An Application of Constructive Completeness ... - Semantic Scholar

An Application of Constructive Completeness. Thierry Coquand Jan M. Smith September 15, 1995 DRAFT

Introduction The completeness theorem for rst-order logic is one of the basic result of classical model theory. It states that a rst-order sentence is provable if and only if it holds in all models, or, in a relativised form, that a rst-order sentence is derivable in a theory if and only if it holds in any model of the theory. This expresses a strong relation between syntax and semantics and can be used to give elegant semantical proofs of purely syntactical properties. One typical use is for proving conservativity results: to prove that a rst-order theory T2 is a conservative extension of a theory T1; it is enough to show that any model of T1 can be extended to a model of T2. It follows then directly that a formula derivable in T2 holds in any model of T1; and hence, by the completeness theorem, is also derivable in T1 . The usual proofs of the completeness theorem, by Godel and Henkin, are not constructive. In this paper, we explore one possible eective version of this theorem, that uses topological models in a point-free setting, following Sambin [11]. The truth-values, instead of being simply booleans, can be arbitrary open of a given topological space. There are two advantages with considering this more abstract notion of model. The rst is that, by using formal topology, we get a remarkably simple completeness proof; it seems indeed simpler than the usual classical completeness proof. The second is that this completeness proof is now constructive and elementary. In particular, it does not use any impredicativity and can be formalized in intuitionistic type theory; this is of importance for us, since we want to develop model theory in a computer system for type theory. Formal topology has been developed in the type theory implementation ALF [1] by Cederquist [2] and the completeness proof we use has been checked in ALF by Persson [9]. In view of the extreme simplicity of this proof, it might be feared that it has no interesting applications. We show that this is not the case by analysing a conservativity theorem due to Dragalin [4] concerning a non-standard extension of Heyting arithmetic. We can transpose directly the usual model theoretic conservativity argument, that we sketched above, in this framework. It seems likely that a direct syntactical proof of this result would have to be more involved. The rst part of this paper presents a de nition of topological models, Sambin's completeness proof, and an alternative completeness proof; we also discuss how Beth models relate to our approach. The second part shows how to use this in order to give a proof of Dragalin's conservativity result; our proof is dierent from his and, we believe, simpler. 1

In [8] a stronger conservativity result is proved, using more sophisticated methods based on sheaf semantics.

1 Intuitionistic Model Theory

A formal topology T = hS; ; 1; i is a commutative idempotent monoid hS; ; 1i with a covering relation which satis es the following rules. Re exivity Transitivity

-left Stability

a2U aU aU U V aV aU ab U aU bV ab U V

where U V means that every element of U is covered by V . Intuitively, the elements of S are the basic opens and the multiplication corresponds to the intersection of basic open. An open is represented by a set of basic open; in traditional topology with points, this corresponds to that an open can be represented as the union of a set of basic open. For the details of formal topology in a type theoretic setting, we refer to Sambin [10].

1.1 Topological interpretations

A formal topological interpretation of a rst order language consists of the following. A topology T = hS; ; 1; i. A set D, the domain of the interpretation. To each individual constant a an element [ a] in D and to each function constant f n of arity n a function [ f n ] in Dn ! D. To each relation Rn of arity n a function [ Rn] that gives an open set to each element in Dn . Given an assignment of an element in D to each variable, we associate an element [ t] in D to each term t by [ x] = (x) [ a] = [ a] n [ f (t1 ; : : :; tn )]] = [ f n ] ([[t1] ; : : :; [ tn ] ) We can now associate an open set [ A] to each formula A by induction as follows. 2

