Nuprl - mb_event_system_2 Citations of all

mb event system 2 Sections EventSystems Doc

IF YOU CAN SEE THIS go to /sfa/Nuprl/Shared/Xindentation_hack_doc.html
Def

x:A. B(x) == x:A

B(x)

is mentioned by

Thm* the_es:ES, e',e:E. Dec((e <loc e')) [decidable__es-locl]

Thm* the_es:ES, e,e':E.
Thm* (e <loc e')  first(e') & e = pred(e')  E  (e <loc pred(e')) [es-locl-iff]

Thm* es:ES, e,e':E. e  e'   loc(e) = loc(e')  Id [es-le-loc]

Thm* es:ES, e:E, l:IdLnk, tg:Id.
Thm* kind(e) = rcv(l; tg)
Thm*
Thm* loc(e) = destination(l) & loc(sender(e)) = source(l) [es-loc-rcv]

Thm* the_es:ES, e:E. first(e)  loc(pred(e)) = loc(e)  Id [es-loc-pred]

Thm* the_es:ES, j,e:E. first(j)  (e <loc j) [es-first-implies]

Thm* the_es:ES, j:E. first(j)  (pred(j) <loc j) [es-pred-locl]

Thm* the_es:ES, e:E. (e <loc e) [es-locl-antireflexive]

Thm* the_es:ES. SWellFounded((x <loc y)) [es-locl-swellfnd]

Thm* the_es:ES. Trans x,y:E. x  y [es-le-trans]

Thm* the_es:ES. Trans x,y:E. (x <loc y) [es-locl-trans]

Thm* the_es:ES. WellFnd{i}(E;x,y.(x <loc y)) [es-locl-wellfnd]

Thm* the_es:ES.
Thm* (Trans e,e':E. (e <loc e'))
Thm* & SWellFounded((e <loc e'))
Thm* & (e,e':E. loc(e) = loc(e')  Id  (e <loc e')  e = e'  (e' <loc e))
Thm* & (e:E. first(e)  (e':E. (e' <loc e)))
Thm* & (e:E.
Thm* & (first(e)
Thm* & (
Thm* & ((pred(e) <loc e) & (e':E. ((pred(e) <loc e') & (e' <loc e))))
Thm* & (e:E.
Thm* & (first(e)
Thm* & (
Thm* & ((x:Id. (x when e) = (x after pred(e))  vartype(loc(e);x)))
Thm* & (Trans e,e':E. (e < e'))
Thm* & SWellFounded((e < e'))
Thm* & (e:E.
Thm* & (isrcv(e)
Thm* & (
Thm* & (sends(lnk(e);sender(e))[index(e)] = msg(lnk(e);tag(e);val(e))  Msg)
Thm* & (e,e':E. (e <loc e')  (e < e'))
Thm* & (e:E. isrcv(e)  (sender(e) < e))
Thm* & (e,e':E.
Thm* & ((e < e')
Thm* & (
Thm* & (first(e') & (e < pred(e'))  e = pred(e')  E
Thm* & ( isrcv(e') & (e < sender(e'))  e = sender(e')  E)
Thm* & (e:E. isrcv(e)  loc(e) = destination(lnk(e)))
Thm* & (e:E, l:IdLnk.
Thm* & (loc(e) = source(l)  sends(l;e) = nil  (Msg on l) List)
Thm* & (e,e':E.
Thm* & (isrcv(e)
Thm* & (
Thm* & (isrcv(e')
Thm* & (
Thm* & (lnk(e) = lnk(e')
Thm* & (
Thm* & (((e <loc e')
Thm* & ((
Thm* & (((sender(e) <loc sender(e'))
Thm* & (( sender(e) = sender(e')  E & index(e)<index(e')))
Thm* & (e:E, l:IdLnk, n:||sends(l;e)||.
Thm* & (e':E. isrcv(e') & lnk(e') = l & sender(e') = e  E & index(e') = n  ) [es-axioms]

Thm* the_es:ES, e,e':E. (e < e')  Prop [es-causl_wf]

Thm* the_es:ES, e:E. first(e)  pred(e)  E [es-pred_wf]

Thm* the_es:ES, e:E. first(e)   [es-first_wf]

Thm* the_es:ES, e:E. isrcv(e)  index(e)  ||sends(lnk(e);sender(e))|| [es-index_wf]

