Game semantics of Martin-Löf type theory, part III: its consistency with Church's thesis
aa r X i v : . [ m a t h . L O ] J u l Yamada
RESEARCH
Game semantics of Martin-L¨of type theory,part III: its consistency with Church’s thesis
Norihiro Yamada
This is a preprint submitted to
Research in the Mathematical Sciences (RMS).
Correspondence:[email protected] of Minnesota,Minneapolis, MN 55455, USAFull list of author information isavailable at the end of the article
Abstract
We prove consistency of intensional Martin-L¨of type theory (MLTT) with formalChurch’s thesis (CT) , which was open for at least fifteen years. The difficulty inproving the consistency is that a standard method of realizability `a la Kleene doesnot work for the consistency, though it validates CT, as it does not model MLTT;specifically, the realizability does not validate MLTT’s congruence rule on pi-types(known as the ξ -rule). We overcome this point and prove the consistency by novelrealizability `a la game semantics , which is based on the author’s previous work. Keywords:
Church’s thesis; Martin-L¨of type theory; constructive mathematics;realizability; game semantics
AMS Subject Classification: primary 03F50; secondary 03B70
Contents
Abstract 11 Introduction 2 amada Page 2 of 63
A.1 Contexts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58A.2 Structural rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58A.3 Unit-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59A.4 Empty-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60A.5 N-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60A.6 Pi-types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61A.7 Sigma-types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62A.8 Id-types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Convention
To clear ambiguity, we call a mere assignment of semantic objects tosyntactic objects an interpretation or semantics , and an interpretation that respectstarget syntactic properties (e.g., existence of a derivation of equality between terms)by semantic properties (e.g., agreement of the assigned semantic objects) a model .(I.e., a model means a sound interpretation.) We say that an interpretation models a type theory if it is a model of the type theory, and it models or validates (resp. refutes ) an axiom or rule if it respects (resp. does not respect) the axiom or rule. Ishihara et al. [1, Section 8] conclude by stating thatUnfortunately, the consistency of Church’s thesis with full Martin-L¨of’s is stillopen, and it is presumably quite difficult to answer this question.The present work answers the question in the affirmative , i.e., we prove consistencyof intensional Martin-L¨of type theory with formal Church’s thesis , which was openfor at least fifteen years. Our motivation comes from the view that the consistencyproblem is interesting as a mathematical problem in its own right but also from itsconsequences on foundations of constructive mathematics.Intensional Martin-L¨of type theory, or
MLTT for short, is a formal system forconstructive mathematics, which is shown to be consistent (i.e., it does not derive falsity ). On the other hand, formal Church’s thesis is a logical formula expressiblein MLTT and states that (total) maps on the set N of all natural numbers are all‘computable’ or recursive . Then, our result, i.e., the targeted consistency, means thatMLTT equipped with formal Church’s thesis as an additional axiom is consistent. amada Page 3 of 63 Our consistency proof is based on a mathematical model of MLTT, called gamesemantics , and in a novel manner takes advantage of its distinguishing features: the distinction and the asymmetry between
Player , who ‘executes (the interpretationof) a term,’ and
Opponent , who plays the role of the ‘environment’ or ‘rebutter’ forPlayer in game semantics. More precisely, our modified game semantics, which wecall realizability `a la game semantics , forces Opponent to play as ‘total,’ ‘effective’computation when he plays as an input for Player and moreover exhibit a realizer for his input computation before its execution even if the calculation of the realizeris not ‘effective,’ [1] while in contrast it does not impose this heavy task on Playeror assign to her a choice of a realizer for the interpretation of a term. Consequently,realizability `a la game semantics trivially validates formal Church’s thesis becauseOpponent discloses a realizer for his input computation N → N (so that it sufficesfor validating formal Church’s thesis to just let Player ‘copy-cat’ the realizer), butalso it models MLTT since it is as abstract as the existing game semantics of MLTT.This novel ‘game-semantic art’ explains why our method, unlike existing ones,succeeds in solving the consistency problem, and moreover it opens up a new wayof applying game semantics to the study of constructive mathematics.In the rest of this introduction, we explain the backgrounds, our motivations, theproblem to solve, our solution for the problem, our contribution and related workin such a way that it would suffice in subsequent sections to just fill in the details. Constructive mathematics [3, 4, 5] is a branch of mathematical logic [6] and foun-dations of mathematics [7] that studies ‘constructive,’ ‘computable’ or ‘effective’objects and reasonings. One of the major motivations for constructive mathemat-ics is the suspicion against ‘nonconstructive’ objects and reasonings in classical orordinary mathematics, e.g., the law of excluded middle and the axiom of choice [3].However, constructive mathematicians have never established a universal consen-sus on which objects and reasonings in mathematics are ‘constructive’ or how toformulate the informal notion of ‘constructivity.’ In fact, various different schoolsof constructive mathematics have arisen and been present in the literature.
Type theories [8, 9] are a particular class of formal systems [6], whose distinguishingfeature is that their variables and terms are typed . By the
Curry-Howard isomor-phisms (CHIs) [8, 10], type theories serve as a single formalism for both logic andcomputation; they are not only formal systems but also programming languages .A type theory is simple if it prohibits variables from occurring in types, and dependent otherwise [9, 10], where we consider only term variables (i.e., no typevariables ) in this article. The generalization of simple type theories to dependentones corresponds under the CHIs to that of propositional logic to predicate logic [6].Type theories are similar to sequent calculi [11, 12] except that vertices of aformal proof or derivation (tree) in a type theory are not sequents but judgements ,for which we usually write J (possibly with subscripts/superscripts). Hence, a type [1] It is not a problem because game semantics treats Opponent as an ‘oracle’ endowedwith an unlimited computational power. See [2, Section 1] for more on this point. amada Page 4 of 63 theory consists of axioms J and (inference) rules J J ... J k J , which are to makea conclusion from hypotheses by constructing a derivation. Most type theories havethe following six kinds of judgements (followed by their intended meanings):1 ⊢ Γ ctx ( Γ is a context , i.e., a finite sequence of pairs of a variable and a type);2 Γ ⊢ A type ( A is a type in the context Γ );3 Γ ⊢ a : A ( a is a term of the type A in the context Γ );4 ⊢ Γ = ∆ ctx ( Γ and ∆ are equal contexts);5 Γ ⊢ A = B type ( A and B are equal types in the context Γ );6 Γ ⊢ a = a ′ : A ( a and a ′ are equal terms of the type A in the context Γ ),where the judgements (1), (4) and (5) are trivial and usually omitted in simple typetheories. We often omit the turnstile ⊢ in judgements if the context on the LHS isempty. The CHIs regard contexts, types and terms as assumptions , formulas and proofs in logic, respectively; type theories serve as formal systems in this way [9, 10]. Martin-L¨of type theory (MLTT) invented by Martin-L¨of [13, 14, 15] is a prominentdependent type theory meant to serve as a foundation of constructive mathematics,which is comparable to
Zermelo-Fraenkel set theory with the axiom of choice (ZFC) [16] for classical mathematics. Also, MLTT is a subject in computer science as wellsince it is not only a formal system but also a programming language [17].Strictly speaking, there are the intensional and the extensional variants of MLTT;see Appendix A for the details. In this article, we focus on the intensional variantas the extensional one is known to be inconsistent with formal Church’s thesis [18,Proposition 6.2], and
MLTT refers to the intensional one unless stated otherwise.By its computational nature, more specifically operational semantics , of MLTT,one may prove consistency of MLTT, i.e., there is no formal proof of empty-type(i.e., the type or formula of falsity ) in MLTT; e.g., see [19, Corollary A.4.6].For the rest of this article, let us assume that the reader is familiar with MLTT,especially its syntax, and leave the details to Appendix A or the references [15, 20]. (Formal) Church’s thesis (CT) [21] is a logical formula that is expressible in MLTTand argued mostly in constructive mathematics. Informally, CT states that every(total) function on N is recursive (i.e., ‘computable’ in the standard mathematicalsense [22, 23]). In other words, CT represents the particular school of constructivemathematics that requires every mathematical object to be ‘constructive.’ Remark
The name of CT comes from that of
Church-Turing thesis (CTT) [22, 23],which states that ‘computable’ (in the informal sense) partial functions on N areprecisely recursive ones. Note, however, that CT and CTT are different statements.In contrast with CT, some of the other schools in constructive mathematics suchas computable analysis [24] accept constructions or operations on ‘nonconstructive’objects such as non-recursive functions and real numbers. Also, CT contradictsthe classical recursion theory [22, 23] because the latter shows that there are non-recursive functions on N such as the one for the halting problem . amada Page 5 of 63 At this point, let us recall a standard formalization of CT as a logical formula, ∀ f ∈ N ⇒ N , ∃ e ∈ N , ∀ n ∈ N , ∃ c ∈ N . T ( e, n, c ) ∧ U ( c ) = f ( n ) [3, p. 192] , (1)where T represents Kleene’s T-predicate , and U does the result-extracting function [3, p. 133]. Recall that T ( e, n, c ) holds if and only if c encodes the computationalhistory of the (necessarily terminating [2] ) computation encoded by e applied to theinput n , and U ( c ) is the output of the computational process encoded by c , where anencoding of algorithms by natural numbers is arbitrarily fixed. Because a function f : N → N is recursive if and only if there is a natural number e ∈ N that encodesan algorithm for f [22, 23], the formula (1) indeed formalizes the intended meaningof CT. Following a convention in the field of realizability [3, Section 4.4.1], we callsuch a natural number e a realizer for f , and equivalently say that e realizes f .The standard constructive reading or the BHK-interpretation of intuitionisticlogic [3, Section 1.3.1] interprets CT as:
There is an algorithm to compute a realizer e ∈ N for a given function f : N → N , where note that it is trivial to constructivelyvalidate the remaining part ∀ n ∈ N , ∃ c ∈ N . T ( e, n, c ) ∧ U ( c ) = f ( n ) once a realizer e for f is obtained. However, it is in general not ‘effective’ to compute a realizer fora given function N → N , even if the function is recursive, since otherwise equalityon recursive functions N → N would be decidable, contradicting Rice’s theorem [22, 23, 25]. Therefore, a constructive model of CT must require the inputs N → N not only to be recursive but also to exhibit their realizers .Finally, let us translate under the CHIs the formula (1) into a formula in MLTT, Π f : N ⇒ N Σ x : N Π y : N Σ z : N T ( x , y , z ) × Id N ( U ( z ) , f ( y )) , (2)where the type x : N , y : N , z : N ⊢ T ( x , y , z ) type represents the T-predicate, and theterm z : N ⊢ U ( z ) : N does the result-extracting function. Note that they are both primitive recursive [3, Section 3.4.3] and so expressible as formulas of MLTT. Although CT has been shown to be consistent with most intuitionistic formalismsin the literature [3, Section 4.10.2], MLTT has been an exception: Consistency ofMLTT with CT (2) has been an open problem though both MLTT and CT wereintroduced in the 1970s. In other words, it has been unknown whether or not MLTTis compatible with the perspective that every function N → N is ‘constructive.’Let us add another historical fact that this consistency problem was articulatedexplicitly fifteen years ago by Maietti and Sambin [18, Section 6.4].The primary goal of the present work is to solve this long-standing open problem in the affirmative . Our motivation is mathematical ; that is, we find the consistencyproblem as technically challenging yet interesting in its own right, which we explainbelow. We are also motivated by the fact that the consistency, if established, wouldhave consequences on foundations of constructive mathematics; for instance, MLTTplus CT would be available as an intensional level foundation for the programmeof a minimalist two-level foundation for constructive mathematics [26]. [2] The computation must be terminating since its computational history is finite. amada Page 6 of 63
As its longevity indicates, the consistency problem poses a technical challenge.Specifically, the challenge is that a standard method of realizability `a la Kleene [3, Section 4.4.1] for showing consistency of an intuitionistic formal system with CTdoes not work for the case of MLTT [1, Sections 1 and 8]. [3]
More concretely, theobstacle is that the realizability does not model MLTT, though it validates CT,since it does not validate MLTT’s congruence rule on pi-types or the ξ -rule : Γ , x : A ⊢ b = b ′ : B ( ξ ) Γ ⊢ λ x A . b = λ x A . b ′ : Π x : A B The point is that the realizability interprets a term in MLTT by a choice of a realizer for it, i.e., a natural number that encodes an algorithm for the term, and inputsof a term, if any, [4] by a choice of realizers for them too. This highly intensional interpretation constructively (in the sense explained in Section 1.4) yet triviallyvalidates CT since the inputs N → N already come in the form of realizers. However,this interpretation of open terms, i.e., terms whose contexts are nonempty, does notvalidate equality between open terms such as x : N ⊢ x = x + : N because the twoterms may represent different algorithms. Hence, we must take the quotient of theinterpretation of each open term modulo input-output pairs or extensions . (N.b., incontrast, we cannot take the quotients of closed terms of pi-types unless we give upvalidating CT.) But the quotient makes the interpretation of an open term moreextensional than that of its λ -abstraction; consequently, the interpretation refutesthe ξ -rule. For a detailed account of this problem, see Ishihara et al. [1].On the other hand, another standard realizability `a la assemblies [27, 28] modelsMLTT, including the ξ -rule, since unlike realizability `a la Kleene it does not assignrealizers as part of its interpretation of terms, i.e., the one `a la assemblies is moreextensional than the one `a la Kleene. But still, the former requires the existence of arealizer for the interpretation of a term, and thus it reads CT constructively . It alsorequires the existence of realizers for inputs of the interpretation of a term, if any,but again it does not assign a choice of these realizers. Consequently, realizability`a la assemblies does not validate CT since the inputs N → N in the interpretationare just recursive maps N → N , and so there is no algorithm to calculate realizersfor them as remarked in Section 1.4 (but the realizability reads CT constructively). Remark
If we assign a choice of realizers only to inputs of the interpretation of anopen term and not to the interpretation itself in realizability `a la assemblies thenthe interpretation would refute the ξ -rule just like realizability `a la Kleene does.To summarize, the main difficulty of the consistency problem is that the standardconsistency proof of constructing a realizability model of MLTT plus CT suffers fromthe dilemma between intensionality and extensionality : An interpretation must beintensional enough to validate CT but also extensional enough to model open terms.We conquer this challenge by introducing novel realizability `a la game semantics . [3] Also, it is unclear how to extend the syntactic method for proving consistency ofMLTT mentioned in Section 1.3 to MLTT plus CT. [4]
A term has inputs precisely when it is open or of a pi-type. amada Page 7 of 63
Game semantics [29, 30] refers to a particular class of denotational (mathematical)semantics of logic and computation [31] that interprets formulas (or types) andproofs (or terms) as games and strategies , respectively. Game semantics has beenhighly successful in interpreting a wide range of simple type theories [32, 33] andmoreover extended to dependent type theories just recently [34, 35].A distinguishing feature of game semantics is that it models logic and computationin terms of interactions between two participants of games,
Player , who plays byfollowing a strategy, and
Opponent , who in contrast plays like an ‘oracle.’ Our ideato prove consistency of MLTT with CT is to take advantage of these distinction and asymmetry between Player and Opponent. Concretely, our solution is to modifythe game semantics of MLTT [35] by requiring that only Opponent has to play bya ‘total,’ ‘effective’ strategy when he plays as an input for Player and moreoverexhibit a realizer for the input strategy at the beginning of each play. Note thatstrategies are a much more intensional concept than (partial) maps; we then takerealizers for strategies also as realizers for their extensions (i.e., the partial maps thatthe strategies compute) and implement the T-predicate and the result-extractingfunction with respect to the resulting realizers for (total) recursive maps N → N .Consequently, the resulting, modified game semantics constructively validates CT since it suffices for validating CT to let Player ‘copy-cat’ the realizer for an input N → N given by Opponent, but also it models MLTT as the interpretations of termsare as abstract as those of the game semantics [35]. The rest of this introduction isdevoted mostly to explaining more in detail this solution to the consistency problem.Let us first recall games and strategies `a la McCusker [33, 36] that model simpletype theories because our method is based on them. Our review is largely takenfrom the author’s earlier work [2, Section 1.4]. A game , roughly, is a certain kind ofa directed rooted forest whose branches represent possible ‘developments’ or (valid)positions in a ‘game in the usual sense’ (such as chess, poker, etc.). Moves in a gameare nodes of the game, where some moves are distinguished and called initial ; onlyinitial moves can be the first element or occurrence of a position in the game.
Plays in a game are increasing sequences ǫ , m , m m , . . . of positions in the game, where ǫ is the empty sequence . For our purpose, it suffices to focus on standard gamesplayed by two participants, Player ( P ), who represents a ‘computational agent’ or‘prover,’ and Opponent ( O ), who represents a ‘environment’ or ‘rebutter,’ in eachof which O always starts a play, and then they separately and alternately makemoves allowed by the rules of the game. Strictly speaking, a position in each gameis not just a sequence of moves: Each occurrence m of O’s or O- (resp. P’s or P-)non-initial move in a position points to a previous occurrence m ′ of P- (resp. O-)move in the position, representing that m is performed specifically as a response to m ′ . The pointers are necessary to distinguish similar yet distinct computations [33],and also they play a crucial role in the game-semantic model of computation [2].On the other hand, a strategy g on a game G , written g : G , is what tells P whichmove (together with a pointer) she should make at each of her turns in the game.Technically, g is a set of (selected) even-length positions in G that is • Nonempty and even-prefix-closed (i.e., s mn ∈ g ⇒ s ∈ g ); • Deterministic (i.e., s mn, s mn ′ ∈ g ⇒ s mn = s mn ′ ), amada Page 8 of 63 so that it directs P to play by s m n (with the pointer from n into s m ) if andonly if there is (necessarily unique) s mn ∈ g at each odd-length position s m in G .Then, game semantics J K G of a simple type theory S interprets a type A in S asa game J A K G that specifies possible plays between P and O, and a term M : A [5] in S as a strategy J M K G : J A K G that describes for P how to play in J A K G . An executionof the term M is then interpreted as a play in J A K G in which P follows J M K G .Let us consider examples. The simplest game is the unit game , which has nomoves. Thus, it has only the trivial position ǫ and the trivial strategy ⊤ := { ǫ } .The unit game forms a terminal object in the category G of games and strategies.Another simple game is the empty game , which has an arbitrary element q asits only move; thus, its positions are ǫ and q , and so it only has the strategy ⊥ := { ǫ } . The game semantics J K G interprets unit-type , empty-type and the unique canonical [6] term ⊤ : respectively by J K G := , J K G := and J ⊤ : K G := ⊤ : .Yet another example is the game N of natural numbers, which is the rooted tree(infinite in width) q . . . ✛ ✛ ❄ ✲ . . . in which a play starts with O’s question q (‘What is your number?’) and ends withP’s answer n ∈ N (‘My number is n !’), where n points to q (though this pointer isomitted in the diagram). Henceforth, we usually skip drawing arrows that representedges of a game. A strategy m := { ǫ , qm } on N for each m ∈ N can be representedby the map q m equipped with a pointer from m to q (though it is the onlychoice). In the following, pointers of most strategies are obvious, and thus we oftenomit them. The game semantics J K G interprets natural number type N and thenumeral m : N respectively by J N K G := N and J m : N K G := m : N .There is a construction ⊗ on games, called tensor . Conceptually, a position s in the tensor A ⊗ B of games A and B is an interleaving mixture of a position t in A and a position u in B developed ‘in parallel without communication.’ Morespecifically, t (resp. u ) is the subsequence of s consisting of moves in A (resp. B )such that the change of AB -parity (i.e., the switch between t and u ) in s mustbe made by O. The pointer of s is inherited from those of t and u in the obviousmanner; this point holds also for other constructions on games and strategies in therest of the introduction, and therefore we shall not mention it again. For instance, [5] For simplicity, here we focus on closed terms, i.e., ones with the empty context . [6] See Appendix A.3 for canonical terms. amada Page 9 of 63 a maximal position in the tensor N ⊗ N is either of the following forms: [7] N [0] ⊗ N [1] q [0] n [0] q [1] m [1] N [0] ⊗ N [1] q [1] m [1] q [0] n [0] where n, m ∈ N , and ( ) [ i ] ( i = 0 ,
