Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

89
Functorial Kripke-Beth-Joyal models of the λΠ-calculus I: type theory and internal logic David J. Pym * Mark A. Price Hewlett Packard Labs University of Bath January 11, 2007 Abstract We give a categorical account of Kripke-Beth-Joyal models of the λΠ-calculus, which provide a semantic framework for interpreting consequences. Soundness and completeness of these models are shown. We define an equational Kripke applicative structure and Kripke logical relations and prove the fundamental lemma. The main use of the Kripke-Beth-Joyal models is to capture the notion of conse- quence when a logic has been encoded into the λΠ-calculus. We show that using the propositions-as-types correspondence, we are able to induce an (indexed) isomorphism between the Kripke-Beth-Joyal model of the λΠ-calculus and the Kripke-Beth-Joyal model of the {∀, ⊃}-fragment of minimal first-order logic. The models do not just capture formulae and their proofs but proofs and transfor- mations of proofs which allow us to model consequence. Work that still needs to be done: Introduction needs a lot more work; Tidy up notation surrounding defn of Kripke Model; Proof of Partial Equivalence needs work, check definition of logical relation; Add pictures for Kripke models; * The research reported herein, and in the two associated papers described in the introduction, was begun whilst the author was associated with The University of Edinburgh, Scotland, U.K.; it was continued whilst the author was associated with The University of Birmingham, England, U.K., and then with Queen Mary & Westfield College, University of London. The author has since acted as a supervisory role while Price has completed the research. The partial support of the UK EPSRC is gratefully acknowledged. The research reported herein, and in the two associated papers described in the introduction has been completed by the author as part of his Ph.D. research at the University of Bath under the supervision of Pym. The support of the UK EPSRC for this research is gratefully acknowledged. 1

Transcript of Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Page 1: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Functorial Kripke-Beth-Joyal models of the λΠ-calculusI: type theory and internal logic

David J. Pym∗ Mark A. Price†

Hewlett Packard Labs University of Bath

January 11, 2007

Abstract

We give a categorical account of Kripke-Beth-Joyal models of the λΠ-calculus,which provide a semantic framework for interpreting consequences. Soundness andcompleteness of these models are shown. We define an equational Kripke applicativestructure and Kripke logical relations and prove the fundamental lemma.

The main use of the Kripke-Beth-Joyal models is to capture the notion of conse-quence when a logic has been encoded into the λΠ-calculus. We show that using thepropositions-as-types correspondence, we are able to induce an (indexed) isomorphismbetween the Kripke-Beth-Joyal model of the λΠ-calculus and the Kripke-Beth-Joyalmodel of the {∀,⊃}-fragment of minimal first-order logic.

The models do not just capture formulae and their proofs but proofs and transfor-mations of proofs which allow us to model consequence.

Work that still needs to be done:

• Introduction needs a lot more work;

• Tidy up notation surrounding defn of Kripke Model;

• Proof of Partial Equivalence needs work,

check definition of logical relation;

• Add pictures for Kripke models;

∗The research reported herein, and in the two associated papers described in the introduction, was begunwhilst the author was associated with The University of Edinburgh, Scotland, U.K.; it was continued whilstthe author was associated with The University of Birmingham, England, U.K., and then with Queen Mary& Westfield College, University of London. The author has since acted as a supervisory role while Price hascompleted the research. The partial support of the UK EPSRC is gratefully acknowledged.

†The research reported herein, and in the two associated papers described in the introduction has beencompleted by the author as part of his Ph.D. research at the University of Bath under the supervision ofPym. The support of the UK EPSRC for this research is gratefully acknowledged.

1

Page 2: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

• Expand on meaning of Kripke partiality in relevant section;

• Representationability of Functors needs work;

• Comment in Chapter 6 need finishing;

• Conclusion needs a bit more work.

