This action might not be possible to undo. Are you sure you want to continue?
STUDIES IN PROOF THEORY
Managing Editors C.
CELLUCCI GIRARD
IN TUITIONISTIC TYPE THEORY
Notes 'by Giovanni Sambin of a series given in Padua, June i980
D.
PRAWITZ SCHWICHTENBERG
J..Y .
H.
0/ lectures
Advisory Editors P. AczEL C. BOHM
P. MARTINLOF . G .E. MINC
W. BUCHHOLZ E. ENGELER
S . FEFERMAN CH. GoAD
W.
POHLERS
W.
HOWARD G.HUET LEIVANT
D. SCOTT W. SIEG C. SMORYNSKI R. STATMAN
S . TAKASU G . TAKEUTI
D.
BIBLIOPOLIS
STUDIES IN PROOF THEOR Y
LECTURE NOTES
I .
CONTENTS
Introductory remarks Proposi tions and judgements " '
. 3 7 11 , . . . . . . . . . . . . . • . .. . . . . . . . . . .. . . .. . . .. .. . . . . 14 16 19 21 24 26 : ' ,' 31 32
I
\
Explanations of the form s of judgement Pr op ositions Rule s o f e q ua l i ty
Hypothetical judgements and s u b s t i t u t i o n rul e s Judgements wi t h more than one as sumption and contexts Sets and c a tego r i e s General remarks on the rule s Carte sian product of a family of s e t s Definitional equality App Lf ca t Lcns of the cartesian product ; _
Disj oint uni on of a family of sets ... . . •.... ..... . . .. . . .. . . . . .. . 39 Appli cations o f the ' disjoint uni on 42
The axiom of' choice ...•... • •.. ..... .. •.•.. .. . ..... ... . . . . .. . ... . 50 The notion of such that ... . . . . . . ... . ••. . . .. . . . .... .. ....... . .. .. 53
1
)
l
Di sjoint union of" two sets .. .... . .... . . .. ..... . . .. .. . • . . . . . .. '. .. 55 Propo s Ltional equali ty .•.. ... ... . ...... . . : . •.. . . .... . . . .. .. . .. . . 59
ISBN
8870881059 scienze » " , ,
©
1984 by « Bibliopolis, edizioni di Napoli, via Arangio Ruiz 83 , ';.. :,', "
All rights reserved, No part of'ihis>,1;;qp!i:,:ti,ay ' be reproduced , in any form or by any means without permission' inwriting from. the publisher Printed in I taly by « Grafitalia » Via Censi dell'Arco, 25 • Cercola (Napoli)
I i
I
Finite se ts Consistency .
"
, ,
65
'
. 69
Natural numbers •. •.• .. ...• .. ... .. . .. . ..... .. .. . . . ... .. . . ... . .. . . 71 Lists ; •.• • . . • • . . . . . . . . • . . . . . . • . . . . . . 77
t
I
Wellorderings ........ . ••..... . .. .. . .. • • • . . ......... ... . . .. .... . . 79 Uni verses .... • ... •. • . •' . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . 8 7
I
Preface These lectures were given in Padova at tha Laboratorio per Ricerche 'di Dinamica dei Sistemi e di Elettronica Biomedica the , Cons i g l i o Nazionale delle Ricerche during the month of June 1980. I am indebted to Dr'. , Enrico Pagello of that laboratory for the opportunity of so doing . The audience was made up by philosophers, mathematicians and computer scientists. Accordingly, I tried to say
I
t
1 , I
something which might be of
to each of these three cat
egories. Essentially the same lectures, albeit in a somewhat improved and more advanced form, were given later in the same year as part of the meeting on Konstruktive Mengenlehre und Typentheorie which was organized in Munich by Prof. Dr. Helmut Schwichtenberg, te whom I am indebted for the invitation, during the week 29 Sep 3 October 1980. The main improvement of the Munich .l e c t u r e s , as compared wi t h those given in Padova, was toe adoption of ·a systematic higher level (Ger. Stufe) notation which allows me to write simply
•
instead of
(Tl x
EO
I
Fl (A,B), L(A,B), W(A,B) , ),(b),
E(c,d), D(c,d,e), R(c ,d,e), T(c;d)
A)B(x), (L x e A)B(x) , (Wx e iI)B(x) , (AX)b(x),
E(c,(x,y)d(x,y», D(c,(x)d(x),(y)e(y»; R(c,d,(x,y)e(x,y» , T(c,(x,y,z)d(x,y,z», respectively. Moreover, the use, of higher level variables arid constants makes it possible to formulate the elimination and equality rules for the cartesian product in such a way that they follOw the
Moreover, the second of these, that is, the rule same ,pa t t e r n as the elimination and equality rules for all the other type forming operations. In their new formulation, these rules read c
C E
n (A,B)
in the same way as the rule
(Ax)Ap(c,x) E n(A,BJ
IT elimination
(y Lx ) E.
C E.
can be derived by means of the B(x) (x
oS
A»
n (A ,B)
F ( c " d)
6
cEI:(A,B) c = (p(c) ,q(c») E E (A,B) is.derived byway of example on p . 62 of the main text . Conversely ,
d(yl ' 6 cO.(y»
C( c )
,
. (x E A) b
(y(x)
E.
B(x) (x
6
E.
A»
l
!
the new elimination and equality rules can be derived from the old ones by making the definition F(c ,d)
=
d( (x)Ap(c ,x».
Cx )
6
B(x)
dey)
C(A(y»
·1
So, actually, they are equivalent. It only remains for me to thank Giovanni Sambin for having undertaken, at his own suggestion, the considerable work of writing and typing these notes, therebf making the lectures accessible to a wider aUdience. stockholm, January 1984, Pel' MartinLof
F(A,(b) ,d) respe ct.t vely. Here y is a bound function variable, F is a new non(eliminatory) operator by means of which the binary application operation can be defined, putting Ap(c,a) and y(x)
E.
I
1
j
I
==
F(c, (y)y(a»,
B(x) (x
E.
A) is an assumption, itself hypothetical, which provided c has
has been put within parentheses to indicate that it is being discharged. A program of the new form F(c,d) has value
A (b)
and deb) has value e. This rule for evaluating F(c,d)
reduces to the lazy evaluation rule for Ap(c,a) when the above definition is being made. Choosing C(z) to be B(a), thus independent of z, and d(y) to be y(a), the new eiimination rule reduces tp the old one and the new equality rule to the first of the two old equality
1

1 
Introductory remarks ,M t hema t i c a l logic and a have been interpreted in at relation between logic and mathematics three different ways:
(1) mathematical logic, as symbolic logic, or logic using mathe matical .ymbolism; (2) mathematical logic 'as foundations tor philosophy) of mathematics;
(3) mathematical logic as logic studied by mathematical methods,
as a branch of mathematics. ' We shall here mainly be interested in mathematical logic in the second sense. What shall do is also mathematical logic in the first sense, but certainly not in the third . 'The principal problem that remained afterP'rincipia Mathematica was completed was, according to its authors, that of justifying the axiom of reducibility (or, as we would now say, the impredicative comprehension axiom)'. The, ramified theory of types was predicative, but it was not sufficient for deriving even elementary parts of analysis . So axiom of reducibility was on the pragmatic ground that it was needed, although no .atisfactory justification (explanation) of it could be provided. The whole point of the ramification wa s , then lost , so that it might just as well be abolished. What then remained was the simple theory of types. Its official justification (Wittgenstein , rests on the interpretation of propositions as truth values and propositional functions (of one or several variables; as truth functions. The laws of the classical propositional logic are then clearly valid, and so are the quantifier laws , as long as quantifica tion is restricted to finite domains. However, it does not seem possible to make sense of quantification over infinite domains , like the
 2 
 3 domain of natural numbers, on this interpretation of the notions of proposition and propositional For this reason, afuong others, Here the , Propositions and Judgements
what we develop here is an intuitionistic theory of types ; which is also predicative (or 'ramified). It is free from the deficiency of Russell's ramified theory of types, as regards the possibility of developing elementary parts of mathematics, like the theory of ' r e a l numbers, because of the presence of the operation which allows us to form the cartesian product of ,a ny given family of sets, in particular, the set of all functions from one set to another. In two areas, at leasti our language to have advantages proposition In particular, ' t h e premisses and conclusion of judgements. , proposition (Ger. Satz) and assertion or judgement '( Ge r . Urteil) is essential.
What we combine by means of' the logical operations (.l::> & v V 3 ') , , , , " and hold to be true are propositions. When we hold a proposition to be true , we make a ment: '
over traditional foundational languages. First, ZermeloFraenkel set theory cannot adequately deal with the foundational problems of cat· egory theory, where the category of all sets, the category of all groups, the , category of functors from one such category to another etc. are considered. These problems coped with by means of the a logical inference are
The distinction between propositions and jUdgements was clear from Frege to Principia. These notions have later be formalistic notions of formula and theorem (in 1 en rep aced by the
distinction between sets and categories (in the logical or philosophical sense, not in the sense of category theory) which is made in intuitionistic type theory. Second, present logical symbolisms are inadequate as programming languages, which explains why computer scientists have developed their own languages (FORTRAN, ALGOL, LISP, 1 2, PASCAL, ... ) and systems of proof rules (Hoare , Dijkstra • • . ). We 3 how the additional richness of ' t y p e theory, as have shown elsewhere compared with first order predicate logic, makes it usable as a programming language.
l ' C. A. Hoare, An axiomatic basis of computer programming, Communications of the ACM, Vol. 12,196'9, pp. 576580 and 583.
a formal system) , respectively. Contrary to formUlas, propositions are not def'ined inductively . So to speak, they f'orm an open concept, In standard textbook presentations of first order logic, we d' can three quite separa te steps:
(1) inductive definition of terms and
formulas , of inference ,
(2) specif'ication of aXioms and rules
(3) semantical interpretation.
Formulas and d d t ' e uc are given meaning only through semantics which is usually done follOWing Tarski and ' , assuming set theory . What we do here is t t , mean 0 be closer to ordinary mathematical We will avoid keeping form and meaning (content) apart stead we will at the same time display certain forms of Inand
2 E. W. Dijkstra, A discipline of Programming, Prentice Hall, Englewood Cliffs, N.J ., 1976.
" P. MartinLof, Constructive mathematics and computer programming, Logic, Methodology and Philosophy of Science VI; Edited ,by L. J. Cohen, J. Los, H. Pfeiffer and K.P. Podewski, NorthHolland, Amsterdam, 1982, pp. 153175. '
3
inference that are used in mathematical d ' proofs an explain, them seman, " tically. Thus we make explicit h t
granted. When one treats log i c as arty othe r br a nc h of mathematics, as ·i n the metamathematical traditi on originated by Hilbert , such judge ments and inferences ·are onl y partially and f ormal l y re pr ese nted in the s ocalled obj e c t language, while they are implicitly used; as in any other br a nc h of mathematics, in the s ocal led metalanguage. Our main aim is to build up a system of f orma l rules representing in the bes t possible way informal (mathematical) reasoning. In the usual natu ral deduction style , the rules given are not quite . f ormal . For i ns t a nce , the rule.
A
. We us e f our · f orms of (1) A is a set (abbr . A
( 2 ) A and B
equal
(A
B),
( 3) a is .an element of the set A (a
A) ,
A
(4) a and b are equal elements of the set
(If we read
£
(a = b
E
A) .
E
lit.rally a s
, then we
A
Set ,
A = BESet , a e El (!) , a = b E El(A ) , respectively .) Of cou rse , any syntactic variable s co u ld be us ed · the use ,
0
f sma 11 l e t t e r s f or el 
A v B
ements and ca pi t a l letters f or ae't s i s onl y t o» conve nience . No t e t ha in o r d i na r y set ·t heo r y , a E b and a = b are propos it i ons , whi l e they a r e j udgements here. A jUdgement of the f orm A = B has no mean ing less ·we already kn ow A and B t o sets . Likewise , a jUdgement of t he f orm a E A presupposes that A is a set , and a judgement of t he f orm b are elements of A• . Each f orm of judgement admits o f severa 1 differe nt read ings , as i n the ta.ble:
takes f or granted that A and B are f ormulas, and onl y then does it say that · we can i n f e r A v B to be true when A is true . .If we are t o give a f ormai rule, we have to make this expllcit, writing
A prop.
B prop .
A v
A true
a ·= b E A presupp ose.s, first, that A is a se t , an d , second, t ha t a an
B true
or A, B prop .
lAyB
.1 A
A set A is a set A is a prop osition
a
E
A
A is nonempt y A is true
a is an 'e Lemen t of the set . A a is a proof ( con structi on) of the prop ositi on A
where we use, like Frege, the symbol l to the left of A to signify that A is true . In our system of rules , . t hi s wi l l always be explicit . A r ule of inference is · j ustified by explaining the conclusion on the assumption that the premisses are kno wn. H.ence, before a rule of inference can be justified, it must be explained wha t it is that we must know "in o r de r to have the right to make a judgement of any one of the various f orms that the premisses and cOnclusion can have.
