On Natural Deduction for Herbrand Constructive Logics II: Curry-Howard Correspondence for Markov's Principle in First-Order Logic and Arithmetic

LIPICS - Leibniz International Proceedings in Informatics, Oct 2018

Intuitionistic first-order logic extended with a restricted form of Markov's principle is constructive and admits a Curry-Howard correspondence, as shown by Herbelin. We provide a simpler proof of that result and then we study intuitionistic first-order logic extended with unrestricted Markov's principle. Starting from classical natural deduction, we restrict the excluded middle and we obtain a natural deduction system and a parallel Curry-Howard isomorphism for the logic. We show that proof terms for existentially quantified formulas reduce to a list of individual terms representing all possible witnesses. As corollary, we derive that the logic is Herbrand constructive: whenever it proves any existential formula, it proves also an Herbrand disjunction for the formula. Finally, using the techniques just introduced, we also provide a new computational interpretation of Arithmetic with Markov's principle.

A PDF file should load here. If you do not see its contents the file may be temporarily unavailable at the journal website or you do not have a PDF plug-in installed and enabled in your browser.

Alternatively, you can download the file locally and open with any standalone PDF reader:

http://drops.dagstuhl.de/opus/volltexte/2018/9859/pdf/LIPIcs-TYPES-2016-4.pdf

On Natural Deduction for Herbrand Constructive Logics II: Curry-Howard Correspondence for Markov's Principle in First-Order Logic and Arithmetic

T Y P E S On Natural Deduction for Herbrand Constructive Logics II: Curry-Howard Correspondence for Markov's Principle in First-Order Logic and Arithmetic Federico Aschieri 1 2 Institut f?r Diskrete Mathematik und Geometrie 1 2 0 Institut fu?r Diskrete Mathematik und Geometrie Technische Universita?t Wien Wiedner Hauptstra?e 8-10/104 , 1040, Vienna , Austria 1 Technische Universita?t Wien Wiedner Hauptstra?e 8-10/104 , 1040, Vienna , Austria 2 Matteo Manighetti Intuitionistic first-order logic extended with a restricted form of Markov's principle is constructive and admits a Curry-Howard correspondence, as shown by Herbelin. We provide a simpler proof of that result and then we study intuitionistic first-order logic extended with unrestricted Markov's principle. Starting from classical natural deduction, we restrict the excluded middle and we obtain a natural deduction system and a parallel Curry-Howard isomorphism for the logic. We show that proof terms for existentially quantified formulas reduce to a list of individual terms representing all possible witnesses. As corollary, we derive that the logic is Herbrand constructive: whenever it proves any existential formula, it proves also an Herbrand disjunction for the formula. Finally, using the techniques just introduced, we also provide a new computational interpretation of Arithmetic with Markov's principle. 2012 ACM Subject Classification Theory of computation ? Proof theory 1 Funded by the Austrian Science Fund FWF Lise Meitner grant M 1930-N35. 2 Funded by the Vienna Science Fund WWTF project VRG12-004. and phrases Markov's Principle; first-order logic; natural deduction; Curry-Howard Introduction Markov?s Principle was introduced by Markov in the context of his theory of Constructive Recursive Mathematics (see [13]). Its original formulation is tied to Arithmetic: it states that given a recursive function f : N ? N, if it is impossible that for every natural number n, f (n) 6= 0, then there exists a n such that f (n) = 0. Markov?s original argument for justifying it was simply the following: if it is not possible that for all n, f (n) 6= 0, then by computing in sequence f (0), f (1), f (2), . . ., one will eventually hit a number n such that f (n) = 0 and will effectively recognize it as a witness. Markov?s principle is readily formalized in Heyting Arithmetic as the axiom scheme ????NP ? ??NP where P is a primitive recursive predicate [12]. When added to Heyting Arithmetic, Markov?s principle gives rise to a constructive system, that is, one enjoying the disjunction and the existential witness property [12] (if a disjunction is derivable, one of the disjuncts is derivable too, and if an existential statement is derivable, so it is one instance of it). Furthermore, witnesses for any provable existential formula can be effectively computed using either Markov?s unbounded search and Kleene?s realizability [9] or much more efficient functional interpretations [7, 3]. 