#### On Natural Deduction for Herbrand Constructive Logics II: Curry-Howard Correspondence for Markov's Principle in First-Order Logic and Arithmetic

T Y P E S
On Natural Deduction for Herbrand Constructive Logics II: Curry-Howard Correspondence for Markov's Principle in First-Order Logic and Arithmetic
Federico Aschieri 1 2
Institut f?r Diskrete Mathematik und Geometrie 1 2
0 Institut fu?r Diskrete Mathematik und Geometrie Technische Universita?t Wien Wiedner Hauptstra?e 8-10/104 , 1040, Vienna , Austria
1 Technische Universita?t Wien Wiedner Hauptstra?e 8-10/104 , 1040, Vienna , Austria
2 Matteo Manighetti
Intuitionistic first-order logic extended with a restricted form of Markov's principle is constructive and admits a Curry-Howard correspondence, as shown by Herbelin. We provide a simpler proof of that result and then we study intuitionistic first-order logic extended with unrestricted Markov's principle. Starting from classical natural deduction, we restrict the excluded middle and we obtain a natural deduction system and a parallel Curry-Howard isomorphism for the logic. We show that proof terms for existentially quantified formulas reduce to a list of individual terms representing all possible witnesses. As corollary, we derive that the logic is Herbrand constructive: whenever it proves any existential formula, it proves also an Herbrand disjunction for the formula. Finally, using the techniques just introduced, we also provide a new computational interpretation of Arithmetic with Markov's principle. 2012 ACM Subject Classification Theory of computation ? Proof theory 1 Funded by the Austrian Science Fund FWF Lise Meitner grant M 1930-N35. 2 Funded by the Vienna Science Fund WWTF project VRG12-004.
and phrases Markov's Principle; first-order logic; natural deduction; Curry-Howard
Introduction
Markov?s Principle was introduced by Markov in the context of his theory of Constructive
Recursive Mathematics (see [13]). Its original formulation is tied to Arithmetic: it states
that given a recursive function f : N ? N, if it is impossible that for every natural number n,
f (n) 6= 0, then there exists a n such that f (n) = 0. Markov?s original argument for justifying
it was simply the following: if it is not possible that for all n, f (n) 6= 0, then by computing
in sequence f (0), f (1), f (2), . . ., one will eventually hit a number n such that f (n) = 0 and
will effectively recognize it as a witness.
Markov?s principle is readily formalized in Heyting Arithmetic as the axiom scheme
????NP ? ??NP
where P is a primitive recursive predicate [12]. When added to Heyting Arithmetic, Markov?s
principle gives rise to a constructive system, that is, one enjoying the disjunction and the
existential witness property [12] (if a disjunction is derivable, one of the disjuncts is derivable
too, and if an existential statement is derivable, so it is one instance of it). Furthermore,
witnesses for any provable existential formula can be effectively computed using either
Markov?s unbounded search and Kleene?s realizability [9] or much more efficient functional
interpretations [7, 3].
1.1
Markov?s Principle in First-Order Logic
The very shape of Markov?s principle makes it also a purely logical principle, namely an
instance of the double negation elimination axiom. But in pure logic, what exactly should
Markov?s principle correspond to? In particular, what class of formulas should P be restricted
to? Since Markov?s principle was originally understood as a constructive principle, it is
natural to restrict P as little as possible, while maintaining the logical system as constructive
as possible. As proven by Herbelin [8], it turns out that asking that P is propositional and
with no implication ? symbols guarantees that intuitionistic logic extended with such a
version of Markov?s principle is constructive. The proof of this result employs a Curry-Howard
isomorphism based on a mechanism for raising and catching exceptions. As opposed to the
aforementioned functional interpretations of Markov?s principle, Herbelin?s calculus is fully
isomorphic to an intuitionistic logic: there is a perfect match between reduction steps at
the level of programs and detour eliminations at the level of proofs. Moreover, witnesses for
provable existential statements are computed by the associated proof terms. Nevertheless,
as we shall later show, the mechanism of throwing exceptions plays no role during these
computations: intuitionistic reductions are entirely enough for computing witnesses.
A question is now naturally raised: as no special mechanism is required for witness
computation using Herbelin?s restriction of Markov?s principle, can the first be further
relaxed so that the second becomes stronger as well as computationally and constructively
meaningful? Allowing the propositional matrix P to contain implication destroys the
constructivity of the logic. It turns out, however, that Herbrand constructivity is preserved.
An intermediate logic is called Herbrand constructive if it enjoys a strong form of Herbrand?s
Theorem [5, 4]: for every provable formula ?? A, the logic proves as well an Herbrand
disjunction
A[m1/?] ? . . . ? A[mk/?]
So the Markov principle we shall interpret in this paper is
MP : ???? P ? ?? P
(P propositional formula)
and show that when added to intuitionistic first-order logic, the resulting system is Herbrand
constructive. This is the most general form of Markov?s principle that allows a significant
constructive interpretation: we shall show how to non-trivially compute lists of witnesses
for provable existential formulas thanks to an exception raising construct and a parallel
computation operator. MP can also be used in conjunction with negative translations to
compute Herbrand disjunctions in classical logic, something which is not possible with
Herbelin?s form of Markov?s principle.