A is an i ntention (expectation)
a is a method of (realizing) the intention ( expectati on ) A
A is f u lfi l l a bl . ( realizable)
A is a problem (task)
a i s a method of solving the prob l em ( doing the task) A
A i s solvable
The se cond, logical interpretation is discussed toghether with rules 4 below . The third was suggested by Heyting a nd t he fourth by Ko l mogOrov 5 . The last i s very close to programming. "a is a method . . . " can ' be read as "a is a program . .. ". Since programming languages have a formal notation for the program a, but not for A, we c omplete the sentence with " ... which meets the s pe c i f i c a ti on A". In .Kolmogorov 's in· t e r p r e t a t i on , the word problem refers to something to be done and the wor d program to how to do it . The analogy between t he first and the second interpretation is . implicit in the BrouwerHeyting interpretation logical It was made more explicit bY ,Curry ,and Feys6 , but only for the impl icational fragment , and i t wa s extended t o intuitionistic first order arithmetic by Howard _ It is the only known way of logic so that axiom o f 6hoic e becomes , valid . To distin gui sh between proofs. of judgements (usually in treelike form) and proofs of proposit ions (here identified with elements , thus to the left of E . ) we reser ve the word construction for the latter and use it whe n confusion might occur.
Explanations of the forms o f judgement
For each one of the. four forms of judgement, we. now explain wha t a judgement of that form means . tions: W t is a set? ha
We can explain what a judgement , s a y
of the first form, means by answering one of the following three ques
What is it that we must know in order to have the right to judge something to be a set? What does a judgement of the form " A is a set·" mean? The first ,is the ontological (ancient Greek) , t he second the episern) way of posing essentially the same question . At first sight , we could assume that a set is defined by prescribing how i t s elements are formed. This we do when we say that the set of na tura l numbers N is defined by giving the rules :
a
E
,
.
7
(Descartes, Kant, •• . ) and the third the seman t ical (mod
o
4 A. Heyting, Die intuitionistische Grundlegung der M t hema t ik , a Erkenntnis, Vol. 2, 1931 , pp. 106 115 . . 5 A. N. Kolmogorov , Zur· Deutung der intuitionistischen Logik, Zeitschrift , Vol. 35 . 1932, pp . 6 H. B. Curry and R. Feys, Combinatory Logic, Vol. 1, NorthHolland ; Amsterdam , 1958 , pp , 312315. 7 w A. Howard , The formulaeastypes not ion of construction, To '., H. B. Curry : Essays on Combinatory Logic, Lambda Calculus arid Formalism , Academic Press, London , 1980 , pp. 419490.
N
N
a'E N by which its elements are constructed. However" the we a kn e s s of thi s 10 definition is clear: 10 , for instance, though not obtainable wi th thegi ven rules, is clearly an element of N, sinc,e we kno w t hat we ' can bring it to the form a' for some a e ' N. W thus ha ve . to distin e the elements which have a form by which we can di rect ly see that they are the result of one of the rules , and 'ca ll the m c anon i cal , from all othe r e lements, wh i ch we wi l l call no ncano nica l .
But then, to be able t o. define when two noncanonical elements are equal, we must also prescribe how two equal canonical elements are formed. So: (1) a set A is defined by prescribing how a canonical element of A is formed as well as how two equal canonical elements of A are formed. This is the explanatipn of the meaning of a judgement of the form A ·i s a set. For example, to the rUI'es for N above, we must add
(2)
two sets A and Bare equal if a ! A (that is, a
!
a
!
a
E
A and B
a a
! .
6.
B A
)
B
and abE A
a
b Eo B
for arbitrary canonical elements a, b.
a
and a' To take
b <= N
b' ! . N
This is the meaning of a judgement of the form A= B. When we explain what an element of a set A is, we must we know that A is a set, that is, in particular, how its canonical . elements are formed. Then:
example, A x B is defined by the rule
a <= A
b
!
B·
(a,b)! AxB. which prescribes how canonical elements are formed, and the rule
(3) an element a of a set A is a method (or program) which, whe executed, yields a canonical element of A as result . This is the meaning of a judgement of the form a
! .
A. Note that here
a = c
!
A
b = d ! B .
we assume the notion of method as primitive. The rules of computatic of the present language will be such that the computatic of an element a of a set A terminates with a .va l ue b as soon as the outermost form of b tells t hat, it. is a canonical element of A (norm" order or lazy evaluation) . For instance, the computation of 2 + 2 gives the value (2 + 1)', which is a canonical element of N since 2
+
!
(a ,b) = (c,d) ! ·A x B by means of which equal canonical elements are formed. There is no limitation on the prescription defining a set, except that equality between canonical elements must always be defined in such a way as to be reflexive, symmetric and transitive. Now suppose we know A and B to be sets, that is, we know how canonical elements and equal canonical elements of A and ·B are formed . Then we stipulate:
1 E N. Finally: (4) two arbitrary elements a, b of a set A are equal if , when executed, a and b yield equal canonical elements of A as resul1
This is the meaning of a judgement of the form a = b
!
A. This defi
Propositions Classically, a proposition is nothing but a truth va l u e, that an element of the set of truth values, whose two elements are true and the false. Because of the difficulties of justifying the rules for forming propositions by'means of quantification over infinite domains , when a proposition is understood, as a truth value , this explanation is rejected by the intuitionists and replaced by saying that a proposition is defined by laying down what counts 'a s ' a proof of the proposition, and that a proposition is true if it has a proof, that is , if a proof of it can be given
nition makes good sense since it is ' part of the definition ' of a set what it means for two canonical ,elements of the set to be equal. Example. If e, f and e
!
A
x B, then e and f are methods which yield
E
canonical elements (a,b), (c,d) f E A x B if (a,b) d
€
A x B, respectively, as results, if
(c,d) E A x B, which in turn
a = c E A and b
B;
8
Thus , intuitionistically , truth is identified with provability , though of course 'not (because of bility within any particular formal system. fit together with the intuitionistic conception of wha t a proposit ion is, are given by the standard table:
incompleteness theorem) wi t h deriva 
The explanations of the meanings of the logical operations, which
8 D. Prawitz, Intuitionlst1c logic: a philosophical challenge , Logic and Philosophy, Edited by G. H. von M r ti nu s Ni j ho f f , a The Hague , pp . 110.
a proof of the proposition
consists of
As it stands, this table is not strictly correct., since it, shows proofs of canonical form only. ' An arbitary proof, in anal;ogy with an arbitrary element of a set, is a method of producing a proof of canonical form. If we take seriously , the idea that a is defined by laying down how its canonical proofs are f'orme d (as in the second table above) and accept that a set is defined by prescribing how its canonical elements are formed, then it is clear that it would only lead to unnecessary duplication to keep the notions of proposition and set (and the associated notions of proof, of a proposition ' and element of a set) apart. Instead, we simply identify them, that i s, treat them as one and the same notion. This is the formulaeastypes (propositionsassets) interpretation on Which intuitionistic type theory is based.
.L
A &B
AV B
a proof of A and a proof of B a proof of A or a proof of B a method which takes any proof of A into a proof of B a method which takes an arbitrary individual a into a proof of B(a) an individual, a and a proof of
B(a)
A :> B
( Vx)B(x) ,
(3 x)B(x)
' t he first line ' of which should be interpreted as saying that there is nothing that counts as a proof . The above table can be made more explicit by saying: a proof of the proposition
.i,
has the form
A & B
(a,b), where a is a proof of A and b is a proof of B i(a) ; where a is a proof of A, or j{b), where b is a proof of B (Ax)b(x), where b(a) is a proof of , B provided a a proof of A (Ax)b(x), where b(a) is a proof of B(a) prOVided a is an individual (a,b), where a is an individual and b is a proof of B(a)
A v B
A :> B
('o'x)B(x)
(3 x)B(x)
 14 
 15 
Rules of equal ity
and
We no w begin to build u p a system o f rules. First , we g i v e th e fo llowing rules of equality , which are e a s i l y e xplained using th e fac t t h a t t h e y hol d , by definition, for c an on ic a l ele me nts : Reflexi vit y
a e A
a
a
b .. A
a=be.B for a , b canonical elements of A and" B. From the same f or B also obta in
C, we "
A s et
a
E
A C
=
a e A
A = A
and
a
<;
Symmetr y
a
b
b
E
A
A
A = B B = A
a
_ b =
e A
a
6
abE C
Trans it iv it y
for a , b canonical elements, which is the meaning of A =" C.
b
C
a
b e A
c EO A
A
B
B
c
In the same evident way, the meaning of A = B just i fies the rules: Equality o f sets
a e A
a e B A
a
! A
A
c
For instance, a d e t a i l e d explanati on o f transitivity is : a = b E A means that a and b yiel d canonical elem ents d and e , respectively , and that d
B
a
b e A
A
E B
=e
! A. S imilar ly , if c yields f , e
=f
B
EA. S in c e we assume
transitiv ity for canoni cal element s , we obtain d t h a t a = c ! A. The me a ni n g of A B i s t hat
=f
E A, which mean s
a = b
a
6,
A
a E B
 17 
Hypothetical Judgements and substitution rules The four basic forms of judgement are generalized in . order t o expresi also hypothetical judgements , i .e. judgements which are made under assumptions . In this section, we treat the case of one such assumption . So assume that A is a set . The is generalized to the hypotheti cal form form of judgement
B(x) is a set under the assumption x e .A, which does not mean ' .t ha t ,we must have a derivation within any particular formal system (like the one that we, are in the process of building up). When an assumption
X E A is discharged by
application of a rUle, we wr i t e it inside
brackets. The meaning of a 'hypot he t i c a l Judgement of the fo rm
(2)
B(x) = DUe)
(x
e. 'A )
(1)
B( x) set (x e 'A) which says that B(x) 'and D(x) are equal families of sets over the set A; is that B(a) and D(a) are equal sets for any element a of A (so, in particular , B(x) and D(x) must be famiiies of sets over Therefore the rule . Sub s ti tu t Lon
(x E A)
which says that B(x) is a set under the assumption x E A, or, better, that B(x) is a family of set s over A. A more traditional notation is or {B : X E A} • The meaning of a judgement of the form xJ x E A x . (1) is that B(a) is a set whenever a is an element of A, and also {B
1
that B(a) and B(c) are equal sets whenever a and c are equal elements of A. By virtue of this meaning , we Lmmed Lat.e Ly see that the following s u bs t i t u t i on rules are correct:
a E A
Substitution
(x
E
B(x) = D(x)
B(a) = D(a)
A)
(x E A)
is correct. We can now derive the rule
(x E A)
a
E A
B(x) set B(a) set
a
C E A
B(x) se t B(c)
a c E. A
B(a)
B(x) D(c)
D(x)
The notation
X
Beal
E:
A
from the above rules. In fact, which is implicit in a rule. So B(a) c
c ,E A and B( x) set (x E A) ,
B(x) s et only recalls that we make (have a proof of) the judgement that
' we obtain B(a) '= B(c) by the second substitution r ul e , and f rom c E A,
E:
A, B(c) = D(c) by the third substitution
= D(c)
by ,transitivity .
A hypothetical
of the form A)
Jud gements with more than one assumption and contexts We may now· further generalize judgements to include hypothe ti cal judgements with an arbitrary number n of assumptions. W explain their e meaning by induction. that is, assuming we understand th e meaning of judgements with n' assumptions. So assume we kno w that A, is a set • . A is a family of sets ov er A" 2(X,)
(3) b(x) E B(x) (x
means that we know b(a) to be an element of the set B(a) assuming we know a to be an element of the set A, ·and that b(a) = b I c ) E. B(a) whene ve r a and c are equal elementa of A. In other wo r ds , b(x) is an extensional function with domain A and .r a nge B(x) depending on the argument x . Then the following rules are justified: Substitution
(x ! A) (x E A)
is a family of s e t s with two indices x, A 3(X"x 2)
x
2
!
!
A, and
A ( X, ) , 2
a
!
A
b(a)
b
E.
Cx)
B(a)
! .
iHx)
a
c ! A
b(x)
! .
E.
B(x)
b(a) ·= b(c)
B{a) An(x, ..,oo., x n_,' is a family of sets with n ' indices x, X2E A ·(x,), .. . , x n_, E An_,(x, ' ...• x n_ 2) . 2 Then a judgement of the form
(1)
! .
A"
Finally, a judgement of the form (4) b(x) = d(x)
! .
B(x) (x !. A)
means that b(a) and d(a) are equal elements of the set B(a) for any e lement a of the set A. We then· have Substitution
(x ! A) .
A(X" .. .• x n) ·s e t (x,
E
A,. x 2 e A2(x,), ... . Xn E An ( x " ... ,x n
_,»
means that A(a" ... ,an) is a set whenever a, !. A"
a ! A .
b(x) = d(x) e B(x)
! .
a 2 E A2(a,) , ., . , anE . ... an_') and that A(a" . .. ,a n) = A(b " .... , b n ' whenever a, = b, e A" .. . , an = b n ! An(a" ... ,a n _,) . ·W say that e A(x" ..• ,x is a family of sets with n indices. The rt assumptions in n) a judgement of the form (,) constitute what we call the context •. wh i c h plays a role analogous to the sets of f o r mul a e
b(a) = d(a)
B(a)
r .
(ex tra formulae)
wQi c h i s the last substitution rule • .
appearing in Gentzen sequents . Note also that any initial · segment o f a context always ·a context. Because of the meaning o f ·a hypothetical
judgement of the
('), we see that the first two rules of substi
Sets and categories A category. is defined by explaining what an object of the category is and when two such objects are equal . A category need not be a set, since we can grasp what it means to be an object of a given category even without exhaustive rules for forming its objects . For instance. we now grasp what a set is and when two sets are equal , so we have defined the category of sets (and. by the same token . the
tut ion may be extended to the case of n assumptions ,and we understand these extensions t o be given . It is by now clear how to explain the meaning of the remaining forms of hypothetical judgement :
(equal families of sets with n indices),·
{3) a(x" ... , x ) E A(x, •• •• , x ) (x, e A, . . . ..
category of propositions), but it is not a set. So fa r . we have defined several categories: the category of sets (or propositions). the category of elements of a given set (or proofs of a proposi
n
n
x n E An(x, •• •.• x n _,»
(function with n a rguments), (4) a(x, • •.•• x = b(X, •••. ,x n) E A(x, • • • .• x n) (x EA. X E A (x, . .... x " n n n(equal functions with n arguments). n) tion) .•
,»
t he category of families of sets B(x) (x E A)' ove r a given set A. the category of functions b(x) E a(x) B(x) set (x E A) , the category of families of sets C(x .y) (x EA ·. Y E· B(x» , where A set. B(x) set (x E A). the category of functions c(x.y) E C(x.y) (x E A, y E B(x» . where A is a set. sets, . etc . In addition to these , there are higher categories . like the category of binary functions which take two sets into another set . The function x . which takes two sets A and B into their cartesian product A x B. (x E A) and C(x.y) . (x " A. y EB(x» families of
and we assume the corresponding substitution rules to be given.
