The answers in this part are for the last exercise of Poly in Chapter 4, function definition and theorem proof related to church number. Because some preparatory knowledge is required, it is introduced in a separate section.

1, church number

Church number is an application of lambda calculus. Before introducing church number, we will give a brief introduction to lambda calculus.

one point one λ Expression / item

Variable form: x
The variable name may be a character or string that represents a parameter (formal parameter) or a value (argument)
Abstract form: λ x.M
It represents a lambda function that takes a parameter x and returns M. m is a legal lambda expression and the symbol λ And. Represent the function body m that binds the variable x to the function abstraction. Simply put, it represents a function m with formal parameter X.
Application form: M N
It means that function m is applied to parameter n, where m and N are legal lambda expressions. Simply put, it is to input the argument n to the function M.

one point two λ reduction

α transformation
A lambda function abstraction is equivalent before and after renaming the bound variable, that is:
α: λx.x ≡ λy.y
β reduction
Substitution of free variables in a lambda function abstraction
β: ((λV.E) E′) ≡ E[V := E′]
η reduction
Clear redundant function abstractions in lambda expressions
η: λx.M x ≡ M

1.3 church number

The number of times a function is applied (so it is a nonnegative integer) - Church number. The basic form is as follows:

2, church number in Coq

Next, we complete the proof of the relevant definition of church number in Coq

2.1 basic definitions

The basic definition of church number in Coq is as follows:

Definition cnat := forall X : Type, (X -> X) -> X -> X.
Definition one : cnat := fun (X : Type) (f : X -> X) (x : X) => f x.
Definition two : cnat := fun (X : Type) (f : X -> X) (x : X) => f (f x).
Definition zero : cnat := fun (X : Type) (f : X -> X) (x : X) => x.

Let's look at the definition of cnat. For any type of X, define a function of X - > x, give a variable belonging to x, and get the final value belonging to type X, which is a basic church number. We observe that the definitions of zero, one and two all conform to this definition.

2.2 exercise 1, church_succ

Define the subsequent succ function in the church number, input a cnat type number, and output a cnat type at the same time.

Definition succ (n : cnat) : cnat :=
  fun (X : Type) (f : X -> X) (x : X) => f (n X f x).
Example succ_1 : succ zero = one.
Proof. reflexivity. Qed.
Example succ_2 : succ one = two.
Proof. reflexivity. Qed.
Example succ_3 : succ two = three.
Proof. reflexivity. Qed.

How to understand f (n X f x), X and f here are defined in = >. We know that the type of cnat is forall X: type, (x - > x) - > x - > X. Therefore, looking at (n X f x) in parentheses, we give x for cnat type variables, (x - > x) that is, F, and the variable x belonging to x, then the output of (n X f x) must also be a value belonging to type X. add f to the outside, and the result is also a value belonging to type X. Complete the definition of succ.

2.3 exercise 2, church_plus

Similarly, church_ The definition of plus is as follows;

Definition plus (n m : cnat) : cnat :=
  fun (X : Type) (f : X -> X) (x : X) => (n X f (m X f x)).
Example plus_1 : plus zero one = one.
Proof. reflexivity. Qed.
Example plus_2 : plus two three = plus three two.
Proof. reflexivity. Qed.
Example plus_3 :
  plus (plus two two) three = plus one (plus three three).
Proof. reflexivity. Qed.
Definition four : cnat :=
  fun (X : Type) (f : X -> X) (x : X) => f (f (f (f x))).
Example plus_4 :
  plus two two = four.
Proof. reflexivity. Qed.

It's relatively simple, because only the zero,one,two，So the verification of the example is to continuously add these three to complete the verification. We defined four，Also proved plus two two = fou，Which shows that we plus The definition of is correct.

2.4 exercise 3, church_mult

The key to multiplication is the transformation of F. nm is to change f in n into m times F, so as to calculate 10000 volumes of Cinderella nm. The code is as follows:

Definition mult (n m : cnat) : cnat :=
  fun (X : Type) (f : X -> X) (x : X) => n X (m X f) x.
Example mult_1 : mult one one = one.
Proof. reflexivity. Qed.
Example mult_2 : mult zero (plus three three) = zero.
Proof. reflexivity. Qed.
Example mult_3 : mult two three = plus three three.
Proof. reflexivity. Qed.
Definition six : cnat :=
  fun (X : Type) (f : X -> X) (x : X) =>  f (f (f (f (f (f x))))).
Example mult_4 : mult two three = six.
Proof. reflexivity. Qed.

2.5 exercise 4, church_exp

Here the author of the book gives a hint. “Hint: Polymorphism plays a crucial role here.”. Polymorphism is the key, so we naturally think of types of polymorphism. Later, the author said, "choosing the right type to iterate over can be tricky." therefore, here we know that the key is the transformation of type X. the code is as follows:

Definition exp (n m : cnat) : cnat :=
  fun X => (m (X->X)) (n X).
Example exp_1 : exp two two = plus two two.
Proof. reflexivity. Qed.
Example exp_2 : exp three zero = one.
Proof. reflexivity. Qed.
Example exp_3 : exp three two = plus (mult two (mult two two)) one.
Proof. reflexivity. Qed.

The small tail of the answer in LF Chapter 4 POLY left before is shared with you here. For the learning of Coq, after learning the first four chapters, you can almost start some formal verification of actual code. You can see the relevant papers to learn the verification ideas and methods. Software Foundations has also changed from the previous four books to six books, and the construction of Coq community is more perfect. The book repeatedly emphasizes not to share the code, and then I won't share the corresponding code on the Internet. If there are small partners learning Coq, please leave a message.