Theory AOT_NaturalNumbers
1
2theory AOT_NaturalNumbers
3 imports AOT_PossibleWorlds AOT_ExtendedRelationComprehension
4 abbrevs one-to-one = ‹⇩1⇩-⇩1›
5 and onto = ‹⇩o⇩n⇩t⇩o›
6begin
7
8
9section‹Natural Numbers›
10
11AOT_define CorrelatesOneToOne :: ‹τ ⇒ τ ⇒ τ ⇒ φ› (‹_ |: _ ⇩1⇩-⇩1⟷ _›)
12 "1-1-cor": ‹R |: F ⇩1⇩-⇩1⟷ G ≡⇩d⇩f R↓ & F↓ & G↓ &
13 ∀x ([F]x → ∃!y([G]y & [R]xy)) &
14 ∀y ([G]y → ∃!x([F]x & [R]xy))›
15
16AOT_define MapsTo :: ‹τ ⇒ τ ⇒ τ ⇒ φ› (‹_ |: _ ⟶ _›)
17 "fFG:1": ‹R |: F ⟶ G ≡⇩d⇩f R↓ & F↓ & G↓ & ∀x ([F]x → ∃!y([G]y & [R]xy))›
18
19AOT_define MapsToOneToOne :: ‹τ ⇒ τ ⇒ τ ⇒ φ› (‹_ |: _ ⇩1⇩-⇩1⟶ _›)
20 "fFG:2": ‹R |: F ⇩1⇩-⇩1⟶ G ≡⇩d⇩f
21 R |: F ⟶ G & ∀x∀y∀z (([F]x & [F]y & [G]z) → ([R]xz & [R]yz → x = y))›
22
23AOT_define MapsOnto :: ‹τ ⇒ τ ⇒ τ ⇒ φ› (‹_ |: _ ⟶⇩o⇩n⇩t⇩o _›)
24 "fFG:3": ‹R |: F ⟶⇩o⇩n⇩t⇩o G ≡⇩d⇩f R |: F ⟶ G & ∀y ([G]y → ∃x([F]x & [R]xy))›
25
26AOT_define MapsOneToOneOnto :: ‹τ ⇒ τ ⇒ τ ⇒ φ› (‹_ |: _ ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩o _›)
27 "fFG:4": ‹R |: F ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩o G ≡⇩d⇩f R |: F ⇩1⇩-⇩1⟶ G & R |: F ⟶⇩o⇩n⇩t⇩o G›
28
29AOT_theorem "eq-1-1": ‹R |: F ⇩1⇩-⇩1⟷ G ≡ R |: F ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩o G›
30proof(rule "≡I"; rule "→I")
31 AOT_assume ‹R |: F ⇩1⇩-⇩1⟷ G›
32 AOT_hence A: ‹∀x ([F]x → ∃!y([G]y & [R]xy))›
33 and B: ‹∀y ([G]y → ∃!x([F]x & [R]xy))›
34 using "≡⇩d⇩fE"[OF "1-1-cor"] "&E" by blast+
35 AOT_have C: ‹R |: F ⟶ G›
36 proof (rule "≡⇩d⇩fI"[OF "fFG:1"]; rule "&I")
37 AOT_show ‹R↓ & F↓ & G↓›
38 using "cqt:2[const_var]"[axiom_inst] "&I" by metis
39 next
40 AOT_show ‹∀x ([F]x → ∃!y([G]y & [R]xy))› by (rule A)
41 qed
42 AOT_show ‹R |: F ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩o G›
43 proof (rule "≡⇩d⇩fI"[OF "fFG:4"]; rule "&I")
44 AOT_show ‹R |: F ⇩1⇩-⇩1⟶ G›
45 proof (rule "≡⇩d⇩fI"[OF "fFG:2"]; rule "&I")
46 AOT_show ‹R |: F ⟶ G› using C.
47 next
48 AOT_show ‹∀x∀y∀z ([F]x & [F]y & [G]z → ([R]xz & [R]yz → x = y))›
49 proof(rule GEN; rule GEN; rule GEN; rule "→I"; rule "→I")
50 fix x y z
51 AOT_assume 1: ‹[F]x & [F]y & [G]z›
52 moreover AOT_assume 2: ‹[R]xz & [R]yz›
53 ultimately AOT_have 3: ‹∃!x ([F]x & [R]xz)›
54 using B "&E" "∀E" "→E" by fast
55 AOT_show ‹x = y›
56 by (rule "uni-most"[THEN "→E", OF 3, THEN "∀E"(2)[where β=x],
57 THEN "∀E"(2)[where β=y], THEN "→E"])
58 (metis "&I" "&E" 1 2)
59 qed
60 qed
61 next
62 AOT_show ‹R |: F ⟶⇩o⇩n⇩t⇩o G›
63 proof (rule "≡⇩d⇩fI"[OF "fFG:3"]; rule "&I")
64 AOT_show ‹R |: F ⟶ G› using C.
65 next
66 AOT_show ‹∀y ([G]y → ∃x ([F]x & [R]xy))›
67 proof(rule GEN; rule "→I")
68 fix y
69 AOT_assume ‹[G]y›
70 AOT_hence ‹∃!x ([F]x & [R]xy)›
71 using B[THEN "∀E"(2), THEN "→E"] by blast
72 AOT_hence ‹∃x ([F]x & [R]xy & ∀β (([F]β & [R]βy) → β = x))›
73 using "uniqueness:1"[THEN "≡⇩d⇩fE"] by blast
74 then AOT_obtain x where ‹[F]x & [R]xy›
75 using "∃E"[rotated] "&E" by blast
76 AOT_thus ‹∃x ([F]x & [R]xy)› by (rule "∃I")
77 qed
78 qed
79 qed
80next
81 AOT_assume ‹R |: F ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩o G›
82 AOT_hence ‹R |: F ⇩1⇩-⇩1⟶ G› and ‹R |: F ⟶⇩o⇩n⇩t⇩o G›
83 using "≡⇩d⇩fE"[OF "fFG:4"] "&E" by blast+
84 AOT_hence C: ‹R |: F ⟶ G›
85 and D: ‹∀x∀y∀z ([F]x & [F]y & [G]z → ([R]xz & [R]yz → x = y))›
86 and E: ‹∀y ([G]y → ∃x ([F]x & [R]xy))›
87 using "≡⇩d⇩fE"[OF "fFG:2"] "≡⇩d⇩fE"[OF "fFG:3"] "&E" by blast+
88 AOT_show ‹R |: F ⇩1⇩-⇩1⟷ G›
89 proof(rule "1-1-cor"[THEN "≡⇩d⇩fI"]; safe intro!: "&I" "cqt:2[const_var]"[axiom_inst])
90 AOT_show ‹∀x ([F]x → ∃!y ([G]y & [R]xy))›
91 using "≡⇩d⇩fE"[OF "fFG:1", OF C] "&E" by blast
92 next
93 AOT_show ‹∀y ([G]y → ∃!x ([F]x & [R]xy))›
94 proof (rule "GEN"; rule "→I")
95 fix y
96 AOT_assume 0: ‹[G]y›
97 AOT_hence ‹∃x ([F]x & [R]xy)›
98 using E "∀E" "→E" by fast
99 then AOT_obtain a where a_prop: ‹[F]a & [R]ay›
100 using "∃E"[rotated] by blast
101 moreover AOT_have ‹∀z ([F]z & [R]zy → z = a)›
102 proof (rule GEN; rule "→I")
103 fix z
104 AOT_assume ‹[F]z & [R]zy›
105 AOT_thus ‹z = a›
106 using D[THEN "∀E"(2)[where β=z], THEN "∀E"(2)[where β=a],
107 THEN "∀E"(2)[where β=y], THEN "→E", THEN "→E"]
108 a_prop 0 "&E" "&I" by metis
109 qed
110 ultimately AOT_have ‹∃x ([F]x & [R]xy & ∀z ([F]z & [R]zy → z = x))›
111 using "&I" "∃I"(2) by fast
112 AOT_thus ‹∃!x ([F]x & [R]xy)›
113 using "uniqueness:1"[THEN "≡⇩d⇩fI"] by fast
114 qed
115 qed
116qed
117
118text‹We have already introduced the restricted type of Ordinary objects in the
119 Extended Relation Comprehension theory. However, make sure all variable names
120 are defined as expected (avoiding conflicts with situations
121 of possible world theory).›
122AOT_register_variable_names
123 Ordinary: u v r t s
124
125AOT_theorem "equi:1": ‹∃!u φ{u} ≡ ∃u (φ{u} & ∀v (φ{v} → v =⇩E u))›
126proof(rule "≡I"; rule "→I")
127 AOT_assume ‹∃!u φ{u}›
128 AOT_hence ‹∃!x (O!x & φ{x})›.
129 AOT_hence ‹∃x (O!x & φ{x} & ∀β (O!β & φ{β} → β = x))›
130 using "uniqueness:1"[THEN "≡⇩d⇩fE"] by blast
131 then AOT_obtain x where x_prop: ‹O!x & φ{x} & ∀β (O!β & φ{β} → β = x)›
132 using "∃E"[rotated] by blast
133 {
134 fix β
135 AOT_assume beta_ord: ‹O!β›
136 moreover AOT_assume ‹φ{β}›
137 ultimately AOT_have ‹β = x›
138 using x_prop[THEN "&E"(2), THEN "∀E"(2)[where β=β]] "&I" "→E" by blast
139 AOT_hence ‹β =⇩E x›
140 using "ord-=E=:1"[THEN "→E", OF "∨I"(1)[OF beta_ord],
141 THEN "qml:2"[axiom_inst, THEN "→E"],
142 THEN "≡E"(1)]
143 by blast
144 }
145 AOT_hence ‹(O!β → (φ{β} → β =⇩E x))› for β
146 using "→I" by blast
147 AOT_hence ‹∀β(O!β → (φ{β} → β =⇩E x))›
148 by (rule GEN)
149 AOT_hence ‹O!x & φ{x} & ∀y (O!y → (φ{y} → y =⇩E x))›
150 using x_prop[THEN "&E"(1)] "&I" by blast
151 AOT_hence ‹O!x & (φ{x} & ∀y (O!y → (φ{y} → y =⇩E x)))›
152 using "&E" "&I" by meson
153 AOT_thus ‹∃u (φ{u} & ∀v (φ{v} → v =⇩E u))›
154 using "∃I" by fast
155next
156 AOT_assume ‹∃u (φ{u} & ∀v (φ{v} → v =⇩E u))›
157 AOT_hence ‹∃x (O!x & (φ{x} & ∀y (O!y → (φ{y} → y =⇩E x))))›
158 by blast
159 then AOT_obtain x where x_prop: ‹O!x & (φ{x} & ∀y (O!y → (φ{y} → y =⇩E x)))›
160 using "∃E"[rotated] by blast
161 AOT_have ‹∀y ([O!]y & φ{y} → y = x)›
162 proof(rule GEN; rule "→I")
163 fix y
164 AOT_assume ‹O!y & φ{y}›
165 AOT_hence ‹y =⇩E x›
166 using x_prop[THEN "&E"(2), THEN "&E"(2), THEN "∀E"(2)[where β=y]]
167 "→E" "&E" by blast
168 AOT_thus ‹y = x›
169 using "ord-=E=:1"[THEN "→E", OF "∨I"(2)[OF x_prop[THEN "&E"(1)]],
170 THEN "qml:2"[axiom_inst, THEN "→E"], THEN "≡E"(2)] by blast
171 qed
172 AOT_hence ‹[O!]x & φ{x} & ∀y ([O!]y & φ{y} → y = x)›
173 using x_prop "&E" "&I" by meson
174 AOT_hence ‹∃x ([O!]x & φ{x} & ∀y ([O!]y & φ{y} → y = x))›
175 by (rule "∃I")
176 AOT_hence ‹∃!x (O!x & φ{x})›
177 by (rule "uniqueness:1"[THEN "≡⇩d⇩fI"])
178 AOT_thus ‹∃!u φ{u}›.
179qed
180
181AOT_define CorrelatesEOneToOne :: ‹τ ⇒ τ ⇒ τ ⇒ φ› (‹_ |: _ ⇩1⇩-⇩1⟷⇩E _›)
182 "equi:2": ‹R |: F ⇩1⇩-⇩1⟷⇩E G ≡⇩d⇩f R↓ & F↓ & G↓ &
183 ∀u ([F]u → ∃!v([G]v & [R]uv)) &
184 ∀v ([G]v → ∃!u([F]u & [R]uv))›
185
186AOT_define EquinumerousE :: ‹τ ⇒ τ ⇒ φ› (infixl "≈⇩E" 50)
187 "equi:3": ‹F ≈⇩E G ≡⇩d⇩f ∃R (R |: F ⇩1⇩-⇩1⟷⇩E G)›
188
189text‹Note: not explicitly in PLM.›
190AOT_theorem eq_den_1: ‹Π↓› if ‹Π ≈⇩E Π'›
191proof -
192 AOT_have ‹∃R (R |: Π ⇩1⇩-⇩1⟷⇩E Π')›
193 using "equi:3"[THEN "≡⇩d⇩fE"] that by blast
194 then AOT_obtain R where ‹R |: Π ⇩1⇩-⇩1⟷⇩E Π'›
195 using "∃E"[rotated] by blast
196 AOT_thus ‹Π↓›
197 using "equi:2"[THEN "≡⇩d⇩fE"] "&E" by blast
198qed
199
200text‹Note: not explicitly in PLM.›
201AOT_theorem eq_den_2: ‹Π'↓› if ‹Π ≈⇩E Π'›
202proof -
203 AOT_have ‹∃R (R |: Π ⇩1⇩-⇩1⟷⇩E Π')›
204 using "equi:3"[THEN "≡⇩d⇩fE"] that by blast
205 then AOT_obtain R where ‹R |: Π ⇩1⇩-⇩1⟷⇩E Π'›
206 using "∃E"[rotated] by blast
207 AOT_thus ‹Π'↓›
208 using "equi:2"[THEN "≡⇩d⇩fE"] "&E" by blast+
209qed
210
211AOT_theorem "eq-part:1": ‹F ≈⇩E F›
212proof (safe intro!: "&I" GEN "→I" "cqt:2[const_var]"[axiom_inst]
213 "≡⇩d⇩fI"[OF "equi:3"] "≡⇩d⇩fI"[OF "equi:2"] "∃I"(1))
214 fix x
215 AOT_assume 1: ‹O!x›
216 AOT_assume 2: ‹[F]x›
217 AOT_show ‹∃!v ([F]v & x =⇩E v)›
218 proof(rule "equi:1"[THEN "≡E"(2)];
219 rule "∃I"(2)[where β=x];
220 safe dest!: "&E"(2)
221 intro!: "&I" "→I" 1 2 Ordinary.GEN "ord=Eequiv:1"[THEN "→E", OF 1])
222 AOT_show ‹v =⇩E x› if ‹x =⇩E v› for v
223 by (metis that "ord=Eequiv:2"[THEN "→E"])
224 qed
225next
226 fix y
227 AOT_assume 1: ‹O!y›
228 AOT_assume 2: ‹[F]y›
229 AOT_show ‹∃!u ([F]u & u =⇩E y)›
230 by(safe dest!: "&E"(2)
231 intro!: "equi:1"[THEN "≡E"(2)] "∃I"(2)[where β=y]
232 "&I" "→I" 1 2 GEN "ord=Eequiv:1"[THEN "→E", OF 1])
233qed(auto simp: "=E[denotes]")
234
235
236AOT_theorem "eq-part:2": ‹F ≈⇩E G → G ≈⇩E F›
237proof (rule "→I")
238 AOT_assume ‹F ≈⇩E G›
239 AOT_hence ‹∃R R |: F ⇩1⇩-⇩1⟷⇩E G›
240 using "equi:3"[THEN "≡⇩d⇩fE"] by blast
241 then AOT_obtain R where ‹R |: F ⇩1⇩-⇩1⟷⇩E G›
242 using "∃E"[rotated] by blast
243 AOT_hence 0: ‹R↓ & F↓ & G↓ & ∀u ([F]u → ∃!v([G]v & [R]uv)) &
244 ∀v ([G]v → ∃!u([F]u & [R]uv))›
245 using "equi:2"[THEN "≡⇩d⇩fE"] by blast
246
247 AOT_have ‹[λxy [R]yx]↓ & G↓ & F↓ & ∀u ([G]u → ∃!v([F]v & [λxy [R]yx]uv)) &
248 ∀v ([F]v → ∃!u([G]u & [λxy [R]yx]uv))›
249 proof (AOT_subst ‹[λxy [R]yx]yx› ‹[R]xy› for: x y;
250 (safe intro!: "&I" "cqt:2[const_var]"[axiom_inst] 0[THEN "&E"(2)]
251 0[THEN "&E"(1), THEN "&E"(2)]; "cqt:2[lambda]")?)
252 AOT_modally_strict {
253 AOT_have ‹[λxy [R]yx]xy› if ‹[R]yx› for y x
254 by (auto intro!: "β←C"(1) "cqt:2"
255 simp: "&I" "ex:1:a" prod_denotesI "rule-ui:3" that)
256 moreover AOT_have ‹[R]yx› if ‹[λxy [R]yx]xy› for y x
257 using "β→C"(1)[where φ="λ(x,y). _ (x,y)" and κ⇩1κ⇩n="(_,_)",
258 simplified, OF that, simplified].
259 ultimately AOT_show ‹[λxy [R]yx]αβ ≡ [R]βα› for α β
260 by (metis "deduction-theorem" "≡I")
261 }
262 qed
263 AOT_hence ‹[λxy [R]yx] |: G ⇩1⇩-⇩1⟷⇩E F›
264 using "equi:2"[THEN "≡⇩d⇩fI"] by blast
265 AOT_hence ‹∃R R |: G ⇩1⇩-⇩1⟷⇩E F›
266 by (rule "∃I"(1)) "cqt:2[lambda]"
267 AOT_thus ‹G ≈⇩E F›
268 using "equi:3"[THEN "≡⇩d⇩fI"] by blast
269qed
270
271text‹Note: not explicitly in PLM.›
272AOT_theorem "eq-part:2[terms]": ‹Π ≈⇩E Π' → Π' ≈⇩E Π›
273 using "eq-part:2"[unvarify F G] eq_den_1 eq_den_2 "→I" by meson
274declare "eq-part:2[terms]"[THEN "→E", sym]
275
276AOT_theorem "eq-part:3": ‹(F ≈⇩E G & G ≈⇩E H) → F ≈⇩E H›
277proof (rule "→I")
278 AOT_assume ‹F ≈⇩E G & G ≈⇩E H›
279 then AOT_obtain R⇩1 and R⇩2 where
280 ‹R⇩1 |: F ⇩1⇩-⇩1⟷⇩E G›
281 and ‹R⇩2 |: G ⇩1⇩-⇩1⟷⇩E H›
282 using "equi:3"[THEN "≡⇩d⇩fE"] "&E" "∃E"[rotated] by metis
283 AOT_hence θ: ‹∀u ([F]u → ∃!v([G]v & [R⇩1]uv)) & ∀v ([G]v → ∃!u([F]u & [R⇩1]uv))›
284 and ξ: ‹∀u ([G]u → ∃!v([H]v & [R⇩2]uv)) & ∀v ([H]v → ∃!u([G]u & [R⇩2]uv))›
285 using "equi:2"[THEN "≡⇩d⇩fE", THEN "&E"(2)]
286 "equi:2"[THEN "≡⇩d⇩fE", THEN "&E"(1), THEN "&E"(2)]
287 "&I" by blast+
288 AOT_have ‹∃R R = [λxy O!x & O!y & ∃v ([G]v & [R⇩1]xv & [R⇩2]vy)]›
289 by (rule "free-thms:3[lambda]") cqt_2_lambda_inst_prover
290 then AOT_obtain R where R_def: ‹R = [λxy O!x & O!y & ∃v ([G]v & [R⇩1]xv & [R⇩2]vy)]›
291 using "∃E"[rotated] by blast
292 AOT_have 1: ‹∃!v (([H]v & [R]uv))› if a: ‹[O!]u› and b: ‹[F]u› for u
293 proof (rule "≡E"(2)[OF "equi:1"])
294 AOT_obtain b where
295 b_prop: ‹[O!]b & ([G]b & [R⇩1]ub & ∀v ([G]v & [R⇩1]uv → v =⇩E b))›
296 using θ[THEN "&E"(1), THEN "∀E"(2), THEN "→E", THEN "→E",
297 OF a b, THEN "≡E"(1)[OF "equi:1"]]
298 "∃E"[rotated] by blast
299 AOT_obtain c where
300 c_prop: "[O!]c & ([H]c & [R⇩2]bc & ∀v ([H]v & [R⇩2]bv → v =⇩E c))"
301 using ξ[THEN "&E"(1), THEN "∀E"(2)[where β=b], THEN "→E",
302 OF b_prop[THEN "&E"(1)], THEN "→E",
303 OF b_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(1)],
304 THEN "≡E"(1)[OF "equi:1"]]
305 "∃E"[rotated] by blast
306 AOT_show ‹∃v ([H]v & [R]uv & ∀v' ([H]v' & [R]uv' → v' =⇩E v))›
307 proof (safe intro!: "&I" GEN "→I" "∃I"(2)[where β=c])
308 AOT_show ‹O!c› using c_prop "&E" by blast
309 next
310 AOT_show ‹[H]c› using c_prop "&E" by blast
311 next
312 AOT_have 0: ‹[O!]u & [O!]c & ∃v ([G]v & [R⇩1]uv & [R⇩2]vc)›
313 by (safe intro!: "&I" a c_prop[THEN "&E"(1)] "∃I"(2)[where β=b]
314 b_prop[THEN "&E"(1)] b_prop[THEN "&E"(2), THEN "&E"(1)]
315 c_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(2)])
316 AOT_show ‹[R]uc›
317 by (auto intro: "rule=E"[rotated, OF R_def[symmetric]]
318 intro!: "β←C"(1) "cqt:2"
319 simp: "&I" "ex:1:a" prod_denotesI "rule-ui:3" 0)
320 next
321 fix x
322 AOT_assume ordx: ‹O!x›
323 AOT_assume ‹[H]x & [R]ux›
324 AOT_hence hx: ‹[H]x› and ‹[R]ux› using "&E" by blast+
325 AOT_hence ‹[λxy O!x & O!y & ∃v ([G]v & [R⇩1]xv & [R⇩2]vy)]ux›
326 using "rule=E"[rotated, OF R_def] by fast
327 AOT_hence ‹O!u & O!x & ∃v ([G]v & [R⇩1]uv & [R⇩2]vx)›
328 by (rule "β→C"(1)[where φ="λ(κ,κ'). _ κ κ'" and κ⇩1κ⇩n="(_,_)", simplified])
329 then AOT_obtain z where z_prop: ‹O!z & ([G]z & [R⇩1]uz & [R⇩2]zx)›
330 using "&E" "∃E"[rotated] by blast
331 AOT_hence ‹z =⇩E b›
332 using b_prop[THEN "&E"(2), THEN "&E"(2), THEN "∀E"(2)[where β=z]]
333 using "&E" "→E" by metis
334 AOT_hence ‹z = b›
335 by (metis "=E-simple:2"[THEN "→E"])
336 AOT_hence ‹[R⇩2]bx›
337 using z_prop[THEN "&E"(2), THEN "&E"(2)] "rule=E" by fast
338 AOT_thus ‹x =⇩E c›
339 using c_prop[THEN "&E"(2), THEN "&E"(2), THEN "∀E"(2)[where β=x],
340 THEN "→E", THEN "→E", OF ordx]
341 hx "&I" by blast
342 qed
343 qed
344 AOT_have 2: ‹∃!u (([F]u & [R]uv))› if a: ‹[O!]v› and b: ‹[H]v› for v
345 proof (rule "≡E"(2)[OF "equi:1"])
346 AOT_obtain b where
347 b_prop: ‹[O!]b & ([G]b & [R⇩2]bv & ∀u ([G]u & [R⇩2]uv → u =⇩E b))›
348 using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "→E", THEN "→E",
349 OF a b, THEN "≡E"(1)[OF "equi:1"]]
350 "∃E"[rotated] by blast
351 AOT_obtain c where
352 c_prop: "[O!]c & ([F]c & [R⇩1]cb & ∀v ([F]v & [R⇩1]vb → v =⇩E c))"
353 using θ[THEN "&E"(2), THEN "∀E"(2)[where β=b], THEN "→E",
354 OF b_prop[THEN "&E"(1)], THEN "→E",
355 OF b_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(1)],
356 THEN "≡E"(1)[OF "equi:1"]]
357 "∃E"[rotated] by blast
358 AOT_show ‹∃u ([F]u & [R]uv & ∀v' ([F]v' & [R]v'v → v' =⇩E u))›
359 proof (safe intro!: "&I" GEN "→I" "∃I"(2)[where β=c])
360 AOT_show ‹O!c› using c_prop "&E" by blast
361 next
362 AOT_show ‹[F]c› using c_prop "&E" by blast
363 next
364 AOT_have ‹[O!]c & [O!]v & ∃u ([G]u & [R⇩1]cu & [R⇩2]uv)›
365 by (safe intro!: "&I" a "∃I"(2)[where β=b]
366 c_prop[THEN "&E"(1)] b_prop[THEN "&E"(1)]
367 b_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(1)]
368 b_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(2)]
369 c_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(2)])
370 AOT_thus ‹[R]cv›
371 by (auto intro: "rule=E"[rotated, OF R_def[symmetric]]
372 intro!: "β←C"(1) "cqt:2"
373 simp: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
374 next
375 fix x
376 AOT_assume ordx: ‹O!x›
377 AOT_assume ‹[F]x & [R]xv›
378 AOT_hence hx: ‹[F]x› and ‹[R]xv› using "&E" by blast+
379 AOT_hence ‹[λxy O!x & O!y & ∃v ([G]v & [R⇩1]xv & [R⇩2]vy)]xv›
380 using "rule=E"[rotated, OF R_def] by fast
381 AOT_hence ‹O!x & O!v & ∃u ([G]u & [R⇩1]xu & [R⇩2]uv)›
382 by (rule "β→C"(1)[where φ="λ(κ,κ'). _ κ κ'" and κ⇩1κ⇩n="(_,_)", simplified])
383 then AOT_obtain z where z_prop: ‹O!z & ([G]z & [R⇩1]xz & [R⇩2]zv)›
384 using "&E" "∃E"[rotated] by blast
385 AOT_hence ‹z =⇩E b›
386 using b_prop[THEN "&E"(2), THEN "&E"(2), THEN "∀E"(2)[where β=z]]
387 using "&E" "→E" "&I" by metis
388 AOT_hence ‹z = b›
389 by (metis "=E-simple:2"[THEN "→E"])
390 AOT_hence ‹[R⇩1]xb›
391 using z_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(2)] "rule=E" by fast
392 AOT_thus ‹x =⇩E c›
393 using c_prop[THEN "&E"(2), THEN "&E"(2), THEN "∀E"(2)[where β=x],
394 THEN "→E", THEN "→E", OF ordx]
395 hx "&I" by blast
396 qed
397 qed
398 AOT_show ‹F ≈⇩E H›
399 apply (rule "equi:3"[THEN "≡⇩d⇩fI"])
400 apply (rule "∃I"(2)[where β=R])
401 by (auto intro!: 1 2 "equi:2"[THEN "≡⇩d⇩fI"] "&I" "cqt:2[const_var]"[axiom_inst]
402 Ordinary.GEN "→I" Ordinary.ψ)
403qed
404
405text‹Note: not explicitly in PLM.›
406AOT_theorem "eq-part:3[terms]": ‹Π ≈⇩E Π''› if ‹Π ≈⇩E Π'› and ‹Π' ≈⇩E Π''›
407 using "eq-part:3"[unvarify F G H, THEN "→E"] eq_den_1 eq_den_2 "→I" "&I"
408 by (metis that(1) that(2))
409declare "eq-part:3[terms]"[trans]
410
411AOT_theorem "eq-part:4": ‹F ≈⇩E G ≡ ∀H (H ≈⇩E F ≡ H ≈⇩E G)›
412proof(rule "≡I"; rule "→I")
413 AOT_assume 0: ‹F ≈⇩E G›
414 AOT_hence 1: ‹G ≈⇩E F› using "eq-part:2"[THEN "→E"] by blast
415 AOT_show ‹∀H (H ≈⇩E F ≡ H ≈⇩E G)›
416 proof (rule GEN; rule "≡I"; rule "→I")
417 AOT_show ‹H ≈⇩E G› if ‹H ≈⇩E F› for H using 0
418 by (meson "&I" "eq-part:3" that "vdash-properties:6")
419 next
420 AOT_show ‹H ≈⇩E F› if ‹H ≈⇩E G› for H using 1
421 by (metis "&I" "eq-part:3" that "vdash-properties:6")
422 qed
423next
424 AOT_assume ‹∀H (H ≈⇩E F ≡ H ≈⇩E G)›
425 AOT_hence ‹F ≈⇩E F ≡ F ≈⇩E G› using "∀E" by blast
426 AOT_thus ‹F ≈⇩E G› using "eq-part:1" "≡E" by blast
427qed
428
429AOT_define MapsE :: ‹τ ⇒ τ ⇒ τ ⇒ φ› ("_ |: _ ⟶E _")
430 "equi-rem:1":
431 ‹R |: F ⟶E G ≡⇩d⇩f R↓ & F↓ & G↓ & ∀u ([F]u → ∃!v ([G]v & [R]uv))›
432
433AOT_define MapsEOneToOne :: ‹τ ⇒ τ ⇒ τ ⇒ φ› ("_ |: _ ⇩1⇩-⇩1⟶E _")
434 "equi-rem:2":
435 ‹R |: F ⇩1⇩-⇩1⟶E G ≡⇩d⇩f
436 R |: F ⟶E G & ∀t∀u∀v (([F]t & [F]u & [G]v) → ([R]tv & [R]uv → t =⇩E u))›
437
438AOT_define MapsEOnto :: ‹τ ⇒ τ ⇒ τ ⇒ φ› ("_ |: _ ⟶⇩o⇩n⇩t⇩oE _")
439 "equi-rem:3":
440 ‹R |: F ⟶⇩o⇩n⇩t⇩oE G ≡⇩d⇩f R |: F ⟶E G & ∀v ([G]v → ∃u ([F]u & [R]uv))›
441
442AOT_define MapsEOneToOneOnto :: ‹τ ⇒ τ ⇒ τ ⇒ φ› ("_ |: _ ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩oE _")
443 "equi-rem:4":
444 ‹R |: F ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩oE G ≡⇩d⇩f R |: F ⇩1⇩-⇩1⟶E G & R |: F ⟶⇩o⇩n⇩t⇩oE G›
445
446AOT_theorem "equi-rem-thm":
447 ‹R |: F ⇩1⇩-⇩1⟷⇩E G ≡ R |: F ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩oE G›
448proof -
449 AOT_have ‹R |: F ⇩1⇩-⇩1⟷⇩E G ≡ R |: [λx O!x & [F]x] ⇩1⇩-⇩1⟷ [λx O!x & [G]x]›
450 proof(safe intro!: "≡I" "→I" "&I")
451 AOT_assume ‹R |: F ⇩1⇩-⇩1⟷⇩E G›
452 AOT_hence ‹∀u ([F]u → ∃!v ([G]v & [R]uv))›
453 and ‹∀v ([G]v → ∃!u ([F]u & [R]uv))›
454 using "equi:2"[THEN "≡⇩d⇩fE"] "&E" by blast+
455 AOT_hence a: ‹([F]u → ∃!v ([G]v & [R]uv))›
456 and b: ‹([G]v → ∃!u ([F]u & [R]uv))› for u v
457 using "Ordinary.∀E" by fast+
458 AOT_have ‹([λx [O!]x & [F]x]x → ∃!y ([λx [O!]x & [G]x]y & [R]xy))› for x
459 apply (AOT_subst ‹[λx [O!]x & [F]x]x› ‹[O!]x & [F]x›)
460 apply (rule "beta-C-meta"[THEN "→E"])
461 apply "cqt:2[lambda]"
462 apply (AOT_subst ‹[λx [O!]x & [G]x]x› ‹[O!]x & [G]x› for: x)
463 apply (rule "beta-C-meta"[THEN "→E"])
464 apply "cqt:2[lambda]"
465 apply (AOT_subst ‹O!y & [G]y & [R]xy› ‹O!y & ([G]y & [R]xy)› for: y)
466 apply (meson "≡E"(6) "Associativity of &" "oth-class-taut:3:a")
467 apply (rule "→I") apply (frule "&E"(1)) apply (drule "&E"(2))
468 by (fact a[unconstrain u, THEN "→E", THEN "→E", of x])
469 AOT_hence A: ‹∀x ([λx [O!]x & [F]x]x → ∃!y ([λx [O!]x & [G]x]y & [R]xy))›
470 by (rule GEN)
471 AOT_have ‹([λx [O!]x & [G]x]y → ∃!x ([λx [O!]x & [F]x]x & [R]xy))› for y
472 apply (AOT_subst ‹[λx [O!]x & [G]x]y› ‹[O!]y & [G]y›)
473 apply (rule "beta-C-meta"[THEN "→E"])
474 apply "cqt:2[lambda]"
475 apply (AOT_subst ‹[λx [O!]x & [F]x]x› ‹[O!]x & [F]x› for: x)
476 apply (rule "beta-C-meta"[THEN "→E"])
477 apply "cqt:2[lambda]"
478 apply (AOT_subst ‹O!x & [F]x & [R]xy› ‹O!x & ([F]x & [R]xy)› for: x)
479 apply (meson "≡E"(6) "Associativity of &" "oth-class-taut:3:a")
480 apply (rule "→I") apply (frule "&E"(1)) apply (drule "&E"(2))
481 by (fact b[unconstrain v, THEN "→E", THEN "→E", of y])
482 AOT_hence B: ‹∀y ([λx [O!]x & [G]x]y → ∃!x ([λx [O!]x & [F]x]x & [R]xy))›
483 by (rule GEN)
484 AOT_show ‹R |: [λx [O!]x & [F]x] ⇩1⇩-⇩1⟷ [λx [O!]x & [G]x]›
485 by (safe intro!: "1-1-cor"[THEN "≡⇩d⇩fI"] "&I"
486 "cqt:2[const_var]"[axiom_inst] A B)
487 "cqt:2[lambda]"+
488 next
489 AOT_assume ‹R |: [λx [O!]x & [F]x] ⇩1⇩-⇩1⟷ [λx [O!]x & [G]x]›
490 AOT_hence a: ‹([λx [O!]x & [F]x]x → ∃!y ([λx [O!]x & [G]x]y & [R]xy))› and
491 b: ‹([λx [O!]x & [G]x]y → ∃!x ([λx [O!]x & [F]x]x & [R]xy))› for x y
492 using "1-1-cor"[THEN "≡⇩d⇩fE"] "&E" "∀E"(2) by blast+
493 AOT_have ‹[F]u → ∃!v ([G]v & [R]uv)› for u
494 proof (safe intro!: "→I")
495 AOT_assume fu: ‹[F]u›
496 AOT_have 0: ‹[λx [O!]x & [F]x]u›
497 by (auto intro!: "β←C"(1) "cqt:2" "cqt:2[const_var]"[axiom_inst]
498 Ordinary.ψ fu "&I")
499 AOT_show ‹∃!v ([G]v & [R]uv)›
500 apply (AOT_subst ‹[O!]x & ([G]x & [R]ux)›
501 ‹([O!]x & [G]x) & [R]ux› for: x)
502 apply (simp add: "Associativity of &")
503 apply (AOT_subst (reverse) ‹[O!]x & [G]x›
504 ‹[λx [O!]x & [G]x]x› for: x)
505 apply (rule "beta-C-meta"[THEN "→E"])
506 apply "cqt:2[lambda]"
507 using a[THEN "→E", OF 0] by blast
508 qed
509 AOT_hence A: ‹∀u ([F]u → ∃!v ([G]v & [R]uv))›
510 by (rule Ordinary.GEN)
511 AOT_have ‹[G]v → ∃!u ([F]u & [R]uv)› for v
512 proof (safe intro!: "→I")
513 AOT_assume gu: ‹[G]v›
514 AOT_have 0: ‹[λx [O!]x & [G]x]v›
515 by (auto intro!: "β←C"(1) "cqt:2" "cqt:2[const_var]"[axiom_inst]
516 Ordinary.ψ gu "&I")
517 AOT_show ‹∃!u ([F]u & [R]uv)›
518 apply (AOT_subst ‹[O!]x & ([F]x & [R]xv)› ‹([O!]x & [F]x) & [R]xv› for: x)
519 apply (simp add: "Associativity of &")
520 apply (AOT_subst (reverse) ‹[O!]x & [F]x›‹[λx [O!]x & [F]x]x› for: x)
521 apply (rule "beta-C-meta"[THEN "→E"])
522 apply "cqt:2[lambda]"
523 using b[THEN "→E", OF 0] by blast
524 qed
525 AOT_hence B: ‹∀v ([G]v → ∃!u ([F]u & [R]uv))› by (rule Ordinary.GEN)
526 AOT_show ‹R |: F ⇩1⇩-⇩1⟷⇩E G›
527 by (safe intro!: "equi:2"[THEN "≡⇩d⇩fI"] "&I" A B "cqt:2[const_var]"[axiom_inst])
528 qed
529 also AOT_have ‹… ≡ R |: F ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩oE G›
530 proof(safe intro!: "≡I" "→I" "&I")
531 AOT_assume ‹R |: [λx [O!]x & [F]x] ⇩1⇩-⇩1⟷ [λx [O!]x & [G]x]›
532 AOT_hence a: ‹([λx [O!]x & [F]x]x → ∃!y ([λx [O!]x & [G]x]y & [R]xy))› and
533 b: ‹([λx [O!]x & [G]x]y → ∃!x ([λx [O!]x & [F]x]x & [R]xy))› for x y
534 using "1-1-cor"[THEN "≡⇩d⇩fE"] "&E" "∀E"(2) by blast+
535 AOT_show ‹R |: F ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩oE G›
536 proof (safe intro!: "equi-rem:4"[THEN "≡⇩d⇩fI"] "&I" "equi-rem:3"[THEN "≡⇩d⇩fI"]
537 "equi-rem:2"[THEN "≡⇩d⇩fI"] "equi-rem:1"[THEN "≡⇩d⇩fI"]
538 "cqt:2[const_var]"[axiom_inst] Ordinary.GEN "→I")
539 fix u
540 AOT_assume fu: ‹[F]u›
541 AOT_have 0: ‹[λx [O!]x & [F]x]u›
542 by (auto intro!: "β←C"(1) "cqt:2" "cqt:2[const_var]"[axiom_inst]
543 Ordinary.ψ fu "&I")
544 AOT_hence 1: ‹∃!y ([λx [O!]x & [G]x]y & [R]uy)›
545 using a[THEN "→E"] by blast
546 AOT_show ‹∃!v ([G]v & [R]uv)›
547 apply (AOT_subst ‹[O!]x & ([G]x & [R]ux)› ‹([O!]x & [G]x) & [R]ux› for: x)
548 apply (simp add: "Associativity of &")
549 apply (AOT_subst (reverse) ‹[O!]x & [G]x› ‹[λx [O!]x & [G]x]x› for: x)
550 apply (rule "beta-C-meta"[THEN "→E"])
551 apply "cqt:2[lambda]"
552 by (fact 1)
553 next
554 fix t u v
555 AOT_assume ‹[F]t & [F]u & [G]v› and rtv_tuv: ‹[R]tv & [R]uv›
556 AOT_hence oft: ‹[λx O!x & [F]x]t› and
557 ofu: ‹[λx O!x & [F]x]u› and
558 ogv: ‹[λx O!x & [G]x]v›
559 by (auto intro!: "β←C"(1) "cqt:2" "&I"
560 simp: Ordinary.ψ dest: "&E")
561 AOT_hence ‹∃!x ([λx [O!]x & [F]x]x & [R]xv)›
562 using b[THEN "→E"] by blast
563 then AOT_obtain a where
564 a_prop: ‹[λx [O!]x & [F]x]a & [R]av &
565 ∀x (([λx [O!]x & [F]x]x & [R]xv) → x = a)›
566 using "uniqueness:1"[THEN "≡⇩d⇩fE"] "∃E"[rotated] by blast
567 AOT_hence ua: ‹u = a›
568 using ofu rtv_tuv[THEN "&E"(2)] "∀E"(2) "→E" "&I" "&E"(2) by blast
569 moreover AOT_have ta: ‹t = a›
570 using a_prop oft rtv_tuv[THEN "&E"(1)] "∀E"(2) "→E" "&I" "&E"(2) by blast
571 ultimately AOT_have ‹t = u› by (metis "rule=E" id_sym)
572 AOT_thus ‹t =⇩E u›
573 using "rule=E" id_sym "ord=Eequiv:1" Ordinary.ψ ta ua "→E" by fast
574 next
575 fix u
576 AOT_assume ‹[F]u›
577 AOT_hence ‹[λx O!x & [F]x]u›
578 by (auto intro!: "β←C"(1) "cqt:2" "&I"
579 simp: "cqt:2[const_var]"[axiom_inst] Ordinary.ψ)
580 AOT_hence ‹∃!y ([λx [O!]x & [G]x]y & [R]uy)›
581 using a[THEN "→E"] by blast
582 then AOT_obtain a where
583 a_prop: ‹[λx [O!]x & [G]x]a & [R]ua &
584 ∀x (([λx [O!]x & [G]x]x & [R]ux) → x = a)›
585 using "uniqueness:1"[THEN "≡⇩d⇩fE"] "∃E"[rotated] by blast
586 AOT_have ‹O!a & [G]a›
587 by (rule "β→C"(1)) (auto simp: a_prop[THEN "&E"(1), THEN "&E"(1)])
588 AOT_hence ‹O!a› and ‹[G]a› using "&E" by blast+
589 moreover AOT_have ‹∀v ([G]v & [R]uv → v =⇩E a)›
590 proof(safe intro!: Ordinary.GEN "→I"; frule "&E"(1); drule "&E"(2))
591 fix v
592 AOT_assume ‹[G]v› and ruv: ‹[R]uv›
593 AOT_hence ‹[λx [O!]x & [G]x]v›
594 by (auto intro!: "β←C"(1) "cqt:2" "&I" simp: Ordinary.ψ)
595 AOT_hence ‹v = a›
596 using a_prop[THEN "&E"(2), THEN "∀E"(2), THEN "→E", OF "&I"] ruv by blast
597 AOT_thus ‹v =⇩E a›
598 using "rule=E" "ord=Eequiv:1" Ordinary.ψ "→E" by fast
599 qed
600 ultimately AOT_have ‹O!a & ([G]a & [R]ua & ∀v' ([G]v' & [R]uv' → v' =⇩E a))›
601 using "∃I" "&I" a_prop[THEN "&E"(1), THEN "&E"(2)] by simp
602 AOT_hence ‹∃v ([G]v & [R]uv & ∀v' ([G]v' & [R]uv' → v' =⇩E v))›
603 by (rule "∃I")
604 AOT_thus ‹∃!v ([G]v & [R]uv)›
605 by (rule "equi:1"[THEN "≡E"(2)])
606 next
607 fix v
608 AOT_assume ‹[G]v›
609 AOT_hence ‹[λx O!x & [G]x]v›
610 by (auto intro!: "β←C"(1) "cqt:2" "&I" Ordinary.ψ)
611 AOT_hence ‹∃!x ([λx [O!]x & [F]x]x & [R]xv)›
612 using b[THEN "→E"] by blast
613 then AOT_obtain a where
614 a_prop: ‹[λx [O!]x & [F]x]a & [R]av &
615 ∀y ([λx [O!]x & [F]x]y & [R]yv → y = a)›
616 using "uniqueness:1"[THEN "≡⇩d⇩fE", THEN "∃E"[rotated]] by blast
617 AOT_have ‹O!a & [F]a›
618 by (rule "β→C"(1)) (auto simp: a_prop[THEN "&E"(1), THEN "&E"(1)])
619 AOT_hence ‹O!a & ([F]a & [R]av)›
620 using a_prop[THEN "&E"(1), THEN "&E"(2)] "&E" "&I" by metis
621 AOT_thus ‹∃u ([F]u & [R]uv)›
622 by (rule "∃I")
623 qed
624 next
625 AOT_assume ‹R |: F ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩oE G›
626 AOT_hence 1: ‹R |: F ⇩1⇩-⇩1⟶E G›
627 and 2: ‹R |: F ⟶⇩o⇩n⇩t⇩oE G›
628 using "equi-rem:4"[THEN "≡⇩d⇩fE"] "&E" by blast+
629 AOT_hence 3: ‹R |: F ⟶E G›
630 and A: ‹∀t ∀u ∀v ([F]t & [F]u & [G]v → ([R]tv & [R]uv → t =⇩E u))›
631 using "equi-rem:2"[THEN "≡⇩d⇩fE", OF 1] "&E" by blast+
632 AOT_hence B: ‹∀u ([F]u → ∃!v ([G]v & [R]uv))›
633 using "equi-rem:1"[THEN "≡⇩d⇩fE"] "&E" by blast
634 AOT_have C: ‹∀v ([G]v → ∃u ([F]u & [R]uv))›
635 using "equi-rem:3"[THEN "≡⇩d⇩fE", OF 2] "&E" by blast
636 AOT_show ‹R |: [λx [O!]x & [F]x] ⇩1⇩-⇩1⟷ [λx [O!]x & [G]x]›
637 proof (rule "1-1-cor"[THEN "≡⇩d⇩fI"];
638 safe intro!: "&I" "cqt:2" GEN "→I")
639 fix x
640 AOT_assume 1: ‹[λx [O!]x & [F]x]x›
641 AOT_have ‹O!x & [F]x›
642 by (rule "β→C"(1)) (auto simp: 1)
643 AOT_hence ‹∃!v ([G]v & [R]xv)›
644 using B[THEN "∀E"(2), THEN "→E", THEN "→E"] "&E" by blast
645 then AOT_obtain y where
646 y_prop: ‹O!y & ([G]y & [R]xy & ∀u ([G]u & [R]xu → u =⇩E y))›
647 using "equi:1"[THEN "≡E"(1)] "∃E"[rotated] by fastforce
648 AOT_hence ‹[λx O!x & [G]x]y›
649 by (auto intro!: "β←C"(1) "cqt:2" "&I" dest: "&E")
650 moreover AOT_have ‹∀z ([λx O!x & [G]x]z & [R]xz → z = y)›
651 proof(safe intro!: GEN "→I"; frule "&E"(1); drule "&E"(2))
652 fix z
653 AOT_assume 1: ‹[λx [O!]x & [G]x]z›
654 AOT_have 2: ‹O!z & [G]z›
655 by (rule "β→C"(1)) (auto simp: 1)
656 moreover AOT_assume ‹[R]xz›
657 ultimately AOT_have ‹z =⇩E y›
658 using y_prop[THEN "&E"(2), THEN "&E"(2), THEN "∀E"(2),
659 THEN "→E", THEN "→E", rotated, OF "&I"] "&E"
660 by blast
661 AOT_thus ‹z = y›
662 using 2[THEN "&E"(1)] by (metis "=E-simple:2" "→E")
663 qed
664 ultimately AOT_have ‹[λx O!x & [G]x]y & [R]xy &
665 ∀z ([λx O!x & [G]x]z & [R]xz → z = y)›
666 using y_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(2)] "&I" by auto
667 AOT_hence ‹∃y ([λx O!x & [G]x]y & [R]xy &
668 ∀z ([λx O!x & [G]x]z & [R]xz → z = y))›
669 by (rule "∃I")
670 AOT_thus ‹∃!y ([λx [O!]x & [G]x]y & [R]xy)›
671 using "uniqueness:1"[THEN "≡⇩d⇩fI"] by fast
672 next
673 fix y
674 AOT_assume 1: ‹[λx [O!]x & [G]x]y›
675 AOT_have oy_gy: ‹O!y & [G]y›
676 by (rule "β→C"(1)) (auto simp: 1)
677 AOT_hence ‹∃u ([F]u & [R]uy)›
678 using C[THEN "∀E"(2), THEN "→E", THEN "→E"] "&E" by blast
679 then AOT_obtain x where x_prop: ‹O!x & ([F]x & [R]xy)›
680 using "∃E"[rotated] by blast
681 AOT_hence ofx: ‹[λx O!x & [F]x]x›
682 by (auto intro!: "β←C"(1) "cqt:2" "&I" dest: "&E")
683 AOT_have ‹∃α ([λx [O!]x & [F]x]α & [R]αy &
684 ∀β ([λx [O!]x & [F]x]β & [R]βy → β = α))›
685 proof (safe intro!: "∃I"(2)[where β=x] "&I" GEN "→I")
686 AOT_show ‹[λx O!x & [F]x]x› using ofx.
687 next
688 AOT_show ‹[R]xy› using x_prop[THEN "&E"(2), THEN "&E"(2)].
689 next
690 fix z
691 AOT_assume 1: ‹[λx [O!]x & [F]x]z & [R]zy›
692 AOT_have oz_fz: ‹O!z & [F]z›
693 by (rule "β→C"(1)) (auto simp: 1[THEN "&E"(1)])
694 AOT_have ‹z =⇩E x›
695 using A[THEN "∀E"(2)[where β=z], THEN "→E", THEN "∀E"(2)[where β=x],
696 THEN "→E", THEN "∀E"(2)[where β=y], THEN "→E",
697 THEN "→E", THEN "→E", OF oz_fz[THEN "&E"(1)],
698 OF x_prop[THEN "&E"(1)], OF oy_gy[THEN "&E"(1)], OF "&I", OF "&I",
699 OF oz_fz[THEN "&E"(2)], OF x_prop[THEN "&E"(2), THEN "&E"(1)],
700 OF oy_gy[THEN "&E"(2)], OF "&I", OF 1[THEN "&E"(2)],
701 OF x_prop[THEN "&E"(2), THEN "&E"(2)]].
702 AOT_thus ‹z = x›
703 by (metis "=E-simple:2" "vdash-properties:10")
704 qed
705 AOT_thus ‹∃!x ([λx [O!]x & [F]x]x & [R]xy)›
706 by (rule "uniqueness:1"[THEN "≡⇩d⇩fI"])
707 qed
708 qed
709 finally show ?thesis.