1 Introduction

This paper, “Functorial Kripke-Beth-Joyal models of the λΠ-calculus I: type theory andinternal logic” (henceforth abbreviated to I), is first of a sequence of three connected works.It is concerned with the basic model theory of the λΠ-calculus considered on the one handas a system of first-order dependent function types and on the other as presentation of the{∀,⊃}-fragment of minimal first-order predicate logic with proof-objects. From the point ofview of type theory, we see the term Πx :A .B as defining B(x) for each x in A, where fx isdefined within B(x). When there is no dependency, i.e., B(x) = B(y) for all x and y in Aand we end up with a function rather than a family of functions which can be seen as theterm λx :A .B. When terms are given functional types as just described, we see that eachterm defines a set-theoretic function (or family of functions) with the appropriate range anddomain. From the point of view of logic, the λΠ-calculus can be seen as being in propositions-as-types correspondence with the {∀,⊃}-fragment of minimal first-order predicate logic withproof objects. We interpret Πx :A .B as A⊃B when x does not occur free in B and ∀x :A .Bwhen x does occur free in B.

While we have proved a denotational semantics for λΠ which has it’s own intrinsic value,the methodology behind this treatment has been influenced by the role of λΠin logicalframeworks. This means that we have the following (implicate) understanding of a derivationin λΠ. Given an object-consequence, in a logic L,

δ : (X) φ1, . . . , φm `L φ

where X is the set of variables that occur in the formulae and δ is a proof-object. We see itas corresponding to the meta-consequence

ΓX , y1 :φ, . . . , ym :φm `ΣL Mδ :φ

which is a derivation in λΠ.At the core of our definition of Kripke(-Beth-Joyal) models of λΠ lies our treatment of

comprehension, context extension and (first-order) dependent function spaces. The essentialidea is similar that of earlier work [Jac91, Ehr88, Rit92]; however, our treatment has thefollowing two advantages:

1. Firstly, its definitions are, subject to the constraints determined by (2), intended to beminimal; we require no inessential categorical structure;

2

Page 3: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

2. Secondly, it is formulated from a model-theoretic point of view. Specifically, we developKripke λΠ-structures which together with an interpretation provide a model of the λΠ-calculus.

We use the Kripke partiality of our models of λΠ in a non-standard way. The usualunderstanding of Kripke partiality is that in certain worlds formulae can be defined andthus true or not defined. Given this view, we think of a proof being true at all worlds. Weunderstand a derivation at a world

[[x1 :φ1, . . . , xm :φm `Mδ :ψ]]w

in the following way. The λΠ term Mδ is the term corresponding to a proof of φ, whichdepends explicitly on the variables x1, . . . , xm. The world we are viewing this derivation attells us which x’s get interpreted and so which φ’s hold. When an x gets interpreted, thismeans that we have a proof of the corresponding φ at that world. If at a particular world,all the x’s get interpreted, i.e. there are proofs of all the formulae φi on the left hand sideof the consequence, then we can interpret the derivation φ, i.e. we have a proof of φ. Thisproof is the proof-object δ. The consequence of this is that it is possible for a derivation inλΠ not to be interpreted at certain worlds, these worlds will be the ones where not all thex’s are interpreted.

The second paper in the sequence, “Functorial Kripke-Beth-Joyal models of the λΠ-calculus II: the LF logical framework” (henceforth abbreviated to II), provides an introduc-tion to the LF logical framework. We see that to present a logic in LF, we need both alanguage and a representation. The language is chosen to be the λΠ-calculus defined in Iand the notion of a representation via the judgement-as-types encoding is explained in II. Atheory of representation is also developed.

The third paper in the sequence, “Functorial Kripke-Beth-Joyal models of the λΠ-calculusIII: logic programming and its semantics” (henceforth abbreviated to III), provides an intro-duction to using the LF logical framework as a logic programming language. We show thatthe usual fixed point theorems and unification algorithms can be applied to the LF logicalframework seen as a logic programming language.

We begin with an introduction to the λΠ-calculus, its internal logic, together with abrief explanation of the LF logical framework. We proceed to summarize the semantic issuesaddressed in each of the papers I, II and III. The remainder of the paper is devoted tothe details of the functorial Kripke-Beth-Joyal semantics of the λΠ-calculus and its internallogic.

1.1 λΠ and the LF logical framework

We begin by considering λΠ as a theory of functions.As an example, we take Πn : N. Vec(R, n), the type of (dependent) functions, which when

given a natural number n returns a tuple of reals of size n; and define f as a function fromΠn : N. Vec(R, n) to Rn. The following logical rule allows us to describe equality betweenthese functions:

3

Page 4: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

fn = fm implies n = m. (1)

More generally, we have the following projections which project to the second and thirdfunction space respectively.