1) are (arbitrary, unspecified) ‘tags’ to distinguishthe two copies of N (but we often omit them if it does not bring confusion), and thearrows represent pointers (n.b., they are not edges of the games). The corresponding tensor a ⊗ b of strategies a : A and b : B is the strategy on A ⊗ B that plays by a if the last O-move is in A, and by b otherwise. For instance, the above two plays in N ⊗ N can be seen as the ones where P plays by the tensor n ⊗ m : N ⊗ N .Next, a fundamental construction ! on games, called exponential , is basically thecountably infinite iteration of tensor ⊗ , i.e., ! A := A ⊗ A ⊗ A · · · for each game A ,where the ‘tag’ for each copy of A is given by ( , i ) such that i ∈ N .Another central construction ⊸ , called linear implication , captures the notionof linear functions , i.e., functions that consume exactly one input to produce anoutput. A position in the linear implication A ⊸ B from A to B is almost like aposition in the tensor A ⊗ B except the following three points:1 The first occurrence in the position must be a move in B ;2 A change of AB -parity in the position must be made by P;3 Each occurrence of an initial move, called an initial occurrence , in A pointsto an initial occurrence in B .Thus, a typical position in the game N ⊸ N is the following: N [0] ⊸ N [1] q [1] q [0] n [0] m [1] where n, m ∈ N , which can be read as follows:1 O’s question q [1] for an output (‘What is your output?’);2 P’s question q [0] for an input (‘Wait, what is your input?’);3 O’s answer, say, n [0] , to q [0] (‘OK, here is an input n .’);4 P’s answer, say, m [1] , to q [1] (‘Alright, the output is then m .’).This play corresponds to any linear function that maps n m . The strategy succ(resp. double) on N ⊸ N for the successor (resp. doubling) function is represented [7] The diagrams are only to make it explicit which component game each movebelongs to; the two positions are just finite sequences q [0] n [0] q [1] m [1] and q [1] m [1] q [0] n [0] equipped with the pointers q [ i ] ← n [ i ] and q [ i ] ← m [ i ] ( i = 0 , ). amada Page 10 of 63 by the map q [1] q [0] , q [1] q [0] n [0] n + 1 [1] (resp. q [1] q [0] , q [1] q [0] n [0] n [1] ). N [0] succ ⊸ N [1] q [1] q [0] m [0] m + 1 [1] N [2] double ⊸ N [3] q [3] q [2] n [2] n [3] Let us remark that the following play, which corresponds to a constant linear func-tion that maps x m for all x ∈ N , is also possible in N [0] ⊸ N [1] : ǫ , q [1] , q [1] m [1] .Hence, strictly speaking, A ⊸ B is the game of affine functions from A to B , butlet us stick to the standard convention to call ⊸ linear implication.Now, let us recall composition on strategies, which is given by internal communi-cation plus hiding . For instance, the composition succ; double : N ⊸ N of strategiessucc : N ⊸ N and double : N ⊸ N , is given as follows. First, by internal commu-nication , we mean that P plays the role of O as well in the intermediate componentgames N [1] and N [2] by ‘copy-catting’ her last moves, resulting in the following play: N [0] succ ⊸ N [1] N [2] double ⊸ N [3] q [3] q [2] q [1] q [0] n [0] n + 1 [1] n + 1 [2] n + 1) [3] where each move for internal communication is marked by a square box just forclarity, and the pointer from q [1] to q [2] is added because the move q [1] is no longerinitial [2, 37]. Importantly, it is assumed that O plays on the game N [0] ⊸ N [3] ,‘seeing’ only moves in N [0] or N [3] . Thus, the resulting play is to be read as follows:1 O’s question q [3] for an output in N [0] ⊸ N [3] (‘What is your output?’);2 P’s question q [2] by double for an input in N [2] ⊸ N [3] (‘What is an input?’);3 q [2] triggers the question q [1] for an output in N [0] ⊸ N [1] (‘What is anoutput?’);4 P’s question q [0] by succ for an input in N [0] ⊸ N [1] (‘What is an input?’);5 O’s answer, say, n [0] , to q [0] in N [0] ⊸ N [3] (‘Here is an input n .’);6 P’s answer n + 1 [1] to q [1] by succ in N [0] ⊸ N [1] (‘The output is n + 1.’);7 n + 1 [1] triggers the answer n + 1 [2] to q [2] in N [2] ⊸ N [3] (‘Here is theinput n + 1.’);8 P’s answer 2( n + 1) [3] to q [3] by double in N [2] ⊸ N [3] (‘The output is then2( n + 1)!’). amada Page 11 of 63 Next, hiding means to hide or delete every move with a square box from the play,resulting in the strategy for the (linear) function n n + 1) as expected: N [0] succ;double ⊸ N [3] q [3] q [0] n [0] n + 1) [3] Note that hiding makes the resulting play a valid one in the game N [0] ⊸ N [3] .Another construction & on games, called product , is similar to yet simpler thantensor ⊗ : A position s in the product A & B of A and B is a position t [0] in A [0] or a position u [1] in B [1] . I.e., the set of all positions in A & B is the disjoint unionof that in A and that in B . It forms product in the category G . The corresponding pairing h f, g i of strategies f : C ⊸ A and g : C ⊸ B , where C is an arbitrarygame, is the strategy on C ⊸ A & B that plays by f if O initiates a play by a movein A , and by g otherwise. The pairing h a, b i : A & B of strategies a : A and b : B isgiven by regarding a and b trivially as the ones on ⊸ A and ⊸ B , respectively.These four constructions ⊗ , !, ⊸ and & come from the corresponding ones in linear logic [38, 39]. Thus, in particular, the usual implication (or the functionspace ) ⇒ is recovered by Girard translation [38]: A ⇒ B := ! A ⊸ B .Girard translation makes it explicit that some functions refer to an input morethan once to produce an output, i.e., there are non-linear functions. For instance,consider the game ( N ⇒ N ) ⇒ N , in which the following position is possible:!(! N ⊸ N ) ⊸ Nq ( q, j )(( q, i ) , j )(( n, i ) , j ) ( m, j )( q, j ′ )(( q, i ′ ) , j ′ )(( n ′ , i ′ ) , j ′ ) ( m ′ , j ′ ) l where n, n ′ , m, m ′ , l, i, i ′ , j, j ′ ∈ N , i = i ′ and j = j ′ , which can be read as follows:1 O’s question q for an output (‘What is your output?’);2 P’s question ( q, j ) for an input function (‘Wait, your first output please!’);3 O’s question (( q, i ) , j ) for an input (‘What is your first input then?’);4 P’s answer, say, (( n, i ) , j ), to (( q, i ) , j ) (‘Here is my first input n .’);5 O’s answer, say, ( m, j ), to ( q, j ) (‘OK, then here is my first output m .’);6 P’s question ( q, j ′ ) for an input function (‘Your second output please!’);7 O’s question (( q, i ′ ) , j ′ ) for an input (‘What is your second input then?’);8 P’s answer, say, (( n ′ , i ′ ) , j ′ ), to (( q, i ′ ) , j ′ ) (‘Here is my second input n ′ .’); amada Page 12 of 63 m ′ , j ′ ), to ( q, j ′ ) (‘OK, then here is my second output m ′ .’);10 P’s answer, say, l , to q (‘Alright, my output is then l .’).In this play, P asks O twice about an input strategy N ⇒ N . Clearly, such a playis not possible on the linear implication ( N ⊸ N ) ⊸ N or ( N ⇒ N ) ⊸ N . Thestrategy pazo : ( N ⇒ N ) ⇒ N that computes the sum f (0) + f (1) for a givenfunction f : N → N , for instance, plays as follows:!(! N ⊸ N ) pazo ⊸ Nq ( q, q, i ) , , i ) ,
0) ( m, q, q, i ′ ) , , i ′ ) ,
1) ( m ′ , m + m ′ where j = 0 and j ′ = 1 are arbitrarily chosen, i.e., any j, j ′ ∈ N with j = j ′ work.Clearly, this computation is impossible on ( N ⊸ N ) ⊸ N or ( N ⇒ N ) ⊸ N .Finally, let us recall that any strategy f on the implication ! A ⊸ B induces its promotion f † : ! A ⊸ ! B such that if f plays, for instance, as! A f ⊸ Bb ( a , i )( a , i ) b then, for any j ∈ N , the promotion f † plays as! A f † ⊸ ! B ( b , j )( a , h i, j i )( a , h i, j i ) ( b , j )( b , j ′ )( a , h i, j ′ i )( a , h i, j ′ i ) ( b , j ′ )where h , i : N × N ∼ → N is an arbitrarily fixed bijection, i.e., f † plays as f for each thread of a position in ! A ⊸ ! B that corresponds to a position in ! A ⊸ B . Thepromotion b † : ! B of a strategy b : B is given by regarding b trivially as b : ! ⊸ B . amada Page 13 of 63 As already indicated, the category G , whose objects are games and morphisms A → B are strategies on the implication A ⇒ B , is cartesian closed , where itsterminal object, products and exponential objects are given by the unit game , product & and implication ⇒ , respectively. Consequently, following the stan-dard categorical semantics of simple type theories [9, 40], the game semantics J K G interprets unit, product and function types by , & and ⇒ , respectively,and a term x : A , x : A , . . . , x n : A n ⊢ b : B by a strategy J b K G on the implication( J A K G & J A K G & · · · & J A n K G ) ⇒ J B K G , where we regard as the 0-ary product.Last but not least, there is a constraint on strategies, called winning , such thatwinning strategies correspond to proofs in logic. We leave the details of winning toSection 2 and here only recall one of its axioms: totality . A strategy g : G is total ifthere is (unique) s mn ∈ g for each odd-length position s m in G . Hence, it is verysimilar to totality of partial maps. Conceptually, winning strategies must be totalsince intuitively a proof should not get ‘stuck.’ For example, the natural numbergame N has total strategies n for all n ∈ N and a non-total one ⊥ := { ǫ } , and theunique strategy ⊤ on the unit game is total. Crucially, the unique strategy ⊥ onthe empty game is not total (n.b., note the difference between and ), whererecall that empty-type is the type of falsity , and hence there is no proof of . Inthis way, game semantics can exclude strategies that do not compute as proofs. Game semantics, including the one `a la McCusker just reviewed, was applicableonly to simple type theories (and polymorphic ones [29, 41, 42]), not to dependentones, for a technical challenge until recently. Nevertheless, the present author hasestablished game semantics of MLTT [35] based on the one `a la McCusker; weshall take advantage of this game semantics for the present work. There is anothergames-based denotational model of MLTT given by Abramsky et al. [34], but ourconsistency proof seems unavailable for it; we shall come back to this point later.To convey our main idea, let us sketch how the game semantics [35] models sigma-and pi-types. For simplicity, we consider a dependent type x : C ⊢ D type with onevariable x . For convenience, we also write G for the set of all positions in a game G . The game semantics models x : C ⊢ D type as a certain family D = ( D ( x )) x : C ofgames D ( x ) indexed by strategies x on the game C that models the simple type C .Then, in light of product & on games, which models a particular kind of sigma-types, viz., product types, it seems a natural idea to model the sigma-type Σ x : C D ( x )by a game Σ( C, D ) such that Σ(
C, D ) ⊆ C ⊎ S x : C D ( x ), where ⊎ denotes disjointunion, and strategies on Σ( C, D ) are precisely the pairings h c, d i of strategies c : C and d : D ( c ). However, this idea does not work due to the following two problems:1 Each game G , by definition, determines the set of all strategies on G ;2 It is impossible for P, when playing on such a game Σ( C, D ) if any, to fix astrategy c : C , let alone a game D ( c ) on the RHS, at the beginning of a play.As an example of the first problem, consider a dependent type x : N ⊢ N b type suchthat canonical terms of the simple type N b ( k ) for each k ∈ N are the numerals n such that n k . However, there is no game G such that G ⊆ N ⊎ N and h k, n i : G ⇔ n k for all k, n ∈ N since if such a game G existed then h , i , h , i : G ,which implies h , i : G by the definition of strategies on a game, a contradiction.Hence, no game can properly model the sigma-type Σ x : N N b . amada Page 14 of 63 Let us also give an example of the second problem. Let x : N ⊢ List N type be thedependent type such that canonical terms of the simple type List N ( k ) for each k ∈ N are k -lists of numerals, and assume that we interpret List N as the family List N ofgames such that List N ( ⊥ ) := List N (0) := and List N ( n + 1) := List N ( n ) ⊗ N foreach n ∈ N . If there were a game that models the sigma-type Σ ( N , List N ) then forall k, n , n , . . . , n k ∈ N the pairings h k, n ⊗ n ⊗ · · · ⊗ n k i would be total strategieson the game; however, there is no such a game since in this case O may determine x ∈ N , by his first move in each play, for the x -ary tensor ⊗ of N on the RHS. Notethat totality matters here since MLTT is a formal system for (intuitionistic) logic ,and so strategies in game semantics of MLTT must be all total [35].To solve these two problems, the previous work [35] reformulates strategies as deterministic games , i.e., games in which P can play in only one way, called pred-icative (p-) strategies , and then generalizes games to certain sets of p-strategies,called predicative (p-) games , in which P first declares a p-strategy in her mindbefore a play with O begins, and then O and P play in the declared p-strategy. Wesay that a p-strategy is on a p-game if it is an element of the p-game.The point of the reformulation of strategies as p-strategies is that p-strategies aredefined independently of p-games essentially by containing odd-length positions aswell, which in turn enables us to define p-games in terms of p-strategies . Note that incontrast we cannot define a strategy without specifying its underlying game since astrategy does not define its odd-length positions; also, a game determines the set ofall strategies on the game just by definition. Note also that games and strategies aretransformed trivially into p-games and p-strategies, respectively: A strategy σ : G is mapped to the p-strategy P ( σ ) whose odd-length positions are those in G , andthe game G to the p-game P ( G ) whose elements are the p-strategies P ( σ ). Hence,we regard games and strategies as p-games and p-strategies, respectively, as well. Itis also easy to lift constructions on games and strategies to those on p-games andp-strategies. Then, the dependence of strategies on games explains why there is nogame that models the sigma-type Σ x : N N b ( x ), but the p-game Σ( N, N b ) := {h⊥ , ⊤i}∪ S k ∈ N N k , where N k := {h k, n i | k, n ∈ N , n k } , does (n.b., we include thepairing h⊥ , ⊤i into Σ( N, N b ) for the downward completeness axiom on p-games; seeDefinition 2.23). More generally, p-games and p-strategies solve the first problem.For instance, plays in Σ( N, N b ) by the p-strategy h , i ∈ Σ( N, N b ) look likeΣ( N, N b ) q Σ( N,N b ) h , i q N, N b ) q Σ( N,N b ) h , i q Judge (J) [8] first asks P the question q Σ( N,N b ) (‘What is your p-strategy?’)and P answers it by the p-strategy h , i ∈ Σ( N, N b ) (‘I declare the p-strategy h , i !’), and then a play in the declared p-strategy h , i between P and O follows.Although the declaration of a p-strategy is not strictly necessary in this case, it [8] The game semantics of MLTT [35] introduces J for a conceptual reason; techni-cally, however, J is not necessary, and we may replace J’s or J-moves by O-moves. amada Page 15 of 63 is clear why P cannot play by the p-strategy h , i on the p-game Σ( N, N b ): It isbecause h , i / ∈ Σ( N, N b ) by the definition of Σ( N, N b ). Let us emphasize thatthe definition of the p-game Σ( N, N b ) is made possible by reversing the traditionalrelation between games and strategies: P-games are defined in terms of p-strategies.Next, the declaration of p-strategies in p-games solves the second problem: Thep-game Σ( N, List N ) := {h⊥ , ⊤i} ∪ {h k, n ⊗ n ⊗ · · · ⊗ n k i | k, n , n , . . . , n k ∈ N } infact models the sigma-type Σ x : N List N ( x ), where we again include the pairing h⊥ , ⊤i into Σ( N, List N ) for the axiom on p-games. Typical plays in Σ( N, List N ) look likeΣ( N, List N ) q Σ( N, List N ) h , ⊗ i q N, List N ) q Σ( N, List N ) h , ⊗ i q q h , ⊗ i ∈ Σ( N, List N ) fixes the underlyinggame on the RHS (n.b., a p-strategy is a game, and so it specifies its odd-lengthpositions as well) so that O must play on the 2-ary tensor N ⊗ N there. In thisway, the p-strategy h , ⊗ i is a total one on the p-game Σ( N, List N ). Intuitively,recalling that the generalization of simple type theories to dependent ones (or thatof propositional logic to predicate logic) is made by introducing dependent types (orpredicates) that refer to individuals , i.e., terms (or proofs), we may understand thedeclaration of p-strategies in p-games as (part of) the game-semantic counterpartof the generalization because it enables P in p-games to refer to p-strategies.Moreover, the game semantics [35] defines the p-game Π( C, D ) that models thepi-type Π x : C D ( x ) as follows: A p-strategy on Π( C, D ) is the union φ := S c ∈ C Φ c ona family Φ = (Φ c ) c ∈ C of p-strategies Φ c indexed by p-strategies c ∈ C such that1 For each c ∈ C , we have Φ c ∈ c ⇒ d for some p-strategy d ∈ D ( c ), where weregard the game c ⇒ d as a p-game (as already remarked);2 For any pair c, ˜ c ∈ C , the components Φ c and Φ ˜ c compute in the same mannerat the same odd-length position s m ∈ Φ c ∩ Φ ˜ c (i.e., Φ c ( s m ) ≃ Φ ˜ c ( s m )),where we write x ↓ if an element x is defined, and x ↑ otherwise, and let ≃ denotethe Kleene equality , i.e., x ≃ y df . ⇔ ( x ↓ ∧ y ↓ ∧ x = y ) ∨ ( x ↑ ∧ y ↑ ). The first axiomon the p-strategy φ ∈ Π( C, D ) is to ensure that φ respects the type dependency ofthe pi-type Π x : C D ( x ), i.e., φ ◦ c † ∈ D ( c ) for each c ∈ C , where the composition φ ◦ c † is given by trivially identifying p-strategies on C with those on ⇒ C . On the otherhand, the second axiom is to guarantee determinacy of φ so that it is a well-definedp-strategy. Moreover, the second axiom ensures that φ may inspect an input c ∈ C only gradually by a finite interaction between φ and c (just as in traditional gamesemantics), which makes the interpretation of pi-types very natural as semantics ofcomputation (e.g., the extension of φ forms a continuous function [35]).To summarize, the game semantics [35] models MLTT by reformulating strategiesas p-strategies and games as p-games, and then allowing P to control possible playsfor O by her ‘initial protocol’ with J. In particular, the p-games Π(Σ( X, Y ) , Z ) amada Page 16 of 63 and Π( X, Π( Y, Z )) for any (families of) p-games X , Y and Z such that the sigmaand the pi constructions make sense coincide up to ‘tags’ for disjoint union; hence,the game semantics trivially validates the ξ -rule. Let us call p-games that modelsigma- and pi-types sigma p-games and pi p-games , respectively. It is easy to seethat sigma and pi p-games generalize product and function games, respectively. Remark
In the previous work [35], strategies and p-strategies in the sense givenabove are rather called skeletons and tree (t-) skeletons , respectively, and strategiesand p-strategies are slightly more abstract concepts, which follows [43]. We employthis abuse of the terminologies here for simplicity, but we correct it in Section 2.
Let us next apply the game semantics of MLTT [35] to CT (2). Recall that it models empty-type by the p-game := {⊥} , called the empty p-game , where ⊥ := { ǫ , q } .It then models the T-predicate x : N , y : N , z : N ⊢ T ( x , y , z ) type by the family T =( T ( h x, y, z i )) x,y,z ∈ N of p-games T ( h x, y, z i ), where h x, y, z i is the evident iterationof pairings, given by T ( h x, y, z i ) := if x = e , y = n , z = c for some e, n, c ∈ N , andthe triple ( e, n, c ) satisfies the T-predicate relation, and T ( h x, y, z i ) := otherwise.Also, it models the result-extracting function z : N ⊢ U ( z ) : N by a p-strategy µ ∈ N ⇒ N such that the computation n ∈ N µ ◦ n † ∈ N matches the function inthe evident sense. Finally, it models an Id-type Id A , where let A be a simple typefor simplicity, by the family Id A = (Id A ( h a , a i )) a ,a ∈ A of p-games Id A ( h a , a i ),called Id p-games on A , where A is the p-game that interprets the simple type A ,given by Id A ( h a , a i ) := if a = a , and Id A ( h a , a i ) := otherwise.We are now able to see how the p-game CT that interprets CT (2) by the gamesemantics [35] looks like. Clearly, the only nontrivial point in giving a p-strategy on CT is the LHS of the first occurrence of a sigma p-game, i.e., a p-strategy on thep-game ( N ⇒ N ) ⇒ N that outputs a p-strategy e ∈ N from an input p-strategy φ ∈ N ⇒ N given by O such that e ∈ N realizes φ . Recall that we have definedrealizers for the extension N → N of φ to be realizers for φ and implement theT-predicate and the result-extracting function with respect to such realizers; hence,a realizer e for φ , if any, works as a witness of the LHS of the sigma p-game in CT .However, there is no such a p-strategy on ( N ⇒ N ) ⇒ N because O may playon the domain N ⇒ N as a non-recursive function f : N → N so that there is nonatural number that realizes f . Strictly speaking, we should say that the extensionof the play by O on N ⇒ N is f , but let us keep using this abuse of terminologiesin the rest of this introduction. Another problem is that O may play as a partial function N ⇀ N on the domain. Unfortunately, the game semantics [35] refutesCT even if we somehow manage to restrict plays by O to total recursive ones sincepositions in games are finite , i.e., it is in general impossible for P or a p-strategy tocompletely identify a given p-strategy on N ⇒ N by a finite interaction with it. Then, how can we model MLTT plus CT? Our solution is to limit O’s plays as inputsto total recursive ones and require him to exhibit a realizer for his input computationat the very beginning of each play. The resulting, modified game semantics, which amada Page 17 of 63 we call realizability `a la game semantics , models MLTT in a way similar to the gamesemantics [35] since both do not assign a choice of a realizer to the interpretationof each term. On the other hand, the main difference between the two models ofMLTT is that only realizability `a la game semantics validates CT since it requiresO to exhibit a realizer for each input N ⇒ N of the p-game CT , and so thereis trivially a p-strategy on CT that essentially ‘copy-cats’ the realizer given by O.Crucially, O may supply the realizers since game semantics treats O as an ‘oracle’endowed with an unlimited computational power [2, Section 1]. Hence, realizability `ala game semantics models MLTT plus CT. Also, it refutes empty-type as it requiresp-strategies on codomains to be total too, proving consistency of MLTT with CT.Technically, we implement our solution by modifying p-strategies on the pi p-gameΠ( C, D ) (Section 1.8) into the disjoint union ⊎ ψ := ⊎ e ∈ R wr ( C ) ψ e on a nonemptyfamily ψ = ( ψ e ) e ∈ R wr ( C ) of p-strategies ψ e ∈ r ( e ) ⇒ r ◦ π ψ ( e ), where • R wr ( C ) ⊆ N is the set of all realizers for winning, recursive p-strategies c ∈ C ; • r ( e ) is the (necessarily winning and recursive) p-strategy realized by e , and π ψ is an ‘effective’ map e ∈ R wr ( C ) π ψ ( e ) ∈ R wr ( D ( r ( e ))) assigned to ψ ,for which we encode all positions by natural numbers, [9] define recursive p-strategiesaccordingly with respect to the functional computation s m ∈ p s mn ∈ p of p-strategies p in the standard sense [22, 23], and fix realizers for recursive p-strategies.Of course, we encode the ‘tags’ for the disjoint union also by natural numbers. The‘effectivity’ of the associated map π ψ is to preserve recursiveness of these disjointunions ⊎ ψ under composition (Lemma 3.12). On the other hand, we simply definethe p-strategy ⊎ ψ to be the trivial one { ǫ } if ψ is empty. Remark
Strictly speaking, a realizer e in general does not uniquely determine ap-strategy p realized by e since a p-strategy contains odd-length positions as well.Therefore, we actually define r ( e ) to be the union of all p-strategies on C realizedby e ; see the remark that comes immediately below Definition 3.11.We take the disjoint union of ψ for ⊎ ψ since the union of ψ may be indeterministicfor the lack of the second axiom on p-strategies on original pi p-games. Also, the lackimplies that the extension of ⊎ ψ may not be continuous. However, by the disjointunion, O must select a component ψ e and exhibit e at his first move in the modifiedΠ( C, D ), where e is a realizer for his play on C . In contrast, this task is not imposedon P. Let us write Π for modified pi p-games in the rest of this introduction.On the other hand, ⊎ ψ itself is a p-strategy, not a realizer for it, and so modified pip-games are as abstract as original ones. Thus, the isomorphism Π(Σ( X, Y ) , Z ) ∼ =Π( X, Π( Y, Z )) holds for modified pi p-games as well. This point illustrates whyrealizability `a la game semantics validates the ξ -rule.As an example, consider the resulting implication ( N ⇒ N ) ⇒ N , an instance ofa modified pi p-game. First, a p-strategy on N ⇒ N is the disjoint union ⊎ φ := ⊎ e ∈ R wr ( N ) φ e on a family φ = ( φ e ) e ∈ R wr ( N ) of p-strategies φ e ∈ r ( e ) ⇒ r ◦ π φ ( e ).Note that winning, recursive p-strategies on N ⇒ N as well as realizers for themare already determined, and hence the implication ( N ⇒ N ) ⇒ N is well-defined:A p-strategy on ( N ⇒ N ) ⇒ N is the disjoint union ⊎ ψ := ⊎ f ∈ R wr ( N ⇒ N ) ψ f on a [9] Positions encodable by natural numbers suffice for our model of MLTT plus CT. amada Page 18 of 63 family ψ = ( ψ f ) f ∈ R wr ( N ⇒ N ) of p-strategies ψ f ∈ r ( f ) ⇒ r ◦ π ψ ( f ). We write ⇒ forthe implication as an instance of the modified pi Π in the rest of this introduction.Schematically, a typical play by our p-strategy ⊎ ct ∈ CT looks likeΠ( ⊎ ν : N ⇒ N, Σ( x : N, Π( y : N, Σ( z : N, T ( h x, y, z i ) & Id N ( h⊎ µ ◦ z † , ⊎ ν ◦ x † i ))))) q CT ⊎ ct q [ e ] e [ e ] where the superscript ( ) [ e ] ( e ∈ N ) represents the ‘tag’ for the leftmost occurrenceof a pi p-game, and so e is a realizer for an input p-strategy ⊎ ν ∈ N ⇒ N ; we write ⊎ µ ∈ N ⇒ N for the evident modification of µ with respect to the modification of pip-games. In this play, the p-strategy ⊎ ct never interacts with ⊎ ν but ‘copy-cats’ therealizer e given by O. Let us emphasize that such a play by ⊎ ct would be impossiblein the presence of the second axiom on p-strategies on original pi p-games.By the way, the play in the p-game CT by the p-strategy ⊎ ct just given is far fromtypical plays in game semantics [33, 36] as ⊎ ct computes the P-move e [ e ] withoutinteracting with the input ⊎ ν . This point is the main reason why we call our model realizability `a la game semantics , rather than ‘game semantics `a la realizability.’Another typical play by the p-strategy ⊎ ct looks likeΠ( ⊎ ν : N ⇒ N, Σ( x : N, Π( y : N, Σ( z : N, T ( h x, y, z i ) & Id N ( h⊎ µ ◦ z † , ⊎ ν ◦ x † i ))))) q CT ⊎ ct q [ e ′ ] , [ e ] q [ e ′ ] , [ e ] n [ e ′ ] , [ e ] c [ e ′ ] , [ e ] where the triple e, n, c ∈ N satisfies the T-predicate, and ( ) [ e ′ ] ( e ′ ∈ N ) is the ‘tag’for the rightmost occurrence of a pi p-game, and so e ′ is a realizer for the p-strategy n ∈ N given by O. Because the p-games T ( h e, n, c i ) and Id N ( h⊎ µ ◦ c † , ⊎ ν ◦ n † i )both become the unit p-game in this play, ⊎ ct trivially validates them.Finally, note that ⊎ ct is a p-strategy, not a realizer. This point illustrates the factthat realizability `a la game semantics is as abstract as the game semantics of MLTT[35], and it models MLTT. On the other hand, ⊎ ct itself is recursive , which meansthat we have established a constructive model of MLTT plus CT. Our main contribution is to solve the long-standing open problem, i.e., consistency ofMLTT with CT, by novel realizability `a la game semantics that (even constructively )resolves the dilemma between intensionality and extensionality. Methodologically,the present work opens up a new way of applying game semantics to the study ofconstructive mathematics, while in the literature game semantics has been appliedmostly in the context of full abstraction/completeness problems [44]. amada Page 19 of 63
Our consistency proof is based on the game semantics of MLTT [35], especially itsinterpretation of pi-types by pi p-games. Note in particular that its generalization ofgames and strategies to p-games and p-strategies, respectively, plays a crucial rolefor our modified pi p-games. This technique seems unavailable for another games-based model of MLTT [34] because it employs ordinary games and strategies, andinterprets pi-types by induction on the lengths of positions. Therefore, the previouswork [35] is an indispensable stepping stone to the consistency proof.As related work, Ishihara et al. [1] prove consistency of a modification of MLTT,called mTT , with CT by realizability `a la Kleene formalized within another formalsystem. The main difference between MLTT and mTT is that MLTT’s congruencerules such as the ξ -rule are replaced with explicit substitutions in mTT so thattheir realizability models mTT. On the other hand, their realizability cannot modelMLTT since it refutes the ξ -rule as already explained. In other words, they circum-vent the consistency problem of MLTT plus CT for the obstacle but instead proveconsistency of mTT with CT, which nevertheless suffices for one of the authors’research programme: a minimalist foundation for constructive mathematics [18].Finally, our consistency result also contributes to the programme of a minimalistfoundation for constructive mathematics since it implies that MLTT is available asan intensional level foundation of constructive mathematics for the programme. The rest of the present article is structured as follows. We first recall basic definitionsgiven in the previous work [35], in particular p-games and p-strategies, in Section 2as a technical preparation. We then establish realizability `a la game semantics thatmodels MLTT plus CT and prove consistency of MLTT with CT as an immediatecorollary in Section 3. Finally, we draw a conclusion and propose future work inSection 4. In addition, Appendix A presents the syntax of MLTT.