(x E A).
where A set .
 22 
23 
is an example of an object of that c a te g o r y . We will say obj ect of a category but e le men t of a set, ·wh i c h r eflects the difference between categories and sets . To egory it is not necessary to prescribe how its objects are but Just to grasp what (arbitrary) object of the category is. Each cat
t h e set B (B
A
will be introduced as an abbreviation for (n x E
when B(x) is constantly equal to B). In parti cular ,
{O, ll A is
a se
but it is not the s a me thing as which is only a c a t e g o r y. Th A reason that B can be construed as a s e i t s that .we take the notion of function as primitive , instead of defining a fu nction as a se t o
set determines a category, namely the category of elements of the set, but not conversely: for instance, the c a t ego r y of sets and the · category of propositions are not sets, since we cannot describe how all their elements are formed. We c a n now s a y that a judgement i s a statement to the e f f e c t that s ome t h i ng is an obje ct of a c a t e g o r y (a A set ,
6
orde red pairs or a binary relation satisfying the usual ex istence an uniqueness cond itions , which would make it a category (like d?(A)) instead of a . set .
When one speaks about data types in compute r science , one mi gh just as well say data s e ts . So here type is always synonymous wi t h set and not with category .
A,
. .. ) o r that tw o objects of a c a teg o r y are equal (a = b E A,
A
B, ••• ) .
What about t h e word type in the logical s e n s e . given to it by
Russell with his ramif i ed (resp. simple) the ory o f type s ? Is type synonymous with cate gory or with s e t ? In some cases with the one , it s e e ms , and in other cases with th e other. And it is this confusion of two different concepts which has l ed to the impredicati vity of the simple theory of types . When a type i s defined a s the range of significance of a propositional function, so that types are wh a t the quantifiers range over, then it seems that a type is the same thing a s a set. On the other hand , when one speaks about the simple types of propositions, properties of indiViduals , relations between individuals etc., it seems as if types and categories are the same . The important difference between the ramified types of propositions, properties, relations etc . of some finite order and the simple types of all propositions , properties, relations etc. is precisely that the ramified types are (or can be understood as) s ets, so that ·i t makes sense to quantify over them, whereas the simple types are mere categories . A For example, B is a s e t , the set of functions from the set A to
 25 
General remarks 'on the rules
We remark here also that to each rule. of set formation, intro duction and elimination, there corresponds an equality rule, which
W now start to gi ve the rules for the different symbols we use. e W will follo w a common pattern in giving them. For each operation e we have four rules : set formation, introduction, elimination, equality . The formation rule says that we can form a certain (proposition)
allows
to
equals for equals.
The rules should be rules of immediate inference; we cannot further analy se them, but only explain them. However , in t h e end , no explanation can substitute each individual 's understanding .
..1
from certain other sets (propositions) or families of sets (propositional functions). The introduction say what a re the canonical
' 1 I
elements (and equal canonical elements) of the set, , t h us giving its meaning. The elimination rule shows how we may define functions on the set defined by the introduct ion ' r u l e s . The equality rules relate the introduction and elimination rules by showing how a function defined by 'means of the elimination rule operates on the canonical elements of the set which are generated by the introduction rules. In the interpretation of sets as propositions, the formation rules are used to form propositions, introduction and elimination rules are like those of Gentzen 9 , and the equality rules correspond to the reduction rules of Prawitz 10.
9 G. Gentzen, Untersuchungen uber das logische Schliessen, Mathematische Zeitschrift , Vol . 39, 1934, pp .176210 and 405431. 10 D. Prawitz, Natural Deduction, A ProofTheoretical Study, Almqvist & Wiksell, Stockholm, 1965.
 ' 27 
Cartesian product of a family of sets
that these rules introduce canonical elements and equal canonielements, even if b(a} is not a canonical element of B(a) for
Given a set A and a ,f a mi l y of setsB(x} over the set A, we can form the product: Dformation
(x e A)
(x c;; A)
A. Also, we assume that the usual variable restriction is met, i.e . that x does not appear free in any assumption except (those of
E A.
Note that it is neccessary to understand that A) 'i s a function to be able to form the canonical
E
hex) e B(x} (x
E
element (AX}b(x)
(fix e , A)B(x); we could say that the latter is a
A set (fix
E
BOc} set A)B(x} set
A
C
E
B(x)
D(x)
name of the former. Since, in general, there are no exhaustive rules for generating all functions from one set to another , it follows that we cannot generate inductively all the elements of a. set of the form A, (nx IS, A)B(x} (or, in particular, of the 1,form 'B like NN). We can now justify the second rule of set formation. So let (AX}b(x) be a canonical element of (TIx E A)B(x}. Then b( x} E B(x}
(Tl x
A)B(x) = (Tix E C)D(x}
The second rule says that from equal arguments we get equal values. The same holds for all other set forming operations, and we will never ' spell it out aga i n. Th e conclus • o n of the first rule is that something is a set. To understand which set it is, we must know how its canonical elements and its equal canonical elements are formed. This is explained by the introduction rules:
(x E A). Therefore, assuming x E C we get x E A by symmetry and equality of sets from the premiss A the premiss B(x} = D(x} (x
E
C, and hence b(x} E B(x}. Now , from
A), again by equality of sets (which is
assumed to hold also for families of sets) , we obtain b(x} E D(x) , and hence (Ax}b(x) e: ([1 x e C)D(x} by nintrodu ction. The other direction is similar.
n introduction
(x E , A)
b(x} E. B(x} (AX)b(x) e (T] x E A)B(x)
(x e A)
(x E
A
=C
=A
(x E C)
A C
=C
=
A
C)
x
C
E A
x e. A
B(x) b(x} e D(x) D( x)
b Lx )
e. B(x)
b(x) = d(x} e B(x) (AX}b(x) = (Ax;}d(x) e (fix ' e A)B(x}
(AX)b(x) E (DXE C)D(x)
 29 28 We have to explain the meaning of· the new constant Ap (Ap for Application) ; Ap(c,a) is a method of obtaining a canonical element of B(a) , and we now explain how to execute it. We know that c
(Tl x
. d . s a formal derivation cannot be considere a We remark that the above in type theory itself S1nce • . of the second T1_formation rule proof l oty between two sets which formal rule of prov1ng an equa 1 the re is no explanation of what such an equality means. corresponds directly to the
0
0
E A)B(x) , that is, that c is a method which yields a canoniE
cal element (AX)b(x) of (TIx e A)B(x) as result . Now take a
A and
We also have to prove that
it for x ·inb(x). Then .b ( a ) E B(a). Calculating b(a), we
E
= (Ax)d(X)
(Ax)b(x)
(TIx
E
A)B(x)
obtain as result a canonical element of B(a), as required . Of course, in this explanation ; no concrete computation is carried out; it has · the character of a thought experiment (Ger. Gedankenexperiment) , We use Ap(c,a) instead of the more common bra) to distinguish the result
A) ,
=
(Ax)d(x) '" (Dx '" C)D(X) (Ax)b(x) and (Ax)d(x) be equal
under the same assumptions. So let Then b(X) = d(x) E B(x) (x E . canonical elements of. (nx 6 A)B.,(x) . and therefore the derivation
A
(x ! C) .
of applying the binary application function Ap to the two arguments c and a from the result of applying b to a. Ap(c,a) corresponds to the application operation (ca) in combinatory logic. But recall that in logic there are no type restrictions , since one can always form (ca), for any c and a.
= C = A
(x 6 C)
X
A = C
C
! .
X E A
A
nequality
(x E A)
B[x) = D(x) b(X) = d(X) (Ax)b(x) = O.x)d(x) shows that (Ax)b(x) (f\x
e;
! . ! .
D(X) (TIx E C)D(x) canonical elements of
a
E
A
b(x) E
B(:c)
Ap«AX)b(x) ,a) = bra) E B(a)
C
and (Ax)d(X) are equa 1
E (TIx E A)B(x)
E
C)D(x).
c
(Ax)Ap(c,x) E (nx
A)B(x)
n _elimination
c
e;
The first equality rule shows · how .the new function Ap operates' on the (nx
! .
A)B(x)
! .
a ·E A
canonical elements ·of (Fl x E A)B(x): Think of (AX)b(x) as a name of . .. . . the program a program to the. first rule say.s that . applying the name of argument yields the same as executing the proSimilarly, . the second· r ul e is needed
Ap(c,a) c = d E (nx
! .
B(a) a = b
E A
A)B(x)
gram with that ,rgument aj
Ap(c,a) = AP(d,b) E B(a)
 31  30 Definitional equality
f which we know only ) for a program 0 to obtain a notation, Ap c ,x, · . f llows . .Recall that e can be as 0 c The second ru l ts as rethe name • y'eld equal canonical elemen , . 1 i f they • ) two elements are equa It (Ax)b(x) , where o Cx) E B(X i Ids the resu eye t to prove is S u l t s .· is canonical, what we wan (x A). Since (Ax)Ap<c,X) ( (AX)AP(c .x) B(x) (x E A)
Definitional . equality is intensional equality, or equality of meaning (synonymy). We use the symbol:: or =def. (which was first introduced by Definitional ·equality :: is a relation between linguis.tic expre sa t ons ; it· should not be confused with equality between objects (sets, elements .o f a set etc.) which we denote by =. Definitional equality is the equivalence relation generated by abbreviatory definitions, changes of bound variables and the pr inciple of sUbstituting equals for equals. Therefore it is decidable, but not in the sense that a
equal elements, we need _introduction for ) . B( ) rule er (a ) Ap(c,a E a By the = ) This means b a (' )b(X·) and hence b(X) _ Ap(c .x ) E B(x) . (x EA . . ce c y i e l d s AX . EA. But this is true, provided a same value as b(a). A, Ap(c,a) yields the rules for B which is the d cts contain the A The rules for pro u t B In fact , we take B . to the set A to the se · · . set of functions from Here the concept of B does not depend onx. be (ll.x E A)B, where
n
==
b V .., (a
==
b) holds, simply because a
==
b is
not a proposition in the sense of the present theory. Definitional equality can be used to rewrite expressions, in which case its decid ability is essential in checking the formal correctness of a proof. In fact, to check the correctness of an inference like A true B true
nitional equality is useful .
A & B true for instance, we must in particular make sure that the occurrences of the expressions A and B above the line and the occur
rences below are the same, that is, that they are definitionally equal. Note that the rewriting of an expression is not counted as a formal inference.
Applicat ions of the cartes ian product A Fi rst , us.ing definitional equality, we can now defi ne B by putti ng
V introduction
(x E A)
B(x) true
prov ided B does not depend on x , We next consider the nrules in the i nt e r pre t a t i on of propositions as sets . If, i n the. f i r s t rUle , n  fo rmation, we think of B(x) as a proposition instead of a set, then , after the definition (Vx 6 A)B(x) it becomes the rule _
(Tl x G A)B(.x) ,
a(x , •• • ,x .0 ) •
1
E
x
i\{x 1 , • •• ,x ) (XE A m 1 1' " ., X E A (x E A ( m m 1"" , Xm_ 1 ) , m+l m+ l x 1 , · .. ,xm) , ... , x .0 E A.0 ( x l' . . . , x » m
V formation
(x 6 A)
. A set
B(x) prop •
. namely, ' .suppose that A 1 up to A and A . . Then ,. if we ' a .' m+ .0 depend only on x re merely interested in the l' • . • , . x . inesserit';a'l truth of A(x ) m to writ .e explicit symbols fo th l " " 'xm , i t is A . s . r e elements o f A . n' 0 we abbreviat e it with m.l ' .. . , A(X , • •• , x j true (x 1. m
A
E
('r;fx E A)B(x) prop . which says that un i versal quantification forms propos itions. A set mere ly says that the domain over which the universal quantifier ranges is a set and th is is why we do not change it into A prop. Note that the r ul e of V  f o r ma t i on is just an instance of nformat ion. We s im ilarly have
1
A
m+l(x 1 , ·· · ,x) true ' . .. , A.0 ( x ' ·· ·, x m 1 Sim ilarly, we write
1 ' .·· · ' Xm E Am(x l' ••• , x m 1 )'
m) t rue).
A(x ,. .. ,x ) prop . (x E "i 1 1 1 , · .. , X G A ( x m A m m l " " ' x 1 )' m+l(x 1 , . •. ,x) true A ( mm ' .. • , .0 x 1 " " ' x m) t rue) that a s , A( x .. . , x ) i s a p · x m roposi tion p rovided e A 1' . ) and ' A xl 1" •• , m e Am (x 1" ••• , x ml ' m+l(X 1" " 'x) ' . . . , A.0 ( x "" ' x ) m 1
:
m
are all true, as an abbreviation of A(x x ) prop. (x, e
1 ' • •• , m
wh ic h i s a generalization of the usual rule of ·forming A::> B, since
E
A"
... , x m
x
m+l
EO
A
m+
,(x" ... , x m) , ... ,
.