1. [ R(t1; : : :; tn )]] = [ Rn ] ([[t1] ; : : :; [ tn ] ) 2. [ >] = f1g 3. [ ?] = ; 4. [ A&B ] = [ A] [ B ] 5. [ A _ B ] = [ A] [ [ B ] 6. [ A B ] = fs 2 S : fsg [ A] [ B ] g S 7. [ 9xB (x)]] = d2D [ B (d)]] 8. [ 8xB (x)]] = fs 2 S : (8d 2 D)(s [ B (d)]] )g In this de nition, [ B (d)]] is an abbreviation of [ B (x)]][x:=d], where the assignment [x := d] is obtained from by giving the variable x the value d. We say that a formula A is valid in an interpretation if 1 [ A] holds for every assignment . A model of a set ? of formulas is an interpretation in which all formulas of ? are valid. A topological interpretation can be seen as a generalization of the ordinary classical notion of interpretation in the sense that the two truth values true and false are replaced by the much richer structure of an arbitrary topological space. Topological interpretations of intuitionistic propositional logic were considered already in the thirties by Tarski [12]. Godel and Kreisel [6] have showed that a constructive completeness proof for predicate logic is impossible with the usual intuitive de nition of validity in all structures, which, in fact, turns out to be the same as validity in all Beth models; see Troelstra [13]. But by weakening the interpretation of absurdity by allowing it to possibly hold in some nodes of a Beth model, it is possible to prove completeness [15, 3]. Beth models where k k? ? is not ruled out are called exploding ; and the reason why Godel and Kreisel's argument is not applicable on exploding models is the fact that k k? ? is in general not decidable. The formal formulation of topological models automatically includes the exploding ones: there might be basic opens which are covered by the empty set, that is, the interpretation of absurdity; and in general it is not decidable whether a ; holds. We will describe in more detail below how an exploding Beth model can easily be formulated in a point-free setting. This is in contrast to the traditional approach to topological models where it seems dicult to directly introduce exploding models: in order to represent the forcing relation, a covering relation must be introduced [14]. We can now prove the following soundness theorem, where A1 ; : : :; An ` A means that A is derivable from A1 ; : : :; An in intuitionistic predicate logic, formulated in natural deduction. Theorem 1 If A1; : : :; An ` A, then [ A1] : : : [ An] [ A] holds for every topological interpretation and for every assignment . Proof. Straightforward by induction on the length of the derivation; for details, see Sambin [11]. When n = 0, [ A1 ] : : : [ An ] should be understood as the full space S ; hence we get as a corollary that if A is a logical truth, then [ A] covers the whole space, or equivalently, 1 [ A] . 3

1.2 The completeness proof

We let `T denote the derivability relation of some arbitrary rst-order theory T . The next theorem expresses completeness. Theorem 2 If [ A1] : : : [ An ] [ A] holds for every topological interpretation of the theory T and every assignment , then A1 ; : : :; An `T A. The proof of the completeness is by constructing a topology that is universal in the sense that [ A1] : : : [ An ] [ A] holds for the topology and every assignment if and only if A1 ; : : :; An `T A. The universal model is a term model, that is, the domain is the set of terms of the language and a term is interpreted as itself. The topology of the interpretation is obtained from the monoid hL; ; 1i of formulas with provable equivalence as equality A = B if and only if `T A $ B, and the operation de ned by A B = A&B: The unit of the monoid is de ned by 1 = >. Clearly, the operation is well de ned, that is, if A = A0 and B = B 0 then A B = A0 B 0 . A is covered by a set U if and only if every proposition C that can be proved from each of the formulas in U can also be proved from A: A U = (8C )((8D 2 U )(D `T C ) ) A `T C ): This de nition is the standard Dedekind-MacNeille completion [7] by which an arbitrary partial ordering can be extended to a complete ordering. The open set associated with an atomic proposition is de ned to be the set of formulas which proves it: [ Rn ] (t1 ; : : :; tn ) = fA : A `T Rn (t1 ; : : :; tn )g: We call the topology L = hL; ; 1; i, the Tarski-Lindenbaum topology. We write [ A] for [ A] when is the identity assignment. From the de nition of covering and that [ ?] = ; we get that A ; if and only if A `T ?; hence, A ; is in general not decidable. The open set [ A] associated to a formula A is the set of all formulas which prove it: Proposition 1 For the Tarski-Lindenbaum topology, B [ A] if and only if B `T A. Proof: By a straightforward induction on the length of the formula A; for details, see Sambin [11]. Note that completeness follows: if for every topology [ A1 ] : : : [ An ] [ A] holds for all assignments , then, in particular, it holds for the Tarski-Lindenbaum topology and the identity assignment; hence, by the proposition 1, A1; : : :; An `T A. This remarkably simple proof should be compared with Henkin's proof for rst order classical logic; but, of course, the notion of model used here is weaker than the usual one. The usual completeness proof for ordinary topological interpretations of intuitionistic logic is based on similar ideas as Henkin's proof. 4

1.3 Henkin Topology

We now de ne another covering relation on the monoid hL; ; 1i of formulas with provable equivalence modulo a rst-order theory T as equality. This covering is de ned with an in nitary inductive de nition. Namely, we de ne A U by the clauses:

A 2 U; A `T A0 and A0 U; A ` A1 _ A2 and A1 U; A2 U; A ` 9x B and B(t) U for all terms t:

It is straightforwardly proved by induction that this de nes a formal topology. We call this topology the Henkin topology associated to the rst-order theory T: For a classical rst-order theory, the points of this formal topology are exactly the Henkin sets, that is, maximal consistent extensions of the theory T: It is easy to prove

Lemma 1 For the Henkin topology, A B if and only A `T B: As for the Tarski-Lindenbaum topology, we have

Proposition 2 For the Henkin topology, B [ A] if and only if B ` A. Hence, we get another completeness proof. By induction, if A U for the Henkin topology, then A U for the Tarski-Lindenbaum topology. We conjecture that the converse implication does not hold.

1.4 Connection with Beth models

There are two versions of exploding models, one for Kripke models [15] and one for Beth models [3]. We shall explain how exploding Beth models can be seen as particular cases of topological models. First we reformulate the notion of spread in the context of formal topology. We use variables u; v; : : : for nite sequences of integers. We write concatenation by juxtaposition, and v u means that v is of the form un1 : : :np ; where possibly p may be 0 (in which case u = v.) We say that u and v are incompatible if and only if neither of the relation u v nor v u hold. A spread S is then a decidable inhabited set of sequences of integers such that 1. if u v and u 2 S; then v 2 S; 2. if u 2 S; then there exists n such that un 2 S: To each spread S we associate a formal space X (S ) de ned as follows. As a semilattice, X (S ) is formed by the disjoint union of S and an extra element : The product operation is de ned by

u v = v if v u; 5

u v = if u and v are incompatible, x y = if x or y is : The covering relation u U is inductively de ned by the clauses U; -inference: u U if u 2 U; -inference: un U if u U; F -inference: u U if un U for all n: The three last rules were used by Brouwer in connection with his analysis of the bar theorem [5]. Notice that all elements of S are positive for this notion of covering: if u U and u 2 S; then U is inhabited. This follows from the second clause of the de nition of a spread. A non-exploding Beth model over the spread S corresponds exactly to a topological model over the space X (S ) and we have u [ A] if and only if u k? A: An exploding Beth model is a model where we allow u k? ? for some u 2 S: The corresponding notion of space is obtained as follows. Given a subset E S; we de ne a new space Y (S ) by adding to the inductive de nition of u U the clause that u U if u 2 E ; in particular we have u ; if u 2 E . The semilattice structure of Y (S ) is the same as the one of X (S ): We can then verify that the equivalence u 2 [ A] if and only if u k? A still holds. The result of Godel and Kreisel on the impossibility of getting a completeness theorem with nonexploding Beth models can be formulated as the fact that in order to get a completeness theorem, it is essential to consider non-decidable subsets E: The universal model used in the completeness proof above is not a Beth model, but we have a similar situation since fu : u ;g is not decidable.

2 Application to a Conservativity Result The conservativity result we present is due to Dragalin [4].

2.1 Non-standard arithmetic

We rst extend the language of Heyting arithmetic, HA, with a new constant 1 and for each numeral n add the axiom 1. n < 1 Clearly, this extension is conservative over HA: only a nite number of the new axioms can appear in a derivation; so if we just replace 1 with a suciently big numeral in the derivation, we obtain a derivation in HA. We denote this extension by HA1 . We next extend HA1 with a new predicate F(x), expressing that x is a standard, or feasible, number. For the new predicate we add the axiom 2. F(0) 6

3. 4. 5. 6.

:F(1) x = y ^ F(x) F(y) y < x ^ F(x) F(y) Let f be an arbitrary function constant of HA. Then F(x1) ^ ^ F(xn ) F(f (x1; : : :; xn ))

7. Induction scheme for standard numbers:

A(0) ^ 8x(F(x) ^ A(x) A(s(x))) 8x(F(x) A(x)) where A(x) is an arbitrary formula of the extended language. From now on we let denote the covering relation of an arbitrary model for HA1 . We de ne an interpretation of F by [ F(t)]] =

[

n2N

[ t = n]

In this interpretation the above axioms are all validated:

Lemma 2 Let P be any of the above axioms about F. Then 1 [ P ] in any model of

HA1 .