710qed
711
712AOT_theorem "empty-approx:1": ‹(¬∃u [F]u & ¬∃v [H]v) → F ≈⇩E H›
713proof(rule "→I"; frule "&E"(1); drule "&E"(2))
714 AOT_assume 0: ‹¬∃u [F]u› and 1: ‹¬∃v [H]v›
715 AOT_have ‹∀u ([F]u → ∃!v ([H]v & [R]uv))› for R
716 proof(rule Ordinary.GEN; rule "→I"; rule "raa-cor:1")
717 fix u
718 AOT_assume ‹[F]u›
719 AOT_hence ‹∃u [F]u› using "Ordinary.∃I" "&I" by fast
720 AOT_thus ‹∃u [F]u & ¬∃u [F]u› using "&I" 0 by blast
721 qed
722 moreover AOT_have ‹∀v ([H]v → ∃!u ([F]u & [R]uv))› for R
723 proof(rule Ordinary.GEN; rule "→I"; rule "raa-cor:1")
724 fix v
725 AOT_assume ‹[H]v›
726 AOT_hence ‹∃v [H]v› using "Ordinary.∃I" "&I" by fast
727 AOT_thus ‹∃v [H]v & ¬∃v [H]v› using 1 "&I" by blast
728 qed
729 ultimately AOT_have ‹R |: F ⇩1⇩-⇩1⟷⇩E H› for R
730 apply (safe intro!: "equi:2"[THEN "≡⇩d⇩fI"] "&I" GEN "cqt:2[const_var]"[axiom_inst])
731 using "∀E" by blast+
732 AOT_hence ‹∃R R |: F ⇩1⇩-⇩1⟷⇩E H› by (rule "∃I")
733 AOT_thus ‹F ≈⇩E H›
734 by (rule "equi:3"[THEN "≡⇩d⇩fI"])
735qed
736
737AOT_theorem "empty-approx:2": ‹(∃u [F]u & ¬∃v [H]v) → ¬(F ≈⇩E H)›
738proof(rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:2")
739 AOT_assume 1: ‹∃u [F]u› and 2: ‹¬∃v [H]v›
740 AOT_obtain b where b_prop: ‹O!b & [F]b›
741 using 1 "∃E"[rotated] by blast
742 AOT_assume ‹F ≈⇩E H›
743 AOT_hence ‹∃R R |: F ⇩1⇩-⇩1⟷⇩E H›
744 by (rule "equi:3"[THEN "≡⇩d⇩fE"])
745 then AOT_obtain R where ‹R |: F ⇩1⇩-⇩1⟷⇩E H›
746 using "∃E"[rotated] by blast
747 AOT_hence θ: ‹∀u ([F]u → ∃!v ([H]v & [R]uv))›
748 using "equi:2"[THEN "≡⇩d⇩fE"] "&E" by blast+
749 AOT_have ‹∃!v ([H]v & [R]bv)› for u
750 using θ[THEN "∀E"(2)[where β=b], THEN "→E", THEN "→E",
751 OF b_prop[THEN "&E"(1)], OF b_prop[THEN "&E"(2)]].
752 AOT_hence ‹∃v ([H]v & [R]bv & ∀u ([H]u & [R]bu → u =⇩E v))›
753 by (rule "equi:1"[THEN "≡E"(1)])
754 then AOT_obtain x where ‹O!x & ([H]x & [R]bx & ∀u ([H]u & [R]bu → u =⇩E x))›
755 using "∃E"[rotated] by blast
756 AOT_hence ‹O!x & [H]x› using "&E" "&I" by blast
757 AOT_hence ‹∃v [H]v› by (rule "∃I")
758 AOT_thus ‹∃v [H]v & ¬∃v [H]v› using 2 "&I" by blast
759qed
760
761
762AOT_define FminusU :: ‹Π ⇒ τ ⇒ Π› ("_⇧-⇧_")
763 "F-u": ‹[F]⇧-⇧x =⇩d⇩f [λz [F]z & z ≠⇩E x]›
764
765text‹Note: not explicitly in PLM.›
766AOT_theorem "F-u[den]": ‹[F]⇧-⇧x↓›
767 by (rule "=⇩d⇩fI"(1)[OF "F-u", where τ⇩1τ⇩n="(_,_)", simplified]; "cqt:2[lambda]")
768AOT_theorem "F-u[equiv]": ‹[[F]⇧-⇧x]y ≡ ([F]y & y ≠⇩E x)›
769 by (auto intro: "F-u"[THEN "=⇩d⇩fI"(1), where τ⇩1τ⇩n="(_,_)", simplified]
770 intro!: "cqt:2" "beta-C-cor:2"[THEN "→E", THEN "∀E"(2)])
771
772AOT_theorem eqP': ‹F ≈⇩E G & [F]u & [G]v → [F]⇧-⇧u ≈⇩E [G]⇧-⇧v›
773proof (rule "→I"; frule "&E"(2); drule "&E"(1); frule "&E"(2); drule "&E"(1))
774 AOT_assume ‹F ≈⇩E G›
775 AOT_hence ‹∃R R |: F ⇩1⇩-⇩1⟷⇩E G›
776 using "equi:3"[THEN "≡⇩d⇩fE"] by blast
777 then AOT_obtain R where R_prop: ‹R |: F ⇩1⇩-⇩1⟷⇩E G›
778 using "∃E"[rotated] by blast
779 AOT_hence A: ‹∀u ([F]u → ∃!v ([G]v & [R]uv))›
780 and B: ‹∀v ([G]v → ∃!u ([F]u & [R]uv))›
781 using "equi:2"[THEN "≡⇩d⇩fE"] "&E" by blast+
782 AOT_have ‹R |: F ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩oE G›
783 using "equi-rem-thm"[THEN "≡E"(1), OF R_prop].
784 AOT_hence ‹R |: F ⇩1⇩-⇩1⟶E G & R |: F ⟶⇩o⇩n⇩t⇩oE G›
785 using "equi-rem:4"[THEN "≡⇩d⇩fE"] by blast
786 AOT_hence C: ‹∀t∀u∀v (([F]t & [F]u & [G]v) → ([R]tv & [R]uv → t =⇩E u))›
787 using "equi-rem:2"[THEN "≡⇩d⇩fE"] "&E" by blast
788 AOT_assume fu: ‹[F]u›
789 AOT_assume gv: ‹[G]v›
790 AOT_have ‹[λz [Π]z & z ≠⇩E κ]↓› for Π κ
791 by "cqt:2[lambda]"
792 note Π_minus_κI = "rule-id-df:2:b[2]"[
793 where τ=‹(λ(Π, κ). «[Π]⇧-⇧κ»)›, simplified, OF "F-u", simplified, OF this]
794 and Π_minus_κE = "rule-id-df:2:a[2]"[
795 where τ=‹(λ(Π, κ). «[Π]⇧-⇧κ»)›, simplified, OF "F-u", simplified, OF this]
796 AOT_have Π_minus_κ_den: ‹[Π]⇧-⇧κ↓› for Π κ
797 by (rule Π_minus_κI) "cqt:2[lambda]"+
798 {
799 fix R
800 AOT_assume R_prop: ‹R |: F ⇩1⇩-⇩1⟷⇩E G›
801 AOT_hence A: ‹∀u ([F]u → ∃!v ([G]v & [R]uv))›
802 and B: ‹∀v ([G]v → ∃!u ([F]u & [R]uv))›
803 using "equi:2"[THEN "≡⇩d⇩fE"] "&E" by blast+
804 AOT_have ‹R |: F ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩oE G›
805 using "equi-rem-thm"[THEN "≡E"(1), OF R_prop].
806 AOT_hence ‹R |: F ⇩1⇩-⇩1⟶E G & R |: F ⟶⇩o⇩n⇩t⇩oE G›
807 using "equi-rem:4"[THEN "≡⇩d⇩fE"] by blast
808 AOT_hence C: ‹∀t∀u∀v (([F]t & [F]u & [G]v) → ([R]tv & [R]uv → t =⇩E u))›
809 using "equi-rem:2"[THEN "≡⇩d⇩fE"] "&E" by blast
810
811 AOT_assume Ruv: ‹[R]uv›
812 AOT_have ‹R |: [F]⇧-⇧u ⇩1⇩-⇩1⟷⇩E [G]⇧-⇧v›
813 proof(safe intro!: "equi:2"[THEN "≡⇩d⇩fI"] "&I" "cqt:2[const_var]"[axiom_inst]
814 Π_minus_κ_den Ordinary.GEN "→I")
815 fix u'
816 AOT_assume ‹[[F]⇧-⇧u]u'›
817 AOT_hence 0: ‹[λz [F]z & z ≠⇩E u]u'›
818 using Π_minus_κE by fast
819 AOT_have 0: ‹[F]u' & u' ≠⇩E u›
820 by (rule "β→C"(1)[where κ⇩1κ⇩n="AOT_term_of_var (Ordinary.Rep u')"]) (fact 0)
821 AOT_have ‹∃!v ([G]v & [R]u'v)›
822 using A[THEN "Ordinary.∀E"[where α=u'], THEN "→E", OF 0[THEN "&E"(1)]].
823 then AOT_obtain v' where
824 v'_prop: ‹[G]v' & [R]u'v' & ∀ t ([G]t & [R]u't → t =⇩E v')›
825 using "equi:1"[THEN "≡E"(1)] "Ordinary.∃E"[rotated] by fastforce
826
827 AOT_show ‹∃!v' ([[G]⇧-⇧v]v' & [R]u'v')›
828 proof (safe intro!: "equi:1"[THEN "≡E"(2)] "Ordinary.∃I"[where β=v']
829 "&I" Ordinary.GEN "→I")
830 AOT_show ‹[[G]⇧-⇧v]v'›
831 proof (rule Π_minus_κI;
832 safe intro!: "β←C"(1) "cqt:2" "&I" "thm-neg=E"[THEN "≡E"(2)])
833 AOT_show ‹[G]v'› using v'_prop "&E" by blast
834 next
835 AOT_show ‹¬v' =⇩E v›
836 proof (rule "raa-cor:2")
837 AOT_assume ‹v' =⇩E v›
838 AOT_hence ‹v' = v› by (metis "=E-simple:2" "→E")
839 AOT_hence Ruv': ‹[R]uv'› using "rule=E" Ruv id_sym by fast
840 AOT_have ‹u' =⇩E u›
841 by (rule C[THEN "Ordinary.∀E", THEN "Ordinary.∀E",
842 THEN "Ordinary.∀E"[where α=v'], THEN "→E", THEN "→E"])
843 (safe intro!: "&I" 0[THEN "&E"(1)] fu
844 v'_prop[THEN "&E"(1), THEN "&E"(1)]
845 Ruv' v'_prop[THEN "&E"(1), THEN "&E"(2)])
846 moreover AOT_have ‹¬(u' =⇩E u)›
847 using "0" "&E"(2) "≡E"(1) "thm-neg=E" by blast
848 ultimately AOT_show ‹u' =⇩E u & ¬u' =⇩E u› using "&I" by blast
849 qed
850 qed
851 next
852 AOT_show ‹[R]u'v'› using v'_prop "&E" by blast
853 next
854 fix t
855 AOT_assume t_prop: ‹[[G]⇧-⇧v]t & [R]u't›
856 AOT_have gt_t_noteq_v: ‹[G]t & t ≠⇩E v›
857 apply (rule "β→C"(1)[where κ⇩1κ⇩n="AOT_term_of_var (Ordinary.Rep t)"])
858 apply (rule Π_minus_κE)
859 by (fact t_prop[THEN "&E"(1)])
860 AOT_show ‹t =⇩E v'›
861 using v'_prop[THEN "&E"(2), THEN "Ordinary.∀E", THEN "→E",
862 OF "&I", OF gt_t_noteq_v[THEN "&E"(1)],
863 OF t_prop[THEN "&E"(2)]].
864 qed
865 next
866 fix v'
867 AOT_assume G_minus_v_v': ‹[[G]⇧-⇧v]v'›
868 AOT_have gt_t_noteq_v: ‹[G]v' & v' ≠⇩E v›
869 apply (rule "β→C"(1)[where κ⇩1κ⇩n="AOT_term_of_var (Ordinary.Rep v')"])
870 apply (rule Π_minus_κE)
871 by (fact G_minus_v_v')
872 AOT_have ‹∃!u([F]u & [R]uv')›
873 using B[THEN "Ordinary.∀E", THEN "→E", OF gt_t_noteq_v[THEN "&E"(1)]].
874 then AOT_obtain u' where
875 u'_prop: ‹[F]u' & [R]u'v' & ∀t ([F]t & [R]tv' → t =⇩E u')›
876 using "equi:1"[THEN "≡E"(1)] "Ordinary.∃E"[rotated] by fastforce
877 AOT_show ‹∃!u' ([[F]⇧-⇧u]u' & [R]u'v')›
878 proof (safe intro!: "equi:1"[THEN "≡E"(2)] "Ordinary.∃I"[where β=u'] "&I"
879 u'_prop[THEN "&E"(1), THEN "&E"(2)] Ordinary.GEN "→I")
880 AOT_show ‹[[F]⇧-⇧u]u'›
881 proof (rule Π_minus_κI;
882 safe intro!: "β←C"(1) "cqt:2" "&I" "thm-neg=E"[THEN "≡E"(2)]
883 u'_prop[THEN "&E"(1), THEN "&E"(1)]; rule "raa-cor:2")
884 AOT_assume u'_eq_u: ‹u' =⇩E u›
885 AOT_hence ‹u' = u›
886 using "=E-simple:2" "vdash-properties:10" by blast
887 AOT_hence Ru'v: ‹[R]u'v› using "rule=E" Ruv id_sym by fast
888 AOT_have ‹v' ≠⇩E v›
889 using "&E"(2) gt_t_noteq_v by blast
890 AOT_hence v'_noteq_v: ‹¬(v' =⇩E v)› by (metis "≡E"(1) "thm-neg=E")
891 AOT_have ‹∃u ([G]u & [R]u'u & ∀v ([G]v & [R]u'v → v =⇩E u))›
892 using A[THEN "Ordinary.∀E", THEN "→E",
893 OF u'_prop[THEN "&E"(1), THEN "&E"(1)],
894 THEN "equi:1"[THEN "≡E"(1)]].
895 then AOT_obtain t where
896 t_prop: ‹[G]t & [R]u't & ∀v ([G]v & [R]u'v → v =⇩E t)›
897 using "Ordinary.∃E"[rotated] by meson
898 AOT_have ‹v =⇩E t› if ‹[G]v› and ‹[R]u'v› for v
899 using t_prop[THEN "&E"(2), THEN "Ordinary.∀E", THEN "→E",
900 OF "&I", OF that].
901 AOT_hence ‹v' =⇩E t› and ‹v =⇩E t›
902 by (auto simp: gt_t_noteq_v[THEN "&E"(1)] Ru'v gv
903 u'_prop[THEN "&E"(1), THEN "&E"(2)])
904 AOT_hence ‹v' =⇩E v›
905 using "rule=E" "=E-simple:2" id_sym "→E" by fast
906 AOT_thus ‹v' =⇩E v & ¬v' =⇩E v›
907 using v'_noteq_v "&I" by blast
908 qed
909 next
910 fix t
911 AOT_assume 0: ‹[[F]⇧-⇧u]t & [R]tv'›
912 moreover AOT_have ‹[F]t & t ≠⇩E u›
913 apply (rule "β→C"(1)[where κ⇩1κ⇩n="AOT_term_of_var (Ordinary.Rep t)"])
914 apply (rule Π_minus_κE)
915 by (fact 0[THEN "&E"(1)])
916 ultimately AOT_show ‹t =⇩E u'›
917 using u'_prop[THEN "&E"(2), THEN "Ordinary.∀E", THEN "→E", OF "&I"]
918 "&E" by blast
919 qed
920 qed
921 AOT_hence ‹∃R R |: [F]⇧-⇧u ⇩1⇩-⇩1⟷⇩E [G]⇧-⇧v›
922 by (rule "∃I")
923 } note 1 = this
924 moreover {
925 AOT_assume not_Ruv: ‹¬[R]uv›
926 AOT_have ‹∃!v ([G]v & [R]uv)›
927 using A[THEN "Ordinary.∀E", THEN "→E", OF fu].
928 then AOT_obtain b where
929 b_prop: ‹O!b & ([G]b & [R]ub & ∀t([G]t & [R]ut → t =⇩E b))›
930 using "equi:1"[THEN "≡E"(1)] "∃E"[rotated] by fastforce
931 AOT_hence ob: ‹O!b› and gb: ‹[G]b› and Rub: ‹[R]ub›
932 using "&E" by blast+
933 AOT_have ‹O!t → ([G]t & [R]ut → t =⇩E b)› for t
934 using b_prop "&E"(2) "∀E"(2) by blast
935 AOT_hence b_unique: ‹t =⇩E b› if ‹O!t› and ‹[G]t› and ‹[R]ut› for t
936 by (metis Adjunction "modus-tollens:1" "reductio-aa:1" that)
937 AOT_have not_v_eq_b: ‹¬(v =⇩E b)›
938 proof(rule "raa-cor:2")
939 AOT_assume ‹v =⇩E b›
940 AOT_hence 0: ‹v = b›
941 by (metis "=E-simple:2" "→E")
942 AOT_have ‹[R]uv›
943 using b_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(2)]
944 "rule=E"[rotated, OF 0[symmetric]] by fast
945 AOT_thus ‹[R]uv & ¬[R]uv›
946 using not_Ruv "&I" by blast
947 qed
948 AOT_have not_b_eq_v: ‹¬(b =⇩E v)›
949 using "modus-tollens:1" not_v_eq_b "ord=Eequiv:2" by blast
950 AOT_have ‹∃!u ([F]u & [R]uv)›
951 using B[THEN "Ordinary.∀E", THEN "→E", OF gv].
952 then AOT_obtain a where
953 a_prop: ‹O!a & ([F]a & [R]av & ∀t([F]t & [R]tv → t =⇩E a))›
954 using "equi:1"[THEN "≡E"(1)] "∃E"[rotated] by fastforce
955 AOT_hence Oa: ‹O!a› and fa: ‹[F]a› and Rav: ‹[R]av›
956 using "&E" by blast+
957 AOT_have ‹O!t → ([F]t & [R]tv → t =⇩E a)› for t
958 using a_prop "&E" "∀E"(2) by blast
959 AOT_hence a_unique: ‹t =⇩E a› if ‹O!t› and ‹[F]t› and ‹[R]tv› for t
960 by (metis Adjunction "modus-tollens:1" "reductio-aa:1" that)
961 AOT_have not_u_eq_a: ‹¬(u =⇩E a)›
962 proof(rule "raa-cor:2")
963 AOT_assume ‹u =⇩E a›
964 AOT_hence 0: ‹u = a›
965 by (metis "=E-simple:2" "→E")
966 AOT_have ‹[R]uv›
967 using a_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(2)]
968 "rule=E"[rotated, OF 0[symmetric]] by fast
969 AOT_thus ‹[R]uv & ¬[R]uv›
970 using not_Ruv "&I" by blast
971 qed
972 AOT_have not_a_eq_u: ‹¬(a =⇩E u)›
973 using "modus-tollens:1" not_u_eq_a "ord=Eequiv:2" by blast
974 let ?R = ‹«[λu'v' (u' ≠⇩E u & v' ≠⇩E v & [R]u'v') ∨
975 (u' =⇩E a & v' =⇩E b) ∨
976 (u' =⇩E u & v' =⇩E v)]»›
977 AOT_have ‹[«?R»]↓› by "cqt:2[lambda]"
978 AOT_hence ‹∃ β β = [«?R»]›
979 using "free-thms:1" "≡E"(1) by fast
980 then AOT_obtain R⇩1 where R⇩1_def: ‹R⇩1 = [«?R»]›
981 using "∃E"[rotated] by blast
982 AOT_have Rxy1: ‹[R]xy› if ‹[R⇩1]xy› and ‹x ≠⇩E u› and ‹x ≠⇩E a› for x y
983 proof -
984 AOT_have 0: ‹[«?R»]xy›
985 by (rule "rule=E"[rotated, OF R⇩1_def]) (fact that(1))
986 AOT_have ‹(x ≠⇩E u & y ≠⇩E v & [R]xy) ∨ (x =⇩E a & y =⇩E b) ∨ (x =⇩E u & y =⇩E v)›
987 using "β→C"(1)[OF 0] by simp
988 AOT_hence ‹x ≠⇩E u & y ≠⇩E v & [R]xy› using that(2,3)
989 by (metis "∨E"(3) "Conjunction Simplification"(1) "≡E"(1)
990 "modus-tollens:1" "thm-neg=E")
991 AOT_thus ‹[R]xy› using "&E" by blast+
992 qed
993 AOT_have Rxy2: ‹[R]xy› if ‹[R⇩1]xy› and ‹y ≠⇩E v› and ‹y ≠⇩E b› for x y
994 proof -
995 AOT_have 0: ‹[«?R»]xy›
996 by (rule "rule=E"[rotated, OF R⇩1_def]) (fact that(1))
997 AOT_have ‹(x ≠⇩E u & y ≠⇩E v & [R]xy) ∨ (x =⇩E a & y =⇩E b) ∨ (x =⇩E u & y =⇩E v)›
998 using "β→C"(1)[OF 0] by simp
999 AOT_hence ‹x ≠⇩E u & y ≠⇩E v & [R]xy›
1000 using that(2,3)
1001 by (metis "∨E"(3) "Conjunction Simplification"(2) "≡E"(1)
1002 "modus-tollens:1" "thm-neg=E")
1003 AOT_thus ‹[R]xy› using "&E" by blast+
1004 qed
1005 AOT_have R⇩1xy: ‹[R⇩1]xy› if ‹[R]xy› and ‹x ≠⇩E u› and ‹y ≠⇩E v› for x y
1006 by (rule "rule=E"[rotated, OF R⇩1_def[symmetric]])
1007 (auto intro!: "β←C"(1) "cqt:2"
1008 simp: "&I" "ex:1:a" prod_denotesI "rule-ui:3" that "∨I"(1))
1009 AOT_have R⇩1ab: ‹[R⇩1]ab›
1010 apply (rule "rule=E"[rotated, OF R⇩1_def[symmetric]])
1011 apply (safe intro!: "β←C"(1) "cqt:2" prod_denotesI "&I")
1012 by (meson a_prop b_prop "&I" "&E"(1) "∨I"(1) "∨I"(2) "ord=Eequiv:1" "→E")
1013 AOT_have R⇩1uv: ‹[R⇩1]uv›
1014 apply (rule "rule=E"[rotated, OF R⇩1_def[symmetric]])
1015 apply (safe intro!: "β←C"(1) "cqt:2" prod_denotesI "&I")
1016 by (meson "&I" "∨I"(2) "ord=Eequiv:1" Ordinary.ψ "→E")
1017 moreover AOT_have ‹R⇩1 |: F ⇩1⇩-⇩1⟷⇩E G›
1018 proof (safe intro!: "equi:2"[THEN "≡⇩d⇩fI"] "&I" "cqt:2" Ordinary.GEN "→I")
1019 fix u'
1020 AOT_assume fu': ‹[F]u'›
1021 {
1022 AOT_assume not_u'_eq_u: ‹¬(u' =⇩E u)› and not_u'_eq_a: ‹¬(u' =⇩E a)›
1023 AOT_hence u'_noteq_u: ‹u' ≠⇩E u› and u'_noteq_a: ‹u' ≠⇩E a›
1024 by (metis "≡E"(2) "thm-neg=E")+
1025 AOT_have ‹∃!v ([G]v & [R]u'v)›
1026 using A[THEN "Ordinary.∀E", THEN "→E", OF fu'].
1027 AOT_hence ‹∃v ([G]v & [R]u'v & ∀t ([G]t & [R]u't → t =⇩E v))›
1028 using "equi:1"[THEN "≡E"(1)] by simp
1029 then AOT_obtain v' where
1030 v'_prop: ‹[G]v' & [R]u'v' & ∀t ([G]t & [R]u't → t =⇩E v')›
1031 using "Ordinary.∃E"[rotated] by meson
1032 AOT_hence gv': ‹[G]v'› and Ru'v': ‹[R]u'v'›
1033 using "&E" by blast+
1034 AOT_have not_v'_eq_v: ‹¬v' =⇩E v›
1035 proof (rule "raa-cor:2")
1036 AOT_assume ‹v' =⇩E v›
1037 AOT_hence ‹v' = v›
1038 by (metis "=E-simple:2" "→E")
1039 AOT_hence Ru'v: ‹[R]u'v›
1040 using "rule=E" Ru'v' by fast
1041 AOT_have ‹u' =⇩E a›
1042 using a_unique[OF Ordinary.ψ, OF fu', OF Ru'v].
1043 AOT_thus ‹u' =⇩E a & ¬u' =⇩E a›
1044 using not_u'_eq_a "&I" by blast
1045 qed
1046 AOT_hence v'_noteq_v: ‹v' ≠⇩E v›
1047 using "≡E"(2) "thm-neg=E" by blast
1048 AOT_have ‹∀t ([G]t & [R]u't → t =⇩E v')›
1049 using v'_prop "&E" by blast
1050 AOT_hence ‹[G]t & [R]u't → t =⇩E v'› for t
1051 using "Ordinary.∀E" by meson
1052 AOT_hence v'_unique: ‹t =⇩E v'› if ‹[G]t› and ‹[R]u't› for t
1053 by (metis "&I" that "→E")
1054
1055 AOT_have ‹[G]v' & [R⇩1]u'v' & ∀t ([G]t & [R⇩1]u't → t =⇩E v')›
1056 proof (safe intro!: "&I" gv' R⇩1xy Ru'v' u'_noteq_u u'_noteq_a "→I"
1057 Ordinary.GEN "thm-neg=E"[THEN "≡E"(2)] not_v'_eq_v)
1058 fix t
1059 AOT_assume 1: ‹[G]t & [R⇩1]u't›
1060 AOT_have ‹[R]u't›
1061 using Rxy1[OF 1[THEN "&E"(2)], OF u'_noteq_u, OF u'_noteq_a].
1062 AOT_thus ‹t =⇩E v'›
1063 using v'_unique 1[THEN "&E"(1)] by blast
1064 qed
1065 AOT_hence ‹∃v ([G]v & [R⇩1]u'v & ∀t ([G]t & [R⇩1]u't → t =⇩E v))›
1066 by (rule "Ordinary.∃I")
1067 AOT_hence ‹∃!v ([G]v & [R⇩1]u'v)›
1068 by (rule "equi:1"[THEN "≡E"(2)])
1069 }
1070 moreover {
1071 AOT_assume 0: ‹u' =⇩E u›
1072 AOT_hence u'_eq_u: ‹u' = u›
1073 using "=E-simple:2" "→E" by blast
1074 AOT_have ‹∃!v ([G]v & [R⇩1]u'v)›
1075 proof (safe intro!: "equi:1"[THEN "≡E"(2)] "Ordinary.∃I"[where β=v]
1076 "&I" Ordinary.GEN "→I" gv)
1077 AOT_show ‹[R⇩1]u'v›
1078 apply (rule "rule=E"[rotated, OF R⇩1_def[symmetric]])
1079 apply (safe intro!: "β←C"(1) "cqt:2" "&I" prod_denotesI)
1080 by (safe intro!: "∨I"(2) "&I" 0 "ord=Eequiv:1"[THEN "→E", OF Ordinary.ψ])
1081 next
1082 fix v'
1083 AOT_assume ‹[G]v' & [R⇩1]u'v'›
1084 AOT_hence 0: ‹[R⇩1]uv'›
1085 using "rule=E"[rotated, OF u'_eq_u] "&E"(2) by fast
1086 AOT_have 1: ‹[«?R»]uv'›
1087 by (rule "rule=E"[rotated, OF R⇩1_def]) (fact 0)
1088 AOT_have 2: ‹(u ≠⇩E u & v' ≠⇩E v & [R]uv') ∨
1089 (u =⇩E a & v' =⇩E b) ∨
1090 (u =⇩E u & v' =⇩E v)›
1091 using "β→C"(1)[OF 1] by simp
1092 AOT_have ‹¬u ≠⇩E u›
1093 using "≡E"(4) "modus-tollens:1" "ord=Eequiv:1" Ordinary.ψ
1094 "reductio-aa:2" "thm-neg=E" by blast
1095 AOT_hence ‹¬((u ≠⇩E u & v' ≠⇩E v & [R]uv') ∨ (u =⇩E a & v' =⇩E b))›
1096 using not_u_eq_a
1097 by (metis "∨E"(2) "Conjunction Simplification"(1)
1098 "modus-tollens:1" "reductio-aa:1")
1099 AOT_hence ‹(u =⇩E u & v' =⇩E v)›
1100 using 2 by (metis "∨E"(2))
1101 AOT_thus ‹v' =⇩E v›
1102 using "&E" by blast
1103 qed
1104 }
1105 moreover {
1106 AOT_assume 0: ‹u' =⇩E a›
1107 AOT_hence u'_eq_a: ‹u' = a›
1108 using "=E-simple:2" "→E" by blast
1109 AOT_have ‹∃!v ([G]v & [R⇩1]u'v)›
1110 proof (safe intro!: "equi:1"[THEN "≡E"(2)] "∃I"(2)[where β=b] "&I"
1111 Ordinary.GEN "→I" b_prop[THEN "&E"(1)]
1112 b_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(1)])
1113 AOT_show ‹[R⇩1]u'b›
1114 apply (rule "rule=E"[rotated, OF R⇩1_def[symmetric]])
1115 apply (safe intro!: "β←C"(1) "cqt:2" "&I" prod_denotesI)
1116 apply (rule "∨I"(1); rule "∨I"(2); rule "&I")
1117 apply (fact 0)
1118 using b_prop "&E"(1) "ord=Eequiv:1" "→E" by blast
1119 next
1120 fix v'
1121 AOT_assume gv'_R1u'v': ‹[G]v' & [R⇩1]u'v'›
1122 AOT_hence 0: ‹[R⇩1]av'›
1123 using u'_eq_a by (meson "rule=E" "&E"(2))
1124 AOT_have 1: ‹[«?R»]av'›
1125 by (rule "rule=E"[rotated, OF R⇩1_def]) (fact 0)
1126 AOT_have ‹(a ≠⇩E u & v' ≠⇩E v & [R]av') ∨
1127 (a =⇩E a & v' =⇩E b) ∨
1128 (a =⇩E u & v' =⇩E v)›
1129 using "β→C"(1)[OF 1] by simp
1130 moreover {
1131 AOT_assume 0: ‹a ≠⇩E u & v' ≠⇩E v & [R]av'›
1132 AOT_have ‹∃!v ([G]v & [R]u'v)›
1133 using A[THEN "Ordinary.∀E", THEN "→E", OF fu'].
1134 AOT_hence ‹∃!v ([G]v & [R]av)›
1135 using u'_eq_a "rule=E" by fast
1136 AOT_hence ‹∃v ([G]v & [R]av & ∀t ([G]t & [R]at → t =⇩E v))›
1137 using "equi:1"[THEN "≡E"(1)] by fast
1138 then AOT_obtain s where
1139 s_prop: ‹[G]s & [R]as & ∀t ([G]t & [R]at → t =⇩E s)›
1140 using "Ordinary.∃E"[rotated] by meson
1141 AOT_have ‹v' =⇩E s›
1142 using s_prop[THEN "&E"(2), THEN "Ordinary.∀E"]
1143 gv'_R1u'v'[THEN "&E"(1)] 0[THEN "&E"(2)]
1144 by (metis "&I" "vdash-properties:10")
1145 moreover AOT_have ‹v =⇩E s›
1146 using s_prop[THEN "&E"(2), THEN "Ordinary.∀E"] gv Rav
1147 by (metis "&I" "→E")
1148 ultimately AOT_have ‹v' =⇩E v›
1149 by (metis "&I" "ord=Eequiv:2" "ord=Eequiv:3" "→E")
1150 moreover AOT_have ‹¬(v' =⇩E v)›
1151 using 0[THEN "&E"(1), THEN "&E"(2)]
1152 by (metis "≡E"(1) "thm-neg=E")
1153 ultimately AOT_have ‹v' =⇩E b›
1154 by (metis "raa-cor:3")
1155 }
1156 moreover {
1157 AOT_assume ‹a =⇩E u & v' =⇩E v›
1158 AOT_hence ‹v' =⇩E b›
1159 by (metis "&E"(1) not_a_eq_u "reductio-aa:1")
1160 }
1161 ultimately AOT_show ‹v' =⇩E b›
1162 by (metis "&E"(2) "∨E"(3) "reductio-aa:1")
1163 qed
1164 }
1165 ultimately AOT_show ‹∃!v ([G]v & [R⇩1]u'v)›
1166 by (metis "raa-cor:1")
1167 next
1168 fix v'
1169 AOT_assume gv': ‹[G]v'›
1170 {
1171 AOT_assume not_v'_eq_v: ‹¬(v' =⇩E v)›
1172 and not_v'_eq_b: ‹¬(v' =⇩E b)›
1173 AOT_hence v'_noteq_v: ‹v' ≠⇩E v›
1174 and v'_noteq_b: ‹v' ≠⇩E b›
1175 by (metis "≡E"(2) "thm-neg=E")+
1176 AOT_have ‹∃!u ([F]u & [R]uv')›
1177 using B[THEN "Ordinary.∀E", THEN "→E", OF gv'].
1178 AOT_hence ‹∃u ([F]u & [R]uv' & ∀t ([F]t & [R]tv' → t =⇩E u))›
1179 using "equi:1"[THEN "≡E"(1)] by simp
1180 then AOT_obtain u' where
1181 u'_prop: ‹[F]u' & [R]u'v' & ∀t ([F]t & [R]tv' → t =⇩E u')›
1182 using "Ordinary.∃E"[rotated] by meson
1183 AOT_hence fu': ‹[F]u'› and Ru'v': ‹[R]u'v'›
1184 using "&E" by blast+
1185 AOT_have not_u'_eq_u: ‹¬u' =⇩E u›
1186 proof (rule "raa-cor:2")
1187 AOT_assume ‹u' =⇩E u›
1188 AOT_hence ‹u' = u›
1189 by (metis "=E-simple:2" "→E")
1190 AOT_hence Ruv': ‹[R]uv'›
1191 using "rule=E" Ru'v' by fast
1192 AOT_have ‹v' =⇩E b›
1193 using b_unique[OF Ordinary.ψ, OF gv', OF Ruv'].
1194 AOT_thus ‹v' =⇩E b & ¬v' =⇩E b›
1195 using not_v'_eq_b "&I" by blast
1196 qed
1197 AOT_hence u'_noteq_u: ‹u' ≠⇩E u›
1198 using "≡E"(2) "thm-neg=E" by blast
1199 AOT_have ‹∀t ([F]t & [R]tv' → t =⇩E u')›
1200 using u'_prop "&E" by blast
1201 AOT_hence ‹[F]t & [R]tv' → t =⇩E u'› for t
1202 using "Ordinary.∀E" by meson
1203 AOT_hence u'_unique: ‹t =⇩E u'› if ‹[F]t› and ‹[R]tv'› for t
1204 by (metis "&I" that "→E")
1205
1206 AOT_have ‹[F]u' & [R⇩1]u'v' & ∀t ([F]t & [R⇩1]tv' → t =⇩E u')›
1207 proof (safe intro!: "&I" gv' R⇩1xy Ru'v' u'_noteq_u Ordinary.GEN "→I"
1208 "thm-neg=E"[THEN "≡E"(2)] not_v'_eq_v fu')
1209 fix t
1210 AOT_assume 1: ‹[F]t & [R⇩1]tv'›
1211 AOT_have ‹[R]tv'›
1212 using Rxy2[OF 1[THEN "&E"(2)], OF v'_noteq_v, OF v'_noteq_b].
1213 AOT_thus ‹t =⇩E u'›
1214 using u'_unique 1[THEN "&E"(1)] by blast
1215 qed
1216 AOT_hence ‹∃u ([F]u & [R⇩1]uv' & ∀t ([F]t & [R⇩1]tv' → t =⇩E u))›
1217 by (rule "Ordinary.∃I")
1218 AOT_hence ‹∃!u ([F]u & [R⇩1]uv')›
1219 by (rule "equi:1"[THEN "≡E"(2)])
1220 }
1221 moreover {
1222 AOT_assume 0: ‹v' =⇩E v›
1223 AOT_hence u'_eq_u: ‹v' = v›
1224 using "=E-simple:2" "→E" by blast
1225 AOT_have ‹∃!u ([F]u & [R⇩1]uv')›
1226 proof (safe intro!: "equi:1"[THEN "≡E"(2)] "Ordinary.∃I"[where β=u]
1227 "&I" Ordinary.GEN "→I" fu)
1228 AOT_show ‹[R⇩1]uv'›
1229 by (rule "rule=E"[rotated, OF R⇩1_def[symmetric]])
1230 (safe intro!: "β←C"(1) "cqt:2" "&I" prod_denotesI Ordinary.ψ
1231 "∨I"(2) 0 "ord=Eequiv:1"[THEN "→E"])
1232 next
1233 fix u'
1234 AOT_assume ‹[F]u' & [R⇩1]u'v'›
1235 AOT_hence 0: ‹[R⇩1]u'v›
1236 using "rule=E"[rotated, OF u'_eq_u] "&E"(2) by fast
1237 AOT_have 1: ‹[«?R»]u'v›
1238 by (rule "rule=E"[rotated, OF R⇩1_def]) (fact 0)
1239 AOT_have 2: ‹(u' ≠⇩E u & v ≠⇩E v & [R]u'v) ∨
1240 (u' =⇩E a & v =⇩E b) ∨
1241 (u' =⇩E u & v =⇩E v)›
1242 using "β→C"(1)[OF 1, simplified] by simp
1243 AOT_have ‹¬v ≠⇩E v›
1244 using "≡E"(4) "modus-tollens:1" "ord=Eequiv:1" Ordinary.ψ
1245 "reductio-aa:2" "thm-neg=E" by blast
1246 AOT_hence ‹¬((u' ≠⇩E u & v ≠⇩E v & [R]u'v) ∨ (u' =⇩E a & v =⇩E b))›
1247 by (metis "&E"(1) "&E"(2) "∨E"(3) not_v_eq_b "raa-cor:3")
1248 AOT_hence ‹(u' =⇩E u & v =⇩E v)›
1249 using 2 by (metis "∨E"(2))
1250 AOT_thus ‹u' =⇩E u›
1251 using "&E" by blast
1252 qed
1253 }
1254 moreover {
1255 AOT_assume 0: ‹v' =⇩E b›
1256 AOT_hence v'_eq_b: ‹v' = b›
1257 using "=E-simple:2" "→E" by blast
1258 AOT_have ‹∃!u ([F]u & [R⇩1]uv')›
1259 proof (safe intro!: "equi:1"[THEN "≡E"(2)] "∃I"(2)[where β=a] "&I"
1260 Ordinary.GEN "→I" b_prop[THEN "&E"(1)] Oa fa
1261 b_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(1)])
1262 AOT_show ‹[R⇩1]av'›
1263 apply (rule "rule=E"[rotated, OF R⇩1_def[symmetric]])
1264 apply (safe intro!: "β←C"(1) "cqt:2" "&I" prod_denotesI)
1265 apply (rule "∨I"(1); rule "∨I"(2); rule "&I")
1266 using Oa "ord=Eequiv:1" "→E" apply blast
1267 using "0" by blast
1268 next
1269 fix u'
1270 AOT_assume fu'_R1u'v': ‹[F]u' & [R⇩1]u'v'›
1271 AOT_hence 0: ‹[R⇩1]u'b›
1272 using v'_eq_b by (meson "rule=E" "&E"(2))
1273 AOT_have 1: ‹[«?R»]u'b›
1274 by (rule "rule=E"[rotated, OF R⇩1_def]) (fact 0)
1275 AOT_have ‹(u' ≠⇩E u & b ≠⇩E v & [R]u'b) ∨
1276 (u' =⇩E a & b =⇩E b) ∨
1277 (u' =⇩E u & b =⇩E v)›
1278 using "β→C"(1)[OF 1, simplified] by simp
1279 moreover {
1280 AOT_assume 0: ‹u' ≠⇩E u & b ≠⇩E v & [R]u'b›
1281 AOT_have ‹∃!u ([F]u & [R]uv')›
1282 using B[THEN "Ordinary.∀E", THEN "→E", OF gv'].
