observational equality: now for good
TRANSCRIPT
HAL Id: hal-03367052https://hal.inria.fr/hal-03367052v3
Submitted on 9 Nov 2021 (v3), last revised 10 Nov 2021 (v4)
HAL is a multi-disciplinary open accessarchive for the deposit and dissemination of sci-entific research documents, whether they are pub-lished or not. The documents may come fromteaching and research institutions in France orabroad, or from public or private research centers.
Lโarchive ouverte pluridisciplinaire HAL, estdestinรฉe au dรฉpรดt et ร la diffusion de documentsscientifiques de niveau recherche, publiรฉs ou non,รฉmanant des รฉtablissements dโenseignement et derecherche franรงais ou รฉtrangers, des laboratoirespublics ou privรฉs.
Observational Equality: Now For GoodLoรฏc Pujet, Nicolas Tabareau
To cite this version:Loรฏc Pujet, Nicolas Tabareau. Observational Equality: Now For Good. POPL, Jan 2022, Philadelphie,United States. ๏ฟฝhal-03367052v3๏ฟฝ
12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849
Observational Equality: Now For Good
LOรC PUJET, Inria, FranceNICOLAS TABAREAU, Inria, France
Building on the recent extension of dependent type theory with a universe of definitionally proof-irrelevanttypes, we introduce TTobs, a new type theory based on the setoidal interpretation of dependent type theory.TTobs equips every type with an identity relation that satisfies function extensionality, propositional exten-sionality, and definitional uniqueness of identity proofs (UIP). Compared to other existing proposals to enrichdependent type theory with these principles, our theory features a notion of reduction that is normalizingand provides an algorithmic canonicity result, which we formally prove in Agda using the logical relationframework of Abel et al. Our paper thoroughly develops the meta-theoretical properties of TTobs, such asthe decidability of the conversion and of the type checking, as well as consistency. We also explain how toextend our theory with quotient types, and we introduce a setoidal version of Swanโs Id types that turn it intoa proper extension ofMLTT with inductive equality.
CCS Concepts: โข Theory of computationโ Type theory.
Additional Key Words and Phrases: type theory, dependent types, rewriting theory, confluence, termination
ACM Reference Format:Loรฏc Pujet and Nicolas Tabareau. 2022. Observational Equality: Now For Good. In Proceedings of POPL. ACM,New York, NY, USA, Article XX, 26 pages.
1 INTRODUCTIONDependent type theories and in particular MLTT, as originally developed by Martin-Lรถf [1975],provide an adequate framework for developing constructive mathematics and certifying software.A core aspect of MLTT is the coexistence of two distinct notions of equality: a definitional equalitythat records the equations automated by the system, and a propositional equality that is a typeinternal to the system and thus can be used to do equational reasoning. However, the propositionalequality of MLTT lacks some extensionality principles that pervade mathematical reasoning, suchas function extensionality (funext). Since they are generally considered desirable, these principlesare sometimes added as axioms, but doing so results in a system with weaker computationalproperties.Throughout the years, several options to obtain a more extensional version of propositional
equality while preserving computation have been explored. The most successful lines of work canbe roughly divided into two groups: the ones using an observational equality, and the ones using acubical equality. Both notions build on the following fundamental idea: in order to obtain sufficientextensionality principles, the behavior of equality in a given type should be explicitly specified forevery type instead of using a single definition that is parametric over the types.
The work on observational equality originated from the study of the setoid model of type theory[Altenkirch 1999; Hofmann 1995], and a first attempt at a proper type theory that supports anobservational equality satisfying funext has been been proposed in [Altenkirch et al. 2007]. In thesesystems, observational equality equips every type with a setoid structure. This setoidal equalitysatisfies the uniqueness of identity proofs (UIP), which states that all proofs of an equality areequal; in other words, equality is proof irrelevant.
POPL, 2022, jsp. ACM ISBN 978-x-xxxx-xxxx-x/YY/MM.
1
50515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798
POPL, 2022, jsp Loรฏc Pujet and Nicolas Tabareau
The other line of work is more recent and takes its roots in the formulation of the univalenceaxiom [Kapulkin and Lumsdaine 2018; Univalent Foundations Program 2013], which gives a newmeaning to the equality between types: two types are equal when they equivalent. This can beunderstood as an extensionality principle for the universe of types. In their search for a compu-tational interpretation of univalence, Cohen et al. [2015] developed a notion of cubical equality,which satisfies funext and univalence, but is incompatible with UIP.
Thus, observational equality and cubical equality are two diverging directions for providingpropositional equality withmore extensionality. Altenkirch et al. [2016]; Capriotti [2017]; Voevodsky[2013] advocate that the two solutions are actually complementary and can be integrated to a singlesystem with two universe hierarchies, one that satisfies univalence and the other that satisfies UIP.While cubical type theory has been thoroughly investigated and even implemented in the Agdaproof assistant Vezzosi et al. [2019], observational equality has not reached a comparable levelof maturity. Recent attempts to design a type theory based on observational equality are eitherlacking an algorithm for type checking Sterling et al. [2019], or restricted to a single universe andhaving computational properties only up to a conjecture Altenkirch et al. [2019]. Indeed, the latterrelies on computation in an enriched version of MLTT that features a universe of definitionallyproof-irrelevant types (noted hereafter ฮฉ๐ ) as recently proposed by Gilbert et al. [2019], along witha proof-irrelevant identity type that supports a strong eliminator. This theory has not been justifiedyet, and it has even been shown not to be normalizing in presence of impredicativity Abel andCoquand [2020].In this paper, we define TTobs, the first extension ofMLTT + ฮฉ๐ with an observational equality
that satisfies UIP, funext and propext, and supports quotient types and countably many universesโwith a proof of normalization and canonicity formalized in Agda.1 Firstly, we remark that thistheory can only be derived in a system with some level of cumulativity, as it is required for certaincomputation rules to be well-typed. This makes explicit some difficulties that do not show up inprevious works. Second, we remark that our version of observational equality can be equippedwith two elimination principles: a notion of type cast (or coercion) for proof relevant types, andthe standard eliminator of MLTT for proof irrelevant types, thus making all the setoidal structurederivable from the standard eliminator. Funext and propext are obtained by specifying the rightcomputation rules for observational equality whereas UIP is obtained for free by interpretingobservational equality in ฮฉ .The proof of normalization and canonicity is based on the use of logical relations defined in
Agda using induction-recursion as initially developed by Abel et al. [2018] and later extendedto ฮฉ by Gilbert et al. [2019]. Compared to previous work on formalized normalization proofs,we have added the support for a cumulative hierarchy with two universes, and we make a cleardistinction between inhabitants of proof-irrelevant types, which have no computational behavior,and inhabitants of proof relevant types, which do. This key change allows us to add new principlesin ฮฉ without having to supply them with a computational behavior, trivializing for instance themanagement of higher coherences of the cubical interpretation. In counterpart for this addedflexibility, normalization does not directly imply canonicity anymore, and a separate proof ofconsistency of the theory is required to derive canonicity. This proof is done by defining a modelfor TTobs, but as consistency is the only consequence that we need from the existence of a model,the model can be defined in an extensional setting.
To illustrate the simplicity of extendingMLTT +ฮฉ to TTobs, we have implemented a simple versionin Agda using rewrite rules, as recently introduced by Cockx et al. [2021] (file [setoid_rr.agda]).
1The formalization is available at https://github.com/CoqHott/logrel-mltt/, references to a particular file are done using[myfile.agda] which directly points to the corresponding file on github.
2
99100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147
Observational Equality: Now For Good POPL, 2022, jsp
๐ ::= ๐ฐ | ฮฉ Relevances๐, ๐ โ N Universe levelsฮ,ฮ ::= โข | ฮ, ๐ฅ :๐ ,๐ ๐ด Contexts๐ก,๐ข,๐, ๐, ๐, ๐ด, ๐ต ::= ๐ฅ | ๐ ๐ Variables and Universes
| _(๐ฅ : ๐ด). ๐ก | ๐ก ๐ข | ฮ ๐๐ ,๐(๐ฅ : ๐ด) . ๐ต Dependent products
| 0 | S ๐ก | Nโelim(๐, ๐ก,๐ข, ๐) | N Natural numbers| โจ๐ก,๐ขโฉ | fst(๐ก) | snd(๐ก) | โ ๐
๐(๐ฅ : ๐ด). ๐ต Existential types
| โฅโelim(๐ด, ๐ก) | โฅ Empty type| โ | โค Singleton type| ๐ก โผ๐ด ๐ข | refl(๐ก) | transp(๐ก, ๐ต,๐ข, ๐ก โฒ, ๐) Observational equality| cast(๐ด, ๐ต, ๐, ๐ก) | castrefl(๐ด, ๐ก) Type cast
Fig. 1. Syntax of TTobs
Plan of the paper. In Section 2, we present the syntax and typing rules of TTobs, focusing on itsnotions of conversion and reduction. Then in Section 3, we develop the logical relation framework,and the model from which we derive consistency. This shows normalization, canonicity anddecidability of typechecking for TTobs. In Section 4, we explain how to extend TTobs to supportquotient types, box types and squash types, as well as the standard identity type ofMLTT, whilepreserving meta-theoretical properties.
2 A TYPE THEORYWITH OBSERVATIONAL EQUALITYTTobs has two cumulative hierarchies of universes. The first one, which we write ๐ฐ๐ (where ๐ isa natural number), is the usual universe hierarchy of Martin-Lรถf type theory. The second family,which we write ฮฉ๐ , is the family of definitionally proof-irrelevant types, which means that any twoinhabitants of a type ๐ด : ฮฉ๐ are convertible. This corresponds to the two hierarchies presentedin Gilbert et al. [2019] and implemented in Agda, except that we also introduce some cumulativityfeatures that will prove useful when interpreting equality in the universe of propositions and fordependent function types. Having a proof-irrelevant hierarchy of types seems to be crucial tointerpret an extensional equality that satisfies UIP. Indeed, it trivializes all of the higher coherencesthat naturally arise when considering proofs of equality between equalities, and provides a canonicalinhabitant for the type that encodes UIP, which is simply given by reflexivity.
2.1 Syntax of TTobs
The syntax of the sorts, contexts, terms and types of TTobs is specified in Fig. 1. The theory featurescumulative dependent functions (noted ฮ ๐
๐ ,๐(๐ฅ : ๐ด). ๐ต) with [-equality, natural numbers, as well
as proof-irrelevant dependent sums (noted โ(๐ฅ : ๐ด). ๐ต), a proof-irrelevant empty type (noted โฅ)and unit type (noted โค). When ๐ต does not depend on ๐ด, we write ๐ด โ ๐ต instead of ฮ (๐ฅ : ๐ด). ๐ต,and ๐ด โง ๐ต instead of โ(๐ฅ : ๐ด). ๐ต. The capture-avoiding substitution of a variable ๐ฅ in a term ๐ด bythe term ๐ก is noted ๐ต [๐ฅ := ๐ก]. TTobs can also be extended with more primitives such as quotientsor general inductive types, but we defer the treatment of those to Section 4 to better focus on thetreatment of equality in the theory.Compared to MLTT with proof irrelevant types, there are two fundemental new ingredients in
TTobs. The first is a proof-irrelevant observational equality type ๐ก โผ๐ด ๐ข that encodes equality of ๐กand ๐ข at type ๐ด, together with a term refl(๐ก) that witnesses reflexivity of this equality. The secondis an operation that casts a term ๐ก from a type๐ด to another type ๐ต according to a proof of equality ๐between ๐ด and ๐ต, which is noted cast(๐ด, ๐ต, ๐, ๐ก). This operation comes with a witness castrefl(๐ด, ๐ก)
3
148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196
POPL, 2022, jsp Loรฏc Pujet and Nicolas Tabareau
that casting between a type ๐ด and itself does nothing. Note that since observational equality isproof irrelevant, any proof of equality between ๐ด and ๐ด is convertible to refl(๐ด). The theory alsofeatures a generic transport transp(๐ก, ๐ต,๐ข, ๐ก โฒ, ๐) when ๐ด and ๐ต are proof irrelevant.Observational equality is quite different from the usual Martin-Lรถf Identity Type, which is an
inductive type that computes via the ๐ฝ -eliminator. Instead, observational equality ๐ก โผ๐ด ๐ข shouldbe understood as an eliminator that reduces the type ๐ด to its weak head normal form, and thenreduces by pattern-matching on it, much like the path type from Cubical Type Theory. In particular,the reduction rules for observational equality between two dependent products, or two types in ฮฉ๐
provide us with function extensionality and propositional extensionality by definition.
2.2 Typing Rules of TTobs
The typing rules of TTobs are presented in Fig. 2. They are based on four kinds of judgments: โข ฮ(well-formedness of a context), ฮ โข ๐ก :๐ ,๐ ๐ด (typing of a term), ฮ โข ๐ก โก ๐ข :๐ ,๐ ๐ด (convertibility ofterms), and ฮ โข ๐ก โ ๐ข :๐ ๐ด (weak-head reduction of relevant terms). To avoid clutter, we will omitthe ๐ ,๐ annotations that denote the sort and level of a type as that can generally be inferred from thecontext.2 Similarly, we will often omit the annotations on the dependent function type and simplywrite ฮ (๐ฅ : ๐ด). ๐ต ; except when the annotations are explicitly required to understand a rule. In allthe judgments, ๐ denotes either ๐ฐ or ฮฉ .
Generic rules and universes. Rules Ctx-Nil, Ctx-Cons and Var describe the usual formation ofcontexts and typing of variables. Rule conv stipulates that type checking is done modulo conversionof types. The formation rule for universes (Rule Univ) states that both ๐ฐ๐ and ฮฉ๐ are relevant types.It is natural for ฮฉ to be proof-relevant, since its inhabitants are types which are not convertible toone another despite being proof-irrelevant.
Dependent products. The formation of dependent products between a domain and a codomainthat have different sorts and universe levels is allowed. The resulting type has the same relevanceas the codomain, and a universe level that is higher than both the level of the domain and the levelof the codomain (Rule ฮ -Form). The sort of the domain and the levels of both the domain and thecodomain are collected as annotations to the dependent function type for the convenience of thetype checking algorithm. Note that the introduction of cumulativity in the formation of dependentproducts is a necessary complication of TTobs as the rules that provide us with propositionalextensionality and function extensionality can only be well-typed in the presence of cumulativity.Rules Fun and App are the usual rules of _-abstraction and application. Note that the sort and
level annotation are implicit as they can be inferred from the premises.
Existential types. TTobs features proof-irrelevant dependent sums. They are required to describethe behavior of observational equality between two dependent function types. We do not needthem to be cumulative so we keep the formation rule as simple as possible (โ-Form).
We give a negative presentation of dependent sums with one introduction rule (Rule Pair) andtwo projections (Rules Fst and Snd). Note that because of proof irrelevance, the negative andpositive presentations are completely equivalent, and we do not need any rule to account for thecomputational behavior of projections, nor [-equality. This is because any well-typed equalitybetween two inhabitants of a proof-irrelevant type is proven by reflexivity (modulo Rule conv).
Natural numbers. Strictly speaking, all inductive types could be excluded from the core of TTobs,and be considered as extensions. However, we decided to treat the example of natural numbers aswe feel it is both very simple and a good illustration.2The interested reader may look at the Agda formalization where all annotations have been made explicit.
