Cut Elimination for a Logic with Definitions and Induction Raymond McDowell

profil-nechor-2012 - Raymond Mcdowell

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

28 pages

English

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

A propos
Informations
Extrait

Description

Niveau: Supérieur

dissertation

Cut-Elimination for a Logic with Definitions and Induction Raymond McDowell Department of Computer Science Widener University Chester, PA 19013 USA Dale Miller Department of Computer Science and Engineering 200 Pond Laboratory The Pennsylvania State University University Park, PA 16802 USA May 15, 1998 Abstract In order to reason about specifications of computations that are given via the proof search or logic programming paradigm one needs to have at least some forms of induction and some principle for reasoning about the ways in which terms are built and the ways in which computa- tions can progress. The literature contains many approaches to formally adding these reasoning principles with logic specifications. We choose an approach based on the sequent calculus and design an intuitionistic logic FO?∆IN that includes natural number induction and a notion of definition. We have detailed elsewhere that this logic has a number of applications. In this paper we prove the cut-elimination theorem for FO?∆IN, adapting a technique due to Tait and Martin-Lof. This cut-elimination proof is technically interesting and significantly extends previous results of this kind. 1 Introduction As one attempts to prove a given sequent by placing above it an inference rule, zero or more unproven sequents will arise for the premise of the inference rule and these sequents will, in general, involve some different formulas than the conclusion sequent. Such changes in sequents during the search for a proof have been used to provide a rich and flexible framework for the specification of a wide range of computations.

order abstract

order quantification

quantification over

nt ?

logic specifications

intuitionistic logic

higher-order abstract

Sujets

Dissertation

McDowell

Intuitionistic logic

Informations

Publié par	profil-nechor-2012
Nombre de lectures	11
Langue	English

Extrait

Cut-EliminationforaLogicwithDeﬁnitionsandInductionRaymondMcDowellDepartmentofComputerScienceWidenerUniversityChester,PA19013USADaleMillerDepartmentofComputerScienceandEngineering200PondLaboratoryThePennsylvaniaStateUniversityUniversityPark,PA16802USAMay15,1998AbstractInordertoreasonaboutspeciﬁcationsofcomputationsthataregivenviatheproofsearchorlogicprogrammingparadigmoneneedstohaveatleastsomeformsofinductionandsomeprincipleforreasoningaboutthewaysinwhichtermsarebuiltandthewaysinwhichcomputa-tionscanprogress.Theliteraturecontainsmanyapproachestoformallyaddingthesereasoningprincipleswithlogicspeciﬁcations.WechooseanapproachbasedonthesequentcalculusanddesignanintuitionisticlogicFOλΔINthatincludesnaturalnumberinductionandanotionofdeﬁnition.Wehavedetailedelsewherethatthislogichasanumberofapplications.Inthispaperweprovethecut-eliminationtheoremforFOλΔIN,adaptingatechniqueduetoTaitandMartin-Lo¨f.Thiscut-eliminationproofistechnicallyinterestingandsigniﬁcantlyextendspreviousresultsofthiskind.1IntroductionAsoneattemptstoproveagivensequentbyplacingaboveitaninferencerule,zeroormoreunprovensequentswillariseforthepremiseoftheinferenceruleandthesesequentswill,ingeneral,involvesomediﬀerentformulasthantheconclusionsequent.Suchchangesinsequentsduringthesearchforaproofhavebeenusedtoprovidearichandﬂexibleframeworkforthespeciﬁcationofawiderangeofcomputations.Ofcourse,tomakeproofsearchresembleacomputationalprocess,thecutruleneedstobeavoided;thatis,whenattemptingtomodelacomputationbyconstructingaproof,itseemssensiblenottoobligethesearchtoalsosearchforlemmastoestablish.Thesearchforlemmasispartofthecreativeactivityofmathematicianswhentheylookforproofsanddoesnotseempartofthenotionofmechanicalcomputation.Thecut-eliminationtheorem,whenavailable,couldbeusedtoarguethatthesearchforcut-freeproofsisacompleteproofprocedure.Thelogicprogrammingparadigmcanbedeﬁned,atleastabstractly,usingthisnotionofproofsearch,althoughafurtherrestrictiononthesearchofproofsisoftenmade.Inparticular,thenotionof1

