Structural focalization updated

I've uploaded to both ArXiV and my webpage a significantly revised draft of the paper Structural focalization, which I've spoken about here before. Feedback is welcome!

One of the points I make about the structural focalization technique is that, because it is all so nicely structurally inductive, it can be formalized in Twelf. As part of a separate project, I've now also repeated the whole structural focalization development in Agda! The code is available from GitHub. While a structural focalization proof has some more moving parts than a simple cut-and-identity proof, it also has one significant advantage over every Agda proof of cut admissibility that I'm aware of: it requires no extra structural metrics beyond normal structural induction! (My favorite structural metric is the totally nameless representation, but there are other ways of threading that needle, including, presumably, these "sized types" that everyone seems to talk about.)

In regular, natural-deduction substitution, you can get away without structural metrics by proving the statement that if \(\Gamma \vdash A\) and \(\Gamma, A, \Gamma' \vdash C\) then \(\Gamma, \Gamma' \vdash C\); the extra "slack" given by \(\Gamma'\) means that you operate by structural induction on the second given derivation without ever needing to apply weakening or exchange. Most cut-elimination proofs are structured in such a way that you have to apply left commutative and right commutative cuts on both of the given derivations, making this process tricky at the best; I've never gotten it to work at all, but you might be able to do something like "if \(\Gamma, \Gamma' \longrightarrow A\) and \(\Gamma, A, \Gamma'' \longrightarrow C\) then \(\Gamma, \Gamma', \Gamma'' \longrightarrow C\)." If someone can make this work let me know!

A focused sequent calculus, on the other hand, has three separate phases of substitution. The first phase is principal substitution, where the type gets smaller and you can do whatever you want to the derivations, including weakening them. The second phase is rightist substitution, which acts much like natural-deduction substitution, and where you can similarly get away with adding "slack" to the second derivation. The third phase is leftist substitution, and you can get by in this phase by adding "slack" to the first derivation: the leftist cases read something like "if \(\Gamma, \Gamma' \longrightarrow A\) and \(\Gamma, A \longrightarrow C\) then \(\Gamma, \Gamma' \longrightarrow C\)."

In Structural focalization, I note that the structural focalization technique could be seen as a really freaking complicated way of proving the cut and identity for an unfocused sequent calculus. But in Agda, there's a reason you might actually want to do things the "long way" - not only do you have something better when you finish (a focalization result), but you get cut and identity without needing an annoying structural metric.

My New Focalization Technique is Unstoppable

While it took, as they say, a bit of doing, I have a completed draft of a paper on my website that I believe provides a really elegant solution to what has been a very, very annoying problem for some time: writing down a proof called the completeness of focusing. Don't worry, the paper explains what that means: it has to, because one of the things the paper argues is that most existing statements of the completeness of focusing aren't general enough! In the process, this writeup gave me a good (enough) excuse to talk in a very general way about a lot of fundamental phenomena around the idea of polarization in logic that we've been noticing in recent years.

Anyway, the draft is here - Structural Focalization. The accompanying Twelf development is, of course, on the Twelf wiki: Focusing. I've thrown the paper and the Twelf code up on arXiv while I figure out while I figure out what to do with it; comments would be greatly appreciated!

I don't want to have a post that's just "hey here's a paper," so here's an addition, a follow-up to the rather popular "Totally Nameless Representation" post from awhile back. I still prove weakening in Agda by exactly the technique presented there, which commenter thecod called the "presheaf method." But for natural deduction systems, I almost never use the term metric approach that was the core of what I was presenting in "totally nameless representation," since it works just fine to use the approach where term M of type A (the one you're substituting for x) is in context Γ and the term N (the one with x free) is in context Γ' ++ A :: Γ - the free variable x is allowed to be in the middle of the context, in other words; you don't have to use exchange on the second term, so you're always calling induction on something Agda recognizes as structurally smaller.

This worked for natural deduction systems, but I didn't think it would work for sequent calculi, since you needed to toy around with both contexts and induct on both terms in presentation of cut for a sequent calculus. However, for a focused sequent calculus like what I present in the paper, you still can do without the totally nameless metric! If you set things up right, the rightist substitutions (where you work on decomposing the right term, the one with the variable free) allow you to extend the context only of the first term, and the leftist substitutions (where you work on decomposing the left term, the one you're substituting for the variable) allow you to work on the second term, and the two are only connected by the principal substitutions (which reduce the type, which more or less lets you get away with anything as far as the induction principle is concerned).

A code example of this, which could use some more commentary, can be found on GitHub: Polar.agda.