1.1 Markov?s Principle in First-Order Logic The very shape of Markov?s principle makes it also a purely logical principle, namely an instance of the double negation elimination axiom. But in pure logic, what exactly should Markov?s principle correspond to? In particular, what class of formulas should P be restricted to? Since Markov?s principle was originally understood as a constructive principle, it is natural to restrict P as little as possible, while maintaining the logical system as constructive as possible. As proven by Herbelin [8], it turns out that asking that P is propositional and with no implication ? symbols guarantees that intuitionistic logic extended with such a version of Markov?s principle is constructive. The proof of this result employs a Curry-Howard isomorphism based on a mechanism for raising and catching exceptions. As opposed to the aforementioned functional interpretations of Markov?s principle, Herbelin?s calculus is fully isomorphic to an intuitionistic logic: there is a perfect match between reduction steps at the level of programs and detour eliminations at the level of proofs. Moreover, witnesses for provable existential statements are computed by the associated proof terms. Nevertheless, as we shall later show, the mechanism of throwing exceptions plays no role during these computations: intuitionistic reductions are entirely enough for computing witnesses. A question is now naturally raised: as no special mechanism is required for witness computation using Herbelin?s restriction of Markov?s principle, can the first be further relaxed so that the second becomes stronger as well as computationally and constructively meaningful? Allowing the propositional matrix P to contain implication destroys the constructivity of the logic. It turns out, however, that Herbrand constructivity is preserved. An intermediate logic is called Herbrand constructive if it enjoys a strong form of Herbrand?s Theorem [5, 4]: for every provable formula ?? A, the logic proves as well an Herbrand disjunction A[m1/?] ? . . . ? A[mk/?] So the Markov principle we shall interpret in this paper is MP : ???? P ? ?? P (P propositional formula) and show that when added to intuitionistic first-order logic, the resulting system is Herbrand constructive. This is the most general form of Markov?s principle that allows a significant constructive interpretation: we shall show how to non-trivially compute lists of witnesses for provable existential formulas thanks to an exception raising construct and a parallel computation operator. MP can also be used in conjunction with negative translations to compute Herbrand disjunctions in classical logic, something which is not possible with Herbelin?s form of Markov?s principle. 1.2 Restricted Excluded Middle The Curry-Howard correspondence we present here is by no means an ad hoc construction, only tailored for Markov?s principle. It is a simple restriction of the Curry-Howard correspondence for classical first-order logic introduced in [4], where classical reasoning is formalized by the excluded middle inference rule: ?, a : ?x Q ` u : C ?, a : ?x ?Q ` v : C EM ? ` u ka v : C It is enough to restrict the conclusion C of this rule to be an existential statement ?xP, with P propositional, and the Q in the premises ?x Q, ?x ?Q to be propositional. We shall show that the rule is intuitionistically equivalent to MP. With our approach, strong normalization is just inherited and the transition from classical logic to intuitionistic logic with MP is smooth and natural. 1.3 Markov?s Principle in Arithmetic We shall also provide a computational interpretation of Heyting Arithmetic with MP. The system is constructive and witnesses for provable existential statements can be computed. This time, we shall restrict the excluded middle as formalized in [2] and we shall directly obtain the desired Curry-Howard correspondence. As a matter of fact, the interpretation of MP in Arithmetic ends up to be a simplification of the methods we use in first-order logic, because the decidability of atomic formulas greatly reduces parallelism and eliminates case distinction on the truth of atomic formulas. 1.4 Plan of the Paper In Section 2, we provide a simple computational interpretation of first-order intuitionistic logic extended with Herbelin?s restriction of Markov?s principle. We also show that the full Markov principle MP cannot be proved in that system. In Section 3, we provide a Curry-Howard correspondence for intuitionistic logic with MP, by restricting the excluded middle, and show that the system is Herbrand constructive. In Section 4, we extend the Curry-Howard to Arithmetic with MP and show that the system becomes again constructive. 2 Herbelin?s Restriction of Markov?s Principle In [8] Herbelin introduced a Curry-Howard isomorphism for an extended intuitionistic logic. By employing exception raising operators and new reduction rules, he proved that the logic is constructive and can derive the axiom scheme HMP : ???? P ? ?? P (P propositional and ? not occurring in P) Actually, Herbelin allowed P also to contain existential quantifiers, but in that case the axiom scheme is intuitionistically equivalent to ????1 . . . ??n P ? ??1 . . . ??n P, again with P propositional and ? not occurring in P. All of the methods of our paper apply to this case as well, but for avoiding trivial details, we keep the present HMP. Our first goal is to show that HMP has a simpler computational interpretation and to provide a straightforward proof that, when added on top of first-order intuitionistic logic, HMP gives rise to a constructive system. In particular, we show that the ordinary Prawitz reduction rules for intuitionistic logic and thus the standard Curry-Howard isomorphism [6] are enough for extracting witnesses for provable existential formulas. The crucial insight, as we shall see, is that HMP can never actually appear in the head of a closed proof term having existential type. It thus plays no computational role in computing witnesses; it plays rather a logical role, in that it may be used to prove the correctness of the witnesses. We start by fixing the first-order language of logical formulas. I Definition 1 (Formula Language). The language L of formulas is defined as follows. 