Notation
At the end of this introduction, let us introduce the following notations: • We employ bold small letters s , t , u , v , w , etc. for sequences, and small letters a, b, c, m, n, x, y , etc. for elements of sequences; • We define n := { , , . . . , n } for each n ∈ N + := N \ { } , and 0 := ∅ ; • We often abbreviate a finite sequence s = ( x , x , . . . , x | s | ) as x x . . . x | s | ,where | s | denotes the length (i.e., the number of elements) of s , and write s ( i ), where i ∈ | s | , as another notation for x i ; • A concatenation of sequences s and t is represented by the juxtaposition st (or written s . t ) of them, and we write a s , t b , u c v for ( a ) s , t ( b ), u ( c ) v , etc.; • We write Even( s ) (resp. Odd( s )) if s is of even- (resp. odd-) length, and givena set S of sequences and P ∈ { Even , Odd } , we define S P := { s ∈ S | P ( s ) } ; • We write s (cid:22) t if s is a prefix of t , and Pref( S ) for the set of all prefixes ofelements in a set S of sequences, i.e., Pref( S ) := { s | ∃ t ∈ S. s (cid:22) t } ; • We define X ∗ := { x x . . . x n | n ∈ N , ∀ i ∈ n. x i ∈ X } for each set X ; • Given a map f : A → B and a subset S ⊆ A , we define f ↾ S : S → B to be the restriction of f to S , and f ∗ : A ∗ → B ∗ by f ∗ ( a a . . . a n ) := f ( a ) f ( a ) . . . f ( a n ) ∈ B ∗ for all a a . . . a n ∈ A ∗ ; • Given sets X , X , . . . , X n , and a natural number i ∈ n , we write π ( n ) i or π i for the i th -projection (map) X × X × · · · × X n → X i . amada Page 20 of 63 First, we review the game semantics of MLTT [35] since our consistency proof isbased on it, where we mostly focus on the basic definitions necessary for the presentwork. See the original article [35] for more details and explanations.We first recall key preliminary concepts such as arenas , legal positions , games and tree skeletons in Section 2.1, and consistency/completeness of tree skeletons and the universal identification in Section 2.2. Then finally, we recall the central notions of p-games and p-strategies in Section 2.3. We first need to confess our simplification of game semantics in the introduction:To be precise, p-strategies are deterministic games up to inessential details of ‘tags’ for disjoint union on sets of moves, and a deterministic game (on the nose) is calleda tree (t-) skeleton [35]. More accurately, a p-strategy is the union of all equivalentt-skeletons modulo ‘tags.’ Also, what is described as strategies in the introductionis, strictly, skeletons , and a strategy is the union of all equivalent skeletons modulo‘tags.’ Such a complication is necessary for game semantics to match the abstractiondegree of terms in type theories. We henceforth switch to the precise terminologies.We then start with recalling t-skeletons , for which it makes sense to first introducea more general concept of games . But before that, we need to recall two preliminaryconcepts: arenas and legal positions . An arena defines the basic components of agame, which in turn induces legal positions of the arena that specify the basic rulesof the game in the sense that each position of the game must be legal.
Definition 2.1 (Moves [35]) Let us fix, throughout the present work, arbitrarypairwise distinct symbols O , P , Q and A , and call them labels . A move is any triple m xy := ( m, x, y ) such that x ∈ { O , P } and y ∈ { Q , A } , for which we often abbreviate m xy as m , and instead define λ ( m ) := xy , λ OP ( m ) := x and λ QA ( m ) := y . A move m is called an Opponent (O-) move if λ OP ( m ) = O , a Player (P-) move if λ OP ( m ) = P , a question if λ QA ( m ) = Q , and an answer if λ QA ( m ) = A . Definition 2.2 (Arenas [33, 35, 36]) An arena is a pair G = ( M G , ⊢ G ) such that • M G is a set of moves; • ⊢ G is a subset of ( { ⋆ } ∪ M G ) × M G , where ⋆ (or represented more preciselyby ⋆ G ) is an arbitrarily fixed element such that ⋆ M G , called the enablingrelation , that satisfies – (E1) If ⋆ ⊢ G m then λ ( m ) = OQ ; – (E2) If m ⊢ G n and λ QA ( n ) = A then λ QA ( m ) = Q ; – (E3) If m ⊢ G n and m = ⋆ then λ OP ( m ) = λ OP ( n ).A move m ∈ M G of G is called initial if ⋆ ⊢ G m , and non-initial otherwise. Wedefine the subset M Init G := { m ∈ M G | ⋆ ⊢ G m } ⊆ M G That is, an arena G is to specify moves in a game, each of which is O’s/P’squestion/answer, and which move n can be performed for each move m during aplay in the game in terms of the relation m ⊢ G n (see Definition 2.4 for more onthis point), where ⋆ ⊢ G m means that O can initiate a play by m in the game.The axioms E1, E2 and E3 are then to be read as follows: amada Page 21 of 63 • E1 sets the convention that an initial move must be O’s question; • E2 states that an answer must be performed for a question; • E3 says that an O-move must be performed for a P-move, and vice versa.We shall later focus on well-founded arenas:
Definition 2.3 (Well-founded arenas [45]) An arena G is well-founded if so isthe enabling relation ⊢ G downwards , i.e., there is no countably infinite sequence( m i ) i ∈ N of moves m i ∈ M G such that ⋆ ⊢ G m and m i ⊢ G m i +1 for all i ∈ N .Let us proceed to review legal positions , for which recall first that a legal positionis a certain finite sequence of moves equipped with a pointer from later occurrencesto earlier ones of the sequence. The idea is that each non-initial occurrence in a legalposition must be performed for a specific previous occurrence, and such a pair ofoccurrences is specified by a pointer. Technically, pointers are introduced in orderto distinguish similar yet different computations [33, 46].We call a finite sequence of moves together with a pointer a justified (j-) sequence ;a legal position is a particular kind of a j-sequence. Definition 2.4 (Justified sequences [33, 35, 36]) An occurrence in a finite se-quence s is a pair ( s ( i ) , i ) such that i ∈ | s | . A justified (j-) sequence is a pair s = ( s , J s ) of a finite sequence s of moves and a map J s : | s | → { } ∪ | s | − J s ( i ) < i for all i ∈ | s | , called the pointer of the j-sequence. Eachoccurrence ( s ( i ) , i ) is initial (resp. non-initial ) in s if J s ( i ) = 0 (resp. otherwise).A justified (j-) sequence in an arena G is a j-sequence s such that its elementsare moves in G , and its pointer respects the enabling relation of G , i.e., it satisfies s ∈ M ∗ G and ∀ i ∈ | s | . (cid:0) J s ( i ) = 0 ⇒ ⋆ ⊢ G s ( i ) (cid:1) ∧ (cid:0) J s ( i ) = 0 ⇒ s ( J s ( i )) ⊢ G s ( i ) (cid:1) .We write J G for the set of all j-sequences in an arena G . Convention
We say that the occurrence ( s ( J s ( i )) , J s ( i )) is the justifier of a non-initial one ( s ( i ) , i ) in a j-sequence s , and ( s ( i ) , i ) is justified by ( s ( J s ( i )) , J s ( i )). Definition 2.5 (Justified subsequences [35]) A justified (j-) subsequence of aj-sequence s is a j-sequence t such that t is a subsequence of s , and for all i, j ∈ N J t ( i ) = j if and only if J n s ( i ) = j for some n ∈ N . Convention
We are henceforth casual about the distinction between moves andoccurrences; by abuse of notation, we often keep the pointer J s of each j-sequence s = ( s , J s ) implicit and abbreviate occurrences ( s ( i ) , i ) in s as s ( i ). Moreover, weoften write J s ( s ( i )) = s ( j ) if J s ( i ) = j for all i, j ∈ N .Next, we recall the ‘relevant part’ or view of the previous occurrences of eachoccurrence in a j-sequence, which is also fundamental for legal positions. Definition 2.6 (Views [33, 36, 47]) The
Player (P-) view ⌈ s ⌉ and the Op-ponent (O-) view ⌊ s ⌋ of a j-sequence s are respectively the j-subsequences of s defined by the following induction on the length | s | of s : amada Page 22 of 63 • ⌈ ǫ ⌉ := ǫ ; • ⌈ s m ⌉ := ⌈ s ⌉ .m if m is a P-move; • ⌈ s m ⌉ := m if m is initial; • ⌈ s m t n ⌉ := ⌈ s ⌉ .mn if n is an O-move such that m justifies n ; • ⌊ ǫ ⌋ := ǫ ; • ⌊ s m ⌋ := ⌊ s ⌋ .m if m is an O-move; • ⌊ s m t n ⌋ := ⌊ s ⌋ .mn if n is a P-move such that m justifies n .A Player (P-) view (resp. a
Opponent (O-) view ) refers to that of somej-sequence, and a view (of a j-sequence) to a P- or O-view (of the j-sequence).The idea behind the notion of views is as follows. Given a nonempty j-sequence s m such that m is a P- (resp. O-) move, the P-view ⌈ s ⌉ (resp. O-view ⌊ s ⌋ ) is intendedto be the currently ‘relevant part’ of the previous occurrences in s for P (resp. O).I.e., P (resp. O) is concerned only with the last occurrence of an O- (resp. P-) move,its justifier and that justifier’s P- (resp. O-) view, which then recursively proceeds.See [46, 48] for an explanation of views in terms of their counterparts in syntax.We are now ready to recall legal positions : Definition 2.7 (Legal positions [33, 35]) A legal position is a j-sequence s thatsatisfies • (Alternation) If s = s mn s , then λ OP ( m ) = λ OP ( n ); • (Visibility) If s = t m u with m non-initial, then J s ( m ) occurs in ⌈ t ⌉ if m isa P-move, and in ⌊ t ⌋ otherwise.A legal position in an arena G is a legal position that is a j-sequence in G .We write L G for the set of all legal positions in G .As already stated, legal positions are to specify the basic rules of a game in thesense that each position in the game must be legal so that • During a play in the game, O makes the first move by a question, and thenP and O alternately perform moves (by alternation), where each non-initialmove is performed for a specific previous occurrence, viz., its justifier; • The justifier of each non-initial occurrence belongs to the ‘relevant part’ orview of the previous occurrences (by visibility).Having reviewed arenas and legal positions, we are now able to recall games anddeterministic games called t-skeletons : Definition 2.8 (Games [33, 35, 36]) A game is a set G of legal positions, called (valid) positions in G , that satisfies • (Tree) The set G is nonempty and prefix-closed (i.e., s m ∈ G ⇒ s ∈ G ); • (Wfoud) The arena Arn( G ) := ( M G , ⊢ G ) is well-founded,where M G := { s ( i ) | s ∈ G, i ∈ | s | } and ⊢ G := { ( ⋆, s ( j )) | s ∈ G, J s ( j ) = 0 } ∪{ ( s ( i ) , s ( j )) | s ∈ S, J s ( j ) = i } . A subgame of G is a game H such that H ⊆ G .Nonemptiness and prefix-closure of a game G formulates the natural phenomenonthat each nonempty ‘moment’ or position has a previous ‘moment.’ The underlyingarena Arn( G ) of G is well-founded so that we can impose winning , more specifically noetherianity (Definition 2.11), on identities in the categories of games; see [35] forthe details. Also, note that every position in G is a legal position in Arn( G ). amada Page 23 of 63 Definition 2.9 (Tree skeletons [35]) A tree (t-) skeleton is a game σ that is deterministic : s mn, s mn ′ ∈ σ Even ⇒ s mn = s mn . A t-skeleton σ is on a game G ,written σ :: G , if it satisfies σ ⊆ G and ( s m ∈ G Odd ∧ s ∈ σ ) ⇒ s m ∈ σ .In other words, a t-skeleton on a game G is a deterministic subgame σ ⊆ G suchthat possible plays by O in σ coincide precisely with those in G . Therefore, such at-skeleton σ :: G describes for P how to play in G .Clearly, skeletons , i.e., what is called strategies in Section 1.7, on G correspondbijectively to t-skeletons on G . The main difference between the two is, however,that a skeleton needs its underlying game, but a t-skeleton does not. Example 2.10
The simplest game is the unit game := { ǫ } . There is only thetrivial t-skeleton ⊤ := { ǫ } on .Another simple game is the empty game := { ǫ , q OQ } , where q is an arbitrarilyfixed element. There is only the unique t-skeleton ⊥ := { ǫ , q } on .The natural number game N is given by N := Pref( { q OQ n PA | n ∈ N } ), where q justifies n . T-skeletons on N are ⊥ := { ǫ , q } and n := { ǫ , q, qn } for each n ∈ N .At this point, recall that not every t-skeleton corresponds to a proof [33, 35]. Forinstance, the empty-game models the empty-type or falsity [35], and thereforethe t-skeleton ⊥ :: cannot be an interpretation of a proof. This point matters forthe present work since our consistency proof relies on a model of MLTT plus CTthat does not inhabit the empty-type; that is, we need to carve out t-skeletons thatcompute as proofs in such a way that the t-skeleton ⊥ :: is excluded.The previous work [35] characterizes such t-skeletons for proofs as winning ones: Definition 2.11 (Constraints on tree skeletons [33, 35, 47, 45]) A t-skeleton σ is • Total if it always responds: ∀ s m ∈ σ Odd . ∃ s mn ∈ σ ; • Innocent if its computation depends only on P-views: ∀ s mn ∈ σ Even , ˜ s ˜ m ∈ σ Odd . ⌈ s m ⌉ = ⌈ ˜ s ˜ m ⌉ ⇒ ∃ ˜ s ˜ m ˜ n ∈ σ Even . ⌈ s mn ⌉ = ⌈ ˜ s ˜ m ˜ n ⌉ ; • Noetherian if there is no strictly increasing infinite sequence of elements inthe set ⌈ σ ⌉ := {⌈ s ⌉ | s ∈ σ } of all P-views in σ ; • Winning if it is total, innocent and noetherian.
Example 2.12
The t-skeletons ⊤ :: and n :: N for each n ∈ N are winning,while the t-skeleton ⊥ :: is not even total, let alone winning, as desired.Intuitively, we regard winning t-skeletons as proofs (in classical logic) as follows. [10] First, a proof should not get ‘stuck,’ and so t-skeletons for proofs must be total .Next, recall that imposing innocence on t-skeletons corresponds to excluding stateful terms [33]. Since logic is concerned with truths of formulas, which are invariant withrespect to ‘passage of time,’ proofs should not depended on ‘states of arguments.’Thus, we impose innocence on t-skeletons for proofs. Also, we impose noetherianity [10]
We may further impose well-bracketing [33, 35, 47] on winning t-skeletons so thatthey would correspond to proofs in intuitionistic logic . Nevertheless, it is not necessaryfor the present work, and therefore let us skip it for brevity. amada Page 24 of 63 on t-skeletons for proofs to handle infinite plays: If a play by an innocent, noetheriant-skeleton keeps growing infinitely then it cannot be P’s ‘intention,’ and so the playmust be a ‘valid argument’ or win for P. Technically, we need noetherianity sincetotal t-skeletons are not closed under composition but winning ones are [29, 35, 45].Various full completeness results in the literature [33, 34] indicate that winning isnot only necessary but also sufficient as a characterization of t-skeletons for proofs.Finally, recall that we have already sketched constructions on games and skeletons[33, 36] in Section 1.7, and constructions on t-skeletons are essentially the same asthose on skeletons [35]. Let us next present their mathematical formalizations:
Convention
For brevity, we omit ‘tags’ for disjoint union ⊎ of sets of moves exceptthe ones for exponential !. For instance, we write x ∈ A ⊎ B if x ∈ A or x ∈ B ; also,given relations R A ⊆ A × A and R B ⊆ B × B , we write R A ⊎ R B for the relation onthe disjoint union A ⊎ B such that ( x, y ) ∈ R A ⊎ R B df . ⇔ ( x, y ) ∈ R A ∨ ( x, y ) ∈ R B . Definition 2.13 (Constructions on arenas [33, 36, 47]) Given arenas A and B ,we define arenas • A ⊎ B := ( M A ⊎ M B , ⊢ A ⊎ ⊢ B ); • A ⊸ B := ( { a xy | a xy ∈ M A } ⊎ M B , ⊢ A ⊸ B ), where O := P , P := O , ⋆ ⊢ A ⊸ B m : ⇔ ⋆ ⊢ B m and m ⊢ A ⊸ B n : ⇔ m ⊢ A n ∨ m ⊢ B n ∨ ( ⋆ ⊢ B m ∧ ⋆ ⊢ A n ); • ! A := ( { ( a, i ) xy | a xy ∈ M A , i ∈ N } , ⊢ ! A ), where ⋆ ⊢ ! A ( a, i ) : ⇔ ⋆ ⊢ A a and( a, i ) ⊢ ! A ( a ′ , i ′ ) : ⇔ i = i ′ ∧ a ⊢ A a ′ . Definition 2.14 (Tensor on games [33, 36]) The tensor of games G and H isthe game G ⊗ H := { s ∈ L Arn( G ) ⊎ Arn( H ) | ∀ X ∈ { G, H } . s ↾ X ∈ X } , where s ↾ X is the j-subsequence of s that consists of moves in X . Definition 2.15 (Linear implication on games [33, 36]) The linear implication between games G and H is the game G ⊸ H := { s ∈ L Arn( G ) ⊸ Arn( H ) | ∀ X ∈ { G, H } . s ↾ X ∈ X } . By the alternation axiom on legal positions (Definition 2.7), it is easy to see thatonly O (resp. P) may switch between games G and H during a play in the tensor G ⊗ H (resp. the linear implication G ⊸ H ) [29], which matches the description oftensor (resp. linear implication) on games given in Section 1.7. Definition 2.16 (Product on games [33, 36]) The product of games G and H isthe game G & H := { s ∈ L Arn( G ) ⊎ Arn( H ) | ( s ↾ G ∈ G ∧ s ↾ H = ǫ ) ∨ ( s ↾ G = ǫ ∧ s ↾ H ∈ H ) } . amada Page 25 of 63 Definition 2.17 (Exponential on games [36]) The exponential of a game G isthe game! G := { s ∈ L !Arn( G ) | ∀ i ∈ N . s ↾ i ∈ G } , where s ↾ i is the j-subsequence of s that consists of moves ( a, i ), where a ∈ M G ,changed into a . Definition 2.18 (Constructions on tree skeletons between games [35]) Given t-skeletons φ :: A ⊸ B , σ :: C ⊸ D , τ :: A ⊸ C , ψ :: B ⊸ C and ϕ :: ! A ⊸ B between games, we define • The tensor φ ⊗ σ :: A ⊗ C ⊸ B ⊗ D of φ and σ by φ ⊗ σ := { s ∈ L Arn( A ⊗ C ⊸ B ⊗ D ) | s ↾ A, B ∈ φ, s ↾ C, D ∈ σ } , where s ↾ A, B (resp. s ↾ C, D ) is the j-subsequence of s that consists of movesin A or B (resp. C or D ); • The pairing h φ, τ i :: A ⊸ B & C of σ and τ by h φ, τ i := { s ∈ L Arn( A ⊸ B & C ) | ( s ↾ A, B ∈ φ ∧ s ↾ C = ǫ ) ∨ ( s ↾ A, C ∈ τ ∧ s ↾ B = ǫ ) } ; • The composition φ ; ψ :: A ⊸ C (also written ψ ◦ φ ) of φ and ψ by φ ; ψ := { s ↾ A, C | s ∈ φ k ψ } , where φ k ψ := { s ∈ J Arn((( A ⊸ B [0] ) ⊸ B [1] ) ⊸ C ) | s ↾ A, B [0] ∈ φ, s ↾ B [1] , C ∈ ψ, s ↾ B [0] , B [1] ∈ cp B } , the superscripts ( ) [ i ] are to distinguish the two copiesof B , and cp B := { t ∈ B [0] ⊸ B [1] | ∀ u (cid:22) t . Even( u ) ⇒ u ↾ B [0] = u ↾ B [1] } ; • The promotion ϕ † :: ! A ⊸ ! B of ϕ by ϕ † := { s ∈ L Arn(! A ⊸ ! B ) | ∀ i ∈ N . s ↾ i ∈ ϕ } , where s ↾ i is the j-subsequence of s that consists of moves of the form ( b, i )such that b ∈ M B and i ∈ N , or ( a, h i, j i ) such that a ∈ M A and i, j ∈ N ,changed into b and ( a, j ), respectively, and h , i : N × N ∼ → N is an arbitrarybijection fixed throughout this article. Notation
We employ the following notations: • Given a t-skeleton σ :: G , we write σ :: ⊸ G and σ ! :: ⇒ G for thet-skeletons both of which coincide with σ up to ‘tags.’ • Given t-skeletons φ :: ⊸ G and φ ′ :: ⇒ G , we write φ , φ ′ ! :: G for thet-skeletons that coincide with φ and φ ′ up to ‘tags,’ respectively. • Given t-skeletons ψ :: A ⊸ B and α :: A , we define ψ ◦ α := ( ψ ◦ α ) :: B . • Given t-skeletons α :: A and β :: B , we define α ⊗ β := (( α ⊗ β ) ◦ ∆) :: A ⊗ B ,where ∆ is the unique t-skeleton on ⊸ ⊗ , and h α, β i := h α , β i :: A & B . • Given a t-skeleton α :: A , we define α † := (( α ! ) † ) ! :: ! A . • Given an innocent t-skeleton θ :: ! G , we write θ ‡ :: G for the unique (andnecessarily innocent) t-skeleton that satisfies ( θ ‡ ) † = θ . amada Page 26 of 63 Let us next recall a few more preliminary concepts for p-games: consistency and completeness of t-skeletons, and the universal identification on j-sequences.Roughly, a nonempty set S of t-skeletons is consistent if there is a game G suchthat every element of S is a t-skeleton on G , or equivalently: Definition 2.19 (Consistency of tree skeletons [35]) A nonempty set S of t-skeletons is consistent if1 The arena ( S σ ∈S M σ , S σ ∈S ⊢ σ ) is well-founded;2 ∀ σ, τ ∈ S , s m ∈ ( σ ∪ τ ) Odd . s ∈ ( σ ∩ τ ) ⇒ s m ∈ ( σ ∩ τ ).We write σ ≍ ˜ σ and say that t-skeletons σ and ˜ σ are consistent if the two-elementset { σ, ˜ σ } is consistent.The union S S of a consistent set S of t-skeletons forms a game such that eachelement of S is a t-skeleton on S S (but not necessarily vice versa), and converselythe set of all t-skeletons on a game G is consistent. Hence, Definition 2.19 in factformulates the intended meaning of consistency on t-skeletons. E.g., given a set P of t-skeletons, each consistent subset S ⊆ P (not necessarily faithfully) identifies agame S S contained in P ; we shall utilize consistency on t-skeletons in this way.We may further impose completeness on consistent sets of t-skeletons such thatcomplete sets of t-skeletons correspond bijectively to games: Definition 2.20 (Completeness of tree skeletons [35]) A consistent set S of t-skeletons is complete if any subset A ⊆ S S is an element of S whenever it is at-skeleton on the game S S .By a bijection G ∼
7→ { σ | σ :: G } between games G and complete sets { σ | σ :: G } of t-skeletons σ , we may identify games with complete sets of t-skeletons as theprevious work [35] does. We encourage the reader to see that the first problem inmodeling sigma-types by games sketched in Section 1.8, i.e., there is no game thatmodels the sigma-type Σ ( N , N b ), is precisely due to completeness of games.As explained in Section 1.8, the main idea of p-games is to replace games withcomplete sets of t-skeletons and then discard completeness, and even consistency,for which we suggest the reader to observe that the second problem in modelingsigma-types by games sketched in Section 1.8, i.e., there is no game that modelsthe sigma-type Σ ( N , List N ), is due to consistency of games.Next, let us review the universal identification on j-sequences. Recall first thattraditionally each game G comes together with a certain equivalence relation ≃ G onits positions, called the identification (of positions) [49, 36]. The identification ≃ G is to identify positions in G up to inessential details of ‘tags’ on moves so that theresulting game semantics matches the abstraction degree of terms in type theories.Nevertheless, the previous work [35] observes that the identifications proposed inthe literature identify positions always in the same way and shows that we maytherefore replace the identifications equipped on games with a single equivalencerelation ≃ U on j-sequences, called the universal identification . By this unificationof identifications, t-skeletons do not need an identification either, which facilitateskey concepts in [35] such as p-strategies (Definition 2.25). amada Page 27 of 63 The technical detail of the universal identification ≃ U is slightly involved (see[35] for its precise definition), but the idea is straightforward: Definition 2.21 (Universal identification, informally [35]) The universal iden-tification ≃ U holds between positions s , t ∈ G in a game G , for which we write s ≃ U t , if s and t are the same j-sequence up to permutation of natural numbers i ∈ N serving as ‘tags’ ( , i ) on the same occurrence of exponential ! in G .For example, by any bijection f : N ∼ → N that satisfies f (0) = 1, we have q. ( q, . ( n, .m ≃ U q. ( q, . ( n, .m for q. ( q, . ( n, .m, q. ( q, . ( n, .m ∈ N ⇒ N .Finally, we henceforth focus on games and t-skeletons whose moves are standard sothat we can implement the universal identification ≃ U on them. Also, for technicalconvenience, we require that they are saturated with respect to ≃ U , which leads to: Definition 2.22 (Standard games and t-skeletons, informally [35]) Fix a set M of moves, called standard moves , that allows us to accommodate all the gamesand the constructions on them given in [33, 35] but also to implement the universalidentification ≃ U (see [35] for concrete implementations of M and ≃ U ). We write J ( M ) for the set of all j-sequences whose elements are standard moves.A game G is standard if { s ∈ J ( M ) | ∃ t ∈ G. s ≃ U t } ⊆ G ⊆ J ( M ), and at-skeleton σ is standard if σ ⊆ J ( M ) and ( s m ≃ U s m ′ ∧ s m ∈ σ Odd ) ⇒ s m ′ ∈ σ .It is straightforward to see that standard games and standard t-skeletons areclosed under the constructions reviewed in this section; see [35] for the details. We are now ready to recall a central concept in the game semantics of MLTT [35]:
Definition 2.23 (Predicative games [35]) A predicative (p-) game is anonempty set G of standard t-skeletons, called tree (t-) skeletons on G , suchthat the union P G := S G forms a standard game that satisfies1 (Det-j completeness) The set G is deterministic-join (det-j) com-plete : If a consistent subset S ⊆ G is deterministic , i.e., s mn, s mn ′ ∈ S S Even implies s mn = s mn ′ , then S S ∈ G ;2 (Downward completeness) The set G is downward complete : If stan-dard t-skeletons σ ∈ G and ˜ σ ⊆ P G satisfy ˜ σ G σ then ˜ σ ∈ G , where G isthe partial order on t-skeletons σ, ˜ σ ⊆ P G defined by σ G ˜ σ df . ⇔ σ ≍ ˜ σ ∧ σ ⊆ ˜ σ ;3 (Horizontal completeness) The set G is horizontally complete : If stan-dard t-skeletons σ ∈ G and ˜ σ ⊆ P G satisfy σ ≃ G ˜ σ then ˜ σ ∈ G , where ≃ G ,called the identification of t-skeletons on G , is the symmetric closure ofthe preorder . G on standard t-skeletons σ, ˜ σ ⊆ P G defined by σ . G ˜ σ df . ⇔ σ ≍ ˜ σ ∧∀ s mn ∈ σ Even , ˜ s ˜ m ∈ ˜ σ. s m ≃ G ˜ s ˜ m ⇒ ∃ ˜ s ˜ m ˜ n ∈ ˜ σ. s mn ≃ U ˜ s ˜ m ˜ n. amada Page 28 of 63 We write σ :: G for σ ∈ G . A (valid) position in G is a prefix of a sequence q G σ s such that σ :: G and s ∈ σ , where q G is any distinguished element.Conceptually, a play of a p-game G proceeds as follows. At the beginning, Judge(J) asks P a question q G ‘What is your t-skeleton?,’ and P answers it by some σ :: G ; then, an ‘actual play’ between O and P in the ‘declared’ t-skeleton σ follows.The main point of a p-game G is that G may be incomplete so that it is moregeneral than a game. Moreover, G may be even inconsistent so that σ :: G rangesover t-skeletons on different games ; P fixes a game when she answers J. In this way,p-games solve the problems in game semantics of sigma-types (raised in Section 1.8)and indeed model sigma-types; see the original article [35] for the details.For the three axioms on p-games, let us briefly mention that det-j completeness isvital for the domain-theoretic nature of p-games, downward completeness for linearimplication between p-games, and horizontal completeness for p-strategies; see [35]. Example 2.24
Given a set S , define the p-game flat( S ) := { x | x ∈ S } ∪ {⊥} ,where x := Pref( { q OQ x PA } ) and ⊥ := Pref( { q OQ } ). Let us then call the p-games := flat( ∅ ) and N := flat( N ), respectively, the empty predicative (p-) game andthe natural number predicative (p-) game . In addition, define another simplep-game := {⊤} , where ⊤ := { ǫ } , called the unit predicative (p-) game .Some maximal positions of these p-games are depicted in the following diagram: Nq N q Nq N q Nq N q q ⊤ q ⊥ q They clearly correspond to the natural number game, the unit game and the emptygame given in Example 2.10, respectively, as the abuse of the notations indicates.Finally, since we identify positions up to the universal identification ≃ U , it makessense to identify t-skeletons on a p-game G up to the identification ≃ G as well. Infact, such an identification of equivalent t-skeletons matches the abstraction degreeof terms in type theories [36, Section 3.6]. For this point, it is technically moreconvenient to take the union of all equivalent t-skeletons on G up to ≃ G than thequotient [43], which leads us to another central concept in the previous work [35]: Definition 2.25 (Predicative strategies [35]) A predicative (p-) strategy ona p-game G is the saturation Sat( σ ) := S { σ ′ :: G | σ ≃ G σ ′ } ⊆ P G , writtenSat( σ ) : G , of an arbitrary t-skeleton σ :: G that satisfies validity : σ ≃ G σ . Given σ ′ :: G , we write σ ′ ∝ Sat( σ ) and say that σ ′ implements Sat( σ ) if σ ≃ G σ ′ . Remark
The original definitions of saturations and p-strategies [35] are differentfrom yet equivalent to the ones given above. The modifications are just for brevity. amada Page 29 of 63
Example 2.26
The t-skeleton der ( i ) N := Pref( { q. ( q, i ) . ( n, i ) .n | n ∈ N } ) :: N ⇒ N for any i ∈ N is ad-hoc or too low-level since it chooses i for the ‘tag’ ( , i ) on thedomain ! N . The p-strategy Sat(der ( i ) N ) = S i ∈ N der ( i ) N : N ⇒ N fixes this problem.For each p-game G , validity of a t-skeleton σ :: G ensures nonemptiness of thep-strategy Sat( σ ) : G . Since Sat( σ ) = Sat( σ ′ ) if and only if σ ≃ G σ ′ for all σ, σ ′ :: G [35], a p-strategy Sat( σ ) : G is invariant with respect to the representative validt-skeleton σ :: G up to ≃ G , which justify the arbitrary choice of σ in Definition 2.25. We have reviewed all the necessary preliminaries, and therefore let us now turn tothe main content of this article: consistency of MLTT with CT.In this section, we prove the consistency by a constructive model of MLTT plus CTas follows. We first define recursive t-skeletons and their realizers , and fix a choice of canonical realizers for technical convenience in Section 3.1. Next, we introduce an-other, ‘nonstandard’ variant of p-games, called np-games , to accommodate disjointunions of winning-realizer-wise linear implications (DoWRWLIs) in Section 3.2.DoWRWLIs are t-skeletons on modified linear implication, in which O must playon the domain by a winning, recursive t-skeleton and exhibit the canonical realizerfor it at his first move. As explained in Section 1.10, DoWRWLIs implement ouridea on how to validate CT. Next, we show that a CCC
NPG wowrw of well-opened np-games and winning, recursive DoWRWLIs gives rise to a CwF equipped withsemantic type formers for unit-, empty-, N-, pi-, sigma- and Id-types in Section 3.3,which establishes a model of MLTT equipped with these types. Finally, we provethat the model of MLTT in NPG wowrw (even constructively ) validates CT and refutesempty-type, establishing consistency of MLTT with CT, in Section 3.4.
