Applications of Foundational Proof Certificates in theorem proving par M. Roberto Blanco Martínez Thèse de doctorat de l’ préparée à Spécialité de doctorat: Informatique École doctorale no 580 Sciences et technologies de l’information et de la communication nnt: XXX Thèse présentée et soutenue à Palaiseau, le XX décembre 2017 Composition du Jury: Mme Laura Kovács Professeure des universités Rapporteuse Technische Universität Wien & Chalmers tekniska högskola M. Dale Miller Directeur de recherche Directeur de thèse Inria & LIX/École polytechnique M. Claudio Sacerdoti Coen Professeur des universités Rapporteur Alma Mater Studiorum - Università di Bologna D D E E F F Applications of Foundational Proof Certificates in theorem proving For Jason. Contents Contents v List of figures ix Preface xiii 1 Introduction 1 I Logical foundations 7 2 Structural proof theory 9 2.1 Concept of proof . .9 2.2 Evolution of proof theory . 10 2.3 Classical and intuitionistic logics . 12 2.4 Sequent calculus . 13 2.5 Focusing . 20 2.6 Soundness and completeness . 25 2.7 Notes . 26 3 Foundational Proof Certificates 29 3.1 Proof as trusted communication . 29 3.2 Augmented sequent calculus . 32 3.3 Running example: CNF decision procedure . 38 3.4 Running example: oracle strings . 39 3.5 Running example: decide depth . 41 3.6 Running example: binary resolution . 42 3.7 Checkers, kernels, clients and certificates . 45 3.8 Notes . 48 v vi contents II Logics without fixed points 53 4 Logic programming in intuitionistic logic 55 4.1 Logic and computation . 55 4.2 Logic programming . 56 4.3 λProlog . 59 4.4 FPC kernels . 63 4.5 Notes . 67 5 Certificate pairing 69 5.1 Implicit and explicit versions of proof . 69 5.2 Pairing of FPCs . 71 5.3 Elaboration and distillation . 75 5.4 Maximally explicit FPCs . 76 5.5 Experiments . 79 5.6 Notes . 80 6 Determinate checkers 83 6.1 Trust and determinate FPCs . 83 6.2 Functional checkers in OCaml . 86 6.3 Verified checkers in Coq . 90 6.4 Extraction of verified checkers . 97 6.5 FPCs by reflection in Coq . 98 6.6 Notes . 99 7 Unsatisfiability certificates 103 7.1 Boolean satisfiability . 103 7.2 Redundancy properties and shallow certificates . 105 7.3 Resolution FPCs and traces . 110 7.4 Unsatisfiability FPCs with cut . 117 7.5 Cut-free unsatisfiability FPCs . 120 7.6 Notes . 122 8 Certification of theorem provers 125 8.1 Towards FPCs in the large . 125 8.2 The automated theorem prover Prover9 . 127 8.3 Resolution certificate elaboration . 129 8.4 Certification workflow . 133 contents vii 8.5 Analysis of results . 137 8.6 The next 700 certificate formats . 143 8.7 Notes . 144 III Logics with fixed points 147 9 Fixed points in logic 149 9.1 Fixed points and equality as logical connectives . 149 9.2 Focused sequent calculus . 152 9.3 Augmentations and kernels . 155 9.4 Nominal abstraction . 163 9.5 Notes . 165 10 Proof search with fixed points 167 10.1 Automating logic . 167 10.2 Abella . 169 10.3 FPC kernels . 172 10.4 Examples . 184 10.5 Notes . 184 11 Proof outlines 189 11.1 Frege proofs . 189 11.2 Case study . 190 11.3 Certificate design . 192 11.4 Logic support . 196 11.5 Certificate families: simple outlines . 201 11.6 Certificate families: administrative outlines . 209 11.7 Experiments . 216 11.8 Notes . 222 12 Property-based testing 225 12.1 A model theory vision of proof theory . 225 12.2 Standard property-based testing . 226 12.3 Treating metatheoretical properties . 229 12.4 Disproof outlines . 231 12.5 Hosted PBT in λProlog . 241 12.6 Native PBT in Abella . 249 viii contents 12.7 Notes . 253 13 Certificate integration in a proof assistant 257 13.1 Abella architecture . 257 13.2 Extended unification . 259 13.3 Certifying tactics in Abella . 268 13.4 Connection between Abella and the kernel . 273 13.5 Clerks and experts as specifications . 276 13.6 Notes . 279 Afterword 281 Bibliography 283 List of figures 2.1 The two-sided LK proof system . 15 2.2 The multiplicative two-sided LK proof system . 16 2.3 The one-sided LK proof system . 18 2.4 The LKF proof system . 21 3.1 The LKF a proof system . 34 3.2 The CNF decision procedure FPC . 39 3.3 The oracle string FPC . 40 3.4 The decide depth FPC . 42 3.5 The binary resolution FPC . 46 3.6 The binary resolution FPC (cont.) . 47 4.1 Addition of natural numbers as Horn clauses . 58 4.2 Addition of natural numbers in λProlog . 61 4.3 The LKF a kernel in λProlog . 64 4.4 The LKF a kernel in λProlog (cont.) . 65 5.1 The pairing FPC . 73 5.2 The maximally elaborate FPC . 77 6.1 A determinate FPC with first-order unification . 85 6.2 The MaxChecker kernel in OCaml . 88 6.3 The MaxChecker FPC interface in OCaml . 89 6.4 The maximally elaborate FPC in OCaml . 89 6.5 The MaxChecker kernel and FPC in Coq . 92 6.6 The MaxChecker kernel and FPC in Coq (cont.) . 93 7.1 The DIMACS CNF formula format . 106 7.2 The RUP UNSAT certificate format . 107 ix x listoffigures 7.3 The DRUP UNSAT certificate format . 109 7.4 The DRAT UNSAT certificate format . 109 7.5 The lemma backbone proof pattern . 112 7.6 The TraceCheck UNSAT certificate format . 113 7.7 Hyperresolution proof step in LKF a ................ 116 8.1 The binary resolution FPC with factoring . 128 8.2 The ordered binary resolution FPC . 130 8.3 The ordered binary resolution FPC with substitutions . 131 8.4 The ordered binary resolution FPC with substitutions (cont.) . 132 8.5 Size complexity of resolution elaborations . 138 8.6 Time complexity of resolution elaborations (ELPI) . 139 8.7 Time complexity of resolution elaborations (Teyjus) . 140 9.1 Addition of natural numbers in µLJF ............... 150 9.2 The LJF proof system . 156 9.3 The µLJF proof system . 157 9.4 The LJF a proof system . 158 9.5 The LJF a proof system (cont.) . 159 9.6 The µLJF a proof system . 160 9.7 The µLJF a proof system (cont.) . 161 9.8 The LJF proof system with nabla . 165 10.1 µLJF in Abella . 173 10.2 Addition of natural numbers in µLJF ............... 174 10.3 The µLJF a kernel in Abella . 176 10.4 The µLJF a kernel in Abella (cont.) . 177 10.5 The µLJF a kernel in Abella (fin.) . 178 10.6 The FPC signature of µLJF a in Abella . 179 10.7 Polymorphic quantification in µLJF a in Abella . 181 10.8 The µLJF a kernel with nabla in Abella . 182 10.9 The µLJF a kernel with nabla in Abella (cont.) . 183 10.10The pairing FPC in Abella . 186 10.11The pairing FPC in Abella (cont.) . ..