Lecture 2: Propositional Reasoning

In this lecture, we learn how to do proofs with propositional logical connectives:

False
True
P /\ Q (i.e., and)
P \/ Q (i.e., or)
~P (i.e., not)

We then show how all these connectives can be encoded using only forall and ->.

Lemma False_example (P : Prop) : False -> P.P: Prop
False -> P
Proof.P: Prop
False -> P
  intros.P: Prop
H: False
P
  destruct H.
Qed.

Lemma True_example (P : Prop) : P -> P /\ True.P: Prop
P -> P /\ True
Proof.P: Prop
P -> P /\ True
  intros.P: Prop
H: P
P /\ True
  split.P: Prop
H: P
P
P: Prop
H: P
True
  apply H.P: Prop
H: P
True
  constructor.
Qed.

Lemma And_example (P Q : Prop) : P /\ Q -> Q /\ P.P, Q: Prop
P /\ Q -> Q /\ P
Proof.P, Q: Prop
P /\ Q -> Q /\ P
  intros.P, Q: Prop
H: P /\ Q
Q /\ P
  destruct H as [HP HQ].P, Q: Prop
HP: P
HQ: Q
Q /\ P
  split.P, Q: Prop
HP: P
HQ: Q
Q
P, Q: Prop
HP: P
HQ: Q
P
  -P, Q: Prop
HP: P
HQ: Q
Q apply HQ.
  -P, Q: Prop
HP: P
HQ: Q
P apply HP.
Qed.

Lemma Or_example (P Q R : Prop) : P \/ Q -> (P -> R) /\ (Q -> R) -> R.P, Q, R: Prop
P \/ Q -> (P -> R) /\ (Q -> R) -> R
Proof.P, Q, R: Prop
P \/ Q -> (P -> R) /\ (Q -> R) -> R
  intros HOr HAnd.P, Q, R: Prop
HOr: P \/ Q
HAnd: (P -> R) /\ (Q -> R)
R
  destruct HAnd as [HPR HQR].P, Q, R: Prop
HOr: P \/ Q
HPR: P -> R
HQR: Q -> R
R
  destruct HOr.P, Q, R: Prop
H: P
HPR: P -> R
HQR: Q -> R
R
P, Q, R: Prop
H: Q
HPR: P -> R
HQR: Q -> R
R
  -P, Q, R: Prop
H: P
HPR: P -> R
HQR: Q -> R
R apply HPR.P, Q, R: Prop
H: P
HPR: P -> R
HQR: Q -> R
P
    apply H.
  -P, Q, R: Prop
H: Q
HPR: P -> R
HQR: Q -> R
R apply HQR.P, Q, R: Prop
H: Q
HPR: P -> R
HQR: Q -> R
Q
    apply H.
Qed.

Lemma Not_example (P Q : Prop) : ~(P \/ Q) -> ~P /\ ~Q.P, Q: Prop
~ (P \/ Q) -> ~ P /\ ~ Q
Proof.P, Q: Prop
~ (P \/ Q) -> ~ P /\ ~ Q
  intros.P, Q: Prop
H: ~ (P \/ Q)
~ P /\ ~ Q
  split.P, Q: Prop
H: ~ (P \/ Q)
~ P
P, Q: Prop
H: ~ (P \/ Q)
~ Q
  -P, Q: Prop
H: ~ (P \/ Q)
~ P unfold not.P, Q: Prop
H: ~ (P \/ Q)
P -> False
    intros HP.P, Q: Prop
H: ~ (P \/ Q)
HP: P
False
    apply H.P, Q: Prop
H: ~ (P \/ Q)
HP: P
P \/ Q
    left.P, Q: Prop
H: ~ (P \/ Q)
HP: P
P
    apply HP.
  -P, Q: Prop
H: ~ (P \/ Q)
~ Q unfold not.P, Q: Prop
H: ~ (P \/ Q)
Q -> False
    intros HQ.P, Q: Prop
H: ~ (P \/ Q)
HQ: Q
False
    apply H.P, Q: Prop
H: ~ (P \/ Q)
HQ: Q
P \/ Q
    right.P, Q: Prop
H: ~ (P \/ Q)
HQ: Q
Q
    apply HQ.
Qed.

