1 Introduction

This paper has two main contributions. The first one is to present a domain model of dependent type theory where a type is interpreted as a finitary projection on one “universal” domain. We believe this model to be quite natural and canonical, and it can be presented as a simple decidable typing system on finite elements.Footnote 1 While this model is based on a “universal” domain, two convertible terms have the same semantics, like for the set-theoretic model [3]. This is to be contrasted with an “untyped” semantics, like the one used in [1] and where one needs to quotient by an extra partial equivalence relation. The second contribution is to show, using this model, purely syntactical properties of dependent type theory. In particular, we can show that dependent product is one-to-one for conversion in a constructive metatheory, involving only induction and recursion on finite objects,Footnote 2 a property which is crucial in establishing subject reduction [4, 17]. Furthermore, the technique that is used is similar to the use of “inclusive predicates”, fundamental in domain theory [12, 15]. Another technical advantage of our approach is that we don’t need to use contexts as Kripke worlds as in previous arguments [2, 6]. We also establish that two convertible terms in type theory (maybe partial [10, 11, 13, 14]) have the same Böhm tree.

In this paper, we work in a constructive metatheory, and when we write that a propoosition P is decidable, we mean that P ∨¬P is provable.

2 Domain and Finite Elements

We shall use the following Scott domain, least solution of a recursive domain equation (see [18, 19] for a lively description of Scott domains and solutions to domain equations):

$$D~=~ [D\rightarrow D] + {\Pi}~D~[D\rightarrow D] + \mathsf{N} + \mathsf{0} + \mathsf{S}~D + \mathsf{U}_{i} $$

In this equation, + denotes the coalesced sum [18] and i = 0,1,2,…

We write a,b,u,v,… for the elements of this domain. We define u(v) for u and v in D as follows: it is the application of u to v if u belongs to DD and it is ⊥ otherwise.

A fundamental result of domain theory is that the finite/compact elements of this domain can be described in a purely syntactical way, and both the order and the compatibility relations on these finite elements are decidable [16, 18, 19]. It also has been noticed [16] that this domain is coherent in the sense that a finite set is compatible (i.e. has a least upper bound) if, and only if, it is pairwise compatible.

Here is an inductive description of the finite elements

  • ⊥ or

  • Ui, N or 0 or

  • Su where u is finite

  • π af where a is finite and f is a finite function or

  • a finite function

and a finite function f is a least upper bound of basic step functions and is of the form ⊥ or u1v1,…,unvn (with \(n\geqslant 1\) and all ui,vi finite) such that whenever ui and uj are compatible then so are vi and vj. Such a function sends an element u to the element f(u) = ∨{vi | uiu}.

The order relation on finite elements can then be described by the rules

  • ⊥≤ u,

  • NN and 00 and UiUi,

  • SuSv if uv,

  • π af ≤π bg if ab and fg, and

  • (u1v1,…,upvp) ≤ f if vif(ui) for all i.

In general there are different possible ways to write a finite function f as a least upper bound of step functions. For instance, we have (⊥↦N) = (U3N,⊥↦N). We say that a description f = (u1v1,…,unvn) is minimal if we cannot remove some uivi in this description. An important property is the following.

Lemma 1

Iff = (u1v1,…,unvn) is minimal, we havefu < fuiwheneveru < ui.

Proof

If we have u < ui and fui = fu, then \(\vee \{v_{j} \mid u_{j}<u_{i}\} \geqslant f~u = f~u_{i}\) and we can remove uivi from the given description of f . □

Corollary 1

If we have a minimal description off = (u1v1,…,unvn) and another descriptionf = (a1b1,…,ambm) (not necessarily minimal), thenui = ∨{ajajui}.

Proof

Indeed, if u = ∨{ajajui} we have uui and f(u) = ∨{bjaju} = ∨{bjajui} = f(ui), so we cannot have u < ui by the previous lemma. □

We define the rank rk(u) of the finite element u by the equations

$$\begin{array}{@{}rcl@{}} &&\begin{array}{lll} rk(\bot) = 0 &\quad\qquad rk(\mathsf{N}) = rk(\mathsf{0}) = rk(\mathsf{U}_i) = 1 &\quad\qquad rk(\mathsf{S}~u) = 1 + rk(u)\\ \end{array}\\ &&~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~rk({\Pi}~u~f) = \max (1 + rk(u),rk(f)) \end{array} $$

and rk(f) = 1 + max(rk(ui),rk(f(ui))) if f = (u1v1,…,ulvl) is minimal and l > 0. The rank measures the first time an element u appears in the inductive generation of finite elements. An important property of the rank is that rk(uv) ≤ max(rk(u),rk(v)) and rk(f(u)) < rk(f) for all u.

Working with universes, we want to consider that Ui is more “complex” than any given finite element which only mentions Uj for j < i. In order to capture this notion of complexity, we define

$$\begin{array}{@{}rcl@{}} &&lv(\bot) = lv(\mathsf{N}) = lv(\mathsf{0}) = 0 \quad\qquad lv(\mathsf{U}_i) = i \quad\qquad lv(\mathsf{S}~u) = lv(u)\\ &&~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~lv ({\Pi}~u~f) = \max (lv (u), lv(f)) \end{array} $$

and lv(f) = max(lv(ui),lv(f(ui))) if f = (u1v1,…,ukvk) is minimal. An important property of the (universe) level is that lv(uv) ≤ max(lv(u),lv(v)) and lv(f(u)) ≤ lv(f) for all u.

Finally we define the complexity of a finite element a as the pair lv(a),rk(a) with the lexicographic ordering.

A finitary projection [18, 19] of a Scott domain E is a map p : EE such that pp = p and paa and the image of p, which is also the set of fixed-points of p, is a Scott domain. If pu = u and pv = v and u,v are compatible then p (uv) = uv since both u and v are ≤ p (uv). A finitary projection is thus completely determined by a set of finite elements which is closed by compatible sups. If F,E are two Scott domains, we write \(F\lhd E\) and say that F is a subdomain of E if F is the image of a finitary projection of E. Equivalently F is the set of directed sups of a given subset of finite elements of E which is closed by compatible binary sups, and this set is exactly the set of finite elements of F. A fundamental result [18] is that the poset of finitary projections of a Scott domain E is itself a Scott domain, which is a subdomain of EE.

