Deriving the correctness of quantum protocols in the probabilistic logic for quantum programs

Abstract

This paper presents a sound axiomatization for a probabilistic modal dynamic logic of quantum programs. The logic can express whether a state is separable or entangled, information that is local to a subsystem of the whole quantum system, and the probability of positive answers to quantum tests of certain properties. The power of this axiomatization is demonstrated with proofs of properties concerning bases of a finite-dimensional Hilbert space, composite systems, entangled and separable states, and with proofs of the correctness of two probabilistic quantum protocols (the quantum leader election protocol and the BB84 quantum key distribution protocol).

1 Introduction

There is a large literature on logics for classical computation. These include Hoare logic (1969), propositional dynamic logic (Fischer and Ladner 1979), other dynamic logics (Harel et al. 2000), and temporal logics (Hodkinson and Reynolds 2007), and they aid in proving correctness of protocols and programs. With the increased prospects of quantum devices and computers, there is a growing interest in quantum analogs for these logics.

Quantum logic, which was originally used to clarify properties of quantum physics (Birkhoff and Neumann 1936), has developed into a broader field, with many logics addressing algebraic structures of quantum systems (Dalla Chiara and Giuntini 2002; Dalla Chiara et al. 2004). A significant recent development is the strengthening of quantum logic to be able to address quantum computation as well (Dunn et al. 2013). This coincides with development to formalize the semantics of quantum programs (D’Hondt and Panangaden 2006b) and the development of model checkers and verification tools for quantum systems (Gay et al. 2008; Feng et al. 2013; Ying et al. 2013).

Recent work toward the development of quantum logics for computation yielded probabilistic dynamic quantum logics that are decidable, such as Baltag et al. (2013, 2014), and the correctness of many quantum protocols can be expressed in these languages. However, an axiomatization of these probabilistic systems is lacking. In the non-probabilistic setting, a sound axiomatization relevant to our work was developed in Baltag and Smets (2006) for the Logic of Quantum Programs, a quantum analog of the propositional dynamic logic, which was used to prove the correctness of the quantum teleportation protocol and the quantum secret sharing protocol. But the logic of quantum programs could not express quantities, and could only account for the correctness of qualitative properties of algorithms and protocols considered, and that work considered a probabilistic extension to be a greater goal of the program.

This paper lays a foundation for an axiomatization for a probabilistic variant of the Logic of Quantum Programs. The language involves dynamic modalities for quantum programs as well as probabilistic modalities, and is similar to the decidable logic in Baltag et al. (2014), and hence we give it the same name: the Probabilistic Logic of Quantum Programs. Among the differences between our language here and the one in Baltag et al. (2014) is that our language here simplifies the formulas for locality to describing full separability with respect to a given set of components. This simplification of the language allows us to highlight basic properties in the proof system that are essential to properties of bases of a finite-dimensional Hilbert space. We develop a sound proof system for this logic, and we use it to prove properties of the quantum leader election protocol of D’Hondt and Panangaden (2006a) and the BB84 quantum key distribution protocol (Bennett and Brassard 1984, 2014).

The quantum leader election protocol is a method for selecting exactly one of n many members, giving each member equal chance of being selected. This is analogous to establishing a fair n-sided die, and such selections are important for distributive systems. We prove in our language the existence and correctness of the W-state as a shared state whose measurement would select a leader with the correct probability. The BB84 quantum key distribution protocol is a secure distribution key protocol. We prove in our language the correctness of this protocol in the event that there is no eavesdropping of communication. These two protocols are just examples of what our system can prove, and we are sure there are many others. But our logic also lays a foundation for further development in axiomatizing logics for quantum systems, particularly those that involve probability.

There have been other developments in forming axiomatizations of quantum logics. Goldblatt (1974), developed a complete axiomatization of orthologic and orthomodular quantum logic. There has also been development of Gentzen style proof systems for orthologic (Nishimura 2009). Selinger (2007), uses a graphical language to axiomatize properties for dagger compact closed categories, and shows in Selinger (2011, 2012) that this axiomatic system is also complete with respect to finite-dimensional Hilbert spaces. Abramsky and Bob (2009), use a diagrammatic axiomatization to prove the correctness of quantum teleportation, logic gate teleportation, and entanglement swapping protocols. An axiomatization of a quantum logic that involve probabilities is given in Mateus and Sernadas (2006). Our logic differs from these in that it builds on the work of Baltag and Smets (2006) and Baltag et al. (2014), and can be viewed as a probabilistic quantum analog of propositional dynamic logic.

Our paper is organized as follows. In Sect. 2, we introduce probabilistic quantum structures, the basic structures for our semantics, which are mild abstractions of Hilbert spaces. In Sect. 3, we introduce the syntax and semantics for our probabilistic logic of quantum programs. We then present in Sect. 4 the deductive system and prove some properties in the language from it, including properties concerning orthonormal bases. In Sect. 5, we prove the correctness of the quantum leader election protocol and the BB84 protocol.

2 Probabilistic quantum structure

Let \({\mathcal {H}}\) be a finite-dimensional Hilbert space with an orthonormal basis \(\mathbf{B}=(\mathbf{b}_0,\cdots ,\mathbf{b}_{n-1})\). Let \(V_{\mathbf{B}}\) denote the set of all functions \(f:\mathbf{B}\rightarrow {\mathbb {C}}\). It is well known that there is a bijective correspondence between the vectors in \({\mathcal {H}}\) and the elements of \(V_{\mathbf{B}}\) given by mapping every \(\mathbf{v}\) in \({\mathcal {H}}\) to the function \(\mathbf{b}_i\mapsto \langle \mathbf{v},\mathbf{b}_i\rangle \). A state of \({\mathcal {H}}\) is a one-dimensional subspace s of \({\mathcal {H}}\). We represent the states of \({\mathcal {H}}\) by a subset of \(V_{\mathbf{B}}\), each representing a canonical representative of the one-dimensional subspace. This subset is the set of complex probability mass function defined as follows.

Definition 2.1

(Complex probability mass functions) Let \( B = \{ b_i \mid 0\le i < n \} \) for some positive \(n\in \mathbb {N}\) be an ordered set (which we call an ordered basis). A function \( f : B \rightarrow {\mathbb {C}}\) is called a complex probability mass function on B if

1. 1.

   there exists an \( i \in n \) such that

   1. (a)

      \( f(b_j) = 0 \) for all \( j < i \), and

   2. (b)

      \( f(b_i) \in (0,1] \),

2. 2.

   \( |f(b_i)|^2 \in [0,1] \), and

3. 3.

   \( \sum _{i \in N} |f(b_i)|^2 = 1 \).

Let \( S_B \) denote the set of all complex probability mass functions on B .

Note that if f is a complex probability mass function, the function \(f^2:B\rightarrow [0,1]\) is a (real) probability mass function. In this sense, a complex probability mass function can be seen as an appropriate “square root” of a probability mass function.

Every function \(f\in V_B\) can be converted into a function \(S_B\) as follows.

Definition 2.2

(Strong normalization) For every nonzero function \(f:\mathbf{B}\rightarrow {\mathbb {C}}\), where \(c=f(\mathbf{b}_i)\) for the smallest i such that \(f(\mathbf{b}_i)\ne 0\), we define the strong normalization \({\mathsf {sn}}(f)\) of f by

$$\begin{aligned} {\mathsf {sn}}(f):\mathbf{b}\mapsto \frac{\overline{c}}{\sqrt{\sum _i |\overline{c}\cdot f(\mathbf{b}_i)|^2}}f(\mathbf{b}), \end{aligned}$$

where in general \(\overline{z}\) is the complex conjugate of z.

It is easy to see that the strong normalization transforms any nonzero function \(f:\mathbf{B}\rightarrow {\mathbb {C}}\) into a complex probability mass function. The set of complex probability mass functions is identified with the set of states of a Hilbert spaces by the following proposition.

Proposition 2.3

Let \({\mathcal {H}}\) be a Hilbert space with \(\mathbf{B}= \{\mathbf{b_0},\cdots ,\mathbf{b_{n-1}}\}\) an ordered orthonormal basis. The following both hold.

1. 1.

   Given a complex probability mass function \(f:\mathbf{B}\rightarrow {\mathbb {C}}\), there exists a unique unit vector \(\mathbf{v}\) in \({\mathcal {H}}\), such that for each j, \(f(\mathbf{b_j}) = \langle \mathbf{v},\mathbf{b_j}\rangle \).

2. 2.

   Given any state s of \({\mathcal {H}}\), there is a unique unit vector \(\mathbf{v}\) in s, such that the function \(f_{\mathbf{v}} = \langle \mathbf{v},\cdot \rangle :\mathbf{B}\rightarrow {\mathbb {C}}\) is a complex probability mass function over the ordered orthonormal basis \(\mathbf{B}\).

Proof

1. 1.

   Given \(f\in S_{\mathbf{B}}\), we define the vector \(\mathbf{v}\) to be

   $$\begin{aligned} \mathbf{v}=\sum _{j\in n} f(\mathbf{b}_\mathbf{j})\mathbf{b}_\mathbf{j}. \end{aligned}$$

   Since the basis \(\mathbf{B}\) is orthonormal, it is easy to see that \(f(\mathbf{b_j}) = \langle \mathbf{v},\mathbf{b_j}\rangle \). By condition 3 of the definition of a complex probability mass function, \(\mathbf{v}\) is a unit vector.

2. 2.

   Let s be a one-dimensional subspace of \({\mathcal {H}}\), and let \(\mathbf{w}\) be any nonzero vector in s. We identify \(\mathbf{w}\) with a nonzero function in \(f_{\mathbf{w}}\in V_{\mathbf{B}}\). Let \(\mathbf{v}\) be a vector corresponding to \({\mathsf {sn}}(f_{\mathbf{w}})\). As \(\mathbf{v}\) only differs from \(\mathbf{w}\) by a constant multiple, \(\mathbf{v}\in s\). Furthermore, as \({\mathsf {sn}}(f_{\mathbf{w}})\) is a complex probability mass function, \(\mathbf{v}\) is a unit vector. To see that \(\mathbf{v}\) is unique, we observe that for any complex number \(c\ne 1\) and any complex probability mass function f, the function \(c\cdot f: \mathbf{b}\mapsto c\cdot f(\mathbf{b})\) is not a complex probability mass function. \(\square \)

Because every state can be represented by a complex probability mass function, we will use the term state to mean either a one-dimensional subspace or a complex probability mass function. We will also use the same notation for both concepts. Also, throughout this paper, we will identify each natural number \(n\in \mathbb {N}:=\{0,1,2,\cdots \}\) with the set \(\{0,1,\cdots ,n-1\}\) of elements preceding it. If we write \( i < N \) without a lower bound, we intend for i to range from \( i = 0 \) to \( i = N -1 \).

2.1 Maps between bases and states

We require the basis to be ordered so that we can have a canonical representation of each state via a vector representative of its one-dimensional subspace (for the same reason, vectors are written as ordered tuples, also assuming an order to its basis). Were we to reorder the basis elements, we could then map each vector representative in the original ordering to its unique corresponding representative in the new order (this mapping is, in this context, an identity map on states). This concept is generalized to change-of-basis maps as follows.

Definition 2.4

(Change-of-basis isomorphism) Let \( B = \{ b_i \mid i < d_B \} \) and \( C = \{ c_i \mid i < d_C \} \) be two ordered basis (where C could be a reordering of B). A function \( h : S_B \rightarrow S_C \) is a change-of-basis isomorphism iff there is a bijection \( \eta : C \rightarrow B \) (which implies \( d_B = d_C \)) such that for all \( s \in S_B \) and for all \( i < d_C \)

$$\begin{aligned} h(s)(c_i) = {\mathsf {sn}}(s\circ \eta )(c_i). \end{aligned}$$

We call h an order isomorphism if in addition \( \eta (c_i) = b_i \) for all \( i < d_C \). We write \(B\cong C\) and \(S_B\cong S_C\) if there is an order isomorphism between \(S_B\) and \(S_C\). We write \(s\cong t\) for \(s\in S_B\) and \(t\in S_C\) if there is an order isomorphism \(h:S_B\rightarrow S_C\), such that \(h(s)=t\).

The tensor product of two ordered bases is the Cartesian product of the elements ordered by the dictionary order.

Definition 2.5

(Tensor product) The tensor product of two ordered bases \(B = (b_0,\cdots ,b_{n-1})\) and \(C = (c_0,\cdots ,c_{m-1})\) is \(D= (d_0,\cdots ,d_{nm-1})\), such that \(d_k = (b_i,c_j)\) where \(i = \lfloor k/m \rfloor \) and \(j = k \mod m\). The tensor product of \(s\in S_B\) and \(t\in S_C\), denoted \(s\otimes t\), is given by

$$\begin{aligned} (s\otimes t)(b_i,c_j) = s(b_i)\cdot t(c_j). \end{aligned}$$

It is easy to see that in general \((s\otimes t)\otimes r \cong s\otimes (t\otimes r)\). As the tensor product is associative given our strictest notion of isomorphism, we will ignore internal parentheses when taking tensor products of more than two bases.

2.2 Agents and separability

Definition 2.6

(Multi-agent PQM and components) Let \( N= \{0,\cdots ,N-1\}\) be a finite set of agents. An N-probabilistic quantum model (N-PQM) is a tuple \(\mathfrak {M}=(B_0,\cdots ,B_{N-1})\) of ordered bases. Let \(I\subseteq N\). Then \(\mathfrak {M}_I :=\{B_i \mid i\in I\}\) is said to be a component of \(\mathfrak {M}\).

If \(I = \{x_1,\cdots ,x_m\}\subseteq N\) for some \(m < N\) (where \((x_i)\) is strictly increasing), we write \(\bigotimes \mathfrak {M}_I = B_{x_1}\otimes B_{x_2}\otimes \cdots \otimes B_{x_m}\). We write \(S^{\mathfrak {M}}_I\) (or \(S_I\) if \(\mathfrak {M}\) is understood from context) for \(S_{\bigotimes \mathfrak {M}_I}\), and S (or \(S^{\mathfrak {M}}\)) for \(S_N\) (or \(S^{\mathfrak {M}}_N\)). In what follows, given a finite ordered set \(J = \{x_1,\cdots ,x_m\}\) for some \(m < N\) (with the sequence \((x_i)\) being strictly increasing), we use the notation \((b_i)_{i\in J}\) for the tuple \((b_{x_1},\cdots ,b_{x_m})\).

Definition 2.7

(Tensor product of agent components) Let \(\mathfrak {M}=(B_0,\cdots ,B_{N-1})\) be an N-PQM, and let \(I,J\subseteq N\), such that \(I\cap J=\emptyset \). The \(\mathfrak {M}\)-tensor product \(\mathfrak {M}_I \otimes ^{\mathfrak {M}} \mathfrak {M}_J\) is defined to be \(\mathfrak {M}_{I\cup J}\), but where for each \(s\in S_I\) and \(t\in S_{J}\), we have for each sequence \((x_i)\) with \(b_{x_i}\in B_i\) that

$$\begin{aligned} \left( s\otimes ^{\mathfrak {M}} t\right) ((b_{x_i})_{i\in I\cup J}) = s((b_{x_i})_{i\in I})\cdot t((b_{x_i})_{i\in J}). \end{aligned}$$

Give sets \(X\subseteq S_I\) and \(Y\subseteq S_{J}\), let \(X\otimes ^\mathfrak {M}Y :=\{x\otimes ^\mathfrak {M}y\mid x\in X, y\in Y\}\).

Note that although \(\otimes \) is not commutative, \(\otimes ^{\mathfrak {M}}\) is. Also note that \(\otimes ^\mathfrak {M}\) is associative; hence we generally omit parentheses.