1283 AOT_hence ‹∃!u ([F]u & [R]ub)›
1284 using v'_eq_b "rule=E" by fast
1285 AOT_hence ‹∃u ([F]u & [R]ub & ∀t ([F]t & [R]tb → t =⇩E u))›
1286 using "equi:1"[THEN "≡E"(1)] by fast
1287 then AOT_obtain s where
1288 s_prop: ‹[F]s & [R]sb & ∀t ([F]t & [R]tb → t =⇩E s)›
1289 using "Ordinary.∃E"[rotated] by meson
1290 AOT_have ‹u' =⇩E s›
1291 using s_prop[THEN "&E"(2), THEN "Ordinary.∀E"]
1292 fu'_R1u'v'[THEN "&E"(1)] 0[THEN "&E"(2)]
1293 by (metis "&I" "→E")
1294 moreover AOT_have ‹u =⇩E s›
1295 using s_prop[THEN "&E"(2), THEN "Ordinary.∀E"] fu Rub
1296 by (metis "&I" "→E")
1297 ultimately AOT_have ‹u' =⇩E u›
1298 by (metis "&I" "ord=Eequiv:2" "ord=Eequiv:3" "→E")
1299 moreover AOT_have ‹¬(u' =⇩E u)›
1300 using 0[THEN "&E"(1), THEN "&E"(1)] by (metis "≡E"(1) "thm-neg=E")
1301 ultimately AOT_have ‹u' =⇩E a›
1302 by (metis "raa-cor:3")
1303 }
1304 moreover {
1305 AOT_assume ‹u' =⇩E u & b =⇩E v›
1306 AOT_hence ‹u' =⇩E a›
1307 by (metis "&E"(2) not_b_eq_v "reductio-aa:1")
1308 }
1309 ultimately AOT_show ‹u' =⇩E a›
1310 by (metis "&E"(1) "∨E"(3) "reductio-aa:1")
1311 qed
1312 }
1313 ultimately AOT_show ‹∃!u ([F]u & [R⇩1]uv')›
1314 by (metis "raa-cor:1")
1315 qed
1316 ultimately AOT_have ‹∃R R |: [F]⇧-⇧u ⇩1⇩-⇩1⟷⇩E [G]⇧-⇧v›
1317 using 1 by blast
1318 }
1319 ultimately AOT_have ‹∃R R |: [F]⇧-⇧u ⇩1⇩-⇩1⟷⇩E [G]⇧-⇧v›
1320 using R_prop by (metis "reductio-aa:2")
1321 AOT_thus ‹[F]⇧-⇧u ≈⇩E [G]⇧-⇧v›
1322 by (rule "equi:3"[THEN "≡⇩d⇩fI"])
1323qed
1324
1325
1326AOT_theorem "P'-eq": ‹[F]⇧-⇧u ≈⇩E [G]⇧-⇧v & [F]u & [G]v → F ≈⇩E G›
1327proof(safe intro!: "→I"; frule "&E"(1); drule "&E"(2);
1328 frule "&E"(1); drule "&E"(2))
1329 AOT_have ‹[λz [Π]z & z ≠⇩E κ]↓› for Π κ by "cqt:2[lambda]"
1330 note Π_minus_κI = "rule-id-df:2:b[2]"[
1331 where τ=‹(λ(Π, κ). «[Π]⇧-⇧κ»)›, simplified, OF "F-u", simplified, OF this]
1332 and Π_minus_κE = "rule-id-df:2:a[2]"[
1333 where τ=‹(λ(Π, κ). «[Π]⇧-⇧κ»)›, simplified, OF "F-u", simplified, OF this]
1334 AOT_have Π_minus_κ_den: ‹[Π]⇧-⇧κ↓› for Π κ
1335 by (rule Π_minus_κI) "cqt:2[lambda]"+
1336
1337 AOT_have Π_minus_κE1: ‹[Π]κ'›
1338 and Π_minus_κE2: ‹κ' ≠⇩E κ› if ‹[[Π]⇧-⇧κ]κ'› for Π κ κ'
1339 proof -
1340 AOT_have ‹[λz [Π]z & z ≠⇩E κ]κ'›
1341 using Π_minus_κE that by fast
1342 AOT_hence ‹[Π]κ' & κ' ≠⇩E κ›
1343 by (rule "β→C"(1))
1344 AOT_thus ‹[Π]κ'› and ‹κ' ≠⇩E κ›
1345 using "&E" by blast+
1346 qed
1347 AOT_have Π_minus_κI': ‹[[Π]⇧-⇧κ]κ'› if ‹[Π]κ'› and ‹κ' ≠⇩E κ› for Π κ κ'
1348 proof -
1349 AOT_have κ'_den: ‹κ'↓›
1350 by (metis "russell-axiom[exe,1].ψ_denotes_asm" that(1))
1351 AOT_have ‹[λz [Π]z & z ≠⇩E κ]κ'›
1352 by (safe intro!: "β←C"(1) "cqt:2" κ'_den "&I" that)
1353 AOT_thus ‹[[Π]⇧-⇧κ]κ'›
1354 using Π_minus_κI by fast
1355 qed
1356
1357 AOT_assume Gv: ‹[G]v›
1358 AOT_assume Fu: ‹[F]u›
1359 AOT_assume ‹[F]⇧-⇧u ≈⇩E [G]⇧-⇧v›
1360 AOT_hence ‹∃R R |: [F]⇧-⇧u ⇩1⇩-⇩1⟷⇩E [G]⇧-⇧v›
1361 using "equi:3"[THEN "≡⇩d⇩fE"] by blast
1362 then AOT_obtain R where R_prop: ‹R |: [F]⇧-⇧u ⇩1⇩-⇩1⟷⇩E [G]⇧-⇧v›
1363 using "∃E"[rotated] by blast
1364 AOT_hence Fact1: ‹∀r([[F]⇧-⇧u]r → ∃!s ([[G]⇧-⇧v]s & [R]rs))›
1365 and Fact1': ‹∀s([[G]⇧-⇧v]s → ∃!r ([[F]⇧-⇧u]r & [R]rs))›
1366 using "equi:2"[THEN "≡⇩d⇩fE"] "&E" by blast+
1367 AOT_have ‹R |: [F]⇧-⇧u ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩oE [G]⇧-⇧v›
1368 using "equi-rem-thm"[unvarify F G, OF Π_minus_κ_den, OF Π_minus_κ_den,
1369 THEN "≡E"(1), OF R_prop].
1370 AOT_hence ‹R |: [F]⇧-⇧u ⇩1⇩-⇩1⟶E [G]⇧-⇧v & R |: [F]⇧-⇧u ⟶⇩o⇩n⇩t⇩oE [G]⇧-⇧v›
1371 using "equi-rem:4"[THEN "≡⇩d⇩fE"] by blast
1372 AOT_hence Fact2:
1373 ‹∀r∀s∀t(([[F]⇧-⇧u]r & [[F]⇧-⇧u]s & [[G]⇧-⇧v]t) → ([R]rt & [R]st → r =⇩E s))›
1374 using "equi-rem:2"[THEN "≡⇩d⇩fE"] "&E" by blast
1375
1376 let ?R = ‹«[λxy ([[F]⇧-⇧u]x & [[G]⇧-⇧v]y & [R]xy) ∨ (x =⇩E u & y =⇩E v)]»›
1377 AOT_have R_den: ‹«?R»↓› by "cqt:2[lambda]"
1378
1379 AOT_show ‹F ≈⇩E G›
1380 proof(safe intro!: "equi:3"[THEN "≡⇩d⇩fI"] "∃I"(1)[where τ="?R"] R_den
1381 "equi:2"[THEN "≡⇩d⇩fI"] "&I" "cqt:2" Ordinary.GEN "→I")
1382 fix r
1383 AOT_assume Fr: ‹[F]r›
1384 {
1385 AOT_assume not_r_eq_u: ‹¬(r =⇩E u)›
1386 AOT_hence r_noteq_u: ‹r ≠⇩E u›
1387 using "≡E"(2) "thm-neg=E" by blast
1388 AOT_have ‹[[F]⇧-⇧u]r›
1389 by(rule Π_minus_κI; safe intro!: "β←C"(1) "cqt:2" "&I" Fr r_noteq_u)
1390 AOT_hence ‹∃!s ([[G]⇧-⇧v]s & [R]rs)›
1391 using Fact1[THEN "∀E"(2)] "→E" Ordinary.ψ by blast
1392 AOT_hence ‹∃s ([[G]⇧-⇧v]s & [R]rs & ∀t ([[G]⇧-⇧v]t & [R]rt → t =⇩E s))›
1393 using "equi:1"[THEN "≡E"(1)] by simp
1394 then AOT_obtain s where s_prop: ‹[[G]⇧-⇧v]s & [R]rs & ∀t ([[G]⇧-⇧v]t & [R]rt → t =⇩E s)›
1395 using "Ordinary.∃E"[rotated] by meson
1396 AOT_hence G_minus_v_s: ‹[[G]⇧-⇧v]s› and Rrs: ‹[R]rs›
1397 using "&E" by blast+
1398 AOT_have s_unique: ‹t =⇩E s› if ‹[[G]⇧-⇧v]t› and ‹[R]rt› for t
1399 using s_prop[THEN "&E"(2), THEN "Ordinary.∀E", THEN "→E", OF "&I", OF that].
1400 AOT_have Gs: ‹[G]s›
1401 using Π_minus_κE1[OF G_minus_v_s].
1402 AOT_have s_noteq_v: ‹s ≠⇩E v›
1403 using Π_minus_κE2[OF G_minus_v_s].
1404 AOT_have ‹∃s ([G]s & [«?R»]rs & (∀t ([G]t & [«?R»]rt → t =⇩E s)))›
1405 proof(safe intro!: "Ordinary.∃I"[where β=s] "&I" Gs Ordinary.GEN "→I")
1406 AOT_show ‹[«?R»]rs›
1407 by (auto intro!: "β←C"(1) "cqt:2" "&I" "∨I"(1) Π_minus_κI' Fr Gs
1408 s_noteq_v Rrs r_noteq_u
1409 simp: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
1410 next
1411 fix t
1412 AOT_assume 0: ‹[G]t & [«?R»]rt›
1413 AOT_hence ‹([[F]⇧-⇧u]r & [[G]⇧-⇧v]t & [R]rt) ∨ (r =⇩E u & t =⇩E v)›
1414 using "β→C"(1)[OF 0[THEN "&E"(2)], simplified] by blast
1415 AOT_hence 1: ‹[[F]⇧-⇧u]r & [[G]⇧-⇧v]t & [R]rt›
1416 using not_r_eq_u by (metis "&E"(1) "∨E"(3) "reductio-aa:1")
1417 AOT_show ‹t =⇩E s› using s_unique 1 "&E" by blast
1418 qed
1419 }
1420 moreover {
1421 AOT_assume r_eq_u: ‹r =⇩E u›
1422 AOT_have ‹∃s ([G]s & [«?R»]rs & (∀t ([G]t & [«?R»]rt → t =⇩E s)))›
1423 proof(safe intro!: "Ordinary.∃I"[where β=v] "&I" Gv Ordinary.GEN "→I")
1424 AOT_show ‹[«?R»]rv›
1425 by (auto intro!: "β←C"(1) "cqt:2" "&I" "∨I"(2) Π_minus_κI' Fr r_eq_u
1426 "ord=Eequiv:1"[THEN "→E"] Ordinary.ψ
1427 simp: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
1428 next
1429 fix t
1430 AOT_assume 0: ‹[G]t & [«?R»]rt›
1431 AOT_hence ‹([[F]⇧-⇧u]r & [[G]⇧-⇧v]t & [R]rt) ∨ (r =⇩E u & t =⇩E v)›
1432 using "β→C"(1)[OF 0[THEN "&E"(2)], simplified] by blast
1433 AOT_hence ‹r =⇩E u & t =⇩E v›
1434 using r_eq_u Π_minus_κE2
1435 by (metis "&E"(1) "∨E"(2) "≡E"(1) "reductio-aa:1" "thm-neg=E")
1436 AOT_thus ‹t =⇩E v› using "&E" by blast
1437 qed
1438 }
1439 ultimately AOT_show ‹∃!s ([G]s & [«?R»]rs)›
1440 using "reductio-aa:2" "equi:1"[THEN "≡E"(2)] by fast
1441 next
1442 fix s
1443 AOT_assume Gs: ‹[G]s›
1444
1445 {
1446 AOT_assume not_s_eq_v: ‹¬(s =⇩E v)›
1447 AOT_hence s_noteq_v: ‹s ≠⇩E v›
1448 using "≡E"(2) "thm-neg=E" by blast
1449 AOT_have ‹[[G]⇧-⇧v]s›
1450 by (rule Π_minus_κI; auto intro!: "β←C"(1) "cqt:2" "&I" Gs s_noteq_v)
1451 AOT_hence ‹∃!r ([[F]⇧-⇧u]r & [R]rs)›
1452 using Fact1'[THEN "Ordinary.∀E"] "→E" by blast
1453 AOT_hence ‹∃r ([[F]⇧-⇧u]r & [R]rs & ∀t ([[F]⇧-⇧u]t & [R]ts → t =⇩E r))›
1454 using "equi:1"[THEN "≡E"(1)] by simp
1455 then AOT_obtain r where
1456 r_prop: ‹[[F]⇧-⇧u]r & [R]rs & ∀t ([[F]⇧-⇧u]t & [R]ts → t =⇩E r)›
1457 using "Ordinary.∃E"[rotated] by meson
1458 AOT_hence F_minus_u_r: ‹[[F]⇧-⇧u]r› and Rrs: ‹[R]rs›
1459 using "&E" by blast+
1460 AOT_have r_unique: ‹t =⇩E r› if ‹[[F]⇧-⇧u]t› and ‹[R]ts› for t
1461 using r_prop[THEN "&E"(2), THEN "Ordinary.∀E",
1462 THEN "→E", OF "&I", OF that].
1463 AOT_have Fr: ‹[F]r›
1464 using Π_minus_κE1[OF F_minus_u_r].
1465 AOT_have r_noteq_u: ‹r ≠⇩E u›
1466 using Π_minus_κE2[OF F_minus_u_r].
1467 AOT_have ‹∃r ([F]r & [«?R»]rs & (∀t ([F]t & [«?R»]ts → t =⇩E r)))›
1468 proof(safe intro!: "Ordinary.∃I"[where β=r] "&I" Fr Ordinary.GEN "→I")
1469 AOT_show ‹[«?R»]rs›
1470 by (auto intro!: "β←C"(1) "cqt:2" "&I" "∨I"(1) Π_minus_κI' Fr
1471 Gs s_noteq_v Rrs r_noteq_u
1472 simp: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
1473 next
1474 fix t
1475 AOT_assume 0: ‹[F]t & [«?R»]ts›
1476 AOT_hence ‹([[F]⇧-⇧u]t & [[G]⇧-⇧v]s & [R]ts) ∨ (t =⇩E u & s =⇩E v)›
1477 using "β→C"(1)[OF 0[THEN "&E"(2)], simplified] by blast
1478 AOT_hence 1: ‹[[F]⇧-⇧u]t & [[G]⇧-⇧v]s & [R]ts›
1479 using not_s_eq_v by (metis "&E"(2) "∨E"(3) "reductio-aa:1")
1480 AOT_show ‹t =⇩E r› using r_unique 1 "&E" by blast
1481 qed
1482 }
1483 moreover {
1484 AOT_assume s_eq_v: ‹s =⇩E v›
1485 AOT_have ‹∃r ([F]r & [«?R»]rs & (∀t ([F]t & [«?R»]ts → t =⇩E r)))›
1486 proof(safe intro!: "Ordinary.∃I"[where β=u] "&I" Fu Ordinary.GEN "→I")
1487 AOT_show ‹[«?R»]us›
1488 by (auto intro!: "β←C"(1) "cqt:2" "&I" prod_denotesI "∨I"(2)
1489 Π_minus_κI' Gs s_eq_v Ordinary.ψ
1490 "ord=Eequiv:1"[THEN "→E"])
1491 next
1492 fix t
1493 AOT_assume 0: ‹[F]t & [«?R»]ts›
1494 AOT_hence 1: ‹([[F]⇧-⇧u]t & [[G]⇧-⇧v]s & [R]ts) ∨ (t =⇩E u & s =⇩E v)›
1495 using "β→C"(1)[OF 0[THEN "&E"(2)], simplified] by blast
1496 moreover AOT_have ‹¬([[F]⇧-⇧u]t & [[G]⇧-⇧v]s & [R]ts)›
1497 proof (rule "raa-cor:2")
1498 AOT_assume ‹([[F]⇧-⇧u]t & [[G]⇧-⇧v]s & [R]ts)›
1499 AOT_hence ‹[[G]⇧-⇧v]s› using "&E" by blast
1500 AOT_thus ‹s =⇩E v & ¬(s =⇩E v)›
1501 by (metis Π_minus_κE2 "≡E"(4) "reductio-aa:1" s_eq_v "thm-neg=E")
1502 qed
1503 ultimately AOT_have ‹t =⇩E u & s =⇩E v›
1504 by (metis "∨E"(2))
1505 AOT_thus ‹t =⇩E u› using "&E" by blast
1506 qed
1507 }
1508 ultimately AOT_show ‹∃!r ([F]r & [«?R»]rs)›
1509 using "≡E"(2) "equi:1" "reductio-aa:2" by fast
1510 qed
1511qed
1512
1513
1514AOT_theorem "approx-cont:1": ‹∃F∃G ◇(F ≈⇩E G & ◇¬F ≈⇩E G)›
1515proof -
1516 let ?P = ‹«[λx E!x & ¬❙𝒜E!x]»›
1517 AOT_have ‹◇q⇩0 & ◇¬q⇩0› by (metis q⇩0_prop)
1518 AOT_hence 1: ‹◇∃x(E!x & ¬❙𝒜E!x) & ◇¬∃x(E!x & ¬❙𝒜E!x)›
1519 by (rule q⇩0_def[THEN "=⇩d⇩fE"(2), rotated])
1520 (simp add: "log-prop-prop:2")
1521 AOT_have θ: ‹◇∃x [«?P»]x & ◇¬∃x [«?P»]x›
1522 apply (AOT_subst ‹[«?P»]x› ‹E!x & ¬❙𝒜E!x› for: x)
1523 apply (rule "beta-C-meta"[THEN "→E"]; "cqt:2[lambda]")
1524 by (fact 1)
1525 show ?thesis
1526 proof (rule "∃I"(1))+
1527 AOT_have ‹◇[L]⇧- ≈⇩E [«?P»] & ◇¬[L]⇧- ≈⇩E [«?P»]›
1528 proof (rule "&I"; rule "RM◇"[THEN "→E"]; (rule "→I")?)
1529 AOT_modally_strict {
1530 AOT_assume A: ‹¬∃x [«?P»]x›
1531 AOT_show ‹[L]⇧- ≈⇩E [«?P»]›
1532 proof (safe intro!: "empty-approx:1"[unvarify F H, THEN "→E"]
1533 "rel-neg-T:3" "&I")
1534 AOT_show ‹[«?P»]↓› by "cqt:2[lambda]"
1535 next
1536 AOT_show ‹¬∃u [L⇧-]u›
1537 proof (rule "raa-cor:2")
1538 AOT_assume ‹∃u [L⇧-]u›
1539 then AOT_obtain u where ‹[L⇧-]u›
1540 using "Ordinary.∃E"[rotated] by blast
1541 moreover AOT_have ‹¬[L⇧-]u›
1542 using "thm-noncont-e-e:2"[THEN "contingent-properties:2"[THEN "≡⇩d⇩fE"],
1543 THEN "&E"(2)]
1544 by (metis "qml:2"[axiom_inst] "rule-ui:3" "→E")
1545 ultimately AOT_show ‹p & ¬p› for p
1546 by (metis "raa-cor:3")
1547 qed
1548 next
1549 AOT_show ‹¬∃v [«?P»]v›
1550 proof (rule "raa-cor:2")
1551 AOT_assume ‹∃v [«?P»]v›
1552 then AOT_obtain u where ‹[«?P»]u›
1553 using "Ordinary.∃E"[rotated] by blast
1554 AOT_hence ‹[«?P»]u›
1555 using "&E" by blast
1556 AOT_hence ‹∃x [«?P»]x›
1557 by (rule "∃I")
1558 AOT_thus ‹∃x [«?P»]x & ¬∃x [«?P»]x›
1559 using A "&I" by blast
1560 qed
1561 qed
1562 }
1563 next
1564 AOT_show ‹◇¬∃x [«?P»]x›
1565 using θ "&E" by blast
1566 next
1567 AOT_modally_strict {
1568 AOT_assume A: ‹∃x [«?P»]x›
1569 AOT_have B: ‹¬[«?P»] ≈⇩E [L]⇧-›
1570 proof (safe intro!: "empty-approx:2"[unvarify F H, THEN "→E"]
1571 "rel-neg-T:3" "&I")
1572 AOT_show ‹[«?P»]↓›
1573 by "cqt:2[lambda]"
1574 next
1575 AOT_obtain x where Px: ‹[«?P»]x›
1576 using A "∃E" by blast
1577 AOT_hence ‹E!x & ¬❙𝒜E!x›
1578 by (rule "β→C"(1))
1579 AOT_hence 1: ‹◇E!x›
1580 by (metis "T◇" "&E"(1) "vdash-properties:10")
1581 AOT_have ‹[λx ◇E!x]x›
1582 by (auto intro!: "β←C"(1) "cqt:2" 1)
1583 AOT_hence ‹O!x›
1584 by (rule AOT_ordinary[THEN "=⇩d⇩fI"(2), rotated]) "cqt:2[lambda]"
1585 AOT_hence ‹O!x & [«?P»]x›
1586 using Px "&I" by blast
1587 AOT_thus ‹∃u [«?P»]u›
1588 by (rule "∃I")
1589 next
1590 AOT_show ‹¬∃u [L⇧-]u›
1591 proof (rule "raa-cor:2")
1592 AOT_assume ‹∃u [L⇧-]u›
1593 then AOT_obtain u where ‹[L⇧-]u›
1594 using "Ordinary.∃E"[rotated] by blast
1595 moreover AOT_have ‹¬[L⇧-]u›
1596 using "thm-noncont-e-e:2"[THEN "contingent-properties:2"[THEN "≡⇩d⇩fE"]]
1597 by (metis "qml:2"[axiom_inst] "rule-ui:3" "→E" "&E"(2))
1598 ultimately AOT_show ‹p & ¬p› for p
1599 by (metis "raa-cor:3")
1600 qed
1601 qed
1602 AOT_show ‹¬[L]⇧- ≈⇩E [«?P»]›
1603 proof (rule "raa-cor:2")
1604 AOT_assume ‹[L]⇧- ≈⇩E [«?P»]›
1605 AOT_hence ‹[«?P»] ≈⇩E [L]⇧-›
1606 apply (rule "eq-part:2"[unvarify F G, THEN "→E", rotated 2])
1607 apply "cqt:2[lambda]"
1608 by (simp add: "rel-neg-T:3")
1609 AOT_thus ‹[«?P»] ≈⇩E [L]⇧- & ¬[«?P»] ≈⇩E [L]⇧-›
1610 using B "&I" by blast
1611 qed
1612 }
1613 next
1614 AOT_show ‹◇∃x [«?P»]x›
1615 using θ "&E" by blast
1616 qed
1617 AOT_thus ‹◇([L]⇧- ≈⇩E [«?P»] & ◇¬[L]⇧- ≈⇩E [«?P»])›
1618 using "S5Basic:11" "≡E"(2) by blast
1619 next
1620 AOT_show ‹[λx [E!]x & ¬❙𝒜[E!]x]↓›
1621 by "cqt:2"
1622 next
1623 AOT_show ‹[L]⇧-↓›
1624 by (simp add: "rel-neg-T:3")
1625 qed
1626qed
1627
1628
1629AOT_theorem "approx-cont:2":
1630 ‹∃F∃G ◇([λz ❙𝒜[F]z] ≈⇩E G & ◇¬[λz ❙𝒜[F]z] ≈⇩E G)›
1631proof -
1632 let ?P = ‹«[λx E!x & ¬❙𝒜E!x]»›
1633 AOT_have ‹◇q⇩0 & ◇¬q⇩0› by (metis q⇩0_prop)
1634 AOT_hence 1: ‹◇∃x(E!x & ¬❙𝒜E!x) & ◇¬∃x(E!x & ¬❙𝒜E!x)›
1635 by (rule q⇩0_def[THEN "=⇩d⇩fE"(2), rotated])
1636 (simp add: "log-prop-prop:2")
1637 AOT_have θ: ‹◇∃x [«?P»]x & ◇¬∃x [«?P»]x›
1638 apply (AOT_subst ‹[«?P»]x› ‹E!x & ¬❙𝒜E!x› for: x)
1639 apply (rule "beta-C-meta"[THEN "→E"]; "cqt:2")
1640 by (fact 1)
1641 show ?thesis
1642 proof (rule "∃I"(1))+
1643 AOT_have ‹◇[λz ❙𝒜[L⇧-]z] ≈⇩E [«?P»] & ◇¬[λz ❙𝒜[L⇧-]z] ≈⇩E [«?P»]›
1644 proof (rule "&I"; rule "RM◇"[THEN "→E"]; (rule "→I")?)
1645 AOT_modally_strict {
1646 AOT_assume A: ‹¬∃x [«?P»]x›
1647 AOT_show ‹[λz ❙𝒜[L⇧-]z] ≈⇩E [«?P»]›
1648 proof (safe intro!: "empty-approx:1"[unvarify F H, THEN "→E"]
1649 "rel-neg-T:3" "&I")
1650 AOT_show ‹[«?P»]↓› by "cqt:2"
1651 next
1652 AOT_show ‹¬∃u [λz ❙𝒜[L⇧-]z]u›
1653 proof (rule "raa-cor:2")
1654 AOT_assume ‹∃u [λz ❙𝒜[L⇧-]z]u›
1655 then AOT_obtain u where ‹[λz ❙𝒜[L⇧-]z]u›
1656 using "Ordinary.∃E"[rotated] by blast
1657 AOT_hence ‹❙𝒜[L⇧-]u›
1658 using "β→C"(1) "&E" by blast
1659 moreover AOT_have ‹□¬[L⇧-]u›
1660 using "thm-noncont-e-e:2"[THEN "contingent-properties:2"[THEN "≡⇩d⇩fE"]]
1661 by (metis RN "qml:2"[axiom_inst] "rule-ui:3" "→E" "&E"(2))
1662 ultimately AOT_show ‹p & ¬p› for p
1663 by (metis "Act-Sub:3" "KBasic2:1" "≡E"(1) "raa-cor:3" "→E")
1664 qed
1665 next
1666 AOT_show ‹¬∃v [«?P»]v›
1667 proof (rule "raa-cor:2")
1668 AOT_assume ‹∃v [«?P»]v›
1669 then AOT_obtain u where ‹[«?P»]u›
1670 using "Ordinary.∃E"[rotated] by blast
1671 AOT_hence ‹[«?P»]u›
1672 using "&E" by blast
1673 AOT_hence ‹∃x [«?P»]x›
1674 by (rule "∃I")
1675 AOT_thus ‹∃x [«?P»]x & ¬∃x [«?P»]x›
1676 using A "&I" by blast
1677 qed
1678 next
1679 AOT_show ‹[λz ❙𝒜[L⇧-]z]↓› by "cqt:2"
1680 qed
1681 }
1682 next
1683 AOT_show ‹◇¬∃x [«?P»]x› using θ "&E" by blast
1684 next
1685 AOT_modally_strict {
1686 AOT_assume A: ‹∃x [«?P»]x›
1687 AOT_have B: ‹¬[«?P»] ≈⇩E [λz ❙𝒜[L⇧-]z]›
1688 proof (safe intro!: "empty-approx:2"[unvarify F H, THEN "→E"]
1689 "rel-neg-T:3" "&I")
1690 AOT_show ‹[«?P»]↓› by "cqt:2"
1691 next
1692 AOT_obtain x where Px: ‹[«?P»]x›
1693 using A "∃E" by blast
1694 AOT_hence ‹E!x & ¬❙𝒜E!x›
1695 by (rule "β→C"(1))
1696 AOT_hence ‹◇E!x›
1697 by (metis "T◇" "&E"(1) "→E")
1698 AOT_hence ‹[λx ◇E!x]x›
1699 by (auto intro!: "β←C"(1) "cqt:2")
1700 AOT_hence ‹O!x›
1701 by (rule AOT_ordinary[THEN "=⇩d⇩fI"(2), rotated]) "cqt:2"
1702 AOT_hence ‹O!x & [«?P»]x›
1703 using Px "&I" by blast
1704 AOT_thus ‹∃u [«?P»]u›
1705 by (rule "∃I")
1706 next
1707 AOT_show ‹¬∃u [λz ❙𝒜[L⇧-]z]u›
1708 proof (rule "raa-cor:2")
1709 AOT_assume ‹∃u [λz ❙𝒜[L⇧-]z]u›
1710 then AOT_obtain u where ‹[λz ❙𝒜[L⇧-]z]u›
1711 using "Ordinary.∃E"[rotated] by blast
1712 AOT_hence ‹❙𝒜[L⇧-]u›
1713 using "β→C"(1) "&E" by blast
1714 moreover AOT_have ‹□¬[L⇧-]u›
1715 using "thm-noncont-e-e:2"[THEN "contingent-properties:2"[THEN "≡⇩d⇩fE"]]
1716 by (metis RN "qml:2"[axiom_inst] "rule-ui:3" "→E" "&E"(2))
1717 ultimately AOT_show ‹p & ¬p› for p
1718 by (metis "Act-Sub:3" "KBasic2:1" "≡E"(1) "raa-cor:3" "→E")
1719 qed
1720 next
1721 AOT_show ‹[λz ❙𝒜[L⇧-]z]↓› by "cqt:2"
1722 qed
1723 AOT_show ‹¬[λz ❙𝒜[L⇧-]z] ≈⇩E [«?P»]›
1724 proof (rule "raa-cor:2")
1725 AOT_assume ‹[λz ❙𝒜[L⇧-]z] ≈⇩E [«?P»]›
1726 AOT_hence ‹[«?P»] ≈⇩E [λz ❙𝒜[L⇧-]z]›
1727 by (rule "eq-part:2"[unvarify F G, THEN "→E", rotated 2])
1728 "cqt:2"+
1729 AOT_thus ‹[«?P»] ≈⇩E [λz ❙𝒜[L⇧-]z] & ¬[«?P»] ≈⇩E [λz ❙𝒜[L⇧-]z]›
1730 using B "&I" by blast
1731 qed
1732 }
1733 next
1734 AOT_show ‹◇∃x [«?P»]x›
1735 using θ "&E" by blast
1736 qed
1737 AOT_thus ‹◇([λz ❙𝒜[L⇧-]z] ≈⇩E [«?P»] & ◇¬[λz ❙𝒜[L⇧-]z] ≈⇩E [«?P»])›
1738 using "S5Basic:11" "≡E"(2) by blast
1739 next
1740 AOT_show ‹[λx [E!]x & ¬❙𝒜[E!]x]↓› by "cqt:2"
1741 next
1742 AOT_show ‹[L]⇧-↓›
1743 by (simp add: "rel-neg-T:3")
1744 qed
1745qed
1746
1747notepad
1748begin
1749 text‹We already have defined being equivalent on the ordinary objects in the
1750 Extended Relation Comprehension theory.›
1751 AOT_have ‹F ≡⇩E G ≡⇩d⇩f F↓ & G↓ & ∀u ([F]u ≡ [G]u)› for F G
1752 using eqE by blast
1753end
1754
1755AOT_theorem "apE-eqE:1": ‹F ≡⇩E G → F ≈⇩E G›
1756proof(rule "→I")
1757 AOT_assume 0: ‹F ≡⇩E G›
1758 AOT_have ‹∃R R |: F ⇩1⇩-⇩1⟷⇩E G›
1759 proof (safe intro!: "∃I"(1)[where τ="«(=⇩E)»"] "equi:2"[THEN "≡⇩d⇩fI"] "&I"
1760 "=E[denotes]" "cqt:2[const_var]"[axiom_inst] Ordinary.GEN
1761 "→I" "equi:1"[THEN "≡E"(2)])
1762 fix u
1763 AOT_assume Fu: ‹[F]u›
1764 AOT_hence Gu: ‹[G]u›
1765 using "≡⇩d⇩fE"[OF eqE, OF 0, THEN "&E"(2),
1766 THEN "Ordinary.∀E"[where α=u], THEN "≡E"(1)]
1767 Ordinary.ψ Fu by blast
1768 AOT_show ‹∃v ([G]v & u =⇩E v & ∀v' ([G]v' & u =⇩E v' → v' =⇩E v))›
1769 by (safe intro!: "Ordinary.∃I"[where β=u] "&I" GEN "→I" Ordinary.ψ Gu
1770 "ord=Eequiv:1"[THEN "→E", OF Ordinary.ψ]
1771 "ord=Eequiv:2"[THEN "→E"] dest!: "&E"(2))
1772 next
1773 fix v
1774 AOT_assume Gv: ‹[G]v›
1775 AOT_hence Fv: ‹[F]v›
1776 using "≡⇩d⇩fE"[OF eqE, OF 0, THEN "&E"(2),
1777 THEN "Ordinary.∀E"[where α=v], THEN "≡E"(2)]
1778 Ordinary.ψ Gv by blast
1779 AOT_show ‹∃u ([F]u & u =⇩E v & ∀v' ([F]v' & v' =⇩E v → v' =⇩E u))›
1780 by (safe intro!: "Ordinary.∃I"[where β=v] "&I" GEN "→I" Ordinary.ψ Fv
1781 "ord=Eequiv:1"[THEN "→E", OF Ordinary.ψ]
1782 "ord=Eequiv:2"[THEN "→E"] dest!: "&E"(2))
1783 qed
1784 AOT_thus ‹F ≈⇩E G›
1785 by (rule "equi:3"[THEN "≡⇩d⇩fI"])
1786qed
1787
1788AOT_theorem "apE-eqE:2": ‹(F ≈⇩E G & G ≡⇩E H) → F ≈⇩E H›
1789proof(rule "→I")
1790 AOT_assume ‹F ≈⇩E G & G ≡⇩E H›
1791 AOT_hence ‹F ≈⇩E G› and ‹G ≈⇩E H›
1792 using "apE-eqE:1"[THEN "→E"] "&E" by blast+
1793 AOT_thus ‹F ≈⇩E H›
1794 by (metis Adjunction "eq-part:3" "vdash-properties:10")
1795qed
1796
1797
1798AOT_act_theorem "eq-part-act:1": ‹[λz ❙𝒜[F]z] ≡⇩E F›
1799proof (safe intro!: eqE[THEN "≡⇩d⇩fI"] "&I" "cqt:2" Ordinary.GEN "→I")
1800 fix u
1801 AOT_have ‹[λz ❙𝒜[F]z]u ≡ ❙𝒜[F]u›
1802 by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
1803 also AOT_have ‹… ≡ [F]u›
1804 using "act-conj-act:4" "logic-actual"[act_axiom_inst, THEN "→E"] by blast
1805 finally AOT_show ‹[λz ❙𝒜[F]z]u ≡ [F]u›.
1806qed
1807
1808AOT_act_theorem "eq-part-act:2": ‹[λz ❙𝒜[F]z] ≈⇩E F›
1809 by (safe intro!: "apE-eqE:1"[unvarify F, THEN "→E"] "eq-part-act:1") "cqt:2"
1810
1811
1812AOT_theorem "actuallyF:1": ‹❙𝒜(F ≈⇩E [λz ❙𝒜[F]z])›
1813proof -
1814 AOT_have 1: ‹❙𝒜([F]x ≡ ❙𝒜[F]x)› for x
1815 by (meson "Act-Basic:5" "act-conj-act:4" "≡E"(2) "Commutativity of ≡")
1816 AOT_have ‹❙𝒜([F]x ≡ [λz ❙𝒜[F]z]x)› for x
1817 apply (AOT_subst ‹[λz ❙𝒜[F]z]x› ‹❙𝒜[F]x›)
1818 apply (rule "beta-C-meta"[THEN "→E"])
1819 apply "cqt:2[lambda]"
1820 by (fact 1)
1821 AOT_hence ‹O!x → ❙𝒜([F]x ≡ [λz ❙𝒜[F]z]x)› for x
1822 by (metis "→I")
1823 AOT_hence ‹∀u ❙𝒜([F]u ≡ [λz ❙𝒜[F]z]u)›
1824 using "∀I" by fast
1825 AOT_hence 1: ‹❙𝒜∀u ([F]u ≡ [λz ❙𝒜[F]z]u)›
1826 by (metis "Ordinary.res-var-bound-reas[2]" "→E")
1827 AOT_modally_strict {
1828 AOT_have ‹[λz ❙𝒜[F]z]↓› by "cqt:2"
1829 } note 2 = this
1830 AOT_have ‹❙𝒜(F ≡⇩E [λz ❙𝒜[F]z])›
1831 apply (AOT_subst ‹F ≡⇩E [λz ❙𝒜[F]z]› ‹∀u ([F]u ≡ [λz ❙𝒜[F]z]u)›)
1832 using eqE[THEN "≡Df", THEN "≡S"(1), OF "&I",
1833 OF "cqt:2[const_var]"[axiom_inst], OF 2]
1834 by (auto simp: 1)
1835 moreover AOT_have ‹❙𝒜(F ≡⇩E [λz ❙𝒜[F]z] → F ≈⇩E [λz ❙𝒜[F]z])›
1836 using "apE-eqE:1"[unvarify G, THEN "RA[2]", OF 2] by metis
1837 ultimately AOT_show ‹❙𝒜F ≈⇩E [λz ❙𝒜[F]z]›
1838 by (metis "act-cond" "→E")
1839qed
1840
1841AOT_theorem "actuallyF:2": ‹Rigid([λz ❙𝒜[F]z])›
1842proof(safe intro!: GEN "→I" "df-rigid-rel:1"[THEN "≡⇩d⇩fI"] "&I")
1843 AOT_show ‹[λz ❙𝒜[F]z]↓› by "cqt:2"
1844next
1845 AOT_show ‹□∀x ([λz ❙𝒜[F]z]x → □[λz ❙𝒜[F]z]x)›
1846 proof(rule RN; rule GEN; rule "→I")
1847 AOT_modally_strict {
1848 fix x
1849 AOT_assume ‹[λz ❙𝒜[F]z]x›
1850 AOT_hence ‹❙𝒜[F]x›
1851 by (rule "β→C"(1))
1852 AOT_hence 1: ‹□❙𝒜[F]x› by (metis "Act-Basic:6" "≡E"(1))
1853 AOT_show ‹□[λz ❙𝒜[F]z]x›
1854 apply (AOT_subst ‹[λz ❙𝒜[F]z]x› ‹❙𝒜[F]x›)
1855 apply (rule "beta-C-meta"[THEN "→E"])
1856 apply "cqt:2[lambda]"
1857 by (fact 1)
1858 }
1859 qed
1860qed
1861
1862AOT_theorem "approx-nec:1": ‹Rigid(F) → F ≈⇩E [λz ❙𝒜[F]z]›
1863proof(rule "→I")
1864 AOT_assume ‹Rigid([F])›
1865 AOT_hence A: ‹□∀x ([F]x → □[F]x)›
1866 using "df-rigid-rel:1"[THEN "≡⇩d⇩fE", THEN "&E"(2)] by blast
1867 AOT_hence 0: ‹∀x □([F]x → □[F]x)›
1868 using CBF[THEN "→E"] by blast
1869 AOT_hence 1: ‹∀x ([F]x → □[F]x)›
1870 using A "qml:2"[axiom_inst, THEN "→E"] by blast
1871 AOT_have act_F_den: ‹[λz ❙𝒜[F]z]↓›
1872 by "cqt:2"
1873 AOT_show ‹F ≈⇩E [λz ❙𝒜[F]z]›
1874 proof (safe intro!: "apE-eqE:1"[unvarify G, THEN "→E"] eqE[THEN "≡⇩d⇩fI"] "&I"
1875 "cqt:2" act_F_den Ordinary.GEN "→I" "≡I")
1876 fix u
1877 AOT_assume ‹[F]u›
1878 AOT_hence ‹□[F]u›
1879 using 1[THEN "∀E"(2), THEN "→E"] by blast
1880 AOT_hence act_F_u: ‹❙𝒜[F]u›
1881 by (metis "nec-imp-act" "→E")
1882 AOT_show ‹[λz ❙𝒜[F]z]u›
1883 by (auto intro!: "β←C"(1) "cqt:2" act_F_u)
1884 next
1885 fix u
1886 AOT_assume ‹[λz ❙𝒜[F]z]u›
1887 AOT_hence ‹❙𝒜[F]u›
1888 by (rule "β→C"(1))
1889 AOT_thus ‹[F]u›
1890 using 0[THEN "∀E"(2)]
1891 by (metis "≡E"(1) "sc-eq-fur:2" "→E")
1892 qed
1893qed
1894
1895
1896AOT_theorem "approx-nec:2":
1897 ‹F ≈⇩E G ≡ ∀H ([λz ❙𝒜[H]z] ≈⇩E F ≡ [λz ❙𝒜[H]z] ≈⇩E G)›
1898proof(rule "≡I"; rule "→I")
1899 AOT_assume 0: ‹F ≈⇩E G›
1900 AOT_assume 0: ‹F ≈⇩E G›
1901 AOT_hence ‹∀H (H ≈⇩E F ≡ H ≈⇩E G)›
1902 using "eq-part:4"[THEN "≡E"(1), OF 0] by blast
1903 AOT_have ‹[λz ❙𝒜[H]z] ≈⇩E F ≡ [λz ❙𝒜[H]z] ≈⇩E G› for H
1904 by (rule "∀E"(1)[OF "eq-part:4"[THEN "≡E"(1), OF 0]]) "cqt:2"
1905 AOT_thus ‹∀H ([λz ❙𝒜[H]z] ≈⇩E F ≡ [λz ❙𝒜[H]z] ≈⇩E G)›
1906 by (rule GEN)
1907next
1908 AOT_assume 0: ‹∀H ([λz ❙𝒜[H]z] ≈⇩E F ≡ [λz ❙𝒜[H]z] ≈⇩E G)›
1909 AOT_obtain H where ‹Rigidifies(H,F)›
1910 using "rigid-der:3" "∃E" by metis
1911 AOT_hence H: ‹Rigid(H) & ∀x ([H]x ≡ [F]x)›
1912 using "df-rigid-rel:2"[THEN "≡⇩d⇩fE"] by blast
1913 AOT_have H_rigid: ‹□∀x ([H]x → □[H]x)›
1914 using H[THEN "&E"(1), THEN "df-rigid-rel:1"[THEN "≡⇩d⇩fE"], THEN "&E"(2)].
