Programming and Proving with Higher Inductive Types Dan Licata - - PowerPoint PPT Presentation

Programming and Proving with Higher Inductive Types

Dan Licata

Wesleyan University Department of Mathematics and Computer Science

Constructive Type Theory

2

Three senses of constructivity: [Martin-Löf]

Constructive Type Theory

2

Three senses of constructivity: Non-affirmation of certain classical principles provides axiomatic freedom [Martin-Löf]

Synthetic geometry

3

Euclid’s postulates

• 1. To draw a straight line from any point

to any point.

• 2. To produce a finite straight line continuously

in a straight line.

• 3. To describe a circle with any center and distance.
• 4. That all right angles are equal to one another.
• 5. That, if a straight line falling on two straight lines

make the interior angles on the same side less than to right angles,the two straight lines, if produced indefinitely, meet on that side on which are the angles less than the to right angles.

Synthetic geometry

3

Euclid’s postulates Cartesian

• 1. To draw a straight line from any point

to any point.

• 2. To produce a finite straight line continuously

in a straight line.

• 3. To describe a circle with any center and distance.
• 4. That all right angles are equal to one another.
• 5. That, if a straight line falling on two straight lines

make the interior angles on the same side less than to right angles,the two straight lines, if produced indefinitely, meet on that side on which are the angles less than the to right angles.

Synthetic geometry

3

Euclid’s postulates Cartesian models

• 1. To draw a straight line from any point

to any point.

• 2. To produce a finite straight line continuously

in a straight line.

• 3. To describe a circle with any center and distance.
• 4. That all right angles are equal to one another.
• 5. That, if a straight line falling on two straight lines

make the interior angles on the same side less than to right angles,the two straight lines, if produced indefinitely, meet on that side on which are the angles less than the to right angles.

Synthetic geometry

3

Euclid’s postulates Cartesian models

• 1. To draw a straight line from any point

to any point.

• 2. To produce a finite straight line continuously

in a straight line.

• 3. To describe a circle with any center and distance.
• 4. That all right angles are equal to one another.

Synthetic geometry

3

Euclid’s postulates Cartesian models Spherical

• 1. To draw a straight line from any point

to any point.

• 2. To produce a finite straight line continuously

in a straight line.

• 3. To describe a circle with any center and distance.
• 4. That all right angles are equal to one another.

Synthetic geometry

3

Euclid’s postulates Cartesian models Spherical

• 1. To draw a straight line from any point

to any point.

• 2. To produce a finite straight line continuously

in a straight line.

• 3. To describe a circle with any center and distance.
• 4. That all right angles are equal to one another.
• 5. Two distinct lines meet at two antipodal points.

Synthetic mathematics

4

Type theory 1.τ ::= b | τ1 → τ2 2.e ::= x | e1 e2 | λx.e 3.(λx.e)e2 = e[e2/x]

Synthetic mathematics

4

Type theory Set-theoretic functions 1.τ ::= b | τ1 → τ2 2.e ::= x | e1 e2 | λx.e 3.(λx.e)e2 = e[e2/x]

Synthetic mathematics

4

Type theory Set-theoretic functions Domain-theoretic functions 1.τ ::= b | τ1 → τ2 2.e ::= x | e1 e2 | λx.e 3.(λx.e)e2 = e[e2/x]

Synthetic mathematics

4

Type theory Set-theoretic functions Domain-theoretic functions 1.τ ::= b | τ1 → τ2 2.e ::= x | e1 e2 | λx.e 3.(λx.e)e2 = e[e2/x] 4.Y(f) = f(Y(f))

Constructive Type Theory

5

Three senses of constructivity:

Constructive Type Theory

5

Three senses of constructivity: Non-affirmation of certain classical principles provides axiomatic freedom

Constructive Type Theory

5

Three senses of constructivity: Non-affirmation of certain classical principles provides axiomatic freedom Computational interpretation supports software verification and proof automation

Computational Interpretation

6

There is an algorithm that, given a closed program e : bool, computes either an equality e = true, or an equality e = false.

