Jun 17, 2009

Math « Luke Palmer

http://lukepalmer.wordpress.com/category/math/

Recursive Types in IΞ

In the last IΞ post, I introduced the calculus and sketched the construction of some standard mathematical objects. In this post, I will dive a little deeper and construct of all the positive recursive types. The proof will be in an informal style (in particular, omitting the H constraints), but I have little doubt that the proof will go through.

Only a superficial familiarity with IΞ is needed to understand this proof; I adopt a set-theoretic style notation, so the proof should be approachable. Here’s a quick refresher of the primitives of IΞ.

• Membership is application, so when I write $x \in A$, this is translated into IΞ as $A x$. Thus sets, unary predicates, and types are all the same thing.
• Because membership and application are identified, universal quantification and the subset relation are also. $\Xi A B$ means “A is a subset of B”, or “x in A implies x in B”. In particular, the pattern $\Xi A (\lambda a. P a)$ can be interpreted as “for every a in A, P a”.
• L is the set of all sets (whose existence does not lead to a contradiction in this system!). I will give its definition at the end of the article.
• Other symbols have their usual interpretation, and I’ll include an appendix which gives them all precise definitions at the end.

Definition: A function $F : L \mapsto L$ is called monotone if $A \subseteq B \Rightarrow F A \subseteq F B$.

Intuitively, the monotone functions correspond roughly to the functors in Haskell; they use their parameter in a positive way (appear to the left of an even number of arrows).

Definition: The type recursion combinator μ is defined as: $x \in \mu F = \forall P\!\in\!L.\, F P \subseteq P \Rightarrow x \in P$.

We are allowed to define things simply by giving a condition for membership like this. Formally, this definition starts out: $\mu = \lambda F. \lambda x. \Xi L (\lambda P. \dots)$

This definition intuitively says, x is in μ F if x is in every type closed under F. We will see that this definition corresponds to a type recursion combinator.

Lemma 1: If F is monotone, then $F (\mu F) \subseteq \mu F$.

Proof. Given $x \in F (\mu F)$; show $x \in \mu F$. Expanding the definition of μ above:

Given $P \in L, F P \subseteq P$; show $x \in P$.

Observe $\mu F \subseteq P$: Suppose $y \in \mu F$, show $y \in P$. Since $y \in \mu F$, we have $\forall P'\!\in\!L.\, F P' \subseteq P' \Rightarrow y \in P'$ by definition of μ. Letting $P' = P$, we have $F P \subseteq P$ from above, so $y \in P$.

Therefore, $x \in F (\mu F) \subseteq F P \subseteq P$ (by the monotonicity of F and $\mu F \subseteq P$). QED.

Now for the easy direction:

Lemma 2: If F is monotone, then $\mu F \subseteq F (\mu F)$.

Proof. Given $x \in \mu F$; show $x \in F (\mu F)$.

By the definition of μ, we have $\forall P\!\in\!L.\, F P \subseteq P \Rightarrow x \in P$. Let $P = F (\mu F)$. We have $F P = F (F (\mu F)) \subseteq F (\mu F) = P$ by monotonicity of F and Lemma 1, therefore $x \in P = F (\mu F)$. QED.

Which leads us to the recursion equation.

Theorem: If F is monotone, $\mu F = F (\mu F)$. (Proof trivial by the two lemmas)

I’m using set equality here, i.e. mutual containment, which is probably a bit weaker than Leibniz equality. It is obvious from the definition that this fixed point is minimal.

Monotonicity is easy to prove for any of the standard positive types (products, coproducts, functions). So we can model a good variety of Haskell data types already; however these are standard inductive (least fixed point) types, no infinite structures allowed. I’m still working on the encoding and analogous proofs for ν (greatest fixed point), which is closer to Haskell.

Hopefully I’ll be able to port many libraries (maybe after a few totality annotations) without having to worry about partiality. But there are more pressing matters, such as finishing my interactive proof assistant for IΞ.

Definitions

• $\text{True} = \Xi H H$, the True proposition.
• $K x y = x$, the constant function.
• $U = K \text{True}$, the set of all objects.
• $(f \circ g) x = f (g x)$, function composition.
• $(a \mapsto b) f = \Xi a (b \circ f)$, the set of functions from a to b.
• $L = U \mapsto H$, the set of all sets.
• $a \Rightarrow b = \Xi (Ka) (Kb)$, implication.
• $\Lambda f x = \Xi L (\lambda t. f t x)$, universal quantification of types (like forall in Haskell)
• $a \times b = \Lambda (\lambda r. (a \mapsto b \mapsto r) \mapsto r)$, product type.
• $a \oplus b = \Lambda (\lambda r. (a \mapsto r) \mapsto (b \mapsto r) \mapsto r)$, coproduct type.