1915 AOT_hence ‹∀x □([H]x → □[H]x)›
1916 using "CBF" "vdash-properties:10" by blast
1917 AOT_hence ‹□([H]x → □[H]x)› for x using "∀E"(2) by blast
1918 AOT_hence rigid: ‹[H]x ≡ ❙𝒜[H]x› for x
1919 by (metis "≡E"(6) "oth-class-taut:3:a" "sc-eq-fur:2" "→E")
1920 AOT_have ‹H ≡⇩E F›
1921 proof (safe intro!: eqE[THEN "≡⇩d⇩fI"] "&I" "cqt:2" Ordinary.GEN "→I")
1922 AOT_show ‹[H]u ≡ [F]u› for u using H[THEN "&E"(2)] "∀E"(2) by fast
1923 qed
1924 AOT_hence ‹H ≈⇩E F›
1925 by (rule "apE-eqE:2"[THEN "→E", OF "&I", rotated])
1926 (simp add: "eq-part:1")
1927 AOT_hence F_approx_H: ‹F ≈⇩E H›
1928 by (metis "eq-part:2" "→E")
1929 moreover AOT_have H_eq_act_H: ‹H ≡⇩E [λz ❙𝒜[H]z]›
1930 proof (safe intro!: eqE[THEN "≡⇩d⇩fI"] "&I" "cqt:2" Ordinary.GEN "→I")
1931 AOT_show ‹[H]u ≡ [λz ❙𝒜[H]z]u› for u
1932 apply (AOT_subst ‹[λz ❙𝒜[H]z]u› ‹❙𝒜[H]u›)
1933 apply (rule "beta-C-meta"[THEN "→E"])
1934 apply "cqt:2[lambda]"
1935 using rigid by blast
1936 qed
1937 AOT_have a: ‹F ≈⇩E [λz ❙𝒜[H]z]›
1938 apply (rule "apE-eqE:2"[unvarify H, THEN "→E"])
1939 apply "cqt:2[lambda]"
1940 using F_approx_H H_eq_act_H "&I" by blast
1941 AOT_hence ‹[λz ❙𝒜[H]z] ≈⇩E F›
1942 apply (rule "eq-part:2"[unvarify G, THEN "→E", rotated])
1943 by "cqt:2[lambda]"
1944 AOT_hence b: ‹[λz ❙𝒜[H]z] ≈⇩E G›
1945 by (rule 0[THEN "∀E"(1), THEN "≡E"(1), rotated]) "cqt:2"
1946 AOT_show ‹F ≈⇩E G›
1947 by (rule "eq-part:3"[unvarify G, THEN "→E", rotated, OF "&I", OF a, OF b])
1948 "cqt:2"
1949qed
1950
1951AOT_theorem "approx-nec:3":
1952 ‹(Rigid(F) & Rigid(G)) → □(F ≈⇩E G → □F ≈⇩E G)›
1953proof (rule "→I")
1954 AOT_assume ‹Rigid(F) & Rigid(G)›
1955 AOT_hence ‹□∀x([F]x → □[F]x)› and ‹□∀x([G]x → □[G]x)›
1956 using "df-rigid-rel:1"[THEN "≡⇩d⇩fE", THEN "&E"(2)] "&E" by blast+
1957 AOT_hence ‹□(□∀x([F]x → □[F]x) & □∀x([G]x → □[G]x))›
1958 using "KBasic:3" "4" "&I" "≡E"(2) "vdash-properties:10" by meson
1959 moreover AOT_have ‹□(□∀x([F]x → □[F]x) & □∀x([G]x → □[G]x)) →
1960 □(F ≈⇩E G → □F ≈⇩E G)›
1961 proof(rule RM; rule "→I"; rule "→I")
1962 AOT_modally_strict {
1963 AOT_assume ‹□∀x([F]x → □[F]x) & □∀x([G]x → □[G]x)›
1964 AOT_hence ‹□∀x([F]x → □[F]x)› and ‹□∀x([G]x → □[G]x)›
1965 using "&E" by blast+
1966 AOT_hence ‹∀x□([F]x → □[F]x)› and ‹∀x□([G]x → □[G]x)›
1967 using CBF[THEN "→E"] by blast+
1968 AOT_hence F_nec: ‹□([F]x → □[F]x)›
1969 and G_nec: ‹□([G]x → □[G]x)› for x
1970 using "∀E"(2) by blast+
1971 AOT_assume ‹F ≈⇩E G›
1972 AOT_hence ‹∃R R |: F ⇩1⇩-⇩1⟷⇩E G›
1973 by (metis "≡⇩d⇩fE" "equi:3")
1974 then AOT_obtain R where ‹R |: F ⇩1⇩-⇩1⟷⇩E G›
1975 using "∃E"[rotated] by blast
1976 AOT_hence C1: ‹∀u ([F]u → ∃!v ([G]v & [R]uv))›
1977 and C2: ‹∀v ([G]v → ∃!u ([F]u & [R]uv))›
1978 using "equi:2"[THEN "≡⇩d⇩fE"] "&E" by blast+
1979 AOT_obtain R' where ‹Rigidifies(R', R)›
1980 using "rigid-der:3" "∃E"[rotated] by blast
1981 AOT_hence 1: ‹Rigid(R') & ∀x⇩1...∀x⇩n ([R']x⇩1...x⇩n ≡ [R]x⇩1...x⇩n)›
1982 using "df-rigid-rel:2"[THEN "≡⇩d⇩fE"] by blast
1983 AOT_hence ‹□∀x⇩1...∀x⇩n ([R']x⇩1...x⇩n → □[R']x⇩1...x⇩n)›
1984 using "df-rigid-rel:1"[THEN "≡⇩d⇩fE"] "&E" by blast
1985 AOT_hence ‹∀x⇩1...∀x⇩n (◇[R']x⇩1...x⇩n → □[R']x⇩1...x⇩n)›
1986 using "≡E"(1) "rigid-rel-thms:1" by blast
1987 AOT_hence D: ‹∀x⇩1∀x⇩2 (◇[R']x⇩1x⇩2 → □[R']x⇩1x⇩2)›
1988 using tuple_forall[THEN "≡⇩d⇩fE"] by blast
1989 AOT_have E: ‹∀x⇩1∀x⇩2 ([R']x⇩1x⇩2 ≡ [R]x⇩1x⇩2)›
1990 using tuple_forall[THEN "≡⇩d⇩fE", OF 1[THEN "&E"(2)]] by blast
1991 AOT_have ‹∀u □([F]u → ∃!v ([G]v & [R']uv))›
1992 and ‹∀v □([G]v → ∃!u ([F]u & [R']uv))›
1993 proof (safe intro!: Ordinary.GEN "→I")
1994 fix u
1995 AOT_show ‹□([F]u → ∃!v ([G]v & [R']uv))›
1996 proof (rule "raa-cor:1")
1997 AOT_assume ‹¬□([F]u → ∃!v ([G]v & [R']uv))›
1998 AOT_hence 1: ‹◇¬([F]u → ∃!v ([G]v & [R']uv))›
1999 using "KBasic:11" "≡E"(1) by blast
2000 AOT_have ‹◇([F]u & ¬∃!v ([G]v & [R']uv))›
2001 apply (AOT_subst ‹[F]u & ¬∃!v ([G]v & [R']uv)›
2002 ‹¬([F]u → ∃!v ([G]v & [R']uv))›)
2003 apply (meson "≡E"(6) "oth-class-taut:1:b" "oth-class-taut:3:a")
2004 by (fact 1)
2005 AOT_hence A: ‹◇[F]u & ◇¬∃!v ([G]v & [R']uv)›
2006 using "KBasic2:3" "→E" by blast
2007 AOT_hence ‹□[F]u›
2008 using F_nec "&E"(1) "≡E"(1) "sc-eq-box-box:1" "→E" by blast
2009 AOT_hence ‹[F]u›
2010 by (metis "qml:2"[axiom_inst] "→E")
2011 AOT_hence ‹∃!v ([G]v & [R]uv)›
2012 using C1[THEN "Ordinary.∀E", THEN "→E"] by blast
2013 AOT_hence ‹∃v ([G]v & [R]uv & ∀v' ([G]v' & [R]uv' → v' =⇩E v))›
2014 using "equi:1"[THEN "≡E"(1)] by auto
2015 then AOT_obtain a where
2016 a_prop: ‹O!a & ([G]a & [R]ua & ∀v' ([G]v' & [R]uv' → v' =⇩E a))›
2017 using "∃E"[rotated] by blast
2018 AOT_have ‹∃v □([G]v & [R']uv & ∀v' ([G]v' & [R']uv' → v' =⇩E v))›
2019 proof(safe intro!: "∃I"(2)[where β=a] "&I" a_prop[THEN "&E"(1)]
2020 "KBasic:3"[THEN "≡E"(2)])
2021 AOT_show ‹□[G]a›
2022 using a_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(1)]
2023 by (metis G_nec "qml:2"[axiom_inst] "→E")
2024 next
2025 AOT_show ‹□[R']ua›
2026 using D[THEN "∀E"(2), THEN "∀E"(2), THEN "→E"]
2027 E[THEN "∀E"(2), THEN "∀E"(2), THEN "≡E"(2),
2028 OF a_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(2)]]
2029 by (metis "T◇" "→E")
2030 next
2031 AOT_have ‹∀v' □([G]v' & [R']uv' → v' =⇩E a)›
2032 proof (rule Ordinary.GEN; rule "raa-cor:1")
2033 fix v'
2034 AOT_assume ‹¬□([G]v' & [R']uv' → v' =⇩E a)›
2035 AOT_hence ‹◇¬([G]v' & [R']uv' → v' =⇩E a)›
2036 by (metis "KBasic:11" "≡E"(1))
2037 AOT_hence ‹◇([G]v' & [R']uv' & ¬v' =⇩E a)›
2038 by (AOT_subst ‹[G]v' & [R']uv' & ¬v' =⇩E a›
2039 ‹¬([G]v' & [R']uv' → v' =⇩E a)›)
2040 (meson "≡E"(6) "oth-class-taut:1:b" "oth-class-taut:3:a")
2041 AOT_hence 1: ‹◇[G]v'› and 2: ‹◇[R']uv'› and 3: ‹◇¬v' =⇩E a›
2042 using "KBasic2:3"[THEN "→E", THEN "&E"(1)]
2043 "KBasic2:3"[THEN "→E", THEN "&E"(2)] by blast+
2044 AOT_have Gv': ‹[G]v'› using G_nec 1
2045 by (meson "B◇" "KBasic:13" "→E")
2046 AOT_have ‹□[R']uv'›
2047 using 2 D[THEN "∀E"(2), THEN "∀E"(2), THEN "→E"] by blast
2048 AOT_hence R'uv': ‹[R']uv'›
2049 by (metis "B◇" "T◇" "→E")
2050 AOT_hence ‹[R]uv'›
2051 using E[THEN "∀E"(2), THEN "∀E"(2), THEN "≡E"(1)] by blast
2052 AOT_hence ‹v' =⇩E a›
2053 using a_prop[THEN "&E"(2), THEN "&E"(2), THEN "Ordinary.∀E",
2054 THEN "→E", OF "&I", OF Gv'] by blast
2055 AOT_hence ‹□(v' =⇩E a)›
2056 by (metis "id-nec3:1" "≡E"(4) "raa-cor:3")
2057 moreover AOT_have ‹¬□(v' =⇩E a)›
2058 using 3 "KBasic:11" "≡E"(2) by blast
2059 ultimately AOT_show ‹□(v' =⇩E a) & ¬□(v' =⇩E a)›
2060 using "&I" by blast
2061 qed
2062 AOT_thus ‹□∀v'([G]v' & [R']uv' → v' =⇩E a)›
2063 using "Ordinary.res-var-bound-reas[BF]" "→E" by fast
2064 qed
2065 AOT_hence ‹□∃v ([G]v & [R']uv & ∀v' ([G]v' & [R']uv' → v' =⇩E v))›
2066 using "Ordinary.res-var-bound-reas[Buridan]" "→E" by fast
2067 AOT_hence ‹□∃!v ([G]v & [R']uv)›
2068 by (AOT_subst_thm "equi:1")
2069 moreover AOT_have ‹¬□∃!v ([G]v & [R']uv)›
2070 using A[THEN "&E"(2)] "KBasic:11"[THEN "≡E"(2)] by blast
2071 ultimately AOT_show ‹□∃!v ([G]v & [R']uv) & ¬□∃!v ([G]v & [R']uv)›
2072 by (rule "&I")
2073 qed
2074 next
2075 fix v
2076 AOT_show ‹□([G]v → ∃!u ([F]u & [R']uv))›
2077 proof (rule "raa-cor:1")
2078 AOT_assume ‹¬□([G]v → ∃!u ([F]u & [R']uv))›
2079 AOT_hence 1: ‹◇¬([G]v → ∃!u ([F]u & [R']uv))›
2080 using "KBasic:11" "≡E"(1) by blast
2081 AOT_hence ‹◇([G]v & ¬∃!u ([F]u & [R']uv))›
2082 by (AOT_subst ‹[G]v & ¬∃!u ([F]u & [R']uv)›
2083 ‹¬([G]v → ∃!u ([F]u & [R']uv))›)
2084 (meson "≡E"(6) "oth-class-taut:1:b" "oth-class-taut:3:a")
2085 AOT_hence A: ‹◇[G]v & ◇¬∃!u ([F]u & [R']uv)›
2086 using "KBasic2:3" "→E" by blast
2087 AOT_hence ‹□[G]v›
2088 using G_nec "&E"(1) "≡E"(1) "sc-eq-box-box:1" "→E" by blast
2089 AOT_hence ‹[G]v› by (metis "qml:2"[axiom_inst] "→E")
2090 AOT_hence ‹∃!u ([F]u & [R]uv)›
2091 using C2[THEN "Ordinary.∀E", THEN "→E"] by blast
2092 AOT_hence ‹∃u ([F]u & [R]uv & ∀u' ([F]u' & [R]u'v → u' =⇩E u))›
2093 using "equi:1"[THEN "≡E"(1)] by auto
2094 then AOT_obtain a where
2095 a_prop: ‹O!a & ([F]a & [R]av & ∀u' ([F]u' & [R]u'v → u' =⇩E a))›
2096 using "∃E"[rotated] by blast
2097 AOT_have ‹∃u □([F]u & [R']uv & ∀u' ([F]u' & [R']u'v → u' =⇩E u))›
2098 proof(safe intro!: "∃I"(2)[where β=a] "&I" a_prop[THEN "&E"(1)]
2099 "KBasic:3"[THEN "≡E"(2)])
2100 AOT_show ‹□[F]a›
2101 using a_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(1)]
2102 by (metis F_nec "qml:2"[axiom_inst] "→E")
2103 next
2104 AOT_show ‹□[R']av›
2105 using D[THEN "∀E"(2), THEN "∀E"(2), THEN "→E"]
2106 E[THEN "∀E"(2), THEN "∀E"(2), THEN "≡E"(2),
2107 OF a_prop[THEN "&E"(2), THEN "&E"(1), THEN "&E"(2)]]
2108 by (metis "T◇" "→E")
2109 next
2110 AOT_have ‹∀u' □([F]u' & [R']u'v → u' =⇩E a)›
2111 proof (rule Ordinary.GEN; rule "raa-cor:1")
2112 fix u'
2113 AOT_assume ‹¬□([F]u' & [R']u'v → u' =⇩E a)›
2114 AOT_hence ‹◇¬([F]u' & [R']u'v → u' =⇩E a)›
2115 by (metis "KBasic:11" "≡E"(1))
2116 AOT_hence ‹◇([F]u' & [R']u'v & ¬u' =⇩E a)›
2117 by (AOT_subst ‹[F]u' & [R']u'v & ¬u' =⇩E a›
2118 ‹¬([F]u' & [R']u'v → u' =⇩E a)›)
2119 (meson "≡E"(6) "oth-class-taut:1:b" "oth-class-taut:3:a")
2120 AOT_hence 1: ‹◇[F]u'› and 2: ‹◇[R']u'v› and 3: ‹◇¬u' =⇩E a›
2121 using "KBasic2:3"[THEN "→E", THEN "&E"(1)]
2122 "KBasic2:3"[THEN "→E", THEN "&E"(2)] by blast+
2123 AOT_have Fu': ‹[F]u'› using F_nec 1
2124 by (meson "B◇" "KBasic:13" "→E")
2125 AOT_have ‹□[R']u'v›
2126 using 2 D[THEN "∀E"(2), THEN "∀E"(2), THEN "→E"] by blast
2127 AOT_hence R'u'v: ‹[R']u'v›
2128 by (metis "B◇" "T◇" "→E")
2129 AOT_hence ‹[R]u'v›
2130 using E[THEN "∀E"(2), THEN "∀E"(2), THEN "≡E"(1)] by blast
2131 AOT_hence ‹u' =⇩E a›
2132 using a_prop[THEN "&E"(2), THEN "&E"(2), THEN "Ordinary.∀E",
2133 THEN "→E", OF "&I", OF Fu'] by blast
2134 AOT_hence ‹□(u' =⇩E a)›
2135 by (metis "id-nec3:1" "≡E"(4) "raa-cor:3")
2136 moreover AOT_have ‹¬□(u' =⇩E a)›
2137 using 3 "KBasic:11" "≡E"(2) by blast
2138 ultimately AOT_show ‹□(u' =⇩E a) & ¬□(u' =⇩E a)›
2139 using "&I" by blast
2140 qed
2141 AOT_thus ‹□∀u'([F]u' & [R']u'v → u' =⇩E a)›
2142 using "Ordinary.res-var-bound-reas[BF]" "→E" by fast
2143 qed
2144 AOT_hence 1: ‹□∃u ([F]u & [R']uv & ∀u' ([F]u' & [R']u'v → u' =⇩E u))›
2145 using "Ordinary.res-var-bound-reas[Buridan]" "→E" by fast
2146 AOT_hence ‹□∃!u ([F]u & [R']uv)›
2147 by (AOT_subst_thm "equi:1")
2148 moreover AOT_have ‹¬□∃!u ([F]u & [R']uv)›
2149 using A[THEN "&E"(2)] "KBasic:11"[THEN "≡E"(2)] by blast
2150 ultimately AOT_show ‹□∃!u ([F]u & [R']uv) & ¬□∃!u ([F]u & [R']uv)›
2151 by (rule "&I")
2152 qed
2153 qed
2154 AOT_hence ‹□∀u ([F]u → ∃!v ([G]v & [R']uv))›
2155 and ‹□∀v ([G]v → ∃!u ([F]u & [R']uv))›
2156 using "Ordinary.res-var-bound-reas[BF]"[THEN "→E"] by auto
2157 moreover AOT_have ‹□[R']↓› and ‹□[F]↓› and ‹□[G]↓›
2158 by (simp_all add: "ex:2:a")
2159 ultimately AOT_have ‹□([R']↓ & [F]↓ & [G]↓ & ∀u ([F]u → ∃!v ([G]v & [R']uv)) &
2160 ∀v ([G]v → ∃!u ([F]u & [R']uv)))›
2161 using "KBasic:3" "&I" "≡E"(2) by meson
2162 AOT_hence ‹□R' |: F ⇩1⇩-⇩1⟷⇩E G›
2163 by (AOT_subst_def "equi:2")
2164 AOT_hence ‹∃R □R |: F ⇩1⇩-⇩1⟷⇩E G›
2165 by (rule "∃I"(2))
2166 AOT_hence ‹□∃R R |: F ⇩1⇩-⇩1⟷⇩E G›
2167 by (metis Buridan "→E")
2168 AOT_thus ‹□F ≈⇩E G›
2169 by (AOT_subst_def "equi:3")
2170 }
2171 qed
2172 ultimately AOT_show ‹□(F ≈⇩E G → □F ≈⇩E G)›
2173 using "→E" by blast
2174qed
2175
2176
2177AOT_define numbers :: ‹τ ⇒ τ ⇒ φ› (‹Numbers'(_,_')›)
2178 ‹Numbers(x,G) ≡⇩d⇩f A!x & G↓ & ∀F(x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)›
2179
2180AOT_theorem "numbers[den]":
2181 ‹Π↓ → (Numbers(κ, Π) ≡ A!κ & ∀F(κ[F] ≡ [λz ❙𝒜[F]z] ≈⇩E Π))›
2182 apply (safe intro!: numbers[THEN "≡⇩d⇩fI"] "&I" "≡I" "→I" "cqt:2"
2183 dest!: numbers[THEN "≡⇩d⇩fE"])
2184 using "&E" by blast+
2185
2186AOT_theorem "num-tran:1":
2187 ‹G ≈⇩E H → (Numbers(x, G) ≡ Numbers(x, H))›
2188proof (safe intro!: "→I" "≡I")
2189 AOT_assume 0: ‹G ≈⇩E H›
2190 AOT_assume ‹Numbers(x, G)›
2191 AOT_hence Ax: ‹A!x› and θ: ‹∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)›
2192 using numbers[THEN "≡⇩d⇩fE"] "&E" by blast+
2193 AOT_show ‹Numbers(x, H)›
2194 proof(safe intro!: numbers[THEN "≡⇩d⇩fI"] "&I" Ax "cqt:2" GEN)
2195 fix F
2196 AOT_have ‹x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G›
2197 using θ[THEN "∀E"(2)].
2198 also AOT_have ‹… ≡ [λz ❙𝒜[F]z] ≈⇩E H›
2199 using 0 "approx-nec:2"[THEN "≡E"(1), THEN "∀E"(2)] by metis
2200 finally AOT_show ‹x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E H›.
2201 qed
2202next
2203 AOT_assume ‹G ≈⇩E H›
2204 AOT_hence 0: ‹H ≈⇩E G›
2205 by (metis "eq-part:2" "→E")
2206 AOT_assume ‹Numbers(x, H)›
2207 AOT_hence Ax: ‹A!x› and θ: ‹∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E H)›
2208 using numbers[THEN "≡⇩d⇩fE"] "&E" by blast+
2209 AOT_show ‹Numbers(x, G)›
2210 proof(safe intro!: numbers[THEN "≡⇩d⇩fI"] "&I" Ax "cqt:2" GEN)
2211 fix F
2212 AOT_have ‹x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E H›
2213 using θ[THEN "∀E"(2)].
2214 also AOT_have ‹… ≡ [λz ❙𝒜[F]z] ≈⇩E G›
2215 using 0 "approx-nec:2"[THEN "≡E"(1), THEN "∀E"(2)] by metis
2216 finally AOT_show ‹x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G›.
2217 qed
2218qed
2219
2220AOT_theorem "num-tran:2":
2221 ‹(Numbers(x, G) & Numbers(x,H)) → G ≈⇩E H›
2222proof (rule "→I"; frule "&E"(1); drule "&E"(2))
2223 AOT_assume ‹Numbers(x,G)›
2224 AOT_hence ‹∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)›
2225 using numbers[THEN "≡⇩d⇩fE"] "&E" by blast
2226 AOT_hence 1: ‹x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G› for F
2227 using "∀E"(2) by blast
2228 AOT_assume ‹Numbers(x,H)›
2229 AOT_hence ‹∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E H)›
2230 using numbers[THEN "≡⇩d⇩fE"] "&E" by blast
2231 AOT_hence ‹x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E H› for F
2232 using "∀E"(2) by blast
2233 AOT_hence ‹[λz ❙𝒜[F]z] ≈⇩E G ≡ [λz ❙𝒜[F]z] ≈⇩E H› for F
2234 by (metis "1" "≡E"(6))
2235 AOT_thus ‹G ≈⇩E H›
2236 using "approx-nec:2"[THEN "≡E"(2), OF GEN] by blast
2237qed
2238
2239AOT_theorem "num-tran:3":
2240 ‹G ≡⇩E H → (Numbers(x, G) ≡ Numbers(x, H))›
2241 using "apE-eqE:1" "Hypothetical Syllogism" "num-tran:1" by blast
2242
2243AOT_theorem "pre-Hume":
2244 ‹(Numbers(x,G) & Numbers(y,H)) → (x = y ≡ G ≈⇩E H)›
2245proof(safe intro!: "→I" "≡I"; frule "&E"(1); drule "&E"(2))
2246 AOT_assume ‹Numbers(x, G)›
2247 moreover AOT_assume ‹x = y›
2248 ultimately AOT_have ‹Numbers(y, G)› by (rule "rule=E")
2249 moreover AOT_assume ‹Numbers(y, H)›
2250 ultimately AOT_show ‹G ≈⇩E H› using "num-tran:2" "→E" "&I" by blast
2251next
2252 AOT_assume ‹Numbers(x, G)›
2253 AOT_hence Ax: ‹A!x› and xF: ‹∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)›
2254 using numbers[THEN "≡⇩d⇩fE"] "&E" by blast+
2255 AOT_assume ‹Numbers(y, H)›
2256 AOT_hence Ay: ‹A!y› and yF: ‹∀F (y[F] ≡ [λz ❙𝒜[F]z] ≈⇩E H)›
2257 using numbers[THEN "≡⇩d⇩fE"] "&E" by blast+
2258 AOT_assume G_approx_H: ‹G ≈⇩E H›
2259 AOT_show ‹x = y›
2260 proof(rule "ab-obey:1"[THEN "→E", THEN "→E", OF "&I", OF Ax, OF Ay]; rule GEN)
2261 fix F
2262 AOT_have ‹x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G›
2263 using xF[THEN "∀E"(2)].
2264 also AOT_have ‹… ≡ [λz ❙𝒜[F]z] ≈⇩E H›
2265 using "approx-nec:2"[THEN "≡E"(1), OF G_approx_H, THEN "∀E"(2)].
2266 also AOT_have ‹… ≡ y[F]›
2267 using yF[THEN "∀E"(2), symmetric].
2268 finally AOT_show ‹x[F] ≡ y[F]›.
2269 qed
2270qed
2271
2272AOT_theorem "two-num-not":
2273 ‹∃u∃v(u ≠ v) → ∃x∃G∃H(Numbers(x,G) & Numbers(x, H) & ¬G ≡⇩E H)›
2274proof (rule "→I")
2275 AOT_have eqE_den: ‹[λx x =⇩E y]↓› for y by "cqt:2"
2276 AOT_assume ‹∃u∃v(u ≠ v)›
2277 then AOT_obtain c where Oc: ‹O!c› and ‹∃v (c ≠ v)›
2278 using "&E" "∃E"[rotated] by blast
2279 then AOT_obtain d where Od: ‹O!d› and c_noteq_d: ‹c ≠ d›
2280 using "&E" "∃E"[rotated] by blast
2281 AOT_hence c_noteqE_d: ‹c ≠⇩E d›
2282 using "=E-simple:2"[THEN "→E"] "=E-simple:2" "≡E"(2) "modus-tollens:1"
2283 "=-infix" "≡⇩d⇩fE" "thm-neg=E" by fast
2284 AOT_hence not_c_eqE_d: ‹¬c =⇩E d›
2285 using "≡E"(1) "thm-neg=E" by blast
2286 AOT_have ‹∃x (A!x & ∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E [λx x =⇩E c]))›
2287 by (simp add: "A-objects"[axiom_inst])
2288 then AOT_obtain a where a_prop: ‹A!a & ∀F (a[F] ≡ [λz ❙𝒜[F]z] ≈⇩E [λx x =⇩E c])›
2289 using "∃E"[rotated] by blast
2290 AOT_have ‹∃x (A!x & ∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E [λx x =⇩E d]))›
2291 by (simp add: "A-objects" "vdash-properties:1[2]")
2292 then AOT_obtain b where b_prop: ‹A!b & ∀F (b[F] ≡ [λz ❙𝒜[F]z] ≈⇩E [λx x =⇩E d])›
2293 using "∃E"[rotated] by blast
2294 AOT_have num_a_eq_c: ‹Numbers(a, [λx x =⇩E c])›
2295 by (safe intro!: numbers[THEN "≡⇩d⇩fI"] "&I" a_prop[THEN "&E"(1)]
2296 a_prop[THEN "&E"(2)]) "cqt:2"
2297 moreover AOT_have num_b_eq_d: ‹Numbers(b, [λx x =⇩E d])›
2298 by (safe intro!: numbers[THEN "≡⇩d⇩fI"] "&I" b_prop[THEN "&E"(1)]
2299 b_prop[THEN "&E"(2)]) "cqt:2"
2300 moreover AOT_have ‹[λx x =⇩E c] ≈⇩E [λx x =⇩E d]›
2301 proof (rule "equi:3"[THEN "≡⇩d⇩fI"])
2302 let ?R = ‹«[λxy (x =⇩E c & y =⇩E d)]»›
2303 AOT_have Rcd: ‹[«?R»]cd›
2304 by (auto intro!: "β←C"(1) "cqt:2" "&I" prod_denotesI
2305 "ord=Eequiv:1"[THEN "→E"] Od Oc)
2306 AOT_show ‹∃R R |: [λx x =⇩E c] ⇩1⇩-⇩1⟷⇩E [λx x =⇩E d]›
2307 proof (safe intro!: "∃I"(1)[where τ=‹?R›] "equi:2"[THEN "≡⇩d⇩fI"] "&I"
2308 eqE_den Ordinary.GEN "→I")
2309 AOT_show ‹«?R»↓› by "cqt:2"
2310 next
2311 fix u
2312 AOT_assume ‹[λx x =⇩E c]u›
2313 AOT_hence ‹u =⇩E c›
2314 by (metis "β→C"(1))
2315 AOT_hence u_is_c: ‹u = c›
2316 by (metis "=E-simple:2" "→E")
2317 AOT_show ‹∃!v ([λx x =⇩E d]v & [«?R»]uv)›
2318 proof (safe intro!: "equi:1"[THEN "≡E"(2)] "∃I"(2)[where β=d] "&I"
2319 Od Ordinary.GEN "→I")
2320 AOT_show ‹[λx x =⇩E d]d›
2321 by (auto intro!: "β←C"(1) "cqt:2" "ord=Eequiv:1"[THEN "→E", OF Od])
2322 next
2323 AOT_show ‹[«?R»]ud›
2324 using u_is_c[symmetric] Rcd "rule=E" by fast
2325 next
2326 fix v
2327 AOT_assume ‹[λx x =⇩E d]v & [«?R»]uv›
2328 AOT_thus ‹v =⇩E d›
2329 by (metis "β→C"(1) "&E"(1))
2330 qed
2331 next
2332 fix v
2333 AOT_assume ‹[λx x =⇩E d]v›
2334 AOT_hence ‹v =⇩E d›
2335 by (metis "β→C"(1))
2336 AOT_hence v_is_d: ‹v = d›
2337 by (metis "=E-simple:2" "→E")
2338 AOT_show ‹∃!u ([λx x =⇩E c]u & [«?R»]uv)›
2339 proof (safe intro!: "equi:1"[THEN "≡E"(2)] "∃I"(2)[where β=c] "&I"
2340 Oc Ordinary.GEN "→I")
2341 AOT_show ‹[λx x =⇩E c]c›
2342 by (auto intro!: "β←C"(1) "cqt:2" "ord=Eequiv:1"[THEN "→E", OF Oc])
2343 next
2344 AOT_show ‹[«?R»]cv›
2345 using v_is_d[symmetric] Rcd "rule=E" by fast
2346 next
2347 fix u
2348 AOT_assume ‹[λx x =⇩E c]u & [«?R»]uv›
2349 AOT_thus ‹u =⇩E c›
2350 by (metis "β→C"(1) "&E"(1))
2351 qed
2352 next
2353 AOT_show ‹«?R»↓›
2354 by "cqt:2"
2355 qed
2356 qed
2357 ultimately AOT_have ‹a = b›
2358 using "pre-Hume"[unvarify G H, OF eqE_den, OF eqE_den, THEN "→E",
2359 OF "&I", THEN "≡E"(2)] by blast
2360 AOT_hence num_a_eq_d: ‹Numbers(a, [λx x =⇩E d])›
2361 using num_b_eq_d "rule=E" id_sym by fast
2362 AOT_have not_equiv: ‹¬[λx x =⇩E c] ≡⇩E [λx x =⇩E d]›
2363 proof (rule "raa-cor:2")
2364 AOT_assume ‹[λx x =⇩E c] ≡⇩E [λx x =⇩E d]›
2365 AOT_hence ‹[λx x =⇩E c]c ≡ [λx x =⇩E d]c›
2366 using eqE[THEN "≡⇩d⇩fE", THEN "&E"(2), THEN "∀E"(2), THEN "→E"] Oc by blast
2367 moreover AOT_have ‹[λx x =⇩E c]c›
2368 by (auto intro!: "β←C"(1) "cqt:2" "ord=Eequiv:1"[THEN "→E", OF Oc])
2369 ultimately AOT_have ‹[λx x =⇩E d]c›
2370 using "≡E"(1) by blast
2371 AOT_hence ‹c =⇩E d›
2372 by (rule "β→C"(1))
2373 AOT_thus ‹c =⇩E d & ¬c =⇩E d›
2374 using not_c_eqE_d "&I" by blast
2375 qed
2376 AOT_show ‹∃x ∃G ∃H (Numbers(x,G) & Numbers(x,H) & ¬G ≡⇩E H)›
2377 apply (rule "∃I"(2)[where β=a])
2378 apply (rule "∃I"(1)[where τ=‹«[λx x =⇩E c]»›])
2379 apply (rule "∃I"(1)[where τ=‹«[λx x =⇩E d]»›])
2380 by (safe intro!: eqE_den "&I" num_a_eq_c num_a_eq_d not_equiv)
2381qed
2382
2383AOT_theorem "num:1": ‹∃x Numbers(x,G)›
2384 by (AOT_subst ‹Numbers(x,G)› ‹[A!]x & ∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)› for: x)
2385 (auto simp: "numbers[den]"[THEN "→E", OF "cqt:2[const_var]"[axiom_inst]]
2386 "A-objects"[axiom_inst])
2387
2388AOT_theorem "num:2": ‹∃!x Numbers(x,G)›
2389 by (AOT_subst ‹Numbers(x,G)› ‹[A!]x & ∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)› for: x)
2390 (auto simp: "numbers[den]"[THEN "→E", OF "cqt:2[const_var]"[axiom_inst]]
2391 "A-objects!")
2392
2393AOT_theorem "num-cont:1":
2394 ‹∃x∃G(Numbers(x, G) & ¬□Numbers(x, G))›
2395proof -
2396 AOT_have ‹∃F∃G ◇([λz ❙𝒜[F]z] ≈⇩E G & ◇¬[λz ❙𝒜[F]z] ≈⇩E G)›
2397 using "approx-cont:2".
2398 then AOT_obtain F where ‹∃G ◇([λz ❙𝒜[F]z] ≈⇩E G & ◇¬[λz ❙𝒜[F]z] ≈⇩E G)›
2399 using "∃E"[rotated] by blast
2400 then AOT_obtain G where ‹◇([λz ❙𝒜[F]z] ≈⇩E G & ◇¬[λz ❙𝒜[F]z] ≈⇩E G)›
2401 using "∃E"[rotated] by blast
2402 AOT_hence θ: ‹◇[λz ❙𝒜[F]z] ≈⇩E G› and ζ: ‹◇¬[λz ❙𝒜[F]z] ≈⇩E G›
2403 using "KBasic2:3"[THEN "→E"] "&E" "4◇"[THEN "→E"] by blast+
2404 AOT_obtain a where ‹Numbers(a, G)›
2405 using "num:1" "∃E"[rotated] by blast
2406 moreover AOT_have ‹¬□Numbers(a, G)›
2407 proof (rule "raa-cor:2")
2408 AOT_assume ‹□Numbers(a, G)›
2409 AOT_hence ‹□([A!]a & G↓ & ∀F (a[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G))›
2410 by (AOT_subst_def (reverse) numbers)
2411 AOT_hence ‹□A!a› and ‹□∀F (a[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)›
2412 using "KBasic:3"[THEN "≡E"(1)] "&E" by blast+
2413 AOT_hence ‹∀F □(a[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)›
2414 using CBF[THEN "→E"] by blast
2415 AOT_hence ‹□(a[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)›
2416 using "∀E"(2) by blast
2417 AOT_hence A: ‹□(a[F] → [λz ❙𝒜[F]z] ≈⇩E G)›
2418 and B: ‹□([λz ❙𝒜[F]z] ≈⇩E G → a[F])›
2419 using "KBasic:4"[THEN "≡E"(1)] "&E" by blast+
2420 AOT_have ‹□(¬[λz ❙𝒜[F]z] ≈⇩E G → ¬a[F])›
2421 apply (AOT_subst ‹¬[λz ❙𝒜[F]z] ≈⇩E G → ¬a[F]› ‹a[F] → [λz ❙𝒜[F]z] ≈⇩E G›)
2422 using "≡I" "useful-tautologies:4" "useful-tautologies:5" apply presburger
2423 by (fact A)
2424 AOT_hence ‹◇¬a[F]›
2425 by (metis "KBasic:13" ζ "→E")
2426 AOT_hence ‹¬a[F]›
2427 by (metis "KBasic:11" "en-eq:2[1]" "≡E"(2) "≡E"(4))
2428 AOT_hence ‹¬◇a[F]›
2429 by (metis "en-eq:3[1]" "≡E"(4))
2430 moreover AOT_have ‹◇a[F]›
2431 by (meson B θ "KBasic:13" "→E")
2432 ultimately AOT_show ‹◇a[F] & ¬◇a[F]›
2433 using "&I" by blast
2434 qed
2435
2436 ultimately AOT_have ‹Numbers(a, G) & ¬□Numbers(a, G)›
2437 using "&I" by blast
2438 AOT_hence ‹∃G (Numbers(a, G) & ¬□Numbers(a, G))›
2439 by (rule "∃I")
2440 AOT_thus ‹∃x∃G (Numbers(x, G) & ¬□Numbers(x, G))›
2441 by (rule "∃I")
2442qed
2443
2444AOT_theorem "num-cont:2":
2445 ‹Rigid(G) → □∀x(Numbers(x,G) → □Numbers(x,G))›
2446proof(rule "→I")
2447 AOT_assume ‹Rigid(G)›
2448 AOT_hence ‹□∀z([G]z → □[G]z)›
2449 using "df-rigid-rel:1"[THEN "≡⇩d⇩fE", THEN "&E"(2)] by blast
2450 AOT_hence ‹□□∀z([G]z → □[G]z)› by (metis "S5Basic:6" "≡E"(1))
2451 moreover AOT_have ‹□□∀z([G]z → □[G]z) → □∀x(Numbers(x,G) → □Numbers(x,G))›
2452 proof(rule RM; safe intro!: "→I" GEN)
2453 AOT_modally_strict {
2454 AOT_have act_den: ‹[λz ❙𝒜[F]z]↓› for F by "cqt:2[lambda]"
2455 fix x
2456 AOT_assume G_nec: ‹□∀z([G]z → □[G]z)›
2457 AOT_hence G_rigid: ‹Rigid(G)›
2458 using "df-rigid-rel:1"[THEN "≡⇩d⇩fI", OF "&I"] "cqt:2"
2459 by blast
2460 AOT_assume ‹Numbers(x, G)›
2461 AOT_hence ‹[A!]x & G↓ & ∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)›
2462 using numbers[THEN "≡⇩d⇩fE"] by blast
2463 AOT_hence Ax: ‹[A!]x› and ‹∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)›
2464 using "&E" by blast+
2465 AOT_hence ‹x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G› for F
2466 using "∀E"(2) by blast
2467 moreover AOT_have ‹□([λz ❙𝒜[F]z] ≈⇩E G → □[λz ❙𝒜[F]z] ≈⇩E G)› for F
2468 using "approx-nec:3"[unvarify F, OF act_den, THEN "→E", OF "&I",
2469 OF "actuallyF:2", OF G_rigid].
2470 moreover AOT_have ‹□(x[F] → □x[F])› for F
2471 by (simp add: RN "pre-en-eq:1[1]")
2472 ultimately AOT_have ‹□(x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)› for F
2473 using "sc-eq-box-box:5" "→E" "qml:2"[axiom_inst] "&I" by meson
2474 AOT_hence ‹∀F □(x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)›
2475 by (rule "∀I")
2476 AOT_hence 1: ‹□∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)›
2477 using BF[THEN "→E"] by fast
2478 AOT_have ‹□G↓›
2479 by (simp add: "ex:2:a")
2480 moreover AOT_have ‹□[A!]x›
2481 using Ax "oa-facts:2" "→E" by blast
2482 ultimately AOT_have ‹□(A!x & G↓)›
2483 by (metis "KBasic:3" "&I" "≡E"(2))
2484 AOT_hence ‹□(A!x & G↓ & ∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G))›
2485 using 1 "KBasic:3" "&I" "≡E"(2) by fast
2486 AOT_thus ‹□Numbers(x, G)›
2487 by (AOT_subst_def numbers)
2488 }
2489 qed
2490 ultimately AOT_show ‹□∀x(Numbers(x,G) → □Numbers(x,G))›
2491 using "→E" by blast
2492qed
2493
2494AOT_theorem "num-cont:3":
2495 ‹□∀x(Numbers(x, [λz ❙𝒜[G]z]) → □Numbers(x, [λz ❙𝒜[G]z]))›
2496 by (rule "num-cont:2"[unvarify G, THEN "→E"];
2497 ("cqt:2[lambda]" | rule "actuallyF:2"))
2498
2499AOT_theorem "num-uniq": ‹❙ιx Numbers(x, G)↓›
2500 using "≡E"(2) "A-Exists:2" "RA[2]" "num:2" by blast
2501
2502AOT_define num :: ‹τ ⇒ κ⇩s› (‹#_› [100] 100)
2503 "num-def:1": ‹#G =⇩d⇩f ❙ιx Numbers(x, G)›
2504
2505AOT_theorem "num-def:2": ‹#G↓›
2506 using "num-def:1"[THEN "=⇩d⇩fI"(1)] "num-uniq" by simp
2507
2508AOT_theorem "num-can:1":
2509 ‹#G = ❙ιx(A!x & ∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G))›
2510proof -
2511 AOT_have ‹□∀x(Numbers(x,G) ≡ [A!]x & ∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G))›
2512 by (safe intro!: RN GEN "numbers[den]"[THEN "→E"] "cqt:2")
2513 AOT_hence ‹❙ιx Numbers(x, G) = ❙ιx([A!]x & ∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G))›
2514 using "num-uniq" "equiv-desc-eq:3"[THEN "→E", OF "&I"] by auto
2515 thus ?thesis
2516 by (rule "=⇩d⇩fI"(1)[OF "num-def:1", OF "num-uniq"])
2517qed
2518
2519AOT_theorem "num-can:2": ‹#G = ❙ιx(A!x & ∀F (x[F] ≡ F ≈⇩E G))›
2520proof (rule id_trans[OF "num-can:1"]; rule "equiv-desc-eq:2"[THEN "→E"];
2521 safe intro!: "&I" "A-descriptions" GEN "Act-Basic:5"[THEN "≡E"(2)]
2522 "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)])
2523 AOT_have act_den: ‹❙⊢⇩□ [λz ❙𝒜[F]z]↓› for F
2524 by "cqt:2"
2525 AOT_have "eq-part:3[terms]": ‹❙⊢⇩□ F ≈⇩E G & F ≈⇩E H → G ≈⇩E H› for F G H
2526 by (metis "&I" "eq-part:2" "eq-part:3" "→I" "&E" "→E")
2527 fix x
2528 {
2529 fix F
2530 AOT_have ‹❙𝒜(F ≈⇩E [λz ❙𝒜[F]z])›
2531 by (simp add: "actuallyF:1")
2532 moreover AOT_have ‹❙𝒜((F ≈⇩E [λz ❙𝒜[F]z]) → ([λz ❙𝒜[F]z] ≈⇩E G ≡ F ≈⇩E G))›
2533 by (auto intro!: "RA[2]" "→I" "≡I"
2534 simp: "eq-part:3"[unvarify G, OF act_den, THEN "→E", OF "&I"]
2535 "eq-part:3[terms]"[unvarify G, OF act_den, THEN "→E", OF "&I"])
2536 ultimately AOT_have ‹❙𝒜([λz ❙𝒜[F]z] ≈⇩E G ≡ F ≈⇩E G)›
2537 using "logic-actual-nec:2"[axiom_inst, THEN "≡E"(1), THEN "→E"] by blast
2538
2539 AOT_hence ‹❙𝒜[λz ❙𝒜[F]z] ≈⇩E G ≡ ❙𝒜F ≈⇩E G›
2540 by (metis "Act-Basic:5" "≡E"(1))
2541 AOT_hence 0: ‹(❙𝒜x[F] ≡ ❙𝒜[λz ❙𝒜[F]z] ≈⇩E G) ≡ (❙𝒜x[F] ≡ ❙𝒜F ≈⇩E G)›
2542 by (auto intro!: "≡I" "→I" elim: "≡E")
2543 AOT_have ‹❙𝒜(x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G) ≡ (❙𝒜x[F] ≡ ❙𝒜[λz ❙𝒜[F]z] ≈⇩E G)›
2544 by (simp add: "Act-Basic:5")
2545 also AOT_have ‹… ≡ (❙𝒜x[F] ≡ ❙𝒜F ≈⇩E G)› using 0.
2546 also AOT_have ‹… ≡ ❙𝒜((x[F] ≡ F ≈⇩E G))›
2547 by (meson "Act-Basic:5" "≡E"(6) "oth-class-taut:3:a")
2548 finally AOT_have 0: ‹❙𝒜(x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G) ≡ ❙𝒜((x[F] ≡ F ≈⇩E G))›.
2549 } note 0 = this
2550 AOT_have ‹❙𝒜∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G) ≡ ∀F ❙𝒜(x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)›
2551 using "logic-actual-nec:3" "vdash-properties:1[2]" by blast
2552 also AOT_have ‹… ≡ ∀F ❙𝒜((x[F] ≡ F ≈⇩E G))›
2553 apply (safe intro!: "≡I" "→I" GEN)
2554 using 0 "≡E"(1) "≡E"(2) "rule-ui:3" by blast+
2555 also AOT_have ‹… ≡ ❙𝒜(∀F (x[F] ≡ F ≈⇩E G))›
2556 using "≡E"(6) "logic-actual-nec:3"[axiom_inst] "oth-class-taut:3:a" by fast
2557 finally AOT_have 0: ‹❙𝒜∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G) ≡ ❙𝒜(∀F (x[F] ≡ F ≈⇩E G))›.
2558 AOT_have ‹❙𝒜([A!]x & ∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)) ≡
2559 (❙𝒜A!x & ❙𝒜∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G))›
2560 by (simp add: "Act-Basic:2")
2561 also AOT_have ‹… ≡ ❙𝒜[A!]x & ❙𝒜(∀F (x[F] ≡ F ≈⇩E G))›
2562 using 0 "oth-class-taut:4:f" "→E" by blast
2563 also AOT_have ‹… ≡ ❙𝒜(A!x & ∀F (x[F] ≡ F ≈⇩E G))›
2564 using "Act-Basic:2" "≡E"(6) "oth-class-taut:3:a" by blast
2565 finally AOT_show ‹❙𝒜([A!]x & ∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)) ≡
2566 ❙𝒜([A!]x & ∀F (x[F] ≡ F ≈⇩E G))›.
2567qed
2568
2569AOT_define NaturalCardinal :: ‹τ ⇒ φ› (‹NaturalCardinal'(_')›)
2570 card: ‹NaturalCardinal(x) ≡⇩d⇩f ∃G(x = #G)›
2571
2572AOT_theorem "natcard-nec": ‹NaturalCardinal(x) → □NaturalCardinal(x)›
2573proof(rule "→I")
2574 AOT_assume ‹NaturalCardinal(x)›
2575 AOT_hence ‹∃G(x = #G)› using card[THEN "≡⇩d⇩fE"] by blast
2576 then AOT_obtain G where ‹x = #G› using "∃E"[rotated] by blast
2577 AOT_hence ‹□x = #G› by (metis "id-nec:2" "→E")
2578 AOT_hence ‹∃G □x = #G› by (rule "∃I")
2579 AOT_hence ‹□∃G x = #G› by (metis Buridan "→E")
2580 AOT_thus ‹□NaturalCardinal(x)›
2581 by (AOT_subst_def card)
2582qed
2583
2584AOT_act_theorem "hume:1": ‹Numbers(#G, G)›
2585 apply (rule "=⇩d⇩fI"(1)[OF "num-def:1"])
2586 apply (simp add: "num-uniq")
2587 using "num-uniq" "vdash-properties:10" "y-in:3" by blast
2588
2589AOT_act_theorem "hume:2": ‹#F = #G ≡ F ≈⇩E G›
2590 by (safe intro!: "pre-Hume"[unvarify x y, OF "num-def:2",
2591 OF "num-def:2", THEN "→E"] "&I" "hume:1")
2592
2593AOT_act_theorem "hume:3": ‹#F = #G ≡ ∃R (R |: F ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩oE G)›
2594 using "equi-rem-thm"
2595 apply (AOT_subst (reverse) ‹R |: F ⇩1⇩-⇩1⟶⇩o⇩n⇩t⇩oE G›
2596 ‹R |: F ⇩1⇩-⇩1⟷⇩E G› for: R :: ‹<κ×κ>›)
2597 using "equi:3" "hume:2" "≡E"(5) "≡Df" by blast
2598
2599AOT_act_theorem "hume:4": ‹F ≡⇩E G → #F = #G›
2600 by (metis "apE-eqE:1" "deduction-theorem" "hume:2" "≡E"(2) "→E")
2601
2602AOT_theorem "hume-strict:1":
2603 ‹∃x (Numbers(x, F) & Numbers(x, G)) ≡ F ≈⇩E G›
2604proof(safe intro!: "≡I" "→I")
2605 AOT_assume ‹∃x (Numbers(x, F) & Numbers(x, G))›
2606 then AOT_obtain a where ‹Numbers(a, F) & Numbers(a, G)›
2607 using "∃E"[rotated] by blast
2608 AOT_thus ‹F ≈⇩E G›
2609 using "num-tran:2" "→E" by blast
2610next
2611 AOT_assume 0: ‹F ≈⇩E G›
2612 moreover AOT_obtain b where num_b_F: ‹Numbers(b, F)›
2613 by (metis "instantiation" "num:1")
2614 moreover AOT_have num_b_G: ‹Numbers(b, G)›
2615 using calculation "num-tran:1"[THEN "→E", THEN "≡E"(1)] by blast
2616 ultimately AOT_have ‹Numbers(b, F) & Numbers(b, G)›
2617 by (safe intro!: "&I")
2618 AOT_thus ‹∃x (Numbers(x, F) & Numbers(x, G))›
2619 by (rule "∃I")
2620qed
2621
2622AOT_theorem "hume-strict:2":
2623 ‹∃x∃y (Numbers(x, F) &
2624 ∀z(Numbers(z,F) → z = x) &
2625 Numbers(y, G) &
2626 ∀z (Numbers(z, G) → z = y) &
2627 x = y) ≡
2628 F ≈⇩E G›
2629proof(safe intro!: "≡I" "→I")
2630 AOT_assume ‹∃x∃y (Numbers(x, F) & ∀z(Numbers(z,F) → z = x) &
2631 Numbers(y, G) & ∀z (Numbers(z, G) → z = y) & x = y)›
2632 then AOT_obtain x where
2633 ‹∃y (Numbers(x, F) & ∀z(Numbers(z,F) → z = x) & Numbers(y, G) &
2634 ∀z (Numbers(z, G) → z = y) & x = y)›
2635 using "∃E"[rotated] by blast
2636 then AOT_obtain y where
2637 ‹Numbers(x, F) & ∀z(Numbers(z,F) → z = x) & Numbers(y, G) &
2638 ∀z (Numbers(z, G) → z = y) & x = y›
2639 using "∃E"[rotated] by blast
2640 AOT_hence ‹Numbers(x, F)› and ‹Numbers(y,G)› and ‹x = y›
2641 using "&E" by blast+
2642 AOT_hence ‹Numbers(y, F) & Numbers(y, G)›
2643 using "&I" "rule=E" by fast
2644 AOT_hence ‹∃y (Numbers(y, F) & Numbers(y, G))›
2645 by (rule "∃I")
2646 AOT_thus ‹F ≈⇩E G›
2647 using "hume-strict:1"[THEN "≡E"(1)] by blast
2648next
2649 AOT_assume ‹F ≈⇩E G›
2650 AOT_hence ‹∃x (Numbers(x, F) & Numbers(x, G))›
2651 using "hume-strict:1"[THEN "≡E"(2)] by blast
2652 then AOT_obtain x where ‹Numbers(x, F) & Numbers(x, G)›
2653 using "∃E"[rotated] by blast
2654 moreover AOT_have ‹∀z (Numbers(z, F) → z = x)›
2655 and ‹∀z (Numbers(z, G) → z = x)›
2656 using calculation
2657 by (auto intro!: GEN "→I" "pre-Hume"[THEN "→E", OF "&I", THEN "≡E"(2),
2658 rotated 2, OF "eq-part:1"] dest: "&E")
2659 ultimately AOT_have ‹Numbers(x, F) & ∀z(Numbers(z,F) → z = x) &
2660 Numbers(x, G) & ∀z (Numbers(z, G) → z = x) & x = x›
2661 by (auto intro!: "&I" "id-eq:1" dest: "&E")
2662 AOT_thus ‹∃x∃y (Numbers(x, F) & ∀z(Numbers(z,F) → z = x) & Numbers(y, G) &
2663 ∀z (Numbers(z, G) → z = y) & x = y)›
2664 by (auto intro!: "∃I")
2665qed
2666
2667AOT_theorem unotEu: ‹¬∃y[λx O!x & x ≠⇩E x]y›
2668proof(rule "raa-cor:2")
2669 AOT_assume ‹∃y[λx O!x & x ≠⇩E x]y›
2670 then AOT_obtain y where ‹[λx O!x & x ≠⇩E x]y›
2671 using "∃E"[rotated] by blast
2672 AOT_hence 0: ‹O!y & y ≠⇩E y›
2673 by (rule "β→C"(1))
2674 AOT_hence ‹¬(y =⇩E y)›
2675 using "&E"(2) "≡E"(1) "thm-neg=E" by blast
2676 moreover AOT_have ‹y =⇩E y›
2677 by (metis 0[THEN "&E"(1)] "ord=Eequiv:1" "→E")
2678 ultimately AOT_show ‹p & ¬p› for p
2679 by (metis "raa-cor:3")
2680qed
2681
2682AOT_define zero :: ‹κ⇩s› (‹0›)
2683 "zero:1": ‹0 =⇩d⇩f #[λx O!x & x ≠⇩E x]›
2684
2685AOT_theorem "zero:2": ‹0↓›
2686 by (rule "=⇩d⇩fI"(2)[OF "zero:1"]; rule "num-def:2"[unvarify G]; "cqt:2")
2687
2688AOT_theorem "zero-card": ‹NaturalCardinal(0)›
2689 apply (rule "=⇩d⇩fI"(2)[OF "zero:1"])
2690 apply (rule "num-def:2"[unvarify G]; "cqt:2")
2691 apply (rule card[THEN "≡⇩d⇩fI"])
2692 apply (rule "∃I"(1)[where τ=‹«[λx [O!]x & x ≠⇩E x]»›])
2693 apply (rule "rule=I:1"; rule "num-def:2"[unvarify G]; "cqt:2")
2694 by "cqt:2"
2695
2696AOT_theorem "eq-num:1":
2697 ‹❙𝒜Numbers(x, G) ≡ Numbers(x,[λz ❙𝒜[G]z])›
2698proof -
2699 AOT_have act_den: ‹❙⊢⇩□ [λz ❙𝒜[F]z]↓› for F by "cqt:2"
2700 AOT_have ‹□(∃x(Numbers(x, G) & Numbers(x,[λz ❙𝒜[G]z])) ≡ G ≈⇩E [λz ❙𝒜[G]z])›
2701 using "hume-strict:1"[unvarify G, OF act_den, THEN RN].
