Left(σ) is of the form x1 ◦x−1 2 for x1 , x2 ∈ σ and by the induction hypothesis for (G2) we also have that every such element is a morphoid. It remains only to prove that Left(σ) has an interface template. We will show that any interface template A for σ is also an interface template for Left(σ). The values of Left(σ) are the values of the form x1 ◦x−1 2 for x1 , x2 ∈ σ. By property (∼.C) in figure 16 we have that (x1 ◦x−1 )@A is defined and by the induction hypothesis 2 −1 for (Abs-Distributes-In) we then have (x1 ◦ x−1 )@A = (x @A) ◦ (x @A) ∈ Left(σ). 1 2 2 Lemma 3.25 (G2 for Types). For two morphoid types σ and τ with σ ◦ τ defined we have that σ ◦ τ is a morphoid type. Proof. The rank of an instance of this lemma is the rank of σ which equals the rank of τ . As in the previous lemma it suffices show that every element of σ ◦ τ is a morphoid and that σ ◦ τ has an interface template. The elements of σ ◦ τ are the values of the form x ◦ y for x ∈ σ and y ∈ τ . By the induction hypothesis for (G2) we have that every such value is a morphoid. Let A be an interface template for σ. We will show that A is also an interface template for σ ◦ τ . For x ◦ y in σ ◦ τ property (∼.C) implies that (x ◦ y)@A is defined and by the induction hypothesis for (Abs-Distributes-In) we have (x ◦ y)@A = (x@A) ◦ (y@A) ∈ σ ◦ τ . Lemma 3.26 ((G1) for functions). For any morphoid function f we have that f −1 , Left(f ) and Right(f ) are morphoid functions.

37

Proof. An instance of this lemma has rank equal to the rank of f . We consider Left(f ). The range values of this function have the form Left(f [x]) for x ∈ Dom(f ). We must show that every range value is a morphoid and that there exists a range template. The induction hypothesis for (G1) implies that Left(f [x]) is a morphoid. Let A be a range template for f . By property (∼.C) implies that Left(f [x])@A is defined and the induction hypothesis for (Abs-Distributes-In) implies that Left(f [x])@A = Left(f [x]@A) = Left(f [x]). Lemma 3.27 ((G2) for functions). For morphoid functions f and g with f ◦ g defined we have that f ◦ g is a morphoid. Proof. An instance of this lemma has rank equal to the rank of f which equals the rank of g. The range values of f ◦ g are all of the form f [x] ◦ g[y]. By the induction hypothesis for (G2) these are all morphoids. To show that f ◦ g has a range template let A be a range template for f . By (∼.C) we have that f [x]◦g[y] is defined and by the induction hypothesis for this function have the form Left(f [x]) for x ∈ Dom(f ). We must show that every range value is a morphoid and that there exists a range template. The induction hypothesis for (G1) implies that Left(f [x]) is a morphoid. Let A be a range template for f . By property (∼.C) implies that Left(f [x])@A is defined and the induction hypothesis for (Abs-Distributes-In) and property (∼.D) we have (f [x] ◦ g[y])@A = (f [x]@A) ◦ (g[y]@A) = f [x] ◦ g[y]. Lemma 3.28 (Abstraction-Closure). For a morphoid value x and template T with x@T defined we have the x@T is a morphoid. Proof. The rank of an instance of this lemma is the rank of x. The result is immediate for x@Point or x@Bool and follows from the induction hypothesis for x@Pair(T1 , T2 ). For functions we have that the range elements of f @(Point → A) are all values of the form f [x]@A. By the induction hypothesis we have that f [x]@A is a morphoid. (Abs-Compression) implies that f [x]@A@A = f [x]@A and hence A is a range template for f @(Point → A). For a morphoid type σ we have that σ@TypeOf (A) is the set of values of the form x@A. By the induction hypothesis all such values are morphoids and by (Abs-Compression) we have x@A@A = x@A and we have that A is an interface template for σ@TypeOf (A). For types we must also show that σ@TypeOf (A) satisfies condition (T1). We must show that for x, y, z ∈ σ with (x@A) ◦ (y@A)−1 ◦ (z@A) defined we have (x@A) ◦ (y@A)−1 ◦ (z@A) ∈ σ@TypeOf (A). We are given that σ has an interface template B. Since x@B ∈ σ we must have x@B@A is defined abd similarly for y and z. The induction hypothesis for (Abs-Distributes-Out) then gives (x@A) ◦ (y@A)−1 ◦ (z@A)

=

(x@B@A) ◦ (y@B@A)−1 ◦ (z@B@A)

=

((x@B) ◦ (y@B)−1 ◦ (z@B))@A

∈

σ@TypeOf (A)

Lemma 3.29 (Abs-Distributes-In Helper). If x ◦ y is defined for x and y other than points then SubPoint(x ◦ y) = SubPoint(x) ◦ SubPoint(y). Proof. The rank of an instance of this lemma is the rank of x which equals the rank of y.

38

If x and y are Boolean values or points then SubPoint(x) = x and SubPoint(y) = y and the result is immediate. For pairs the induction hypothesis for (Abs-Distributes-In) gives SubPoint(Pair(x, y) ◦ Pair(x0 , y 0 )) =

SubPoint(Pair(x ◦ x0 , y ◦ y 0 ))

= Pair((x ◦ x0 )@Point, (y ◦ y 0 )@Point) = Pair((x@Point) ◦ (x0 @Point), (y@Point) ◦ (y 0 @Point)) = Pair(x@Point, y@Point) ◦ Pair(x0 @Point, y 0 @Point) = SubPoint(Pair(x, y)) ◦ SubPoint(Pair(x0 , y 0 )) Now consider two function f and g with f ◦ g defined. Let x range over the points in Dom(f ) and y range over the points in Dom(g). We have that SubPoint(f ◦ g) is the function whose domain is Dom(f )◦Dom(g) and such that SubPoint(f ◦g)[x◦y] = (f [x]◦g[y])@Point. But by the induction hypothesis for (Abs-Distributes-in) we have that this is the same as the function mapping x ◦ y to (f [x]@Point) ◦ (g[y]@Point). This gives that SubPoint(f ◦ g) is the same function as SubPoint(f ) ◦ SubPoint(g). Finally, consider two morphoid types σ and τ with σ ◦ τ defined. We will let x range over elements of σ and y range over elements of τ . We first show that if SubPoint(σ) ◦ SubPoint(τ ) is also defined then SubPoint(σ◦τ ) = SubPoint(σ)◦SubPoint(τ ). For this we must show that these two point types contain the same points. The induction hypothesis for (Abs-Distributes-In) gives (x ◦ y)@Point = (x@Point) ◦ (y@Point) ∈ SubPoint(σ) ◦ SubPoint(τ ) which establishes SubPoint(σ◦τ ) ⊆ SubPoint(σ)◦SubPoint(τ ). Conversely, consider (x@Point)◦(y@Point) ∈ SubPoint(σ) ◦ SubPoint(τ ). Let B be an interface template for σ. By (Min-Template.A) we have that TypeOf (B) is a minimal template for σ. By (∼.E) we have that TypeOf (B) is also a minimal template for τ and by (Min-Template.A) we have that B is also an interface template for τ . By (Abs-Compression) we have that x@B@Point = x@Point and y@B@Point = y@Point. The induction hypotheses for (Abs-Distributes-Out) then gives (x@Point) ◦ (y@Point)

=

(x@B@Point) ◦ (y@B@Point)

=

((x@B) ◦ (y@B))@Point

∈

SubPoint(σ ◦ τ )

Next we show that for any type σ we have Left(SubPoint(σ)) = SubPoint(Left(σ)) and similarly for right. For this we note that SubPoint(σ) ◦ SubPoint(σ −1 ) is defined and hence SubPoint(σ ◦ σ −1 ) = SubPoint(σ) ◦ SubPoint(σ)−1 . Finally, we must show that if σ ◦ τ is defined then SubPoint(σ)◦SubPoint(τ ) is defined. For this we note that Right(SubPoint(σ)) = SubPoint(Right(σ)) = SubPoint(Left(τ )) = Left(SubPoint(τ )). Lemma 3.30 (Abs-Distributes-In). If (x ◦ y)@T is defined then (x@T ) ◦ (y@T ) is also defined and (x ◦ y)@T = (x@T ) ◦ (y@T ). Proof. The rank of an instance of this lemma is the rank of x which equals the rank of y. We first consider (x◦y)@Point. If x and y are points we have x@Point = x and y@Point = y

39

and the result is immediate. If x and y are not points then lemma 3.29 gives (x ◦ y)@Point

(Point, (Left(SubPoint(x ◦ y)), Right(SubPoint(x ◦ y))))    Left(SubPoint(x) ◦ SubPoint(y)), = Point, Right(SubPoint(x) ◦ SubPoint(y))

=

=

(Point, (Left(SubPoint(x)), Right(SubPoint(y))))

=

(Point, (Left(SubPoint(x)), Right(SubPoint(x)))) ◦ (Point, (Left(SubPoint(y)), Right(SubPoint(y))))

=

(x@Point) ◦ (y@Point).

We now consider (x ◦ y)@T for T = 6 Point. In this case if x and y are Boolean we must have x@T = x and y@T = y and the result is immediate. For pairs the induction hypothesis for (Abs-Distributes-In) gives (Pair(s, t) ◦ Pair(u, w))@Pair(T1 , T2 ) =

Pair((s ◦ u)@T1 , (t ◦ w)@T2 )

=

Pair((s@T1 ◦ u@T1 ), (t@T2 ◦ w@T2 ))

=

(Pair(s, t)@Pair(T1 , T2 )) ◦ (Pair(u, w)@Pair(T1 , T2 )).

Now consider morphoid functions f and g with (f ◦g)@(Point → A) defined. Let x range over points in Dom(f ) and let y range over points in Dom(g). We will first show that (f @(Point → A)) ◦ (g@(Point → A)) is defined. For this we use the criterion for definedness of function composition given in property (Funs-Composable). First we note that Dom(f @(Point → A)) = Dom(f ) and Dom(g@(Point → A)) = Dom(g) and since f ◦ g is defined we have Dom(f ) ◦ Dom(g) is defined. For x ∈ Dom(f ) and y ∈ Dom(g) with x ◦ y defined we must show that f @(Point → A)[x] ◦ g@(Point → A)[y] is defined. But f [x] ◦ f [y] is defined and by (∼.C) we have that (f [x] ◦ f [y])@A is defined. By the induction hypothesis for (Abs-Distributes-In) we then have that f [x]@A ◦ g[y]@A is defined. To prove that the equality holds we note that (f @(Point → A)) ◦ (g@(Point → A)) and (f ◦ g)@(Point → A) have the same domain and both map x ◦ y to (f [x] ◦ g[y])@A = f [x]@A ◦ g[y]@A. For types it suffices to consider (σ ◦τ )@TypeOf (A). We let x range over members of σ and y range over members of τ . The members of (σ ◦ τ )@TypeOf (A) have the form (x ◦ y)@A. But by the induction hypothesis for (Abs-Distributes-In) every such member can be written as (x@A) ◦ (y@A) and we have (σ ◦ τ )@TypeOf (A) ⊆ (σ@TypeOf (A)) ◦ (τ @TypeOf (A)). Conversely, consider (x@A) ◦ (y@A) ∈ (σ@TypeOf (A)) ◦ (τ @TypeOf (A)). Let B be an interface template for σ. By (∼.E) and (Min-Template.A) we have that B is also an interface template for τ . We then have x@B ∈ σ and y@B ∈ τ which implies that x@B@A and y@B@A are defined. By (AbsCompression) we have that x@B@A = x@A and y@B@A = y@A. By the induction hypothesis for (Abs-Distributes-Out) we then have (x@A) ◦ (y@A)

=

(x@B@A) ◦ (y@B@A)

= ((x@B) ◦ (y@B))@A ∈ (σ ◦ τ )@TypeOf (A).

Lemma 3.31 (Abs-Distributes-Out Helper). For an abstract template A and for (x@A@Point)◦ (y@A@Point) defined we have that (x@A ◦ y@A)@Point is also defined with (x@A@Point) ◦ (y@A@Point) = (x@A ◦ y@A)@Point.