“goal-directedsearch”thatseemstobeanaturalaspectofthelogicprogrammingparadigmhasbeenformulatedusingthetechnicalnotionofuniformproof[18,17].Toretaincompletenessofuniformproofs,restrictionsonlogicalformulasneedtomaintained.Forexample,completenessofuniformproofscanbeachievedinclassicallogicbyrestrictingtoHornclauses[19];inintuitionisticlogicbyrestrictingtohereditaryHarropformulas[18];andinlinearlogicbychoosingtheproperlogicalconnectives[1,17].Therearenumerousexamplesofspecifyingcomputationswithintheselogicsandwithusingmeta-theoreticpropertiesofthoselogicstoinferpropertiesofcomputations.Weonlymentionafewoftheseexampleshere.Intuitionisticlogichasbeenusedtospecifyboththedynamicandstaticsemanticsoffunctionalprogramminglanguages[10],andtheoremsthatrelatethesetwosemantics(suchassubjectreductionortypepreservation)arerenderedassimpleconsequencesoftheprooftheoryofintuitionisticlogic[14].In[17],variouslinearlogicencodingsofsimpleobjectswithstatearegivenandprovedequivalentwithinlinearlogic.Alsointhatpaper,asmallprogramminglanguagewithreferencesisspeciﬁed,andtechniquesforprovingtheequivalenceoftwoprogramsaregivenbasedonresolutionwithinlinearlogic.In[2],ChirimarprovidestwospeciﬁcationsoftheoperationalsemanticsoftheDLXRISCprocessor[20],onecapturingitssequential,machinecodesemanticsandtheothercapturingitsconcurrent,pipe-linedsemantics.Usingsimplepropertiesofproofsinlinearlogic,heisabletoformallyshowtheequivalenceofthosetwospeciﬁcations.MovingfromtheclassicaltheoryofHornclauses(thelogicalfoundationsofProlog)toalloflinearlogic(asintheForumspeciﬁcationlanguage[17])greatlyincreasestheexpressivepowerofthelogicprogrammingparadigm.WhileHornclausesare,ofcourse,powerfulenoughtospecifyallcomputations,suchspeciﬁcationsneedtorepresentmostofthedynamicsofacomputationwithinatomicformulas,thatis,withinthenon-logicallayerofthelanguage.Asaresult,deeppropertiesoftheambientlogic,suchascut-elimination,areofonlylimitedusewhenreasoningaboutHornclausespeciﬁcationssincesuchpropertiesonlysupplymeaningforthelogicalconstants.Asmoreexpressivelogicsareused,moredynamicsofacomputationcanbecapturedbyvariousaspectsofthelogic,andthisincreasesthelikelihoodthatpropertiesofthelogiccanbeusedtoderivepropertiesofthespeciﬁedcomputations.Thereisadiﬀerence,however,betweenspecifyingacomputationandreasoningaboutacom-putation,and,inparticular,reasoningaboutcomputationoftenrequiresinductionandsomewaytoconsideringallpossiblepathsthatagivencomputationcouldproceedoragivenobjectcouldhavebeenconstructed.Intheliterature,therehavebeenvariousapproachestoprovidingforthesemissingfeatures.Withintypetheory,forexample,inductionoverdatastructuresandoverproofscanbeusedforreasoningaboutcomputations[21].Withinlogicprogramming,therearevariouswaystoturntheclosedworldassumptionintoaproofprinciple,suchasSLDNF[4].Inthispa-per,weconsideranotherapproachthatintroducesnewinferencerulesintothesequentcalculusofintuitionisticlogic.Inparticular,weaddtothesequentcalculusaruleforinductiononnaturalnumbersandinferencerulesfortreatinglogicspeciﬁcationsasdeﬁnitionsinsteadofastheories.OurapproachtodeﬁnitionsfollowslinesdevelopedbySchroeder-Heister[25],Eriksson[5],Girard[9],andSta¨rk[28].Ourneedsforreasoningaboutspeciﬁcations,however,forcedustodevelopasingleextensiontointuitionisticlogic,calledFOλΔIN(pronounced“fold-n”),thatgoesbeyondthelogicsstudiedinpreviousworks.Inparticular,weneededonelogicthatallowedfornotonlyinductionanddeﬁnitionsbutalsoforhigher-orderquantiﬁcation(butnotpredicatequantiﬁcation)sincewewishedtotreathigher-orderabstractsyntax[23].Whendesigninganewsequentcalculustobeusedforreasoning,2

