1090 3-proofs

Jeff Edmonds
York University
Lecture 3
Our Formal Proof System
Informally Adding and Removing
True iff Provable
Examples of Proofs
• Repeat from Informal Slides
• Distributive Laws for " and 
• Proof by Cases
• Proof by Duality
• Free Variable Fail
Proving x+1>x
More Details
• Definitions Again
• Lemmas via Substitutions
• Soundness of Our Proof System
• Soundness of Sequent Calculus
Logic for Computer Science
Formal Proofs

You need to follow
mechanical symbol
manipulation rules.
Formal Proof Systems
Adding meaning or
intuition is bad.

You need to follow
mechanical symbol
manipulation rules.
Adding meaning or
intuition is bad.
The point of formal proofs is
• to prove theorems
• with as few assumptions as possible
about the nature of the objects
we are talking about
• so that we can find a wide range
of strange new objects
• for which the same theorems are true.

You need to follow
mechanical symbol
manipulation rules.
But there are many
formal proof systems
for proving 1st order logic.
Adding meaning or
intuition is bad.

Its is fun to have a really intuitive and robust proof system
from which proving things is easy!
Its is fun to have a really
trimmed down proof
system from which you
can prove everything!
Personally, I found these overly complicated
But there are many
formal proof systems
for proving 1st order logic.

Our Formal Proof Systems
• A Hilbert Style Proof:
is a sequence of well formed formulas.
1. 1
2. 2
3. ….
n. 
• Each line  is either:
– i Axiomslogical  Axiomsmodel specifing
– Follows from a lemma/rule of the form:
“If  and ´ are previous lines of your proof,
then you can add ´´ as a line of your proof.”
Adding meaning or intuition is bad.
We add meaning
α(x)
means
And make sure that the understanding/truth
of each line follows from the previous.
"x α(x)
Sure, we did this in
the informal slides.

1. 1
2. 2
3. ….
n. 
We add meaning
α(y$)
means
$y$ α(y$)

1. 1
2. 2
3. ….
n. 
We add meaning
α(x,y$)
means
$y$ "x α(x,y$)
"α

1. 1
2. 2
3. ….
n. 
We add meaning
α(x,y$
means
$y$ "x α(x,y$
"α (x))
(x))

1. 1
2. 2
3. ….
n. 
We add meaning
α(x,y$
means
"x $y$ α(x,y$)
"α
(x))

1. 1
2. 2
3. ….
n. 
We add meaning
assume α(x) … (x´)
means
"x´ [α(x´)(x´)].

1. 1
2. 2
3. ….
n. 
We add meaning
Quantifier Closure:
Φ ≡ QC() ≡ "M $𝑦$"𝑥 "x´ [α(x´)].
Aaaah!
Slowly slowly

1. 1
2. 2
3. ….
n. 
Yes. You don’t NEED the meaning.
You can’t go wrong by
mechanically following the rules
(assuming you remove all special symbols y$ and x´.)
The rules should be purely mechanical.

• Lemmas/Theorems:
• Starting with all propositional tautologies.
This is what we did in
the proposition section.

• Lemmas/Theorems:
• Starting with all propositional tautologies (See slides).
• Prove new lemmas with quantifiers.
• Use lemmas via substitutions.
• Deduction αβ:
• Assume α, prove β, conclude αβ. With an extra twist.
We formalize this here:
Lemmas via Substitutions

• Rules (Adding/Removing "/$):
These help define and to work with quantifiers.
• Removing ":
• From line "x α(x), include line α(term(x)) (eg α(x)).
• Adding ":
• From line α(x), include line "x α(x).
• Cannot be done for fixed x$ or x´.
• Removing $:
• From line $y α(y), include line α(x,y$).
• From line $y α(x,y), include line α(x,y$(x)).
• Note y$ is a fixed object while y$(x) depends on x.
• If needed use y1$, y2$, … to make sure they are not reused.
• Adding $:
• From line α(term), include line $y α(y).
• Cannot be done if term depends on x bounded with "x.
• Negating "&$: $x α(x) iff "x α(x)
We adjust these a little to
make them easier to use.

• Rules (Adding/Removing "/$):
These help define and to work with quantifiers.
• Removing ":
• From line "x α(x), include line α(term(x)) (eg α(x)).
• Adding ":
• From line α(x), include line "x α(x).
• Removing $:
• From line $y α(y), include line α(x,y$).
• From line $y α(x,y), include line α(x,y$(x)).
• Note y$ is a fixed object while y$(x) depends on x.
• If needed use y1$, y2$, … to make sure they are not reused.
• Adding $:
• From line α(term), include line $y α(y).
• Cannot be done if term depends on x bounded with "x.
For now, let’s
get some intuition.
We will formally prove
the soundness of these here
Soundness of Our Proof System

Rules:
• Removing ": From line "x α(x), include line α(term) (eg α(x)).
If α is true for every x,
then it is true for any term
term that you can plug in.
A term is any string representing an object.
eg 5, father(jeff), father(father(x)).
Syntax states which strings of characters are in the proper format.
A formal proof should be done purely syntactically,
ie without meaning.
Here the substring “father(jeff)” is syntactically a term
because father is stated to return an object.
Hence "x can be replaced with it.

Rules:
• Adding ": From line α(x), include line "x α(x).
If α(x) is true
without specifying x,
then it must be true
for every value x.

Rules:
• Removing $: From line $x α(x), include line α(x$).
We add the $ to make it clear
that these mean different things.
(Not for x$ or x´).
Let’s denote the object that
we know exists by y$.

Rules:
• Removing $: From line $x α(x), include line α(x$).
From line $y α(x,y), include line α(x,y$(x)).
Let’s denote the object that
we know exists by y$.
But now which value exists
might depend on the value of x.

Rules:
• Removing $: From line $y α(x,y), include line α(x,y$(x)).
If the symbol y$. appears
elsewhere in your proof,
use a new one now.
Maybe y1$, y2$, ….
After all, this constant that exists
might be different than the other
one that exists.

Rules:
• Adding $: From line α(term), include line $y α(y).
If α is true
for some value
defined by term
then it must be true
for some value y.
(Except "x α(x,term(x))).

Rules:
• Negating "&$: ["x α(x)] iff $x α(x).
If it is not true
that α is true for every x,
then for some x it is not true.

Rules:
• Deduction:
Deduction Goal: α(x)β(x)
______ α(x ) Assumption
______ …
______ β(x )
α(x)β(x) Deduction Conclusion
´
´
The ´ is needed when x is a free variable.
It reminds us that the line has a different meaning.
And hence the rules are slightly different.
"x´[α(x´) ]
"x´[α(x´) ]

Rules:
• Deduction:
______ α(x ) Assumption
______ …
______ β(x )
´
´
• Axioms Γ(x):
Γ(x ) Axiom/Assumption
´
Though it is a little
strange to have free
variables in your
axioms.
"x´[α(x´) ]
"x´[α(x´) ]

Let x be a free object.
I then prove α(x).
Goal: "x α(x)
Formal Proof:
1. ⁝
i. ⁝
i+1. α(x)
i+2. "x α(x)
Proved some how.
Add "
We conclude by adding " giving "x α(x).
Because x is a free variable,
there is an assumed "x.
Hence we can add this "x.
"x [ ]
Adding "/$ (Formal vs Informal Prover-Adversary Game)

I then prove α(x).
Goal: "x α(x)
Formal Proof:
1. ⁝
i. ⁝
i+1. α(x)
i+2. "x α(x)
Proved some how.
Add "
We introduced the notation x´ and x$.
These do not have an implied ".
Hence, we cannot add a ".
"x [ ]

Suppose I instead prove α(f(x)).
Goal: "x α(x)
Formal Proof:
1. ⁝
i. ⁝
i+1. α(f(x))
i+2. "x α(x)
Proved some how.
Add "
"x [ ]
Is this proof now ok?

Formal Proof:
1. ⁝
i. ⁝
i+1. α(f(x))
i+2. "x α(x)
"x [ ]
Ann
Marilyn
Monroe
Beth
Mary
yU α(y)
T
T
Ann
Marilyn
Monroe
Beth
Mary
xU
Ann
Marilyn
Monroe
Beth
Mary
yU
f
α(f(x)) = α(f({M,B,MM,A}))
= T.
T
F
T
F
= α({M,B,MM})
Ann is not hit.
Want this step to be wrong
?

Formal Proof:
1. ⁝
i. ⁝
i+1. α(f(x))
i+2. $y α(y)
"x [ ]
Ann
Marilyn
Monroe
Beth
Mary
yU α(y)
T
T
Ann
Marilyn
Monroe
Beth
Mary
xU
Ann
Marilyn
Monroe
Beth
Mary
yU
f
F
T
Yes. We don’t know what f will hit,
but we do know that it must hit some object y.
And α will be true for that y.

Goal: $y α(y)
Formal Proof:
1. ⁝
i. ⁝
i+1. α(5)
i+2. $y α(y)
Proved some how.
Add $
We conclude by adding $ giving $y α(y).
Let term be an object that I carefully define.
eg 5, father(jeff), father(father(y)).
I then prove α(5).

Goal: $y α(y)
Formal Proof:
1. ⁝
i. ⁝
i+1. α(y$)
i+2. $y α(y)
Proved some how.
Add $
We introduced the notation y$ to mean
some value that exists.
I then prove α(5).

Goal: $y α(y)
Formal Proof:
1. ⁝
i. ⁝
i+1. α(y´)
i+2. $y α(y)
Proved some how.
Add $
We introduced the notation y´ to mean
some arbitrary but fixed.
I then prove α(5).

Goal: $y α(y)
Formal Proof:
1. ⁝
i. ⁝
i+1. α(y)
i+2. $y α(y)
Proved some how.
Add $
We left y to mean
that it is a free variable
with an assumed "y.
I then prove α(5).