Thm* the_es:ES, e:E. isrcv(e)  sender(e)  E [es-sender_wf]

Thm* the_es:ES, l:IdLnk, e:E. sends(l;e)  (Msg on l) List [es-sends_wf]

Thm* the_es:ES, e:E, x:Id. (x after e)  vartype(loc(e);x) [es-after_wf]

Thm* the_es:ES, e:E, x:Id. (x when e)  vartype(loc(e);x) [es-when_wf]

Thm* the_es:ES, e:E. val(e)  valtype(e) [es-val_wf]

Thm* the_es:ES, i,x:Id. vartype(i;x)  Type [es-vartype_wf]

Thm* the_es:ES, e:E. valtype(e)  Type [es-valtype_wf]

Thm* the_es:ES, e:E. isrcv(e)  acttype(e)  Type [es-acttype_wf]

Thm* the_es:ES, e:E. isrcv(e)  rcvtype(e)  Type [es-rcvtype_wf]

Thm* the_es:ES, e:E. isrcv(e)  lnk(e)  IdLnk [es-lnk_wf]

Thm* the_es:ES, e:E. isrcv(e)  tag(e)  Id [es-tag_wf]

Thm* the_es:ES, e:E. isrcv(e)   [es-isrcv_wf]

Thm* the_es:ES, e:E. kind(e)  Knd [es-kind_wf]

Thm* the_es:ES, e:E. loc(e)  Id [es-loc_wf]

Thm* the_es:ES, l:IdLnk. (Msg on l)  Type [es-Msgl_wf]

Thm* the_es:ES. Msg  Type [es-Msg_wf]

Thm* the_es:ES, e,e':E. Dec(e = e') [decidable__es-E_equal]

Thm* the_es:ES, e,e':E. e = e'  e = e' [assert-es-eq-E]

Thm* the_es:ES, e,e':E. e = e'   [es-eq-E_wf]

Thm* the_es:ES. E  Type [es-E_wf]

Thm* E:Type, eq:EqDecider(E), T,V:(IdIdType), M:(IdLnkIdType),
Thm* loc:(EId), k:(EKnd), v:(e:Eeventtype(k;loc;V;M;e)),
Thm* w,a:(x:Ide:ET(loc(e),x)), snds:(l:IdLnkE(Msg_sub(l; M) List)),
Thm* sndr:({e:E| isrcv(k(e)) }E), i:(e:{e:E| isrcv(k(e)) }||snds
Thm* sndr:({e:E| isrcv(k(e)) }E), i:(e:{e:E| isrcv(k(e)) }||(lnk(k(e))
Thm* sndr:({e:E| isrcv(k(e)) }E), i:(e:{e:E| isrcv(k(e)) }||,sndr(e))||),
Thm* f:(E), prd:({e':E| f(e') }E), cl:(EEProp), p:ESAxioms{i:l}
Thm* f:(E), prd:({e':E| f(e') }E), cl:(EEProp), p:ESAxioms(E;
Thm* f:(E), prd:({e':E| f(e') }E), cl:(EEProp), p:ESAxioms(T;
Thm* f:(E), prd:({e':E| f(e') }E), cl:(EEProp), p:ESAxioms(M;
Thm* f:(E), prd:({e':E| f(e') }E), cl:(EEProp), p:ESAxioms(loc;
Thm* f:(E), prd:({e':E| f(e') }E), cl:(EEProp), p:ESAxioms(k;
Thm* f:(E), prd:({e':E| f(e') }E), cl:(EEProp), p:ESAxioms(v;
Thm* f:(E), prd:({e':E| f(e') }E), cl:(EEProp), p:ESAxioms(w;
Thm* f:(E), prd:({e':E| f(e') }E), cl:(EEProp), p:ESAxioms(a;
Thm* f:(E), prd:({e':E| f(e') }E), cl:(EEProp), p:ESAxioms(snds;
Thm* f:(E), prd:({e':E| f(e') }E), cl:(EEProp), p:ESAxioms(sndr;
Thm* f:(E), prd:({e':E| f(e') }E), cl:(EEProp), p:ESAxioms(i;
Thm* f:(E), prd:({e':E| f(e') }E), cl:(EEProp), p:ESAxioms(f;
Thm* f:(E), prd:({e':E| f(e') }E), cl:(EEProp), p:ESAxioms(prd;
Thm* f:(E), prd:({e':E| f(e') }E), cl:(EEProp), p:ESAxioms(cl).
Thm* mk-es(E; eq; T; V; M; loc; k; v; w; a; snds; sndr; i; f; prd; cl; p)  ES [mk-es_wf]