itisimportanttoestablishacut-eliminationtheoremsincethisoneresultcanbeusedtoshowtheconsistencyofthelogicaswellasthattheconsequencerelationisclosedundermodusponens.ThekeyfeaturesofFOλΔIN(induction,deﬁnitions,andhigher-orderquantiﬁcation)interactincomplicatedways,sopreviouscut-eliminationproofsforlogicswiththesefeaturesinisolationdonotcarryovertothisnewsystem.Thebulkofthispaperisapresentationofaproofofcut-eliminationforFOλΔIN.Thepaperisorganizedasfollows.Inthenextsection,webrieﬂydescribesomeusesthathavebeenmadeofFOλΔIN.Insection3weintroducethelogicandsomeofitsbasicproperties.WeproceedinSection4togiveanoverviewofthecut-eliminationproof.Section5speciﬁesthereductionrulesthatwillbeusedtoeliminateapplicationsofthecutrule.Thisisfollowedbyasectionwhichprovidessomeauxiliarydeﬁnitionsandtheirproperties.Section7containstheproofofcut-elimination.WeconcludewithabriefcomparisonofourworkwithrelatedworkofMartin-Lo¨fandSchroeder-Heister.2ApplicationsofFOλΔINOneuseofFOλΔINhasbeentoreasonaboutHornclauseprograms.Forexample,Hornclausescanbeusedtospecifyapredicatethatrelatesalisttoitslengthandanotherpredicatethatrelatestwolistsiftheyarepermutationsofeachother.ItisaneasymattertogiveaproofinFOλΔINthatiftwolistsarepermutationsofeachother,thenthosetwolistshavethesamelength[13,Chapter2].ManysimilartheoremscanbefoundthroughoutMcDowell’sdissertation[13].Asweshallsee,theintegrationofdeﬁnitionsintosequentcalculusmakesitpossibletoperformacaseanalysisonpossiblewaysthataspeciﬁedcomputationcanprogress.Ifexploitedproperly,itispossibletocapturenotionssuchassimulationandbisimulationbetweentwoprocesses.Thepaper[16]showshowthiscanbeaccomplishedinabstracttransitionsystemsandCCS.AﬁnalareawhereFOλΔINhasbeenusedtoreasonaboutspeciﬁcationsisintheareaoflogicalframeworksandhigher-orderabstractsyntax.Logicalframeworkshavebeensuccessfullyusedtogivehigh-level,modular,andformalspeciﬁcationsofmanyimportantjudgmentsintheareaofprogramminglanguagesandinferencesystems.Thesejudgments,suchas“thetermMdenotesaprogram”,“theprogramMevaluatestothevalueV”,and“theprogramMhastypeT”,arerepresentedbypredicatesinthespeciﬁcationlogicorbytypesinadependenttypecalculus.Oneoftheadvantagesofsuchformalspeciﬁcationsisthattheyallowlogicalandmathematicalanalysestobeusedtoprovepropertiesaboutthespeciﬁedsystems.Giventhespeciﬁcationofevaluationforafunctionalprogramminglanguage,forexample,wemaywishtoprovethatthelanguageisdeterministicorthatevaluationpreservestypes.Onechallengeinreasoningaboutsuchspeciﬁcationscentersontheuseofhigher-orderabstractsyntax,anelegantanddeclarativeencodingofabstractionandsubstitution[23].Withmostap-proachestosyntacticrepresentation,thedetailsofvariablebindingandsubstitutionmustbecare-fullyaddressedthroughoutaspeciﬁcation,andtheoremsaboutsubstitutionandboundvariablescandominatethesystemanalyses.Withhigher-orderabstractsyntax,ontheotherhand,thesefeaturesarespeciﬁedconciselyandtheirbasicpropertiesfollowimmediatelyfromthespeciﬁcationlogic.However,reasoningwithinalogicalframeworkaboutsystemsrepresentedinhigher-orderabstractsyntaxhasbeendiﬃcultsincethelogicsthatsupportthisnotionofsyntaxdonotprovidefacilitiesforthefundamentaloperationsofcaseanalysisandinduction.Moreover,higher-orderabstractsyntaxleadstotypesandrecursivedeﬁnitionsthatdonotgiverisetomonotoneinductive3