Tell me a story of logic

I have a little technical note that I'm working on, in which I tell a story about linear logic that I tried to work out a year ago and finally returned to with Bernardo Toninho and Yuxin Deng last week. But as I tried to write the introduction, the two-year-old voice in my head kept asking "why?" Why do I need to tell this story? What's the point? The resulting thoughts don't really belong in the technical note I wanted to write, but I hope they're just barely coherent enough that they're worth putting here. (Note: there is a similar discussion to this one in Section 3 of my thesis proposal.)

Big picture: before we can contemplate any discussion of the formal correctness of any system (a logic, type theory, programming language, cryptographic protocol, or self-driving car) - before we can even ask ourself what "correctness'' means - we have to have a way of formally specifying the system itself. Mathematicians do this by defining sets, category theorists by enumerating universal mapping properties. However, if you're writing down theorems to be checked by a computer, there's almost exactly one game in town: systems for mechanized mathematics have a built-in facility for directly giving (co)inductive specifications of systems.

A tool's interface for describing inductive specifications is, therefore, a matter of some importance. In most systems, the statement of an inductive specification looks something like a datatype declaration in a programming language in ML or Haskell. One system for mechanized mathematics, Twelf, takes a rather different approach. Rather than directly specifying an inductive structure, Twelf users specify a signature of type families and constants in the dependent type theory LF. If you asked someone about this while they were in a hurry to catch a plane, they'd probably respond "oh, that's what adequacy theorems are for" and run away.

A word on adequacy

In the first paper on LF, Harper, Honsell, and Plotkin discuss adequacy theorems. When we write down a bunch of type families and constants in an LF signature, that means that we can form a certain (inductively-defined!) set of terms. To use a standard example, given the LF signature

  nat: type.

  z: nat.

  s: nat -> nat.

we can create well-typed terms of type nat that look like z, (s z), (s (s z)), and ((λx. s x) (s z)). That fourth example has a β-redex that, when we reduce it, turns it into the third example. We usually say that the above LF specification is adequate because there is a one-one-correspondence between natural numbers and normal terms of type nat in this signature.¹ In general, to quote Harper and Licata's 2007 "Mechanizing metatheory in a logical framework",

An LF representation of a language is adequate iff it is isomorphic to the informal definition of the language.

I'm currently thinking that this might be the wrong slogan, because the imprecision of "informal" leads to seemingly inevitable misunderstandings. Another slogan that I might consider in its place is that an LF specification is adequate iff it is isomorphic to the inductive specification of the language. It's just really very deeply ingrained in our collective heads that when we're writing down horizontal lines on paper, that means an inductive specification. But perhaps that's not giving LF enough credit! There's no reason to cede that my scratches on a whiteboard have any special spiritual relationship with inductive definitions and not LF signatures (or sets in ZFC or constructions in category theory, for that matter).

Taking the view that adequacy relates the canonical forms of LF to some inductively defined structure ("on paper" or otherwise) has two advantages that I see. First, it turns adequacy into something that takes place entirely within formal mathematics. In fact, we have a pretty clear understanding of how to write "first-order" or "concrete" LF types that encode inductive definitions (hint: never allow left-nested arrows). But this means that we can prove adequacy theorems in Twelf. My Twelf code proving a bijection between de Bruijn lambda calculus terms and HOAS lambda calculus terms is, in this view, part of an adequacy theorem.² The second advantage, in my mind, is it clarifies why we never formally prove adequacy with respect to our "informal definitions" (a point that Daniel Lee and I poked a bit of fun in our SIGBOVIK 2007 paper Manifest Adequacy). When I've been using Adga for awhile, I think of my on-paper notation as corresponding to inductive definitions (or, occasionally, inductive-recursive definitions, the more powerful variant of inductive definitions available in Agda). When I've been using Twelf for awhile, I think of my on-paper notation as corresponding to LF signatures that use higher-order abstract synatx. It's only in the event that I want to know that these two ways of formalizing the same system coincide that I would actually think about adequacy in practice. To reempahsize, in this event adequacy is an entirely formal concept.

Why logical frameworks?

There's no contrarian impulse that lead to LF being used to encode systems. Harper, Honsell, and Plotkin made the point as well as I could hope to:

The structure of the LF type system provides for the uniform extension of the basic judgment forms to two higher-order forms introduced by Martin-Löf, the hypothetical, representing consequence, and the schematic, representing generality.

There are two important points to make about the above quote. The more obvious one is that LF, compared to "raw" inductive definitions, gives a clean notion of hypothetical reasoning and uniform substitution (the basis of what was later termed "higher-order abstract syntax"). The less obvious point is that, in the above quote, Harper, Honsell, and Plotkin are referencing Martin-Löf's "On the meaning of logical constants and the justification of the logical laws," which isn't actually about LF. Rather, it's a story about how we understand the meaning of propositions and how we establish that a logic's definition makes sense in the presence of a uniform notion of hypothetical judgments.