Computational Interpretation

6

There is an algorithm that, given a closed program e : bool, computes either an equality e = true, or an equality e = false. Requires functions with arbitrary domain/ range to be computable, but stating theorem for bool offers some flexibility

Computational Interpretation

6

There is an algorithm that, given a closed program e : bool, computes either an equality e = true, or an equality e = false. Requires functions with arbitrary domain/ range to be computable, but stating theorem for bool offers some flexibility Basis for software verification and proof automation

Constructive Type Theory

7

Three senses of constructivity: Non-affirmation of certain classical principles provides axiomatic freedom Computational interpretation supports software verification and proof automation

Constructive Type Theory

7

Three senses of constructivity: Non-affirmation of certain classical principles provides axiomatic freedom Props-as-types allows proof-relevant mathematics Computational interpretation supports software verification and proof automation

Proof relevance

8

x : A

Proof relevance

8

equality type

x =A y x : A

Proof relevance

8

equality type

x =A y p : x : A

Proof relevance

8

equality type

x =A y p : x : A

Any structure or property C can be transported along an equality

Proof relevance

8

equality type

x =A y p : transportC(p) : C(x) C(y) x : A

Any structure or property C can be transported along an equality

Proof relevance

8

equality type

x =A y p : transportC(p) : C(x) C(y) x : A

Any structure or property C can be transported along an equality

Leibniz’s indiscernability

• f identicals

Proof relevance

8

equality type

x =A y p : transportC(p) : C(x) C(y) x : A

Any structure or property C can be transported along an equality by a function: can it do real work?

Leibniz’s indiscernability

• f identicals

Proof relevance

9

equality type

x =A y p : x : A

Proof relevance

9

equality type

x =A y p : p1 =x=y p2 x : A

Proof relevance

9

equality type

x =A y p : p1 =x=y p2 q : x : A

Proof relevance

9

equality type

x =A y p : p1 =x=y p2 q : x : A q1 =p1=p2 q2

Proof relevance

9

equality type

x =A y p : p1 =x=y p2 q : x : A q1 =p1=p2 q2 r :

Proof relevance

9

equality type

x =A y p : p1 =x=y p2 q : x : A q1 =p1=p2 q2 r : ...

higher equalities radically expand the kind of math that can be done synthetically…

category theory homotopy theory type theory

Homotopy Type Theory

10

[Hofmann,Streicher,Awodey,Warren,Voevodsky Lumsdaine,Gambino,Garner,van den Berg]

Types as spaces

11

M N α

Types as spaces

11

M N α

type A is a space

Types as spaces

11

M N α

programs M:A are points type A is a space

Types as spaces

11

M N α

programs M:A are points type A is a space proofs of equality α : M =A N are paths

Types as spaces

11

M N α

programs M:A are points type A is a space proofs of equality α : M =A N are paths path operations

Types as spaces

11

M N α id

programs M:A are points type A is a space proofs of equality α : M =A N are paths path operations

id : M = M (refl)

Types as spaces

11

M N α id α

programs M:A are points type A is a space proofs of equality α : M =A N are paths path operations

id : M = M (refl) α-1 : N = M (sym)

• 1

Types as spaces

11

M N α P β id α

programs M:A are points type A is a space proofs of equality α : M =A N are paths path operations

id : M = M (refl) α-1 : N = M (sym) β o α : M = P (trans)

• 1

Homotopy

12

Deformation of one path into another α β

Homotopy

12

Deformation of one path into another α β

Homotopy

12

Deformation of one path into another α β = 2-dimensional path between paths

Homotopy

12

Deformation of one path into another α β = 2-dimensional path between paths

α =x=y β δ :

Homotopy

12

Deformation of one path into another α β = 2-dimensional path between paths Then homotopies between homotopies ….