In this section, we define recursive t-skeletons and their realizers , which are based on recursion theory [22, 23] similarly to Section 5.6 of the classic
HO-games [47]. Also,for technical convenience, we fix a canonical realizer for each recursive t-skeleton.First, let us arbitrarily encode standard moves (Definition 2.22) by finite sequencesof natural numbers, which is clearly possible [35]. Next, let us recall that the pointerof each j-sequence (Definition 2.4) is a finite function on natural numbers. It thenfollows from these two points that there is a recursive bijection J ( M ) ∼ → N [22, 23]. Definition 3.1 (Coding of tree skeletons) Let us fix once and for all a recursivebijection C : J ( M ) ∼ → N and call C ( σ ) ⊆ N the coding of t-skeletons σ ⊆ J ( M ).The coding C of t-skeletons enables us to employ recursion theory for defining‘constructive’ or recursive t-skeletons similarly to HO-games [47, Section 5.6]: Convention
Let us fix once and for all an enumeration or
G¨odel numbering G PRF : N ։ PRF on the set PRF of all partial recursive functions N ⇀ N . amada Page 30 of 63 Definition 3.2 (Functional representation) The functional representation ofa t-skeleton σ ⊆ J ( M ) is the partial map fun( σ ) : C ( σ Odd ) ⇀ C ( σ Even ) given byfun( σ )( C ( s m )) := C ( s mn ) if there is s mn ∈ σ Even ; ↑ otherwise ( s m ∈ σ Odd ) . Definition 3.3 (Recursive tree skeletons) A realizer for a t-skeleton σ ⊆ J ( M )is a natural number e ∈ N that realizes (the functional representation of) σ : ∀ s m ∈ σ Odd . G PRF ( e )( C ( s m )) ≃ fun( σ )( C ( s m )) , and a t-skeleton is recursive if there is a realizer for it.Our definition of recursive t-skeletons is the same as that of recursive strategies [47,Section 5.6] except that the latter focuses on innocent strategies and their P-views.Our choice is just for simplicity; we could follow precisely the latter formulation.Note that a realizer e for a recursive t-skeleton σ is only concerned with positionsin σ , and hence G PRF ( e ) may not coincide with fun( σ ) as a partial map N ⇀ N (i.e.,they may compute differently on natural numbers that do not code positions in σ ).Note also that G PRF ( e ) does not (even partially) decide odd-length positions in σ ,and it only computes even-length ones from odd-length ones . These ‘compromises’play a crucial role for our validation of CT (essentially because the set of all totalrecursive functions is not recursively enumerable [22, 23]), as we shall see shortly. Notation
Let G be any set of t-skeletons (so that G can be an np-game (Defini-tion 3.8) as well as a p-game). We write T S r ( G ) (resp. T S wr ( G )) for the set of allrecursive (resp. winning and recursive) t-skeletons in G , and R r ( G ) (resp. R wr ( G ))for the set of all realizers for recursive (resp. winning and recursive) ones in G .Let us then fix an arbitrary choice of a realizer for each recursive t-skeleton andcall it the canonical one: Definition 3.4 (Canonical realizers) Let us fix once and for all a function G G : T S r ( G ) → R r ( G ) for each set G of t-skeletons such that G G ( σ ) ∈ R r ( G ) realizeseach σ ∈ T S r ( G ), and call G G the canonical G¨odel numbering on G . We assumethat canonical G¨odel numberings satisfy the condition at the end of Definition 3.23.We call the realizer G G ( σ ) and the pair ( σ, G G ( σ )) the canonical realizer andthe canonical pair for σ , respectively, and define R cpwr ( G ) := { ( σ, G G ( σ )) | σ ∈ T S wr ( G ) } . For technical convenience (e.g., for Definitions 3.21 and 3.23), we shall henceforthemploy canonical pairs frequently. Note that, although canonical realizers in generaldo not have complete information about t-skeletons, canonical pairs (trivially) do. amada Page 31 of 63
In this section, we modify a certain class of t-skeletons, called unions of pointwiselinear implications (UoPLIs) , on the linear implication G ⊸ H between p-games G and H [35], and based on it define a modified linear implication G _ H . In G _ H ,O must play by a winning, recursive t-skeleton σ on the domain G and exhibit thecanonical realizer for σ at his first move. This modification of linear implicationimplements our idea on how to model MLTT plus CT sketched in Section 1.10.However, there arises a problem: P-games G are not closed under the modifiedlinear implication _ because it does not preserve saturation of the set P G of allpositions. Note that we cannot simply discard the saturation axiom since if we doso then a t-skeleton σ :: G may generate a p-strategy Sat( σ ) that is not even asubset of P G , i.e., p-strategies would be no longer ‘strategies on p-games’ [35].On the other hand, recall that McCusker [33, 36] dispenses with identification ofpositions and strategies by employing much simpler exponential ˆ! without the ‘tags’ ( , i ) such that i ∈ N , which we call simplified exponential , and well-opened gamesfor which simplified exponential ˆ! works. As confessed in [36, p. 48], however, thissimpler approach to cartesian closure of games is mathematically ad-hoc , and it iswhy the previous work [35] employs identifications of positions and p-strategies.Nevertheless, the goal of the present work is to prove consistency of MLTT withCT, and mathematical elegance of the employed method is secondly. Therefore, weadopt, as a solution to the above problem, McCusker’s simplified exponential ˆ! andwell-opened games. Let us first recall these concepts plus thread-closed games: Definition 3.5 (Thread-closed games [33, 36]) A game A is thread-closed if s ↾ I ∈ A for any position s ∈ A and set I of initial occurrences in s , where s ↾ I is the j-subsequence of s that consists of occurrences in s hereditarily justified [11] by initial occurrences in I , called the thread of s with respect to I .That is, a game is thread-closed if its positions are closed under taking threads. Remark
The terminology thread-closed is not used in the original articles [33, 36].
Definition 3.6 (Simplified exponential on games [33, 36]) The simplified expo-nential on a game A is the game ˆ! A := { s ∈ L Arn( A ) | ∀ m ∈ M Init A . s ↾ { m } ∈ A } ,where { m } ranges over the singleton set of each initial occurrence in s whose moveis m if there is such an initial occurrence in s , and the empty set ∅ otherwise.We want the relation A ⊆ ˆ! A for every game A since we employ ˆ! as an alternativeto exponential ! (Section 1.7). Although it does not hold for games in general, it doesfor thread-closed ones; it is the point of the thread-closing constraint [36, p. 41].As mentioned in [36, pp. 42-43], however, identities (or identity morphisms) in theCCC of games, called derelictions , are not well-defined with respect to simplifiedexponential ˆ!. To remedy this problem, we have to further focus on: [11] An initial occurrence m in a j-sequence s hereditarily justifies an occurrence n in s ifa finite iteration of the pointer J s applied to n goes back to m [33, 36]. amada Page 32 of 63 Definition 3.7 (Well-opened games [33, 36]) A game A is well-opened if theconjunction of s m t ∈ A and m ∈ M Init A implies s = ǫ .In other words, a game is well-opened if its position contains at most one initialoccurrence. Note that well-opened games are trivially thread-closed. Note also thatwell-opened games are not closed under (simplified) exponential, but it does notmatter for the present work as what we need is the implication ⇒ , not (simplified)exponential itself, and well-opened games are closed under implication [36, p. 43].Because simplified exponential ˆ! dispenses with the ‘tags’ ( , i ) such that i ∈ N onexponential !, we no longer need the universal identification ≃ U (Definition 2.21)or relevant concepts. Let us therefore introduce modified, ‘nonstandard’ p-gameswithout the nonempty, saturation or three completenesses axioms: Definition 3.8 (Nonstandard predicative games) A nonstandard predicative(np-) game is a set of t-skeletons σ such that σ ⊆ J ( M ). An np-game is well-opened if so are all its elements (Definition 3.7). Remark
We could instead call np-games generalized p-games since np-games areobtained from p-games by discarding all the axioms. Nevertheless, we would like toemphasize that np-games are undoubtedly ‘nonstandard’ as they do not have thedomain-theoretic structures of game semantics, e.g., an np-game may be the emptyset, which motivates the term np-games . Technically, we discard in Definition 3.8the nonempty axiom on p-games for the modified linear implication _ between np-games (Lemma 3.15), and the saturation and the three completenesses axioms sincewe no longer care for identifications of positions or orders between t-skeletons (n.b.,recall that mathematical elegance of our mathematical structures is secondary). Example 3.9
The p-games in Example 2.24 are all well-opened np-games.
Convention
We apply the notations/conventions for p-games to np-games as well.Let us next introduce the modified linear implication _ between np-games asannounced above. Because np-games are defined in terms of t-skeletons (just likep-games), we define the modified linear implication in terms of t-skeletons as follows: Definition 3.10 (FoWRWLIs) A family of winning-realizer-wise linear im-plications (FoWRWLI) between np-games G and H is a family φ = ( φ ( γ,e ) ) ( γ,e ) ∈ R cpwr ( G ) of t-skeletons φ ( γ,e ) :: γ ⊸ cod φ ( γ, e ) that satisfies1 cod φ ( γ, e ) ∈ T S wr ( H );2 ∀ ( γ, e ) , ( γ ′ , e ) ∈ R cpwr ( G ) , s mn ∈ φ Even( γ,e ) , s mn ′ ∈ φ Even( γ ′ ,e ) . s mn = s mn ′ ;3 There is a natural number f ∈ N such that G PRF ( f )( e ) = π γφ ( e ) for all ( γ, e ) ∈ R cpwr ( G ), where π γφ : e G H (cod φ ( γ, e )) (called the realizer-map of φ at γ ). amada Page 33 of 63 Given an np-game K and an FoWRWLI ψ between H and K , the composition of φ and ψ is the FoWRWLI ψ ◦ φ between G and K defined by( ψ ◦ φ ) ( γ,e ) := ψ (cod φ ( γ,e ) ,π γφ ( e )) ◦ φ ( γ,e ) (( γ, e ) ∈ R cpwr ( G )) . We write F wrw ( G, H ) for the set of all FoWRWLIs between G and H .Each realizer-map π γφ is not required to be recursive (or there is f ∈ N such that G PRF ( f )( n ) ≃ π γφ ( n ) for all n ∈ N ) since otherwise we could not validate CT (againdue to the computational hardness of the set of all total recursive functions), as weshall see shortly. Nevertheless, even in such a weakened sense, the ‘effectivity’ ofrealizer-maps is necessary for recursive DoWRWLIs (Definition 3.11) to be closedunder composition (the second clause of Lemma 3.12). Note also that the realizer-map π γφ does not actually depend on the t-skeleton γ ∈ π ( R cpwr ( G )). Convention
We henceforth omit the superscript ( ) γ on realizer-maps π γφ . We write ∅ for the empty FoWRWLI, and { ϕ } for a singleton FoWRWLI of a t-skeleton ϕ .Next, the second axiom on FoWRWLIs prohibits their components from depend-ing on the indexing t-skeletons, which is crucial for the first clause of Lemma 3.12.On the other hand, the components may depend on the indexing realizers, whichwill play a crucial role for our validation of CT, as we shall see. However, it prohibitsus from taking the union on an FoWRWLI since such a union may not be a well-defined t-skeleton. Specifically, the union may be nondeterministic (Definition 2.9).Therefore, we instead take the disjoint union of each FoWRWLI: Definition 3.11 (DoWRWLIs) A disjoint union of winning-realizer-wiselinear implications (DoWRWLI) between np-games G and H is the t-skeleton ⊎ φ := ⊤ (= { ǫ } ) if φ = ∅ ; S ( γ,e ) ∈ R cpwr ( G ) φ [ e ]( γ,e ) otherwise,for an FoWRWLI φ between G and H , where φ [ e ]( γ,e ) := { ( s (1) , e ) . ( s (2) , e ) . . . ( s ( | s | ) , e ) | s ∈ φ ( γ,e ) } , and the ‘tags’ ( , e ) are implemented within the formalization of standard moves.Given an np-game K and a DoWRWLI ⊎ ψ between H and K , the composition of ⊎ φ and ⊎ ψ is the DoWRWLI ⊎ ψ ◦ ⊎ φ between G and K defined by ⊎ ψ ◦ ⊎ φ := ⊎ ( ψ ◦ φ ) . Remark
Alternatively, a DoWRWLI ⊎ φ between np-games G and H can be definedby ⊎ φ := ⊤ if φ = ∅ , and ⊎ φ := S e ∈ π ( R cpwr ( G )) φ [ e ] e , where φ e := S ( γ,e ) ∈ R cpwr ( G ) φ ( γ,e ) ,otherwise. This point on DoWRWLIs, which are morphisms in our category, justifiesthe simplification of the semantics of pi-types made in Section 1.10, as we shall see. amada Page 34 of 63 Convention
Henceforth, we shall frequently reason about DoWRWLIs, for whichwe need case analyses accordingly to how DoWRWLIs are defined. It is, however,mostly rather trivial to handle the first case (i.e., when the underlying FoWRWLI φ of a given DoWRWLI ⊎ φ is empty), and so we shall often skip it. Lemma 3.12 (Well-defined DoWRWLIs)
Let G , H and K be np-games.1 Any DoWRWLI between G and H is a t-skeleton contained in J ( M ) ;2 DoWRWLIs (resp. winning, recursive ones) are closed under composition.Proof For the first clause, it suffices to remark that each DoWRWLI is deterministicthanks to the second axiom on FoWRWLIs.For the second clause, note that each DoWRWLI uniquely determines the under-lying FoWRWLI so that the composition is well-defined on DoWRWLIs (resp. win-ning ones). Finally, the third axiom on FoWRWLIs or ‘effectivity’ of realizer-mapsenables us to ‘effectively’ obtain the ‘intermediate’ realizer π φ ( e ) on the component( ψ ◦ φ ) e of the composition ⊎ ψ ◦ ⊎ φ of given composable DoWRWLIs ⊎ φ and ⊎ ψ sothat the composition evidently preserves recursiveness of DoWRWLIs (by the sameargument for closure of recursive strategies under composition in [47, p. 355]).For comparison with DoWRWLIs, let us recall UoPLIs [35] between p-games:
Definition 3.13 (UoPLIs [35]) A family of pointwise linear implications(FoPLI) between p-games G and H is a family ϕ = ( ϕ σ ) σ :: G of standard t-skeletons ϕ σ that satisfies1 ∀ σ :: G. ∃ τ :: H. ϕ σ :: σ ⊸ τ ;2 ∀ σ, ˜ σ :: G, s mn ∈ ϕ Even σ , s m ˜ n ∈ ϕ Even˜ σ . s mn = s m ˜ n .We write F ( G, H ) for the set of all FoPLIs between G and H , and call the union S ϕ := S σ :: G ϕ σ the union of PLIs (UoPLI) between G and H (on ϕ ).The first axiom on an FoPLI specifies the induced UoPLI in the pointwise fashion.On the other hand, the second axiom brings UoPLIs determinacy so that they arewell-defined t-skeletons. Moreover, the second axiom gives rise to the computationalnature or domain-theoretic structures of game semantics, e.g., thanks to the axiom,the input-output pairs (or extension) of a UoPLI induce continuous functions [35].Crucially, DoWRWLIs differ from UoPLIs in the following two points:1 O in each DoWRWLI must play on the domain by a winning, recursive t-skeleton and exhibit the canonical realizer for it by the ‘tag’ at his first move,while in each UoPLI O may play by any t-skeleton on the domain and doesnot have to exhibit anything other than ordinary O-moves during a play;2 A play by a DoWRWLI may depend on the realizer that O supplies, while itis not the case for a play by a UoPLI due to its second axiom.Consequently, DoWRWLIs implement our idea on how to validate CT, which isdescribed in Section 1.10, while UoPLIs cannot.Next, recall that the previous work [35] defines the linear implication G ⊸ H between p-games G and H by G ⊸ H := { S Φ | Φ ∈ F ( G, H ) } . Similarly, wedefine our modified linear implication _ between np-games by amada Page 35 of 63 Definition 3.14 (Winning-realizer-wise linear implication) The winning-realizer-wise (w.r.w.) linear implication between np-games G and H is the np-game G _ H := { ⊎ φ | φ ∈ F wrw ( G, H ) } . Note that G _ H = ∅ if R cpwr ( G ) = ∅ and R cpwr ( H ) = ∅ . It is why we allow annp-game to be the empty set (Definition 3.8). Lemma 3.15 (Well-defined winning-realizer-wise linear implication)
Np-gamesare closed under w.r.w. linear implication _ .Proof Immediate from the first clause of Lemma 3.12.On the other hand, p-games are not closed under w.r.w. linear implication _ .To see this point, note that the ‘tags’ for DoWRWLIs are embedded into standardmoves, and thus certain forms of standard moves determine O’s play on the domain of a DoWRWLI. Consequently, p-games are not closed under w.r.w. linear impli-cation since it does not preserve saturation of positions. For instance, consider thew.r.w. linear implication !(! N _ N ) _ N , where N and ! N are the natural numbergame and its exponential (Section 1.7) regarded as p-games. A play in it looks like!(! N _ N ) _ Nq !(! N _ N ) _ N ⊎ φ q [ e ] ( q, j ) [ e ′ ] , [ e ] (( q, i ) , j ) [ e ′ ] , [ e ] (( n, i ) , j ) [ e ′ ] , [ e ] ( m, j ) [ e ′ ] , [ e ] ( q, j ′ ) [ e ′ ] , [ e ] (( q, i ′ ) , j ′ ) [ e ′ ] , [ e ] (( n ′ , i ′ ) , j ′ ) [ e ′ ] , [ e ] ( m ′ , j ′ ) [ e ′ ] , [ e ] l [ e ] Because e realizes O’s play on the domain ! N _ N , his choice i ∈ N is determinedby e , where the ‘tag’ ( ) [ e ] constitutes the moves in the diagram. It then follows thatthe set P !(! N _ N ) _ N is not saturated (as i does not range over all natural numbersunless we change e ), showing that !(! N _ N ) _ N is not a p-game.We circumvent this problem by discarding identifications and the saturation axiomon p-games, and then adopting np-games and simplified exponential ˆ! on them: Definition 3.16 (Simplified exponential on nonstandard predicative games) The simplified exponential of an np-game G is the np-game ˆ! G := { ˆ! σ | σ :: G } . Notation
We adopt the notations for exponential ! on games given at the end ofSection 2.1 also for simplified exponential ˆ! on np-games in the evident way. It inparticular implies that ˆ! σ = σ † :: ˆ! G holds for any np-game G and t-skeleton σ :: G . amada Page 36 of 63 Remark
The previous work [35] necessitates the countably infinite tensor on t-skeletons ( σ i ) i ∈ N for exponential ! on p-games in order to systematically accommo-date non-innocent t-skeletons on exponentials. In contrast, we shall use simplifiedexponential ˆ! on np-games exclusively on the domains of w.r.w. linear implications,where O must play by innocent t-skeletons which are all promotions . Hence, itsuffices to define simplified exponential on np-games as above.Let us proceed to define other constructions on np-games: Definition 3.17 (Winning-realizer-wise implication) The winning-realizer-wise (w.r.w.) implication between np-games G and H is the np-game ˆ! G _ H . Definition 3.18 (Product on nonstandard predicative games) The product ofnp-games G and H is the np-game G & H := {h σ, τ i | σ :: , τ :: H } .Recall once again that McCusker [33, 36] has to focus on well-opened games for theuse of simplified exponential ˆ! on games. For the same reason, we shall henceforthfocus on well-opened np-games, which the following theorem supports: Theorem 3.19 (Well-defined constructions on nonstandard predicative games)
Np-games (resp. well-opened ones) are closed under product and w.r.w. implication.Proof
Closure of np-games (resp. well-opened ones) under product is obvious, andthat under implication follows immediately from Lemma 3.15.At this point, we can sketch how we shall validate CT as follows. Consider thenp-game ˆ!(ˆ! N _ N ) _ N , which interprets the type ( N ⇒ N ) ⇒ N . We then definea t-skeleton ⊎ ctl : ˆ!(ˆ! N _ N ) _ N that plays as in the following diagram:ˆ!(ˆ! N _ N ) ⊎ ctl _ Nq ˆ!(ˆ! N _ N ) _ N ⊎ ctl q [ e ] ( e ‡ ) [ e ] Note that O must perform the first move q [ e ] in ˆ!(ˆ! N _ N ) _ N , which specifiesthe canonical realizer e ∈ π ( R cpwr (ˆ!(ˆ! N _ N ))) for his intended computation on thedomain ˆ!(ˆ! N _ N ). The computation must be by a winning, recursive t-skeleton onˆ!(ˆ! N _ N ). Then, the t-skeleton ⊎ ctl directs P to ‘copy-cat’ the given realizer e asthe P-move ( e ‡ ) [ e ] , where e ‡ realizes the winning, recursive t-skeleton on ˆ! N _ N that essentially coincides with the one realized by e . In this way, the t-skeleton ⊎ ctlmodels the nontrivial part of CT (2), which is the main idea of the present work.Moreover, it is straightforward to see that the t-skeleton ⊎ ctl is recursive so thatwe may constructively model MLTT plus CT. Note that the position q [ e ] ∈ ⊎ ctl isnot even partially decidable since otherwise it would contradict the well-known factthat the set of all total recursive functions is not recursively enumerable; for this amada Page 37 of 63 point, we have carefully ‘compromised’ our notions of (the ‘effectivity’ of) recursivet-skeletons and realizer-maps, as already remarked, so that ⊎ ctl is recursive.Also, let us emphasize the point that the t-skeleton ⊎ ctl resolves the dilemmabetween intensionality and extensionality explained in Section 1.6. In fact, O mustexhibit the canonical realizer for his winning, recursive t-skeleton on the domain onthe nose at his first move in a play in ⊎ ctl, which is very intensional like realizability`a la Kleene, while ⊎ ctl itself is just as abstract as morphisms in the game semantics[35] or realizability `a la assemblies, i.e., extensional enough to model MLTT.The rest of this article is dedicated to verifying this solution in detail. Towardsthis end, we first modify constructions on t-skeletons on linear implication ⊸ [35]into appropriate ones on w.r.w. linear implication _ : Definition 3.20 (Winning-realizer-wise copy-cats) The winning-realizer-wise(w.r.w.) copy-cat on an np-game G is the DoWRWLI ⊎ cp G :: G _ G whosecomponent (cp G ) ( γ,e ) for each ( γ, e ) ∈ R cpwr ( G ) is given by(cp G ) ( γ,e ) := { s ∈ γ [0] ⊸ γ [1] | ∀ t (cid:22) s . Even( t ) ⇒ t ↾ γ [0] = t ↾ γ [1] } , where the superscripts ( ) [ i ] ( i = 0 ,
1) are to distinguish the two copies of γ . Definition 3.21 (Winning-realizer-wise derelictions) The winning-realizer-wise (w.r.w.) dereliction on an np-game G is the DoWRWLI ⊎ der G :: ˆ! G _ G whose component (der G ) ( γ † ,e ′ ) for each ( γ † , e ′ ) ∈ R cpwr (ˆ! G ) is given by(der G ) ( γ † ,e ′ ) := { s ∈ γ † ⊸ γ | ∀ t (cid:22) s . Even( t ) ⇒ t ↾ γ † = t ↾ γ } . Lemma 3.22 (Well-defined winning-realizer-wise copy-cats and derelictions)
Let G be an np-game.1 The w.r.w. copy-cat ⊎ cp G is a winning, recursive t-skeleton on the np-game G _ G , and it is the unit for composition on DoWRWLIs;2 The w.r.w. dereliction ⊎ der G is a winning, recursive t-skeleton on the np-game ˆ! G _ G if G is well-opened.Proof Similar to the case of copy-cats and derelictions given in [35], where ⊎ cp G and ⊎ der G are clearly recursive, and they are the trivial t-skeleton ⊤ if R cpwr ( G ) = ∅ . Definition 3.23 (Constructions on DoWRWLIs) Given np-games A , B , C and D , and DoWRWLIs ⊎ φ :: A _ B , ⊎ ρ :: A _ C and ⊎ ϕ :: ˆ! A _ B , we define • The pairing h⊎ φ, ⊎ ρ i := ⊎h φ, ρ i :: A _ B & C of ⊎ φ and ⊎ ρ by h φ, ρ i ( γ,e ) := h φ ( γ,e ) , ρ ( γ,e ) i for each ( γ, e ) ∈ R cpwr ( A ); • The promotion ( ⊎ ϕ ) † := ⊎ ( ϕ † ) :: ˆ! A _ ˆ! B of ⊎ ϕ by( ϕ † ) ( γ † ,e ′ ) := ( ϕ ( γ † ,e ′ ) ) † for each ( γ † , e ′ ) ∈ R cpwr (ˆ! A ) (which allows us to write ⊎ ϕ † for ( ⊎ ϕ ) † ), amada Page 38 of 63 where we (can and do) assume that the corresponding constructions on realizer-maps are ‘effective’ by an appropriate choice of canonical realizers (Definition 3.4). Remark
We fix canonical realizers since they enable us to concisely define theseconstructions on DoWRWLIs in such a way that Lemma 3.25 below holds.