40

Proof. The rank of an instance of this lemma is the maximum rank of x and y. Given (Abs-Distributes-In) and rank-preservation at the current rank, it suffices to show that if (x@A@Point) ◦ (y@A@Point) is defined then (x@A) ◦ (y@A) is defined. If A is Point then the result follows from (Abs-Compression). For A = 6 Point we have that (x@A@Point) ◦ (y@A@Point) is defined if and only if SubPoint(x@A) ◦ SubPoint(y@A) is defined. So it suffices to show that for A 6= Point, if SubPoint(x@A) ◦ SubPoint(y@A) is defind then (x@A) ◦ (y@A) is defined. Assume that SubPoint(x@A) ◦ SubPoint(y@A) is defind. We show must that (x@A) ◦ (y@A) is defined. The result is straightforward for A = Bool. If A = TypeOf (Point) then x@A and y@A are point types and we have SubPoint(x@A) = x@A and SubPoint(y@A) = y@A and the result follows. For A = Pair(B, C) we have that SubPoint(Pair(x@B, y@C))◦SubPoint(Pair(x0 @B, y 0 @C)) is defined and must show that Pair(x@B, y@C) ◦ Pair(x0 @B, y 0 @C) is defined. Noting that SubPoint(Pair(z, w)) = Pair(z@Point, y@Point) we have that (x@B@Point)◦(x0 @B@Point) and (y@C@Point) ◦ (y 0 @C@Point) must be defined. By the induction hypothesis for (AbsDistributes-Out) we then get that (x@B) ◦ (x0 @B) and (y@C) ◦ (y 0 @C) are both defined which implies the lemma. Now suppose A = Point → B and consider functions f, g with SubPoint(f @(Point → B)) ◦ SubPoint(g@(Point → B)) defined. Let x range over Dom(f ) and y range over Dom(g). We have Dom(SubPoint(f @(Point → N ))) = Dom(f ) and Dom(SubPoint(g@(Point → B))) = Dom(g). By (Funs-Composable) we then have that the definedness of SubPoint(f @(Point → B)) ◦ SubPoint(g@(Point → B)) implies the definedness of Dom(f @(Point → B))◦Dom(g@(Point → B)). Furthermore, for x◦ y ∈ Dom(f )◦Dom(g) the definedness of SubPoint(f @(Point → B))◦SubPoint(g@(Point → B)) implies that (f [x]@B@Point) ◦ (g[y]@B@Point) is defined. By the induction hypothesis for (Abs-Distributes-Out) we then have that (f [x]@B) ◦ (g[y]@B) is defined which implies the lemma. Lemma 3.32 (Abs-Distributes-Out). For A and B abstract with (x@A@B) ◦ (y@A@B) defined we have that ((x@A) ◦ (y@A))@B is also defined and (x@A@B) ◦ (y@A@B) = ((x@A) ◦ (y@A))@B. Proof. The rank of an instance of this lemma is the maximum rank of x and y. The case of B = Point is handled by lemma 3.31 and we can assume B 6= Point. Note that this implies that A 6= Point. Given (Abs-Distributes-In) and rank preservation at the current rank, it suffices to show that under the conditions of the lemma we have that (x@A) ◦ (y@A) is defined. We will now do a case analysis on A. If A = Bool the result is straightforward. For pairs the result follows straightforwardly from the induction hypothesis. Now consider two functions f, g with (f @(Point → C)@(Point → D)) ◦ (g@(Point → C)@(Point → D)) defined. Let x range over elements of Dom(f ) and let y range over elements of Dom(g). By an argument similar to that used in the proof of lemma 3.31 we get that for x ◦ y in Dom(f ) ◦ Dom(g) we have (f [x]@C@D) ◦ (g[y]@C@D) is defined. By the induction hypothesis we then get that f [x]@C ◦ g[y]@C is defined which implies the lemma. For types we note that the only abstract template for types is TypeOf (Point). For A = TypeOf (Point) then x@A and y@A must be point types and B must be either TypeOf (Point) or TypeOf (Point). In either case x@A@B = x@A and y@A@B = y@A and the result follows.

41

This completes the simultaneous induction proof and properties (Abs-Closure), (Abs-DistributesIn) and (Abs-Distributes-Out) are now fully established. It is worth noting a counter example to unrestricted outward distribution. At a hight level unrestricted outward distribution fails because the mapping from a type τ to τ @TypeOf (Point) is forgetful — for two elements x, y ∈ τ with Left(x) = Left(y) and Right(x) = Right(y) we get x@Point = y@Point and the distinction between x and y is forgotten. For a concrete counter example let σ be a type containing only points of the form Point(i, i). Let τ1 and τ2 be types representing different permutation groups on σ. More explicitly, each element of τ1 is a type γf representing a bijection f from σ to σ — the elements of γf are points of the form Point(i, j) where Point(i, j) ∈ γf if and only if f (Point(j, j)) = Point(i, i). The type τ2 is similar but represents a different permutation group on σ. Since τ1 and τ2 represent permutation groups we have that τ1 and τ2 are closed under both composition and inverse. For any type τ closed under both composition and inverse we have that τ contains identity elements of the form x ◦ x−1 and x−1 ◦ x and we get that Left(τ ) = τ and similarly for right. We then have that Right(τ1 ) = τ1 6= τ2 = Left(τ2 ) and hence τ1 ◦ τ2 is not defined. But now consider (τ1 @TypeOf (Point)) ◦ (τ2 @TypeOf (Point)). The elements of τi @TypeOf (Point) are the points of the form Point(Left(SubPoint(γf )), Right(SubPoint(γf ))). Since γf is a point type we have SubPoint(γf ) = γf . We also have that Left(γf ) = γf ◦ γf−1 = γf ◦f −1 = γI = σ and similarly for Right(γf ). So τ1 @TypeOf (Point) contains only the single point Point(σ, σ) and the same holds for τ2 . We then have that (τ1 @TypeOf (Point)) ◦ (τ2 @TypeOf (Point)) is defined but distribution-out fails. We now prove the remaining properties in figure 18. Lemma 3.33 (=.A). The relation =σ is an equivalence relation on the elements of σ. Proof. By definition we have that x =σ y if and only if x@σ 'σ y@σ. The result then follows from ('.A) which states that 'σ is an equivalence relation on the elements of σ. Lemma 3.34 (=.B). For x, y ∈ σ we have x 'σ y implies x =σ y. Proof. Assume x 'σ y. In this case there exists z ∈ σ such that x ◦ z −1 ◦ y is defined. By (AbsDistributes-In) we then have that (x@σ) ◦ (z@σ)−1 ◦ (y@σ) is defined which implies x =σ y. Lemma 3.35 (=.C). For any morphoid type σ, and for x, y ∈ σ, we have x =σ y if and only if x@Point =σ@TypeOf (Point) y@Point. Proof. Let A be an interface template for σ. First assume x =σ y. In this case there exists z ∈ σ such that (x@A) ◦ z −1 ◦ (y@A) is defined. By (Abs-Distributes-In) we then have that (x@A@Point) ◦ (z@Point)−1 ◦ (y@A@Point) is defined. By (Abs-Compression) we then have that (x@Point) ◦ (z@Point)−1 ◦ (y@@Point) is defined which implies x@Point =σ@TypeOf (Point) y@Point. Conversely, suppose that x@Point =σ@TypeOf (Point) y@Point. This implies that there exists z ∈ σ such that (x@Point) ◦ (z@Point)−1 ◦ (y@Point) is defined. We then have that x@A is defined and by (Abs-Compression) we have x@Point = x@A@Point and similarly for z and y. This gives that (x@A@Point) ◦ (z@A@Point)−1 ◦ (y@A@Point) is defined and by (Abs-distributes-Out) we have that (x@A) ◦ (z@A)−1 ◦ (y@A) is defined which implies x =σ y. Lemma 3.36 (=.D). For x ∈ σ we have x =σ x@σ. 42

Proof. Let A be an interface template for σ. ((x@A)@A) is defined.

It suffices to note that (x@A) ◦ (x@A)−1 ◦

Lemma 3.37 (=.V1). For morphoid types σ and τ and for x1 , x2 ∈ σ and y1 , y2 ∈ τ with σ ◦ τ , x1 ◦ y1 and x2 ◦ y2 defined, we have (x1 ◦ y1 ) =σ◦τ (x2 ◦ y2 ) if and only if x1 =σ x2 if and only if y1 =τ y2 . Proof. Let A be an interface template for σ. By (Min-Template.A) and (∼.E) we then have that A is also an interface template for τ and σ ◦ τ . By (Abs-distributes-in) and ('.B) we have (x1 ◦ y1 ) =σ◦τ (x2 ◦ y2 ) iff

(x1 ◦ y1 )@A 'σ◦τ (x2 ◦ y2 )@A

iff

((x1 @A) ◦ (y1 @A)) 'σ◦τ ((x2 @A) ◦ (y2 @A))

iff

(x1 @A) 'σ (x2 @A)

iff

x1 =σ x2

Similarly we get equivalence to y1 =τ y2 . Lemma 3.38 (=.V2). For morphoid types σ and σ ˜ with σ  σ ˜ and x1 , x2 ∈ σ and x ˜1 , x ˜2 ∈ σ ˜ with x1  x ˜1 and x2  x ˜2 we have x1 =σ x2 if and only if x ˜1 =σ˜ x ˜2 . Proof. The definition of  gives x1 @Point = x ˜1 @Point and x2 @Point = x ˜2 @Point and σ@TypeOf (Point) = σ ˜ @TypeOf (Point). Property (=.C) then gives x1 =σ x2

iff x1 @Point =σ@TypeOf (Point) x2 @Point iff x ˜1 @Point =σ˜ @TypeOf (Point) x ˜2 @Point iff x ˜1 =σ˜ x ˜2

Lemma 3.39 ((type0 ) Helper). If σ and τ are discrete morphoid types with σ ◦ τ defined then σ ◦ τ is also discrete. Proof. This follows immediately from (=.V1). Lemma 3.40 (type0 ). V JSetK is a mophoid type. Proof. V JSetK is the type containing all discrete morphoid types in the universe Vκ0 where κ0 is the smallest uncountable inaccessible cardinal. By definition every member of V JSetK is a morphoid. We must show condition (T1) and that V JSetK has an interface template. For condition (T1) it suffices to show that V JsetK is closed under inverse and composition. Leftright duality implies closure under inverse. ((type0 ) Helper) or (=.V1) implies that V JSetK is closed under composition. We also have that TypeOf (Point) is an interface template for V JSetK. To see this we first note that (Abs-Closure) implies that for σ ∈ V JSetK we have that σ@TypeOf (Point) is a morphoid type. The properties of Grothendiek universes impliy that σ@TypeOf (Point) ∈ Vκ0 . Property (=.C) implies that σ@TypeOf (Point) is discrete. Lemma 3.41 (typei ). In general we have that V Jtypei K is a morphoid type. Proof. The proof is the same as that for V JSetK except that for i > 0 we do not have to check for discreteness. Note that V JSetK ∈ V JClassK and that V JSetK is not discrete — for any two sets σ and τ we have that σ =Set τ if and only if σ and τ have the same cardinality.

43

Discrete Type. A type σ is called discrete if for all x, y ∈ σ we have that x =σ y implies x = y. f (x). For a morphoid function f and morphoid x we have that f (x) is defined if x@Point ∈ Dom(f ). If f (x) is defined then we have that f (x) = f [x@Point]. σ → τ . For morphoid types σ and τ we define σ → τ to be the set of morphoid functions f with Dom(f ) = σ@TypeOf (Point) and such that for all x ∈ σ we have f (x) ∈ τ and f (x)@τ = f (x). The(σ). We assume a fixed global choice function The such that for any morphoid type σ with exactly one equivalence class we have The(σ) ∈ σ and The(σ)@σ = The(σ). l (σ, τ, f ). We define πi on points by π1 (Point(i, j)) = i and π2 (Point(i, j)) = j. For morphoid types σ and τ and bijection f ∈ σ → τ we define l (σ, τ, f ) to be the type containing the points Point(π1 (y@Point), π2 (x@Point)) for x ∈ σ and y ∈ τ with y =τ f (x). iso(σ, x, y). For a morphoid type σ, and for morphoids x and y with x@σ and y@σ defined, we define iso(σ, x, y) to be the type whose members are the morphoids z ∈ σ such that (x@σ) ◦ z −1 ◦ (y@σ) is defined. Figure 19: Additional Definitions.

(→.A) For morphoid types σ and τ we have that σ → τ is a morphoid type and for any interface template A for τ we have that Point → A is an interface template for σ → τ . (→.V1) For morphoid types σ1 , σ2 , τ1 and τ2 with σ1 ◦ σ2 defined and τ1 ◦ τ2 defined we have that (σ1 → τ1 ) ◦ (σ2 → τ2 ) is also defined and (σ1 ◦ σ2 ) → (τ1 ◦ τ2 ) = (σ1 → τ1 ) ◦ (σ2 → τ2 ). (→.V2) For morphoid types σ, σ ˜ , τ and τ˜ with σ  σ ˜ and τ  τ˜ we have (σ → τ )  (˜ σ → τ˜). (App.V1) For functions f and g with f ◦g defined and values x and y with f (x) and f (y) defined and x◦y defined we have that (f ◦g)(x◦y) and f (x)◦f (y) are both defined and (f ◦g)(x◦y) = f (x)◦g(y). (App.V2) For morphoid functions f and f˜ with f  f˜, and morphoids x and x ˜ with x  x ˜, and such that f (x) and f˜(˜ x) are both defined, we have f (x)  f˜(˜ x). (l.A) For morphoid types σ, τ and bijection f ∈ σ → τ we have that l (σ, τ, f ) is a morphoid point type. (l.B) For σ, τ ∈ V Jtypei K and for a bijection f ∈ σ → τ , we have l (σ, τ, f ) ∈ iso(V Jtypei K , σ, τ ). (Iso) For a morphoid type σ and morphoids x and y we have that iso(σ, x, y) is a morphoid type and any interface template for σ is also an interface template for iso(σ, x, y).

Figure 20: Additional Properties.