Thm* E:Type{i}, T,V:(IdIdType{i}), M:(IdLnkIdType{i}), loc:(EId),
Thm* kind:(EKnd), val:(e:Eeventtype(kind;loc;V;M;e)),
Thm* when,after:(x:Ide:ET(loc(e),x)),
Thm* sends:(l:IdLnkE(Msg_sub(l; M) List)),
Thm* sender:({e:E| isrcv(kind(e)) }E),
Thm* index:(e:{e:E| isrcv(kind(e)) }||sends(lnk(kind(e)),sender(e))||),
Thm* first:(E), pred:({e':E| first(e') }E), causl:(EEProp{i}).
Thm* ESAxioms{i:l}
Thm* ESAxioms(E;
Thm* ESAxioms(T;
Thm* ESAxioms(M;
Thm* ESAxioms(loc;
Thm* ESAxioms(kind;
Thm* ESAxioms(val;
Thm* ESAxioms(when;
Thm* ESAxioms(after;
Thm* ESAxioms(sends;
Thm* ESAxioms(sender;
Thm* ESAxioms(index;
Thm* ESAxioms(first;
Thm* ESAxioms(pred;
Thm* ESAxioms(causl)
Thm*  Prop{i'} [ESAxioms_wf]

Thm* E:Type, V:(IdIdType), M:(IdLnkIdType), loc:(EId), k:(EKnd),
Thm* e:E. eventtype(k;loc;V;M;e)  Type [eventtype_wf]

Thm* R:(TTProp), x,y:T. (x R^+ y)  (x R y)  (z:T. (x R^+ z) & (z R y)) [rel_plus_implies]

Thm* R:(TTProp). Trans x,y:T. x R^+ y [rel_plus_trans]

Thm* R:(TTType). SWellFounded(R(x,y))  WellFnd{i}(T;x,y.R(x,y)) [strongwf-implies]

Thm* i:Id, k:Knd. has-src(i;k)  isrcv(k) & source(lnk(k)) = i [assert-has-src]

Thm* i:Id, k:Knd. has-src(i;k)   [has-src_wf]

Thm* a,b:Knd. a = b  a = b [assert-eq-knd]

Thm* p:IdLnk List, i:||p||, j:(i+1).
Thm* lpath(p)  lconnects(l_interval(p;j;i);source(p[j]);source(p[i])) [lpath-members-connected]

Thm* p:IdLnk List, i,j:Id. lconnects(p;i;j)  Prop [lconnects_wf]

Thm* l:IdLnk, p:IdLnk List.
Thm* lpath([l / p])
Thm*
Thm* lpath(p)
Thm* & (||p|| = 0    destination(l) = source(hd(p)) & hd(p) = lnk-inv(l)) [lpath_cons]

Thm* l:IdLnk. destination(lnk-inv(l)) = source(l) [ldst-inv]

Thm* l:IdLnk. source(lnk-inv(l)) = destination(l) [lsrc-inv]

Thm* x:A. (x,y:A. Dec(x = y))  (L:A List. Dec((x  L))) [decidable__l_member]

Thm* a,b:IdLnk. Dec(a = b) [decidable__equal_IdLnk]

Thm* a,b:IdLnk. a = b  a = b [assert-eq-lnk]

Thm* a,b:Id. Dec(a = b) [decidable__equal_Id]

Thm* a,b:Id. a = b  a = b [assert-eq-id]

Thm* a:Id. a = a ~ true [eq_id_self]

Thm* eq:EqDecider(A), L:A List, x:A. deq-member(eq;x;L)  (x  L) [assert-deq-member]

Thm* A,B:Type, a:EqDecider(A), b:EqDecider(B).
Thm* sum-deq(A;B;a;b)  (p,q:A+B. p = q  sumdeq(a;b)(p,q)) [sum-deq_wf]

Thm* a:EqDecider(A), b:EqDecider(B), p,q:A+B. p = q  sumdeq(a;b)(p,q) [sumdeq-property]