Am(X" . .. ,x m_,),
x
we may als o use the assumption A true to prove B .prop. This generali z a t i o n is p e r h a ps " more evident in the Kolmogorov interpretation, where we might be in the position to jUdge B to be a problem only un.de r the assumption that the problem A can be solved , · wh i c h is clearly sufficient for the ,problem A::> B, that is, the problem of solving B
n
E
A (x"
n
.. • , x ) • m
Turning back t o the V rules, from the rule of we have in particular
n elimination,
V elimination
a E A
(Vx eA)B(x) true B(a) true
provided that A can be solved, ·t o make sense. The inference rules for ::> are :
::>
(A true) Restoring proofs , we
se e that, if c is a proo f of (Vx
then Ap(c,a) is a A . t a proof of B(a), "t y element of 0 a method which takes an rar " of the universal in agreement with the intuitionistic quantifier . If we now define
Pr o o f of B(a); so a proof of
A)B(x), (V it E. ·A) B( x ) is
B true A ::> B true whi ch comes from the rule of ·an d
::> elimination·
Ointroduction by suppressing proofs,
(nx E. A)B, A ::> B true where B does not depend on x , we obtain from the I1rules the . rules t rule of · n  f o r ma t i o n , assuming. B does no for implication . From the depend on x , we obtain ::> formation (A true) A prop. Bprop. B true which is obtained · from the rule of A true
n elimination
by the same process .
Example (the combinator I). Assume A set and x EA . Then , by nintroduction, we (AX)x E. A . A, and therefore, for any .prop 
osit ion A, A ::> A true. This expresses the fact that a proof of A ::> A is the method: take the same proof (construction). We can define the combinator I putting I
A :::> B prop .
=
(AX)X. No t e
the same I belongs to any
set of the form A + A, since we do not have different variables for different types.
 36 
 37 
Example (the combinator K). Assume A set, B(x) set (x E A) and let x.. A,y ! B(x) . The n ' by·A abstraction on y, we obtain . (Ay)X
E
S =: (Ag)(Af)(Ax)Ap(Ap(g,x) ,Ap(f,x» which is the usual combinator S, denoted by Agfx.gX(fx) iii combinatory logic. In this way, we have assigned a type (set) to the combinator S. Now think of C(x,y) as a propositional function . Then we have proved (Yx
E
B(x) E
A, and, by A abstraction on x,
E
(AX)(AY)X putting K
(n x
(Ax)
A)(B(x)  A). We can d e fin e the combinator K
0
==
(Ay)X. I f we think
f A d B as propositions, where an
?
B does not depend on x, K appears as a proof of A
(B? A); so
A=> (B? A) is true. K.expresses the me:hod: given any proof x of A, take the function from B to A which is constantly x for any proof y of B. Example (the combinator S). Assume A set, B(x) set (x E A), C(x,y) set (x E A, y ·E B(x» and let x g e (Tl x
E
A)(Vy
E
B(x»C(x,y)
E
::>( Yf e (nx e A)B(x»(Y x
E
A)C(x,Ap(f,x» true
A, f
E
(Tl x
E
A)B(x) and
.whi c h is traditionally written (V x e A)(Vy e: B(x»C(x,y)::> (Vf efT B )(Vx ! A)C(x,f(x».
x«A 'x
A)(ny e B(x»C(x,y). Then Ap(f,x) E B(x) and
Ap·(g,x)! (ny ! B(x»C(x,y) by nelimination. So, again by nelimination, Ap(Ap(g,x),Ap(f,x» ·E C(x,Ap(f,x».
If.we assume that C(x,y) does not depend on y , then (ny e B(x»C(x,y) =B(x) C(x) and therefore S
E
Now, by A abstraction on x, we obtain (Ax)Ap(Ap(g,x) ,Ap(f .x) and, by A abstraction on f, (Af)(Ax)Ap(Ap(g,x),Ap(f,x» ! (nf E (nxeA)B(x»(nx eA)C(x,Ap(f,x». Since the set to the right does not depend on g, abstracting on g, we obtain (Ag)
(.Ar)
(Tl x E A)(S(x) C(x» 
(f Tlx
E
A)B(x) _ (Tl x
E
A)C(x» .
So , .i f we think of B(x) and C(X) as propositions, we have e (nx
E
A)C(x ,Ap(f ,x», (Vx E A)(B(x) ::> C(x» ::> «Yx
E
A)B(x)
::>
(Yx
E
A).C(x» true.
Now assume that B(x) does not depend on x and that C(x;y) does no t depend on x and: y. Then we obtain
that is, in the logical interpretation, (Ax )Ap(Ap (g,x) , Ap (f ,x) ) E (Tl x
E
A)(ny
E
E
B(ic»C(x,y)
(A
::>
(B
::>
C» ::> «A::> B) ::> (A
::>
15» true .
(TIfE(nX EA)B(x»(nx We may now put
A)C(x,Ap(f,x»). This is just the secone axiom of the Hilbert style propositional calcUlus. In this last the proof above, when written in treeform ,
 39 
becomes:
(x
! A)
union of a fa mily of sets
(f ! AB) (x E A)
(g
E
A (BC»
E
Ap(f ,x) E B Ap(Ap(g ,x),Ap(f ,x »
Ap ( g , x )
!
B  C
The second group of rules is abou t the disjoin t uni o n of a family o f se t's , L formati o n
C
" (AX)Ap(Ap(g ,x) , Ap ( f , x »,E A  C
O,f)
(Ax ) Ap( Ap (g, X) , Ap ( f , x »
E
E
(A
+
B) 
(A" C )
A set
(x E A)
"" (Ag ) (Af} (Ax ) Ap (Ap (g , x ) , Ap ( f . x )
( A _(B _C» _«A B )  ( A C »
B(x) set
E
(Lx
A)B(x) set
A mo r e traditional notation for (E x E A)B(x)" wou l d be
L B
"( x"A Bx U
orU B ) . W now explain wha t set (Lx e xe:A x
E
xEA x A) B( x ) i s by
prescribing how i t s canonical elements are fo r med . This we do with the rule:
L  introduct ion
a E A
b EO: B(a)
(a ,b) E (Lx ! A)B(x) W "c a n now justify the equali ty rule associated with e tion:
L
forma
(x E A)
A
= C
B(xi
= D(x)
E C)D(x)
(Lx E A)B(x)
\
= (LX
In "f a c t , any canonical element of (Lx E A)B(x) i s o f the f orm (a ,b)
\
" "" With a
EO:
A and b
EO:
B(a) by 2:;introduction. Bu b then we also have
 40 
41 
a E C and b E D(a) by equality of sets and substitution. Hence (a b )
j
Lequality (x E A, yeB(x»
a
E;
E:
(Ex
E
C)D(x) by Lintroduction. The other direction is
similar .
E elimination
(x ! A, y ! B(x» C
E
A
b e fiCa)
d(x,y)
E
CUx,y»
d(a,b) E C«a,b» (Here, as in L elimination,. C( z ). set ( z e (L.X E A)B(x» is an im... plicit premiss.) Assuming that we know the premisses, the conclusion ·j us t i f i e d by imagining E«a,b),(x ,y)d(x,y» to be executed . In fact, we first execute (a,b), which yields (a,b) itse If as. result ; then we · substitute a, b for x, y in d·(X,·y) ,obtainingd(a,b) execute d(a,b) until .we obtain a canonical element e
e;
(L x
E
A)B(x)
d(x,y) E C«(x,y»
E
E(c,(x,y)d(x,y»
C(C)
where we presuppose the premiss C(z) set (z E (Lx E A)B(x», although it is not written out explicitly. (To be precise, we should also write out the premisses A set and B(x) set (x E A).) We explain the . rule of L elimination by showing how the new constant E operates on its arguments·. So. assume we know the premisses. Then we E(c,(x,y)d(x ,y» as follows. First execute c, which yields a canonical
E
C«a ,b» , and
E CUa ,b». The same canonical element is p .roduced by d(a,b), and thus the conclusion is correct.
A second rule of L equali ty, analogous to the second rule of
element of the form (a,b) with a
A and b E B(a). Now. substitute a we .obt a i n a canonical element e of
nequality, is now derivable, as we shall see later .
and b for x and y, respectively, in the right premiss, obtaining . d(a,b) e: C«a,b». Executing d(a,l» C«a,b». We now want to show that e is also a canonical element of C(C) . It is a general fact that, if a E A ahd a has value b, then a = b E A (note, however, that does not mean that a = b E A is necessarily formally derivable by some particular set of formal rules). In our case , c = (a,b) E (Lx E A)B(x) and hence, by substitution, C(C) = C«a,b». Remembering what it means for two sets to be equal, we conclude from the fact that e is a canonical element of C«a,b» that e is also a canonical element of C(c) . Another notation for E(Ci(X,y)d(x,y» bound only in d(x,y). could be (Ex,y)(c,d(x,y», but we prefer the first since it shows more clearly that x and y be
Applications of the disjoint union As we have already done with the cartesian product,_we shall now see what are the logical interpretations of the d Ls j oLn t una'on . If we put
(3X."E A)B(x)
3eiimination (x E B(x) true) C true
(:I x
E
A)B(x) t rue : C true
:: (Ex E A)B(x),
Here, as usual , no assumptions, except those explicitly written out , may depend on the variable x. The rule of I:elimination is stronger than the
then, from the Erules, interpreting B(x) as a propositional ' function over A; we obtain as particular cases: 3 formation
·1>
:3 elimina tion
rule, which is obtained from it by suppressing
proofs, since we take into consideration also proofs · (constructions) , which is not possible within the language of first order predicate logic. This additional strength will be visible when treating the left and right projections below. The rules of disjoint union deliver also the usual rules of con.j unc t i on and the usual properties of the cartesian product of two sets if we define A & B·
(x E A)
. A set
(3
B(x) prop .
!
x
A)B(x) prop.
3introduction
= Ax
B
==
(L.X E
A)B,
a
! A :
E
B(a) true A)B(x) · true of the existenA)B(x) is a pair (a,b),
where B does not depend on x. We derive here only the rules of. conjunction. &forma tion (A true) A prop. B prop.
( 3x
In accordance with the intuitionistic saying that a (canonical) proof of (3x
tial quantifier, the rule of 'Lintroduction may be interpreted as
E
where b is a proof of the fact that a satisfies B. Suppressing proofs, we obtain the rule of 3introduction, in the first premiss a E A is usually not made explicit. however,
A & . B v ro p , p
This rule is an instance Of
and a generalization of the
usual rule of forming propositions of the form A & B, since we may know that B is a proposition only under the assumption that A is true .
&introduction A true
fore, taking C(z) to be A and d(x,y) to be x in the rules of EelimLna t
Lon and
r: equali.ty,
we obtain as derived rules:
B true
Left projection
' a E A b
E
A & B true Restoring proofs, we see that a (canonical) proof of A & B is pair (a,b) , 'where a and b a.re given P r oof s of A and B respectively. &elimination (A true, B true)
B(a)
p(c) e A
p«a,b»
= a E A
If we now turn to the logical interpretation, we see that
C E
(3x
E
A)B(x)
'A & B true C true
C true
pfc ) e A
holds, which means that from a proof of . (:3 x From this rule of &elimination, we obtain the standard &elimination rules by choos i ng C to be A an d B themselves: A & B true A true Example (left projection). We define p(c) (A true) A & B true B true (B true)
! .
A)B(x) we can obtain an
element of A for which the property B holds. So we have no need of the description operator (1x)B(x) (the x such that B(x) holds) or the choice operator (Ex)B(x) (an x such that B(x) holds), since, from the intuitionist!c 'poi nt of view, (3x
E
A)B(x) ' i s true when we have a
proof of i t . The dif'ficulty witQ an epsilon term (Ex)B(x) is that it is construed as a function of the property B(x) itself ,nd not of the proof of (3 x)B(x). This is why Hilbert had to postulate both a rule of the 'form

E(c, (x ;y)x)
and call it the left projection of c since it is a method of obtaining the value of the first (left) coordinate of .the pair produced by an arbitrary element c of (Ex
E
(3 x)B(x) true
(Ex)B(x) individual a counterpart of which we have just proved, and a rule of the form
A)B(x). In fact, if we take the term
d(x,y) in the explanation of r:elimination to be x, then we ,s e e that "n to execute p(c) we first obta1 the pair (a,b) with a E A and b E B(a) which is the value of c, and tlien substitute. a, b for x, y in x, obtaining a, which is executed to yield a canonical element of A. There
(3 x)B(x) true
B«ex)B(x» true
which has a counterpart in the first _of the rules of right proje c tion that we shall see in the next example . Example (right projection). We define
qC ) c
( 3 x E A)B(x), then q Cc) is a construction of B(p(c» , where , by left proj ection , p(c) E A. Thus , supp r e s s i ng t he c ons t r uc t i on i n th e c onc lus io n , B( p ( c ) is true. Note, however , t ha t , in ca s e B( x ) depends on x, i t is impossi ble to suppre ss th e c on s tru cti on in the premis s, s i nc e the co nc l us i on depends on it . Fi nally, when B(x) does no t depend on x, so t hat  we may write i t s imply as B, a nd both A and B are thought of as propositions, the first rule _of ri ght proje ction reduces to &el i minat i on A & B true
=
E(c,(x ,y)y).
