A Case Study on Logical Relations using Contextual Types

Proofs by logical relations play a key role to establish rich properties such as normalization or contextual equivalence. They are also challenging to mechanize. In this paper, we describe the completeness proof of algorithmic equality for simply typed lambda-terms by Crary where we reason about logically equivalent terms in the proof environment Beluga. There are three key aspects we rely upon: 1) we encode lambda-terms together with their operational semantics and algorithmic equality using higher-order abstract syntax 2) we directly encode the corresponding logical equivalence of well-typed lambda-terms using recursive types and higher-order functions 3) we exploit Beluga's support for contexts and the equational theory of simultaneous substitutions. This leads to a direct and compact mechanization, demonstrating Beluga's strength at formalizing logical relations proofs.Comment: In Proceedings LFMTP 2015, arXiv:1507.0759

An Open Challenge Problem Repository for Systems Supporting Binders

A variety of logical frameworks support the use of higher-order abstract syntax in representing formal systems; however, each system has its own set of benchmarks. Even worse, general proof assistants that provide special libraries for dealing with binders offer a very limited evaluation of such libraries, and the examples given often do not exercise and stress-test key aspects that arise in the presence of binders. In this paper we design an open repository ORBI (Open challenge problem Repository for systems supporting reasoning with BInders). We believe the field of reasoning about languages with binders has matured, and a common set of benchmarks provides an important basis for evaluation and qualitative comparison of different systems and libraries that support binders, and it will help to advance the field.Comment: In Proceedings LFMTP 2015, arXiv:1507.0759

A Two-Level Logic Approach to Reasoning about Typed Specification Languages

International audienceThe two-level logic approach (2LL) to reasoning about computational specifications, as implemented by the Abella theorem prover, represents derivations of a specification language as an inductive definition in a reasoning logic. This approach has traditionally been formulated with the specification and reasoning logics having the same type system, and only the formulas being translated. However, requiring identical type systems limits the approach in two important ways: (1) every change in the specification language's type system requires a corresponding change in that of the reasoning logic, and (2) the same reasoning logic cannot be used with two specification languages at once if they have incompatible type systems. We propose a technique based on adequate encodings of the types and judgements of a typed specification language in terms of a simply typed higher-order logic program, which is then used for reasoning about the specification language in the usual 2LL. Moreover, a single specification logic implementation can be used as a basis for a number of other specification languages just by varying the encoding. We illustrate our technique with an implementation of the LF dependent type theory as a new specification language for Abella, co-existing with its current simply typed higher-order hereditary Harrop specification logic, without modifying the type system of its reasoning logic

Well-Founded Recursion over Contextual Objects

We present a core programming language that supports writing well-founded structurally recursive functions using simultaneous pattern matching on contextual LF objects and contexts. The main technical tool is a coverage checking algorithm that also generates valid recursive calls. To establish consistency, we define a call-by-value small-step semantics and prove that every well-typed program terminates using a reducibility semantics. Based on the presented methodology we have implemented a totality checker as part of the programming and proof environment Beluga where it can be used to establish that a total Beluga program corresponds to a proof

Semi-Automation of Meta-Theoretic Proofs in Beluga

We present a sound and complete focusing calculus for the core of the logic behind the proof assistant Beluga as well as an overview of its implementation as a tactic in Beluga's interactive proof environment Harpoon. The focusing calculus is designed to construct uniform proofs over contextual LF and its meta-logic in Beluga: a dependently-typed first-order logic with recursive definitions. The implemented tactic is intended to complete straightforward sub-cases in proofs allowing users to focus only on the interesting aspects of their proofs, leaving tedious simple cases to Beluga's theorem prover. We demonstrate the effectiveness of our work by using the tactic to simplify proving weak-head normalization for the simply-typed lambda-calculus.Comment: In Proceedings LFMTP 2023, arXiv:2311.0991