Lemma 3.24 (Well-defined constructions on DoWRWLIs)
DoWRWLIs (resp.winning, recursive ones) are closed under pairing and promotion.Proof
Similar to the corresponding constructions on UoPLIs [35], where recursiveDoWRWLIs are clearly closed under pairing and promotion.
Lemma 3.25 (Winning-realizer-wise promotion lemma)
Let A , B , C and D benp-games, and ⊎ φ :: ˆ! A _ B , ⊎ ψ :: ˆ! B _ C and ⊎ ϕ :: ˆ! C _ D DoWRWLIs.1 ⊎ der † A = ⊎ cp ˆ! A :: ˆ! A _ ˆ! A and ⊎ der B ◦ ⊎ φ † = ⊎ φ :: ˆ! A _ B ;2 ⊎ ϕ ◦ ( ⊎ ψ ◦ ⊎ φ † ) † = ( ⊎ ϕ ◦ ⊎ ψ † ) ◦ ⊎ φ † :: ˆ! A _ D .Proof Similar to the case of UoPLIs [35], where it is crucial for the first and thesecond clauses to fix a choice of canonical realizers (Definition 3.4).We are now ready to define:
Definition 3.26 (Category of realizability `a la game semantics) The category
NPG wowrw consists of • Well-opened np-games as objects; • Winning, recursive t-skeletons on ˆ! A _ B as morphisms A → B ; • The composition ⊎ ψ •⊎ φ : A → C of morphisms ⊎ φ : A → B and ⊎ ψ : B → C given by ⊎ ψ • ⊎ φ := ⊎ ψ ◦ ⊎ φ † ; • W.r.w. derelictions ⊎ der A : ˆ! A _ A as identities A → A .The category NPG wowrw is well-defined by Lemmata 3.12, 3.22, 3.24 and 3.25, andmoreover cartesian closed (which is an immediate corollary of the theorem givenlater that
NPG wowrw models MLTT equipped with unit-, pi- and sigma-types via aCwF and semantic type formers, and so the following proof is just a sketch):
Proposition 3.27 (Cartesian closure)
The category
NPG wowrw is cartesian closed,where a terminal object, products and exponential objects are given by the unit np-game , product & and w.r.w. implication ˆ!( ) _ ( ) , respectively.Proof (sketch) By Theorem 3.19 and Lemmata 3.24 and 3.25, where note that t-skeletons in
NPG wowrw are all winning and recursive so that
NPG wowrw is closed.
Notation
Given G ∈ NPG wowrw , we write
NPG wowrw ( G ) for the hom-set NPG wowrw ( , G ).Hence, each element of NPG wowrw ( G ) is of the form ⊎{ γ ˆ! } for some γ ∈ T S wr ( G )(n.b., γ :: Γ implies γ ˆ! :: ⊤ † _ Γ); we usually write ⊎ γ for it (i.e., γ = { γ ˆ! } ).Just for convenience, we also write NPG wrw ( H ) for the set of all winning, recursivet-skeletons on ˆ! _ H for any (not necessarily well-opened) np-game H . amada Page 39 of 63 Similarly to the game semantics of simple type theories and the game semanticsof MLTT [35], the w.r.w. implications ˆ!( A & B ) _ C and ˆ! A _ (ˆ! B _ C ) coincideup to ‘tags’ on moves for any np-games A , B and C (n.b., t-skeletons on the w.r.w.implications are only the trivial one ⊤ if R cpwr ( A ) = ∅ or R cpwr ( B ) = ∅ ), and thereforecurrying is modeled in the category NPG wowrw . In particular, it explains essentiallywhy our model of MLTT in
NPG wowrw validates the ξ -rule, as we shall see shortly. In this section, we lift the CCC
NPG wowrw to a category with families (CwF) [20, 50],an abstract model of MLTT, equipped with semantic type formers [20] for unit-,empty-, N-, pi-, sigma- and Id-types so that
NPG wowrw is shown to model MLTTtogether with these types by soundness of the semantics of MLTT in CwFs [20].Towards this end, let us first introduce our interpretation of (dependent) types:
Definition 3.28 (Dependent nonstandard predicative games) A dependentnonstandard predicative (np-) game on an np-game Γ is a family A = ( A ( ⊎ γ )) ⊎ γ ∈ NPG wrw (Γ) of np-games A ( ⊎ γ ) such that the union S ⊎ γ ∈ NPG wrw (Γ) ⊢ A ( ⊎ γ ) is well-founded.A dependent np-game is well-opened if so are all its components. We write D NPG wowrw (Γ) for the set of all well-opened dependent np-games on Γ.Unlike the game semantics of MLTT [35], the indexing t-skeletons of a dependentnp-game A on an np-game Γ are on Γ, not ˆ!Γ, but it does not lose any generality forour interpretation since the domain and the codomain t-skeletons of DoWRWLIsare all innocent so that we may assume that those on ˆ!Γ are all promotions .Let us then generalize w.r.w. implication (Definition 3.17) in such a way that itcaptures type dependency of pi-types (Definition 3.31): Definition 3.29 (Integration on dependent nonstandard predicative games) The integration of a dependent np-game A on an np-game Γ is the np-game Z Γ A := [ ⊎ γ ∈ NPG wrw (Γ) A ( ⊎ γ ) (n.b., we often abbreviate Z Γ as Z ) . Remark
The integration on dependent np-games is simpler than the correspondingone on p-games in the previous work [35] as ours does not have to be det-j complete.
Definition 3.30 (FoDWRWLIs) A family of dependently winning-realizer-wise linear implications (FoDWRWLI) from an np-game Γ to a dependentnp-game A on Γ is an FoWRWLI φ from Γ to R Γ A that satisfies ∀ ( γ, e ) ∈ R cpwr (Γ) . cod φ ( γ, e ) :: A ( ⊎{ γ ˆ! } ) (n.b., γ :: Γ implies γ ˆ! :: ⊤ † _ Γ) . We write F wrw (Γ , A ) for the set of all FoDWRWLIs from Γ to A . amada Page 40 of 63 Definition 3.31 (Winning-realizer-wise linear-pi and pi) The winning-realizer-wise (w.r.w.) linear-pi from an np-game Γ to a dependent np-game A on Γ isthe np-game ℓ Π wrw (Γ , A ) := { ⊎ φ | φ ∈ F wrw (Γ , A ) } , and the winning-realizer-wise (w.r.w.) pi from Γ to A is the np-gameΠ wrw (Γ , A ) := ℓ Π wrw (ˆ!Γ , A ‡ ) , where A ‡ is the dependent np-game on ˆ!Γ defined by A ‡ ( ⊎ γ † ) := A ( ⊎ γ ) for each ⊎ γ † ∈ NPG wrw (ˆ!Γ).
Lemma 3.32 (Well-defined winning-realizer-wise linear-pi and pi)
The w.r.w.linear-pi ℓ Π wrw (Γ , A ) and the w.r.w. pi Π wrw (Γ , A ) are (well-opened) np-games forany np-game Γ and (well-opened) dependent np-game A on Γ .Proof Immediate from Lemma 3.15 and Theorem 3.19.Let us similarly define the w.r.w. variant of sigma:
Definition 3.33 (Winning-realizer-wise sigma) The winning-realizer-wise(w.r.w.) sigma of an np-game Γ and a dependent np-game A on Γ is the np-game Σ wrw (Γ , A ) := {h γ, α i :: Γ & Z Γ A | γ ∈ T S wr (Γ) ⇒ α :: A ( ⊎{ γ ˆ! } ) } . Lemma 3.34 (Well-defined winning-realizer-wise sigma)
The w.r.w. sigma Σ wrw (Γ , A ) is a (well-opened) np-game for any (well-opened) np-game Γ and (well-opened) dependent np-game A on Γ .Proof Immediate from Theorem 3.19.Finally, let us introduce our interpretation of Id-types:
Definition 3.35 (Identity nonstandard predicative games) Given an np-game Γand t-skeletons γ, γ ′ :: Γ, the identity (Id) between γ and γ ′ is the np-gameId Γ ( γ, γ ′ ) := if γ = γ ′ ; otherwise. Lemma 3.36 (Well-defined Id on nonstandard predicative games)
Given an np-game Γ , the Id Id Γ ( γ, γ ′ ) between any γ, γ ′ :: Γ is a well-opened np-game.Proof Obvious. amada Page 41 of 63
We are now ready to lift the CCC
NPG wowrw to a CwF. Let us first recall the generaldefinition of CwFs [50], where our presentation is based on [20]:
Definition 3.37 (Categories with families [20, 50]) A category with families(CwF) is a tuple C = ( C , Ty , Tm , { } , T, . , p , v , h , i ), where • C is a category with a terminal object T ∈ C ; • Ty assigns, to each object Γ ∈ C , a set Ty(Γ), called the set of all types inthe context Γ; • Tm assigns, to each pair (Γ , A ) of an object Γ ∈ C and a type A ∈ Ty(Γ), aset Tm(Γ , A ), called the set of all terms of type A in the context Γ; • To each f : ∆ → Γ in C , { } assigns a map { f } : Ty(Γ) → Ty(∆), calledthe substitution on types , and a family ( { f } A ) A ∈ Ty(Γ) of maps { f } A :Tm(Γ , A ) → Tm(∆ , A { f } ), called the substitutions on terms ; • . assigns, to each pair (Γ , A ) of a context Γ ∈ C and a type A ∈ Ty(Γ), acontext Γ .A ∈ C , called the comprehension of A ; • p (resp. v) associates each pair (Γ , A ) of a context Γ ∈ C and a type A ∈ Ty(Γ)with a morphism p( A ) : Γ .A → Γ in C (resp. a term v A ∈ Tm(Γ .A, A { p( A ) } )),called the first projection on A (resp. the second projection on A ); • h , i assigns, to each triple ( f, A, g ) of a morphism f : ∆ → Γ in C , a type A ∈ Ty(Γ) and a term g ∈ Tm(∆ , A { f } ), a morphism h f, g i A : ∆ → Γ .A in C , called the extension of f by g that satisfies • (Ty-Id) A { id Γ } = A ; • (Ty-Comp) A { f ◦ e } = A { f }{ e } ; • (Tm-Id) h { id Γ } A = h ; • (Tm-Comp) h { f ◦ e } A = h { f } A { e } A { f } ; • (Cons-L) p( A ) ◦ h f, g i A = f ; • (Cons-R) v A {h f, g i A } = g ; • (Cons-Nat) h f, g i A ◦ e = h f ◦ e, g { e } A { f } i A ; • (Cons-Id) h p( A ) , v A i A = id Γ .A for any Γ , ∆ , Θ ∈ C , A ∈ Ty(Γ), f : ∆ → Γ, e : Θ → ∆, h ∈ Tm(Γ , A ) and g ∈ Tm(∆ , A { f } ).Roughly, judgements of MLTT are modeled in a CwF C by ⊢ Γ ctx J Γ K ∈ C ; Γ ⊢ A type J A K ∈ Ty( J Γ K ); Γ ⊢ a : A J a K ∈ Tm( J Γ K , J A K ); ⊢ Γ = ∆ ctx ⇒ J Γ K = J ∆ K ∈ C ; Γ ⊢ A = B type ⇒ J A K = J B K ∈ Ty( J Γ K ); Γ ⊢ a = a ′ : A ⇒ J a K = J a ′ K ∈ Tm( J Γ K , J A K ) , where J K denotes the semantic map or interpretation [20]. Strictly speaking, thefirst three maps define an interpretation J K of MLTT in C , while the last threelogical implications are soundness of the interpretation J K . See [20] for the details.Let us now turn to introducing our CwF of realizability `a la game semantics : amada Page 42 of 63 Definition 3.38 (CwF of realizability `a la game semantics) The CwF
NPG wowrw isthe tuple (
NPG wowrw , Ty , Tm , { } , , . , p , v , h , i ), where • The category
NPG wowrw is the one defined in Definition 3.26, and ∈ NPG wowrw is the unit np-game (Example 3.9); • Given Γ ∈ NPG wowrw and A ∈ D NPG wowrw (Γ), we define Ty(Γ) := D NPG wowrw (Γ)and Tm(Γ , A ) :=
T S wr (Π wrw (Γ , A )); • Given ⊎ φ : ∆ → Γ in
NPG wowrw , we define the map {⊎ φ } : Ty(Γ) → Ty(∆) by A {⊎ φ } := ( A ( ⊎ φ • ⊎ δ )) ⊎ δ ∈ NPG wowrw (∆) ( A ∈ Ty(Γ)) , and the map {⊎ φ } A : Tm(Γ , A ) → Tm(∆ , A {⊎ φ } ) by ⊎ α {⊎ φ } A := ⊎ α • ⊎ φ ( ⊎ α ∈ Tm(Γ , A )); • The comprehension Γ .A is given by Γ .A := Σ wrw (Γ , A ), the first projectionp( A ) := fst Σ wrw (Γ ,A ) : Σ wrw (Γ , A ) → Γ is the w.r.w. dereliction ⊎ der Γ up to‘tags,’ the second projection v A := snd Σ wrw (Γ ,A ) ∈ Tm(Σ wrw (Γ , A ) , A { p( A ) } )is the w.r.w. dereliction ⊎ der R Γ A up to ‘tags,’ and the extension h⊎ φ, ⊎ α i A :∆ → Σ wrw (Γ , A ) is the pairing h⊎ φ, ⊎ α i of the DoWRWLIs ⊎ φ and ⊎ α . Convention
We frequently omit the subscript ( ) A on { } A and h , i A , and theone ( ) Σ wrw (Γ ,A ) on fst Σ wrw (Γ ,A ) and snd Σ wrw (Γ ,A ) . Theorem 3.39 (Well-defined CwF of realizability `a la game semantics)
The struc-ture
NPG wowrw given in Definition 3.38 forms a well-defined CwF.Proof
We focus on substitutions on terms and extensions as other verifications arestraightforward. Let Γ , ∆ ∈ NPG wowrw , A ∈ D NPG wowrw (Γ), ⊎ φ ∈ NPG wowrw (∆ , Γ), ⊎ α ∈T S wr (Π wrw (Γ , A )) and ⊎ ˜ α ∈ T S wr (Π wrw (∆ , A {⊎ φ } )), and assume that R cpwr (Γ) = ∅ and R cpwr (∆) = ∅ , following our convention, since the other cases are trivial.By Lemma 3.12, ⊎ α {⊎ φ } = ⊎ α • ⊎ φ is a winning, recursive t-skeleton on ˆ!∆ _ R Γ A . Take any ⊎ δ ∈ NPG wowrw (∆); for proving ⊎ α {⊎ φ } ∈ T S wr (Π wrw (∆ , A {⊎ φ } )),it remains to show ( ⊎ α • ⊎ φ ) • ⊎ δ :: ! _ A {⊎ φ } ( ⊎ δ ). Then, we calculate( ⊎ α • ⊎ φ ) • ⊎ δ = ( ⊎ α ◦ ⊎ φ † ) ◦ ⊎ δ † = ⊎ α ◦ ( ⊎ φ ◦ ⊎ δ † ) † (by Lemma 3.25)= ⊎ α ◦ ( ⊎ φ • ⊎ δ ) † :: ! _ A ‡ (( ⊎ φ • ⊎ δ ) † ) , where A ‡ (( ⊎ φ • ⊎ δ ) † ) = A ( ⊎ φ • ⊎ δ )= A {⊎ φ } ( ⊎ δ ) . Hence, we have shown that ⊎ α {⊎ φ } ∈ T S wr (Π wrw (∆ , A {⊎ φ } )) holds.Similarly, the extension h⊎ φ, ⊎ ˜ α i is a winning, recursive t-skeleton on ˆ!∆ _ Γ &( R Γ A ) by Lemma 3.24. Hence, for proving h⊎ φ, ⊎ ˜ α i ∈ NPG wowrw (∆ , Σ wrw (Γ , A )), amada Page 43 of 63 it suffices to show ⊎ ˜ α • ⊎ δ :: ! _ A ( ⊎ φ • ⊎ δ ) since we have h⊎ φ, ⊎ ˜ α i • ⊎ δ = h⊎ φ • ⊎ δ, ⊎ ˜ α • ⊎ δ i with ⊎ φ • ⊎ δ winning and recursive. Then, we calculate ⊎ ˜ α • ⊎ δ :: ! _ A {⊎ φ } ( ⊎ δ ) = ! _ A ( ⊎ φ • ⊎ δ ) . Finally, let us verify the required equations: • (Ty-Id) A { id Γ } = ( A ( ⊎ der Γ • ⊎ γ )) ⊎ γ ∈ NPG wowrw (Γ) = ( A ( ⊎ γ )) ⊎ γ ∈ NPG wowrw (Γ) = A by Lemma 3.25; • (Ty-Comp) Given Θ ∈ NPG wowrw and ⊎ ψ : Γ → Θ in
NPG wowrw , we calculate A {⊎ ψ • ⊎ φ } = ( A (( ⊎ ψ • ⊎ φ ) • ⊎ δ )) ⊎ δ ∈ NPG wowrw (∆) = ( A ( ⊎ ψ • ( ⊎ φ • ⊎ δ ))) ⊎ δ ∈ NPG wowrw (∆) (by Lemma 3.25)= ( A {⊎ ψ } ( ⊎ φ • ⊎ δ )) ⊎ δ ∈ NPG wowrw (∆) = ( A {⊎ ψ }{⊎ φ } ( ⊎ δ )) ⊎ δ ∈ NPG wowrw (∆) = A {⊎ ψ }{⊎ φ } ; • (Tm-Id) ⊎ α { id Γ } = ⊎ α •⊎ der Γ = ⊎ α ◦⊎ cp ˆ!Γ = ⊎ α by Lemmata 3.22 and 3.25; • (Tm-Comp) ⊎ α {⊎ ψ •⊎ φ } = ⊎ α • ( ⊎ ψ •⊎ φ ) = ( ⊎ α •⊎ ψ ) •⊎ φ = ⊎ α {⊎ ψ }•⊎ φ = ⊎ α {⊎ ψ }{⊎ φ } by Lemma 3.25; • (Cons-L) p( A ) • h⊎ ψ, ⊎ ˜ α i = fst ◦ h⊎ ψ, ⊎ ˜ α i † = fst ◦ h⊎ ψ † , ⊎ ˜ α † i = ⊎ ψ ; • (Cons-R) v A {h⊎ ψ, ⊎ ˜ α i} = snd ◦ h⊎ ψ, ⊎ ˜ α i † = snd ◦ h⊎ ψ † , ⊎ ˜ α † i = ⊎ ˜ α ; • (Cons-Nat) h⊎ ψ, ⊎ ˜ α i • ⊎ φ = h⊎ ψ • ⊎ φ, ⊎ ˜ α • ⊎ φ i = h⊎ ψ • ⊎ φ, ⊎ ˜ α {⊎ φ }i ; • (Cons-Id) h p( A ) , v A i = h fst Σ wrw (Γ ,A ) , snd Σ wrw (Γ ,A ) i = ⊎ der Σ wrw (Γ ,A ) = id Γ .A ,which completes the proof.Let us then proceed to equip the CwF NPG wowrw with semantic type formers forunit-, empty-, N-, pi-, sigma- and Id-types. We begin with pi-types (Appendix A.6).Recall first the semantic type former for pi-types in an arbitrary CwF:
Definition 3.40 (CwFs with pi-types [20]) A CwF C supports pi if • ( Π -Form) Given Γ ∈ C , A ∈ Ty(Γ) and B ∈ Ty(Γ .A ), there is a typeΠ( A, B ) ∈ Ty(Γ); • ( Π -Intro) Given b ∈ Tm(Γ .A, B ), there is a term λ A,B ( b ) ∈ Tm(Γ , Π( A, B )); • ( Π -Elim) Given k ∈ Tm(Γ , Π( A, B )) and a ∈ Tm(Γ , A ), there is a termApp
A,B ( k, a ) ∈ Tm(Γ , B { a } ), where a := h id Γ , a i A : Γ → Γ .A ; • ( Π -Comp) App
A,B ( λ A,B ( b ) , a ) = b { a } ; • ( Π -Subst) Given ∆ ∈ C and f : ∆ → Γ in C , Π( A, B ) { f } = Π( A { f } , B { f + } ),where f + := h f ◦ p( A { f } ) , v A { f } i A : ∆ .A { f } → Γ .A ; • ( λ -Subst) λ A,B ( b ) { f } = λ A { f } ,B { f + } ( b { f + } ) ∈ Tm(∆ , Π( A { f } , B { f + } )); • (App-Subst) App
A,B ( k, a ) { f } = App A { f } ,B { f + } ( k { f } , a { f } ) ∈ Tm(∆ , B { a }{ f } ).Furthermore, C supports pi in the strict sense if it additionally satisfies • ( λ -Uniq) λ A,B ◦ App A { p( A ) } ,B { p( A ) + } ( k { p( A ) } , v A ) = k .Pi-types (with the η -rule) are modeled in a CwF that supports pi (in the strictsense); see Appendix A.6 for the details.Let us now show that the CwF NPG wowrw supports pi in the strict sense: amada Page 44 of 63
Lemma 3.41 (Winning-realizer-wise currying lemma)
Given Γ ∈ NPG wowrw , A ∈ D NPG wowrw (Γ) and B ∈ D NPG wowrw (Σ wrw (Γ , A )) , there is a bijection λ A,B : T S wr (Π wrw (Σ wrw (Γ , A ) , B )) ∼ → T S wr (Π wrw (Γ , Π wrw ( A, B ))) , where Π wrw ( A, B ) := (Π wrw ( A ( ⊎ γ ) , B ⊎ γ )) ⊎ γ ∈ NPG wowrw (Γ) and B ⊎ γ := ( B ( h⊎ γ, ⊎ α i ) ⊎ α ∈ NPG wowrw ( A ( ⊎ γ )) .Proof It suffices to show that there is a bijection between (not necessarily winningor recursive) t-skeletons on Π wrw (Σ wrw (Γ , A ) , B ) and those on Π wrw (Γ , Π wrw ( A, B ))up to finitary ‘tags’ since such a bijection preserves winning and recursiveness.Recall that a t-skeleton ⊎ φ :: Π wrw (Σ wrw (Γ , A ) , B ) is the disjoint union on afamily φ = ( φ ( σ † ,e ) ) ( σ † ,e ) ∈ R cpwr (ˆ!Σ wrw (Γ ,A )) of t-skeletons φ ( σ † ,e ) :: σ † _ cod φ ( σ † , e )such that cod φ ( σ † , e ) ∈ T S wr ( B ( ⊎{ σ ˆ! } )), each φ ( σ † ,e ) does not depend on σ † , andthe realizer-map π φ is ‘effective’ (Definitions 3.10, 3.11, 3.30 and 3.31).Similarly, a t-skeleton ⊎ ψ :: Π wrw (Γ , Π wrw ( A, B )) is the disjoint union on a family ψ = ( ψ ( γ † ,f ) ) ( γ † ,f ) ∈ R cpwr (ˆ!Γ) of t-skeletons ψ ( γ † ,f ) :: γ † _ cod ψ ( γ † , f ) such thatcod ψ ( γ † , f ) ∈ T S wr (Π wrw ( A, B )( ⊎{ γ ˆ! } )), each ψ ( γ † ,f ) does not depend on γ † , andthe realizer-map π ψ is ‘effective.’ Note that for each σ † ∈ T S wr (ˆ!Σ(Γ , A )) we maywrite σ † = h γ † , α † i for some γ ∈ T S wr (Γ) and α ∈ T S wr ( A ( ⊎{ γ ˆ! } )).Then, by applying the currying on skeletons in game semantics [33, 36], whichsimply adjusts the finitary ‘tags’ for product and implication appropriately, to eachcomponent φ ( σ † ,e ) of a t-skeleton ⊎ φ :: Π wrw (Σ wrw (Γ , A ) , B ) in the evident way, it iseasy to see that we get a t-skeleton λ A,B ( ⊎ φ ) :: Π wrw (Γ , Π wrw ( A, B )). Finally, thisoperation on t-skeletons has the evident inverse, which completes the proof.