π2 = λx :A . λy :B(x) . λz :B(x) . y :Πx :A .Πy :B(x) .Πz :B(x) . B(x)

π3 = λx :A . λy :B(x) . λz :B(x) . z :Πx :A .Πy :B(x) .Πz :B(x) . B(x)

Taking f as a two-valued dependent function defined below:

f : ( Πx :A .Πy :B(x) .Πz :B(x) . B(x) )→ C

we obtain the logical rule:

λx :A . fπ2 = λx :A . fπ3 implies fπ2 = fπ3 (2)

which allows us to describe equality.The LF logical framework provides a means to define (or present) logics. It is based

on a system of syntax, rules and proofs by means of a dependently typed λ-calculus. Todescribe a framework, we need a language together with a representation. The language isa dependently typed λ-calculus and we will take this to be the λΠ-calculus as set out inthis paper. This is the dependently typed λ-calculus used as a language in [HHP93]. Therepresentation we will describe is the judgements-as-types principle and again this is used in[HHP93].

1.2 The semantics of λΠ and its internal logic

Within λΠ we can apply a Π-abstraction to a context Γ extended by A and so we have thefollowing diagrams.

4

Page 5: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Γ • A B

Γ Πx :A .B

Using the propositions as types correspondence we can interpret the Π-abstraction ascorresponding to a quantification. So we start off with a proof δ(X, x) of the formula φ(X, x)and can quantify over the variable x : S, giving a new proof Gx :S.δ(X, x) of the formula∀x :S.φ(X, x) as shown by the following diagrams.

X, x :S ∆(X) `δ(X,x)T φ(X, x)

X ∆(X) `Gx:S . δ(X,x)T ∀x :S . φ(X, x)

1.3 The semantics of the LF logical framework

To study the semantics of the LF logical framework, we need the semantics for both theobject-logic and the meta-logic. The semantics for the meta-logic is just that of λΠ andso is provided by the Kripke λΠ-models described in this paper. The semantics for theobject-logic will also be a Kripke structure together with an interpretation. The semantics

5

Page 6: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

will provide a means for proving faithfulness of an encoding. A semantic viewpoint providesa more natural proof of faithfulness, c.f. [Sim93].

The semantics of the meta-logic will correspond to the semantics of the internal logicof the λΠ-calculus, not the encoded object-logic. For example, the implication used in themeta-logic will always be classical even when the encoded object-logic is intuitionistic. Allthe properties of the intuitionistic implication will be captured by the encoding.

1.4 Logic programming and its semantics

Kripke semantics; empty types; Kripke semantics and logic program computations. lamb-daPi and LF, representation thms. Embedding object-logic models.

Our work can be interpreted as a model-theoretic counterpart to Martin-Lof’s proof-theoretic account of meaning, as expressed in [ML82, ML87].

Of particular interest is our account of the notion of validity of a proof. Specifically, weare able to give an account of (Kripke-like) validity of proof-objects in (Kripke-like) models.

Role of Martin-Lof’s “knowledge-theoretical idealism” ? Evidence is nothing but theexperience of truth. Ger. Evidenz ist Erlebnisder Wahrheit.

The research reported herein began with the Chapter 7 of the Pym’s Ph.D. thesis(University of Edinburgh, 1990) [Pym90, Rit94, RP95] in which a Kripke-like least fixedpoint semantics was provided for the notion of logic programming that arises naturallyfor the λΠ-calculus. The completion of the research has been carried out by Price aswork towards his own Ph.D. thesis. Moreover, it was observed that a Kripke-like model-theoretic account of this semantics could be obtained via the theory of contextual categories[Car90, Car86, Str89, Pym90] and the Yoneda functor.1

2 The λΠ-calculus

2.1 Introduction

Here we develop two brief presentations of the λΠ-calculus. The first presentation is syntacticand the second algebraic.

The syntactic presentation is an overview of the presentation of the λΠ-calculus intro-duced in [HHP87, HHP93]. As well as defining the syntax, grammar and typing rules, theimportant meta-theoretic properties are stated along with a sketch of their proof. There isno treatment of equality at this stage. This is done for the sake of simplicity so that theimportant properties are highlighted. In § 3.5, we deal with equality and so that the resultswe have shown up to this point also hold with equality present.

