A weak HOAS approach to the POPLmark Challenge Alberto Ciaffaglione - - PowerPoint PPT Presentation

Introduction System F<: Formalization Conclusion

A weak HOAS approach to the POPLmark Challenge

Alberto Ciaffaglione Ivan Scagnetto

Universit` a di Udine, Italia Dipartimento di Matematica e Informatica {alberto.ciaffaglione,ivan.scagnetto}@uniud.it LSFA 2012 - 7th Workshop on Logical and Semantic Frameworks, with Applications Rio de Janeiro, Brasil - September 29-30, 2012

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Outline

1

Introduction

2

System F<:

3

Formalization

4

Conclusion

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The POPLmark Challenge

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The POPLmark Challenge

Formal proofs about programming language metatheory/semantics

long and tedious management of the details small mistakes or missed subtle cases harmful

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The POPLmark Challenge

Formal proofs about programming language metatheory/semantics

long and tedious management of the details small mistakes or missed subtle cases harmful

Automated proof assistants may help, with potential benefits

reusing the work keeping definitions and proofs consistent ensuring a firm relationship between theory and implementation

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The POPLmark Challenge

Formal proofs about programming language metatheory/semantics

long and tedious management of the details small mistakes or missed subtle cases harmful

Automated proof assistants may help, with potential benefits

reusing the work keeping definitions and proofs consistent ensuring a firm relationship between theory and implementation

A framework and a set of problems for measuring the progress framework System F<:: polymorphic (second-order) λ-calculus problems variable binding, complex recursion and induction, definition and proof reuse, experimentation of generated sample programs

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Our contribute

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Our contribute

System F<:’s type language (variable binding, complex induction)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Our contribute

System F<:’s type language (variable binding, complex induction) logical frameworks based on type theory (LFs): the Calculus of Inductive Constructions, and its Coq implementation

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Our contribute

System F<:’s type language (variable binding, complex induction) logical frameworks based on type theory (LFs): the Calculus of Inductive Constructions, and its Coq implementation management of inductively-defined structures with binders

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Our contribute

System F<:’s type language (variable binding, complex induction) logical frameworks based on type theory (LFs): the Calculus of Inductive Constructions, and its Coq implementation management of inductively-defined structures with binders

Higher-Order Abstract Syntax (HOAS)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Our contribute

System F<:’s type language (variable binding, complex induction) logical frameworks based on type theory (LFs): the Calculus of Inductive Constructions, and its Coq implementation management of inductively-defined structures with binders

Higher-Order Abstract Syntax (HOAS) weak HOAS (second-order term constructors that take as arguments functions over a parametric type of variables)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Our contribute

System F<:’s type language (variable binding, complex induction) logical frameworks based on type theory (LFs): the Calculus of Inductive Constructions, and its Coq implementation management of inductively-defined structures with binders

Higher-Order Abstract Syntax (HOAS) weak HOAS (second-order term constructors that take as arguments functions over a parametric type of variables) the Theory of Contexts

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Our contribute

System F<:’s type language (variable binding, complex induction) logical frameworks based on type theory (LFs): the Calculus of Inductive Constructions, and its Coq implementation management of inductively-defined structures with binders

Higher-Order Abstract Syntax (HOAS) weak HOAS (second-order term constructors that take as arguments functions over a parametric type of variables) the Theory of Contexts

we prove the first (of the three) task(s) of the Challenge: transitivity (and narrowing) of algorithmic subtyping

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The (pure) type language

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The (pure) type language

Syntax of types: Type : S, T ::= X type variable Top maximal type S→T function type ∀X<:S.T universal type

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The (pure) type language

Syntax of types: Type : S, T ::= X type variable Top maximal type S→T function type ∀X<:S.T universal type Syntax of type environments: Env : Γ, Γ′ ::= ∅ empty type environment Γ′, X<:T type variable binding (with scoping discipline)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Algorithmic subtyping (for well-scoped types)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Algorithmic subtyping (for well-scoped types)

Subtyping: Γ ⊢ S <: Top (Top) Γ ⊢ X <: X (Refl) X<:U ∈ Γ Γ ⊢ U <: T Γ ⊢ X <: T (Trans) Γ ⊢ T1 <: S1 Γ ⊢ S2 <: T2 Γ ⊢ S1→S2 <: T1→T2 (Arr) Γ ⊢ T1 <: S1 Γ, X<:T1 ⊢ S2 <: T2 Γ ⊢ ∀X<:S1.S2 <: ∀X<:T1.T2 (All)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Algorithmic subtyping (for well-scoped types)