3 Concrete Description of the Typing Relation on Finite Elements

We now describe a type system on finite elements.

$$\begin{array}{@{}rcl@{}} &&\frac{}{\bot:a} \quad\qquad \frac{}{\mathsf{U}_i:\mathsf{U}_{j}}{i<j} \quad\qquad \frac{}{\mathsf{N}:\mathsf{U}_j} \quad\qquad \frac{}{\mathsf{0}:\mathsf{N}} \quad\qquad \frac{u:\mathsf{N}}{\mathsf{S}~u:\mathsf{N}}\\ &&~~~~~\frac{a:\mathsf{U}_j \qquad u_1:a \qquad t_1:\mathsf{U}_j \qquad {\dots} \qquad u_n:a \qquad t_n:\mathsf{U}_j}{{\Pi}~a~(u_1\mapsto t_1,\dots,u_n\mapsto t_n):\mathsf{U}_j} {(n \geqslant 0)}\\ &&~~~~~~~~~\frac{u_1:a \qquad v_1:f(u_1) \qquad {\dots} \qquad u_n:a \qquad v_n:f(u_n)}{(u_1\mapsto v_1,{\dots} ,u_n\mapsto v_n):{\Pi}~a~f} {(n \geqslant 0)} \end{array} $$

Lemma 2

Ifu : aandab,thenu : b.Ifu : a,v : a,and u and v are compatible, thenuv : a.

Proof

The first statement is by induction on the derivation of u : a. For the second statement, we look at the case where a = Uk and u = π b (u1t1,…,untn) and v = π b (v1l1,…,vmlm). By induction, we have bb : Uk. Also ui : b and hence ui : bb by the first statement and similarly vj : bb. The other cases are similar. □

Corollary 2

Ifw : π afandu : a,thenw(u) : f(u).

Proof

We can write w = (u1v1,…,unvn) with vi : f(ui). We have vi : f(u) if uiu by Lemma 2. We then have w(u) = ∨{viuiu} : f(u) by Lemma 2. □

Lemma 3

If π af : Ukandf = (u1t1,…,untn) is minimal, thenui : aandf(ui) : Uk.

Proof

We have f = (u1t1,…,untn) = (v1l1,…,vmlm) with vj : a and lj : Uk. Since f(ui) = ∨{ljvjui} we have f(ui) : Uk by Lemma 2. Also ui = ∨{vjvjui} and so ui : a by Lemma 2. □

Lemma 4

Ifw : π afandw = (u1t1,…,untn) is minimal, thenui : aandw(ui) : f(ui).

Proof

We have w = (u1t1,…,untn) = (v1l1,…,vmlm) with vj : a and lj : f(vj). It follows from Corollary 1 that we have ui = ∨{vjvjui} and so ui : a by Lemma 2. Using Corollary 2, we get w(ui) : f(ui). □

Note that if u : a then lv(u) ≤ lv(a) and if u : Uk then lv(u) < k, by induction on the derivation.

Corollary 3

The relationu : ais decidable.

Proof

By induction on the complexity of u and a. □

The following Lemma will be useful when connecting syntax and semantics.

Lemma 5

Ifw : π bfandba,then for anyu : athere existsv : bsuch thatvuandw(u) = w(v).

Proof

We write w = (u1l1,…,unln) with ui : b and li : f(ui). We then have w(u) = w(v) with v = ∨{uiuiu} and v : b by Lemma 2. □

We now introduce the predicate atype by the rules:

$$\begin{array}{@{}rcl@{}} &&~~~~~~~~~~~~\frac{}{\bot~\mathsf{type}} \qquad\qquad\qquad \frac{}{\mathsf{U}_i~\mathsf{type}} \qquad\qquad\qquad \frac{}{\mathsf{N}~\mathsf{type}}\\ &&\frac{a~\mathsf{type} \qquad u_1:a \qquad t_1~\mathsf{type} \qquad {\dots} \qquad u_n:a \qquad t_n~\mathsf{type}} {{\Pi}~a~(u_1\mapsto t_1,\dots,u_n\mapsto t_n)~\mathsf{type}}{(n \geqslant 0)} \end{array} $$

Lemma 6

Ifa : Uj,thenatype.Ifatype,btype,anda,bare compatible, thenabtype.If π a (u1t1,…,untn) typeandu1t1,…,untnis a minimal description, thenui : aandtitype.

Proof

The first statement is by induction on the derivation of a : Uj. The second statement is proved as in Lemma 2, and the last statement as in the proof of Lemma 3. □

Corollary 4

The predicate a t y p e is decidable.

Given a finite element a, the set of finite elements u such that u : a is closed by compatible binary sups by Lemma 2. Hence it defines a finitary projection pa. Similarly the set of finite elements a such that atype defines a finitary projection ptype. We write \({\mathsf {Type}}\lhd D\) for the corresponding subdomain.

By Lemma 2, we have papb if ab and we can hence define the finitary projection pa for an arbitrary element a of D, not necessarily finite, as the directed sup of all pa0 for a0a finite, in the Scott domain of finitary projections of D. We write \(El~a\lhd D\) for the image of pa.

We have \(El~\mathsf {U}_{i}\lhd El~\mathsf {U}_{i + 1}\) and \(El~\mathsf {U}_{i}\lhd {\mathsf {Type}}\).

Let us write ab for π a (⊥↦b). The domain \(El~\mathsf {N}\lhd D\) is exactly the domain of “lazy” natural numbers, that are elements of the form Sk0 or Sk⊥. The poset of finite elements w such that w : NN is exactly the poset of finite element of the domain of continuous functions ElNElN.

Lemma 7

Iff = (u1v1,…,unvn) is minimal andf = fpwhere p is a finitary projection, thenpui = uifor all i.

Proof

We have fui = f (pui) and so we cannot have pui < ui since the description is minimal using Corollary 1, and so pui = ui. □

Proposition 1

We have

Table 1

andpab = ⊥ in all other cases. We also have

Table 2

andptypeb = ⊥ in all other cases.