E
Take d(x,y) to be y in the r ule of Le l im i nation. Fr om x
Y E B(x) we obtain p«x ,y»
A,
= x E A by left projecti on, and thereequality of s ets , to be the
fore B(x) = B(p«x ,y») . So , by the rule y
E
B(p( ( x ,y » ). Now choose C(z) set ( z E (L.x E A)B(x» set (z
E
E
fa mily B( p ( z »
(L.X E
A)B(x» . Then the rule of
L.  e limi n
ation gives q(c)
B( p( c» . More f or mall y :
(x E A)
(YEB(x»
E.
B true by s up pressi ng t he co ns t r uc t i ons in both the premis s and t he c onclusion. Example (axioms of c on j unc t i on ) . We first derive A
Y E
p«x,y» = x  x (y E B(x»
C
A
= p «x,y»
E A
B(x) = B( p( l x , y » )
Y E _B(p( ( x, y » )
(B
(A & B»
true, whic h is the ax iom corre sponding to the r ule
(Lx
E
E _ (LX
E
A)B(x) qtc)
of & introd uction . i ssume A set ; B(x) set (x E A) and let x E A, B( x ) . The n (x,y)
E
E E
== sr e , (x ,y)y)
E.
B(p(c»
A)B(x) by L.introdu ction , an d , by B(x)
Il  i n t r oduc t i on , O,y )( x ,y )
(Lx
(T]
(L x
E
A)B(x) (note that
So we have : Ri gh t projection
C E
A)B(x) does not de pe nd on y ). and (Ax) O..y)(x,y)E
x
(Lx
('Ix
E
E.
A)B(x».The l og i ca l readi ng is th en true,
(Lx
E.
A)B(x )
a E A
b
E
Bf a )
A)( B(x):::> (3 x E A)B(x»
q
Co ) E. B'(p Lc)
q«a,b»
bE.
B(a)
from which , in particular, when B does not depend on x , A ::> (B => ( A & B» true .
The second of these r ules is derived by L eq uality in much the same way as the firs t was derived by  L el i mina t ion . W hen B( x) i s th oug ht o f a s a prop os i ti ona l f un c ti on , th e firs t rule of right proje ction s ays t ha t, i f c is a c on struc tio n of
We now use the l e f t a nd right projec ti ons to de r ive A & B :::> A true a nd A & B::> B t r ue . To obtai n t he first, ass ume z
E.
(Ex
E.
A)B(x) .
Then V(z)
€
A by left projectiori, and, by (Az)p(z)
E: (L.X
on z, A,
(Az)E(z,(x,y)Ap(f,x,y»
EO
(TIz
E
(Lx eA)B(x»C(z)
E
A)B(x) 
with argument f. So we ,s t i l l have the assumption f
E
In particular, when B(x) does not depend on x, we obtain A & B :::> A true. ' To obtain the second , from 'z
E.
(Dx e A)(
Ilv
e B(x»C(x,y) ,
which we discharge by Aabstraction , obtaining
(I: x e. A)B(x), we have q (z )
,
E:
B( p (z»
(Af) (Az)E(z ,(x,y)Ap(f ,x,y»
!
+
by right projection , and, hence, by Aabstraction, (Az)q(Z) (note that B(p(z»
E:
(Ox e A)(Oy e B(x»C«x ,y» In the logical reading, we have
(TIz
!
(Lx E A)B(x»C(z) .
(Tl e
E.
(L x
E.
A)B( x»B(p(z»
depends on z). In particular, when B(x) does not
(Yx e A)(Vy ! B(x»C«x,y»::> (Yz ! (Lx ! A)B(x»C(z) true , which reduces to the common
depend on x , we obtain A
&
B :::> B true. (Y x e A)(B(x)::J C) ::J
«3 x
e: A)B(x) ::> C) true
Example (another application of the disjoint union). The rule of Leli;ination says that any function ,d(x,y) with arguments in A and B(x) gives also a fun ction (with the same values, by a pair in (Lx C(z) set (z
E
E:
when C does not depend on z, and to (A °:::> (B::>' C»:::> «A & B)
'::>
L equality)
with
C) true
A)B(x) as single argument. What we now prove is an when, in addition, B Is independent of x.
E.
axiom correspond ing to this rule. So, assume A set, B(x) set (x E A),
(Lx
A)B(x» and let f
E:
(TIx
E
A)(Dy
E:
B(x»Cqx,y».
We want to find an element of (TIx
E
A)(TIy
E.
B(x»C«x,y» 
( Oz
E
(Lx e A)B(lC»C(Z).
We define Ap(f ,x,y) assuming z
E
=
!
Ap(Ap(f,x),y) for convenience. Then Ap(f,x,y) (x E A, y
!
is a ternary functiori , and Ap(f,x,y) E C«x,y»
B(x» . So,
(Lx
EO
'A) B( x ) , by L:elimination, we obtain C(z) (discharging x
!
E(z,(x,y)Ap(i,x,y»
A and y e. B(x», and, by
Aabstraction on z , we obtain the function
The axiom of· choi ce
have (Ax) p (Ap (z .x ) and, by TIequality, Ap«Ax)p·(Ap(z,x» . x )  p(Ap(z,x»
E
E
W now show that, with the rules introduced so far, we can give e a proof of the axiom of choice , which in our symboli sm read s: (\Ix E A)(3 y E B(x»C(x,y) =:>(3f e ·( n x e A)B(x»)('Ix The usual argument in A)C(x ,Ap(f ,x» true .
E
(Il x
E
A) B(x ) ,
Bf x ) ,
By sUbstitution, we g e t ma t h e ma t i c s , based on the i n C(x,Ap«Ax)p(Ap(z,x» .x ) and hence , by equality of sets, q(Ap(z ,x}) e where (Ax) ·P( Ap(z , x ) (Ax)q(Ap(z ,x» is independent of x .. By abstraction on x ,
E
tu itionistic interpretation of the logical constants , is roughly as follows : to prove
= C( x ,p(Ap(z ,x»)
('II x ) (3 y)C(X,y)
::>
(3
f)
(v x)C(x,f(x»,
(3
assume that
we have a .p r oo f of the antecedent. This means that we have a method which, applied to an arbitrary x, yields a proof of y)C(x ,y), that
is, a pair consisting of an element y and a proof of C(x,y). Let f be the method wh i c h , to an arbitrar ily g iven x, assigns the fir st component of t h i s pair. Then C(x,f(x» holds for an arbitrary x, and (TIx EA)C(x,Ap«Ax)p(Ap(z,x»,x» . to get
hence so does the consequent . The s a me idea can be put into symbols, getting a for mal proof in intuitionistic type theory . Let A set , B(x) set (x e A) , C(x ;y) s e t ze (x E A, Y E B(x» , and assume
We now .use the rule of pairing (that «Ax)p(Ap(z,x»,(Ax)q(Ap(z,x»)!
(L.f
E.
(Tl x
E,
A)(Ly e B(xPC(x,y) . If x is an arbitrary elemen t of nelimination , we obtain
! :
A, Le. x e A,then , by
(TIx E A)B(x»)(TIx e A)C(x,Ap(f,x»
Ap(z,x) We now apply left
(E
y e B(x))C(x,y).
(note that, in the last step, the new variable f is introduced and sUbstituted for (Ax)p(Ap(z,x» in the right member) . Finally , by abstraction on z, we (Az)«Ax)p(Ap (z,x»,(AX)q(Ap(Z ,X»)E
to obtain p(Ap(z ,x» E B(x)
(TI x
E
A)(E y
E.
B(x»C( x , y )
and right p r oj e c ti o n to obtain q(Ap(z,x» e C(x,p(Ap(z,x»).
=:> (Ef E (TIx E A)B(x»(nx e A) C(x , Ap ( f ,x ». In ZermeloFraenkel set theory , there is no proof of the axiom of choice, so it must be taken as an ax iom, for which , however, it
By Aabstraction on x (or n .introduction), discharging x E A, we
seems to be difficult to ·c l a i m selfevidence . Here a de tailed
 52 
the axiom of choice has been provided in the form justification of f In mani sorted languages, the axiom of ,choice is of the ,above pr oo • " . . t there is no mechanism to prove 1t. For instance, 1n express ible bU f finite type , it must be taken as .a n axiom . The Heyting arithmet ic 0 is clear when developing intuitionistic '" i om of choice need for the a for i ns t a nce, i n finding the limit of a sequence ' mathematiCs 'atdepth, ti 1 inverse of a surjective function. of reals or par a
The notion of such that In addition to disjoint union ; existential quan t.Lf'Lca t.Lon , cartesian product A X B and. conjunction A & B, the operation a fi.fth Lnt.erpre t a t.Lon : the set of all a ihe set of all a& i [x
E EO
L
has
A such that B(a ) holds.
EO
Let A be a set and B{x) a proposition for x A: B(x.ll> • . 'ha ve an ' element a
EO
A. We wa nt to define
that B(a) holds (which is usuall y . wr i t t e n
EO
A such that B(a) holds means
to have an element a
A together with a proof of B(a), namely an B(a) , Le ·. elemen ts of
element b E B(a). So the elements of the set of all elements of A satisfying B(x) are. pairs (a,b) .wi t h b
E
(Ex E A)B(x) . Then the Lrules play the role of the comprehension axiom (or the separation principle in ZF). The information given by 11 B(a) is called the witnessing information by Feferman • A typib cal application is the following. ,Bxa mpl e (the reals as Cauchy sequences). R =: (LxENQ)Cauchy(x) is the definition of reals as the set of sequences of r a t i ona l
numbers satisfying the Cauchy condition ,
Cauchyf a )
_
(Ve E Q)(e > 0
:=> (3in E
N)(Vn
E
N)(\am+naml
e) ,
where a is the sequence a
a , O' 1 sequence of rational numbers
In this way, a real nu mber i s a with a proof that it satisfies
E
the Cauch1 condition. So, assuming c E R, e
Q and d 'E (e > 0) (in
11 S . Feferman, Constructive theories of functions and classes , Logic Colloquium .78 , Edited by M. Boffa, D. van Dalen and K. McAloon , NorthHolland, Amsterdam , 1919, pp. 159224 .
 54 
 55 
. d d' proof of the pr·op·osi tion e > 0), then, by means other wor s' . 1S a of the projections, we obtain p Cc ) € and q(c) E Cauchy(p(c». Then of two sets. +formation and Ap(Ap(q(c),e),d)
E
Disjoint union of two seta
We now give the rules for the sum (disjoint union or coproduct)
A set (3m
E
B set B set
N)(Vn
E
N)(lam+naml
e).
A+
Applying left projection, we obtain the m we need , i.e.
!
The canonical elements of A + B are formed using: . +introduction
N,
and we now obtain am by applying p(c) to it, Ap(p(c) ,p(Ap(Ap(q(c) ,e) ,d»)
E
a
Q. the
i(a)
E
A
b
E
B
A + B
j(b)
E
A
+
B
Only by means of the proof·q(c) do we know how far to go · approximation desired.
where i and. j are two new primi ti ve constants; their use is to give the information that an element of A + B comes from A or ·B, and which of the two is the case. It goes without saying that we also have the rules of +introduction for equal elements:
b
= dEB
E
i(a)
= i(c)
E A + B
j(b)
= j(d)
A + B
Since an arbitrary element c of A + B yields a canonical element of the form i(a) or j(b), knowing c e A + B means .t h a t we also can de· t e r mi n e from which of the two sets A and B ·the element c comes.
 56 
 51 
+elimination
(x
E A)
€
, ,be c ome ' e vi de n t .
(y
e
E
B)
of two propositions is now interpreted as ' the sum ,o f two sets. We therefore put:
AV B
C E A + B
d(x)
C(i(x»
E
e(y) C(c)
C(j(y»
D(c,(x)d(x),(y)e(y»
==
A + B.
where the premisses A 's e t , B set and C(z) set (z E A + B) are presupposed, although not explicitly written out. We must now explain how to exeaute a program of the new form D(c,(x)d(x),(y)e(y». 'As sume we know c E A + B. Then c will yield a canonical element ita) with a E A or j(b) with b E B. In the first case, substitute a for x in d(x), obtaining d(a), and execute it. By the second premiss, d(a) e C(i(a», so yields a canonical element of C(i(a». Similarly, in the second case, e(y) instead of d(x) must be used to obtain e(b), which produces a canonical element ofC(j(b». In either case , we obtain a canonical element of C(C), since, if c has value i(a) , then c
From the formation and introduction rules for +, corresponding rules ' f o r V : V formation A prop. B, prop.
we
then obtain the
A V B prop. V introduction A true A V B true B true A V B true
= ita)
E A + B and hence C(c) = C(i(a», and, if c has
value j(b), then c
= j(b)
E
A + Band hence C(C)
= C(j(b».
From
this explanation of the meaning of D, the equality rules: +equality (x E A) a E A d(x) E C(i(x»
(y E B)
Note that, if a is a proof of A, then i(a) is a (canonical) proof of A v B, and similarly for B.
v elimina tion
(A true) e(y)
E
(B true) C true
' C(j ( y »
A v B true
C true C true
D(i(a) ,(x)d(x), (y)e(y»
(x E A)
d f a ) E C(i(a»
(y E B)
follows from the rule of +elimination by choosing a family
b E B
d Ix )
E
C(i(x»
eIy) eIb)
E
E
C(j (y»
D(j(b), (x)d(x) ,(y)e(y»
C(j(b»
C == C(Z) (z E A + B) which does not depend on z and suppressing proofs (constructions) both in the premisses, including the assumptions, and the conclusion.