Thm* A,B:Type, a:EqDecider(A), b:EqDecider(B).
Thm* prod-deq(A;B;a;b)  (p,q:(AB). p = q  proddeq(a;b)(p,q)) [prod-deq_wf]

Thm* a:EqDecider(A), b:EqDecider(B), p,q:(AB). p = q  proddeq(a;b)(p,q) [proddeq-property]

Thm* a,b:Atom. a = b  a=bAtom [atom-deq-aux]

Thm* a,b:. a = b  a=b [nat-deq-aux]

Thm* strong-subtype(A;B)  (EqDecider(B) r EqDecider(A)) [strong-subtype-deq-subtype]

Thm* d:EqDecider(B). strong-subtype(A;B)  d  EqDecider(A) [strong-subtype-deq]

Thm* d:EqDecider(A), i:A. (eqof(d)(i,i)) ~ true [eqof_eq_btrue]

Thm* d:EqDecider(T), x,y:T. x = y  eqof(d)(x,y) [deq_property]

Thm* B:Type, k:Knd, f:(IdB), g:(IdLnkIdB).
Thm* kindcase(k;a.f(a);l,t.g(l,t))  B [kindcase_wf]

Def ESAxioms{i:l}
Def ESAxioms(E;
Def ESAxioms(T;
Def ESAxioms(M;
Def ESAxioms(loc;
Def ESAxioms(kind;
Def ESAxioms(val;
Def ESAxioms(when;
Def ESAxioms(after;
Def ESAxioms(sends;
Def ESAxioms(sender;
Def ESAxioms(index;
Def ESAxioms(first;
Def ESAxioms(pred;
Def ESAxioms(causl)
Def == (e,e':E. loc(e) = loc(e')  Id  causl(e,e')  e = e'  causl(e',e))
Def == & (e:E. (first(e))  (e':E. loc(e') = loc(e)  Id  causl(e',e)))
Def == & (e:E.
Def == & ((first(e))
Def == & (
Def == & (loc(pred(e)) = loc(e)  Id & causl(pred(e),e)
Def == & (& (e':E.
Def == & (& (loc(e') = loc(e)  Id  (causl(pred(e),e') & causl(e',e))))
Def == & (e:E.
Def == & ((first(e))  (x:Id. when(x,e) = after(x,pred(e))  T(loc(e),x)))
Def == & (Trans e,e':E. causl(e,e'))
Def == & SWellFounded(causl(e,e'))
Def == & (e:E.
Def == & (isrcv(kind(e))
Def == & (
Def == & ((sends(lnk(kind(e)),sender(e)))[(index(e))]
Def == & (=
Def == & (msg(lnk(kind(e));tag(kind(e));val(e))
Def == & ( Msg(M))
Def == & (e:E. isrcv(kind(e))  causl(sender(e),e))
Def == & (e,e':E.
Def == & (causl(e,e')
Def == & (
Def == & ((first(e')) & causl(e,pred(e'))  e = pred(e')
Def == & ( isrcv(kind(e')) & causl(e,sender(e'))  e = sender(e'))
Def == & (e:E. isrcv(kind(e))  loc(e) = destination(lnk(kind(e))))
Def == & (e:E, l:IdLnk.
Def == & (loc(e) = source(l)  sends(l,e) = nil  Msg_sub(l; M) List)
Def == & (e,e':E.
Def == & (isrcv(kind(e))
Def == & (
Def == & (isrcv(kind(e'))
Def == & (
Def == & (lnk(kind(e)) = lnk(kind(e'))
Def == & (
Def == & ((causl(e,e')
Def == & ((
Def == & ((causl(sender(e),sender(e'))
Def == & (( sender(e) = sender(e')  E & index(e)<index(e')))
Def == & (e:E, l:IdLnk, n:||sends(l,e)||.
Def == & (e':E.
Def == & (isrcv(kind(e')) & lnk(kind(e')) = l & sender(e') = e & index(e') = n) [ESAxioms]

Def SWellFounded(R(x;y)) == f:(T). x,y:T. R(x;y)  f(x)<f(y) [strongwellfounded]

Def lpath(p)
Def == i:(||p||-1).
Def == destination(p[i]) = source(p[(i+1)]) & p[(i+1)] = lnk-inv(p[i])  IdLnk [lpath]