α =x=y β δ :

Types as spaces

13

M N α P β id α

programs M:A are points type A is a space proofs of equality α : M =A N are paths path operations

id : M = M (refl) α-1 : N = M (sym) β o α : M = P (trans)

• 1

homotopies

ul : id o α =M=N α il : α-1 o α =M=M id asc : γ o (β o α) =M=P (γ o β) o α

category theory homotopy theory type theory

Homotopy Type Theory

14

[Hofmann,Streicher,Awodey,Warren,Voevodsky Lumsdaine,Gambino,Garner,van den Berg]

Types as ∞-groupoids

15

type A is an ∞-groupoid morphisms

id : M = M (refl) α-1 : N = M (sym) β o α : M = P (trans)

morphisms between morphisms

infinite-dimensional algebraic structure, with morphisms, morphisms between morphisms, ... each level has a groupoid structure, and they interact

ul : id o α =M=N α il : α-1 o α =M=M id asc : γ o (β o α) =M=P (γ o β) o α

Path induction

16

Type of paths from a to somewhere

a id a

is inductively generated by

y3 y1 y2 p1 p3 p2

Path induction

16

Fix a type A with element a:A. For a family of types C(y:A, p:a=y), to give an element of C(y,p) for all y and p:a=y, suffices to give an element of C(a,id) Type of paths from a to somewhere

a id a

is inductively generated by

y3 y1 y2 p1 p3 p2

Type theory is a synthetic theory of spaces/∞-groupoids

17

category theory homotopy theory type theory

Homotopy Type Theory

18

new programs and types

Univalence

19

[Voevodsky]

Univalence

19

Equivalence of types is a generalization to spaces of bijection of sets [Voevodsky]

Univalence

19

Equivalence of types is a generalization to spaces of bijection of sets Univalence axiom: equality of types (A =Type B) is (equivalent to) equivalence of types (Equiv A B) [Voevodsky]

Univalence

19

Equivalence of types is a generalization to spaces of bijection of sets Univalence axiom: equality of types (A =Type B) is (equivalent to) equivalence of types (Equiv A B) ∴ all structures/properties respect equivalence [Voevodsky]

Univalence

19

Equivalence of types is a generalization to spaces of bijection of sets Univalence axiom: equality of types (A =Type B) is (equivalent to) equivalence of types (Equiv A B) ∴ all structures/properties respect equivalence Not by collapsing equivalence, but by exploiting proof-relevant equality: transport does real work [Voevodsky]

Higher inductive types

20

New way of forming types: Inductive type specified by generators not only for points (elements), but also for paths [Bauer,Lumsdaine,Shulman,Warren]

Constructivity

21

Non-affirmation of classical principles Proof-relevant mathematics Computational interpretation

? ✓ ✓

category theory homotopy theory type theory

Homotopy Type Theory

22

new possibilities for computer- checked proofs new programs and types

Outline

23

1.Certified homotopy theory 2.Certified software

Outline

24

1.Certified homotopy theory 2.Certified software

Homotopy Theory

25

A branch of topology, the study of spaces and continuous deformations

[image from wikipedia]

Homotopy in HoTT

26

π1(S1) = ℤ πk<n(Sn) = 0 π2(S2) = ℤ Hopf fibration π3(S2) = ℤ πn(Sn) = ℤ Freudenthal π4(S3) = ℤ? James Construction K(G,n) Blakers-Massey Van Kampen Covering spaces Whitehead for n-types Cohomology axioms [Brunerie, Finster, Hou, Licata, Lumsdaine, Shulman]

Homotopy in HoTT

26

π1(S1) = ℤ πk<n(Sn) = 0 π2(S2) = ℤ Hopf fibration π3(S2) = ℤ πn(Sn) = ℤ Freudenthal π4(S3) = ℤ? James Construction K(G,n) Blakers-Massey Van Kampen Covering spaces Whitehead for n-types Cohomology axioms [Brunerie, Finster, Hou, Licata, Lumsdaine, Shulman]

Homotopy Groups

27

Homotopy groups of a space X: π1(X) is fundamental group (group of loops) π2(X) is group of homotopies (2-dimensional loops) π3(X) is group of 3-dimensional loops …

28

= |

Telling spaces apart

28

= |

fundamental group is non-trivial (ℤ × ℤ) fundamental group is trivial

Telling spaces apart

The Circle

29

Circle S1 is a higher inductive type generated by

loop base

The Circle

29

Circle S1 is a higher inductive type generated by base : S1 loop : base = base

loop base

The Circle

29

Circle S1 is a higher inductive type generated by base : S1 loop : base = base

loop base

point

The Circle

29

Circle S1 is a higher inductive type generated by base : S1 loop : base = base

loop base

point path

The Circle

29

Circle S1 is a higher inductive type generated by base : S1 loop : base = base

loop base

Free type: equipped with structure

id loop-1

point path

inv : loop o loop-1 = id id loop-1 loop o loop ...