Definition 2.8

(Separable and entangled states) Given an N-PQM \(\mathfrak {M}\), a set \(J\subseteq N\), a partition \(\varPi = \{X_1,\cdots ,X_k\}\) of N, and a state \(s\in S^{\mathfrak {M}}\), we say than

• s is \(\mathfrak {M}\)-separable in J if there exist \(s_J\in S_J\) and \(s_{N{\setminus } J}\in S_{N\setminus J}\) such that \(s \cong s_J\otimes ^{\mathfrak {M}} s_{N\setminus J}\). If s is not \(\mathfrak {M}\)-separable in J we say that s is \(\mathfrak {M}\)-entangled in J.

• s is \(\mathfrak {M}\)-separable in \(\varPi \) if there exists \(s_i\in S_{X_i}\) such that \(s\cong s_1\otimes ^\mathfrak {M}\cdots \otimes ^\mathfrak {M}s_k\). If s is not \(\mathfrak {M}\)-separable in \(\varPi \) we say that s is \(\mathfrak {M}\)-entangled in \(\varPi \). If \(\mathfrak {M}\) is separable in \(\{\{i\}\mid i\in N\}\), we say \(\mathfrak {M}\) is fully separable.

Separability will play an important role in the semantics of the logic we define in the next section.

3 Probabilistic quantum logic

In this section, we define the syntax and semantics of our language, and provide some useful syntactic abbreviations.

3.1 Syntax

Let N be a set of agents and let \( {\text {Prop}}\) be a (countable) set of proposition letters denoted with \( p, q, \dots . \) The language is three-sorted, with formulas \(\phi \), programs \(\alpha \), and probability terms t, and is defined by

$$\begin{aligned} \phi \,\,{::=}\,\, {}&p \mid \lnot \phi \mid \phi \wedge \phi \mid [\alpha ]\phi \mid \\&{\textsf {Atom}}(\phi ) \mid {\mathsf {Sep}}(\phi ) \mid \phi _I \mid t \ge \rho \\ \alpha \,\,{::=}\,\, {}&\phi ? \mid \alpha \cup \alpha \mid \alpha ;\alpha \\ t \,\,{::=}\,\, {}&\rho \Pr (\phi ) \mid t + t \end{aligned}$$

where \( p \in {\text {Prop}}\), \( I \subseteq N \), \( \varPi \subset \mathcal {P}(N) \) is a partition of N , and \( \rho \in \mathbb {Q} \). The set of formulas \(\phi \) is denoted by \(\mathcal {L}_N\), and the set of terms t is denoted by \({\text {Terms}}\).

We have the standard logical connectives \( \lnot \phi , \phi \wedge \psi \) and \( [\alpha ]\phi \) with the meaning not \( \phi \), \( \phi \) and \( \psi \) and after any successful execution of program \( \alpha \), \( \phi \) holds respectively.

Here the programs \( \alpha \) are \( \phi ? \), a quantum test whether or not \( \phi \) holds; \(\alpha \cup \beta \), an arbitrary choice between two programs \( \alpha \) and \( \beta \); and \( \alpha ;\beta \), the sequential execution of two programs \( \alpha \) and \( \beta \).

We also have three nonstandard, but useful connectives. \( {\textsf {Atom}}(\phi ) \) intuitively means that \( \phi \) is only true at one and only one state. \( {\mathsf {Sep}}(\phi ) \) means intuitively that all states making \( \phi \) true are separable into each agent, that is, these states are of the form \( \bigotimes ^\mathfrak {M}_{i < N} s_{\{i\}} \) for some \( s_{\{i\}} \in S_{\{i\}} \) for each \( i < N \). \( \phi _I \) intuitively represents the information that the local system I has about \( \phi \) , that is, if any measurement that can be performed within the local system I cannot refute \( \phi \), then \( \phi _I \) true.

Lastly, we have \( t \ge \rho \), which intuitively means the probability of t is greater than or equal to \( \rho \). Here t is a linear combination of \( \Pr (\phi ) \), the probability that a test for \( \phi \) is successful.

We have chosen the language to express several examples in the simplest way. However, one could easily imagine ways to extend the expressibility of this language. For example, we could extend this language with unitary operators \(\alpha \,\,{::=}\,\, U \mid U^\dagger \); however, we do not use these operators in the examples we discuss.

3.2 Semantics

The semantics is defined with respect to an N-PQM \( \mathfrak {M}\). We will make use of the following concepts. We first observe that from just an ordered basis \(B = \{b_0,\cdots ,b_{n-1}\}\) we can recover the Hilbert space structure, such as the inner product, as follows. For any two states \(s,t\in S_B\), we define the inner product of s and t to be

$$\begin{aligned} {\langle s,t\rangle } :=\sum _{i =0}^{n-1} \overline{s(b_i)}t(b_i) \end{aligned}$$

(3.1)

where in general \(\overline{z}\) is the complex conjugate of z. Then \(R :=\{ (s,t) \mid {\langle s,t\rangle } \ne 0 \}\) relates any two states that are non-orthogonal. We define the orthocomplement of a set of states X by

$$\begin{aligned} {\sim }X:=\{ s \in S \mid (s,x) \notin R \text { for all } x \in X \} \end{aligned}$$

and let \(\mathcal {T}:=\{ P \subseteq S \mid P = {\sim }{\sim }P \} \) be the set of testable properties. For each \( P \in \mathcal {T}\), we then let

$$\begin{aligned} R_P :=\left\{ (s,t) \in S^2 \Bigg | \begin{aligned}&t \in P \text { and } |{\langle s,u\rangle }|^2 < |{\langle s,t\rangle }|^2 \\&\text {for all } u \in P{\setminus } \{t\} \end{aligned} \right\} . \end{aligned}$$

Note that each \( P \in \mathcal {T}\) corresponds to a linear closed subspace in a Hilbert space and that the relation \( R_P \) in fact corresponds to the projection onto the subspace P .

It is easy to see that each singleton is testable, and hence that \(R = \bigcup _{P\in \mathcal {T}} R_P\). Given an N-PQM \(\mathfrak {M}\) with carrier set \(S = S_{\bigotimes \mathfrak {M}}\) and a valuation \( V : {\text {Prop}}\rightarrow \mathcal {P}S \), we interpret formulas by a function \( {\llbracket \cdot \rrbracket }^{\mathfrak {M}} : \mathcal {L}_N \rightarrow \mathcal {P}S \), we interpret each program \(\alpha \) by a relation \(R^{\mathfrak {M}}_\alpha \subseteq S\times S\), and we interpret probability terms by a family of functions \({\llbracket \cdot \rrbracket }^{\mathfrak {M}}_s: {\text {Terms}}\rightarrow \mathbb {R}\) for each \(s\in S\) as follows (we typically omit the superscript when it is understood by context). To interpret formulas \( \phi \):

$$\begin{aligned} {\llbracket p \rrbracket }&:=V(p), \\ {\llbracket \lnot \phi \rrbracket }&:=S {\setminus }{\llbracket \phi \rrbracket }, \\ {\llbracket \phi \wedge \psi \rrbracket }&:={\llbracket \phi \rrbracket } \cap {\llbracket \psi \rrbracket }, \\ {\llbracket [\alpha ]\phi \rrbracket }&:=\{ s \in S \mid R_\alpha (s) \subseteq {\llbracket \phi \rrbracket } \}, \\ {\llbracket {\textsf {Atom}}(\phi ) \rrbracket }&:={\left\{ \begin{array}{ll} S &{}\text {if } {\llbracket \phi \rrbracket } = \{ s \} \text { for some } s \in S,\\ \emptyset &{}\text {otherwise,} \end{array}\right. }\\ {\llbracket {\mathsf {Sep}}(\phi ) \rrbracket }&:={\left\{ \begin{array}{ll} S &{}\text {if } {\llbracket \phi \rrbracket } \subseteq \{ s \in S \mid s = \bigotimes ^\mathfrak {M}_{i \in N} s_{\{i\}} \},\\ \emptyset &{}\text {otherwise,} \end{array}\right. }\\ {\llbracket \phi _I \rrbracket }&:=\left\{ s_I \otimes ^\mathfrak {M}s_{N {\setminus } I} \;\Bigg |\; \begin{aligned}&(s_I \otimes ^\mathfrak {M}t_{N {\setminus } I}) \in {\llbracket \phi \rrbracket } \\&\text {for some } t_{N{\setminus } I} \end{aligned} \right\} , \\ {\llbracket t \ge \rho \rrbracket }&:=\{ s \in S \mid {\llbracket t \rrbracket }_s \ge \rho \}. \end{aligned}$$

To interpret programs \( \alpha \):

$$\begin{aligned} R_{\phi ?}&:=R_P, \text { where } P = {\sim }{\sim }{\llbracket \phi \rrbracket }, \\ R_{\alpha \cup \beta }&:=R_\alpha \cup R_\beta , \\ R_{\alpha ;\beta }&:=R_\alpha ;R_\beta . \end{aligned}$$

To interpret terms t :

$$\begin{aligned} {\llbracket \rho \Pr (\phi ) \rrbracket }_s&:=\rho \sum _{t \in R_P(s)} |{\langle s,t\rangle }|^2, \text { where } P = {\sim }{\sim }{\llbracket \phi \rrbracket }, \\ {\llbracket t_1 + t_2 \rrbracket }_s&:={\llbracket t_1 \rrbracket }_s + {\llbracket t_2 \rrbracket }_s. \end{aligned}$$

3.3 Abbreviations

With this language, we can express many notions in quantum mechanics. Some are so important and natural to use, we introduce abbreviations for them (Table 1). We have the standard abbreviations \( {\mathtt {tt}}, {\mathtt {ff}}\) and \( \vee \). Note that if \([ \lnot \phi ? ]{\mathtt {ff}}\) holds in a state s, then any test from s will result in a state with property \(\phi \), or equivalently, any non-orthogonal state has property \(\phi \). We abbreviate \([ \lnot \phi ? ]{\mathtt {ff}}\) using \(\Box \phi \), where \(\square \) can be viewed as the modal operator for the non-orthogonality relation R. We abbreviate \({\sim }\phi \) by \(\Box \lnot \phi \) for the following reason. The orthocomplement of \( \phi \), denoted by \( {\sim }\phi \), is true at any state s that is orthogonal to the set of states that make \(\phi \) true. Equivalently, every state that makes \(\phi \) true is orthogonal to s, and hence every state non-orthogonal to s makes \(\lnot \phi \) true. This means that \(\Box \lnot \phi \) is true at s. With the orthocomplement, we can also define the quantum join: \( \phi \sqcup \psi :={\sim }( {\sim }\phi \wedge {\sim }\psi ) \). The quantum join \( \phi \sqcup \psi \) can be thought of as the smallest testable property containing \( \phi \) and \( \psi \).

Our quantum models satisfy the superposition principle: every state can reach any other state in two non-orthogonal steps, that is \( R ; R = S \times S \). This gives us the power to express that a formula is valid in a model: \( \forall \phi :=\square \square \phi \) is true at a state iff \( \phi \) is true at every state in the model. With this global modality, we can express many relations between formulas that are globally true, such as inequality: \( (\phi \le \psi ) :=\forall (\phi \rightarrow \psi ) \), equality: \( (\phi \equiv \psi ) :=\forall (\phi \leftrightarrow \psi ) \), and orthogonal formulas: \( (\phi \perp \psi ) :=(\phi \le {\sim }\psi ) \).

As can be seen from the definition of the semantics, the logical operators for probability \( \Pr (\phi ) \) and for tests \( \phi ? \) are only meaningful if the formula \( \phi \) is testable. Noting that every testable property is closed under taking double orthocomplement, we can express testability by \( T(\phi ) :=(\phi \equiv {\sim }{\sim }\phi ) \).

Similarly, in a multi-agent setting, the formula \(\phi \) must be separable in I for \(\phi _I\) to represent the information I has about \(\phi \) (that is, I’s local state). We say that \(\phi \) is I-local if \( I(\phi ) :=(\phi \equiv \phi _I) \), that is, the truth of \( \phi \) is fully determined by the local state of I.

Table 1 Abbreviations for formulas

In Table 2, we have abbreviations concerning probabilities. All but the last two are standard abbreviations for terms and pure probabilistic formulas taken from (Fagin et al. 1990, p. 83). Concerning the last two, we are often interested in the probability of successfully testing \( \phi \) as well as the outcome of a successful test. We abbreviate this with the formulas \( {\langle \phi ? \rangle }_{= \rho } \psi \) and \( {\langle \phi ? \rangle }_{> \rho } \psi \).

Table 2 Probabilistic abbreviations

4 Deductive system

Our deductive proof system contains three rules (Table 3), where \( \phi ^\sigma \) is obtained from \( \phi \) by replacing all occurrences of p with \( \sigma (p) \), and a list of axioms (Table 4), divided into the following five categories: standard propositional dynamic logic axioms, standard axioms about linear inequalities, basic axioms for quantum systems, probabilistic axioms for quantum systems and axioms for quantum systems concerning atoms and separability.

Table 3 Rules

Table 4 Axioms for quantum systems

A proof for \( \phi \) is a finite sequence of formulas, such that the last formula is \( \phi \) and every formula is either an axiom listed below or obtained by applying an inference rule to (a) formula(s) appearing earlier in the sequence.

The three rules in Table 3 are standard, but we can deduce some nonstandard rules concerning the abbreviations \( \forall \), \( \le \), \( \equiv \) and \( T(\cdot ) \), which will be given in Lemma 4.3.

The axioms for programs and for linear inequalities are standard, so we will only discuss the axioms in the last three categories.

Basic axioms for quantum systems The first axiom Q1 states that equivalent formulas have equivalent tests. The second axiom Q2 expresses our design that when we test for a formula \( \phi \) we actually test for the smallest closed linear subset containing \( {\llbracket \phi \rrbracket } \), that is \( {\sim }{\sim }\phi \).

For the axioms Q3 to Q9 one should remember that \( \square \) corresponds to the non-orthogonality relation and \( [ p? ] \) corresponds to the projection onto P , where \( P = {\sim }{\sim }{\llbracket p \rrbracket } \).

Axiom Q3 is related to the superposition principle, which is the principle that for every two states there is a third state that is non-orthogonal to both of them (or any two states can reach each other by two non-orthogonal steps).

Axiom Q4 states that if a successful test for p results in a state satisfying q , then the state is non-orthogonal to \( {\llbracket q \rrbracket } \), so we can successfully test for q . Axiom Q5 corresponds to the fact that each projection is a partial function.

A successful test for a testable property P always results in a state inside P. When inquiring about a property Q that is not testable, our framework tests for the smallest testable property containing Q. Axiom Q6 corresponds to these facts, where \({\sim }{\sim }p\) corresponds to the smallest testable property containing p.

If \( s \in P \), then the projection is reflexive on s , that is, \( (s,s) \in R_P \). So if a state makes p true, a successful test for p always ends up in the same state. This is captured by axiom Q7.

Axiom Q8 corresponds to the self-adjointness of projections with respect to the inner product, that is,

$$\begin{aligned} {\langle \mathrm {Proj}_P(s),t\rangle } = {\langle s,\mathrm {Proj}_P(t)\rangle }, \end{aligned}$$

where \(\mathrm {Proj}_P(s)\) is the projection of vector s onto the space P (\(sR_Pt\) where \(t = {\mathsf {sn}}(\mathrm {Proj}_P(s))\)). In non-probabilistic terms, this means that if the projection of s onto P is non-orthogonal to a state t , then the projection of t onto P is non-orthogonal to s .

The projection t of a state s onto P should be the closest state to s that is inside P . This can be expressed by: \( (s,t) \in R_P \) iff for all \( u \in P \) we have uRs iff uRt . This statement is partially captured by axiom Q9: looking at the right-to-left part of the biconditional, if a state s is non-orthogonal to a state satisfying p, and if all states satisfying p that are non-orthogonal to s are also non-orthogonal to a state satisfying \(p\wedge q\), then the property \(p\wedge q\) is “close to s”, and a successful test for p at state s results in a state that satisfies q.

