Models and termination of proof reduction in the λ\lambdaΠ\Pi-calculus modulo theory

We define a notion of model for the $\lambda$$\Pi$-calculus modulo theory and prove a soundness theorem. We then define a notion of super-consistency and prove that proof reduction terminates in the $\lambda$$\Pi$-calculus modulo any super-consistent theory. We prove this way the termination of proof reduction in several theories including Simple type theory and the Calculus of constructions

Decidability of Conversion for Type Theory in Type Theory

Type theory should be able to handle its own meta-theory, both to justify its foundational claims and to obtain a verified implementation. At the core of a type checker for intensional type theory lies an algorithm to check equality of types, or in other words, to check whether two types are convertible. We have formalized in Agda a practical conversion checking algorithm for a dependent type theory with one universe \ue0 la Russell, natural numbers, and η-equality for Π types. We prove the algorithm correct via a Kripke logical relation parameterized by a suitable notion of equivalence of terms. We then instantiate the parameterized fundamental lemma twice: once to obtain canonicity and injectivity of type formers, and once again to prove the completeness of the algorithm. Our proof relies on inductive-recursive definitions, but not on the uniqueness of identity proofs. Thus, it is valid in variants of intensional Martin-L\uf6f Type Theory as long as they support induction-recursion, for instance, Extensional, Observational, or Homotopy Type Theory

Models and termination of proof reduction in the λΠ-calculus modulo theory

We define a notion of model for the λΠ-calculus modulo theory and prove a soundness theorem. We then define a notion of super-consistency and prove that proof reduction terminates in the λΠ-calculus modulo any super-consistent theory. We prove this way the termination of proof reduction in several theories including Simple type theory and the Calculus of constructions

POPLMark reloaded: Mechanizing proofs by logical relations

We propose a new collection of benchmark problems in mechanizing the metatheory of programming languages, in order to compare and push the state of the art of proof assistants. In particular, we focus on proofs using logical relations (LRs) and propose establishing strong normalization of a simply typed calculus with a proof by Kripke-style LRs as a benchmark. We give a modern view of this well-understood problem by formulating our LR on well-typed terms. Using this case study, we share some of the lessons learned tackling this problem in different dependently typed proof environments. In particular, we consider the mechanization in Beluga, a proof environment that supports higher-order abstract syntax encodings and contrast it to the development and strategies used in general-purpose proof assistants such as Coq and Agda. The goal of this paper is to engage the community in discussions on what support in proof environments is needed to truly bring mechanized metatheory to the masses and engage said community in the crafting of future benchmarks

Verifiable certificates for predicate subtyping

Adding predicate subtyping to higher-order logic yields a very expressive language in which type-checking is undecidable, making the definition of a system of verifiable certificates challenging. This work presents a solution to this issue with a minimal formalization of predicate subtyping, named PVS-Core, together with a system of verifiable certificates for PVS-Core, named PVS-Cert. PVS-Cert is based on the introduction of proof terms and explicit coercions. Its design is similar to that of PTSs with dependent pairs, at the exception of the definition of conversion, which is based on a specific notion of reduction → β * , corresponding to β-reduction combined with the erasure of coercions. The use of this reduction instead of the more standard reduction → βσ allows to establish a simple correspondence between PVS-Core and PVS-Cert. On the other hand, a type-checking algorithm is designed for PVS-Cert, built on proofs of type preservation of → βσ and strong normalization of both → βσ and → β *. Using these results, PVS-Cert judgements are used as verifiable certificates for predicate subtyping. In addition, the reduction → βσ is used to define a cut elimination procedure adapted to predicate subtyping. Its use to study the properties of predicate subtyp-ing is illustrated with a proof of consistency

A short and flexible proof of Strong Normalization for the Calculus of Constructions

this paper can still go through (with slightly more technical effort) in case one can distinguish cases according to whether a specific subterm is a type or kind in a fixed context. The other property of type systems that is really actually required for the constructions in this paper to go through is a slight strengthening of the Stripping property (also called Generation). This property says, for example, that if \Gamma ` v:T:M : U has a derivation D, then one can find a subderivation o

On Induction, Coinduction and Equality in Martin-L\uf6f and Homotopy Type Theory

Martin L\uf6f Type Theory, having put computation at the center of logicalreasoning, has been shown to be an effective foundation for proof assistants,with applications both in computer science and constructive mathematics. Oneambition though is for MLTT to also double as a practical general purposeprogramming language. Datatypes in type theory come with an induction orcoinduction principle which gives a precise and concise specification of theirinterface. However, such principles can interfere with how we would like toexpress our programs. In this thesis, we investigate more flexible alternativesto direct uses of the (co)induction principles.As a first contribution, we consider the n-truncation of a type in Homo-topy Type Theory. We derive in HoTT an eliminator into (n+1)-truncatedtypes instead of n-truncated ones, assuming extra conditions on the underlyingfunction.As a second contribution, we improve on type-based criteria for terminationand productivity. By augmenting the types with well-foundedness information,such criteria allow function definitions in a style closer to general recursion.We consider two criteria: guarded types, and sized types.Guarded types introduce a modality ”later” to guard the availability ofrecursive calls provided by a general fixed-point combinator. In Guarded Cu-bical Type Theory we equip the fixed-point combinator with a propositionalequality to its one-step unfolding, instead of a definitional equality that wouldbreak normalization. The notion of path from Cubical Type Theory allows usto do so without losing canonicity or decidability of conversion.Sized types, on the other hand, explicitly index datatypes with size boundson the height or depth of their elements. The sizes however can get in theway of the reasoning principles we expect. Our approach is to introduce newquantifiers for ”irrelevant” size quantification. We present a type theory withparametric quantifiers where irrelevance arises as a “free theorem”. We alsodevelop a conversion checking algorithm for a more specific theory where thenew quantifiers are restricted to sizes.Finally, our third contribution is about the operational semantics of typetheory. For the extensions above we would like to devise a practical conversionchecking algorithm suitable for integration into a proof assistant. We formal-ized the correctness of such an algorithm for a small but challenging corecalculus, proving that conversion is decidable. We expect this development toform a good basis to verify more complex theories.The ideas discussed in this thesis are already influencing the developmentof Agda, a proof assistant based on type theory