operators,makinginductiveprinciplesdiﬃculttoﬁnd.In[14]theauthorshaveshownthatthesediﬃcultiescanbeovercomewithinFOλΔIN.See[13,14]formoreonhowFOλΔINcanbeusedasameta-logicforanintuitionisticandlinearlogicalframework.ThePiderivationeditorofEriksson[6]wasdesignedfortheﬁnitarycalculusofpartialinductivedeﬁnitions[5].BecauseofFOλΔIN’scloserelationshipwiththeﬁnitarycalculusofpartialinductivedeﬁnitions,thePieditorcanbeusedtoconstructFOλΔINderivations.ThemanyexamplesofspeciﬁcationsandproofsinFOλΔINreportedin[13,14]wereconstructedusingthiseditor.Dependenttypedλ-calculihavebeenusedtospecifycomputationsinwaysanalogoustothelogicprogrammingsettingpresentedhere[22].Schu¨rmannandPfenning[26]presentedameta-logicforsuchadependenttypedλ-termsthatcanbeusedtoreasonabouthigher-orderdeductionsinwayssimilartousesofFOλΔIN[14].3TheLogicFOλΔINThebasiclogicisanintuitionisticversionofasubsetofChurch’sSimpleTheoryofTypes[3]inwhichmeta-levelformulaswillbegiventhetypeo.Thelogicalconnectivesare⊥,>,∧,∨,⊃,∀τ,and∃τ.Thequantiﬁcationtypesτ(andthusthetypesofvariables)arerestrictedtonotcontaino.ThusFOλΔINsupportsquantiﬁcationoverhigher-order(non-predicate)types,acrucialfeatureforhigher-orderabstractsyntax,buthasaﬁrst-orderprooftheorysincethereisnoquantiﬁcationoverpredicatetypes.WewillusesequentsoftheformΓ−→B,whereΓisaﬁnitemultisetofformulasandBisasingleformula.ThebasicinferencerulesforthelogicareshowninTable1.Inthe∀Rand∃Lrules,yisaneigenvariablethatisnotfreeinthelowersequentoftherule.Themulticut(mc)ruleisageneralizationofcutduetoSlaney[27],andisusedtosimplifythepresentationofthecut-eliminationproof.Weintroducethenaturalnumbersviatheconstantsz:ntforzeroands:nt→ntforsuccessorandthepredicatenat:nt→o.TherightandleftrulesforthisnewpredicateareΓ−→natIΓ−→natznatRΓ−→nat(sI)natR−→BzBj−→B(sj)BI,Γ−→CnatI,Γ−→CnatL.Intheleftrule,thepredicateB:nt→orepresentsthepropertythatisprovedbyinduction,andjisaneigenvariablethatisnotfreeinB.ThethirdpremiseVofthatinferencerulewitnessesthefactthat,ingeneral,Bwillexpressapropertystrongerthan(Γ)⊃C.BecausetheinductionpredicateBinthenatLruleisnotnecessarilyasubformulaoftheformulaCoranyformulainΓ,thesubformulapropertydoesnotholdforFOλΔIN.Infact,wecanderivethefollowinginferencerulefromtheinductionrule:−→BB,Γ−→CnatI,Γ−→C.Thisderivedruleresemblesthecutrulebutrequiresanatassumption.AlthoughFOλΔINdoesnothavethesubformulaproperty,thecut-eliminationtheoremstillprovidesastrongbasisforreasoningaboutproofsinFOλΔIN[13,14,16].Infact,theformulationofthenatLruleandthefailureofthesubformulapropertyreﬂectthefactthatinactualmathematicalpractice,ﬁndingthe4

Table1:InferencerulesforthecoreofFOλΔIN⊥,Γ−→B⊥LΓ−→>>RB,Γ−→DC,Γ−→DB[t/x],Γ−→CB∧C,Γ−→D∧LB∧C,Γ−→D∧L∀x.B,Γ−→C∀LΓ−→BΓ−→C∧RΓ−→B[y/x]∀RΓ−→B∧CΓ−→∀x.BB,Γ−→DC,Γ−→D∨LB[y/x],Γ−→C∃LB∨C,Γ−→D∃x.B,Γ−→CΓ−→B[t/x]Γ−Γ→−→B∨BC∨RΓ−Γ→−→BC∨C∨RΓ−→∃x.B∃RΓ−→BC,Γ−→DB,Γ−→CB⊃C,Γ−→D⊃LΓ−→B⊃C⊃RA,Γ−→Ainit,whereAisatomicB,B,BΓ,Γ−−→→CCcLΔ1−→B1∙∙∙Δn−→BnB1,...,Bn,Γ−→Cmc,wheren≥0Δ1,...,Δn,Γ−→C5