Probabilistic axioms for quantum systems Axiom P1 and P2 are standard probability axioms ensuring the probability values are in the interval [0, 1]. Axiom P3 establishes the correspondence between orthogonality and zero probability.

Equivalent formulas should have equal probabilities, which is captured by axiom P4. Normally we can add the probabilities of disjoint sets, but in quantum systems we need the sets to be orthogonal. This is stated by axiom P5.

Axiom P6 is the probabilistic version of the superposition statement. If p and q are orthogonal we can superpose them into a state with probability \( \rho \) to p and probability \( 1 - \rho \) to q . Axiom P7 relates to conditional probabilities: the probability of \(p\wedge q\) is equal to the probability of p given q (which is \(\tau \) in the axiom) times the probability of q (which is \(\rho \) in the axiom).

Axioms for atoms and separability Atoms are the smallest nonempty sets; therefore, any nonempty set smaller than an atom is equal to that atom. This is captured by axiom A1. As atoms are singleton states, a formula \( \phi \) is satisfied at this state if and only if the atom implies \( \phi \). This is reflected by axiom A2.

For singleton states s that are non-orthogonal to a testable property Q , we have \( (s,t) \in R_Q \) iff \( \{t\} = (\{s\} \sqcup {\sim }Q) \cap Q \). In other words, the projection of an atom is again an atom. This is captured by axiom A3.

Axiom A4 provides a characterisation of an atom under the condition that the formula is separable. Axiom A5 asserts that two fully separable atoms are equivalent if and only if each of their local components are equivalent. Axiom A6 expresses the fact that two fully separable properties are orthogonal if one of their local components are orthogonal.

Theorem 4.1

The rules in Table 3 and the axioms in Table 4 are sound with respect to multi-agent probabilistic quantum models (N-PQM).

Proof

Many of the axioms are standard from the literature. For example, PL, K, PDL1, and PDL2 are from propositional dynamic logic (see for example Harel et al. 2000). The axioms I1–I6 are from Fagin and Halpern (1994). The axioms P1, P2  and variations of P4 are common among probability logics (see for example Fagin and Halpern 1994). The axioms Q4–Q8 are from Baltag and Smets (2005) and Smets and Baltag (2006). The validity of some others may be obvious from the discussion above. We now prove the soundness of select axioms.

Q9: Suppose p and q are testable, i.e., \( {\llbracket p \rrbracket } = {\sim }{\sim }{\llbracket p \rrbracket } \) and \( {\llbracket q \rrbracket } = {\sim }{\sim }{\llbracket q \rrbracket } \). Let \( s \in {\llbracket {\langle p? \rangle }q \rrbracket } \). Then, by definition of \( R_{{\llbracket p \rrbracket }} \) there exists a \( t \in S \) such that \( (s,t) \in R_{{\llbracket p \rrbracket }} \) and \( t \in {\llbracket p \rrbracket } \); since \( s \in {\llbracket {\langle p? \rangle }q \rrbracket } \), it also holds that \( t \in {\llbracket q \rrbracket } \). As \({\llbracket p\wedge q \rrbracket } = {\llbracket p \rrbracket }\cap {\llbracket q \rrbracket }\), we have \(t\in {\llbracket p\wedge q \rrbracket }\). As \(R_{{\llbracket p \rrbracket }} \) corresponds to the projection onto \( {\llbracket p \rrbracket } \), we know each state \( u \in {\llbracket p \rrbracket } \) that is non-orthogonal to s is also non-orthogonal to t . Since \(t\in {\llbracket p\wedge q \rrbracket }\), this means that \( s \in {\llbracket \Diamond p \wedge \square (p \rightarrow \Diamond (p \wedge q)) \rrbracket } \).

Now suppose \( s \in {\llbracket \Diamond p \wedge \square (p \rightarrow \Diamond (p \wedge q)) \rrbracket } \). Then we have \( s \in {\llbracket \Diamond p \rrbracket } \), so s is non-orthogonal to \( {\llbracket p \rrbracket } \), and therefore we have \( (s,t) \in R_{{\llbracket p \rrbracket }} \) for some unique \( t \in {\llbracket p \rrbracket } \). Then since \( s \in {\llbracket \square (p \rightarrow \Diamond (p \wedge q)) \rrbracket } \), we know that \( t \in {\llbracket \Diamond (p \wedge q) \rrbracket } \); thus there exists a \( u \in {\llbracket p \wedge q \rrbracket } = {\llbracket p \rrbracket } \cap {\llbracket q \rrbracket } \), such that tRu. Now

$$\begin{aligned} {\sim }{\sim }{\llbracket p\wedge q \rrbracket }&= {\sim }{\sim }({\llbracket p \rrbracket }\cap {\llbracket q \rrbracket })\\&= {\sim }{\sim }{\llbracket p \rrbracket }\cap {\sim }{\sim }{\llbracket q \rrbracket } = {\llbracket p \rrbracket }\cap {\llbracket q \rrbracket } = {\llbracket p\wedge q \rrbracket }. \end{aligned}$$

Suppose towards a contradiction \( t \notin {\llbracket q \rrbracket } \). Since \( t \notin {\llbracket p \wedge q \rrbracket } = {\sim }{\sim }{\llbracket p \wedge q \rrbracket } \), we know there exists a \( v \in {\sim }{\llbracket p \wedge q \rrbracket } \) such that tRv . Therefore, v is non-orthogonal to \( {\llbracket p \rrbracket } \), so there exists a unique \( w \in {\llbracket p \rrbracket } \) such that \( (v,w) \in R_{{{\llbracket p \rrbracket }}} \).

Now w (as the projection of v onto \({\llbracket p \rrbracket }\)) can be characterized by being the element of \({\llbracket p \rrbracket }\) where vRu iff wRu for all \(u\in {\llbracket p \rrbracket }\) (see, for example, Bergfeld et al. 2015, Proposition 2.15). So we have wRx iff vRx for all \( x \in {\llbracket p \rrbracket } \supset {\llbracket p\wedge q \rrbracket } \), and therefore we have \( w \in {\llbracket p \rrbracket } \cap {\sim }{\llbracket p \wedge q \rrbracket } \). We also have wRt , which implies wRs (because t is the projection of s onto \({\llbracket p \rrbracket }\)). Since \( s \in {\llbracket \square (p \rightarrow \Diamond (p \wedge q)) \rrbracket } \) we have \( w \in {\llbracket \Diamond (p \wedge q) \rrbracket } \), contradicting the fact that \(w \in {\sim }{\llbracket p\wedge q \rrbracket }\). Thus \( t \in {\llbracket q \rrbracket } \) and \( s \in {\llbracket {\langle p? \rangle }q \rrbracket } \).

P6: Let \(s\in {\llbracket \left( (p \perp q) \wedge \exists p \wedge \exists q \right) \rrbracket }\). Let \(x\in {\llbracket p \rrbracket }\) and \(y\in {\llbracket q \rrbracket }\). Since \(s\in {\llbracket p\perp q \rrbracket }\), \({\llbracket p \rrbracket }\subseteq {\llbracket {\sim }q \rrbracket }\), and hence \({\llbracket p \rrbracket }\) and \({\llbracket q \rrbracket }\) are orthogonal, and hence \({\langle x,y\rangle }=0\). Consider the vector \(z = \sqrt{\rho }x+\sqrt{(1-\rho )}y\). One can easily check that \(z={\mathsf {sn}}(z)\), and is hence in S. Furthermore, as \(y\perp x\), the projection of z onto \({\sim }{\sim }{\llbracket p \rrbracket }\) is the vector \(\sqrt{\rho }x\), whose normalization is \(x\in {\llbracket p \rrbracket }\), and hence \(z\in {\llbracket {\langle p? \rangle }p \rrbracket }\). The probability of projecting onto \({\sim }{\sim }{\llbracket p \rrbracket }\) is then \(|{\langle z,x\rangle }|^2 = \rho \); thus \(z\in {\llbracket {\langle p? \rangle }_{=\rho }p \rrbracket }\). We can similarly show that \(z\in {\llbracket {\langle q? \rangle }_{=1-\rho }q \rrbracket }\). Therefore, \(z\in {\llbracket {\langle p? \rangle }_{=\rho }p\wedge {\langle q? \rangle }_{=1-\rho }q \rrbracket }\), and thus \(s\in {\llbracket \exists ({\langle p? \rangle }_{=\rho }p\wedge {\langle q? \rangle }_{=1-\rho }q) \rrbracket }\), as desired.

P7: Let \(Q = {\sim }{\sim }{\llbracket q \rrbracket }\) and \(P= {\sim }{\sim }{\llbracket p \rrbracket }\). Suppose \(s\in {\llbracket (p \le q) \wedge {\langle q? \rangle }_{=\rho }(\Pr (p) = \tau ) \rrbracket }\). Because \(s\in {\llbracket p\le q \rrbracket }\), we have that \({\llbracket p\le q \rrbracket }\ne \emptyset \), and thus \({\llbracket p \rrbracket }\subseteq {\llbracket q \rrbracket }\), giving us \(P\subseteq Q\). Also, \(s\in {\llbracket {\langle q? \rangle }_{=\rho }(\Pr (p) = \tau ) \rrbracket }\) and hence there exists a t, such that \(sR_Qt\), \(|{\langle s,t\rangle }|^2 = \rho \), and \(t\in {\llbracket \Pr (p) = \tau ) \rrbracket }\). Then there exists a \(u\in P\), such that \(tR_Pu\) and \(|{\langle t,u\rangle }|^2 =\tau \).

Now let \(\eta = {\langle s,t\rangle }t\) be the actual vector when projecting s onto Q. Let \(\xi = {\langle \eta ,u\rangle }u\) be the actual vector when projecting \(\eta \) onto P. Let \(\omega = {\langle s,v\rangle }v\) be the actual vector when projecting s onto P. Since \(P\subseteq Q\), \(\xi = \omega \) (to see this, one can change the basis so that P is the span of a subset of the basis elements, Q the span of a larger subset of the basis elements, and then project by removing the coefficients for basis elements not in the set we are projecting onto). Thus \(u = v\) and \({\langle \eta ,u\rangle } = {\langle s,u\rangle }\). Expanding \(\eta \), we have \(\overline{{\langle s,t\rangle }}{\langle t,v\rangle } = {\langle s,u\rangle }\). Hence \(\rho \tau = |{\langle s,t\rangle }|^2|{\langle t,v\rangle }|^2 = |{\langle s,u\rangle }|^2\) is the probability of projecting s onto P. Hence \(s\in {\llbracket \Pr (p) = \rho \tau \rrbracket }\).

A4: First, we claim that for any \( \emptyset \subsetneq I \subsetneq N \) and any p we have \( {\llbracket T(p_I) \wedge \exists p_I \rrbracket } = S \) (where S is the whole state space) if and only if it holds that \( {\llbracket p_I \rrbracket } = \{ s_I \} \otimes ^\mathfrak {M}S_{N {\setminus } I}\) for some fixed \( s_I \in S_{ I} \). Before we prove this claim, let us show the soundness of A4 with this claim.

Suppose we have that \(s\in {\llbracket {\mathsf {Sep}}(p) \wedge {\textsf {Atom}}(p) \rrbracket }\). Then \( {\llbracket {\mathsf {Sep}}(p) \wedge {\textsf {Atom}}(p) \rrbracket } = S \). Then \( {\llbracket p \rrbracket } = \{ \bigotimes _{i<N}^\mathfrak {M}s_{\{i\}} \} \) for some \( s_{\{i\}} \in S_{\{i\}} \) for each \( i < N \). Therefore, we have \( {\llbracket p_{\{i\}} \rrbracket } = \{ s_{\{i\}} \} \otimes ^\mathfrak {M}S_{N {\setminus } \{i\}} \), and thus by the claim, \( p_{\{i\}} \) is testable, i.e., \( {\llbracket T(p_{\{i\}}) \rrbracket } = S \) for each \( i < N \). Because p is an atom, we also know that \({\llbracket \exists p \rrbracket } = S\). Thus \(s \in {\llbracket \exists p \wedge \bigwedge _{i<N} T(p_{\{i\}}) \rrbracket }\).

Now suppose \(s\in {\llbracket {\mathsf {Sep}}(p) \wedge \exists p \wedge \bigwedge _{i < N} T(p_{\{i\}}) \rrbracket }\). Then we have \( {\llbracket {\mathsf {Sep}}(p) \wedge \exists p \wedge \bigwedge _{i < N} T(p_{\{i\}}) \rrbracket } = S \). From \( {\llbracket \exists p \rrbracket } = S \), we deduce \( {\llbracket p \rrbracket } \ne \emptyset \). By \( {\llbracket {\mathsf {Sep}}(p) \rrbracket } = S \) we know \( {\llbracket p \rrbracket } \subseteq \bigcap _{i<N} {\llbracket p_{\{i\}} \rrbracket } \). By the claim we know \( \bigcap _{i<N} {\llbracket p_{\{i\}} \rrbracket } = \{ \bigotimes ^\mathfrak {M}_{i < N} s_{\{i\}} \} \) for some \( s_{\{i\}} \in S_{\{i\}} \) for each \( i < N \). Combining these results, we know \( {\llbracket p \rrbracket } = \{ s \} \), and therefore p is an atom, i.e., \( {\llbracket {\textsf {Atom}}(p) \rrbracket } = S \). Therefore, \(s\in {\llbracket {\textsf {Atom}}(p) \rrbracket }\).

To prove the claim, we first note that if \( {\llbracket T(q) \rrbracket }=S \), we have \( {\llbracket q \rrbracket } = {\sim }{\sim }{\llbracket q \rrbracket } \). Therefore, if \( s, t \in {\llbracket q \rrbracket } \) we also have \( \sqrt{\rho }s + \sqrt{1 - \rho }t \in {\llbracket q \rrbracket } \) for any \(\rho \in [0,1]\), because any state that is orthogonal to both s and t is also orthogonal to \( \sqrt{\rho }s + \sqrt{1 - \rho }t \), so we find \( \sqrt{\rho }s + \sqrt{1 - \rho }t \in {\sim }{\sim }\{s,t\} \subseteq {\sim }{\sim }{\llbracket q \rrbracket } = {\llbracket q \rrbracket } \).

By definition of \( {\llbracket p_I \rrbracket } \), any \( s \in {\llbracket p_I \rrbracket } \) is of the form \( s_I \otimes ^\mathfrak {M}s_{N {\setminus } I} \). Suppose \( s_I \otimes ^\mathfrak {M}s_{N {\setminus } I}, t_I \otimes ^\mathfrak {M}t_{N {\setminus } I} \in {\llbracket p_I \rrbracket } \) such that \( s_I \ne t_I \). Without loss of generality we may also assume \( s_{N {\setminus } I} \ne t_{N {\setminus } I} \), because if \( s_I \otimes ^\mathfrak {M}s_{N {\setminus } I} \in {\llbracket p_I \rrbracket } \), then \( s_I \otimes ^\mathfrak {M}s'_{N {\setminus } I} \in {\llbracket p_I \rrbracket } \) for any other \( s'_{N {\setminus } I} \in S_{N {\setminus } I} \). If we look at the sum \( \sqrt{\rho }(s_I \otimes ^\mathfrak {M}s_{N {\setminus } I}) + \sqrt{1 - \rho } (t_I \otimes ^\mathfrak {M}t_{N {\setminus } I}) \), with \( \rho \ne 0,1 \), it is not hard to see that this sum is not equal to \( u_I \otimes ^\mathfrak {M}u_{N {\setminus } I} \) for any \( u_I \in S_I \) and \( u_{N {\setminus } I} \in S_{N {\setminus } I} \). In other words, \( \sqrt{\rho }(s_I \otimes ^\mathfrak {M}s_{N {\setminus } I}) + \sqrt{1 - \rho } (t_I \otimes ^\mathfrak {M}t_{N {\setminus } I}) \notin {\llbracket p_I \rrbracket } \).