44

3.4

Additional Definitions and Properties

Figure 19 gives some additional definitions. These additional definitions cover all remaining constructs used the definition of the value function given in figure 10. Some properties of these definitions are given in figure 20 and proved here. Lemma 3.42 (Iso). For a morphoid type σ and morphoids x and y we have that iso(σ, x, y) is a morphoid type and any interface template for σ is also an interface template for iso(σ, x, y). Proof. We have that the elements of iso(σ, x, y) are elements of σ and hence are morphoids. We must show that iso(σ, x, y) satisfies condition (T1) and has an interface template. For condition (T1) consider z1 , z2 , z3 ∈ iso(σ, x, y) with z1 ◦ z2−1 ◦ z3 defined. Since zi ∈ σ we have that there exists x ˜i and y˜i with x  x ˜i and y  y˜i and with x ˜i ◦ zi−1 ◦ y˜i defined. We then have that x ˜3 ◦ (z1 ◦ z2−1 ◦ z3 )−1 ◦ y˜1 is defined and hence (z1 ◦ z2−1 ◦ z3 ) ∈ iso(σ, x, y). For the second part of the lemma let A be an interface template for σ and consider z ∈ iso(σ, x, y). Let x ˜ and y˜ be such that x  x ˜ and y  y˜ and x ˜ ◦ z −1 ◦ y˜ is defined. We have z@A ∈ σ and by (Abs-Distributes-In) we have (˜ x@A) ◦ (z@A)−1 ◦ (˜ y @A) which establishes that z@A ∈ iso(σ, x, y). Lemma 3.43 (l.A). For morphoid types σ and τ and a bijection f ∈ σ → τ we have that l (σ, τ, f ) is a morphoid point type. Proof. Recall that we have defined πi on points by π1 (Point(i, j)) = i and π2 (Point(i, j)) = j and that l (σ, τ, f ) is defined to be the type whose members are the points of the form Point(π1 (y@Point), π2 (x@Point)) for x ∈ σ and y ∈ τ with y =τ f (x). Since l (σ, τ, f ) contains only points, we need only show condition (T1). We let x range over elements of σ and y range over elements of τ . To show (T1) we suppose that ◦ ◦

Point(π1 (y1 @Point), π2 (x1 @Point)) Point(π1 (y2 @Point), π2 (x2 @Point))−1 Point(π1 (y3 @Point), π2 (x3 @Point))

is defined. This composition is equal to Point(π1 (y1 @Point), π2 (x3 @Point)). We must show that this point is in l (σ, τ, f ) and, in particular, that f (x3 ) =τ y1 . We will show f (x3 ) =τ y3 =τ y2 =τ f [x2 @Point] =τ f [x1 @Point] =τ y1 . For this it now suffices to show y3 =τ y2 and x2 @Point =σ@TypeOf (Point) x1 @Point. Since the above composition is defined we have π2 (x1 @Point) = π2 (x2 @Point) which implies Right(x1 @Point) = Right(x2 @Point) which by (Composables-Equivalent) implies x1 @Point =σ@TypeOf (Point) x2 @Point. Similarly, the definedness of the above composition implies Left(y2 @Point) = Left(y3 @Point) which by (Composables-Equivalent) implies that (y2 @Point) =τ @TypeOf (Point) (y3 @Point). By (=.C) we then have y2 =τ y1 . Lemma 3.44 ((l.B) First Helper). For morphoid type σ we have that Left(σ@TypeOf (Point)) is the set of points of the form Point(π1 (x1 @Point), π1 (x2 @Point)) for x1 , x2 ∈ σ with x1 =σ x2 . The dual statement holds for Right and π2 . Proof. We show containment in both directions. Consider a point in Left(σ@TypeOf (Point)). Such a point has the form (x1 @Point) ◦ (x2 @Point)−1 for x1 , x2 ∈ σ. Such a point can be written as Point(π1 (x1 @Point), π1 (x2 @Point)) with Right(x1 @Point) = Right(x2 @Point). (Composables-Equivalent) implies x1 @Point =σ@TypeOf (Point) x2 @Point and property (=.C) implies x1 =σ x2 . Conversly consider x1 , x2 ∈ σ with x1 =σ x2 . We must show Point(π1 (x1 @Point), π1 (x2 @Point)) ∈ Left(σ@TypeOf (Point)). 45

By (=.C) we have x1 @Point =σ@TypeOf (Point) x2 @Point. This implies that there exists x3 ∈ σ with (x1 @Point) ◦ (x3 @Point)−1 ◦ (x2 @Point) defined. We then have Left(x2 @Point) = Left(x3 @Point) and we have Point(π1 (x1 @Point), π1 (x2 @Point))

= Point(π1 (x1 @Point), π1 (x3 @Point)) = x1 ◦ x−1 3 ∈

Left(σ@TypeOf (Point))

Lemma 3.45 ((l.B) Second Helper). For any morphoid types σ and τ , and any bijection f in σ → τ , we have Left(l (σ, τ, f )) = Left(τ @TypeOf (Point)) and Right(l (σ, τ, f )) = Right(σ@TypeOf (Point)). Proof. We will show Left(l (σ, τ, f )) = Left(τ @TypeOf (Point)) by showing containment in both directions. By definition l (σ, τ, f ) is the set of points Point(π1 (y@Point), π2 (x@Point)) for x ∈ σ and y ∈ τ with f (x) =τ y. This implies that Left(l (σ, τ, f )) is the set of points of the form Point(π1 (y1 @Point), π1 (y2 @Point)) such that there exists x1 , x2 ∈ σ with Right(x1 @Point) = Right(x2 @Point) and with y1 =τ f (x1 ) and y2 =τ f (x2 ). (ComposablesEquivalent) implies that for any such x1 and x2 we have x1 @Point =σ@TypeOf (Point) x2 @Point and hence y1 =τ f [x1 @Point] = f [x2 @Point] =τ y2 . By the preceding lemma we have that any point of the form Point(π1 (y1 @Point), π1 (y2 @Point)) with y1 =τ y2 is a member of Left(τ @TypeOf (Point)) and we have now have Left(l (σ, τ, f )) ⊆ Left(τ @TypeOf (Point)). Conversely the preceding lemma states that any member of Left(τ @TypeOf (Point)) is a point of the form Point(π1 (y1 @Point), π1 (y2 @Point)) with y1 =τ y2 . Let x ∈ σ be such that f (x) =τ y1 =τ y2 . Such an x must exist because f is a bijection. We then have Point(π1 (y1 @Point), π2 (x@Point)) and Point(π1 (y2 @Point), π2 (x@Point)) in l (σ, τ, f ) which gives that Point(π1 (y1 @Point), π1 (y2 @Point)) ∈ Left(l (σ, τ, f )).

Lemma 3.46 (l.B). For σ, τ ∈ V Jtypei K and for a bijection f ∈ σ → τ , we have l (σ, τ, f ) ∈ iso(V Jtypei K , σ, τ ). Proof. (l.A) states that that l (σ, τ, f ) is a point type and the properties of Grothendiek universes imply l (σ, τ, f ) ∈ V Jtypei K. It then suffices to show that (σ@TypeOf (Point))◦ l (σ, τ, f )−1 ◦ (τ @TypeOf (Point)) is defined. But this follows from the second helper lemma above. Lemma 3.47 (→.A). For morphoid types σ and τ we have that σ → τ is a morphoid type and for any interfate template A for τ we have that Point → A is an interface template for σ → τ . Proof. We have that σ → τ is the set of morphoid functions f with Dom(f ) = σ@TypeOf (Point) and such that for x ∈ σ we have f (x) ∈ τ . By definition every element of σ → τ is a morphoid. It remains to show conditions (T1) and that for any interface template template A for τ we have that Point → A is an interface template for σ → τ . To show (T1) consider f, g, h ∈ σ → τ with f ◦ g −1 ◦ h defined. By property (Fun-Composition) we have that f ◦ g −1 ◦ h is the function with domain Dom(f ) ◦ Dom(g)−1 ◦ Dom(h) = σ@TypeOf (Point) and satisfying (f ◦ g −1 ◦ h)[x] = f [x] ◦ g[x]−1 ◦ h[x]. Now consider an interface template A for τ . We must show that for f ∈ σ → τ we have that f @(Point → τ ) ∈ σ → τ . This is straightforward. Lemma 3.48 (→.V1). For morphoid types σ1 , σ2 , τ1 and τ2 with σ1 ◦σ2 defined and τ1 ◦τ2 defined we have that (σ1 → τ1 )◦(σ2 → τ2 ) is also defined and (σ1 ◦σ2 ) → (τ1 ◦τ2 ) = (σ1 → τ1 )◦(σ2 → τ2 ).

46

Proof. Throughout the proof we will let x range over elements of σ1 and y range over elements of σ2 . We first show that if (σ1 → τ1 ) ◦ (σ2 → τ2 ) is defined then the equation holds. We will show containment of instances in each direction. For h ∈ (σ1 → τ1 ) ◦ (σ2 → τ2 ) we must show h ∈ (σ1 ◦ σ2 → τ1 ◦ τ2 ). By definition h has the form f ◦ g with f ∈ (σ1 → τ1 ) and g ∈ (σ2 → τ2 ). By property (Funs-Composable) we have Dom(f ◦ g) = Dom(f ) ◦ Dom(g) = (σ1 @TypeOf (Point)) ◦ (σ2 @TypeOf (Point)). Since σ1 ◦ σ2 is defined, property (Abs-Commutes-In) gives (σ1 @TypeOf (Point)) ◦ (σ2 @TypeOf (Point)) = (σ1 ◦ σ2 )@TypeOf (Point). It remains only to show that (f ◦ g)(x ◦ y) ∈ τ1 ◦ τ2 . But by (Abs-Commutes-In) and property (Fun-Composition) we have (f ◦ g)[(x ◦ y)@Point] = (f ◦ g)[(x@Point) ◦ (y@Point)] = f (x) ◦ g(y) ∈ τ1 ◦ τ2 . Conversely consider h ∈ (σ1 ◦ σ2 → τ1 ◦ τ2 ). We must show h ∈ (σ1 → τ1 ) ◦ (σ2 → τ2 ). More specifically we must show that h can be written as f ◦ g for f ∈ (σ1 → τ1 ) and g ∈ (σ2 → τ2 ). We have h(x ◦ y) ∈ τ1 ◦ τ2 . For each equivalence class |x ◦ y| of σ1 ◦ σ2 we can select f (|x ◦ y|) ∈ τ1 and g(|x ◦ y|) ∈ τ2 such that h(x ◦ y) = f (|x ◦ y|) ◦ g(|x ◦ y|). By lemma (=.V1) we have that x1 =σ1 x2 if and only if x1 ◦ y1 =σ1 ◦σ2 x2 ◦ y2 . This implies that we can define f 0 (|x|) = f (|x ◦ y|) and this definition is independent of the choice of y. We can define g 0 (|y|) similarly. We then have h(x ◦ y) = f 0 (x) ◦ g 0 (y). Property (=.C) implies that f 0 and g 0 can be defined with Dom(f 0 ) = σ1 @TypeOf (Point) and Dom(g 0 ) = σ2 @TypeOf (Point). We can also select values so that f 0 and g 0 have range templates equal to an interface template of τ1 which by the properties (∼) must also be an interface template of τ2 . This gives Dom(h) = (σ1 ◦ σ2 )@TypeOf (Point) = σ1 @TypeOf (Point) ◦ σ2 @TypeOf (Point) = Dom(f 0 ) ◦ Dom(g 0 ). We now have h = f 0 ◦ g 0 ∈ (σ1 → τ1 ) ◦ (σ2 → τ2 ) as desired. Finally, we must now show that if σ1 ◦σ2 is defined and τ1 ◦τ2 is defined then (σ1 → τ1 )◦(σ2 → τ2 ) is defined. For this we note that (σ → τ ) ◦ (σ → τ )−1 is defined and hence by above proof we have Left(σ → τ ) = Left(σ) → Left(τ ). The corresponding statement holds for Right and we get Right(σ1 → τ1 )

= Right(σ1 ) → Right(τ1 ) = Left(σ2 ) → Left(τ2 ) = Left(σ1 → τ2 )

Lemma 3.49 (→.V2). For morphoid types σ, σ ˜ , τ and τ˜ with σ  σ ˜ and τ  τ˜ we have (σ → τ )  (˜ σ → τ˜). Proof. We must show that if (˜ σ → τ˜)@TypeOf (Point → A) is defined then we have that (˜ σ → τ˜)@TypeOf (Point → A) is also defined and (1) (σ → τ )@TypeOf (Point → A) = (˜ σ → τ˜)@TypeOf (Point → A). Since σ  σ ˜ we have σ@TypeOf (Point) = σ ˜ @TypeOf (Point). This implies that all functions in both function types have the same domain. If σ is empty then all the function types involved contain only the empty function and the result holds. So we can assume that σ is non-empty. To show that (σ → τ )@TypeOf (Point → A) is defined consider f ∈ σ → τ . It suffices to show that f @(Point → A) is defined. For this it suffices to show that for any x ∈ Dom(f ) we have that f [x]@A is defined. But since (˜ σ → τ˜)@TypeOf (Point → A) is defined, and we have assumed there is some x ∈ σ ˜ @TypeOf (Point), we must have that y@A is defined for all y ∈ τ˜. Since τ  τ˜ we must then have that z@A is defined for all z ∈ τ and hence f [x]@A is defined. To show (1) let B be an interface template for τ˜. We then have (2) τ @TypeOf (B) = τ˜@TypeOf (B) ⊆ τ˜.

47

To show (1) we show containment in both directions. First, let f be a function in σ → τ . We must show that f @(Point → A) is in (˜ σ → τ˜)@TypeOf (Point → A). Let g be the function defined by g[x] = f [x]@B. Equation (2) implies g ∈ (˜ σ → τ˜). Property (Abs-Compression) now implies f @(Point → A) = g@(Point → A) ∈ (˜ σ → τ˜)@TypeOf (Point → A). For the converse consider a morphoid function g ∈ σ ˜ → τ˜. For each value of the form g[x]@B equation (2) implies that there exists y ∈ τ with y@B = g[x]@B. We can pick one such y for each equivalence class of σ@TypeOf (Point) to get a function f ∈ σ → τ with f [x]@B = g[x]@B. This gives g@(Point → A) = f @(Point → A) ∈ (σ → τ )@TypeOf (Point → A).