Proof

Let qa be the function defined by these recursive equations. We show by induction on the complexity of a finite that we have qau = u, for u finite, if, and only if, u : a. This is clear if a = N. If a = π bf and u : a, then using Lemma 4, we can write u = (u1v1,…,unvn) with ui : a and vi : f(ui). We then have u(x) = u(qbx) : f (qbx) and so u(x) = (qbf) u)(x) for any x and so u = qau. Conversely, if u = qau, we have u = u ∘ (qb), and if u = (u1v1,…,unvn) is a minimal description of u, we have qbui = ui by Lemma 7. So ui : b by induction. We then have vi = q (f(ui)) vi and so vi : f(ui) by induction.

Finally we prove qUka = a if, and only if, a : Uk by induction on the complexity of a finite. We cover the case a = π bf where u1l1,…,unln is a minimal description of f .

If a : Uk, then b : Uk and so qUkb = b by induction and ui : b and li : Uk. Since b is strictly less complex than Uk, we have by induction qbui = ui and qUkf(ui) = f(ui). It follows that we have qUka = a.

Conversely, if qUka = a then qUkb = b and so b : Uk by induction and we have (qUk) ∘ f ∘ (qb) = f. It follows that we have f(ui) = qUk (f(qbui)) for all i and we have qbui = ui by Lemma 7. So ui : b since b is simpler than Uk. We then get f(ui) = qUkf(ui) and so f(ui) : Uk by induction. □

We can now consider the continuous families of domains Ela and ElaType indexed over a in Type. We can form their carteisan products and get a continuous family Ela × (ElaType) indexed over a in Type. We consider then the sum of this family, which is itself a Scott domain [7]

$$E = {\Sigma} (a\in{\mathsf{Type}})~(El~a\times (El~a\rightarrow {\mathsf{Type}})) $$

and we have an evaluation function EType, (a,v,f)↦f(v). This evaluation function is continuous. So, if we have w0f(v) in Type then we can find a0a finite in Type, and u0u finite in Ela0 and f0f finite in Ela0Type such that w0f(v). This remark will be used in a crucial way in connecting syntax and semantics of type theory.

4 Syntax and Semantics of Type Theory

The syntax of type theory is defined as follows.

$$M,N,A,B~::=~x~|~\lambda (x:A) M|M~N|{\Pi} (x:A)B~|~\mathsf{N}~|~\mathsf{U}_{i}~|~\mathsf{0}|~\mathsf{S}~M~|~\mathsf{rec} (\lambda x~A,M,N) $$

We write F(x/M) the substitution of M for x in F. We may write simply F(M) if x is clear from the context.

The semantics can be defined at this purely untyped syntactic level, exactly like for the set-theoretic semantics presented in [3]. This semantics is described in Fig. 1 where we define ρ,x : a = u to be the update of ρ with the assignment x = pau.

Fig. 1
figure 1

Denotational semantics of type theory

The semantics of rec is the usual lazy semantics of primitive recursion. We define rec(d0,d1) in DD by the recursive equations

$$\mathsf{rec}(d_{0},d_{1})~\mathsf{0} = d_{0} \qquad \mathsf{rec}(d_{0},d_{1})~(\mathsf{S}~u) = d_{1}(u)(\mathsf{rec}(d_{0},d_{1})~u) $$

and rec(d0,d1) u = ⊥ in the other cases, and then

$$\llbracket \mathsf{rec}(\lambda x.T,M_{0},M_{1}) \rrbracket\rho = \mathsf{rec}(\llbracket M_{0} \rrbracket\rho,\llbracket M_{1} \rrbracket\rho). $$

(The extra argument λx.T is used in Section 7.)

The typing and conversion rules are in the Appendix. There are two judgments for types, of the form Atype and AconvA, and two judgments for elements, of the form M : A and MconvM : A. Such a judgment is stated in a context, which is a list of typing declarations x : A. As in [9], we may not write the context explicitly.

We say that ρfits Γ if for all x : A in Γ we have ⟦Aρ in Type and ρ(x) in El(⟦Aρ).

Theorem 1

Ifρfits Γ,then:

  1. 1.

    Γ ⊩ AtypeimpliesAρType,

  2. 2.

    Γ ⊩ AconvAimpliesAρ = ⟦Aρ,

  3. 3.

    Γ ⊩ M : AimpliesMρEl (⟦Aρ),and

  4. 4.

    Γ ⊩ MconvM : AimpliesMρ = ⟧Mρ.

Proof

Direct by induction on the derivation. □

Note that the use of finitary projections takes care of η-conversion in the semantics. For instance, we have ⟦λ(x : NN)x⟧ = ⟦λ(x : NN)λ(y : N)xy⟧. Indeed, both are equal to the function uvpN (u(pNv)).

The main difference with the semantics suggested in [11] and in [13] is that abstraction is not interpreted as a constructor. This is crucial in order to validate the rule of η-conversion that NconvN : π(x : A)B as soon as NxconvNx : B (x : A). If we represent abstraction by a constructor, we would have w = λ(⊥)≠⊥ = w but also w(u) = ⊥ = w(u) for any u in D, and so the rule for η-conversion cannot be valid in this case.

5 Connecting Syntax and Semantics, First Version

We write MM for weak-head reduction. This is defined at a purely syntactical level. The rules are the following.

$$\begin{array}{@{}rcl@{}} &&\frac{}{(\lambda (x:A)N)~M\rightarrow N(x/M)} \qquad\qquad \frac{N\rightarrow N^{\prime}}{N~M\rightarrow N^{\prime}~M}\\ &&~~~~~~~~~~~~~~~~~~~~~~~\frac{}{\mathsf{rec} (\lambda x~T,M_0,M_1)~\mathsf{0}\rightarrow M_0}\\ &&\frac{}{\mathsf{rec} (\lambda x~T,M_0,M_1)~(\mathsf{S}~N)\rightarrow M_1~N~(\mathsf{rec} (\lambda x~T,M_0,M_1)~N)}\\ &&~~~~~~~~\frac{N\rightarrow N^{\prime}}{\mathsf{rec} (\lambda x~T,M_0,M_1)~N\rightarrow \mathsf{rec} (\lambda x~T,M_0,M_1)~N^{\prime}} \end{array} $$

We write MAM for MM and MconvM : A and write \(M\rightarrow ^{*}_{A} M^{\prime }\) for the corresponding transitive reflexive closure. We write AtypeA to mean that AA and AconvA, and we write \(A \rightarrow _{\mathsf {type}}^{*} A^{\prime }\) the corresponding transitive reflexive closure. These relations are similar to the relations used in [2, 6].