1.2
Restricted Excluded Middle
The Curry-Howard correspondence we present here is by no means an ad hoc construction, only
tailored for Markov?s principle. It is a simple restriction of the Curry-Howard correspondence
for classical first-order logic introduced in [4], where classical reasoning is formalized by the
excluded middle inference rule:
?, a : ?x Q ` u : C ?, a : ?x ?Q ` v : C
EM
? ` u ka v : C
It is enough to restrict the conclusion C of this rule to be an existential statement
?xP, with P propositional, and the Q in the premises ?x Q, ?x ?Q to be propositional. We
shall show that the rule is intuitionistically equivalent to MP. With our approach, strong
normalization is just inherited and the transition from classical logic to intuitionistic logic
with MP is smooth and natural.
1.3
Markov?s Principle in Arithmetic
We shall also provide a computational interpretation of Heyting Arithmetic with MP. The
system is constructive and witnesses for provable existential statements can be computed.
This time, we shall restrict the excluded middle as formalized in [2] and we shall directly
obtain the desired Curry-Howard correspondence. As a matter of fact, the interpretation of
MP in Arithmetic ends up to be a simplification of the methods we use in first-order logic,
because the decidability of atomic formulas greatly reduces parallelism and eliminates case
distinction on the truth of atomic formulas.
1.4
Plan of the Paper
In Section 2, we provide a simple computational interpretation of first-order intuitionistic
logic extended with Herbelin?s restriction of Markov?s principle. We also show that the
full Markov principle MP cannot be proved in that system. In Section 3, we provide a
Curry-Howard correspondence for intuitionistic logic with MP, by restricting the excluded
middle, and show that the system is Herbrand constructive. In Section 4, we extend the
Curry-Howard to Arithmetic with MP and show that the system becomes again constructive.
2
Herbelin?s Restriction of Markov?s Principle
In [8] Herbelin introduced a Curry-Howard isomorphism for an extended intuitionistic logic.
By employing exception raising operators and new reduction rules, he proved that the logic
is constructive and can derive the axiom scheme
HMP : ???? P ? ?? P
(P propositional and ? not occurring in P)
Actually, Herbelin allowed P also to contain existential quantifiers, but in that case the
axiom scheme is intuitionistically equivalent to ????1 . . . ??n P ? ??1 . . . ??n P, again with
P propositional and ? not occurring in P. All of the methods of our paper apply to this
case as well, but for avoiding trivial details, we keep the present HMP.
Our first goal is to show that HMP has a simpler computational interpretation and to
provide a straightforward proof that, when added on top of first-order intuitionistic logic,
HMP gives rise to a constructive system. In particular, we show that the ordinary Prawitz
reduction rules for intuitionistic logic and thus the standard Curry-Howard isomorphism [6]
are enough for extracting witnesses for provable existential formulas. The crucial insight,
as we shall see, is that HMP can never actually appear in the head of a closed proof term
having existential type. It thus plays no computational role in computing witnesses; it plays
rather a logical role, in that it may be used to prove the correctness of the witnesses.
We start by fixing the first-order language of logical formulas.
I Definition 1 (Formula Language). The language L of formulas is defined as follows.
1. The terms of L are inductively defined as either variables ?, ?, . . . or constants c or expressions of the form f(t1, . . . , tn), with f a function constant of arity n and t1, . . . , tn ?
L.
2. There is a countable set of predicate symbols. The atomic formulas of L are all the
expressions of the form P(t1, . . . , tn) such that P is a predicate symbol of arity n and
t1, . . . , tn are terms of L. We assume to have a 0-ary predicate symbol ? which represents
falsity.
3. The formulas of L are built from atomic formulas of L by the logical constants ?, ?, ?, ?, ?,
with quantifiers ranging over variables ?, ?, . . .: if A, B are formulas, then A ? B, A ? B,
A ? B, ?? A, ?? B are formulas. The logical negation ?A can be introduced, as usual,
as an abbreviation of the formula A ? ?.
4. Propositional formulas are the formulas whose only logical constants are ?, ?, ?; we say
that a propositional formula is negative whenever ? does not occur in it. Propositional
formulas will be denoted as P, Q . . . (possibly indexed). Formulas of the form ??1 . . . ??n P,
with P propositional and negative, will be called simply universal.
To achieve our goals, we now consider the usual natural deduction system for intuitionistic
first-order logic [11, 6], in the language L, to which we add HMP. Accordingly, we add to the
associated lambda calculus the constants MP : ???? P ? ?? P. The resulting Curry-Howard
system is called IL + HMP and is presented in Figure 1.
The reduction rules for IL + HMP presented in Figure 2 are just the ordinary ones
of lambda calculus. On the other hand, MP has no computational content and thus no
associated reduction rule. Of course, the strong normalization of IL + HMP holds by virtue
of the result for standard intuitionistic Curry-Howard.
I Theorem 2. The system IL + HMP is strongly normalizing.
As we shall see in Theorem 5, the reason why HMP cannot be appear in the head of a
closed proof term having existential type is that its premise ???? P is never classically valid,
let alone provable in intuitionistic logic.
I Proposition 3. Assume that the symbol ? does not occur in the propositional formula P.
Then ???? P is not classically provable.