Goal: $y α(y)
I then prove α(5).
My task can be very very hard.
I must find and name a solution y
to what might be a very very hard computational problem.
Uncomputable problems like:
• Will my algorithm ever halt?
• Find a sequences of n Yes/No inputs
that satisfies some circuit
(there are 2n such inputs to search among.)
• Find a sequences of n integer inputs
that satisfies some equation
(there are ∞ such inputs to search among.)
$y HardProblem(y)

I then prove α(x).
Goal: "x α(x)
My task can be very very hard.
I must find and name a counter example x
that fails to be a solution
to what might be a very very hard computational problem.
My next task can be very very hard.
I prove that x is not a solution because …
the problem has no solutions!
"x ⌐HardProblem(x)

I then prove α(x, term(x)).
Goal: "x $y α(x,y)
Formal Proof:
1. ⁝
i. ⁝
i+1. α(x,term(x))
i+2. $y α(x,y)
i+3. "x $y α(x,y)
Proved some how.
Add $ from term(x)
Add "
We conclude by adding $ and "
Let term be a value for y that I carefully define.
My term can depend on his x.
Let's denote it y=term(x).
Let x be an arbitrary object.

Goal: "x $y α(x,y)
Formal Proof:
1. ⁝
i. ⁝
i+1. α(x,term(x))
i+2. "x α(x,term(x))
i+3. $y "x α(x,y)
Proved some how.
Add "
Add $
No!
Adding $ cannot be done for term(x)
if x is quantified with in "x.
Can I prove $y "x α(x,y) the same way?
It is a stronger statement!

Formal Proof:
1. ⁝
i. ⁝
i+1. α(x,term)
i+2. "x α(x,term)
i+3. $y "x α(x,y)
Proved some how.
Add "
Add $
Goal: $y "x α(x,y)
Let term be a value for y that I carefully define.
Note term cannot depend on his x.
Let x be an arbitrary object.

Formal Proof:
1. ⁝
i. y=x+1 > x
i+1. $y, y > x
i+2. "x $y, y > x
Proved some how.
Add $y.
Add "x.
If true for x+1,
then true for some y.
If true for arbitrary x,
then true for all x.

Formal Proof:
1. ⁝
i.
i+1. $y, y+1 > x
i+2. "x $y, y+1 > x
Proved some how.
Add $y.
Add "x.
This conclusion is not unique.
Namely y=x.
If true for x,
then true for some y.
x+1 > x

Formal Proof:
1. ⁝
i.
i+1. "x x+1 > x
Proved some how.
Add "x.
x+1 > x
All of these conclusions
are equally true.
This conclusion is not unique.

No!
Just because all the girls love
does not mean all the boys do.
You know what boys can be like!
Suppose we know: "g Loves(g)
Conclude: "b Loves(b)
Ann
Fred
Marilyn
Monroe
John
Beth
Bob
Mary
Sam
Oops! I did you a disservice to
assume g is a girl and b a boy.
In formal logic, there is one Universe of objects U.
g and b are both from this same U.
Identical
Removing "/$ (Formal vs Informal Oracle Game)

"x α(x) states that α(x) is true for every value of x.
We don’t know which object term represents in our model.
But we do know is from the same set U as x.
Hence, whichever it is, α(term) is true.
Suppose we know: "x α(x)
Conclude: α(term)
In our informal game,
I assured you that "x α(x) is true.
Sam Assurance that α(Sam).
Fred Assurance that α(Fred).
term Assurance that α(term).

Conclude: α(term)
Formal Proof:
1. ⁝
i. ⁝
i+1. "x α(x)
i+2. α(term)
Proved some how.
Remove " for term

Conclude: α(term)
Formal Proof:
1. ⁝
i. ⁝
i+1. "x α(x)
i+2. α(Sam)
Proved some how.
Remove " for Sam

Conclude: α(term)
Formal Proof:
1. ⁝
i. ⁝
i+1. "x α(x)
i+2. α(x)
Proved some how.
Remove " for x
We left x to mean that it is a free variable
with an assumed "x.
"x [ ]

Conclude: "y α(f(y))
Proved some how.
Replace " with f(y).
Add "
Formal Proof:
1. ⁝
i. ⁝
i+1. "x α(x)
i+2. α(f(y))
i+3. "y α(f(y))
We don’t know which object f(y) represents in our model.
Hence, whichever it is, α(f(y)) is true.
"y [ ]

If α(y) is true for some object y,
then I can say,
“Let y$ denote the fixed object
for which α(y$) is true.”
Suppose we know: $y α(y)
Conclude: α(y$)
And assurance that α(y$).
I assured you that $y α(y) is true.
I give you y$.

If α(y) is true for some object y,
then I can say,
“Let y$ denote the fixed object
for which α(y$) is true.”
Suppose we know: $y α(y)
Conclude: α(y$)
Formal Proof:
1. ⁝
i. ⁝
i+1. $y α(y)
i+2. α(y$)
Proved some how.
Remove $
We introduced the notation y$
to indicate a fixed value.

Suppose we know: "x $y α(x,y)
Conclude: α(x,y$(x))
Sam Beth and assurance that α(Sam,Beth).
Fred
I assured you that "x $y α(x,y) is true.
Ann and assurance that α(Fred,Ann).
x y$(x) and assurance that α(x,y$(x))
Skolem Function

Formal Proof:
i. ⁝
i+1. "x $y α(x,y)
i+2. $y α(x,y)
i+3. α(x,y$(x))
Proved some how.
Remove "
Remove $.
"x [ ]
"x [ ]
$y$ [ ]
"α
The function y$ depends on the α specified by the model.
Ann
Fred
Marilyn
Monroe
John
Beth
Bob
Mary
Sam
α
For α, y$(Sam) = Beth.
Ann
Fred
Marilyn
Monroe
John
Beth
Bob
Mary
Sam
α
For α, y$(Sam) = Mary.

Formal Proof:
i. ⁝
i+1. "x $y α(x,y)
i+2. $y α(x,y)
i+3. α(x,y$(x))
Proved some how.
Remove "
Remove $.
"x [ ]
"x [ ]
$y$ [ ]
"α
Let’s try switching the order of the quantifiers.

Proved some how.
Remove "
Remove $.
"x [ ]
"x [ ]
$y$ [ ]
Formal Proof:
i. ⁝
i+1. $y "x α(x,y)
i+2. "x α(x,y$)
i+3. α(x,y$)
Proved some how.
Remove $
Remove ".
"x [ ]
"x [ ]
$y$ [ ]
"α
"α
The object y$ does not depends on the x.
Formal Proof:
i. ⁝
i+1. "x $y α(x,y)
i+2. $y α(x,y)
i+3. α(x,y$(x))
This is the whole point!

True iff Provable
Joke:
• Before students take Math1090, they can’t prove anything.
• After, they can prove everything,
whether or not it is true.
Now now, that is not funny.

True iff Provable
• Soundness: If α has a proof, then it is true.
• Completeness: If α is true, then it has a proof.
Your Task: Given a formula α do one of the following:
1. Prove it is true.
2. Prove that it is not.
Mathematicians have been wanting
to do this for thousands of years.
Euclid
(300 BC)
Differentiate
Formula α
True Provable

True iff Provable
• Soundness: If α has a proof, then it is true.
• Completeness: If α is true, then it has a proof.
Your Task: Given a formula α do one of the following:
1. Prove it is true.
2. Prove that it is not.
Sorry. Not so easy.
• Those in which “I love logic” and those in which I don’t.
• Euclid’s flat universe and Einstein’s curved one.
• The universe of integers and of reals.
• …
They all have different truths.
There are many universes.
Differentiate
Formula α
True Provable

True iff Provable
Differentiate
Formula α
True Provable
• Might be true or false
in any given universe.
• Tautology/Valid:
True in every universe.
• Formula α might appear
as a line in our proof.
• Or maybe α does.
• Maybe neither α nor α can.
• Soundness: If α has a proof,
then it is true in every universe.
If α is not true in some universe,
then it does not have a proof.
• Completeness:
From a failed proof, we construct a universe in which it is not true.
Contrapositive: αβ, if and only if βα.
If α is true in every universe, then it has a proof.

True iff Provable
Your Task: Given α do one of the following:
1. Find a sound proof of α.
This witnesses that it is true in every universe.
2. Find a universe in which α is not true.
This witnesses that α is not true in every universe
and can’t have sound proof.
Completeness: One of these is always possible.
• Completeness:

• Completeness:
True iff Provable
What about the axioms/assumptions being made?
in which our axioms are true.
using our axioms

True iff Provable
We have more or less proved Soundness already.
Proving Completeness, we will leave to Gödel.
Gödel
(1931)
I also proof a disappointing thing.
If we stick to a specific universe (eg the integers)
then no sound proof system is capable
of proving all true formulas.
Aaaaah!
• Completeness:
in which our axioms are true.
using our axioms

Humans are Mortal
Aristotle
(384–322 BC)
Examples of Proofs
∀x, Human(x)Mortal(x)
Human(Socrates) }  Mortal(Socrates)
Prove:
"U,Human,Mortal,Socrates,
Proof:
1. Deduction Goal: AB  C
2. AB
3. A
4. B
5. ∀x, Human(x)Mortal(x)
6. Human(Socrates)Mortal(Socrates)
7. Human(Socrates)
8. Mortal(Socrates)
9. AB  C
Assumption
Separating And
A
Remove ∀
B
Modus Ponens
Deduction Conclud

$y, "x, α(x,y)  "x, $y, α(x,y)
Ok this is true.
One girl
Ann
Fred
Marilin
Monro
John
Beth
Bob
Mary
Sam
If there is one y that works for every x,
then each x has a y,
namely the one that works for every x!
Order of Quantifiers
Or condensed to α(b,g$) α(b,g$(b))
This g$ is a function of b,
just a constant one.