1. The terms of L are inductively defined as either variables ?, ?, . . . or constants c or expressions of the form f(t1, . . . , tn), with f a function constant of arity n and t1, . . . , tn ? L. 2. There is a countable set of predicate symbols. The atomic formulas of L are all the expressions of the form P(t1, . . . , tn) such that P is a predicate symbol of arity n and t1, . . . , tn are terms of L. We assume to have a 0-ary predicate symbol ? which represents falsity. 3. The formulas of L are built from atomic formulas of L by the logical constants ?, ?, ?, ?, ?, with quantifiers ranging over variables ?, ?, . . .: if A, B are formulas, then A ? B, A ? B, A ? B, ?? A, ?? B are formulas. The logical negation ?A can be introduced, as usual, as an abbreviation of the formula A ? ?. 4. Propositional formulas are the formulas whose only logical constants are ?, ?, ?; we say that a propositional formula is negative whenever ? does not occur in it. Propositional formulas will be denoted as P, Q . . . (possibly indexed). Formulas of the form ??1 . . . ??n P, with P propositional and negative, will be called simply universal. To achieve our goals, we now consider the usual natural deduction system for intuitionistic first-order logic [11, 6], in the language L, to which we add HMP. Accordingly, we add to the associated lambda calculus the constants MP : ???? P ? ?? P. The resulting Curry-Howard system is called IL + HMP and is presented in Figure 1. The reduction rules for IL + HMP presented in Figure 2 are just the ordinary ones of lambda calculus. On the other hand, MP has no computational content and thus no associated reduction rule. Of course, the strong normalization of IL + HMP holds by virtue of the result for standard intuitionistic Curry-Howard. I Theorem 2. The system IL + HMP is strongly normalizing. As we shall see in Theorem 5, the reason why HMP cannot be appear in the head of a closed proof term having existential type is that its premise ???? P is never classically valid, let alone provable in intuitionistic logic. I Proposition 3. Assume that the symbol ? does not occur in the propositional formula P. Then ???? P is not classically provable. Proof. We provide a semantical argument. The formula ???? P is classically provable if and only if it is classically valid and thus if and only if ?? P is classically valid. For every such a formula, we shall exhibit a model falsifying it. Consider the model M where every n-ary predicate is interpreted as the empty n-ary relation. We show by induction on the complexity of the formula P that PM = ? for every assignment of individuals to the free variables of P, and therefore (?? P)M = ?. If P is atomic, then by definition of M, we have P M = ? for every assignment of the variables. If P = P1 ? P2, then since by induction P1M = ?, (P1 ? P2)M = ? If P = P1 ? P2, then since by induction P1M = ? and P2M = ?, (P1 ? P2)M = ? J In order to derive constructivity of IL + HMP, we shall just have to inspect the normal forms of proof terms. Our main argument, in particular, will use the following well-known syntactic characterization of the shape of proof terms. Grammar of Untyped Proof Terms t, u, v ::= x | tu | tm | ?x u | ?? u | ht, ui | u?0 | u?1 | 0(u) | 1(u) | t[x.u, y.v] | (m, t) | t[(?, x).u] | H??P| MP where m ranges over terms of the first-order language of formulas L, x over proof-term variables, ? over first-order variables. Contexts With ? we denote contexts of the form x1 : A1, . . . , xn : An, where each xi is a proof-term variable, and xi 6= xj for i 6= j. where m is any term of the language L and ? does not occur free in any formula B occurring in ?. where ? is not free in C nor in any formula B occurring in ?. hu0, u1i?i 7? ui, for i=0,1 i(u)[x1.t1, x2.t2] 7? ti[u/xi], for i=0,1 (m, u)[(?, x).v] 7? v[m/?][u/x], for each term m of L I Proposition 4 (Head of a Proof Term). Every proof-term of IL + HMP is of the form I Theorem 5 (Constructivity of IL + HMP). 1. If IL + HMP ` t : ?? A, and t is in normal form, then t = (m, u) and IL + HMP ` u : A[m/?]. 2. If IL+HMP ` t : A?B and t is in normal form, then either t = 0(u) and IL+HMP ` u : A or t = 1(u) and IL + HMP ` u : B. Proof. 1. By Proposition 4, t must be of the form ru1 . . . uk. Let us consider the possible forms of r. Since t is closed, r cannot be a variable. We show that r cannot be MP. If r were MP : ???x P ? ?? P for some P, then IL + MP ` u1 : ???? P. Since IL + HMP is contained in classical logic, we have that ???? P is classically provable. However we know from Proposition 3 that this cannot be the case, which is a contradiction. We also show that r cannot be H??P. Indeed, if r were H??P for some P, then IL + MP ` u1 : ?, which is a contradiction. The only possibility is thus that r is one among ?x.t, ??.t, ht1, t2i, i(t), (m, t). In this case, k must be 0 as otherwise we would have a redex. This means that t = r and thus t = (m, u) with IL + HMP ` u : A(m). 