Proof. We provide a semantical argument. The formula ???? P is classically provable if
and only if it is classically valid and thus if and only if ?? P is classically valid. For every
such a formula, we shall exhibit a model falsifying it. Consider the model M where every
n-ary predicate is interpreted as the empty n-ary relation. We show by induction on the
complexity of the formula P that PM = ? for every assignment of individuals to the free
variables of P, and therefore (?? P)M = ?.
If P is atomic, then by definition of M, we have P M = ? for every assignment of the
variables.
If P = P1 ? P2, then since by induction P1M = ?, (P1 ? P2)M = ?
If P = P1 ? P2, then since by induction P1M = ? and P2M = ?, (P1 ? P2)M = ?
J
In order to derive constructivity of IL + HMP, we shall just have to inspect the normal
forms of proof terms. Our main argument, in particular, will use the following well-known
syntactic characterization of the shape of proof terms.
Grammar of Untyped Proof Terms
t, u, v ::= x | tu | tm | ?x u | ?? u | ht, ui | u?0 | u?1 | 0(u) | 1(u) | t[x.u, y.v] | (m, t) | t[(?, x).u] | H??P| MP
where m ranges over terms of the first-order language of formulas L, x over proof-term variables, ?
over first-order variables.
Contexts With ? we denote contexts of the form x1 : A1, . . . , xn : An, where each xi is a proof-term
variable, and xi 6= xj for i 6= j.
where m is any term of the language L and ? does not occur free in any formula B occurring in ?.
where ? is not free in C nor in any formula B occurring in ?.
hu0, u1i?i 7? ui, for i=0,1
i(u)[x1.t1, x2.t2] 7? ti[u/xi], for i=0,1
(m, u)[(?, x).v] 7? v[m/?][u/x], for each term m of L
I Proposition 4 (Head of a Proof Term). Every proof-term of IL + HMP is of the form
I Theorem 5 (Constructivity of IL + HMP).
1. If IL + HMP ` t : ?? A, and t is in normal form, then t = (m, u) and IL + HMP ` u :
A[m/?].
2. If IL+HMP ` t : A?B and t is in normal form, then either t = 0(u) and IL+HMP ` u : A
or t = 1(u) and IL + HMP ` u : B.
Proof.
1. By Proposition 4, t must be of the form ru1 . . . uk. Let us consider the possible forms of
r.
Since t is closed, r cannot be a variable.
We show that r cannot be MP. If r were MP : ???x P ? ?? P for some P, then
IL + MP ` u1 : ???? P. Since IL + HMP is contained in classical logic, we have that
???? P is classically provable. However we know from Proposition 3 that this cannot
be the case, which is a contradiction.
We also show that r cannot be H??P. Indeed, if r were H??P for some P, then
IL + MP ` u1 : ?, which is a contradiction.
The only possibility is thus that r is one among ?x.t, ??.t, ht1, t2i, i(t), (m, t). In
this case, k must be 0 as otherwise we would have a redex. This means that t = r and
thus t = (m, u) with IL + HMP ` u : A(m).
2. The proof goes along the same lines of case 1. J
Finally, we prove that IL + HMP is not powerful enough to express full Markov?s principle
MP. Intuitively, the reason is that IL + HMP is a constructive system and thus cannot be
strong enough to interpret classical reasoning. This would indeed be the case if IL + HMP
proved MP, an axiom which complements very well negative translations.
I Proposition 6. IL + HMP 0 MP.
Proof. Suppose for the sake of contradiction that IL + HMP ` MP. Consider any proof
in classical first-order logic of a simply existential statement ?? P. By the G?del-Gentzen
negative translation (see [12]), we can then obtain an intuitionistic proof of ???? PN , where
PN is the negative translation of P, and thus IL + HMP ` ?? PN . By Theorem 5, there is a
first-order term m such that IL + HMP ` PN [m/?]. Since PN [m/?] is classically equivalent to
P[m/?], we would have a single witness for every classically valid simply existential statement.
But this is not possible: consider for example the first-order language L = {P, a, b} and the
formula F = (P(a) ? P(b)) ? P(?) where P is an atomic predicate. Then the formula ?? F
is classically provable, but there is no term m such that F [m/?] is valid, let alone provable:
it cannot be m = a, as it is shown by picking a model where P is interpreted as the set
{b}
it cannot be m = b, because we can interpret P as the set {a}. J
3
Full Markov Principle and Restricted Excluded Middle in
First-Order Logic
In this section we describe the natural deduction system and Curry-Howard correspondence
IL + EM1?, which arise by restricting the excluded-middle in classical natural deduction
[4]. This computational system is based on delimited exceptions and a parallel operator.
We will show that on one hand full Markov principle MP is provable in IL + EM1? and, on
the other hand, that IL + MP derives all of the restricted classical reasoning that can be
expressed in IL + EM1?, so that the two systems are actually equivalent. Finally, we show that
the system IL +EM1? is Herbrand constructive and that witnesses can effectively be computed.