properinductionhypothesisrequiresinsightandcreativity;theyarenotsimplyrearrangementsofthesubformulasoftheconclusion.Asaresult,anyimplementationofFOλΔINwillnecessarilybeinteractive,atleastfortheinventionofmanyinductionhypotheses.4Adeﬁnitionalclauseiswritten∀x¯[pt¯=B],wherepisapredicateconstant,everyfreevariableoftheformulaBisalsofreeinatleastoneterminthelistt¯ofterms,andallvariablesfreeint¯arecontainedinthelistx¯ofvariables.Sinceallfreevariablesinpt¯andBareuniversallyquantiﬁed,weoftenleavethesequantiﬁersimplicitwhendisplayingdeﬁnitionalclauses.Theatomicformulapt¯iscalledtheheadoftheclause,andtheformulaBiscalledthebody.Thesymbol=4isusedsimplytoindicateadeﬁnitionalclause:itisnotalogicalconnective.Adeﬁnitionisa(perhapsinﬁnite)setofdeﬁnitionalclauses.Thesamepredicatemayoccurintheheadofmultipleclausesofadeﬁnition:itisbesttothinkofadeﬁnitionasamutuallyrecursivedeﬁnitionofthepredicatesintheheadsoftheclauses.DeﬁnitionsareemployedinFOλΔINvialeftandrightintroductionrulesforatomicformulas.Ifweimposenorestrictionsondeﬁnitions,thecut-eliminationtheoremdoesnothold[24].Twodiﬀerentapproacheshavebeentakentoretaintheadmissibilityofcut.First,ifthestructuralruleofcontractionisremovedorrestricted(asitisinlinearlogic,forexample),cut-eliminationcanbeestablished[9,25].Anotherapproach,moreappropriateforuseheresincewewishtoworkwithinanintuitionisticsetting,istorestricttheoccurrencesofimplicationswithinthebodyofdeﬁnitions.In[25],Schroeder-Heisterprovedthecut-eliminationtheoremforanintuitionisticlogicinwhichnoimplicationsareallowedwithindeﬁnitions.Hereweshallallowimplicationsinthebodyofdeﬁnitionsiftheyaresuitablystratiﬁed.Towardthatendweassumethateachpredicatesymbolpinthelanguagehasassociatedwithitanaturalnumberlvl(p),thelevelofthepredicate.Thefollowingdeﬁnitionextendsthenotionofleveltoformulasandderivations.Deﬁnition1GivenaformulaB,itslevellvl(B)isdeﬁnedasfollows:1.lvl(pt¯)=lvl(p)2.lvl(⊥)=lvl(>)=03.lvl(B∧C)=lvl(B∨C)=max(lvl(B),lvl(C))4.lvl(B⊃C)=max(lvl(B)+1,lvl(C))5.lvl(∀x.B)=lvl(∃x.B)=lvl(B).GivenaderivationΠofΓ−→B,lvl(Π)=lvl(B).4Weshallnowrequirethatforeverydeﬁnitionalclause∀x¯[pt¯=B],lvl(B)≤lvl(p).ThelogicFOλΔINhasusesdeﬁnitionsinleftandright-introductionrulesforatoms;thefollowingrelationwillbeusefulfordescribingthoseinferencerules.Deﬁnition2Letthefour-placerelationdfn(ρ,A,σ,B)bedeﬁnedtoholdfortheformulasAandBandthesubstitutionsρandσifthereisaclause∀x¯[A0=4B]inthegivendeﬁnitionsuchthatAρ=A0σ.TherightandleftrulesforatomsareΓ−→BθdefR,wheredfn(²,A,θ,B)A→−Γ6