Written by Luke

June 6, 2009 at 5:19 am

Posted in Code, Dana, Math, ixi

Some Constructions in IΞ

Over the past couple months, I have been attempting to find a language to use as a core calculus for Dana, as anyone who follows this blog knows. I have been slowly converging on IΞ for its elegance and simplicity. It turns out to be very powerful, capable of modeling many structures while avoiding many of the paradoxes typically involved with those structures. In this post, I give an exposition of IΞ and construct some common structures.

The main idea is to use lambda calculus for all of our symbol manipulation needs, adding a constant Ξ for quantification. “Types” are unary predicates, so membership is application. For example, “Nat 0″ is a proposition saying that 0 has type Nat (where 0 and Nat are given previous definitions somewhere).

ΞXY means “forall x, if X x, then Y x”, or, if you think of predicates as sets, simply “X is a subset of Y”. So if we have types Nat and Bool, we can say that f has type Nat → Bool with “ΞNat(\x. Bool (f x))”, read “forall x in Nat, f x is in Bool”. Very direct, is it not?

System I

Interpreting these meanings directly, we arrive at Curry’s System I, whose rules follow. A proposition (sequent) has the form “Γ |- X”, which has the interpretation “assuming Γ, X is provable”.

Γ |- X   ⇐  X ∈ Γ Γ |- Y   ⇐  Γ |- X  ;  X is βη convertible with Y Γ |- YZ  ⇐  Γ |- XZ  ;  Γ |- ΞXY Γ |- ΞXY ⇐  Γ,Xa |- Ya  ;  a does not occur free in X,Y,Γ

I have stated the rules as “to prove X, you need to prove Y”, because that’s kinda how my brain works. Take a moment to internalize them. They are obvious given the above intuitions, and shouldn’t be hard to read.

On top of this, we can build propositional calculus. Define “K = \x. \y. x”, and write “X ⇒ Y” as shorthand for “Ξ(KX)(KY)”. This system has the properties you would expect of a simple propositional calculus.

Sadly, this system is inconsistent. We can prove any proposition X:

  Let Y = (\x. x x ⇒ X) (\x. x x ⇒ X)   Observe that Y = Y ⇒ X.   [1] Y |- Y   [2] Y |- Y ⇒ X   [3] Y |- X      -- modus ponens on [1],[2]   [4] |- Y ⇒ X   [5] |- Y   [6] |- X        -- modus ponens on [4],[5]

Martin Bunder had a brilliant idea to block this paradox, and also many others, which brings us to the object of my infatuation:

System IΞ

The crucial step above was [3]-[4], where we abstracted over the infinite proposition “((… ⇒ X) ⇒ X) ⇒ X”. The way we will block this is to only allow abstraction over finite propositions. Introduce a new symbol, H, such that HX means “X is a finite proposition” (or simply “X is a proposition”). We will derive finiteness from the finiteness of proofs: to prove HX, we first have to prove H of each component of X. Our system becomes (the new additions are in bold):

Γ |- X      ⇐  X ∈ Γ Γ |- Y      ⇐  Γ |- X  ;  X is βη convertible with Y Γ |- YZ     ⇐  Γ |- XZ  ;  Γ |- ΞXY Γ |- ΞXY    ⇐  Γ |- H(Xa)  ;  Γ,Xa |- Ya     ;  a does not occur free in X,Y,Γ Γ |- H(ΞXY) ⇐  Γ |- H(Xa)  ;  Γ,Xa |- H(Ya)  ;  a does not occur free in X,Y,Γ Γ |- H(HX)

The final rule is an axiom, simply saying that “X is a proposition” is always a proposition.

Constructing the Naturals

Now I will embark on constructing the type of naturals. Since types are predicates, I also need to come up with a representation for naturals. It turns out that it doesn’t matter what representation I use, as long as it has zero and a 1-1 successor function. For the sake of discussion, let’s use the Church encoding.