Lemma Not_non_example (P Q : Prop) : ~(P /\ Q) -> ~P \/ ~Q.P, Q: Prop
~ (P /\ Q) -> ~ P \/ ~ Q
Proof.P, Q: Prop
~ (P /\ Q) -> ~ P \/ ~ Q
  intros.P, Q: Prop
H: ~ (P /\ Q)
~ P \/ ~ Q
  left.P, Q: Prop
H: ~ (P /\ Q)
~ P
  intros HP.P, Q: Prop
H: ~ (P /\ Q)
HP: P
False
  apply H.P, Q: Prop
H: ~ (P /\ Q)
HP: P
P /\ Q
  split.P, Q: Prop
H: ~ (P /\ Q)
HP: P
P
P, Q: Prop
H: ~ (P /\ Q)
HP: P
Q
  apply HP.P, Q: Prop
H: ~ (P /\ Q)
HP: P
Q
  (* We cannot prove this in Coq as it is not constructively valid. *)
Abort.

We can prove it if we assume the law of excluded middle.

Axiom excluded_middle : forall (P : Prop), P \/ ~P.

Lemma Not_non_example' (P Q : Prop) : ~(P /\ Q) -> ~P \/ ~Q.P, Q: Prop
~ (P /\ Q) -> ~ P \/ ~ Q
Proof.P, Q: Prop
~ (P /\ Q) -> ~ P \/ ~ Q
  (* Exercise! *)
Admitted.

A different encoding using `forall` and `->`

Next, we show how to define the logical connectives using only forall and ->.

Definition Fals := forall (P : Prop), P.

Lemma ex_falso_quodlibet (P : Prop) : Fals -> P.P: Prop
Fals -> P
Proof.P: Prop
Fals -> P
  unfold Fals.P: Prop
(forall P : Prop, P) -> P
  intros H.P: Prop
H: forall P : Prop, P
P
  apply H.
Qed.

Lemma Fals_correct : Fals <-> False.Fals <-> False
Proof.Fals <-> False
  split.Fals -> False
False -> Fals
  -Fals -> False intros H.H: Fals
False
    apply H.
  -False -> Fals intros H.H: False
Fals
    destruct H.
Qed.

Definition not (P : Prop) : Prop := P -> Fals.

Definition Tru := not Fals.

Lemma Tru_intro : Tru.Tru
Proof.Tru
  unfold Tru.not Fals
  unfold not.Fals -> Fals
  intros H.H: Fals
Fals
  apply H.
Qed.

Lemma Tru_correct : Tru <-> True.Tru <-> True
Proof.Tru <-> True
  split.Tru -> True
True -> Tru
  -Tru -> True intros H.H: Tru
True
    constructor.
  -True -> Tru intros H.H: True
Tru
    apply Tru_intro.
Qed.

Definition and (P Q : Prop) : Prop := forall (R : Prop), (P -> Q -> R) -> R.

Lemma and_elim_left P Q : and P Q -> P.P, Q: Prop
and P Q -> P
Proof.P, Q: Prop
and P Q -> P
  intros H.P, Q: Prop
H: and P Q
P
  unfold and in H.P, Q: Prop
H: forall R : Prop, (P -> Q -> R) -> R
P
  apply H.P, Q: Prop
H: forall R : Prop, (P -> Q -> R) -> R
P -> Q -> P
  intros H1 H2.P, Q: Prop
H: forall R : Prop, (P -> Q -> R) -> R
H1: P
H2: Q
P
  apply H1.
Qed.

Lemma and_elim_right P Q : and P Q -> Q.P, Q: Prop
and P Q -> Q
Proof.P, Q: Prop
and P Q -> Q
  intros H.P, Q: Prop
H: and P Q
Q
  unfold and in H.P, Q: Prop
H: forall R : Prop, (P -> Q -> R) -> R
Q
  apply H.P, Q: Prop
H: forall R : Prop, (P -> Q -> R) -> R
P -> Q -> Q
  intros H1 H2.P, Q: Prop
H: forall R : Prop, (P -> Q -> R) -> R
H1: P
H2: Q
Q
  apply H2.
Qed.