4
197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245
Observational Equality: Now For Good POPL, 2022, jsp
Ctx-Nil
โข โข
Ctx-Consโข ฮ ฮ โข ๐ด : ๐ ๐
โข ฮ, ๐ฅ : ๐ด
Varโข ฮ ๐ฅ : ๐ด โ ฮ
ฮ โข ๐ฅ : ๐ด
convฮ โข ๐ก : ๐ด ฮ โข ๐ด โก ๐ต : ๐ ๐
ฮ โข ๐ก : ๐ต
Univโข ฮ
ฮ โข ๐ ๐ : ๐ฐ๐
๐< ๐
ฮ -Formฮ โข ๐ด : ๐ ๐ ฮ, ๐ฅ : ๐ด โข ๐ต : ๐ โฒ ๐
ฮ โข ฮ ๐๐ ,๐(๐ฅ : ๐ด) . ๐ต : ๐ โฒ๐
๐โค๐๐โค๐
โ-Formฮ โข ๐ด : ฮฉ๐ ฮ, ๐ฅ : ๐ด โข ๐ต : ฮฉ๐
ฮ โข โ(๐ฅ : ๐ด). ๐ต : ฮฉ๐
Funฮ โข ๐ด : ๐ ๐ ฮ, ๐ฅ : ๐ด โข ๐ก : ๐ตฮ โข _(๐ฅ : ๐ด) . ๐ก : ฮ (๐ฅ : ๐ด) . ๐ต
Appฮ โข ๐ก : ฮ (๐ฅ : ๐ด) . ๐ต ฮ โข ๐ข : ๐ด
ฮ โข ๐ก ๐ข : ๐ต [๐ฅ := ๐ข]
Pairฮ โข ๐ก : ๐ด ฮ โข ๐ข : ๐ต [๐ฅ := ๐ก]
ฮ โข โจ๐ก,๐ขโฉ : โ(๐ฅ : ๐ด). ๐ต
Fstฮ โข ๐ก : โ(๐ฅ : ๐ด). ๐ตฮ โข fst(๐ก) : ๐ด
Sndฮ โข ๐ก : โ(๐ฅ : ๐ด) . ๐ต
ฮ โข snd(๐ก) : ๐ต [๐ฅ := fst(๐ก)]
N-Formโข ฮ
ฮ โข N : ๐ฐ0
Zeroโข ฮ
ฮ โข 0 : N
Sucฮ โข ๐ : Nฮ โข S ๐ : N
N-Elimฮ โข ๐ด : Nโ ๐ ๐ ฮ โข ๐ก0 : ๐ด 0 ฮ โข ๐ก๐ : ฮ (๐ : N) . ๐ด ๐ โ ๐ด (S ๐) ฮ โข ๐ : N
ฮ โข Nโelim(๐ด, ๐ก0, ๐ก๐ , ๐) : ๐ด ๐
โฅ-Formโข ฮ
ฮ โข โฅ : ฮฉ๐
โฅ-Elimฮ โข ๐ด : ๐ ๐ ฮ โข ๐ก : โฅฮ โข โฅโelim(๐ด, ๐ก) : ๐ด
โค-Formโข ฮ
ฮ โข โค : ฮฉ๐
โค-Introโข ฮ
ฮ โข โ : โค
Eq-Formฮ โข ๐ด : ๐ฐ๐ ฮ โข ๐ก : ๐ด ฮ โข ๐ข : ๐ด
ฮ โข ๐ก โผ๐ด ๐ข : ฮฉ๐
Reflฮ โข ๐ด : ๐ฐ๐ ฮ โข ๐ก : ๐ดฮ โข refl(๐ก) : ๐ก โผ๐ด ๐ก
Transport-ฮฉฮ โข ๐ด : ๐ฐ๐ ฮ โข ๐ก : ๐ด ฮ โข ๐ต : ฮ (๐ฅ : ๐ด) . ๐ก โผ๐ด ๐ฅ โ ฮฉ ๐ ฮ โข ๐ข : ๐ต ๐ก refl(๐ก) ฮ โข ๐ก โฒ : ๐ด ฮ โข ๐ : ๐ก โผ๐ด ๐ก โฒ
ฮ โข transp(๐ก, ๐ต,๐ข, ๐ก โฒ, ๐) : ๐ต ๐ก โฒ ๐
Castฮ โข ๐ด : ๐ ๐ ฮ โข ๐ต : ๐ ๐ ฮ โข ๐ : ๐ด โผ๐ ๐ต ฮ โข ๐ก : ๐ด
ฮ โข cast(๐ด, ๐ต, ๐, ๐ก) : ๐ต
Cast-Reflฮ โข ๐ด : ๐ ๐ ฮ โข ๐ก : ๐ด ฮ โข ๐ : ๐ด โผ๐ ๐ด
ฮ โข castrefl(๐ด, ๐ก) : ๐ก โผ๐ด cast(๐ด,๐ด, ๐, ๐ก)
Fig. 2. TTobs Typing Rules
The type N comes with a formation rule N-Form, constructors 0 (Rule Zero) and S (Rule Suc)and an elimination/induction principle given by Rule N-Elim. Since we do not require cumulativityfor the type of natural numbers, we decided to only allow it in the lowest universe ๐ฐ0, but it couldbe made to inhabit all relevant universes without added difficulty. Extensions to other inductivetypes and quotient types are presented in Section 4.
Empty and Unit type. To encode respectively the true equalities and the absurd equalities, TTobsfeatures the unit type โค and the empty type โฅ. Besides its formation rule (Rule โฅ-Form), the
5
246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294
POPL, 2022, jsp Loรฏc Pujet and Nicolas Tabareau
empty type comes with an elimination principle (Rule โฅ-Elim) that can eliminate it into bothproof-irrelevant and proof-relevant types. In MLTT with a proof irrelevant universe hierarchy, thisconstitutes the unique connection between the proof-irrelevant and relevant types. This meansthat the only way to use information from a proof-irrelevant term to build a proof-relevant term isby using a proof of โฅ, which amounts to proving that actually we are in an inaccessible branch orimpossible case. In TTobs however, there is another very different way of using proof irrelevantinformation to build a proof relevant term, by transporting (or casting) along a proof of equality.
The unit type on the other hand only requires a formation rule (Ruleโค-Form) and a constructor โ(Rule โค-Intro). It does not require an eliminator, since the usual one can be derived from proofirrelevance. Equivalently, we could have defined the unit type as โฅ โ โฅ. Note that both the unittype and the empty types are made cumulative, that is because they are used as terminal cases forthe computation of observational equality, which can live at any level.
Setoid equality and Type Casts. A central feature of TTobs is that every proof-relevant type comesequipped with a proof-irrelevant equality type, noted ๐ก โผ๐ด ๐ข (Rule Eq-Form) and a canonical wayto inhabit it, by the reflexivity term refl(๐ก) (Rule Refl). It is not necessary to equip proof-irrelevanttypes with a propositional equality, as two terms would always be propositional equal by reflexivity.As we will see in the definition of reduction (Fig. 4), the equality type of TTobs should not be seenas a type constructor like the identity type of MLTT, but rather as a type eliminator that computeson its type argument and possibly on its two end points.For this equality type to be of any use, we need to be able to eliminate it as well. The usual ๐ฝ -
eliminator defined inMLTT can be defined in our context, but if the predicate is proof-relevant, therewill be no hope for the eliminator to compute on reflexivity: since equality types are proof irrelevant,there is no reduction of equality proofs, and we cannot do pattern matching on the equality proofeither. In order to avoid this issue, we restrict the use of ๐ฝ to proof-irrelevant predicates only, andnote it transp (Rule Transport-ฮฉ). Note that in this setting, the non-dependent version of theeliminator would be enough, as one can prove the contractibility of singletons for free thanks toproof-irrelevance [Univalent Foundations Program 2013]. Using transp, we can derive the usualgroupoid laws provided by the ๐ฝ eliminator, and we note ๐โ1 for the inverse of ๐ , ๐ ยท ๐ โฒ for thetransitivity, and ap ๐ ๐ for the preservation of equality by non-dependent function.To deal with elimination of equality in a proof relevant context, we introduce a cast primi-
tive that handles transport between two propositionally equal proof relevant types. Note thatour cast operation also applies to proof-irrelevant types (Rule Cast). This is unnecessary asRule Transport-ฮฉ subsumes this case, but it will allow us to write more uniform reduction rules.The term cast(๐ด, ๐ต, ๐, ๐ก) is an eliminator that reduces the types ๐ด and ๐ต in weak-head normal form,then reduces by pattern-matching on their head constructors. This will be explained in more detailin the next section. When applied to reflexivity, cast does not compute as the identity function, butthis equality is propositionally admissible as witnessed by castrefl (Rule Cast-Refl).
2.3 Conversion and Reduction to Weak-Head Normal FormsConversion (Fig. 3) subsumes reduction (Red-Conv), [-equality of functions (Rule [-Eq), and proof-irrelevance (Rule Proof-Irrelevance). It is also closed under reflexivity, symmetry, transitivity andcongruence. Note that [-equality does not need to be defined when the codomain is in ฮฉ , becauseof proof-irrelevance. Congruence rules are standard .Fig. 4 describes the reduction in TTobs. Note that since reduction is typed, one needs to add a
rule for type conversion (Rule Conv-Red). Reduction features the usual notion of ๐ฝ-reduction(Rule ๐ฝ-red), which corresponds to the computation rule of application (the eliminator of dependent
6
295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343
Observational Equality: Now For Good POPL, 2022, jsp
Reflฮ โข ๐ก : ๐ด
ฮ โข ๐ก โก ๐ก : ๐ด
Symฮ โข ๐ก โก ๐ข : ๐ดฮ โข ๐ข โก ๐ก : ๐ด
Transฮ โข ๐ก โก ๐ก โฒ : ๐ด ฮ โข ๐ก โฒ โก ๐ข : ๐ด
ฮ โข ๐ก โก ๐ข : ๐ด
Red-Convฮ โข ๐ก โ ๐ข : ๐ดฮ โข ๐ก โก ๐ข : ๐ด
[-Eqฮ โข ๐ก,๐ข : ฮ (๐ฅ : ๐ด). ๐ต ฮ, ๐ฅ : ๐ด โข ๐ก ๐ฅ โก ๐ข ๐ฅ : ๐ต
ฮ โข ๐ก โก ๐ข : ฮ (๐ฅ : ๐ด) . ๐ต
Proof-Irrelevanceฮ โข ๐ด : ฮฉ๐ ฮ โข ๐ก : ๐ด ฮ โข ๐ข : ๐ด
ฮ โข ๐ก โก ๐ข : ๐ด
Fig. 3. TTobs Conversion Rules (except congruence)
functions) applied to a _-term (the constructor of dependent functions). Similarly, rules N-Elim-Zero and N-Elim-Suc describe the two computation rules of the eliminator of N, one for eachconstructor of N.
As mentioned previously, the equality type and type cast operation of TTobs are eliminators, andthus must come with their computation rules. Since ๐ก โผ๐ด ๐ข is an eliminator for the universe, it needsrules for every type constructor. Rule Eq-Fun is the computation rule for dependent functions whichstipulates that two functions are equal when they are pointwise equal, thus naturally providingTTobs with function extensionality. Rule Eq-ฮฉ says that two proof irrelevant types are equal whenthey are logically equivalent, thus providing TTobs with propositional extensionality. Note thatcumulativity is required for this reduction rule to preserve typing, as the types ๐ด and ๐ต live in auniverse below ๐ด โผฮฉ๐
๐ต.There are three reduction rules for equality in ๐ฐ. Rule Eq-Univ stipulates that when the two
endpoints are both N or the same universe, the equality holds, which is captured by the fact that itreduces to the unit type. Rule Eq-Univ-โ says that when the two end points do not have the samehead hd, the equality does not hold, which is captured by the fact that it reduces to the empty type.The function hd๐ด is simply equal to N or ๐ ๐ when ๐ด is the type of natural numbers or a universerespectively, and is defined as (ฮ , ๐ , ๐, ๐) when ๐ด is the type ฮ ๐
๐ ,๐(๐ฅ : ๐ด). ๐ต. The third rule (Rule
Eq-ฮ ) says that two dependent function types are equal when their domain are equal, and theircodomain are pointwise equal (as type families) up to the equality on their domain. As for RuleEq-ฮฉ , this rule is well-typed only in presence of cumulativity.There are four rules for equality in N, corresponding to every possible normal forms of the
endpoints. Equality holds when both endpoints are 0 (Rule Eq-zero), computes to the equality ofarguments when both endpoints are successors (Rule Eq-Suc), and does not hold otherwise (RulesEq-zero-suc and Eq-suc-zero). This concludes the reduction rules for equality.We can now turn to the description of the computation rules for type cast, which only need
to be defined when the types are compatibleโotherwise the cast will be stuck.3 Casting from Nto N is defined by recursion to be the identity on constructors (Rules Cast-Zero and Cast-Suc),and casting a type from a universe to the same universe is the identity4 (Rule Cast-Univ). Finally,casting between two dependent products is more involved: it produces a new function by castingback and forth the argument and return value of the original function (Rule Cast-ฮ ).
For our definition of reduction to be complete, we need to add rules that reduce the scrutinees ofeliminators to weak-head normal form (whnf), so the eliminator can then reduce by case analysis onthe whnf. Weak-head normal forms correspond to relevant terms that can not be reduced (Fig. 5).They are either terms with a constructor in head position, or a neutral term, which correspond to the
3An alternative design would be to reduce to an elimination on the proof of equality which in this case has type โฅ.4We could also define it by recursion. It is not clear whether it makes any significant difference.