In this section, we will consider only closed terms. The relation AconvB defines an equivalence relation on the set of terms A such that Atype. If Atype, then, similarly, the relation MconvN : A defines an equivalence relation on the set of terms M satisfying M : A.

The main goal of this section is to analyze relations refining these predicates. We define Atypea and AconvBa for a ≤⟦A⟧ in Type and, if we have Atypea, we define M : Au:a and MconvM : Au:a for u ≤⟦M⟧ in Ela. The relation AconvBa will be an equivalence relation on the set of terms satisfying the predicate ∣a, while, if Atypea, the relation MconvM : Au:a will be an equivalence relation on the set of terms M such that M : Au:a.

These relations are defined first for finite elements a, by recursion on the complexity of a in Type. More precisely, we define all the relations Atypea, AconvBa, M : Au:a, and MconvMu:a by recursion on the complexity of the finite element a. In particular, this definition is not an inductive-recursive one. To incorporate universes we also define at the same time the relations \(A~{\mathsf {type}\mid ^{i}_{a}}\) and \(A~\mathsf {conv}~A'{\mid ^{i}_{a}}\) for i = 0,1,2,… in the clauses 5-8. In each of the clauses of the definition below we will have some tacit assumptions suppressed for readability: Atypea assumes Atype and atype; AconvAa assumes both Atypea and Atypea and further AconvA; M : Au:a assumes Atypea, M : A, and u : a; MconvM : Au:a assumes M : Au:a, M : Au:a, and MconvM : A.

We distinguish the shape of a.

  1. 1.

    Case ⊥. Atype, AconvA, M : Au:⊥, and MconvMu:⊥ all hold by definition.

  2. 2.

    Case πbf. We define:

    • Atypeπbf means \(A\rightarrow _{\mathsf {type}}^{*} {\Pi } (x:B)F\) for some B and F with Btypeb and x : BFtype and

      1. (a)

        N : Bv:b implies F(N) typef(v), and

      2. (b)

        NconvN : Bv:b implies F(N) convF(N)∣f(v).

    • Given A with \(A^{\prime }\rightarrow _{\mathsf {type}}^{*} {\Pi } (x:B^{\prime })F^{\prime }\) and A as above, then AconvAπbf means BconvBb and

      $$N:B\mid_{v:b} \quad \text{implies} \quad F(N)~\mathsf{conv}~F^{\prime}(N)\mid_{f(v)}. $$
    • M : Aubf is defined as (A as above):

      1. (a)

        N : Bv:b implies MN : F(N)∣u(v):f(v), and

      2. (b)

        NconvN : Bv:b implies MNconvMN : F(N)∣u(v):f(v).

    • MconvM : Aubf is defined as

      $$N:B\mid_{v:b} \quad \text{implies} \quad M~N~\mathsf{conv}~M^{\prime}~N : F(N) \mid_{u(v) : f(v)}. $$
  3. 3.

    CaseN. We define:

    • AtypeN means that \(A\rightarrow _{\mathsf {type}}^{*} \mathsf {N}\).

    • AconvAN is always satisfied.

    • M : Au:N is defined by induction on u:

      1. (a)

        M : A⊥:N holds by definition,

      2. (b)

        M : A0:N if \(M\rightarrow _{\mathsf {N}}^{*} \mathsf {0}\), and

      3. (c)

        M : ASv:N if \(M\rightarrow _{\mathsf {N}}^{*} \mathsf {S}~N\) and N : Av:N.

    • MconvM : Au:N is defined by induction on u:

      1. (a)

        MconvM : A⊥:N and MconvM : A0:N hold by definition, and

      2. (b)

        MconvM : ASv:N if \(M\rightarrow _{\mathsf {N}}^{*} \mathsf {S}~N\), \(M^{\prime }\rightarrow _{\mathsf {N}}^{*} \mathsf {S}~N^{\prime }\) and NconvN : Av:N.

The rest of the definition involves universes, so let us interrupt the definition to look at an example: Atypea, for a = π N (0N, S0N), means \(A\rightarrow _{\mathsf {type}}^{*}{\Pi }(x:B)F\) with BtypeN, that is, \(B\rightarrow _{\mathsf {type}}^{*}\mathsf {N}\), and

  • if \(M\rightarrow _{\mathsf {N}}^{*}\mathsf {0}\), then F(M)typeN, that is, \(F(M)\rightarrow _{\mathsf {type}}^{*}\mathsf {N}\), and

  • if \(M\rightarrow _{\mathsf {N}}^{*}\mathsf {S}~\mathsf {0}\), then F(M)∣N, that is, \(F(M)\rightarrow _{\mathsf {type}}^{*}\mathsf {N}\).

We now continue the definition to incorporate universes:

  1. 4.

    CaseUj. We define:

    • \(A~\mathsf {type}\mid _{\mathsf {U}_{j}}\) means \(A\rightarrow _{\mathsf {type}}^{*} \mathsf {U}_{j}\), and

    • \(A~\mathsf {conv}~A^{\prime }\mid _{\mathsf {U}_{j}}\) is always satisfied.

    • \(M:A\mid _{u:\mathsf {U}_{j}}\) means \(M~\mathsf {type} {\mid ^{j}_{u}}\), and

    • \(M~\mathsf {conv}~M^{\prime }\mid _{u:\mathsf {U}_{j}}\) means \(M~\mathsf {conv}~M'{\mid ^{j}_{u}}\).