Lemma 3.50 (App.V1). For functions f and g with f ◦ g defined and values x and y with f (x) and f (y) defined and x ◦ y defined we have that (f ◦ g)(x ◦ y) and f (x) ◦ f (y) are both defined and (f ◦ g)(x ◦ y) = f (x) ◦ g(y). Proof. For f ◦y defined we have Dom(f )◦Dom(g) defined. For f (x) defined we have x@Point ∈ Dom(f ) and for g(y) defined we have y@Point ∈ Dom(g). By (Abs-Commutes-In) we have (x ◦ y)@Point = (x@Point) ◦ (y@Point) ∈ Dom(f ◦ g). By (Fun-Composition) we then have (f ◦ g)(x ◦ y)

=

(f ◦ g)[(x@Point) ◦ (y@Point)]

=

f [x@Point] ◦ g[y@Point]

=

f (x) ◦ g(y)

Lemma 3.51 (App.V2). For morphoid functions f and f˜ with f  f˜, and morphoids x and x ˜ with x  x ˜, and such that f (x) and f˜(˜ x) are both defined, we have f (x)  f˜(˜ x). Proof. Let A be a range template for f˜. By the definition of a range template we have that f˜@(Point → A) = f˜. Since f  f˜ we have f @(Point → A) = f˜. This implies that Dom(f ) = Dom(f˜). Since x  x ˜ we also have that x@Point = x ˜@Point. Now consider a template B such that f˜(˜ x)@B is defined. We now have f˜(˜ x)@B

=

f˜[x@Point]@A@B

=

(f @(Point → A))[x@Point]@B

=

f [x@Point]@A@B

=

f [x@Point]@B

=

f (x)@B

48

4

Soundness Proofs

We now prove the soundness of the inference rules under morphoid semantics. Section 4.1 proves that every value is a morphoid — for V JΣK and VΣ JeK defined, and for ρ ∈ V JΣK, we have that VΣ JeK ρ is a morphoid. The main difficulty in this proof is establishing that an interface template exists for pair type expressions — that VΣ Jτ K ρ has an interface template in the case where τ is a dependent pair type. This is done by defining an abstract interpretation function T JeK η with the property that for V JΣK defined, and VΣ JeK defined, and ρ ∈ V JΣK and η a minimal template for ρ, we have that T JeK η is a minimal template for VΣ JeK ρ. Section 4.2 proves the soundness of the inference rule for forming pair types. Section 4.1 has already proved that pair type expressions denote morphoid types. However, to show Σ |= τ : typei one must show that the expression τ satisfies conditions (V1) and (V2) in figure 9. The proof of soundness for this one rule excercises most of the components of morphoid type theory. Section 4.3 proves the soundness of the substitution rule in figure 2 and of the isomorphism rules in figure 6. Section 4.4 proves the soundness of the remaining rules. Before considering the various soundness proofs we observe the following consequences of properties (V1) and (V2). Lemma 4.1. For Σ; x : σ |= e[x] : τ [x] and for ρ ∈ V JΣK let σ ∗ abbreviate VΣ JσK ρ, and for u ∈ VΣ JσK ρ let e∗ [u] abbreviate VΣ;x : σ Je[x]K ρ[x ← u]. If ρ(y) is a morphoid for all variables y assigned a value by ρ (which we prove below to be true) then we have the following corollaries of (V1) and (V2). (1) For u1 , u2 , u3 ∈ σ ∗ with u1 ◦ u−1 2 ◦ u3 defined we have ∗ ∗ −1 ∗ e∗ [u1 ◦ u−1 2 ◦ u3 ] = e [u1 ] ◦ e [u2 ] ◦ e [u3 ].

(2) For u ∈ σ ∗ we have e∗ [u]  e∗ [u@σ ∗ ]. (3) For u ∈ σ ∗ with e∗ [u@σ ∗ ]@T defined we have e∗ [u@σ ∗ ]@T = e∗ [u]@T . Proof. For (1) consider u1 , u2 , u3 ∈ σ ∗ with u1 ◦ u−1 2 ◦ u3 defined. By the definition of Σ x : σ |= e[x] : τ we have that V JΣ; x : σK is defined and hence Σ |= σ :: typei . This implies that σ ∗ is a −1 ∗ morphoid type and hence u1 ◦ u−1 2 ◦ u3 ∈ σ . We then have ρ[x ← (u1 ◦ u2 ◦ u3 )] ∈ V JΣ; x : σK. −1 −1 But since ρ(y) = ρ(y) ◦ ρ(y) ◦ ρ(y) we have ρ = ρ ◦ ρ ◦ ρ and −1 ρ[x ← (u1 ◦ u−1 ◦ ρ[x ← u3 ]. 2 ◦ u3 )] = ρ[x ← u1 ] ◦ ρ[x ← u2 ]

By (V1) we then have e∗ [u1 ◦ u−1 2 ◦ u3 ]

= = =

VΣ;x : σ Je[x]K ρ[x ← (u1 ◦ u−1 2 ◦ u3 )]

VΣ;x : σ Je[x]K (ρ[x ← u1 ] ◦ ρ[x ← u2 ]−1 ◦ ρ[x ← u3 ]) e∗ [u1 ] ◦ e∗ [u2 ]−1 ◦ e∗ [u3 ]

For (2) we note that by property (.B) we have u  u@σ ∗ which implies ρ[x ← u]  ρ[x ← u@σ ∗ ]. By (V2) we then have (2). Part (3) follows from part (2) and the definition of .

4.1

All Values are Morphoids

Figure 21 defines a form of abstract interpretation [Cousot and Cousot, 1977] which computes a minimal template for an expression e using an assignment η of a minimal template for each free variable of e. We now prove the following theorem which simultaneously establishes that all values are morphoids and that the template evaluation in figure 21 produces minimal templates. 49

Structure Template. A structure template is a mapping from a finite set of variables to templates. Minimal Structure Template. For a structure ρ and structure template η defined on the same variables as ρ we say that η is a minimal template for ρ if for each variable x we have that η(x) is a minimal template for ρ(x). T JeK η. For an expression e and structure template η the following rules define a template T JeK η where T JeK η is undefined if no rule applies or if some expression on the right hand side of the matching rule is undefined. T JxK η

T JBoolK η

T Jtypei K η

T Jσ → τ K η

T JSubType (x : σ, Φ[x])K η T JPairOf (x : σ, y : τ [x])K η

= η(x) = TypeOf (Bool) = TypeOf (TypeOf (Point)) = TypeOf (Point → Mem(T Jτ K η)) = T JσK η



= TypeOf

 Pair

T Jf (e)K η

= Range(T Jf K η)

T Jπi [e]K η

= πi (T JeK η)

T JPair(u, w)K η T Jl (σ, τ, f )K η

T Jiso(σ, a, b)K η

T JThe(x : σ, Φ[x])K η T JΦK η

Mem(T JσK η), Mem(T Jτ [x]K η[x ← Mem(T JσK η)])



= Pair(T JuK η, T JwK η)

= TypeOf (Point) = T JσK η

= Mem(T JσK η)

= Bool for Φ a subscripted equality, absolute equality, expression of the form (e :: σ), disjunction, negation, or quantified formula Mem(TypeOf (A))

= A

Range(Point → A)

=

πi (Pair(T1 , T2 ))

A

= Ti

Figure 21: Template Evaluation. For VΣ JeK defined, ρ ∈ V JΣK and η a minimal template of ρ we have that T JeK η is a minimal template of VΣ JeK ρ.

50

Theorem 4.2. (1) For V JΣK defined and ρ ∈ V JΣK we have that ρ is a morphoid structrure, i.e., ρ(x) is a morphoid for each variable x declared in Σ. (2) For VΣ JeK defined, for ρ ∈ V JΣK, and η a minimal template of ρ, we have that VΣ JeK ρ is a morphoid with minimal template T JeK η. Proof. The proof is by induction on the combined syntactic complexity of Σ and e. Part (1) is immediate for the empty context and follows immediately from the induction hypothesis for contexts Σ; Φ with V JΣ; ΦK ⊆ V JΣK. Now consider a context of the form Σ; x : σ and consider ρ[x ← v] with v ∈ VΣ JσK ρ. By the induction hypothesis we have that ρ is a morphoid structure and by the induction hypothesis for (2) we have that VΣ JσK ρ is a morphoid type and hence v is a morphoid and ρ[x ← v] is a morphoid structure. For the proof of (2) there is a case for each clause in the definition VΣ JeK ρ. Many of these cases are immediate. For example, the lemma is immediate for variables and Boolean expressions. The case of function applications f (w), pairs Pair(u, w) and projections πi (w) are also essentially immediate. The case of typei is handled by property (typei ) in figure 18. The cases of iso(σ, x, y), l (σ, τ, f ), and σ → τ are handled by properties (Iso), (l.A) and (→.A) respectively in figure 20. For the case of definite descriptions we note that the definition of The(σ) in figure 19 implies that any interface template of σ is a minimal template of The(σ). We now explicitly handle the cases of pair types and subtypes. Each of these two cases is written as a lemma where the proof makes use of the induction hypothesis for theorem 4.2. Before proving the case of pair types it is worth pointing out the delicate nature of this lemma and the need for template evaluation. As a first example consider the following type of magmas — structures with a binary operation not subject to any conditions. ` Pair(α : Set, f : α × α → α) : Class The interface template for this type is Pair(TypeOf (Point), Point → (Point → Point)). However, a particular magma Pair(α, f ) will in general have a minimal template different from the interface template for magmas — the domain type α is not required to be a point type. The derivation of the magma type involves the sequent α : Set ` α × α → α : Set. When we consider an arbitrary set (type) α we have that interface template of α need not be TypeOf (Point). The interface template for α × α → α is Point → (Point → Aα ) where Aα is the interface template of α. More generally, consider x : σ ` τ [x] : typei . As the magma example shows, the interface template for τ [x] in general depends on the choice of x. However, we must show that the pair type PairType(x : σ, y : τ [x]) has a single interface template. Another interesting example is the following where we take N to be the type of natural numbers. f : N → Set ` PairOf (x : N , y : f (x)) : Set. Here the requirement that every function has a range type is important. Since range types must be abstract, the range type of f must be TypeOf (Point). Lemma 4.3. Property (2) of theorem 4.2 holds for VΣ JPairOf (x : σ, y : τ [x])K ρ. 51

Proof. Since VΣ JPairOf (x : σ, y : τ [x])K is defined we have Σ |= σ : typei and Σ; x : σ |= τ [x] : typei (for some i). Let σ ∗ abbreviate VΣ JσK ρ and for u ∈ σ ∗ let τ ∗ [u] abbreviate VΣ; x : σ Jτ [x]K ρ[x ← u]. We have VΣ JPairOf (x : σ, y : τ [x])K ρ = ("TYPE", {Pair(u, w), u ∈ σ ∗ , w ∈ τ ∗ [u]}). We must show that this a morphoid type. By the induction hypothesis we have that σ ∗ is a morphoid type and for u ∈ σ ∗ we have that τ ∗ [u] is a morphoid type. This implies that every member of the pair type is a morphoid pair. To show condition (T1) Consider u1 , u2 , u3 ∈ σ ∗ with u1 ◦ u−1 2 ◦ u3 defined and consider w1 ∈ τ ∗ [u1 ], w2 ∈ τ ∗ [u2 ] and w3 ∈ τ ∗ [u3 ] with w1 ◦ w2−1 ◦ w3 defined. We must show that −1 Pair(u1 ◦ u−1 2 ◦ u3 , w1 ◦ w2 ◦ w3 ) ∗ is in the pair type. By condition (T1) on σ ∗ we have u1 ◦ u−1 2 ◦ u3 ∈ σ . We must show that −1 −1 ∗ w1 ◦ w2 ◦ w3 ∈ τ [u1 ◦ u2 ◦ u3 ]. By lemma 4.1 on the entailment Σ; x : σ |= τ [x] : typei we ∗ ∗ −1 have τ ∗ [u1 ◦ u−1 ◦ τ ∗ [u3 ]. Since w1 ◦ w2−1 ◦ w3 ∈ τ ∗ [u1 ] ◦ τ ∗ [u2 ]−1 ◦ τ ∗ [u3 ] 2 ◦ u3 ] = τ [u1 ] ◦ τ [u2 ] this proves the result. We must also show that the pair type has an interface template and that template evaluation computes such a minimal template for the pair type. By property (Min-Template.C) we have that there exists a minimal template η for ρ. We will show that T JPairOf (x : σ, y : τ [x])K η is a minimal template for the pair type. Let A abbreviate Mem(T JσK η) and let B abbreviate Mem(T Jτ [x]K η[x ← A]). We have that

T JPairOf (x : σ, y : τ [x])K η = TypeOf (Pair(A, B)). By (Min-Template.A) it now suffices to show that Pair(A, B) is an interface template for the pair type. By the induction hypothesis we have that A is an interface template for σ ∗ and for u ∈ σ ∗ we have that B is an interface template for τ ∗ [u@A]. Consider Pair(u, w) with u ∈ σ ∗ and w ∈ τ ∗ [u]. We must show that Pair(u@A, w@B) is in the pair type. By condition (V2) of Σ; x : σ |= τ [x] : typei we have that τ ∗ [u]  τ ∗ [u@A]. We then get τ ∗ [u]@TypeOf (B) = τ ∗ [u@A]@TypeOf (B). Since w ∈ τ ∗ [u] we then have that w@B is defined. Furthermore, w@B = w0 @B for some w0 ∈ τ ∗ [v@A]. We now have Pair(u@A, w@B) = Pair(u@A, w0 @B) with w0 ∈ τ ∗ [u@A] which proves the result. Lemma 4.4. Property (2) of theorem 4.2 holds for VΣ JSubType(x : σ, Φ[x])K ρ.