2702 AOT_hence ‹❙𝒜(∃x(Numbers(x, G) & Numbers(x,[λz ❙𝒜[G]z])) ≡ G ≈⇩E [λz ❙𝒜[G]z])›
2703 using "nec-imp-act"[THEN "→E"] by fast
2704 AOT_hence ‹❙𝒜(∃x(Numbers(x, G) & Numbers(x,[λz ❙𝒜[G]z])))›
2705 using "actuallyF:1" "Act-Basic:5" "≡E"(1) "≡E"(2) by fast
2706 AOT_hence ‹∃x ❙𝒜((Numbers(x, G) & Numbers(x,[λz ❙𝒜[G]z])))›
2707 by (metis "Act-Basic:10" "intro-elim:3:a")
2708 then AOT_obtain a where ‹❙𝒜(Numbers(a, G) & Numbers(a,[λz ❙𝒜[G]z]))›
2709 using "∃E"[rotated] by blast
2710 AOT_hence act_a_num_G: ‹❙𝒜Numbers(a, G)›
2711 and act_a_num_actG: ‹❙𝒜Numbers(a,[λz ❙𝒜[G]z])›
2712 using "Act-Basic:2" "&E" "≡E"(1) by blast+
2713 AOT_hence num_a_act_g: ‹Numbers(a, [λz ❙𝒜[G]z])›
2714 using "num-cont:2"[unvarify G, OF act_den, THEN "→E", OF "actuallyF:2",
2715 THEN CBF[THEN "→E"], THEN "∀E"(2)]
2716 by (metis "≡E"(1) "sc-eq-fur:2" "vdash-properties:6")
2717 AOT_have 0: ‹❙⊢⇩□ Numbers(x, G) & Numbers(y, G) → x = y› for y
2718 using "pre-Hume"[THEN "→E", THEN "≡E"(2), rotated, OF "eq-part:1"]
2719 "→I" by blast
2720 show ?thesis
2721 proof(safe intro!: "≡I" "→I")
2722 AOT_assume ‹❙𝒜Numbers(x, G)›
2723 AOT_hence ‹❙𝒜x = a›
2724 using 0[THEN "RA[2]", THEN "act-cond"[THEN "→E"], THEN "→E",
2725 OF "Act-Basic:2"[THEN "≡E"(2)], OF "&I"]
2726 act_a_num_G by blast
2727 AOT_hence ‹x = a› by (metis "id-act:1" "≡E"(2))
2728 AOT_hence ‹a = x› using id_sym by auto
2729 AOT_thus ‹Numbers(x, [λz ❙𝒜[G]z])›
2730 using "rule=E" num_a_act_g by fast
2731 next
2732 AOT_assume ‹Numbers(x, [λz ❙𝒜[G]z])›
2733 AOT_hence ‹a = x›
2734 using "pre-Hume"[unvarify G H, THEN "→E", OF act_den, OF act_den, OF "&I",
2735 OF num_a_act_g, THEN "≡E"(2)]
2736 "eq-part:1"[unvarify F, OF act_den] by blast
2737 AOT_thus ‹❙𝒜Numbers(x, G)›
2738 using act_a_num_G "rule=E" by fast
2739 qed
2740qed
2741
2742AOT_theorem "eq-num:2": ‹Numbers(x,[λz ❙𝒜[G]z]) ≡ x = #G›
2743proof -
2744 AOT_have 0: ‹❙⊢⇩□ x = ❙ιx Numbers(x, G) ≡ ∀y (Numbers(y, [λz ❙𝒜[G]z]) ≡ y = x)› for x
2745 by (AOT_subst (reverse) ‹Numbers(x, [λz ❙𝒜[G]z])› ‹❙𝒜Numbers(x, G)› for: x)
2746 (auto simp: "eq-num:1" descriptions[axiom_inst])
2747 AOT_have ‹#G = ❙ιx Numbers(x, G) ≡ ∀y (Numbers(y, [λz ❙𝒜[G]z]) ≡ y = #G)›
2748 using 0[unvarify x, OF "num-def:2"].
2749 moreover AOT_have ‹#G = ❙ιx Numbers(x, G)›
2750 using "num-def:1" "num-uniq" "rule-id-df:1" by blast
2751 ultimately AOT_have ‹∀y (Numbers(y, [λz ❙𝒜[G]z]) ≡ y = #G)›
2752 using "≡E" by blast
2753 thus ?thesis using "∀E"(2) by blast
2754qed
2755
2756AOT_theorem "eq-num:3": ‹Numbers(#G, [λy ❙𝒜[G]y])›
2757proof -
2758 AOT_have ‹#G = #G›
2759 by (simp add: "rule=I:1" "num-def:2")
2760 thus ?thesis
2761 using "eq-num:2"[unvarify x, OF "num-def:2", THEN "≡E"(2)] by blast
2762qed
2763
2764AOT_theorem "eq-num:4":
2765 ‹A!#G & ∀F (#G[F] ≡ [λz ❙𝒜[F]z] ≈⇩E [λz ❙𝒜[G]z])›
2766 by (auto intro!: "&I" "eq-num:3"[THEN numbers[THEN "≡⇩d⇩fE"],
2767 THEN "&E"(1), THEN "&E"(1)]
2768 "eq-num:3"[THEN numbers[THEN "≡⇩d⇩fE"], THEN "&E"(2)])
2769
2770AOT_theorem "eq-num:5": ‹#G[G]›
2771 by (auto intro!: "eq-num:4"[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(2)]
2772 "eq-part:1"[unvarify F] simp: "cqt:2")
2773
2774AOT_theorem "eq-num:6": ‹Numbers(x, G) → NaturalCardinal(x)›
2775proof(rule "→I")
2776 AOT_have act_den: ‹❙⊢⇩□ [λz ❙𝒜[F]z]↓› for F
2777 by "cqt:2"
2778 AOT_obtain F where ‹Rigidifies(F, G)›
2779 by (metis "instantiation" "rigid-der:3")
2780 AOT_hence θ: ‹Rigid(F)› and ‹∀x([F]x ≡ [G]x)›
2781 using "df-rigid-rel:2"[THEN "≡⇩d⇩fE", THEN "&E"(2)]
2782 "df-rigid-rel:2"[THEN "≡⇩d⇩fE", THEN "&E"(1)]
2783 by blast+
2784 AOT_hence ‹F ≡⇩E G›
2785 by (auto intro!: eqE[THEN "≡⇩d⇩fI"] "&I" "cqt:2" GEN "→I" elim: "∀E"(2))
2786 moreover AOT_assume ‹Numbers(x, G)›
2787 ultimately AOT_have ‹Numbers(x, F)›
2788 using "num-tran:3"[THEN "→E", THEN "≡E"(2)] by blast
2789 moreover AOT_have ‹F ≈⇩E [λz ❙𝒜[F]z]›
2790 using θ "approx-nec:1" "→E" by blast
2791 ultimately AOT_have ‹Numbers(x, [λz ❙𝒜[F]z])›
2792 using "num-tran:1"[unvarify H, OF act_den, THEN "→E", THEN "≡E"(1)] by blast
2793 AOT_hence ‹x = #F›
2794 using "eq-num:2"[THEN "≡E"(1)] by blast
2795 AOT_hence ‹∃F x = #F›
2796 by (rule "∃I")
2797 AOT_thus ‹NaturalCardinal(x)›
2798 using card[THEN "≡⇩d⇩fI"] by blast
2799qed
2800
2801AOT_theorem "eq-df-num": ‹∃G (x = #G) ≡ ∃G (Numbers(x,G))›
2802proof(safe intro!: "≡I" "→I")
2803 AOT_assume ‹∃G (x = #G)›
2804 then AOT_obtain P where ‹x = #P›
2805 using "∃E"[rotated] by blast
2806 AOT_hence ‹Numbers(x,[λz ❙𝒜[P]z])›
2807 using "eq-num:2"[THEN "≡E"(2)] by blast
2808 moreover AOT_have ‹[λz ❙𝒜[P]z]↓› by "cqt:2"
2809 ultimately AOT_show ‹∃G(Numbers(x,G))› by (rule "∃I")
2810next
2811 AOT_assume ‹∃G (Numbers(x,G))›
2812 then AOT_obtain Q where ‹Numbers(x,Q)›
2813 using "∃E"[rotated] by blast
2814 AOT_hence ‹NaturalCardinal(x)›
2815 using "eq-num:6"[THEN "→E"] by blast
2816 AOT_thus ‹∃G (x = #G)›
2817 using card[THEN "≡⇩d⇩fE"] by blast
2818qed
2819
2820AOT_theorem "card-en": ‹NaturalCardinal(x) → ∀F(x[F] ≡ x = #F)›
2821proof(rule "→I"; rule GEN)
2822 AOT_have act_den: ‹❙⊢⇩□ [λz ❙𝒜[F]z]↓› for F by "cqt:2"
2823 fix F
2824 AOT_assume ‹NaturalCardinal(x)›
2825 AOT_hence ‹∃F x = #F›
2826 using card[THEN "≡⇩d⇩fE"] by blast
2827 then AOT_obtain P where x_def: ‹x = #P›
2828 using "∃E"[rotated] by blast
2829 AOT_hence num_x_act_P: ‹Numbers(x,[λz ❙𝒜[P]z])›
2830 using "eq-num:2"[THEN "≡E"(2)] by blast
2831 AOT_have ‹#P[F] ≡ [λz ❙𝒜[F]z] ≈⇩E [λz ❙𝒜[P]z]›
2832 using "eq-num:4"[THEN "&E"(2), THEN "∀E"(2)] by blast
2833 AOT_hence ‹x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E [λz ❙𝒜[P]z]›
2834 using x_def[symmetric] "rule=E" by fast
2835 also AOT_have ‹… ≡ Numbers(x, [λz ❙𝒜[F]z])›
2836 using "num-tran:1"[unvarify G H, OF act_den, OF act_den]
2837 using "num-tran:2"[unvarify G H, OF act_den, OF act_den]
2838 by (metis "&I" "deduction-theorem" "≡I" "≡E"(2) num_x_act_P)
2839 also AOT_have ‹… ≡ x = #F›
2840 using "eq-num:2" by blast
2841 finally AOT_show ‹x[F] ≡ x = #F›.
2842qed
2843
2844AOT_theorem "0F:1": ‹¬∃u [F]u ≡ Numbers(0, F)›
2845proof -
2846 AOT_have unotEu_act_ord: ‹¬∃v[λx O!x & ❙𝒜x ≠⇩E x]v›
2847 proof(rule "raa-cor:2")
2848 AOT_assume ‹∃v[λx O!x & ❙𝒜x ≠⇩E x]v›
2849 then AOT_obtain y where ‹[λx O!x & ❙𝒜x ≠⇩E x]y›
2850 using "∃E"[rotated] "&E" by blast
2851 AOT_hence 0: ‹O!y & ❙𝒜y ≠⇩E y›
2852 by (rule "β→C"(1))
2853 AOT_have ‹❙𝒜¬(y =⇩E y)›
2854 apply (AOT_subst ‹¬(y =⇩E y)› ‹y ≠⇩E y›)
2855 apply (meson "≡E"(2) "Commutativity of ≡" "thm-neg=E")
2856 by (fact 0[THEN "&E"(2)])
2857 AOT_hence ‹¬(y =⇩E y)›
2858 by (metis "¬¬I" "Act-Sub:1" "id-act2:1" "≡E"(4))
2859 moreover AOT_have ‹y =⇩E y›
2860 by (metis 0[THEN "&E"(1)] "ord=Eequiv:1" "→E")
2861 ultimately AOT_show ‹p & ¬p› for p
2862 by (metis "raa-cor:3")
2863 qed
2864 AOT_have ‹Numbers(0, [λy ❙𝒜[λx O!x & x ≠⇩E x]y])›
2865 apply (rule "=⇩d⇩fI"(2)[OF "zero:1"])
2866 apply (rule "num-def:2"[unvarify G]; "cqt:2")
2867 apply (rule "eq-num:3"[unvarify G])
2868 by "cqt:2[lambda]"
2869 AOT_hence numbers0: ‹Numbers(0, [λx [O!]x & ❙𝒜x ≠⇩E x])›
2870 proof (rule "num-tran:3"[unvarify x G H, THEN "→E", THEN "≡E"(1), rotated 4])
2871 AOT_show ‹[λy ❙𝒜[λx O!x & x ≠⇩E x]y] ≡⇩E [λx [O!]x & ❙𝒜x ≠⇩E x]›
2872 proof (safe intro!: eqE[THEN "≡⇩d⇩fI"] "&I" Ordinary.GEN "→I" "cqt:2")
2873 fix u
2874 AOT_have ‹[λy ❙𝒜[λx O!x & x ≠⇩E x]y]u ≡ ❙𝒜[λx O!x & x ≠⇩E x]u›
2875 by (rule "beta-C-meta"[THEN "→E"]; "cqt:2[lambda]")
2876 also AOT_have ‹… ≡ ❙𝒜(O!u & u ≠⇩E u)›
2877 apply (AOT_subst ‹[λx O!x & x ≠⇩E x]u› ‹O!u & u ≠⇩E u›)
2878 apply (rule "beta-C-meta"[THEN "→E"]; "cqt:2[lambda]")
2879 by (simp add: "oth-class-taut:3:a")
2880 also AOT_have ‹… ≡ (❙𝒜O!u & ❙𝒜u ≠⇩E u)›
2881 by (simp add: "Act-Basic:2")
2882 also AOT_have ‹… ≡ (O!u & ❙𝒜u ≠⇩E u)›
2883 by (metis Ordinary.ψ "&I" "&E"(2) "→I" "≡I" "≡E"(1) "oa-facts:7")
2884 also AOT_have ‹… ≡ [λx [O!]x & ❙𝒜x ≠⇩E x]u›
2885 by (rule "beta-C-meta"[THEN "→E", symmetric]; "cqt:2[lambda]")
2886 finally AOT_show ‹[λy ❙𝒜[λx O!x & x ≠⇩E x]y]u ≡ [λx [O!]x & ❙𝒜x ≠⇩E x]u›.
2887 qed
2888 qed(fact "zero:2" | "cqt:2")+
2889 show ?thesis
2890 proof(safe intro!: "≡I" "→I")
2891 AOT_assume ‹¬∃u [F]u›
2892 moreover AOT_have ‹¬∃v [λx [O!]x & ❙𝒜x ≠⇩E x]v›
2893 using unotEu_act_ord.
2894 ultimately AOT_have 0: ‹F ≈⇩E [λx [O!]x & ❙𝒜x ≠⇩E x]›
2895 by (rule "empty-approx:1"[unvarify H, THEN "→E", rotated, OF "&I"]) "cqt:2"
2896 AOT_thus ‹Numbers(0, F)›
2897 by (rule "num-tran:1"[unvarify x H, THEN "→E",
2898 THEN "≡E"(2), rotated, rotated])
2899 (fact "zero:2" numbers0 | "cqt:2[lambda]")+
2900 next
2901 AOT_assume ‹Numbers(0, F)›
2902 AOT_hence 1: ‹F ≈⇩E [λx [O!]x & ❙𝒜x ≠⇩E x]›
2903 by (rule "num-tran:2"[unvarify x H, THEN "→E", rotated 2, OF "&I"])
2904 (fact numbers0 "zero:2" | "cqt:2[lambda]")+
2905 AOT_show ‹¬∃u [F]u›
2906 proof(rule "raa-cor:2")
2907 AOT_have 0: ‹[λx [O!]x & ❙𝒜x ≠⇩E x]↓› by "cqt:2[lambda]"
2908 AOT_assume ‹∃u [F]u›
2909 AOT_hence ‹¬(F ≈⇩E [λx [O!]x & ❙𝒜x ≠⇩E x])›
2910 by (rule "empty-approx:2"[unvarify H, OF 0, THEN "→E", OF "&I"])
2911 (rule unotEu_act_ord)
2912 AOT_thus ‹F ≈⇩E [λx [O!]x & ❙𝒜x ≠⇩E x] & ¬(F ≈⇩E [λx [O!]x & ❙𝒜x ≠⇩E x])›
2913 using 1 "&I" by blast
2914 qed
2915 qed
2916qed
2917
2918AOT_theorem "0F:2": ‹¬∃u ❙𝒜[F]u ≡ #F = 0›
2919proof(rule "≡I"; rule "→I")
2920 AOT_assume 0: ‹¬∃u ❙𝒜[F]u›
2921 AOT_have ‹¬∃u [λz ❙𝒜[F]z]u›
2922 proof(rule "raa-cor:2")
2923 AOT_assume ‹∃u [λz ❙𝒜[F]z]u›
2924 then AOT_obtain u where ‹[λz ❙𝒜[F]z]u›
2925 using "Ordinary.∃E"[rotated] by blast
2926 AOT_hence ‹❙𝒜[F]u›
2927 by (metis "betaC:1:a")
2928 AOT_hence ‹∃u ❙𝒜[F]u›
2929 by (rule "Ordinary.∃I")
2930 AOT_thus ‹∃u ❙𝒜[F]u & ¬∃u ❙𝒜[F]u›
2931 using 0 "&I" by blast
2932 qed
2933 AOT_hence ‹Numbers(0,[λz ❙𝒜[F]z])›
2934 by (safe intro!: "0F:1"[unvarify F, THEN "≡E"(1)]) "cqt:2"
2935 AOT_hence ‹0 = #F›
2936 by (rule "eq-num:2"[unvarify x, OF "zero:2", THEN "≡E"(1)])
2937 AOT_thus ‹#F = 0› using id_sym by blast
2938next
2939 AOT_assume ‹#F = 0›
2940 AOT_hence ‹0 = #F› using id_sym by blast
2941 AOT_hence ‹Numbers(0,[λz ❙𝒜[F]z])›
2942 by (rule "eq-num:2"[unvarify x, OF "zero:2", THEN "≡E"(2)])
2943 AOT_hence 0: ‹¬∃u [λz ❙𝒜[F]z]u›
2944 by (safe intro!: "0F:1"[unvarify F, THEN "≡E"(2)]) "cqt:2"
2945 AOT_show ‹¬∃u ❙𝒜[F]u›
2946 proof(rule "raa-cor:2")
2947 AOT_assume ‹∃u ❙𝒜[F]u›
2948 then AOT_obtain u where ‹❙𝒜[F]u›
2949 using "Ordinary.∃E"[rotated] by meson
2950 AOT_hence ‹[λz ❙𝒜[F]z]u›
2951 by (auto intro!: "β←C" "cqt:2")
2952 AOT_hence ‹∃u [λz ❙𝒜[F]z]u›
2953 using "Ordinary.∃I" by blast
2954 AOT_thus ‹∃u [λz ❙𝒜[F]z]u & ¬∃u [λz ❙𝒜[F]z]u›
2955 using "&I" 0 by blast
2956 qed
2957qed
2958
2959AOT_theorem "0F:3": ‹□¬∃u [F]u → #F = 0›
2960proof(rule "→I")
2961 AOT_assume ‹□¬∃u [F]u›
2962 AOT_hence 0: ‹¬◇∃u [F]u›
2963 using "KBasic2:1" "≡E"(1) by blast
2964 AOT_have ‹¬∃u [λz ❙𝒜[F]z]u›
2965 proof(rule "raa-cor:2")
2966 AOT_assume ‹∃u [λz ❙𝒜[F]z]u›
2967 then AOT_obtain u where ‹[λz ❙𝒜[F]z]u›
2968 using "Ordinary.∃E"[rotated] by blast
2969 AOT_hence ‹❙𝒜[F]u›
2970 by (metis "betaC:1:a")
2971 AOT_hence ‹◇[F]u›
2972 by (metis "Act-Sub:3" "→E")
2973 AOT_hence ‹∃u ◇[F]u›
2974 by (rule "Ordinary.∃I")
2975 AOT_hence ‹◇∃u [F]u›
2976 using "Ordinary.res-var-bound-reas[CBF◇]"[THEN "→E"] by blast
2977 AOT_thus ‹◇∃u [F]u & ¬◇∃u [F]u›
2978 using 0 "&I" by blast
2979 qed
2980 AOT_hence ‹Numbers(0,[λz ❙𝒜[F]z])›
2981 by (safe intro!: "0F:1"[unvarify F, THEN "≡E"(1)]) "cqt:2"
2982 AOT_hence ‹0 = #F›
2983 by (rule "eq-num:2"[unvarify x, OF "zero:2", THEN "≡E"(1)])
2984 AOT_thus ‹#F = 0› using id_sym by blast
2985qed
2986
2987AOT_theorem "0F:4": ‹w ⊨ ¬∃u [F]u ≡ #[F]⇩w = 0›
2988proof (rule "rule-id-df:2:b"[OF "w-index", where τ⇩1τ⇩n="(_,_)", simplified])
2989 AOT_show ‹[λx⇩1...x⇩n w ⊨ [F]x⇩1...x⇩n]↓›
2990 by (simp add: "w-rel:3")
2991next
2992 AOT_show ‹w ⊨ ¬∃u [F]u ≡ #[λx w ⊨ [F]x] = 0›
2993 proof (rule "≡I"; rule "→I")
2994 AOT_assume ‹w ⊨ ¬∃u [F]u›
2995 AOT_hence 0: ‹¬w ⊨ ∃u [F]u›
2996 using "coherent:1"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(1)] by blast
2997 AOT_have ‹¬∃u ❙𝒜[λx w ⊨ [F]x]u›
2998 proof(rule "raa-cor:2")
2999 AOT_assume ‹∃u ❙𝒜[λx w ⊨ [F]x]u›
3000 then AOT_obtain u where ‹❙𝒜[λx w ⊨ [F]x]u›
3001 using "Ordinary.∃E"[rotated] by meson
3002 AOT_hence ‹❙𝒜w ⊨ [F]u›
3003 by (AOT_subst (reverse) ‹w ⊨ [F]u› ‹[λx w ⊨ [F]x]u›;
3004 safe intro!: "beta-C-meta"[THEN "→E"] "w-rel:1"[THEN "→E"])
3005 "cqt:2"
3006 AOT_hence 1: ‹w ⊨ [F]u›
3007 using "rigid-truth-at:4"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(1)]
3008 by blast
3009 AOT_have ‹□([F]u → ∃u [F]u)›
3010 using "Ordinary.∃I" "→I" RN by simp
3011 AOT_hence ‹w ⊨ ([F]u → ∃u [F]u)›
3012 using "fund:2"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(1)]
3013 "PossibleWorld.∀E" by fast
3014 AOT_hence ‹w ⊨ ∃u [F]u›
3015 using 1 "conj-dist-w:2"[unvarify p q, OF "log-prop-prop:2",
3016 OF "log-prop-prop:2", THEN "≡E"(1),
3017 THEN "→E"] by blast
3018 AOT_thus ‹w ⊨ ∃u [F]u & ¬w ⊨ ∃u [F]u›
3019 using 0 "&I" by blast
3020 qed
3021 AOT_thus ‹#[λx w ⊨ [F]x] = 0›
3022 by (safe intro!: "0F:2"[unvarify F, THEN "≡E"(1)] "w-rel:1"[THEN "→E"])
3023 "cqt:2"
3024 next
3025 AOT_assume ‹#[λx w ⊨ [F]x] = 0›
3026 AOT_hence 0: ‹¬∃u ❙𝒜[λx w ⊨ [F]x]u›
3027 by (safe intro!: "0F:2"[unvarify F, THEN "≡E"(2)] "w-rel:1"[THEN "→E"])
3028 "cqt:2"
3029 AOT_have ‹¬w ⊨ ∃u [F]u›
3030 proof (rule "raa-cor:2")
3031 AOT_assume ‹w ⊨ ∃u [F]u›
3032 AOT_hence ‹∃x w ⊨ (O!x & [F]x)›
3033 using "conj-dist-w:6"[THEN "≡E"(1)] by fast
3034 then AOT_obtain x where ‹w ⊨ (O!x & [F]x)›
3035 using "∃E"[rotated] by blast
3036 AOT_hence ‹w ⊨ O!x› and Fx_in_w: ‹w ⊨ [F]x›
3037 using "conj-dist-w:1"[unvarify p q] "≡E"(1) "log-prop-prop:2"
3038 "&E" by blast+
3039 AOT_hence ‹◇O!x›
3040 using "fund:1"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)]
3041 "PossibleWorld.∃I" by simp
3042 AOT_hence ord_x: ‹O!x›
3043 using "oa-facts:3"[THEN "→E"] by blast
3044 AOT_have ‹❙𝒜w ⊨ [F]x›
3045 using "rigid-truth-at:4"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)]
3046 Fx_in_w by blast
3047 AOT_hence ‹❙𝒜[λx w ⊨ [F]x]x›
3048 by (AOT_subst ‹[λx w ⊨ [F]x]x› ‹w ⊨ [F]x›;
3049 safe intro!: "beta-C-meta"[THEN "→E"] "w-rel:1"[THEN "→E"]) "cqt:2"
3050 AOT_hence ‹O!x & ❙𝒜[λx w ⊨ [F]x]x›
3051 using ord_x "&I" by blast
3052 AOT_hence ‹∃x (O!x & ❙𝒜[λx w ⊨ [F]x]x)›
3053 using "∃I" by fast
3054 AOT_thus ‹∃u (❙𝒜[λx w ⊨ [F]x]u) & ¬∃u ❙𝒜[λx w ⊨ [F]x]u›
3055 using 0 "&I" by blast
3056 qed
3057 AOT_thus ‹w ⊨ ¬∃u[F]u›
3058 using "coherent:1"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)] by blast
3059 qed
3060qed
3061
3062AOT_act_theorem "zero=:1":
3063 ‹NaturalCardinal(x) → ∀F (x[F] ≡ Numbers(x, F))›
3064proof(safe intro!: "→I" GEN)
3065 fix F
3066 AOT_assume ‹NaturalCardinal(x)›
3067 AOT_hence ‹∀F (x[F] ≡ x = #F)›
3068 by (metis "card-en" "→E")
3069 AOT_hence 1: ‹x[F] ≡ x = #F›
3070 using "∀E"(2) by blast
3071 AOT_have 2: ‹x[F] ≡ x = ❙ιy(Numbers(y, F))›
3072 by (rule "num-def:1"[THEN "=⇩d⇩fE"(1)])
3073 (auto simp: 1 "num-uniq")
3074 AOT_have ‹x = ❙ιy(Numbers(y, F)) → Numbers(x, F)›
3075 using "y-in:1" by blast
3076 moreover AOT_have ‹Numbers(x, F) → x = ❙ιy(Numbers(y, F))›
3077 proof(rule "→I")
3078 AOT_assume 1: ‹Numbers(x, F)›
3079 moreover AOT_obtain z where z_prop: ‹∀y (Numbers(y, F) → y = z)›
3080 using "num:2"[THEN "uniqueness:1"[THEN "≡⇩d⇩fE"]] "∃E"[rotated] "&E" by blast
3081 ultimately AOT_have ‹x = z›
3082 using "∀E"(2) "→E" by blast
3083 AOT_hence ‹∀y (Numbers(y, F) → y = x)›
3084 using z_prop "rule=E" id_sym by fast
3085 AOT_thus ‹x = ❙ιy(Numbers(y,F))›
3086 by (rule hintikka[THEN "≡E"(2), OF "&I", rotated])
3087 (fact 1)
3088 qed
3089 ultimately AOT_have ‹x = ❙ιy(Numbers(y, F)) ≡ Numbers(x, F)›
3090 by (metis "≡I")
3091 AOT_thus ‹x[F] ≡ Numbers(x, F)›
3092 using 2 by (metis "≡E"(5))
3093qed
3094
3095AOT_act_theorem "zero=:2": ‹0[F] ≡ ¬∃u[F]u›
3096proof -
3097 AOT_have ‹0[F] ≡ Numbers(0, F)›
3098 using "zero=:1"[unvarify x, OF "zero:2", THEN "→E",
3099 OF "zero-card", THEN "∀E"(2)].
3100 also AOT_have ‹… ≡ ¬∃u[F]u›
3101 using "0F:1"[symmetric].
3102 finally show ?thesis.
3103qed
3104
3105AOT_act_theorem "zero=:3": ‹¬∃u[F]u ≡ #F = 0›
3106proof -
3107 AOT_have ‹¬∃u[F]u ≡ 0[F]› using "zero=:2"[symmetric].
3108 also AOT_have ‹… ≡ 0 = #F›
3109 using "card-en"[unvarify x, OF "zero:2", THEN "→E",
3110 OF "zero-card", THEN "∀E"(2)].
3111 also AOT_have ‹… ≡ #F = 0›
3112 by (simp add: "deduction-theorem" id_sym "≡I")
3113 finally show ?thesis.
3114qed
3115
3116AOT_define Hereditary :: ‹τ ⇒ τ ⇒ φ› (‹Hereditary'(_,_')›)
3117 "hered:1":
3118 ‹Hereditary(F, R) ≡⇩d⇩f R↓ & F↓ & ∀x∀y([R]xy → ([F]x → [F]y))›
3119
3120AOT_theorem "hered:2":
3121 ‹[λxy ∀F((∀z([R]xz → [F]z) & Hereditary(F,R)) → [F]y)]↓›
3122 by "cqt:2[lambda]"
3123
3124AOT_define StrongAncestral :: ‹τ ⇒ Π› (‹_⇧*›)
3125 "ances-df":
3126 ‹R⇧* =⇩d⇩f [λxy ∀F((∀z([R]xz → [F]z) & Hereditary(F,R)) → [F]y)]›
3127
3128AOT_theorem "ances":
3129 ‹[R⇧*]xy ≡ ∀F((∀z([R]xz → [F]z) & Hereditary(F,R)) → [F]y)›
3130 apply (rule "=⇩d⇩fI"(1)[OF "ances-df"])
3131 apply "cqt:2[lambda]"
3132 apply (rule "beta-C-meta"[THEN "→E", OF "hered:2", unvarify ν⇩1ν⇩n,
3133 where τ=‹(_,_)›, simplified])
3134 by (simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
3135
3136AOT_theorem "anc-her:1":
3137 ‹[R]xy → [R⇧*]xy›
3138proof (safe intro!: "→I" ances[THEN "≡E"(2)] GEN)
3139 fix F
3140 AOT_assume ‹∀z ([R]xz → [F]z) & Hereditary(F, R)›
3141 AOT_hence ‹[R]xy → [F]y›
3142 using "∀E"(2) "&E" by blast
3143 moreover AOT_assume ‹[R]xy›
3144 ultimately AOT_show ‹[F]y›
3145 using "→E" by blast
3146qed
3147
3148AOT_theorem "anc-her:2":
3149 ‹([R⇧*]xy & ∀z([R]xz → [F]z) & Hereditary(F,R)) → [F]y›
3150proof(rule "→I"; (frule "&E"(1); drule "&E"(2))+)
3151 AOT_assume ‹[R⇧*]xy›
3152 AOT_hence ‹(∀z([R]xz → [F]z) & Hereditary(F,R)) → [F]y›
3153 using ances[THEN "≡E"(1)] "∀E"(2) by blast
3154 moreover AOT_assume ‹∀z([R]xz → [F]z)›
3155 moreover AOT_assume ‹Hereditary(F,R)›
3156 ultimately AOT_show ‹[F]y›
3157 using "→E" "&I" by blast
3158qed
3159
3160AOT_theorem "anc-her:3":
3161 ‹([F]x & [R⇧*]xy & Hereditary(F, R)) → [F]y›
3162proof(rule "→I"; (frule "&E"(1); drule "&E"(2))+)
3163 AOT_assume 1: ‹[F]x›
3164 AOT_assume 2: ‹Hereditary(F, R)›
3165 AOT_hence 3: ‹∀x ∀y ([R]xy → ([F]x → [F]y))›
3166 using "hered:1"[THEN "≡⇩d⇩fE"] "&E" by blast
3167 AOT_have ‹∀z ([R]xz → [F]z)›
3168 proof (rule GEN; rule "→I")
3169 fix z
3170 AOT_assume ‹[R]xz›
3171 moreover AOT_have ‹[R]xz → ([F]x → [F]z)›
3172 using 3 "∀E"(2) by blast
3173 ultimately AOT_show ‹[F]z›
3174 using 1 "→E" by blast
3175 qed
3176 moreover AOT_assume ‹[R⇧*]xy›
3177 ultimately AOT_show ‹[F]y›
3178 by (auto intro!: 2 "anc-her:2"[THEN "→E"] "&I")
3179qed
3180
3181AOT_theorem "anc-her:4": ‹([R]xy & [R⇧*]yz) → [R⇧*]xz›
3182proof(rule "→I"; frule "&E"(1); drule "&E"(2))
3183 AOT_assume 0: ‹[R⇧*]yz› and 1: ‹[R]xy›
3184 AOT_show ‹[R⇧*]xz›
3185 proof(safe intro!: ances[THEN "≡E"(2)] GEN "&I" "→I";
3186 frule "&E"(1); drule "&E"(2))
3187 fix F
3188 AOT_assume ‹∀z ([R]xz → [F]z)›
3189 AOT_hence 1: ‹[F]y›
3190 using 1 "∀E"(2) "→E" by blast
3191 AOT_assume 2: ‹Hereditary(F,R)›
3192 AOT_show ‹[F]z›
3193 by (rule "anc-her:3"[THEN "→E"]; auto intro!: "&I" 1 2 0)
3194 qed
3195qed
3196
3197AOT_theorem "anc-her:5": ‹[R⇧*]xy → ∃z [R]zy›
3198proof (rule "→I")
3199 AOT_have 0: ‹[λy ∃x [R]xy]↓› by "cqt:2"
3200 AOT_assume 1: ‹[R⇧*]xy›
3201 AOT_have ‹[λy∃x [R]xy]y›
3202 proof(rule "anc-her:2"[unvarify F, OF 0, THEN "→E"];
3203 safe intro!: "&I" GEN "→I" "hered:1"[THEN "≡⇩d⇩fI"] "cqt:2" 0)
3204 AOT_show ‹[R⇧*]xy› using 1.
3205 next
3206 fix z
3207 AOT_assume ‹[R]xz›
3208 AOT_hence ‹∃x [R]xz› by (rule "∃I")
3209 AOT_thus ‹[λy∃x [R]xy]z›
3210 by (auto intro!: "β←C"(1) "cqt:2")
3211 next
3212 fix x y
3213 AOT_assume ‹[R]xy›
3214 AOT_hence ‹∃x [R]xy› by (rule "∃I")
3215 AOT_thus ‹[λy ∃x [R]xy]y›
3216 by (auto intro!: "β←C"(1) "cqt:2")
3217 qed
3218 AOT_thus ‹∃z [R]zy›
3219 by (rule "β→C"(1))
3220qed
3221
3222AOT_theorem "anc-her:6": ‹([R⇧*]xy & [R⇧*]yz) → [R⇧*]xz›
3223proof (rule "→I"; frule "&E"(1); drule "&E"(2))
3224 AOT_assume ‹[R⇧*]xy›
3225 AOT_hence θ: ‹∀z ([R]xz → [F]z) & Hereditary(F,R) → [F]y› for F
3226 using "∀E"(2) ances[THEN "≡E"(1)] by blast
3227 AOT_assume ‹[R⇧*]yz›
3228 AOT_hence ξ: ‹∀z ([R]yz → [F]z) & Hereditary(F,R) → [F]z› for F
3229 using "∀E"(2) ances[THEN "≡E"(1)] by blast
3230 AOT_show ‹[R⇧*]xz›
3231 proof (rule ances[THEN "≡E"(2)]; safe intro!: GEN "→I")
3232 fix F
3233 AOT_assume ζ: ‹∀z ([R]xz → [F]z) & Hereditary(F,R)›
3234 AOT_show ‹[F]z›
3235 proof (rule ξ[THEN "→E", OF "&I"])
3236 AOT_show ‹Hereditary(F,R)›
3237 using ζ[THEN "&E"(2)].
3238 next
3239 AOT_show ‹∀z ([R]yz → [F]z)›
3240 proof(rule GEN; rule "→I")
3241 fix z
3242 AOT_assume ‹[R]yz›
3243 moreover AOT_have ‹[F]y›
3244 using θ[THEN "→E", OF ζ].
3245 ultimately AOT_show ‹[F]z›
3246 using ζ[THEN "&E"(2), THEN "hered:1"[THEN "≡⇩d⇩fE"],
3247 THEN "&E"(2), THEN "∀E"(2), THEN "∀E"(2),
3248 THEN "→E", THEN "→E"]
3249 by blast
3250 qed
3251 qed
3252 qed
3253qed
3254
3255AOT_define OneToOne :: ‹τ ⇒ φ› (‹1-1'(_')›)
3256 "df-1-1:1": ‹1-1(R) ≡⇩d⇩f R↓ & ∀x∀y∀z([R]xz & [R]yz → x = y)›
3257
3258AOT_define RigidOneToOne :: ‹τ ⇒ φ› (‹Rigid⇩1⇩-⇩1'(_')›)
3259 "df-1-1:2": ‹Rigid⇩1⇩-⇩1(R) ≡⇩d⇩f 1-1(R) & Rigid(R)›
3260
3261AOT_theorem "df-1-1:3": ‹Rigid⇩1⇩-⇩1(R) → □1-1(R)›
3262proof(rule "→I")
3263 AOT_assume ‹Rigid⇩1⇩-⇩1(R)›
3264 AOT_hence ‹1-1(R)› and RigidR: ‹Rigid(R)›
3265 using "df-1-1:2"[THEN "≡⇩d⇩fE"] "&E" by blast+
3266 AOT_hence 1: ‹[R]xz & [R]yz → x = y› for x y z
3267 using "df-1-1:1"[THEN "≡⇩d⇩fE"] "&E"(2) "∀E"(2) by blast
3268 AOT_have 1: ‹[R]xz & [R]yz → □x = y› for x y z
3269 by (AOT_subst (reverse) ‹□x = y› ‹x = y›)
3270 (auto simp: 1 "id-nec:2" "≡I" "qml:2"[axiom_inst])
3271 AOT_have ‹□∀x⇩1...∀x⇩n ([R]x⇩1...x⇩n → □[R]x⇩1...x⇩n)›
3272 using "df-rigid-rel:1"[THEN "≡⇩d⇩fE", OF RigidR] "&E" by blast
3273 AOT_hence ‹∀x⇩1...∀x⇩n □([R]x⇩1...x⇩n → □[R]x⇩1...x⇩n)›
3274 using "CBF"[THEN "→E"] by fast
3275 AOT_hence ‹∀x⇩1∀x⇩2 □([R]x⇩1x⇩2 → □[R]x⇩1x⇩2)›
3276 using tuple_forall[THEN "≡⇩d⇩fE"] by blast
3277 AOT_hence ‹□([R]xy → □[R]xy)› for x y
3278 using "∀E"(2) by blast
3279 AOT_hence ‹□(([R]xz → □[R]xz) & ([R]yz → □[R]yz))› for x y z
3280 by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
3281 moreover AOT_have ‹□(([R]xz → □[R]xz) & ([R]yz → □[R]yz)) →
3282 □(([R]xz & [R]yz) → □([R]xz & [R]yz))› for x y z
3283 by (rule RM) (metis "→I" "KBasic:3" "&I" "&E"(1) "&E"(2) "≡E"(2) "→E")
3284 ultimately AOT_have 2: ‹□(([R]xz & [R]yz) → □([R]xz & [R]yz))› for x y z
3285 using "→E" by blast
3286 AOT_hence 3: ‹□([R]xz & [R]yz → x = y)› for x y z
3287 using "sc-eq-box-box:6"[THEN "→E", THEN "→E", OF 2, OF 1] by blast
3288 AOT_hence 4: ‹□∀x∀y∀z([R]xz & [R]yz → x = y)›
3289 by (safe intro!: GEN BF[THEN "→E"] 3)
3290 AOT_thus ‹□1-1(R)›
3291 by (AOT_subst_thm "df-1-1:1"[THEN "≡Df", THEN "≡S"(1),
3292 OF "cqt:2[const_var]"[axiom_inst]])
3293qed
3294
3295AOT_theorem "df-1-1:4": ‹∀R(Rigid⇩1⇩-⇩1(R) → □Rigid⇩1⇩-⇩1(R))›
3296proof(rule GEN;rule "→I")
3297AOT_modally_strict {
3298 fix R
3299 AOT_assume 0: ‹Rigid⇩1⇩-⇩1(R)›
3300 AOT_hence 1: ‹R↓›
3301 by (meson "≡⇩d⇩fE" "&E"(1) "df-1-1:1" "df-1-1:2")
3302 AOT_hence 2: ‹□R↓›
3303 using "exist-nec" "→E" by blast
3304 AOT_have 4: ‹□1-1(R)›
3305 using "df-1-1:3"[unvarify R, OF 1, THEN "→E", OF 0].
