Proof-Relevant Parametricity

Abstract

Parametricity is one of the foundational principles which underpin our understanding of modern programming languages. Roughly speaking, parametricity expresses the hidden invariants that programs satisfy by formalising the intuition that programs map related inputs to related outputs. Traditionally parametricity is formulated with proof-irrelevant relations but programming in Type Theory requires an extension to proof-relevant relations. But then one might ask: can our proofs that polymorphic functions are parametric be parametric themselves? This paper shows how this can be done and, excitingly, our answer requires a trip into the world of higher dimensional parametricity.

This work is partially supported by SICSA, and EPSRC grants EP/K023837/1 and EP/M016951/1.

A Proofs from Section 5

Proof

(of Theorem 22 ). The proof is done by induction on type judgements. For type variables, all statements are trivial. For arrow types, this is Propositions 8 and 20.

It remains to prove (ii), (iii) and (iv) for \(\forall \)-types. In this case we only need to produce maps in both directions — they will automatically compose to the identity by proof-irrelevance of 2-relations. The structure of the proof is the same for all of the three points.

For (ii) consider \((\tau _0,\rho _0, \tau _1, \rho _1)\in \mathsf {Eq}_{\Vert }(\llbracket \forall X.T \rrbracket _{1}\bar{R})(f,g,h,l)\). We want to show that \((\varPsi (\tau _0),\rho _0,\varPsi (\tau _1),\rho _1)\in \llbracket \forall X.T \rrbracket _{2}\mathsf {Eq}_{\Vert }(\bar{R})(f,g,h,l)\), i.e. that for every 2-relation Q,

$$ (\varPsi (\tau _0) Q_{r0},\rho _0 Q_{0r}, \varPsi (\tau _1)Q_{r1},\rho _1 Q_{1r})\in \llbracket T \rrbracket _{2}(\mathsf {Eq}_{\Vert }(\bar{R}), Q)(f_0 Q_{00},g_0 Q_{10},h_0 Q_{01},l_0 Q_{11}). $$

By condition A1.1, we have

$$ (f_1 Q_{r0},\rho _0 Q_{1r}, f_1Q_{r1},\rho _0 Q_{0r})\in \llbracket T \rrbracket _{2}(\mathsf {Eq}_{\Vert }(\bar{R}), Q)(f_0 Q_{00},f_0 Q_{10},h_0 Q_{01},h_0 Q_{11}) $$

and using the equalities \((f_1 \mathsf {Eq}Q_{00}, \tau _0 \mathsf {Eq}Q_{10}, h_1 \mathsf {Eq}Q_{01}, \tau _1 \mathsf {Eq}Q_{11})\), we can show

$$\begin{aligned}&(f_0 Q_{00},g_0 Q_{10},h_0 Q_{01},l_0 Q_{11}, \varPsi (\tau _0) Q_{r0},\rho _0 Q_{0r}, \varPsi (\tau _1)Q_{r1},\rho _1 Q_{1r}) \\&\qquad \qquad \qquad \quad \equiv (f_0 Q_{00},f_0 Q_{10},h_0 Q_{01},h_0 Q_{11}, f_1 Q_{r0},\rho _0 Q_{1r}, f_1Q_{r1},\rho _0 Q_{0r}) \end{aligned}$$

We now transport across this equality to finish the argument.

Finally, in the other direction, if \((\rho _0,\rho _1,\rho _2,\rho _3)\in \llbracket \forall X.T \rrbracket _{2}\mathsf {Eq}_{\Vert }(\bar{R})(f,g,h,l)\), then \((\varTheta (\rho _0), \rho _1,\varTheta (\rho _2),\rho _3)\in \mathsf {Eq}_{\Vert }(\llbracket \forall X.T \rrbracket _{1}\bar{R})(f,g,h,l)\) by straightforward calculation and the definition of \(\llbracket \forall X.T \rrbracket _{2}\).

The case (iii) is just the same as the previous case, the only difference is that we now transport starting from condition (A1.2) and adjust the equalities along which we transport.

