Decorating proofs

The programs synthesized from proofs are guaranteed to be correct, however at the cost of sometimes introducing irrelevant computations, as a consequence of the fact that the extracted code faithfully reflects the proof. In this paper we extend the work of Ulrich Berger [2], which introduces the concept of “non-computational universal quantifiers”, and propose an algorithm by which we identify at the proof level the components quantified variables, as well as premises of implications that are computationally irrelevant and mark them as such. We illustrate the benefits of this (optimal) decorating algorithm in some case studies and present the results obtained with the proof assistant Minlog. We consider proofs in minimal logic, written in natural deduction style. The only rules are introduction and elimination for implication and the universal quantifier. The logical connectives ∃,∧ are seen as special cases of inductively defined predicates, and hence are defined by the introduction and elimination schemes ∀x(A → ∃xA), ∃xA → ∀x(A → B) → B (x not free in B), A → B → A ∧B, A ∧B → (A → B → C) → C. Disjunction can be defined by A ∨ B := ∃p((p → A) ∧ (¬p → B)) with p a boolean variable. When the computational content of a proof is of interest, it is appropriate to distinguish between computational and non-computational variants of →,∀, written →c,∀c and →nc,∀nc, respectively; for ∀nc this was first done by Berger [2]. The introduction rules for →nc,∀nc then need an additional restriction: the abstracted (assumption or object) variable is not allowed to be “computational”, which can be defined to mean “not free in the extracted term of the premise proof”. The insertion of such marks is called a “decoration” of the proof. In the present paper we are interested in “fine-tuning” the computational content of proofs, by inserting decorations. After adapting in section 1 the standard theory of proof interpretation by (modified) realizability, in section 2 we define what a computational strengthening of a decorated formula is, and construct a derivation of A1 →c A2 for A1 a computational strengthening of A2. Here is an example (due to Robert Constable) of why this is of interest. Suppose that in a proof M of a formula C we have made use of a case distinction based on an auxiliary lemma stating a disjunction, say L : A∨B. Then the extract [[M ]] will contain the extract [[L]] of the proof of the auxiliary lemma, which may be large. Now suppose further that in the proof M of C, the only computationally relevant use of the lemma was which one of the two alternatives holds true, A or B. We can express this fact by using a weakened form of the lemma instead: L′ : A∨nc B. Since the extract