Combining the above two results, we have that if \( {\llbracket p_I \rrbracket } \ne \emptyset \) and \( {\llbracket T(p_I) \rrbracket }=S \), then \( {\llbracket p_I \rrbracket } = \{ s_I \} \otimes ^\mathfrak {M}S_{N {\setminus } I} \) for some fixed \( s_I \in S_I \).

For the other direction, we have that \( \{ s_I \} \otimes ^\mathfrak {M}S_{N {\setminus } I} \) is isomorphic to \( S_{N{\setminus } I}\), because every vector in the space spanned by \( \{ s_I \} \otimes ^\mathfrak {M}S_{N {\setminus } I} \) is a constant multiple of an element of \( \{ s_I \} \otimes ^\mathfrak {M}S_{N {\setminus } I} \). Hence \( \{ s_I \} \otimes ^\mathfrak {M}S_{N {\setminus } I} \) represents a subspace, and is therefore bi-orthogonally closed. Every topologically closed linear subspace is bi-orthogonally closed (Birkhoff and Neumann 1936), and it is well known that every subspace of a finite-dimensional Hilbert space is isomorphic to \({\mathbb {C}}^n\) and therefore topologically closed. This finishes the proof of the claim. \(\square \)

4.1 Deducible basic properties of quantum models

We will now use our system to deduce several properties that are standard in most quantum logics, like weak modularity. In the first lemma, we will show the connection between projections (\( {\langle \phi ? \rangle }\)) and non-orthogonality (\(\Diamond \)). Also we show non-orthogonality is both reflexive and symmetric.

Lemma 4.2

The following formulas are deducible.

$$\begin{aligned}&\vdash {\langle p? \rangle }{\mathtt {tt}}\leftrightarrow \Diamond p \end{aligned}$$

(4.1)

$$\begin{aligned}&\vdash {\langle p? \rangle }q \rightarrow \Diamond q \end{aligned}$$

(4.2)

$$\begin{aligned} \vdash p \rightarrow \Diamond p \qquad (\mathrm{reflexivity}) \end{aligned}$$

(4.3)

$$\begin{aligned} \vdash p \rightarrow \square \Diamond p \qquad (\mathrm{symmetry}) \end{aligned}$$

(4.4)

Proof

To prove \(\vdash {\langle p? \rangle }{\mathtt {tt}}\leftrightarrow \Diamond p \), we first observe that \(\vdash p\equiv \lnot \lnot p\). Then using universal substitution on Q1 and propositional logic, we obtain \( \vdash \lnot [ p? ]{\mathtt {ff}}\leftrightarrow \lnot [ \lnot \lnot p? ]{\mathtt {ff}}\), which is precisely what \( \vdash {\langle p? \rangle }{\mathtt {tt}}\leftrightarrow \Diamond p \) abbreviates.

To prove \(\vdash {\langle p? \rangle }q \rightarrow \Diamond q\), observe by axiom Q4 that \( \vdash {\langle p? \rangle }q \rightarrow {\langle q? \rangle }{\mathtt {tt}}\), where the right side is equivalent to \( \Diamond q \). The proofs for \( \vdash p \rightarrow \Diamond p \) and \( \vdash p \rightarrow \square \Diamond p \) can be found in Table 5.

Table 5 A proof of \( \vdash p \rightarrow \Diamond p \) and \( \vdash p \rightarrow \square \Diamond p \)

With a proof of reflexivity, we can deduce the following four bidirectional rules (each column has both directions):

Lemma 4.3

The following rules hold true:

$$\begin{aligned} \begin{array}{llll} \begin{array}{c} \vdash p\\ \hline \vdash \forall p\end{array} &{} \begin{array}{c} \vdash p\rightarrow q \\ \hline \vdash p\le q\end{array} &{} \begin{array}{c} \vdash p\leftrightarrow q \\ \hline \vdash p \equiv q \end{array} &{} \begin{array}{c} \vdash p \leftrightarrow {\sim }{\sim }p \\ \hline \vdash T(p)\end{array} \\ \\ \begin{array}{c} \vdash \forall p \\ \hline \vdash p\end{array} &{} \begin{array}{c} \vdash p\le q \\ \hline \vdash p \rightarrow q \end{array} &{} \begin{array}{c} \vdash p\equiv q \\ \hline \vdash p \leftrightarrow q \end{array} &{} \begin{array}{c} \vdash T(p) \\ \hline \vdash p \leftrightarrow {\sim }{\sim }p\end{array} \end{array} \end{aligned}$$

Proof

The upper row follows from two applications of necessitation; the lower row follows from reflexivity (Lemma 4.2-(4.3), which is equivalent to \( \vdash \square p \rightarrow p \)). \(\square \)

Throughout this text, we will often apply the above lemma without reference. The following lemma states that every atom is nonempty.

Lemma 4.4

The following formula is deducible.

$$\begin{aligned} \vdash \exists p \leftrightarrow (p \not \equiv {\mathtt {ff}}). \end{aligned}$$

As a consequence \( \vdash {\textsf {Atom}}(p) \rightarrow (p \not \equiv {\mathtt {ff}}) \).

Proof

\( p \not \equiv {\mathtt {ff}}\) abbreviates \( \lnot \square \square (p \leftrightarrow {\mathtt {ff}}) \), which is equivalent to \( \Diamond \Diamond ((p \wedge \lnot {\mathtt {ff}}) \vee (\lnot p \wedge {\mathtt {ff}})) \). By standard modal reasoning, this is equivalent to \( \Diamond \Diamond p \), or in abbreviated form \( \exists p \).

We have \( \vdash p \le {\mathtt {tt}}\), so by A2 we have \( \vdash {\textsf {Atom}}(p) \rightarrow \exists (p \wedge {\mathtt {tt}}) \) and as we have \( \vdash p \equiv (p \wedge {\mathtt {tt}}) \) we have \( \vdash {\textsf {Atom}}(p) \rightarrow (p \not \equiv {\mathtt {ff}}) \). \(\square \)

The following lemma collects several properties of the orthocomplement, in particular the three defining properties \( p \le {\sim }{\sim }p \), \( p \le q \) implies \( {\sim }q \le {\sim }p \), and \( (p \wedge {\sim }p) \equiv {\mathtt {ff}}\). Note that the first property \( p \le {\sim }{\sim }p \) is weaker than the standard property found in many quantum logics \( p \equiv {\sim }{\sim }p \), but the latter only holds in quantum models that only consider testable properties.

Lemma 4.5

(Orthocomplement) The following formulas are deducible.

$$\begin{aligned}&\vdash p \le {\sim }{\sim }p \end{aligned}$$

(4.5)

$$\begin{aligned}&\vdash (p \le q) \rightarrow ({\sim }q \le {\sim }p) \end{aligned}$$

(4.6)

$$\begin{aligned}&\vdash (p \wedge {\sim }p) \equiv {\mathtt {ff}} \end{aligned}$$

(4.7)

$$\begin{aligned}&\vdash {\sim }p \equiv {\sim }{\sim }{\sim }p \end{aligned}$$

(4.8)

$$\begin{aligned}&\vdash p \perp q \leftrightarrow q \perp p \end{aligned}$$

(4.9)

Proof

The proofs of these formulas can be found in Table 6. \(\square \)

As shown in Baltag and Smets (2006), the set of testable properties \( \mathcal {T}\) contains all singletons and is closed under taking orthocomplement and intersections. The following lemma establishes the latter property. The former property will be deduced in Lemma 4.11, because we first need to show weak modularity.

Table 6 A proof of \( \vdash p \le {\sim }{\sim }p \), \( \vdash (p \le q) \rightarrow ({\sim }q \le {\sim }p) \), \( \vdash {\sim }p \equiv {\sim }{\sim }{\sim }p \), \( \vdash (p \,{\wedge }\,{\sim } p) \equiv {\mathtt {ff}}\) and \( \vdash (p \perp q) \leftrightarrow (q \perp p) \)

Lemma 4.6

(Testable properties) The following formulas are deducible.

$$\begin{aligned}&\vdash T({\sim }p) \end{aligned}$$

(4.10)

$$\begin{aligned}&\vdash T(p) \wedge T(q) \rightarrow T(p \wedge q) \end{aligned}$$

(4.11)

Proof

The proof of these formulas can be found in Table 7. \(\square \)

Table 7 A proof of \(T({\sim }p)\) and \( \vdash T(p) \wedge T(q) \rightarrow T(p \wedge q) \)

The following lemma collects several properties of the quantum join. Most of these properties are intuitive when one thinks of the quantum join \( p \sqcup q \) as the smallest closed linear subspace containing both p and q . For (4.16), if r is orthogonal to both p and q , then r is orthogonal to each element in the span of p and q , which is the quantum join \( p \sqcup q \).

Lemma 4.7

(Quantum join) The following formulas are deducible.

$$\begin{aligned}&\vdash p \le (p \sqcup q) \end{aligned}$$

(4.12)

$$\begin{aligned}&\vdash (p \sqcup q) \equiv ({\sim }{\sim }p) \sqcup ({\sim }{\sim }q) \end{aligned}$$

(4.13)

$$\begin{aligned}&\vdash (T(p) \wedge T(q)) \rightarrow ({\sim }(p \wedge q) \equiv ({\sim }p \sqcup {\sim }q))\end{aligned}$$

(4.14)

$$\begin{aligned}&\vdash {\sim }(p \sqcup q) \equiv ({\sim }p \wedge {\sim }q)\end{aligned}$$

(4.15)

$$\begin{aligned}&\vdash ((r \perp p) \wedge (r \perp q)) \leftrightarrow (r \perp (p \sqcup q)) \end{aligned}$$

(4.16)

$$\begin{aligned}&\vdash (p\sqcup {\sim }p) \equiv {\mathtt {tt}}\end{aligned}$$

(4.17)

$$\begin{aligned}&\vdash (T(r) \wedge (p \le r) \wedge (q \le r)) \rightarrow ((p \sqcup q) \le r) \end{aligned}$$

(4.18)

Proof

The proof for the first five formulas can be found in Table 8.

Table 8 A proof of \( \vdash p \le p \sqcup q \), \( \vdash (p \sqcup q) \equiv ({\sim }{\sim }p \sqcup {\sim }{\sim }q) \), \((T(p) \wedge T(q)) \rightarrow ({\sim }(p \wedge q) \equiv ({\sim }p \sqcup {\sim }q))\), \({\sim }(p \sqcup q) \equiv ({\sim }p \wedge {\sim }q)\), and \( \vdash ((r \perp p) \wedge (r \perp q)) \leftrightarrow (r \perp (p \sqcup q)) \)

To show \(\vdash (p\sqcup {\sim }p)\equiv {\mathtt {tt}}\), we observe by Lemma 4.5-(4.7) that \(\vdash (p\wedge {\sim }p) \equiv {\mathtt {ff}}\). Hence \(\vdash \lnot (p\wedge {\sim }p) \equiv {\mathtt {tt}}\). By modal logic, we have that \(\vdash {\sim }(p\wedge {\sim }p) \equiv \Box {\mathtt {tt}}\). Using necessitation and propositional logic, we have \(\vdash {\mathtt {tt}}\equiv \Box {\mathtt {tt}}\). The desired result follows from this and modal logic.

To prove (4.18), we use Lemma 4.5-(4.6) to get \( \vdash (p \le r) \rightarrow ({\sim }r \le {\sim }p) \) and \( \vdash (q \le r) \rightarrow {\sim }r \le {\sim }p \), and hence \(\vdash (p\le r)\wedge (q\le r) \rightarrow ({\sim }r \le ({\sim }p \wedge {\sim }q) ).\) Using Lemma 4.5-(4.6) again we have \( \vdash (p\le r)\wedge (q\le r) \rightarrow {\sim }({\sim }p \wedge {\sim }q) \le {\sim }{\sim }r \). Adding T(r) to the antecedent, the desired result follows from the previous observation and modal logic. \(\square \)

We need a more general version of Lemma 4.7-(4.16) that considers the quantum join of n formulas instead of just two.

Corollary 4.8

For all finite n and for all sets of formulas \( \mathcal {B}\) of size n , the following formula is deducible.

$$\begin{aligned} \vdash \bigwedge _{b \in \mathcal {B}} (p \perp b) \rightarrow p \perp \bigsqcup \mathcal {B}\end{aligned}$$

(4.19)

(4.20)

Proof

We prove this by induction on n. For \( n = 1 \) the statement holds trivially. Now suppose the statement holds for n . Let \( \mathcal {B}\) be a set of formulas of size n and let \( b_{n+1} \) be a formula. By the induction hypothesis we have \( \vdash (\bigwedge _{b \in \mathcal {B}} p \perp b) \rightarrow (p \perp \bigsqcup \mathcal {B}) \). By Lemma 4.7-(4.16) we have \( \vdash (p \perp b_{n+1}) \wedge (p \perp \bigsqcup \mathcal {B}) \rightarrow (p \perp (\bigsqcup \mathcal {B}) \sqcup b_{n+1}) \). Combining the two results gives the desired result.

For (4.20), Note that . Thus by the contrapositive of (4.19), we have . \(\square \)

One of the main difference between classical logic and quantum logic is the lack of distributivity. Classical models satisfy distributivity (\(p \wedge (q \vee r) = (p \wedge q) \vee (p \wedge r) \)), but quantum models only satisfy a weaker version of distributivity called weak modularity, which we will show in the following lemma.

Lemma 4.9

(Weak modularity) The following formula is deducible.

$$\begin{aligned} \vdash T(p) \wedge T(q) \wedge (q \le p) \rightarrow (q \equiv p \wedge ({\sim }p \sqcup q)). \end{aligned}$$

Proof

The proof can be found in Table 9. \(\square \)

Table 9 A proof of \( \vdash (T(p) \wedge T(q) \wedge (q \le p)) \rightarrow (q \equiv (p \wedge ({\sim }p \sqcup q))) \)

We also need the dual of weak modularity, which we will show in the following corollary.

Corollary 4.10

The following formula is deducible.

$$\begin{aligned} \vdash T(q) \wedge (p \le q) \rightarrow (q \equiv p \sqcup ({\sim }p \wedge q)) \end{aligned}$$

Proof

This is basically the dual of Lemma 4.9, that is, taking the orthocomplement. See Table 10. \(\square \)

Table 10 A proof of \( \vdash (T(q) \wedge (p \le q)) \rightarrow (q \equiv p \sqcup ({\sim }p \wedge q)) \)

With weak modularity we can show each atom is testable.

Lemma 4.11

The following formula is deducible.

$$\begin{aligned} {\textsf {Atom}}(p) \rightarrow T(p). \end{aligned}$$

Proof

By Lemma 4.5 we have \( \vdash p \le {\sim }{\sim }p \), and by Lemma 4.2-(4.3) we have \( \vdash {\sim }{\sim }p \le \Diamond {\sim }{\sim }p \). So we can deduce \( \vdash p \le \Diamond {\sim }{\sim }p \). By Lemma 4.6, we have \( \vdash T({\sim }{\sim }p) \). Therefore, we can apply axiom A3 and (4.8) to deduce \( \vdash {\textsf {Atom}}(p) \rightarrow {\textsf {Atom}}((p \sqcup {\sim }p) \wedge {\sim }{\sim }p) \). By Lemma 4.7 we have \( \vdash (p \sqcup {\sim }p) \equiv {\mathtt {tt}}\), so we can deduce \( \vdash {\textsf {Atom}}(p) \rightarrow {\textsf {Atom}}({\sim }{\sim }p) \). By Lemma 4.4 we have \(\vdash {\textsf {Atom}}(p) \rightarrow ({\mathtt {ff}}\not \equiv p) \), and we already have \(\vdash p\le {\sim }{\sim }p \), so we can deduce \( \vdash {\textsf {Atom}}(p) \rightarrow (p \equiv {\sim }{\sim }p) \) by axiom A1. This is equivalent to the desired result. \(\square \)

4.2 Deducible probabilistic properties of quantum models

The following lemma collects several deducible properties of probabilistic quantum logic.