Where the relations \(A~{\mathsf {type}\mid ^{i}_{a}}\) and \(A~\mathsf {conv}~A'{\mid ^{i}_{a}}\) used above are simultaneously defined by recursion on the complexity of a : Ui according to the following cases. We have similar tacit assumptions in the definition: \(A~{\mathsf {type}\mid ^{i}_{a}}\) always additionally assumes a : Ui (as finite elements) and A : Ui. And \(A~\mathsf {conv}~A^{\prime }{\mid ^{i}_{a}}\) assumes \(A~{\mathsf {type}\mid ^{i}_{a}}\), \(A^{\prime }~{\mathsf {type}\mid ^{i}_{a}}\), and AconvA : Ui.

  1. 5.

    Case ⊥. \(A~\mathsf {type}\mid ^{i}_{\bot }\) and \(A~\mathsf {conv}~A^{\prime }\mid ^{i}_{\bot }\) hold by definition.

  2. 6.

    Case πbf. We define:

    • \(A~\mathsf {type}\mid ^{i}_{{\Pi }bf}\) means \(A\rightarrow _{\mathsf {U}_{i}}^{*} {\Pi } (x:B)F\) for some B and F with \(B~{\mathsf {type}\mid ^{i}_{b}}\) and x : BF : Ui and

      1. (a)

        N : Bv:b implies \(F(N)~\mathsf {type}\mid ^{i}_{f(v)}\), and

      2. (b)

        NconvN : Bv:b implies \(F(N)~\mathsf {conv}~F(N^{\prime })\mid ^{i}_{f(v)}\).

    • Given A with \(A^{\prime }\rightarrow _{\mathsf {U}_{i}}^{*} {\Pi } (x:B^{\prime })F^{\prime }\) and A as above, then \(A~\mathsf {conv}~A^{\prime }\mid ^{i}_{{\Pi }bf}\) means that \(B~\mathsf {conv}~B^{\prime }{\mid ^{i}_{b}}\) and

      $$N:B\mid_{v:b} \quad \text{implies} \quad F(N)~\mathsf{conv}~F^{\prime}(N)\mid^{i}_{f(v)}. $$
  3. 7.

    CaseN. We define:

    • \(A~\mathsf {type} \mid ^{i}_{\mathsf {N}}\) means that \(A\rightarrow _{\mathsf {U}_{i}}^{*} \mathsf {N}\).

    • \(A~\mathsf {conv}~A^{\prime }\mid ^{i}_{\mathsf {N}}\) is always satisfied.

  4. 8.

    CaseUj with j < i. We define:

    • \(A~\mathsf {type}\mid ^{i}_{\mathsf {U}_{j}}\) means \(A\rightarrow _{\mathsf {U}_{i}}^{*} \mathsf {U}_{j}\), and

    • \(A~\mathsf {conv}~A^{\prime }\mid ^{i}_{\mathsf {U}_{j}}\) is always satisfied.

This concludes the definition of the predicates.

Lemma 8

Each relationAconvAais an equivalence relation on the set of terms A such thatAa.Furthermore, ifAconvAathen we haveM : Au:aiffM : Au:aandMconvM : Au:aiffMconvM : Au:afor any u inEla.

Proof

This is clear if a = ⊥ or a = N. If a = π bf, let us prove for instance that the relation AconvAa is symmetric. We assume Atypea and Atypea and AconvAa, and we prove AconvAa.

We have \(A\rightarrow ^{*}_{\mathsf {type}}{\Pi } (x:B)F\) and \(A^{\prime }\rightarrow ^{*}_{\mathsf {type}}{\Pi } (x:B^{\prime })F^{\prime }\) and BconvBb. By induction, we have BconvBb. Also, we have N : Bv:b iff N : Bv:b and this implies F(x/N) convF(x/N)∣f(v) and so F(x/N) convF(x/N)∣f(v) by induction. So we get AconvAa as required. □

Lemma 9

  1. 1.

    IfJaandaainType,then\(J\mid _{a^{\prime }}\)where J isAtypeorAconvB.

  2. 2.

    If\(J{\mid ^{i}_{a}}\)andaainElUi,then\(J\mid ^{i}_{a^{\prime }}\)where J isAtypeorAconvB.

  3. 3.

    IfAtypeaandaainTypeand\(J\mid _{u^{\prime }:a^{\prime }}\),then\(J\mid _{u^{\prime }:a}\)where J isM : AorMconvM : A.

  4. 4.

    Finally, ifAtypeaandaainTypeandJu:aandu : aanduu,then\(J\mid _{u^{\prime }:a^{\prime }}\)where J isM : AorMconvM : A.

Proof

We prove simultaneously the assertions by induction on the complexity of a in Type. We explain two representative cases.

In case a = π bf and a = π bfa and Atypea, we assume Atypea and we show \(A~\mathsf {type}\mid _{a^{\prime }}\). We first have \(A\rightarrow _{\mathsf {type}}^{*} {\Pi } (x:B)F\) and Btypeb and N : Bv:b implies F(N) typef(v) and NconvN : Bv:b implies F(N) convF(N)∣f(v). By induction we have \(B~\mathsf {type}\mid _{b^{\prime }}\). Also if \(N:B\mid _{v:b^{\prime }}\) then N : Bv:b by induction and so F(N) typef(v) and so \(F(N)~\mathsf {type}\mid _{f^{\prime }(v)}\) by induction. Similarly, \(N~\mathsf {conv}~N^{\prime }B\mid _{v:b^{\prime }}\) implies F(N) convF(N)∣f(v) and so \(F(N)~\mathsf {conv}~F(N^{\prime })\mid _{f^{\prime }(v)}\) by induction.

If a = π bf and a = π bfa and Atypea and \(M:A\mid _{u:a^{\prime }}\), then we claim that M : Au:a. We know \(A\rightarrow _{\mathsf {type}}^{*} {\Pi }(x:B)F\) with Btypeb. We have to show that N : Bv:b implies MN : F(N)∣u(v):f(v). By induction, we know that if vv and v in Elb then \(N:B\mid _{v^{\prime }:b^{\prime }}\). Since \(M:A\mid _{u:a^{\prime }}\) we have \(M~N:F(N)\mid _{u(v^{\prime }):f^{\prime }(v^{\prime })}\). Since u : a we have vv in Elb such that u(v) = u(v) by Lemma 5. For this v we have \(M~N:F(N)\mid _{u(v):f^{\prime }(v^{\prime })}\) and then MN : F(N)∣u(v):f(v) by induction, since F(N) typef(v) and f(v) ≤ f(v). We prove similarly that NconvP : Bv:b implies MNconvMP : F(N)∣u(v):f(v). □

We use this result to extend the relation Atypea for a arbitrary (possibly infinite) in Type.