Martin-Löf's discussion, which Pfenning and Davies termed the "judgmental methodology" in their their judgmental reconstruction of modal logic, is important for people who write systems in Twelf because it sets up a particular world-view that maps quite well onto formalization in LF. To put it another way, the judgmental methodology is one important source of intuitions that guide the mental process of mapping between our "on-paper" notation and LF signatures. And so it's no accident that 1) we use Twelf a lot at Carnegie Mellon 2) our student reading group usually reads On the meaning of logical constants and the justification of the logical laws at least once every other year. The judgmental properties underlying LF and Martin Löf's reconstruction are the same, so understanding the judgmental methodology is a good way of understanding LF formalization.

This continues to be the case in the Linear LF extension to LF, where linear hypothetical assumptions are understood to be resources that will be consumed in the service of building a goal. The underlying story here, which Wikipedia originally attributes to Lafont, is called the resource interpretation, and it allows us to understand how to do things like represent programming languages with state conveniently, because "a bunch of memory" is a concept that can be represented as "a bunch of resources." The story that we tell about linear logic - the resource interpretation - is important in part because it gives us intuitions for understanding LLF formalizations.

I don't know that I can speak for where my intuitions about inductive definitions come from - as I've said before, computer scientists tend to treat them as pretty foundational. On the other hand, it's difficult to really use the "raw" inductive definitions provided natively by most non-Twelf provers to reason about programming languages, which is why there has been much recent (and, from an outside perspective, seemingly quite successful) work aimed at providing the right tool support for specifying and reasoning about programming languages in highly-developed proof assistants like Coq. The only danger here is, as soon as you start adding layers of interface between yourself and inductive definitions, the question of adequacy (the informal version, at least) again raises its head: there's not necessarily the same Martin-Löfian story guiding you, so where are your intuitions about the correctness of your system coming from? How would you actually prove that it corresponds to an ostensibly equivalent LF signature?

This, in turn, is one reason why two-level approach have been recently popularized by Felty's Hybrid system and Gacek's Abella. In these systems, there's a specially supported logical layer where one can use the same kind of intuitions we use in LF encodings. LF or LLF could, in fact be used for this logical layer, though these two systems use different variations on that theme. The second layer is a separate facility for reasoning about these encodings.

I'll stop here, though one argument I might be interested in trying to make in the future is that Twelf itself is actually the original two-level approach. There's an even stronger argument to be made in the case of HLF, Jason Reed's implementation of meta-reasoning for LLF on top of Twelf. However

¹ We usually say canonical terms or canonical forms, not normal terms. The canonical forms are the β-normal η-long terms. However, η-expansion doesn't mean anything for this example.

² It would be a full adequacy theorem if I'd shown that the bijection was compositional - that substitution on the de Bruijn terms means the same thing as substitution that LF gives us for free - but I didn't prove that part. Perhaps I should.

Two new papers

I have a post on typestate that has been languishing while I've been spending a lot of time on CMU's admissions committe, but now that that's over I hopefully will be able to get back to it. But first, two papers:

Logical Approximation for Program Analysis

My paper with Frank Pfenning, Logical Approximation for Program Analysis, has been accepted to HOSC. This paper extends of the work from the PEPM 2009 paper Linear logical approximations [ACM Link] - the acceptance is actually to a HOSC special issue on PEPM 2009. However, this paper also synthesizes a lot of stuff from our LICS 2009 paper Substructural Operational Semantics as Ordered Logic Programming. The point of this journal paper is to provide a story about allowing substructural operational semantics specifications of programming language, written in the style of the LICS 2009 paper/my thesis proposal, to be approximated. The approximation process lets us derive program analyses like control flow and alias analysis in the style of the PEPM 2009 paper.

Anyway: PDF, which I'm still polishing for final submission this weekend.

It occurs to me that I should write some more substructural operational semantics posts on this blog, seeing as that's my thesis topic and all.

Constructive Provability Logic

Since Bernardo and I got the principles of constructive provability logic nailed down, we've done a little more exploring. The most important thing about this paper, relative to the technical report, is that it presents a less restricted version of constructive provability logic (the "de-tethered variant" CPL*); I think this less restricted version is going to be critical to understanding logic programming through the lens of constructive provability logic, which is my ultimate goal for the project. The second new thing about the paper is that we nailed down (with one perplexing exception) which of the "normal" axioms of intuitionistic modal logic do or don't hold.