{Bσ,Γρ−→Cρ|dfn(ρ,A,σ,B)}A,Γ−→CdefL,where²istheemptysubstitutionandtheboundvariablesx¯inthedeﬁnitionalclausesarechosentobedistinctfromthevariablesfreeinthelowersequentoftherule.Specifyingasetofsequentsasthepremiseshouldbeunderstoodtomeanthateachsequentinthesetisapremiseofthe4rule.Therightrulecorrespondstothelogicprogrammingnotionofbackchainingifwethinkof=indeﬁnitionalclausesasreverseimplication.Theleftruleissimilartodeﬁnitionalreﬂection[25](nottobeconfusedwithanothernotionofreﬂectionoftenconsideredbetweenameta-logicandobject-logic)andtoaninferenceruleusedbyGirardinhisnoteonﬁxedpoints[9].NoticethatinthedefLrule,thefreevariablesoftheconclusioncanbeinstantiatedinthepremises.ThenumberofpremisesofthedefLrulemaybezeroormaybeinﬁnite.IftheformulaAdoesnotunifywiththeheadofanydeﬁnitionalclause,thenthenumberofpremiseswillbezero.Inthiscase,Aisanunprovableformulalogicallyequivalentto⊥,anddefLcorrespondstothe⊥Lrule.IftheformulaAdoesunifywiththeheadofadeﬁnitionalclause,thenumberofpremisescouldbeinﬁnite,sincethedomainsofthesubstitutionsρandσmayincludevariablesthatarenotfreeinAandB.Ingeneralwewishtoworkwithinferenceruleswithaﬁnitenumberofpremises.ThiscanbeachievedbyrestrictingdeﬁnitionstohaveonlyaﬁnitenumberofclausesandtorestricttheuseofdefLruletothoseformulasAsuchthatforeverydeﬁnitionalclausethereisaﬁnite,completesetofuniﬁers(CSU)[11]ofAandtheheadoftheclause.ConsiderthefollowinginferenceruleduetoEriksson[5]{Bθ,Γθ−→Cθ|θ∈CSU(A,A0)forsomeclause∀x¯[A0=4B]}A,Γ−→CdefLCSU,wherethevariablesx¯arechosentobedistinctfromthevariablesfreeinthelowersequentoftherule.WhentheCSUsanddeﬁnitionareﬁnite,thisrulewillhaveaﬁnitenumberofpremises.Noticethatinﬁrst-orderlogics,aCSUwillhaveatmostonemember,namelythemostgeneraluniﬁer(MGU).Proposition3TherulesdefLanddefLCSUareinteradmissible,thatis,ifFOλΔINisformulatedwitheitherdefLordefLCSU,theotherruleisadmissibleinthatformulation.ProofGiventhesetofderivations¾½B,θΠ,Bθ,Γθ−→Cθθ∈CSU(A,A0)forsomeclause∀x¯[A0=4B]wecan4constructaderivationofA,Γ−→CusingdefLasfollows.Foranydeﬁnitionalclause∀x¯[A0=B]andsubstitutionsρandσsuchthatAρ=A0σ,thesubstitution(σ(y)ify∈FV(A0)ρσ(y)=ρ(y)otherwisewillbeauniﬁerofAandA0.Thusforsomeθ∈CSU(A,A0)thereisasubstitutionθ0suchthatρσisθ◦θ0.(NoticethatcompositionofsubstitutionisdeﬁnedsothatA(θ◦θ0)=(Aθ)θ0.)WecanthususeΠθ,Bθ0asthepremisederivationofBσ,Γρ−→CρfordefL.(WewillformallydeﬁnewhatitmeanstoapplyasubstitutiontoaderivationinDeﬁnition5.Fornowitisenoughtoknowthat7