2. The proof goes along the same lines of case 1. J Finally, we prove that IL + HMP is not powerful enough to express full Markov?s principle MP. Intuitively, the reason is that IL + HMP is a constructive system and thus cannot be strong enough to interpret classical reasoning. This would indeed be the case if IL + HMP proved MP, an axiom which complements very well negative translations. I Proposition 6. IL + HMP 0 MP. Proof. Suppose for the sake of contradiction that IL + HMP ` MP. Consider any proof in classical first-order logic of a simply existential statement ?? P. By the G?del-Gentzen negative translation (see [12]), we can then obtain an intuitionistic proof of ???? PN , where PN is the negative translation of P, and thus IL + HMP ` ?? PN . By Theorem 5, there is a first-order term m such that IL + HMP ` PN [m/?]. Since PN [m/?] is classically equivalent to P[m/?], we would have a single witness for every classically valid simply existential statement. But this is not possible: consider for example the first-order language L = {P, a, b} and the formula F = (P(a) ? P(b)) ? P(?) where P is an atomic predicate. Then the formula ?? F is classically provable, but there is no term m such that F [m/?] is valid, let alone provable: it cannot be m = a, as it is shown by picking a model where P is interpreted as the set {b} it cannot be m = b, because we can interpret P as the set {a}. J 3 Full Markov Principle and Restricted Excluded Middle in First-Order Logic In this section we describe the natural deduction system and Curry-Howard correspondence IL + EM1?, which arise by restricting the excluded-middle in classical natural deduction [4]. This computational system is based on delimited exceptions and a parallel operator. We will show that on one hand full Markov principle MP is provable in IL + EM1? and, on the other hand, that IL + MP derives all of the restricted classical reasoning that can be expressed in IL + EM1?, so that the two systems are actually equivalent. Finally, we show that the system IL +EM1? is Herbrand constructive and that witnesses can effectively be computed. In order to computationally interpret Markov?s principle, we consider the rule EM1?, which is obtained by restricting the conclusion of the excluded middle EM1 [4, 2] to be a simply existential formula: These last two rules correspond respectively to a term making an Hypothesis and a term waiting for a Witness and these terms are put in communication via EM1?; the variable a in u ka v represents their communication channel and all the free occurrences of a in u and v are bound in u ka v. In the terms H??A and W??A the free variables are a and those of A a a minus ?. A term of the form H??Pm, with m first-order term, is said to be active, if its only a free variable is a: it represents a raise operator which has been turned on. The term u ka v supports an exception mechanism: u is the ordinary computation, v is the exceptional one and a is the communication channel. Raising exceptions is the task of the term H??P, when it a encounters a counterexample m to ?? P; catching exceptions is performed by the term Wa???P. For this reason, the notation raisea??A, as in [8], would also have been just fine, as well as the far less evocative notation a??A. In first-order logic, however, there is an issue: when should an exception be thrown? Since the truth of atomic predicates depends on models, one cannot know. Therefore, each time H??P is applied to a term m, a new pair of parallel a independent computational paths is created, according as to whether P[m/?] is false or true. In one path the exception is thrown, in the other not, and the two computations will never join again. To render this computational behaviour, we add the rule EM0 of propositional excluded middle over negative formulas ?, a : ?P ` u : A ?, a : P ` v : A ? ` u | v : A EM0 even if in principle it is derivable from EM1?; we also add the axiom ?, a : P ` HP : P Communication channel variables are not used in terms of the form u | v because there is no useful information that can be raised by u and handed to v: the premises of EM0 are completely void of positive information, because they are negative formulas; a cannot occur in u nor in v. But u | v does not prevent the computation to go on, thanks to the permutation rules and because negative propositional assumptions do not stop the computation, that is, do not prevent normal proofs of existential statements to terminate with an ?-introduction rule. We call the resulting system IL + EM1? (Figure 3) and present its reduction rules in Figure 4; they just form a restriction of the system IL + EM described in [4]. The permutation rules for EM1? are left out, because the inference conclusion already behaves like a ?data type?, so there is no need to further transform it. The other reduction rules are based on the following definition, which formalizes the raise and catch mechanism. Grammar of Untyped Proof Terms t, u, v ::= x | tu | tm | ?x u | ?? u | ht, ui | u?0 | u?1 | 0(u) | 1(u) | t[x.u, y.v] | (m, t) | t[(?, x).u] | (u | v) | (u ka v) | Ha??A | Wa??P | HP where m ranges over terms of L, x over proof-term variables, ? over first-order variables, a over hypothesis variables, A is either a negative formula or a simply universal formula, and P is negative. In the term u ka v there must be some formula P, such that a occurs free in u only in subterms