Subtyping: Γ ⊢ S <: Top (Top) Γ ⊢ X <: X (Refl) X<:U ∈ Γ Γ ⊢ U <: T Γ ⊢ X <: T (Trans) Γ ⊢ T1 <: S1 Γ ⊢ S2 <: T2 Γ ⊢ S1→S2 <: T1→T2 (Arr) Γ ⊢ T1 <: S1 Γ, X<:T1 ⊢ S2 <: T2 Γ ⊢ ∀X<:S1.S2 <: ∀X<:T1.T2 (All) Proposition 1 (Transitivity and Narrowing) Γ ⊢ S <: Q ∧ Γ ⊢ Q <: T ⇒ Γ ⊢ S <: T Γ, X<:Q, ∆ ⊢ M <: N ∧ Γ ⊢ P <: Q ⇒ Γ, X<:P, ∆ ⊢ M <: N Proof: By (outer) induction on Q.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Transitivity and Narrowing

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Transitivity and Narrowing

Transitivity: by inner induction on the derivation Γ ⊢ S <: Q

. . . Γ ⊢ Q1 <: S1 . . . Γ, X<:Q1 ⊢ S2 <: Q2 Γ ⊢ ∀X<:S1.S2 <: ∀X<:Q1.Q2 . . . Γ ⊢ T1 <: Q1 . . . Γ, X<:T1 ⊢ Q2 <: T2 Γ ⊢ ∀X<:Q1.Q2 <: ∀X<:T1.T2

To conclude (via the (All) rule):

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Transitivity and Narrowing

Transitivity: by inner induction on the derivation Γ ⊢ S <: Q

. . . Γ ⊢ Q1 <: S1 . . . Γ, X<:Q1 ⊢ S2 <: Q2 Γ ⊢ ∀X<:S1.S2 <: ∀X<:Q1.Q2 . . . Γ ⊢ T1 <: Q1 . . . Γ, X<:T1 ⊢ Q2 <: T2 Γ ⊢ ∀X<:Q1.Q2 <: ∀X<:T1.T2

To conclude (via the (All) rule):

1

Γ ⊢ T1 <: S1

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Transitivity and Narrowing

Transitivity: by inner induction on the derivation Γ ⊢ S <: Q

. . . Γ ⊢ Q1 <: S1 . . . Γ, X<:Q1 ⊢ S2 <: Q2 Γ ⊢ ∀X<:S1.S2 <: ∀X<:Q1.Q2 . . . Γ ⊢ T1 <: Q1 . . . Γ, X<:T1 ⊢ Q2 <: T2 Γ ⊢ ∀X<:Q1.Q2 <: ∀X<:T1.T2

To conclude (via the (All) rule):

1

Γ ⊢ T1 <: S1

2

Γ, X<:T1 ⊢ S2 <: T2 (via narrowing: Q1 structurally smaller than Q)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Transitivity and Narrowing

Transitivity: by inner induction on the derivation Γ ⊢ S <: Q

. . . Γ ⊢ Q1 <: S1 . . . Γ, X<:Q1 ⊢ S2 <: Q2 Γ ⊢ ∀X<:S1.S2 <: ∀X<:Q1.Q2 . . . Γ ⊢ T1 <: Q1 . . . Γ, X<:T1 ⊢ Q2 <: T2 Γ ⊢ ∀X<:Q1.Q2 <: ∀X<:T1.T2

To conclude (via the (All) rule):

1

Γ ⊢ T1 <: S1

2

Γ, X<:T1 ⊢ S2 <: T2 (via narrowing: Q1 structurally smaller than Q)

Narrowing: by inner induction on Γ, X<:Q, ∆ ⊢ M <: N

. . . Γ, X<:Q, ∆ ⊢ Q <: N Γ, X<:Q, ∆ ⊢ X <: N

To conclude (via the (Trans) rule):

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Transitivity and Narrowing

Transitivity: by inner induction on the derivation Γ ⊢ S <: Q

. . . Γ ⊢ Q1 <: S1 . . . Γ, X<:Q1 ⊢ S2 <: Q2 Γ ⊢ ∀X<:S1.S2 <: ∀X<:Q1.Q2 . . . Γ ⊢ T1 <: Q1 . . . Γ, X<:T1 ⊢ Q2 <: T2 Γ ⊢ ∀X<:Q1.Q2 <: ∀X<:T1.T2

To conclude (via the (All) rule):

1

Γ ⊢ T1 <: S1

2

Γ, X<:T1 ⊢ S2 <: T2 (via narrowing: Q1 structurally smaller than Q)

Narrowing: by inner induction on Γ, X<:Q, ∆ ⊢ M <: N

. . . Γ, X<:Q, ∆ ⊢ Q <: N Γ, X<:Q, ∆ ⊢ X <: N

To conclude (via the (Trans) rule):