Lemma and_intro P Q : P -> Q -> and P Q.P, Q: Prop
P -> Q -> and P Q
Proof.P, Q: Prop
P -> Q -> and P Q
  intros HP HQ.P, Q: Prop
HP: P
HQ: Q
and P Q
  unfold and.P, Q: Prop
HP: P
HQ: Q
forall R : Prop, (P -> Q -> R) -> R
  intros R H.P, Q: Prop
HP: P
HQ: Q
R: Prop
H: P -> Q -> R
R
  apply H.P, Q: Prop
HP: P
HQ: Q
R: Prop
H: P -> Q -> R
P
P, Q: Prop
HP: P
HQ: Q
R: Prop
H: P -> Q -> R
Q
  -P, Q: Prop
HP: P
HQ: Q
R: Prop
H: P -> Q -> R
P exact HP.
  -P, Q: Prop
HP: P
HQ: Q
R: Prop
H: P -> Q -> R
Q exact HQ.
Qed.

Lemma and_comm P Q : and P Q -> and Q P.P, Q: Prop
and P Q -> and Q P
Proof.P, Q: Prop
and P Q -> and Q P
  intros H.P, Q: Prop
H: and P Q
and Q P
  apply and_intro.P, Q: Prop
H: and P Q
Q
P, Q: Prop
H: and P Q
P
  -P, Q: Prop
H: and P Q
Q apply (and_elim_right P Q).P, Q: Prop
H: and P Q
and P Q apply H.
  -P, Q: Prop
H: and P Q
P apply (and_elim_left P Q).P, Q: Prop
H: and P Q
and P Q apply H.
Qed.

Lemma and_correct (P Q : Prop) : and P Q <-> P /\ Q.P, Q: Prop
and P Q <-> P /\ Q
Proof.P, Q: Prop
and P Q <-> P /\ Q
  split.P, Q: Prop
and P Q -> P /\ Q
P, Q: Prop
P /\ Q -> and P Q
  -P, Q: Prop
and P Q -> P /\ Q intros H.P, Q: Prop
H: and P Q
P /\ Q
    split.P, Q: Prop
H: and P Q
P
P, Q: Prop
H: and P Q
Q
    +P, Q: Prop
H: and P Q
P apply (and_elim_left P Q H).
    +P, Q: Prop
H: and P Q
Q apply (and_elim_right P Q H).
  -P, Q: Prop
P /\ Q -> and P Q intros H.P, Q: Prop
H: P /\ Q
and P Q
    destruct H as [HP HQ].P, Q: Prop
HP: P
HQ: Q
and P Q
    apply and_intro.P, Q: Prop
HP: P
HQ: Q
P
P, Q: Prop
HP: P
HQ: Q
Q
    +P, Q: Prop
HP: P
HQ: Q
P apply HP.
    +P, Q: Prop
HP: P
HQ: Q
Q apply HQ.
Qed.

We can define our own tactics similar to the built-in tactics

Ltac destruct_and H :=
  pose proof (and_elim_left _ _ H) as H1;
  pose proof (and_elim_right _ _ H) as H2;
  clear H.

Ltac split_and := apply and_intro.

Lemma and_comm' P Q : and P Q -> and Q P.P, Q: Prop
and P Q -> and Q P
Proof.P, Q: Prop
and P Q -> and Q P
  intros H.P, Q: Prop
H: and P Q
and Q P
  destruct_and H.P, Q: Prop
H1: P
H2: Q
and Q P
  split_and.P, Q: Prop
H1: P
H2: Q
Q
P, Q: Prop
H1: P
H2: Q
P
  -P, Q: Prop
H1: P
H2: Q
Q apply H2.
  -P, Q: Prop
H1: P
H2: Q
P apply H1.
Qed.


Definition or (P Q : Prop) : Prop := forall (R : Prop), (P -> R) -> (Q -> R) -> R.

Lemma or_intro_left P Q : P -> or P Q.P, Q: Prop
P -> or P Q
Proof.P, Q: Prop
P -> or P Q
  intros HP.P, Q: Prop
HP: P
or P Q
  unfold or.P, Q: Prop
HP: P
forall R : Prop, (P -> R) -> (Q -> R) -> R
  intros R H1 H2.P, Q: Prop
HP: P
R: Prop
H1: P -> R
H2: Q -> R
R
  apply H1.P, Q: Prop
HP: P
R: Prop
H1: P -> R
H2: Q -> R
P
  apply HP.
Qed.

