theory iff_redundant imports HOL begin text \Start with the axiomatization, just as in HOL. Several constants, like \The\, are omitted here, because they are not needed for demonstrating that axiom "iff" is redundant.\ axiomatization myimplies :: "[bool, bool] \ bool" (infixr "\" 25) and myeq :: "['a, 'a] \ bool" (infixl "\" 50) subsubsection \Defined connectives and quantifiers\ definition myTrue :: bool where "myTrue \ ((\x::bool. x) \ (\x. x))" definition myAll :: "('a \ bool) \ bool" (binder "\\" 10) where "myAll P \ (P \ (\x. myTrue))" definition myFalse :: bool where "myFalse \ (\\P. P)" definition mydisj :: "[bool, bool] \ bool" (infixr "\" 30) where myor_def: "P \ Q \ \\R. (P \ R) \ (Q \ R) \ R" subsubsection \Axioms and basic definitions\ axiomatization where myrefl: "t \ (t::'a)" and mysubst: "s \ t \ P s \ P t" and myext: "(\x::'a. (f x ::'b) \ g x) \ (\x. f x) \ (\x. g x)" text \There is no "myiff" here:\ axiomatization where myimpI: "(P \ Q) \ P \ Q" and mymp: "\P \ Q; P\ \ Q" and myTrue_or_False: "(P \ myTrue) \ (P \ myFalse)" subsection \Fundamental rules\ text \The lemmas in this subsection do not depend on axiom "iff".\ subsubsection \Equality\ lemma mysym: "s \ t \ t \ s" by (erule mysubst) (rule myrefl) lemma myssubst: "t \ s \ P s \ P t" by (drule mysym) (erule mysubst) lemma myfun_cong: "(f :: 'a \ 'b) \ g \ f x \ g x" apply (erule mysubst) apply (rule myrefl) done subsubsection \Equality of booleans -- iff\ lemma myiffD2: "\P \ Q; Q\ \ P" by (erule myssubst) lemma myrev_iffD2: "\Q; P \ Q\ \ P" by (erule myiffD2) lemma myiffD1: "Q \ P \ Q \ P" by (drule mysym) (rule myiffD2) lemma myrev_iffD1: "Q \ Q \ P \ P" by (drule mysym) (rule myrev_iffD2) lemma myiffE: assumes major: "P \ Q" and minor: "\P \ Q; Q \ P\ \ R" shows R by (iprover intro: minor myimpI major [THEN myiffD2] major [THEN myiffD1]) subsubsection \True\ lemma myTrueI: "myTrue" unfolding myTrue_def by (rule myrefl) text \"eqTrueI" has to be postponed after "myiff" is proved.\ lemma myeqTrueE: "P \ myTrue \ P" by (erule myiffD2) (rule myTrueI) subsubsection \Universal quantifier\ text \"allI" has to be postponed after "myiff" is proved.\ lemma myspec: "\\x::'a. P x \ P x" apply (unfold myAll_def) apply (rule myeqTrueE) apply (erule myfun_cong) done subsubsection \False\ lemma myFalseE: "myFalse \ P" apply (unfold myFalse_def) apply (erule myspec) done subsubsection \Disjunction\ text \"disjI1" and "disjI2" have to be postponed after "myiff" is proved.\ lemma mydisjE: assumes major: "P \ Q" and minorP: "P \ R" and minorQ: "Q \ R" shows R by (iprover intro: minorP minorQ myimpI major [unfolded myor_def, THEN myspec, THEN mymp, THEN mymp]) subsection \iff\ text \This is the new part.\ lemma myiffI: assumes 1: "P \ Q" and 2: "Q \ P" shows "P \ Q" using myTrue_or_False[of P] proof (rule mydisjE) assume c1: "P \ myTrue" hence P by (rule myeqTrueE) hence Q by (rule 1) from c1 show ?thesis proof (rule myssubst) from myTrue_or_False[of Q] show "myTrue \ Q" proof (rule mydisjE) assume "Q \ myTrue" thus ?thesis proof (rule myssubst) show "myTrue \ myTrue" by (rule myrefl) qed next assume "Q \ myFalse" with \Q\ have myFalse by (rule myrev_iffD1) thus ?thesis by (rule myFalseE) qed qed next assume c2: "P \ myFalse" thus ?thesis proof (rule myssubst) from myTrue_or_False[of Q] show "myFalse \ Q" proof (rule mydisjE) assume "Q \ myTrue" hence Q by (rule myeqTrueE) hence P by (rule 2) with c2 have myFalse by (rule myiffD1) thus ?thesis by (rule myFalseE) next assume "Q \ myFalse" thus ?thesis proof (rule myssubst) show "myFalse \ myFalse" by (rule myrefl) qed qed qed qed text \If needed; probably "myiffI" is sufficient anyway.\ theorem myiff: "(P \ Q) \ (Q \ P) \ (P \ Q)" by (iprover intro: myimpI myiffI mymp) end