1

Γ, X<:P, ∆ ⊢ Q <: N

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Transitivity and Narrowing

Transitivity: by inner induction on the derivation Γ ⊢ S <: Q

. . . Γ ⊢ Q1 <: S1 . . . Γ, X<:Q1 ⊢ S2 <: Q2 Γ ⊢ ∀X<:S1.S2 <: ∀X<:Q1.Q2 . . . Γ ⊢ T1 <: Q1 . . . Γ, X<:T1 ⊢ Q2 <: T2 Γ ⊢ ∀X<:Q1.Q2 <: ∀X<:T1.T2

To conclude (via the (All) rule):

1

Γ ⊢ T1 <: S1

2

Γ, X<:T1 ⊢ S2 <: T2 (via narrowing: Q1 structurally smaller than Q)

Narrowing: by inner induction on Γ, X<:Q, ∆ ⊢ M <: N

. . . Γ, X<:Q, ∆ ⊢ Q <: N Γ, X<:Q, ∆ ⊢ X <: N

To conclude (via the (Trans) rule):

1

Γ, X<:P, ∆ ⊢ Q <: N

2

Γ, X<:P, ∆ ⊢ P <: Q (via weakening)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Transitivity and Narrowing

Transitivity: by inner induction on the derivation Γ ⊢ S <: Q

. . . Γ ⊢ Q1 <: S1 . . . Γ, X<:Q1 ⊢ S2 <: Q2 Γ ⊢ ∀X<:S1.S2 <: ∀X<:Q1.Q2 . . . Γ ⊢ T1 <: Q1 . . . Γ, X<:T1 ⊢ Q2 <: T2 Γ ⊢ ∀X<:Q1.Q2 <: ∀X<:T1.T2

To conclude (via the (All) rule):

1

Γ ⊢ T1 <: S1

2

Γ, X<:T1 ⊢ S2 <: T2 (via narrowing: Q1 structurally smaller than Q)

Narrowing: by inner induction on Γ, X<:Q, ∆ ⊢ M <: N

. . . Γ, X<:Q, ∆ ⊢ Q <: N Γ, X<:Q, ∆ ⊢ X <: N

To conclude (via the (Trans) rule):

1

Γ, X<:P, ∆ ⊢ Q <: N

2

Γ, X<:P, ∆ ⊢ P <: Q (via weakening)

3

Γ, X<:P, ∆ ⊢ P <: N (via transitivity, applied to Q itself)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

A faithful alternative formulation

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

A faithful alternative formulation

Auxiliary judgments (Closure, Well-formedness):

dom(Γ) {X1, . . . , Xn} closed(T, Γ) ∀Y . Y ∈fv(T) ⇒ ∃U. Y , U∈Γ

• k(∅) (ok·∅)
• k(Γ)

X / ∈dom(Γ) closed(T, Γ)

• k(Γ, X, T)

(ok·pair)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

A faithful alternative formulation

Auxiliary judgments (Closure, Well-formedness):

dom(Γ) {X1, . . . , Xn} closed(T, Γ) ∀Y . Y ∈fv(T) ⇒ ∃U. Y , U∈Γ

• k(∅) (ok·∅)
• k(Γ)

X / ∈dom(Γ) closed(T, Γ)

• k(Γ, X, T)

(ok·pair)

Subtyping (some rules):

• k(Γ)

closed(S, Γ) sub(Γ, S, Top) (top)

• k(Γ)

X, U ∈ Γ sub(Γ, X, X) (var) sub(Γ, T1, S1)

• k(Γ, X, T1)⇒sub((Γ, X, T1), S2, T2)

sub(Γ, ∀X<:S1.S2, ∀X<:T1.T2) (all)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

A faithful alternative formulation

Auxiliary judgments (Closure, Well-formedness):

dom(Γ) {X1, . . . , Xn} closed(T, Γ) ∀Y . Y ∈fv(T) ⇒ ∃U. Y , U∈Γ

• k(∅) (ok·∅)
• k(Γ)

X / ∈dom(Γ) closed(T, Γ)

• k(Γ, X, T)

(ok·pair)

Subtyping (some rules):

• k(Γ)

closed(S, Γ) sub(Γ, S, Top) (top)

• k(Γ)

X, U ∈ Γ sub(Γ, X, X) (var) sub(Γ, T1, S1)

• k(Γ, X, T1)⇒sub((Γ, X, T1), S2, T2)

sub(Γ, ∀X<:S1.S2, ∀X<:T1.T2) (all)

Reflexivity ok(Γ) ∧ closed(S, Γ) ⇒ sub(Γ, S, S) Transitivity sub(Γ, S, Q) ∧ sub(Γ, Q, T) ⇒ sub(Γ, S, T) Narrowing sub((Γ, X, Q, ∆), M, N) ∧ sub(Γ, P, Q) ⇒ sub((Γ, X, P, ∆), M, N)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The encoding issue in a LF