7
344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392
POPL, 2022, jsp Loรฏc Pujet and Nicolas Tabareau
๐ฝ-redฮ, ๐ฅ : ๐ด โข ๐ก : ๐ต ฮ โข ๐ข : ๐ด
ฮ โข (_(๐ฅ : ๐ด) . ๐ก) ๐ข โ ๐ก [๐ฅ := ๐ข] : ๐ต [๐ฅ := ๐ข]
Conv-Redฮ โข ๐ก โ ๐ข : ๐ด ฮ โข ๐ด โก ๐ต : ๐ ๐
ฮ โข ๐ก โ ๐ข : ๐ต
N-Elim-Zeroฮ โข ๐ด : Nโ ๐ฐ๐ ฮ โข ๐ก0 : ๐ด 0 ฮ โข ๐ก๐ : ฮ (๐ : N) . ๐ด ๐ โ ๐ด (S ๐)
ฮ โข Nโelim(๐ด, ๐ก0, ๐ก๐ , 0) โ ๐ก0 : ๐ด 0
N-Elim-Sucฮ โข ๐ด : Nโ ๐ฐ๐ ฮ โข ๐ก0 : ๐ด 0 ฮ โข ๐ก๐ : ฮ (๐ : N) . ๐ด ๐ โ ๐ด (S ๐) ฮ โข ๐ : N
ฮ โข Nโelim(๐ด, ๐ก0, ๐ก๐ , S ๐) โ ๐ก๐ Nโelim(๐ด, ๐ก0, ๐ก๐ , ๐) : ๐ด (S ๐)
Eq-Funฮ โข ๐ : ฮ (๐ฅ : ๐ด) . ๐ต ฮ โข ๐ : ฮ (๐ฅ : ๐ด) . ๐ตฮ โข ๐ โผฮ ๐ด๐ต ๐ โ ฮ (๐ฅ : ๐ด). ๐ ๐ฅ โผ๐ต ๐ ๐ฅ : ฮฉ๐
Eq-ฮฉฮ โข ๐ด : ฮฉ๐ ฮ โข ๐ต : ฮฉ๐
ฮ โข ๐ด โผฮฉ๐๐ต โ (๐ด โ ๐ต) โง (๐ต โ ๐ด) : ฮฉ ๐
๐< ๐
Eq-Univโข ฮ ๐ด โ {N, ๐ ๐ }
ฮ โข ๐ด โผ๐ฐ๐๐ด โ โค : ฮฉ๐
๐< ๐<๐
Eq-Univ-โ โข ฮ ๐ด, ๐ต โ {N,ฮ ๐ด.๐ต, ๐ ๐ } hd๐ด โ hd๐ต
ฮ โข ๐ด โผ๐ฐ๐๐ต โ โฅ : ฮฉ๐
๐< ๐<๐
Eq-ฮ ฮ โข ๐ด,๐ดโฒ : ๐ ๐ ฮ, ๐ฅ : ๐ด โข ๐ต : ๐ โฒ ๐ ฮ, ๐ฅ : ๐ดโฒ โข ๐ตโฒ : ๐ โฒ ๐ ๐ := cast(๐ดโฒ, ๐ด, ๐โ1, ๐โฒ)
ฮ โข ฮ (๐ฅ : ๐ด). ๐ต โผ๐ฐ๐ ฮ (๐ฅ : ๐ดโฒ) . ๐ตโฒ โโ(๐ : ๐ด โผ๐ฐ๐ ๐ด
โฒ) .ฮ (๐โฒ : ๐ดโฒ) . ๐ต [๐ฅ := ๐] โผ๐ฐ ๐ ๐ตโฒ[๐ฅ := ๐โฒ] : ฮฉ๐
๐โค๐๐โค๐
Eq-zeroโข ฮ
ฮ โข 0 โผN 0 โ โค : ฮฉ๐
Eq-zero-sucฮ โข ๐ : N
ฮ โข 0 โผN S ๐ โ โฅ : ฮฉ๐
Eq-suc-zeroฮ โข ๐ : N
ฮ โข S ๐ โผN 0 โ โฅ : ฮฉ๐
Eq-Sucฮ โข ๐ : N ฮ โข๐ : N
ฮ โข S๐ โผN S ๐ โ๐ โผN ๐ : ฮฉ๐
Cast-Zeroฮ โข ๐ : N โผ๐ฐ N
ฮ โข cast(N,N, ๐, 0) โ 0 : N
Cast-Sucฮ โข ๐ : N โผ๐ฐ N ฮ โข ๐ : N
ฮ โข cast(N,N, ๐, S ๐) โ S cast(N,N, ๐, ๐) : N
Cast-Univฮ โข ๐ : ๐ ๐ โผ๐ฐ ๐ ๐ ฮ โข ๐ด : ๐ ๐ฮ โข cast(๐ ๐ , ๐ ๐ , ๐, ๐ด) โ ๐ด : ๐ ๐
Cast-ฮ ฮ โข ๐ : ฮ (๐ฅ : ๐ด). ๐ต โผ๐ฐ ฮ (๐ฅ : ๐ดโฒ). ๐ตโฒ ฮ โข ๐ : ฮ (๐ฅ : ๐ด). ๐ต ๐ := cast(๐ดโฒ, ๐ด, fst(๐)โ1, ๐โฒ)
ฮ โข cast(ฮ (๐ฅ : ๐ด) . ๐ต,ฮ (๐ฅ : ๐ดโฒ). ๐ตโฒ, ๐, ๐ ) โ_(๐โฒ : ๐ดโฒ). cast(๐ต [๐ฅ := ๐], ๐ตโฒ[๐ฅ := ๐โฒ], snd(๐) ๐โฒ, ๐ ๐) : ฮ (๐ฅ : ๐ดโฒ) . ๐ตโฒ
Fig. 4. TTobs Reduction Rules (except substitutions)
stuck terms that can not exist in an empty context. Neutral terms are either variables, eliminatorsapplied to another neutral term, or obtained from an inhabitant of โฅ. In TTobs, inhabitants of aproof-irrelevant type are never considered as whnf, as there is no notion of reduction of proof-irrelevant terms. Substitution rules that implement reduction of scrutinees to weak-head normalform are standard.
8
393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441
Observational Equality: Now For Good POPL, 2022, jsp
whnf ๐ค ::= ๐๐ | ฮ (๐ฅ : ๐ด). ๐ต | ๐ ๐ | โ(๐ฅ : ๐ด) . ๐ต | N | โฅ | โค | _(๐ฅ : ๐ด) . ๐ก | 0 | S ๐neutral ๐๐ ::= ๐ฅ | ๐๐ ๐ก | โฅโelim(๐ด, ๐) | Nโelim(๐, ๐ก,๐ข, ๐๐)
| ๐ก โผ๐๐ ๐ข | ๐๐ โผN ๐ | 0 โผN ๐๐ | S๐ โผN ๐๐
| ๐๐ โผ๐ฐ๐๐ต | N โผ๐ฐ๐
๐๐ | ฮ (๐ฅ : ๐ด). ๐ต โผ๐ฐ๐๐๐ | cast(N,N, ๐, ๐๐)
| cast(๐๐, ๐ต, ๐, ๐ก) | cast(N, ๐๐, ๐, ๐ก) | cast(ฮ (๐ฅ : ๐ด) . ๐ต, ๐๐, ๐, ๐ก)| cast(๐ค,๐ค โฒ, ๐, ๐ก) (where๐ค,๐ค โฒ โ {N,ฮ ๐ด.๐ต, ๐ ๐ }, hd๐ค โ hd๐ค โฒ)
Fig. 5. Weak-head normal and neutral forms
3 METATHEORETICAL PROPERTIESIn order for a type theory to be a reasonable candidate for implementation in a proof assistant, itis desirable to have some control over its behavior and its semantics. There is a wide variety ofproperties we can ask of a type theory; we will describe four of them and prove they apply to TTobs.
Consistency. A theory is called consistent if it is impossible to use it to derive a contradiction. Itgoes without saying that this property is of utmost importance if one wants to build interestingmathematics. When proving a theory consistent, one should pay some attention to the meta-theorywhere reasoning takes place, as a consistency result is really a reduction of the consistency of thetheory to the consistency of the meta-theory.Normalization. If a type theory features reduction rules, one may want to make sure that by
repeatedly applying said rules, all terms eventually reach a normal form that cannot be reducedfurther. One says that the reduction strategy is normalizing.Canonicity. A term belonging to a type is called canonical when it can be explicitly built up
using the constructors of that type. For instance, an inhabitant of the type N of natural numbersis canonical if it is an explicit numeral. If all terms of type N in an empty context normalize to acanonical form, then the theory is said to enjoy canonicity for natural numbers.
Decidability of Type Checking. Finally, in order to implement a type theory in a proof assistant, itis desirable to have an algorithm that, given a context ฮ and terms ๐ก and ๐ด, decides whether ๐ก is aninhabitant of ๐ด in context ฮ. This ensures users that when they find a proof for a statement, theproof assistant can automatically check that their proof is correct.
In this section, we will prove these four properties for TTobs. We first present our extension of thelogical relations framework developed by Abel et al. [2018] and later extended to ฮฉ by Gilbert et al.[2019]. The framework provides a proof of normalization and canonicity from consistency, as wellas decidability of conversion and thus decidability of type checking. It has been formalized in theAgda development. Then, to get consistency and therefore canonicity, we develop a model of TTobsin a constructive set theory that supports inductive-recursive definitions and one Grothendieckuniverse.
3.1 Normalization and Canonicity from ConsistencyWe now explain the proof by reducibility as initially formalized in Agda by Abel et al. [2018]and extended to ฮฉ by Gilbert et al. [2019]. The proof starts from untyped syntax [Untyped.agda],with syntactical operations such as weakening and substitution, which are used to define typingjudgments [Typed.agda]. Abel et al. [2018] also identify the weak head normal forms: define a neutralterm to be a term that has a variable in head position, which blocks reduction. Weak head normalforms are then defined to be either neutral terms or terms that have a constructor in head position.This is the notion that we extended to TTobs in Fig. 5.
From there, Abel et al. [2018] use induction-recursion to define a Kripke logical relation thatexhibits the structure and properties of well-typed terms, and implies weak-head normalization.
9
442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490
POPL, 2022, jsp Loรฏc Pujet and Nicolas Tabareau
ฮ โฉโ ๐ด A is a reducible type at level โ in context ฮฮ โฉโ ๐ด โก ๐ต A and B are reducibly equal types at level โ in context ฮฮ โฉโ ๐ก : ๐ด t is a reducible term at level โ of type ๐ด in context ฮฮ โฉโ ๐ก โก ๐ข : ๐ด t and u are reducibly equal terms at level โ of type ๐ด in context ฮ
Fig. 6. The four judgments of the logical relation
The proof builds up to the fundamental lemma, which states that any well-typed term is reducibleby induction on the typing derivation. Abel et al. [2018] prove this for a dependent type theorywith dependent functions, natural numbers and one universe. Gilbert et al. [2019] extends it withone universe of definitionally proof irrelevant types.In our work, we added support for two cumulative universe levels, existential types, proof
irrelevant axioms, setoid equality and cast. This doubles the size of the proof, getting it up to 20,000lines of Agda code.
Our most novel contribution to the proof is our treatment of proof-irrelevant types. Even thoughthe theory studied by Gilbert et al. [2019] features proof-irrelevant types, their reducibility proofextends reduction rules to the inhabitants of these types, and the normalization result applies tothem too. From this, Gilbert et al. [2019] derive an easy proof of consistency: any proof of โฅ in anan empty context will reduce to a weak head normal form, and the only weak head normal formsthat can inhabit โฅ are neutral terms. But since there are no variables in the empty context, neutralterms cannot exist, so โฅ has no inhabitant in the empty context.
However, this strategy is not applicable in our setting: it seems difficult to devise reduction rulesfor some terms that we postulated, such as castrefl, so that they reduce to a normal form. Thereforewe have dropped the notion of reduction rules for inhabitants of proof-irrelevant types in TTobs,and only prove normalization for proof-relevant types. We argue that this is more faithful to thephilosophy of proof irrelevance, and results in a proof that is completely agnostic about the proofirrelevant content of the theoryโwe could postulate any consistent proof-irrelevant axiom and thenormalization proof would carry through.
Of course, this means that consistency and canonicity do not follow from normalization anymore.The reason is simple: since we gave up any kind of control on the proof-irrelevant terms, we areforced to consider them as neutral. This also adds neutrals to the proof-relevant world, as โฅ-elimcan build inhabitants of proof-relevant types from inhabitants of โฅ. Therefore, we need consistencyof TTobs to show canonicity.
3.2 Definition of the Logical RelationIn this section, we define the (Kripke) logical relation that we used [LogicalRelation.agda], closelyfollowing Abel et al. [2018]. For pedagogical reasons, we will present a somewhat informal versionof the logical relation, and refer the interested reader to the formalization.
The logical relation is indexed by a level โ , which reflects the predicative nature of the universehierarchies: we first define reducibility at level 0 to characterize judgments that do not mentionany universe, then we use this relation to define reducibility at level 1 for judgments that mention๐ฐ0 at most, and so on. Therefore, the whole definition is done by induction on โ . While our formalproof only features three levels, we describe a full proof with levels that range over N as thisdoes not add significant complexity to the argument. The logical relation features four kinds ofjudgments presented in Fig. 6. As is customary in reducibility proofs [Girard 1972], these judgmentsimply normalization, are closed under weak head expansion, and are verified by all neutral terms.The judgment ฮ โฉโ ๐ด is defined inductively, while the three others are simultaneously defined
10
491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539
Observational Equality: Now For Good POPL, 2022, jsp
by recursion on a derivation of ฮ โฉโ ๐ด. Thus, these judgments technically depend on the specificderivation of ฮ โฉโ ๐ด, but since two different derivations will give rise to equivalent judgments wefreely ignore this dependence.
We now present the six cases in the inductive definition ฮ โฉโ ๐ด, together with the definition ofthe other three judgments.
Neutral Types.ฮ โข ๐ด โโ ๐ : ๐ ๐ neutral๐
ฮ โฉโ ๐ด
This rule states that ๐ด is reducible to a neutral type: ฮ โข ๐ด โโ ๐ : ๐ ๐ means that ๐ด reduces to aneutral term ๐ in a finite number of steps (possibly zero), and that both ๐ด and ๐ are of type ๐ ๐ incontext ฮ. When ๐ด is reducible to a neutral type, we define:
โข ฮ โฉโ ๐ด โก ๐ต if there is a neutral term๐ such that ฮ โข ๐ต โโ ๐ : ๐ ๐ and ฮ โข ๐ โก ๐ : ๐ ๐ .If ๐ด is a proof-relevant type, then we also define:
โข ฮ โฉโ ๐ก : ๐ด if there is a neutral term ๐ such that ฮ โข ๐ก โโ ๐ : ๐ .โข ฮ โฉโ ๐ก โก ๐ข : ๐ด if there are neutral terms ๐,๐ such that ฮ โข ๐ก โโ ๐ : ๐ and ฮ โข ๐ข โโ ๐ : ๐ ,and ฮ โข ๐ โก๐ : ๐ .
If ๐ด is a proof-irrelevant type, then we define instead:โข ฮ โฉโ ๐ก : ๐ด if ฮ โข ๐ก : ๐ด.โข ฮ โฉโ ๐ก โก ๐ข : ๐ด if ฮ โข ๐ก : ๐ด and ฮ โข ๐ข : ๐ด.
More generally, inhabitants of proof-irrelevant types are always reducible when they are well-typed.
Universes.ฮ โข ๐ด โโ ๐ ๐ : ๐ฐ๐
ฮ โฉโ ๐ด๐<โ๐< ๐
When ๐ด is reducible to a universe, we define:โข ฮ โฉโ ๐ด โก ๐ต if ฮ โข ๐ต โโ ๐ ๐ : ๐ฐ๐ .โข ฮ โฉโ ๐ก : ๐ด if there is a normal form ๐ก โฒ such that ฮ โข ๐ก โโ ๐ก โฒ : ๐ ๐ , and ฮ โฉ๐ ๐ก (which is alreadydefined by induction hypothesis, since ๐ < โ).
โข ฮ โฉโ ๐ก โก ๐ข : ๐ด if there are normal forms ๐ก โฒ, ๐ข โฒ such that ฮ โข ๐ก โโ ๐ก โฒ : ๐ ๐ and ฮ โข ๐ข โโ ๐ข โฒ : ๐ ๐ ,and ฮ โฉ๐ ๐ก , ฮ โฉ๐ ๐ข, and ฮ โฉ๐ ๐ก โก ๐ข.
Natural Numbers.ฮ โข ๐ด โโ N : ๐ฐ๐
ฮ โฉโ ๐ด
When ๐ด is reducible to N, we define:โข ฮ โฉโ ๐ด โก ๐ต if ฮ โข ๐ต โโ N : ๐ฐ๐ .โข ฮ โฉโ ๐ก : ๐ด if there is a normal form ๐ก โฒ such that ฮ โข ๐ก โโ ๐ก โฒ : N and ฮ โฉN ๐ก โฒ, which isinductively defined by
ฮ โฉN 0ฮ โฉN ๐ก
ฮ โฉN S ๐กฮ โข ๐ : N ๐ is neutral
ฮ โฉN ๐
โข ฮ โฉโ ๐ก โก ๐ข : ๐ด if there are normal forms ๐ก โฒ, ๐ข โฒ such that ฮ โข ๐ก โโ ๐ก โฒ : N and ฮ โข ๐ข โโ ๐ข โฒ : N,and ฮ โฉN ๐ก โฒ โก ๐ข โฒ, which is inductively defined by
ฮ โฉN 0 โก 0ฮ โฉN ๐ก โก ๐ข
ฮ โฉN S ๐ก โก S ๐ขฮ โข ๐ โก๐ : N ๐,๐ are neutral
ฮ โฉN ๐ โก๐
11
540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588
POPL, 2022, jsp Loรฏc Pujet and Nicolas Tabareau
Dependent Function Types.