Lemma 4.12

The following formulas are deducible:

$$\begin{aligned}&\vdash \Diamond p \leftrightarrow \Pr (p) > 0 \end{aligned}$$

(4.21)

$$\begin{aligned}&\vdash \Pr (p)+\Pr ({\sim }p)=1 \end{aligned}$$

(4.22)

$$\begin{aligned}&\vdash \Pr (p)=\Pr ({\sim }{\sim }p) \end{aligned}$$

(4.23)

$$\begin{aligned}&\vdash T(p) \rightarrow (p \leftrightarrow \Pr (p) = 1) \end{aligned}$$

(4.24)

$$\begin{aligned}&\vdash p \rightarrow \Pr (p) = 1 \end{aligned}$$

(4.25)

Proof

The proof of (4.21) is in Table 11.

We now show (4.22). By Lemma 4.5 we have \(\vdash p \perp {\sim }p\) and \(\vdash p \sqcup {\sim }p\), and hence by axiom P1, P4 and P5 we obtain the desired result \( \vdash \Pr (p) + \Pr ({\sim }p) = 1 \).

We now show (4.23). By uniform substitution in (4.22) we have \(\vdash \Pr ({\sim }p) + \Pr ({\sim }{\sim }p) = 1\). From this we can use the inequality axioms to show the second result \( \vdash \Pr (p) = \Pr ({\sim }{\sim }p) \).

We now show (4.24). Since T(p) abbreviates \( p \equiv {\sim }{\sim }p \), from the axiom \(\vdash \Pr (p) = 0 \leftrightarrow {\sim }p \) it follows that \( \vdash T(p) \rightarrow p\leftrightarrow \Pr ({\sim }p) = 0 \). From the inequality axioms and propositional reasoning we obtain the third result \( \vdash T(p) \rightarrow p \leftrightarrow \Pr (p) = 1 \).

We now show (4.25). By Lemma 4.5 we also have \( \vdash p \rightarrow {\sim }{\sim }p \) and \( \vdash T({\sim }({\sim }p)) \), combining this with \( \vdash \Pr (p) = \Pr ({\sim }{\sim }p) \), we obtain the last result \( \vdash p \rightarrow \Pr (p) = 1 \). \(\square \)

Table 11 A proof of \( \vdash \Diamond p \leftrightarrow \Pr (p) > 0 \)

The following lemma shows that probability (\(\Pr (\cdot )\)) is monotone.

Proposition 4.13

The following formula is deducible.

$$\begin{aligned} \vdash p \le q \rightarrow \Pr (p) \le \Pr (q). \end{aligned}$$

Proof

First, by (4.5) and modal logic, we have \( \vdash p \le q \rightarrow p \le {\sim }{\sim }q \) and by Lemma 4.6, we have \( \vdash T({\sim }{\sim }q) \). Therefore, by Corollary 4.10 we have \( \vdash p \le q \rightarrow {\sim }{\sim }q \equiv p \sqcup ({\sim }p \wedge {\sim }{\sim }q) \). Hence by P4, \(\vdash p\le q \rightarrow P({\sim }{\sim }q) = P(p\sqcup ({\sim }p \wedge {\sim }{\sim }q))\). Note that \( \vdash p \perp ({\sim }p \wedge {\sim }{\sim }q)\), since clearly \( \vdash {\sim }p \wedge {\sim }{\sim }q \le {\sim }p \). Thus by P5, \( \vdash \Pr (p \sqcup ({\sim }p \wedge {\sim }{\sim }q)) = \Pr (p) + \Pr ({\sim }p \wedge {\sim }{\sim }q) \). By (4.23), \(\vdash \Pr (q)= \Pr ({\sim }{\sim }q)\). Using inequality axioms, we obtain \( \vdash p\le q \rightarrow \Pr (q) = \Pr (p) + \Pr ({\sim }p \wedge {\sim }{\sim }q) \). The desired result follows from this and the inequality axioms. \(\square \)

Axiom P5 only considers a pair of orthogonal states, but can be generalized to a finite set of n pairwise orthogonal states.

Lemma 4.14

For all n , the following formula is deducible.

$$\begin{aligned} \vdash \left( \bigwedge _{i < j < n} b_i \perp b_j \right) \rightarrow \left( \Pr \left( \bigsqcup _{i \le n} b_i\right) = \sum _{i < n} \Pr (b_i) \right) . \end{aligned}$$

Proof

We prove this by induction. For \(n=2\), the statement holds by Axiom P5. Now suppose the statement holds for n (IH). Given the induction hypothesis (IH), the proof of

$$\begin{aligned} \vdash \left( \bigwedge _{i < j < n + 1} b_i \perp b_j \right) \rightarrow \left( \Pr \left( \bigsqcup _{i \le n} b_i\right) = \sum _{i < n + 1} \Pr (b_i) \right) . \end{aligned}$$

is given in Table 12. \(\square \)

Table 12 A proof of \( \vdash ( \bigwedge \nolimits _{i < j < n} b_i \perp b_j ) \rightarrow ( \Pr (\bigsqcup \nolimits _{i \le n} b_i) = \sum \nolimits _{i < n} \Pr (b_i) ) \)

Using Lemma 4.14, we obtain a nice characterisation for the quantum join of a set of orthogonal states involving probabilities, which we show in the following corollary.

Corollary 4.15

For all finite n the following formula is deducible.

$$\begin{aligned} \vdash \bigwedge _{i < j \le n} \left( b_i \perp b_j\right) \rightarrow \left( \left( \bigsqcup _{i < n} b_i\right) \equiv \left( \sum _{i<n} \Pr (b_i) = 1 \right) \right) . \end{aligned}$$

Proof

For \( n \ge 2 \) we know \( \vdash T(\bigsqcup _{i < n} b_i) \) is derivable by Lemma 4.6, so by Lemma 4.12-(4.24), we have \( \vdash (\Pr (\bigsqcup _{i \le n} b_i) = 1) \leftrightarrow \bigsqcup _{i \le n} b_i \). By Lemma 4.14, we know

$$\begin{aligned} \vdash \left( \bigwedge _{i < j \le n} b_i \perp b_j \right) \rightarrow \Pr \left( \bigsqcup _{i \le n} b_i\right) = \sum _{i \le n} \Pr (b_i). \end{aligned}$$

Combining these results, we get our desired result. \(\square \)

Similar to axiom P5, we can generalize axiom P7 by considering the quantum join of a finite set of formulas.

Lemma 4.16

The following formula is deducible.

$$\begin{aligned} \vdash {\langle \bigsqcup _{i \le n} b_i? \rangle }_{=\rho } \bigwedge _{i \le n} ( \Pr (b_i) = \rho _i ) \rightarrow \bigwedge _{i \le n} ( \Pr (b_i) = \rho \rho _i ) \end{aligned}$$

Proof

By modal logic, \( \vdash {\langle \bigsqcup _{i \le n} b_i? \rangle }_{=\rho } \bigwedge _{i \le n} (\Pr (b_i) = \rho _i) \rightarrow \bigwedge _{i \le n} {\langle \bigsqcup _{i \le n} b_i? \rangle }_{=\rho } (\Pr (b_i) = \rho _i) \). By Lemma 4.7-(4.12), we also know \( \vdash b_i \le \bigsqcup _{j \le n} b_j \), so the statement follows from axiom P7 and propositional logic. \(\square \)

4.3 Deducible properties of a basis

Since the notion of an orthonormal basis is very important in the two protocols we will discuss in Section 5, as well as many other protocols, we discuss the definition of a basis and prove several properties.

Let \( \mathfrak {M}\) be an N-PQM and let \( \mathcal {B}\) be a finite set of formulas. The set \( \mathcal {B}\) is called an orthosubbasis of \( \mathfrak {M}\) if the following formula is satisfied in \( \mathfrak {M}\):

$$\begin{aligned} {{\textsf {SubBasis}}}(\mathcal {B}) :={}&\bigwedge _{b \in \mathcal {B}} (b \not \equiv {\mathtt {ff}}) \wedge \bigwedge _{b \ne b' \in \mathcal {B}} (b \perp b') \\&\wedge \left( \bigsqcup _{b \in \mathcal {B}} b \equiv {\mathtt {tt}}\right) . \end{aligned}$$

In the following lemmas, we show that the probabilities of elements in an orthosubbasis \( \mathcal {B}\) add up to 1.

Lemma 4.17

For a finite set of testable formulas \( \mathcal {B}\) the following formula is deducible.

$$\begin{aligned} \vdash {{\textsf {SubBasis}}}(\mathcal {B}) \rightarrow \sum _i \Pr (b_i) = 1. \end{aligned}$$

Proof

This lemma follows directly from the definition of an orthosubbasis combined with Lemma 4.14 and axiom P1.

\(\square \)

An orthosubbasis \( \mathcal {B}\) is an orthobasis if any proper superset of \(\mathcal {B}\) is not a subbasis. This happens precisely when \(\mathcal {B}\) consists only of atoms.

$$\begin{aligned} {\textsf {Basis}}(\mathcal {B}) :={\textsf {SubBasis}}(\mathcal {B}) \wedge \bigwedge _{b \in \mathcal {B}} {\textsf {Atom}}(b). \end{aligned}$$

We are going to show that each basis has the same number of elements. To show this we will first show that within a quantum join we can replace one atom p by another atom q without changing the quantum join \(p\sqcup r\), so long as these two atoms are “close” enough (q is also under the join, but not under r).

Lemma 4.18

The following formula is deducible.

$$\begin{aligned} \vdash&\left( {\textsf {Atom}}(p) \wedge {\textsf {Atom}}(q) \wedge T(r) \wedge (q \le (p \sqcup r)) \wedge (q \nleq r) \right) \\&\qquad \rightarrow \left( (p \sqcup r) \equiv (q \sqcup r) \right) \end{aligned}$$

Proof

Let us abbreviate the antecedent with

$$\begin{aligned}&{\textsf {Ant}}:= {\textsf {Atom}}(p) \wedge {\textsf {Atom}}(q) \wedge T(r) \wedge \\&\quad \quad \quad (q\le (p \sqcup r)) \wedge (q \nleq r). \end{aligned}$$

By Lemma 4.7-(4.12), we know \( \vdash r \le (p \sqcup r) \) and together with the assumption \( q \le (p \sqcup r) \) from the antecedent and \(\vdash T(p\sqcup r)\) by Lemma 4.6, we get \( \vdash {\textsf {Ant}}\rightarrow (q \sqcup r \le p \sqcup r )\) by Lemma 4.7-(4.18). As \( \vdash {\textsf {Ant}}\rightarrow (q \nleq r) \) we get by basic reasoning \(\vdash {\textsf {Ant}}\rightarrow (q\sqcup r \nleq r)\), and by the above \(\vdash {\textsf {Ant}}\rightarrow (p\sqcup r \nleq r)\). Thus \( \vdash {\textsf {Ant}}\rightarrow (p \nleq r) \).

Because \( \vdash {\textsf {Ant}}\rightarrow T(r) \) we have \(\vdash {\textsf {Ant}}\rightarrow (p \nleq r \leftrightarrow p \nleq {\sim }{\sim }r) \). Hence, we have \(\vdash {\textsf {Ant}}\rightarrow (p \nleq {\sim }{\sim }r)\). Unpacking the notation, this is equivalent to \(\vdash {\textsf {Ant}}\rightarrow \exists (p \wedge \Diamond {\sim }r) \). Because \(\vdash {\textsf {Ant}}\rightarrow {\textsf {Atom}}(p) \), we find that \( \vdash {\textsf {Ant}}\rightarrow ( \exists (p \wedge \Diamond {\sim }r)p \leftrightarrow (p \le \Diamond {\sim }r)) \) by A2. Hence, \(\vdash {\textsf {Ant}}\rightarrow (p \le \Diamond {\sim }r)\).

Since \(\vdash {\textsf {Ant}}\rightarrow ((q \sqcup r) \le (p \sqcup r)) \), we know that \(\vdash {\textsf {Ant}}\rightarrow (((q \sqcup r) \wedge {\sim }r) \le ((p \sqcup r) \wedge {\sim }r)) \). Applying A1 and A3 we obtain \( \vdash {\textsf {Ant}}\rightarrow (((q \sqcup r) \wedge {\sim }r) \equiv ((p \sqcup r) \wedge {\sim }r)) \). Now we can apply weak modularity (Corollary 4.10) to get the desired result.

$$\begin{aligned} \vdash {\textsf {Ant}}\rightarrow (q \sqcup r)&\equiv (r \sqcup ((q \sqcup r) \wedge {\sim }r)) \\&\equiv (r \sqcup ((p \sqcup r) \wedge {\sim }r)) \equiv (p \sqcup r). \end{aligned}$$

\(\square \)

The following lemma uses the previous lemma to establish that a quantum join of n formulas can contain at most n orthogonal states.

Lemma 4.19

For any finite n and any set \( \mathcal {B}\) of size n and any set \( {\mathcal {C}} \) of finite size \( m > n \), the following is deducible.

$$\begin{aligned} \vdash \left( \bigwedge _{a \in \mathcal {B}\cup {\mathcal {C}}} {\textsf {Atom}}(a) \wedge \bigwedge _{c \ne c' \in {\mathcal {C}}} (c \perp c')\right) \rightarrow \bigvee _{c \in {\mathcal {C}}} \left( c \nleq \bigsqcup \mathcal {B}\right) . \end{aligned}$$

Proof

We prove this by induction on n. For \( n = 1 \), the formula follows immediately from A1 and Lemma 4.4.

Suppose the formula holds true for any set \( \mathcal {B}\) of size smaller than n and any set \( {\mathcal {C}} \) of size bigger than the size of \( \mathcal {B}\) (IH). Consider the following formula (which is the negation of the desired formula):

$$\begin{aligned} \chi :=\bigwedge _{a \in \mathcal {B}\cup {\mathcal {C}}} {\textsf {Atom}}(a) \wedge \bigwedge _{c \ne c' \in {\mathcal {C}}} (c \perp c')) \wedge \bigwedge _{c \in {\mathcal {C}}} \left( c \le \bigsqcup \mathcal {B}\right) . \end{aligned}$$

It suffices to prove \(\vdash \chi \rightarrow {\mathtt {ff}}\). Take any order on \( \mathcal {B}= \{ b_0, \dots , b_{n-1} \} \). We will use Lemma 4.18 to replace each b by a c one by one, such that the quantum join remains the same.

First step, remove \( b_0 \): By the induction hypothesis (IH) and propositional logic, there exists a \( c_0 \in {\mathcal {C}} \) such that \( \vdash \chi \rightarrow c_0 \nleq \bigsqcup \mathcal {B}{\setminus } \{b_0\} \). Given that \( c_0 \le \bigsqcup \mathcal {B}\), \( {\textsf {Atom}}(b_0) \) and \( {\textsf {Atom}}(c_0) \) are also provable from \(\chi \), we can apply Lemma 4.18 and obtain \(\vdash \chi \rightarrow (\bigsqcup \mathcal {B}\equiv (\bigsqcup (\mathcal {B}{\setminus } \{b_0\}) \sqcup \{c_0\})) \).