What does this mean? Well, any classical logician will tell you that, in order to be a modal logic, you have to obey one axiom - the "K" axiom, □(A → B) → □A → □B - and one rule, which is that if you can prove A with no assumptions then you can also prove □A ("necessitation"). And any intuitionistic modal logic worth its salt is going to do the same, so far so good. However, intuitionstic modal logic also has a possibility modality ◇A. In classical logic saying something is possible is the same as saying that it's not necessarily false, so ◇A is defined as ¬□¬A. But in intuitionistic logic we tend to think of possibility as a genuinely different thing, and that's where stuff gets complicated. The two most important proof theories for intuitionistic modal logic are probably Alex Simpson's IK - which describes a whole bunch of intuitionistic modal logics - and Pfenning-Davies S4, which describes S4. Some of the axioms that Simpson claims are fundamental to intuitionistic modal logics, like (◇A → □B) → □(A → B), don't hold in Pfenning-Davies S4; it turns out that particular axiom doesn't hold in constructive provability logic, either.

As we discuss in the paper, it seems like the de-tethered variant, CPL*, lies between Pfenning-Davies S4 and Simpson-style S4 on the "which axioms hold" meter, whereas CPL (the tethered version of constructive provability logic from the tech report) may or may not have the same "normal" axioms as Pfenning-Davies; we are currently stuck on whether the ◇◇A → ◇A holds in CPL - it definitely holds in CPL*, Simpson-style S4, and Pfenning-Davies S4, but we are a bit perplexed by our inability to prove or disprove it in CPL.

Here's the PDF, and here's the bitbucket repository with all our Agda. As a side note, "oh, all these proofs are in Agda so we're not discussing them" makes the whole "omitted due to space" thing feel way, way less sketchy. This is just a submission at this point, so comments are especially welcome!

Natural deduction and sequent calculus - united in a polarized linear framework

In the last post I talked a little bit about what it means to give atomic propositions in a logical framework polarity. The main point I wanted to get around to was that if we have a proposition in the signature of the form P1⁺ ⊃ P2⁺ ⊃ P3⁺, then all the information contained in that rule is captured by this synthetic inference rule:

  Γ, P1+, P2+, P3+ ⊢ Q
  -------------------
  Γ, P1+, P2+ ⊢ Q

On the other hand, if I have a proposition in the signature of the form P1^- ⊃ P2^- ⊃ P3^-, then all the information contained in that rule is captured by this synthetic inference rule:

  Γ ⊢ P1-
  Γ ⊢ P2-
  --------
  Γ ⊢ P3-

By further mixing-and-matching the polarities of atomic propositions, we can get a whole host of synthetic inference rules.

First, a clarification

Before I get started with this post, I want to point out that in the last post I said something imprecise: that the strongest possible form of adequacy is to say that the synthetic inference rules induced by your signature have an exact correspondence with the "on-paper" inference rules. I then gave an example, saying that

  ∨L : (hyp A → conc C)
       → (hyp B → conc C)
       → (hyp (A ∨ B) → conc C)

corresponds to this expected synthetic inference rule

  Γ, hyp (A ∨ B), hyp A ⊢ conc C
  Γ, hyp (A ∨ B), hyp B ⊢ conc C
  -------------------------------- ∨L
  Γ, hyp (A ∨ B) ⊢ conc C

only if (hyp A) has positive polarity. But this isn't quite the right story, because from the definition of ∨L we know nothing about the contents of Γ, and our notion of adequacy with respect to the sequent calculus requires that our judgments take the form Γ ⊢ conc C where Γ contains only atomic propositions hyp A for some propositions A. So, really, this strongest possible notion of adequacy needs one additional puzzle piece, a generalization of what the Twelfers would call regular worlds. We can assume the conclusion of the derived rule is in the image of some "on paper" judgment, but we also need to verify that the premises will always end up similarly in the image of some "on paper" judgment.

Now, with that out of the way...

Representing natural deduction in LLF

The post today starts off working with a subset of the Linear Logical Framework (LLF) designed (in large part) by Cervesato. We can reason about specifications in this framework using Jason Reed's HLF/Twelf implementation. Essentially, we will be using this framework the same way we used it last week: defining a signature and looking at the synthetic inference rules that arise from that signature.

It has recently become common to see presentations of the canonical forms of a simply-typed lambda calculus presented in spine form; doing so removes a major source of unplesentless in the proof of global soundness/hereditary substitution. You do have to pay the piper, though: it is more difficult to handle the proof of global completeness/η-expansion in a spine form calculus. However, a Twelf proof that Frank Pfenning worked out in February '09, which uses something like a third-order premise, can successfully handle the proof of global completeness for a spine-form presentation of canonical forms. One version of this Twelf proof, which can be found here, is presented as a bunch of Twelf code without much commentary, and the current story arose in part due to my attempts to provide some commentary and intuition for this Twelf proof of eta expansion and generalize it to substructural logics.