ฮ โข ๐ด โโ ฮ (๐ฅ : ๐น ) . ๐บ : ๐ ๐ฮ โข ๐น : ๐ โฒ๐ ฮ, ๐ฅ : ๐น โข ๐บ : ๐ ๐ โฮ ๐. ฮ โฉโ ๐น [๐] โฮ ๐. ฮ โฉโ ๐ : ๐น [๐] =โ ฮ โฉโ ๐บ [๐, ๐]โฮ ๐. ฮ โฉโ ๐ : ๐น [๐] =โ ฮ โฉโ ๐ : ๐น [๐] =โ ฮ โฉโ ๐ โก ๐ : ๐น [๐] =โ ฮ โฉโ ๐บ [๐, ๐] โก ๐บ [๐, ๐]
ฮ โฉโ ๐ด๐โค๐๐โค๐
This rule states that ๐ด is reducible to a dependent function type. We introduced quite a bit ofnotation here. =โ is implication in the meta theory, i.e., the theory of Agda. โฮ๐ is a meta-theoretical quantification on an arbitrary well-formed context ฮ and a weakening ๐ that turns ฮinto ฮ. Applying such a weakening on the free variables of a term ๐น that is a well-typed in contextฮ results in a term ๐น [๐] that is well-typed in context ฮ. Given a term ๐บ in the extended contextฮ, ๐ฅ : ๐น and a term ฮ โข ๐ : ๐น [๐], we can apply ๐ on the free variables of๐บ except for ๐ฅ to get a termin ฮ, ๐ฅ : ๐น [๐], and then substitute ๐ฅ with ๐ to get a term in ฮ. The result is noted ๐บ [๐, ๐].
When ๐ด is reducible to a dependent function type, we define:โข ฮ โฉโ ๐ด โก ๐ต if there are terms ๐น โฒ and ๐บ โฒ such thatโ ฮ โข ๐ต โโ ฮ (๐ฅ : ๐น โฒ). ๐บ โฒ : ๐ ๐ and ฮ โข ฮ (๐ฅ : ๐น ). ๐บ โก ฮ (๐ฅ : ๐น โฒ). ๐บ โฒ : ๐ ๐โ โฮ ๐. ฮ โฉโ ๐น [๐] โก ๐น โฒ[๐]โ โฮ ๐. ฮ โฉโ ๐ : ๐น [๐] =โ ฮ โฉโ ๐บ [๐, ๐] โก ๐บ โฒ[๐, ๐].
If ๐ด is a proof-relevant type, then we also define:โข ฮ โฉโ ๐ก : ๐ด if there is a normal form ๐ก โฒ such thatโ ฮ โข ๐ก โโ ๐ก โฒ : ฮ (๐ฅ : ๐น ). ๐บโ โฮ ๐. ฮ โฉโ ๐ : ๐น [๐] =โ ฮ โฉโ ๐ก
โฒ[๐] ๐ : ๐บ [๐, ๐]
โ โฮ ๐. ฮ โฉโ ๐ : ๐น [๐] =โ ฮ โฉโ ๐ : ๐น [๐] =โ ฮ โฉโ ๐ โก ๐ : ๐น [๐]=โ ฮ โฉโ ๐ก
โฒ[๐] ๐ โก ๐ก โฒ[๐] ๐ : ๐บ [๐, ๐] .
โข ฮ โฉโ ๐ก โก ๐ข : ๐ด if there are normal forms ๐ก โฒ, ๐ข โฒ such thatโ ฮ โข ๐ก โโ ๐ก โฒ : ฮ (๐ฅ : ๐น ). ๐บ and ฮ โข ๐ข โโ ๐ข โฒ : ฮ (๐ฅ : ๐น ) . ๐บโ ฮ โข ๐ก โฒ โก ๐ข โฒ : ฮ (๐ฅ : ๐น ). ๐บโ ฮ โฉโ ๐ก : ๐ด and ฮ โฉโ ๐ข : ๐ดโ โฮ ๐. ฮ โฉโ ๐ : ๐น [๐] =โ ฮ โฉโ ๐ก
โฒ[๐] ๐ โก ๐ข โฒ[๐] ๐ : ๐บ [๐, ๐].If ๐ด is a proof-irrelevant type, then we define instead:
โข ฮ โฉโ ๐ก : ๐ด if ฮ โข ๐ก : ฮ (๐ฅ : ๐น ). ๐บ .โข ฮ โฉโ ๐ก โก ๐ข : ๐ด if ฮ โข ๐ก : ฮ (๐ฅ : ๐น ). ๐บ and ฮ โข ๐ข : ฮ (๐ฅ : ๐น ). ๐บ .
Existential types. The definition of a type ๐ด reducible to an existential type is similar to those fordependent function types, and the same holds for the notion of reducibly equal types. However,the definition of judgments for terms is much simpler: as existential types are proof-irrelevant weonly ask them to be well-typed.
โข ฮ โฉโ ๐ด โก ๐ต if there are terms ๐น โฒ and ๐บ โฒ such thatโ ฮ โข ๐ต โโ โ(๐ฅ : ๐น โฒ). ๐บ โฒ : ฮฉ๐ and ฮ โข โ(๐ฅ : ๐น ). ๐บ โก โ(๐ฅ : ๐น โฒ). ๐บ โฒ : ฮฉ๐
โ โฮ ๐. ฮ โฉโ ๐น [๐] โก ๐น โฒ[๐]โ โฮ ๐. ฮ โฉโ ๐ : ๐น [๐] =โ ฮ โฉโ ๐บ [๐, ๐] โก ๐บ โฒ[๐, ๐].
โข ฮ โฉโ ๐ก : ๐ด if ฮ โข ๐ก : โ(๐ฅ : ๐น ). ๐บ .โข ฮ โฉโ ๐ก โก ๐ข : ๐ด if ฮ โข ๐ก : โ(๐ฅ : ๐น ). ๐บ and ฮ โข ๐ข : โ(๐ฅ : ๐น ). ๐บ .
Empty type.ฮ โข ๐ด โโ โฅ : ฮฉ๐
ฮ โฉโ ๐ด
When ๐ด is reducible to the empty type, we define:
12
589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637
Observational Equality: Now For Good POPL, 2022, jsp
โข ฮ โฉโ ๐ด โก ๐ต if ฮ โข ๐ต โโ โฅ : ฮฉ๐ .โข ฮ โฉโ ๐ก : ๐ด if ฮ โข ๐ก : โฅ.โข ฮ โฉโ ๐ก โก ๐ข : ๐ด if ฮ โข ๐ก : โฅ and ฮ โข ๐ข : โฅ.
We do not have to add a case for โค, since it can be encoded as โฅ โ โฅ. There is no case for๐ก โผ๐ด ๐ข either, because setoid equality is not a type constructor, but rather a type eliminator thatdoes pattern matching on ๐ด and its two endpoints ๐ก and ๐ข. Consequently, the only whnfs of theform ๐ก โผ๐ด ๐ข are neutral, and are handled by the rule for proof-irrelevant neutral types.
Embedding.ฮ โฉโ ๐ด
ฮ โฉโโฒ ๐ดโ<โโฒ
This case ensures that the logical relation is monotonic with respect to the level.
3.3 The fundamental lemmaBefore stating the fundamental lemma for the logical relation, which basically amounts to com-pleteness of the logical relation with respect to the typing relation, we establish the correctness oflogical relation, which is called the escape lemma by Abel et al. [2018].
Lemma 3.1 (Escape lemma). Given ฮ โฉโ ๐ด,(1) ฮ โข ๐ด : ๐ .(2) If ฮ โฉโ ๐ด โก ๐ต then ฮ โข ๐ด โก ๐ต : ๐ .(3) If ฮ โฉโ ๐ก : ๐ด then ฮ โข ๐ด : ๐ .(4) If ฮ โฉโ ๐ก โก ๐ข : ๐ด then ฮ โข ๐ก โก ๐ข : ๐ด.
Proof. Straightforward induction on the logical relation. โก
We can now state the completeness of the logical relation, a.k.a. the fundamental lemma [Fun-damental.agda]. We state it here in a simple form but the proof, done by induction on the typingderivation, requires us to generalize the induction hypothesis to consider reducibility under anarbitrary reducible substitution. This is achieved, in [Abel et al. 2018] as well as in our formalization[Substitution.agda], by defining the notion of validity, but we deliberately ignore this technicality inthe rest of the section.
Lemma 3.2 (Fundamental lemma).(1) If ฮ โข ๐ก : ๐ด, then there is a โ such that ฮ โฉโ ๐ด and ฮ โฉโ ๐ก : ๐ด.(2) If ฮ โข ๐ก โก ๐ข : ๐ด, then there is a โ such that ฮ โฉโ ๐ด and ฮ โฉโ ๐ก โก ๐ข : ๐ด.
The fundamental lemma is proved by induction on the typing derivations. For most of the rules,the proof is roughly the same as in [Abel et al. 2018; Gilbert et al. 2019]โwith simplified proofsfor inhabitants of proof-irrelevant types. The proof relies heavily on reflexivity, symmetry andtransitivity of the reducible equality, stability of reducibility under reducible type conversion,reducibility of neutral terms, and the fact that reducibility is stable by weak-head expansion. Ourextension to a cumulative hierarchy of universes and to proof-irrelevant existential quantificationrequires numerous changes, but these do not pose any major difficultyโalbeit the proof is by nomeans trivial, as the arguments have to be spelled out in excruciating detail. We now focus on thetwo main typing derivation introduced by TTobs, Rules Eq-Form and Cast. Those two cases arethe consequence of the following lemmas.
Lemma 3.3 (Reducibility of cast). For all levels โ1, โ2, โ3, โ4, in a well formed context ฮ, if:(1) ฮ โฉโ1 ๐ด and ฮ โฉโ2 ๐ด
โฒ and ฮ โฉโ1 ๐ด โก ๐ดโฒ
13
638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686
POPL, 2022, jsp Loรฏc Pujet and Nicolas Tabareau
(2) ฮ โฉโ3 ๐ต and ฮ โฉโ4 ๐ตโฒ and ฮ โฉโ3 ๐ต โก ๐ตโฒ
(3) ฮ โข ๐ : ๐ด โผ๐ ๐ต and ฮ โข ๐ โฒ : ๐ดโฒ โผ๐ ๐ตโฒ
(4) ฮ โฉโ1 ๐ก : ๐ด and ฮ โฉโ2 ๐กโฒ : ๐ดโฒ and ฮ โฉโ1 ๐ก โก ๐ก โฒ : ๐ด
then ฮ โฉโ3 cast(๐ด, ๐ต, ๐, ๐ก) : ๐ต and ฮ โฉโ3 cast(๐ด, ๐ต, ๐, ๐ก) โก cast(๐ดโฒ, ๐ตโฒ, ๐ โฒ, ๐ก โฒ) : ๐ต.
Proof. The proof is by case analysis on the reducibility proofs of ๐ด,๐ดโฒ, ๐ต, ๐ตโฒ. If one of theseproofs is introduced by embedding, then we recursively apply the lemma on the embedded proof.Thus, it suffices to prove the lemma when all reducibility proofs correspond to a normal form. Fromthe proofs of reducible equality, one obtains that the reducibility proofs of ๐ด and ๐ดโฒ (resp. ๐ต and ๐ตโฒ)are introduced by the same rule. Then, if one of the normal forms is neutral, or if the normal formsof ๐ด and ๐ต have different head constructors, then cast(๐ด, ๐ต, ๐, ๐ก) and cast(๐ดโฒ, ๐ตโฒ, ๐ โฒ, ๐ก โฒ) are neutraland easily seen to be reducible. Therefore, it suffices to prove the lemma when all the reducibilityproofs are introduced by the same rule. We now detail the case of dependent products, as it is themost interesting.
We know that ๐ด reduces to a term of the form ฮ (๐ฅ : ๐น๐ด). ๐บ๐ด, as do ๐ดโฒ, ๐ต, ๐ตโฒ. Therefore, we knowthat cast(๐ด, ๐ต, ๐, ๐ก) reduces to _(๐โฒ : ๐น๐ต). cast(๐บ๐ด [๐ฅ := ๐],๐บ๐ต [๐ฅ := ๐โฒ], snd(๐) ๐โฒ, ๐ก ๐) where ๐ is ashorthand for cast(๐น๐ต, ๐น๐ด, fst(๐)โ1, ๐โฒ), and cast(๐ดโฒ, ๐ตโฒ, ๐ โฒ, ๐ก โฒ) reduces similarly. By the weak headexpansion lemma, it suffices to prove that these normal forms are reducible, and reducibly equalat type ฮ (๐ฅ : ๐น๐ต). ๐บ๐ตโthat is, applying them to a reducible term ๐โฒ under any weakening resultsin reducible terms that are reducibly equal, and applying the first to two reducibly equal termsproduce new reducibly equal terms.To prove the first obligation, we first recursively apply the lemma to cast(๐น๐ต, ๐น๐ด, fst(๐)โ1, ๐โฒ)
so that we obtain reducibility of ๐, and then recursively apply it to cast(๐บ๐ด [๐ฅ := ๐],๐บ๐ต [๐ฅ :=๐โฒ], snd(๐) ๐โฒ, ๐ก ๐). The other two obligations are proved in the exact same manner. โก
Lemma 3.4 (Reducibility of Id in the universe). For all levels โ1, โ2, โ3, โ4, in a well formedcontext ฮ, if:
(1) ฮ โฉโ1 ๐ด and ฮ โฉโ2 ๐ดโฒ and ฮ โฉโ1 ๐ด โก ๐ดโฒ
(2) ฮ โฉโ3 ๐ต and ฮ โฉโ4 ๐ตโฒ and ฮ โฉโ3 ๐ต โก ๐ตโฒ
then ฮ โฉโmax ๐ด โผ๐ ๐ต and ฮ โฉโmax ๐ด โผ๐ ๐ต โก ๐ดโฒ โผ๐ ๐ตโฒ where โmax = max(โ1, โ2, โ3, โ4).
Proof. The proof is by case analysis on the reducibility proofs of ๐ด,๐ดโฒ, ๐ต, ๐ตโฒ. As in the proof ofLemma 3.3, we reduce the proof to introduction rules that correspond to the same kind of normalform. Most cases are straightforward, the difficult case being again the dependent products.From reducibility proofs, ๐ด reduces to a term of the form ฮ (๐ฅ : ๐น๐ด). ๐บ๐ด, and so for ๐ดโฒ, ๐ต and
๐ตโฒ. Thus, we know that ๐ด โผ๐ ๐ต reduces to โ(๐ : ๐น๐ด โผ๐ฐ ๐น๐ต).ฮ (๐โฒ : ๐น๐ต). ๐บ๐ด [๐ฅ := ๐] โผ๐ฐ ๐บ๐ต [๐ฅ := ๐โฒ]where ๐ is a shorthand for cast(๐น๐ต, ๐น๐ด, fst(๐)โ1, ๐โฒ), and ๐ดโฒ โผ๐ ๐ตโฒ reduces similarly. By the weakhead expansion lemma, it suffices to prove that the first normal form is reducible, and reduciblyequal to the second one. We do this by applying reducibility of cast to get reducibility of ๐, andthen doing recursive calls on ๐น๐ด โผ๐ฐ ๐น๐ต and ๐บ๐ด [๐ฅ := ๐] โผ๐ฐ ๐บ๐ต [๐ฅ := ๐โฒ] under the appropriateweakenings and substitutions. โก
Lemma 3.5 (Reducibility of Id). For all levels โ1, โ2, in a well formed context ฮ, if:
(1) ฮ โฉโ1 ๐ด and ฮ โฉโ2 ๐ดโฒ and ฮ โฉโ1 ๐ด โก ๐ดโฒ
(2) ฮ โฉโ1 ๐ก : ๐ด and ฮ โฉโ2 ๐กโฒ : ๐ดโฒ and ฮ โฉโ1 ๐ก โก ๐ก โฒ : ๐ด
(3) ฮ โฉโ1 ๐ข : ๐ด and ฮ โฉโ2 ๐ขโฒ : ๐ดโฒ and ฮ โฉโ1 ๐ข โก ๐ข โฒ : ๐ด
then ฮ โฉโ1 ๐ก โผ๐ด ๐ข and ฮ โฉโ1 ๐ก โผ๐ด ๐ข โก ๐ก โฒ โผ๐ด ๐ข โฒ.