Steps 2–n. Suppose we have a set \( {\mathcal {C}}' \) of l elements such that for \( \mathcal {B}' = \{ b_l, \dots , b_{n-1} \} \) we have

$$\begin{aligned} \vdash \chi \rightarrow \left( \bigsqcup \mathcal {B}\equiv \left( \bigsqcup \mathcal {B}' \sqcup \bigsqcup {\mathcal {C}}'\right) \right) . \end{aligned}$$

Now we remove \( b_l \) and obtain a \( c_l \in {\mathcal {C}} {\setminus } {\mathcal {C}}' \) in a completely similar way as in step 1, such that

$$\begin{aligned} \vdash \chi \rightarrow \left( \bigsqcup \mathcal {B}\equiv \left( \bigsqcup \left( \mathcal {B}' {\setminus } \{b_l\}\right) \sqcup \bigsqcup \left( {\mathcal {C}}' \cup \{c_l\}\right) \right) \right) . \end{aligned}$$

Final step. After n steps, we have a set \( {\mathcal {C}}' \subsetneq {\mathcal {C}} \) such that \(\vdash \chi \rightarrow ( \bigsqcup \mathcal {B}\equiv \bigsqcup {\mathcal {C}}' )\). We know there exists a \( c \in {\mathcal {C}} {\setminus } {\mathcal {C}}' \) for which we have \(\vdash \chi \rightarrow \bigwedge _{c' \in {\mathcal {C}}'} c \perp c' \) and therefore by Corollary 4.8, we have \(\vdash \chi \rightarrow ( c \perp \bigsqcup {\mathcal {C}}' )\), which means \( \vdash \chi \rightarrow (c \nleq \bigsqcup \mathcal {B}) \). Recall that \(c\le \bigsqcup \mathcal {B}\) is a conjunct of \(\chi \). Thus \(\vdash \chi \rightarrow {\mathtt {ff}}\). \(\square \)

Now we can show that each basis contains the same number of atoms.

Theorem 4.20

For any two finite sets of formulas \( \mathcal {B}\) and \( {\mathcal {C}} \) such that \( |\mathcal {B}| = |{\mathcal {C}}| \) the following formula is deducible.

$$\begin{aligned}&\vdash {\textsf {Basis}}(\mathcal {B}) \wedge \bigwedge _{c \in {\mathcal {C}}} \left( {\textsf {Atom}}(c) \wedge \bigwedge _{c' \in {\mathcal {C}} {\setminus } \{c\}} (c \perp c') \right) \\&\qquad \rightarrow {\textsf {Basis}}({\mathcal {C}}). \end{aligned}$$

Proof

We first abbreviate the antecedent with:

$$\begin{aligned} \psi := {\textsf {Basis}}(\mathcal {B}) \wedge \bigwedge _{c \in {\mathcal {C}}} \left( {\textsf {Atom}}(c) \wedge \bigwedge _{c' \in {\mathcal {C}} {\setminus } \{c\}} (c \perp c') \right) . \end{aligned}$$

We wish to show that \(\vdash \psi \rightarrow {\textsf {Basis}}({\mathcal {C}})\). As many conditions for \({\mathcal {C}}\) to be a basis are already in \(\psi \), it suffices to show that \(\vdash \psi \rightarrow (\bigsqcup {\mathcal {C}} \equiv {\mathtt {tt}})\). Since \(\vdash \psi \rightarrow {\textsf {Basis}}(\mathcal {B})\), it suffices to show \(\vdash \psi \rightarrow (\bigsqcup {\mathcal {C}}\equiv \bigsqcup \mathcal {B})\). To prove this, we follow a similar construction as was given in the inductive step for Lemma 4.19. We enumerate \(\mathcal {B}= \{b_0,\cdots ,b_{n-1}\}\), and will replace these elements with elements of \({\mathcal {C}}\) one by one.

First step, remove \(b_0\): by Lemma 4.19, there is a \(c_0\in {\mathcal {C}}\), such that \( \vdash \psi \rightarrow c_0 \nleq \bigsqcup \mathcal {B}{\setminus } \{b_0\} \). Just as we did in the proof of Lemma 4.19, we then apply Lemma 4.18 and obtain \(\vdash \psi \rightarrow (\bigsqcup \mathcal {B}\equiv (\bigsqcup (\mathcal {B}{\setminus } \{b_0\}) \sqcup \{c_0\})) \). Note that the only difference between this step and that of the proof of Lemma 4.19 is that we applied Lemma 4.19 directly rather than used induction. Steps 2–n differ from those of Lemma 4.19 in precisely the same way.

In the final step we have obtained a set \( {\mathcal {C}}' \subseteq {\mathcal {C}} \) such that \(\vdash \psi \rightarrow (\bigsqcup \mathcal {B}\equiv \bigsqcup {\mathcal {C}}' )\) and \( | \mathcal {B}| = | {\mathcal {C}}' | \). But we know that \( | {\mathcal {C}} | = | \mathcal {B}| \) and therefore \( {\mathcal {C}} = {\mathcal {C}}' \) (thus instead of a contradiction we get the desired result). \(\square \)

Corollary 4.21

If \( \mathfrak {M}\vDash {\textsf {Basis}}(\mathcal {B}) \) and \( \mathfrak {M}\vDash {\textsf {Basis}}({\mathcal {C}}) \) then \( |\mathcal {B}| = |{\mathcal {C}}| \).

For most protocols, we do not just require a basis for the whole system, but a basis for each local subsystem. In those cases, the basis for the whole system will be the tensor product of the basis for the local subsystems. We will refer to these basis as locally orthogonal (fully) separable orthobasis (LOSB), which can be expressed by

$$\begin{aligned} {{\textsf {LOSB}}}(\mathcal {B}) :={}&{\textsf {Basis}}(\mathcal {B}) \wedge \bigwedge _{b \in \mathcal {B}} {\mathsf {Sep}}(b) \\&\wedge \bigwedge _{i < N}\bigwedge _{b \in \mathcal {B}}\bigwedge _{c \in \mathcal {B}} ( b_{\{i\}} \equiv c_{\{i\}} \vee b_{\{i\}} \perp c_{\{i\}} )\\&\wedge \bigwedge _{b \in \mathcal {B}} \bigwedge _{i < N} \bigvee _{c \in \mathcal {B}} (b_{\{i\}} \not \equiv c_{\{i\}}) . \end{aligned}$$

The second to last line asserts that local components that are not equal must be orthogonal, and the last line asserts that each local component has dimension at least two.

The following lemma states that any LOSB \( \mathcal {B}\) is the tensor product of its local states.

Lemma 4.22

For a finite set of formulas \( \mathcal {B}\), Let \(\mathcal {B}^N\) be the set of functions from \(\{0,\cdots ,N-1\}\) to \(\mathcal {B}\).

The following formula is deducible:

$$\begin{aligned} \vdash {{\textsf {LOSB}}}(\mathcal {B}) \rightarrow \bigwedge _{f\in \mathcal {B}^N} \bigvee _{b \in \mathcal {B}} \bigwedge _{i < N} \left( b_{\{i\}} \equiv f(i)_{\{i\}}\right) . \end{aligned}$$

Proof

Let \(\chi \) be the negation of what we are trying to prove:

Let

$$\begin{aligned} \chi := {{\textsf {LOSB}}}(\mathcal {B}) \wedge \lnot \left( \bigwedge _{f\in \mathcal {B}^N} \bigvee _{b \in \mathcal {B}} \bigwedge _{i < N} (b_{\{i\}} \equiv f(i)_{\{i\}}) \right) . \end{aligned}$$

It suffices to show that \(\vdash \chi \rightarrow {\mathtt {ff}}\). First note that

Furthermore by definition of \({{\textsf {LOSB}}}\) and propositional logic, for every \(f\in \mathcal {B}^N\) and \(b\in \mathcal {B}\),

Thus

$$\begin{aligned} \vdash \chi \rightarrow \left( \bigvee _{f\in \mathcal {B}^N} \bigwedge _{b\in \mathcal {B}} \bigvee _{i<N} (b_{\{i\}} \perp f(i)_{\{i\}})\right) . \end{aligned}$$

By A6  we have \(\vdash \chi \rightarrow ( \bigvee _{f\in \mathcal {B}^N} \bigwedge _{b\in \mathcal {B}} (b\perp f(i) ))\). Then by Lemma 4.8, \(\vdash \chi \rightarrow (\bigvee _{f\in \mathcal {B}^N} (f(i) \perp \bigsqcup \mathcal {B}))\). Written another way, we have \(\vdash \chi \rightarrow (\bigvee _{f\in \mathcal {B}^N} (\bigsqcup \mathcal {B}\le {\sim }f(i)))\).

By modal reasoning \(\vdash {\mathtt {tt}}\equiv {\sim }{\mathtt {ff}}\) and by Lemma 4.5-(4.6), \(\vdash (\phi \not \equiv {\mathtt {ff}}) \leftrightarrow ({\sim }\phi \not \equiv {\mathtt {tt}})\). As for each \(i<N\), \(f(i)\in \mathcal {B}\) and is a conjunct of \({{\textsf {SubBasis}}}(\mathcal {B})\) and hence a conjunct of \(\chi \), we have that \(\vdash \chi \rightarrow ({\sim }f(i) \not \equiv {\mathtt {tt}})\). As \(\vdash (\phi \le \psi )\wedge (\psi \ne {\mathtt {tt}}) \rightarrow (\phi \ne {\mathtt {tt}})\), we have from this and \(\vdash \chi \rightarrow (\bigvee _{f\in \mathcal {B}^N} (\bigsqcup \mathcal {B}\le {\sim }f(i)))\) that \(\vdash \chi \rightarrow (\bigsqcup \mathcal {B}\ne {\mathtt {tt}})\). This together with the fact that \(\bigsqcup \mathcal {B}={\mathtt {tt}}\) is a conjunct of \({{\textsf {SubBasis}}}(\mathcal {B})\) and hence of \(\chi \) gives us that \(\vdash \chi \rightarrow {\mathtt {ff}}\).

\(\square \)

Given two LOSBs \( \mathcal {B}\) and \( {\mathcal {C}} \), we can construct a new LOSB \( \mathcal {D} \), such that for all \( i < N \), either for all \( d \in \mathcal {D} \) we have \( d_{\{i\}} \equiv b_{\{i\}} \) for some \( b \in \mathcal {B}\) or for all \( d \in \mathcal {D} \) we have \( d_{\{i\}} \equiv c_{\{i\}} \) for some \( c \in {\mathcal {C}}\). The following lemma proves this fact.

Lemma 4.23

Let \( \mathcal {B}, {\mathcal {C}} \) and \( \mathcal {D}\) be three sets of proposition letters of equal size, i.e., \( |\mathcal {B}| = |{\mathcal {C}}| = |\mathcal {D}| \). The following formula is deducible:

$$\begin{aligned} \vdash {\textsf {Ant}} \rightarrow {{\textsf {LOSB}}}(\mathcal {D}). \end{aligned}$$

where

$$\begin{aligned}&{\textsf {Ant}} :={{\textsf {LOSB}}}(\mathcal {B}) \wedge {{\textsf {LOSB}}}({\mathcal {C}}) \\&\begin{aligned} \qquad&\wedge \bigwedge _{d \in \mathcal {D}} {\mathsf {Sep}}(d) \wedge \bigwedge _{d \ne d' \in \mathcal {D}} d \not \equiv d' \\&\wedge \bigwedge _{i < N} \left( \begin{aligned}&\left( \bigwedge _{d \in \mathcal {D}} \bigvee _{b \in \mathcal {B}} d_{\{i\}} \equiv b_{\{i\}}\right) \\ \vee&\left( \bigwedge _{d \in \mathcal {D}} \bigvee _{c \in {\mathcal {C}}} d_{\{i\}} \equiv c_{\{i\}}\right) \end{aligned} \right) \end{aligned} \end{aligned}$$

Proof

To show \( \vdash {\textsf {Ant}}\rightarrow {{\textsf {LOSB}}}(\mathcal {D}) \) it suffices to show that \( {\textsf {Basis}}(\mathcal {D}) \), \( \bigwedge _{d \in \mathcal {D}} {\mathsf {Sep}}(d) \),

$$\begin{aligned} \bigwedge _{i < N}\bigwedge _{d \in \mathcal {D}}\bigwedge _{d' \in \mathcal {D}} \left( ( d_{\{i\}} \equiv d'_{\{i\}} ) \vee (d_{\{i\}} \perp d'_{\{i\}})\right) , \end{aligned}$$

(4.26)

and

$$\begin{aligned} \bigwedge _{i < N}\bigwedge _{d \in \mathcal {D}} \bigvee _{d' \in \mathcal {D}} (d_{\{i\}} \not \equiv d'_{\{i\}}) \end{aligned}$$

(4.27)

are provable from \( {\textsf {Ant}}\).

By extracting a conjunct from \({\textsf {Ant}}\), we already have \( \vdash {\textsf {Ant}}\rightarrow \bigwedge _{d \in \mathcal {D}} {\mathsf {Sep}}(d) \).

As an intermediate step, we show that \( \vdash {\textsf {Ant}}\rightarrow \bigwedge _{d \in \mathcal {D}} {\textsf {Atom}}(d) \). By axiom A4 we have \( \vdash {\textsf {Ant}}\rightarrow T(b_{\{i\}}) \) and \( \vdash {\textsf {Ant}}\rightarrow T(c_{\{i\}}) \) for all \( b \in \mathcal {B}\), \( c \in {\mathcal {C}} \) and \( i < N \). As \({\textsf {Ant}}\) asserts the equivalence of each \(d_{\{i\}}\) with either \(b_{\{i\}}\) or \(c_{\{i\}}\), propositional reasoning gives us \(\vdash {\textsf {Ant}}\rightarrow T(d_{\{i\}}) \) for all \( d \in \mathcal {D}\) and \( i < N \). So, by axiom A4, we have \(\vdash {\textsf {Ant}}\rightarrow {\textsf {Atom}}(d) \) for all \( d \in \mathcal {D}\).