3306 AOT_have ‹Rigid(R)›
3307 using 0 "≡⇩d⇩fE"[OF "df-1-1:2"] "&E" by blast
3308 AOT_hence ‹□∀x⇩1...∀x⇩n ([R]x⇩1...x⇩n → □[R]x⇩1...x⇩n)›
3309 using "df-rigid-rel:1"[THEN "≡⇩d⇩fE"] "&E" by blast
3310 AOT_hence ‹□□∀x⇩1...∀x⇩n ([R]x⇩1...x⇩n → □[R]x⇩1...x⇩n)›
3311 by (metis "S5Basic:6" "≡E"(1))
3312 AOT_hence ‹□Rigid(R)›
3313 apply (AOT_subst_def "df-rigid-rel:1")
3314 using 2 "KBasic:3" "≡S"(2) "≡E"(2) by blast
3315 AOT_thus ‹□Rigid⇩1⇩-⇩1(R)›
3316 apply (AOT_subst_def "df-1-1:2")
3317 using 4 "KBasic:3" "≡S"(2) "≡E"(2) by blast
3318}
3319qed
3320
3321AOT_define InDomainOf :: ‹τ ⇒ τ ⇒ φ› (‹InDomainOf'(_,_')›)
3322 "df-1-1:5": ‹InDomainOf(x, R) ≡⇩d⇩f ∃y [R]xy›
3323
3324AOT_register_rigid_restricted_type
3325 RigidOneToOneRelation: ‹Rigid⇩1⇩-⇩1(Π)›
3326proof
3327 AOT_modally_strict {
3328 AOT_show ‹∃α Rigid⇩1⇩-⇩1(α)›
3329 proof (rule "∃I"(1)[where τ=‹«(=⇩E)»›])
3330 AOT_show ‹Rigid⇩1⇩-⇩1((=⇩E))›
3331 proof (safe intro!: "df-1-1:2"[THEN "≡⇩d⇩fI"] "&I" "df-1-1:1"[THEN "≡⇩d⇩fI"]
3332 GEN "→I" "df-rigid-rel:1"[THEN "≡⇩d⇩fI"] "=E[denotes]")
3333 fix x y z
3334 AOT_assume ‹x =⇩E z & y =⇩E z›
3335 AOT_thus ‹x = y›
3336 by (metis "rule=E" "&E"(1) "Conjunction Simplification"(2)
3337 "=E-simple:2" id_sym "→E")
3338 next
3339 AOT_have ‹∀x∀y □(x =⇩E y → □x =⇩E y)›
3340 proof(rule GEN; rule GEN)
3341 AOT_show ‹□(x =⇩E y → □x =⇩E y)› for x y
3342 by (meson RN "deduction-theorem" "id-nec3:1" "≡E"(1))
3343 qed
3344 AOT_hence ‹∀x⇩1...∀x⇩n □([(=⇩E)]x⇩1...x⇩n → □[(=⇩E)]x⇩1...x⇩n)›
3345 by (rule tuple_forall[THEN "≡⇩d⇩fI"])
3346 AOT_thus ‹□∀x⇩1...∀x⇩n ([(=⇩E)]x⇩1...x⇩n → □[(=⇩E)]x⇩1...x⇩n)›
3347 using BF[THEN "→E"] by fast
3348 qed
3349 qed(fact "=E[denotes]")
3350 }
3351next
3352 AOT_modally_strict {
3353 AOT_show ‹Rigid⇩1⇩-⇩1(Π) → Π↓› for Π
3354 proof(rule "→I")
3355 AOT_assume ‹Rigid⇩1⇩-⇩1(Π)›
3356 AOT_hence ‹1-1(Π)›
3357 using "df-1-1:2"[THEN "≡⇩d⇩fE"] "&E" by blast
3358 AOT_thus ‹Π↓›
3359 using "df-1-1:1"[THEN "≡⇩d⇩fE"] "&E" by blast
3360 qed
3361 }
3362next
3363 AOT_modally_strict {
3364 AOT_show ‹∀F(Rigid⇩1⇩-⇩1(F) → □Rigid⇩1⇩-⇩1(F))›
3365 by (safe intro!: GEN "df-1-1:4"[THEN "∀E"(2)])
3366 }
3367qed
3368AOT_register_variable_names
3369 RigidOneToOneRelation: ℛ 𝒮
3370
3371AOT_define IdentityRestrictedToDomain :: ‹τ ⇒ Π› (‹'(=⇩_')›)
3372 "id-d-R": ‹(=⇩ℛ) =⇩d⇩f [λxy ∃z ([ℛ]xz & [ℛ]yz)]›
3373
3374syntax "_AOT_id_d_R_infix" :: ‹τ ⇒ τ ⇒ τ ⇒ φ› ("(_ =⇩_/ _)" [50, 51, 51] 50)
3375translations
3376 "_AOT_id_d_R_infix κ Π κ'" ==
3377 "CONST AOT_exe (CONST IdentityRestrictedToDomain Π) (κ,κ')"
3378
3379AOT_theorem "id-R-thm:1": ‹x =⇩ℛ y ≡ ∃z ([ℛ]xz & [ℛ]yz)›
3380proof -
3381 AOT_have 0: ‹[λxy ∃z ([ℛ]xz & [ℛ]yz)]↓› by "cqt:2"
3382 show ?thesis
3383 apply (rule "=⇩d⇩fI"(1)[OF "id-d-R"])
3384 apply (fact 0)
3385 apply (rule "beta-C-meta"[THEN "→E", OF 0, unvarify ν⇩1ν⇩n,
3386 where τ=‹(_,_)›, simplified])
3387 by (simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
3388qed
3389
3390AOT_theorem "id-R-thm:2":
3391 ‹x =⇩ℛ y → (InDomainOf(x, ℛ) & InDomainOf(y, ℛ))›
3392proof(rule "→I")
3393 AOT_assume ‹x =⇩ℛ y›
3394 AOT_hence ‹∃z ([ℛ]xz & [ℛ]yz)›
3395 using "id-R-thm:1"[THEN "≡E"(1)] by simp
3396 then AOT_obtain z where z_prop: ‹[ℛ]xz & [ℛ]yz›
3397 using "∃E"[rotated] by blast
3398 AOT_show ‹InDomainOf(x, ℛ) & InDomainOf(y, ℛ)›
3399 proof (safe intro!: "&I" "df-1-1:5"[THEN "≡⇩d⇩fI"])
3400 AOT_show ‹∃y [ℛ]xy›
3401 using z_prop[THEN "&E"(1)] "∃I" by fast
3402 next
3403 AOT_show ‹∃z [ℛ]yz›
3404 using z_prop[THEN "&E"(2)] "∃I" by fast
3405 qed
3406qed
3407
3408AOT_theorem "id-R-thm:3": ‹x =⇩ℛ y → x = y›
3409proof(rule "→I")
3410 AOT_assume ‹x =⇩ℛ y›
3411 AOT_hence ‹∃z ([ℛ]xz & [ℛ]yz)›
3412 using "id-R-thm:1"[THEN "≡E"(1)] by simp
3413 then AOT_obtain z where z_prop: ‹[ℛ]xz & [ℛ]yz›
3414 using "∃E"[rotated] by blast
3415 AOT_thus ‹x = y›
3416 using "df-1-1:3"[THEN "→E", OF RigidOneToOneRelation.ψ,
3417 THEN "qml:2"[axiom_inst, THEN "→E"],
3418 THEN "≡⇩d⇩fE"[OF "df-1-1:1"], THEN "&E"(2),
3419 THEN "∀E"(2), THEN "∀E"(2),
3420 THEN "∀E"(2), THEN "→E"]
3421 by blast
3422qed
3423
3424AOT_theorem "id-R-thm:4":
3425 ‹(InDomainOf(x, ℛ) ∨ InDomainOf(y, ℛ)) → (x =⇩ℛ y ≡ x = y)›
3426proof (rule "→I")
3427 AOT_assume ‹InDomainOf(x, ℛ) ∨ InDomainOf(y, ℛ)›
3428 moreover {
3429 AOT_assume ‹InDomainOf(x, ℛ)›
3430 AOT_hence ‹∃z [ℛ]xz›
3431 by (metis "≡⇩d⇩fE" "df-1-1:5")
3432 then AOT_obtain z where z_prop: ‹[ℛ]xz›
3433 using "∃E"[rotated] by blast
3434 AOT_have ‹x =⇩ℛ y ≡ x = y›
3435 proof(safe intro!: "≡I" "→I" "id-R-thm:3"[THEN "→E"])
3436 AOT_assume ‹x = y›
3437 AOT_hence ‹[ℛ]yz›
3438 using z_prop "rule=E" by fast
3439 AOT_hence ‹[ℛ]xz & [ℛ]yz›
3440 using z_prop "&I" by blast
3441 AOT_hence ‹∃z ([ℛ]xz & [ℛ]yz)›
3442 by (rule "∃I")
3443 AOT_thus ‹x =⇩ℛ y›
3444 using "id-R-thm:1" "≡E"(2) by blast
3445 qed
3446 }
3447 moreover {
3448 AOT_assume ‹InDomainOf(y, ℛ)›
3449 AOT_hence ‹∃z [ℛ]yz›
3450 by (metis "≡⇩d⇩fE" "df-1-1:5")
3451 then AOT_obtain z where z_prop: ‹[ℛ]yz›
3452 using "∃E"[rotated] by blast
3453 AOT_have ‹x =⇩ℛ y ≡ x = y›
3454 proof(safe intro!: "≡I" "→I" "id-R-thm:3"[THEN "→E"])
3455 AOT_assume ‹x = y›
3456 AOT_hence ‹[ℛ]xz›
3457 using z_prop "rule=E" id_sym by fast
3458 AOT_hence ‹[ℛ]xz & [ℛ]yz›
3459 using z_prop "&I" by blast
3460 AOT_hence ‹∃z ([ℛ]xz & [ℛ]yz)›
3461 by (rule "∃I")
3462 AOT_thus ‹x =⇩ℛ y›
3463 using "id-R-thm:1" "≡E"(2) by blast
3464 qed
3465 }
3466 ultimately AOT_show ‹x =⇩ℛ y ≡ x = y›
3467 by (metis "∨E"(2) "raa-cor:1")
3468qed
3469
3470AOT_theorem "id-R-thm:5": ‹InDomainOf(x, ℛ) → x =⇩ℛ x›
3471proof (rule "→I")
3472 AOT_assume ‹InDomainOf(x, ℛ)›
3473 AOT_hence ‹∃z [ℛ]xz›
3474 by (metis "≡⇩d⇩fE" "df-1-1:5")
3475 then AOT_obtain z where z_prop: ‹[ℛ]xz›
3476 using "∃E"[rotated] by blast
3477 AOT_hence ‹[ℛ]xz & [ℛ]xz›
3478 using "&I" by blast
3479 AOT_hence ‹∃z ([ℛ]xz & [ℛ]xz)›
3480 using "∃I" by fast
3481 AOT_thus ‹x =⇩ℛ x›
3482 using "id-R-thm:1" "≡E"(2) by blast
3483qed
3484
3485AOT_theorem "id-R-thm:6": ‹x =⇩ℛ y → y =⇩ℛ x›
3486proof(rule "→I")
3487 AOT_assume 0: ‹x =⇩ℛ y›
3488 AOT_hence 1: ‹InDomainOf(x,ℛ) & InDomainOf(y,ℛ)›
3489 using "id-R-thm:2"[THEN "→E"] by blast
3490 AOT_hence ‹x =⇩ℛ y ≡ x = y›
3491 using "id-R-thm:4"[THEN "→E", OF "∨I"(1)] "&E" by blast
3492 AOT_hence ‹x = y›
3493 using 0 by (metis "≡E"(1))
3494 AOT_hence ‹y = x›
3495 using id_sym by blast
3496 moreover AOT_have ‹y =⇩ℛ x ≡ y = x›
3497 using "id-R-thm:4"[THEN "→E", OF "∨I"(2)] 1 "&E" by blast
3498 ultimately AOT_show ‹y =⇩ℛ x›
3499 by (metis "≡E"(2))
3500qed
3501
3502AOT_theorem "id-R-thm:7": ‹x =⇩ℛ y & y =⇩ℛ z → x =⇩ℛ z›
3503proof (rule "→I"; frule "&E"(1); drule "&E"(2))
3504 AOT_assume 0: ‹x =⇩ℛ y›
3505 AOT_hence 1: ‹InDomainOf(x,ℛ) & InDomainOf(y,ℛ)›
3506 using "id-R-thm:2"[THEN "→E"] by blast
3507 AOT_hence ‹x =⇩ℛ y ≡ x = y›
3508 using "id-R-thm:4"[THEN "→E", OF "∨I"(1)] "&E" by blast
3509 AOT_hence x_eq_y: ‹x = y›
3510 using 0 by (metis "≡E"(1))
3511 AOT_assume 2: ‹y =⇩ℛ z›
3512 AOT_hence 3: ‹InDomainOf(y,ℛ) & InDomainOf(z,ℛ)›
3513 using "id-R-thm:2"[THEN "→E"] by blast
3514 AOT_hence ‹y =⇩ℛ z ≡ y = z›
3515 using "id-R-thm:4"[THEN "→E", OF "∨I"(1)] "&E" by blast
3516 AOT_hence ‹y = z›
3517 using 2 by (metis "≡E"(1))
3518 AOT_hence x_eq_z: ‹x = z›
3519 using x_eq_y id_trans by blast
3520 AOT_have ‹InDomainOf(x,ℛ) & InDomainOf(z,ℛ)›
3521 using 1 3 "&I" "&E" by meson
3522 AOT_hence ‹x =⇩ℛ z ≡ x = z›
3523 using "id-R-thm:4"[THEN "→E", OF "∨I"(1)] "&E" by blast
3524 AOT_thus ‹x =⇩ℛ z›
3525 using x_eq_z "≡E"(2) by blast
3526qed
3527
3528AOT_define WeakAncestral :: ‹Π ⇒ Π› (‹_⇧+›)
3529 "w-ances-df": ‹[ℛ]⇧+ =⇩d⇩f [λxy [ℛ]⇧*xy ∨ x =⇩ℛ y]›
3530
3531AOT_theorem "w-ances-df[den1]": ‹[λxy [Π]⇧*xy ∨ x =⇩Π y]↓›
3532 by "cqt:2"
3533AOT_theorem "w-ances-df[den2]": ‹[Π]⇧+↓›
3534 using "w-ances-df[den1]" "=⇩d⇩fI"(1)[OF "w-ances-df"] by blast
3535
3536AOT_theorem "w-ances": ‹[ℛ]⇧+xy ≡ ([ℛ]⇧*xy ∨ x =⇩ℛ y)›
3537proof -
3538 AOT_have 0: ‹[λxy [ℛ⇧*]xy ∨ x =⇩ℛ y]↓›
3539 by "cqt:2"
3540 AOT_have 1: ‹«(AOT_term_of_var x,AOT_term_of_var y)»↓›
3541 by (simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
3542 have 2: ‹«[λμ⇩1...μ⇩n [ℛ⇧*]μ⇩1...μ⇩n ∨ [(=⇩ℛ)]μ⇩1...μ⇩n]xy» =
3543 «[λxy [ℛ⇧*]xy ∨ [(=⇩ℛ)]xy]xy»›
3544 by (simp add: cond_case_prod_eta)
3545 show ?thesis
3546 apply (rule "=⇩d⇩fI"(1)[OF "w-ances-df"])
3547 apply (fact "w-ances-df[den1]")
3548 using "beta-C-meta"[THEN "→E", OF 0, unvarify ν⇩1ν⇩n,
3549 where τ=‹(_,_)›, simplified, OF 1] 2 by simp
3550qed
3551
3552AOT_theorem "w-ances-her:1": ‹[ℛ]xy → [ℛ]⇧+xy›
3553proof(rule "→I")
3554 AOT_assume ‹[ℛ]xy›
3555 AOT_hence ‹[ℛ]⇧*xy›
3556 using "anc-her:1"[THEN "→E"] by blast
3557 AOT_thus ‹[ℛ]⇧+xy›
3558 using "w-ances"[THEN "≡E"(2)] "∨I" by blast
3559qed
3560
3561AOT_theorem "w-ances-her:2":
3562 ‹[F]x & [ℛ]⇧+xy & Hereditary(F, ℛ) → [F]y›
3563proof(rule "→I"; (frule "&E"(1); drule "&E"(2))+)
3564 AOT_assume 0: ‹[F]x›
3565 AOT_assume 1: ‹Hereditary(F, ℛ)›
3566 AOT_assume ‹[ℛ]⇧+xy›
3567 AOT_hence ‹[ℛ]⇧*xy ∨ x =⇩ℛ y›
3568 using "w-ances"[THEN "≡E"(1)] by simp
3569 moreover {
3570 AOT_assume ‹[ℛ]⇧*xy›
3571 AOT_hence ‹[F]y›
3572 using "anc-her:3"[THEN "→E", OF "&I", OF "&I"] 0 1 by blast
3573 }
3574 moreover {
3575 AOT_assume ‹x =⇩ℛ y›
3576 AOT_hence ‹x = y›
3577 using "id-R-thm:3"[THEN "→E"] by blast
3578 AOT_hence ‹[F]y›
3579 using 0 "rule=E" by blast
3580 }
3581 ultimately AOT_show ‹[F]y›
3582 by (metis "∨E"(3) "raa-cor:1")
3583qed
3584
3585AOT_theorem "w-ances-her:3": ‹([ℛ]⇧+xy & [ℛ]yz) → [ℛ]⇧*xz›
3586proof(rule "→I"; frule "&E"(1); drule "&E"(2))
3587 AOT_assume ‹[ℛ]⇧+xy›
3588 moreover AOT_assume Ryz: ‹[ℛ]yz›
3589 ultimately AOT_have ‹[ℛ]⇧*xy ∨ x =⇩ℛ y›
3590 using "w-ances"[THEN "≡E"(1)] by metis
3591 moreover {
3592 AOT_assume R_star_xy: ‹[ℛ]⇧*xy›
3593 AOT_have ‹[ℛ]⇧*xz›
3594 proof (safe intro!: ances[THEN "≡E"(2)] "→I" GEN)
3595 fix F
3596 AOT_assume 0: ‹∀z ([ℛ]xz → [F]z) & Hereditary(F,ℛ)›
3597 AOT_hence ‹[F]y›
3598 using R_star_xy ances[THEN "≡E"(1), OF R_star_xy,
3599 THEN "∀E"(2), THEN "→E"] by blast
3600 AOT_thus ‹[F]z›
3601 using "hered:1"[THEN "≡⇩d⇩fE", OF 0[THEN "&E"(2)], THEN "&E"(2)]
3602 "∀E"(2) "→E" Ryz by blast
3603 qed
3604 }
3605 moreover {
3606 AOT_assume ‹x =⇩ℛ y›
3607 AOT_hence ‹x = y›
3608 using "id-R-thm:3"[THEN "→E"] by blast
3609 AOT_hence ‹[ℛ]xz›
3610 using Ryz "rule=E" id_sym by fast
3611 AOT_hence ‹[ℛ]⇧*xz›
3612 by (metis "anc-her:1"[THEN "→E"])
3613 }
3614 ultimately AOT_show ‹[ℛ]⇧*xz›
3615 by (metis "∨E"(3) "raa-cor:1")
3616qed
3617
3618AOT_theorem "w-ances-her:4": ‹([ℛ]⇧*xy & [ℛ]yz) → [ℛ]⇧+xz›
3619proof(rule "→I"; frule "&E"(1); drule "&E"(2))
3620 AOT_assume ‹[ℛ]⇧*xy›
3621 AOT_hence ‹[ℛ]⇧*xy ∨ x =⇩ℛ y›
3622 using "∨I" by blast
3623 AOT_hence ‹[ℛ]⇧+xy›
3624 using "w-ances"[THEN "≡E"(2)] by blast
3625 moreover AOT_assume ‹[ℛ]yz›
3626 ultimately AOT_have ‹[ℛ]⇧*xz›
3627 using "w-ances-her:3"[THEN "→E", OF "&I"] by simp
3628 AOT_hence ‹[ℛ]⇧*xz ∨ x =⇩ℛ z›
3629 using "∨I" by blast
3630 AOT_thus ‹[ℛ]⇧+xz›
3631 using "w-ances"[THEN "≡E"(2)] by blast
3632qed
3633
3634AOT_theorem "w-ances-her:5": ‹([ℛ]xy & [ℛ]⇧+yz) → [ℛ]⇧*xz›
3635proof(rule "→I"; frule "&E"(1); drule "&E"(2))
3636 AOT_assume 0: ‹[ℛ]xy›
3637 AOT_assume ‹[ℛ]⇧+yz›
3638 AOT_hence ‹[ℛ]⇧*yz ∨ y =⇩ℛ z›
3639 by (metis "≡E"(1) "w-ances")
3640 moreover {
3641 AOT_assume ‹[ℛ]⇧*yz›
3642 AOT_hence ‹[ℛ]⇧*xz›
3643 using 0 by (metis "anc-her:4" Adjunction "→E")
3644 }
3645 moreover {
3646 AOT_assume ‹y =⇩ℛ z›
3647 AOT_hence ‹y = z›
3648 by (metis "id-R-thm:3" "→E")
3649 AOT_hence ‹[ℛ]xz›
3650 using 0 "rule=E" by fast
3651 AOT_hence ‹[ℛ]⇧*xz›
3652 by (metis "anc-her:1" "→E")
3653 }
3654 ultimately AOT_show ‹[ℛ]⇧*xz› by (metis "∨E"(2) "reductio-aa:1")
3655qed
3656
3657AOT_theorem "w-ances-her:6": ‹([ℛ]⇧+xy & [ℛ]⇧+yz) → [ℛ]⇧+xz›
3658proof(rule "→I"; frule "&E"(1); drule "&E"(2))
3659 AOT_assume 0: ‹[ℛ]⇧+xy›
3660 AOT_hence 1: ‹[ℛ]⇧*xy ∨ x =⇩ℛ y›
3661 by (metis "≡E"(1) "w-ances")
3662 AOT_assume 2: ‹[ℛ]⇧+yz›
3663 {
3664 AOT_assume ‹x =⇩ℛ y›
3665 AOT_hence ‹x = y›
3666 by (metis "id-R-thm:3" "→E")
3667 AOT_hence ‹[ℛ]⇧+xz›
3668 using 2 "rule=E" id_sym by fast
3669 }
3670 moreover {
3671 AOT_assume ‹¬(x =⇩ℛ y)›
3672 AOT_hence 3: ‹[ℛ]⇧*xy›
3673 using 1 by (metis "∨E"(3))
3674 AOT_have ‹[ℛ]⇧*yz ∨ y =⇩ℛ z›
3675 using 2 by (metis "≡E"(1) "w-ances")
3676 moreover {
3677 AOT_assume ‹[ℛ]⇧*yz›
3678 AOT_hence ‹[ℛ]⇧*xz›
3679 using 3 by (metis "anc-her:6" Adjunction "→E")
3680 AOT_hence ‹[ℛ]⇧+xz›
3681 by (metis "∨I"(1) "≡E"(2) "w-ances")
3682 }
3683 moreover {
3684 AOT_assume ‹y =⇩ℛ z›
3685 AOT_hence ‹y = z›
3686 by (metis "id-R-thm:3" "→E")
3687 AOT_hence ‹[ℛ]⇧+xz›
3688 using 0 "rule=E" id_sym by fast
3689 }
3690 ultimately AOT_have ‹[ℛ]⇧+xz›
3691 by (metis "∨E"(3) "reductio-aa:1")
3692 }
3693 ultimately AOT_show ‹[ℛ]⇧+xz›
3694 by (metis "reductio-aa:1")
3695qed
3696
3697AOT_theorem "w-ances-her:7": ‹[ℛ]⇧*xy → ∃z([ℛ]⇧+xz & [ℛ]zy)›
3698proof(rule "→I")
3699 AOT_assume 0: ‹[ℛ]⇧*xy›
3700 AOT_have 1: ‹∀z ([ℛ]xz → [Π]z) & Hereditary(Π,ℛ) → [Π]y› if ‹Π↓› for Π
3701 using ances[THEN "≡E"(1), THEN "∀E"(1), OF 0] that by blast
3702 AOT_have ‹[λy ∃z([ℛ]⇧+xz & [ℛ]zy)]y›
3703 proof (rule 1[THEN "→E"]; "cqt:2[lambda]"?;
3704 safe intro!: "&I" GEN "→I" "hered:1"[THEN "≡⇩d⇩fI"] "cqt:2")
3705 fix z
3706 AOT_assume 0: ‹[ℛ]xz›
3707 AOT_hence ‹∃z [ℛ]xz› by (rule "∃I")
3708 AOT_hence ‹InDomainOf(x, ℛ)› by (metis "≡⇩d⇩fI" "df-1-1:5")
3709 AOT_hence ‹x =⇩ℛ x› by (metis "id-R-thm:5" "→E")
3710 AOT_hence ‹[ℛ]⇧+xx› by (metis "∨I"(2) "≡E"(2) "w-ances")
3711 AOT_hence ‹[ℛ]⇧+xx & [ℛ]xz› using 0 "&I" by blast
3712 AOT_hence ‹∃y ([ℛ]⇧+xy & [ℛ]yz)› by (rule "∃I")
3713 AOT_thus ‹[λy ∃z ([ℛ]⇧+xz & [ℛ]zy)]z›
3714 by (auto intro!: "β←C"(1) "cqt:2")
3715 next
3716 fix x' y
3717 AOT_assume Rx'y: ‹[ℛ]x'y›
3718 AOT_assume ‹[λy ∃z ([ℛ]⇧+xz & [ℛ]zy)]x'›
3719 AOT_hence ‹∃z ([ℛ]⇧+xz & [ℛ]zx')›
3720 using "β→C"(1) by blast
3721 then AOT_obtain c where c_prop: ‹[ℛ]⇧+xc & [ℛ]cx'›
3722 using "∃E"[rotated] by blast
3723 AOT_hence ‹[ℛ]⇧*xx'›
3724 by (meson Rx'y "anc-her:1" "anc-her:6" Adjunction "→E" "w-ances-her:3")
3725 AOT_hence ‹[ℛ]⇧*xx' ∨ x =⇩ℛ x'› by (rule "∨I")
3726 AOT_hence ‹[ℛ]⇧+xx'› by (metis "≡E"(2) "w-ances")
3727 AOT_hence ‹[ℛ]⇧+xx' & [ℛ]x'y› using Rx'y by (metis "&I")
3728 AOT_hence ‹∃z ([ℛ]⇧+xz & [ℛ]zy)› by (rule "∃I")
3729 AOT_thus ‹[λy ∃z ([ℛ]⇧+xz & [ℛ]zy)]y›
3730 by (auto intro!: "β←C"(1) "cqt:2")
3731 qed
3732 AOT_thus ‹∃z([ℛ]⇧+xz & [ℛ]zy)›
3733 using "β→C"(1) by fast
3734qed
3735
3736AOT_theorem "1-1-R:1": ‹([ℛ]xy & [ℛ]⇧*zy) → [ℛ]⇧+zx›
3737proof(rule "→I"; frule "&E"(1); drule "&E"(2))
3738 AOT_assume ‹[ℛ]⇧*zy›
3739 AOT_hence ‹∃x ([ℛ]⇧+zx & [ℛ]xy)›
3740 using "w-ances-her:7"[THEN "→E"] by simp
3741 then AOT_obtain a where a_prop: ‹[ℛ]⇧+za & [ℛ]ay›
3742 using "∃E"[rotated] by blast
3743 moreover AOT_assume ‹[ℛ]xy›
3744 ultimately AOT_have ‹x = a›
3745 using "df-1-1:2"[THEN "≡⇩d⇩fE", OF RigidOneToOneRelation.ψ, THEN "&E"(1),
3746 THEN "≡⇩d⇩fE"[OF "df-1-1:1"], THEN "&E"(2), THEN "∀E"(2),
3747 THEN "∀E"(2), THEN "∀E"(2), THEN "→E", OF "&I"]
3748 "&E" by blast
3749 AOT_thus ‹[ℛ]⇧+zx›
3750 using a_prop[THEN "&E"(1)] "rule=E" id_sym by fast
3751qed
3752
3753AOT_theorem "1-1-R:2": ‹[ℛ]xy → (¬[ℛ]⇧*xx → ¬[ℛ]⇧*yy)›
3754proof(rule "→I"; rule "useful-tautologies:5"[THEN "→E"]; rule "→I")
3755 AOT_assume 0: ‹[ℛ]xy›
3756 moreover AOT_assume ‹[ℛ]⇧*yy›
3757 ultimately AOT_have ‹[ℛ]⇧+yx›
3758 using "1-1-R:1"[THEN "→E", OF "&I"] by blast
3759 AOT_thus ‹[ℛ]⇧*xx›
3760 using 0 by (metis "&I" "→E" "w-ances-her:5")
3761qed
3762
3763AOT_theorem "1-1-R:3": ‹¬[ℛ]⇧*xx → ([ℛ]⇧+xy → ¬[ℛ]⇧*yy)›
3764proof(safe intro!: "→I")
3765 AOT_have 0: ‹[λz ¬[ℛ]⇧*zz]↓› by "cqt:2"
3766 AOT_assume 1: ‹¬[ℛ]⇧*xx›
3767 AOT_assume 2: ‹[ℛ]⇧+xy›
3768 AOT_have ‹[λz ¬[ℛ]⇧*zz]y›
3769 proof(rule "w-ances-her:2"[unvarify F, OF 0, THEN "→E"];
3770 safe intro!: "&I" "hered:1"[THEN "≡⇩d⇩fI"] "cqt:2" GEN "→I")
3771 AOT_show ‹[λz ¬[ℛ]⇧*zz]x›
3772 by (auto intro!: "β←C"(1) "cqt:2" simp: 1)
3773 next
3774 AOT_show ‹[ℛ]⇧+xy› by (fact 2)
3775 next
3776 fix x y
3777 AOT_assume ‹[λz ¬[ℛ⇧*]zz]x›
3778 AOT_hence ‹¬[ℛ]⇧*xx› by (rule "β→C"(1))
3779 moreover AOT_assume ‹[ℛ]xy›
3780 ultimately AOT_have ‹¬[ℛ]⇧*yy›
3781 using "1-1-R:2"[THEN "→E", THEN "→E"] by blast
3782 AOT_thus ‹[λz ¬[ℛ⇧*]zz]y›
3783 by (auto intro!: "β←C"(1) "cqt:2")
3784 qed
3785 AOT_thus ‹¬[ℛ]⇧*yy›
3786 using "β→C"(1) by blast
3787qed
3788
3789AOT_theorem "1-1-R:4": ‹[ℛ]⇧*xy → InDomainOf(x,ℛ)›
3790proof(rule "→I"; rule "df-1-1:5"[THEN "≡⇩d⇩fI"])
3791 AOT_assume 1: ‹[ℛ]⇧*xy›
3792 AOT_have ‹[λz [ℛ⇧*]xz → ∃y [ℛ]xy]y›
3793 proof (safe intro!: "anc-her:2"[unvarify F, THEN "→E"];
3794 safe intro!: "cqt:2" "&I" GEN "→I" "hered:1"[THEN "≡⇩d⇩fI"])
3795 AOT_show ‹[ℛ]⇧*xy› by (fact 1)
3796 next
3797 fix z
3798 AOT_assume ‹[ℛ]xz›
3799 AOT_thus ‹[λz [ℛ⇧*]xz → ∃y [ℛ]xy]z›
3800 by (safe intro!: "β←C"(1) "cqt:2")
3801 (meson "→I" "existential:2[const_var]")
3802 next
3803 fix x' y
3804 AOT_assume Rx'y: ‹[ℛ]x'y›
3805 AOT_assume ‹[λz [ℛ⇧*]xz → ∃y [ℛ]xy]x'›
3806 AOT_hence 0: ‹[ℛ⇧*]xx' → ∃y [ℛ]xy› by (rule "β→C"(1))
3807 AOT_have 1: ‹[ℛ⇧*]xy → ∃y [ℛ]xy›
3808 proof(rule "→I")
3809 AOT_assume ‹[ℛ]⇧*xy›
3810 AOT_hence ‹[ℛ]⇧+xx'› by (metis Rx'y "&I" "1-1-R:1" "→E")
3811 AOT_hence ‹[ℛ]⇧*xx' ∨ x =⇩ℛ x'› by (metis "≡E"(1) "w-ances")
3812 moreover {
3813 AOT_assume ‹[ℛ]⇧*xx'›
3814 AOT_hence ‹∃y [ℛ]xy› using 0 by (metis "→E")
3815 }
3816 moreover {
3817 AOT_assume ‹x =⇩ℛ x'›
3818 AOT_hence ‹x = x'› by (metis "id-R-thm:3" "→E")
3819 AOT_hence ‹[ℛ]xy› using Rx'y "rule=E" id_sym by fast
3820 AOT_hence ‹∃y [ℛ]xy› by (rule "∃I")
3821 }
3822 ultimately AOT_show ‹∃y [ℛ]xy›
3823 by (metis "∨E"(3) "reductio-aa:1")
3824 qed
3825 AOT_show ‹[λz [ℛ⇧*]xz → ∃y [ℛ]xy]y›
3826 by (auto intro!: "β←C"(1) "cqt:2" 1)
3827 qed
3828 AOT_hence ‹[ℛ⇧*]xy → ∃y [ℛ]xy› by (rule "β→C"(1))
3829 AOT_thus ‹∃y [ℛ]xy› using 1 "→E" by blast
3830qed
3831
3832AOT_theorem "1-1-R:5": ‹[ℛ]⇧+xy → InDomainOf(x,ℛ)›
3833proof (rule "→I")
3834 AOT_assume ‹[ℛ]⇧+xy›
3835 AOT_hence ‹[ℛ]⇧*xy ∨ x =⇩ℛ y›
3836 by (metis "≡E"(1) "w-ances")
3837 moreover {
3838 AOT_assume ‹[ℛ]⇧*xy›
3839 AOT_hence ‹InDomainOf(x,ℛ)›
3840 using "1-1-R:4" "→E" by blast
3841 }
3842 moreover {
3843 AOT_assume ‹x =⇩ℛ y›
3844 AOT_hence ‹InDomainOf(x,ℛ)›
3845 by (metis "Conjunction Simplification"(1) "id-R-thm:2" "→E")
3846 }
3847 ultimately AOT_show ‹InDomainOf(x,ℛ)›
3848 by (metis "∨E"(3) "reductio-aa:1")
3849qed
3850
3851AOT_theorem "pre-ind":
3852 ‹([F]z & ∀x∀y(([ℛ]⇧+zx & [ℛ]⇧+zy) → ([ℛ]xy → ([F]x → [F]y)))) →
3853 ∀x ([ℛ]⇧+zx → [F]x)›
3854proof(safe intro!: "→I" GEN)
3855 AOT_have den: ‹[λy [F]y & [ℛ]⇧+zy]↓› by "cqt:2"
3856 fix x
3857 AOT_assume θ: ‹[F]z & ∀x∀y(([ℛ]⇧+zx & [ℛ]⇧+zy) → ([ℛ]xy → ([F]x → [F]y)))›
3858 AOT_assume 0: ‹[ℛ]⇧+zx›
3859
3860 AOT_have ‹[λy [F]y & [ℛ]⇧+zy]x›
3861 proof (rule "w-ances-her:2"[unvarify F, OF den, THEN "→E"]; safe intro!: "&I")
3862 AOT_show ‹[λy [F]y & [ℛ]⇧+zy]z›
3863 proof (safe intro!: "β←C"(1) "cqt:2" "&I")
3864 AOT_show ‹[F]z› using θ "&E" by blast
3865 next
3866 AOT_show ‹[ℛ]⇧+zz›
3867 by (rule "w-ances"[THEN "≡E"(2), OF "∨I"(2)])
3868 (meson "0" "id-R-thm:5" "1-1-R:5" "→E")
3869 qed
3870 next
3871 AOT_show ‹[ℛ]⇧+zx› by (fact 0)
3872 next
3873 AOT_show ‹Hereditary([λy [F]y & [ℛ]⇧+zy],ℛ)›
3874 proof (safe intro!: "hered:1"[THEN "≡⇩d⇩fI"] "&I" "cqt:2" GEN "→I")
3875 fix x' y
3876 AOT_assume 1: ‹[ℛ]x'y›
3877 AOT_assume ‹[λy [F]y & [ℛ]⇧+zy]x'›
3878 AOT_hence 2: ‹[F]x' & [ℛ]⇧+zx'› by (rule "β→C"(1))
3879 AOT_have ‹[ℛ]⇧*zy› using 1 2[THEN "&E"(2)]
3880 by (metis Adjunction "modus-tollens:1" "reductio-aa:1" "w-ances-her:3")
3881 AOT_hence 3: ‹[ℛ]⇧+zy› by (metis "∨I"(1) "≡E"(2) "w-ances")
3882 AOT_show ‹[λy [F]y & [ℛ]⇧+zy]y›
3883 proof (safe intro!: "β←C"(1) "cqt:2" "&I" 3)
3884 AOT_show ‹[F]y›
3885 proof (rule θ[THEN "&E"(2), THEN "∀E"(2), THEN "∀E"(2),
3886 THEN "→E", THEN "→E", THEN "→E"])
3887 AOT_show ‹[ℛ]⇧+zx' & [ℛ]⇧+zy›
3888 using 2 3 "&E" "&I" by blast
3889 next
3890 AOT_show ‹[ℛ]x'y› by (fact 1)
3891 next
3892 AOT_show ‹[F]x'› using 2 "&E" by blast
3893 qed
3894 qed
3895 qed
3896 qed
3897 AOT_thus ‹[F]x› using "β→C"(1) "&E"(1) by fast
3898qed
3899
3900text‹The following is not part of PLM, but a theorem of AOT.
3901 It states that the predecessor relation coexists with numbering a property.
3902 We will use this fact to derive the predecessor axiom, which asserts that the
3903 predecessor relation denotes, from the fact that our models validate that
3904 numbering a property denotes.›
3905AOT_theorem pred_coex:
3906 ‹[λxy ∃F∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))]↓ ≡ ∀F ([λx Numbers(x,F)]↓)›
3907proof(safe intro!: "≡I" "→I" GEN)
3908 fix F
3909 let ?P = ‹«[λxy ∃F∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))]»›
3910 AOT_assume ‹[«?P»]↓›
3911 AOT_hence ‹□[«?P»]↓›
3912 using "exist-nec" "→E" by blast
3913 moreover AOT_have
3914 ‹□[«?P»]↓ → □(∀x∀y(∀F([F]x ≡ [F]y) → (Numbers(x,F) ≡ Numbers(y,F))))›
3915 proof(rule RM; safe intro!: "→I" GEN)
3916 AOT_modally_strict {
3917 fix x y
3918 AOT_assume pred_den: ‹[«?P»]↓›
3919 AOT_hence pred_equiv:
3920 ‹[«?P»]xy ≡ ∃F∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))› for x y
3921 by (safe intro!: "beta-C-meta"[unvarify ν⇩1ν⇩n, where τ=‹(_,_)›, THEN "→E",
3922 rotated, OF pred_den, simplified]
3923 tuple_denotes[THEN "≡⇩d⇩fI"] "&I" "cqt:2")
3924 text‹We show as a subproof that any natural cardinal that is not zero
3925 has a predecessor.›
3926 AOT_have CardinalPredecessor:
3927 ‹∃y [«?P»]yx› if card_x: ‹NaturalCardinal(x)› and x_nonzero: ‹x ≠ 0› for x
3928 proof -
3929 AOT_have ‹∃G x = #G›
3930 using card[THEN "≡⇩d⇩fE", OF card_x].
3931 AOT_hence ‹∃G Numbers(x,G)›
3932 using "eq-df-num"[THEN "≡E"(1)] by blast
3933 then AOT_obtain G' where numxG': ‹Numbers(x,G')›
3934 using "∃E"[rotated] by blast
3935 AOT_obtain G where ‹Rigidifies(G,G')›
3936 using "rigid-der:3" "∃E"[rotated] by blast
3937
3938 AOT_hence H: ‹Rigid(G) & ∀x ([G]x ≡ [G']x)›
3939 using "df-rigid-rel:2"[THEN "≡⇩d⇩fE"] by blast
3940 AOT_have H_rigid: ‹□∀x ([G]x → □[G]x)›
3941 using H[THEN "&E"(1), THEN "df-rigid-rel:1"[THEN "≡⇩d⇩fE"], THEN "&E"(2)].
3942 AOT_hence ‹∀x □([G]x → □[G]x)›
3943 using "CBF" "→E" by blast
3944 AOT_hence R: ‹□([G]x → □[G]x)› for x using "∀E"(2) by blast
3945 AOT_hence rigid: ‹[G]x ≡ ❙𝒜[G]x› for x
3946 by (metis "≡E"(6) "oth-class-taut:3:a" "sc-eq-fur:2" "→E")
3947 AOT_have ‹G ≡⇩E G'›
3948 proof (safe intro!: eqE[THEN "≡⇩d⇩fI"] "&I" "cqt:2" GEN "→I")
3949 AOT_show ‹[G]x ≡ [G']x› for x using H[THEN "&E"(2)] "∀E"(2) by fast
3950 qed
3951 AOT_hence ‹G ≈⇩E G'›
3952 by (rule "apE-eqE:2"[THEN "→E", OF "&I", rotated])
3953 (simp add: "eq-part:1")
3954 AOT_hence numxG: ‹Numbers(x,G)›
3955 using "num-tran:1"[THEN "→E", THEN "≡E"(2)] numxG' by blast
3956
3957 {
3958 AOT_assume ‹¬∃y(y ≠ x & [«?P»]yx)›
3959 AOT_hence ‹∀y ¬(y ≠ x & [«?P»]yx)›
3960 using "cqt-further:4" "→E" by blast
3961 AOT_hence ‹¬(y ≠ x & [«?P»]yx)› for y
3962 using "∀E"(2) by blast
3963 AOT_hence 0: ‹¬y ≠ x ∨ ¬[«?P»]yx› for y
3964 using "¬¬E" "intro-elim:3:c" "oth-class-taut:5:a" by blast
3965 {
3966 fix y
3967 AOT_assume ‹[«?P»]yx›
3968 AOT_hence ‹¬y ≠ x›
3969 using 0 "¬¬I" "con-dis-i-e:4:c" by blast
3970 AOT_hence ‹y = x›
3971 using "=-infix" "≡⇩d⇩fI" "raa-cor:4" by blast
3972 } note Pxy_imp_eq = this
3973 AOT_have ‹[«?P»]xx›
3974 proof(rule "raa-cor:1")
3975 AOT_assume notPxx: ‹¬[«?P»]xx›
3976 AOT_hence ‹¬∃F∃u([F]u & Numbers(x,F) & Numbers(x,[F]⇧-⇧u))›
3977 using pred_equiv "intro-elim:3:c" by blast
3978 AOT_hence ‹∀F ¬∃u([F]u & Numbers(x,F) & Numbers(x,[F]⇧-⇧u))›
3979 using "cqt-further:4"[THEN "→E"] by blast
3980 AOT_hence ‹¬∃u([F]u & Numbers(x,F) & Numbers(x,[F]⇧-⇧u))› for F
3981 using "∀E"(2) by blast
3982 AOT_hence ‹∀y ¬(O!y & ([F]y & Numbers(x,F) & Numbers(x,[F]⇧-⇧y)))› for F
3983 using "cqt-further:4"[THEN "→E"] by blast
3984 AOT_hence 0: ‹¬(O!u & ([F]u & Numbers(x,F) & Numbers(x,[F]⇧-⇧u)))› for F u
3985 using "∀E"(2) by blast
3986 AOT_have ‹□¬∃u [G]u›
3987 proof(rule "raa-cor:1")
3988 AOT_assume ‹¬□¬∃u [G]u›
3989 AOT_hence ‹◇∃u [G]u›
3990 using "≡⇩d⇩fI" "conventions:5" by blast
3991 AOT_hence ‹∃u ◇[G]u›
3992 by (metis "Ordinary.res-var-bound-reas[BF◇]"[THEN "→E"])
3993 then AOT_obtain u where posGu: ‹◇[G]u›
3994 using "Ordinary.∃E"[rotated] by meson
3995 AOT_hence Gu: ‹[G]u›
3996 by (meson "B◇" "K◇" "→E" R)
3997 AOT_have ‹¬([G]u & Numbers(x,G) & Numbers(x,[G]⇧-⇧u))›
3998 using 0 Ordinary.ψ
3999 by (metis "con-dis-i-e:1" "raa-cor:1")
4000 AOT_hence notnumx: ‹¬Numbers(x,[G]⇧-⇧u)›
4001 using Gu numxG "con-dis-i-e:1" "raa-cor:5" by metis
4002 AOT_obtain y where numy: ‹Numbers(y,[G]⇧-⇧u)›
4003 using "num:1"[unvarify G, OF "F-u[den]"] "∃E"[rotated] by blast
4004 AOT_hence ‹[G]u & Numbers(x,G) & Numbers(y,[G]⇧-⇧u)›
4005 using Gu numxG "&I" by blast
4006 AOT_hence ‹∃u ([G]u & Numbers(x,G) & Numbers(y,[G]⇧-⇧u))›
4007 by (rule "Ordinary.∃I")
4008 AOT_hence ‹∃G∃u ([G]u & Numbers(x,G) & Numbers(y,[G]⇧-⇧u))›
4009 by (rule "∃I")
4010 AOT_hence ‹[«?P»]yx›
4011 using pred_equiv[THEN "≡E"(2)] by blast
4012 AOT_hence ‹y = x› using Pxy_imp_eq by blast
4013 AOT_hence ‹Numbers(x,[G]⇧-⇧u)›
4014 using numy "rule=E" by fast
4015 AOT_thus ‹p & ¬p› for p using notnumx "reductio-aa:1" by blast
4016 qed
4017 AOT_hence ‹¬∃u [G]u›
4018 using "qml:2"[axiom_inst, THEN "→E"] by blast
4019 AOT_hence num0G: ‹Numbers(0, G)›
4020 using "0F:1"[THEN "≡E"(1)] by blast
4021 AOT_hence ‹x = 0›
4022 using "pre-Hume"[unvarify x, THEN "→E", OF "zero:2", OF "&I",
4023 THEN "≡E"(2), OF num0G, OF numxG, OF "eq-part:1"]
4024 id_sym by blast
4025 moreover AOT_have ‹¬x = 0›
4026 using x_nonzero
4027 using "=-infix" "≡⇩d⇩fE" by blast
4028 ultimately AOT_show ‹p & ¬p› for p using "reductio-aa:1" by blast
4029 qed
4030 }
4031 AOT_hence ‹[«?P»]xx ∨ ∃y (y ≠ x & [«?P»]yx)›
4032 using "con-dis-i-e:3:a" "con-dis-i-e:3:b" "raa-cor:1" by blast
4033 moreover {
4034 AOT_assume ‹[«?P»]xx›
4035 AOT_hence ‹∃y [«?P»]yx›
4036 by (rule "∃I")
4037 }
4038 moreover {
4039 AOT_assume ‹∃y (y ≠ x & [«?P»]yx)›
4040 then AOT_obtain y where ‹y ≠ x & [«?P»]yx›
4041 using "∃E"[rotated] by blast
4042 AOT_hence ‹[«?P»]yx›
4043 using "&E" by blast
4044 AOT_hence ‹∃y [«?P»]yx›
4045 by (rule "∃I")
4046 }
4047 ultimately AOT_show ‹∃y [«?P»]yx›
4048 using "∨E"(1) "→I" by blast
4049 qed
4050
4051 text‹Given above lemma, we can show that if one of two indistinguishable objects
4052 numbers a property, the other one numbers this property as well.›
4053 AOT_assume indist: ‹∀F([F]x ≡ [F]y)›
4054 AOT_assume numxF: ‹Numbers(x,F)›
4055 AOT_hence 0: ‹NaturalCardinal(x)›
4056 by (metis "eq-num:6" "vdash-properties:10")
4057 text‹We show by case distinction that x equals y.