14
687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735
Observational Equality: Now For Good POPL, 2022, jsp
Proof. By case analysis on ๐ด and ๐ดโฒ. The most difficult case is the universe, and is handled byLemma 3.4. The case of dependent products requires doing recursive calls on the domain and thecodomain, as in the previous lemmas. โก
These lemmas constitute the bulk of the proof: they occupy approximately 5,000 lines of Agdacode and most of the time required to check the whole proof is spent on them.Corollary 3.6 (Normalization). A direct consequence of the fundamental lemma is that any
well-typed term has a weak-head normal form.
Another direct consequence of the fundamental lemma is that any closed term of type N reducesto a whnf of typeN. Thus, to conclude canonicity, we just need to know that there is no neutral termof typeN in an empty context. Unfortunately, as the notion of reduction is absent for terms of proof-irrelevant types, and in particular for the empty type, this cannot be proven by induction on thesyntax of the neutral terms. However, assuming consistency of TTobs (proved in Section 3.5), or inother words that there is no closed term of typeโฅ, we can derive canonicity of TTobs[Canonicity.agda].
3.4 Decidability of typingWe first need to show that the conversion judgment is decidable. This is done by defining analgorithmic version of the conversion of two terms ๐ก and ๐ข which basically amounts to computingthe whnf of ๐ก and ๐ข, comparing their head, and applying the algorithm recursively if necessary[Conversion.agda]. Correctness of this algorithmic conversion is easily obtained, as the rules used arespecial cases of the conversion judgement [Soundness.agda]. Then, we can show that algorithmicconversion is also complete by replaying the fundamental lemma with a definition of the logicalrelation that uses algorithmic conversion instead of typed conversion [Completeness.agda]. To do so,the main difficulty is to show that algorithmic conversion is reflexive, symmetric and transitive. Inour formal proof, we follow Abel et al. [2018] in factoring the two instances of the fundamentallemma by defininig a generic interface for both algorithmic conversion and typed conversion, andusing this interface in the definition of the logical relation [EqualityRelation.agda].
Then, to get decidability of type checking, we can simply rely on the work of Lennon-Bertrand[2021] on bidirectional type-checking, which defines an algorithmic version of type-checkingprovided that the theory enjoys subject reduction and decidability of conversion.
3.5 Consistency: The Setoid ModelTTobs is designed to describe the behavior of constructive setoids. In order to justify this claim, webuild a model of TTobs where every context and proof-relevant type is interpreted as a setoid ina constructive set theory with induction-recursion [Aczel 1978], following the seminal proof ofHofmann [1995]. Then, by interpreting TTobs in this model, we can prove the following theorem,which is the central missing piece of the metatheory of TTobs:
Theorem 3.7 (Consistency of TTobs). There is no inhabitant of โฅ in the empty context.
We work in a constructive set theory that supports inductive-recursive definitions and oneGrothendieck universe. While it would be more satisfying to use a constructive type theory, as inthe normalization proof, it is significantly more challenging. This is because the interpretation ofthe syntax in our model is only defined on well-typed terms, but should not depend on the typingderivation. While properly establishing this in a typed context is non-trivial, the added flexibilityof set theory makes the task straightforward. We will write N for the set of natural numbers in ourmeta-theory, (๐ฅ โ ๐ด) โ ๐ต(๐ฅ) for dependent functions and (๐ฅ โ ๐ด) ร ๐ต(๐ฅ) for dependent products.
We define a setoid to be a carrier set ๐ด and a setoid equality predicate on ๐ด ร๐ด that is reflexive,symmetric and transitive, which we write โ. Alternatively, we can define setoids to be small
15
736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784
POPL, 2022, jsp Loรฏc Pujet and Nicolas Tabareau
categories such that morphism sets are subsingletons, and every morphism is invertible. We willmake use of both perspectives, and use the notation ๐ โ ๐ to mean either the proposition or thecorresponding subsingleton. Given two setoids ๐ด and ๐ต, we write ๐ด โ๐ ๐ต for the set of functionsthat preserve setoid equality. This set inherits a natural setoid structure from pointwise setoidequality. ๐ด โ๐ ๐ต denotes the set of setoid equivalences, which are pairs of setoid functions in bothdirections that cancel. Given ๐ โ ๐ด โ๐ ๐ต, the induced function from๐ด to ๐ต is simply noted ๐ , whilethe other direction is noted ๐โ1.
The setoid equivalence turns the (large) set of all small setoids Setoid into a groupoid, or in otherwords a category where all morphisms are invertible. Given any setoid ๐ด, this allows us to definedependent setoids as functions from ๐ด to Setoid that send setoidal equalities to setoid equivalences,in a way that is compatible with composition and identity. Then, given a setoid ๐ด and a dependentsetoid ๐ต : ๐ด โ๐ Setoid, we write (๐ฅ โ ๐ด) โ๐ ๐ต(๐ฅ) for the setoid of dependent functions, withpointwise equality. We also form a setoid Prop by using the set of subsingletons as the carrier, withlogical equivalence as the equality.The central object in the setoid model is a dual hierarchy of small setoids U๐ and ๐๐ , which
contain codes for the setoids and propositions that can be constructed in TTobs. We build theseuniverses of codes using induction-recursion: we define the sets U๐ and ๐๐ by induction, and wesimultaneously use recursion on them to define interpretation functions el : U๐ โ Setoid andval : ๐๐ โ Prop, setoid equality on U๐ and ๐๐ , as well as proofs that el and val preserve that setoidequality. All of this is done under an external induction on ๐ and is given in Fig. 7.We have omitted quite a few bureaucratic proofs from this definition, such as the reflexivity,
symmetry and transitivity of โ, or the fact that el-eq is compatible with reflexivity and transitivity.We also freely make use of the fact that equality is decidable on integers.
With this, we obtain two families of setoids U๐ and ๐๐ , along with a dependent setoid el : U๐ โ๐
Setoid and a setoid function val : ๐๐ โ๐ Prop. This construction turns the category of setoidsand setoid functions into a universe category in the sense of Voevodsky [2015]. Our model is acontextual category/C-system built from this universe category. In the following, we describe theconstruction of the setoid model without assuming familiarity with contextual categories.
We now use U๐ and ๐๐ to define the types and the terms of the setoid model. From now on, wewill write s to mean either U or ๐ and we will also write cฮ for any of cฮ ฮฉฮฉ , cฮ ฮฉU, cฮ Uฮฉ and cฮ UU.Given a setoid ฮ, a semantic type of level ๐ over ฮ is simply a setoid function ฮ โ๐ s๐ . We writethese sets as Ty๐ ,๐ ฮ. Then, given a semantic type ๐ด over ฮ, we define the set of semantic terms oftype ๐ด to be the setoidal dependent product (๐ฅ โ ฮ) โ๐ el ๐ด(๐ฅ). We note this set tm ๐ด.The contexts of our model are setoids which are inductively built from the terminal setoid as
sequences of types:
Con ::= โข : Con| _, _ : (ฮ โ Con) โ Ty๐ฐ,๐ ฮ โ Con (โ๐ โ N)| _, _ : (ฮ โ Con) โ Tyฮฉ,๐ ฮ โ Con (โ๐ โ N)
Being telescopes of setoids, inhabitants of Con have an obvious interpretation as setoids: theelements of ฮ โ Con are dependent lists of inhabitants for all of the types and propositions in ฮ,and the setoid equality is inherited from pointwise setoid equality of lists.
We have all of the required blocks to get the structure of a category with families [Dybjer 1996]and thus a model of MLTT.
3.6 Interpreting TTobs in the Setoid ModelWe now describe how to interpret the judgments of TTobs in the setoid model where: (i) a well-formedness judgment โข ฮ will be interpreted as a setoid in Con (ii) a type judgment ฮ โข ๐ด : ๐ ๐ will
16
785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833
Observational Equality: Now For Good POPL, 2022, jsp
U๐ ::= cN : U๐
| cฮ UU : (๐ด โ U๐ ) โ (el ๐ด โ๐ U๐ ) โ U๐ where ๐, ๐ < ๐
| cฮ ฮฉU : (๐ด โ ๐ ๐ ) โ (el ๐ด โ๐ U๐ ) โ U๐ where ๐, ๐ < ๐
| cU : { ๐ โ N | ๐ < ๐} โ U๐
| cฮฉ : { ๐ โ N | ๐ < ๐} โ U๐
๐๐ ::= cโฅ : ๐๐
| cฮ Uฮฉ : (๐ด โ U๐ ) โ (el ๐ด โ๐ ๐๐ ) โ ๐๐ where ๐, ๐ < ๐
| cฮ ฮฉฮฉ : (๐ด โ ๐ ๐ ) โ (el ๐ด โ๐ ๐๐ ) โ ๐๐ where ๐, ๐ < ๐
| cโ : (๐ด โ ๐๐ ) โ (el ๐ด โ๐ ๐๐ ) โ ๐๐
el : U๐ โ Setoidel cN := Nel (cฮ UU ๐ด ๐ต) := (๐ฅ โ el ๐ด) โ๐ el ๐ต(๐ฅ)el (cฮ ฮฉU ๐ด ๐ต) := (๐ฅ โ val ๐ด) โ el ๐ต(๐ฅ)el (cU ๐) := U๐
el (cฮฉ ๐) := ๐ ๐
val : ๐๐ โ Propval cโฅ := โฅval (cฮ Uฮฉ ๐ด ๐ต) := (๐ฅ โ el ๐ด) โ๐ val ๐ต(๐ฅ)val (cฮ ฮฉฮฉ ๐ด ๐ต) := (๐ฅ โ val ๐ด) โ val ๐ต(๐ฅ)val (cโ ๐ด ๐ต) := (๐ฅ โ val ๐ด) ร val ๐ต(๐ฅ)
_ โ _ : U๐ โ U๐ โ PropcN โ cN := โคcฮ UU ๐ด ๐ต โ cฮ UU ๐ดโฒ ๐ตโฒ := (๐ โ ๐ด โ ๐ดโฒ) ร ((๐ฅ โ el ๐ด) โ๐ ๐ต(๐ฅ) โ ๐ตโฒ(el-eq ๐ ๐ฅ))
when ๐ = ๐ โฒ and ๐ = ๐ โฒ
cฮ ฮฉU ๐ด ๐ต โ cฮ ฮฉU ๐ดโฒ ๐ตโฒ := (๐ โ ๐ด โ ๐ดโฒ) ร ((๐ฅ โ val ๐ด) โ ๐ต(๐ฅ) โ ๐ตโฒ(val-eq ๐ ๐ฅ))when ๐ = ๐ โฒ and ๐ = ๐ โฒ
cU ๐ โ cU ๐ โฒ := ๐ = ๐ โฒ
cฮฉ ๐ โ cฮฉ ๐ โฒ := ๐ = ๐ โฒ
_ โ _ := โฅ otherwise
_ โ _ : ๐๐ โ ๐๐ โ Prop๐ด โ ๐ต := val ๐ด โ val ๐ต
el-eq : (๐ด โ U๐ ) โ (๐ต โ U๐ ) โ ๐ด โ ๐ต โ el ๐ด โ๐ el ๐ตel-eq cN cN ๐ := (๐ฅ โฆโ ๐ฅ , ๐ฅ โฆโ ๐ฅ)el-eq (cฮ UU ๐ด ๐ต) (cฮ UU ๐ดโฒ ๐ตโฒ) ๐ := (๐ โฆโ (๐ฅ โฆโ el-eq (๐.2 (el-eqโ1 ๐.1 ๐ฅ)) (๐ (el-eqโ1 ๐.1 ๐ฅ)))
, ๐ โฆโ (๐ฅ โฆโ el-eqโ1 (๐.2 (el-eq ๐.1 ๐ฅ)) (๐ (el-eq ๐.1 ๐ฅ))))el-eq (cฮ ฮฉU ๐ด ๐ต) (cฮ ฮฉU ๐ดโฒ ๐ตโฒ) ๐ := (๐ โฆโ (๐ฅ โฆโ el-eq (๐.2 (val-eqโ1 ๐.1 ๐ฅ)) (๐ (val-eqโ1 ๐.1 ๐ฅ)))
, ๐ โฆโ (๐ฅ โฆโ el-eqโ1 (๐.2 (val-eq ๐.1 ๐ฅ)) (๐ (val-eq ๐.1 ๐ฅ))))el-eq (cU ๐) (cU ๐) ๐ := (๐ฅ โฆโ ๐ฅ , ๐ฅ โฆโ ๐ฅ)el-eq (cฮฉ ๐) (cฮฉ ๐) ๐ := (๐ฅ โฆโ ๐ฅ , ๐ฅ โฆโ ๐ฅ)
val-eq : (๐ด โ ๐๐ ) โ (๐ต โ ๐๐ ) โ ๐ด โ ๐ต โ val ๐ด โ val ๐ตval-eq ๐ด ๐ต ๐ := ๐
Fig. 7. The Setoid Model
be interpreted as a semantic type over the interpretation of ฮ (iii) a typing judgment ฮ โข ๐ก : ๐ด willbe interpreted as a semantic term of the corresponding semantic type (iv) a convertibility judgmentฮ โข ๐ก โก ๐ข : ๐ต will be interpreted as meta-theoretical equality of the interpretations of ๐ก and ๐ข.Since reduction is contained in convertibility, the model will necessarily interpret reduction asequalityโit is not fine enough to distinguish the two notions.Our interpretation is defined by induction on the syntax of the terms, following Hofmann
[1993]. The context interpretation turns a syntactical context ฮ into a setoid JฮK โ Con. The type
17
834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882
POPL, 2022, jsp Loรฏc Pujet and Nicolas Tabareau
J๐ฐ๐Kฮ ๐ฅ := cU ๐
Jฮฉ๐Kฮ ๐ฅ := cฮฉ ๐
Jฮ (๐ฆ : ๐น ). ๐บKฮ ๐ฅ := cฮ (J๐นKฮ ๐ฅ) (๐ฆ โฆโ J๐บKฮ,๐ฆ:๐น ๐ฅ,๐ฆ)J_(๐ฆ : ๐น ). ๐กKฮ ๐ฅ := ๐ฆ โฆโ (J๐กKฮ,๐ฆ:๐น ๐ฅ,๐ฆ)
J๐ก ๐ขKฮ ๐ฅ := (J๐กKฮ ๐ฅ) (J๐ขKฮ ๐ฅ)JNKฮ ๐ฅ := cNJ0Kฮ ๐ฅ := 0
JS ๐กKฮ ๐ฅ := S (J๐กKฮ ๐ฅ)JNโelim(๐, ๐ก0, ๐ก๐ , ๐)Kฮ ๐ฅ := Nโelim(el โฆ (J๐Kฮ ๐ฅ), J๐ก0Kฮ ๐ฅ, J๐ก๐Kฮ ๐ฅ, J๐Kฮ ๐ฅ)
Jโ(๐ฆ : ๐น ). ๐บKฮ ๐ฅ := cโ (J๐นKฮ ๐ฅ) (๐ฆ โฆโ J๐บKฮ,๐ฆ:๐น ๐ฅ,๐ฆ)Jโจ๐ก,๐ขโฉKฮ ๐ฅ := (J๐กKฮ ๐ฅ, J๐ขKฮ ๐ฅ)Jfst(๐ก)Kฮ ๐ฅ := (J๐กKฮ ๐ฅ).1
Jsnd(๐ก)Kฮ ๐ฅ := (J๐กKฮ ๐ฅ).2JโฅKฮ ๐ฅ := cโฅ
Jโฅโelim(๐ด, ๐ก)Kฮ ๐ฅ := โฅโelim(el(J๐ดKฮ ๐ฅ), J๐กKฮ ๐ฅ)J๐ก โผ๐ด ๐ขKฮ ๐ฅ := J๐กKฮ ๐ฅ โ J๐ขKฮ ๐ฅ in el(J๐ดKฮ ๐ฅ)Jrefl(๐ก)Kฮ ๐ฅ := ๐refl
Jtransp(๐ก,๐บ,๐ข, ๐ก โฒ, ๐)Kฮ ๐ฅ := val-eqJcast(๐ด, ๐ต, ๐, ๐ก)Kฮ ๐ฅ := el-eq(J๐ดKฮ ๐ฅ, J๐ตKฮ ๐ฅ, J๐Kฮ ๐ฅ, J๐กKฮ ๐ฅ)Jcastrefl(๐ด, ๐ก)Kฮ ๐ฅ := ๐id
Fig. 8. Interpretation of TTobs in the Setoid Model
interpretation turns a syntactical context ฮ and a syntactical term ๐ด into an element J๐ดKฮ โ tm U๐
for some ๐ . The term interpretation turns a syntactical context ฮ and a syntactical term ๐ก of type ๐ดinto an element J๐กKฮ โ tm (el โฆ J๐ดKฮ).