of the form Ha??P and a occurs free in v only in subterms of the form Wa??P, and the occurrences of the variables in P different from ? are free in both u and v. Contexts With ? we denote contexts of the form x1 : A1, . . . , xn : An, a1 : B1, . . . , am : Bm,, where x1, . . . , xn are distinct proof-term variables and a1, . . . , am are distinct EM hypothesis variables. Axioms ?, x : A ` x : A where m is any term of the language L and ? does not occur free in any formula B occurring in ?. Existential Quantification where ? is not free in C nor in any formula B occurring in ?. v[a := m] v[a := m] I Definition 7 (Exception Substitution). Suppose v is any proof term and m is a term of L. Then: 1. If every free occurrence of a in v is in a subterm of the form W??P, we define a as the term obtained from v by replacing each subterm W??P corresponding to a free a occurrence of a in v by (m, HP[m/?]). 2. If every free occurrence of a in v is in a subterm of the form H??P, we define a as the term obtained from v by replacing each subterm H??Pm corresponding to a free a occurrence of a in v by HP[m/?]. hu0, u1i?i 7? ui, for i=0,1 i(u)[x1.t1, x2.t2] 7? ti[u/xi], for i=0,1 (m, u)[(?, x).v] 7? v[m/?][u/x], for each term m of L Permutation Rules for EM0 (u | v)w 7? uw | vw (u | v)?i 7? u?i | v?i Reduction Rules for EM1? (u | v)[x.w1, y.w2] 7? u[x.w1, y]w2 | v[x.w1, y]w2 (u | v)[(?, x).w] 7? u[(?, x).w] | v[(?, x).w] u ka v 7? u, if a does not occur free in u u ka v 7? v[a := m] | (u[a := m] ka v), whenever u has some active subterm Ha??Pm As we anticipated, our system is capable of proving the full Markov Principle MP and thus its particular case HMP. I Proposition 8 (Derivability of MP). IL + EM1? ` MP Proof. First note that with the use of EM0, we obtain that IL + EM1? ` P ? ?P for any atomic formula P. Therefore IL + EM1? can prove any propositional tautology, and in particular IL + EM1? ` P ? Q ? ?(?P ? ?Q) for any propositional formulas P, Q, thus proving that each propositional formula is equivalent to a negative one. Consider now any instance ???? Q ? ?? Q of MP. Thanks to the previous observation, we obtain IL + EM1? ` ???? Q ? ?? Q ? ???? P ? ?? P for some negative formula P logically equivalent to Q. The following formal proof shows that IL + EM1? ` ???? P ? ?? P. [???? P](2) [?? P](1) ? ?? P [?? ?P]EM1? ?P ? ??? P (1) ? ? Finally, this implies IL + EM1? ` ???? Q ? ?? Q. J Conversely, everything which is provable within our system can be proven by means of first-order logic with full Markov principle. I Theorem 9. If IL + EM1? ` F , then IL + MP ` F . following derivation shows a proof of ?? C in IL + MP. ?? C Proof. We just need to show that IL + MP can prove the rules EM1? and EM0. For the case of EM0, note that IL + MP ` ??P ? P for all propositional formulas P, thanks to MP. Since for every propositional Q we have IL + MP ` ??(Q ? ?Q), we obtain IL + MP ` Q ? ?Q, and therefore IL + MP can prove EM0 by mean of an ordinary disjunction elimination. ?? P ???P In the case of EM1?, if we are given the proofs of ... and ... in IL + MP, the ??C [???P](2) . . . ??C [??P](1) . . . ??C ? ???P [???C](4) (1) ? ????P [???C](4) (2) ? ????C (4) ? ??P (3) [?P](3) ?? ?P P ?? P ?? C ?? P ? P ???? C ? ?? C J As in [4], all of our main results about witness extraction are valid not only for closed terms, but also for quasi-closed ones, which are those containing only pure universal assumptions. I Definition 10 (Quasi-Closed terms). An untyped proof term t is said to be quasi-closed, if it contains as free variables only hypothesis variables a1, . . . , an, such that each occurrence of them is in a term of the form H??~Pi , where ??~ Pi is simply universal. ai IL + EM1? with the reduction rules in Figure 4 enjoys the Subject Reduction Theorem, as a particular case of the Subject Reduction for IL + EM presented in [4]. I Theorem 11 (Subject Reduction). If ? ` t : C and t 7? u, then ? ` u : C. No term of IL + EM1? gives rise to an infinite reduction sequence [4]. I Theorem 12 (Strong Normalization). Every term typable in IL+EM1? is strongly normalizing. We now update the characterization of proof-terms heads given in Proposition 4 to the case of IL + EM1?. I Theorem 13 (Head of a Proof Term). Every proof term of IL + EM1? is of the form: where r is either a variable x, a constant HP or Ha??A or Wa??P or an excluded middle term u ka v or u | v, or a term corresponding to an introduction rule ?x.t, ??.t, ht1, t2i, i(t), (m, t) u1, . . . uk are either lambda terms, first order terms, or one of the following expressions corresponding to elimination rules: ?i, [x.w1, y.w2], [(?, x).t] Proof. Standard. J We now study the shape of the normal terms with the most simple types. I Proposition 14 (Normal Form Property). Let P, P1, . . . Pn be negative propositional formulas, A1, . . . , Am simply universal formulas. Suppose that and ? ` t : ?? P or ? ` t : P, with t in normal form and having all its free variables among z1, . . . zn, a1, . . . am. Then: 1. Every occurrence in t of every term Ha?i?iAi is of the active form Ha?i?iAi m, where m is a term of L. 2. t cannot be of the form u ka v. Proof. We prove 1. and 2. simultaneously and by induction on t. There are several cases, according to the shape of t: t = (m, u), ? ` t : ?? P and ? ` u : P[m/?]