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The encoding issue in a LF

Variables (α-conversion, capture-avoiding substitution)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The encoding issue in a LF

Variables (α-conversion, capture-avoiding substitution)

traditional solutions (e.g. de Bruijn indices, first-order variables)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The encoding issue in a LF

Variables (α-conversion, capture-avoiding substitution)

traditional solutions (e.g. de Bruijn indices, first-order variables) Higher-Order Abstract Syntax (HOAS) encapsulates the complexity, thus providing an high level of abstraction: representation by metavariables (functional constructors; functional application)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The encoding issue in a LF

Variables (α-conversion, capture-avoiding substitution)

traditional solutions (e.g. de Bruijn indices, first-order variables) Higher-Order Abstract Syntax (HOAS) encapsulates the complexity, thus providing an high level of abstraction: representation by metavariables (functional constructors; functional application)

Incompatibility between HOAS and inductive types

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The encoding issue in a LF

Variables (α-conversion, capture-avoiding substitution)

traditional solutions (e.g. de Bruijn indices, first-order variables) Higher-Order Abstract Syntax (HOAS) encapsulates the complexity, thus providing an high level of abstraction: representation by metavariables (functional constructors; functional application)

Incompatibility between HOAS and inductive types

no “full” HOAS: (T→T)→T violates the positivity constraint lack of higher-order recursion and induction principles no inductive representation: (Var→T)→T generates parasite terms difficulty to reason about concepts delegated to the metalanguage

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The encoding issue in a LF

Variables (α-conversion, capture-avoiding substitution)

traditional solutions (e.g. de Bruijn indices, first-order variables) Higher-Order Abstract Syntax (HOAS) encapsulates the complexity, thus providing an high level of abstraction: representation by metavariables (functional constructors; functional application)

Incompatibility between HOAS and inductive types

no “full” HOAS: (T→T)→T violates the positivity constraint lack of higher-order recursion and induction principles no inductive representation: (Var→T)→T generates parasite terms difficulty to reason about concepts delegated to the metalanguage

New logics (e.g. Nominal Logic, FOλ∆∇)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The encoding issue in a LF

Variables (α-conversion, capture-avoiding substitution)

traditional solutions (e.g. de Bruijn indices, first-order variables) Higher-Order Abstract Syntax (HOAS) encapsulates the complexity, thus providing an high level of abstraction: representation by metavariables (functional constructors; functional application)

Incompatibility between HOAS and inductive types

no “full” HOAS: (T→T)→T violates the positivity constraint lack of higher-order recursion and induction principles no inductive representation: (Var→T)→T generates parasite terms difficulty to reason about concepts delegated to the metalanguage

New logics (e.g. Nominal Logic, FOλ∆∇) A more conservative approach

weak HOAS the Theory of Contexts

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Encoding: types and type environments

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Encoding: types and type environments

Variables as metavariables of a parametric, non-inductive type:

Parameter Var: Set.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Encoding: types and type environments

Variables as metavariables of a parametric, non-inductive type:

Parameter Var: Set.

Types as terms of an inductive type:

Inductive Tp: Set := top: Tp | var: Var -> Tp | arr: Tp -> Tp -> Tp | fa : Tp -> (Var -> Tp) -> Tp. Coercion var: Var >-> Tp.

Example: ∀X<:Top.X is encoded (fa top (fun X:Var => X))

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Encoding: types and type environments

Variables as metavariables of a parametric, non-inductive type:

Parameter Var: Set.

Types as terms of an inductive type:

Inductive Tp: Set := top: Tp | var: Var -> Tp | arr: Tp -> Tp -> Tp | fa : Tp -> (Var -> Tp) -> Tp. Coercion var: Var >-> Tp.

Example: ∀X<:Top.X is encoded (fa top (fun X:Var => X)) Type environments as lists of pairs (explicit encoding)

Definition envTp: Set := (list (Var * Tp)).

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Encoding: subtyping

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Encoding: subtyping

The “(non) occurrence” concept (isin stands for X∈fv(T)):

Inductive isin (X:Var): Tp -> Prop := isin_var: isin X X | isin_arr: forall S T:Tp, isin X S \/ isin X T -> isin X (arr S T) | isin_fa : forall S:Tp, forall U:Var->Tp, isin X S \/ (forall Y:Var, ~X=Y -> isin X (U Y)) -> isin X (fa S U).

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Encoding: subtyping

The “(non) occurrence” concept (isin stands for X∈fv(T)):

Inductive isin (X:Var): Tp -> Prop := isin_var: isin X X | isin_arr: forall S T:Tp, isin X S \/ isin X T -> isin X (arr S T) | isin_fa : forall S:Tp, forall U:Var->Tp, isin X S \/ (forall Y:Var, ~X=Y -> isin X (U Y)) -> isin X (fa S U).