  0 = \f. \x. x   S n = \f. \x. f (n f x)

So a natural is an iteration function. For example, the number 3 iterates a function 3 times on its argument: 3 f x = f (f (f x)).

Coming up with a way to classify all of these, but not any others (such as infinity f x = f (f (f (f (f ...))))), was quite a challenge. You might try to classify these function on the property that they are an iteration function, but any sensible method of doing that ends up including infinity. I began thinking that IΞ was not strong enough, and looking for ways to enrich it by adding more axioms.

Fortunately, no new axioms are necessary! The encoding is obvious in retrospect. What is the first thing a mathematician thinks when you talk about the naturals: induction! Let’s define a natural as any object which you can do induction (with 0 and S) over.

To make this readable, we need to introduce a few more symbols:

    f . g = \x. f (g x)   -- composition     A → B = \f. ΞA(B . f)   -- the type of functions from A to B     True = ΞHH    -- the true proposition     U = K True    -- the type of all objects (mnemonic: universe)     L = U → H  -- the type of predicates/types

Now, for the naturals:

    Nat x = ΞL(\p. p 0  ⇒  ΞU(\n. p n ⇒ p (S n))  ⇒  p x)

Reading this in English: “x is a Natural if, for all predicates p, if p 0, and p n implies p (S n), then p x”. In other words, x is a natural if you can do induction up to it.

Exercise: prove |- Nat 0 and |- (Nat → Nat) S. Note that this can be done independent of our definitions of 0 and S.

More Inductive Constructions

Using this scheme, we can construct all sorts of things. For example, equality:

    Eq x y = ΞL(\p. p x ⇒ p y)

Lists:

    nil = \n. \c. n     cons x xs = \n. \c. c x xs     List a x = ΞL(\p. p nil  ⇒  ΞU(\ys. p ys ⇒ Ξa(\y. p (cons y ys)))  ⇒  p x)

There is a classic paradox involving the inductive type Set = Set → H, which is definable using this scheme:

    Set x = ΞL(\p. Ξ(p → H)p ⇒ p x)

However, as I tried to prove the inconsistency, I was blocked by the H rules. This gives me hope.

Coinductive Constructions

It is also possible to construct coinductive types. Here are the “conaturals”, the naturals with infinity. We can’t use the constructor definition anymore; coinductive types are all about projections. So the conaturals have only one projection, onto a disjunction. So to eliminate a conatural n, you pass it what to do if n = 0, and what to do with n’ if n = S n’. For example, to check if a conatural is zero, you can use n True (K False).

   CoNat x = ΞL(\p. Ξp(\y. y True p) ⇒ p x)

In English: x is a conatural if for all predicates p, if p y implies y True p, then p x. y True p can be interpreted as y = 0 or y = S n and p n.

Isn’t IΞ cool? Simple, obvious, but powerful enough to model a wide class of data (and codata). The thing I like best about it is that it is untyped at its core. Functions are just pure lambda calculus functions that we are “later” proving properties about. Type erasure comes for free (well, sortof: encoding dependent types into this system will end up passing types as parameters at runtime, even though they are never used).

Future Concerns

Bunder proved his version of IΞ consistent and complete. But the rules I gave, and that I have been using, are not his, and in fact are more powerful than his. This makes it possible that my rules are inconsistent. My system can prove LL, while his cannot. This worries me, because LL in the typical interpretation means “Type : Type”, which gives rise to the Burali-Forti paradox. However, even though I was able to encode the infrastructure for Russell’s paradox, I was unable to complete the proof because of the H rules. Maybe the same thing will happen?

I’m spending a bit of time trying to understand the Burali-Forti paradox that gives rise to the inconsistency in Girard’s System U, so that I can try to carry it out in IΞ. If IΞ does turn out to be inconsistent, I am not worried. A few universe restrictions here and there (i.e. leave U unspecified, rather than defining as K T) should do the trick, at the expense of some convenience and beauty.

Also, since I intend to compile Haskell to IΞ, I need to talk about partiality somehow (eg. prove that if a function terminates, it has this type). This has been giving me trouble, but in a good way. I found that I don’t really understand how bottoms behave, and how to talk about them without implying their semantics. I’m confident there is a way, though, maybe after adding a few axioms as a compromise. But I need to think hard and understand bottoms better, so I know what ought to be true, before I try to prove them or add them as axioms.

Written by Luke

April 12, 2009 at 1:14 pm

Posted in Code, Dana, Math, ixi