The Circle

30

Circle recursion: function S1 X determined by base’ : X loop’ : base’ = base’

loop base loop’ base’

The Circle

30

Circle recursion: function S1 X determined by base’ : X loop’ : base’ = base’ Circle induction: To prove a predicate P for all points

• n the circle, suffices to prove P(base),

continuously in the loop

loop base loop’ base’

Fundamental group of circle

31

How many different loops are there on the circle, up to homotopy?

loop base

Fundamental group of circle

31

How many different loops are there on the circle, up to homotopy? id

loop base

Fundamental group of circle

31

How many different loops are there on the circle, up to homotopy? id loop

loop base

Fundamental group of circle

31

How many different loops are there on the circle, up to homotopy? id loop loop-1

loop base

Fundamental group of circle

31

How many different loops are there on the circle, up to homotopy? id loop loop-1 loop o loop

loop base

Fundamental group of circle

31

How many different loops are there on the circle, up to homotopy? id loop loop-1 loop o loop loop-1 o loop-1

loop base

Fundamental group of circle

31

How many different loops are there on the circle, up to homotopy? id loop loop-1 loop o loop loop-1 o loop-1 loop o loop-1

loop base

Fundamental group of circle

31

How many different loops are there on the circle, up to homotopy? = id id loop loop-1 loop o loop loop-1 o loop-1 loop o loop-1

loop base

Fundamental group of circle

31

How many different loops are there on the circle, up to homotopy? = id id loop loop-1 loop o loop loop-1 o loop-1 loop o loop-1

loop base

Fundamental group of circle

31

How many different loops are there on the circle, up to homotopy? = id id loop loop-1 loop o loop loop-1 o loop-1 loop o loop-1 1

loop base

Fundamental group of circle

31

How many different loops are there on the circle, up to homotopy? = id id loop loop-1 loop o loop loop-1 o loop-1 loop o loop-1 1

• 1

loop base

Fundamental group of circle

31

How many different loops are there on the circle, up to homotopy? = id id loop loop-1 loop o loop loop-1 o loop-1 loop o loop-1 1

• 1

2

loop base

Fundamental group of circle

31

How many different loops are there on the circle, up to homotopy? = id id loop loop-1 loop o loop loop-1 o loop-1 loop o loop-1 1

• 1

2

• 2

loop base

Fundamental group of circle

31

How many different loops are there on the circle, up to homotopy? = id id loop loop-1 loop o loop loop-1 o loop-1 loop o loop-1 1

• 1

2

• 2

loop base

Fundamental group of circle

31

How many different loops are there on the circle, up to homotopy? = id id loop loop-1 loop o loop loop-1 o loop-1 loop o loop-1 1

• 1

2

• 2

integers are “codes” for paths on the circle

loop base

Fundamental group of circle

32

• Definition. Ω(S1) is the type of loops at base

i.e. the type (base =S1 base)

Fundamental group of circle

32

• Definition. Ω(S1) is the type of loops at base

i.e. the type (base =S1 base)

• Theorem. Ω(S1) is equivalent to ℤ,

by a map that sends o to +

Fundamental group of circle

32

Corollary: Fundamental group

• f the circle is isomorphic to ℤ
• Definition. Ω(S1) is the type of loops at base

i.e. the type (base =S1 base)

• Theorem. Ω(S1) is equivalent to ℤ,

by a map that sends o to +

Fundamental group of circle

32

Corollary: Fundamental group

• f the circle is isomorphic to ℤ
• Definition. Ω(S1) is the type of loops at base

i.e. the type (base =S1 base)

• Theorem. Ω(S1) is equivalent to ℤ,

by a map that sends o to +

0-truncation (set of connected components)

• f Ω(S1)

Fundamental group of circle

33

• Theorem. Ω(S1) is equivalent to ℤ

Proof (Shulman, L.): two mutually inverse functions wind : Ω(S1) ℤ loop- : ℤ Ω(S1)

