3

This is slightly different from simple implication, as shown in this toy example.

Inductive R : nat -> nat -> Prop :=
  | Base1: R 0 1
  | Base2: R 0 2
  | Ind: forall n m,
    R n m -> R (n+1) (m+1).

Given this definition, we have three provable statements: R 2 3, R 3 5, and (R 2 3) -> (R 3 5). What I'm looking for is some way to formulate the following: "there does not exist a derivation path (i.e. a sequence of inductive constructor applications) that starts at R 2 3 and ends at R 3 5.

Is there a way to do this in Coq?

Matthew Gregoire
  • 45
  • 6
  • 1
    If you happen to have `R 3 5` as a hypothesis, you can "move back" in the implicit derivation path by using `inversion`, and observe that `R 2 3` does not appear. But in order to actually state this result I think you would need to explicitly define the notion of derivation path. – Ana Borges Oct 06 '21 at 11:01
  • Thanks, this makes sense. How could I go about defining a derivation path? I think this gets at the heart of the difficulty I'm having. Maybe another perspective on this question would be: "how do I express that one proposition *requires* use of another in its proof?" – Matthew Gregoire Oct 06 '21 at 14:43
  • “we have three provable statements: `R 2 3`, `R 3 5`, and `(R 2 3) -> (R 3 5)`.” Should the last 5 be a 4? – Maëlan Oct 07 '21 at 20:41
  • The point is that there isn't a derivation path between `R 2 3` and `R 3 5`, but the logical implication is still true. If you imagine proving this in Coq, this amounts to bringing `R 2 3` into your context but never using it, and then just proving `R 3 5` directly. – Matthew Gregoire Oct 11 '21 at 12:33
  • Ah I see now, apologies. – Maëlan Oct 13 '21 at 18:37

1 Answers1

2

Here is a suggestion for how you can define a derivation path. I don't know that this is the best way, but it's what I came up with.

Require Import List Lia.
Import ListNotations.

Inductive evidence :=
  | B1 : evidence
  | B2 : evidence
  | Step : nat -> nat -> evidence.

Inductive R : nat -> nat -> list evidence -> Prop :=
  | Base1 : R 0 1 [B1]
  | Base2 : R 0 2 [B2]
  | Ind : forall n m es, R n m es -> R (n+1) (m+1) (Step n m :: es).


Lemma R_B2 (n : nat) (es : list evidence) : R n (n + 2) es -> In B2 es.
Proof.
  generalize dependent n.
  induction es as [|e es' IHes'].
  - now intros Rnn2nil; inversion Rnn2nil.
  - intros n Rnn2.
    case es' as [| e' es''].
    + inversion Rnn2.
      * now left.
      * now inversion H2.
    + inversion Rnn2.
      right.
      apply (IHes' n0).
      now replace (n0 + 2) with m by lia.
Qed.

You can probably simplify this proof, and avoid lia if you want.

Ana Borges
  • 1,273
  • 7
  • 11
  • Very interesting, thank you! I hadn't considered baking the derivation path into `R` itself. At the very least, I now know it's possible. – Matthew Gregoire Oct 06 '21 at 23:12
  • Yes, I played a bit with defining the derivation path outside of R, but since we want it to have the same inductive properties as R, my original definition ended up being a copy. If having a "simple" R is important, you can have both definitions and then prove `R n m <-> exists es, R_ev n m es`, but every time `R` is used instead of `R_ev` you won't have access to these kind of evidence properties. – Ana Borges Oct 07 '21 at 08:00