The algebraic presentation introduces a category of contexts and realizations out of whichwe build an indexed category which will capture judgements of the form `Σ Γ context,Γ `Σ A : Type, Γ `Σ Mi : BI [Mj/yJ ]

i−1j=1 and Γ `Σ M : A. Finally, we extend the indexed

category to contextual fibres and familial fibres.

1Ibid..

6

Page 7: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

2.2 A syntactic presentation

We present the λΠ-calculus, a language introduced in [HHP87, HHP93]. It is a languagewith entities of three levels: objects, types and families of types and kinds. Objects2 areclassified by types, types and families of types by kinds. The kind Type classifies the types;the other kinds classify functions, f , which yield a type f(M1) . . . (Mn) when applied toobjects M1, . . . , Mn of certain types determined by the kind of f . Any function definable inthe system has a type as domain, while its range can either be a type, if it is an object, ora kind, if it is a family of types. The λΠ-calculus is therefore predicative.

The theory we shall deal with is a formal system for deriving assertions of one of thefollowing shapes:

` Σ sig Σ is a signature`Σ Γ context Γ is a contextΓ `Σ K kind K is a kindΓ `Σ A :K A has kind KΓ `Σ M :A M has type A

where the syntax is specified by the following grammar:

Signatures Σ ::= 〈〉 | Σ, c :K | Σ, c :AContexts Γ ::= 〈〉 | Γ, x :AKinds K ::= Type | Πx :A.KTypes A ::= c | Πx :A.B | λx :A.B | AMObjects M ::= c | x | λx :A.M | MN

We let M and N range over expressions for objects, A and B for types and families of types,K for kinds, x and y over variables, and c over constants. We also allow f , g to range overvariables where the intention is that, in general, these have higher types.

We refer to the collection of (constants) variables declared in a (signature) context (Σ)Γ as (Dom(Σ)) Dom(Γ). We assume α-conversion throughout. The inference rules of theλΠ-calculus appear in Table 1.3 We shall refer to this system as N because it is a systemof natural deduction. We write N proves Γ `Σ M : A, etc., to denote that the assertionΓ `Σ M :A, etc., is provable in the system N and we shall sometimes write simply Γ `Σ M :A,where no confusion can arise.

A term is said to be well-typed in a signature and context if it can be shown to either bea kind, have a kind, or have a type in that signature and context. A term is well-typed if itis well-typed in some signature and context. The notion of βη-reduction, written →βη, canbe defined both at the level of objects and at the level of types and families of types in theobvious way; for the details, see [HHP93]. M =βη N iff M

∗→βη P and N∗→βη P for some

2Not to be confused with the objects of a category.3Note that in [HHP87, Pym90, Pym95], the premiss Γ `Σ A :Type was included in each of the abstraction-

forming rules of the system N. This inclusion is inessential for the definition of proofs in the λΠ-calculus.However certain inductive proofs, such as the one of Theorem 2.1 given in [HHP93] via the correctness of analgorithmic formulation of the calculus, are technically simplified by their inclusion.

7

Page 8: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

term P , where ∗ denotes transitive closure. For simplicity we shall write →βη for →∗βη . We

write NF(U) to denote the βη-normal form of the expression U . We write U = V to denotethe α-equality of the expressions U and V and U ≡ V to denote their syntactic identity(with the subscript “def” to denote definitions). We let X range over (the right-hand sidesof) inhabitation judgements.

The assertion Γ `Σ 〈〉 :〈〉 is added to our system, since it cannot be derived in it. So fromany context and signature we can obtain the empty term with empty type and the emptytype with empty kind.

Given any context, Γ, if it is extended by an empty context, the new context is just theoriginal context, Γ.

The subterm property for N is that the derivation of Γ `Σ M : A, only subterms of Γand M appear within the derivation. Similar conditions hold for the assertions ` Σ sig, `Σ

Γ context, Γ `Σ K kind and Γ `Σ A :K. This property allows proof-search to be carriedout within the system N .

The head of a term of the form λx :A.M is A and for a term of the form Πx :A.B is A.We write A→ B for Πx :A.B when x does not occur free in B and A→ K for Πx :A.K

when x does not occur free in K. With the obvious inference rules, this use of→ constitutesa conservative extension of the language.

A summary of the major meta-theorems pertaining to N and its reduction properties aregiven by Theorem 2.1 [HHP93].

