Proof of Nuprl Lemma : consensus-safety1

Step * of Lemma consensus-safety1

∀V:Type
  ((∀v1,v2:V.  Dec(v1 = v2 ∈ V))
  ⇒ {∃v,v':V. (¬(v = v' ∈ V))}
  ⇒ (∀L:V List. Dec(∃v:V. (¬(v ∈ L))))
  ⇒ (∀A:Id List. ∀W:{a:Id| (a ∈ A)}  List List.
        ((||W|| ≥ 1 )
        ⇒ two-intersection(A;W)
        ⇒ (∃f:ConsensusState ⟶ consensus-state1(V)
             ((∀v:V. ∀s:ts-reachable(consensus-ts4(V;A;W)).
                 ((f s) = Decided[v] ∈ consensus-state1(V) ⇐⇒ ∃i:ℕ. in state s, inning i has committed v))
             ∧ ts-refinement(consensus-ts1(V);consensus-ts4(V;A;W);f))))))
BY
{ (InstLemma `consensus-refinement3` []
   THEN RepeatFor 8 ((ParallelLast' THENA Auto))
   THEN (InstLemma `consensus-ts4-ref-map` [⌜V⌝;⌜A⌝;⌜W⌝]⋅ THENA Auto)
   THEN D -1
   THEN (InstLemma `consensus-refinement2` [⌜V⌝]⋅ THENA Auto)
   THEN (InstLemma `consensus-refinement1` [⌜V⌝]⋅ THENA Auto)) }

1
1. V : Type@i'
2. ∀v1,v2:V.  Dec(v1 = v2 ∈ V)@i
3. {∃v,v':V. (¬(v = v' ∈ V))}@i
4. ∀L:V List. Dec(∃v:V. (¬(v ∈ L)))@i
5. A : Id List@i
6. W : {a:Id| (a ∈ A)}  List List@i
7. ||W|| ≥ 1 @i
8. two-intersection(A;W)@i
9. ∀f:ConsensusState ⟶ (consensus-state3(V) List)
     (cs-ref-map-constraints(V;A;W;f) ⇒ ts-refinement(consensus-ts3(V);consensus-ts4(V;A;W);f))
10. f : ConsensusState ⟶ (consensus-state3(V) List)
11. cs-ref-map-constraints(V;A;W;f)
12. ts-refinement(consensus-ts2(V);consensus-ts3(V);λL.cs-ref-map3(L))
13. ts-refinement(consensus-ts1(V);consensus-ts2(V);λx.if cs-is-decided(x) then x else UNDECIDED fi )
⊢ ∃f:ConsensusState ⟶ consensus-state1(V)
   ((∀v:V. ∀s:ts-reachable(consensus-ts4(V;A;W)).
       ((f s) = Decided[v] ∈ consensus-state1(V) ⇐⇒ ∃i:ℕ. in state s, inning i has committed v))
   ∧ ts-refinement(consensus-ts1(V);consensus-ts4(V;A;W);f))

Latex:

Latex:
\mforall{}V:Type ((\mforall{}v1,v2:V. Dec(v1 = v2)) {}\mRightarrow{} \{\mexists{}v,v':V. (\mneg{}(v = v'))\} {}\mRightarrow{} (\mforall{}L:V List. Dec(\mexists{}v:V. (\mneg{}(v \mmember{} L)))) {}\mRightarrow{} (\mforall{}A:Id List. \mforall{}W:\{a:Id| (a \mmember{} A)\} List List. ((||W|| \mgeq{} 1 ) {}\mRightarrow{} two-intersection(A;W) {}\mRightarrow{} (\mexists{}f:ConsensusState {}\mrightarrow{} consensus-state1(V) ((\mforall{}v:V. \mforall{}s:ts-reachable(consensus-ts4(V;A;W)). ((f s) = Decided[v] \mLeftarrow{}{}\mRightarrow{} \mexists{}i:\mBbbN{}. in state s, inning i has committed v)) \mwedge{} ts-refinement(consensus-ts1(V);consensus-ts4(V;A;W);f)))))) By Latex: (InstLemma `consensus-refinement3` [] THEN RepeatFor 8 ((ParallelLast' THENA Auto)) THEN (InstLemma `consensus-ts4-ref-map` [\mkleeneopen{}V\mkleeneclose{};\mkleeneopen{}A\mkleeneclose{};\mkleeneopen{}W\mkleeneclose{}]\mcdot{} THENA Auto) THEN D -1 THEN (InstLemma `consensus-refinement2` [\mkleeneopen{}V\mkleeneclose{}]\mcdot{} THENA Auto) THEN (InstLemma `consensus-refinement1` [\mkleeneopen{}V\mkleeneclose{}]\mcdot{} THENA Auto)) Home Index