The reader might notice that the type interpretation is really an instance of the term interpretation.This is to be expected, since TTobs features Russel-style universes, that do not separate types andterms. As we cannot hope for every syntactical term to have an interpretation, we define theinterpretation as partial functions from the syntax to the model. In the definition by recursion, weconsider that whenever a term reduces to an expression that does not make sense, the interpretationis not defined. It is possible to prove that the interpretation function is total when restricted to thewell-typed terms afterwards.
The interpretation of contexts is given by JโขK := 1 and Jฮ, ๐ฅ : ๐ดK := JฮK, el โฆ J๐ดKฮ and variablesare interpreted as projections:
J๐ฅKฮ,๐ฅ :๐ด (๐ฅ1, ..., ๐ฅ๐) := ๐ฅ๐J๐ฅKฮ,๐ฆ:๐ด (๐ฅ1, ..., ๐ฅ๐) := J๐ฅKฮ (๐ฅ1, ..., ๐ฅ๐โ1)
Then, the interpretation of the basic theory is not too surprising. Since terms correspond tosetoid functions, we define them by their behavior when applied to an arbitrary ๐ฅ โ JฮK. This isdefined in the first part of Fig. 8. Finally, to interpret observational equality and its cast operation,we use the setoid structure of the universe: where ๐refl is obtained from the reflexivity of setoidequality, and ๐id is obtained from the behavior of el-eq on reflexivity.In order to prove the soundness of our interpretation, we need to extend it to weakenings
and substitutions between contexts: Assume ฮ and ฮ are a syntactical contexts, and ๐ด and ๐ก aresyntactical terms. In case Jฮ, ๐ฅ : ๐ด,ฮK and Jฮ,ฮK are well-defined, let ๐๐ด be the projection:
๐๐ด : Jฮ, ๐ฅ : ๐ด,ฮK โ๐ Jฮ,ฮK
( ยฎ๐ฅฮ, ๐ฅ๐ด, ยฎ๐ฅฮ) โฆโ ( ยฎ๐ฅฮ, ยฎ๐ฅฮ) .
18
883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931
Observational Equality: Now For Good POPL, 2022, jsp
In case Jฮ,ฮ[๐ฅ := ๐ก]K and Jฮ, ๐ฅ : ๐ด,ฮK are well-defined, we define the setoid function ๐๐ก by:๐๐ก : Jฮ,ฮ[๐ฅ := ๐ก]K โ๐ Jฮ, ๐ฅ : ๐ด,ฮK
( ยฎ๐ฅฮ, ยฎ๐ฅฮ) โฆโ ( ยฎ๐ฅฮ, J๐กKฮ, ยฎ๐ฅฮ).
Lemma 3.8 (Weakening). ๐๐ด is the semantic counterpart to the weakening of ๐ด: for all terms ๐ข,when both sides are well defined, we have:
J๐ขKฮ,๐ฅ :๐ด,ฮ = J๐ขKฮ,ฮ โฆ ๐๐ดLemma 3.9 (Substitution). ๐๐ก is the semantic counterpart to the substitution by ๐ก : for all terms ๐ข,
when both sides are well defined, we have:
J๐ข [๐ฅ := ๐ก]Kฮ,ฮ [๐ฅ :=๐ก ] = J๐ขKฮ,๐ฅ :๐ด,ฮ โฆ ๐๐ก
Theorem 3.10 (Soundness of the Setoid Model).(1) If โข ฮ then JฮK โ Con.(2) If ฮ โข ๐ด : ๐ ๐ then el โฆ J๐ดKฮ โ Ty๐ ,๐ ฮ.(3) If ฮ โข ๐ก : ๐ด then J๐กKฮ โ tm (el โฆ J๐ดKฮ).(4) If ฮ โข ๐ก โก ๐ข : ๐ด then J๐กKฮ = J๐ขKฮ
Proof. By induction on the typing derivations. โก
Consistency of TTobs (Theorem 3.7) follows immediately from the soundness theorem: anyinhabitant of โฅ in the empty context is interpreted as a setoid function from the one-element setoidto the empty setoid, but no such function exists.
4 EXTENSIONS TO QUOTIENTS, ID TYPES AND INDUCTIVE TYPESSo far, we have defined and studied a minimal version of TTobs. In this section, we consider severalextensions of the theory. In regular MLTT, adding a type generally means giving rules for typeformation, introduction, elimination and computation of the eliminator. In our case, we also needto provide computation rules for equality of types, equality of terms, and cast. These extensionshave not been formalized in the companion Agda development.
4.1 Quotient TypesQuotients are a ubiquitous construction in mathematics, and one that is famously difficult to handlesmoothly in MLTT. The usual way to handle quotients is via setoids, but since this structure is notbuilt in MLTT, all the functions between setoids, all the predicates, etc... have to be supplementedwith equality preservation lemmasโwhich appears to be quickly unmanageable.
In TTobs however, every type is already a setoid and every term preserves the setoid equality byconstruction. This is a very comfortable setting for quotients, that can thus be added to the theoryโprovided the relation that induces the quotient is proof-irrelevant. This can be seen as a limitation,as noticed by Sterling et al. [2019], as it is generally impossible to extract proof-relevant informationfrom equality in the quotient type. This is in contrast with the development of higher inductivetypes in the cubical setting [Coquand et al. 2018]. On the other hand, the positive consequence ofthis limitation is that the elimination principle of the quotient types is fairly easy to manipulate inTTobs.
Quotient types are defined on a type ๐ด equipped with an equivalence relation on ๐ด
ฮ โข ๐ด : ๐ฐ๐ ฮ โข ๐ : ๐ด โ ๐ด โ ฮฉ ฮ โข ๐ ๐ : ฮ (๐ฅ : ๐ด) . ๐ ๐ฅ ๐ฅ
ฮ โข ๐ ๐ : ฮ (๐ฅ,๐ฆ : ๐ด). ๐ ๐ฅ ๐ฆ โ ๐ ๐ฆ ๐ฅ ฮ โข ๐ ๐ก : ฮ (๐ฅ,๐ฆ, ๐ง : ๐ด) . ๐ ๐ฅ ๐ฆ โ ๐ ๐ฆ ๐ง โ ๐ ๐ฅ ๐ง
ฮ โข ๐ด/(๐ , ๐ ๐ , ๐ ๐ , ๐ ๐ก ) : ๐ฐ๐
19
932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980
POPL, 2022, jsp Loรฏc Pujet and Nicolas Tabareau
Since the proofs of reflexivity, symmetry and transitivity appear everywhere but are proof-irrelevant, we will generally omit them in the assumptions of the rules, and write ๐ด/๐ insteadof ๐ด/(๐ , ๐ ๐ , ๐ ๐ , ๐ ๐ก ). The only constructor of quotient types is the canonical projection: from anelement ๐ก of๐ด, one obtains an element ๐ (๐ก) of๐ด/๐ that is whnf, and equality between two canonicalprojections reduces to ๐ .
ฮ โข ๐ก : ๐ดฮ โข ๐ (๐ก) : ๐ด/๐
ฮ โข ๐ก : ๐ด ฮ โข ๐ข : ๐ดฮ โข ๐ (๐ก) โผ๐ด/๐ ๐ (๐ข) โ ๐ ๐ก ๐ข : ฮฉ๐
The definition of cast between two quotient types reduces when the casted term is a canonicalprojection.
ฮ โข ๐ : ๐ด/๐ โผ๐ฐ ๐ดโฒ/๐ โฒ ฮ โข ๐ก : ๐ดฮ โข cast(๐ด/๐ ,๐ดโฒ/๐ โฒ, ๐, ๐ (๐ก)) โ ๐ (cast(๐ด,๐ดโฒ, fst(๐), ๐ก)) : ๐ด/๐ โฒ
Observational equality between two quotient types reduces to equality of the (proof-relevantpart of the) telescopes that define each quotient:
ฮ โข ๐ด : ๐ฐ๐ ฮ โข ๐ : ๐ด โ ๐ด โ ฮฉ ฮ โข ๐ดโฒ : ๐ฐ๐ ฮ โข ๐ โฒ : ๐ดโฒ โ ๐ดโฒ โ ฮฉ
ฮ โข ๐ด/๐ โผ๐ฐ ๐ดโฒ/๐ โฒ โ โ(๐ : ๐ด โผ๐ฐ ๐ดโฒ) .ฮ (๐ฅ ๐ฆ : ๐ด) . ๐ ๐ฅ ๐ฆ โผฮฉ ๐ cast(๐ด,๐ดโฒ, ๐, ๐ฅ) cast(๐ด,๐ดโฒ, ๐, ๐ฆ) : ฮฉ๐
The eliminator for quotient types encodes the universal property of quotients: to construct afunction out of a quotient ๐ด/๐ , it suffices to give a function ๐ก๐ out of ๐ด such that if ๐ ๐ฅ ๐ฆ, then theirimages under ๐ก๐ are equal.
ฮ โข ๐ต : ๐ด/๐ โ ๐ ๐ ฮ โข ๐ก๐ : ฮ (๐ฅ : ๐ด). ๐ต ๐ (๐ฅ)ฮ โข ๐กโผ : ฮ (๐ฅ,๐ฆ : ๐ด).ฮ (๐ : ๐ ๐ฅ ๐ฆ) . (๐ก๐ ๐ฅ) โผ๐ต ๐ (๐ฅ) cast(๐ต ๐ (๐ฆ), ๐ต ๐ (๐ฅ), ๐ต ๐โ1, ๐ก๐ ๐ฆ) ฮ โข ๐ข : ๐ด/๐
ฮ โข Qโelim(๐ต, ๐ก๐ , ๐กโผ, ๐ข) : ๐ต ๐ข
The eliminator for quotient types has the obvious computation ruleฮ โข ๐ต : ๐ด/๐ โ ๐ ๐ ฮ โข ๐ก๐ : ฮ (๐ฅ : ๐ด). ๐ต ๐ (๐ฅ)
ฮ โข ๐กโผ : ฮ (๐ฅ,๐ฆ : ๐ด) .ฮ (๐ : ๐ ๐ฅ ๐ฆ). (๐ก๐ ๐ฅ) โผ๐ต ๐ (๐ฅ) cast(๐ต ๐ (๐ฆ), ๐ต ๐ (๐ฅ), ๐ต ๐โ1, ๐ก๐ ๐ฆ) ฮ โข ๐ข : ๐ดฮ โข Qโelim(๐ต, ๐ก๐ , ๐กโผ, ๐ (๐ข)) โ ๐ก๐ ๐ข : ๐ต (๐ (๐ข))
There are also reduction rules that reduce terms to a weak head normal form under equality (ofthe form ๐ด/๐ โผ๐ฐ ๐ , and ๐ฅ โผ๐ด/๐ ๐ฆ, ๐ (๐) โผ๐ด/๐ ๐ฆ), and similarly for cast and quotient elimination,as well as new congruence rules.We now turn to the proof that the metatheoretical properties of TTobs are preserved by the
addition of quotient types. More explicitly, we extend the logical relation framework and itsfundamental lemma, as well as the setoid model, to quotient types. From there, we can replay ourproofs of consistency, normalization, canonicity and decidability.
Reducibility. We first extend the reducibility proof to quotient types. Since they add a new familyof types in normal form, we need to add a case to the logical relation:
ฮ โข ๐ด โโ ๐ดโฒ/(๐ , ๐ ๐ , ๐ ๐ , ๐ ๐ก ) : ๐ฐ๐ฮ โข ๐ดโฒ : ๐ฐ๐ โฮ ๐. ฮ โฉโ ๐ด
โฒ[๐] ฮ โฉโ ๐ : ๐ดโฒ โ ๐ดโฒ โ ฮฉ ฮ โข ๐ ๐ : ฮ (๐ฅ : ๐ดโฒ). ๐ ๐ฅ ๐ฅ
ฮ โข ๐ ๐ : ฮ (๐ฅ,๐ฆ : ๐ดโฒ) . ๐ ๐ฅ ๐ฆ โ ๐ ๐ฆ ๐ฅ ฮ โข ๐ ๐ก : ฮ (๐ฅ,๐ฆ, ๐ง : ๐ดโฒ). ๐ ๐ฅ ๐ฆ โ ๐ ๐ฆ ๐ง โ ๐ ๐ฅ ๐ง
ฮ โฉโ ๐ด
Given a type ๐ด reducible to a quotient type, we define:โข ฮ โฉโ ๐ด โก ๐ต if there are terms ๐ตโฒ, ๐,๐๐ , ๐๐ , ๐๐ก such thatโ ฮ โข ๐ต โโ ๐ตโฒ/(๐,๐๐ , ๐๐ , ๐๐ก ) : ๐ฐ๐
โ โฮ ๐. ฮ โฉโ ๐ดโฒ[๐] โก ๐ตโฒ[๐]
โ ฮ โฉโ ๐ โก ๐ : ๐ดโฒ โ ๐ดโฒ โ ฮฉ .
20
981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029
Observational Equality: Now For Good POPL, 2022, jsp
โข ฮ โฉโ ๐ก : ๐ด if there is a normal form ๐ก โฒ such that ฮ โข ๐ก โโ ๐ก โฒ : ๐ดโฒ/๐ and ฮ โฉ๐ ๐ก โฒ, which isdefined by
ฮ โฉโ ๐ก : ๐ดโฒ
ฮ โฉ๐ ๐ (๐ก)ฮ โข ๐ : ๐ดโฒ/๐ ๐ is neutral
ฮ โฉ๐ ๐
โข ฮ โฉโ ๐ก โก ๐ข : ๐ด if there are normal forms ๐ก โฒ, ๐ข โฒ such that ฮ โข ๐ก โโ ๐ก โฒ : ๐ดโฒ/๐ and ฮ โข ๐ข โโ ๐ข โฒ :๐ดโฒ/๐ , and ฮ โฉ๐ ๐ก โฒ โก ๐ข โฒ, which is inductively defined by
ฮ โฉโ ๐ก โก ๐ข : ๐ดโฒ
ฮ โฉ๐ ๐ (๐ก) โก ๐ (๐ข)ฮ โข ๐ โก๐ : ๐ดโฒ/๐ ๐,๐ are neutral
ฮ โฉ๐ ๐ โก๐
Then, the proof of the fundamental lemma can be extended to handle the new typing rules, as wellas the new cases of logical relation.