 58 
Example (introductory axioms of disjunction). Assume A set, B set and let x ! A. Then i(x) ! A + B by +introduction, and hence O.x)iex) e A A + B by Aabstraction on x . l f A and B are propositions, we have A and hence B
::>
Propositional equality
We now turn to the axioms for equality. It is a tradition (deri ving its origin from Principia' Mathematica) to call equality in predicate logic identity. However, the word identity is more properly used for definitional equality, or =d f ' discussed e. 2 above. In fact, an . equality statement, for instance, 2 = 2+2 in arithmetic, does not mean that the two members are the same, but merely that they have the same value. Equality in predicate logic, however, is also different our equality a = b E A, because the
A V B true. In the same way, (Ay) j (y) e B  A + B,
A V B true. (DyE B)C(j(y»
Example (eliminatory axiom of disjunction). Assume' A set, B set, C(z) set (z Eo A + B) and let f ! (Tl x e A)C(iex», g and z e A + B. Then, by
!
=
nelimination, from x e A, we have
Ap(f,x) EC(iex», and, . from y e B, we have Ap(g,y) e C(j(y». So, using z E A + B, we can apply +elimination to obtain D(z,(x)Ap(f,x),(y)Ap(g.y»
Eo C(z), thereby discharging .x e A and
former is a proposition, while the latter is a judgement . A form of propositional equality is nevertheless indispensable: we want an equality I(A,a,b), which asserts that a and b are equal elements of
y e B. By Aabstraction on z, g, f in that order, we get
(Ar) (Ag) (Az)D(z, (x)Ap(f,x), (y)Ap(g,y»
E(
nx
E A) C(i (x ) ) 
((
ny
!
B) C(j (y) ) 
(
nz
t
E
he set A, .bu t on which we can operate with the logical operations
A + B) C(z» .
(recall that e.g. the negation or quantification of a judgement does not make sense). In a certain sense, I(A,a,bf is an internal form of =. We then have four kinds of equality:
.i
(1)
This, when C(z) is thought ("Ix E A)C(iex»::>
as a proposition, gives
! B)C(j(y»::> ('Vz ! A + B)C(z»
«"Iy
true.
== or =def. '
B,
b e A,
If, moreover, C(z) does not depend on z and A, B are propositions as well, we have (A ? C) «B :::> C) :::> (A Y B
::>
(2) A (3) a
C»
true.
(4) I(A,a,b).
Equality between objects is expressed in a judgement and must be defined separately for each category, like the category sets, as in (2), or the category of elements of a set, as in (3); (4) is a proposition, whereas (1) is a mere stipulation, a relation between linguistic expressions. Note however that I(A,a,b) true is a judgement, which . wi l l turn out to be equivalent to a = b ! A (which is not to say
 60  61 _
that it has the same sense). (1) is
(sameness . of mean
ing), while (2), (3) and (4) are extensional (equality between objects). As for Frege, elements a, b may have different meanings, or be different methods, but have the same value. For instance, we certainly have 22 = 2+2 Iformation
A set
We would then d as primitive :
i er ve the fOllowing ·r ul e s
'
whi h c we here take instead
Ielimination
N, but not 22 _
2+2.
C
€
I(A,a,b)
a
E.
A
b e: A
Iequality
I(A,a,b) set We now have to explain how to form canonical elements of I(A,a,b). The standard way to that I(A,a,b) is true is to have a
C E
I(A,a,b)
!
=b
E.
A.
c
=r
I(A ,a,b)
Thus the introduction rule is simply: if a
=b
e: A, then there is a
Finally,
.mi t's the
+,
canonical proof r of I(A,a,b). Here r does not depend on a, b or A; it does not matter what canonical element I(A,a,b} has when a = b as long as it has one. Iintroduction a=be:A
.v'
E.
A,
the only rUle formation of families up to now wh i c h perNNW of sets. If only th n' , were allowed e operations L: , we would only . get constant sets. Example (introductor x ! Y aXiom of identity) A. Then x = x ! A • Assume A set and let abstraction on x (A)' and, by Iintroduction, r E l(A,x ,x) . By xr! (\{XE.A)I(A , canonical proof of th 1 . ,x,x). Therefore (Ax)r is a e aw of identity on A.
note that Iformation is
n,
r e: I(A,a,b)
(x ! A)
Also, note that the rule for introducing equal elements of I(A,a,b) is the trivial one: r E I(A,x,x)
a = b
E A
. (Ax) r E
(V x
E A)I (A, x, x)
r = r E. I(A,a,b) We could now adopt elimination and equality rules for I in the same style as for Tl ,
L. .,
+,
namely introducing a new eliminatory operator.
y aXiom of identity) (x E A) • Given a set A and a over A we cl . . correspOnding to L . that the law of equality elbniz's principle that equ 1 I . of indiscernibility a e ements satisfy th hOlds, namely e same properties, property Sex) prop
Example (eliminator
 62 
 63 
( V x E A)( v s e A)( I (A, x , y) .::> (B (x)::> B(y») true.
To prove i t, assume x E A, Y e. A and z 6 .I(A ,x,y) . Then x of s e ts , we obtain w
EO Y EO
is derivable. I t is A and
analogue of the second nequalit y r ul e, wh i c h
E:
could also be derived, provided the TIrules were formulated f o l l owi ng the same pattern as the other rules . Assume prOjection laws , p«x ,y» A, Y e B(x). By the
e B(i) . Then , by
hence B(x) = B(y) by substitution. So, assuming w E B(x), by ·equalit y B(y) . Now, by abstraction on w, z , y , x in that order, we obtain a proof of the ·c l a i m:
=x
6 A and q«x,y»
=y
Eintroduction (equal elements form equal pairs), (p( (x ,y» ,q«x ,y») (x,y)
E
(Ex e. A)B(x) .
(z e. I(A,x,y»
x = Y 6 A
(x
e. A)
B(x) set B(y)
By Iintroduction,
r e I«LX e A)B(x) ,(p«x ,y»,q«x,y»),(x ,y» .
(w 6 B(x»
B(x)
w 6 'B(y)
EO
Fow take the family
in the rule of I:ellmination t o be
B(x) ? B(y)
?
1(0:' x
?
E
A)B(x), (p(z) ,q(\z» ,z) . Then we obtain
E (c , (x , y ) r) e
(AZ)(AW)w
E
I(A,x,y)
(B(x)
B(y»
?
I( ( L x E A)B( x) , ( p ( c ) , q ( c ) ) , c )
E
(AX)(Ay)(Az)(AW)We. ("Ix E A)(Vy 6 A)(I(A,x ,y) ::> (B(x)
B(y»)
and hence, by Ielimination , (p(c),q(c» = c ·e. (Lx
(x
A)B(x) . ( y e B(x»
The same problem (of justifying Leibniz's principle) was solved in Principia by the use of impredicative second order quantification . There one defines (a = b)
e:
A)
(y e B(x»
(x e A)
p«x,y»
=
X"
A
q«x,y» (x ,y)
= y
(1:
E
B(x) A)B(x)
== (V X)(X(a)
(p«x ,y»,q«x ,y»)
?
x
E
X(b»
C E
(L x. e
A) B ( x )
r
E
I«L: x e. A)B(x),(p«x,y» ,q« x , y») ,(x,y»
E
from whi c h Leibniz 's principle is obvious, since it is taken to define t he meaning of identity . In the present language , quantification over
.
"
E(c,(x,y)r) e I«L: x
A)B(x) ,(p(c) , q ( c » . c )
..
propert ies is not possible , and hence the meaning of identi:ty . has: t.o be de fined in anothe r wa y , wi t hout invalidating Leibniz's Example (proof of the converse of the projection ·l aws ) ". We can now prove that the inference rule
C E:
(p(c) , q (c» = c e (1: x e A)B(x) This example is typical. The Irules are used systematically to show the uniqueness of a function , whos e existence is given by a n elimination rule , and whose properties are expressed by the assoc iated equali ty rules.
(Lx e A)B(x)
c = (p(c) ,q(c» e (Ex e A)B(x) .
 611 
 65
1 1es 0 Example (properties and indexed of looking at subsets of a set B: are two 'wa ys
,
f elements).
Finite sets Note tha.t, up to 'now, we have no operations to build up sets
ropositional (1) a subset of B is a P . C(y)
(y
(property)
from nothing, but only operations to obtain new sets from given ones (and from families ' of sets). We now introduce finite sets, whi c h are given outright; hence their set formation rules will no premisses. Actually, we have infinitely'many rules, one group of rules for each
n = O. 1,
EO B); an indexed family of elements
(2) a subset of
b Lx ) E B (x e A).
the equivalence of these two Using the identity rules. we can prove (2) , the corresponding propconcepts. Given an indexed familY as in erty is
N formation
n
N
n
set
(3 x
E
A)I(B,b(X) ,y) (y
E
B), • the corresponding
. N introduction
n (m
and, conversely, given a proper indexed family is p Lx) e B (x
ty as in (1)
= 0,1 • •. .•
ni.t )
So we "ha ve the sets' NO with no elements, N,. with the single canonical
E
(Ey
E.
B)C(y»,
element 0
n
1,
with canonical elements O '1 , etc . 2, 2
N elimination c m
E C(m
n)
,
(m =0, ' 1 • •..• n1)
Here, as usual, the famfly of sets C(z) set (z eN) may be interpreted
n
as a property over N : Assuming we know the premisses , R is explained . n . n· . as follows: firSt execute c, whose result is mn for some m between 0 ' and n1. Select the correspond t ng element c of c(m and continue by n) . ' .. m executing it. The result is a .ca no n Lce L element d e C(C) . since c bas been . seen to be equal to m and c e C(mni 'is a n m sion over the finite set N it is a kind of n; R is recurn cases .
 66 
by the above explanation, From the meaning of Rn , given N _introduction): n rules (note that mn 6 Nn by n
we have the
When C(z) does not depend on z , i t is possible to suppress the proof (construction) not only in the conclusion but also in the premiss. We then arrive at the logical inference rule
.1. el1mina t .Lon
N _equality
n
(m: 0,
' , .. . , n1)
.1.
true
R (m ,co , ·· ·,c n _ , ) n n
C true
, in the conclunfor each , cho i ce of ' m , (one such rule Id b to postulate the rules for n sion) . An alternative approach wou ' e == N + N etc., and , equal to and' oniy, ',d e f i n e N2 :: 'N, + N" N3 , 2
° " ...,
' t r a d i t i o na l l y called ex falso quodlibet. This rule is often used in ordinary mathematics, but in the form (B true) A V B true A true which is easily seen to be equivaient to the form above . Example (about N,). We define
°
then detive all other rules.
no introduction rule Example (about NO)· NO has natural to put elements; it is thus
hence no
.1. true '
The
rule becomes simply : N _elimination
°
Then 0 , is a (canonical) proof of ,lr , since 0, E N, by N,  i n t r od uc tion. So T' is true. W now want to prove that 0, is .in fact the only e R (c ) E: ct c)
we 'u n d e r s t a n d that we shall never f the rule is that ' t R (c) Th e we shall never have to execu eO , • element C6 NO' so that get executing program of the form Thus the set of instructions for b t i ' imilar to the programmi'ng statement R (c) is vacuous . It s s exp'lanation
0
°
element of N"
that is, that the rule ,
introduced by Dijkstra
°
,
is derivable . In fact" , from 0, r
6
N"
we get 0, : 0, 6 N"
and henc e
'2
I(N"O"O;>. Now applt 'N,elimination with I(N"z ,O ,) (z E N,) the assumption c e N"
for the family of sets C(z) (z E N, >. '2 See note 2 .
we get R,(c,r) E I(N"c,O,), and hence c : 0, EN, .
 68 
h definition R,(C,c O) _ Conversely, by making t e N _elimination 'is derivable from the rule
.
Co ,.' the rule of
Consistency What can .we say about the consistency of our system of rules? We can understand consistency i n two different ways : (,) consistency. Then , to prove mathematically theory T, we consider another T', wh i c h
,
c = 0, e N,
Thus the operation R, can and the rule of N,equality trivializes. be dispensed with . We make the definition Example (about N2 ) . Boolean
the consistency of
contains codes for propositions of the original theory T and a predicate Der such that Der('A') expresses the fact that the propos ition A with code ' A' is derivable in T. Then we define Cons 'Der( 'l.')
=. Der( '.L ')::>.l.
==
and (try to) prove that 'Cons is true in of the axioms and rules
==
N2 ·
T' . This method is the only one applicable when, like Hilbert, we give up thehope 'of a seman tical of inference; it could be followed , with success , also f or intuitionistic type theory, but, since we have been as meticuious about its semantics as about its syntax , we have no need of it. Instead, we convince ourselves .di r e c t l y of its consistency in the following simple minded way. (2) Simple minded consistency . This means simply that JL cannot be proved, or that we aha Ll, never have the right to judge .L true (which, unlike the proposition Cons above , is not a mathematical proposition). To convince ourselves of th is, we argue as follo ws : if c e
which consists ' of the two e used in programming Boolean is the typ f I , false . So we could put true == O2 and a se 2' truth values true, R2 ( c ' c 0' c , ) because, if Then we can define if· c Co O then R has the 2(C,C O'c,) which means that c yields 2, c is true , . d R (c c c) has the same 2 '0" . otherwise c yields '2 an same value as C0'
c,
=
value as c,. prove that any elemen t 0 f N2 is either As for N, above, we can in the propositional form O or '2' but obviously only 2 true Example (negation) . If we put '" A:: , A we can easily derive
1 would hold for some element (construction) c , then c woul d
yi.eld a canonical element d e JL ; but this is impossible s ince JL has no canonical element by definiton (recall that we defined JL Thus
==
NO) '
JL
true cannot be proved by means of a system of correct rules.
==
A
==
A
NO
So, in case we hit upon a proof of 1. true, we would kno w that the re must be an error somewhere in the proof; and, if a f or ma l proof of
all the usual rules of negation.