The last case (iv) is more complicated. Consider \((\tau _0,\tau _1, \rho _0, \rho _1)\in \mathbf {C}(\llbracket \forall X.T \rrbracket _{1} \bar{R})(f,g,h,l)\). We want to show that \((\varPsi (\tau _0),\varPsi (\tau _1),\rho _0,\rho _1)\in \llbracket \forall X.T \rrbracket _{2}\mathbf {C}(\bar{R}) (f,g,h,l)\), i.e. that for every 2-relation Q,

$$ (\varPsi (\tau _0) Q_{r0}, \varPsi (\tau _1) Q_{0r}, \rho _0Q_{r1},\rho _1 Q_{1r})\in \llbracket T \rrbracket _{2}(\mathbf {C}(\bar{R}), Q)(f_0 Q_{00},g_0 Q_{10},h_0 Q_{01},l_0 Q_{11}) . $$

By condition A1.3, we have

$$ (h_1 Q_{r0},h_1 Q_{1r}, \rho _0Q_{r1},\rho _0 Q_{0r})\in \llbracket T \rrbracket _{2}(\mathbf {C}{\bar{R}}, Q)(h_0 Q_{00},h_0 Q_{10},h_0 Q_{01},l_0 Q_{11}) $$

and using the equalities

we can show

$$\begin{aligned}&(f_0 Q_{00},g_0 Q_{10},h_0 Q_{01},l_0 Q_{11}, \varPsi (\tau _0) Q_{r0},\varPsi (\tau _1) Q_{0r}, \rho _0 Q_{r1},\rho _1 Q_{1r}) \\&\qquad \qquad \qquad \quad \equiv (h_0 Q_{00},h_0 Q_{10},h_0 Q_{01},l_0 Q_{11}, h_1 Q_{r0},h_1 Q_{1r}, \rho _0Q_{r1},\rho _0 Q_{0r}) \end{aligned}$$

We can now transport across this equality to finish the argument. This requires the use of Lemma 23 (i) and (ii), and the fact that \((\tau _0,\tau _1, \rho _0, \rho _1)\in \mathbf {C}(\llbracket \forall X.T \rrbracket _{1}\bar{R})(f,g,h,l)\).

Finally, In the other direction, if \((\rho _0,\rho _1,\rho _2,\rho _3)\in \) \(\llbracket \forall X.T \rrbracket _{2}\mathbf {C}(\bar{R})(f,g,h,l)\), then \((\varTheta (\rho _0), \varTheta (\rho _1),\rho _2,\rho _3)\in \mathbf {C}(\llbracket \forall X.T \rrbracket _{1}\bar{R})(f,g,h,l)\) by straightforward calculation and the definition of \(\llbracket \forall X.T \rrbracket _{2}\).    \(\square \)

Proof

(of Lemma 23 ).

1. (i)

   Since

   $$(f_1 R, f_1 \mathsf {Eq}R_0, f_1 R, f_1 \mathsf {Eq}R_1)\in \llbracket T \rrbracket _{2}(\mathbf {C}\circ \mathsf {Eq}(\vec {A}), \mathsf {Eq}_{=}(R))(f_0 R_0, f_0 R_1, g_0 R_0, g_0 R_1)$$

   and \(\llbracket T \rrbracket _{2}(\mathbf {C}\circ \mathsf {Eq}(\vec {A}), \mathsf {Eq}_{=}(R))=\llbracket T \rrbracket _{2}(\mathsf {Eq}_{=} \circ \mathsf {Eq}(\vec {A}), \mathsf {Eq}_{=}(R))\cong \mathsf {Eq}_{=}(\llbracket T \rrbracket _{1}(\mathsf {Eq}\vec {A},R))\), by Theorem 22 (iii), the thesis follows.

2. (ii)

   By assumption,

   $$ (f_1 R, \phi \mathsf {Eq}R_0, g_1 R, \phi \mathsf {Eq}R_1)\in \llbracket T \rrbracket _{2}(\mathsf {Eq}_{=}\mathsf {Eq}\vec {A},\mathsf {Eq}_{=}R)(f_0 R_0, f_1 R_1, g_0 R_0, g_0 R_1) . $$

   By Theorem 22 (iii), \(\llbracket T \rrbracket _{2}(\mathsf {Eq}_{=}\mathsf {Eq}\vec {A},\mathsf {Eq}_{=}R)\cong \mathsf {Eq}_{=}(\llbracket T \rrbracket _{1}(\mathsf {Eq}\vec {A},R))\), hence we have \(\mathsf {tr}((\phi \mathsf {Eq}R_0)^{-1}, (g_1 \mathsf {Eq}R_1)^{-1})g_1 R = \mathsf {tr}(f_1 \mathsf {Eq}R_0, \phi \mathsf {Eq}R_1)f_1 R\). If we now transport \((f_1 R, \phi \mathsf {Eq}R_0, g_1 R, \phi \mathsf {Eq}R_1)\) along the equality proof \(((f_1 \mathsf {Eq}R_0)^{-1},\) \((f_1 \mathsf {Eq}R_1)^{-1},(\phi \mathsf {Eq}R_0)^{-1},(g_0 \mathsf {Eq}R_1)^{-1})\), the result follows.