In the process, I ended up investigating another way of presenting logic that is somewhere between a natural deduction and spine form presentation. A bit of Twelf code describing this presentation can be found here, but the key point is that, when we need to verify an atomic proposition Q, we pick some hypothesis A from the context and show that, from a use of A we can prove that Q can be used. This is basically what happens in spine form, but here the "spiney" things associate the opposite of the way they do in spine form presentations. It looks something like this:

  end : use A A.
  atm : hyp A -> use A (a Q) -> verif (a Q).
  ⊃I  : (hyp A -> verif B) -> verif (A ⊃ B).
  ⊃E  : use A (B1 ⊃ B2) -> verif B1 -> use A B2.

One thing that we've known for a long time is that the atomic proposition (use A B) is an instance of a pattern - it can be thought of as a Twelf representation of the linear funtion use A -o use B, in which case the rule end above is just the identity function λx.x.

But, since we're putting ourself conceptually in the territory of LLF, not the territory of LF/Twelf, we can represent the thing that is morally a linear function as an actual linear function. The main trick is appropriately using unrestricted implication -> versus linear implication -o in such a way that it controls the branch of the subproof that the linear assumption use B winds up in. The resulting signature looks much like a standard natural deduction presentation with a very non-standard transition between uses and verifications (the usual rule is just use (a Q) -> verif (a Q)) and a sprinkling of lollipops where we'd normally see arrows.

  atm : hyp A -> (use A -o use (a Q)) -> verif (a Q).
  ⊃I  : (hyp A1 -> verif A2) -> verif (A1 ⊃ A2).
  ⊃E  : use (A1 ⊃ A2) -o verif A1 -> use A2.
  ∧I  : verif A1 -> verif A2 -> verif (A1 ∧ A2).
  ∧E1 : use (A1 ∧ A2) -o use A1.
  ∧E2 : use (A1 ∧ A2) -o use A2.

We are interested, for the purpose of this presentation, in hypothetical judgments of the form (Γ; · ⊢ hyp A), (Γ; · ⊢ verif A), and (Γ; use A ⊢ use B), where Γ contains unrestricted facts of the form hyp A. In light of this, we can show the synthetic inference rules that result from the above signature.

  ---------------------------- hyp
  Γ, hyp A; · ⊢ hyp A 

  ---------------------------- use
  Γ; use A ⊢ use A 

  Γ; · ⊢ hyp A
  Γ; use A ⊢ use (a Q)
  ---------------------------- atm
  Γ; · ⊢ verif (a Q)

  Γ, hyp A1; · ⊢ verif A2
  ---------------------------- ⊃I
  Γ; · ⊢ verif (A1 ⊃ A2)

  Γ; use B ⊢ use (A1 ⊃ A2)
  Γ; · ⊢ verif A1
  ---------------------------- ⊃E
  Γ; use B ⊢ use A2

  Γ; · ⊢ verif A1
  Γ; · ⊢ verif A2
  ---------------------------- ∧I
  Γ; · ⊢ verif (A1 ∧ A2)

  Γ; use B ⊢ use (A1 ∧ A2)
  ---------------------------- ∧E1
  Γ; use B ⊢ use A1

  Γ; use B ⊢ use (A1 ∧ A2)
  ---------------------------- ∧E2
  Γ; use B ⊢ use A2

There are basically no surprises - the complete HLF/Twelf specification, including global soundness and completeness proofs, is essentially just a repeat of the most closely related related Twelf specification where the elimination rules in the signature look somewhat less unusual.

Switching up the polarity

Now, let us imagine that we add atoms with positive polarity to LLF in a way analagous to their addition in the previous post. Obviously (hyp A) is naturally positive, so we can make that change, but that is not the interesting point. Consider the derived rules if we *also* make (use A) positive and restrict our attention to sequents of the form (Γ; · ⊢ verif A) and (Γ; use A ⊢ use (a Q)).