ityieldsaderivationwhoseendsequentisobtainedbyapplyingthesubstitutiontotheendsequentoftheoriginalderivation.)Giventhesetofderivations¾½Πρ,σ,B,Bσ,Γρ−→Cρdfn(ρ,A,σ,B)wecanconstructaderivationofA,Γ−→CusingdefLCSUasfollows.Foranydeﬁnitionalclause∀x¯[A0=4B]andsubstitutionθ∈CSU(A,A0),dfn(θ,A,θ,B)holds.WecanthususeΠθ,θ,BasthepremisederivationofBθ,Γθ−→CθfordefL.ObservethatseveraloftherulesofFOλΔINmayhavevariablesthatarefreeinthepremisebutnotintheconclusion:thisresultsfromtheeigenvariableyof∀Rand∃L,thetermtof∀Land∃R,thecutformulasB1,...,Bnofmc,theinductionpredicateBofnatL,andthesubstitutionsρandσofdefL.Weviewthechoiceofsuchvariablesasarbitraryandidentifyallderivationsthatdiﬀeronlyinthechoiceofvariablesthatarenotfreeinend-sequent.Wedeﬁneanordinalmeasurewhichcorrespondstotheheightofaderivation:Deﬁnition4GivenaderivationΠwithpremisederivations{Πi}i,themeasureht(Π)istheleastupperboundof{ht(Πi)+1}i.Substitutionsareﬁnitemapsfromvariablestoterms.Itiscommontoviewsubstitutionsasmapsfromtermstotermsbyapplyingthesubstitutiontoallfreevariablesofaterm.Wecanthenextendthemappinginturntoformulasandmultisetsbyapplyingittoeveryterminaformulaandeveryformulainamultiset.Thefollowingdeﬁnitionextendssubstitutionsyetagaintoapplytoderivations.Sinceweidentifyderivationsthatdiﬀeronlyinthechoiceofvariablesthatarenotfreeintheend-sequent,wewillassumethatsuchvariablesarechosentobedistinctfromthevariablesinthedomainofthesubstitutionandfromthefreevariablesoftherangeofthesubstitution.Thusapplyingasubstitutiontoaderivationwillonlyaﬀectthevariablesfreeintheend-sequent.Deﬁnition5IfΠisaderivationofΓ−→Candθisasubstitution,thenwedeﬁnethederivationΠθofΓθ−→Cθasfollows:1.SupposeΠendswiththedefLrule¾½Πρ,σ,BBσ,Γ0ρ−→Cρdfn(ρ,A,σ,B)A,Γ0−→CdefL.Observethatifdfn(ρ0,Aθ,σ0,B)thendfn(θ◦ρ0,A,σ0,B).ThusΠθis½¾Πθ◦ρ0,σ0,B0000Bσ,Γθρ−→Cθρdfn(ρ0,Aθ,σ0,B)Aθ,Γ0θ−→CθdefL.2.IfΠendswithanyotherruleandhaspremisederivationsΠ1,...,Πn,thenΠθalsoendswiththesameruleandhaspremisederivationsΠ1θ,...,Πnθ.Lemma6ForanysubstitutionθandderivationΠofΓ−→C,ΠθisaderivationofΓθ−→Cθ.8

ProofThislemmastatesthatDeﬁnition5iswell-constructed,andfollowsbyinductiononµ(Π).ObservethatifΠendswiththedefRrule0Γ−Π→BσΓ−→AdefR,thendfn(²,A,σ,B),andsoitisalsotruethatdfn(²,Aθ,σ◦θ,B).Therefore0θΠΓθ−→BσθdefRΓθ−→Aθisavalidderivation.Lemma7ForanyderivationΠandsubstitutionθ,ht(Π)≥ht(Πθ).ProofTheproofofthislemmaisasimpleinductiononht(Π).ThemeasuresmaynotbeequalbecausewhenthederivationsendwiththedefLrule,someofthepremisederivationsofΠmaynotbeneededtoconstructthepremisederivationsofΠθ.Ourlogicdoesnotcontainaweakeningrule;insteadweallowextraassumptionsintheaxioms.Thefollowingdeﬁnitionprovidesmeta-levelweakeningonderivations.Sinceweidentifyderivationsthatdiﬀeronlyinthechoiceofvariablesthatarenotfreeintheend-sequent,wewillassumethatsuchvariablesarechosentobedistinctfromthefreevariablesoftheweakeningformulas.Deﬁnition8IfΠisaderivationofΓ−→CandΔisamultisetofformulas,thenwedeﬁnethederivationw(Δ,Π)ofΓ,Δ−→Casfollows:1.IfΠendswiththedefLrule¾½Πρ,σ,BBσ,Γ0ρ−→CρA,Γ0−→CdefL,thenw(Δ,Π)is½¾w(Δρ,Πρ,σ,B)Bσ,Γ0ρ,Δρ−→CρLfedA,Γ0,Δ−→C.2.IfΠendswiththenatLruleΠ1Π2Π3−→BzBj−→B(sj)BI,Γ−→CnatLnatI,Γ−→C,thenw(Δ,Π)isΠ1Π2w(Δ,Π3)−→BzBj−→B(sj)BI,Γ,Δ−→CnatLnatI,Γ,Δ−→C.9