Theorem 2.1 (basic meta-theory of the λΠ-calculus) Let X range over basicassertions of the form A :K and M :A.

1. Thinning (weakening) is an admissible rule: if N proves Γ `Σ X andN proves `Σ,Σ′ Γ,Γ′ context, then N proves Γ,Γ′ `Σ,Σ′ X.

2. Transitivity is an admissible rule: if N proves Γ `Σ M :A andN proves Γ, x :A,Γ′ `Σ X, then N proves Γ,Γ[M/x] `Σ X[M/x].

3. Strengthening is an admissible rule: if N proves Γ, x :A,Γ′ `Σ X and ifx 6∈ FV(Γ′) ∪ FV(X) then N proves Γ,Γ′ `Σ X.

4. Permutation is an admissible rule: if N proves Γ, x : A, y : B,Γ′ `Σ X and if x 6∈FV(B), then N proves Γ, y :B, x :A,Γ′ `Σ X.

5. Uniqueness of types and kinds: if N proves Γ `Σ M :A andN proves Γ `Σ M :A′, then A =βη A

′, and similarly for kinds.

6. Subject reduction: if N proves Γ `Σ M :A and M∗→βη M

′, thenN proves Γ `Σ M

′ :A, and similarly for types.

7. All well-typed terms are strongly normalizing.

8. All well-typed terms are Church-Rosser.

8

Page 9: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

9. Each of the five relations defined by the inference system of Table 1 is decidable, as isthe property of being well-typed.

10. Predicativity: if N proves Γ `Σ M :A then the type-free λ-term obtained by erasing alltype information from M can be typed in the Curry type-assignment system ([HS86],Ch. 15, pp. 205-223). 2

The proof of Theorem 2.1 is rather complicated. One method, due to Salvesen [Sal90](see also [HHP93]) adapts the methods developed by van Daalen in his thesis [Daa80] tothis type theory. The main difficulty here lies in obtaining the Church-Rosser property inthe presence of η-conversion. The essential step in obtaining the proof of this property is tofirst reformulate the λΠ-calculus as a system with equality judgements in which type labelsare explicit, i.e., the assertions of equality have shape Γ `Σ M = N : A , etc.. This stepis sufficient to allow the methods of van Daalen to go through. The reader is referred to[Sal90] for the details of the proof.4 Similar properties are proved for the system with justβ-reduction in [HHP93]. We note that, in this proof, in order to obtain Part 8, one mustfirst prove decidability. The Church-Rosser property, strong normalization and the presenceof type labels are required in order to prove the decidability. An alternative approach to theproof of the Church-Rosser property, due to Coquand, is given in [Coq90]. Coquand refers toan analogy with Kripke semantics but does not fully exploit the link with Kripke semanticsby creating Kripke models.

In Appendix A of [Fel91], Felty presents a system which she calls canonical lf. Thissystem is lf, which she calls full lf, but only canonical terms are allowed. A term P iscanonical with respect to a context Γ if P is in β-normal form and every variable occurrenceis fully applied with respect to Γ. A variable x is fully applied with respect to a context Γif it occurs in a subterm of the form xM1 . . .Mn, where n is the arity of x. A term P is pre-canonical if its β-normal form is canonical. Felty shows that canonical lf can be embeddedinto full lf and full lf restricted to pre-canonical terms is canonical lf. She shows thatthe sequence of judgements associated to a canonical derivation is exactly the set of lemmasthat will be added to the context to obtain the corresponding derivation in canonical lf.

4Harper[Har88] also considers an equational formulation of the λΠ-calculus as a basis for the constructionof environment models [Mey82] of the type theory of lf.

9

Page 10: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Valid Signatures

` 〈〉 sig(3)

` Σ sig `Σ K kind c 6∈ Dom(Σ)

` Σ, c :K sig(4)

` Σ sig `Σ A :Type c 6∈ Dom(Σ)

` Σ, c :A sig(5)

Valid Contexts` Σ sig

`Σ 〈〉 context(6)

`Σ Γ context Γ `Σ A :Type x 6∈ Dom(Γ)

`Σ Γ, x :A context(7)

Valid Kinds`Σ Γ context

Γ `Σ Type kind(8)

Γ, x :A `Σ K kind

Γ `Σ Πx :A.K kind(9)

Valid Families`Σ Γ context c :K ∈ Σ

Γ `Σ c :K(10)