Def EqDecider(T) == eq:TTx,y:T. x = y  (eq(x,y)) [deq]

In prior sections: core fun 1 well fnd int 1 bool 1 int 2 list 1 rel 1 sqequal 1 union mb basic mb nat mb list 1 num thy 1 mb list 2 mb event system 1

Try larger context: EventSystems IF YOU CAN SEE THIS go to /sfa/Nuprl/Shared/Xindentation_hack_doc.html

mb event system 2 Sections EventSystems Doc

Thm* the_es:ES, e',e:E. Dec((e <loc e'))	[decidable__es-locl]
Thm* the_es:ES, e,e':E. Thm* (e <loc e') first(e') & e = pred(e') E (e <loc pred(e'))	[es-locl-iff]
Thm* es:ES, e,e':E. e e' loc(e) = loc(e') Id	[es-le-loc]
Thm* es:ES, e:E, l:IdLnk, tg:Id. Thm* kind(e) = rcv(l; tg) Thm* Thm* loc(e) = destination(l) & loc(sender(e)) = source(l)	[es-loc-rcv]
Thm* the_es:ES, e:E. first(e) loc(pred(e)) = loc(e) Id	[es-loc-pred]
Thm* the_es:ES, j,e:E. first(j) (e <loc j)	[es-first-implies]
Thm* the_es:ES, j:E. first(j) (pred(j) <loc j)	[es-pred-locl]
Thm* the_es:ES, e:E. (e <loc e)	[es-locl-antireflexive]
Thm* the_es:ES. SWellFounded((x <loc y))	[es-locl-swellfnd]
Thm* the_es:ES. Trans x,y:E. x y	[es-le-trans]
Thm* the_es:ES. Trans x,y:E. (x <loc y)	[es-locl-trans]
Thm* the_es:ES. WellFnd{i}(E;x,y.(x <loc y))	[es-locl-wellfnd]
Thm* the_es:ES. Thm* (Trans e,e':E. (e <loc e')) Thm* & SWellFounded((e <loc e')) Thm* & (e,e':E. loc(e) = loc(e') Id (e <loc e') e = e' (e' <loc e)) Thm* & (e:E. first(e) (e':E. (e' <loc e))) Thm* & (e:E. Thm* & (first(e) Thm* & ( Thm* & ((pred(e) <loc e) & (e':E. ((pred(e) <loc e') & (e' <loc e)))) Thm* & (e:E. Thm* & (first(e) Thm* & ( Thm* & ((x:Id. (x when e) = (x after pred(e)) vartype(loc(e);x))) Thm* & (Trans e,e':E. (e < e')) Thm* & SWellFounded((e < e')) Thm* & (e:E. Thm* & (isrcv(e) Thm* & ( Thm* & (sends(lnk(e);sender(e))[index(e)] = msg(lnk(e);tag(e);val(e)) Msg) Thm* & (e,e':E. (e <loc e') (e < e')) Thm* & (e:E. isrcv(e) (sender(e) < e)) Thm* & (e,e':E. Thm* & ((e < e') Thm* & ( Thm* & (first(e') & (e < pred(e')) e = pred(e') E Thm* & ( isrcv(e') & (e < sender(e')) e = sender(e') E) Thm* & (e:E. isrcv(e) loc(e) = destination(lnk(e))) Thm* & (e:E, l:IdLnk. Thm* & (loc(e) = source(l) sends(l;e) = nil (Msg on l) List) Thm* & (e,e':E. Thm* & (isrcv(e) Thm* & ( Thm* & (isrcv(e') Thm* & ( Thm* & (lnk(e) = lnk(e') Thm* & ( Thm* & (((e <loc e') Thm* & (( Thm* & (((sender(e) <loc sender(e')) Thm* & (( sender(e) = sender(e') E & index(e)<index(e'))) Thm* & (e:E, l:IdLnk, n:\|\|sends(l;e)\|\|. Thm* & (e':E. isrcv(e') & lnk(e') = l & sender(e') = e E & index(e') = n )	[es-axioms]
Thm* the_es:ES, e,e':E. (e < e') Prop	[es-causl_wf]