3. (iii)

   By assumption,

   $$ (g_1 Q_{r0}, g_1 Q_{0r}, g_1 Q_{r1}, g_1 Q_{1r})\in \llbracket T \rrbracket _{2}(\mathsf {Eq}_2 \vec {A}, Q)(g_0 Q_{00}, g_0 Q_{10}, g_0 Q_{01}, g_0 Q_{11}) $$

   We can transport \((g_1 Q_{r0}, g_1 Q_{0r}, g_1 Q_{r1}, g_1 Q_{1r})\) along the equality \(((\phi \mathsf {Eq}Q_{00})^{-1},\) \((g_1 \mathsf {Eq}Q_{10})^{-1},(g_1 \mathsf {Eq}Q_{01})^{-1},(g_1 \mathsf {Eq}Q_{11})^{-1})\). By (i) and (ii), condition (A0), and \(\llbracket T \rrbracket _{2}(\mathsf {Eq}_2 \vec {A},Q)=\llbracket T \rrbracket _{2}(\mathbf {C}\circ \mathsf {Eq}\vec {A},Q)\), the thesis follows.    \(\square \)

Proof

(of Theorem 25 ). We need to check that the \(\beta \)- and \(\eta \)-rules for both term and type abstraction are respected. For term abstraction, this follows from Lemmas 13 and 16.

We next consider the \(\eta \)-rule for type abstraction. Let \(\varGamma ; \varDelta \vdash t : \forall X . T\) be given. Let \(\llbracket t \rrbracket _{0}\vec {A}\gamma = (f_0,f_1)\). Showing \(\llbracket \varLambda X . t[X] \rrbracket _{0} \equiv \llbracket t \rrbracket _{0}\) means giving \(p_0 : \mathsf {Id}_{}(\lambda A.f_0 A, f_0)\) and . For \(p_0\), we choose \(p_0 = \mathsf {refl}\). Note that

$$(\llbracket t \rrbracket _{1}\mathsf {Eq}(\bar{A})\varTheta _{\varDelta , 0}(\mathsf {refl}(\gamma ))\,R))= \varTheta _{\varDelta , 0}(\mathsf {refl}(\llbracket t \rrbracket _{0}\vec {A}\gamma ))\,R = $$

$$\mathsf {tr}(f_1 \mathsf {Eq}(R_0),\mathsf {refl}) f_1 R$$

under the equivalence with respect to \(\tau = \mathsf {refl}\), and

In this way we can conclude

$$\begin{aligned} \mathsf {tr}(f_1 \mathsf {Eq}(R_0),\mathsf {refl})^{-1}(\varTheta _{\varDelta , 0}(\mathsf {refl}(\llbracket t \rrbracket _{0}\vec {A}\gamma ))\,R)&= \mathsf {tr}(f_1 \mathsf {Eq}(R_0),\mathsf {refl})^{-1}\mathsf {tr}(f_1 \mathsf {Eq}(R_0),\mathsf {refl}) f_1 R \\&= f_1 R. \end{aligned}$$

Similarly, things are exactly lined up to make \(\mathsf {tr}(\mathsf {pair}_{=}(p_0, p_1))(\llbracket \varLambda X . t[X] \rrbracket _{1}) \equiv \llbracket t \rrbracket _{1}\) trivial.

For the \(\beta \)-rule, consider \(\varGamma ,X \vdash t:T\). We can use \(p_{\bar{A}} = (\llbracket t \rrbracket _{1}\mathsf {Eq}(\vec {A},\llbracket S \rrbracket _{0}\vec {A})\varTheta _{\varDelta ,0}(\mathsf {refl}(\gamma )))^{-1}\) to prove \(\llbracket (\varLambda X . t)[S] \rrbracket _{0}\bar{A}\gamma \equiv \llbracket t[X \mapsto S] \rrbracket _{0}\bar{A}\gamma \). This makes \(\mathsf {tr}(p_{\bar{R}_0})(\llbracket (\varLambda X . t)[S] \rrbracket _{1})\bar{R}\bar{\gamma } \equiv \llbracket t[X \mapsto S] \rrbracket _{1}\bar{R}\bar{\gamma }\) trivial, again using Lemma 1.    \(\square \)