$y, "x, α(x,y)  "x, $y, α(x,y)
Proof:
1. Deduction Goal: $y, "x, α(x,y)  "x, $y, α(x,y)
2. $y, "x, α(x,y)
3. "x, α(x,y$)
4. α(x,y$)
5. $y, α(x,y)
6. "x, $y, α(x,y)
7. $y, "x, α(x,y)  "x, $y, α(x,y)
Assumption
Remove $
Remove "
Add $
Add "
Deduction Conclude
Note that we don’t need a ′ because
the variable are bound to quantifiers.
Well that was embarrassingly easy.

Assume $y, "x, α(x,y). I can help you!
Let y$ be the y assumed to exist.
I assure you that "x, α(x,y$).
I need to prove "x, $y, α(x,y).
Let x be arbitrary.
Because "x, α(x,y$) is true for every x,
it is true for his x.
Hence, I assure you that α(x,y$).
I construct girl y to be y$.
I need to prove α(x,y$).
$y, "x, α(x,y)  "x, $y, α(x,y)
Excellent.

Proof:
1. Goal $y, "x, α(x,y)  "x, $y, α(x,y)
2. $y, "x, α(x,y)
3. "x, α(x,y$)
4. α(x,y$)
5. $y, α(x,y)
6. "x, $y, α(x,y)
7. $y, "x, α(x,y)  "x, $y, α(x,y)
My goal.
I can assure you.
Let y$ be the y assumed.
I assure you.
My goal.
Let x be arbitrary.
I assure you.
Bubble back up
Bubble back up
Excellent.
$y, "x, α(x,y)  "x, $y, α(x,y)

"x, $y, α(x,y)  $y, "x, α(x,y)
His special woman.
Ann
Fred
Marilin
Monro
John
Beth
Bob
Mary
Sam
The statement is false
so it would be unsound to prove it.
Just because there is a y for each x,
does not mean there is one y that works for every x.

"x, $y, α(x,y)  $y, "x, α(x,y)
Failed Proof:
1. Deduction Goal: "x, $y, α(x,y)  $y, "x, α(x,y)
2. "x, $y, α(x,y)
3. $y, α(x,y)
4. α(x,y$)
5. "x, α(x,y$)
6. $y, "x, α(x,y)
7. "x, $y, α(x,y)  $y, "x, α(x,y)
Assumption
Remove "
Remove $
Add "
Add $
We lost the information of
$y "x vs "x $y

"x, $y, α(x,y)  $y, "x, α(x,y)
Failed Proof:
1. Deduction Goal: "x, $y, α(x,y)  $y, "x, α(x,y)
2. "x, $y, α(x,y)
3. $y, α(x,y)
4. α(x,y$(x))
5. "x, α(x,y$(x))
6. $y, "x, α(x,y)
Assumption
Remove "
Remove $
Add "
Add $
Ok this is still true.
y$(x) is not really a fixed term.
It depends on x.
False
Adding $ cannot be done for term y$(x)
if x is quantified with in "x.

$y1"x1$y2"x2 α(x1,x2,y1,y2)  "x1"x2$y1$y2 α(x1,x2,y1,y2)
Or condensed to α(x1,x2,y1$,y2$(x1)) α(x1,x2,y1$(x1,x2),y2$(x1,x2))
These are “function” of x1 & x2,
just a constant ones.

Proof:
1. $y1"x1$y2"x2 α(x1,x2,y1,y2)
2. "x1$y2"x2 α(x1,x2,y1$,y2)
3. $y2"x2 α(x1,x2,y1$,y2)
4. "x2 α(x1,x2,y1$,y2$(x1))
5. α(x1,x2,y1$,y2$(x1))
6. $y1$y2 α(x1,x2,y1,y2)
7. "x1"x2$y1$y2 α(x1,x2,y1,y2)
Assumption
Remove $
Remove "
Remove $
Remove "
Adding $
Adding "
This is ok because there
does exists these y.
Excellent

Assume $y1"x1$y2"x2 α(x1,x2,y1,y2).
Knowing this, I can help you!
I need to prove "x1"x2$y1$y2 α(x1,x2,y1,y2) .
I give you arbitrary values for x1 and x2.
I need to produce a value for y1 and y2.
$y1"x1$y2"x2 α(x1,x2,y1,y2):
• Knowing $y1 ..., I give you the stated y1.
• "x1... is true for every x1, so is true for his.
• Knowing $y2 ..., I give you the stated y2.
• "x2... is true for every x2 so is true for his.
• Then I assure you α(x1,x2,y1,y2).
Excellent. I use
your y1 & y2
and know that
α(x1,x2,y1,y2)
is true.

Diagonal
1. $y, "x, α(x,y)  $y, α(y,y) α
x
y
T T T T
This means there is some row
that is all true.
There is a spot on the diagonal
that is true.
y$
Yes α(y$,y$).
y$

Formal Proof:
1. Goal $y, "x, α(x,y)  $y, α(y,y)
2. $y, "x, α(x,y)
3. "x, α(x,y$)
4. α(y$,y$)
5. $y, α(y,y)
6. $y, "x, α(x,y)  $y, α(y,y)
Assume for 
Remove $
Remove " with t=y$
Add $
Conclude
Diagonal
1. $y, "x, α(x,y)  $y, α(y,y)

Diagonal
2. "x, $y, α(x,y)  $y, α(y,y) α
x
y
Not Valid.
"U,α,
I only need to provide
one universe in which it is false.
ie. set of objects U,
relations α.

Diagonal
2. "x, $y, α(x,y)  $y, α(y,y) α
x
y
F
F
F
F
F
Not Valid.
T T T
T
T
Each x needs a y. There is a spot
on the diagonal
that is true.
This is a function
from x to y.
F
"U,α,

Formal Proof:
1. Goal "x, $y, α(x,y)  $y, α(y,y)
2. "x, $y, α(x,y)
3. $y, α(x,y)
4. α(x,y$(x))
5. $y, α(y,y)
Diagonal
2. "x, $y, α(x,y)  $y, α(y,y)
Assume for 
Remove "
Remove $
Add $

Diagonal
α
x
y
The diagonal is true
3. "y, α(y,y)  "x, $y, α(x,y)
T
T
T
T
Each x needs a y$.
x?
y?
Yes α(x?,y?).

Formal Proof:
1. Goal "y α(y,y)  "x $y α(x,y)
2. "y, α(y,y)
3. α(x,x)
4. $y α(x,y)
5. "x $y α(x,y)
6. "y α(y,y)  "x $y α(x,y)
Diagonal
3. "y, α(y,y)  "x, $y, α(x,y)
Assume for 
Remove " with t=x
Add $
Add "
Conclude
In contrast,
you cannot add "x to α(x$).
"x can be added to α(x)
because x is a free variable.

Proved some how.
Replace " with f(x).
Formal Proof:
1. ⁝
i. ⁝
i+1. "y α(y)
i+2. α(f(x))
Functions f.
Syntax states which strings of characters are in the proper format.
A formal proof should be done purely syntactically,
ie without meaning.
Here the substring “f(x)” is syntactically a term
because f is stated to return an object.
Hence "y can be replaced with it.

Proved some how.
Add "
Formal Proof:
1. ⁝
i. ⁝
i+1. "y α(y)
i+2. α(f(x))
i+3. "x α(x)
Functions f.
(Yes, lines i+2 and i+3 are the same.) Does line i+3 follow from i+2?
No!

Functions f.
Yes, this i+3 does follow from i+2,
because f must hit some object x.
Proved some how.
Add $
Formal Proof:
1. ⁝
i. ⁝
i+1. "y α(y)
i+2. α(f(x))
i+3. $x α(x)

Functions f.
This one is great because x is a free variable.
Proved some how.
Add "
Formal Proof:
1. ⁝
i. ⁝
i+1. "y α(y)
i+2. α(f(x))
i+3. "x α(f(x))

Formal Proof:
1. Deduction Goal LHSRHS
2. "y $x f(x)=y
3. $x f(x)=y
4. f(x$(y))=y
5. Goal LHSRHS
6. "x α(f(x))
7. α(f(x$(y)))
8. α(y)
9. "y α(y)
10. LHSRHS
11. LHSRHS
Assumed
Remove "
Remove $
Assumed
Remove " with x=f(x$(y))
If t1=t2 (4), then α(t1) iff α(t2)
Add "
Conclude
Conclude
Most Excellent!
Functions f.
[("x α(f(x)))  ("y α(y))]
Prove: ["y $x f(x)=y] 

Formal Proof:
1. Deduction Goal $y α(f(y))  $x α(x)
2. $y α(f(y))
3. α(f(y$))
4. $x α(x)
5. "y α(f(y))  $x α(x)
Functions f.
($x α(f(x)))  ($y α(y))
Prove:
Assume for 
Remove $
Add $ with term=f(y$)
Most Excellent!