Polymorphic Context for Contextual Modality

Through the Curry-Howard isomorphism between logics and calculi, necessity modality in logic is interpreted as types representing program code. Particularly, \lamcirc, which was proposed in influential work by Davies, and its successors have been widely used as a logical foundation for syntactic meta-programming. However, it is less known how to extend calculi based on modal type theory to handle more practical operations including manipulation of variable binding structures. This paper constructs such a modal type theory in two steps. First, we reconstruct contextual modal type theory by Nanevski, et al.\ as a Fitch-style system, which introduces hypothetical judgment with hierarchical context. The resulting type theory, \multilayer contextual modal type theory \fcmtt, is generalized to accommodate not only S4 but also K, T, and K4 modalities, and proven to enjoy many desired properties. Second, we extend \fcmtt with polymorphic context, which is an internalization of contextual weakening, to obtain a novel modal type theory \envpoly. Despite the fact that it came from observation in logic, polymorphic context allows both binding manipulation and hygienic code generation. We claim this by showing a sound translation from \lamcirc to \envpoly

Contextual Refinement Types

We develop an extension of the proof environment Beluga with datasort refinement types and study its impact on mechanized proofs. In particular, we introduce refinement schemas, which provide fine-grained classification for the structures of contexts and binders. Refinement schemas are helpful in concisely representing certain proofs that rely on relations between contexts. Our formulation of refinements combines the type checking and sort checking phases into one by viewing typing derivations as outputs of sorting derivations. This allows us to cleanly state and prove the conservativity of our extension.Comment: In Proceedings LFMTP 2023, arXiv:2311.0991

Lincx: A Linear Logical Framework with First-class Contexts

Linear logic provides an elegant framework for modelling stateful, imperative and con- current systems by viewing a context of assumptions as a set of resources. However, mech- anizing the meta-theory of such systems remains a challenge, as we need to manage and reason about mixed contexts of linear and intuitionistic assumptions. We present Lincx, a contextual linear logical framework with first-class mixed contexts. Lincx allows us to model (linear) abstract syntax trees as syntactic structures that may depend on intuitionistic and linear assumptions. It can also serve as a foundation for reasoning about such structures. Lincx extends the linear logical framework LLF with first-class (linear) contexts and an equational theory of context joins that can otherwise be very tedious and intricate to develop. This work may be also viewed as a generalization of contextual LF that supports both intuitionistic and linear variables, functions, and assumptions. We describe a decidable type-theoretic foundation for Lincx that only characterizes canonical forms and show that our equational theory of context joins is associative and commu- tative. Finally, we outline how Lincx may serve as a practical foundation for mechanizing the meta-theory of stateful systems.La logique linéaire represente une structure élégante pour modeler des systèmes im- pératifs, concurrents et avec des systèmes a états, en représentant un contexte d'hypothèses comme une collection de ressources. Cependant, la mécanisation de la métathéorie de ces systèmes demeure un défi, puisque nous devons gérer et raisonner à propos de contextes d'hypothèses mixtes linéaires et intuitionistiques. Nous présentons Lincx, une structure logique linéaire et contextuelle avec des contextes mixtes de première classe. Lincx nous permet d'établir des modèles (linéaires) d'arbres de syntaxe abstraits en tant que structures syntactiques qui peuvent dependre d'hypothèses intuitionistiques et linéaires. Lincx peut également servir de fondation pour raisonner à propos de telles structures. Lincx étend la structure logique linéaire LLF avec des contextes (linéaires) de premier ordre et une théorie d'equations d'assemblage de contextes qui peut autrement être très fastidieux et complexe à développer. Cet oeuvre peut également être perçu comme une généralisation du LF contextuel qui supporte les fonctions, les hypothéses et les variables intuitionistiques et linéaires. Nous décrivons une fondation de la théorie des types décidable pour Lincx qui ne décrit que les formes canoniques et montrons que notre theorie d'équations d'assemblage de contextes est associative et commutative. Finalement, nous donnons un aperçu de comment Lincx peut servir de fondation pratique pour la mécanisation de la métathéorie de systèmes à états