. We immediately get 1. by induction hypothesis applied to u, while 2. is obviously verified. t = ?x u, ? ` t : P = Q ? R and ?, x : Q ` u : R. We immediately get 1. by induction hypothesis applied to u, while 2. is obviously verified. t = hu, vi, ? ` t : P = Q ? R, ? ` u : Q and ? ` v : R. We immediately get 1. by induction hypothesis applied to u and v, while 2. is obviously verified. t = u | v, ?, a : ?Q ` u : ?? P (resp. u : P) and ?, a : Q ` v : ?? P (resp. v : P). We immediately get 1. by induction hypothesis applied to u and v, while 2. is obviously verified. t = u ka v. We show that this is not possible. Note that a must occur free in u, otherwise t is not in normal form. Since ?, a : ?? A ` u : ?? P, we can apply the induction hypothesis to u, and obtain that all occurrences of hypothetical terms must be active; in particular, this must be the case for the occurrences of Ha??A, but this is not possible since t is in normal form. t = H??Ai . This case is not possible, for ? ` t : ?? P or ? ` t : P. ai t = W??P. This case is not possible, since a : ?? P is not in ?. a t = HP. In this case, 1. and 2. are trivially true. t is obtained by an elimination rule and by Theorem 13 we can write it as r t1 t2 . . . tn. Notice that in this case r cannot correspond to an introduction rule neither be a term of the form u ka v, because of the induction hypothesis, nor u | v, because of the permutation rules and t being in normal form; moreover, r cannot be W??P , otherwise b would be free b in t and b 6= a1, . . . , an. We have now two remaining cases: 1. r = xi (resp. r = HP). Then, since ? ` xi : Pi (resp. ? ` HP : P), we have that for each i, either ti is ?j or ? ` ti : Q, where Q is a negative propositional formula. By induction hypothesis, each ti satisfies 1. and also t, while 2. is obviously verified. 2. r = H??iAi . Then, t1 is a closed term of L. Let Ai = ??1 . . . ??l Q, with Q propositional, ai we have that for each i, either ti is a closed term of L or ti is ?j or ? ` ti : R, where R is a negative propositional formula. By induction hypothesis, each ti which is a proof term satisfies 1. and thus also t, while 2. is obviously verified. J If we omit the parentheses, we will show that every normal proof-term having as type an existential formula can be written as v0 | v1 | . . . | vn, where each vi is not of the form u | v; if for every i, vi is of the form (mi, ui), then we call the whole term an Herbrand normal form, because it is essentially a list of the witnesses appearing in an Herbrand disjunction. Formally: I Definition 15 (Herbrand Normal Forms). We define by induction a set of proof terms, called Herbrand normal forms, as follows: Every normal proof-term (m, u) is an Herbrand normal form; if u and v are Herbrand normal forms, u | v is an Herbrand normal form. Our last task is to prove that all quasi-closed proofs of any existential statement ?? A include an exhaustive sequence m1, m2, . . . , mk of possible witnesses. This theorem is stronger than the usual Herbrand theorem for classical logic [4], since we are stating it for any existential formula and not just for formulas with a single and existential quantifier. I Theorem 16 (Herbrand Disjunction Extraction). Let ?? A be a closed formula. Suppose ? ` t : ?? A in IL + EM1? for a quasi closed term t, and t 7?? t0 with t0 in normal form. Then ? ` t0 : ?? A and t0 is an Herbrand normal form (m0, u0) | (m1, u1) | . . . | (mk, uk) Moreover, ? ` A[m1/?] ? ? ? ? ? A[mk/?]. Proof. By the Subject Reduction Theorem 11, ? ` t0 : ?? A. We proceed by induction on the structure of t0. According to Theorem 13, we can write t0 as ru1 . . . un. Note that since t0 is quasi closed, r cannot be a variable; moreover, r cannot be a term HP or Hb??B, otherwise t0 would not have type ?? A, nor a term W??P, otherwise t0 would not be quasi closed. r also b cannot be of the shape u ka v, otherwise ? ` u ka v : ?? Q, for some negative propositional Q, but from Proposition 14 we know that this is not possible. By Theorem 13, we are now left with only two possibilities. 1. r is obtained by an introduction rule. Then n = 0, otherwise there is a redex, and thus the only possibility is t0 = r = (n, u) which is an Herbrand Normal Form. 2. r = u | v. Again n = 0, otherwise we could apply a permutation rule; then t0 = r = u | v, and the thesis follows by applying the induction hypothesis on u and v. We have thus shown that t0 is an Herbrand normal form (m0, u0) | (m1, u1) | . . . | (mk, uk) Finally, we have that for each i, ?i ` ui : A[mi/?], for the very same ?i that types (mi, ui) of type ?? A in t0. Therefore, for each i, ?i ` ui+ : A[m1/?] ? ? ? ? ? A[mk/?], where ui+ is of the form i1 (. . . ik (ui) . . .). We conclude that ? ` u0+ | u1+ | . . . | uk+ : A[m1/?] ? ? ? ? ? A[mk/?] 4 J The original statement of Markov?s principle refers to Arithmetic and can be formulated in the system of Heyting Arithmetic HA as ???? P ? ?? P, for P atomic By adapting IL + EM1? to Arithmetic, following [2], we will now provide a new computational interpretation of Markov?s principle. Note first of all that propositional formulas are decidable in intuitionistic Arithmetic HA: therefore we will not need the rule EM0? and the pure parallel operator. For the very same reason, we can expect the system HA + EM1? to be constructive and the proof to be similar to the one of Herbrand constructivity for IL + EM1?. In this section indeed we will give such a syntactic proof. We could also have used the realizability interpretation for HA + EM1 introduced in [2] (see [10]). 