Fundamental group of circle

33

• Theorem. Ω(S1) is equivalent to ℤ

Proof (Shulman, L.): two mutually inverse functions wind : Ω(S1) ℤ loop0 = id loop+n = loop o loop o … loop (n times) loop-n = loop-1 o loop-1 o … loop-1 (n times) loop- : ℤ Ω(S1)

Universal Cover

34

wind : Ω(S1) ℤ defined by lifting a loop to the cover, and giving the other endpoint of 0

Universal Cover

34

wind : Ω(S1) ℤ defined by lifting a loop to the cover, and giving the other endpoint of 0 lifting is functorial

Universal Cover

34

wind : Ω(S1) ℤ defined by lifting a loop to the cover, and giving the other endpoint of 0 lifting loop adds 1 lifting is functorial

Universal Cover

34

wind : Ω(S1) ℤ defined by lifting a loop to the cover, and giving the other endpoint of 0 lifting loop adds 1 lifting loop-1 subtracts 1 lifting is functorial

Universal Cover

34

wind : Ω(S1) ℤ defined by lifting a loop to the cover, and giving the other endpoint of 0 lifting loop adds 1 lifting loop-1 subtracts 1 Example: wind(loop o loop-1) = 0 + 1 - 1 = 0 lifting is functorial

Universal Cover

35

Universal Cover

35

Cover : S1 Type Cover(base) := ℤ Cover1(loop) := ua(successor) : ℤ = ℤ

Universal Cover

35

Cover : S1 Type Cover(base) := ℤ Cover1(loop) := ua(successor) : ℤ = ℤ

defined by circle recursion

Universal Cover

35

Cover : S1 Type Cover(base) := ℤ Cover1(loop) := ua(successor) : ℤ = ℤ

interpret loop as “add 1” bijection defined by circle recursion

Universal Cover

35

Cover : S1 Type Cover(base) := ℤ Cover1(loop) := ua(successor) : ℤ = ℤ

interpret loop as “add 1” bijection univalence defined by circle recursion

Winding number

36

wind : Ω(S1) ℤ wind(p) = transportCover(p,0)

lift p to cover, starting at 0

Winding number

36

wind : Ω(S1) ℤ wind(p) = transportCover(p,0)

wind(loop-1 o loop)

lift p to cover, starting at 0

Winding number

36

wind : Ω(S1) ℤ wind(p) = transportCover(p,0)

wind(loop-1 o loop)

lift p to cover, starting at 0

= transportCover(loop-1 o loop, 0)

Winding number

36

wind : Ω(S1) ℤ wind(p) = transportCover(p,0)

wind(loop-1 o loop)

lift p to cover, starting at 0

= transportCover(loop-1 o loop, 0) = transportCover(loop-1, transportCover(loop,0))

Winding number

36

wind : Ω(S1) ℤ wind(p) = transportCover(p,0)

wind(loop-1 o loop)

lift p to cover, starting at 0

= transportCover(loop-1 o loop, 0) = transportCover(loop-1, transportCover(loop,0)) = transportCover(loop-1, 1)

Winding number

36

wind : Ω(S1) ℤ wind(p) = transportCover(p,0)

wind(loop-1 o loop)

lift p to cover, starting at 0

= transportCover(loop-1 o loop, 0) = transportCover(loop-1, transportCover(loop,0)) = transportCover(loop-1, 1) = 0

37

The HoTT book Computer-checked Fundamental group of the circle

πn(Sn) in HoTT

38

kth homotopy group n

• d

i m e n s i

• n

a l s p h e r e

[image from wikipedia]

πn(Sn) in HoTT

38

kth homotopy group n

• d

i m e n s i

• n

a l s p h e r e

[image from wikipedia]

πn(Sn) = ℤ for n≥1

39

Base case: π1(S1) = ℤ Inductive step: πn+1(Sn+1) = πn(Sn) Proof: Induction on n

πn(Sn) = ℤ for n≥1

39

Base case: π1(S1) = ℤ Inductive step: πn+1(Sn+1) = πn(Sn) Proof: Induction on n Key lemma: |Sn|n = |Ω(Sn+1)|n