Proof. Consider ρ ∈ V JΣK. Let σ ∗ abbreviate VΣ JσK ρ and for u ∈ σ ∗ let Φ∗ [u] abbreviate VΣ;∈typex σ JΦ[x]K ρ[x ← u]. We have VΣ JSubType(x : σ, Φ[x])K ρ = ("TYPE", {u ∈ σ ∗ s.t. Φ∗ [u]}).

We have that every element of this type is an element of σ ∗ and hence is a morphoid. Condition (T1) for the subtype type follows from condition (T1) for σ ∗ and condition (V1) of Σ; x : σ |= Φ[x] : Bool. More explicitly, consider u1 , u2 , u3 in the subtype. We must show that u1 ◦ u−1 2 ◦ u3 is in the subtype. We have u1 , u2 , u3 ∈ σ ∗ and Φ∗ [u1 ], Φ∗ [u2 ] and Φ∗ [u3 ]. By condition (T1) ∗ of σ ∗ we have that (u1 ◦ u−1 2 ◦ u3 ) ∈ σ . By condition (V1) of Σ; x : σ |= Φ[x] : Bool we have −1 ∗ ∗ ∗ ∗ Φ [u1 ◦ u2 ◦ u3 ] = Φ [u1 ] ◦ Φ [u2 ] ◦ Φ [u3 ] = True which implies that u1 ◦ u−1 2 ◦ u3 is in the subtype. Now let A be an interface template for σ ∗ and consider u ∈ σ ∗ such that Φ∗ [u]. By condition (V1) of Σ; x : σ |= Φ[x] : Bool we have Φ∗ [u]  Φ∗ [u@A] which implies Φ∗ [u@A] and hence u@A is in the subtype. 52

4.2

The Soundness of Pair Type Formation

The following lemma is relevant to the proof of the soundness of pair type formation. Lemma 4.5. If Σ |= e : τ then (V3) for ρ, γ ∈ V JΣK with ρ ◦ γ defined we have (VΣ JeK ρ) ◦ (VΣ JeK γ) is defined.

Proof. Consider ρ1 , ρ2 ∈ V JΣK with ρ1 ◦ ρ2 defined. Let e∗i abbreviate VΣ JeK ρi . We have −1 ρ1 ◦ ρ2 ◦ ρ−1 2 = ρ1 ∈ V JΣK. By property (V1) of Σ |= e : τ we then have VΣ JeK (ρ1 ◦ ρ2 ◦ ρ2 ) = ∗ ∗ ∗ −1 ∗ ∗ e1 ◦ e2 ◦ e2 which gives that e1 ◦ e2 is defined.

We have that (V1) implies (V3). It will be convenient below to prove (V3) as a first step in proving (V1). The pair type formation rule is Σ ` σ : typei Σ; x : σ ` τ [x] : typei Σ ` PairOf (x : σ, y : τ [x]) : typei The previous section established that when the antecedents of this rule are valid we have Σ |= PairOf (x : σ, y : τ [x]) :: typei . But we have not yet established that the pair type expression satisfies conditions (V1) and (V2) as required in figure 9. Before giving this proof, it is insightful to point out the following corollary of condition (V1). Lemma 4.6. The inference rule for pair type formation is sound. Proof. As discussed above, we must show that the conclusion of the rule satisfies conditions (V1) and (V2) in figure 9. For condition (V1) consider ρ1 , ρ2 , ρ3 ∈ V JΣK with (ρ1 ◦ ρ−1 2 ◦ ρ3 ) ∈ V JΣK. We must show that VΣ JPairOf (x : σ, y : τ [x])K (ρ1 ◦ ρ−1 2 ◦ ρ3 ) =

VΣ JPairOf (x : σ, y : τ [x])K ρ1 ◦ VΣ JPairOf (x : σ, y : τ [x])K ρ−1 2 ◦ VΣ JPairOf (x : σ, y : τ [x])K ρ3 . We will first show (V3) for the pair type. For this, consider ρ1 , ρ2 ∈ V JΣK with ρ1 ◦ρ2 defined. Let σi∗ abbreviate VΣ JσK ρi and for u ∈ σi∗ let τi∗ [u] abbreviate VΣ;x : σ Jτ [x]K ρ[x ← u]. We must show that the set of pairs of the form Pair(Right(u), Right(w)) for u ∈ σ1∗ and w ∈ τ1∗ [u] is the same as the set of pairs of the form Pair(Left(u), Left(w)) for u ∈ σ2∗ and w ∈ τ2∗ [u]. We will show that every pair of the first form is also of the second form. The converse is similar. Consider u1 ∈ σ1∗ and w1 ∈ τ1∗ [u1 ]. It now suffices to show that there exists u2 ∈ σ2∗ and w2 in τ2∗ [u2 ] with u1 ◦ u2 and w1 ◦ w2 defined. By (V1) for the first antecedent and (V1-Corollary) we have (V3) for the first antecedent. This gives that σ1∗ ◦ σ2∗ is defined and by (Partner) there exists u2 ∈ σ2∗ with u1 ◦ u2 defined. We then have ρ1 [x ← u1 ] and ρ2 [x ← u2 ] are both in V JΣ; x : σK with (ρ1 [x ← u1 ]) ◦ (ρ2 [x ← u2 ]) defined. By (V3) of the second antecedent we then get that τ1∗ [u1 ] ◦ τ2∗ [u2 ] is defined. By (Partner) we then have that there exists w2 ∈ τ2∗ [u2 ] with w1 ◦ w2 defined. We have now established (V3) for the pair type. To show (V1) for the pair type consider ρ1 , ρ2 , ρ3 ∈ V JΣK with ρ1 ◦ ρ−1 2 ◦ ρ3 defined and (ρ1 ◦ ρ−1 2 ◦ ρ3 ) ∈ V JΣK. (V3) implies that VΣ JPairOf (x : σ, y : τ [x])K ρ1 ◦ VΣ JPairOf (x : σ, y : τ [x])K ρ−1 2 ◦ VΣ JPairOf (x : σ, y : τ [x])K ρ3 .

53

is defined. We must show that this equals VΣ JPairOf (x : σ, y : τ [x])K (ρ1 ◦ ρ−1 2 ◦ ρ3 ). We show containment in both directions. To show that every member of the former is a member −1 of the latter consider ui ∈ σi∗ and wi ∈ τi∗ (ui ) with u1 ◦ u−1 2 ◦ u3 defined and w1 ◦ w2 ◦ w3 defined. We must show −1 −1 Pair(u1 ◦ u−1 2 ◦ u3 , w1 ◦ w2 ◦ w3 ) ∈ VΣ JPairOf (x : σ, y : τ [x])K (ρ1 ◦ ρ2 ◦ ρ3 ).

By condition (V1) of the first antecedent we have ∗ ∗ −1 VΣ JσK (ρ1 ◦ ρ−1 ◦ σ3∗ 2 ◦ ρ3 ) = σ1 ◦ σ2

which gives (u1 ◦ u2−1 ◦ u3 ) ∈ VΣ JσK (ρ1 ◦ ρ−1 2 ◦ ρ3 ).

By condition (V1) of the second antecedent we have

−1 VΣ; x : σ Jτ [x]K (ρ1 ◦ ρ−1 2 ◦ ρ3 )[x ← (u1 ◦ u2 ◦ u3 )]

= VΣ; x : σ Jτ [x]K (ρ1 [x ← u1 ] ◦ ρ2 [x ← u2 ]−1 ◦ ρ3 [x ← u3 ]) = τ1∗ [u1 ] ◦ τ2∗ [u2 ]−1 ◦ τ3∗ [u3 ]

which gives −1 (w1 ◦ w2−1 ◦ w3 ) ∈ VΣ; x : σ Jτ [x]K (ρ1 ◦ ρ−1 2 ◦ ρ3 )[x ← (u1 ◦ u2 ◦ u3 )].

For the converse consider Pair(u, w) ∈ VΣ JPairOf (x : σ, y : τ [x])K (ρ1 ◦ ρ−1 2 ◦ ρ3 ). We then have

∗ ∗ −1 u ∈ VΣ JσK (ρ‘ 1 ◦ ρ−1 ◦ σ3∗ . 2 ◦ ρ3 ) = σ1 ◦ σ2

Hence there exist ui ∈ σi∗ such that u = u1 ◦ u−1 2 ◦ u3 . We also have w

∈ = = =

VΣ x : σ Jτ [x]K (ρ1 ◦ ρ−1 2 ◦ ρ3 )[x ← u]

−1 VΣ x : σ Jτ [x]K (ρ1 ◦ ρ−1 2 ◦ ρ3 )[x ← (u1 ◦ u2 ◦ u3 )]

VΣ x : σ Jτ [x]K (ρ1 [x ← u1 ] ◦ ρ2 [x ← u2 ]−1 ◦ ρ3 [x ← u3 ])

τ1∗ [u1 ] ◦ τ2∗ [u2 ]−1 ◦ τ3∗ [u3 ]

This now implies that there exist wi ∈ τi [ui ] with w = w1 ◦ w2−1 ◦ w3 which proves (V1) for the pair type. To show (V2) consider ρ, ρ˜ ∈ V JΣK with ρ  ρ˜. We must show VΣ JPairOf (x : σ, y : τ [x])K ρ  VΣ JPairOf (x : σ, y : τ [x])K ρ˜. Let σ ∗ abbreviate VΣ JσK ρ and let σ ˜ ∗ abbreviate VΣ JσK ρ˜. For u ∈ σ ∗ let τ ∗ [u] abbreviate ∗ VΣ;x : σ Jτ [x]K ρ[x ← u] and for u ˜∈σ ˜ let τ˜[˜ u] abbreviate VΣ;x : σ Jτ [x]K ρ˜[x ← u ˜]. We will let u range over elements of σ ∗ and w range over elements of τ ∗ [u]. Similarly we let u ˜ range over elements of σ ˜ ∗ and w ˜ range over elements of τ˜[˜ u]. Let η be a minimal template for ρ˜ and let A = Mem(T JσK η) and B = Mem(T Jτ [x]K η[x ← A]). By theorem 4.2 we have that Pair(A, B) is an interface template for the pair type. Note that for any u ˜∈σ ˜ ∗ and w ˜ ∈ τ ∗ [˜ u] we have Pair(˜ u@A, w@B) ˜ ∈ VΣ JPairOf (x : σ, y : τ [x])K ρ˜. 54

We must show that for any abstract templates C, D such that VΣ JPairOf (x : σ, y : τ [x])K ρ˜ @ TypeOf (Pair(C, D))

is defined, and any u ∈ σ ∗ and w ∈ τ ∗ [u] we have that u@C and w@D are defined and, furthermore, the set of pairs of the form Pair(u@C, w@D) with u ∈ σ ∗ and w ∈ τ ∗ [u] is the same as the set of pairs of the form Pair(˜ u@C, w@D) ˜ with u ˜∈σ ˜ ∗ and w ˜ ∈ τ˜∗ [˜ u]. ∗ ∗ From property (V2) of the first antecedent we have σ  σ ˜ which implies σ ∗ @TypeOf (A) = σ ˜ ∗ @TypeOf (A). This implies that for any u ∈ σ ∗ we have that u@A is defined and equal to u ˜@A for some u ˜∈σ ˜ ∗ . This implies that u@A ∈ σ ˜ ∗ . Furthermore, u@A@C = u@C is defined. Also, we have ρ[x ← u]  ρ˜[x ← u@A] and by property (V2) of the second antecedent we have τ ∗ [u]  τ˜∗ [u@A] which implies τ ∗ [u]@TypeOf (B) = τ˜∗ [u@A]@TypeOf (B). This implies that w@B equals w@B ˜ for some w ˜ in τ˜∗ [u@A]. This implies that w@B@D ˜ = w@B@D = w@D is defined. This also shows that every pair of the form Pair(u@C, w@D) is equal to a pair of the form Pair(˜ u@C, w@D). ˜ It remains only to show the converse. Consider a pair of the form Pair(˜ u@C, w@D) ˜ with u ˜ ∈ σ ˜ ∗ and w ˜ ∈ τ˜∗ [˜ u]. Since σ ∗ @TypeOf (A) = σ ˜ ∗ @TypeOf (A) we have that u ˜@A equals u@A for some u ∈ σ ∗ . As before, we then have τ ∗ [u]  τ˜∗ [u@A] which implies that w@B ˜ equals w@B for some w ∈ τ ∗ [u]. We then have Pair(˜ u@C, w@D) ˜

4.3

=

Pair(˜ u@A@C, w@B@D) ˜

=

Pair(u@A@C, w@B@D)

=

Pair(u@C, w@D)