In order to computationally interpret Markov?s principle, we consider the rule EM1?,
which is obtained by restricting the conclusion of the excluded middle EM1 [4, 2] to be a
simply existential formula:
These last two rules correspond respectively to a term making an Hypothesis and a term
waiting for a Witness and these terms are put in communication via EM1?; the variable a
in u ka v represents their communication channel and all the free occurrences of a in u and
v are bound in u ka v. In the terms H??A and W??A the free variables are a and those of A
a a
minus ?. A term of the form H??Pm, with m first-order term, is said to be active, if its only
a
free variable is a: it represents a raise operator which has been turned on. The term u ka v
supports an exception mechanism: u is the ordinary computation, v is the exceptional one
and a is the communication channel. Raising exceptions is the task of the term H??P, when it
a
encounters a counterexample m to ?? P; catching exceptions is performed by the term Wa???P.
For this reason, the notation raisea??A, as in [8], would also have been just fine, as well as
the far less evocative notation a??A. In first-order logic, however, there is an issue: when
should an exception be thrown? Since the truth of atomic predicates depends on models,
one cannot know. Therefore, each time H??P is applied to a term m, a new pair of parallel
a
independent computational paths is created, according as to whether P[m/?] is false or true.
In one path the exception is thrown, in the other not, and the two computations will never
join again. To render this computational behaviour, we add the rule EM0 of propositional
excluded middle over negative formulas
?, a : ?P ` u : A ?, a : P ` v : A
? ` u | v : A
EM0
even if in principle it is derivable from EM1?; we also add the axiom
?, a : P ` HP : P
Communication channel variables are not used in terms of the form u | v because there is
no useful information that can be raised by u and handed to v: the premises of EM0 are
completely void of positive information, because they are negative formulas; a cannot occur
in u nor in v. But u | v does not prevent the computation to go on, thanks to the permutation
rules and because negative propositional assumptions do not stop the computation, that is,
do not prevent normal proofs of existential statements to terminate with an ?-introduction
rule.
We call the resulting system IL + EM1? (Figure 3) and present its reduction rules in
Figure 4; they just form a restriction of the system IL + EM described in [4]. The permutation
rules for EM1? are left out, because the inference conclusion already behaves like a ?data
type?, so there is no need to further transform it. The other reduction rules are based on the
following definition, which formalizes the raise and catch mechanism.
Grammar of Untyped Proof Terms
t, u, v ::= x | tu | tm | ?x u | ?? u | ht, ui | u?0 | u?1 | 0(u) | 1(u) | t[x.u, y.v] | (m, t) | t[(?, x).u]
| (u | v) | (u ka v) | Ha??A | Wa??P | HP
where m ranges over terms of L, x over proof-term variables, ? over first-order variables, a over
hypothesis variables, A is either a negative formula or a simply universal formula, and P is negative.
In the term u ka v there must be some formula P, such that a occurs free in u only in subterms of
the form Ha??P and a occurs free in v only in subterms of the form Wa??P, and the occurrences of the
variables in P different from ? are free in both u and v.
Contexts With ? we denote contexts of the form x1 : A1, . . . , xn : An, a1 : B1, . . . , am : Bm,, where
x1, . . . , xn are distinct proof-term variables and a1, . . . , am are distinct EM hypothesis variables.
Axioms
?, x : A ` x : A
where m is any term of the language L and ? does not occur free in any formula B occurring in ?.
Existential Quantification
where ? is not free in C nor in any formula B occurring in ?.
v[a := m]
v[a := m]
I Definition 7 (Exception Substitution). Suppose v is any proof term and m is a term of L.
Then:
1. If every free occurrence of a in v is in a subterm of the form W??P, we define
a
as the term obtained from v by replacing each subterm W??P corresponding to a free
a
occurrence of a in v by (m, HP[m/?]).
2. If every free occurrence of a in v is in a subterm of the form H??P, we define
a
as the term obtained from v by replacing each subterm H??Pm corresponding to a free
a
occurrence of a in v by HP[m/?].
hu0, u1i?i 7? ui, for i=0,1
i(u)[x1.t1, x2.t2] 7? ti[u/xi], for i=0,1
(m, u)[(?, x).v] 7? v[m/?][u/x], for each term m of L
Permutation Rules for EM0
(u | v)w 7? uw | vw
(u | v)?i 7? u?i | v?i
Reduction Rules for EM1?
(u | v)[x.w1, y.w2] 7? u[x.w1, y]w2 | v[x.w1, y]w2
(u | v)[(?, x).w] 7? u[(?, x).w] | v[(?, x).w]
u ka v 7? u, if a does not occur free in u
u ka v 7? v[a := m] | (u[a := m] ka v), whenever u has some active subterm Ha??Pm
As we anticipated, our system is capable of proving the full Markov Principle MP and thus
its particular case HMP.
I Proposition 8 (Derivability of MP). IL + EM1? ` MP
Proof. First note that with the use of EM0, we obtain that IL + EM1? ` P ? ?P for any atomic
formula P. Therefore IL + EM1? can prove any propositional tautology, and in particular
IL + EM1? ` P ? Q ? ?(?P ? ?Q) for any propositional formulas P, Q, thus proving that each
propositional formula is equivalent to a negative one.
Consider now any instance ???? Q ? ?? Q of MP. Thanks to the previous observation,
we obtain
IL + EM1? ` ???? Q ? ?? Q
? ???? P ? ?? P
for some negative formula P logically equivalent to Q. The following formal proof shows that
IL + EM1? ` ???? P ? ?? P.