Γ, x :A `Σ B :Type

Γ `Σ Πx :A.B :Type(11)

Γ, x :A `Σ B :K

Γ `Σ λx :A.B :Πx :A.K(12)

Γ `Σ B :Πx :A.K Γ `Σ N :A

Γ `Σ BN :K[N/x](13)

Γ `Σ A :K Γ `Σ K ′ kind K =βη K ′

Γ `Σ A :K ′(14)

Valid Objects`Σ Γ context c :A ∈ Σ

Γ `Σ c :A(15)

`Σ Γ context x :A ∈ Γ

Γ `Σ x :A(16)

Γ, x :A `Σ M :B

Γ `Σ λx :A.M :Πx :A.B(17)

Table 1: rules for typings (continued on the next page)

10

Page 11: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Γ `Σ M :Πx :A.B Γ `Σ N :A

Γ `Σ MN :B[N/x](18)

Γ `Σ M :A Γ `Σ A′ :Type A =βη A′

Γ `Σ M :A′(19)

Table 1: rules for typings

11

Page 12: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

2.3 An algebraic presentation

In preparation for our subsequent presentation, we give a brief account of the algebraicorganization of the syntax of λΠ. Presentation of similar systems can be found in, forexample, [Car90, Car86, Str89, Jac91].

Let |E|, where E ranges over the grammatical expressions of the λΠ-calculus ([HHP93,IP02]), denote the equivalence class of E with respect to provable αβη-equality. Where noconfusion can arise we shall omit the brackets | − |.

We present a classifying category which captures judgements of the form `Σ Γ context,Γ `Σ A : Type, Γ `Σ Mi : Bi[Mj/yj]

i−1j=1 and Γ `Σ M : A. We use a strict indexed category

to provide the necessary structure. We use the base category to classify contexts and re-alizations, thus capturing the first and third judgements above. The category over eachjudgement allows us to express the first and third. We define a type as being an objectin the category over a context, Γ providing it can be proved from the context. The use ofthe indexed structure provides a suitable structure to capture the dependency between thetypes and terms on the context. We begin by defining the base category of contexts andrealizations.

Definition 2.2 Let Σ be a signature. (We read each syntactic expression as standing forits αβη-equivalence class.) The (base) category B(Σ) of contexts and realizations is definedas follows:

Objects: contexts Γ such that N proves `Σ Γ context;

Arrows: realizations Γ〈M1,...,Mn〉−→ ∆, such that, for each 1 ≤ i ≤ n, N proves Γ `Σ Mi :

Bi[Mj/yj]i−1j=1, where ∆ = y1 :B1, . . . , yn :Bn.

– Identities, written 1Γ(=x1:A1,...,xm:Am), are x1 :A1, . . . , xm :Am〈x1,...,xm〉−→ x1 :A1, . . . ,

xm :Am.

– Composition is defined as follows: if σ = Γ〈M1,...,Mn〉−→ ∆ and ρ = ∆

〈N1,...,Np〉−→ Θ,

then σ; ρ5 = Γ〈N1[Mj/yj ]

nj=1,...,Np[Mj/yj ]

nj=1〉−→ Θ. 2

Intuitively, it is clear that judgements of the form `Σ Γ context are classified by Γ beingan object of B(Σ). Similarly, the judgement Γ `Σ Mi :Bi[Mj/yj]

i−1j=1 is classified by the arrow

Γ〈M1,...,Mn〉−→ ∆ where ∆ = y1 : B1, . . . , yn : Bn. We now proceed to define the appropriate

indexed category which will allow us to classify the remaining judgements. The key pointhere is that we have a category over each context which classifies the dependence of thejudgement on the context.