The auxiliary judgments: X / ∈dom(Γ) (Gfresh), X, T∈Γ (isinG), closed(T, Γ) (Gclosed), ok(Γ) (okEnv)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Encoding: subtyping

The “(non) occurrence” concept (isin stands for X∈fv(T)):

Inductive isin (X:Var): Tp -> Prop := isin_var: isin X X | isin_arr: forall S T:Tp, isin X S \/ isin X T -> isin X (arr S T) | isin_fa : forall S:Tp, forall U:Var->Tp, isin X S \/ (forall Y:Var, ~X=Y -> isin X (U Y)) -> isin X (fa S U).

The auxiliary judgments: X / ∈dom(Γ) (Gfresh), X, T∈Γ (isinG), closed(T, Γ) (Gclosed), ok(Γ) (okEnv) Subtyping (subTp):

Inductive subTp: envTp -> Tp -> Tp -> Prop := ... | sub_fa: forall G:envTp, forall S1 T1:Tp, forall S2 T2:Var->Tp, subTp G T1 S1 -> (forall X:Var, okEnv (cons (X,T1) G) -> subTp (cons (X,T1) G) (S2 X) (T2 X)) -> subTp G (fa S1 S2) (fa T1 T2).

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts

1

Decidability of equality over variables For any variables x and y, it is always possible to decide whether x=y or x=y:

Axiom LEM_Var: forall X Y:Var, X=Y \/ ~X=Y.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts

1

Decidability of equality over variables For any variables x and y, it is always possible to decide whether x=y or x=y:

Axiom LEM_Var: forall X Y:Var, X=Y \/ ~X=Y.

2

Freshness/Unsaturation For any term M, there exists a variable x which does not occur free in it:

Axiom unsat: forall T:Tp, exists X:Var, notin X T.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts

1

Decidability of equality over variables For any variables x and y, it is always possible to decide whether x=y or x=y:

Axiom LEM_Var: forall X Y:Var, X=Y \/ ~X=Y.

2

Freshness/Unsaturation For any term M, there exists a variable x which does not occur free in it:

Axiom unsat: forall T:Tp, exists X:Var, notin X T.

3

Extensionality Two contexts are equal if they are equal on a fresh variable; i.e., if M(x)=N(x) and x / ∈M(·), N(·), then M(·)=N(·):

Axiom tp_ext: forall X:Var, forall S T:Var->Tp, (notin_ho X S) -> (notin_ho X T) -> (S X)=(T X) -> S=T.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts

1

Decidability of equality over variables For any variables x and y, it is always possible to decide whether x=y or x=y:

Axiom LEM_Var: forall X Y:Var, X=Y \/ ~X=Y.

2

Freshness/Unsaturation For any term M, there exists a variable x which does not occur free in it:

Axiom unsat: forall T:Tp, exists X:Var, notin X T.

3

Extensionality Two contexts are equal if they are equal on a fresh variable; i.e., if M(x)=N(x) and x / ∈M(·), N(·), then M(·)=N(·):

Axiom tp_ext: forall X:Var, forall S T:Var->Tp, (notin_ho X S) -> (notin_ho X T) -> (S X)=(T X) -> S=T.

4

β-expansion It is always possible to split a term into a context applied to a variable; i.e., given a term M and a variable x, there exists a context N(·) such that N(x)=M and x / ∈N(·):

Axiom tp_exp: forall S:Tp, forall X:Var, exists S’: Var->Tp, (notin_ho X S’) /\ S=(S’ X).

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work

⇒ Reasoning by structural induction over contexts

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work

⇒ Reasoning by structural induction over contexts Example: Monotonicity of “occurrence” ∈ (isin): x ∈ T(y) ∧ x = y ⇒ x ∈ T(·)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work

⇒ Reasoning by structural induction over contexts Example: Monotonicity of “occurrence” ∈ (isin): x ∈ T(y) ∧ x = y ⇒ x ∈ T(·) We recover the capability of “mimicking” the application of a higher-order induction principle by means of:

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work

⇒ Reasoning by structural induction over contexts Example: Monotonicity of “occurrence” ∈ (isin): x ∈ T(y) ∧ x = y ⇒ x ∈ T(·) We recover the capability of “mimicking” the application of a higher-order induction principle by means of: a predicate measure(T(z)), which counts the number n of constructors occurring in T(z) (where z / ∈T(·))