[???? P](2)
[?? P](1)
?
?? P
[?? ?P]EM1?
?P
?
??? P (1)
?
?
Finally, this implies IL + EM1? ` ???? Q ? ?? Q.
J
Conversely, everything which is provable within our system can be proven by means of
first-order logic with full Markov principle.
I Theorem 9. If IL + EM1? ` F , then IL + MP ` F .
following derivation shows a proof of ?? C in IL + MP. ?? C
Proof. We just need to show that IL + MP can prove the rules EM1? and EM0. For the case
of EM0, note that IL + MP ` ??P ? P for all propositional formulas P, thanks to MP. Since
for every propositional Q we have IL + MP ` ??(Q ? ?Q), we obtain IL + MP ` Q ? ?Q, and
therefore IL + MP can prove EM0 by mean of an ordinary disjunction elimination.
?? P ???P
In the case of EM1?, if we are given the proofs of ... and ... in IL + MP, the
??C
[???P](2)
.
.
.
??C
[??P](1)
.
.
.
??C
?
???P
[???C](4)
(1)
?
????P
[???C](4)
(2)
?
????C
(4)
?
??P
(3)
[?P](3)
?? ?P
P
?? P
?? C
?? P ? P
???? C ? ?? C
J
As in [4], all of our main results about witness extraction are valid not only for closed terms,
but also for quasi-closed ones, which are those containing only pure universal assumptions.
I Definition 10 (Quasi-Closed terms). An untyped proof term t is said to be quasi-closed, if
it contains as free variables only hypothesis variables a1, . . . , an, such that each occurrence
of them is in a term of the form H??~Pi , where ??~ Pi is simply universal.
ai
IL + EM1? with the reduction rules in Figure 4 enjoys the Subject Reduction Theorem, as a
particular case of the Subject Reduction for IL + EM presented in [4].
I Theorem 11 (Subject Reduction). If ? ` t : C and t 7? u, then ? ` u : C.
No term of IL + EM1? gives rise to an infinite reduction sequence [4].
I Theorem 12 (Strong Normalization). Every term typable in IL+EM1? is strongly normalizing.
We now update the characterization of proof-terms heads given in Proposition 4 to the
case of IL + EM1?.
I Theorem 13 (Head of a Proof Term). Every proof term of IL + EM1? is of the form:
where
r is either a variable x, a constant HP or Ha??A or Wa??P or an excluded middle term u ka v
or u | v, or a term corresponding to an introduction rule ?x.t, ??.t, ht1, t2i, i(t), (m, t)
u1, . . . uk are either lambda terms, first order terms, or one of the following expressions
corresponding to elimination rules: ?i, [x.w1, y.w2], [(?, x).t]
Proof. Standard.
J
We now study the shape of the normal terms with the most simple types.
I Proposition 14 (Normal Form Property). Let P, P1, . . . Pn be negative propositional formulas,
A1, . . . , Am simply universal formulas. Suppose that
and ? ` t : ?? P or ? ` t : P, with t in normal form and having all its free variables among
z1, . . . zn, a1, . . . am. Then:
1. Every occurrence in t of every term Ha?i?iAi is of the active form Ha?i?iAi m, where m is a
term of L.
2. t cannot be of the form u ka v.
Proof. We prove 1. and 2. simultaneously and by induction on t. There are several cases,
according to the shape of t:
t = (m, u), ? ` t : ?? P and ? ` u : P[m/?]. We immediately get 1. by induction
hypothesis applied to u, while 2. is obviously verified.
t = ?x u, ? ` t : P = Q ? R and ?, x : Q ` u : R. We immediately get 1. by induction
hypothesis applied to u, while 2. is obviously verified.
t = hu, vi, ? ` t : P = Q ? R, ? ` u : Q and ? ` v : R. We immediately get 1. by induction
hypothesis applied to u and v, while 2. is obviously verified.
t = u | v, ?, a : ?Q ` u : ?? P (resp. u : P) and ?, a : Q ` v : ?? P (resp. v : P). We
immediately get 1. by induction hypothesis applied to u and v, while 2. is obviously
verified.
t = u ka v. We show that this is not possible. Note that a must occur free in u, otherwise t
is not in normal form. Since ?, a : ?? A ` u : ?? P, we can apply the induction hypothesis
to u, and obtain that all occurrences of hypothetical terms must be active; in particular,
this must be the case for the occurrences of Ha??A, but this is not possible since t is in
normal form.
t = H??Ai . This case is not possible, for ? ` t : ?? P or ? ` t : P.
ai
t = W??P. This case is not possible, since a : ?? P is not in ?.
a
t = HP. In this case, 1. and 2. are trivially true.
t is obtained by an elimination rule and by Theorem 13 we can write it as r t1 t2 . . . tn.
Notice that in this case r cannot correspond to an introduction rule neither be a term of
the form u ka v, because of the induction hypothesis, nor u | v, because of the permutation
rules and t being in normal form; moreover, r cannot be W??P , otherwise b would be free
b
in t and b 6= a1, . . . , an. We have now two remaining cases:
1. r = xi (resp. r = HP). Then, since ? ` xi : Pi (resp. ? ` HP : P), we have that for
each i, either ti is ?j or ? ` ti : Q, where Q is a negative propositional formula. By
induction hypothesis, each ti satisfies 1. and also t, while 2. is obviously verified.