Proof. The proof is straightforward and almost the same as the corresponding part of the proof by Dragalin [4]. We let HA1 F denote HA extended with these axioms. Our main result is the following. Theorem 3 HA1F is conservative over HA. Proof. It is enough to prove that HA1 F is conservative over HA1 . So let A be formula

of HA which is derivable in HA1 F, that is, there is a nite conjunction ? of axioms about F such that HA1 + ? ` A. By theorem 1 we have that ? [ A] holds in every model of HA1 . By lemma 2 we then obtain 1 [ A] in every model of HA1 ; hence, by theorem 1, HA1 ` A. Let PA1 F denote Peano arithmetic, PA, extended by the above axioms. We then have Corollary 1 PA1 F is conservative over PA. The proof of the corollary is by Godel's double negation interpretation. Let A denote the double negation interpretation of the formula A and Ax the set of axioms above about 1 and F. Let A be a formula in the language of PA such that PA + Ax ` A. Since ? ` B implies ? ` B for all sets ? of formulas and formulas B , we get HA + Ax ` A. Hence, by the lemma below, HA1 F ` A. By theorem 3, we then get HA ` A . Since PA ` A A we obtain PA ` A.

Lemma 3 Let P be any of the axioms in PA1 F. Then HA1 F ` P . 7

The only non-trivial case is when P is an instance of the induction scheme in HA1 F. So P is A(0) ^ 8x(::F(x) ^ A(x) A(s(x))) 8x(::F(x) A(x)) for some formula A(x). Since all double negated interpreted formulas are stable, we have ` ::A(x) A(x) which implies ` (F(x) A(x)) (::F(x) A(x)). Hence, P follows from P . Since the arguments of the paper are eective, the proof of this corollary can be seen directly as an algorithm that, given a proof of a sentence in PA1 F, transforms this into a proof of the same sentence in PA. A formalization of the proof in the type theory system ALF [1] would then directly give a computer implementation of the transformation algorithm.

References [1] Thorsten Altenkirch, Veronica Gaspes, Bengt Nordstrom, and Bjorn von Sydow. A User's Guide to ALF. Chalmers University of Technology, Sweden, May 1994. Available on the WWW file://ftp.cs.chalmers.se/pub/users/alti/alf.ps.Z. [2] Jan Cederquist. A machine assisted formalization of pointfree topology in type theory. Licentiate thesis, Chalmers University of Technology and University of Goteborg, Sweden, 1994. [3] H.C.M. de Swart. An intuitionistically plausible interpretation of intuitionistic logic. Journal of Symbolic Logic, 42:564{578, 1977. [4] Albert G. Dragalin. An explicit boolean-valued model for non-standard arithmetic. Publ. Math. Drebecen, 42:369{389, 1993. [5] M. Dummett. Elements of intuitionism. Clarendon Press, Oxford, 1977. [6] G. Kreisel. On weak completeness of intutionistic predicate logic. Journal of Symbolic logic., 27:139{158, 1962. [7] H. M. MacNeille. Partially ordered sets. Transactions of AMS, 42, 1937. [8] Ieke Moerdijk and Erik Palmgren. Minimal models of heyting arithmetik. Technical Report Report U.U.D.M 1995:25, Dept. of Mathematics, Uppsala University, Sweden, June 1995. [9] Henrik Persson. A formalization of a constructive completeness proof for intuitionistic predicate logic. Draft, Chalmers University of Technology, Goteborg, September 1995. [10] Giovanni Sambin. Intuitionistic Formal Spaces - A First Communication. In The Proceedings of Conference on Logic and its Applications, Bulgaria. Plenum Press, 1986. [11] Giovanni Sambin. Pretopologies and completeness proofs. Technical report, Dip.di Matematica Pura e Appl., Univ. di Padova, August 1992. 8

[12] A. Tarski. Der Aussagenkalkul und die Topologie. Fundamenta Mathematicae, 31:103{134, 1938. [13] A. S. Troelstra. Choice Sequences, a Chapter of Intuitionistic Mathematics. Clarendon Press, 1977. [14] A. S. Troelstra and D. van Dalen. Constructivism in Mathematics. An Introduction, volume II. North-Holland, 1988. [15] Wim Veldman. An intuitionistic completeness theorem for intuitionistic predicate logic. Journal of Symbolic Logic, 41:159{166, 1976.

9