Thm* the_es:ES, e:E. first(e) pred(e) E	[es-pred_wf]
Thm* the_es:ES, e:E. first(e)	[es-first_wf]
Thm* the_es:ES, e:E. isrcv(e) index(e) \|\|sends(lnk(e);sender(e))\|\|	[es-index_wf]
Thm* the_es:ES, e:E. isrcv(e) sender(e) E	[es-sender_wf]
Thm* the_es:ES, l:IdLnk, e:E. sends(l;e) (Msg on l) List	[es-sends_wf]
Thm* the_es:ES, e:E, x:Id. (x after e) vartype(loc(e);x)	[es-after_wf]
Thm* the_es:ES, e:E, x:Id. (x when e) vartype(loc(e);x)	[es-when_wf]
Thm* the_es:ES, e:E. val(e) valtype(e)	[es-val_wf]
Thm* the_es:ES, i,x:Id. vartype(i;x) Type	[es-vartype_wf]
Thm* the_es:ES, e:E. valtype(e) Type	[es-valtype_wf]
Thm* the_es:ES, e:E. isrcv(e) acttype(e) Type	[es-acttype_wf]
Thm* the_es:ES, e:E. isrcv(e) rcvtype(e) Type	[es-rcvtype_wf]
Thm* the_es:ES, e:E. isrcv(e) lnk(e) IdLnk	[es-lnk_wf]
Thm* the_es:ES, e:E. isrcv(e) tag(e) Id	[es-tag_wf]
Thm* the_es:ES, e:E. isrcv(e)	[es-isrcv_wf]
Thm* the_es:ES, e:E. kind(e) Knd	[es-kind_wf]
Thm* the_es:ES, e:E. loc(e) Id	[es-loc_wf]
Thm* the_es:ES, l:IdLnk. (Msg on l) Type	[es-Msgl_wf]
Thm* the_es:ES. Msg Type	[es-Msg_wf]
Thm* the_es:ES, e,e':E. Dec(e = e')	[decidable__es-E_equal]
Thm* the_es:ES, e,e':E. e = e' e = e'	[assert-es-eq-E]
Thm* the_es:ES, e,e':E. e = e'	[es-eq-E_wf]
Thm* the_es:ES. E Type	[es-E_wf]
Thm* E:Type, eq:EqDecider(E), T,V:(IdIdType), M:(IdLnkIdType), Thm* loc:(EId), k:(EKnd), v:(e:Eeventtype(k;loc;V;M;e)), Thm* w,a:(x:Ide:ET(loc(e),x)), snds:(l:IdLnkE(Msg_sub(l; M) List)), Thm* sndr:({e:E\| isrcv(k(e)) }E), i:(e:{e:E\| isrcv(k(e)) }\|\|snds Thm* sndr:({e:E\| isrcv(k(e)) }E), i:(e:{e:E\| isrcv(k(e)) }\|\|(lnk(k(e)) Thm* sndr:({e:E\| isrcv(k(e)) }E), i:(e:{e:E\| isrcv(k(e)) }\|\|,sndr(e))\|\|), Thm* f:(E), prd:({e':E\| f(e') }E), cl:(EEProp), p:ESAxioms{i:l} Thm* f:(E), prd:({e':E\| f(e') }E), cl:(EEProp), p:ESAxioms(E; Thm* f:(E), prd:({e':E\| f(e') }E), cl:(EEProp), p:ESAxioms(T; Thm* f:(E), prd:({e':E\| f(e') }E), cl:(EEProp), p:ESAxioms(M; Thm* f:(E), prd:({e':E\| f(e') }E), cl:(EEProp), p:ESAxioms(loc; Thm* f:(E), prd:({e':E\| f(e') }E), cl:(EEProp), p:ESAxioms(k; Thm* f:(E), prd:({e':E\| f(e') }E), cl:(EEProp), p:ESAxioms(v; Thm* f:(E), prd:({e':E\| f(e') }E), cl:(EEProp), p:ESAxioms(w; Thm* f:(E), prd:({e':E\| f(e') }E), cl:(EEProp), p:ESAxioms(a; Thm* f:(E), prd:({e':E\| f(e') }E), cl:(EEProp), p:ESAxioms(snds; Thm* f:(E), prd:({e':E\| f(e') }E), cl:(EEProp), p:ESAxioms(sndr; Thm* f:(E), prd:({e':E\| f(e') }E), cl:(EEProp), p:ESAxioms(i; Thm* f:(E), prd:({e':E\| f(e') }E), cl:(EEProp), p:ESAxioms(f; Thm* f:(E), prd:({e':E\| f(e') }E), cl:(EEProp), p:ESAxioms(prd; Thm* f:(E), prd:({e':E\| f(e') }E), cl:(EEProp), p:ESAxioms(cl). Thm* mk-es(E; eq; T; V; M; loc; k; v; w; a; snds; sndr; i; f; prd; cl; p) ES	[mk-es_wf]