2. r = H??iAi . Then, t1 is a closed term of L. Let Ai = ??1 . . . ??l Q, with Q propositional,
ai
we have that for each i, either ti is a closed term of L or ti is ?j or ? ` ti : R, where R
is a negative propositional formula. By induction hypothesis, each ti which is a proof
term satisfies 1. and thus also t, while 2. is obviously verified. J
If we omit the parentheses, we will show that every normal proof-term having as type an
existential formula can be written as v0 | v1 | . . . | vn, where each vi is not of the form u | v;
if for every i, vi is of the form (mi, ui), then we call the whole term an Herbrand normal
form, because it is essentially a list of the witnesses appearing in an Herbrand disjunction.
Formally:
I Definition 15 (Herbrand Normal Forms). We define by induction a set of proof terms,
called Herbrand normal forms, as follows:
Every normal proof-term (m, u) is an Herbrand normal form;
if u and v are Herbrand normal forms, u | v is an Herbrand normal form.
Our last task is to prove that all quasi-closed proofs of any existential statement ?? A
include an exhaustive sequence m1, m2, . . . , mk of possible witnesses. This theorem is
stronger than the usual Herbrand theorem for classical logic [4], since we are stating it for
any existential formula and not just for formulas with a single and existential quantifier.
I Theorem 16 (Herbrand Disjunction Extraction). Let ?? A be a closed formula. Suppose
? ` t : ?? A in IL + EM1? for a quasi closed term t, and t 7?? t0 with t0 in normal form. Then
? ` t0 : ?? A and t0 is an Herbrand normal form
(m0, u0) | (m1, u1) | . . . | (mk, uk)
Moreover, ? ` A[m1/?] ? ? ? ? ? A[mk/?].
Proof. By the Subject Reduction Theorem 11, ? ` t0 : ?? A. We proceed by induction on
the structure of t0. According to Theorem 13, we can write t0 as ru1 . . . un. Note that since
t0 is quasi closed, r cannot be a variable; moreover, r cannot be a term HP or Hb??B, otherwise
t0 would not have type ?? A, nor a term W??P, otherwise t0 would not be quasi closed. r also
b
cannot be of the shape u ka v, otherwise ? ` u ka v : ?? Q, for some negative propositional
Q, but from Proposition 14 we know that this is not possible. By Theorem 13, we are now
left with only two possibilities.
1. r is obtained by an introduction rule. Then n = 0, otherwise there is a redex, and thus
the only possibility is t0 = r = (n, u) which is an Herbrand Normal Form.
2. r = u | v. Again n = 0, otherwise we could apply a permutation rule; then t0 = r = u | v,
and the thesis follows by applying the induction hypothesis on u and v.
We have thus shown that t0 is an Herbrand normal form
(m0, u0) | (m1, u1) | . . . | (mk, uk)
Finally, we have that for each i, ?i ` ui : A[mi/?], for the very same ?i that types (mi, ui)
of type ?? A in t0. Therefore, for each i, ?i ` ui+ : A[m1/?] ? ? ? ? ? A[mk/?], where ui+ is of
the form i1 (. . . ik (ui) . . .). We conclude that
? ` u0+ | u1+ | . . . | uk+ : A[m1/?] ? ? ? ? ? A[mk/?]
4
J
The original statement of Markov?s principle refers to Arithmetic and can be formulated in
the system of Heyting Arithmetic HA as
???? P ? ?? P, for P atomic
By adapting IL + EM1? to Arithmetic, following [2], we will now provide a new computational
interpretation of Markov?s principle. Note first of all that propositional formulas are decidable
in intuitionistic Arithmetic HA: therefore we will not need the rule EM0? and the pure parallel
operator. For the very same reason, we can expect the system HA + EM1? to be constructive
and the proof to be similar to the one of Herbrand constructivity for IL + EM1?. In this
section indeed we will give such a syntactic proof. We could also have used the realizability
interpretation for HA + EM1 introduced in [2] (see [10]).
4.1
The system HA + EM?
1
We will now introduce the system HA + EM1?. We start by defining the language:
I Definition 17 (Language of HA + EM1?). The language L of HA + EM1 is defined as follows.
1. The terms of L are inductively defined as either variables ?, ?, . . . or 0 or S(t) with t ? L.
A numeral is a term of the form S . . . S0.
2. There is one symbol P for every primitive recursive relation over N; with P? we denote
the symbol for the complement of the relation denoted by P. The atomic formulas
of L are all the expressions of the form P(t1, . . . , tn) such that t1, . . . , tn are terms of
L and n is the arity of P. Atomic formulas will also be denoted as P, Q, Pi, . . . and
P(t1, . . . , tn)? := P?(t1, . . . , tn).
3. The formulas of L are built from atomic formulas of L by the connectives ?, ?, ?, ?, ? as
usual, with quantifiers ranging over numeric variables ?N, ?N, . . ..
The system HA + EM1? in Figure 5 extends the usual Curry-Howard correspondence
for HA with our rule EM1? and is a restriction of the system introduced in [2]. The purely
universal arithmetical axioms are introduced by means of Post rules, as in Prawitz [11].