πn(Sn) = ℤ for n≥1

39

Base case: π1(S1) = ℤ Inductive step: πn+1(Sn+1) = πn(Sn) Proof: Induction on n Key lemma: |Sn|n = |Ω(Sn+1)|n

n-truncation: best approximation of a type such that all (n+1)-paths are equal

πn(Sn) = ℤ for n≥1

39

Base case: π1(S1) = ℤ Inductive step: πn+1(Sn+1) = πn(Sn) Proof: Induction on n Key lemma: |Sn|n = |Ω(Sn+1)|n

n-truncation: best approximation of a type such that all (n+1)-paths are equal higher inductive type generated by basen : Sn loopn : Ωn(Sn)

|Sn|n = |Ω(Sn+1)| n

n-truncation of Sn is the type of “codes” for loops on Sn+1

|Sn|n = |Ω(Sn+1)| n

Decode: promote n-dimensional loop on Sn to n+1-dimensional loop on Sn+1 n-truncation of Sn is the type of “codes” for loops on Sn+1

|Sn|n = |Ω(Sn+1)| n

Decode: promote n-dimensional loop on Sn to n+1-dimensional loop on Sn+1 n-truncation of Sn is the type of “codes” for loops on Sn+1 Encode: define fibration Code(x:Sn+1) with Code(basen+1) := |Sn|n Code(loopn+1) := equivalence |Sn|n → |Sn|n “rotating by loopn” ∼

π2(S2): Hopf fibration

42

Gap between informal and formal proofs is small Proofs are constructive*: can run them Results apply in a variety of settings, from simplicial sets (hence topological spaces) to Quillen model categories and ∞-topoi* New type-theoretic proofs/methods *work in progress

Synthetic homotopy theory

Outline

43

1.Certified homotopy theory 2.Certified software

Patches

44

a b c diff 2c2 < b

• > d

a d c

=

Patch Version control Collaborative editing

45

a b c id a b c

45

a b c id a b c a b c p a d c q a d e

45

a b c id a b c a b c p a d c q a d e q o p

45

a b c id a b c a b c p a d c q a d e q o p a b c p a d c

45

a b c id a b c a b c p a d c q a d e q o p a b c p a d c !p

45

a b c id a b c a b c p a d c q a d e q o p a b c p a d c !p

undo/rollback

45

a b c id a b c a b c p a d c q a d e q o p a b c p a d c !p

undo/rollback

Patches are paths

Merging

46

a b c p a d c q a b e

Merging

46

a b c p a d c q a b e a d e q’ p’

Merging

46

a b c p a d c q a b e a d e q’ p’ p=b↔d at 1 q=c↔e at 2

Merging

46

a b c p a d c q a b e a d e q’ p’ p=b↔d at 1 q=c↔e at 2 p’=p q’=q

Merging

46

a b c p a d c q a b e a d e q’ p’

=

p=b↔d at 1 q=c↔e at 2 p’=p q’=q

Merging

47

merge : (p q : Patch) Σq’,p’:Patch. Maybe(q’ o p = p’ o q)

Merging

47

merge : (p q : Patch) Σq’,p’:Patch. Maybe(q’ o p = p’ o q) Equational theory of patches = paths between paths

Basic Patches

48

f i b r a t i

• n

f i b f i a

a ↔ b @ 2 a ↔ b @ 2

Basic Patches

48

“Repository” is a char vector of length n

f i b r a t i

• n

Basic patch is a ↔ b @ i where i<n

f i b f i a

a ↔ b @ 2 a ↔ b @ 2

Patches as a HIT

49

Generator for Repos:Type

Patches as a HIT

49

Generator for Repos:Type doc[n]

points describe repository contents

Patches as a HIT

49

Generator for Repos:Type a↔b@i doc[n]

points describe repository contents paths are patches

Patches as a HIT

49

Generator for Repos:Type a↔b@i doc[n] compressed

points describe repository contents paths are patches

Patches as a HIT

49

Generator for Repos:Type a↔b@i doc[n] compressed

points describe repository contents paths are patches

gzip

Patches as a HIT

49

Generator for Repos:Type a↔b@i doc[n] compressed

points describe repository contents paths are patches

gzip

Patches as a HIT

49

Generator for Repos:Type a↔b@i doc[n] compressed

points describe repository contents paths are patches

gzip

doc[n] doc[n] doc[n] doc[n]