Assume "x (α(x)β(x)).
Assume "x α(x)
Goal: Prove "x β(x)
true
α(0)
α(1)
α(2)
α(3)
α(4)
β(0)
β(1)
β(2)
β(3)
β(4)
Prove
"x (α(x)β(x))  ("x α(x)  "x β(x))
α(0)
α(1)
α(2)
α(3)
α(4)
β(0)
β(1)
β(2)
β(3)
β(4)










Distributive Law for " and 
"x (α(x)β(x))  ("x α(x)  "x β(x))
"U,α,β,

What about the reverse?
("x α(x)  "x β(x))  ("x (α(x)β(x)))
α(0) β(0)

Always? No.
Maybe its α(1) being true
that causes β(0) to be true.
"x (α(x)β(x)) ("x α(x)  "x β(x))

"U,α,β,
α(0)
α(1)
α(2)
α(3)
α(4)
β(0)
β(1)
β(2)
β(3)
β(4)


Proof:
1. Goal "x (α(x)β(x))  ("x α(x)  "x β(x))
2. "x (α(x)β(x))
3. α(x)β(x)
4. Goal "x α(x)  "x β(x)
5. "x α(x)
6. α(x)
7. β(x)
8. "x β(x)
9. "x α(x)  "x β(x)
10. "x (α(x)β(x))  ("x α(x)  "x β(x))
My goal.
1: I can assure you.
I give you value x.
1: Still true.
My goal.
My goal.
2: Still true.
3&6 modus ponens
I proved it.
"x (α(x)β(x))  ("x α(x)  "x β(x))

Proof:
1. Ded. Goal: "x (α(x)β(x))  ("x α(x)  "x β(x))
2. "x (α(x)β(x))
3. α(x)β(x)
4. Deduction Goal: "x α(x)  "x β(x)
5. "x α(x)
6. α(x)
7. β(x)
8. "x β(x)
9. "x α(x)  "x β(x)
10. "x (α(x)β(x))  ("x α(x)  "x β(x))
Assumption
Remove "
Assumption
Remove "
3&6 modus ponens
Add "
Deduction Conclusio
Deduction Conclusio
Does not need x´ because not x free in assumption.
"x (α(x)β(x))  ("x α(x)  "x β(x))

Failed Proof:
1. Goal ("x α(x)  "x β(x))  "x (α(x)β(x))
2. "x α(x)  "x β(x)
3. Goal α(x)β(x)
4. α(x )
5. "x α(x)
´
Sorry, I only assured you this for one value x.
"x (α(x)β(x)) ("x α(x)  "x β(x))

My goal.
I give you value x.
My goal.
Would be useful.

Failed Proof:
1. Deduc Goal: ("x α(x)  "x β(x))  "x (α(x)β(x))
2. "x α(x)  "x β(x)
3. Deduction Goal α(x)β(x)
4. α(x )
5. "x α(x)
6. "x β(x)
7. β(x)
8. α(x)β(x)
9. "x (α(x)β(x))
10. ("x α(x)  "x β(x))  "x (α(x)β(x))
Assumption
Assumption
Add "
2&5 modus ponens
Remove "
Deduction Conclude
Add "
Deduction Conclude
To prove α(x)β(x), you must assume α(x´)
´
Actually the statement is false
so it would be unsound to prove it.
To get add "x, you cant have a fixed x´.
"x (α(x)β(x)) ("x α(x)  "x β(x))


α(0)
α(1)
α(2)
α(3)
α(4)
β(0)
β(1)
β(2)
β(3)
β(4)
α(0)
α(1)
α(2)
α(3)
α(4)
β(0)
β(1)
β(2)
β(3)
β(4)
"x (α(x)  β(x)) ("x α(x))  ("x β(x))
"
iff
and
and
Distributive Law for " and 
"x (α(x)  β(x)) iff ("x α(x))  ("x β(x))
and
Both effectively “and”

Similarly:
Distributive Law for $ and 
$x (α(x)  β(x)) iff ($x α(x))  ($x β(x))
or
or
or
and
and
"x (α(x)  β(x)) iff ("x α(x))  ("x β(x))
and
Both effectively “or”

α(0)
α(1)
α(2)
α(3)
α(4)
β(0)
β(1)
β(2)
β(3)
β(4)
α(0)
α(1)
α(2)
α(3)
α(4)
β(0)
β(1)
β(2)
β(3)
β(4)
$x (α(x)  β(x)) ($x α(x))  ($x β(x))
$
iff
Similarly:
$x (α(x)  β(x)) iff ($x α(x))  ($x β(x))
or
or
or
and
and
"x (α(x)  β(x)) iff ("x α(x))  ("x β(x))
and

Proof:
1. Deduc Goal: "x (α(x)  β(x))  ("x α(x))  ("x β(x))
2. "x (α(x)  β(x))
3. α(x)  β(x)
4. α(x)
5. "x α(x)
6. β(x)
7. "x β(x)
8. ("x α(x))  ("x β(x))
9. "x (α(x)  β(x))  ("x α(x))  ("x β(x))
Assumption
Remove "
Lm: α∧β  α
Add "
Lm: α∧β  β (3)
Add "
Lm: α&β  α∧β (5&7)
Deduction Conclude
Proved in proposition slides from
valid about .
Also proved in proposition slides
from valid about .
and
and
"x (α(x)  β(x)) iff ("x α(x))  ("x β(x))
and

Proof:
1. Deduc Goal: "x (α(x)  β(x))  ("x α(x))  ("x β(x))
2. "x (α(x)  β(x))
3. α(x)  β(x)
4. α(x)
5. "x α(x)
6. β(x)
7. "x β(x)
8. ("x α(x))  ("x β(x))
9. "x (α(x)  β(x))  ("x α(x))  ("x β(x))
Conclude
Add "
Lm: α&β  α∧β (4&6)
Remove "
Lm: α∧β  β (8)
Remove "
Lm: α∧β  β (8)
Assume for 
Goal
Now to prove 
Check if turning the proof around works.


and
and
"x (α(x)  β(x)) iff ("x α(x))  ("x β(x))
and

and
and
"x (α(x)  β(x)) iff ("x α(x))  ("x β(x))
and
For this we will have two proofs:
• Proof by Cases
• Proof by Duality
$x (α(x)  β(x)) iff ($x α(x))  ($x β(x))
or
or
or
Similarly

Proof by Cases
We proved the needed lemma
in the proposition slides.
Lemma (proof by cases):
From α´β´, α´γ, and β´γ, prove γ.
1. Given: There are only two cases α´ & β´.
2. Case 1: Assume α´ and prove γ.
3. Case 2: Assume β´ and prove γ.
4. Conclude γ.
α´  β´
γ 
$x (α(x)  β(x)) iff ($x α(x))  ($x β(x))
or
or
or


Proof by Cases
α´  β´
γ 
$x (α(x)  β(x)) iff ($x α(x))  ($x β(x))
or
or
or

1. Deduction Goal: α´β´  γ
2. α´β´
3. Cases Goal: γ: $x (α(x)  β(x))
4. Case α´: $x α(x)
5. α(x$)
6. α(x$)  β(x$)
7. $x (α(x)  β(x))
8. Case β´: $x β(x)
9. γ
10. α´β´  γ
Assumption
Cases: 2
Assumption
Remove $
Lm: α  αβ
Add $
Similar
Case Conclusion
Deduction Conclusion

1. Deduction Goal: 
2. $x (α(x)  β(x))
3. α(x$)  β(x$)
4. Cases Goal: ($x α(x))  ($x β(x))
5. Case α(x$):
6. $x α(x)
7. ($x α(x))  ($x β(x))
8. Case β´: β(x$)
9. γ
10. 
Assumption
Remove $
Cases: 3
Assumption
Add $
Lm: α  αβ
Similar
Cases Conclusion
Deduction Concl
Proof by Cases
$x (α(x)  β(x)) iff ($x α(x))  ($x β(x))
or
or
or

α´  β´ γ


Proof by Duality
Mind – Body
Yin – Jang
Good - Evil
These are Duals of each other:
• Though different,
they can be the flip side of the same coin.
• They paired. The dual of the dual of A is A.
• Understanding one gives
a deeper understanding of the other.

Proof by Duality
He hath forsaken material
shall be Enlighted.

Proof by Duality
The person who is screaming the loudest that he is good
is the one who worries the most that he is not.

Proof by Duality
10 > 1
≡ “10 is big”
≡ “1 is small.”
I love you.
“You don’t love me
enough”
I love you more.

Proof by Duality
American Dream
≡ “If you are a good person, then you will be rich”.
≡ “If you are not rich, then you are not a good person”.

Proof by Duality
For every primal linear program,
we define its dual linear program.
Dual Linear Program
Ni
Cj

MT
j,i
subject to
maximize
Yi
Yi
Maximize NT Y
Subject to: MT Y  C
Yi  0
Mi,j Xj
Ni

subject to
Primal Linear Program
Minimize: CTX
Subject to: MX  N Xj
Cj
minimize
Xj  0
Everything is turned upside down.

Proof by Duality
• Max Location  Min Roof

Proof by Duality
• Max Location 
• Max Flow 
Min Roof
Min Cut

Proof by Duality
• Max Location 
• Max Flow 
• Buyer of nutrients 
in fruit
Min Roof
Min Cut
Seller of nutrients
in vitamins
A customer’s goal is to buy fruit
fulfilling her daily vitamin requirements
at lowest cost.
A salesman goal is to set a price on each vitamin
to be cheaper than fruit
while maximizing his profits.

Proof by Duality
These are duals of each other:
• αβ iff α  β Contrapositive
• α iff β iff α iff β Both directions
• "x α(x) iff $x α(x) A rule
• (αβ) iff α  β De Morgan
• α iff α Double negation

Proof by Duality
Lemma via Substitution:
• In any sentence,
you can replace one as a substring for the other.
eg "x (αβ)Q iff "x(αβ)Q
These are duals of each other:
• αβ iff α  β Contrapositive
• α iff β iff α iff β Both directions
• "x α(x) iff $x α(x) A rule
• (αβ) iff α  β De Morgan
• α iff α Double negation

"x (α(x)  β(x)) iff ("x α(x))  ("x β(x))
iff
"x (α(x)  β(x)) iff [("x α(x))  ("x β(x))]
iff
$x (α(x)  β(x)) iff ("x α(x))  ("x β(x))
$x (α(x)  β(x)) iff ($x α(x))  ($x β(x))
The Substitution Lemma makes this all possible
Proof by Duality
or
What we proved before:
What we want to prove:
Negate both sides
"x iff $x  (αβ) iff α  β

"x (α(x)  β(x)) iff ("x α(x))  ("x β(x))
iff
"x (α(x)  β(x)) iff [("x α(x))  ("x β(x))]
iff
$x (α(x)  β(x)) iff ("x α(x))  ("x β(x))
iff
$x (α(x)  β(x)) iff ($x α(x))  ($x β(x))
iff
$x (α´(x)  β´(x)) iff ($x α´(x))  ($x β´(x))
Proof by Duality
or
(αβ) iff α  β
Define α´ to be α and β´ be  β:
Is this what we want to prove?
"x iff $x 

"x (α(x)  β(x)) iff ("x α(x))  ("x β(x))
iff
$x (α´(x)  β´(x)) iff ($x α´(x))  ($x β´(x))
Proof by Duality
or
Is this what we want to prove?
$x (α(x)  β(x)) iff ($x α(x))  ($x β(x))
No. This is what we to prove:
Given one fixed model, these are different.
Given α, the above could be true.
Given α´, the below could be false.
Or visa versa.