5We use the ; notation for diagrammatic composition, i.e. f first then g rather than functional composi-tion, ◦. We have f ; g = g ◦ f

12

Page 13: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Definition 2.3 We define inductively a strict indexed category E(Σ) over the base categoryB(Σ),

E(Σ) :B(Σ)op −→ C,

where C denotes the category of small categories and functors, as follows (we read eachsyntactic expression as standing for its αβη-equivalence class):

• For each Γ in B(Σ), the category E(Σ)(Γ) is defined as follows:

Objects: Types A such that N proves Γ `Σ A :Type;

Arrows: AM−→ B, where the arrow M is such that Γ, x : A

〈~x,M〉−→ Γ, y : B in B(Σ): if

AM−→ B and B

N−→ C, then AM ;N−→ C is given by A

N [M/y]−→ C, where N is such

that Γ, y :B〈~x,N〉−→ Γ, z :C;

• For each Γσ←− Γ′ in B(Σ), E(Σ)(Γ

σ←− Γ′) is a functor E(Σ)(Γ)σ∗−→ E(Σ)(Γ′) given

by σ∗(A) =def A[σ] and σ∗(M) =def M [σ], where Γ′, x :A[σ]〈~x′,M [σ]〉−→ Γ′, y :B[σ] and

Γ, x :A〈~x,M〉−→ Γ, y :B.

As usual, each syntactic expression X is taken to denote its αβη-equivalence class. 2

Again, we show intuitively that we have classified judgements of the form Γ `Σ A :Typeby objects of E(Σ)(Γ) and Γ `Σ M :A by arrows from the terminal object to the object A.

We compare E(Σ) with Cartmell’s [Car86] category R(U) of contexts and realisations ofa theory U. R(U) is an example of a contextual category.

Cartmell does not have our indexed structure. He obtains a morphism analogous to the

functor E(Σ)(Γ)σ∗−→ E(Σ)(Γ′) via a pullback. If we were to collapse our indexed structure

onto the base category, we would end up with a contextual category.The relationship between the type theory, with proof system N, and the categories B(Σ)

and E(Σ), defined in Definitions 2.2 and 2.3, respectively, is given by the following:

Proposition 2.4 (classifying category) Let Σ be a signature and let Γ, M and A beβη-normal forms.

• N proves `Σ Γ context if and only if Γ is an object of B(Σ);

• N proves Γ `Σ A :Type if and only if A is an object of E(Σ)(Γ);

• Let M1, . . . ,Mn be objects. Then N proves Γ `Σ Mi :Bi[Mj/yj]i−1j=1 ∀ 1 ≤ i ≤ n if and

only if Γ〈M1,...,Mn〉−→ ∆(= y1 :B1, . . . , yn :Bn) is an arrow of B(Σ);

• N proves Γ `Σ M :A if and only if 〈〉 〈M〉−→ A is an arrow of E(Σ)(Γ).

Proof The proof is by induction on the structure of proofs in N (for the ‘only if’s) and byinduction on complexity of expressions (for the ‘if’s).

13

Page 14: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

(⇒) • Let N prove `Σ Γ context. By the definition of B(Σ), we have that Γ is an objectof B(Σ).

• Let N prove Γ `Σ A :Type. By the definition of E(Σ), we have that A is an objectof E(Σ)(Γ).

• Let N prove Γ `Σ Mi :Bi[Mj/yj]i−1j=1 ∀ 1 ≤ i ≤ n. By the definition of B(Σ), we

have that Γ〈M1,...,Mn〉−→ ∆ is an arrow of B(Σ).

• Let N prove Γ `Σ M :A. By the definition of B(Σ), we have a realization Γ〈~x,M〉−→

Γ, x :A in B(Σ). Then by the definition of E(Σ), we have an arrow 〈〉 〈M〉−→ A inE(Σ)(Γ).

(⇐) • Let Γ be an object of B(Σ). By the definition of B(Σ), we have that `Σ Γ context.

• Let A be an object of E(Σ)(Γ). By the definition of E(Σ)(Γ), we have thatΓ `Σ A :Type.

• Let Γ〈M1,...,Mn〉−→ ∆ by an arrow of B(Σ). By the definition of B(Σ), we have that

Γ `Σ Mi :Bi[Mj/yj]i−1j=1 ∀ 1 ≤ i ≤ n.

• Let 〈〉 〈M〉−→ A be an arrow of E(Σ)(Γ). By the definition of E(Σ)(Γ), we have a

realization Γ〈〉~x,M〉−→ Γ, x :A in B(Σ). Thus N proves Γ `Σ M :A by the definition

of B(Σ).

Similar arguments are available in, for example, [Str89, Jac91, Jac93, Pym90, Hof96, Pit00].2

In anticipation of constructions to follow later, q.v. §4.3 and §5, we observe that we canextend the classifying category to permit, respectively, realizations and families of types inthe fibres. We begin by extending our definition to allow us to classify realizations in thefibres.