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work

⇒ Reasoning by structural induction over contexts Example: Monotonicity of “occurrence” ∈ (isin): x ∈ T(y) ∧ x = y ⇒ x ∈ T(·) We recover the capability of “mimicking” the application of a higher-order induction principle by means of: a predicate measure(T(z)), which counts the number n of constructors occurring in T(z) (where z / ∈T(·)) complete induction over the natural number n

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work

⇒ Reasoning by structural induction over contexts Example: Monotonicity of “occurrence” ∈ (isin): x ∈ T(y) ∧ x = y ⇒ x ∈ T(·) We recover the capability of “mimicking” the application of a higher-order induction principle by means of: a predicate measure(T(z)), which counts the number n of constructors occurring in T(z) (where z / ∈T(·)) complete induction over the natural number n β-expansion, extensionality

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work

⇒ Reasoning by structural induction over contexts Example: Monotonicity of “occurrence” ∈ (isin): x ∈ T(y) ∧ x = y ⇒ x ∈ T(·) We recover the capability of “mimicking” the application of a higher-order induction principle by means of: a predicate measure(T(z)), which counts the number n of constructors occurring in T(z) (where z / ∈T(·)) complete induction over the natural number n β-expansion, extensionality Lemma (preliminary): z / ∈T(·) ∧ measure(T(z))=n ∧ x∈T(y) ∧ x=y ⇒ x∈T(·)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work

⇒ Reasoning by structural induction over contexts Example: Monotonicity of “occurrence” ∈ (isin): x ∈ T(y) ∧ x = y ⇒ x ∈ T(·) We recover the capability of “mimicking” the application of a higher-order induction principle by means of: a predicate measure(T(z)), which counts the number n of constructors occurring in T(z) (where z / ∈T(·)) complete induction over the natural number n β-expansion, extensionality Lemma (preliminary): z / ∈T(·) ∧ measure(T(z))=n ∧ x∈T(y) ∧ x=y ⇒ x∈T(·) Proof (complete induction on n, inversion of measure(T(z))=n):

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work

⇒ Reasoning by structural induction over contexts Example: Monotonicity of “occurrence” ∈ (isin): x ∈ T(y) ∧ x = y ⇒ x ∈ T(·) We recover the capability of “mimicking” the application of a higher-order induction principle by means of: a predicate measure(T(z)), which counts the number n of constructors occurring in T(z) (where z / ∈T(·)) complete induction over the natural number n β-expansion, extensionality Lemma (preliminary): z / ∈T(·) ∧ measure(T(z))=n ∧ x∈T(y) ∧ x=y ⇒ x∈T(·) Proof (complete induction on n, inversion of measure(T(z))=n):

1

β-expansion: ∃T ′(·). T ′(z)=T(z) ∧ z / ∈T ′(·)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work

⇒ Reasoning by structural induction over contexts Example: Monotonicity of “occurrence” ∈ (isin): x ∈ T(y) ∧ x = y ⇒ x ∈ T(·) We recover the capability of “mimicking” the application of a higher-order induction principle by means of: a predicate measure(T(z)), which counts the number n of constructors occurring in T(z) (where z / ∈T(·)) complete induction over the natural number n β-expansion, extensionality Lemma (preliminary): z / ∈T(·) ∧ measure(T(z))=n ∧ x∈T(y) ∧ x=y ⇒ x∈T(·) Proof (complete induction on n, inversion of measure(T(z))=n):

1

β-expansion: ∃T ′(·). T ′(z)=T(z) ∧ z / ∈T ′(·)

2

extensionality: T ′(·)=T(·)

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work

⇒ Reasoning by structural induction over contexts Example: Monotonicity of “occurrence” ∈ (isin): x ∈ T(y) ∧ x = y ⇒ x ∈ T(·) We recover the capability of “mimicking” the application of a higher-order induction principle by means of: a predicate measure(T(z)), which counts the number n of constructors occurring in T(z) (where z / ∈T(·)) complete induction over the natural number n β-expansion, extensionality Lemma (preliminary): z / ∈T(·) ∧ measure(T(z))=n ∧ x∈T(y) ∧ x=y ⇒ x∈T(·) Proof (complete induction on n, inversion of measure(T(z))=n):

1

β-expansion: ∃T ′(·). T ′(z)=T(z) ∧ z / ∈T ′(·)

2

extensionality: T ′(·)=T(·) We can “lift” structural information about T(·) to the level of terms.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work: an example

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work: an example

Let us consider the case, where measure(T(z)) = 1.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work: an example

Let us consider the case, where measure(T(z)) = 1. . . . then, inverting such hypothesis, we get (among other subcases) the hypothesis where T(z) = Top.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work: an example

Let us consider the case, where measure(T(z)) = 1. . . . then, inverting such hypothesis, we get (among other subcases) the hypothesis where T(z) = Top. . . . then, we apply β-expansion to Top, yielding a context T ′(·) ≡ λx : Tp.Top.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work: an example