Definition 1

Atypeameans\(A~\mathsf {type}\mid _{a_{0}}\)for all finite a0ainType.If J isM : AorMconvM : Athen the relationsJu:afor u arbitrary inElais defined as follows: for all u0ufinite inElathere exists a0afinite inTypesuch that\(J\mid _{u_{0}:a_{0}}\).

Note that if we have \(J\mid _{u_{0}:a_{0}}\) then we also have \(J\mid _{u_{0}:a_{1}}\) for any finite a1 such that a0a1a in Type by Lemma 9.

Proposition 2

We haveAtypeπ bfif,and only if,\(A\rightarrow ^{*}_{\mathsf {type}} {\Pi }(x:B)F\)for B and F withBtypeband

  1. 1.

    N : Bv:bimpliesF(N) typef(v),and

  2. 2.

    NconvN : Bv:bimpliesF(N) convF(N)∣f(v).

Proof

We assume \(A~\mathsf {type}\mid _{{\Pi }~b~f}\). This means \(A~\mathsf {type}\mid _{{\Pi }~b_{0}~f_{0}}\) for all finite \({\Pi }~b_{0}~f_{0}\leqslant {\Pi }~b~f\) in Type, and, in particular, we have \(A~\mathsf {type}\mid _{{\Pi }~b_{0}~f_{0}}\) for b0 = ⊥ and f0 = ⊥. This implies \(A\rightarrow ^{*}_{\mathsf {type}} {\Pi }(x:B)F\) for some Btype and \(F~\mathsf {type}~(x:B)\).

If \(b_{0}\leqslant b\) in Type is finite we have \(A~\mathsf {type}\mid _{{\Pi }~b_{0}~\bot }\) and so \(B~\mathsf {type}\mid _{b_{0}}\). So we have \(B~\mathsf {type}\mid _{b}\).

For N : Bv:b we show \(F(N)~\mathsf {type}\mid _{f(v)}\) by showing that \(F(N)~\mathsf {type}\mid _{w_{0}}\) for any \(w_{0}\leqslant f(v)\) finite in Type. By the remark on continuity of evaluation at the end of Section 2, we can find \(b_{0}\leqslant b\) finite in \({\mathsf {Type}}\) and \(v_{0}\leqslant v\) finite in Elb0 and \(f_{0}\leqslant f\) finite in \(El~b_{0}\rightarrow {\mathsf {Type}}\) such that \(w_{0}\leqslant f_{0}(v_{0})\) in Type. We then have \(A~\mathsf {type}\mid _{{\Pi }~b_{0}~f_{0}}\) and \(N:B\mid _{v_{0}:b_{1}}\) for some \(b_{1}\leqslant b\) finite in Type. We can assume \(b_{0}\leqslant b_{1}\), maybe changing b1 to b0b1, and using Lemma 9.3. By Lemma 9.4, we also have \(N:B\mid _{v_{0}:b_{0}}\) and hence \(F(N)\mid _{f_{0}(v_{0})}\) as needed to be shown.

The last assertion about conversion has a similar proof.

Conversely assume \(A\rightarrow ^{*}_{\mathsf {type}} {\Pi }(x:B)F\) with Btypeb and N : Bv:b implies F(N)∣f(v) and \(N~\mathsf {conv}~N^{\prime }:B\mid _{v:b}\) implies \(F(N)~\mathsf {conv}~F(N^{\prime })\mid _{f(v)}\). We show that \(A~\mathsf {type}\mid _{{\Pi }~b_{0}~f_{0}}\) for all finite \({\Pi }~b_{0}~f_{0}\leqslant {\Pi }~b~f\) in Type. We have \(B~\mathsf {type}\mid _{b_{0}}\) by definition, and if \(N:B\mid _{v:b_{0}}\) with v in Elb0 finite, then N : Bv:b and so F(N) typef(v) and hence \(F(N)~\mathsf {type}\mid _{f_{0}(v)}\). We prove similarly that \(N~\mathsf {conv}~N^{\prime } : B\mid _{v:b_{0}}\) with v finite implies \(F(N)~\mathsf {conv}~F(N^{\prime })\mid _{f_{0}(v)}\). □

Proposition 3

GivenAtypeπ bfand\(A\rightarrow ^{*}_{\mathsf {type}} {\Pi }(x:B)F\),we haveM : Awbfif, and only if,N : Bv:bimpliesMN : F(N)∣w(v):f(v)andNconvN : Bv:bimpliesMNconvMN : F(N)∣w(v):f(v).

Proof

Similar to the proof of Proposition 2. □

The two last propositions hold by definition if π bf is a finite element of Type. Note that we could not have used these propositions directly on general, maybe infinite, element as a definition of Atypeπ bf since it might be that f(v) is as complex as π bf. The method we have used instead was thus first to define the relation Atypeπ bf for π bffinite, and then extend this relation by “continuity” on general elements. This is similar to the use of “inclusive predicates” [12, 15], fundamental in denotational semantics.

Lemma 10

  1. 1.

    IfAtypeAandAtypea,thenAtypeaandAconvAa.

  2. 2.

    IfAtypeaandMAMandM : Au:a,thenM : Au:aandMconvM : Au:a.

Proof

Both properties are shown by induction on a. The most interesting case is for the second assertion when a = π bf. We then have \(A\rightarrow _{\mathsf {type}}^{*} {\Pi }(x:B)F\) with Btypeb. If N : Bv:b, we have MNF(N)MN and MN : F(N)∣u(v):f(v). By induction, we have MN : F(N)∣u(v):f(v) and MNconvMN : F(N)∣u(v):f(v). Similarly, if NconvNv:b, we get MNconvMN : F(N)∣u(v):f(v). Since M : Au:a we have MNconvMN : F(N)∣u(v):f(v) and we get by transitivity and symmetry MNconvMN : F(N)∣u(v):f(v). □

We write σ : Γ∣ρ to mean that we have AσtypeAρ and \(\sigma (x):A\sigma \mid _{\rho (x):\llbracket A \rrbracket \rho }\) for all x : A in Γ. Note that, in particular, this implies that ρ fits Γ.