Patches as a HIT

49

Generator for Repos:Type a↔b@i doc[n] compressed

points describe repository contents paths are patches

gzip

doc[n] doc[n] doc[n] doc[n] a↔b@i c↔d@j c↔d@j a↔b@i

Patches as a HIT

49

Generator for Repos:Type a↔b@i doc[n] compressed

points describe repository contents paths are patches

gzip

doc[n] doc[n] doc[n] doc[n] a↔b@i c↔d@j c↔d@j a↔b@i

paths between paths are equations between patches

Patches as a HIT

49

Generator for Repos:Type a↔b@i doc[n] compressed

points describe repository contents paths are patches

gzip

doc[n] doc[n] doc[n] doc[n] a↔b@i c↔d@j c↔d@j a↔b@i i≠j

paths between paths are equations between patches

Generators for HIT

50

Generator for

Generators for HIT

50

Repos : Type Generator for

Generators for HIT

50

Repos : Type doc[n] : Repos Generator for compressed : Repos

Generators for HIT

50

Repos : Type doc[n] : Repos (a↔b@i) : doc[n] = doc[n] if a,b:Char, i<n Generator for compressed : Repos gzip : doc[n] = compressed

Generators for HIT

50

Repos : Type doc[n] : Repos (a↔b@i) : doc[n] = doc[n] if a,b:Char, i<n commute: (a↔b at i)o(c↔d at j) if i ≠ j =(c↔d at j)o(a↔b at i) Generator for compressed : Repos gzip : doc[n] = compressed

51

id o p = p = p o id po(qor) = (poq)or !p o p = id = p o !p p=p p=q if q=p p=r if p=q and q=r !p = !p’ if p = p’ p o q = p’ o q’ if p = p’ and q = q’ (a↔b at i)o(c↔d at j)= (c↔d at j)o(a↔b at i) ...

Elements: Equality: Type: Repos Points: doc[n] Paths: a↔b@i Paths between paths:

commute : (a↔b at i)o(c↔d at j)= (c↔d at j)o(a↔b at i)

Type: Patch

52

Repos A To define a function it suffices to Generator for

Repos recursion

52

Repos A To define a function it suffices to Generator for map the element generators of Repos to elements of A

Repos recursion

52

Repos A To define a function it suffices to Generator for map the element generators of Repos to elements of A map the equality generators of Repos to equalities between the corresponding elements of A

Repos recursion

52

Repos A To define a function it suffices to Generator for map the element generators of Repos to elements of A map the equality generators of Repos to equalities between the corresponding elements of A map the equality-between-equality generators to equalities between the corresponding equalities in A

Repos recursion

52

Repos A To define a function it suffices to Generator for map the element generators of Repos to elements of A map the equality generators of Repos to equalities between the corresponding elements of A map the equality-between-equality generators to equalities between the corresponding equalities in A

Repos recursion

All functions on Repos respect patches All functions on patches respect patch equality

Interpreter

53

Goal is to define: Generator for

interp : doc[n] = doc[n] Bijection (Vec Char n) (Vec Char n)

Interpreter

53

Goal is to define: Generator for

interp : doc[n] = doc[n] Bijection (Vec Char n) (Vec Char n) interp(a↔b@i) = swapat a b i interp(q o p) = (interp q) ob (interp p) interp(id) = (λx.x, …) interp(!p) = !b (interp p)

Interpreter

53

Goal is to define: Generator for But only tool available is RepoDesc recursion: no direct recursion over paths

interp : doc[n] = doc[n] Bijection (Vec Char n) (Vec Char n) interp(a↔b@i) = swapat a b i interp(q o p) = (interp q) ob (interp p) interp(id) = (λx.x, …) interp(!p) = !b (interp p)

54

Generator for Need to pick A and define

interp : doc[n]=doc[n] Bijection (Vec Char n) (Vec Char n) I(doc[n]) := … : A I1(a↔b@i) := … : I(doc[n]) = I(doc[n]) I2(compose) := … interp(a↔b at i) = swapat a b i