The Soundness of Substitution and the Isomorphism Rules

Lemma 4.7. The substitution rule Σ; x : σ ` e[x] : τ x is not free in τ Σ ` w =σ u Σ ` e[w] =τ e[u] is sound Proof. Consider ρ ∈ V JΣK. Let σ ∗ abbreviate VΣ JσK ρ and similarly for τ ∗ , w∗ and u∗ . For u ∈ σ ∗ let e∗ [u] abbreviate VΣ;x : σ Je[x]K ρ[x ← u]. Let Aσ be an interface template for σ ∗ and let Aτ be an interface template for τ ∗ . We must show that the validity of the antecedents of the rule implies e∗ [w∗ ] =τ ∗ e∗ [u∗ ]. We have that Σ |= w =σ u implies w∗ ∈ σ ∗ and u∗ ∈ σ ∗ and that there exists z ∈ σ ∗ such that (w∗ @Aσ ) ◦ z −1 ◦ (u∗ @Aσ ) is defined. Condition (V1) on the first antecedent then implies that e∗ [w∗ @Aσ ] ◦ e∗ [z]−1 ◦ e∗ [u∗ @Aσ ] is defined. By (Abs-Distributes-In) we then have that e∗ [w∗ @Aσ ]@Aτ ◦ (e∗ [z]@Aτ )−1 ◦ e∗ [u∗ @Aσ ]@Aτ is defined. By condition (V2) on the first antecedent we have e∗ [w∗ ]  e∗ [w∗ @Aσ ] and hence e∗ [w∗ @Aσ ]@Aτ = e∗ [w∗ ]@Aτ and similarly for u∗ . We now have that e∗ [w∗ ]@Aτ ◦ (e∗ [z]@Aτ )−1 ◦ e∗ [u∗ ]@Aτ is defined which implies the result. 55

We now consider the isomorphism inference rules in figure 6. The first row of inference rules is the following. Lemma 4.8. The inference ruls Σ ` σ, τ : typei Σ ` f : Bijection[σ, τ ] Σ `l (σ, τ, f ) :: iso(typei , σ, τ )   ∀x : σ ∀y : τ (x ]l(σ,τ,f ) y) Σ`  ⇔ f (x) =τ y is sound. Proof. Consider ρ ∈ V JΣK and let σ ∗ , τ ∗ and f ∗ be defined as usual. The soundness of the first conclusion of the first rule follow from property (l.B). To show the soundness of the second conclusion consider u ∈ σ ∗ and w ∈ τ ∗ . First suppose u ]l(σ∗ ,τ ∗ ,f ∗ ) w. In this case there exists p ∈ l (σ ∗ , τ ∗ , f ∗ ) such that (u@Point) ◦ p−1 ◦ (w@Point) is defined. By the definition of l (σ ∗ , τ ∗ , f ∗ ) the point p has the form Point(π1 (w0 @Point), π2 (u0 @Point)) for u0 ∈ σ ∗ and w0 ∈ τ ∗ with f ∗ (u0 ) =τ ∗ w0 . We now have that (u@Point) ◦ (u0 @Point)−1 is defined which implies (u@Point) 'σ∗ @TypeOf (Point) (u0 @Point) which implies u =σ∗ u0 . Similarly we have w =τ ∗ w0 . This gives f ∗ (u) = f ∗ (u0 ) =τ ∗ w0 =τ ∗ w. Conversely suppose w =τ ∗ f ∗ (u). We must show that there exists p ∈ l (σ ∗ , τ ∗ , f ∗ ) such that (u@Point) ◦ p−1 ◦ (w@Point) is defined. But by the definition of l (σ ∗ , τ ∗ , f ∗ ) we have that Point(π1 (w@Point), π2 (u@Point)) ∈ l (σ ∗ , τ ∗ , f ∗ ). Lemma 4.9. The inference rules Σ ` a3 :: iso(σ, a1 , a2 ) Σ ` b3 :: iso(τ, b1 , b2 )

Σ ` a, b : σ Σ ` a3 :: iso(σ, a1 , a2 ) 



PairOf (σ, τ ), Σ ` Pair(a3 , b3 ) :: iso  Pair(a1 , b1 ),  Pair(a2 , b2 )

  a =σ b ⇔ Σ`  a ]σ b

Σ ` a3 :: σ

are sound. Proof. The soundness of these rules follows immediately from the definitions involved. Lemma 4.10. The inference rule Σ ` Pair(a1 , b1 ), Pair(a2 , b2 ) : PairOf (x : σ, y : τ [x]) Σ ` a3 :: iso(σ, a1 , a2 ) Σ ` b1 ]τ [a3 ] b2 Σ ` Pair(a1 , b1 ) =PairOf (x : σ, y : τ [x]) Pair(a2 , b2 ) is sound. Proof. Consider ρ ∈ V JΣK and let a∗i , b∗i , σ ∗ and τ ∗ [u] for u ∈ σ ∗ be defined as usual. Let PairOf (x : σ ∗ , y : τ ∗ [x]) abbreviate VΣ JPairOf (x : σ, y : τ [x])K ρ. Let Aσ be an interface template 56

for σ ∗ , let Aτ be an interface template for τ ∗ [a∗3 ], and let Aτ˜ be an interface template for τ ∗ [a∗3 @Aσ ]. Theorem 4.2 implies that Pair(Aσ , Aτ˜ ) is an interface for PairOf (x : σ ∗ , y : τ ∗ [x]). The validity of the third antecedent implies that there exists b3 ∈ τ ∗ [a∗3 ] such that (b∗1 @Aτ ) ◦ −1 b3 ◦ (b2 @Aτ ) is defined. This immediately gives Pair(a∗3 , b3 ) ∈ PairOf (x : σ ∗ , y : τ ∗ [x]) and that (Pair(a1 , b1 )@Pair(Aσ , Aτ )) ◦ Pair(a∗3 , b∗3 )−1 ◦ (Pair(a1 , b1 )@Pair(Aσ , Aτ )) is defined. By (Abs-Distributes-In) and (Abs-Compression) we then have that (Pair(a1 , b1 )@Pair(Aσ , Aτ˜ )) ◦ (Pair(a∗3 , b∗3 )@Pair(Aσ , Aτ˜ ))−1 ◦ (Pair(a1 , b1 )@Pair(Aσ , Aτ˜ )) is defined which implies the lemma. Lemma 4.11. The rule Σ ` a1 : σ, a2 : σ, a3 :: iso(σ, a1 , a2 ) Σ; x : σ ` PairOf (τ1 [x], τ2 [x]) : typei Σ ` b1 : PairOf (τ1 [a1 ], τ2 [a1 ]) Σ ` b2 : PairOf (τ1 [a2 ], τ2 [a2 ])  (b1 ]PairOf (τ1 [a3 ], τ2 [a3 ]) b2 )    ⇔ Σ` π (b1 ) ]τ1 [a3 ] π1 (b2 ) ∧  1   π2 (b1 ) ]τ2 [a3 ] π2 (b2 ) is sound Proof. Consider ρ ∈ V JΣK and let a∗i , b∗i , σ ∗ and τi∗ [u] for u ∈ σ ∗ be defined as usual. Let A1 be an interface template for τ1∗ [a∗3 ] and let A2 be an interface template for τ2∗ [a∗3 ]. We have that Pair(A1 , A2 ) is an interface template for PairOf (τ1∗ [a∗3 ], τ2∗ [a∗3 ]). First suppose that b∗1 ]PairOf (τ1∗ [a∗3 ], τ2∗ [a∗3 ]) b∗2 . This implies that there exists b3 ∈ PairOf (τ1∗ [a∗3 ], τ2∗ [a∗3 ]) ∗ ∗ with (b∗1 @Pair(A1 , A2 )) ◦ b−1 3 ◦ (b2 @Pair(A1 , A2 )) defined. This implies that (π1 (b1 )@A1 ) ◦ −1 ∗ ∗ ∗ π1 (b3 ) ◦ π1 (b2 )@A1 ) is defined which implies π1 (b1 ) ] τ1 [a3 ]π1 (b2 ). The case of π2 is similar. Conversely suppose that π1 (b∗1 ) ] τ1∗ [a3 ]π1 (b∗2 ) and π2 (b∗1 ) ] τ2∗ [a3 ]π2 (b∗2 ). In this case it is straightforward to show that there exist a pair b3 ∈ Pairf (τ1∗ [a∗3 ], τ2∗ [a∗3 ]) with (b∗1 @Pair(A1 , A2 ))◦ ∗ b−1 3 ◦ (b2 @Pair(A1 , A2 )) defined. Lemma 4.12. The inference rule Σ ` a1 : σ, a2 : σ, a3 :: iso(σ, a1 , a2 ) Σ; x : σ ` (τ1 [x] → τ2 [x]) : typei Σ ` f1 : (τ1 [a1 ] → τ2 [a1 ]) Σ ` f2 : (τ1 [a2 ] → τ2 [a2 ])  (f1 ]τ1 [a3 ]→τ2 [a3 ] f2 )     ⇔    ∀x1 : τ1 [a1 ] ∀x2 : τ1 [a2 ] Σ` (x1 ]τ1 [a3 ] x2 )     ⇒    f1 (x1 ) ]τ2 [a3 ] f2 (x2 ) is sound. 57

Proof. Consider ρ ∈ V JΣK. Let a∗i abbreviate VΣ Jai K ρ and similarly for fi∗ and σ ∗ . For u ∈ σ ∗ let τi∗ [u] abbreviate VΣ Jτi [x]K ρ[x ← u]. Let Aσ be an interface template for σ ∗ , let A1 be an interface template for τ1∗ [a∗3 ] and let A2 be an interface template for τ2∗ [a∗3 ]. First suppose that f1∗ ](τ1∗ [a∗3 ]→τ2∗ [a∗3 ]) f2∗ and consider x1 ∈ τ1∗ [a∗1 ] and x2 ∈ τ1∗ [a∗2 ] with x1 ]τ1∗ [a∗3 ] x2 . We must show f1∗ (x1 ) ]τ2∗ [a∗3 ] f2∗ (x2 ). By the definition of ]τ1∗ [a∗3 ] there exists x3 ∈ τ1∗ [a∗3 ] with (x1 @A1 ) ◦ x3−1 ◦ (x2 @A1 ) defined. By (Abs-Distributes-In) and (AbsCompression) we then have that (x1 @Point) ◦ (x3 @Point)−1 ◦ (x2 @Point) is defined. By the definition of ](τ1∗ [a∗3 ]→τ2∗ [a∗3 ]) there exists f3 ∈ τ1∗ [a∗3 ] → τ2∗ [a∗3 ] with g ≡ (f1 @(Point → A)) ◦ f3∗ −1 ◦ (f2 @(Point → A)) defined where A is any interface template of τ2∗ [a∗3 ]. By (Funs-Composable) we have g[(x1 @Point) ◦ (x3 @Point)−1 ◦ (x2 @Point)] = (f1 (x1 )@A) ◦ f3∗ (x3 )−1 ◦ (f2 (x2 )@A) The definedness of the right hand side gives f3 (x3 ) ∈ iso(τ2∗ [x3 ], f1∗ (x1 ), f2∗ (x2 )) which yields f1∗ (x1 ) ]τ2∗ [a∗3 ] f2∗ (x2 ) as desired. Now suppose that for all x1 ∈ τ1∗ [a∗1 ] and x2 ∈ τ1∗ [a∗2 ] with x1 ]τ1∗ [a∗3 ] x2 we have f1∗ (x1 ) ]τ2∗ [a∗3 ] ∗ f2 (x2 ). We must show f1∗ ](τ1∗ [a∗3 ]→τ2∗ [a∗3 ]) f2∗ . We must show that an appropriate witness f3 ∈ τ1∗ [a∗3 ] → τ2∗ [a∗3 ] exists. For x3 ∈ τ1∗ [a∗3 ] we must define f3 (x3 ). By the first antecedent of the rule we have that (a∗1 @Aσ ) ◦ a∗3 −1 ◦ (a∗2 @Aσ ) is defined. The validity of the second antecedent implies Σ; x : σ |= τ1 [x] : typei . Property (V1) of this entailment yields that (1) τ1∗ [a∗1 @Aσ ] ◦ τ1∗ [a∗3 ]−1 ◦ τ1∗ [a∗2 @Aσ ] is defined. We have that TypeOf (A1 ) is a minimal template for τ1∗ [a∗3 ] and by the properties of ∼ we can abstract the above composition to TypeOf (A). By (Abs-Distributes-In) and (Internal-Compression) we then have that (τ1∗ [a∗1 ]@TypeOf (A)) ◦ (τ1∗ [a∗3 ]@TypeOf (A))−1 ◦ (τ1∗ [a∗2 ]@TypeOf (A)) is defined. By (Partner) we then have that there exists x1 ∈ τ1∗ [a∗1 ] and x2 ∈ τ1∗ [a∗2 ] with (x1 @A) ◦ (x3 @A)−1 ◦ (x2 @A) defined. We then have x1 ]τ1 [a∗3 ] x2 which by assumption implies f1 (x1 ) ]τ2∗ [a∗3 ] f2 (x2 ). For each equivalence class C of τ1∗ [a∗3 ] we can select a value y(C) ∈ τ2∗ [a∗3 ] such that there exists x1 ∈ τ1∗ [a∗1 ], x2 ∈ τ1∗ [a∗2 ] and x3 ∈ C with (x1 @Aσ ) ◦ (x3 @Aσ )−1 ◦ (x2 @Aσ ) defined and with y(C) ∈ iso(τ2∗ [a∗3 ], x1 , x2 ). We can then define f3 (x3 ) to be y(|x3 |) which gives f3 ∈ τ1∗ [a∗3 ] → τ2∗ [a∗3 ]. It remains to show f3 ∈ iso(τ1∗ [a∗3 ] → τ2∗ [a∗3 ], f1 , f2 ). In particular we must show that (f1 @(Point → A)) ◦ f3∗ −1 ◦ (f2 @(Point → A)) is defined where A is the interace template for τ2∗ [a∗3 ]. By (1) above and (Abs-Distributes-In) we get that Dom(f1 ) ◦ domop(f3 )−1 ◦ Dom(f2 ) is defined. It remains only to show that for −1 xi ∈ Dom(fi ) with x1 ◦ x−1 ◦ (f2 [x2 ]@A2 ) 2 ◦ x3 defined we have that (f1 [x1 ]@A2 ) ◦ f3 [x3 ] 0 0 is defined. By the definition of f3 there exists xi ∈ Dom(fi ) with x3 'Dom(f3 ) x3 and with x01 ◦ x30−1 ◦ x02 defined and (f1 [x01 ]@A2 ) ◦ f3 [x03 ]−1 ◦ (f2 [x02 ]@A2 ) defined. By ('.B) we have xi 'Dom(f1 ) x0i which implies that fi [xi ] = fi [x0i ] which now implies the result. Lemma 4.13. The inference rule