"x (α(x)  β(x)) iff ("x α(x))  ("x β(x))
iff
$x (α´(x)  β´(x)) iff ($x α´(x))  ($x β´(x))
And this is what we want to prove!
But we proved this top line is valid.
Hence, it is true in every model, ie for every α and β.
]
" U,α ,β [
]
" U,α´,β´[
Define α´ to be α and β´ be  β:
If this is true for every α´ and β´,
then it is true for α and β.
$x (α(x)  β(x)) iff ($x α(x))  ($x β(x))

"x (α(x)  β(x)) iff ("x α(x))  ("x β(x))
iff
In conclusion these two sentences
are said to be the Duals of each other.
and one is valid iff the other is.
Proof by Duality
$x (α(x)  β(x)) iff ($x α(x))  ($x β(x))

Proof by Duality
Take any sentience α (containing , ", $,  & , but not ).
eg α ≡ "x (P(x)  Q(x))
Recall that the symbol α is not actually in our logic syntax,
but is in the meta language representing any logical formula.
In contrast P and Q are actual atomic predicate/relations.

Proof by Duality
eg α ≡ "x (P(x)  Q(x))
Do a global character search and replace of
" with $ and $ with "
 with  and  with 
This is called the dual α*.
α* ≡ $x (P(x)  Q(x))
Lemma 1: If αβ is valid (ie true in every model M),
then so is α*β* .
Lemma 2: If α iff β is valid (ie true in every model M),
then so is α* iff β*.
eg "x (P(x)  Q(x))
is valid and hence
$x (P(x)  Q(x))
is valid.
("x P(x))  ("x Q(x))
($x P(x))  ($x Q(x))
Dual
iff
iff

Proof by Duality
eg α ≡ "x (P(x)  Q(x))
α* ≡ $x (P(x)  Q(x))
eg "x P(x)
is valid and hence
$x P(x)
is valid.
P(x)
P(x)
Dual


eg P(x)
is not valid and hence
P(x)
is not valid.
"x P(x)
$x P(x)
Dual



Proof by Duality
eg α ≡ "x (P(x)  Q(x))
α* ≡ $x (P(x)  Q(x))
eg P
is not valid
P
is not valid.
Q
Q
Dual


αaaah!
These mean different things.
Ok it is true.
(in every model)

Proof by Duality
eg α ≡ "x (P(x)  Q(x))
α* ≡ $x (P(x)  Q(x))
Lemma 3: α(P,Q) is true in current model,
iff α*(P,Q) is too.
Proof:
βase case: If α(P) ≡ [P] is true in current model, then
α*(P) ≡ [P]
α*(P) ≡ [P] ≡ P
is also so true.

Proof by Duality
eg α ≡ "x (P(x)  Q(x))
α* ≡ $x (P(x)  Q(x))
iff α*(P,Q).
Proof:
" case: If α(P) ≡ ["x P(x)] is true in current model, then
α*(P) ≡ [$x P(x)]
[α*(P)] ≡ [$x P(x)] ≡ "x P(x)
is also true.

Proof by Duality
eg α ≡ "x (P(x)  Q(x))
α* ≡ $x (P(x)  Q(x))
Proof:
 case: If α(P,Q) ≡ [PQ] is true in current model, then
α*(P,Q) ≡ [PQ]
[α*(P,Q)]≡ [(PQ)] ≡ PQ
is also true.

Proof by Duality
Lemma 1: If αβ is valid (ie true in every model),
Proof:
If α(P,Q)β(P,Q) is valid,
then so is "U,P,Q [ α(P,Q)  β(P,Q) ]
then so is "U,P,Q [ α*(P,Q)  β*(P,Q) ]
then so is "U,P,Q [ α*(P,Q)  β*(P,Q) ]
then so is "U,P´,Q´[ α*( P´, Q´)  β*( P´, Q´) ]
then so is α*( P,Q)  β*( P,Q) True for every
P´ and Q´
so rename:
By Lemma 3.
By contra
positive.
True in
every model.
Define
P´ to be P
Q´ be Q.
Excellent!

Free Variable Fail
This will make you
SCREAM!

"x α(x)  α(x)
Free Variable Fail
Syntactically this is correct,
but I like putting in the implied
brackets to make it clearer.
Prove:

["x α(x)]  α(x)
Free Variable Fail
["x α(x)]  α(c)
Best not to write this as it is confusing.
The two x have different scoping.
One is free.
The other is not.
c
x
(equivalent)
Prove:

Free Variable Fail
["x α(x)]  α(x)
["x α(x)]  α(c)
x
(equivalent)
Prove:
["x α(x)]  α(c)
α(c)
"x α(x)
Build the Parse Tree.
The first x is bound, but the second is free.
I get to get to provide
the worse case value c for the free x,
worst case predicate α,
and the set of objects U.
I must prove that with the
adversary’s choices
this formula is true.
" M, …
"M
Traverse the tree.
"U,α,c,, …
"U,α,c,
c

Free Variable Fail
["x α(x)]  α(x)
["x α(x)]  α(c)
x
(equivalent)
Prove:
["x α(x)]  α(c)
α(c)
"x α(x) c
"U,α,c,, …
"U,α,c,
Assume "x α(x).
Knowing it, I can help you!
α(x) is true for all x, hence for c.
ie α(c) is true.
Excellent.
I did not enjoy that.
As the adversary, I give you the value of c.

131
α(x)  "x α(x)
Free Variable Fail
Prove:
α(x)  "x α(x)
α(x)
"x α(x)
α(x)
The second x is bound, but the first is free.
the worse case value c for the free x,
I must prove that with the
adversary’s choices
this formula is true.
α(c)  "x α(x)
same
c
" M, …
"M
Traverse the tree.
"U,α,c,, …
"U,α,c,

132
α(x)  "x α(x)
Free Variable Fail
Prove:
α(x)  "x α(x)
α(x)
"x α(x)
α(c)
α(c)  "x α(x)
same
I know α(c) is true, but not α(x).
Ooops. The statement is not valid.
I give you an arbitrary value x for x.
Assume α(c).
I need to prove "x α(x).
I need to prove α(x).
I must prove α(x)  "x α(x).
"U,α,c,, …
"U,α,c,

133
Free Variable Fail
α(0)  "x α(x)
Knowing α is true for 0,
does not assure you that it is true for every x.
When α(0)=T and α(1)=F,
α(0) is true and "x α(x) is false.
Hence, α(0)  "x α(x) is false.
Hence it is not true in every model.
Hence it is not valid.
α(x)  "x α(x)
Prove: ?

Free Variable Fail
Formal Proof:
1. ⁝
i. ⁝
i+1. α(x)
i+2. "x α(x)
Proved some how.
Add "
A Valid Proof
α(x)  ["x α(x)]
Not a Valid Sentence
"x
Valid step

Free Variable Fail
Formal Proof:
1. ⁝
i. ⁝
i+1. α(x)
i+2. "x α(x)
Proved some how.
Add "
A Valid Proof
Proof:
1. Deduction Goal: α(x)  "x α(x)
2. α(x)
3. "x α(x)
4. α(x)  "x α(x)
Assumption
Add "
Conclusion
α(x)  ["x α(x)]
Valid step

Free Variable Fail
Formal Proof:
1. ⁝
i. ⁝
i+1. α(x)
i+2. "x α(x)
Proved some how.
Add "
A Valid Proof
Proof:
2. α(x)
3. "x α(x)
4. α(x)  "x α(x)
Assumption
Add "
Conclusion
α(x)  ["x α(x)]
Faulty step "x [α(x)  ]
"x [α(x)  ]
Valid
Let’s first see where the intended meaning broke down.
And then see where we did not follow the formal rules correctly.
Valid step

Free Variable Fail
Formal Proof:
1. ⁝
i. ⁝
i+1. α(x)
i+2. "x α(x)
Proved some how.
Add "
A Valid Proof
Proof:
2. α(x )
3. "x α(x )
4. α(x)  "x α(x)
Assumption
Add "
Conclusion
Faulty step
You can’t use the “Add "” rule
when the variable appears in an assumption/hypothesis.
Valid step
I don’t like this rule
because the line with the
assumption might be far away.
I want my rules local.

Free Variable Fail
Formal Proof:
1. ⁝
i. ⁝
i+1. α(x)
i+2. "x α(x)
Proved some how.
Add "
A Valid Proof
Proof:
2. α(x )
3. "x α(x )
4. α(x)  "x α(x)
Assumption
Add "
Conclusion
Faulty step ′
Valid step
It is hard to do deduction
for ALL x at once.
Let's do them one at a time.
Within an assumption,
we say that free variables
become arbitrary but fixed.
We flag this with ′.
The "x can’t be added to x′.
And that solves the problem.