55

Generator for Key idea: pick A = Type and define

I(doc[n]) := … : Type I1(a↔b@i) := … : I(doc[n]) = I(doc[n]) I2(compose) := … interp : doc[n]=doc[n] Bijection (Vec Char n) (Vec Char n) interp(a↔b at i) = swapat a b i

56

Generator for Key idea: pick A = Type and define

I(doc[n]) := Vec Char n : Type I1(a↔b@i) := … : I(doc[n]) = I(doc[n]) I2(compose) := … interp : doc[n]=doc[n] Bijection (Vec Char n) (Vec Char n) interp(a↔b at i) = swapat a b i

57

Generator for Key idea: pick A = Type and define

I(doc[n]) := Vec Char n : Type I1(a↔b@i) := … : Vec Char n = Vec Char n I2(compose) := … interp : doc[n]=doc[n] Bijection (Vec Char n) (Vec Char n) interp(a↔b at i) = swapat a b i

58

Generator for Key idea: pick A = Type and define

I(doc[n]) := Vec Char n : Type I1(a↔b@i) := ua(swapat a b i) : Vec Char n = Vec Char n I2(compose) := … interp : doc[n]=doc[n] Bijection (Vec Char n) (Vec Char n) interp(a↔b at i) = swapat a b i

58

Generator for Key idea: pick A = Type and define

I(doc[n]) := Vec Char n : Type I1(a↔b@i) := ua(swapat a b i) : Vec Char n = Vec Char n I2(compose) := … univalence interp : doc[n]=doc[n] Bijection (Vec Char n) (Vec Char n) interp(a↔b at i) = swapat a b i

59

Generator for Key idea: pick A = Type and define

I(doc[n]) := Vec Char n : Type I1(a↔b@i) := ua(swapat a b i) : Vec Char n = Vec Char n I2(compose) := <proof about swapat> interp : doc[n]=doc[n] Bijection (Vec Char n) (Vec Char n) interp(a↔b at i) = swapat a b i

60

Generator for Key idea: pick A = Type and define

I(doc[n]) := Vec Char n : Type I1(a↔b@i) := ua(swapat a b i) : Vec Char n = Vec Char n I2(compose) := <proof about swapat> interp(p) = ua-1(I1(p)) interp : doc[n]=doc[n] Bijection (Vec Char n) (Vec Char n)

61

Generator for

interp(p) = ua-1(I1(p)) interp(a↔b@i) = swapat a b i interp(q o p) = (interp q) ob (interp p) interp(id) = (λx.x, …) interp(!p) = !b (interp p) Satisfies the desired equations (as propositional equalities): interp : doc[n]=doc[n] Bijection (Vec Char n) (Vec Char n)

62

Generator for

Summary

62

Generator for

Summary

I : Repos Type interprets Repos as Types, patches as bijections, satisfying patch equalities

62

Generator for

Summary

I : Repos Type interprets Repos as Types, patches as bijections, satisfying patch equalities Higher inductive elim. defines functions that respect equality: you specify what happens on the generators; homomorphically extended to id,o,!,...

62

Generator for

Summary

I : Repos Type interprets Repos as Types, patches as bijections, satisfying patch equalities Higher inductive elim. defines functions that respect equality: you specify what happens on the generators; homomorphically extended to id,o,!,... Univalence lets you give a computational model of equality proofs (here, patches); guaranteed to satisfy laws

62

Generator for

Summary

I : Repos Type interprets Repos as Types, patches as bijections, satisfying patch equalities Higher inductive elim. defines functions that respect equality: you specify what happens on the generators; homomorphically extended to id,o,!,... Univalence lets you give a computational model of equality proofs (here, patches); guaranteed to satisfy laws Shorter definition and code: 1 basic patch & 4 basic axioms of equality, instead of 4 patches & 14 equations

63

Generator for

Operational semantics

Can’t run these programs yet Some special cases known, some recent progress: Licata&Harper, POPL’12 Coquand&Barras, ’13 Shulman, ’13 Bezem&Coquand&Huber, ’13 Would support proof automation and programming applications

Outline

64

1.Certified homotopy theory 2.Certified software

category theory homotopy theory type theory

Homotopy Type Theory

65

new certified programs and proofs new programs and types