Similarly, we write σconvσ : Γ∣ρ to mean that we have AσconvAσAρ and σ(x) convσ(x) : Aσρ(x):⟦Aρ for all x : A in Γ.

Theorem 2

The following properties hold, givenσ : Γ∣ρandσconvσ : Γ∣ρ.

  1. 1.

    If Γ ⊩ Atype,thenAσtypeAρ.

  2. 2.

    If Γ ⊩ M : A,thenMσ : AσMρ:⟦Aρ.

  3. 3.

    If Γ ⊩ AconvA,thenAσconvAσAρ.

  4. 4.

    If Γ ⊩ MconvM : A,thenMσconvMσ : AσMρ:⟦Aρ.

  5. 5.

    If Γ ⊩ Atype,thenAσconvAσAρ.

  6. 6.

    If Γ ⊩ M : A,thenMσconvMσ : AσAρ.

Proof

This follows from Propositions 2 and 3 and Lemma 10, and the fact that weak-head reduction is stable under substitution. □

Corollary 5

If0convM : N,then\(M\rightarrow _{\mathsf {N}}^{*} \mathsf {0}\).IfSM0convM : N,then\(M\rightarrow _{\mathsf {N}}^{*} \mathsf {S}~M_{1}\)withM0convM1 : N.IfA0conv π(x : B1)F1,then\(A_{0}\rightarrow _{\mathsf {type}}^{*} {\Pi }(x:B_{0})F_{0}\)withB0convB1andN : B0impliesF0(N) convF1(N).

Proof

For the first statement, we have ⟦M⟧ = ⟦0⟧ = 0. Using the previous theorem, we get \(M:\mathsf {N}\mid _{\llbracket M \rrbracket :\mathsf {N}}\) that is M : N0:N, which means precisely \(M\rightarrow _{\mathsf {N}}^{*} \mathsf {0}\). The proof of the second statement is similar.

If A0conv π(x : B1)F1, then \(\llbracket A_{0} \rrbracket = \llbracket {\Pi }(x:B_{1})F_{1} \rrbracket = {\Pi }~\llbracket B_{1} \rrbracket ~\llbracket \lambda (x:B_{1})F_{1} \rrbracket \) and we have \(A_{0}~\mathsf {conv}~{\Pi }(x:B_{1}){F_{1}}\mid _{\llbracket A_{0} \rrbracket }\) by Theorem 2. It follows that \(A_{0}\rightarrow _{\mathsf {type}}^{*} {\Pi }(x:B_{0})F_{0}\) and \(B_{0}~\mathsf {conv}~{B_{1}}\mid _{\llbracket B_{0} \rrbracket }\) and \(N:B_{0}\mid _{v:\llbracket B_{1} \rrbracket }\) implies \(F_{0}(N)~\mathsf {conv}~F_{1}(N)\mid _{\llbracket F_{0} \rrbracket (x=v)}\). In particular, we have B0convB1 and, for v = ⊥, we have F0(N) convF1(N) if N : B0. □

Note that we cannot conclude that dependent product is one-to-one for conversion yet, since in the last case we get only that N : B0 implies F0(N) convF1(N), for N : B0closed, which is not enough to conclude F0convF1 (x : B0). A simple modification of our argument will apply however, as we shall see in the next section.

6 Connecting Syntax and Semantics, Second Version

We fix a context Δ = x1 : T1,x2 : T2(x1),…,xn : Tn(x1,…,xn− 1). Working in this context Δ corresponds to extend the type system with constants c1 : T1,c2 : T2(c1),…,cn : Tn(c1,…,cn− 1). We define the interpretation of these constants by taking ⟦ci⟧ = ⊥.

We then have \(c_{1}:{T_{1}}\mid _{\llbracket c_{1} \rrbracket :\llbracket T_{1} \rrbracket },~c_{2}:{T_{2}(c_{1})}\mid _{\llbracket c_{2} \rrbracket :\llbracket T_{2}(c_{1}) \rrbracket },~\dots \). All the reasoning of the previous section applies with this addition of constants ci. Moving between constants and variables, we deduce the following proposition, which does not mention constants:

Proposition 4

If Δ ⊩ A0conv π(x : B1)F1,then\(A_{0}\rightarrow ^{*}_{\mathsf {type}} {\Pi }(x:B_{0})F_{0}\)withΔ ⊩ B0convB1and Δ ⊩ N : B0implies Δ ⊩ F0(N/x) convF1(N/x).

Note that for this proposition, the context Δ is completely arbitrary. We can thus deduce the following fact:

Corollary 6

If Δ ⊩ A0conv π(x : B1)F1,then\(A_{0}\rightarrow ^{*}_{\mathsf {type}} {\Pi }(x:B_{0})F_{0}\)suchthat Δ ⊩ B0convB1and Δ,x : B0F0convF1.

Proof

Since all judgments stay valid by extension of the context, we not only have Δ ⊩ A0conv π(x : B1)F1. but also Δ,x : B0A0conv π(x : B1)F1. We can then apply the previous proposition, using Δ,x : B0 instead of Δ and taking x for u. □

As in [2], an important application of the injectivity of dependent product for conversion is subject-reduction, i.e. the following result.

Corollary 7

IfAtypeandAAthenAtypeandAconvA.IfM : AandMMthenM : AandMconvM : A.