Free Variable Fail
Proof:
2. α(x )
3. β(x′)
4. α(x )  β(x )
Assumption
Proved some how
Conclusion
′
We now go back to the bigger proof.
The value x´ was chosen arbitrarily.
Hence, α(x´)β(x´) is true for each value x´.
We conclude "x [α(x)β(x)].
′ ′

Free Variable Fail
______ α(x´) Assumption
______ …
______ Deduction Goal is to prove (y)ς(y)
______ ______ (y´) Assumption
______ ______ …
______ ______ ς(y´)
______ (y)ς(y) Deduction Conclusion
______ …
______ β(x´)
•Blocks can be nested eg (()(()))

Free Variable Fail
Γ⊨β means β is true in every
model in which is Γ true.
i.e. Γβ.
Deduction Goal: Γ(x)β(x)
______ Γ(x ) Assumption
______ …
______ β(x )
Γ(x)β(x) Conclusion
Proof Goal: Γ(x)⊢β(x)
Γ(x ) Axiom
…
β(x )
Γ(x)⊢β(x) Conclusion
Γ⊢β means β can be proved from Γ
i.e. Γ ⇒⇒⇒ β.
´
´
´
´
"x can’t be added to x′.
Γ denotes the set of axioms (things assumed to be true).
Though it is a little strange to have
free variables in your axioms.

Free Variable Fail
α(x)  "x α(x)
The “clears up” this confusion.
Let’s do another.
$y α(y)  α(y)
Duals
Formal Proof:
1. ⁝
i. ⁝
i+1. $y α(y)
i+2. α(y)
i+2. α(y$)
Proved some how.
Remove $.
?
Not a Valid Proof
Free value given
by adversary

143
α(y)  $y α(y)
Free Variable Fail
Prove:
α(y)  $y α(y)
α(y)
$y α(y)
α(y)
The second y is bound, but the first is free.
the worse case value c for y,
α(c)  $y α(y)
same
c
Traverse the tree.
Prove:
" M, …
"M
"U,α,c,, …
"U,α,c,

144
α(y)  $y α(y)
α(y)
$y α(y)
α(y)
c
α(y)  $y α(y)
Free Variable Fail
Prove:
α(y)  $y α(y)
same
Assume α(c).
I need to prove $y α(y).
I must prove α(y)  $y α(y).
No problem, it is true.
My task is to give a value for y.
I will give y=c.
This proves α(y).
Which proves $y α(y).
Which proves α(y)  $y α(y).
I need to prove α(c).
I did not enjoy that.
"U,α,c,, …
"U,α,c,
Hence
valid.

145
Free Variable Fail
Prove:
$y α(y)  α(y)
α(y)
$y α(y)
The first y is bound, but the second is free.
the worse case value c for y,
$y α(y)  α(c)
same
c
$y α(y)  α(y)
Traverse the tree.
" M, …
"M
"U,α,c,, …
"U,α,c,

146
Free Variable Fail
Prove:
$y α(y)  α(y)
α(c)
$y α(y)
$y α(y)  α(c)
same
$y α(y)  α(y)
I must prove $y α(y)  α(y).
I know α(y) is true for some y.
I will denote it with y.
Ooops. The statement is not valid.
I need to prove α(c).
Assume $y α(y) is true.
I know α(y) is but not α(c).
I can’t prove α(c).
"U,α,c,, …
"U,α,c,

147
$y α(y)  α(y)
Prove:
Free Variable Fail
$y α(y)  α(0)
Knowing α is true for some x,
does not assure you that it is true for 0.
When α(0)=F and α(1)=T,
$y α(y) is true and α(0) is false.
Hence, $y α(y)  α(0) is false.
Hence it is not true in every model.
Hence it is not valid.
"U,α,c,, …
"U,α,c,

The proof:
• Let x be an arbitrary integer.
• Let y = x+1
• Note y=x+1 > x
• Conclude "x, $y, y>x
Proving x+1>x
Informally, we proved
"x, $y, y>x
by playing the following game.

• Note
So far we have took this part for granted.
But it is actually the hard part.
We will at least talk about it now.
x+1 > x
NO! STOP!
This is way too hard to prove.
It opens Pandora's box
• Models
• Gödel's Completeness Theorem
• Gödel's Incompleteness Theorem
Proving x+1>x
Is it even true?!?

• Note x+1 > x
NO! STOP!
This is way too hard to prove.
It opens Pandora's box
• Models
• Gödel's Completeness Theorem
• Gödel's Incompleteness Theorem
Proving x+1>x
I hope to give you an appreciation
for the big picture
It’s really cool.
Don’t panic about details
that are too much for you.

Proving x+1>x
x+1 > x
Pause for quick test:
T / F: sin 90 = 1
T / F:
𝜕sin 𝜃
𝛿𝜃
= cos 𝜃
T / F: sin 90 +
𝜕sin 𝜃
𝛿𝜃
= 1 + cos 𝜃
Assumes
circle divided into 360 degrees
circle divided into 2π radians
You can’t have live in
both universes simultaneously.
Is it even true?!?

Proving x+1>x
x+1 > x
Is it even true?!?
Well, clearly its negation
x+1 ≤ x
is false.
So it must be true!
No dude!
“True” means ???
Only when all the values have
been plugged in, can we say
that it evaluates to true/false.
A sentence is valid iff
it is true in every possible
model/interpretation.
Is it even valid?!?
Well, clearly it is true for
every possible value of x.
5+1 > 5 & -5+1 > -5
Can you find an interpretation
for which it is false?
One such a counter
example is enough to prove
that it is not valid!

Proving x+1>x
"x
"M x+1 > x
Remember what is implied.
The model M defines:
• The universe U of objects x is drawn from.
• The definition of +.
• The definition of >.
• The definition of 1.
+1 >
U
Is it even valid?!?
Proving "M Φ is true can be hard.
But proving it false is much easier.
You prove $M Φ by
giving one counter example.
You could define
• U = {0,1,2,… }
"x, x+1>x ?
∞+1>∞
Oops. No.
,∞
Valid

Proving x+1>x
"x
"M x+1 > x
+1 >
U
Is it even valid?!?
You could define
• U = {0,1,2,3,4}
• + ≡ addition mod 5
• 4+1=0 > 4.
Oops. No.

Proving x+1>x
"x
"M x+1 > x
+1 >
U
Is it even valid?!?
You could define
• U = {Devil, God, you}
• + ≡ marriage
• > ≡ “is better”
• 1 = Devil
x+1>x ≡ “You married to Devil is better than you alone.”

Proving x+1>x
x+1 > x
+1 >
x
-1 <
x
True
"xU
True
Is it even valid?!?
We can say “true”
instead of “valid”
because everything is
interpreted.
Standard + >
Valid

Proving x+1>x
x+1 > x
+1 >
x
-1 <
x
True
"xU
True
True
False False
False
When x=0,
x-1 has
questionable meaning.
Is it even valid?!?
Standard + >

Proving x+1>x
x+1 > x
+1 >
x
-1 <
x
True
"xU
True
True
False False
False
So how do we
prove anything?
Is it even valid?!?
Standard + >
The point of formal proofs is
• to prove theorems
• with as few assumptions as possible
about the nature of the objects
we are talking about
• so that we can find a wide range
of strange new objects
• for which the same theorems are true.

Proving x+1>x
x+1 > x
+1 >
Formal Proof
1. ⁝
i. We simply know this
about the integers.
So how do we
prove anything?
Method 1
(over U=Integers):
Is it even valid?!?

x+1 > x
+1 >
So how do we
prove anything?
Method 2
Formal Proof
1. ⁝
i.
Proving x+1>x
(Assuming axioms Γ):
We want prove sentence α ≡ "x, $y, y>x is true
in the model/universe Mint ≡ integers (+,).
We make up a large set of sentences to be axioms in Γ
which we “know” are true within Mint.
We prove α is true in EVERY model within which Γ is true.
Hence α is true in Mint ≡ integers (+,).
Aaaaah! So confusing!
Is it even valid?!?
Euclid (300 BC)

x+1 > x
+1 >
So how do we
prove anything?
Method 2
Axioms:
• Logical Axioms: These tend to be propositional tautologies like:
Formal Proof
1. ⁝
i.
Proving x+1>x
Is it even valid?!?

x+1 > x
+1 >
So how do we
prove anything?
Method 2
Axioms:
• Logical Axioms: These tend to be propositional tautologies like:
• Non-Logical Axioms Γ: (e.g., to do number theory)
• These are not true in every model/universe M.
• But we only want to consider models M for which they are.
Formal Proof
1. ⁝
i.
Proving x+1>x
Is it even valid?!?

x+1 > x
+1 >
So how do we
prove anything?
Method 2
True/Valid/Tautology:
• Γ⊧α: α is Logical Consequence of Γ
For every setting of variables that makes Γ true, α is also true.
Proofs:
• Γ⊢α: α is Theorem or Syntactic Consequence of Γ
ie: From formulas in Axiomsfixed  Γ, α can be proved.
and all universes M
Formal Proof
1. ⁝
i.
Proving x+1>x
Is it even valid?!?
Sound
Complete

Proving x+1>x
x+1 > x
+1 >
Formal Proof
1. ⁝
i.
So how do we
prove anything?
Method 2
0 …
Warning: There are non-standard models Mnonstand that satisfy Γ.
Ok: Our theorems α will be true for them too.
Axioms Γ: Lets building the objects: U={0,1,2,3,…}
• State that the constant 0 exists.
• Define the function s(i) that returns the successor i+1.
Is it even valid?!?

Proving x+1>x
x+1 > x
+1 >
Formal Proof
1. ⁝
i.
So how do we
prove anything?
Method 2
• Two operations: + and ×
• + Identity: $0 "a a+0 = a
• × Identity: $1 "a a×1 = a
Axioms Γ:
Is it even valid?!?