We next show that (4.26) is provable from \({\textsf {Ant}}\). By propositional logic, using the conjunct for \({{\textsf {LOSB}}}(\mathcal {B})\) and for \({{\textsf {LOSB}}}({\mathcal {C}})\), we have

$$\begin{aligned} \vdash {\textsf {Ant}}\rightarrow \bigwedge _{i<N}(\chi (\mathcal {B})\vee \chi ({\mathcal {C}})), \end{aligned}$$

where

$$\begin{aligned} \chi (\mathcal {B}) := \bigwedge _{d,d' \in \mathcal {D}} \bigvee _{b,b' \in \mathcal {B}}&\left( (d_{\{i\}} \equiv b_{\{i\}})\wedge (d_{\{i\}}' \equiv b_{\{i\}}') \wedge \right. \\&\left. \left( \left( b_{\{i\}} \equiv b_{\{i\}}'\right) \vee (b_{\{i\}}\perp b_{\{i\}})\right) \right) . \end{aligned}$$

Then by modal logic we have

$$\begin{aligned} \vdash \chi (\mathcal {B}) \rightarrow \bigwedge _{d,d' \in \mathcal {D}}\left( \left( d_{\{i\}} \equiv d_{\{i\}}'\right) \vee \left( d_{\{i\}}\perp d_{\{i\}}\right) \right) \end{aligned}$$

and similarly

$$\begin{aligned} \vdash \chi ({\mathcal {C}}) \rightarrow \bigwedge _{d,d' \in \mathcal {D}}\left( \left( d_{\{i\}} \equiv d_{\{i\}}'\right) \vee \left( d_{\{i\}}\perp d_{\{i\}}\right) \right) \end{aligned}$$

Putting these together, we obtain by propositional logic

$$\begin{aligned} \vdash {\textsf {Ant}}\rightarrow \bigwedge _{i < N}\bigwedge _{d \in \mathcal {D}}\bigwedge _{d' \in \mathcal {D}} \left( \left( d_{\{i\}} \equiv d'_{\{i\}} \right) \vee (d_{\{i\}} \perp d'_{\{i\}})\right) \end{aligned}$$

To show \(\vdash {\textsf {Ant}}\rightarrow {\textsf {Basis}}(\mathcal {D})\), by Theorem 4.20, it remains to show that \(\vdash {\textsf {Ant}}\rightarrow \bigwedge _{d\ne d'\in \mathcal {D}} d\perp d'\). For each \(d,d'\in \mathcal {D}\), because \({\mathsf {Sep}}(d)\) is a conjunct of \({\textsf {Ant}}\) for each \(d\in \mathcal {D}\), and because \(\vdash {\textsf {Ant}}\rightarrow \bigwedge _{d\in \mathcal {D}}{\textsf {Atom}}(d)\), we apply axiom A5 to get

$$\begin{aligned} \vdash {\textsf {Ant}}\rightarrow \bigwedge _{d,d'\in \mathcal {D}}\left( \left( d \equiv d'\right) \leftrightarrow \bigwedge _{i} \left( d_{\{i\}} \equiv d'_{\{i\}}\right) \right) . \end{aligned}$$

Then

$$\begin{aligned} \vdash {\textsf {Ant}}\rightarrow \bigwedge _{d\ne d' \in \mathcal {D}} \bigvee _{i}\left( d_{\{i\}} \not \equiv d'_{\{i\}}\right) . \end{aligned}$$

Because

$$\begin{aligned} \vdash {\textsf {Ant}}\rightarrow \bigwedge _{d \in \mathcal {D}}\bigwedge _{d' \in \mathcal {D}}\bigwedge _{i < N} \left( \left( d_{\{i\}} \equiv d'_{\{i\}} \right) \vee (d_{\{i\}} \perp d'_{\{i\}})\right) , \end{aligned}$$

we have by propositional logic

$$\begin{aligned} \vdash {\textsf {Ant}}\rightarrow \bigwedge _{d\ne d' \in \mathcal {D}} \bigvee _{i} (d_{\{i\}} \perp d'_{\{i\}}) \end{aligned}$$

Thus by axiom A6, \(\vdash {\textsf {Ant}}\rightarrow \bigwedge _{d\ne d'\in \mathcal {D}} (d \perp d')\).

To show (4.27), let us fix an \( i < N \) and let \( \phi (i,\mathcal {B}) \) be

$$\begin{aligned} \phi (i,\mathcal {B}) := \bigvee _{d \in \mathcal {D}}\bigwedge _{d' \in \mathcal {D}}(d_{\{i\}} \equiv d'_{\{i\}}) \wedge \bigwedge _{d \in \mathcal {D}}\bigvee _{b \in \mathcal {B}} (d_{\{i\}} \equiv b_{\{i\}}). \end{aligned}$$

So for a fixed i we assume the negation of (4.27) and we assume all \( d \in \mathcal {D}\) are equal to some \( b \in \mathcal {B}\) at location i . We wish to show \( \vdash {\textsf {Ant}}\wedge \phi (i,\mathcal {B}) \rightarrow {\mathtt {ff}}\).

By definition of \( \equiv \) and modal reasoning, the first conjunct of \( \phi (i,\mathcal {B}) \) implies \( \bigwedge _{d,d' \in \mathcal {D}} (d_{\{i\}} \equiv d'_{\{i\}}) \), that is, all \( d \in \mathcal {D}\) are locally equivalent at location i . Combined with the second conjunct we get

$$\begin{aligned} \vdash {\textsf {Ant}}\wedge \phi (i,\mathcal {B}) \rightarrow \bigvee _{b \in \mathcal {B}}\bigwedge _{d \in \mathcal {D}} \left( d_{\{i\}} \equiv b_{\{i\}}\right) . \end{aligned}$$

As \( {{\textsf {LOSB}}}(\mathcal {B}) \) is a conjunct of \( {\textsf {Ant}}\), we have

$$\begin{aligned} \bigwedge _{b \in \mathcal {B}} \bigvee _{b' \in \mathcal {B}} \left( b_{\{i\}} \not \equiv b'_{\{i\}}\right) . \end{aligned}$$

Moreover, we have

$$\begin{aligned} \bigwedge _{b, b' \in \mathcal {B}} \left( (b_{\{i\}} \equiv b'_{\{i\}}) \vee (b_{\{i\}} \perp b'_{\{i\}}) \right) . \end{aligned}$$

Using propositional reasoning we obtain

$$\begin{aligned} \vdash {\textsf {Ant}}\wedge \phi (i,\mathcal {B}) \rightarrow \bigvee _{b \in \mathcal {B}}\bigwedge _{d \in \mathcal {D}} (d_{\{i\}} \perp b_{\{i\}}). \end{aligned}$$

By axiom A6, this implies

$$\begin{aligned} \vdash {\textsf {Ant}}\wedge \phi (i,\mathcal {B}) \rightarrow \bigvee _{b \in \mathcal {B}}\bigwedge _{d \in \mathcal {D}} (d \perp b). \end{aligned}$$

Now we can apply Corollary 4.8

$$\begin{aligned} \vdash {\textsf {Ant}}\wedge \phi (i,\mathcal {B}) \rightarrow \bigvee _{b \in \mathcal {B}}\left( b \perp \bigsqcup \mathcal {D}\right) . \end{aligned}$$

We have already shown that \( \vdash {\textsf {Ant}}\rightarrow {\textsf {Basis}}(\mathcal {D}) \), and as \( \bigsqcup \mathcal {D}\equiv {\mathtt {tt}}\) is a conjunct of \( {\textsf {Basis}}(\mathcal {D}) \) we conclude

$$\begin{aligned} \vdash {\textsf {Ant}}\wedge \phi (i,\mathcal {B}) \rightarrow {\mathtt {ff}}. \end{aligned}$$

We can show this result for any \( i < N \) and replacing \( \mathcal {B}\) by \( {\mathcal {C}} \). As a result we get

$$\begin{aligned} \vdash {\textsf {Ant}}\wedge \bigvee _{i < N}\bigvee _{d \in \mathcal {D}}\bigwedge _{d' \in \mathcal {D}}(d_{\{i\}} \equiv d'_{\{i\}}) \rightarrow {\mathtt {ff}}. \end{aligned}$$

This is equivalent to the desired result:

$$\begin{aligned} \vdash {\textsf {Ant}}\rightarrow \bigwedge _{i < N}\bigwedge _{d \in \mathcal {D}}\bigvee _{d' \in \mathcal {D}}(d_{\{i\}} \not \equiv d'_{\{i\}}). \end{aligned}$$

\(\square \)

5 Examples

In this section, we will discuss how to express and prove correctness for two quantum protocols: the quantum leader election protocol (Sect. 5.1) and the BB84 quantum key distribution protocol (Sect. 5.2).

5.1 Example 1: quantum leader election

The quantum leader election protocol aims to randomly select a leader in a group of agents such that each agent has equal probability to be selected as the leader. There exist several ways to solve this problem using quantum theory, e.g., D’Hondt and Panangaden (2006a) and Tani et al. (2012). The ones given in Tani et al. (2012) rely heavily on communication, and as we do not explicitly model communication, we will discuss the version given in D’Hondt and Panangaden (2006a), which omits explicit communication.

Given a set N of agents, the protocol assigns a quantum bit (a two dimensional Hilbert space) to each agent \( i \in N \) together with a basis . Then the following state, called the W-state, is considered:

This state entangles the qubits in such a way that, after the agents measure their qubit, only one agent measures and all other agents measure .

In our logic, we express and prove the existence of the W-state, showing that it has the desired probabilistic behavior. Our formula for correctness applies not only to the case where each agent has a qubit, but where each agent has a Hilbert space with dimension at least 2 (no smaller than a qubit). We could alternatively have enforced the property that each agent has precisely one qubit using as a conjunct

$$\begin{aligned} {{\textsf {LOSB}}}(\mathcal {B})\rightarrow & {} \bigwedge _{i<N} \bigwedge _{b,c,d\in \mathcal {B}} ((b_{\{i\}} \perp c_{\{i\}}) \\\rightarrow & {} ((d_{\{i\}}\equiv b_{\{i\}}) \vee (d_{\{i\}} \equiv c_{\{i\}}))), \end{aligned}$$

and the proofs in this section would have been essentially the same.

Let \( \mathcal {B}\) be a LOSB. Then an ordered subset \( \mathcal {W}= \{ W^i \mid i \in N + 1 \} \subset \mathcal {B}\) is Quantum Leader Election compatible (QLE compatible) if the following formula is satisfied (somewhere in) \( \mathfrak {M}\):

$$\begin{aligned} {\text {QLE}}(\mathcal {W}) :=\bigwedge _{i \in N} \left( \begin{aligned}&\left( W^i_{\{i\}} \not \equiv W^N_{\{i\}}\right) \\ {} \wedge {}&\bigwedge _{j \in N {\setminus } i} \left( W^i_{\{j\}} \equiv W^N_{\{j\}}\right) \end{aligned} \right) . \end{aligned}$$

We interpret this formula as follows. The last element \( W^N \) should be seen as the tensor product \(\bigotimes ^\mathfrak {M}_{i\in N} \mathbf {0}_i\), where \(\mathbf {0}_i\) is the qubit for agent i corresponding to the classical bit 0 (one of the basis elements of the qubit). For \(i<N\), the element \( W^i \) is similarly a tensor product of classical bits, where each component \(k\ne i\) is similarly \(\mathbf {0}_k\), but where component \(k=i\) is \(\mathbf {1}_k\) instead. Note that we are interpreting basis elements of the components as classical bits, rather that defining the basis elements of the components with respect to predetermined classical bits.

The correctness of the quantum leader election is expressed by

$$\begin{aligned} {\textsf {QLE-Cor}}(\mathcal {B}) :=&\; {{\textsf {LOSB}}}(\mathcal {B}) \rightarrow \\&\bigvee _{\mathcal {W}\subset _{N+1} \mathcal {B}} \left( \begin{aligned}&{\mathsf {QLE}}(\mathcal {W})\; \wedge \\ {} {}&\exists \bigwedge _{i< N} \Pr (W^i) = \frac{1}{N} \end{aligned} \right) , \end{aligned}$$

where \( \mathcal {W}\subset _{N+1} \mathcal {B}\) ranges over all subsets \(\{W^0,\cdots ,W^{N}\}\) of \( \mathcal {B}\) of size \( N+1 \).

We will first show that for any set \(\mathcal {B}= \{b_0,\cdots ,b_{n-1}\}\) of n pairwise orthogonal properties we have a state that has probability \( \frac{1}{n} \) for each property in \(\mathcal {B}\). Let us define

Proposition 5.1

For all \( n \ge 1 \) and for any set \( \mathcal {B}= \{b_0,\cdots ,b_{n-1}\} \) of n formulas, the following formula is deducible.

$$\begin{aligned} \vdash {\mathsf {Ort}}(\mathcal {B}) \rightarrow \exists \left( \bigwedge _{i \in n} \Pr (b_i) = \frac{1}{n} \right) . \end{aligned}$$

Proof

With induction: for \( n = 1 \) we have \( \vdash {\mathsf {Ort}}(\mathcal {B}) \rightarrow (b \not \equiv {\mathtt {ff}}) \), which by Lemma 4.4 implies \(\vdash {\mathsf {Ort}}(\mathcal {B}) \rightarrow \exists b \). By Lemma 4.12-(4.25), we have \( \vdash b \rightarrow \Pr (b) = 1 \), so we have \( \vdash {\mathsf {Ort}} \rightarrow \exists (\Pr (b) = 1) \), which finishes the case \( n = 1 \).

Induction hypothesis (IH): suppose for n we have \( \vdash {\mathsf {Ort}}(\mathcal {B}_n) \rightarrow \exists (\bigwedge _{i \in n} \Pr (b_i) = \frac{1}{n}) \). Let \( \mathcal {B}_{n+1} = \mathcal {B}_n \cup \{ b_{n} \} \). In Table 13, we show how to deduce

$$\begin{aligned} \vdash {\mathsf {Ort}}(\mathcal {B}_{n+1}) \rightarrow \exists \left( \bigwedge _{i \le n + 1} \Pr (b_i) = \frac{1}{n+1} \right) \end{aligned}$$

\(\square \)

Table 13 A proof of \( {\mathsf {Ort}}\left( \mathcal {B}_{n+1}\right) \rightarrow \exists \left( \bigwedge \limits _{i \le n + 1} \Pr (b_i) = \frac{1}{n+1}\right) \)

The following theorem proves the correctness of the quantum leader election.

Theorem 5.2

For any finite set of formulas \( \mathcal {B}\), it is provable that \(\vdash {\textsf {QLE-Cor}}(\mathcal {B})\), that is,

$$\begin{aligned} \vdash {{\textsf {LOSB}}}(\mathcal {B}) \rightarrow \bigvee _{\mathcal {W}\subset _{N+1} \mathcal {B}} \left( \begin{aligned}&{\mathsf {QLE}}(\mathcal {W}) \\ {} \wedge {}&\exists \bigwedge _{i< N} \Pr (W^i) = \frac{1}{N} \end{aligned} \right) , \end{aligned}$$

where \( \mathcal {W}\subset _{N+1} \mathcal {B}\) ranges over all subsets \(\{W^0,\cdots ,W^{N}\}\) of \( \mathcal {B}\) of size \( N+1 \).

Proof

For any \(\mathcal {W}= \{ W^0, \cdots , W^N \} \subset _{N+1} \mathcal {B}\), we can extract conjuncts from \({{\textsf {LOSB}}}(\mathcal {B})\) and apply Lemma 4.11 to obtain \(\vdash {{\textsf {LOSB}}}(\mathcal {B}) \rightarrow {\mathsf {Ort}}(\mathcal {W}) \). It is easy to see that for any \(\mathcal {W}'\subset _{N} \mathcal {W}\), we have that \(\vdash {\mathsf {Ort}}(\mathcal {W})\rightarrow {\mathsf {Ort}}(\mathcal {W}')\). Thus by this and Proposition 5.1, we have for any \(\mathcal {W}\subset _{N+1}\mathcal {B}\)

$$\begin{aligned} \vdash {{\textsf {LOSB}}}(\mathcal {B}) \rightarrow \exists \left( \bigwedge _{i < N} \Pr (W^i) = \frac{1}{N} \right) . \end{aligned}$$

(5.1)

To show that \( \vdash {{\textsf {LOSB}}}(\mathcal {B}) \rightarrow \bigvee _{\mathcal {W}\subset _{N+1} \mathcal {B}} {\mathsf {QLE}}(\mathcal {W}) \), we select any \(b\in \mathcal {B}\) to be \(W^N\). Note that

$$\begin{aligned} \vdash {{\textsf {LOSB}}}(\mathcal {B}) \rightarrow \bigvee _{\{b^i \mid i < N \} \subset \mathcal {B}} \left( \bigwedge _{i<N} (b^i_{\{i\}} \not \equiv W^N_{\{i\}}) \right) . \end{aligned}$$

(5.2)

For a given set \( \mathcal {V}= \{b^i \mid i < N \} \subset \mathcal {B}\) and each \(i<N\), let \(f^\mathcal {V}_i:\{0,\cdots ,N-1\}\rightarrow \mathcal {B}\), such that \(f^\mathcal {V}_i(j) = W^N\) if \(i \ne j\) and \(f^\mathcal {V}_i(i) = b^i\). Then for each \(i<N\), we can apply Lemma 4.22 using \(f^\mathcal {V}_i\) to obtain a \(W^i \in \mathcal {B}\) such that \( W^i_{\{i\}} \equiv b^i_{\{i\}} \) and \( W^i_{\{j\}} \equiv W^N_{\{j\}} \) for any \( j \ne i \). By (5.2) we know that for some \( \mathcal {V}\subset \mathcal {B}\) the resulting set \(\mathcal {W}= \{W^0,\cdots ,W^{N-1},W^N\}\) will be QLE compatible. Hence, using Lemma 4.22 and (5.2), we obtain \( \vdash {{\textsf {LOSB}}}(\mathcal {B}) \rightarrow \bigvee _{\mathcal {W}\subset _{N+1} \mathcal {B}} {\mathsf {QLE}}(\mathcal {W}) \). The desired result follows from this, (5.1), and propositional logic. \(\square \)

5.2 Example 2: BB84

The BB84 protocol is designed to provide two agents with the same random bitstring, to be used as a key for both encryption and description. The protocol works as follows: the first agent Alice has the ability to produce qubits in two different basis: and . Alice chooses two equally sized random bitstrings; the first is the message to be sent, the second determines the basis in which each individual bit of the message bitstring is sent. She sends the qubits to Bob, who has chosen a random bitstring as well to determine which basis he uses to measure each received qubit. After all qubits have been sent and measured, Alice and Bob publicly compare the basis bitstring they have used to create and measure the qubits respectively. On those positions where the basis bitstring matches, the corresponding bit in the message bitstring should correspond as well. On all other positions, those bits in the message bitstring could be different and are thus discarded. In the end, Alice and Bob have a corresponding random bitstring which is in general about half the size of the random bitstring Alice started with. Of course, this is in the ideal situation where no eavesdropper disturbs the channel. This section proves properties of this ideal situation.