7 Connecting Syntax and Semantics, Third Version

We refine the domain as follows

$$D~=~ [D\rightarrow D] + {\Pi}~D~[D\rightarrow D] + \mathsf{U}_{i} + \mathsf{N} + \mathsf{0} + \mathsf{S}~D + \mathsf{T} $$

and we add the following typing rules:

$$\frac{}{\mathsf{T}~\mathsf{type}} \quad\qquad \frac{}{\mathsf{T}:\mathsf{U}_i} \quad\qquad \frac{}{\mathsf{T}:\mathsf{N}} \quad\qquad \frac{}{\mathsf{T}:\mathsf{T}} $$

We extend the application operation u(v) by taking T(v) to be T for any value T. An operational intuition about T is that it represents the semantics of an “exception”. We also extend the definition of rec by rec(d0,d1) T = T. We finally refine the definition of the projection function by adding the clauses

Table 3

We now introduce the special class of “neutral” terms

$$k~::=~c_{i}~|~k~N~|~\mathsf{rec}(\lambda x~A,M,M)~k $$

and the predicate G(k) of “typable” neutral terms, which is defined by the following clauses, where we define at the same time the type function τ(k):

  1. 1.

    Any constant ci is typable, G(ci), and τ(ci) = Ti is the given type of ci.

  2. 2.

    If G(k) and \(\tau (k)\rightarrow _{\mathsf {type}}^{*} {\Pi } (x:B)F\) and N : B, then G(kN) and τ(kN) = F(N)

  3. 3.

    If G(k) and \(\tau (k)\rightarrow _{\mathsf {type}}^{*} \mathsf {N}\) and Ttype (x : N) and M0 : T(0) and M1 : π(x : N)(TT(Sx)), then G(rec(λxT,M0,M1) k) and τ(rec(λxT,M0,M1) k) = T(k)

We define next an equivalence relation Q(k,k) on elements satisfying G by the clauses:

  1. 1.

    Q(ci,ci)

  2. 2.

    Q(kN,kN) if Q(k,k) and \(\tau (k)\rightarrow _{\mathsf {type}}^{*} {\Pi } (x:B)F\) and N : B and \(\tau (k^{\prime })\rightarrow _{\mathsf {type}}^{*} {\Pi } (x:B^{\prime })F^{\prime }\) and N : B and BconvB and FconvF (x : B)

  3. 3.

    \(Q(\mathsf {rec}(\lambda x~T,M_{0},M_{1})~k,\mathsf {rec}(\lambda x~T^{\prime },M_{0}^{\prime },M_{1}^{\prime })~k^{\prime })\) if Q(k,k) and \(\tau (k)\rightarrow _{\mathsf {type}}^{*} \mathsf {N}\) and \(\tau (k^{\prime })\rightarrow _{\mathsf {type}}^{*} \mathsf {N}\) and TconvT (x : N) and \(M_{0}~\mathsf {conv}~M^{\prime }_{0}:T(\mathsf {0})\) and \(M_{1}~\mathsf {conv}~ M_{1}^{\prime }:{\Pi } (x:\mathsf {N})(T\rightarrow T(\mathsf {S}~x))\).

We refine then the definitions of Ja and Ju:a by the clauses:

  1. 1.

    AtypeT means that \(A\rightarrow _{\mathsf {type}}^{*} k\) for some k

  2. 2.

    AconvAT means that AconvA

  3. 3.

    M : AT:a, where a is T or Ui or N, means \(M\rightarrow _{A}^{*} k\) for some k

  4. 4.

    MconvM : AT:a, where a is T or Ui or N, means MconvM : A

Lemma 11

IfG(k) andτ(k) typea,thenk : τ(k)∣paT:a.IfQ(k,k) andτ(k) typea,thenkconvk : τ(k)∣paT:a.

Proof

By induction on atype. Let us for instance prove the first assertion in the case where a = π bf. We have \(\tau (k)\rightarrow _{\mathsf {type}}^{*} {\Pi } (x:B)F\) with Btypeb and N : Bv:b implies F(N) typef(v) and NconvN : Bv:b implies F(N) convF(N)∣f(v). It follows that N : Bv:b implies G(kN) and τ(kN) = F(N), so that kN : F(N)∣p (f(v)) T:f(v) by induction. Similarly we show that NconvNv:b implies Q(kN,kN) and so kNconvkN : F(N)∣p (f(v)) T:f(v) by induction. □

We explain now the semantics of the constants c1 : T1, c2 : T2(c1),…. We take \(\llbracket c_{1} \rrbracket = p~\llbracket T_{1} \rrbracket ~\mathsf {T}\) and then ⟦c2⟧ = pT2(c1)⟧ T and so on. This is justified since T1 does not refer to any constant, and T2 refers at most to the constant c1, and so on. It follows from the last lemma that we have \(T_{i}~\mathsf {type}\mid _{\llbracket T_{i} \rrbracket }\) and \(c_{i}:T_{i}\mid _{\llbracket c_{i} \rrbracket :\llbracket T_{i} \rrbracket }\).

Theorem 2 holds then with this semantics, since it holds for the constants ci.

We then have the following application, using as in the previous section the fact that the context Δ is arbitrary.

Theorem 3

If Δ ⊩ MconvN : A,thenM : AandN : Ahave the same Böhm tree.

Proof

Corollary 7 implies that a term is convertible to (and hence as the same semantics as) its weak head normal form. Theorem 2 shows then that, given any two convertible terms, if one has a weak head normal form, so does the other term and these weak head normal form have the same shape. □

8 Conclusion

We have shown that constructors are one-to-one for dependent type theory with conversion as judgment andη-conversion in a weak metatheory, while all existing proofs [2] use strong logical principles. Our argument applies as well to partial type theory, where we may have non terminating computations. An example is given in the reference [11]: one introduces a new base type Ω, which is like the type of natural numbers N with 0 deleted, and an element ω : Ω such that ωconvSω : Ω. The type Ω will be represented by a new finite element of the domain, while the element ω will be the least upper bound of the sequence ⊥, S ⊥, S (S ⊥),…

Using strong logical principles, it should be possible to define a semantical notion of totality on elements of the domain, and prove that a total element corresponds to a finite Böhm tree. If we are only interested in the evaluation of closed expressions, the techniques we have presented are enough to show canonicity of type theory extended with bar recursion, as in [8], but with η-conversion in the type system.

On the other hand it is not clear how to extend the present method to a type system with a type of all types. Do we still have adequacy in this case?