4.1 The system HA + EM? 1 We will now introduce the system HA + EM1?. We start by defining the language: I Definition 17 (Language of HA + EM1?). The language L of HA + EM1 is defined as follows. 1. The terms of L are inductively defined as either variables ?, ?, . . . or 0 or S(t) with t ? L. A numeral is a term of the form S . . . S0. 2. There is one symbol P for every primitive recursive relation over N; with P? we denote the symbol for the complement of the relation denoted by P. The atomic formulas of L are all the expressions of the form P(t1, . . . , tn) such that t1, . . . , tn are terms of L and n is the arity of P. Atomic formulas will also be denoted as P, Q, Pi, . . . and P(t1, . . . , tn)? := P?(t1, . . . , tn). 3. The formulas of L are built from atomic formulas of L by the connectives ?, ?, ?, ?, ? as usual, with quantifiers ranging over numeric variables ?N, ?N, . . .. The system HA + EM1? in Figure 5 extends the usual Curry-Howard correspondence for HA with our rule EM1? and is a restriction of the system introduced in [2]. The purely universal arithmetical axioms are introduced by means of Post rules, as in Prawitz [11]. As we anticipated, there is no need for a parallelism operator. Therefore EM1? introduces a pure delimited exception mechanism, explained by the reduction rules in Figure 6: whenever we have a term u ka v and H??Pm appears inside u, we can recursively check whether P[m/?] a holds, and switch to the exceptional path if it doesn?t; if it does, we can remove the instance of the assumption. When there are no free assumptions relative to a left in u, we can forget about the exceptional path. Similarly to the previous sections, we extend the characterization of the proof-term heads to take into account the new constructs. I Theorem 18 (Head of a Proof Term). Every proof term of HA + EM1? is of the form: where r is either a variable x, a constant H??P , W??P , r or R, an excluded middle term u ka v, a a or a term corresponding to an introduction rule ?x.t, ??.t, ht1, t2i, i(t), (m, t) u1, . . . uk are either lambda terms, first order terms, or one of the following expressions corresponding to elimination rules: ?i, [x.w1, y.w2], [(?, x).t] The new system proves exactly the same formulas that can be proven by making use of Markov?s principle in Heyting Arithmetic. I Theorem 19. For any formula F in the language L, HA + MP ` F if and only if HA + EM1? ` F . Proof. The proof is identical as the one in the previous section. J Grammar of Untyped Terms t, u, v ::= x | tu | tm | ?x u | ?? u | ht, ui | u?0 | u?1 | 0(u) | 1(u) | t[x.u, y.v] | (m, t) | t[(?, x).u] | (u ka v) | Ha??P | Wa??P | True | Ruvm | rt1 . . . tn u are of the form Ha??P and those in v are of the form Wa??P? . where m ranges over terms of L, x over variables of the lambda calculus and a over EM1 hypothesis variables. Moreover, in terms of the form u ka v there is a P such that all the free occurrences of a in Contexts With ? we denote contexts of the form e1 : A1, . . . , en : An, where ei is either a proof-term variable x, y, z . . . or a EM1? hypothesis variable a, b, . . . ?, a : ??NP ` Ha??P : ??NP ?, a : ??NP? ` Wa??P : ??NP? where m is any term of the language L and ? does not occur free in any formula B occurring in ?. where ? is not free in C nor in any formula B occurring in ?. ? ` u : A(0) ? ` v : ??N.A(?) ? A(S(?)) ? ` Ruvm : A[m/?] , where m is a term of L ? ` u1 : A1 ? ` u2 : A2 ? ? ? ? ` un : An ? ` u : A where A1, A2, . . . , An, A are atomic formulas of HA and the rule is a Post rule for equality, for a Peano axiom or for a classical propositional tautology or for booleans and if n > 0, u = ru1 . . . un, otherwise u = True. EM1? Figure 5 Term Assignment Rules for HA + EM1. (P atomic, Q negative propositional) HA + EM1? with the reduction rules in Figure 4 enjoys the Subject Reduction Theorem [2, 10]. I Theorem 20 (Subject Reduction). If ? ` t : C and t 7? u, then ? ` u : C. No term of HA + EM1? gives rise to an infinite reduction sequence [1]. I Theorem 21 (Strong Normalization). Every term typable in HA + EM1? is strongly normalizing. Reduction Rules for HA hu0, u1i?i 7? ui, for i=0,1 i(u)[x1.t1, x2.t2] 7? ti[u/xi], for i=0,1 (m, u)[(?, x).v] 7? v[m/?][u/x], for each term m of L Ruv0 7? u Ruv(Sn) 7? vn(Ruvn), for each numeral n Reduction Rules for EM1? u ka v 7? u, if a does not occur free in u u ka v 7? v[a := n], if Ha??Pn occurs in u and P[n/?] is closed and P[n/?] is false (Ha??P)n 7? True if P[n/?] is closed and P[n/?] is true We can now proceed to prove the constructivity of the system, that is the disjunction and existential properties. We will do this again by inspecting the normal forms of the proof terms; the first thing to do is adapting Proposition 14 to HA + EM1?. I Proposition 22 (Normal Form Property). Let P, P1, . . . Pn be negative propositional formulas, A1, . . . Am simply universal formulas. Suppose that ? = z1 : P1, . . . zn : Pn, a1 : ??1A1, . . . am : ??mAm and ? ` t : ?? P or ? ` t : P, with t in normal form and having all its free variables among z1, . . . zn, a1, . . . am. Then: 