As we anticipated, there is no need for a parallelism operator. Therefore EM1? introduces
a pure delimited exception mechanism, explained by the reduction rules in Figure 6: whenever
we have a term u ka v and H??Pm appears inside u, we can recursively check whether P[m/?]
a
holds, and switch to the exceptional path if it doesn?t; if it does, we can remove the instance
of the assumption. When there are no free assumptions relative to a left in u, we can forget
about the exceptional path.
Similarly to the previous sections, we extend the characterization of the proof-term heads
to take into account the new constructs.
I Theorem 18 (Head of a Proof Term). Every proof term of HA + EM1? is of the form:
where
r is either a variable x, a constant H??P , W??P , r or R, an excluded middle term u ka v,
a a
or a term corresponding to an introduction rule ?x.t, ??.t, ht1, t2i, i(t), (m, t)
u1, . . . uk are either lambda terms, first order terms, or one of the following expressions
corresponding to elimination rules: ?i, [x.w1, y.w2], [(?, x).t]
The new system proves exactly the same formulas that can be proven by making use of
Markov?s principle in Heyting Arithmetic.
I Theorem 19. For any formula F in the language L, HA + MP ` F if and only if
HA + EM1? ` F .
Proof. The proof is identical as the one in the previous section.
J
Grammar of Untyped Terms
t, u, v ::= x | tu | tm | ?x u | ?? u | ht, ui | u?0 | u?1 | 0(u) | 1(u) | t[x.u, y.v] | (m, t) | t[(?, x).u]
| (u ka v) | Ha??P | Wa??P | True | Ruvm | rt1 . . . tn
u are of the form Ha??P and those in v are of the form Wa??P? .
where m ranges over terms of L, x over variables of the lambda calculus and a over EM1 hypothesis
variables. Moreover, in terms of the form u ka v there is a P such that all the free occurrences of a in
Contexts With ? we denote contexts of the form e1 : A1, . . . , en : An, where ei is either a proof-term
variable x, y, z . . . or a EM1? hypothesis variable a, b, . . .
?, a : ??NP ` Ha??P : ??NP
?, a : ??NP? ` Wa??P : ??NP?
where m is any term of the language L and ? does not occur free in any formula B occurring in ?.
where ? is not free in C nor in any formula B occurring in ?.
? ` u : A(0) ? ` v : ??N.A(?) ? A(S(?))
? ` Ruvm : A[m/?]
, where m is a term of L
? ` u1 : A1 ? ` u2 : A2 ? ? ? ? ` un : An
? ` u : A
where A1, A2, . . . , An, A are atomic formulas of HA and the rule is a Post rule for equality, for a Peano
axiom or for a classical propositional tautology or for booleans and if n > 0, u = ru1 . . . un, otherwise
u = True.
EM1?
Figure 5 Term Assignment Rules for HA + EM1.
(P atomic, Q negative propositional)
HA + EM1? with the reduction rules in Figure 4 enjoys the Subject Reduction Theorem [2, 10].
I Theorem 20 (Subject Reduction). If ? ` t : C and t 7? u, then ? ` u : C.
No term of HA + EM1? gives rise to an infinite reduction sequence [1].
I Theorem 21 (Strong Normalization). Every term typable in HA + EM1? is strongly
normalizing.
Reduction Rules for HA
hu0, u1i?i 7? ui, for i=0,1
i(u)[x1.t1, x2.t2] 7? ti[u/xi], for i=0,1
(m, u)[(?, x).v] 7? v[m/?][u/x], for each term m of L
Ruv0 7? u
Ruv(Sn) 7? vn(Ruvn), for each numeral n
Reduction Rules for EM1?
u ka v 7? u, if a does not occur free in u
u ka v 7? v[a := n], if Ha??Pn occurs in u and P[n/?] is closed and P[n/?] is false
(Ha??P)n 7? True if P[n/?] is closed and P[n/?] is true
We can now proceed to prove the constructivity of the system, that is the disjunction and
existential properties. We will do this again by inspecting the normal forms of the proof
terms; the first thing to do is adapting Proposition 14 to HA + EM1?.
I Proposition 22 (Normal Form Property). Let P, P1, . . . Pn be negative propositional formulas,
A1, . . . Am simply universal formulas. Suppose that
? = z1 : P1, . . . zn : Pn, a1 : ??1A1, . . . am : ??mAm
and ? ` t : ?? P or ? ` t : P, with t in normal form and having all its free variables among
z1, . . . zn, a1, . . . am. Then:
1. Every occurrence in t of every term Ha?i?iAi is of the active form Ha?i?iAi m, where m is a
term of L
2. t cannot be of the form u ka v.
Proof. The proof is identical to the proof of Proposition 14. We just need to consider the
following additional cases:
t = rt1t2 . . . tn. Then ? ` ti : Qi for some atomic Qi and for i = 1 . . . n; thus 1. holds by
applying the inductive hypothesis to the ti, while 2. is obviously verified.
t = Rt1 . . . tn. This case is not possible, otherwise, since t3 is a numeral, t would not be
in normal form. J
Thanks to this, we can now state the main theorem. The proof of the existential property
is the same as the one for Theorem 16: we just need to observe that since we don?t have a
parallelism operator in HA + EM1?, every Herbrand disjunction will consist of a single term.