JL
true is found, then at least one of the formal rules used i n it
is not correct. Reflecting on the meaning of each of th e rules of
 10  11 
intuitionistic type theory, we eventually convince ourselves that they are correct; therefore we will never find a proof of JL true using them. Finally , note that , in case , we must rely on the simple minded consistency of at least the theory T' in which Cons is proved in order to obtain the simple minded consistency (which is the form of consistency we really ciare about) from themetamathematical consistency of the original theory T.In fact ; once c • Cons for some c is proved, one must argue as follows: if T were not consistent, we would have a proof in T ·of 1.. true, 91' a ! NO for some a. By coding, this wou l d give 'a'
G
Natural numbers .so far , we have no means of constructing an infinite set. W e the simplest one, namely the set of natural numbers , by the rules : now Nformation N set Nintroduction
Der( '.l') ; then we would obtain Ap(c,'a')! JL ,
i.e . that JL true is derivable in T'. At this point, to conclude that
JL true is not provabie in T, we must be convinced that JL true is
not provable in T'.
o
! N'
a '" N a'
E
N
Note that, as is the case with any other introduction rule a ' ! N is always canonical, whatever element a is Th ' • us a E N means that a has value either 0 or a' wh . 1' . . ere a 1 has value eithe r 0 or a ' 2 ' etc . , until , eventually, we reach an element a which h 1 n as va ue o. Nelimina tion
(x
e: N, y E C(x»
c c: N
d
e C(O)
e(x,y) ! C(x') ! C(c)
R(c,d , (x,y)e(x,y»
where C(z) set (z eN) . R(c,d,(x,y)e(x ,y» i s explained as f ol l ows: first execute c, getting a canonical element of N, whi ch i s eithe r o or a ' for some a N. In the first case , continue by ex e c ut i ng d , which yields a canonical element f EC(O);but, since c = 0 E N i n this case , f is 1 a so a canonical element of C(C) = C(O) . In t he second case, ' sUbstitute a fOr x and R(a d ( ) ( '. ' . . " x,¥ e x, y» ( na me ly , the
 73 
preceding value) for y in e(x,y) so C(a ') (and hence i n C(c) since c R(a ,d,(x ,y)e(x,y»
to
e(a,R(a,d,(x ,y)e(x,y»).
out to be the same concept when propositions are interpreted as sets . Example (the predecessor function). We put
pdf a )
Executing it , we get a canonical f which, by the right premiss, is in a' EN) under the assumption e C(a) . If a has value 0, then R(a,d,(x,y)e(x,y»
== R(a,O, (x,y)x) .
is in C(a) by the first case . Otherwise , continue as in the second case , until we eventually reach the value 0. This exp Lana tLon of the elimination rule also makes the equality rules N e qua l i t y
(x
This definition is justified by computing R(a,O,(x ,y) x) : if a yields 0, then pd(a) also yields 0, and, if a yields b ', then pd(a) yields the same value as R(b',O,(x,y)x), which , in turn, yields th e same ' va l ue as b. So we have pd(O) a, whi ch is the usual definition , but here these equalities .re not definit ional . Mo re precisely , we have
=0
and pd(a')
EA, y EC(X»
d
e C(O)
e(x,y) E C(x')
a E N
pd I a ) e N
R(O ,d ,(x,y)e(x,y»
= d E C(O)
( x E N, Y E C(x»
which is an instance of .N e l i mi na t i on , and pd (0)
a e N
d eC(O)
e(x,y) E C(x')
E
R(a ' , d, ( x , y ) e ( x , y »
= e(a,R(a,d,(x ,y)e(x ,y»)
 t
CIa')
A
o
! N,
pd (a' ) = a E N, evident. Thinking of C(z) (z e N) as third premisses and in the we arrive at Mathematical induction (x EN, . C(x) true)
C E
al function (prop.' which we obtain by N equa l i t y . Using pd, we can derive the third Peano axiom
erty) and suppressing the proofs (constructions) in the second and of the rule of N e l i mi na t i on ,
a'
a
b' E N
beN to 
Indeed, from a' = b' gether with pd(a') (Vx,y)(x' = we s e e
!
N, we obtain pd(a') = pd(b ') E N e Nand pd(b')
N
C(O) true C(c) true
C(x') true
=a
= beN,
yields a
= bE
N by
symmetry and transitivity. We can also obtain it in the usual form
s'
=> x = y) , that is , in the present symbo.lism ;
::> I (N ,x, y»
If we explicitly write out the proof (construction) of that it is obtained by recurs ion.
recursion and induction turn
.(V X ! N) ( V yEN) (I (N ,x' ,y')
true .
In fact , assume x E. N, YE N and z EI(N,x· ,y·) . By Ielim ination, x'
=y'
E N; hence x
= yEN,
from which r e I(N,x,y) by Iintro
a such that Ap(f,b) = 02 e N 2, if such b exists , t h e least
duction . Then , by Aabstraction , we obtain that (AX)(Ay)(Az)r is a proo f (construction) of the claim . Example (addition) . W define e a + b
r(a ,f) =
{ a, o therwise.
Su c h a function will be obtained by. solving the recur sio n equat ions :
(}dO,f)
==
R(b,a ,(x,y)y ').
° E N,
The meaning of a + b is to perform b times l h e successor operation on a . Then one easily der ives the rules: where
lj1(a ' , f)
f :;
C\ x)Ap(f,x') is f shifted one step to the le ft, L e .
a E N
bEN
a + bEN a E N a
+
.Ap (f , x) =.Ap(f ,x') E N (x EN) . In fact , in case the bound is ier o , 2 r (O ,f) = E N, irrespective o f wh a t function f i s . W en the boun d has h
°
suc:es sor form , r(a ',f) = f(a ,f) ' EN , provided that f ( O) = f a l s e == a e N
a + b'
bE N
(a + b)'
°
a E N
e
N
'2 E N ; otherwise , f(a ' ,f) = eN. Therefore to compute r(a ,f ) , we 2 c a n shift f until the bound is 0 , but checking each t ime if th e v alue at
°
° is
true
==
02 or false
==
'2' Even if it admits o f a pr im itive sol ved t hrough h igh e r
from ·which we can also · derive the corresponding axioms of first order arithmetic , l i k e in the preceding example . Note again that the equality here is not definitional. Example (multiplication). W define e
recursi ve solution , the problem is most
e t y p e s, as we shall n6 w see in detail . W wa n t to fi n d a f u n c t i o n r ex) E ( N. N + N (xE N) such that 2)
(r(O) = (AOO E ( N
a • b
+
N, N,
==
R(b ,O ,( x ,y)(y + a» .
ljL(a ')
(),.f)R
2(Ap(f,O)
,0 ,AP(r(a), f)') e (N + N 2)
Usua l properties of the product a . b can then easily be derived . (the bounded W want to solve the problem: e
so that we can define the function f(a ,.f) we ar e ·l oo k i ng f or by putting r(a,f)
given a boolean function f on natural numbers, Le . fEN .N
find 2, the least argument , unde r the bound a EN , for which the value of f is 2)
=
Ap(r(a) ,f). The requirements on rea) may be sat
i sfied t h r o ug h an ordinary p rimitive r e c u r sio n , but on a h i gh e r t yp e ; th is task is fulfilled by the rul e of N e li mi n a ti on. We obtain
tru.e . Th e solution wil l be a function f( x,f) E N (x E N, f E NN sat is f ying :
under the premis ses a
E
N a n d feN 
N and ·h e n c e 2,
Lists Written out in tree form the above proof of r(a,,c) follows: (fE NN (y e (N + N  N) 2) 2) ,
,'i> •
E
N looks as
We can follow ,t he to introduce oiher " o f lists'. Listformation
pattern used
natural ,numbers
defined sets. We see here the example
fEN  N 2
Ap(y,f) EN Ap(f,0)EN o a
€
A set List(A) set where the intuitive explanation is: List(A) is the set of lists of
2
oeN
Ap(y,r)'eN
€
N (AnR
R EN 2(AP(f,0),0,AP(y,f)') 2(AP(f,0),0,AP(y,f)')
E
N
(AnO e (NN2)aoN
(NN
2)+N
f E NN
'e l eme n t s of the set A (finite sequences of elements of A) . 2 Listintroduction
/4(a) = R(a,O.no,(X,y)(AnR/AP(f,O),O,AP(y,f)'»
e (NN
2)N
,..(a,n == Ap(p.(a),n e N Observe how the evaluation of ,..(a,f) == Ap(R(a, (Ano, (x,y) (AnR ,0),0 ,Ap(y,f)'»,n proceeds. First, a 2(Ap(f is evaluated. If the value of a is 0, the value of equals the of a is b !, the value ofr(a,f) equals the value of
a
nil "'List(A)
€
A
b e List(A)
(a.b) E List(A) where we may also use the notation () :: nil. Listelimination
(x
value of Ap«Af)O,f), which is 0. If, on the other hand, the value
EA, Y eList(A) , z e C(y» e(x,y,z)
E:
which, in turn, equals the value of
C E
List(A)
d E: C(nil)
C«x.y»
listrec(c,d,(x,y,z)e(x,y,z»
E C(c)
Next, Ap(f,O) is evaluated . If the value of Ap(f,O) is true Ap(f,O) is false of f(b,!)"
5 '2' then the value of r(a,f) equals
O 2, then the value of f(a,f) is O. If, on the other hand, the value of value
=
where C(z) (z E List(A»
is a family of sets. The instructions to exe
cute listrec are: first execute c, which yields ' either nil, in which case continue by executing d and obtainf e C(nil) = C(c), or (a .b) with a E A and b E List(A); in this case, execute e(a,b,listrec(b,d,(x,y,z)e(x,y,z») which yields a canonical element
 78 
f & C«a .b)) =,C(c) . if we put g(c) _ then f is the value of e(a ,b ,g(b ) .
listreb(c,d,(x ,y ,z)e(x,y , z)) ,
1
,
l
....
W l l or de r i ng s e The concept, of wello'rdering a nd the principle of tra ns f i ni te
Lis tequali t y ( x e A, y & List (A), z E C(y» d E C(nil) , e( x, y ,z) E C«x . y» = d & C(nil) :
induction were first introduced by Cantor . Once the y had been f o rmulated in ZF , however , they lost their original compu ta tional c ontent . W can construct ordinals intuitionistically a s wel lfounde d e trees, which means that they are no longer totally orde red. W f or ma t i on
(x
tistrec(nil,d ,(x ,y,z)e(x , i , z»
, ( x E A, Y E Li st(A), z E C(y»
," A)
, a E. A
b ' E List{A)
d E C(nil)
e(x,y,z) 'E C«x .y » A set (Wx
E
B(x) set A)B( x) set
= e(a ,b ,listrec(b ,d,( x , y ,z )e(x,r ,z») E Simila r rule s could be gi ve n for f i ni te trees and other inductively define d concepts .
W t does i t mean for c to be an element of ( Wx e A)B( x) ? It mea ns ha that, whe n calculated , c yields a value of the form sup( a ,b) f or some 'a and b , where a E A and b is a function such that , f or an y choice of an element v sup(a
l,b l ) , whe r e a l
E
B(a) , b applied to v yie l ds a val ue A and b
l
i s a function such t ha t , f or an y
choice of v
in B(a ) , b appl ied to v has a value sup( a ,b , et c ., l l l l 2 2) until in any case (i .e . ho wever the success ive choices a re made) we , where B( a n) n) i s empty , so t hat no choice of an e lem e nt in B(a ) i s poss ib le . The
n '
eventually r ea c h a bottom element of t he form sup(an ,b
following picture, in whi c h we loosely wr it e b( v) f or Ap(b ,v ) ; ca n help (look at it from bottom to top) :
then it holds for sup(a,b) itself), then C(c) holds for an arbitrary c E (Wx e (V x c E (Wx E A)B(x)
E.
A bit more formally , A)(Yy e B(x)  (Wx
!
A)B(x» G(sup(x ,y») true
«'Iv
E
B(x»G(Ap(y ,v»
G(c) true Now we resolve ·t hi s , c sup(a,b) premisses is that G(sup(x,y» the Welimination rule . One of the is true , provided that x E A, is t rue . Letting in
By the preceding explanation, the following rule for introducing canonical elements is justified: Wintroduction a E A b
!
Y E B(x)(Wx E A)B(x) and (Yv EB(x»G(Ap(y,v»
d(x,y,z) be the function which gives the proof of G(sup(x,y» terms of x E A, Y E B(x) _ (Wx
E
A ·)B(x) and the proof z of
(Vv eB(x»C(Ap(y ,v», we arrive at the rule B(a) (Wx e A)B(x) .W e l i mi na t i on . (x e A, y e B(x) + (Wx e A)B(x), z
C
E. E.
sup(a ,b) e (Wx E A)B(x) Think of sup(a,b) as the supremum (least ordinal greate r than ail) of the ordinals b(v), where v ranges B(a). We migh t also have a bottom clause, 0 E (Wx E A)B( x) for instance, but we obtain 0 by taking one set in B(x) set (x EA) to be the empty set: i f a (y e: B(a ement . From the explanation of what an element of (Wx E A)B(x) is ,. we see the correctness of the elimination rule, ·which is at the same · time transfinite induction and transfinite recursion . The appropriate principle of transfinite induction is: if the property G(w) (w
E
E A and B(a : . No ' then RO(y) E (Wx E A)B(x) o) O so that sup(aO ,(Ay)RO(y» E. (Wx e A)B(x) is a . bo t t om el
(TTv E B(x»C(Ap(y ,v»)
(WXE A)B(x)
d(x,y,z) e G(sup(x,y»
T(c,(x,y,z)d(x ,y ,z» E G(c) where T("c,(x,y,z)d(x,y,z» is executed as follows . First execute c , which yields aup Ia j .b )
,
where a e A and b e B(a) _
(Wx E A)B(x) . Select
O»
the components a and b and substitute them for x and y in d , obtaining . d(a,b,z). We must now substitute for z the whole sequence of previous function values . This sequence is (AV)T{Ap(b,v),(x,y,z)d(x,y,z» , because Ap(b ,v) E (Wx E A)B(x) (VE B(a» is the function which enumerates the subtrees (predecessors) of sup(a,b). Then d(a,b,(Av)T(Ap(b,v),(x ,y,z)d(x,y,z)}) yields a canonical element e E G(c) as value under the assumption that T(Ap(b,v),(x,y,z)d(x,y,z»
E
(Wx
E
A)B(x»
is inductive (Le . i f i t holds f'or ail preE
decessors Ap(b,v) e (Wx
A)B(x) (v
!