  ---------------------------- use
  Γ; use (a Q) ⊢ use (a Q)

  Γ, hyp A; use A ⊢ use (a Q)
  ---------------------------- atm
  Γ, hyp A; · ⊢ verif (a Q)

  Γ, hyp A1; · ⊢ verif A2
  ---------------------------- ⊃I
  Γ; · ⊢  verif (A1 ⊃ A2)

  Γ; use A₂ ⊢ use (a Q)
  Γ; · ⊢ verif A1
  ---------------------------- ⊃E
  Γ; use (A₁ ⊃ A₂) ⊢ use (a Q)

  Γ; · ⊢ verif A1
  Γ; · ⊢ verif A2
  ---------------------------- ∧I
  Γ; · ⊢ (verif A1 ∧ verif A2)

  Γ; use A1 ⊢ use (a Q)
  ---------------------------- ∧I1
  Γ; use (A1 ∧ A1) ⊢ use (a Q)

  Γ; use A2 ⊢ use (a Q)
  ---------------------------- ∧I2
  Γ; use (A1 ∧ A1) ⊢ use (a Q)

While our previous formalizaiton was an interesting sort-of modified version of natural deduction, the result when we change the polarity of the atomic proposition (use A) is precisely a focused sequent calculus.

A few related points

There are a lot of other neat explorations to consider in the near vicinity of this topic. Among them are:

• Generalizing to a polarized, weakly-focused logic. I did most of this once, but there were some issues with my original proof.
• What's the precise natural deduction system that the system with weak focusing + inversion on negative propositions corresponds to? Does it correspond exactly to the style of natural deduction used by Howe in "Proof Search in Lax Logic"?
• Generalizing to a fully-focused logic (how close can we get, for instance, to the natural deduction system of Brock-Nannestad and Schürmann ("Focused Natural Deduction," LPAR 2010)?
• Can this generalize to a focused linear sequent calculus, or do I only get to use linearity once per specification? Could the machinery of HLF be used to work around that?
• The global soundness and completeness results that I established in HLF have the least amount of slickness possible - I basically just repeat the proof that I gave for the Twelf formalization without linearity. How close can we get to the intuition that the eta expansion theorem says use A -> verif A for all A?

Focusing and synthetic rules

So, I was trying to explain to some people at a whiteboard something that I thought was more generally obvious than I guess it is. So, post! This post assumes you have seen lots of sequent caculi and have maybe have heard of focusing before, but I'll review the focusing basics first. And here's the main idea: focusing lets you treat propositions as rules. This is not an especially new idea if you are "A Twelf Person," but the details are still a bit pecular.

Let's start with a little baby logical framework. Here are the types:

  A ::= A → A | P⁺ | P⁻

Those P⁺ and P⁻ are the atomic propositions, and there can be as many of them as we want for there to be.

Focusing, real quick

There are three judgments that we need to be worried about. Γ ⊢ [ A ] is the right focus judgment, Γ[ A ] ⊢ Q is the left focus judgment, and Γ ⊢ A is the out-of-focus judgment.

Okay. So focusing (any sequent caclulus presentation of logic, really) encourages you to read rules from the bottom to the top, and that's how the informal descriptions will work. The first set of rules deal with right-focus, where you have to prove A right now. If you are focused on a positive atomic proposition, it has to be available right now as one of the things in the context. Otherwise (if you are focused on a negative atomic proposition or A → B), just try to prove it regular-style.

  P⁺ ∈ Γ
  -----------
  Γ ⊢ [ P⁺ ] 

  Γ ⊢ P⁻
  ----------
  Γ ⊢ [ P⁻ ]

  Γ ⊢ A → B
  -------------
  Γ ⊢ [ A → B ]

The second set of rules deal with left-focus. One pecular bit: we write left focus as Γ[ A ] ⊢ Q, and by Q we mean either a positive atomic proposition P⁺ or a negative atomic proposition P⁻. If we're in left focus on the positive atom, then we stop focusing and just add P⁺ to the set of antecedents Γ, but if we're in left focus on a negative atomic proposition P⁻, then we must to be trying to prove P⁻ on the right right now in order for the proof to succeed. Then, finally, if we're left focused on A → B, then we have to prove A in right focus and B in left focus.

  Γ, P⁺ ⊢ Q
  ------------
  Γ[ P⁺ ] ⊢ Q

  -------------
  Γ[ P⁻ ] ⊢ P⁻

  Γ ⊢ [ A ]
  Γ[ B ] ⊢ Q
  ---------------
  Γ[ A → B ] ⊢ Q

Finally, we need rules that deal with out-of-focus sequents. If we have an out-of-focus sequent and we're trying to prove P⁺, then we can go ahead and finish if P⁺ is already in the context. There is no rule for directly proving A⁻, but if we have a positive or negative atomic proposition that we're trying to prove, we can left-focus and work from there. And if we're trying to prove A → B, we can assume A and keep on trying to prove B.