Remark
The proof of Lemma 3.41 is essentially the same as the corresponding onegiven in the previous work [35], and thus it explains why our realizability `a la gamesemantics validates the ξ -rule just like the existing game semantics does. Theorem 3.42 (Realizability model of pi-types `a la game semantics)
The CwF
NPG wowrw supports pi in the strict sense.Proof
Let Γ ∈ NPG wowrw , A ∈ D NPG wowrw (Γ), B ∈ D NPG wowrw (Σ wrw (Γ , A )) and ⊎ β ∈T S wr (Π wrw (Σ wrw (Γ , A ) , B )). • ( Π -Form) Let us define Π(
A, B ) := (Π wrw ( A ( ⊎ γ ) , B ⊎ γ )) ⊎ γ ∈ NPG wowrw (Γ) , where B ⊎ γ := ( B ( h⊎ γ, ⊎ ˜ α i ) ⊎ ˜ α ∈ NPG wowrw ( A ( ⊎ γ )) ∈ D NPG wowrw ( A ( ⊎ γ )). To distinguish itfrom the game semantics of pi-types in [35], we write Π wrw ( A, B ) for Π(
A, B ). • ( Π -Intro) We get λ A,B ( ⊎ β ) ∈ T S wr (Π wrw (Γ , Π wrw ( A, B ))) by Lemma 3.41,where recall that λ A,B and λ − A,B simply ‘adjust finitary tags’ on standardmoves. We often omit the subscripts ( )
A,B on λ A,B and λ − A,B . • ( Π -Elim) Given ⊎ κ ∈ T S wr (Π wrw (Γ , Π wrw ( A, B ))) and ⊎ α ∈ T S wr (Π wrw (Γ , A )),we define App A,B ( ⊎ κ, ⊎ α ) := λ − A,B ( ⊎ κ ) •⊎ α . As in the proof of Theorem 3.39, λ − A,B ( ⊎ κ ) •⊎ α :: Π wrw (Γ , B {⊎ α } ), and so App A,B ( ⊎ κ, ⊎ α ) = λ − A,B ( ⊎ κ ) •⊎ α ∈T S wr (Π wrw (Γ , B {⊎ α } )). We often omit the subscripts A, B on App
A,B . • ( Π -Comp) App( λ ( ⊎ β ) , ⊎ α ) = λ − A,B ( λ A,B ( ⊎ β )) • ⊎ α = ⊎ β • ⊎ α = ⊎ β {⊎ α } . amada Page 45 of 63 • ( Π -Subst) Given ∆ ∈ NPG wowrw and ⊎ φ ∈ NPG wowrw (∆ , Γ), we calculateΠ wrw ( A, B ) {⊎ φ } = (Π wrw ( A ( ⊎ γ ) , B ⊎ γ )) ⊎ γ ∈ NPG wowrw (Γ) {⊎ φ } = (Π wrw ( A ( ⊎ φ • ⊎ δ ) , B ⊎ φ •⊎ δ )) ⊎ δ ∈ NPG wowrw (∆) = (Π wrw ( A {⊎ φ } ( ⊎ δ ) , B {⊎ φ + } ⊎ δ )) ⊎ δ ∈ NPG wowrw (∆) = Π wrw ( A {⊎ φ } , B {⊎ φ + } ) , where B {⊎ φ + } ⊎ δ = B ⊎ φ •⊎ δ since for all ⊎ α ′ ∈ NPG wowrw ( A ( ⊎ φ • ⊎ δ )) we have B {⊎ φ + } ⊎ δ ( ⊎ α ′ ) = B {⊎ φ + } ( h⊎ δ, ⊎ α ′ i )= B ( h⊎ φ • p( A {⊎ φ } ) , v A {⊎ φ } i • h⊎ δ, ⊎ α ′ i )= B ( h⊎ φ • ⊎ δ, ⊎ α ′ i )= B ⊎ φ •⊎ δ ( ⊎ α ′ ) . • ( λ -Subst) We calculate λ ( ⊎ β ) {⊎ φ } = λ A,B ( ⊎ β ) • ⊎ φ = λ A {⊎ φ } ,B {⊎ φ + } ( ⊎ β • h⊎ φ • fst , snd i ) (by the definition of λ )= λ A {⊎ φ } ,B {⊎ φ + } ( ⊎ β • h⊎ φ • p( A {⊎ φ } ) , v A {⊎ φ } i )= λ A {⊎ φ } ,B {⊎ φ + } ( ⊎ β {⊎ φ + } ) . • (App-Subst) We calculateApp( ⊎ κ, ⊎ α ) {⊎ φ } = ( λ − A,B ( ⊎ κ ) • h⊎ der Γ , ⊎ α i ) • ⊎ φ = λ − A,B ( ⊎ κ ) • ( h⊎ der Γ , ⊎ α i • ⊎ φ )= λ − A,B ( ⊎ κ ) • h⊎ φ, ⊎ α • ⊎ φ i = λ − A,B ( ⊎ κ ) • ( h⊎ φ • p( A {⊎ φ } ) , v A {⊎ φ } i • h⊎ der ∆ , ⊎ α • ⊎ φ i )= ( λ − A,B ( ⊎ κ ) • ⊎ φ + ) • ( ⊎ α • ⊎ φ )= λ − A {⊎ φ } ,B {⊎ φ + } ( ⊎ κ • ⊎ φ ) • ( ⊎ α • ⊎ φ ) (by λ -Subst)= λ − A {⊎ φ } ,B {⊎ φ + } ( ⊎ κ • ⊎ φ ) { ( ⊎ α • ⊎ φ ) } = App A {⊎ φ } ,B {⊎ φ + } ( ⊎ κ • ⊎ φ, ⊎ α • ⊎ φ ) (by Π-Comp)= App A {⊎ φ } ,B {⊎ φ + } ( ⊎ κ {⊎ φ } , ⊎ α {⊎ φ } ) . • ( λ -Uniq) Finally, we calculate λ (App( ⊎ κ { p( A ) } , v A )) = λ A,B ( λ − A { p( A ) } ,B { p( A ) + } ( ⊎ κ { p( A ) } ) • v A )= λ A,B (( λ − A,B ( ⊎ κ ) • p( A ) + ) • v A ) (by λ -Subst)= λ A,B ( λ − A,B ( ⊎ κ ) • (p( A ) + • v A ))= λ A,B ( λ − A,B ( ⊎ κ ) • ⊎ der Σ wrw (Γ ,A ) )= λ A,B ( λ − A,B ( ⊎ κ ))= ⊎ κ, amada Page 46 of 63 which completes the proof.Next, we consider sigma-types (Appendix A.7). Again, we first recall the semantictype former for sigma-types in an arbitrary CwF: Definition 3.43 (CwFs with sigma-types [20]) A CwF C supports sigma if • ( Σ -Form) Given Γ ∈ C , A ∈ Ty(Γ) and B ∈ Ty(Γ .A ), there is a typeΣ( A, B ) ∈ Ty(Γ); • ( Σ -Intro) There is a morphism Pair
A,B : Γ .A.B → Γ . Σ( A, B ) in C ; • ( Σ -Elim) Given P ∈ Ty(Γ . Σ( A, B )) and p ∈ Tm(Γ .A.B, P { Pair
A,B } ), thereis a term R Σ A,B,P ( p ) ∈ Tm(Γ . Σ( A, B ) , P ); • ( Σ -Comp) R Σ A,B,P ( p ) { Pair
A,B } = p ; • ( Σ -Subst) Given ∆ ∈ C and f : ∆ → Γ in C , Σ( A, B ) { f } = Σ( A { f } , B { f + } ),where f + := h f ◦ p( A { f } ) , v A { f } i A : ∆ .A { f } → Γ .A ; • (Pair-Subst) p(Σ( A, B )) ◦ Pair
A,B = p( A ) ◦ p( B ) and f ⋆ ◦ Pair A { f } ,B { f + } =Pair A,B ◦ f ++ , where f ⋆ := h f ◦ p(Σ( A, B ) { f } ) , v Σ( A,B ) { f } i Σ( A,B ) : ∆ . Σ( A, B ) { f } → Γ . Σ( A, B ); f ++ := h f + ◦ p( B { f + } ) , v B { f + } i B : ∆ .A { f } .B { f + } → Γ .A.B ; • ( R Σ -Subst) R Σ A,B,P ( p ) { f ⋆ } = R Σ A { f } ,B { f + } ,P { f ⋆ } ( p { f ++ } ).Moreover, C supports sigma in the strict sense if it also satisfies • ( R Σ -Uniq) If p ∈ Tm(Γ .A.B, P { Pair
A,B } ), q ∈ Tm(Γ . Σ( A, B ) , P ) and q { Pair
A,B } = p , then q = R Σ A,B,P ( p ).Sigma-types (with the η -rule) are modeled in a CwF that supports sigma (in thestrict sense); see Appendix A.7 for the details.Now, let us describe our interpretation of sigma-types: Theorem 3.44 (Realizability model of sigma-types `a la game semantics)
TheCwF
NPG wowrw supports sigma in the strict sense.Proof
Let Γ , ∆ ∈ NPG wowrw , ⊎ φ ∈ NPG wowrw (∆ , Γ), A ∈ D NPG wowrw (Γ) and B ∈ D NPG wowrw (Σ wrw (Γ , A )). • ( Σ -Form) Similarly to pi, let Σ(
A, B ) := (Σ wrw ( A ( ⊎ γ ) , B ⊎ γ )) ⊎ γ ∈ NPG wowrw (Γ) .Again, to distinguish it from the game semantics of sigma-types given in theprevious work [35], we write Σ wrw ( A, B ) for Σ(
A, B ). • ( Σ -Intro) By the isomorphism Σ wrw (Σ wrw (Γ , A ) , B ) ∼ = Σ wrw (Γ , Σ wrw ( A, B )),which is similar to (and simpler than) the one in Lemma 3.41 and left to thereader, let Pair
A,B : Σ wrw (Σ wrw (Γ , A ) , B ) → Σ wrw (Γ , Σ wrw ( A, B )) be the ev-ident w.r.w. dereliction up to ‘tags,’ or Pair
A,B := h fst • fst , h snd • fst , snd ii .Note that there is the evident inverse Pair − A,B = hh fst , fst • snd i , snd • snd i . • ( Σ -Elim) We define R Σ A,B,P ( ⊎ ρ ) ∈ T S wr (Π wrw (Σ wrw (Γ , Σ wrw ( A, B )) , P )) tobe the composition ⊎ ρ • Pair − A,B for any P ∈ D NPG wowrw (Σ wrw (Γ , Σ wrw ( A, B )))and ⊎ ρ ∈ T S wr (Π wrw (Σ wrw (Σ wrw (Γ , A ) , B ) , P { Pair
A,B } )). amada Page 47 of 63 • ( Σ -Comp) We calculate R Σ A,B,P ( ⊎ ρ ) { Pair
A,B } = R Σ A,B,P ( ⊎ ρ ) • Pair
A,B = ( ⊎ ρ • Pair − A,B ) • Pair
A,B = ⊎ ρ • (Pair − A,B • Pair
A,B )= ⊎ ρ • ⊎ der Σ wrw (Σ wrw (Γ ,A ) ,B ) = ⊎ ρ. • ( Σ -Subst) Similar to the case of pi. • (Pair-Subst) We calculatep(Σ wrw ( A, B )) • Pair
A,B = fst • h fst • fst , h snd • fst , snd ii = fst • fst= p( A ) • p( B ) , and ⊎ φ ⋆ • Pair A {⊎ φ } ,B {⊎ φ + } = h⊎ φ • p(Σ wrw ( A, B ) {⊎ φ } ) , v Σ wrw ( A,B ) {⊎ φ } i • Pair A {⊎ φ } ,B {⊎ φ + } = h⊎ φ • p(Σ wrw ( A {⊎ φ } , B {⊎ φ + } )) • Pair A {⊎ φ } ,B {⊎ φ + } , v Σ wrw ( A,B ) {⊎ φ } • Pair A {⊎ φ } ,B {⊎ φ + } i = h⊎ φ • p( A {⊎ φ } ) • p( B {⊎ φ + } ) , v Σ wrw ( A {⊎ φ } ,B {⊎ φ + } ) • Pair A {⊎ φ } ,B {⊎ φ + } i (by the above equations)= h⊎ φ • fst • fst , snd • h fst • fst , h snd • fst , snd iii = h⊎ φ • fst • fst , h snd • fst , snd ii = h fst • fst , h snd • fst , snd ii • hh⊎ φ • fst • fst , snd • fst i , snd i = h fst • fst , h snd • fst , snd ii • hh⊎ φ • fst , snd i • fst , snd i = Pair A,B • hh⊎ φ • p( A {⊎ φ } ) , v A {⊎ φ } i • p( B {⊎ φ + } ) , v B {⊎ φ + } i = Pair A,B • h⊎ φ + • p( B {⊎ φ + } ) , v B {⊎ φ + } i = Pair A,B • ⊎ φ ++ . • ( R Σ -Subst) We calculate R Σ A,B,P ( ⊎ ρ ) {⊎ φ ⋆ } = ⊎ ρ • Pair − A,B • h⊎ φ • p(Σ wrw ( A, B ) {⊎ φ } , v Σ wrw ( A,B ) {⊎ φ } i = ⊎ ρ • hh fst , fst • snd i , snd • snd i • h⊎ φ • fst , snd i = ⊎ ρ • hh⊎ φ • fst , fst • snd i , snd • snd i = ⊎ ρ • hh⊎ φ • fst , snd i • fst , snd i • hh fst , fst • snd i , snd • snd i = ⊎ ρ • h⊎ φ + • fst , snd i • hh fst , fst • snd i , snd • snd i = ⊎ ρ • h⊎ φ + • p( B {⊎ φ + } ) , v B {⊎ φ + } i • Pair − A {⊎ φ } ,B {⊎ φ + } = R Σ A {⊎ φ } ,B {⊎ φ + } ,P {⊎ φ ⋆ } ( ⊎ ρ • h⊎ φ + • p( B {⊎ φ + } ) , v B {⊎ φ + } i )= R Σ A {⊎ φ } ,B {⊎ φ + } ,P {⊎ φ ⋆ } ( ⊎ ρ {⊎ φ ++ } ) . amada Page 48 of 63 • ( R Σ -Uniq) If a given t-skeleton ⊎ ̺ ∈ T S wr (Π wrw (Σ wrw (Γ , Σ wrw ( A, B )) , P ))satisfies the equation ⊎ ̺ { Pair
A,B } = ⊎ ρ then we have ⊎ ̺ = ⊎ ρ • Pair − A,B = R Σ A,B,P ( ⊎ ρ ) , which completes the proof.We proceed to model N-type (Appendix A.5). Again, let us first recall the semantictype former for N-type in an arbitrary CwF: Definition 3.45 (CwFs with N-type [20] [12] ) A CwF C supports N or naturalnumbers if • ( N -Form) Given Γ ∈ C , there is a type N Γ ∈ Ty(Γ), called natural number(N-) type in Γ, which we often abbreviate as N ; • ( N -Intro) There are a term and a morphism in C Γ ∈ Tm(Γ , N ) succ Γ : Γ .N → Γ .N that satisfy the equations0 Γ { f } = 0 ∆ ∈ Tm(∆ , N ) p( N ) ◦ succ Γ = p( N ) : Γ .N → Γsucc Γ ◦ h g, v N i N = h g, v N { succ ∆ }i N : ∆ .N → Γ .N for any morphisms f : ∆ → Γ and g : ∆ .N → Γ in C ; Notation
Let us define zero Γ := h id Γ , Γ i N : Γ → Γ .N for each Γ ∈ C ; itthen satisfies zero Γ ◦ f = h f, ∆ i N = h f, v N { zero ∆ }i N : ∆ → Γ .N for anymorphism f : ∆ → Γ in C . We often omit the subscript ( ) Γ on 0 Γ , zero Γ andsucc Γ . Also, for each n ∈ N , we define n Γ ∈ Tm(Γ , N ) by – Γ is already given; – n + 1 Γ := v N { succ Γ ◦ h id Γ , n Γ i} ; • ( N -Elim) Given a type P ∈ Ty(Γ .N ), and terms z ∈ Tm(Γ , P { zero } ) and s ∈ Tm(Γ .N.P, P { succ ◦ p( P ) } ), there is a term R NP ( z, s ) ∈ Tm(Γ .N, P ); • ( N -Comp) We have the equations R NP ( z, s ) { zero } = z ∈ Tm(Γ , P { zero } ); R NP ( z, s ) { succ } = s {h id Γ .N , R NP ( z, s ) i P } ∈ Tm(Γ .N, P { succ } ); • ( N -Subst) N Γ { f } = N ∆ ∈ Ty(∆); [12]
The definition is left to the reader in [20], and thus Definition 3.45 is the presentauthor’s solution, which may be shown to be sound in the same manner as the caseof pi- and sigma-types [20]. This point is applied to empty-type given below as well. amada Page 49 of 63 • ( R N -Subst) R NP ( z, s ) { f + } = R NP { f + } ( z { f } , s { f ++ } ) ∈ Tm(∆ .N, P { f + } ),where f + := h f ◦ p( N ) , v N i N : ∆ .N → Γ .Nf ++ := h f + ◦ p( P { f + } ) , v P { f + } i P : ∆ .N.P { f + } → Γ .N.P. N-type is modeled in a CwF that supports natural numbers; see Appendix A.5for the details.We now propose our game semantics of N-type by basically employing the total fragment of the standard game semantics of PCF `a la McCusker [33]:
Theorem 3.46 (Realizability model of N-type `a la game semantics)
The CwF
NPG wowrw supports natural numbers.Proof
Let Γ , ∆ ∈ NPG wowrw and ⊎ φ ∈ NPG wowrw (∆ , Γ), and assume that R cpwr (Γ) = ∅ and R cpwr (∆) = ∅ since the other cases are trivial. • ( N -Form) Let N Γ be the constant dependent np-game on Γ valued at N (Example 3.9), for which we write { N } Γ or { N } . • ( N -Intro) Let 0 Γ ∈ T S wr (Π wrw (Γ , { N } )) be ⊎{ } :: ˆ!Γ _ N up to ‘tags,’and succ Γ : Σ wrw (Γ , { N [0] } ) → Σ wrw (Γ , { N [1] } ) the pairing h p( { N } ) , ⊎ s Γ i ,where the superscripts ( ) [ i ] ( i = 0 ,
1) are to distinguish the two copies of N ,and the DoWRWLI ⊎ s Γ :: Π wrw (Σ wrw (Γ , { N [0] } ) , { N [1] } ) is defined bys Γ( σ † ,e ) := Pref( { q [1] .q [0] .n [0] . ( n + 1) [1] } ) ( n := snd • σ )up to ‘tags’ for each ( σ † , e ) ∈ R cpwr (ˆ!Σ wrw (Γ , { N [0] } )). Clearly, 0 Γ •⊎ φ = 0 ∆ and ⊎ s Γ • h⊎ ψ, v { N } ∆ i = ⊎ s ∆ = v { N } ∆ { succ ∆ } , where ⊎ ψ : Σ wrw (∆ , { N } ∆ ) → Γis any morphism in
NPG wowrw , and therefore the required equations hold. • ( N -Elim) Given P ∈ D NPG wowrw (Σ wrw (Γ , { N } )), ⊎ ζ ∈ T S wr (Π wrw (Γ , P { zero } ))and ⊎ σ ∈ T S wr (Π wrw (Σ wrw (Σ wrw (Γ , { N } ) , P ) , P { succ ◦ p( P ) } )), there are ⊎ ˜ ζ ∈ T S wr (Π wrw (Σ wrw (Π wrw (Σ wrw (Γ , { N } ) , P ) , { Σ wrw (Γ , { N } ) } ) , P { zero • fst • snd } )) ⊎ ˜ σ ∈ T S wr (Π wrw (Σ wrw (Π wrw (Σ wrw (Γ , { N } ) , P ) , { Σ wrw (Γ , { N } ) } ) , P { succ • pred • snd } )) defined respectively by ⊎ ˜ ζ : Π wrw (Σ wrw (Γ , { N } ) , P ) & Σ wrw (Γ , { N } ) snd −→ Σ wrw (Γ , { N } ) fst −→ Γ ⊎ ζ −→ R P { zero } ; ⊎ ˜ σ : Π wrw (Σ wrw (Γ , { N } ) , P ) & Σ wrw (Γ , { N } ) h pred • snd , ev P {h fst , pred • snd i}i −→ Σ wrw (Γ , { N } ) & R P ⊎ σ −→ R P { succ ◦ fst } , where ev P ∈ T S wr (Π wrw (Σ wrw (Π wrw (Σ wrw (Γ , { N } ) , P ) , { Σ wrw (Γ , { N } ) } ) , P { snd } ))is the evaluation on P [33, 36] given by ev P := λ − ( ⊎ der Π wrw (Σ wrw (Γ , { N } ) ,P ) ),and pred : Σ wrw (Γ , { N } ) → Σ wrw (Γ , { N } ) is the predecessor [33] given simi-larly to succ such that pred • succ = ⊎ der Σ wrw (Γ , { N } ) and pred • zero = zero.In addition, let us define P z := P { zero • p( N ) } ) ∈ D NPG wowrw (Σ wrw (Γ , { N } )); P s := P { succ • pred • p( P z ) } ∈ D NPG wowrw (Σ wrw (Σ wrw (Γ , { N } ) , P z )) , amada Page 50 of 63 and then we havecond P ∈ T S wr (Π wrw (Σ wrw (Σ wrw (Σ wrw (Γ , { N } ) , P z ) , P s ) , P { p( P z ) • p( P s ) } ))that is the standard interpretation of conditionals on P [33, 36]: It first asksan input natural number in the component N of the domain, and plays as thew.r.w. dereliction between P z and P { p( P z ) • p( P s ) } if the answer is 0, and asthe w.r.w. dereliction between P s and P { p( P z ) • p( P s ) } otherwise. Then, wedefine F NP ( ⊎ ζ, ⊎ σ ) : Π wrw (Σ wrw (Γ , { N } ) , P ) → Π wrw (Σ wrw (Γ , { N } ) , P ) by F NP ( ⊎ ζ, ⊎ σ ) := λ { Σ wrw (Γ , { N } ) } , { P { snd }} (cond P {hh snd , ⊎ ˜ ζ i , ⊎ ˜ σ i} ) . Finally, we define R NP ( ⊎ ζ, ⊎ σ ) ∈ T S wr (Π wrw (Σ wrw (Γ , { N } ) , P )) to be theleast upper bound of the chain (cid:0) R NP ( ⊎ ζ, ⊎ σ ) n ∈ T S wr (Π wrw (Σ wrw (Γ , { N } ) , P )) (cid:1) n ∈ N : R NP ( ⊎ ζ, ⊎ σ ) := ⊤ (up to ‘tags’); R NP ( ⊎ ζ, ⊎ σ ) n +1 := F NP ( ⊎ ζ, ⊎ σ ) • R NP ( ⊎ ζ, ⊎ σ ) n . • ( N -Comp) By the definition of R NP ( ⊎ ζ, ⊎ σ ), we calculate R NP ( ⊎ ζ, ⊎ σ ) { zero } = ⊎ ζ ; R NP ( ⊎ ζ, ⊎ σ ) { succ } = ⊎ σ {h⊎ der Σ(Γ , { N } ) , R NP ( ⊎ ζ, ⊎ σ ) i} . • ( N -Subst) { N } Γ {⊎ φ } = { N } ∆ . • ( R N -Subst) Finally, by the definition of R NP ( ⊎ ζ, ⊎ σ ), we calculate R NP ( ⊎ ζ, ⊎ σ ) {⊎ φ + } = R NP {⊎ φ + } ( ⊎ ζ {⊎ φ } , ⊎ σ {⊎ φ ++ } )(or R NP ( ⊎ ζ, ⊎ σ ) n {⊎ φ + } = R NP {⊎ φ + } ( ⊎ ζ {⊎ φ } , ⊎ σ {⊎ φ ++ } ) n for all n ∈ N ).We proceed to model identity (Id-) types (Appendix A.8). Again, we first reviewthe semantic type former for Id-types in an arbitrary CwF: Definition 3.47 (CwFs with Id-types [20]) A CwF C supports Id if • (Id-Form) Given Γ ∈ C and A ∈ Ty(Γ), there is a type Id A ∈ Ty(Γ .A.A + ),where A + := A { p( A ) } ∈ Ty(Γ .A ); • (Id-Intro) There is a morphism Refl A : Γ .A → Γ .A.A + . Id A in C ; • (Id-Elim) Given B ∈ Ty(Γ .A.A + . Id A ) and b ∈ Tm(Γ .A, B { Refl A } ), there isa term R Id A,B ( b ) ∈ Tm(Γ .A.A + . Id A , B ); • (Id-Comp) R Id A,B ( b ) { Refl A } = b ; • (Id-Subst) Id A { f ++ } = Id A { f } ∈ Ty(∆ .A { f } .A { f } + ) for all ∆ ∈ C and f : ∆ → Γ in C , where A { f } + := A { f }{ p( A { f } ) } ∈ Ty(∆ .A { f } ); f + := h f ◦ p( A { f } ) , v A { f } i A : ∆ .A { f } → Γ .A ; f ++ := h f + ◦ p( A + { f + } ) , v A + { f + } i A + : ∆ .A { f } .A + { f + } → Γ .A.A + ; amada Page 51 of 63 • (Refl-Subst) Refl A ◦ f + = f +++ ◦ Refl A { f } : ∆ .A { f } → Γ .A.A + . Id A , where f +++ := h f ++ ◦ p(Id A { f ++ } ) , v Id A { f ++ } i Id A : ∆ .A { f } .A + { f + } . Id A { f } → Γ .A.A + . Id A ; • ( R Id -Subst) R Id A,B ( b ) { f +++ } = R Id A { f } ,B { f +++ } ( b { f + } ).Id-types are modeled in a CwF that supports Id; see Appendix A.8 for the details.We then equip the CwF NPG wowrw with our game-semantic Id-types:
Theorem 3.48 (Realizability model of Id-types `a la game semantics)
The CwF
NPG wowrw supports Id.Proof
Let Γ , ∆ ∈ NPG wowrw , ⊎ φ ∈ NPG wowrw (∆ , Γ) and A ∈ D NPG wowrw (Γ). • (Id-Form) We define Id A ∈ D NPG wowrw (Σ wrw (Σ wrw (Γ , A ) , A + )) by Id A :=(Id A ( ⊎ γ ) ( ⊎ α, ⊎ α ′ )) hh⊎ γ, ⊎ α i , ⊎ α ′ i∈ NPG wowrw (Σ wrw (Σ wrw (Γ ,A ) ,A + )) . • (Id-Intro) Let Refl A : Σ wrw (Γ , A [1] ) → Σ wrw (Σ wrw (Σ wrw (Γ , A [2] ) , ( A [3] ) + ) , Id A )be what plays by the w.r.w. dereliction between Σ wrw (Γ , A [1] ) and Σ wrw (Γ , A [2] ),between R Γ A [1] and R Γ ( A [3] ) + , and trivially on Σ wrw (Γ , A [1] ) → , where thesuperscripts ( ) [ i ] ( i = 1 , ,
3) are to distinguish the three copies of A . Theinverse Refl − A : Σ wrw (Σ wrw (Σ wrw (Γ , A [2] ) , ( A [3] ) + ) , Id A ) → Σ wrw (Γ , A [1] ) isthe w.r.w. dereliction between Σ wrw (Γ , A [2] ) and Σ wrw (Γ , A [1] ) up to ‘tags.’ • (Id-Elim) Given B ∈ D NPG wowrw (Σ wrw (Σ wrw (Σ wrw (Γ , A [2] ) , ( A [3] ) + ) , Id A ))and ⊎ β ∈ T S wr (Π wrw (Σ wrw (Γ , A ) , B { Refl A } )), we define R Id A,B ( ⊎ β ) := ⊎ β • Refl − A ∈ T S wr (Π wrw ((Σ wrw (Σ wrw (Σ wrw (Γ , A ) , A + ) , Id A ) , B )) . • (Id-Comp) We then calculate R Id A,B ( ⊎ β ) { Refl A } = R Id A,B ( ⊎ β ) • Refl A = ( ⊎ β • Refl − A ) • Refl A = ⊎ β • (Refl − A • Refl A )= ⊎ β • ⊎ der Σ wrw (Γ ,A ) = ⊎ β. • (Id-Subst) We calculateId A {⊎ φ ++ } = (Id A ( ⊎ γ ) ( ⊎ α, ⊎ α ′ )) hh⊎ γ, ⊎ α i , ⊎ α ′ i∈ NPG wowrw (Σ wrw (Σ wrw (Γ ,A ) ,A + )) {⊎ φ ++ } = (Id A ( hh⊎ γ, ⊎ α i , ⊎ α ′ i )) hh⊎ γ, ⊎ α i , ⊎ α ′ i∈ NPG wowrw (Σ wrw (Σ wrw (Γ ,A ) ,A + ) {⊎ φ ++ } = (Id A ( ⊎ φ ++ • hh⊎ δ, ⊎ α i , ⊎ α ′ i )) hh⊎ δ, ⊎ α i , ⊎ α ′ i∈ NPG wowrw (Σ wrw (Σ wrw (∆ ,A {⊎ φ } ) ,A {⊎ φ } + )) = (Id A ( h⊎ φ • ⊎ δ, ⊎ α i , ⊎ α ′ i )) hh⊎ δ, ⊎ α i , ⊎ α ′ i∈ NPG wowrw (Σ wrw (Σ wrw (∆ ,A {⊎ φ } ) ,A {⊎ φ } + )) = (Id A ( ⊎ φ •⊎ δ ) ( ⊎ α, ⊎ α ′ )) hh⊎ δ, ⊎ α i , ⊎ α ′ i∈ NPG wowrw (Σ wrw (Σ wrw (∆ ,A {⊎ φ } ) ,A {⊎ φ } + )) = (Id A {⊎ φ } ( ⊎ δ ) ( ⊎ α, ⊎ α ′ )) hh⊎ δ, ⊎ α i , ⊎ α ′ i∈ NPG wowrw (Σ wrw (Σ wrw (∆ ,A {⊎ φ } ) ,A {⊎ φ } + )) = Id A {⊎ φ } , amada Page 52 of 63 where the forth equation holds because ⊎ φ ++ • hh⊎ δ, ⊎ α i , ⊎ α ′ i = h⊎ φ + • p( A + {⊎ φ + } ) , v A + {⊎ φ + } i • hh⊎ δ, ⊎ α i , ⊎ α ′ i = h⊎ φ + • p( A + {⊎ φ + } ) • hh⊎ δ, ⊎ α i , ⊎ α ′ i , v A + {⊎ φ + } • hh⊎ δ, ⊎ α i , ⊎ α ′ ii = hh⊎ φ • ⊎ δ, ⊎ α i , ⊎ α ′ i . • (Refl-Subst) We calculateRefl A • ⊎ φ + = Refl A • h⊎ φ • p( A {⊎ φ } ) , v A {⊎ φ } i = hhh⊎ φ • p( A {⊎ φ } ) , v A {⊎ φ } i • p( A + {⊎ φ + } ) • p(Id A {⊎ φ ++ } ) , v A + {⊎ φ + } • p(Id A {⊎ φ ++ } ) i , v Id A {⊎ φ ++ } i • Refl A {⊎ φ } (by the definition of Refl)= hh⊎ φ + • p( A + {⊎ φ + } ) , v A + {⊎ φ + } i • p(Id A {⊎ φ ++ } ) , v Id A {⊎ φ ++ } i • Refl A {⊎ φ } = h⊎ φ ++ • p(Id A {⊎ φ ++ } ) , v Id A {⊎ φ ++ } i • Refl A {⊎ φ } = ⊎ φ +++ • Refl A {⊎ φ } . • ( R Id -Subst) We calculate R Id A,B ( ⊎ β ) {⊎ φ +++ } = ( ⊎ β • Refl − A ) • ⊎ φ +++ = ⊎ β • (Refl − A • ⊎ φ +++ )= ⊎ β • ( ⊎ φ + • Refl − A {⊎ φ } ) (by Refl-Subst)= ( ⊎ β • ⊎ φ + ) • Refl − A {⊎ φ } = R Id A {⊎ φ } ,B {⊎ φ +++ } ( ⊎ β • ⊎ φ + )= R Id A {⊎ φ } ,B {⊎ φ +++ } ( ⊎ β {⊎ φ + } ) , which completes the proof.We next model unit-type (Appendix A.3). Again, let us first recall the semantictype former for unit-type: Definition 3.49 (CwFs with unit-type [20]) A CwF C supports unit if • (Unit-Form) Given Γ ∈ C , there is a type Γ ∈ Ty(Γ), called the unity type in the context Γ; • (Unit-Intro) Given Γ ∈ C , there is a term ⊤ Γ ∈ Tm(Γ , Γ ); • (Unit-Elim) Given Γ ∈ C , A ∈ Ty(Γ . Γ ), a ∈ Tm(Γ , A {⊤ Γ } ) and t ∈ Tm(Γ , Γ ), there is a term R A ( a, t ) ∈ Tm(Γ , A { t } ), where ⊤ := h id Γ , ⊤ Γ i Γ : Γ → Γ . Γ t := h id Γ , t i Γ : Γ → Γ . Γ ; • (Unit-Comp) R A ( a, ⊤ Γ ) = a ; • (Unit-Subst) Given f : ∆ → Γ in C , Γ { f } = ∆ ∈ Ty(∆); • ( ⊤ -Subst) ⊤ Γ { f } = ⊤ ∆ ∈ Tm(∆ , ∆ ).Moreover, C supports one in the strict sense if it additionally satisfies: • ( ⊤ -Uniq) t = ⊤ Γ for all t ∈ Tm(Γ , Γ ). [13] [13] Note that ⊤ -Uniq implies Unit-Elim and Unit-Comp by defining R A ( a, t ) := a . amada Page 53 of 63 Unit-type (with the η -rule) is modeled in a CwF that supports unit (in the strictsense); see Appendix A.3 for the details.We now propose our game semantics of unit-type: Theorem 3.50 (Realizability model of unit-type `a la game semantics)
The CwF
NPG wowrw supports unit in the strict sense.Proof
Let Γ , ∆ ∈ NPG wowrw and ⊎ φ ∈ NPG wowrw (∆ , Γ), and assume that R cpwr (Γ) = ∅ and R cpwr (∆) = ∅ since the other cases are trivial. • (Unit-Form) Let Γ be the constant dependent np-game valued at the unitnp-game (Example 3.9), for which we write { } Γ or { } . • (Unit-Intro) Let ⊤ Γ ∈ Tm(Γ , { } Γ ) be the unique one ⊎{⊤} up to ‘tags.’ • (Unit-Elim) Given A ∈ D NPG wowrw (Σ wrw (Γ , { } Γ )), ⊎ α ∈ T S wr (Π wrw (Γ , A {⊤ Γ } ))and ⊎ τ ∈ T S wr (Π wrw (Γ , { } )), the equation ⊎ τ = ⊤ Γ clearly holds, i.e., ⊤ -Uniq is satisfied, and therefore we define R A ( ⊎ α, ⊎ τ ) := ⊎ α . • (Unit-Comp) Clearly, R A ( ⊎ α, ⊤ Γ ) = ⊎ α . • (Unit-Subst) Clearly, { } Γ {⊎ φ } = { } ∆ . • ( ⊤ -Subst) Clearly, ⊤ Γ • ⊎ φ = ⊤ ∆ : ∆ → ,which completes the proof.Finally, we model empty-type (Appendix A.4). First, the semantic type former forempty-type is: Definition 3.51 (CwFs with empty-type [20]) A CwF C supports empty if • (Empty-Form) Given Γ ∈ C , there is a type Γ ∈ Ty(Γ), called the empty-type in the context Γ; • (Empty-Elim) Given Γ ∈ C , A ∈ Ty(Γ . Γ ) and z ∈ Tm(Γ , Γ ), there is aterm R A ( z ) ∈ Tm(Γ , A { z } ), where z := h id Γ , z i Γ : Γ → Γ . Γ ; • (Empty-Subst) Given f : ∆ → Γ in C , Γ { f } = ∆ ∈ Ty(∆); • ( R -Subst) R A { f + } ( z { f } ) = R A ( z ) { f } , where f + := h f • p( ∆ ) , v Γ i Γ :∆ . ∆ → Γ . Γ .Empty-type is modeled in a CwF that supports empty; see Appendix A.4 for thedetails.Let us finally propose our game-semantic interpretation of empty-type: Theorem 3.52 (Realizability model of empty-type `a la game semantics)
TheCwF
NPG wowrw supports empty.Proof
Let Γ , ∆ ∈ NPG wowrw and ⊎ φ ∈ NPG wowrw (∆ , Γ). • (Empty-Form) Γ is the constant dependent np-game valued at the emptynp-game (Example 3.9), for which we write { } Γ or { } . • (Empty-Elim) Let A ∈ D NPG wowrw (Σ wrw (Γ , { } Γ )) and ⊎ ζ ∈ T S wr (Π wrw (Γ , { } Γ )).Because R cpwr ( ) = ∅ , we have R cpwr (Γ) = ∅ and ζ = ∅ . Hence, it suffices todefine R A ( ⊎ ζ ) ∈ T S wr (Π wrw (Γ , A {⊎ ζ } )) to be the trivial one ⊎{⊤} . • (Empty-Subst) Clearly, { } Γ {⊎ φ } = { } ∆ . amada Page 54 of 63 • ( R -Subst) By the definition of the operation R ( ), we calculate R A {⊎ φ + } ( ⊎ ζ {⊎ φ } ) = ⊎{⊤} = ⊎{⊤} • ⊎ φ (n.b., R cpwr (∆) = ∅ and φ = ∅ )= R A {⊎ φ + } ( ⊎ ζ ) • ⊎ φ = R A ( ⊎ ζ ) {⊎ φ } , which completes the proof. Finally, let us solve the targeted open problem, viz., consistency of MLTT with CT, in the affirmative . For precision, we implement the
T-predicate T and the result-extracting function U (Section 1.4) explicitly in MLTT as follows.We first define a realizer for a given partial function f : N ⇀ N to be a realizerfor a t-skeleton ⊎ φ :: ˆ! N _ N whose extension ext( ⊎ φ ) : n ∈ N read( ⊎ φ • n ),where read( ⊎{⊥} ) ↑ and read( m ) := m for all m ∈ N , coincides with f .Then, we implement the T-predicate and the result-extracting function in MLTTwith respect to the resulting realizers for total recursive functions: • Let the T-predicate to be the type x : N , y : N , z : N ⊢ T ( x , y , z ) type definedby T ( e , n , c ) := if the triple e, n, c ∈ N satisfies the T-predicate with respectto the realizers just defined in the preceding paragraphs, for which we write T ( e, n, c ), and T ( e , n , c ) := otherwise; • Let the result-extracting function to be the term x : N ⊢ U ( x ) : N defined by U ( c ) := n : N if c ∈ N encodes, with respect to the realizers just defined, thecomputational history of a terminating computation on N whose output is n ∈ N , and U ( c ) := : N otherwise.In practice, the T-predicate and the result-extracting function are given in MLTTby the elimination rule of N-type, which is possible because they are both primitiverecursive [3, Section 3.4.3]. Thus, having modeled MLTT, including N-type, onemay think that a model of the T-predicate and the result-extracting function hasbeen obtained as well. However, it is not quite the case because we need a universe to formalize the T-predicate in that way because it is a type, not a term.For this point, we could extend our model of MLTT to a universe, but for brevity,let us skip modeling a universe in this article and instead define our interpretationof the T-predicate directly : Definition 3.53 (Realizability model of the T-predicate `a la game semantics) Letus interpret the T-predicate in the CwF
NPG wowrw by the dependent np-game T onthe product ( N & N ) & N defined by T ( hh⊎ σ, ⊎ τ i , ⊎ γ i ) := if T (read( ⊎ σ ) , read( ⊎ τ ) , read( ⊎ γ )); otherwise. amada Page 55 of 63 Clearly, our interpretation of the T-predicate is sound , i.e., it respects the definingjudgmental equality. Having extended our model of MLTT in the CwF
NPG wowrw tothe T-predicate, we are now ready to present our main theorem:
Theorem 3.54 (Realizability model of MLTT plus CT `a la game semantics)
TheCwF
NPG wowrw validates CT, and therefore it models MLTT equipped with CT.Proof
We have given a model of MLTT equipped with the T-predicate and unit-,empty-, N-, sigma-, pi- and Id-types in
NPG wowrw . Hence, it remains to validate CTin
NPG wowrw . Let us write
CT ∈
NPG wowrw for the interpretation of CT (2) in
NPG wowrw .As sketched in Section 1.10, we provide the t-skeleton ⊎ ct :: CT whose componentct ( ⊎ φ † ,e ) for each ( ⊎ φ † , e ) ∈ R cpwr (ˆ!(ˆ! N _ N )) is the pairing h⊎{ e ‡ } , ct ′ i up to ‘tags,’where e ‡ ∈ π ( R cpwr (ˆ! N _ N )) is the canonical realizer for ⊎ φ , and ct ′ is the evidentDoWRWLI that essentially computes the code c ∈ N of the computational history of ⊎ φ applied to a given t-skeleton n ( n ∈ N ), so that T ( e ‡ , n, c ) and U ( c ) = ⊎ φ • n hold. Finally, ⊎ ct is clearly winning and recursive, which completes the proof.Let us emphasize that our model of MLTT equipped with CT in the CwF NPG wowrw is constructive in the sense that every t-skeleton in NPG wowrw is recursive. In otherwords, we have established a ‘constructive justification’ of CT within MLTT.At last, we are now ready to solve the open problem:
Corollary 3.55 (Consistency of MLTT with CT)
MLTT is consistent with CT.Proof
The corollary follows from Theorem 3.54 because there is no total, let alonewinning, t-skeleton on the empty np-game . We have proved consistency of MLTT with CT, which has been a long-standingopen problem in constructive mathematics, by a novel realizability model of MLTTplus CT `a la game semantics. Our main technical highlight is to resolve the dilemmabetween intensionality and extensionality in the consistency problem, which existingrealizability models cannot overcome, by taking advantage of some distinguishingfeatures of game semantics: the distinction and the asymmetry between O and P.It is also worth noting that we have validated CT constructively in the sense thatan ‘effective’ morphism inhabits the interpretation of CT.Methodologically, the present work has demonstrated that game semantics is apowerful semantic method not only for full abstraction/completeness problems butalso for the meta-theoretic study on foundations of constructive mathematics.As future work, we plan to extend our game semantics of MLTT to homotopy typetheory (HoTT) [19] and apply the semantics to the study of HoTT similarly to thepresent work. We would also like to extend the semantics to other type constructionssuch as well-founded tree types [15] and induction-recursion [51]. amada Page 56 of 63
Acknowledgements
The author acknowleges the financial support from Funai Overseas Scholarship.He is also grateful to Thomas Streicher and Andrew Swan for fruitful discussionsespecially because the starting point of the present work was when the author leantfrom them that consistency of MLTT with CT has been an open problem.
Conflict of interest statement
The author states that there is no conflict of interest.