4058 As first case we consider x to be non-zero.›
4059 {
4060 AOT_assume ‹¬(x = 0)›
4061 AOT_hence ‹x ≠ 0›
4062 by (metis "=-infix" "≡⇩d⇩fI")
4063 AOT_hence ‹∃y [«?P»]yx›
4064 using CardinalPredecessor 0 by blast
4065 then AOT_obtain z where Pxz: ‹[«?P»]zx›
4066 using "∃E"[rotated] by blast
4067 AOT_hence ‹[λy [«?P»]zy]x›
4068 by (safe intro!: "β←C" "cqt:2")
4069 AOT_hence ‹[λy [«?P»]zy]y›
4070 by (safe intro!: indist[THEN "∀E"(1), THEN "≡E"(1)] "cqt:2")
4071 AOT_hence Pyz: ‹[«?P»]zy›
4072 using "β→C"(1) by blast
4073 AOT_hence ‹∃F∃u ([F]u & Numbers(y,F) & Numbers(z,[F]⇧-⇧u))›
4074 using Pyz pred_equiv[THEN "≡E"(1)] by blast
4075 then AOT_obtain F⇩1 where ‹∃u ([F⇩1]u & Numbers(y,F⇩1) & Numbers(z,[F⇩1]⇧-⇧u))›
4076 using "∃E"[rotated] by blast
4077 then AOT_obtain u where u_prop: ‹[F⇩1]u & Numbers(y,F⇩1) & Numbers(z,[F⇩1]⇧-⇧u)›
4078 using "Ordinary.∃E"[rotated] by meson
4079 AOT_have ‹∃F∃u ([F]u & Numbers(x,F) & Numbers(z,[F]⇧-⇧u))›
4080 using Pxz pred_equiv[THEN "≡E"(1)] by blast
4081 then AOT_obtain F⇩2 where ‹∃u ([F⇩2]u & Numbers(x,F⇩2) & Numbers(z,[F⇩2]⇧-⇧u))›
4082 using "∃E"[rotated] by blast
4083 then AOT_obtain v where v_prop: ‹[F⇩2]v & Numbers(x,F⇩2) & Numbers(z,[F⇩2]⇧-⇧v)›
4084 using "Ordinary.∃E"[rotated] by meson
4085 AOT_have ‹[F⇩2]⇧-⇧v ≈⇩E [F⇩1]⇧-⇧u›
4086 using "hume-strict:1"[unvarify F G, THEN "≡E"(1), OF "F-u[den]",
4087 OF "F-u[den]", OF "∃I"(2)[where β=z], OF "&I"]
4088 v_prop u_prop "&E" by blast
4089 AOT_hence ‹F⇩2 ≈⇩E F⇩1›
4090 using "P'-eq"[THEN "→E", OF "&I", OF "&I"]
4091 u_prop v_prop "&E" by meson
4092 AOT_hence ‹x = y›
4093 using "pre-Hume"[THEN "→E", THEN "≡E"(2), OF "&I"]
4094 v_prop u_prop "&E" by blast
4095 }
4096 text‹The second case handles x being equal to zero.›
4097 moreover {
4098 fix u
4099 AOT_assume x_is_zero: ‹x = 0›
4100 moreover AOT_have ‹Numbers(0,[λz z =⇩E u]⇧-⇧u)›
4101 proof (safe intro!: "0F:1"[unvarify F, THEN "≡E"(1)] "cqt:2" "raa-cor:2"
4102 "F-u[den]"[unvarify F])
4103 AOT_assume ‹∃v [[λz z =⇩E u]⇧-⇧u]v›
4104 then AOT_obtain v where ‹[[λz z =⇩E u]⇧-⇧u]v›
4105 using "Ordinary.∃E"[rotated] by meson
4106 AOT_hence ‹[λz z =⇩E u]v & v ≠⇩E u›
4107 by (auto intro: "F-u"[THEN "=⇩d⇩fE"(1), where τ⇩1τ⇩n="(_,_)", simplified]
4108 intro!: "cqt:2" "F-u[equiv]"[unvarify F, THEN "≡E"(1)]
4109 "F-u[den]"[unvarify F])
4110 AOT_thus ‹p & ¬p› for p
4111 using "β→C" "thm-neg=E"[THEN "≡E"(1)] "&E" "&I"
4112 "raa-cor:3" by fast
4113 qed
4114 ultimately AOT_have 0: ‹Numbers(x,[λz z =⇩E u]⇧-⇧u)›
4115 using "rule=E" id_sym by fast
4116 AOT_have ‹∃y Numbers(y,[λz z =⇩E u])›
4117 by (safe intro!: "num:1"[unvarify G] "cqt:2")
4118 then AOT_obtain z where ‹Numbers(z,[λz z =⇩E u])›
4119 using "∃E" by metis
4120 moreover AOT_have ‹[λz z=⇩E u]u›
4121 by (safe intro!: "β←C" "cqt:2" "ord=Eequiv:1"[THEN "→E"] Ordinary.ψ)
4122 ultimately AOT_have
4123 1: ‹[λz z=⇩E u]u & Numbers(z,[λz z=⇩E u]) & Numbers(x,[λz z=⇩E u]⇧-⇧u)›
4124 using 0 "&I" by auto
4125 AOT_hence ‹∃v([λz z=⇩E u]v & Numbers(z,[λz z =⇩E u]) & Numbers(x,[λz z=⇩E u]⇧-⇧v))›
4126 by (rule "Ordinary.∃I")
4127 AOT_hence ‹∃F∃u([F]u & Numbers(z,[F]) & Numbers(x,[F]⇧-⇧u))›
4128 by (rule "∃I"; "cqt:2")
4129 AOT_hence Px1: ‹[«?P»]xz›
4130 using "beta-C-cor:2"[THEN "→E", OF pred_den,
4131 THEN tuple_forall[THEN "≡⇩d⇩fE"], THEN "∀E"(2),
4132 THEN "∀E"(2), THEN "≡E"(2)] by simp
4133 AOT_hence ‹[λy [«?P»]yz]x›
4134 by (safe intro!: "β←C" "cqt:2")
4135 AOT_hence ‹[λy [«?P»]yz]y›
4136 by (safe intro!: indist[THEN "∀E"(1), THEN "≡E"(1)] "cqt:2")
4137 AOT_hence Py1: ‹[«?P»]yz›
4138 using "β→C" by blast
4139 AOT_hence ‹∃F∃u([F]u & Numbers(z,[F]) & Numbers(y,[F]⇧-⇧u))›
4140 using "β→C" by fast
4141 then AOT_obtain G where ‹∃u([G]u & Numbers(z,[G]) & Numbers(y,[G]⇧-⇧u))›
4142 using "∃E"[rotated] by blast
4143 then AOT_obtain v where 2: ‹[G]v & Numbers(z,[G]) & Numbers(y,[G]⇧-⇧v)›
4144 using "Ordinary.∃E"[rotated] by meson
4145 with 1 2 AOT_have ‹[λz z =⇩E u] ≈⇩E G›
4146 by (auto intro!: "hume-strict:1"[unvarify F, THEN "≡E"(1), rotated,
4147 OF "∃I"(2)[where β=z], OF "&I"] "cqt:2"
4148 dest: "&E")
4149 AOT_hence 3: ‹[λz z =⇩E u]⇧-⇧u ≈⇩E [G]⇧-⇧v›
4150 using 1 2
4151 by (safe_step intro!: "eqP'"[unvarify F, THEN "→E"])
4152 (auto dest: "&E" intro!: "cqt:2" "&I")
4153 with 1 2 AOT_have ‹x = y›
4154 by (auto intro!: "pre-Hume"[unvarify G H, THEN "→E",
4155 THEN "≡E"(2), rotated 3, OF 3]
4156 "F-u[den]"[unvarify F] "cqt:2" "&I"
4157 dest: "&E")
4158 }
4159 ultimately AOT_have ‹x = y›
4160 using "∨E"(1) "→I" "reductio-aa:1" by blast
4161 text‹Now since x numbers F, so does y.›
4162 AOT_hence ‹Numbers(y,F)›
4163 using numxF "rule=E" by fast
4164 } note 0 = this
4165 text‹The only thing left is to generalize this result to a biconditional.›
4166 AOT_modally_strict {
4167 fix x y
4168 AOT_assume ‹[«?P»]↓›
4169 moreover AOT_assume ‹∀F([F]x ≡ [F]y)›
4170 moreover AOT_have ‹∀F([F]y ≡ [F]x)›
4171 by (metis "cqt-basic:11" "intro-elim:3:a" calculation(2))
4172 ultimately AOT_show ‹Numbers(x,F) ≡ Numbers(y,F)›
4173 using 0 "≡I" "→I" by auto
4174 }
4175 qed
4176 ultimately AOT_show ‹[λx Numbers(x,F)]↓›
4177 using "kirchner-thm:1"[THEN "≡E"(2)] "→E" by fast
4178next
4179 text‹The converse can be shown by coexistence.›
4180 AOT_assume ‹∀F [λx Numbers(x,F)]↓›
4181 AOT_hence ‹[λx Numbers(x,F)]↓› for F
4182 using "∀E"(2) by blast
4183 AOT_hence ‹□[λx Numbers(x,F)]↓› for F
4184 using "exist-nec"[THEN "→E"] by blast
4185 AOT_hence ‹∀F □[λx Numbers(x,F)]↓›
4186 by (rule GEN)
4187 AOT_hence ‹□∀F [λx Numbers(x,F)]↓›
4188 using BF[THEN "→E"] by fast
4189 moreover AOT_have
4190 ‹□∀F [λx Numbers(x,F)]↓ →
4191 □∀x ∀y (∃F ∃u ([F]u & [λz Numbers(z,F)]y & [λz Numbers(z,[F]⇧-⇧u)]x) ≡
4192 ∃F ∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u)))›
4193 proof(rule RM; safe intro!: "→I" GEN)
4194 AOT_modally_strict {
4195 fix x y
4196 AOT_assume 0: ‹∀F [λx Numbers(x,F)]↓›
4197 AOT_show ‹∃F ∃u ([F]u & [λz Numbers(z,F)]y & [λz Numbers(z,[F]⇧-⇧u)]x) ≡
4198 ∃F ∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))›
4199 proof(safe intro!: "≡I" "→I")
4200 AOT_assume ‹∃F ∃u ([F]u & [λz Numbers(z,F)]y & [λz Numbers(z,[F]⇧-⇧u)]x)›
4201 then AOT_obtain F where
4202 ‹∃u ([F]u & [λz Numbers(z,F)]y & [λz Numbers(z,[F]⇧-⇧u)]x)›
4203 using "∃E"[rotated] by blast
4204 then AOT_obtain u where ‹[F]u & [λz Numbers(z,F)]y & [λz Numbers(z,[F]⇧-⇧u)]x›
4205 using "Ordinary.∃E"[rotated] by meson
4206 AOT_hence ‹[F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u)›
4207 by (auto intro!: "&I" dest: "&E" "β→C")
4208 AOT_thus ‹∃F ∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))›
4209 using "∃I" "Ordinary.∃I" by fast
4210 next
4211 AOT_assume ‹∃F ∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))›
4212 then AOT_obtain F where ‹∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))›
4213 using "∃E"[rotated] by blast
4214 then AOT_obtain u where ‹[F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u)›
4215 using "Ordinary.∃E"[rotated] by meson
4216 AOT_hence ‹[F]u & [λz Numbers(z,F)]y & [λz Numbers(z,[F]⇧-⇧u)]x›
4217 by (auto intro!: "&I" "β←C" 0[THEN "∀E"(1)] "F-u[den]"
4218 dest: "&E" intro: "cqt:2")
4219 AOT_hence ‹∃u([F]u & [λz Numbers(z,F)]y & [λz Numbers(z,[F]⇧-⇧u)]x)›
4220 by (rule "Ordinary.∃I")
4221 AOT_thus ‹∃F∃u([F]u & [λz Numbers(z,F)]y & [λz Numbers(z,[F]⇧-⇧u)]x)›
4222 by (rule "∃I")
4223 qed
4224 }
4225 qed
4226 ultimately AOT_have
4227 ‹□∀x ∀y (∃F ∃u ([F]u & [λz Numbers(z,F)]y & [λz Numbers(z,[F]⇧-⇧u)]x) ≡
4228 ∃F ∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u)))›
4229 using "→E" by blast
4230 AOT_thus ‹[λxy ∃F ∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))]↓›
4231 by (rule "safe-ext[2]"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2"
4232qed
4233
4234text‹The following is not part of PLM, but a consequence of extended relation
4235 comprehension and can be used to @{emph ‹derive›} the predecessor axiom.›
4236AOT_theorem numbers_prop_den: ‹[λx Numbers(x,G)]↓›
4237proof (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I"])
4238 AOT_show ‹[λx A!x & [λx ∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)]x]↓›
4239 by "cqt:2"
4240next
4241 AOT_have 0: ‹❙⊢⇩□ [λx ∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)]↓›
4242 proof(safe intro!: Comprehension_3[THEN "→E"] "→I" RN GEN)
4243 AOT_modally_strict {
4244 fix F H
4245 AOT_assume ‹□H ≡⇩E F›
4246 AOT_hence ‹□∀u ([H]u ≡ [F]u)›
4247 by (AOT_subst (reverse) ‹∀u ([H]u ≡ [F]u)› ‹H ≡⇩E F›)
4248 (safe intro!: "eqE"[THEN "≡Df", THEN "≡S"(1), OF "&I"] "cqt:2")
4249 AOT_hence ‹∀u □([H]u ≡ [F]u)›
4250 by (metis "Ordinary.res-var-bound-reas[CBF]" "→E")
4251 AOT_hence ‹□([H]u ≡ [F]u)› for u
4252 using "Ordinary.∀E" by fast
4253 AOT_hence ‹❙𝒜([H]u ≡ [F]u)› for u
4254 by (metis "nec-imp-act" "→E")
4255 AOT_hence ‹❙𝒜([F]u ≡ [H]u)› for u
4256 by (metis "Act-Basic:5" "Commutativity of ≡" "intro-elim:3:b")
4257 AOT_hence ‹[λz ❙𝒜[F]z] ≡⇩E [λz ❙𝒜[H]z]›
4258 by (safe intro!: "eqE"[THEN "≡⇩d⇩fI"] "&I" "cqt:2" Ordinary.GEN;
4259 AOT_subst ‹[λz ❙𝒜[F]z]u› ‹❙𝒜[F]u› for: u F)
4260 (auto intro!: "beta-C-meta"[THEN "→E"] "cqt:2"
4261 "Act-Basic:5"[THEN "≡E"(1)])
4262 AOT_hence ‹[λz ❙𝒜[F]z] ≈⇩E [λz ❙𝒜[H]z]›
4263 by (safe intro!: "apE-eqE:1"[unvarify F G, THEN "→E"] "cqt:2")
4264 AOT_thus ‹[λz ❙𝒜[F]z] ≈⇩E G ≡ [λz ❙𝒜[H]z] ≈⇩E G›
4265 using "≡I" "eq-part:2[terms]" "eq-part:3[terms]" "→E" "→I"
4266 by metis
4267 }
4268 qed
4269 AOT_show ‹□∀x (A!x & [λx ∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)]x ≡ Numbers(x,G))›
4270 proof (safe intro!: RN GEN)
4271 AOT_modally_strict {
4272 fix x
4273 AOT_show ‹A!x & [λx ∀F (x[F] ≡ [λz ❙𝒜[F]z] ≈⇩E G)]x ≡ Numbers(x,G)›
4274 by (AOT_subst_def numbers; AOT_subst_thm "beta-C-meta"[THEN "→E", OF 0])
4275 (auto intro!: "beta-C-meta"[THEN "→E", OF 0] "≡I" "→I" "&I" "cqt:2"
4276 dest: "&E")
4277 }
4278 qed
4279qed
4280
4281text‹The two theorems above allow us to derive
4282 the predecessor axiom of PLM as theorem.›
4283
4284AOT_theorem pred: ‹[λxy ∃F∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))]↓›
4285 using pred_coex numbers_prop_den["∀I" G] "≡E" by blast
4286
4287AOT_define Predecessor :: ‹Π› (‹ℙ›)
4288 "pred-thm:1":
4289 ‹ℙ =⇩d⇩f [λxy ∃F∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))]›
4290
4291AOT_theorem "pred-thm:2": ‹ℙ↓›
4292 using pred "pred-thm:1" "rule-id-df:2:b[zero]" by blast
4293
4294AOT_theorem "pred-thm:3":
4295 ‹[ℙ]xy ≡ ∃F∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))›
4296 by (auto intro!: "beta-C-meta"[unvarify ν⇩1ν⇩n, where τ=‹(_,_)›, THEN "→E",
4297 rotated, OF pred, simplified]
4298 tuple_denotes[THEN "≡⇩d⇩fI"] "&I" "cqt:2" pred
4299 intro: "=⇩d⇩fI"(2)[OF "pred-thm:1"])
4300
4301AOT_theorem "pred-1-1:1": ‹[ℙ]xy → □[ℙ]xy›
4302proof(rule "→I")
4303 AOT_assume ‹[ℙ]xy›
4304 AOT_hence ‹∃F∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))›
4305 using "≡E"(1) "pred-thm:3" by fast
4306 then AOT_obtain F where ‹∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))›
4307 using "∃E"[rotated] by blast
4308 then AOT_obtain u where props: ‹[F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u)›
4309 using "Ordinary.∃E"[rotated] by meson
4310 AOT_obtain G where Ridigifies_G_F: ‹Rigidifies(G, F)›
4311 by (metis "instantiation" "rigid-der:3")
4312 AOT_hence ξ: ‹□∀x([G]x → □[G]x)› and ζ: ‹∀x([G]x ≡ [F]x)›
4313 using "df-rigid-rel:2"[THEN "≡⇩d⇩fE", THEN "&E"(1),
4314 THEN "≡⇩d⇩fE"[OF "df-rigid-rel:1"], THEN "&E"(2)]
4315 "df-rigid-rel:2"[THEN "≡⇩d⇩fE", THEN "&E"(2)] by blast+
4316
4317 AOT_have rigid_num_nec: ‹Numbers(x,F) & Rigidifies(G,F) → □Numbers(x,G)›
4318 for x G F
4319 proof(rule "→I"; frule "&E"(1); drule "&E"(2))
4320 fix G F x
4321 AOT_assume Numbers_xF: ‹Numbers(x,F)›
4322 AOT_assume ‹Rigidifies(G,F)›
4323 AOT_hence ξ: ‹Rigid(G)› and ζ: ‹∀x([G]x ≡ [F]x)›
4324 using "df-rigid-rel:2"[THEN "≡⇩d⇩fE"] "&E" by blast+
4325 AOT_thus ‹□Numbers(x,G)›
4326 proof (safe intro!:
4327 "num-cont:2"[THEN "→E", OF ξ, THEN "qml:2"[axiom_inst, THEN "→E"],
4328 THEN "∀E"(2), THEN "→E"]
4329 "num-tran:3"[THEN "→E", THEN "≡E"(1), rotated, OF Numbers_xF]
4330 eqE[THEN "≡⇩d⇩fI"]
4331 "&I" "cqt:2[const_var]"[axiom_inst] Ordinary.GEN "→I")
4332 AOT_show ‹[F]u ≡ [G]u› for u
4333 using ζ[THEN "∀E"(2)] by (metis "≡E"(6) "oth-class-taut:3:a")
4334 qed
4335 qed
4336 AOT_have ‹□Numbers(y,G)›
4337 using rigid_num_nec[THEN "→E", OF "&I", OF props[THEN "&E"(1), THEN "&E"(2)],
4338 OF Ridigifies_G_F].
4339 moreover {
4340 AOT_have ‹Rigidifies([G]⇧-⇧u, [F]⇧-⇧u)›
4341 proof (safe intro!: "df-rigid-rel:1"[THEN "≡⇩d⇩fI"] "df-rigid-rel:2"[THEN "≡⇩d⇩fI"]
4342 "&I" "F-u[den]" GEN "≡I" "→I")
4343 AOT_have ‹□∀x([G]x → □[G]x) → □∀x([[G]⇧-⇧u]x → □[[G]⇧-⇧u]x)›
4344 proof (rule RM; safe intro!: "→I" GEN)
4345 AOT_modally_strict {
4346 fix x
4347 AOT_assume 0: ‹∀x([G]x → □[G]x)›
4348 AOT_assume 1: ‹[[G]⇧-⇧u]x›
4349 AOT_have ‹[λx [G]x & x ≠⇩E u]x›
4350 apply (rule "F-u"[THEN "=⇩d⇩fE"(1), where τ⇩1τ⇩n="(_,_)", simplified])
4351 apply "cqt:2[lambda]"
4352 by (fact 1)
4353 AOT_hence ‹[G]x & x ≠⇩E u›
4354 by (rule "β→C"(1))
4355 AOT_hence 2: ‹□[G]x› and 3: ‹□x ≠⇩E u›
4356 using "&E" 0[THEN "∀E"(2), THEN "→E"] "id-nec4:1" "≡E"(1) by blast+
4357 AOT_show ‹□[[G]⇧-⇧u]x›
4358 apply (AOT_subst ‹[[G]⇧-⇧u]x› ‹[G]x & x ≠⇩E u›)
4359 apply (rule "F-u"[THEN "=⇩d⇩fI"(1), where τ⇩1τ⇩n="(_,_)", simplified])
4360 apply "cqt:2[lambda]"
4361 apply (rule "beta-C-meta"[THEN "→E"])
4362 apply "cqt:2[lambda]"
4363 using 2 3 "KBasic:3" "≡S"(2) "≡E"(2) by blast
4364 }
4365 qed
4366 AOT_thus ‹□∀x([[G]⇧-⇧u]x → □[[G]⇧-⇧u]x)› using ξ "→E" by blast
4367 next
4368 fix x
4369 AOT_assume ‹[[G]⇧-⇧u]x›
4370 AOT_hence ‹[λx [G]x & x ≠⇩E u]x›
4371 by (auto intro: "F-u"[THEN "=⇩d⇩fE"(1), where τ⇩1τ⇩n="(_,_)", simplified]
4372 intro!: "cqt:2")
4373 AOT_hence ‹[G]x & x ≠⇩E u›
4374 by (rule "β→C"(1))
4375 AOT_hence ‹[F]x & x ≠⇩E u›
4376 using ζ "&I" "&E"(1) "&E"(2) "≡E"(1) "rule-ui:3" by blast
4377 AOT_hence ‹[λx [F]x & x ≠⇩E u]x›
4378 by (auto intro!: "β←C"(1) "cqt:2")
4379 AOT_thus ‹[[F]⇧-⇧u]x›
4380 by (auto intro: "F-u"[THEN "=⇩d⇩fI"(1), where τ⇩1τ⇩n="(_,_)", simplified]
4381 intro!: "cqt:2")
4382 next
4383 fix x
4384 AOT_assume ‹[[F]⇧-⇧u]x›
4385 AOT_hence ‹[λx [F]x & x ≠⇩E u]x›
4386 by (auto intro: "F-u"[THEN "=⇩d⇩fE"(1), where τ⇩1τ⇩n="(_,_)", simplified]
4387 intro!: "cqt:2")
4388 AOT_hence ‹[F]x & x ≠⇩E u›
4389 by (rule "β→C"(1))
4390 AOT_hence ‹[G]x & x ≠⇩E u›
4391 using ζ "&I" "&E"(1) "&E"(2) "≡E"(2) "rule-ui:3" by blast
4392 AOT_hence ‹[λx [G]x & x ≠⇩E u]x›
4393 by (auto intro!: "β←C"(1) "cqt:2")
4394 AOT_thus ‹[[G]⇧-⇧u]x›
4395 by (auto intro: "F-u"[THEN "=⇩d⇩fI"(1), where τ⇩1τ⇩n="(_,_)", simplified]
4396 intro!: "cqt:2")
4397 qed
4398 AOT_hence ‹□Numbers(x,[G]⇧-⇧u)›
4399 using rigid_num_nec[unvarify F G, OF "F-u[den]", OF "F-u[den]", THEN "→E",
4400 OF "&I", OF props[THEN "&E"(2)]] by blast
4401 }
4402 moreover AOT_have ‹□[G]u›
4403 using props[THEN "&E"(1), THEN "&E"(1), THEN ζ[THEN "∀E"(2), THEN "≡E"(2)]]
4404 ξ[THEN "qml:2"[axiom_inst, THEN "→E"], THEN "∀E"(2), THEN "→E"]
4405 by blast
4406 ultimately AOT_have ‹□([G]u & Numbers(y,G) & Numbers(x,[G]⇧-⇧u))›
4407 by (metis "KBasic:3" "&I" "≡E"(2))
4408 AOT_hence ‹∃u (□([G]u & Numbers(y,G) & Numbers(x,[G]⇧-⇧u)))›
4409 by (rule "Ordinary.∃I")
4410 AOT_hence ‹□∃u ([G]u & Numbers(y,G) & Numbers(x,[G]⇧-⇧u))›
4411 using "Ordinary.res-var-bound-reas[Buridan]" "→E" by fast
4412 AOT_hence ‹∃F □∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))›
4413 by (rule "∃I")
4414 AOT_hence 0: ‹□∃F∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))›
4415 using Buridan "vdash-properties:10" by fast
4416 AOT_show ‹□[ℙ]xy›
4417 by (AOT_subst ‹[ℙ]xy› ‹∃F∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))›;
4418 simp add: "pred-thm:3" 0)
4419qed
4420
4421AOT_theorem "pred-1-1:2": ‹Rigid(ℙ)›
4422 by (safe intro!: "df-rigid-rel:1"[THEN "≡⇩d⇩fI"] "pred-thm:2" "&I"
4423 RN tuple_forall[THEN "≡⇩d⇩fI"];
4424 safe intro!: GEN "pred-1-1:1")
4425
4426AOT_theorem "pred-1-1:3": ‹1-1(ℙ)›
4427proof (safe intro!: "df-1-1:1"[THEN "≡⇩d⇩fI"] "pred-thm:2" "&I" GEN "→I";
4428 frule "&E"(1); drule "&E"(2))
4429 fix x y z
4430 AOT_assume ‹[ℙ]xz›
4431 AOT_hence ‹∃F∃u ([F]u & Numbers(z,F) & Numbers(x,[F]⇧-⇧u))›
4432 using "pred-thm:3"[THEN "≡E"(1)] by blast
4433 then AOT_obtain F where ‹∃u ([F]u & Numbers(z,F) & Numbers(x,[F]⇧-⇧u))›
4434 using "∃E"[rotated] by blast
4435 then AOT_obtain u where u_prop: ‹[F]u & Numbers(z,F) & Numbers(x,[F]⇧-⇧u)›
4436 using "Ordinary.∃E"[rotated] by meson
4437 AOT_assume ‹[ℙ]yz›
4438 AOT_hence ‹∃F∃u ([F]u & Numbers(z,F) & Numbers(y,[F]⇧-⇧u))›
4439 using "pred-thm:3"[THEN "≡E"(1)] by blast
4440 then AOT_obtain G where ‹∃u ([G]u & Numbers(z,G) & Numbers(y,[G]⇧-⇧u))›
4441 using "∃E"[rotated] by blast
4442 then AOT_obtain v where v_prop: ‹[G]v & Numbers(z,G) & Numbers(y,[G]⇧-⇧v)›
4443 using "Ordinary.∃E"[rotated] by meson
4444 AOT_show ‹x = y›
4445 proof (rule "pre-Hume"[unvarify G H, OF "F-u[den]", OF "F-u[den]",
4446 THEN "→E", OF "&I", THEN "≡E"(2)])
4447 AOT_show ‹Numbers(x, [F]⇧-⇧u)›
4448 using u_prop "&E" by blast
4449 next
4450 AOT_show ‹Numbers(y, [G]⇧-⇧v)›
4451 using v_prop "&E" by blast
4452 next
4453 AOT_have ‹F ≈⇩E G›
4454 using u_prop[THEN "&E"(1), THEN "&E"(2)]
4455 using v_prop[THEN "&E"(1), THEN "&E"(2)]
4456 using "num-tran:2"[THEN "→E", OF "&I"] by blast
4457 AOT_thus ‹[F]⇧-⇧u ≈⇩E [G]⇧-⇧v›
4458 using u_prop[THEN "&E"(1), THEN "&E"(1)]
4459 using v_prop[THEN "&E"(1), THEN "&E"(1)]
4460 using eqP'[THEN "→E", OF "&I", OF "&I"]
4461 by blast
4462 qed
4463qed
4464
4465AOT_theorem "pred-1-1:4": ‹Rigid⇩1⇩-⇩1(ℙ)›
4466 by (meson "≡⇩d⇩fI" "&I" "df-1-1:2" "pred-1-1:2" "pred-1-1:3")
4467
4468AOT_theorem "assume-anc:1":
4469 ‹[ℙ]⇧* = [λxy ∀F((∀z([ℙ]xz → [F]z) & Hereditary(F,ℙ)) → [F]y)]›
4470 apply (rule "=⇩d⇩fI"(1)[OF "ances-df"])
4471 apply "cqt:2[lambda]"
4472 apply (rule "=I"(1))
4473 by "cqt:2[lambda]"
4474
4475AOT_theorem "assume-anc:2": ‹ℙ⇧*↓›
4476 using "t=t-proper:1" "assume-anc:1" "vdash-properties:10" by blast
4477
4478AOT_theorem "assume-anc:3":
4479 ‹[ℙ⇧*]xy ≡ ∀F((∀z([ℙ]xz → [F]z) & ∀x'∀y'([ℙ]x'y' → ([F]x' → [F]y'))) → [F]y)›
4480proof -
4481 AOT_have prod_den: ‹❙⊢⇩□ «(AOT_term_of_var x⇩1,AOT_term_of_var x⇩2)»↓›
4482 for x⇩1 x⇩2 :: ‹κ AOT_var›
4483 by (simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
4484 AOT_have den: ‹[λxy ∀F((∀z([ℙ]xz → [F]z) & Hereditary(F,ℙ)) → [F]y)]↓›
4485 by "cqt:2[lambda]"
4486 AOT_have 1: ‹[ℙ⇧*]xy ≡ ∀F((∀z([ℙ]xz → [F]z) & Hereditary(F,ℙ)) → [F]y)›
4487 apply (rule "rule=E"[rotated, OF "assume-anc:1"[symmetric]])
4488 by (rule "beta-C-meta"[unvarify ν⇩1ν⇩n, OF prod_den, THEN "→E",
4489 simplified, OF den, simplified])
4490 show ?thesis
4491 apply (AOT_subst (reverse) ‹∀x'∀y' ([ℙ]x'y' → ([F]x' → [F]y'))›
4492 ‹Hereditary(F,ℙ)› for: F :: ‹<κ>›)
4493 using "hered:1"[THEN "≡Df", THEN "≡S"(1), OF "&I", OF "pred-thm:2",
4494 OF "cqt:2[const_var]"[axiom_inst]] apply blast
4495 by (fact 1)
4496qed
4497
4498AOT_theorem "no-pred-0:1": ‹¬∃x [ℙ]x 0›
4499proof(rule "raa-cor:2")
4500 AOT_assume ‹∃x [ℙ]x 0›
4501 then AOT_obtain a where ‹[ℙ]a 0›
4502 using "∃E"[rotated] by blast
4503 AOT_hence ‹∃F∃u ([F]u & Numbers(0, F) & Numbers(a, [F]⇧-⇧u))›
4504 using "pred-thm:3"[unvarify y, OF "zero:2", THEN "≡E"(1)] by blast
4505 then AOT_obtain F where ‹∃u ([F]u & Numbers(0, F) & Numbers(a, [F]⇧-⇧u))›
4506 using "∃E"[rotated] by blast
4507 then AOT_obtain u where ‹[F]u & Numbers(0, F) & Numbers(a, [F]⇧-⇧u)›
4508 using "Ordinary.∃E"[rotated] by meson
4509 AOT_hence ‹[F]u› and num0_F: ‹Numbers(0, F)›
4510 using "&E" "&I" by blast+
4511 AOT_hence ‹∃u [F]u›
4512 using "Ordinary.∃I" by fast
4513 moreover AOT_have ‹¬∃u [F]u›
4514 using num0_F "≡E"(2) "0F:1" by blast
4515 ultimately AOT_show ‹p & ¬p› for p
4516 by (metis "raa-cor:3")
4517qed
4518
4519AOT_theorem "no-pred-0:2": ‹¬∃x [ℙ⇧*]x 0›
4520proof(rule "raa-cor:2")
4521 AOT_assume ‹∃x [ℙ⇧*]x 0›
4522 then AOT_obtain a where ‹[ℙ⇧*]a 0›
4523 using "∃E"[rotated] by blast
4524 AOT_hence ‹∃z [ℙ]z 0›
4525 using "anc-her:5"[unvarify R y, OF "zero:2",
4526 OF "pred-thm:2", THEN "→E"] by auto
4527 AOT_thus ‹∃z [ℙ]z 0 & ¬∃z [ℙ]z 0›
4528 by (metis "no-pred-0:1" "raa-cor:3")
4529qed
4530
4531AOT_theorem "no-pred-0:3": ‹¬[ℙ⇧*]0 0›
4532 by (metis "existential:1" "no-pred-0:2" "reductio-aa:1" "zero:2")
4533
4534AOT_theorem "assume1:1": ‹(=⇩ℙ) = [λxy ∃z ([ℙ]xz & [ℙ]yz)]›
4535 apply (rule "=⇩d⇩fI"(1)[OF "id-d-R"])
4536 apply "cqt:2[lambda]"
4537 apply (rule "=I"(1))
4538 by "cqt:2[lambda]"
4539
4540AOT_theorem "assume1:2": ‹x =⇩ℙ y ≡ ∃z ([ℙ]xz & [ℙ]yz)›
4541proof (rule "rule=E"[rotated, OF "assume1:1"[symmetric]])
4542 AOT_have prod_den: ‹❙⊢⇩□ «(AOT_term_of_var x⇩1,AOT_term_of_var x⇩2)»↓›
4543 for x⇩1 x⇩2 :: ‹κ AOT_var›
4544 by (simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
4545 AOT_have 1: ‹[λxy ∃z ([ℙ]xz & [ℙ]yz)]↓›
4546 by "cqt:2"
4547 AOT_show ‹[λxy ∃z ([ℙ]xz & [ℙ]yz)]xy ≡ ∃z ([ℙ]xz & [ℙ]yz)›
4548 using "beta-C-meta"[THEN "→E", OF 1, unvarify ν⇩1ν⇩n,
4549 OF prod_den, simplified] by blast
4550qed
4551
4552AOT_theorem "assume1:3": ‹[ℙ]⇧+ = [λxy [ℙ]⇧*xy ∨ x =⇩ℙ y]›
4553 apply (rule "=⇩d⇩fI"(1)[OF "w-ances-df"])
4554 apply (simp add: "w-ances-df[den1]")
4555 apply (rule "rule=E"[rotated, OF "assume1:1"[symmetric]])
4556 apply (rule "=⇩d⇩fI"(1)[OF "id-d-R"])
4557 apply "cqt:2[lambda]"
4558 apply (rule "=I"(1))
4559 by "cqt:2[lambda]"
4560
4561AOT_theorem "assume1:4": ‹[ℙ]⇧+↓›
4562 using "w-ances-df[den2]".
4563
4564AOT_theorem "assume1:5": ‹[ℙ]⇧+xy ≡ [ℙ]⇧*xy ∨ x =⇩ℙ y›
4565proof -
4566 AOT_have 0: ‹[λxy [ℙ]⇧*xy ∨ x =⇩ℙ y]↓› by "cqt:2"
4567 AOT_have prod_den: ‹❙⊢⇩□ «(AOT_term_of_var x⇩1, AOT_term_of_var x⇩2)»↓›
4568 for x⇩1 x⇩2 :: ‹κ AOT_var›
4569 by (simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
4570 show ?thesis
4571 apply (rule "rule=E"[rotated, OF "assume1:3"[symmetric]])
4572 using "beta-C-meta"[THEN "→E", OF 0, unvarify ν⇩1ν⇩n, OF prod_den, simplified]
4573 by (simp add: cond_case_prod_eta)
4574qed
4575
4576AOT_define NaturalNumber :: ‹τ› (‹ℕ›)
4577 "nnumber:1": ‹ℕ =⇩d⇩f [λx [ℙ]⇧+0x]›
4578
4579AOT_theorem "nnumber:2": ‹ℕ↓›
4580 by (rule "=⇩d⇩fI"(2)[OF "nnumber:1"]; "cqt:2[lambda]")
4581
4582AOT_theorem "nnumber:3": ‹[ℕ]x ≡ [ℙ]⇧+0x›
4583 apply (rule "=⇩d⇩fI"(2)[OF "nnumber:1"])
4584 apply "cqt:2[lambda]"
4585 apply (rule "beta-C-meta"[THEN "→E"])
4586 by "cqt:2[lambda]"
4587
4588AOT_theorem "0-n": ‹[ℕ]0›
4589proof (safe intro!: "nnumber:3"[unvarify x, OF "zero:2", THEN "≡E"(2)]
4590 "assume1:5"[unvarify x y, OF "zero:2", OF "zero:2", THEN "≡E"(2)]
4591 "∨I"(2) "assume1:2"[unvarify x y, OF "zero:2", OF "zero:2", THEN "≡E"(2)])
4592 fix u
4593 AOT_have den: ‹[λx O!x & x =⇩E u]↓› by "cqt:2[lambda]"
4594 AOT_obtain a where a_prop: ‹Numbers(a, [λx O!x & x =⇩E u])›
4595 using "num:1"[unvarify G, OF den] "∃E"[rotated] by blast
4596 AOT_have ‹[ℙ]0a›
4597 proof (safe intro!: "pred-thm:3"[unvarify x, OF "zero:2", THEN "≡E"(2)]
4598 "∃I"(1)[where τ=‹«[λx O!x & x =⇩E u]»›]
4599 "Ordinary.∃I"[where β=u] "&I" den
4600 "0F:1"[unvarify F, OF "F-u[den]", unvarify F,
4601 OF den, THEN "≡E"(1)])
4602 AOT_show ‹[λx [O!]x & x =⇩E u]u›
4603 by (auto intro!: "β←C"(1) "cqt:2" "&I" "ord=Eequiv:1"[THEN "→E"]
4604 Ordinary.ψ)
4605 next
4606 AOT_show ‹Numbers(a,[λx [O!]x & x =⇩E u])›
4607 using a_prop.
4608 next
4609 AOT_show ‹¬∃v [[λx [O!]x & x =⇩E u]⇧-⇧u]v›
4610 proof(rule "raa-cor:2")
4611 AOT_assume ‹∃v [[λx [O!]x & x =⇩E u]⇧-⇧u]v›
4612 then AOT_obtain v where ‹[[λx [O!]x & x =⇩E u]⇧-⇧u]v›
4613 using "Ordinary.∃E"[rotated] "&E" by blast
4614 AOT_hence ‹[λz [λx [O!]x & x =⇩E u]z & z ≠⇩E u]v›
4615 apply (rule "F-u"[THEN "=⇩d⇩fE"(1), where τ⇩1τ⇩n="(_,_)", simplified, rotated])
4616 by "cqt:2[lambda]"
4617 AOT_hence ‹[λx [O!]x & x =⇩E u]v & v ≠⇩E u›
4618 by (rule "β→C"(1))
4619 AOT_hence ‹v =⇩E u› and ‹v ≠⇩E u›
4620 using "β→C"(1) "&E" by blast+
4621 AOT_hence ‹v =⇩E u & ¬(v =⇩E u)›
4622 by (metis "≡E"(4) "reductio-aa:1" "thm-neg=E")
4623 AOT_thus ‹p & ¬p› for p
4624 by (metis "raa-cor:1")
4625 qed
4626 qed
4627 AOT_thus ‹∃z ([ℙ]0z & [ℙ]0z)›
4628 by (safe intro!: "&I" "∃I"(2)[where β=a])
4629qed
4630
4631AOT_theorem "mod-col-num:1": ‹[ℕ]x → □[ℕ]x›
4632proof(rule "→I")
4633 AOT_have nec0N: ‹[λx □[ℕ]x]0›
4634 by (auto intro!: "β←C"(1) "cqt:2" simp: "zero:2" RN "0-n")
4635 AOT_have 1: ‹[λx □[ℕ]x]0 &
4636 ∀x∀y ([[ℙ]⇧+]0x & [[ℙ]⇧+]0y → ([ℙ]xy → ([λx □[ℕ]x]x → [λx □[ℕ]x]y))) →
4637 ∀x ([[ℙ]⇧+]0x → [λx □[ℕ]x]x)›
4638 by (auto intro!: "cqt:2"
4639 intro: "pre-ind"[unconstrain ℛ, unvarify β, OF "pred-thm:2",
4640 THEN "→E", OF "pred-1-1:4", unvarify z, OF "zero:2",
4641 unvarify F])
4642 AOT_have ‹∀x ([[ℙ]⇧+]0x → [λx □[ℕ]x]x)›
4643 proof (rule 1[THEN "→E"]; safe intro!: "&I" GEN "→I" nec0N;
4644 frule "&E"(1); drule "&E"(2))
4645 fix x y
4646 AOT_assume ‹[ℙ]xy›
4647 AOT_hence 0: ‹□[ℙ]xy›
4648 by (metis "pred-1-1:1" "→E")
4649 AOT_assume ‹[λx □[ℕ]x]x›
4650 AOT_hence ‹□[ℕ]x›
4651 by (rule "β→C"(1))
4652 AOT_hence ‹□([ℙ]xy & [ℕ]x)›
4653 by (metis "0" "KBasic:3" Adjunction "≡E"(2) "→E")
4654 moreover AOT_have ‹□([ℙ]xy & [ℕ]x) → □[ℕ]y›
4655 proof (rule RM; rule "→I"; frule "&E"(1); drule "&E"(2))
4656 AOT_modally_strict {
4657 AOT_assume 0: ‹[ℙ]xy›
4658 AOT_assume ‹[ℕ]x›
4659 AOT_hence 1: ‹[[ℙ]⇧+]0x›
4660 by (metis "≡E"(1) "nnumber:3")
4661 AOT_show ‹[ℕ]y›
4662 apply (rule "nnumber:3"[THEN "≡E"(2)])
4663 apply (rule "assume1:5"[unvarify x, OF "zero:2", THEN "≡E"(2)])
4664 apply (rule "∨I"(1))
4665 apply (rule "w-ances-her:3"[unconstrain ℛ, unvarify β, OF "pred-thm:2",
4666 THEN "→E", OF "pred-1-1:4", unvarify x,
4667 OF "zero:2", THEN "→E"])
4668 apply (rule "&I")
4669 apply (fact 1)
4670 by (fact 0)
4671 }
4672 qed
4673 ultimately AOT_have ‹□[ℕ]y›
4674 by (metis "→E")
4675 AOT_thus ‹[λx □[ℕ]x]y›
4676 by (auto intro!: "β←C"(1) "cqt:2")
4677 qed
4678 AOT_hence 0: ‹[[ℙ]⇧+]0x → [λx □[ℕ]x]x›
4679 using "∀E"(2) by blast
4680 AOT_assume ‹[ℕ]x›
4681 AOT_hence ‹[[ℙ]⇧+]0x›
4682 by (metis "≡E"(1) "nnumber:3")
4683 AOT_hence ‹[λx □[ℕ]x]x›
4684 using 0[THEN "→E"] by blast
4685 AOT_thus ‹□[ℕ]x›
4686 by (rule "β→C"(1))
4687qed
4688
4689AOT_theorem "mod-col-num:2": ‹Rigid(ℕ)›
4690 by (safe intro!: "df-rigid-rel:1"[THEN "≡⇩d⇩fI"] "&I" RN GEN
4691 "mod-col-num:1" "nnumber:2")
4692
4693AOT_register_rigid_restricted_type
4694 Number: ‹[ℕ]κ›
4695proof
4696 AOT_modally_strict {
4697 AOT_show ‹∃x [ℕ]x›
4698 by (rule "∃I"(1)[where τ=‹«0»›]; simp add: "0-n" "zero:2")
4699 }
4700next
4701 AOT_modally_strict {
4702 AOT_show ‹[ℕ]κ → κ↓› for κ
4703 by (simp add: "→I" "cqt:5:a[1]"[axiom_inst, THEN "→E", THEN "&E"(2)])
4704 }
4705next
4706 AOT_modally_strict {
4707 AOT_show ‹∀x([ℕ]x → □[ℕ]x)›
4708 by (simp add: GEN "mod-col-num:1")
4709 }
4710qed
4711AOT_register_variable_names
4712 Number: m n k i j
4713
4714AOT_theorem "0-pred": ‹¬∃n [ℙ]n 0›
4715proof (rule "raa-cor:2")
4716 AOT_assume ‹∃n [ℙ]n 0›
4717 then AOT_obtain n where ‹[ℙ]n 0›
4718 using "Number.∃E"[rotated] by meson
4719 AOT_hence ‹∃x [ℙ]x 0›
4720 using "&E" "∃I" by fast
4721 AOT_thus ‹∃x [ℙ]x 0 & ¬∃x [ℙ]x 0›
4722 using "no-pred-0:1" "&I" by auto
4723qed
4724
4725AOT_theorem "no-same-succ":
4726 ‹∀n∀m∀k([ℙ]nk & [ℙ]mk → n = m)›
4727proof(safe intro!: Number.GEN "→I")
4728 fix n m k
4729 AOT_assume ‹[ℙ]nk & [ℙ]mk›
4730 AOT_thus ‹n = m›
4731 by (safe intro!: "cqt:2[const_var]"[axiom_inst] "df-1-1:3"[
4732 unvarify R, OF "pred-thm:2",
4733 THEN "→E", OF "pred-1-1:4", THEN "qml:2"[axiom_inst, THEN "→E"],
4734 THEN "≡⇩d⇩fE"[OF "df-1-1:1"], THEN "&E"(2), THEN "∀E"(1), THEN "∀E"(1),
4735 THEN "∀E"(1)[where τ=‹AOT_term_of_var (Number.Rep k)›], THEN "→E"])
4736qed
4737
4738AOT_theorem induction:
4739 ‹∀F([F]0 & ∀n∀m([ℙ]nm → ([F]n → [F]m)) → ∀n[F]n)›
4740proof (safe intro!: GEN[where 'a=‹<κ>›] Number.GEN "&I" "→I";
4741 frule "&E"(1); drule "&E"(2))
4742 fix F n
4743 AOT_assume F0: ‹[F]0›
4744 AOT_assume 0: ‹∀n∀m([ℙ]nm → ([F]n → [F]m))›
4745 {
4746 fix x y
4747 AOT_assume ‹[[ℙ]⇧+]0x & [[ℙ]⇧+]0y›
4748 AOT_hence ‹[ℕ]x› and ‹[ℕ]y›
4749 using "&E" "≡E"(2) "nnumber:3" by blast+
4750 moreover AOT_assume ‹[ℙ]xy›
4751 moreover AOT_assume ‹[F]x›
4752 ultimately AOT_have ‹[F]y›
4753 using 0[THEN "∀E"(2), THEN "→E", THEN "∀E"(2), THEN "→E",
4754 THEN "→E", THEN "→E"] by blast
4755 } note 1 = this
4756 AOT_have 0: ‹[[ℙ]⇧+]0n›
4757 by (metis "≡E"(1) "nnumber:3" Number.ψ)
4758 AOT_show ‹[F]n›
4759 apply (rule "pre-ind"[unconstrain ℛ, unvarify β, THEN "→E", OF "pred-thm:2",
4760 OF "pred-1-1:4", unvarify z, OF "zero:2", THEN "→E",
4761 THEN "∀E"(2), THEN "→E"];
4762 safe intro!: 0 "&I" GEN "→I" F0)
4763 using 1 by blast
4764qed
4765
4766AOT_theorem "suc-num:1": ‹[ℙ]nx → [ℕ]x›
4767proof(rule "→I")
4768 AOT_have ‹[[ℙ]⇧+]0 n›
4769 by (meson Number.ψ "≡E"(1) "nnumber:3")
4770 moreover AOT_assume ‹[ℙ]nx›
4771 ultimately AOT_have ‹[[ℙ]⇧*]0 x›
4772 using "w-ances-her:3"[unconstrain ℛ, unvarify β, OF "pred-thm:2", THEN "→E",
4773 OF "pred-1-1:4", unvarify x, OF "zero:2",
4774 THEN "→E", OF "&I"]
4775 by blast
4776 AOT_hence ‹[[ℙ]⇧+]0 x›
4777 using "assume1:5"[unvarify x, OF "zero:2", THEN "≡E"(2), OF "∨I"(1)]
4778 by blast
4779 AOT_thus ‹[ℕ]x›
4780 by (metis "≡E"(2) "nnumber:3")
4781qed
4782
4783AOT_theorem "suc-num:2": ‹[[ℙ]⇧*]nx → [ℕ]x›
4784proof(rule "→I")
4785 AOT_have ‹[[ℙ]⇧+]0 n›
4786 using Number.ψ "≡E"(1) "nnumber:3" by blast
4787 AOT_assume ‹[[ℙ]⇧*]n x›
4788 AOT_hence ‹∀F (∀z ([ℙ]nz → [F]z) & ∀x'∀y' ([ℙ]x'y' → ([F]x' → [F]y')) → [F]x)›
4789 using "assume-anc:3"[THEN "≡E"(1)] by blast
4790 AOT_hence θ: ‹∀z ([ℙ]nz → [ℕ]z) & ∀x'∀y' ([ℙ]x'y' → ([ℕ]x' → [ℕ]y')) → [ℕ]x›
4791 using "∀E"(1) "nnumber:2" by blast
4792 AOT_show ‹[ℕ]x›
4793 proof (safe intro!: θ[THEN "→E"] GEN "→I" "&I")
4794 AOT_show ‹[ℕ]z› if ‹[ℙ]nz› for z
4795 using Number.ψ "suc-num:1" that "→E" by blast
4796 next
4797 AOT_show ‹[ℕ]y› if ‹[ℙ]xy› and ‹[ℕ]x› for x y
4798 using "suc-num:1"[unconstrain n, THEN "→E"] that "→E" by blast
4799 qed
4800qed
4801
4802AOT_theorem "suc-num:3": ‹[ℙ]⇧+nx → [ℕ]x›
4803proof (rule "→I")
4804 AOT_assume ‹[ℙ]⇧+nx›
4805 AOT_hence ‹[ℙ]⇧*nx ∨ n =⇩ℙ x›
4806 by (metis "assume1:5" "≡E"(1))
4807 moreover {
4808 AOT_assume ‹[ℙ]⇧*nx›
4809 AOT_hence ‹[ℕ]x›
4810 by (metis "suc-num:2" "→E")
4811 }
4812 moreover {
4813 AOT_assume ‹n =⇩ℙ x›
4814 AOT_hence ‹n = x›
4815 using "id-R-thm:3"[unconstrain ℛ, unvarify β, OF "pred-thm:2",
4816 THEN "→E", OF "pred-1-1:4", THEN "→E"] by blast
4817 AOT_hence ‹[ℕ]x›
4818 by (metis "rule=E" Number.ψ)
4819 }
4820 ultimately AOT_show ‹[ℕ]x›
4821 by (metis "∨E"(3) "reductio-aa:1")
4822qed
4823
4824AOT_theorem "pred-num": ‹[ℙ]xn → [ℕ]x›
4825proof (rule "→I")
4826 AOT_assume 0: ‹[ℙ]xn›
4827 AOT_have ‹[[ℙ]⇧+]0 n›
4828 using Number.ψ "≡E"(1) "nnumber:3" by blast
4829 AOT_hence ‹[[ℙ]⇧*]0 n ∨ 0 =⇩ℙ n›
4830 using "assume1:5"[unvarify x, OF "zero:2"] by (metis "≡E"(1))
4831 moreover {
4832 AOT_assume ‹0 =⇩ℙ n›
4833 AOT_hence ‹∃z ([ℙ]0z & [ℙ]nz)›
4834 using "assume1:2"[unvarify x, OF "zero:2", THEN "≡E"(1)] by blast
4835 then AOT_obtain a where ‹[ℙ]0a & [ℙ]na› using "∃E"[rotated] by blast
4836 AOT_hence ‹0 = n›
4837 using "pred-1-1:3"[THEN "df-1-1:1"[THEN "≡⇩d⇩fE"], THEN "&E"(2),
4838 THEN "∀E"(1), OF "zero:2", THEN "∀E"(2),
4839 THEN "∀E"(2), THEN "→E"] by blast
4840 AOT_hence ‹[ℙ]x 0›
4841 using 0 "rule=E" id_sym by fast
4842 AOT_hence ‹∃x [ℙ]x 0›
4843 by (rule "∃I")
4844 AOT_hence ‹∃x [ℙ]x 0 & ¬∃x [ℙ]x 0›
4845 by (metis "no-pred-0:1" "raa-cor:3")
4846 }
4847 ultimately AOT_have ‹[[ℙ]⇧*]0n›
4848 by (metis "∨E"(3) "raa-cor:1")
4849 AOT_hence ‹∃z ([[ℙ]⇧+]0z & [ℙ]zn)›
4850 using "w-ances-her:7"[unconstrain ℛ, unvarify β, OF "pred-thm:2",
4851 THEN "→E", OF "pred-1-1:4", unvarify x,
4852 OF "zero:2", THEN "→E"] by blast
4853 then AOT_obtain b where b_prop: ‹[[ℙ]⇧+]0b & [ℙ]bn›
4854 using "∃E"[rotated] by blast
4855 AOT_hence ‹[ℕ]b›
4856 by (metis "&E"(1) "≡E"(2) "nnumber:3")