Proving x+1>x
x+1 > x
+1 >
Formal Proof
1. ⁝
i.
"a,b,c
• Associative: a+(b+c) = (a+b)+c & a×(b×c) = (a×b)×c
• Commutative: a+b = b+a & a×b = b×a
• Distributive: a×(b+c) = (a×b) + (a×c)
• + Inverse: "a $b a+b=0, i.e. b=-a
Axioms Γ:
So how do we
prove anything?
Method 2
Is it even valid?!?
We first define
U={0,1,2,3,…}.
This will ensure we
have negatives and
fractions.

Proving x+1>x
x+1 > x
+1 >
Formal Proof
1. ⁝
i.
"a,b,c
• Define >:
Axioms Γ:
So how do we
prove anything?
Method 2
Is it even valid?!?
a+1>a
a>b  a+1>b
Then we must prove
things we want from Γ.
In this case, trivial.

Proving x+1>x
x+1 > x
+1 >
Formal Proof
1. ⁝
i.
Proved somehow
Add $y.
Add "x.
i+1. $y, y > x
i+2. "x $y, y > x
Proving x+1>x
Axioms Γ: "a,b,c
• Define >: a+1>a
a>b  a+1>b

Proving x+1>x
x+1 > x
+1 >
Formal Proof
1. ⁝
i.
Proved somehow
Add $y.
Add "x.
i+1. $y, y > x
i+2. "x $y, y > x
Proving x+1>x
Axioms Γ: "a,b,c
• Define >: a+1>a
a>b  a+1>b
If we prove sentence α ≡ "x, $y, y>x from Γ,
then α is true within every M
within which Γ is true.
Mint ≡ integers (+,) is a model
Hence sentence α is true within
Mint ≡ integers (+,).

Proving x+1>x
x+1 > x
+1 >
Formal Proof
1. ⁝
i.
Proved somehow
Add $y.
Add "x.
i+1. $y, y > x
i+2. "x $y, y > x
Proving x+1>x
If we prove sentence α ≡ "x, $y, y>x from Γ,
then α is true within every M
Mint ≡ integers (+,) is a model
Hence sentence α is true within
Mint ≡ integers (+,).
In this way, can we prove
every sentence α that is true
about the integers (+,)?

If sentence α is true in
every model M
within which Γ is true,
then there is a proof of
α in our proof system.
Gödel’s
Completeness Theorem
1929
Mathematicians have been trying to do this since the Greeks.
No sound proof system Γ is capable of proving
all true formulas Φ about the integers.
Gödel’s
Incompleteness Theorem
1931
Proving x+1>x
In this way, can we prove
every sentence α that is true
about the integers (+,)?
See 1090-6-complexity.pptx

The rest are more
details which we
will likely skip.

Sound and Complete
Syntax Model/Interpretation/Universe
Which  are
well defined.
A Proof System
Which  are true/valid.
Which  are
proved.
Values of all symbols.
⊧ ⊢
Aaaaah! I always get ⊧ and ⊢ mixed up.
Me too.

Sound and Complete
Which  are
well defined.
A Proof System
Which  are
proved.
⊧ ⊢
How
about
π
for
Pi
for
Proof?
And
T
for
truth?
Except
that
it
is
backwards
and
sideways.

Sound and Complete
Which  are
well defined.
A Proof System
Which  are
proved.
A proof system is
• Sound iff
 has a proof starting with Γ   is valid when Γ is valid
Γ⊢  Γ⊨ 
• Proof Requires:
Rule “If i-2 and i-1 are lines in your proof, then you can add line i”
requires “If i-2 and i-1 are valid, then so is i ”
ie i-2  i-1 ⇒ i requires i-2  i-1  i
I.e.  is true in every model in which is Γ true.
• ⊢ Proves
• ⇒ One line of proof can be concluded from and earlier one.
• ⊨ Is Valid

Sound and Complete
QC( )
QC( ) QC( ) QC( )
QC( ) QC( ) QC( )
QC( ) QC( ) QC( )
Which  are
well defined.
A Proof System
Which  are
proved.
A proof system is
• Sound iff
 has a proof starting with Γ   is valid when Γ is valid
Γ⊢  Γ⊨ 
• Complete iff
 is valid when Γ is valid   has a proof starting with Γ
Γ⊨   Γ⊢
• Proof Requires:
Rule “If i-2 and i-1 are lines in your proof, then you can add line i”
requires “If i-2 and i-1 are valid, then so is i ”
ie i-2  i-1 ⇒ i requires i-2  i-1  i
Proof: (Hard Proof)
QC( )
Careful. When  is a line of our proof
we interpret it’s meaning as QC().

It is call the Universal Closure.
Proof systems generally assume:
"x on the entire formula.
Adding Meaning
Toniann Pitassi
We will extend this can call it
Quantifier Closure QC().
In order to make the proof a “Hilbert” proof,
we need each line standing alone to state something valid.

Adding Meaning
The “mean” of a line of our proof is
what we define as its Quantifier Closure.
Line  in proof Implied Meaning QC()
"M $𝑦$"𝑥 "x´ [α(x´)].

α(x,y$(x)) "α $y$ "x α(x,y$(x))
______ β(x´) "α,β "x´[α(x´)β(x´)]
As your adversary
I give you hard
"objects.
I prove QC() is true
by constructing the $objects
and proving the final statement.

Adding Meaning
"M $𝑦$"𝑥 "x´ [α(x´)].

α(x,y$(x))
______ β(x´)
Here M is the model specifying:
• the universe U of objects,
• the functions f and relations R. Even +&.
It is certainly not mentioned in Predicate syntax.
Often we don’t mention it.

Adding Meaning
"M $𝑦$"𝑥 "x´ [α(x´)].

Here y$(x) is called a Skolem function.
It is a “fixed” value/function.
Because of the game, it can depend on
• on the model M.
α(x,y$(x))
______ β(x´)

Adding Meaning
"M $𝑦$"𝑥 "x´ [α(x´)].

It is a “fixed” value/function.
When it is a function it can depend on
• the value of the free variables x.
α(x,y$(x))
______ β(x´)

Adding Meaning
"M $𝑦$"𝑥 "x´ [α(x´)].

Being a function, it is really second order logic.
α(x,y$(x))
______ β(x´)

Adding Meaning
"M $𝑦$"𝑥 "x´ [α(x´)].

Here 𝑥 specifies the vector of all free variables x.
If these have not been specified by a user,
then for  to be valid,
 must be true for every setting of values of 𝑥.
α(x,y$(x))
______ β(x´)

Adding Meaning
"M $𝑦$"𝑥 "x´ [α(x´)].

Deduction Goal: α(x) β(x)
______ α(x´) assumption
______ …
______ (x´)
______ …
α(x´)
α(x´)
x´ is a
fixed but
arbitrary
value.
α(x,y$(x))
______ β(x´)

Adding Meaning
"M $𝑦$"𝑥 "x´ [α(x´)].

α(x,y$(x))
______ β(x´)

These are a few examples
arising from
propositional tautologies
Think of and prove your own.

• Four Types of Lemmas/Theorems:
Lemmas Sub in true/false Sub in object
Receiving sub is
valid
If (P,Q)
then (α,β)
If α(x,y),
then α(t1,t2)
Being subbed are
equivalent
If α iff β
then (α) iff (β)
If t1=t2
then α(t1) iff α(t2)
and f(t1) = f(t2)
• Modus Ponens: α & αβ  β
• Equality:
• t1=t2: means that the two terms evaluate to
the same object from the universe
• Axioms: x=x, x=y iff y=x, and (x=yy=z)x=z

• Using Propositional Tautologies ["P (P)]:
• Define:
• Let (P) be any formula
with true/false variables P.
eg (P) ≡ “P∨¬P”
• Let α be any Predicate formulas.
• Lemma:
• If (P) is a proven tautology
i.e. true for every true/false setting of P
• then (α) can be concluded
i.e. “α∨¬α”

• Using Formulas Equivalence [α iff β]
• Define:
• Let (P) be any propositional formula
with true/false variables P.
eg (P) ≡ PQ
• Or let (P) be any Predicate logic formula
with P representing a subformula
eg (P) ≡ "x, PQ
• Let α&β be any Predicate formulas.
eg α ≡ γ & β ≡  γ
• Lemma:
• If α iff β is a proven tautology
i.e. γ iff  γ
• then (α) iff (β) can be concluded
i.e. "x, γQ iff "x,  γQ

• Using Predicate Tautologies ["x α(x)]
• Define:
• Let α(x) be any Predicate formulas.
eg α ≡ $z z=father(x)
• Let t be any terms
eg t ≡ Jeff
• Lemma:
• If α(x) is a proven tautology
i.e. true for every object setting of x
• then α(t) can be concluded
i.e. $z z=father(Jeff)

• Using Object Equivalence [t1=t2]
• Define:
• Let α(x) be any Predicate formulas.
eg α ≡ $z z=son(x)
• Let t1&t2 be any terms
eg t1 ≡ Jeff & t2 ≡ Prof
• Lemma:
• If t1=t2 is a proven to be an object equivalence
i.e. Jeff=Prof
• then α(t1) iff α(t2) can be concluded
i.e. $z z=son(Jeff) iff $z z=son(Prof)

• Using Object Equivalence [t1=t2]
• Define:
• Let f(x) be any Predicate function.
eg f(x) ≡ son(x)
• Let t1&t2 be any terms
eg t1 ≡ Jeff & t2 ≡ Prof
• Lemma:
• If t1=t2 is a proven to be an object equivalence
i.e. Jeff=Prof
• then f(t1) = f(t2) can be concluded
i.e. son(Jeff) = son(Prof)

Propositional Tautology
Add "
Type check:
• In x  x, x is a true/false boolean
• In "x, x is an object
Proof:
1. x  x
2. "x, x  x
or
Propositional logic is a subset of Predicate logic.
Lets just make EVERY propositional tautology an axiom!
Then we can use it in the proof.