Interpretation in the Model. The type Setoid of setoids is naturally closed under quotients. Indeed,given a setoid ๐ด, providing ๐ด with a relation ๐ : ๐ด ร๐ด โ๐ Prop that is reflexive, symmetric andtransitive is exactly the same thing as defining an equivalence relation on the carrier set of ๐ด thatextends setoidal equality. Then, ๐ด/๐ is simply defined as a setoid having ๐ด for its carrier set, andthe relation ๐ as its setoidal equality. One can then easily show that ๐ด/๐ satisfies the universalproperty of a mathematical quotient, which tells us that this construction is the right candidate tointerpret our quotient types.
However, our universe hierarchy U๐ is not closed under quotients, since its elements are induc-tively built from N, universes and function types. Therefore, we need to modify our inductive-recursive definition to account for them. In the definition of U๐ , we add a constructor
c๐ : (๐ด : U๐ )โ (๐ : el ๐ด โ๐ el ๐ด โ๐ ๐๐ )โ (๐ ๐ : (๐ฅ : el ๐ด) โ๐ val (๐ ๐ฅ ๐ฅ))โ (๐ ๐ : (๐ฅ ๐ฆ : el ๐ด) โ๐ val (๐ ๐ฅ ๐ฆ) โ val (๐ ๐ฆ ๐ฅ))โ (๐ ๐ก : (๐ฅ ๐ฆ ๐ง : el ๐ด) โ๐ val (๐ ๐ฅ ๐ฆ) โ val (๐ ๐ฆ ๐ง) โ val (๐ ๐ฅ ๐ง))โ U๐
In the definition of el, our new constructor is handled as follows:el (c๐ ๐ด ๐ ๐ ๐ ๐ ๐ ๐ ๐ก ) := (el ๐ด)/(_ ๐ฅ ๐ฆ. val (๐ ๐ฅ ๐ฆ))
In the definition of the setoidal equality on U๐ :c๐ ๐ด ๐ ๐ ๐ ๐ ๐ ๐ ๐ก โ c๐ ๐ดโฒ ๐ โฒ ๐ โฒ
๐ ๐ โฒ๐ ๐
โฒ๐ก := (๐ : ๐ด โ ๐ดโฒ) ร ((๐ฅ ๐ฆ : ๐ด) โ๐ ๐ ๐ฅ ๐ฆ โ ๐ โฒ (el-eq ๐ ๐ฅ) (el-eq ๐ ๐ฆ))
and all of the other cases that involve c๐ and a different constructor reduce to โฅ. We also need toupdate the definition of el-eq:
el-eq (c๐ ๐ด ๐ ๐ ๐ ๐ ๐ ๐ ๐ก ) (c๐ ๐ดโฒ ๐ โฒ ๐ โฒ๐ ๐
โฒ๐ ๐
โฒ๐ก ) ๐ := (_๐ฅ.el-eq ๐ด ๐ดโฒ ๐.1 ๐ฅ , _๐ฅ .el-eqโ1 ๐ด ๐ดโฒ ๐.1 ๐ฅ)
Finally, the reader can check that we can extend the proofs of reflexivity, symmetry and transitivityfor โ on U๐ , as well as the proofs that el-eq is compatible with reflexivity and transitivity. Thisdefines a new universe that is closed under quotient type formation. We let the reader check thatthe interpretation of the syntax that defines quotients can be done in this extended universe U๐ .
4.2 Id TypesThe reader may wonder if TTobs extends Martin-Lรถf type theory with inductive types: that is,whether a judgment of MLTT is a judgment in the proof-relevant fragment of TTobs. Our ruleshandle the universe hierarchy, dependent products, the natural numbers in the exact same way.But there are some difficulties with Martin-Lรถf identity type inductive equality, and more generallywith indexed inductive types.
21
1030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078
POPL, 2022, jsp Loรฏc Pujet and Nicolas Tabareau
The first idea that might come to the readerโs mind is to use the proof equality types of TTobs tointerpret the ๐ผ -types of MLTT. Sure enough, proof irrelevance will provide us with more definitionalequalities than what we require. However, we need to explain how we interpret the ๐ฝ eliminatorfor proof-relevant predicates.
It is not too hard to design a term that satisfies the correct typing rule, for instance, the term
ฮ โข ๐ด : ๐ฐ๐ฮ โข ๐ก : ๐ด ฮ โข ๐ต : ฮ (๐ฅ : ๐ด) . ๐ก โผ๐ด ๐ฅ โ ๐ฐ๐ ฮ โข ๐ : ๐ต ๐ก refl(๐ก) ฮ โข ๐ก โฒ : ๐ด ฮ โข ๐ : ๐ก โผ๐ด ๐ก โฒ
ฮ โข cast(๐ต ๐ก refl(๐ก), ๐ต ๐ก โฒ ๐, eqJ (๐ด, ๐ก,๐ข, ๐ก โฒ, ๐), ๐) : ๐ต ๐ก โฒ ๐
where
eqJ (๐ด, ๐ก, ๐ต,๐ข, ๐ก โฒ)๐ := transp(๐ก, _(๐ฅ : ๐ด) . _(๐ โฒ : ๐ก โผ ๐ฅ). ๐ต ๐ก refl(๐ด) โผ ๐ต ๐ฅ ๐ โฒ, refl(๐ต ๐ก refl(๐ด)), ๐ก โฒ, ๐).
But the computational behavior is not preserved: in general, this term will not reduce to ๐ข whenwe substitute ๐ก โฒ = ๐ก and ๐ = refl(๐ก). It might do when ๐ต is a closed term, but it certainly wil not if ๐ตis a neutral term. More generally, there is no hope to interpret ๐ผ -types as proof-irrelevant types:๐ผ -types compute by doing reduction and pattern-matching on the equality proof, which cannothappen in a proof-irrelevant context.A very similar problem was encountered by Cohen et al. [2015] in Cubical Type Theory with
equality defined using the Path type, and solved by Swan [2016]. Following his ideas, we introduceId-types:
ฮ โข ๐ด : ๐ฐ๐ ฮ โข ๐ก : ๐ด ฮ โข ๐ข : ๐ดฮ โข Id(๐ด, ๐ก,๐ข) : ๐ฐ๐
ฮ โข ๐ด : ๐ฐ๐ ฮ โข ๐ก : ๐ดฮ โข Idrefl(๐ก) : Id(๐ด, ๐ก, ๐ก)
ฮ โข ๐, ๐ โฒ : Id(๐ด, ๐ก,๐ข)ฮ โข ๐ โผId(๐ด,๐ก,๐ข) ๐
โฒ โ โค : ฮฉ๐
ฮ โข ๐ด : ๐ฐ๐ฮ โข ๐ก : ๐ด ฮ โข ๐ต : ฮ (๐ฅ : ๐ด). Id(๐ด, ๐ก, ๐ฅ) โ ๐ ๐ ฮ โข ๐ข : ๐ต ๐ก Idrefl(๐ก) ฮ โข ๐ก โฒ : ๐ด ฮ โข ๐ : Id(๐ด, ๐ก, ๐ก โฒ)
ฮ โข J(๐ด, ๐ก, ๐ต,๐ข, ๐ก โฒ, ๐) : ๐ต ๐ก โฒ ๐
ฮ โข ๐ด : ๐ฐ๐ ฮ โข ๐ก : ๐ด ฮ โข ๐ต : ฮ (๐ฅ : ๐ด) . Id(๐ด, ๐ก, ๐ฅ) โ ๐ ๐ ฮ โข ๐ : ๐ต ๐ก Idrefl(๐ก)ฮ โข J(๐ด, ๐ก, ๐ต, ๐, ๐ก, Idrefl(๐ก)) โ ๐ข : ๐ต ๐ก Idrefl(๐ก)
These rules mimic the behavior of inductive ๐ผ -types, quotiented so they contain only one inhabitantup to propositional equality. Observational equality between two identity types is defined as equalityof the telescopes of arguments, as for the quotient type:
ฮ โข ๐ด : ๐ฐ๐ ฮ โข ๐ก : ๐ด ฮ โข ๐ข : ๐ด ฮ โข ๐ดโฒ : ๐ฐ๐ ฮ โข ๐ก โฒ : ๐ดโฒ ฮ โข ๐ข โฒ : ๐ดโฒ
ฮ โข Id(๐ด, ๐ก,๐ข) โผ๐ฐ Id(๐ดโฒ, ๐ก โฒ, ๐ข โฒ) โโ(๐ : ๐ด โผ๐ฐ ๐ดโฒ) . cast(๐ด,๐ดโฒ, ๐, ๐ก) โผ๐ดโฒ ๐ก โฒ โง cast(๐ด,๐ดโฒ, ๐,๐ข) โผ๐ดโฒ ๐ข โฒ
: ฮฉ ๐
We may hope to define computation rules for cast by simply reducing the equality proof to aweak head normal form, and then commuting cast with the head constructor like we did for otherpositive types. However, we quickly run into a problem:
ฮ โข ๐ด,๐ดโฒ : ๐ฐ๐ ฮ โข ๐ก : ๐ด ฮ โข ๐ก,๐ข : ๐ดโฒ ฮ โข ๐ : Id(๐ด, ๐ก, ๐ก) โผ Id(๐ดโฒ, ๐ก โฒ, ๐ข โฒ)ฮ โข cast(Id(๐ด, ๐ก, ๐ก), Id(๐ดโฒ, ๐ก โฒ, ๐ข โฒ), ๐, Idrefl(๐ก)) โ ? : Id(๐ดโฒ, ๐ก โฒ, ๐ข โฒ)
We cannot reduce this term to Idrefl, because ๐ก โฒ and ๐ข โฒ are not convertible in generalโ๐ onlyprovides us with a propositional equality ๐ก โฒ โผ๐ดโฒ ๐ข โฒ. In order to fix this, we add a term Idpath(๐)that turns any inhabitant of ๐ : ๐ก โผ๐ด ๐ข into an inhabitant of Id(๐ด, ๐ก,๐ข).
ฮ โข ๐ด : ๐ฐ๐ ฮ โข ๐ก : ๐ด ฮ โข ๐ข : ๐ด ฮ โข ๐ : ๐ก โผ๐ด ๐ข
ฮ โข Idpath(๐) : Id(๐ด, ๐ก,๐ข)
22
1079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127
Observational Equality: Now For Good POPL, 2022, jsp
Then, the computation rule for cast on Idrefl(๐ก) can be defined as:
ฮ โข ๐ด,๐ดโฒ : ๐ฐ๐ ฮ โข ๐ก : ๐ด ฮ โข ๐ก โฒ, ๐ข โฒ : ๐ดโฒ ฮ โข ๐ : Id(๐ด, ๐ก, ๐ก) โผ Id(๐ดโฒ, ๐ก โฒ, ๐ข โฒ)
ฮ โข cast(Id(๐ด, ๐ก, ๐ก), Id(๐ดโฒ, ๐ก โฒ, ๐ข โฒ), ๐, Idrefl(๐ก)) โIdpath(fst(snd(๐))โ1 ยท snd(snd(๐))) : Id(๐ดโฒ, ๐ก โฒ, ๐ข โฒ)
We also need to account for this additional constructor in reduction rules:ฮ โข ๐ด : ๐ฐ๐
ฮ โข ๐ก : ๐ด ฮ โข ๐ต : ฮ (๐ฅ : ๐ด) . Id(๐ด, ๐ก, ๐ฅ) โ ๐ ๐ ฮ โข ๐ : ๐ต ๐ก Idrefl(๐ก) ฮ โข ๐ก โฒ : ๐ด ฮ โข ๐ : ๐ก โผ๐ด ๐ก โฒ
ฮ โข J(๐ด, ๐ก, ๐ต, ๐, ๐ก โฒ, Idpath(๐)) โcast(๐ต ๐ก Idrefl(๐ก), ๐ต ๐ก โฒ Idpath(๐), eqJ (๐ด, ๐ก, ๐ต,๐ข, ๐ก โฒ)๐, ๐)
: ๐ต ๐ก โฒ Idpath(๐)
ฮ โข ๐ด,๐ดโฒ : ๐ฐ๐ ฮ โข ๐ก,๐ข : ๐ด ฮ โข ๐ : ๐ก โผ๐ด ๐ข ฮ โข ๐ก โฒ, ๐ข โฒ : ๐ดโฒ ฮ โข ๐ โฒ : Id(๐ด, ๐ก, ๐ก) โผ Id(๐ดโฒ, ๐ก โฒ, ๐ข โฒ)
ฮ โข cast(Id(๐ด, ๐ก,๐ข), Id(๐ดโฒ, ๐ก โฒ, ๐ข โฒ), ๐ โฒ, Idpath(๐)) โIdpath(fst(snd(๐ โฒ))โ1 ยท ap (cast(๐ด,๐ดโฒ, fst(๐ โฒ),โ)) ๐ ยท snd(snd(๐ โฒ))) : Id(๐ดโฒ, ๐ก โฒ, ๐ข โฒ)
Along with congruence rules and reduction of the scrutinee of ๐ฝ and cast, these form the rules forId types.
Relation with Setoid Equality. The introduction rule for IdPath proves that ๐ก โผ๐ด ๐ข imples Id(๐ด, ๐ก,๐ข).Conversely, if we have an inhabitant of Id(๐ด, ๐ก,๐ข), we can get a proof of ๐ก โผ๐ด ๐ข by combining J toreduce it to the case ๐ข = ๐ก , and refl(๐ก) to inhabit ๐ก โผ๐ด ๐ก . Since both types are also contractible (forboth notions of equality), they are equivalent.
Reducibility Proof. In order to fit identity types in the normalization proof, we add another caseto the logical relation:
ฮ โข ๐ด โโ Id(๐ดโฒ, ๐ก, ๐ข) : ๐ฐ๐ ฮ โฉโ ๐ดโฒ ฮ โฉโ ๐ก : ๐ดโฒ ฮ โฉโ ๐ข : ๐ดโฒ
ฮ โฉโ ๐ด
When ๐ด is reducible to an identity type, we define:โข ฮ โฉโ ๐ด โก ๐ต if there are terms ๐ตโฒ, ๐ก โฒ, ๐ข โฒ such thatโ ฮ โข ๐ต โโ Id(๐ตโฒ, ๐ก โฒ, ๐ข โฒ) : ๐ฐ๐
โ ฮ โฉโ ๐ดโฒ โก ๐ตโฒ
โ ฮ โฉโ ๐ก โก ๐ก โฒ : ๐ดโฒ
โ ฮ โฉโ ๐ข โก ๐ข โฒ : ๐ดโฒ.โข ฮ โฉโ ๐ : ๐ด if there is a normal form ๐ โฒ such that ฮ โข ๐ โโ ๐ โฒ : Id(๐ดโฒ, ๐ก, ๐ข) and ฮ โฉId ๐ โฒ, whichis defined by
ฮ โฉId Idrefl(๐ก)ฮ โข ๐ : ๐ก โผ๐ดโฒ ๐ข
ฮ โฉId Idpath(๐)ฮ โข ๐ : Id(๐ดโฒ, ๐ก, ๐ข) ๐ is neutral
ฮ โฉId ๐
โข ฮ โฉโ ๐ โก ๐ : ๐ด if there are normal forms ๐ โฒ, ๐ โฒ such that ฮ โข ๐ โโ ๐ โฒ : Id(๐ดโฒ, ๐ก, ๐ข) andฮ โข ๐ โโ ๐ โฒ : Id(๐ดโฒ, ๐ก, ๐ข), and ฮ โฉId ๐ โฒ โก ๐ โฒ, which is inductively defined by
ฮ โฉId Idrefl(๐ก) โก Idrefl(๐ก)ฮ โข ๐, ๐ : ๐ก โผ๐ดโฒ ๐ข
ฮ โฉId Idpath(๐) โก Idpath(๐ )
ฮ โข ๐ โก๐ : Id(๐ดโฒ, ๐ก, ๐ข) ๐,๐ are neutralฮ โฉId ๐ โก๐
Again, the proof of the fundamental lemma can be extended to handle the new typing rules, aswell as the new cases of the logical relation.