Lemma or_intro_right P Q : Q -> or P Q.P, Q: Prop
Q -> or P Q
Proof.P, Q: Prop
Q -> or P Q
  intros HQ.P, Q: Prop
HQ: Q
or P Q
  unfold or.P, Q: Prop
HQ: Q
forall R : Prop, (P -> R) -> (Q -> R) -> R
  intros R H1 H2.P, Q: Prop
HQ: Q
R: Prop
H1: P -> R
H2: Q -> R
R
  apply H2.P, Q: Prop
HQ: Q
R: Prop
H1: P -> R
H2: Q -> R
Q
  apply HQ.
Qed.

Lemma or_elim P Q (R : Prop) : or P Q -> (P -> R) -> (Q -> R) -> R.P, Q, R: Prop
or P Q -> (P -> R) -> (Q -> R) -> R
Proof.P, Q, R: Prop
or P Q -> (P -> R) -> (Q -> R) -> R
  intros HPQ H1 H2.P, Q, R: Prop
HPQ: or P Q
H1: P -> R
H2: Q -> R
R
  unfold or in HPQ.P, Q, R: Prop
HPQ: forall R : Prop, (P -> R) -> (Q -> R) -> R
H1: P -> R
H2: Q -> R
R
  apply HPQ.P, Q, R: Prop
HPQ: forall R : Prop, (P -> R) -> (Q -> R) -> R
H1: P -> R
H2: Q -> R
P -> R
P, Q, R: Prop
HPQ: forall R : Prop, (P -> R) -> (Q -> R) -> R
H1: P -> R
H2: Q -> R
Q -> R
  -P, Q, R: Prop
HPQ: forall R : Prop, (P -> R) -> (Q -> R) -> R
H1: P -> R
H2: Q -> R
P -> R apply H1.
  -P, Q, R: Prop
HPQ: forall R : Prop, (P -> R) -> (Q -> R) -> R
H1: P -> R
H2: Q -> R
Q -> R apply H2.
Qed.

Lemma or_correct P Q : or P Q <-> P \/ Q.P, Q: Prop
or P Q <-> P \/ Q
Proof.P, Q: Prop
or P Q <-> P \/ Q
  (* Exercise *)
Admitted.

As a bonus, we can also encode equality à la Leibniz.

Definition eq (T : Type) (x : T) (y : T) : Prop := forall (P : T -> Prop), P x -> P y.

Lemma eq_refl (T : Type) (x : T) : eq T x x.T: Type
x: T
eq T x x
Proof.T: Type
x: T
eq T x x
  intros P H.T: Type
x: T
P: T -> Prop
H: P x
P x
  apply H.
Qed.

Lemma eq_sym (T : Type) (x y : T) : eq T x y -> eq T y x.T: Type
x, y: T
eq T x y -> eq T y x
Proof.T: Type
x, y: T
eq T x y -> eq T y x
  intros H.T: Type
x, y: T
H: eq T x y
eq T y x
  apply H.T: Type
x, y: T
H: eq T x y
eq T x x
  apply eq_refl.
Qed.

Lemma eq_trans (T : Type) (x y z : T) : eq T x y -> eq T y z -> eq T x z.T: Type
x, y, z: T
eq T x y -> eq T y z -> eq T x z
Proof.T: Type
x, y, z: T
eq T x y -> eq T y z -> eq T x z
  intros H1 H2.T: Type
x, y, z: T
H1: eq T x y
H2: eq T y z
eq T x z
  apply H2.T: Type
x, y, z: T
H1: eq T x y
H2: eq T y z
eq T x y
  apply H1.
Qed.

Lemma eq_correct (T : Type) (x y : T) : eq T x y <-> x = y.T: Type
x, y: T
eq T x y <-> x = y
Proof.T: Type
x, y: T
eq T x y <-> x = y
  (* Exercise *)
Admitted.

In fact, even implication (->) can be encoded using forall!