Let us consider the case, where measure(T(z)) = 1. . . . then, inverting such hypothesis, we get (among other subcases) the hypothesis where T(z) = Top. . . . then, we apply β-expansion to Top, yielding a context T ′(·) ≡ λx : Tp.Top. . . . in particular, we have T(z) = Top = T ′(z), whence we can infer T(z) = (λx : Tp.Top)z.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work: an example

Let us consider the case, where measure(T(z)) = 1. . . . then, inverting such hypothesis, we get (among other subcases) the hypothesis where T(z) = Top. . . . then, we apply β-expansion to Top, yielding a context T ′(·) ≡ λx : Tp.Top. . . . in particular, we have T(z) = Top = T ′(z), whence we can infer T(z) = (λx : Tp.Top)z. Finally, by extensionality we infer T(·) = λx : Tp.Top.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

The Theory of Contexts at work: an example

Let us consider the case, where measure(T(z)) = 1. . . . then, inverting such hypothesis, we get (among other subcases) the hypothesis where T(z) = Top. . . . then, we apply β-expansion to Top, yielding a context T ′(·) ≡ λx : Tp.Top. . . . in particular, we have T(z) = Top = T ′(z), whence we can infer T(z) = (λx : Tp.Top)z. Finally, by extensionality we infer T(·) = λx : Tp.Top. ⇒ We have lifted structural information from first-order term to its higher-order counterpart.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Formal development of the POPLmark Challenge

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Formal development of the POPLmark Challenge

Auxiliary properties:

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Formal development of the POPLmark Challenge

Auxiliary properties:

Lemma Gclosed_lemma: forall G:envTp, forall S T:Tp, subTp G S T -> Gclosed S G /\ Gclosed T G.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Formal development of the POPLmark Challenge

Auxiliary properties:

Lemma Gclosed_lemma: forall G:envTp, forall S T:Tp, subTp G S T -> Gclosed S G /\ Gclosed T G. Lemma unsatG: forall G:envTp, exists X:Var, Gfresh X G.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Formal development of the POPLmark Challenge

Auxiliary properties:

Lemma Gclosed_lemma: forall G:envTp, forall S T:Tp, subTp G S T -> Gclosed S G /\ Gclosed T G. Lemma unsatG: forall G:envTp, exists X:Var, Gfresh X G. Fixpoint domGtoT (G:envTp):= match G with | nil => top | (X,T)::G’ => (arr X (domGtoT G’)) end.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Formal development of the POPLmark Challenge

Auxiliary properties:

Lemma Gclosed_lemma: forall G:envTp, forall S T:Tp, subTp G S T -> Gclosed S G /\ Gclosed T G. Lemma unsatG: forall G:envTp, exists X:Var, Gfresh X G. Fixpoint domGtoT (G:envTp):= match G with | nil => top | (X,T)::G’ => (arr X (domGtoT G’)) end.

Main properties (i.e. the POPLmark Challenge):

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Formal development of the POPLmark Challenge

Auxiliary properties:

Lemma Gclosed_lemma: forall G:envTp, forall S T:Tp, subTp G S T -> Gclosed S G /\ Gclosed T G. Lemma unsatG: forall G:envTp, exists X:Var, Gfresh X G. Fixpoint domGtoT (G:envTp):= match G with | nil => top | (X,T)::G’ => (arr X (domGtoT G’)) end.

Main properties (i.e. the POPLmark Challenge):

Lemma reflexivity: forall T:Tp, forall G:envTp,

• kEnv G -> Gclosed T G -> subTp G T T.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Formal development of the POPLmark Challenge

Auxiliary properties:

Lemma Gclosed_lemma: forall G:envTp, forall S T:Tp, subTp G S T -> Gclosed S G /\ Gclosed T G. Lemma unsatG: forall G:envTp, exists X:Var, Gfresh X G. Fixpoint domGtoT (G:envTp):= match G with | nil => top | (X,T)::G’ => (arr X (domGtoT G’)) end.

Main properties (i.e. the POPLmark Challenge):

Lemma reflexivity: forall T:Tp, forall G:envTp,

• kEnv G -> Gclosed T G -> subTp G T T.

Theorem trans_narrow: forall Q:Tp, (forall S:Tp, forall G:envTp, (subTp G S Q) -> forall T:Tp, (subTp G Q T) -> (subTp G S T)) /\ (forall G’:envTp, forall M N:Tp, (subTp G’ M N) -> forall D G:envTp, forall X:Var, forall P:Tp, G’=(app D (cons (X,Q) G)) -> subTp G P Q -> subTp (app D (cons (X,P) G)) M N).