  P⁺ ∈ Γ
  -------
  Γ ⊢ P⁺
  
  A ∈ Γ 
  A is not a positive atomic proposition
  Γ[ A ] ⊢ Q
  ---------------------------------------
  Γ ⊢ Q

  Γ, A ⊢ B
  -----------
  Γ ⊢ A → B

There are a lot of different similar presentations of focusing, most of which amount to the same thing, and most of which take some shortchuts. This one is no different, but the point is that this system is "good enough" that it lets us talk about the two big points.

The first big point about focusing is that it's complete - any sequent caclulus or natural deduction proof system for intuitionstic logic will prove exactly the same things as the focused sequent calculus. Of course, the "any other sequent calculus" you picked probably won't have a notion of positive and negative atomic propositions. That's the second big point: atomic propositions can be assigned as either positive or negative, but a given atomic proposition has to always be assigned the same positive-or-negativeness (that positive-or-negativeness is called polarity, btw). And on a similar note, you can change an atomic proposition's polarity if you change it everywhere. This may radically change the structure of a proof, but the same things will definitely be provable. Both of these things, incidentally, were noticed by Andreoli.

Synthetic inference rules

An idea that was also noticed by Andreoli but that was really developed by Kaustuv Chaudhuri is the idea that, when talking about a focused system, we should really think about proofs as being made up of synthetic inference rules, which are an artifact of focusing. The particular case of unfocused sequents where the conclusion is an atomic proposition, Γ ⊢ Q, is a special case that we can call neutral sequents. The only way we can prove a neutral sequent is to pull something out of the context and either finish (if the thing in the context is the positive atomic proposition we want to prove) or go into left focus. For instance, say that it is the case that P⁻ → Q⁻ → R⁻ ∈ Γ. Then the following derivation consists only of choices that we had to make if we left-focus on that proposition.

          ...
          Γ⊢Q⁻
  ...     ------ ---------
  Γ⊢P⁻    Γ⊢[Q⁻] Γ[R⁻]⊢R⁻
  ------  ----------------
  Γ⊢[P⁻]  Γ[Q⁻→R⁻]⊢R⁻
  ------------------       
  Γ[P⁻→Q⁻→R⁻]⊢R⁻     P⁻ → Q⁻ → R⁻ ∈ Γ
  ------------------------------------
  Γ⊢R⁻

This is a proof that has two leaves which are neutral sequents and a conclusion which is a neutral sequent, and where all the choices (including the choice of what the conclusion was) were totally forced by the rules of focusing. Therefore, we can cut out all the middle steps (which are totally determined anyway) and say that we have this synthetic inference rule:

  P⁻ → Q⁻ → R⁻ ∈ Γ
  Γ ⊢ Q⁻
  Γ ⊢ P⁻
  -----------------
  Γ ⊢ R⁻

This synthetic inference rule is more compact and somewhat clearer than the rule with all the intermediate focusing steps. As a side note, proof search with the inverse method is often much faster, too, if we think about these synthetic inference rules instead of the regular rules: that's part of the topic of Kaustuv Chaudhuri and Sean McLaughlin's Ph.D. theses. Chaudhri calls these things "derived rules" in his Ph.D. thesis, but I believe he is also the originator of the terms "synthetic connective" and "synthetic inference rule."

Let's do a few more examples. First, let's look at a synthetic inference rule for a proposition that has positive atomic propositions in its premises:

           Q⁺∈Γ
  ...     ------ ---------
  Γ⊢P⁻    Γ⊢[Q⁺] Γ[R⁻]⊢R⁻
  ------  ----------------
  Γ⊢[P⁻]  Γ[Q⁺→R⁻]⊢R⁻
  ------------------       
  Γ[P⁻→Q⁺→R⁻]⊢R⁻     P⁻ → Q⁺ → R⁻ ∈ Γ
  ------------------------------------
  Γ⊢R⁻

By convention, when one of the premises is of the form Q⁺ ∈ Γ, we go ahead and write the premise Q⁺ into the context everywhere, so the synthetic inference rule for this proposition is:

  P⁻ → Q⁺ → R⁻ ∈ Γ
  Γ, Q⁺ ⊢ P⁻
  -----------------
  Γ, Q⁺ ⊢ R⁻

If the conclusion ("head") of the proposition is a positive atom instead of a negative one, then we end up with an arbitrary conclusion.