B(a»
of' an element sup La b ) ,
j
G(Ap(b,v»
(v e B(a» .
 82 
 83 _
If we wri t e
f(c)
== T(c , (x,y,z)d(x,y,z» , then, when c yields
We can giv e pictures :
(') i f
sup(a,b), f(c) yields the same value as d(a,b,(Av) f(Ap(b,v») . This · explanation also shows that the rule W e qua l i ty (x
E
A, y  B(x)  (Wx "A)B(x) , z e (Ilv "
E:
E:
B(x»C(Ap(y ,v») is
a e
A
b e B(a) .. (Wx
A)B( x )
d(x ,y ,z) " C(sup(x,y»
in C' ,
then we can buil d th e succ essor
oc ' :
= d(a,b ,(Av)T(Ap(b ,v),(x ,y ,z)d(x ,y ,z»)
i s co rrect .
E
C(sup(a,b»
Example (the first number c lass) . Havt"ng access to the W ope r a tion and a family of sets B(x) (x e N such that B(02) = NO and 2) B('2) = N" we may define the first number class as ( Wx E N ) B( X) 2 instead of taking i t as primitive . Example (the second number class) . W give here the rules for a e simple set of ordinals , namel y the s e t general r ul es for we l l or de r i ngs. "  format ion " set Cantor gene rated the second number class from the initial ordinal 0 by applying t he f oll owi ng t wo principles : ( 1) given
01 E
,( 2 ) i f
() of all ordinals of the secis a sequence of ordinals in 0
:
ond numbe r class , an d show how they a re obtained as i ns t a nce s of the
,
then we can build the sup rem um
So
0( '
o
wil l be inductively defined by the three rules :
Cl , fo rm the successor
e:
CJ ;
( 2) g i ven a sequence of ordinals 0(0' 0(, ,0(2 ' ... i n
0 , form the
a'
E
l east o rd inal i n Cl greater than each element of the sequence .
C;
Transfinite induction over
(x E
C E
0
is evident, and it is given by
(z
I
, =•.
1.  ..
.
.
C , C(x) true)
C(x ') true C(c) true
E NO, (Vn C(sup(z»
E
N)C(Ap(z,n» true
true)
C
C(O) true
:whe r e B(x) (x E N3) is a family of sets such that B(03) = No , B(l;) = Nl ·a nd B(2 3) = N. Such a can be construc ted by means . of' ·t he universe rules. Example (initial elements of wellorderings). We want to show
where C(z) (z EO) is a property over 0 . Writing it with proofs, we obtain
that, if at ·l eas t one index set is empty, then the wellordering (Wx E A)B(x) is nonempty. Recall that we want to do it i nt ui t i onistically, and recall that A true is equivalent to A nonempty , so that .A true is equivalent to A empty . So our claim ..is :
o elimination
(x E 0, Y E C(x»
C E
(z E NCl, WE (Tln
E
N)C(Ap(z,n»
(3 x
E
A)
E
(Wx e A)B(x) true. 'B(x) and
0
d E C( 0)
e(x,y) E C(x')
f(z,w) E C(sup(z» To see this, assume x e A, y E C(c) Ap(y,v)
!
T(c,d,(x,y)e(x,y),(z,w)f(z ,w»
NO
=JL
v
E B(x). Then
and hence RO(Ap(y,v» (Wx
!
E
E (Wx E A)B(x), appiying
whe r e the transfinite recursion operator T is executed as follows . First , execute c. We distinguish the three possible cases: if we get 0 EO , the value of T(c,d,(x,y)e(x,y),(z,w)f(z,w» is the value of d
E
the rule of NOelimination. We now abstract on v to get (AV)RO(AP(y ,v» E B(x) A)B(x) and, by A)B(x). Assuming z
E
sup(X,O,V)RO(Ap(y,v») E (Wx by · t elimination, we have
(Ex
E
A) ...... B(x) ,
C(O); e (Wx EA)B(x) ,
if we get a', then the va l ue is the value of e(a,T(a,d,(x ,y)e(x ,y) ,(z,w)f(z ,w») ; if we get sup(b), we continue by executing f(b,(AX)T(Ap(b,x) ,d,(x,y)e(x,y),(z,w)f(z,w»). In any case, we obtain a canon ; c a l · e l eme nt of C(c) as result. • It is now immediate to check that we can obtain all (including of the Wrules if we put Clrules Clequality, which has not been spelled out) as instances
from which , by Aabstraction on z, (AZ)E(z, (x,y)sup(x, ()W)RO(AP(y,v»» e 0:: x
E
A) ..... B(ic) __ (Wx
E
A)B(x) .
We now want to show a converse . However, note that we cannot have (Wx
E
A)B(x) 
(3 x
E
A) oBex) true, because of the intuition 
·i s t i c meaning of the existential quantifier. But we do have : (Wx E A)B(x)_ ..... ( Vx Assume x e A,
y
E
A)B(x) true.
e B(x) 
(Wx
!
A)B(x) and z E. B(x)  NO' Note that
 86 
 87 ...
B(x) _ NO _
(Tl v e B(x»C(Ap(y,v»
for C(w)
==
NO' so that we can
'E
Universes So far, we only have a structure of finite types, because we 'c a n only iterate the given set forming operations starting from I(A,a,b), NO' N, i ... and N a finite number of are obtained by introducing 'To strengthen language, we can add transfinite types , which in our language Recall that there can be no
apply the rule of
Assuming f E (nx
A)B(x), we have
Ap(f,x) E B(x), and hence also Ap(z,Ap(f,x»
E NO' Ap(z,Ap(f,x)
takes the role of d(x,y ,z) in the rule of Welimination. So, if we assume w E (Wx E A)B(x), we obtain T(w,(x,y,z)Ap(z,Ap(f,x») E NO' Abstracting on f, we hage (\f)T(w,(x,y,z)Ap(z;Ap(f,x») and, abstracting on w, we have (\W){Af)T(w,(x,y,z)Ap(z,AP(f,x») e (Wx e A)B(x) .(Vx
E
E E
A)B(x),
set of all sets, because we are not able to exhibit once and for all all possible set forming operations. (The set of all sets would have to be defined by prescribing how to form its canonical elements, i.e . A)B(x). sets . But this is impossible, since we can always perfectly well de scribe new sets, for instance, the set of all ,s e t s itself.) However , we need sets of sets , for instance, in category theory. The idea 'is to define universe as the least set closed under certain specified set".f' o rmf.n g operations . The operations we have been using so f'ar are :
(x e.A) (x E A)
A'set (Tl x
E
B(x) set A)B(x) set
A set
(L
B(x) set
E
A set A
+
B set B set
x
A)B(x) set
(x e A)
A 'set
b,
c E A N,set • . • N set
A set
Bf x ) set
I(A,b,c) set
(Wx E A)B(x) set
There are two possible ways of building a universe, i .e . to obtain closure under possibly transfinite iterations of such operations . Formulation
a
la Russell. Consider n, I: , .. . both as, set
forming operations and as operations to form canonical e lements of
t he set U, the un i vers e . Thi s is Formulation
i n r amifie d t yp e t he ory .
a e U
a
la Tarski . So c a l l e d because of th e s i mi l a r i t y definition . t o buil d the
b e T(a)
. c e T(a)
a
E U
b e T(a)
C
E
T(a)
between the family T(x)(x e U) below and Tarski's We use new symb ols, mirroring (reflecting ) T1 , recursion theory) . So we will have the rules: Uformation
Ha,·b,c) e U
L , .. . ,
T(i(a, b,c»
= I(T(a),b,c)
o f U. Then U.consists of indices o f sets (like in T(n, )
n
E:
U
a
U set
E U
T(o)
=N
(x
T(a) s et (xET( a » U an d T(x)(x
E
U) a r e
by a simult an eous t r an sfini te i nduQtion,
EO
T(a »
E
wh i c h, as usual , .c a n be read off the f ollowing introduction ruies: U i n t r oduc t io n
(x E
a
E
U
b( x )
E
U
a
EO
U
b ( x)
U
T(a»T(b(x»
w(a,(x)b(x»
E
U
T(w( a ,(x)b(x ») = (Wx
E
T(a»
E
(x
E
T(a»
We co uld at .t hi S poi nt itera t e the process, ob t a i ni ng . a second univer.se U'wi th the two new intro.d :uction rules: u.e U' T' (u ) = U
a e U
n
b(x)
U
a
E
U
.b (x ) e. U (nx
E
(a ,(x )b(x»
e U
T( rr ( a, (x )b(x »)
T( a) ) T( b( x»
a
(x
E
E U
T(a»
E
E
(x a e U T( a(a,bdb(x»)
E
T(a»
EO
a
E
U
t ( a) e U ' then a th ird In U'; , .a n d
a
0"
E
U
b(x)
U U
bC ) x
U
T' (t (a »
T(a )
(a , (x Ib Ix )
(Lx e T(a»T(b(x»
so
on .
a la Rus sell , T disappears an d we· on I y use capital l e tt e r s . So the above ru les are turned into:
. Uformati on '
a e U
b E U
a E U
b E U
a
+ ·b E U
T(a + b ) = T(a ) + T(b )
U s et
A e 'U
A set ·
Uintroduction
(x e A)
(x Eo A)
but it is not small. Using U, we c a n form t ransfini te t ypes (using a recursion with value in U, for instance) . The set V
U
=
(Wx ! U)T(x) (or , in the formulation
a
la Russell ,
A e U
B(x) Eo U
E
A e U
B(x)
E
E
simply (WX E U)X) has been used by Aczel'4 to give meaning to a con structive version of ZermeloFraenkel set theory via intuitionistic type theory . Example (fourth Peano axiom). W now want to . prove ·t he fourth e
(nx
A)B(x)
E
U
(L x
A)B(x)
€
U
A e U
A + B
E
B E U
A E U
b,
E
c eA . U
Peano axiom, which is the only one not trivially derivable from our rules. So the claim i s:
(\Ix e N)
U
I(A ,b ,c)
tru e.
N
e
U
We use Urules in the proof ; it is probably not possible to prove it otherwise . From N set,
°e
N, x EN we have x ' e Nand I( N,O ,x ') set .
(x e A)
Now assume y
!
I(N,O,x') . Then, by Ielimination,
° : x'
troduction , nO e U and n, eU. Then we define f(a)
A
E
U
B(x) e U
=
e N. By Uin 
R(a ,no ,(x ,y)n ,) ,
(Wx e A)B(x) e U However, U i tself is not an elemnt of U. In fact, the axiom U E U '3 leads to a contradiction (Girard's paradox ) . We say that a set A is small , or a Uset , if it has a code a E U,that is, 'if there is an element a E U such that T(a) generally, a family small A(x" . " , x ) (x, E A" .• . , x n e An( x" .. . • ,x n_, » is said 'to n provided A(X, , '" , x ) : T(a(x, , " •.,x n (x, E A" ...• , . n x e A (x,,·••• ,x for some indexing function a(x" .•.. ,x n) .. n n n. / E A x e A (x .. . x So the category of small sets ( x, : , " .. , n n' , , n' ' . i s closed under the oper.ations E ., n , etc. U is a perfectly good . set,
° : x'
so that f(O) : nO e U and f(a') : n, e U provided that a e N. From e N, we get, by the equality part of the Nelimination rule ,
!
R(O,nO,(x,y)n,) : R(x',no,(x,y)n,) try and transitivity, nO : n,
E
U. But R(O ,nO ,(x ,y)n,) : nO e U
and R(x ',no,(x,y)n,) : n, e U by the rule of Nequality . So , by symmeU. · By the (implicitly given) equality part of the Uformation rule , T(n : NO : T(n,) ' Hence ; from T(n o) O) and T(n,) : N,,' NO: N,. Since 0, eN" we also have O, .E .N ' So O (AY)O, e I(N,O,x') NO and (AX)(AY)O, E (Yx EN) 'I(N ,O , x ') . We remark that, while it is obvious (by reflect ing on its meaning) that 0: a' EN is not provable , a proof of posi tional function which is '4 true seems to involve treating sets as elements ift order :to def ine a pro
A.
,»
»
».
e:y
1.
on
° and
T on a ' .
'3 J . Y. Gir.a·rd, Interpretation fonctionnelle et .de s coupures de l 'arithmetique d'o rdre superieur, These, Universite .Pa r i s VII, ' 972.
. P. Aczel, The type theoretic interpretation of constructive ' s e t theory, Logic Colloquium 77, Edited by A. Macintyre , L. Pacholski and J . Paris, NorthHolland, Amsterdam , '978, pp . 5566 . '
This action might not be possible to undo. Are you sure you want to continue?
We've moved you to where you read on your other device.
Get the full title to continue listening from where you left off, or restart the preview.