23
1128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176
POPL, 2022, jsp Loรฏc Pujet and Nicolas Tabareau
4.3 Box and SquashBox types embed the proof-irrelevant types into the proof-relevant world. They are useful fora number of constructions: for instance, from a type ๐ด : ๐ฐ๐ and a proof-irrelevant predicate๐ : ๐ด โ ฮฉ๐ , one can build a subset type ฮฃ(๐ฅ : ๐ด) .โก(๐ ๐ฅ) : ๐ฐ๐ whose inhabitants come with a proofof ๐ , but retain the computational behavior of inhabitants of ๐ด.Another typical use of โก is to define a singleton type on which it is possible to reason about
equality. Indeed, although โค has only one inhabitant up-to conversion, it is not possible to statethis internally as equality on propositions is not defined. However, one can state contractibility ofthe type โกโค and prove it, as it lives in ๐ฐ.Box types can be defined as:
ฮ โข ๐ด : ฮฉ๐
ฮ โข โก๐ด : ๐ฐ๐
ฮ โข ๐ด : ฮฉ๐ ฮ โข ๐ก : ๐ดฮ โข โ๐ก : โก๐ด
ฮ โข ๐ก,๐ข : โก๐ดฮ โข ๐ก โผโก๐ด ๐ข โ โค : ฮฉ๐
ฮ โข ๐ด : ฮฉ๐ ฮ โข ๐ก : โก๐ดฮ โข โกโelim(๐ก) : ๐ด
ฮ โข ๐ด, ๐ต : ฮฉ๐
ฮ โข โก๐ด โผ๐ฐ โก๐ต โ ๐ด โผฮฉ ๐ต : ฮฉ ๐
ฮ โข ๐ด, ๐ต : ฮฉ๐ ฮ โข ๐ก : ๐ด ฮ โข ๐ : โก๐ด โผ๐ฐ โก๐ต
ฮ โข cast(โก๐ด,โก๐ต, ๐,โ๐ก) โ โcast(๐ด, ๐ต, ๐, ๐ก) : โก๐ต
Conversely, Squash types embed the proof-relevant world into the proof-irrelevant world.ฮ โข ๐ด : ๐ฐ๐
ฮ โข โฅ๐ดโฅ : ฮฉ๐
ฮ โข ๐ด : ๐ฐ๐ ฮ โข ๐ก : ๐ดฮ โข |๐ก | : โฅ๐ดโฅ
ฮ โข ๐ด : ๐ฐ๐ ฮ โข ๐ : โฅ๐ดโฅ โ ฮฉ ๐ ฮ โข ๐ก๐ด : ฮ (๐ฅ : ๐ด) . ๐ |๐ฅ | ฮ โข ๐ก : โฅ๐ดโฅฮ โข Sโelim(๐, ๐ก๐ด, ๐ก) : ๐ ๐ก
It is not very difficult to check that we can extend the logical relation, as well as Lemmas 3.3 and 3.4so that they handle Box types and Squash types. Likewise, we can extend the setoid model and itsinterpretation function, and obtain that these additions preserve the metatheoretical properties ofTTobs.
4.4 Other Standard Inductive TypesSo far, we have explained how to integrate integers and the identity type to TTobs, but it is notdifficult to integrate ฮฃ-types as well. The rules for ฮฃ-types are similar to the rules for โ-types,except for the fact that the types live in ๐ฐ, which means that we also need to define equality andcast on ฮฃ-types. We note (๐;๐) for pairs in ฮฃ-types to distinguish them from pairs in โ-types.
Eq-Pairฮ โข ๐ : ๐ด ฮ โข ๐โฒ : ๐ด ฮ โข ๐ : ๐ต [๐ฅ := ๐] ฮ โข ๐ โฒ : ๐ต [๐ฅ := ๐โฒ] ๐ โฒ := ap ๐ต ๐
ฮ โข (๐;๐) โผฮฃ๐ด๐ต (๐โฒ;๐ โฒ) โ โ(๐ : ๐ โผ๐ด ๐โฒ) . cast(๐ต [๐ฅ := ๐], ๐ต [๐ฅ := ๐โฒ], ๐ โฒ, ๐) โผ๐ต ๐ โฒ : ฮฉ๐
Eq-ฮฃฮ โข ๐ด,๐ดโฒ : ๐ ๐ ฮ, ๐ฅ : ๐ด โข ๐ต : ๐ โฒ ๐ ฮ, ๐ฅ : ๐ดโฒ โข ๐ตโฒ : ๐ โฒ ๐ ๐ := cast(๐ดโฒ, ๐ด, ๐โ1, ๐โฒ)
ฮ โข ฮฃ(๐ฅ : ๐ด) . ๐ต โผ๐ฐ๐ ฮฃ(๐ฅ : ๐ดโฒ) . ๐ตโฒ โโ(๐ : ๐ด โผ๐ฐ๐ ๐ด
โฒ) .ฮ (๐โฒ : ๐ดโฒ) . ๐ต [๐ฅ := ๐] โผ๐ฐ ๐ ๐ตโฒ[๐ฅ := ๐โฒ] : ฮฉ๐
๐โค๐๐โค๐
Cast-ฮฃฮ โข ๐ : ฮฃ(๐ฅ : ๐ด). ๐ต โผ๐ฐ ฮฃ(๐ฅ : ๐ดโฒ) . ๐ตโฒ ฮ โข ๐ : ๐ด ฮ โข ๐ : ๐ต [๐ฅ := ๐] ๐โฒ := cast(๐ด,๐ดโฒ, fst(๐), ๐)
ฮ โข cast(ฮฃ(๐ฅ : ๐ด). ๐ต, ฮฃ(๐ฅ : ๐ดโฒ) . ๐ตโฒ, ๐, (๐;๐)) โ(๐โฒ; cast(๐ต [๐ฅ := ๐], ๐ต [๐ฅ := ๐โฒ], snd(๐), ๐)) : ฮฃ(๐ฅ : ๐ดโฒ). ๐ตโฒ
We conjecture that the reduction of equality and cast for any indexed inductive types as defined inCIC can be described, although we leave the general construction for future work.
24
1177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225
Observational Equality: Now For Good POPL, 2022, jsp
5 RELATED AND FUTUREWORKCompared to [Altenkirch et al. 2007], the most important ingredient in TTobs is the use of definitionalproof irrelevance. This added flexibility in computations allows our recursors to enjoy propercomputational behavior on open terms, and it also lets us seamlessly treat universe hierarchies.Moreover, the normalization proof for OTT relies on a normalization conjecture for a differenttheory, unlike the normalization proof for TTobs.
In [Altenkirch et al. 2019], the authors define a setoid model in MLTT + ฮฉ . Then, they interpreta version ofMLTT with proof-irrelevant identity types that support propext and funext in theirmodel, thereby providing a computational interpretation of these principles. However, handlinguniverses in their model requires some additions to MLTT + ฮฉ , and the resulting theory is onlyconjectured to be normalizing. In contrast to this, TTobs is a full-fledged type theory and does notrequire any external model to compute.
Compared to XTT [Sterling et al. 2019], the strengths of TTobs are a normalization strategy thatexhibits canonicity, as well a full proof that conversion and typing are decidable. These propertiesallow us to present a concrete implementation of our system in a proof assistant. In XTT however,Sterling et al. show that typing cannot be decidable, as there is no way to deduce ๐ด โผ ๐ดโฒ and๐ต โผ ๐ตโฒ from a proof of ๐ด ร ๐ต โผ ๐ดโฒ ร ๐ตโฒ. In order to fix this shortcoming, they suggest addinga โtypecaseโ operator to th theory, but argue against it since it forces the universe to be closed,thereby severely constraining the possible semantics. In TTobs, we obtain the injectivity of typecontructors from the behavior of observational equality in the universe. These rules somewhatconstrain the semanticsโfor instance, we cannot interpret TTobs in set theory using a Grothendieckuniverse as the interpretation of ๐ฐโ but our universe remains open to the addition of arbitrarytypes.
Finally, our setoidal adaptation of Swanโs Id types [Swan 2016] turns TTobs into a proper extensionof MLTT, which realizes UIP, funext and propext while enjoying algorithmic canonicity. To thebest of our knowledge, this is a new result.
The natural next step of our work is to implement TTobs inside Coq, Lean or Agda, which shouldnot be too difficult as all of them already feature a proof-irrelevant universe of propositions. Themain missing ingredient for a concrete implementation is a general description of the reduction ofequality and cast on arbitrary indexed inductive types, as explained in Section 4.4.Another interesting line of work is the marriage of TTobs with cubical type theory in a 2-level
type theory setting [Altenkirch et al. 2016; Capriotti 2017; Voevodsky 2013], which could lead to animplementation of TTobs in the cubical extension of Agda [Vezzosi et al. 2019].
REFERENCESAndreas Abel and Thierry Coquand. 2020. Failure of Normalization in Impredicative Type Theory with Proof-Irrelevant
Propositional Equality. Logical Methods in Computer Science Volume 16, Issue 2 (June 2020). https://doi.org/10.23638/LMCS-16(2:14)2020
Andreas Abel, Joakim รhman, and Andrea Vezzosi. 2018. Decidability of Conversion for Type Theory in Type Theory.Proceedings of the ACM on Programming Languages 2, POPL, Article 23 (Jan. 2018), 29 pages. https://doi.org/10.1145/3158111
Peter Aczel. 1978. The Type Theoretic Interpretation of Constructive Set Theory. In Logic Colloquium โ77, Angus Macintyre,Leszek Pacholski, and Jeff Paris (Eds.). Studies in Logic and the Foundations of Mathematics, Vol. 96. Elsevier, 55โ66.https://doi.org/10.1016/S0049-237X(08)71989-X
T. Altenkirch. 1999. Extensional equality in intensional type theory. In Proceedings. 14th Symposium on Logic in ComputerScience (Cat. No. PR00158). 412โ420. https://doi.org/10.1109/LICS.1999.782636
Thorsten Altenkirch, Simon Boulier, Ambrus Kaposi, and Nicolas Tabareau. 2019. Setoid type theory - a syntactic translation.InMPC 2019 - 13th International Conference on Mathematics of Program Construction (LNCS), Vol. 11825. Springer, 155โ196.https://doi.org/10.1007/978-3-030-33636-3_7
25
1226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274
POPL, 2022, jsp Loรฏc Pujet and Nicolas Tabareau
Thorsten Altenkirch, Paolo Capriotti, and Nicolai Kraus. 2016. Extending Homotopy Type Theory with Strict Equality. InCSL.
Thorsten Altenkirch, Conor McBride, and Wouter Swierstra. 2007. Observational equality, now!. In Proceedings of theWorkshop on Programming Languages meets Program Verification (PLPV 2007). 57โ68.
Paolo Capriotti. 2017. Models of type theory with strict equality. Ph.D. Dissertation. University of Nottingham.Jesper Cockx, Nicolas Tabareau, and Thรฉo Winterhalter. 2021. The Taming of the Rew: A Type Theory with Computational
Assumptions. Proc. ACM Program. Lang. 5, POPL, Article 60 (Jan. 2021), 29 pages. https://doi.org/10.1145/3434341Cyril Cohen, Thierry Coquand, Simon Huber, and Anders Mรถrtberg. 2015. Cubical Type Theory: a constructive interpretation
of the univalence axiom. In 21st International Conference on Types for Proofs and Programs (21st International Conferenceon Types for Proofs and Programs). Schloss DagstuhlโLeibniz-Zentrum fuer Informatik, Tallinn, Estonia, 262. https://doi.org/10.4230/LIPIcs.TYPES.2015.5
Thierry Coquand, Simon Huber, and Anders Mรถrtberg. 2018. On Higher Inductive Types in Cubical Type Theory. InProceedings of the 33rd Annual ACM/IEEE Symposium on Logic in Computer Science (Oxford, United Kingdom) (LICS โ18).Association for Computing Machinery, New York, NY, USA, 255โ264. https://doi.org/10.1145/3209108.3209197
Peter Dybjer. 1996. Internal type theory. In Types for Proofs and Programs, Stefano Berardi and Mario Coppo (Eds.). SpringerBerlin Heidelberg, Berlin, Heidelberg, 120โ134.
Gaรซtan Gilbert, Jesper Cockx, Matthieu Sozeau, and Nicolas Tabareau. 2019. Definitional Proof-Irrelevance without K.Proceedings of the ACM on Programming Languages 3 (Jan. 2019), 1โ28. https://doi.org/10.1145/329031610.1145/3290316
Jean-Yves Girard. 1972. Interprรฉtation fonctionnelle et รฉlimination des coupures dans lโarithmรฉtique dโordre supรฉrieur.(1972). Thรจse de Doctorat dโรtat, Universitรฉ de Paris VII.
Martin Hofmann. 1993. Non Strictly Positive Datatypes in System F. Email on the Types mailing list. http://www.seas.upenn.edu/~sweirich/types/archive/1993/msg00027.html
Martin Hofmann. 1995. Extensional concepts in intensional type theory. Ph.D. Dissertation. University of Edinburgh.Chris Kapulkin and Peter LeFanu Lumsdaine. 2018. The simplicial model of Univalent Foundations (after Voevodsky). (2018).
arXiv:1211.2851 [math.LO]Meven Lennon-Bertrand. 2021. Complete Bidirectional Typing for the Calculus of Inductive Constructions. In 12th
International Conference on Interactive Theorem Proving (ITP 2021) (Leibniz International Proceedings in Informatics(LIPIcs)), Liron Cohen and Cezary Kaliszyk (Eds.), Vol. 193. Schloss Dagstuhl โ Leibniz-Zentrum fรผr Informatik. https://doi.org/10.4230/LIPIcs.ITP.2021.24
Per Martin-Lรถf. 1975. An Intuitionistic Theory of Types: Predicative Part. In Logic Colloquium โ73, H.E. Rose and J.C.Shepherdson (Eds.). Studies in Logic and the Foundations of Mathematics, Vol. 80. Elsevier, 73 โ 118. https://doi.org/10.1016/S0049-237X(08)71945-1
Jonathan Sterling, Carlo Angiuli, and Daniel Gratzer. 2019. Cubical Syntax for Reflection-Free Extensional Equality. In4th International Conference on Formal Structures for Computation and Deduction (FSCD 2019) (Leibniz InternationalProceedings in Informatics (LIPIcs)), Herman Geuvers (Ed.), Vol. 131. Schloss DagstuhlโLeibniz-Zentrum fuer Informatik,Dagstuhl, Germany, 31:1โ31:25. https://doi.org/10.4230/LIPIcs.FSCD.2019.31
Andrew Swan. 2016. An algebraic weak factorisation system on 01-substitution sets: a constructive proof. Journal of Logicand Analysis (2016). https://doi.org/10.4115/jla.2016.8.1
The Univalent Foundations Program. 2013. Homotopy Type Theory: Univalent Foundations of Mathematics. Institute forAdvanced Study.
Andrea Vezzosi, Anders Mรถrtberg, and Andreas Abel. 2019. Cubical Agda: A Dependently Typed Programming Languagewith Univalence and Higher Inductive Types. Proc. ACM Program. Lang. 3, ICFP, Article 87 (July 2019), 29 pages.https://doi.org/10.1145/3341691
Vladimir Voevodsky. 2013. A simple type system with two identity types. https://ncatlab.org/homotopytypetheory/files/HTS.pdf
Vladimir Voevodsky. 2015. A C-system defined by a universe category. Theory Appl. Categ. 30 (2015), No. 37, 1181โ1215.http://www.tac.mta.ca/tac/volumes/30/37/30-37abs.html
26