We first need to characterize the message space. Let us fix the number of qubits at N and let \( \mathfrak {M}\) be the tensor product of N identical two dimensional quantum models. Let \( \mathcal {B}_1 \) and \( \mathcal {B}_+ \) be two LOSB’s that are locally probabilistically far apart (PFA), that is

$$\begin{aligned}&{\mathsf {PFA}}(\mathcal {B}_1, \mathcal {B}_+) :={{\textsf {LOSB}}}(\mathcal {B}_1) \wedge {{\textsf {LOSB}}}(\mathcal {B}_+) \\&\quad \wedge \bigwedge _{b \in \mathcal {B}_1} \bigwedge _{c \in \mathcal {B}_+} \bigwedge _{i < N} \left( \begin{aligned}&b \le \left( \Pr (c_{\{i\}}) = \frac{1}{2}\right) \\ {} \wedge {}&c \le \left( \Pr (b_{\{i\}}) = \frac{1}{2}\right) \end{aligned} \right) \end{aligned}$$

Intuitively, \( \mathcal {B}_1 \) represents the N tensor product of the local basis and \( \mathcal {B}_+ \) represents the N tensor product of the local basis . We introduce two new abbreviations for the remainder of this section:

$$\begin{aligned} m_{\{i\}} \in \{ 0, 1 \}&:=\bigvee _{b \in \mathcal {B}_1} m_{\{i\}} \equiv b_{\{i\}},\\ m_{\{i\}} \in \{ -, + \}&:=\bigvee _{b \in \mathcal {B}_+} m_{\{i\}} \equiv b_{\{i\}}. \end{aligned}$$

The message space \( {\mathcal {M}} \) of \( 4^N \) proposition letters can be defined by requiring each proposition to be locally equivalent either to some \( b \in \mathcal {B}_1 \) or to some \( b \in \mathcal {B}_+ \).

$$\begin{aligned} {\mathsf {Mes}}({\mathcal {M}}) :={}&\bigwedge _{m \in \mathfrak {M}} {\mathsf {Sep}}(m) \\&\wedge \bigwedge _{m \in \mathfrak {M}} \left( \begin{aligned}&\bigwedge _{i < N} \bigvee _{a \in \mathcal {B}_1 \cup \mathcal {B}_+} (m_{\{i\}} \equiv a_{\{i\}}) \\ {} \wedge {}&\bigwedge _{m' \in \mathfrak {M} {\setminus } \{m\}} (m \not \equiv m') \end{aligned} \right) . \end{aligned}$$

Let k be some element of \({\mathcal {M}}\). This represents Ann’s message and choice of basis for each component.

For any string \(s \in \{1,+\}^N\), let \( s_i \) denote the i’th coordinate. We define the set of propositions \(\mathcal {B}_s \subseteq {\mathcal {M}}\) by

$$\begin{aligned} \mathcal {B}_s := \left\{ b \in {\mathcal {M}} \;\Bigg |\; b_{\{i\}} \equiv b'_{\{i\}} \begin{aligned}&\quad {\text {for some }} b' \in \mathcal {B}_{s_i} \\&\quad {\text {for all }} i < N \end{aligned} \right\} . \end{aligned}$$

In words, \(\mathcal {B}_s\) is the set of formulas where the i’th coordinate of each element b of \(\mathcal {B}_s\) is in \(\{ 0, 1 \}\) if the i’th coordinate of s is 1, and where the i’th coordinate of b in \(\{ -, + \}\) otherwise. Note that by Lemma 4.23, for each \( s \in \{ 1, + \}^N \) the resulting set \( \mathcal {B}_s \) is an LOSB.

Furthermore, given a string \(s \in \{1,+\}^N\), define the term abbreviation:

• \(\Pr _s(\phi ) :=\sum _{b \in \mathcal {B}_s} \Pr (b \wedge \phi )\)

• \(\Pr _{{\mathcal {M}}}(\phi ) :=\sum _{s \in \{ 1, + \}^N} \frac{1}{2^N} \Pr _s(\phi )\)

The term \(\Pr _s(\phi )\) represents the probability of \(\phi \) holding true after measuring the state using basis \(\mathcal {B}_s\), in the event that \(\phi \) is testable (\(\phi \) needs to be testable for this reading to hold). The term \(\Pr _{{\mathcal {M}}}(\phi )\) represents the probability of \(\phi \) holding true after using a randomly selected one of the \(2^N\) chosen bases of states in \({\mathcal {M}}\).

The correctness of the BB84 protocol, when there is no eavesdropper, can be expressed by

where

$$\begin{aligned} {\mathsf {Ant}} :={\mathsf {PFA}}(\mathcal {B}_1,\mathcal {B}_+) \wedge {\mathsf {Mes}}({\mathcal {M}}) \wedge k \end{aligned}$$

and \( {\mathsf {Match}} \) states that at those coordinates where the choice of basis of Alice and Bob agree, Bob’s measured result agrees with Alice’s original message k. Formally this is expressed by

$$\begin{aligned} {\mathsf {Match}} :=\bigwedge _{i < N} \left( \begin{aligned}&{\mathsf {BasisOf}}(k_{\{i\}}) \\ \rightarrow&\bigvee \{ m \in {\mathcal {M}} \mid m_{\{i\}} \equiv k_{\{i\}} \} \end{aligned} \right) , \end{aligned}$$

where

$$\begin{aligned} {{\mathsf {BasisOf}}}(k_{\{i\}}) = \left\{ \begin{aligned}&\bigvee \{ m \in {\mathcal {M}} \mid m_{\{i\}} \in \{0, 1\} \} \\&if k_{\{i\}} \in \{ 0, 1 \} , \\&\bigvee \{ m \in {\mathcal {M}} \mid m_{\{i\}} \in \{-, + \} \} \\&if k_{\{i\}} \in \{ -, + \} . \end{aligned} \right. \end{aligned}$$

The probability of \({\mathsf {Match}}\) being equal to 1 reflects that without interference Bob should have received Ann’s message perfectly among those coordinates where they used the same basis.

Lemma 5.3

The following formula is deducible.

$$\begin{aligned} \vdash {\mathsf {Ant}}\rightarrow \Pr _{{\mathcal {M}}}({\mathsf {Match}}) = 1. \end{aligned}$$

Proof

We will first show \( \vdash {\mathsf {Ant}} \rightarrow \Pr _s({{\mathsf {Match}}}) = 1 \) for all \( s \in \{1, +\}^N \). The desired result will then follow from the inequality axioms. By Lemma 4.23, we know \( \vdash {\textsf {Ant}}\rightarrow {{\textsf {LOSB}}}(\mathcal {B}_s) \), and therefore by Lemma 4.17, \(\vdash {\textsf {Ant}}\rightarrow \sum _{b \in \mathcal {B}_s} \Pr (b) = 1 \). So all we need to show is that \( \vdash {\mathsf {Ant}} \rightarrow \Pr (b) = \Pr (b \wedge {\mathsf {Match}}) \) for all \( b \in {\mathcal {M}} \).

Let us define

$$\begin{aligned} {\mathsf {Match}}_{\mathsf {i}} :=\left( \begin{aligned}&{{\mathsf {BasisOf}}}(k_{\{i\}}) \\ \rightarrow&\bigvee \{ m \in {\mathcal {M}} \mid m_{\{i\}} \equiv k_{\{i\}} \} \end{aligned} \right) . \end{aligned}$$

Thus \({\mathsf {Match}} = \bigwedge _{i<N} {\mathsf {Match}}_i\). We will show that for each \(b\in \mathfrak {M}\),

$$\begin{aligned} \vdash \bigwedge _{i<N}({\textsf {Ant}}\rightarrow (\Pr (b) = 0\vee (b \equiv (b\wedge {\mathsf {Match}}_i)), \end{aligned}$$

(5.3)

hence

$$\begin{aligned} \vdash {\textsf {Ant}}\rightarrow (\Pr (b) = 0 \vee \left( b\equiv \left( b\wedge \bigwedge _{i<N}{\mathsf {Match}}_i\right) \right) \end{aligned}$$

By P4, \(\vdash (b\equiv (b\wedge {\mathsf {Match}}) \rightarrow \Pr (b) = \Pr (b\wedge {\mathsf {Match}})\). By Proposition 4.13, \(\vdash (\Pr (b \wedge {\mathsf {Match}}) \le \Pr (b)) \). Thus by P2 and inequality axioms \(\vdash \Pr (b)=0 \rightarrow \Pr (b) = \Pr (b\wedge {\mathsf {Match}})\). Hence, from (5.3), we use these steps to arrive at \(\vdash {\textsf {Ant}}\rightarrow \Pr (b)= \Pr (b\wedge {\mathsf {Match}})\).

To prove (5.3), let us fix an \( i < N \). We will discuss several cases, expressed by the following formulas:

$$\begin{aligned} \phi \;&:= b_{\{i\}} \equiv k_{\{i\}}\\ \psi \;&:= b_{\{i\}} \not \equiv k_{\{i\}} \wedge (b_{\{i\}} \in \{ 0, 1 \}\leftrightarrow k_{\{i\}} \in \{ 0, 1 \})\\ \chi \;&:= b_{\{i\}} \not \equiv k_{\{i\}} \wedge (b_{\{i\}} \in \{ 0, 1 \}\leftrightarrow k_{\{i\}} \not \in \{ 0, 1 \}) \end{aligned}$$

By propositional logic, we have \(\vdash \phi \vee \psi \vee \chi \).

Case \(\phi \): First note that \(\vdash {\textsf {Ant}}\wedge \phi \rightarrow \bigvee \{ b \in {\mathcal {M}} \mid b_{\{i\}} \equiv k_{\{i\}} \}\)

Therefore, we have

$$\begin{aligned}&\vdash {\mathsf {Ant}} \wedge (b_{\{i\}} \equiv k_{\{i\}}) \\&\qquad \rightarrow b \le \left( \begin{aligned}&{\mathsf {BasisOf}}(k_{\{i\}}) \\ \rightarrow&\bigvee \{ m \in {\mathcal {M}} \mid m_{\{i\}} \equiv k_{\{i\}} \} \end{aligned} \right) . \end{aligned}$$

Rewriting, we have \(\vdash {\textsf {Ant}}\wedge \phi \rightarrow (b\equiv (b\wedge {\mathsf {Match}}_i))\). Hence \(\vdash {\textsf {Ant}}\wedge \phi \rightarrow (\Pr (b) = 0 \vee (b\equiv (b\wedge {\mathsf {Match}}_i))\).

Case \(\psi \): By extracting conjuncts from \({\textsf {Ant}}\), we have \(\vdash {\textsf {Ant}}\wedge \psi \rightarrow {{\textsf {LOSB}}}(\mathcal {B}_1) \wedge {{\textsf {LOSB}}}(\mathcal {B}_+)\). Expanding \(\psi \), we have

$$\begin{aligned} \vdash {\textsf {Ant}}\wedge \psi \rightarrow&(b_{\{i\}} \in \{0,1\} \wedge k_{\{i\}}\in \{0,1\}) \vee \\&(b_{\{i\}} \in \{-,+\} \wedge k_{\{i\}}\in \{-,+\}). \end{aligned}$$

Thus by propositional logic, \(\vdash {\textsf {Ant}}\wedge \psi \rightarrow (b_{\{i\}} \perp k_{\{i\}})\) for each \(i<N\). By axiom A6, \(\vdash {\textsf {Ant}}\wedge \psi \rightarrow (b \perp k) \) and therefore by axiom P3, \(\vdash {\textsf {Ant}}\wedge \psi \rightarrow (k \le \Pr (b) = 0) \). By Lemma 4.2-(4.3), \(\vdash {\textsf {Ant}}\wedge \psi \rightarrow \Pr (b) = 0 \). Hence \(\vdash {\textsf {Ant}}\wedge \psi \rightarrow (\Pr (b) = 0 \vee (b\equiv (b\wedge {\mathsf {Match}}_i))\).

Case \(\chi \): By expanding \(\chi \), we have

By this and modal logic, we have that \(\vdash {\textsf {Ant}}\wedge \chi \rightarrow (b\le \lnot {\mathsf {BasisOf}}(k_{\{i\}}))\). Thus \(\vdash {\textsf {Ant}}\wedge \chi \rightarrow (b\le {\mathsf {Match}}_i)\), which is equivalent to \(\vdash {\textsf {Ant}}\wedge \chi (b \equiv b\wedge {\mathsf {Match}}_i)\). Thus \(\vdash {\textsf {Ant}}\wedge \chi \rightarrow (\Pr (b) = 0 \vee (b\equiv (b\wedge {\mathsf {Match}}_i))\).

Now we have \(\vdash {\textsf {Ant}}\wedge \omega \rightarrow (\Pr (b) = 0 \vee (b\equiv (b\wedge {\mathsf {Match}}_i))\), for each \(\omega \in \{\phi ,\psi ,\chi \}\). Together with \(\vdash \phi \vee \psi \vee \chi \), and repeating for each \(i<N\), we have (5.3). \(\square \)

6 Conclusion

This paper lays a foundation for an axiomatization of probabilistic quantum logics in the style of propositional dynamic logic. The axiomatization provided in this work is powerful enough to prove the correctness of quantum protocols, such as the quantum leader election of D’Hondt and Panangaden (2006a) and the BB84 quantum key distribution. As probability plays an important role in so many quantum protocols, we expect that our logic can be used and adapted to a much wider range of quantum protocols. We also hope that future work will clarify the prospects for a complete proof system.

This work may pave the way for powerful axiomatic system of stronger logics. For example, an axiomatic analysis of the construction of the W-state is left for future work; such an analysis would benefit from a more powerful logic that explicitly reasons about unitary operations. When involving unitaries for quantum protocols and programs, it would be further beneficial to either characterize commonly used logic gates, such as the Hadamard gate, or to include them as constants.

Another potential extension of the logic is to add the power to explicitly express both the quantum and classical communication involved in various protocols. This may help in expressing important properties of a communication-rich variant of the quantum leader election protocol given in Tani et al. (2012), as well as the relationships among the classical and quantum communication in the quantum teleportation protocol.