58

Σ ` a1 : σ, a2 : σ, a3 :: iso(σ, a1 , a2 ) Σ; x : σ ` SubType(y : τ [x], Φ[x, y]) : typei Σ ` b1 : SubType(y : τ [a1 ], Φ[a1 , y]) Σ ` b2 : SubType(y : τ [a2 ], Φ[a2 , y])   (b1 ]SubType(y : τ [a3 ], Φ[a3 ,y]) b2 ) ⇔ Σ`  (b1 ]τ [a3 ] b2 ) is sound. Proof. Consider ρ ∈ V JΣK and let a∗i , b∗i , σ ∗ , τ ∗ [u] for u ∈ σ ∗ , and Φ∗ [u, w] for u ∈ σ ∗ and w ∈ τ ∗ [u] be defined in the standard way. For u ∈ σ ∗ let Subtype(y : τ ∗ [u], Φ∗ [u, y]) abbreviate VΣ JSubtype(y : τ [x], Φ[x, y])K ρ[x ← u]. Let Aτ be an interface template for τ ∗ [a∗3 ]. First suppose that b∗1 ]Subtype(y : τ ∗ [a∗3 ], Φ∗ [u,y]) b∗2 . This implies that there exists b3 ∈ τ ∗ [a∗3 ] ∗ ∗ with (b∗1 @Aτ ) ◦ b−1 b∗2 . Conversely suppose that 3 ◦ (b2 @Aτ ) defined which yields b1 ]τ ∗ [a∗ 3] ∗ ∗ ∗ ∗ ∗ ∗ b1 ]τ ∗ [a∗3 ] b2 . In this case there exists b3 ∈ τ [a3 ] with (b1 @Aτ ) ◦ b−1 3 ◦ (b2 @Aτ ) defined. By the validity of the second antecedent we have Σ; x : σ; y : τ [x] |= Φ[x, y] : Bool. By property (V1) of this entailment we now have Φ∗ [a∗1 , b∗1 ] = Φ∗ [a∗3 , b3 ] = Φ∗ [a∗2 , b∗2 ]. This gives b3 ∈ Subtype(y : τ ∗ [a∗3 ], Φ∗ [a∗3 , y]) which proves the result. It is worth noting that we seem unable to prove the soundness of the following apparently natural rule. Σ ` a1 : σ, a1 : σ, a3 :: iso(σ, a1 , a2 ) Σ; x : σ ` e[x] : τ [x] Σ ` e[a3 ] :: iso(τ [a3 ], e[a1 ], e[a2 ]) We can consider two possible definitions of iso(σ, x, y). (1) z ∈ iso(σ, x, y) iff (x@σ) ◦ z −1 ◦ (y@σ) is defined. (2) z ∈ iso(σ, x, y) iff (x@σ) ◦ (z@σ)−1 ◦ (y@σ) is defined. Under definition (1) we get e∗ [a∗3 ]@τ ∗ [a∗3 ] ∈ iso(τ ∗ [a3 ], e∗ [a∗1 ], e∗ [a∗2 ]) for the conclusion and the conclusion fails to satisfy (1). Under definition (2) we get e∗ [a∗3 ] ∈ iso(τ ∗ [a∗3 @σ], e∗ [a∗1 ], e∗ [a∗2 ]) for the conclusion. The approach taken here avoids this rule.

4.4

Soundness of the Remaining Rules

We now turn to proving the soundness of the inference rules in figures 1 through 5 other than pair type formulation and substitution have been handled above. We consider each figure in turn. 4.4.1

Proofs for figure 1

Figure 1 consists primarily of expression formation rules with conclusions of the form Σ ` e : σ. For each such conclusion we must check that conditions (V1) and (V2) of figure 9 hold. In addition to expression formation rules, figure 1 also includes various miscellaneous housekeeping rules. We prove soundness for the rules in the order in which they appear in the figure.

59

Lemma 4.14. The rules

 ` True

Σ ` τ : typei x not declared in Σ

 ` typej : typei for j < i

 ` Bool : Set

Σ ` Φ : Bool Σ; Φ ` True

Σ; x : τ ` True

are sound. Proof. We will take True to be an abbreviation for ∃P : Bool. We then have V JTrueK = True where the left occurrence of True is an expression and the right occurrence of True is a morphoid value (a Boolean value). We then have  |= True which establishes the soundness of the first rule above. For the soundness of the second rule we must show  |= typej : typei for j < i. But from the definition of V Jtypei K in figure 10 and theorem 4.2 which implies that q this follows y V typej is a morphoid type. This sequent satisfies (V1) and (V2) because typei is closed and VΣ JtypeK ρ = V Jtypei K. For the third rule we must show that the definedness of V JΣK implies the definedness of V JΣ; x : τ K given that x is not already in Σ and Σ |= τ :: typei . But this follows directly from the definition of V JΣK. The soundness of the fourth and fifth rule are similarly straightforward. Lemma 4.15. The rules Σ; Θ ` True Σ`Ψ

Σ; Θ ` True Σ; Θ ` Θ

Σ; Θ ` Ψ

are sound. Proof. For the first rule it is possible that Θ has the form x : σ. In this case we must show that conditions (V1) and (V2) are satisfied. But one can check that (V1) and (V2) are immediately satisfied for variables. For the second rule it is possible that Ψ has the form e : σ where e is not a variable. In this case (V1) and (V2) follow from the fact that for judgments not involving a variable declared in Θ we can treat V JΣ, ΘK as a subset of V JΣK. One can readily show that (V1) and (V2) are monotone in the sense that if they are satisfied by a set S of structures then they are satisfied by any subset of S. Lemma 4.16. The rule Σ ` σ : typei Σ ` τ : typei Σ ` (σ → τ ) : typei is sound. Proof. We prove conditions (V1) and (V2) for the conclusion. To prove (V1) consider ρ1 , ρ2 , ρ3 ∈ −1 ∗ V JΣK with ρ1 ◦ ρ−1 2 ◦ ρ3 defined and (ρ1 ◦ ρ2 ◦ ρ3 ) ∈ V JΣK. Let σi abbrebiate VΣ JσK ρi and let ∗ τi abbreviate VΣ Jτ K ρi . By condition (V1) on the premises and property (→.V1) we have the following calculation establishing (V1) for the conclusion. VΣ Jσ → τ K (ρ1 ◦ ρ−1 2 ◦ ρ3 )

−1 = VΣ JσK (ρ1 ◦ ρ−1 2 ◦ ρ3 ) → VΣ Jτ K (ρ1 ◦ ρ2 ◦ ρ3 )

=

(σ1∗ ◦ (σ2∗ )−1 ◦ σ3∗ ) → (τ1∗ ◦ (τ2∗ )−1 ◦ τ3∗ )

=

(σ1∗ → τ1∗ ) ◦ ((σ2∗ )−1 → (τ2∗ )−1 ) ◦ (σ3∗ → τ3∗ )

=

(σ1∗ → τ1∗ ) ◦ (σ2∗ → τ2∗ )−1 ◦ (σ3∗ → τ3∗ ) 60

To prove (V2) consider ρ, ρ˜ ∈ V JΣK with ρ  ρ˜. From (V2) of the antecedents we have VΣ JσK  VΣ JσK ρ˜ and VΣ Jτ K ρ  VΣ Jτ K ρ˜ and by (→.V2) we then have VΣ Jσ → τ K ρ  VΣ Jσ → τ K ρ˜. Lemma 4.17. The rule Σ ` f :σ → τ Σ ` e:σ Σ ` f (e) : τ is sound. Proof. We show properties (V1) and (V2) of the conclusion. To show property (V1) consider −1 ∗ ρ1 , ρ2 , ρ3 ∈ V JΣK with ρ1 ◦ρ−1 2 ◦ρ3 defined and (ρ1 ◦ρ2 ◦ρ3 ) ∈ V JΣK. Let σi abbreviate VΣ JσK ρi , ∗ ∗ let fi abbreviate VΣ Jf K ρi and let ei abbreviate VΣ JeK ρi . By condition (V1) of the antecedents and property (Fun-Composition) we have the following calculation which proves (V1). VΣ Jf (e)K (ρ1 ◦ ρ−1 2 ◦ ρ3 )

(f1∗ ◦ (f2∗ )−1 ◦ f3∗ )(e∗1 ◦ (e∗2 )−1 ◦ e∗3 )

=

= f1∗ (e∗1 ) ◦ f2∗ (e∗2 )−1 ◦ f3∗ (e∗3 )

Property (V2) of the conclusion follows directly from property (V2) of the antecedents and (App.V2). Lemma 4.18 (Bool.V1). If σ |= Φ :: Bool then condition (V1) for Σ |= Φ : Bool is equivalent to the condition that for ρ1 , ρ2 ∈ V JΣK with ρ1 ◦ ρ2 defined we have that VΣ JΦK ρ1 = VΣ JΦK ρ2 . Proof. First suppose that condition (V1) holds and consider ρ1 , ρ2 ∈ V JΣK with ρ1 ◦ ρ2 defined. We have that ρ1 ◦ ρ2 ◦ ρ−1 2 is defined and equals ρ1 and hence is in V JΣK. By (V1) we then have −1 VΣ JΦK (ρ1 ◦ (ρ−1 ◦ ρ−1 2 ) 2 )

= VΣ JΦK ρ1 ◦ VΣ JΦK ρ2 ◦ VΣ JΦK ρ−1 2

= =

VΣ JΦK ρ1

VΣ JΦK ρ2

Conversely, suppose that for all ρ1 , ρ2 ∈ V JΣK with ρ1 ◦ ρ2 defined we have VΣ JΦK ρ1 = −1 VΣ JΦK ρ2 . Now consider ρ1 , ρ2 , ρ3 ∈ V JσK with ρ1 ◦ ρ−1 2 ◦ ρ3 defined and with (ρ1 ◦ ρ2 ◦ ρ3 ) ∈ ∗ ∗ ∗ ∗ V JΣK. Let Φi abbreviate VΣ JΦK ρi . We immediately have Φ1 = Φ2 = Φ3 and we have that −1 Φ∗1 ◦ (Φ∗2 )−1 ◦ Φ∗3 is defined and is equal to Φ∗1 . But we also have that ρ−1 1 ◦ (ρ1 ◦ ρ2 ◦ ρ3 ) is −1 −1 defined and so VΣ JΦK (ρ1 ◦ ρ2 ◦ ρ3 ) = VΣ JΦK ρ1 . We now have VΣ JΦK (ρ1 ◦ ρ2 ◦ ρ3 ) = Φ∗1 = Φ∗1 ◦ (Φ∗2 )−1 ◦ Φ∗3 which proves the result. Lemma 4.19 (Bool.V2). If σ |= Φ :: Bool then condition (V2) for Σ |= Φ : Bool is equivalent to the condition that for ρ1 , ρ2 ∈ V JΣK with ρ1  ρ2 we have that VΣ JΦK ρ1 = VΣ JΦK ρ2 . Proof. This follows from the observation that for Boolean value P and Q we have that P  Q is equivalent to P = Q. Lemma 4.20. The rule Σ ` Φ : Bool Σ ` Ψ : Bool Σ ` (Φ ∨ Ψ) : Bool Σ ` ¬Φ : Bool is sound.