4857 moreover AOT_have ‹x = b›
4858 using "pred-1-1:3"[THEN "df-1-1:1"[THEN "≡⇩d⇩fE"], THEN "&E"(2),
4859 THEN "∀E"(2), THEN "∀E"(2), THEN "∀E"(2), THEN "→E",
4860 OF "&I", OF 0, OF b_prop[THEN "&E"(2)]].
4861 ultimately AOT_show ‹[ℕ]x›
4862 using "rule=E" id_sym by fast
4863qed
4864
4865AOT_theorem "nat-card": ‹[ℕ]x → NaturalCardinal(x)›
4866proof(rule "→I")
4867 AOT_assume ‹[ℕ]x›
4868 AOT_hence ‹[[ℙ]⇧+]0x›
4869 by (metis "≡E"(1) "nnumber:3")
4870 AOT_hence ‹[[ℙ]⇧*]0x ∨ 0 =⇩ℙ x›
4871 using "assume1:5"[unvarify x, OF "zero:2", THEN "≡E"(1)] by blast
4872 moreover {
4873 AOT_assume ‹[[ℙ]⇧*]0x›
4874 then AOT_obtain a where ‹[ℙ]ax›
4875 using "anc-her:5"[unvarify R x, OF "zero:2", OF "pred-thm:2", THEN "→E"]
4876 "∃E"[rotated] by blast
4877 AOT_hence ‹∃F∃u ([F]u & Numbers(x,F) & Numbers(a,[F]⇧-⇧u))›
4878 using "pred-thm:3"[THEN "≡E"(1)] by blast
4879 then AOT_obtain F where ‹∃u ([F]u & Numbers(x,F) & Numbers(a,[F]⇧-⇧u))›
4880 using "∃E"[rotated] by blast
4881 then AOT_obtain u where ‹[F]u & Numbers(x,F) & Numbers(a,[F]⇧-⇧u)›
4882 using "Ordinary.∃E"[rotated] by meson
4883 AOT_hence ‹NaturalCardinal(x)›
4884 using "eq-num:6"[THEN "→E"] "&E" by blast
4885 }
4886 moreover {
4887 AOT_assume ‹0 =⇩ℙ x›
4888 AOT_hence ‹0 = x›
4889 using "id-R-thm:3"[unconstrain ℛ, unvarify β, OF "pred-thm:2",
4890 THEN "→E", OF "pred-1-1:4", unvarify x,
4891 OF "zero:2", THEN "→E"] by blast
4892 AOT_hence ‹NaturalCardinal(x)›
4893 by (metis "rule=E" "zero-card")
4894 }
4895 ultimately AOT_show ‹NaturalCardinal(x)›
4896 by (metis "∨E"(2) "raa-cor:1")
4897qed
4898
4899AOT_theorem "pred-func:1": ‹[ℙ]xy & [ℙ]xz → y = z›
4900proof (rule "→I"; frule "&E"(1); drule "&E"(2))
4901 AOT_assume ‹[ℙ]xy›
4902 AOT_hence ‹∃F∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))›
4903 using "pred-thm:3"[THEN "≡E"(1)] by blast
4904 then AOT_obtain F where ‹∃u ([F]u & Numbers(y,F) & Numbers(x,[F]⇧-⇧u))›
4905 using "∃E"[rotated] by blast
4906 then AOT_obtain a where
4907 Oa: ‹O!a›
4908 and a_prop: ‹[F]a & Numbers(y,F) & Numbers(x,[F]⇧-⇧a)›
4909 using "∃E"[rotated] "&E" by blast
4910 AOT_assume ‹[ℙ]xz›
4911 AOT_hence ‹∃F∃u ([F]u & Numbers(z,F) & Numbers(x,[F]⇧-⇧u))›
4912 using "pred-thm:3"[THEN "≡E"(1)] by blast
4913 then AOT_obtain G where ‹∃u ([G]u & Numbers(z,G) & Numbers(x,[G]⇧-⇧u))›
4914 using "∃E"[rotated] by blast
4915 then AOT_obtain b where Ob: ‹O!b›
4916 and b_prop: ‹[G]b & Numbers(z,G) & Numbers(x,[G]⇧-⇧b)›
4917 using "∃E"[rotated] "&E" by blast
4918 AOT_have ‹[F]⇧-⇧a ≈⇩E [G]⇧-⇧b›
4919 using "num-tran:2"[unvarify G H, OF "F-u[den]", OF "F-u[den]",
4920 THEN "→E", OF "&I", OF a_prop[THEN "&E"(2)],
4921 OF b_prop[THEN "&E"(2)]].
4922 AOT_hence ‹F ≈⇩E G›
4923 using "P'-eq"[unconstrain u, THEN "→E", OF Oa, unconstrain v, THEN "→E",
4924 OF Ob, THEN "→E", OF "&I", OF "&I"]
4925 a_prop[THEN "&E"(1), THEN "&E"(1)]
4926 b_prop[THEN "&E"(1), THEN "&E"(1)] by blast
4927 AOT_thus ‹y = z›
4928 using "pre-Hume"[THEN "→E", THEN "≡E"(2), OF "&I",
4929 OF a_prop[THEN "&E"(1), THEN "&E"(2)],
4930 OF b_prop[THEN "&E"(1), THEN "&E"(2)]]
4931 by blast
4932qed
4933
4934AOT_theorem "pred-func:2": ‹[ℙ]nm & [ℙ]nk → m = k›
4935 using "pred-func:1".
4936
4937AOT_theorem being_number_of_den: ‹[λx x = #G]↓›
4938proof (rule "safe-ext"[axiom_inst, THEN "→E"]; safe intro!: "&I" GEN RN)
4939 AOT_show ‹[λx Numbers(x,[λz ❙𝒜[G]z])]↓›
4940 by (rule numbers_prop_den[unvarify G]) "cqt:2[lambda]"
4941next
4942 AOT_modally_strict {
4943 AOT_show ‹Numbers(x,[λz ❙𝒜[G]z]) ≡ x = #G› for x
4944 using "eq-num:2".
4945 }
4946qed
4947
4948axiomatization ω_nat :: ‹ω ⇒ nat› where ω_nat: ‹surj ω_nat›
4949text‹Unfortunately, since the axiom requires the type @{typ ω}
4950 to have an infinite domain, @{command nitpick} can only find a potential model
4951 and no genuine model.
4952 However, since we could trivially choose @{typ ω} as a copy of @{typ nat},
4953 we can still be assured that above axiom is consistent.›
4954lemma ‹True› nitpick[satisfy, user_axioms, card nat=1, expect = potential] ..
4955
4956AOT_axiom "modal-axiom":
4957 ‹∃x([ℕ]x & x = #G) → ◇∃y([E!]y & ∀u (❙𝒜[G]u → u ≠⇩E y))›
4958proof(rule AOT_model_axiomI) AOT_modally_strict {
4959 text‹The actual extension on the ordinary objects of a property is the
4960 set of ordinary urelements that exemplifies the property in the
4961 designated actual world.›
4962 define act_ωext :: ‹<κ> ⇒ ω set› where
4963 ‹act_ωext ≡ λ Π . {x :: ω . [w⇩0 ⊨ [Π]«ωκ x»]}›
4964 text‹Encoding a property with infinite actual extension on the ordinary objects
4965 denotes a property by extended relation comprehension.›
4966 AOT_have enc_finite_act_ωext_den:
4967 ‹❙⊢⇩□ [λx ∃F(¬«ε⇩𝗈 w. finite (act_ωext F)» & x[F])]↓›
4968 proof(safe intro!: Comprehension_1[THEN "→E"] RN GEN "→I")
4969 AOT_modally_strict {
4970 fix F G
4971 AOT_assume ‹□G ≡⇩E F›
4972 AOT_hence ‹❙𝒜G ≡⇩E F›
4973 using "nec-imp-act"[THEN "→E"] by blast
4974 AOT_hence ‹❙𝒜(G↓ & F↓ & ∀u([G]u ≡ [F]u))›
4975 by (AOT_subst_def (reverse) eqE)
4976 hence ‹[w⇩0 ⊨ [G]«ωκ x»] = [w⇩0 ⊨ [F]«ωκ x»]› for x
4977 by (auto dest!: "∀E"(1) "→E"
4978 simp: AOT_model_denotes_κ_def AOT_sem_denotes AOT_sem_conj
4979 AOT_model_ωκ_ordinary AOT_sem_act AOT_sem_equiv)
4980 AOT_thus ‹¬«ε⇩𝗈 w. finite (act_ωext (AOT_term_of_var F))» ≡
4981 ¬«ε⇩𝗈 w. finite (act_ωext (AOT_term_of_var G))»›
4982 by (simp add: AOT_sem_not AOT_sem_equiv act_ωext_def
4983 AOT_model_proposition_choice_simp)
4984 }
4985 qed
4986 text‹By coexistence, encoding only properties with finite actual extension
4987 on the ordinary objects denotes.›
4988 AOT_have ‹[λx ∀F(x[F] → «ε⇩𝗈 w. finite (act_ωext F)»)]↓›
4989 proof(rule "safe-ext"[axiom_inst, THEN "→E"]; safe intro!: "&I" RN GEN)
4990 AOT_show ‹[λx ¬[λx ∃F(¬«ε⇩𝗈 w. finite (act_ωext F)» & x[F])]x]↓›
4991 by "cqt:2"
4992 next
4993 AOT_modally_strict {
4994 fix x
4995 AOT_show ‹¬[λx ∃F (¬«ε⇩𝗈 w. finite (act_ωext F)» & x[F])]x ≡
4996 ∀F(x[F] → «ε⇩𝗈 w. finite (act_ωext F)»)›
4997 by (AOT_subst ‹[λx ∃F (¬«ε⇩𝗈 w. finite (act_ωext F)» & x[F])]x›
4998 ‹∃F (¬«ε⇩𝗈 w. finite (act_ωext F)» & x[F])›;
4999 (rule "beta-C-meta"[THEN "→E"])?)
5000 (auto simp: enc_finite_act_ωext_den AOT_sem_equiv AOT_sem_not
5001 AOT_sem_forall AOT_sem_imp AOT_sem_conj AOT_sem_exists)
5002 }
5003 qed
5004 text‹We show by induction that any property encoded by a natural number
5005 has a finite actual extension on the ordinary objects.›
5006 AOT_hence ‹[λx ∀F(x[F] → «ε⇩𝗈 w. finite (act_ωext F)»)]n› for n
5007 proof(rule induction[THEN "∀E"(1), THEN "→E", THEN "Number.∀E"];
5008 safe intro!: "&I" "Number.GEN" "β←C" "zero:2" "→I" "cqt:2"
5009 dest!: "β→C")
5010 AOT_show ‹∀F(0[F] → «ε⇩𝗈 w. finite (act_ωext F)»)›
5011 proof(safe intro!: GEN "→I")
5012 fix F
5013 AOT_assume ‹0[F]›
5014 AOT_actually {
5015 AOT_hence ‹¬∃u [F]u›
5016 using "zero=:2" "intro-elim:3:a" AOT_sem_enc_nec by blast
5017 AOT_hence ‹∀x ¬(O!x & [F]x)›
5018 using "cqt-further:4" "vdash-properties:10" by blast
5019 hence ‹¬([w⇩0 ⊨ [F]«ωκ x»])› for x
5020 by (auto dest!: "∀E"(1)[where τ=‹ωκ x›]
5021 simp: AOT_sem_not AOT_sem_conj AOT_model_ωκ_ordinary
5022 "russell-axiom[exe,1].ψ_denotes_asm")
5023 }
5024 AOT_thus ‹«ε⇩𝗈 w. finite (act_ωext (AOT_term_of_var F))»›
5025 by (auto simp: AOT_model_proposition_choice_simp act_ωext_def)
5026 qed
5027 next
5028 fix n m
5029 AOT_assume ‹[ℙ]nm›
5030 AOT_hence ‹∃F∃u ([F]u & Numbers(m,F) & Numbers(n,[F]⇧-⇧u))›
5031 using "pred-thm:3"[THEN "≡E"(1)] by blast
5032 then AOT_obtain G where ‹∃u ([G]u & Numbers(m,G) & Numbers(n,[G]⇧-⇧u))›
5033 using "∃E"[rotated] by blast
5034 then AOT_obtain u where 0: ‹[G]u & Numbers(m,G) & Numbers(n,[G]⇧-⇧u)›
5035 using "Ordinary.∃E"[rotated] by meson
5036
5037 AOT_assume n_prop: ‹∀F(n[F] → «ε⇩𝗈 w. finite (act_ωext F)»)›
5038 AOT_show ‹∀F(m[F] → «ε⇩𝗈 w. finite (act_ωext F)»)›
5039 proof(safe intro!: GEN "→I")
5040 fix F
5041 AOT_assume ‹m[F]›
5042 AOT_hence 1: ‹[λx ❙𝒜[F]x] ≈⇩E G›
5043 using 0[THEN "&E"(1), THEN "&E"(2), THEN numbers[THEN "≡⇩d⇩fE"],
5044 THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)] by auto
5045 AOT_show ‹«ε⇩𝗈 w. finite (act_ωext (AOT_term_of_var F))»›
5046 proof(rule "raa-cor:1")
5047 AOT_assume ‹¬«ε⇩𝗈 w. finite (act_ωext (AOT_term_of_var F))»›
5048 hence inf: ‹infinite (act_ωext (AOT_term_of_var F))›
5049 by (auto simp: AOT_sem_not AOT_model_proposition_choice_simp)
5050 then AOT_obtain v where act_F_v: ‹❙𝒜[F]v›
5051 unfolding AOT_sem_act act_ωext_def
5052 by (metis AOT_term_of_var_cases AOT_model_ωκ_ordinary
5053 AOT_model_denotes_κ_def Ordinary.Rep_cases κ.disc(7)
5054 mem_Collect_eq not_finite_existsD)
5055 AOT_hence ‹[λx ❙𝒜[F]x]v›
5056 by (safe intro!: "β←C" "cqt:2")
5057 AOT_hence ‹[λx ❙𝒜[F]x]⇧-⇧v ≈⇩E [G]⇧-⇧u›
5058 by (safe intro!: eqP'[unvarify F, THEN "→E"] "&I" "cqt:2" 1
5059 0[THEN "&E"(1), THEN "&E"(1)])
5060 moreover AOT_have ‹[λx ❙𝒜[F]x]⇧-⇧v ≈⇩E [λx ❙𝒜[λy [F]y & y ≠⇩E v]x]›
5061 proof(safe intro!: "apE-eqE:1"[unvarify F G, THEN "→E"] "cqt:2"
5062 "F-u[den]"[unvarify F] eqE[THEN "≡⇩d⇩fI"] "&I"
5063 Ordinary.GEN)
5064 fix u
5065 AOT_have ‹[λx [λx ❙𝒜[F]x]x & x ≠⇩E v]u ≡ [λx ❙𝒜[F]x]u & u ≠⇩E v›
5066 by (safe intro!: "beta-C-meta"[THEN "→E"] "cqt:2")
5067 also AOT_have ‹[λx ❙𝒜[F]x]u & u ≠⇩E v ≡ ❙𝒜[F]u & u ≠⇩E v›
5068 by (AOT_subst ‹[λx ❙𝒜[F]x]u› ‹❙𝒜[F]u›)
5069 (safe intro!: "beta-C-meta"[THEN "→E"] "cqt:2"
5070 "oth-class-taut:3:a")
5071 also AOT_have ‹❙𝒜[F]u & u ≠⇩E v ≡ ❙𝒜([F]u & u ≠⇩E v)›
5072 using "id-act2:2" AOT_sem_conj AOT_sem_equiv AOT_sem_act by auto
5073 also AOT_have ‹❙𝒜([F]u & u ≠⇩E v) ≡ ❙𝒜[λy [F]y & y ≠⇩E v]u›
5074 by (AOT_subst ‹[λy [F]y & y ≠⇩E v]u› ‹[F]u & u ≠⇩E v›)
5075 (safe intro!: "beta-C-meta"[THEN "→E"] "cqt:2"
5076 "oth-class-taut:3:a")
5077 also AOT_have ‹❙𝒜[λy [F]y & y ≠⇩E v]u ≡ [λx ❙𝒜[λy [F]y & y ≠⇩E v]x]u›
5078 by (safe intro!: "beta-C-meta"[THEN "→E", symmetric] "cqt:2")
5079 finally AOT_show ‹[[λx ❙𝒜[F]x]⇧-⇧v]u ≡ [λx ❙𝒜[λy [F]y & y ≠⇩E v]x]u›
5080 by (auto intro!: "cqt:2"
5081 intro: "rule-id-df:2:b"[OF "F-u", where τ⇩1τ⇩n=‹(_,_)›, simplified])
5082 qed
5083 ultimately AOT_have ‹[λx ❙𝒜[λy [F]y & y ≠⇩E v]x] ≈⇩E [G]⇧-⇧u›
5084 using "eq-part:2[terms]" "eq-part:3[terms]" "→E" by blast
5085 AOT_hence ‹n[λy [F]y & y ≠⇩E v]›
5086 by (safe intro!: 0[THEN "&E"(2), THEN numbers[THEN "≡⇩d⇩fE"],
5087 THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(2)] "cqt:2")
5088 hence finite: ‹finite (act_ωext «[λy [F]y & y ≠⇩E v]»)›
5089 by (safe intro!: n_prop[THEN "∀E"(1), THEN "→E",
5090 simplified AOT_model_proposition_choice_simp]
5091 "cqt:2")
5092 obtain y where y_def: ‹ωκ y = AOT_term_of_var (Ordinary.Rep v)›
5093 by (metis AOT_model_ordinary_ωκ Ordinary.restricted_var_condition)
5094 AOT_actually {
5095 fix x
5096 AOT_assume ‹[λy [F]y & y ≠⇩E v]«ωκ x»›
5097 AOT_hence ‹[F]«ωκ x»›
5098 by (auto dest!: "β→C" "&E"(1))
5099 }
5100 moreover AOT_actually {
5101 AOT_have ‹[F]«ωκ y»›
5102 unfolding y_def using act_F_v AOT_sem_act by blast
5103 }
5104 moreover AOT_actually {
5105 fix x
5106 assume noteq: ‹x ≠ y›
5107 AOT_assume ‹[F]«ωκ x»›
5108 moreover AOT_have ωκ_x_den: ‹«ωκ x»↓›
5109 using AOT_sem_exe calculation by blast
5110 moreover {
5111 AOT_have ‹¬(«ωκ x» =⇩E v)›
5112 proof(rule "raa-cor:2")
5113 AOT_assume ‹«ωκ x» =⇩E v›
5114 AOT_hence ‹«ωκ x» = v›
5115 using "=E-simple:2"[unvarify x, THEN "→E", OF ωκ_x_den]
5116 by blast
5117 hence ‹ωκ x = ωκ y›
5118 unfolding y_def AOT_sem_eq
5119 by meson
5120 hence ‹x = y›
5121 by blast
5122 AOT_thus ‹p & ¬p› for p using noteq by blast
5123 qed
5124 AOT_hence ‹«ωκ x» ≠⇩E v›
5125 by (safe intro!: "thm-neg=E"[unvarify x, THEN "≡E"(2)] ωκ_x_den)
5126 }
5127 ultimately AOT_have ‹[λy [F]y & y ≠⇩E v]«ωκ x»›
5128 by (auto intro!: "β←C" "cqt:2" "&I")
5129 }
5130 ultimately have ‹(insert y (act_ωext «[λy [F]y & y ≠⇩E v]»)) =
5131 (act_ωext (AOT_term_of_var F))›
5132 unfolding act_ωext_def
5133 by auto
5134 hence ‹finite (act_ωext (AOT_term_of_var F))›
5135 using finite finite.insertI by metis
5136 AOT_thus ‹p & ¬p› for p
5137 using inf by blast
5138 qed
5139 qed
5140 qed
5141 AOT_hence nat_enc_finite: ‹∀F(n[F] → «ε⇩𝗈 w. finite (act_ωext F)»)› for n
5142 using "β→C"(1) by blast
5143
5144 text‹The main proof can now generate a witness, since we required
5145 the domain of ordinary objects to be infinite.›
5146 AOT_show ‹∃x ([ℕ]x & x = #G) → ◇∃y (E!y & ∀u (❙𝒜[G]u → u ≠⇩E y))›
5147 proof(safe intro!: "→I")
5148 AOT_assume ‹∃x ([ℕ]x & x = #G)›
5149 then AOT_obtain n where ‹n = #G›
5150 using "Number.∃E"[rotated] by meson
5151 AOT_hence ‹Numbers(n,[λx ❙𝒜[G]x])›
5152 using "eq-num:3" "rule=E" id_sym by fast
5153 AOT_hence ‹n[G]›
5154 by (auto intro!: numbers[THEN "≡⇩d⇩fE", THEN "&E"(2),
5155 THEN "∀E"(2), THEN "≡E"(2)]
5156 "eq-part:1"[unvarify F] "cqt:2")
5157 AOT_hence ‹«ε⇩𝗈 w. finite (act_ωext (AOT_term_of_var G))»›
5158 using nat_enc_finite[THEN "∀E"(2), THEN "→E"] by blast
5159 hence finite: ‹finite (act_ωext (AOT_term_of_var G))›
5160 by (auto simp: AOT_model_proposition_choice_simp)
5161 AOT_have ‹∃u ¬❙𝒜[G]u›
5162 proof(rule "raa-cor:1")
5163 AOT_assume ‹¬∃u ¬❙𝒜[G]u›
5164 AOT_hence ‹∀x ¬(O!x & ¬❙𝒜[G]x)›
5165 by (metis "cqt-further:4" "→E")
5166 AOT_hence ‹❙𝒜[G]x› if ‹O!x› for x
5167 using "∀E"(2) AOT_sem_conj AOT_sem_not that by blast
5168 hence ‹[w⇩0 ⊨ [G]«ωκ x»]› for x
5169 by (metis AOT_term_of_var_cases AOT_model_ωκ_ordinary
5170 AOT_model_denotes_κ_def AOT_sem_act κ.disc(7))
5171 hence ‹(act_ωext (AOT_term_of_var G)) = UNIV›
5172 unfolding act_ωext_def by auto
5173 moreover have ‹infinite (UNIV::ω set)›
5174 by (metis ω_nat finite_imageI infinite_UNIV_char_0)
5175 ultimately have ‹infinite (act_ωext (AOT_term_of_var G))›
5176 by simp
5177 AOT_thus ‹p & ¬p› for p using finite by blast
5178 qed
5179 then AOT_obtain x where x_prop: ‹O!x & ¬❙𝒜[G]x›
5180 using "∃E"[rotated] by blast
5181 AOT_hence ‹◇E!x›
5182 by (metis "betaC:1:a" "con-dis-i-e:2:a" AOT_sem_ordinary)
5183 moreover AOT_have ‹□∀u (❙𝒜[G]u → u ≠⇩E x)›
5184 proof(safe intro!: RN GEN "→I")
5185 AOT_modally_strict {
5186 fix y
5187 AOT_assume ‹O!y›
5188 AOT_assume 0: ‹❙𝒜[G]y›
5189 AOT_show ‹y ≠⇩E x›
5190 proof (safe intro!: "thm-neg=E"[THEN "≡E"(2)] "raa-cor:2")
5191 AOT_assume ‹y =⇩E x›
5192 AOT_hence ‹y = x›
5193 by (metis "=E-simple:2" "vdash-properties:10")
5194 hence ‹y = x›
5195 by (simp add: AOT_sem_eq AOT_term_of_var_inject)
5196 AOT_hence ‹¬❙𝒜[G]y›
5197 using x_prop "&E" AOT_sem_not AOT_sem_act by metis
5198 AOT_thus ‹❙𝒜[G]y & ¬❙𝒜[G]y›
5199 using 0 "&I" by blast
5200 qed
5201 }
5202 qed
5203 ultimately AOT_have ‹◇(∀u (❙𝒜[G]u → u ≠⇩E x) & E!x)›
5204 using "KBasic:16"[THEN "→E", OF "&I"] by blast
5205 AOT_hence ‹◇(E!x & ∀u (❙𝒜[G]u → u ≠⇩E x))›
5206 by (AOT_subst ‹E!x & ∀u (❙𝒜[G]u → u ≠⇩E x)› ‹∀u (❙𝒜[G]u → u ≠⇩E x) & E!x›)
5207 (auto simp: "oth-class-taut:2:a")
5208 AOT_hence ‹∃y ◇(E!y & ∀u (❙𝒜[G]u → u ≠⇩E y))›
5209 using "∃I" by fast
5210 AOT_thus ‹◇∃y (E!y & ∀u (❙𝒜[G]u → u ≠⇩E y))›
5211 using "CBF◇"[THEN "→E"] by fast
5212 qed
5213} qed
5214
5215AOT_theorem "modal-lemma":
5216 ‹◇∀u(❙𝒜[G]u → u ≠⇩E v) → ∀u(❙𝒜[G]u → u ≠⇩E v)›
5217proof(safe intro!: "→I" Ordinary.GEN)
5218 AOT_modally_strict {
5219 fix u
5220 AOT_assume act_Gu: ‹❙𝒜[G]u›
5221 AOT_have ‹∀u (❙𝒜[G]u → u ≠⇩E v) → u ≠⇩E v›
5222 proof(rule "→I")
5223 AOT_assume ‹∀u (❙𝒜[G]u → u ≠⇩E v)›
5224 AOT_hence ‹❙𝒜[G]u → u ≠⇩E v›
5225 using "Ordinary.∀E" by fast
5226 AOT_thus ‹u ≠⇩E v›
5227 using act_Gu "→E" by blast
5228 qed
5229 } note 0 = this
5230 AOT_have θ: ‹□(∀u (❙𝒜[G]u → u ≠⇩E v) → u ≠⇩E v)› if ‹□❙𝒜[G]u› for u
5231 proof -
5232 AOT_have ‹□❙𝒜[G]u → □(∀u (❙𝒜[G]u → u ≠⇩E v) → u ≠⇩E v)›
5233 apply (rule RM) using 0 "&E" "→I" by blast
5234 thus ?thesis using that "→E" by blast
5235 qed
5236 fix u
5237 AOT_assume 1: ‹◇∀u(❙𝒜[G]u → u ≠⇩E v)›
5238 AOT_assume ‹❙𝒜[G]u›
5239 AOT_hence ‹□❙𝒜[G]u›
5240 by (metis "Act-Basic:6" "≡E"(1))
5241 AOT_hence ‹□(∀u (❙𝒜[G]u → u ≠⇩E v) → u ≠⇩E v)›
5242 using Ordinary.ψ θ by blast
5243 AOT_hence ‹◇u ≠⇩E v›
5244 using 1 "K◇"[THEN "→E", THEN "→E"] by blast
5245 AOT_thus ‹u ≠⇩E v›
5246 by (metis "id-nec4:2" "≡E"(1))
5247qed
5248
5249AOT_theorem "th-succ": ‹∀n∃!m [ℙ]nm›
5250proof(safe intro!: Number.GEN "→I" "uniqueness:1"[THEN "≡⇩d⇩fI"])
5251 fix n
5252 AOT_have ‹NaturalCardinal(n)›
5253 by (metis "nat-card" Number.ψ "→E")
5254 AOT_hence ‹∃G(n = #G)›
5255 by (metis "≡⇩d⇩fE" card)
5256 then AOT_obtain G where n_num_G: ‹n = #G›
5257 using "∃E"[rotated] by blast
5258 AOT_hence ‹∃n (n = #G)›
5259 by (rule "Number.∃I")
5260 AOT_hence ‹◇∃y ([E!]y & ∀u(❙𝒜[G]u → u ≠⇩E y))›
5261 using "modal-axiom"[axiom_inst, THEN "→E"] by blast
5262 AOT_hence ‹∃y ◇([E!]y & ∀u(❙𝒜[G]u → u ≠⇩E y))›
5263 using "BF◇"[THEN "→E"] by auto
5264 then AOT_obtain y where ‹◇([E!]y & ∀u(❙𝒜[G]u → u ≠⇩E y))›
5265 using "∃E"[rotated] by blast
5266 AOT_hence ‹◇E!y› and 2: ‹◇∀u(❙𝒜[G]u → u ≠⇩E y)›
5267 using "KBasic2:3" "&E" "→E" by blast+
5268 AOT_hence Oy: ‹O!y›
5269 by (auto intro!: "β←C"(1) "cqt:2" intro: AOT_ordinary[THEN "=⇩d⇩fI"(2)])
5270 AOT_have 0: ‹∀u(❙𝒜[G]u → u ≠⇩E y)›
5271 using 2 "modal-lemma"[unconstrain v, THEN "→E", OF Oy, THEN "→E"] by simp
5272 AOT_have 1: ‹[λx ❙𝒜[G]x ∨ x =⇩E y]↓›
5273 by "cqt:2"
5274 AOT_obtain b where b_prop: ‹Numbers(b, [λx ❙𝒜[G]x ∨ x =⇩E y])›
5275 using "num:1"[unvarify G, OF 1] "∃E"[rotated] by blast
5276 AOT_have Pnb: ‹[ℙ]nb›
5277 proof(safe intro!: "pred-thm:3"[THEN "≡E"(2)]
5278 "∃I"(1)[where τ=‹«[λx ❙𝒜[G]x ∨ x =⇩E y]»›]
5279 1 "∃I"(2)[where β=y] "&I" Oy b_prop)
5280 AOT_show ‹[λx ❙𝒜[G]x ∨ x =⇩E y]y›
5281 by (auto intro!: "β←C"(1) "cqt:2" "∨I"(2)
5282 "ord=Eequiv:1"[THEN "→E", OF Oy])
5283 next
5284 AOT_have equinum: ‹[λx ❙𝒜[G]x ∨ x =⇩E y]⇧-⇧y ≈⇩E [λx ❙𝒜[G]x]›
5285 proof(rule "apE-eqE:1"[unvarify F G, THEN "→E"];
5286 ("cqt:2[lambda]" | rule "F-u[den]"[unvarify F]; "cqt:2[lambda]")?)
5287 AOT_show ‹[λx ❙𝒜[G]x ∨ x =⇩E y]⇧-⇧y ≡⇩E [λx ❙𝒜[G]x]›
5288 proof (safe intro!: eqE[THEN "≡⇩d⇩fI"] "&I" "F-u[den]"[unvarify F]
5289 Ordinary.GEN "→I"; "cqt:2"?)
5290 fix u
5291 AOT_have ‹[[λx ❙𝒜[G]x ∨ [(=⇩E)]xy]⇧-⇧y]u ≡ ([λx ❙𝒜[G]x ∨ x =⇩E y]u) & u ≠⇩E y›
5292 apply (rule "F-u"[THEN "=⇩d⇩fI"(1)[where τ⇩1τ⇩n=‹(_,_)›], simplified]; "cqt:2"?)
5293 by (rule "beta-C-cor:2"[THEN "→E", THEN "∀E"(2)]; "cqt:2")
5294 also AOT_have ‹… ≡ (❙𝒜[G]u ∨ u =⇩E y) & u ≠⇩E y›
5295 apply (AOT_subst ‹[λx ❙𝒜[G]x ∨ [(=⇩E)]xy]u› ‹❙𝒜[G]u ∨ u =⇩E y›)
5296 apply (rule "beta-C-cor:2"[THEN "→E", THEN "∀E"(2)]; "cqt:2")
5297 using "oth-class-taut:3:a" by blast
5298 also AOT_have ‹… ≡ ❙𝒜[G]u›
5299 proof(safe intro!: "≡I" "→I")
5300 AOT_assume ‹(❙𝒜[G]u ∨ u =⇩E y) & u ≠⇩E y›
5301 AOT_thus ‹❙𝒜[G]u›
5302 by (metis "&E"(1) "&E"(2) "∨E"(3) "≡E"(1) "thm-neg=E")
5303 next
5304 AOT_assume ‹❙𝒜[G]u›
5305 AOT_hence ‹u ≠⇩E y› and ‹❙𝒜[G]u ∨ u =⇩E y›
5306 using 0[THEN "∀E"(2), THEN "→E", OF Ordinary.ψ, THEN "→E"]
5307 "∨I" by blast+
5308 AOT_thus ‹(❙𝒜[G]u ∨ u =⇩E y) & u ≠⇩E y›
5309 using "&I" by simp
5310 qed
5311 also AOT_have ‹… ≡ [λx ❙𝒜[G]x]u›
5312 by (rule "beta-C-cor:2"[THEN "→E", THEN "∀E"(2), symmetric]; "cqt:2")
5313 finally AOT_show ‹[[λx ❙𝒜[G]x ∨ [(=⇩E)]xy]⇧-⇧y]u ≡ [λx ❙𝒜[G]x]u›.
5314 qed
5315 qed
5316 AOT_have 2: ‹[λx ❙𝒜[G]x]↓› by "cqt:2[lambda]"
5317 AOT_show ‹Numbers(n,[λx ❙𝒜[G]x ∨ x =⇩E y]⇧-⇧y)›
5318 using "num-tran:1"[unvarify G H, OF 2, OF "F-u[den]"[unvarify F, OF 1],
5319 THEN "→E", OF equinum, THEN "≡E"(2),
5320 OF "eq-num:2"[THEN "≡E"(2), OF n_num_G]].
5321 qed
5322 AOT_show ‹∃α ([ℕ]α & [ℙ]nα & ∀β ([ℕ]β & [ℙ]nβ → β = α))›
5323 proof(safe intro!: "∃I"(2)[where β=b] "&I" Pnb "→I" GEN)
5324 AOT_show ‹[ℕ]b› using "suc-num:1"[THEN "→E", OF Pnb].
5325 next
5326 fix y
5327 AOT_assume 0: ‹[ℕ]y & [ℙ]ny›
5328 AOT_show ‹y = b›
5329 apply (rule "pred-func:1"[THEN "→E"])
5330 using 0[THEN "&E"(2)] Pnb "&I" by blast
5331 qed
5332qed
5333
5334
5335AOT_define Successor :: ‹τ ⇒ κ⇩s› (‹_❙''› [100] 100)
5336 "def-suc": ‹n❙' =⇩d⇩f ❙ιm([ℙ]nm)›
5337
5338text‹Note: not explicitly in PLM›
5339AOT_theorem "def-suc[den1]": ‹❙ιm([ℙ]nm)↓›
5340 using "A-Exists:2" "RA[2]" "≡E"(2) "th-succ"[THEN "Number.∀E"] by blast
5341text‹Note: not explicitly in PLM›
5342AOT_theorem "def-suc[den2]": shows ‹n❙'↓›
5343 by (rule "def-suc"[THEN "=⇩d⇩fI"(1)])
5344 (auto simp: "def-suc[den1]")
5345
5346
5347AOT_theorem suc_eq_desc: ‹n❙' = ❙ιm([ℙ]nm)›
5348 by (rule "def-suc"[THEN "=⇩d⇩fI"(1)])
5349 (auto simp: "def-suc[den1]" "rule=I:1")
5350
5351AOT_theorem "suc-fact": ‹n = m → n❙' = m❙'›
5352proof (rule "→I")
5353 AOT_assume 0: ‹n = m›
5354 AOT_show ‹n❙' = m❙'›
5355 apply (rule "rule=E"[rotated, OF 0])
5356 by (rule "=I"(1)[OF "def-suc[den2]"])
5357qed
5358
5359AOT_theorem "ind-gnd": ‹m = 0 ∨ ∃n(m = n❙')›
5360proof -
5361 AOT_have ‹[[ℙ]⇧+]0m›
5362 using Number.ψ "≡E"(1) "nnumber:3" by blast
5363 AOT_hence ‹[[ℙ]⇧*]0m ∨ 0 =⇩ℙ m›
5364 using "assume1:5"[unvarify x, OF "zero:2", THEN "≡E"(1)] by blast
5365 moreover {
5366 AOT_assume ‹[[ℙ]⇧*]0m›
5367 AOT_hence ‹∃z ([[ℙ]⇧+]0z & [ℙ]zm)›
5368 using "w-ances-her:7"[unconstrain ℛ, unvarify β x, OF "zero:2",
5369 OF "pred-thm:2", THEN "→E", OF "pred-1-1:4",
5370 THEN "→E"]
5371 by blast
5372 then AOT_obtain z where θ: ‹[[ℙ]⇧+]0z› and ξ: ‹[ℙ]zm›
5373 using "&E" "∃E"[rotated] by blast
5374 AOT_have Nz: ‹[ℕ]z›
5375 using θ "≡E"(2) "nnumber:3" by blast
5376 moreover AOT_have ‹m = z❙'›
5377 proof (rule "def-suc"[THEN "=⇩d⇩fI"(1)];
5378 safe intro!: "def-suc[den1]"[unconstrain n, THEN "→E", OF Nz]
5379 "nec-hintikka-scheme"[THEN "≡E"(2)] "&I"
5380 GEN "→I" "Act-Basic:2"[THEN "≡E"(2)])
5381 AOT_show ‹❙𝒜[ℕ]m› using Number.ψ
5382 by (meson "mod-col-num:1" "nec-imp-act" "→E")
5383 next
5384 AOT_show ‹❙𝒜[ℙ]zm› using ξ
5385 by (meson "nec-imp-act" "pred-1-1:1" "→E")
5386 next
5387 fix y
5388 AOT_assume ‹❙𝒜([ℕ]y & [ℙ]zy)›
5389 AOT_hence ‹❙𝒜[ℕ]y› and ‹❙𝒜[ℙ]zy›
5390 using "Act-Basic:2" "&E" "≡E"(1) by blast+
5391 AOT_hence 0: ‹[ℙ]zy›
5392 by (metis RN "≡E"(1) "pred-1-1:1" "sc-eq-fur:2" "→E")
5393 AOT_thus ‹y = m›
5394 using "pred-func:1"[THEN "→E", OF "&I"] ξ by metis
5395 qed
5396 ultimately AOT_have ‹[ℕ]z & m = z❙'›
5397 by (rule "&I")
5398 AOT_hence ‹∃n m = n❙'›
5399 by (rule "∃I")
5400 hence ?thesis
5401 by (rule "∨I")
5402 }
5403 moreover {
5404 AOT_assume ‹0 =⇩ℙ m›
5405 AOT_hence ‹0 = m›
5406 using "id-R-thm:3"[unconstrain ℛ, unvarify β x, OF "zero:2", OF "pred-thm:2",
5407 THEN "→E", OF "pred-1-1:4", THEN "→E"]
5408 by auto
5409 hence ?thesis using id_sym "∨I" by blast
5410 }
5411 ultimately show ?thesis
5412 by (metis "∨E"(2) "raa-cor:1")
5413qed
5414
5415AOT_theorem "suc-thm": ‹[ℙ]n n❙'›
5416proof -
5417 AOT_obtain x where m_is_n: ‹x = n❙'›
5418 using "free-thms:1"[THEN "≡E"(1), OF "def-suc[den2]"]
5419 using "∃E" by metis
5420 AOT_have ‹❙𝒜([ℕ]n❙' & [ℙ]n n❙')›
5421 apply (rule "rule=E"[rotated, OF suc_eq_desc[symmetric]])
5422 apply (rule "actual-desc:4"[THEN "→E"])
5423 by (simp add: "def-suc[den1]")
5424 AOT_hence ‹❙𝒜[ℕ]n❙'› and ‹❙𝒜[ℙ]n n❙'›
5425 using "Act-Basic:2" "≡E"(1) "&E" by blast+
5426 AOT_hence ‹❙𝒜[ℙ]nx›
5427 using m_is_n[symmetric] "rule=E" by fast+
5428 AOT_hence ‹[ℙ]nx›
5429 by (metis RN "≡E"(1) "pred-1-1:1" "sc-eq-fur:2" "→E")
5430 thus ?thesis
5431 using m_is_n "rule=E" by fast
5432qed
5433
5434AOT_define Numeral1 :: ‹κ⇩s› ("1")
5435 "numerals:1": ‹1 =⇩d⇩f 0❙'›
5436
5437AOT_theorem "prec-facts:1": ‹[ℙ]0 1›
5438 by (auto intro: "numerals:1"[THEN "rule-id-df:2:b[zero]",
5439 OF "def-suc[den2]"[unconstrain n, unvarify β,
5440 OF "zero:2", THEN "→E", OF "0-n"]]
5441 "suc-thm"[unconstrain n, unvarify β, OF "zero:2",
5442 THEN "→E", OF "0-n"])
5443
5444
5445
5446
5447AOT_define Finite :: ‹τ ⇒ φ› (‹Finite'(_')›)
5448 "inf-card:1": ‹Finite(x) ≡⇩d⇩f NaturalCardinal(x) & [ℕ]x›
5449AOT_define Infinite :: ‹τ ⇒ φ› (‹Infinite'(_')›)
5450 "inf-card:2": ‹Infinite(x) ≡⇩d⇩f NaturalCardinal(x) & ¬Finite(x)›
5451
5452AOT_theorem "inf-card-exist:1": ‹NaturalCardinal(#O!)›
5453 by (safe intro!: card[THEN "≡⇩d⇩fI"] "∃I"(1)[where τ=‹«O!»›] "=I"
5454 "num-def:2"[unvarify G] "oa-exist:1")
5455
5456AOT_theorem "inf-card-exist:2": ‹Infinite(#O!)›
5457proof (safe intro!: "inf-card:2"[THEN "≡⇩d⇩fI"] "&I" "inf-card-exist:1")
5458 AOT_show ‹¬Finite(#O!)›
5459 proof(rule "raa-cor:2")
5460 AOT_assume ‹Finite(#O!)›
5461 AOT_hence 0: ‹[ℕ]#O!›
5462 using "inf-card:1"[THEN "≡⇩d⇩fE"] "&E"(2) by blast
5463 AOT_have ‹Numbers(#O!, [λz ❙𝒜O!z])›
5464 using "eq-num:3"[unvarify G, OF "oa-exist:1"].
5465 AOT_hence ‹#O! = #O!›
5466 using "eq-num:2"[unvarify x G, THEN "≡E"(1), OF "oa-exist:1",
5467 OF "num-def:2"[unvarify G], OF "oa-exist:1"]
5468 by blast
5469 AOT_hence ‹[ℕ]#O! & #O! = #O!›
5470 using 0 "&I" by blast
5471 AOT_hence ‹∃x ([ℕ]x & x = #O!)›
5472 using "num-def:2"[unvarify G, OF "oa-exist:1"] "∃I"(1) by fast
5473 AOT_hence ‹◇∃y ([E!]y & ∀u (❙𝒜[O!]u → u ≠⇩E y))›
5474 using "modal-axiom"[axiom_inst, unvarify G, THEN "→E", OF "oa-exist:1"] by blast
5475 AOT_hence ‹∃y ◇([E!]y & ∀u (❙𝒜[O!]u → u ≠⇩E y))›
5476 using "BF◇"[THEN "→E"] by blast
5477 then AOT_obtain b where ‹◇([E!]b & ∀u (❙𝒜[O!]u → u ≠⇩E b))›
5478 using "∃E"[rotated] by blast
5479 AOT_hence ‹◇[E!]b› and 2: ‹◇∀u (❙𝒜[O!]u → u ≠⇩E b)›
5480 using "KBasic2:3"[THEN "→E"] "&E" by blast+
5481 AOT_hence ‹[λx ◇[E!]x]b›
5482 by (auto intro!: "β←C"(1) "cqt:2")
5483 moreover AOT_have ‹O! = [λx ◇[E!]x]›
5484 by (rule "rule-id-df:1[zero]"[OF "oa:1"]) "cqt:2"
5485 ultimately AOT_have b_ord: ‹O!b›
5486 using "rule=E" id_sym by fast
5487 AOT_hence ‹❙𝒜O!b›
5488 by (meson "≡E"(1) "oa-facts:7")
5489 moreover AOT_have 2: ‹∀u (❙𝒜[O!]u → u ≠⇩E b)›
5490 using "modal-lemma"[unvarify G, unconstrain v, OF "oa-exist:1",
5491 THEN "→E", OF b_ord, THEN "→E", OF 2].
5492 ultimately AOT_have ‹b ≠⇩E b›
5493 using "Ordinary.∀E"[OF 2, unconstrain α, THEN "→E",
5494 OF b_ord, THEN "→E"] by blast
5495 AOT_hence ‹¬(b =⇩E b)›
5496 by (metis "≡E"(1) "thm-neg=E")
5497 moreover AOT_have ‹b =⇩E b›
5498 using "ord=Eequiv:1"[THEN "→E", OF b_ord].
5499 ultimately AOT_show ‹p & ¬p› for p
5500 by (metis "raa-cor:3")
5501 qed
5502qed
5503
5504
5505
5506
5507end
5508
5509