1. Every occurrence in t of every term Ha?i?iAi is of the active form Ha?i?iAi m, where m is a term of L 2. t cannot be of the form u ka v. Proof. The proof is identical to the proof of Proposition 14. We just need to consider the following additional cases: t = rt1t2 . . . tn. Then ? ` ti : Qi for some atomic Qi and for i = 1 . . . n; thus 1. holds by applying the inductive hypothesis to the ti, while 2. is obviously verified. t = Rt1 . . . tn. This case is not possible, otherwise, since t3 is a numeral, t would not be in normal form. J Thanks to this, we can now state the main theorem. The proof of the existential property is the same as the one for Theorem 16: we just need to observe that since we don?t have a parallelism operator in HA + EM1?, every Herbrand disjunction will consist of a single term. The disjunction property will follow similarly. I Theorem 23 (Constructivity of HA + EM1?). If HA + EM1? ` t : ??A, then there exists a term t0 = (n, u) such that t 7?? t0 and HA + EM1? ` u : A[n/?] If HA + EM1? ` t : A ? B, then there exists a term t0 such that t 7?? t0 and either t0 = 0(u) and HA + EM1? ` u : A, or t0 = 1(u) and HA + EM1? ` u : B Proof. For both cases, we start by considering a term t0 such that t 7?? t0 and t0 is in normal form. By the Subject Reduction Theorem 11 we have that HA + EM1? ` t0 : ??A (resp. HA + EM1? ` t0 : A ? B). By Theorem 13 we can write t0 as rt1 . . . tn. Since t0 is closed, r cannot be a variable x or a term H??P or Wa??P; moreover it cannot be r, otherwise the type of a t0 would have to be atomic, and it cannot be R, otherwise the term would not be in normal form. r also cannot have been obtained by EM1?, otherwise HA + EM1? ` r : ??P, for P atomic and r = t1 ka t2; but this is not possible due to Proposition 22. Therefore, r must be obtained by an introduction rule. We distinguish now the two cases: HA + EM1? ` t0 : ??B. Since the term is in normal form, n has to be 0, that is t0 = r and r = (n, u); hence also HA + EM1? ` u : A(n). HA + EM1? ` t0 : A ? B. Then either t0 = 0(u), and so HA + EM1? ` u : A, or t0 = 1(u), and so HA + EM1? ` u : B. J 1 2 3 4 5 6 7 8 9 10 13 Federico Aschieri . Strong normalization for HA + EM1 by non-deterministic choice . In Proceedings First Workshop on Control Operators and their Semantics , COS 2013 , Eindhoven, The Netherlands , June 24-25, 2013 ., pages 1 - 14 , 2013 . doi: 10 .4204/EPTCS.127.1. Federico Aschieri , Stefano Berardi, and Giovanni Birolo . Realizability and strong normalization for a Curry-Howard interpretation of ha+em1 . In Computer science logic 2013 , volume 23 of LIPIcs. Leibniz Int. Proc. Inform ., pages 45 - 60 . Schloss Dagstuhl. LeibnizZent. Inform., Wadern , 2013 . Federico Aschieri and Margherita Zorzi . A ?game semantical? intuitionistic realizability validating Markov's principle . In 19th International Conference on Types for Proofs and Programs , volume 26 of LIPIcs. Leibniz Int. Proc. Inform ., pages 24 - 44 . Schloss Dagstuhl. Leibniz-Zent . Inform., Wadern , 2014 . Comput. Sci. , 625 : 125 - 146 , 2016 . doi: 10 .1016/j.tcs. 2016 . 02 .028. Samuel R. Buss . On Herbrand's theorem. In Logic and computational complexity (Indianapolis , IN, 1994 ), volume 960 of Lecture Notes in Comput. Sci. , pages 195 - 209 . Springer, Berlin, 1995 . doi: 10 .1007/3-540-60178-3_ 85 . Ph. de Groote, editor. The Curry-Howard isomorphism , volume 8 of Cahiers du Centre de Logique [ Reports of the Center of Logic] . Academia-Erasme, Louvain-la- Neuve ; Universit? Catholique de Louvain, D?partement de Philosophie, Louvain-la- Neuve , 1995 . Dialectica , 12 : 280 - 287 , 1958 . doi: 10 .1111/j.1746- 8361 . 1958 .tb01464.x. Hugo Herbelin . An intuitionistic logic that proves Markov's principle . In 25th Annual IEEE Symposium on Logic in Computer Science LICS 2010 , pages 50 - 56 . IEEE Computer Soc., Los Alamitos, CA, 2010 . S. C. Kleene . On the interpretation of intuitionistic number theory . J. Symbolic Logic , 10 : 109 - 124 , 1945 . doi: 10 .2307/2269016. Matteo Manighetti . Computational interpretations of markov's principle . Master's thesis , Wien, Techn. Univ., Wien , 2016 . URL: https://arxiv.org/abs/1611.03714. Dag Prawitz . Ideas and results in proof theory . In Proceedings of the Second Scandinavian Logic Symposium (Univ. Oslo , Oslo, 1970 ), pages 235 - 307 . Studies in Logic and the Foundations of Mathematics , Vol. 63 . North-Holland, Amsterdam, 1971 . A. S. Troelstra . Corrections and additions to: Metamathematical investigation of intuitionistic arithmetic and analysis (Lecture Notes in Math. , Vol. 344 , Springer, Berlin, 1973 ). Mathematisch Intituut , Universiteit van Amsterdam, Amsterdam, 1974 . Report 74-16. A. S. Troelstra and D. van Dalen. Constructivism in mathematics . Vol. I, volume 121 of Studies in Logic and the Foundations of Mathematics. North-Holland Publishing Co., Amsterdam , 1988 . An introduction .


This is a preview of a remote PDF: http://drops.dagstuhl.de/opus/volltexte/2018/9859/pdf/LIPIcs-TYPES-2016-4.pdf

Federico Aschieri, Matteo Manighetti. On Natural Deduction for Herbrand Constructive Logics II: Curry-Howard Correspondence for Markov's Principle in First-Order Logic and Arithmetic, LIPICS - Leibniz International Proceedings in Informatics, 2018, 4:1-4:17, DOI: 10.4230/LIPIcs.TYPES.2016.4