61

Proof. We consider conditions (V1) and (V2) for the conclusions. For (V1) we have that (Bool.V1) implies that it is sufficient to consider ρ1 , ρ2 ∈ V JΣK with ρ1 ◦ ρ2 defined. Let Φ∗i abbreviate VΣ JΦK ρi and let Ψ∗i abbreviate VΣ JΨK ρi . By property (Bool.V1) it suffices to show that Φ∗1 ∨ Ψ∗1 equals Φ∗2 ∨ Ψ∗2 . But the induction hypothesis for the antecedents and property (Bool.V1) give that Φ∗1 = Φ∗2 and Ψ∗1 = Ψ∗2 . The case of negation, and the argument for (V2), are similar. Lemma 4.21. The rule Σ ` σ : typei Σ; x : σ ` Φ[x] : Bool Σ ` (∀x : σ Φ[x]) : Bool is sound. Proof. We show (V1) and (V2) for the conclusion. We note that for ρ ∈ V JΣK we have that VΣ J∀x : σ Φ[x]K ρ = True if and only if the type VΣ JSubType(x : σ, ¬Φ[x])K ρ is empty. Properties (V1) and (V2) for Σ |= (∀x : σ Φ[x]) : Bool now follow from properties (V1) and (V2) of Σ |= SubType(x : σ, ¬Φ[x]) : typei . We omit the details. Lemma 4.22. The rule Σ ` τ : typei Σ ` e:τ Σ ` w:τ Σ ` (e =τ w) : Bool is sound. Proof. We show (V1) and (V2) for the conclusion. For (V1) we have that (Bool.V1) implies that it suffices to consider ρ1 , ρ2 ∈ V Jτ K with ρ1 ◦ ρ2 defined and show VΣ Je =τ wK ρ1 = VΣ Je =τ wK ρ2 . Let e∗i abbreviate VΣ JeK ρi and similarly for wi∗ and τi∗ . We must show that e∗1 =τ1∗ w1∗ if and only if e∗2 =τ2∗ w2∗ . By condition (V1) and property (Corollary.V1) (lemma 4.5) applied to the antecedents we have that τ1∗ ◦ τ2∗ , e∗1 ◦ e∗2 and w1∗ ◦ w2∗ are defined. The result now follows from property (=.V1). Now we show (V2). Consider ρ1 , ρ2 ∈ V JΣK with ρ1  ρ2 . We must show VΣ Je =τ wK ρ1 = VΣ Je =τ wK ρ2 . Let e∗i , wi∗ and τi∗ be defined as before. Property (V2) of the antecedents we have τ1∗  τ2∗ , e∗1  e∗2 and w1∗  w2∗ . The result is then implied by (=.V2). Lemma 4.23. The rule Σ ` σ : typei Σ ` σ : typej for j > i is sound. Proof. This follows straightforwardly form the definitions which imply that for i < j we have q y V Jtypei K ⊆ V typej . 4.4.2

Proofs for Figure 2

The soundness of the first row of rules in figure 2 follows straightforwardly from the definitions in figures 9 and 10. The first three rules of the second row of figure 2 are implied by property

62

(Equivalence-Relation) which states that =σ is an equivalence relation. The soundness of the substitution rule is proved above. We explicitly consider the rules of the last row. Lemma 4.24. The rule Σ ` f, g : σ → τ Σ ` ∀x : σ f (x) =τ g(x) Σ ` f =σ→τ g is sound. Proof. Consider ρ ∈ V JΣK. Let f ∗ , g ∗ and σ ∗ be defined in the usual way. From the validity of the first antecedent we have f ∗ , g ∗ ∈ σ ∗ → τ ∗ . We must show that the validity of the antecedents implies f ∗ =σ∗ →τ ∗ g ∗ . From the second antecedent we have that for all x ∈ σ ∗ there exists z ∈ τ ∗ such that f (x)@τ ∗ ◦ z −1 ◦ g(x)@τ ∗ is defined. Property (=.C) implies that for x =σ∗ x0 we have x@Point =σ∗ @TypeOf (Point) x0 @Point and hence f ∗ (x) = f ∗ [x@Point] = f ∗ [x0 @Point] = f ∗ (x0 ) and similarly for g ∗ . For each equivalence class |x|σ∗ with x ∈ σ ∗ we can select a value h(|xσ |) ∈ τ ∗ such that f (|x|σ )@τ ∗ ◦ h(|x|σ )−1 ◦ g(|x|σ )@τ ∗ is defined. This gives a function h ∈ σ ∗ → τ ∗ with f @(σ ∗ → τ ∗ ) ◦ (h@(σ ∗ → τ ∗ ))−1 ◦ g@(σ ∗ → τ ∗ ) defined and hence f ∗ =(σ∗ →τ ∗ ) g ∗ . Lemma 4.25. The rule Σ; x : σ; y : τ ` Φ[x, y] : Bool x is not free in τ Σ ` ∀x : σ ∃y : τ Φ[x, y] Σ ` ∃f : σ → τ ∀x : σ Φ[x, f (x)] is sound. Proof. Consider ρ ∈ V JΣK. Let σ ∗ abbreviate VΣ JσK ρ and let τ ∗ abbreviate VΣ Jτ K ρ. We will let u range over members of σ ∗ and v range over members of τ ∗ . Let Φ∗ [u, v] abbreviate VΣ JΦ[x, y]K ρ[x ← u][y ← v]. We must show that there exists f ∈ σ ∗ → τ ∗ such that for all u ∈ σ ∗ we have Φ∗ [u, f (u)]. We have that for each u there exists a v such that Φ∗ [u, v]. For each u let v(u) denote one such value. We have then have Φ∗ [u, v(u)] for every u. But the mapping from σ ∗ to τ ∗ defined by u 7→ v(u) need not satisfy condition (F1) in figure 17 which requires that equivalent inputs yield absolutely equal outputs. Let |u| denote the equivalence class of u under the equivalence relation =σ∗ . For each such class |u| pick a representative member w(|u|) ∈ |u|. We then let f be a morphoid function with Dom(f ) = σ ∗ @TypeOf (Point) and such that for u ∈ σ ∗ we have f (u) = f [u@Point] = v(w(|u|)). By (=.C) we have that if u@Point =σ∗ @TypeOf (Point) u0 @Point for u, u0 ∈ σ ∗ then u =σ∗ u0 . This implies that this definition of f [z] for z ∈ Dom(f ) is well defined and that satisfies condition (F1). Hence we have that f ∈ M(Point → A) where A is any template such that τ ∗ ∈ M(TypeOf (A)). It remains to show that for u ∈ σ ∗ we have Φ∗ (u, f (u)). But by the soundness of substitution we have Φ∗ (u, f (u))

=

Φ∗ (w[|u|], f (u))

=

Φ∗ (w[|u|], v(w(|u|)))

= True

The last rule in figure 2 is the axiom of infinity. The soundness of this rule follows from the fact that we have defined V JSetK to be the type containing all discrete morphoid types in the universe Vκ0 where κ0 is an uncountable inaccessible cardinal. 63

4.4.3

Soundness for Figure 3

The proof of soundness of the first rule of figure 3, the rule for formation of dependent pair types, has been proved above. We consider the remaining rules in the order in which they appear. Lemma 4.26. The rule Σ ` PairOf (x : σ, y : τ [x]) : typei Σ ` u:σ Σ ` w : τ [u] Σ ` Pair(u, w) : PairOf (x : σ, y : τ [x]) . Σ ` π1 (Pair(u, w)) = u . Σ ` π2 (Pair(u, w)) = w is sound. Proof. We consider requirements (V1) and (V2) for the first conclusion. For the pair expression Pair(u, w) we have that conditions (V1) and (V2) follow directly from conditions (V1) and (V2) for Σ |= u : σ and Σ |= w : τ [u]. Lemma 4.27. The rule Σ ` p : PairOf (x : σ, y : τ [x]) Σ ` π1 (p) : σ Σ ` π2 (p) : τ [π1 (p)] . Σ ` p = Pair(π1 (p), π2 (p)) is sound. Proof. We consider requirements (V1) and (V2) for the first two conclusion. For the expression π1 (p) we have that conditions (V1) and (V2) follow directly from conditions (V1) and (V2) for Σ |= p : PairOf (x : σ, y : τ [x]) and the fact that for pairs p and q with p ◦ q defined we have π1 (p ◦ q) = π1 (p) ◦ π1 (q). For pairs p and q with p  q we also have π1 (p)  π1 (p). Similar comments apply to π2 . The soundess of the rules for reflexivity, symmetry, transitivity and substitution for absolute equality follow immediately from the definition of absolute equality. Lemma 4.28. The rule Σ ` τ : typei Σ; x : τ ` Φ[x] : Bool Σ ` SubType (x : τ, Φ[x]) : typei is sound. Proof. We will show properties (V1) and (V2) of the conclusion. We first show soundness of the rule

64

Σ ` Φ : Bool Σ ` Subtype(P : Bool, Φ) : typei For ρ ∈ V JΣK we have that VΣ JSubtype(P : Bool, Φ)K ρ is either V JBoolK or the emtpy type depending on the value of VΣ JΦK ρ. We then get that properties (V1) and (V2) for the conclusion of this rule follow directly from the properties (V1) and (V2) of the antecedent. Next we consider the rule Σ ` σ : typei Σ; x : σ ` Φ[x] : Bool Σ ` PairType(x : σ, Q : SubType(P : Bool, Φ[x])) : typei The validity of the antecedents and the soundness of the preceding rule give that the sequent Σ; x : σ ` SubType(P : Bool, Φ[x]) : typei is valid. The soundness of the pair type formation rule then gives that the conclusion of the above rule is valid. For ρ ∈ V JΣK we now have that VΣ JSubtype(x : σ, Φ[x])K ρ is the set of values of the form π1 [z] for z ∈ VΣ JPairType(x : σ, SubType(P : Bool, Φ[x]))K ρ. Properties (V1) and (V2) of the subtype formation rule now follow from properties (V1) and (V2) of the conclusion of the above rule. We omit the details. Lemma 4.29. The rules Σ ` SubType (x : τ, Φ[x]) : typei Σ ` e:τ Σ ` Φ[e] Σ ` e : SubType (x : τ, Φ[x])

Σ ` e : SubType (x : τ, Φ[x]) Σ ` e:τ Σ ` Φ[e]

are sound. Proof. For the first rule we note that properties (V1) and (V2) of the conclusion follow immediately from properties (V1) and (V2) of the second antecedent. For the second rule we note that properties (V1) and (V2) of the first conclusion follow immediately from (V1) and (V2) of the antecedent. 4.4.4

Soundness for Figure 4

Lemma 4.30. The rule Σ; x : σ ` Φ[x] : Bool Σ ` ∃!x : σ Φ[x] Σ ` σ : Set Σ ` The(x : σ, Φ[x]) : σ Σ ` Φ[The(x : σ, Φ[x])] is sound. Proof. We show (V1) and (V2) for the first conclusion. We use the requirement that sets be discrete. For a discrete type the third antecedent implies that there is one element of the type

65

SubType(x : σ; Φ[x]). For singleton discrete types σ1 , σ2 and σ3 with σ1 ◦ σ2−1 ◦ σ3 defined we have we have The(σ1 ◦ σ2−1 ◦ σ3 ) equals The(σ1 ) ◦ The(σ2 )−1 ◦ The(σ3 ) and σ1  σ2 if and only if The(σ1 )  The(σ2 ). Lemma 4.31. The rule Σ; x : σ ` Φ[x] : Bool Σ ` ∃!x : σ Φ[x] The(x : σ, Φ[x]) is closed Σ ` The(x : σ, Φ[x]) : σ Σ ` Φ[The(x : σ, Φ[x])] is sound. Proof. Conditions (V1) and (V2) hold immediately for closed expressions. The remaining rules in figure 4 all follow directly from the definitions of the constructs involved. 4.4.5

Soundness for Figure 5

All of the rules in figure 5 are manifestly sound.

5

Final Comments on Platonism

The foundations of mathematics seems more a branch of cognitive science than a branch of mathematics. The relationship between logic and thought has been central to the development of logic from the ancient Greeks, through Leibniz, Boole, Frege and into mainstream AngloAmerican analytic philosophy. A type-theoretic foundation seems much closure to natural human thought than does untyped set theory. The excluded middle and the non-constructive axiom of choice also seems to be inherent in human thought. The existence of Platonic thought does not imply a causal connection between thought and the objects being considered. We humans are presumably some form of machine and most human mathematicians engage in Platonic thinking. We do not need to postulate any magical or mystical connection between thought and actual spheres and manifolds. It seems more reasonable to model our thought process, even Platonic thought, as some form of symbolic computation. But if Platonic thought is actually just symbolic computation what makes it “Platonic”? A better question is what does one mean by a Platonic foundation for mathematics? Formal semantics translates symbol strings into rigorous natural language — the natural language of the practice of mathematics. For example, the symbol string ∀x : σ Φ[x] is true if for all x in σ we have that Φ[x] is true. Similarly, the symbol string PairOf (x : σ, y : τ [x]) represents the type of pairs (x, y) with x in σ and y in τ [x]. A formal system is Platonic to the extent that the formal semantics (the model) yields a translation from formal symbols to natural language that is direct and trivial. A Platonic semantics establishes a tight correspondence between formal symbol strings and the naturally occurring language of thought. The semantics of figure 10 is designed to have this property. As a final note we consider Wigner’s famous comment on the unreasonable effectiveness of mathematics in physics. By “mathematics” Wigner is referring to mathematical concepts such as topological spaces, manifolds and group representations. A type-theoretic foundation of mathematics faithfully interprets these concepts as formal types. Type theory is central to concept-based mathematics. We can interpret Wigner’s comment as stating the unreasonable effectiveness of type theory in physics. This is indeed striking.

66

References [Coquand and Huet, 1988] Coquand, T. and Huet, G. (1988). The calculus of constructions. Information and computation, 76(2):95–120. [Cousot and Cousot, 1977] Cousot, P. and Cousot, R. (1977). Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages, pages 238–252. ACM. [Girard, 1971] Girard, J.-Y. (1971). Une extension de l’interpretation de g¨odel a l’analyse, et son application a l’elimination des coupures dans l’analyse et la theorie des types. Studies in Logic and the Foundations of Mathematics, 63:63–92. [Hofmann and Streicher, 1994] Hofmann, M. and Streicher, T. (1994). The groupoid model refutes uniqueness of identity proofs. In Logic in Computer Science, 1994. LICS’94. Proceedings., Symposium on, pages 208–212. IEEE. [HoTT-Authors, 2013] HoTT-Authors (2013). Homotopy type theory, univalent foundations of mathematics. http://hottheory.files.wordpress.com/2013/03/hott-online-611-ga1a258c.pdf. [Kapulkin et al., 2012] Kapulkin, C., Lumsdaine, P. L., and Voevodsky, V. (2012). The simpicial model of univalent foundations. CoRR, abs/1211.2851. [Martin-L¨ of, 1971] Martin-L¨ of, P. (1971). A theory of types. [Reynolds, 1974] Reynolds, J. C. (1974). Towards a theory of type structure. In Programming Symposium, pages 408–425. Springer. [Rota, 1997] Rota, G. (1997). Indiscrete Thoughts. Birkhuser Boston, Inc.

67