  ...      ....
  Γ⊢P⁻    Γ,Q⁺⊢S
  ------  -------
  Γ⊢[P⁻]  Γ[Q⁺]⊢S
  ----------------
  Γ[P⁻→Q⁺]⊢S        P⁻ → Q⁺ ∈ Γ
  ---------------------------------------
  Γ⊢R

The synthetic inference rule looks like this, where S is required to be an atomic proposition, but it can be either positive or negative:

  P⁻ → Q⁺ ∈ Γ
  Γ ⊢ P⁻
  Γ, Q⁺ ⊢ S
  ----------
  Γ ⊢ S

If we have a higher-order premise (that is, an arrow nested to the left of an arrow - (P⁻ → Q⁺) → R⁻ is one such proposition), then we gain new assumptions in some of the branches of the proof. Note that the basic "shape" of this rule would not be affected if we gave P⁻ or Q⁺ the opposite polarity - synthetic inference rules are a little less sensitive to the polarity of atoms within higher-order premises.

   ...  
  Γ,P⁻⊢Q⁺
  -------
  Γ⊢P⁻→Q⁺   
  ---------  ---------
  Γ⊢[P⁻→Q⁺]  Γ[R⁻]⊢R⁻
  --------------------       
  Γ[(P⁻→Q⁻)→R⁻]⊢R⁻     (P⁻ → Q⁺) → R⁻ ∈ Γ
  ---------------------------------------
  Γ⊢R⁻

The synthetic inference rule, one more time, looks like this:

  (P⁻ → Q⁺) → R⁻ ∈ Γ
  Γ, P⁻ ⊢ Q⁺
  ----------
  Γ ⊢ R⁻

Application to logical frameworks

One annoyance in all of these derived rules is that each of them had a premise like (P⁻ → Q⁺) → R⁻ ∈ Γ. However, in a logical framework, we usually define a number of propositions in some "signature" Σ, and consider these propositions to be always true. Therefore, given any finite signature, we can "compile" that signature into a finite set of synthetic inference rules, add those to our logic, and throw away the signature - we don't need it anymore, as the synthetic inference rules contain precisely the logical information that was contained in the signature. Hence the motto, which admittedly may need some work: focusing lets you treat propositions as rules.

This is a strategy that hasn't been explored too much in logics where atomic propositions have mixed polarity - Jason Reed and Frank Pfenning's constructive resource semantics papers are the only real line of work that I'm familiar with, though Vivek's comment reminds me that I learned about the idea by way of Jason from Vivek and Dale Miller's paper "A framework for proof systems," section 2.3 in particular. (They in turn got it from something Girard wrote in French, I believe. Really gotta learn French one of these days.) The big idea here is that this is expressing the strongest possible form of adequacy - the synthetic inference rules that your signature gives rise to have an exact correspondance to the original, "on-paper" inference rules.

If this is our basic notion of adequacy, then I claim that everyone who has ever formalized the sequent calculus in Twelf has actually wanted positive atomic propositions. Quick, what's the synthetic connective corresponding to this pseudo-Twelf declaration of ∨L in the sequent calculus?

  ∨L : (hyp A → conc C)
       → (hyp B → conc C)
       → (hyp (A ∨ B) → conc C)

If you thought this:

  Γ, hyp (A ∨ B), hyp A ⊢ conc C
  Γ, hyp (A ∨ B), hyp B ⊢ conc C
  -------------------------------- ∨L
  Γ, hyp (A ∨ B) ⊢ conc C

then what you wrote down corresponds to what we like to write in "on-paper" presentations of the intuitionstic sequent calculus, but it is not the correct answer. Twelf has only negative atomic propositions, so the correct answer is this:

  Γ ⊢ hyp (A ∨ B)
  Γ, hyp A ⊢ conc C
  Γ, hyp B ⊢ conc C
  -------------------------------- ∨L
  Γ ⊢ conc C

This is still adequate in the sense that complete on-paper sequent calculus proofs are in one-to-one correspondence with the complete LF proofs: the reason that is true is that, when I am trying to prove Γ ⊢ hyp (A ∨ B), by a global invariant of the sequent calculus I can only succeed by left-focusing on some hyp (A ∨ B) ∈ Γ and then immediately succeeding. However, the partial proofs that focusing and synthetic connectives give rise to are not in one-to-one correspondence.

In order to get the rule that we desire, of course, we need to think of hyp A as a positive atomic proposition (and conc C as negative). If we do that, then the first proposed synthetic inference rule is dead-on correct.

Poll

Hey, I'm kind of new at logicblogging and don't really know who is following me. This was really background for a post I want to write in the future. Background-wise, how was this post?

[Update Nov 11, 2010] Vivek's comments reminded me of the forgotten source for the "three levels of adequacy," Vivek and Dale's "A framework for proof systems," which is probably a more canonical source than Kaustuv's thesis for using these ideas for representation. Also, the tech report mentioned in Vivek's comment replays the whole story in intuitionistic logic and is very close to the development in this blog post.