3.IfΠendswiththemcruleΠ1ΠnΠ0Δ1−→B1∙∙∙Δn−→BnB1,...,Bn,Γ−→CcmΔ1,...,Δn,Γ−→C,thenw(Δ,Π)isΠ1Πnw(Δ,Π0)Δ1−→B1∙∙∙Δn−→BnB1,...,Bn,Γ,Δ−→CcmΔ1,...,Δn,Γ,Δ−→C.4.IfΠendswithanyotherruleandhaspremisederivationsΠ1,...,Πn,thenw(Δ,Π)alsoendswiththesameruleandhaspremisederivationsw(Δ,Π1),...,w(Δ,Πn).Thefollowinglemmascanbeprovedbyinductiononthemeasureofthegivenderivation.Lemma9ForanymultisetΔofformulasandderivationΠofΓ−→C,w(Δ,Π)isaderivationofΓ,Δ−→C.Lemma10ForanyderivationΠandmultisetΔofformulas,ht(Π)=ht(w(Δ,Π)).Lemma11ForanyderivationΠ,multisetΔofformulas,andsubstitutionθ,w(Δ,Π)θandw(Δθ,Πθ)arethesamederivation.Lemma12ForanyderivationΠandmultisetsΔandΔ0offormulas,w(Δ,w(Δ0,Π))andw(Δ∪Δ0,Π)arethesamederivation.4OverviewoftheCut-EliminationProofGentzen’sclassicproofofcut-eliminationforﬁrst-orderlogic[7]usesaninductioninvolvingthenumberoflogicalconnectivesinthecutformula.Acutonacompoundformulaisreplacedbycutsonitssubformulas,whichnecessarilycontainalowernumberofconnectives.Forexample,thederivationΠ1Π2Π3Δ−→B1Δ−→B2B1,Γ−→CΔ−→B1∧B2∧RB1∧B2,Γ−→C∧LcmΔ,Γ−→CisreducedtoΠΠ31Δ−→B1B1,Γ−→CcmΔ,Γ−→C.01

Bytheinductionhypothesis,thiscutonB1iseliminable,hencetheoriginalcutonB1∧B2isalsoeliminable.Inﬁrst-orderlogic,whenthecutformulaisatomic,thecutcaneasilyberemovedbypermutingthecutuptowardtheleavesoftheproof;eventuallyaninitialruleisreached,atwhichpointtheremovalofthecutistrivial.InFOλΔIN,however,therulesfornaturalnumbersanddeﬁnitionsactonatoms,sotheatomiccaseisnotsimple.Consider,forexample,thederivation¾½Π1Πρ,σ,DΔ−→BθdefRDσ,Γρ−→CρdefLΔ−→AA,Γ−→CΔ,Γ−→Cmc.TheobviousreductionforthisisacutbetweenΠ1andtheappropriatepremiseofthedefLrule;however,Bθisaformulaofarbitrarycomplexity,andsowillingeneralhaveagreaternumberofconnectivesthantheatomA,whichhaszero.Thusadiﬀerentinductionmeasureisneeded.Schroeder-Heisterprovescut-eliminationforseverallogicswithdeﬁnitions[24,25]byincludingthenumberofusesofthedefLruleinthederivationaspartoftheinductionmeasure.However,thelogicsheconsidersdonotcontaininduction;theinclusionofthenatRandnatLrulesinFOλΔINcomplicatesthingsfurther.ThederivationΠ1Π2Π3Π4Δ−→natI−→BzBj−→B(sj)B(sI),Γ−→CΔ−→nat(sI)natRnat(sI),Γ−→CnatLcmΔ,Γ−→Ccanbereducedinanumberofways,butthereductionsareallvariationsofthederivationΠ2Π3Π3[I/j]Π1−→BzBj−→B(sj)BI−→B(sI)Δ−→natInatI−→B(sI)natLΠ4cmΔ−→B(sI)B(sI),Γ−→CcmΔ,Γ−→C.Here,thecutontheatomicformulanat(sI)isreplacedbytwocuts,oneontheatomnatIandtheotherontheformulaB(sI).Itisnotclearwhatinductionmeasurecanbeusedhere.Fortheﬁrstcut,theatomnatIcontainsnologicalconnectives,butthisistrueoftheoriginalcutformulanat(sI)aswell.ThenumberofnatRrulesintherightsubderivationofthecuthasgonedownbyone,buttheduplicationofΠ3mightoﬀsetthis.Forthesecondcut,thecutformulaB(sI)isnotrelatedatalltotheoriginalcutformula;itcertainlycanhavenofewerconnectivesthantheatomnat(sI).Andthoughitsleftpremiseisshorterthantheleftpremiseoftheoriginalcut,itisunclearhowtheheightsoftherightpremisescompare.Itshouldbenoted,however,thatthecomplicatingfactorhereisnotthepresenceofaninductionrule,butouruseofthenatpredicateintheinductionrule.IfweremovethenatRrulesfromthelogicandreformulatetheinductionruletobe−→BzBj−→B(sj)BI,Γ−→CΓ−→Cind,11