The disjunction property will follow similarly.
I Theorem 23 (Constructivity of HA + EM1?).
If HA + EM1? ` t : ??A, then there exists a term t0 = (n, u) such that t 7?? t0 and
HA + EM1? ` u : A[n/?]
If HA + EM1? ` t : A ? B, then there exists a term t0 such that t 7?? t0 and either t0 = 0(u)
and HA + EM1? ` u : A, or t0 = 1(u) and HA + EM1? ` u : B
Proof. For both cases, we start by considering a term t0 such that t 7?? t0 and t0 is in normal
form. By the Subject Reduction Theorem 11 we have that HA + EM1? ` t0 : ??A (resp.
HA + EM1? ` t0 : A ? B). By Theorem 13 we can write t0 as rt1 . . . tn. Since t0 is closed, r
cannot be a variable x or a term H??P or Wa??P; moreover it cannot be r, otherwise the type of
a
t0 would have to be atomic, and it cannot be R, otherwise the term would not be in normal
form. r also cannot have been obtained by EM1?, otherwise HA + EM1? ` r : ??P, for P
atomic and r = t1 ka t2; but this is not possible due to Proposition 22. Therefore, r must be
obtained by an introduction rule. We distinguish now the two cases:
HA + EM1? ` t0 : ??B. Since the term is in normal form, n has to be 0, that is t0 = r and
r = (n, u); hence also HA + EM1? ` u : A(n).
HA + EM1? ` t0 : A ? B. Then either t0 = 0(u), and so HA + EM1? ` u : A, or t0 = 1(u),
and so HA + EM1? ` u : B. J
1
2
3
4
5
6
7
8
9
10
13
Federico Aschieri . Strong normalization for HA + EM1 by non-deterministic choice . In Proceedings First Workshop on Control Operators and their Semantics , COS 2013 , Eindhoven, The Netherlands , June 24-25, 2013 ., pages 1 - 14 , 2013 . doi: 10 .4204/EPTCS.127.1.
Federico Aschieri , Stefano Berardi, and Giovanni Birolo . Realizability and strong normalization for a Curry-Howard interpretation of ha+em1 . In Computer science logic 2013 , volume 23 of LIPIcs. Leibniz Int. Proc. Inform ., pages 45 - 60 . Schloss Dagstuhl. LeibnizZent. Inform., Wadern , 2013 .
Federico Aschieri and Margherita Zorzi . A ?game semantical? intuitionistic realizability validating Markov's principle . In 19th International Conference on Types for Proofs and Programs , volume 26 of LIPIcs. Leibniz Int. Proc. Inform ., pages 24 - 44 . Schloss Dagstuhl.
Leibniz-Zent . Inform., Wadern , 2014 .
Comput. Sci. , 625 : 125 - 146 , 2016 . doi: 10 .1016/j.tcs. 2016 . 02 .028.
Samuel R. Buss . On Herbrand's theorem. In Logic and computational complexity (Indianapolis , IN, 1994 ), volume 960 of Lecture Notes in Comput. Sci. , pages 195 - 209 . Springer, Berlin, 1995 . doi: 10 .1007/3-540-60178-3_ 85 .
Ph. de Groote, editor. The Curry-Howard isomorphism , volume 8 of Cahiers du Centre de Logique [ Reports of the Center of Logic] . Academia-Erasme, Louvain-la- Neuve ; Universit? Catholique de Louvain, D?partement de Philosophie, Louvain-la- Neuve , 1995 .
Dialectica , 12 : 280 - 287 , 1958 . doi: 10 .1111/j.1746- 8361 . 1958 .tb01464.x.
Hugo Herbelin . An intuitionistic logic that proves Markov's principle . In 25th Annual IEEE Symposium on Logic in Computer Science LICS 2010 , pages 50 - 56 . IEEE Computer Soc., Los Alamitos, CA, 2010 .
S. C. Kleene . On the interpretation of intuitionistic number theory . J. Symbolic Logic , 10 : 109 - 124 , 1945 . doi: 10 .2307/2269016.
Matteo Manighetti . Computational interpretations of markov's principle . Master's thesis , Wien, Techn. Univ., Wien , 2016 . URL: https://arxiv.org/abs/1611.03714.
Dag Prawitz . Ideas and results in proof theory . In Proceedings of the Second Scandinavian Logic Symposium (Univ. Oslo , Oslo, 1970 ), pages 235 - 307 . Studies in Logic and the Foundations of Mathematics , Vol. 63 . North-Holland, Amsterdam, 1971 .
A. S. Troelstra . Corrections and additions to: Metamathematical investigation of intuitionistic arithmetic and analysis (Lecture Notes in Math. , Vol. 344 , Springer, Berlin, 1973 ).
Mathematisch Intituut , Universiteit van Amsterdam, Amsterdam, 1974 . Report 74-16.
A. S. Troelstra and D. van Dalen. Constructivism in mathematics . Vol. I, volume 121 of Studies in Logic and the Foundations of Mathematics. North-Holland Publishing Co., Amsterdam , 1988 . An introduction .