Thm* E:Type{i}, T,V:(IdIdType{i}), M:(IdLnkIdType{i}), loc:(EId), Thm* kind:(EKnd), val:(e:Eeventtype(kind;loc;V;M;e)), Thm* when,after:(x:Ide:ET(loc(e),x)), Thm* sends:(l:IdLnkE(Msg_sub(l; M) List)), Thm* sender:({e:E\| isrcv(kind(e)) }E), Thm* index:(e:{e:E\| isrcv(kind(e)) }\|\|sends(lnk(kind(e)),sender(e))\|\|), Thm* first:(E), pred:({e':E\| first(e') }E), causl:(EEProp{i}). Thm* ESAxioms{i:l} Thm* ESAxioms(E; Thm* ESAxioms(T; Thm* ESAxioms(M; Thm* ESAxioms(loc; Thm* ESAxioms(kind; Thm* ESAxioms(val; Thm* ESAxioms(when; Thm* ESAxioms(after; Thm* ESAxioms(sends; Thm* ESAxioms(sender; Thm* ESAxioms(index; Thm* ESAxioms(first; Thm* ESAxioms(pred; Thm* ESAxioms(causl) Thm* Prop{i'}	[ESAxioms_wf]
Thm* E:Type, V:(IdIdType), M:(IdLnkIdType), loc:(EId), k:(EKnd), Thm* e:E. eventtype(k;loc;V;M;e) Type	[eventtype_wf]
Thm* R:(TTProp), x,y:T. (x R^+ y) (x R y) (z:T. (x R^+ z) & (z R y))	[rel_plus_implies]
Thm* R:(TTProp). Trans x,y:T. x R^+ y	[rel_plus_trans]
Thm* R:(TTType). SWellFounded(R(x,y)) WellFnd{i}(T;x,y.R(x,y))	[strongwf-implies]
Thm* i:Id, k:Knd. has-src(i;k) isrcv(k) & source(lnk(k)) = i	[assert-has-src]
Thm* i:Id, k:Knd. has-src(i;k)	[has-src_wf]
Thm* a,b:Knd. a = b a = b	[assert-eq-knd]
Thm* p:IdLnk List, i:\|\|p\|\|, j:(i+1). Thm* lpath(p) lconnects(l_interval(p;j;i);source(p[j]);source(p[i]))	[lpath-members-connected]
Thm* p:IdLnk List, i,j:Id. lconnects(p;i;j) Prop	[lconnects_wf]
Thm* l:IdLnk, p:IdLnk List. Thm* lpath([l / p]) Thm* Thm* lpath(p) Thm* & (\|\|p\|\| = 0 destination(l) = source(hd(p)) & hd(p) = lnk-inv(l))	[lpath_cons]
Thm* l:IdLnk. destination(lnk-inv(l)) = source(l)	[ldst-inv]
Thm* l:IdLnk. source(lnk-inv(l)) = destination(l)	[lsrc-inv]
Thm* x:A. (x,y:A. Dec(x = y)) (L:A List. Dec((x L)))	[decidable__l_member]
Thm* a,b:IdLnk. Dec(a = b)	[decidable__equal_IdLnk]
Thm* a,b:IdLnk. a = b a = b	[assert-eq-lnk]
Thm* a,b:Id. Dec(a = b)	[decidable__equal_Id]
Thm* a,b:Id. a = b a = b	[assert-eq-id]
Thm* a:Id. a = a ~ true	[eq_id_self]
Thm* eq:EqDecider(A), L:A List, x:A. deq-member(eq;x;L) (x L)	[assert-deq-member]
Thm* A,B:Type, a:EqDecider(A), b:EqDecider(B). Thm* sum-deq(A;B;a;b) (p,q:A+B. p = q sumdeq(a;b)(p,q))	[sum-deq_wf]
Thm* a:EqDecider(A), b:EqDecider(B), p,q:A+B. p = q sumdeq(a;b)(p,q)	[sumdeq-property]
Thm* A,B:Type, a:EqDecider(A), b:EqDecider(B). Thm* prod-deq(A;B;a;b) (p,q:(AB). p = q proddeq(a;b)(p,q))	[prod-deq_wf]