Definition imp (P Q : Prop) : Prop := forall H : P, Q.

Lemma imp_correct (P Q : Prop) : imp P Q <-> (P -> Q).P, Q: Prop
imp P Q <-> (P -> Q)
Proof.P, Q: Prop
imp P Q <-> (P -> Q)
  unfold imp.P, Q: Prop
(P -> Q) <-> (P -> Q)
  (* Coq already prints the forall as ->. *)
  (* Implication is *literally* just a forall! *)
  split.P, Q: Prop
(P -> Q) -> P -> Q
P, Q: Prop
(P -> Q) -> P -> Q
  -P, Q: Prop
(P -> Q) -> P -> Q intros H.P, Q: Prop
H: P -> Q
P -> Q apply H.
  -P, Q: Prop
(P -> Q) -> P -> Q intros H.P, Q: Prop
H: P -> Q
P -> Q apply H.
Qed.

Coq's Encoding

In Coq, the connectives are not defined in terms of forall, but in terms of Inductive types. An inductive type lists all the constructors that make up the type. For propositions, this means that it lists all the ways to prove the proposition.

There are no ways to prove False.

Inductive False' : Prop := .

There is one way to prove True.

Inductive True' : Prop :=
  | I : True'. (* I is the constructor for True' *)

To prove and P Q, we need to provide a proof of P and a proof of Q.

Inductive and' (P Q : Prop) : Prop :=
  | conj : P -> Q -> and' P Q. (* conj is the constructor for and' *)

To prove or P Q, we need to provide a proof of P or a proof of Q.

Inductive or' (A B : Prop) : Prop :=
  | or_introl : A -> or' A B (* or_introl is the constructor for proving or' from A *)
  | or_intror : B -> or' A B. (* or_intror is the constructor for proving or' from B *)

Equality is a more complex example. The only way to prove eq' T x y is if x and y are the same.

Inductive eq' (T : Type) (x : T) : T -> Prop :=
  | eq_refl' : eq' T x x. (* eq_refl' is the constructor for eq' *)

These inductive types are manipulated with two tactics:

destruct: do case analysis on the inductive type
apply [constructor_name]: apply the constructor to prove the type (we can also use constructor i for the i-th constructor, or simply constructor to apply the first matching constructor)

Lemma and_comm'' P Q : and' P Q -> and' Q P.P, Q: Prop
and' P Q -> and' Q P
Proof.P, Q: Prop
and' P Q -> and' Q P
  intros H.P, Q: Prop
H: and' P Q
and' Q P
  destruct H as [HP HQ].P, Q: Prop
HP: P
HQ: Q
and' Q P
  constructor. (* We can also use `apply conj` here. For the built-in conjunction, we can use `split` *)P, Q: Prop
HP: P
HQ: Q
Q
P, Q: Prop
HP: P
HQ: Q
P
  -P, Q: Prop
HP: P
HQ: Q
Q apply HQ.
  -P, Q: Prop
HP: P
HQ: Q
P apply HP.
Qed.

Lemma or_comm'' P Q : or' P Q -> or' Q P.P, Q: Prop
or' P Q -> or' Q P
Proof.P, Q: Prop
or' P Q -> or' Q P
  intros H.P, Q: Prop
H: or' P Q
or' Q P
  destruct H as [HP | HQ].P, Q: Prop
HP: P
or' Q P
P, Q: Prop
HQ: Q
or' Q P
  -P, Q: Prop
HP: P
or' Q P constructor 2.P, Q: Prop
HP: P
P apply HP.
  -P, Q: Prop
HQ: Q
or' Q P constructor 1.P, Q: Prop
HQ: Q
Q apply HQ.
Qed.

Lemma eq_comm'' (T : Type) (x y : T) : eq' T x y -> eq' T y x.T: Type
x, y: T
eq' T x y -> eq' T y x
Proof.T: Type
x, y: T
eq' T x y -> eq' T y x
  intros H.T: Type
x, y: T
H: eq' T x y
eq' T y x
  destruct H.T: Type
x: T
eq' T x x
  apply eq_refl'.
Qed.

Lecture 2: Propositional Reasoning

A different encoding using forall and ->

Coq's Encoding

A different encoding using `forall` and `->`