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

POPLmark Challenge metrics of success

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

POPLmark Challenge metrics of success

• Correctness. An alternative presentation of System F<:’s, equivalent

to the original one but closer to the final formalization in Coq. The “on paper” translation to its formal counterpart is a matter of syntactic sugar, except for the use of weak-HOAS.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

POPLmark Challenge metrics of success

• Correctness. An alternative presentation of System F<:’s, equivalent

to the original one but closer to the final formalization in Coq. The “on paper” translation to its formal counterpart is a matter of syntactic sugar, except for the use of weak-HOAS. Reasonable overhead. The weak HOAS approach frees the user from the burden of dealing with α-conversion and capture-avoiding substitution of variables for variables. The Theory of Contexts grants the extra ability to handle and reason about contexts (i.e. higher-order terms).

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

POPLmark Challenge metrics of success

• Correctness. An alternative presentation of System F<:’s, equivalent

to the original one but closer to the final formalization in Coq. The “on paper” translation to its formal counterpart is a matter of syntactic sugar, except for the use of weak-HOAS. Reasonable overhead. The weak HOAS approach frees the user from the burden of dealing with α-conversion and capture-avoiding substitution of variables for variables. The Theory of Contexts grants the extra ability to handle and reason about contexts (i.e. higher-order terms). Transparent technology. The formal representation of System F<: and fundamental theorems are easily readable. The axioms of the Theory of Contexts are reminiscent of properties commonly taken for granted, by working with “pencil and paper”.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

POPLmark Challenge metrics of success

• Correctness. An alternative presentation of System F<:’s, equivalent

to the original one but closer to the final formalization in Coq. The “on paper” translation to its formal counterpart is a matter of syntactic sugar, except for the use of weak-HOAS. Reasonable overhead. The weak HOAS approach frees the user from the burden of dealing with α-conversion and capture-avoiding substitution of variables for variables. The Theory of Contexts grants the extra ability to handle and reason about contexts (i.e. higher-order terms). Transparent technology. The formal representation of System F<: and fundamental theorems are easily readable. The axioms of the Theory of Contexts are reminiscent of properties commonly taken for granted, by working with “pencil and paper”. Reasonable cost of entry. Coq is one of the best environments for a beginner in theorem proving: everybody is allowed to use fruitfully the proof assistant after a reasonable training effort.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Related and future work

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Related and future work

Several solutions collected at Challenge’s web page, carried out within the systems Abella, Alpha Prolog, ATS, Coq, Isabelle/HOL, Matita, Twelf via different approaches, which are classified as de Bruijn, Hybrid, HOAS, Locally nameless, Named variables, Nominal

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Related and future work

Several solutions collected at Challenge’s web page, carried out within the systems Abella, Alpha Prolog, ATS, Coq, Isabelle/HOL, Matita, Twelf via different approaches, which are classified as de Bruijn, Hybrid, HOAS, Locally nameless, Named variables, Nominal The approach closest to ours is by the CMU group (in Twelf):

tp: type. ... forall: tp -> (tp -> tp) -> tp.

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Related and future work

Several solutions collected at Challenge’s web page, carried out within the systems Abella, Alpha Prolog, ATS, Coq, Isabelle/HOL, Matita, Twelf via different approaches, which are classified as de Bruijn, Hybrid, HOAS, Locally nameless, Named variables, Nominal The approach closest to ours is by the CMU group (in Twelf):

tp: type. ... forall: tp -> (tp -> tp) -> tp.

We keep sticking to Coq even in presence of frameworks which have a better support for HOAS (e.g. Twelf) and nominal calculi (e.g. Nominal Isabelle): the main proof is rather compact and follows closely the trace of its “informal” counterpart, carried out on paper

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge

Introduction System F<: Formalization Conclusion

Related and future work

Several solutions collected at Challenge’s web page, carried out within the systems Abella, Alpha Prolog, ATS, Coq, Isabelle/HOL, Matita, Twelf via different approaches, which are classified as de Bruijn, Hybrid, HOAS, Locally nameless, Named variables, Nominal The approach closest to ours is by the CMU group (in Twelf):

tp: type. ... forall: tp -> (tp -> tp) -> tp.

We keep sticking to Coq even in presence of frameworks which have a better support for HOAS (e.g. Twelf) and nominal calculi (e.g. Nominal Isabelle): the main proof is rather compact and follows closely the trace of its “informal” counterpart, carried out on paper From a pragmatic viewpoint, two remarks:

lack of “smart” support for nested inductions (inconsistent cases automatically generated by the application of the induction tactic) handling the type environment could be seen as an overhead: the bookkeeping technique should provide a more compact formalization

Alberto Ciaffaglione, Ivan Scagnetto A weak HOAS approach to the POPLmark Challenge