References
1. Ishihara, H., Maietti, M.E., Maschio, S., Streicher, T.: Consistency of the intensional level of the minimalistfoundation with church’s thesis and axiom of choice. Archive for Mathematical Logic (7-8), 873–888 (2018)2. Yamada, N.: A game-semantic model of computation. Research in the Mathematical Sciences (1), 3 (2019)3. Troelstra, A.S., van Dalen, D.: Constructivism in mathematics. Vol. I, volume 121 of. Studies in Logic and theFoundations of Mathematics, 26 (1988)4. Troelstra, A.S., Van Dalen, D.: Constructivism in Mathematics vol. 2. Elsevier, Amsterdam (2014)5. Beeson, M.J.: Foundations of Constructive Mathematics: Metamathematical Studies vol. 6. Springer, ???(2012)6. Shoenfield, J.R.: Mathematical Logic vol. 21. Addison-Wesley, Reading (1967)7. Kleene, S.C.: Introduction to metamathematics (1952)8. Girard, J.-Y., Taylor, P., Lafont, Y.: Proofs and Types vol. 7. Cambridge University Press Cambridge, ???(1989)9. Jacobs, B.: Categorical Logic and Type Theory vol. 141. Elsevier, ??? (1999)10. Sørensen, M.H., Urzyczyn, P.: Lectures on the Curry-Howard Isomorphism vol. 149. Elsevier, ??? (2006)11. Gentzen, G.: Untersuchungen ¨uber das logische schließen. i. Mathematische zeitschrift (1), 176–210 (1935)12. Troelstra, A.S., Schwichtenberg, H.: Basic Proof Theory vol. 43. Cambridge University Press, ??? (2000)13. Martin-L¨of, P.: Constructive Mathematics and Computer Programming. Studies in Logic and the Foundationsof Mathematics , 153–175 (1982)14. Martin-L¨of, P.: Intuitionistic Type Theory: Notes by Giovanni Sambin of a Series of Lectures Given in Padova,June 1980, (1984)15. Martin-L¨of, P.: An Intuitionistic Theory of Types. Twenty-five years of constructive type theory , 127–172(1998)16. Enderton, H.B.: Elements of Set Theory. Academic Press, ??? (1977)17. Nordstr¨om, B., Petersson, K., Smith, J.M.: Programming in Martin-L¨of’s type theory, volume 7 of InternationalSeries of Monographs on Computer Science. Clarendon Press, Oxford (1990)18. Maietti, M.E., Sambin, G.: Toward a minimalist foundation for constructive mathematics. From Sets and Typesto Topology and Analysis: Practicable Foundations for Constructive Mathematics , 91–114 (2005)19. Univalent Foundations Program, T.: Homotopy Type Theory: Univalent Foundations of Mathematics. https://homotopytypetheory.org/book , Institute for Advanced Study (2013)20. Hofmann, M.: Syntax and Semantics of Dependent Types. In: Extensional Constructs in Intensional TypeTheory, pp. 13–54. Springer, ??? (1997)21. Kreisel, G.: Church’s thesis: a kind of reducibility axiom for constructive mathematics. In: Studies in Logic andthe Foundations of Mathematics vol. 60, pp. 121–150. Elsevier, ??? (1970)22. Rogers, H., Rogers, H.: Theory of Recursive Functions and Effective Computability vol. 5. McGraw-Hill, NewYork (1967)23. Cutland, N.: Computability: An Introduction to Recursive Function Theory. Cambridge University Press,Cambridge (1980)24. Weihrauch, K.: Computable Analysis: An Introduction. Springer, Berlin, Heidelberg (2012)25. Rice, H.G.: Classes of recursively enumerable sets and their decision problems. Transactions of the AmericanMathematical Society (2), 358–366 (1953)26. Maietti, M.E.: A minimalist two-level foundation for constructive mathematics. Annals of Pure and AppliedLogic (3), 319–354 (2009)27. Reus, B.: Realizability Models for Type Theories. Electronic Notes in Theoretical Computer Science (1),128–158 (1999)28. Streicher, T.: Realizability (2008)29. Abramsky, S., et al. : Semantics of interaction: An introduction to game semantics. Semantics and Logics ofComputation , 1–31 (1997)30. Hyland, M.: Game semantics. In: Semantics and Logics of Computation vol. 14, p. 131. Cambridge UniversityPress, New York (1997)31. Amadio, R.M., Curien, P.-L.: Domains and Lambda-Calculi vol. 46. Cambridge University Press, Cambridge(1998)32. Abramsky, S.: Intensionality, definability and computation. In: Johan van Benthem on Logic and InformationDynamics, pp. 121–142. Springer, Cham (2014)33. Abramsky, S., McCusker, G.: Game semantics. In: Computational Logic: Proceedings of the 1997Marktoberdorf Summer School, pp. 1–55. Springer, Berlin, Heidelberg (1999)34. Abramsky, S., Jagadeesan, R., V´ak´ar, M.: Games for dependent types. In: Automata, Languages, andProgramming, pp. 31–43. Springer, Berlin, Heidelberg (2015)35. Yamada, N.: Game semantics for Martin-L¨of type theory. arXiv preprint arXiv:1610.01669 (2016) amada Page 57 of 63
36. McCusker, G.: Games and Full Abstraction for a Functional Metalanguage with Recursive Types. Springer,London (1998)37. Yamada, N., Abramsky, S.: Dynamic games and strategies. arXiv preprint arXiv:1601.04147 (2016). Acceptedfor publication by Mathematical Structures in Computer Science.38. Girard, J.-Y.: Linear logic. Theoretical Computer Science (1), 1–101 (1987)39. Abramsky, S., Jagadeesan, R.: Games and full completeness for multiplicative linear logic. The Journal ofSymbolic Logic (02), 543–574 (1994)40. Lambek, J., Scott, P.J.: Introduction to Higher-order Categorical Logic vol. 7. Cambridge University Press, ???(1988)41. Abramsky, S., Jagadeesan, R.: A game semantics for generic polymorphism. Annals of Pure and Applied Logic (1), 3–37 (2005)42. Hughes, D.: Hypergame semantics: full completeness for system F. PhD thesis, D. Phil. thesis, OxfordUniversity (2000)43. Abramsky, S., Jagadeesan, R.: Game semantics for access control. Electronic Notes in Theoretical ComputerScience , 135–156 (2009)44. Curien, P.-L.: Definability and full abstraction. Electronic Notes in Theoretical Computer Science , 301–310(2007)45. Clairambault, P., Harmer, R.: Totality in arena games. Annals of pure and applied logic (5), 673–689 (2010)46. Curien, P.-L.: Notes on game semantics. From the author?s web page (2006)47. Hyland, J.M.E., Ong, C.-H.: On full abstraction for PCF: I, II, and III. Information and Computation (2),285–408 (2000)48. Curien, P.-L.: Abstract B¨ohm trees. Mathematical Structures in Computer Science (06), 559–591 (1998)49. Abramsky, S., Jagadeesan, R., Malacaria, P.: Full abstraction for PCF. Information and Computation (2),409–470 (2000)50. Dybjer, P.: Internal Type Theory. In: Types for Proofs and Programs, pp. 120–134. Springer, ??? (1996)51. Dybjer, P.: A general formulation of simultaneous inductive-recursive definitions in type theory. Journal ofSymbolic Logic, 525–549 (2000)52. Barendregt, H.P., et al. : The Lambda Calculus vol. 3. North-Holland, Amsterdam (1984)53. Dybjer, P., Palmgren, E.: Intuitionistic type theory. Stanford Encyclopedia of Philosophy (2016)54. Hankin, C.: Lambda calculi: A guide for the perplexed (1994)55. Peano, G.: Arithmetices principia, nova methodo exposita, 1899. English translation in [51], 83–97 (1879) Appendix A: Intensional Martin-L¨of type theory
The difference between the intensional and the extensional variants of MLTT isthat there is only the equality in the form of judgements or judgmental equality [14] in the extensional one, while the intensional one in addition has identity types foranother kind of equality, called propositional equality , which is to be witnessed byterms. See Appendix A.8 for the details. It is easy to observe from the rules ofidentity types that judgmentally equal terms are also propositionally equal, but notvice versa. Formally, the extensional variant is the intensional one equipped with theaxiom of equality reflection , which derives judgmental equality from propositionalone [13] (n.b., the two kinds of equalities coincide in the extensional variant).In this appendix, we briefly review the syntax of the intensional variant, whichwe call
MLTT . We first recall contexts in Section A.1 and structural rules inSection A.2. We then recall each type construction in Sections A.3-A.8. Alongthe syntax, we also recall the interpretation
J K of MLTT in an arbitrary CwF C = ( C , Ty , Tm , { } , T, . , p , v , h , i ) [20] fixed throughout this appendix.Each type construction in MLTT is defined in terms of formation , introduction , elimination and computation rules. Roughly, the formation rule stipulates howto form the type, and the introduction rule defines terms [15] of the type. On theother hand, the elimination and the computation rules describe how to consume theterms and the result of the consumption (in the form of equations), respectively,both of which are justified by the introduction rule. [14] Judgmental equality is modulo α -equivalence or renaming of bound variables [9, 20]. [15] Strictly speaking, the introduction rule defines canonical terms of the type, whichin turn defines terms of the type; see [14, 53, 17] on this point. amada Page 58 of 63
A.1 Contexts A context is a finite sequence x : A , x : A , . . . , x n : A n of pairs ( x i , A i ) of a variable x i and a type A i such that the variables x , x , . . . , x n are pairwise distinct. Let ♦ represent the empty context , i.e., the empty sequence ǫ . We often omit contexts(and sometimes the turnstile ⊢ ) in judgements, especially the empty context ♦ .We have the following axiom and rules for contexts: (Ctx-Emp) ⊢ ♦ ctx Γ ⊢ A type ( Ctx-Ext ) ⊢ Γ , x : A ctx ⊢ Γ = ∆ ctx Γ ⊢ A = B type ( Ctx-ExtEq ) ⊢ Γ , x : A = ∆ , y : B ctx where x (resp. y ) does not occur in Γ (resp. ∆ ).The axiom Ctx-Emp and the rule Ctx-Ext define that contexts are exactly finitelists of pairs of a variable and a type. On the other hand, the rule Ctx-ExtEq isan instance of a congruence rule because it states that judgmental equality = oncontexts is preserved under ‘context extension’ given by Ctx-Ext. Note also that wehave ⊢ ♦ = ♦ ctx by Ctx-Emp and the rule Ctx-EqRefl in the next section. Convention
As in [20], let us skip writing congruence rules for other constructions.
A.2 Structural rules
Next, let us collect the rules applicable to all types as structural rules : ⊢ x : A , x : A , . . . , x n : A n ctx ( Var ) ( j ∈ { , , . . . , n } ) x : A , x : A , . . . , x n : A n ⊢ x j : A j ⊢ Γ ctx ( Ctx-EqRefl ) ⊢ Γ = Γ ctx ⊢ Γ = ∆ ctx ( Ctx-EqSym ) ⊢ ∆ = Γ ctx ⊢ Γ = ∆ ctx ⊢ ∆ = Θ ctx ( Ctx-EqTrans ) ⊢ Γ = Θ ctxΓ ⊢ A type ( Ty-EqRefl ) Γ ⊢ A = A type Γ ⊢ A = B type ( Ty-EqSym ) Γ ⊢ B = A typeΓ ⊢ A = B type Γ ⊢ B = C type ( Ty-EqTrans ) Γ ⊢ A = C typeΓ ⊢ a : A ( Tm-EqRefl ) Γ ⊢ a = a : A Γ ⊢ a = a ′ : A ( Tm-EqSym ) Γ ⊢ a ′ = a : AΓ ⊢ a = a ′ : A Γ ⊢ a ′ = a ′′ : A ( Tm-EqTrans ) Γ ⊢ a = a ′′ : A ⊢ Γ = ∆ ctx Γ ⊢ A type ( Ty-Conv ) ∆ ⊢ A typeΓ ⊢ a : A ⊢ Γ = ∆ ctx Γ ⊢ A = B type ( Tm-Conv ) ∆ ⊢ a : B The rule Var states the reasonable idea that we may give an element x j : A j if itoccurs in the context just by ‘copy-catting’ it. The next nine rules stipulate that amada Page 59 of 63 every judgmental equality = is an equivalence relation. Finally, the rules Ty-Convand Tm-Conv formalize the natural phenomenon that judgements are preservedunder the exchange of judgmentally equal contexts and/or types.It is then easy to see that the following weakening and substitution rules are admissible in MLTT, but it is convenient to present them explicitly: Γ , ∆ ⊢ J Γ ⊢ A type ( Weak ) Γ , x : A , ∆ ⊢ J Γ , x : A , ∆ ⊢ J Γ ⊢ a : A ( Subst ) Γ , ∆ [ a / x ] ⊢ J [ a / x ]where x does not occur in Γ or ∆ for Weak, and not in Γ for Subst, and J [ a / x ] (resp. ∆ [ a / x ]) is the capture-free substitution [54] of a for x in J [16] (resp. ∆).Note that a priori we cannot define an interpretation of MLTT by induction ondeductions since a derivation of a judgement in MLTT is not unique in the presenceof the rules Ty-Con and Tm-Con [20]. For this point, a standard approach is todefine an interpretation J K on pre-syntax , which is partial , by induction on thelength of pre-syntax, and show that it is well-defined on every ‘valid pre-syntax,’i.e., judgement, and preserves judgmental equality by the semantic equality. By this soundness theorem [20], a posteriori we may describe the interpretation J K of thesyntax by induction on derivation of judgements:
Definition A.1 (Interpretation of contexts and structural rules in CwFs [20]) Theinterpretation
J K of contexts and structural rules in a CwF C is defined by: • ( Ct-Emp ) J ⊢ ♦ ctx K := T ; • ( Ct-Ext ) J ⊢ Γ , x : A ctx K := J ⊢ Γ ctx K . J Γ ⊢ A type K ; • ( Var ) J Γ , x : A ⊢ x : A K := v J A K ; J Γ , x : A , ∆ , y : B ⊢ x : A K := J Γ , x : A , ∆ ⊢ x : A K { p( J Γ , x : A , ∆ ⊢ B type K ) } J A K ; • ( Ty-Con ) J ∆ ⊢ A type K := J Γ ⊢ A type K ; • ( Tm-Con ) J ∆ ⊢ a : B K := J Γ ⊢ a : A K .In the rest of this appendix, we recall specific type constructions in MLTT andthe interpretation of them in an arbitrary CwF. A.3 Unit-type
Let us begin with the simplest type, called unit-type (or one-type ) , which isthe type that has just one term ⊤ . [17] Therefore, from the logical point of view, itrepresents the ‘simplest true formula.’Rules of unit-type are the following: ⊢ Γ ctx ( -Form ) Γ ⊢ ⊢ Γ ctx ( -Intro ) Γ ⊢ ⊤ : ⊢ t : ( -Uniq ) Γ ⊢ t = ⊤ : , x : ⊢ C type Γ ⊢ c : C [ ⊤ / x ] Γ ⊢ t : ( -Elim ) Γ ⊢ R ( C , c , t ) : C [ t / x ] Γ , x : ⊢ C type Γ ⊢ c : C [ ⊤ / x ]( -Comp ) Γ ⊢ R ( C , c , ⊤ ) = c : C [ ⊤ / x ] [16] Here, J denotes the RHS of the turnstile ⊢ in an arbitrary judgement. [17] Strictly speaking, has just one canonical term ⊤ . However, for simplicity, let usbe casual about the distinction between canonical and non-canonical terms in thepresent work, and we usually call canonical/non-canonical terms just terms . amada Page 60 of 63 Note that -Uniq implies -Elim and -Comp if we define R ( C , c , t ) := c .The formation rule -Form states that unit-type is atomic , i.e., we may form itwithout assuming any other types. The introduction rule -Intro defines that it hasjust one term, viz., ⊤ . Then, the uniqueness rule -Uniq makes sense, from whichthe remaining rules -Elim and -Comp follow. Definition A.2 (Interpretation of unit-type in CwFs) The interpretation
J K ofunit-type in a CwF C that supports unit is given by: • ( -Form ) J Γ ⊢ K := J Γ K ; • ( -Intro ) J Γ ⊢ ⊤ : K := ⊤ J Γ K ; • ( -Elim ) J Γ ⊢ R ( C , c , t ) : C [ t / x ] K := R J C K ( J c K , J t K ). A.4 Empty-type
Next, let us recall empty-type (or zero-type ) , which is the type that has noterms. Thus, it corresponds in logic to the ‘simplest false formula.’Rules of empty-type are the following: ⊢ Γ ctx ( -Form ) Γ ⊢ , x : ⊢ C type Γ ⊢ a : ( -Elim ) Γ ⊢ R ( C , a ) : C [ a / x ]The formation rule -Form is similar to -Form, and the elimination rule -Elimcorresponds in logic to ex falso , i.e., ‘anything follows from a contradiction.’ Empty-type has neither introduction nor computation rule since it has no terms. Definition A.3 (Interpretation of empty-type in CwFs) The interpretation
J K ofempty-type in a CwF C that supports empty is given by: • ( -Form ) J Γ ⊢ K := J Γ K ; • ( -Elim ) J Γ ⊢ R ( C , a ) : C [ a / x ] K := R J C K ( J a K ). A.5 N-type
We proceed to recall an atomic type of computational significance, natural numbertype (or
N-type ) N , which is a type of natural numbers.Rules of N-type are the following: ⊢ Γ ctx ( N -Form ) Γ ⊢ N type ⊢ Γ ctx ( N -IntroZ ) Γ ⊢ zero : N Γ ⊢ n : N ( N -IntroS ) Γ ⊢ succ ( n ) : NΓ , x : N ⊢ C type Γ ⊢ c z : C [ zero / x ] Γ , x : N , y : C ⊢ c s : C [ succ ( x ) / x ] Γ ⊢ n : N ( N -Elim ) Γ ⊢ R N ( C , c z , c s , n ) : C [ n / x ] Γ , x : N ⊢ C type Γ ⊢ c z : C [ zero / x ] Γ , x : N , y : C ⊢ c s : C [ succ ( x ) / x ]( N -CompZ ) Γ ⊢ R N ( C , c z , c s , zero ) = c z : C [ zero / x ] Γ , x : N ⊢ C type Γ ⊢ c z : C [ zero / x ] Γ , x : N , y : C ⊢ c s : C [ succ ( x ) / x ] Γ ⊢ n : N ( N -CompS ) Γ ⊢ R N ( C , c z , c s , succ ( n )) = c s [ n / x , R N ( C , c z , c s , n ) / y ] : C [ succ ( n ) / x ] Again, the formation rule N -Form says that N-type is atomic. The introductionrules N -IntroZ and N -IntroZ inductively define terms of N-type: zero (for 0 ∈ N ) and succ ( n ) if so is n (for n ∈ N ⇒ n + 1 ∈ N ). The elimination rule N -Elim representsboth mathematical induction and primitive recursion : To show a predicate C over N , amada Page 61 of 63 it suffices to prove C ( zero ) and C ( n ) ⇒ C ( succ ( n )), or equivalently under the CHIs,to define a (dependent) function f from N to C , it suffices to define its outputs f ( zero ) on zero and f ( succ ( n )) on succ ( n ) in terms of f ( n ) and n . The eliminationrule makes sense by the introduction rule, i.e., for terms of N-type are only zeroand successors. Finally, the computation rules N -CompZ and N -CompS stipulatethe expected behavior of computations given by N -Elim. Notation
Given a context ⊢ Γ ctx and a natural number n ∈ N , we define the term Γ ⊢ n : N , called the n th numeral (in the context Γ), by induction on n : := zero and n + := succ ( n ). That is, the n th numeral is to represent the number n . Definition A.4 (Interpretation of N-type in CwFs) The interpretation
J K of N-type in a CwF C that supports N is given by: • ( N -Form ) J Γ ⊢ N type K := N J Γ K ; • ( N -IntroZ ) J Γ ⊢ zero : N K := 0 J Γ K ; • ( N -IntroS ) J Γ ⊢ succ ( n ) : N K := v N { succ J Γ K ◦ h id J Γ K , J Γ ⊢ n : N K i} ; • ( N -Elim ) J Γ ⊢ R N ( C , c z , c s , n ) : C [ n / x ] K := R N J C K ( J c z K , J c s K ) {h id J Γ K , J n K i N } .It is easy to see by (the meta-theoretic) mathematical induction that the equation J Γ ⊢ n : N K = n J Γ K holds for any context ⊢ Γ ctx and natural number n ∈ N . A.6 Pi-types
Now, let us recall the dependent function types (or pi-types ) construction Π .In terms of a set-theoretic analogy, the pi-type Π x : A B ( x ) is something like the set ofall (total) functions f from A to S x : A B ( x ) such that f ( a ) : B ( a ) for all a : A , called dependent functions from A to B , where we informally interpret simple types A andterms a : A as sets and elements a ∈ A of sets, respectively, and dependent types B on A as families ( B ( x )) x : A of sets B ( x ).Rules of pi-types are the following: Γ ⊢ A type Γ , x : A ⊢ B type ( Π -Form ) Γ ⊢ Π x : A B type Γ , x : A ⊢ b : B ( Π -Intro ) Γ ⊢ λ x A . b : Π x : A BΓ ⊢ f : Π x : A B Γ ⊢ a : A ( Π -Elim ) Γ ⊢ f ( a ) : B [ a / x ] Γ , x : A ⊢ b : B Γ ⊢ a : A ( Π -Comp ) Γ ⊢ ( λ x A . b )( a ) = b [ a / x ] : B [ a / x ] Γ ⊢ f : Π x : A B ( Π -Uniq ) Γ ⊢ λ x A . f ( x ) = f : Π x : A B where in Π -Uniq the variable x does not occur free in f .The formation rule Π -Form states that we may form the pi-type Π x : A B from types A and B , where B depends on A . The introduction rule Π -Intro defines how toconstruct terms of Π x : A B ; it is the ordinary currying yet generalized to dependenttypes. Then, the elimination and the computation rules Π -Elim and Π -Comp makesense by the introduction rule. Finally, the uniqueness rule Π -Uniq stipulates that(canonical) terms of pi-types are only λ -abstractions. Definition A.5 (Interpretation of pi-types in CwFs [20]) The interpretation
J K of pi-types in a CwF C that supports pi is given by: amada Page 62 of 63 • ( Π -Form ) J Γ ⊢ Π x : A B type K := Π( J Γ ⊢ A type K , J Γ , x : A ⊢ B type K ); • ( Π -Intro ) J Γ ⊢ λ x . b : Π x : A B K := λ J A K , J B K ( J Γ , x : A ⊢ b : B K ); • ( Π -Elim ) J Γ ⊢ f ( a ) : B [ a / x ] K := App J A K , J B K ( J Γ ⊢ f : Π x : A B K , J Γ ⊢ a : A K ). A.7 Sigma-types
Another important type construction is the dependent sum types (or sigma-types ) construction Σ . In terms of the set-theoretic analogy again, the sigma-type Σ x : A B ( x ) represents the set of all pairs h a , b i such that a : A and b : B ( a ), called dependent pairs of A and B .Rules of sigma-types are the following: Γ ⊢ A type Γ , x : A ⊢ B type ( Σ -Form ) Γ ⊢ Σ x : A B typeΓ , x : A ⊢ B type Γ ⊢ a : A Γ ⊢ b : B [ a / x ]( Σ -Intro ) Γ ⊢ h a , b i : Σ x : A BΓ , z : Σ x : A B ⊢ C type Γ , x : A , y : B ⊢ g : C [ h x , y i / z ] Γ ⊢ p : Σ x : A B ( Σ -Elim ) Γ ⊢ R Σ ([ z : Σ x : A B ] C , [ x : A , y : B ] g , p ) : C [ p / z ] Γ , z : Σ x : A B ⊢ C type Γ , x : A , y : B ⊢ g : C [ h x , y i / z ] Γ ⊢ a : A Γ ⊢ b : B [ a / x ]( Σ -Comp ) Γ ⊢ R Σ ([ z : Σ x : A B ] C , [ x : A , y : B ] g , h a , b i ) = g [ a / x , b / y ] : C [ h a , b i / z ] Γ ⊢ p : Σ x : A B ( Σ -Uniq ) Γ ⊢ h π A , B1 ( p ) , π A , B2 ( p ) i = p : Σ x : A B where Γ ⊢ π A , B1 ( p ) df . ≡ R Σ ([ z : Σ x : A B ] A , [ x : A , y : B ] x , p ) : AΓ ⊢ π A , B2 ( p ) df . ≡ R Σ ([ z : Σ x : A B ] B [ π A , B1 ( z ) / x ] , [ x : A , y : B ] y , p ]) : B [ π A , B1 ( p ) / x ]are projections constructed by Σ -Elim .The formation rule Σ -Form is the same as that of pi-types. The introduction rule Σ -Intro specifies that terms of a sigma-type Σ x : A B are dependent pairs h a , b i : Σ x : A B of terms a : A and b : B [ a / x ]. Again, the elimination and the computation rules Σ -Elim and Σ -Comp make sense by the introduction rule. Finally, the uniqueness rule Σ -Uniq stipulates that (canonical) terms of sigma-types are only dependent pairs. Definition A.6 (Interpretation of sigma-types in CwFs [20]) The interpretation
J K of sigma-types in a CwF C that supports sigma is given by: • (Σ -Form ) J Γ ⊢ Σ x : A B type K := Σ( J Γ ⊢ A type K , J Γ , x : A ⊢ B type K ); • (Σ -Intro ) J Γ ⊢ ( a , b ) : Σ x : A B K := Pair J A K , J B K ◦ h J Γ ⊢ a : A K , J Γ ⊢ b : B [ a / x ] K i J B K ; • (Σ -Elim ) J Γ ⊢ R Σ ( C , g , p ) : C [ p / z ] K := R Σ J A K , J B K , J C K ( J Γ , x : A , y : B ⊢ g : C [( x , y ) / z ] K ) ◦ J Γ ⊢ p : Σ x : A B K ,where J Γ ⊢ a : A K := h id J Γ K , J a K i : J Γ K → J Γ K . J A K and J Γ ⊢ p : Σ x : A B K := h id J Γ K , J p K i : J Γ K → J Γ K . J Σ x : A B K . A.8 Id-types
Note that a judgmental equality Γ ⊢ a = a ′ : A is a judgement, not a formula, andtherefore it cannot be used in a context or derived by an induction principle such as amada Page 63 of 63 N -Elim. To overcome this deficiency, the identity types (or Id-types ) constructionId has been introduced. [18]
Informally, the Id-type Id A ( a , a ′ ) represents the set of all (identity) proofs that ‘witnesses’ equality between a and a ′ .Rules of Id-types are the following: Γ ⊢ A type Γ ⊢ a : A Γ ⊢ a ′ : A (Id -Form ) Γ ⊢ Id A ( a , a ′ ) typeΓ ⊢ A type Γ ⊢ a : A (Id -Intro ) Γ ⊢ refl a : Id A ( a , a ) Γ , x : A , y : A , p : Id A ( x , y ) ⊢ C type Γ , z : A ⊢ c : C [ z / x , z / y , refl z / p ] Γ ⊢ q : Id A ( a , a ′ )(Id -Elim ) Γ ⊢ R = ( C , c , a , a ′ , q ) : C [ a / x , a ′ / y , q / p ] Γ , x : A , y : A , p : Id A ( x , y ) ⊢ C type Γ , z : A ⊢ c : C [ z / x , z / y , refl z / p ] Γ ⊢ a : A (Id -Comp ) Γ ⊢ R = ( C , c , a , a , refl a ) = c [ a / z ] : C [ a / x , a / y , refl a / p ] The formation rule Id-Form states that we may form the Id-type Id A ( a , a ′ ) from atype A and terms a , a ′ : A . The introduction rule Id-Intro defines that there is justone term refl a of the Id-type Id A ( a , a ). Again, the elimination and the computationrules Id-Elim and Id-Comp make sense by the introduction rule. Definition A.7 (Interpretation of Id-types in CwFs [20]) The interpretation
J K of Id-types in a CwF C that supports Id is given by: • (= -Form ) J Γ ⊢ a = A a ′ type K := Id J A K {h J Γ ⊢ a : A K , J Γ ⊢ a ′ : A K i J A K } ; • (= -Intro ) J Γ ⊢ refl A : a = A a K := v Id J A K { Refl J A K ◦ J Γ ⊢ a : A K } ; • (= -Elim ) J Γ ⊢ R = ( C , c , a , a ′ , q ) : C [ a / x , a ′ / y , q / p ] K := R Id J A , C K ( J c K ) {hh J a K , J a ′ K i J A K , J q K i J a = A a ′ K } . [18] We can then, e.g., formulate and prove