Thm* a:EqDecider(A), b:EqDecider(B), p,q:(AB). p = q proddeq(a;b)(p,q)	[proddeq-property]
Thm* a,b:Atom. a = b a=bAtom	[atom-deq-aux]
Thm* a,b:. a = b a=b	[nat-deq-aux]
Thm* strong-subtype(A;B) (EqDecider(B) r EqDecider(A))	[strong-subtype-deq-subtype]
Thm* d:EqDecider(B). strong-subtype(A;B) d EqDecider(A)	[strong-subtype-deq]
Thm* d:EqDecider(A), i:A. (eqof(d)(i,i)) ~ true	[eqof_eq_btrue]
Thm* d:EqDecider(T), x,y:T. x = y eqof(d)(x,y)	[deq_property]
Thm* B:Type, k:Knd, f:(IdB), g:(IdLnkIdB). Thm* kindcase(k;a.f(a);l,t.g(l,t)) B	[kindcase_wf]
Def ESAxioms{i:l} Def ESAxioms(E; Def ESAxioms(T; Def ESAxioms(M; Def ESAxioms(loc; Def ESAxioms(kind; Def ESAxioms(val; Def ESAxioms(when; Def ESAxioms(after; Def ESAxioms(sends; Def ESAxioms(sender; Def ESAxioms(index; Def ESAxioms(first; Def ESAxioms(pred; Def ESAxioms(causl) Def == (e,e':E. loc(e) = loc(e') Id causl(e,e') e = e' causl(e',e)) Def == & (e:E. (first(e)) (e':E. loc(e') = loc(e) Id causl(e',e))) Def == & (e:E. Def == & ((first(e)) Def == & ( Def == & (loc(pred(e)) = loc(e) Id & causl(pred(e),e) Def == & (& (e':E. Def == & (& (loc(e') = loc(e) Id (causl(pred(e),e') & causl(e',e)))) Def == & (e:E. Def == & ((first(e)) (x:Id. when(x,e) = after(x,pred(e)) T(loc(e),x))) Def == & (Trans e,e':E. causl(e,e')) Def == & SWellFounded(causl(e,e')) Def == & (e:E. Def == & (isrcv(kind(e)) Def == & ( Def == & ((sends(lnk(kind(e)),sender(e)))[(index(e))] Def == & (= Def == & (msg(lnk(kind(e));tag(kind(e));val(e)) Def == & ( Msg(M)) Def == & (e:E. isrcv(kind(e)) causl(sender(e),e)) Def == & (e,e':E. Def == & (causl(e,e') Def == & ( Def == & ((first(e')) & causl(e,pred(e')) e = pred(e') Def == & ( isrcv(kind(e')) & causl(e,sender(e')) e = sender(e')) Def == & (e:E. isrcv(kind(e)) loc(e) = destination(lnk(kind(e)))) Def == & (e:E, l:IdLnk. Def == & (loc(e) = source(l) sends(l,e) = nil Msg_sub(l; M) List) Def == & (e,e':E. Def == & (isrcv(kind(e)) Def == & ( Def == & (isrcv(kind(e')) Def == & ( Def == & (lnk(kind(e)) = lnk(kind(e')) Def == & ( Def == & ((causl(e,e') Def == & (( Def == & ((causl(sender(e),sender(e')) Def == & (( sender(e) = sender(e') E & index(e)<index(e'))) Def == & (e:E, l:IdLnk, n:\|\|sends(l,e)\|\|. Def == & (e':E. Def == & (isrcv(kind(e')) & lnk(kind(e')) = l & sender(e') = e & index(e') = n)	[ESAxioms]
Def SWellFounded(R(x;y)) == f:(T). x,y:T. R(x;y) f(x)<f(y)	[strongwellfounded]
Def lpath(p) Def == i:(\|\|p\|\|-1). Def == destination(p[i]) = source(p[(i+1)]) & p[(i+1)] = lnk-inv(p[i]) IdLnk	[lpath]
Def EqDecider(T) == eq:TTx,y:T. x = y (eq(x,y))	[deq]