Proof:
1. [$a f(a)>0]  [$a f(a)>0]
P  P
P ≡ $a f(a)>0
But we also need to work in objects, functions, …
or
Here P takes on true/false.
The same as a Predicate formula like $a f(a)>0.
Substitute the formula in.
We don’t know whether $a f(a)>0 is true or not!
But because the tautologies are true for every setting,
the result is always true.
or

Proof:
1. α(x)  α(x)
2. "x, α(x)  α(x) Add "
Recall, that α(x) is not in the Predicate logic grammar.
It is in the “meta” language to mean any formula.
The (x) indicates that it might have a free variable x.
The result is always true for every object x.
Hence, x can be considered to have an arbitrary value.
P  P
P ≡ α(x)
or

I feel that our proof system is sound
(ie only proves things that are valid)
Because we added semantic
meaning to each line in the proof
And we only allow a line to be added if
it’s meaning follows from that of the
previous lines.
I feel that our proof system is complete
(ie proves everything valid)
Because it can prove these axioms.
And hence by Gödel proves everything.

Recall that the meaning of each line  of the proof is its
Quantifier Closure: Φ ≡ QC() ≡ "M $𝑦$"𝑥 "x´ [α(x´)].
Soundness of Proof System Requires:
•  is a line of my proof   is valid
Oops
This will not true for our
proof system.

Soundness of Proof System Requires:
•  is a line of my proof 
• “From line , include line ´”  QC()QC(´)
•   ´  Φ  Φ´
QC() is valid
That’s our definition of  and of of Φ.
Induction as before.
Because of needing QC,
we say “include ´”
instead of “conclude ´”
or “´ follows from ”

• "x α(x) states that α(x) is true for every value of x.
• We don’t know which object term represents in our model.
• But whichever, α(term) is true.
• Eg term≡x is also fine because QC(α(x)) ≡ "x α(x).
• α(x)  "x α(x) is not true, but QC(α(x)) ≡ "x α(x)  "x α(x) is.
• $y α(x,y)  α(x,y$(x)) is not true,
• but QC($y α(x,y)) ≡ "x $y α(x,y)  $y$"x α(x,y$(x)) ≡ QC(α(x,y$(x)))
• Note y$ depends on x.
• If α(t) is true for some term t, then there exists a y for which it is true.
• QC(α(x,term(x)))) ≡ "x α(x,term(x))  "x $y α(x,y) ≡ QC($y α(x,y)))
• Cannot be done if term depends on x bounded with "x, because
QC("x α(x,term(x))) ≡ "x α(x,term(x)) ⇸ $y "x α(x,y) ≡ QC($y "x α(x,y))

Require: From line , include line ´  QC()  QC(´)
"x α(x)
QC("x α(x))
≡ "x α(x)
α(term(x))
QC(α(term(x)))
≡ "x α(term(x))

Left hand side:
From line
Right hand side:
Include line
Ideally, students will be able to look at such
statement and know whether or not they are true.

"x α(x)
QC("x α(x))
≡ "x α(x)
α(term(x))
QC(α(term(x)))
≡ "x α(term(x))

Left hand side:
From line
Right hand side:
Include line
You cant prove it using the formal proof system
that you are currently proving sound.

"x α(x)
QC("x α(x))
≡ "x α(x)
α(term(x))
QC(α(term(x)))
≡ "x α(term(x))

Left hand side:
From line
Right hand side:
Include line
I prefer the informal game anyway.
I think it gives the students more intuition.

"x α(x)
QC("x α(x))
≡ "x α(x)
α(term(x))
QC(α(term(x)))
≡ "x α(term(x))

Left hand side:
From line
Right hand side:
Include line
In the game, I provide a value for x.
I assure you of
α(y) I give the oracle y=term(x)

"x α(x)
QC("x α(x))
≡ "x α(x)
α(term(x))
QC(α(term(x)))
≡ "x α(term(x))

Left hand side:
From line
Right hand side:
Include line
I assure you of
α(y) Hence α(term(x)).

___"x β(x,z´)
QC(___"x β(x,z´))
≡ "z´ [α(z´) "x β(x,z´)]
___β(x,z´)
QC(___β(x,z´))
≡ "x "z´ [α(z´)β(x,z´)]

Left hand side:
From line
Right hand side:
Include line
In the game, I provide values for x & z´
and assure you of α(z´).
Deduction Goal: α(z)??
__________ …
______ "x β(x,z´)
______ β(x,z´)
α(z´)
α(z´)
I assure you of
"x β(x,z´).

___"x β(x,z´)
QC(___"x β(x,z´))
≡ "z´ [α(z´) "x β(x,z´)]
___β(x,z´)
QC(___β(x,z´))
≡ "x "z´ [α(z´)β(x,z´)]

Left hand side:
From line
Right hand side:
Include line
Deduction Goal: α(z)??
__________ …
______ "x β(x,z´)
______ β(x,z´)
α(z´)
α(z´)
I assure you of
"x β(x,z´).
I conclude β(x,z´).

• This is trickier because α(x)  "x α(x) is not true.
α(x)
QC(α(x))
≡ "x α(x)
"x α(x)
QC("x α(x))
≡ "x α(x)

Left hand side:
From line
Right hand side:
Include line
Not much to say

α(x$)
QC(α(x$))
≡ $x$ α(x$)
"x α(x)
QC("x α(x))
≡ "x α(x)

Left hand side:
From line
Right hand side:
Include line
In the game, I provide a value for x.
Sorry, I only
know about x$. Say oracle tell me about x.

___β(x´)
QC(___β(x´))
≡ "x´ [α(x´)β(x´)]
___"x β(x)
QC(___"x β(x))
≡ "x´ [α(x´) ["x β(x)]]

Left hand side:
From line
Right hand side:
Include line
In the game, I provide a values for x´
and assure you of α(x´).
I assure you
of β(x´).

___β(x´)
QC(___β(x´))
≡ "x´ [α(x´)β(x´)]
___"x β(x)
QC(___"x β(x))
≡ "x´ [α(x´) ["x β(x)]]

Left hand side:
From line
Right hand side:
Include line
I assure you of
β(x´).
Oops. That does not tell me
"x β(x)

___β(x´)
QC(___β(x´))
≡ "x´ [α(x´)β(x´)]
___"x β(x)
QC(___"x β(x))
≡ "x´ [α(x´) ["x β(x)]]

Left hand side:
From line
Right hand side:
Include line
A model in which it is not true is as follows.
α(0)=β(0)=F and α(1)=β(1)=T.
Hence α(x´)β(x´), but (α(0)β(1))

• Let’s first do a simpler case: $y α(y) to α(y$).
• $y α(y)  α(y$) is not true.
$y α(y)
QC($y α(y))
≡ $y α(y)
α(y$)
QC(α(y$))
≡ $y$ α(y$)

Right hand side:
Include line
Left hand side:
From line
Not much to say

• $y α(x,y)  α(x,y$(x)) is also not true,
$y α(x,y)
QC($y α(x,y))
≡ "x $y α(x,y)
α(x,y$(x))
QC(α(x,y$(x)))
≡ $y$"x α(x,y$(x))
Right hand side:
Include line
Left hand side:
From line

I need to construct a function y$
from each x value some y value.
Let’s do it as needed.

$y α(x,y)
QC($y α(x,y))
≡ "x $y α(x,y)
α(x,y$(x))
QC(α(x,y$(x)))
≡ $y$"x α(x,y$(x))
Right hand side:
Include line
Left hand side:
From line

I give you an arbitrary
value of x.
I give you a y
corresponding
to this x.

$y α(x,y)
QC($y α(x,y))
≡ "x $y α(x,y)
α(x,y$(x))
QC(α(x,y$(x)))
≡ $y$"x α(x,y$(x))
Right hand side:
Include line
Left hand side:
From line

For the adversary’s x,
I define y$(x) is the y value
provided by the oracle.
I give you a y
corresponding
to this x.

$y α(x,y)
QC($y α(x,y))
≡ "x $y α(x,y)
α(x,y$(x))
QC(α(x,y$(x)))
≡ $y$"x α(x,y$(x))
Right hand side:
Include line
Left hand side:
From line

I assure you
of α(x,y).
For the adversary’s x,
I define y$(x) is the y value
provided by the oracle. Done

• α(term)  $y α(y) is true.
• If α(t) is true for some term t,
• then there exists a y for which it is true.
α(term)
QC(α(term))
≡ α(term)
$y α(y)
QC($y α(y))
≡ $y α(y)
Right hand side:
Include line
Left hand side:
From line

I set y to this value
to get α(y).
I give you the object
term for which is α true.

• It is fine if both α and term depend on a free variable x.
α(x,term(x))
QC(α(x,term(x)))
≡ "x α(x,term(x))
$y α(x,y)
QC($y α(x,y))
≡ "x $y α(x,y)
Right hand side:
Include line
Left hand side:
From line

I give you an arbitrary
value of x.
I give you
y=term(x), such
that α(x,y).

α(x,term(x))
QC(α(x,term(x)))
$y α(x,y)
QC($y α(x,y))
≡ "x $y α(x,y)
Right hand side:
Include line
Left hand side:
From line

I give you
y=term(x), such
that α(x,y).
I set y to this value
to get α(x,y).

• But not if this x is quantified with in "x.
"x α(x,term(x))
QC("x α(x,term(x)))
$y "x α(x,y)
QC($y "x α(x,y))
≡ $y "x α(x,y)
Right hand side:
Include line
Left hand side:
From line

I set y to some value
before I know x.
I give you x.
α(x,y) is true for y=term(x),
but not for your value of y. Oops

1090 3-proofs

Recommended

Recommended

More Related Content

Similar to 1090 3-proofs

Similar to 1090 3-proofs (20)

Recently uploaded

Recently uploaded (20)

1090 3-proofs