Definition 2.5 (contextual fibres) The indexed category E(Σ) can be extended to a cat-egory Con(Σ) as follows:

• The base of Con(Σ) is B(Σ), just as in E(Σ);

• The objects of the fibre of Con(Σ) over Γ are arrows ∆σ−→ Θ, where Γ,∆ and Γ,Θ are

objects of B(Σ) and Γ,∆〈1Γ,σ〉−→ Γ,Θ is an arrow of B(Σ) (here we make the identification

Γ,Γ = Γ).

• The arrows of the fibre of Con(Σ) over Γ are pairs (h, k) such that the following diagramcommutes,

14

Page 15: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

∆σ

- Θ

Ψ

h

?

σ′- Φ

k

?

where ∆h−→ Ψ and Θ

k−→ Φ are objects of the fibre of Con(Σ) over Γ. Specifically,

Ψ,Φ are objects of B(Σ) and Γ,Ψ〈1Γ,σ

′〉−→ Γ,Φ, Γ,∆〈1Γ,h〉−→ Γ,Ψ and Γ,Θ

〈1Γ,k〉−→ Γ,Φ arearrows of B(Σ).

• For each Γσ←− Γ′, Con(Σ)(Γ

σ←− Γ′) is a functor Con(Σ)(Γ)σ−→ Con(Σ)(Γ′) defined

by the following commuting square, giving the action on arrows (h, k) as above.

σ∗∆σ∗ρ

- σ∗Θ

σ∗Ψ

σ∗h

?

σ∗ρ′- σ∗Φ

σ∗k

?

As usual, each syntactic expression X is taken to denote its αβη-equivalence class. 2

Proposition 2.4 can be extended to Con(Σ). Specifically, we change each of the E(Σ)s toCon(Σ) and the 2nd clause becomes

• N proves Γ `Σ A : Type and z : A /∈ Γ if and only if z : A〈z〉−→ z : A is an arrow of

Con(Σ)(Γ).

We note that this will not work for non-term models. In particular, we create a calculus,C to specifically deal with this, see Definition 4.9.

Before we can extend the definition of E(Σ) to families of types in the fibres, we need tointroduce the definition of the category of families of sets.

Definition 2.6 The category Fam, of families of sets, is as follows:

Objects: ordered pairs F = (B,E), where B is a set and E = (Eb)b∈B is a family of sets indexedby elements of B;

15

Page 16: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Arrows: if F = (B,E) and F ′ = (B′, E ′) are objects of F , then an arrow from F to F ′ is anordered pair (β, ε), where β : B −→ B′ is a function and ε = (εb)b∈B is a family offunctions εb :Eb −→ E ′

ε(b). 2

We now are able to extend E(Σ) to an indexed category Fam(Σ) : B(Σ) −→ Fam(C),which will capture families of types in the fibres.

Definition 2.7 (familial fibres) The indexed category E(Σ) can be extended to an indexedcategory Fam(Σ)6 :B(Σ)op −→ Fam as follows:

Object-part: over each Γ in B(Σ), a family (Ty(Γ), Tm(Γ, A)A∈Ty(Γ)), in which Ty(Γ) is the set ofwell-formed types over Γ and each Tm(Γ, A) is the set of well-formed terms of type Aover Γ;

Arrow-part: over each σ in B(Σ) is its inverse image, defined by pointwise substitution on theobject-part. 2

Proposition 2.4 can be extended to Fam(Σ). Specifically, we change each E(Σ) toFam(Σ) and the 2nd and 4th clause become:

• N proves Γ `Σ A :Type if and only if {(γ, x)|γ ∈ Γ ∧ x ∈ Aγ} is an object of Fam.

• N proves Γ `Σ M :A if and only if ∅ 〈M〉−→ {A} where {A} ⊂ Ty(Γ).

3 Kripke models of the λΠ-calculus

3.1 Introduction

The (strict) indexed categories which are required to model the semantics of dependenttypes have been explored by [Pit00] and [Rit92]. In his thesis, Ritter uses the Grothendickconstruction to get the required category, this is avoided in our approach, for detailed infor-mation on the Grothendick construction see [Jac99]. However the pullback structure whichis used later on comes straight from their work.

Mitchell and Moggi, [MM91], use Kripke models to model dependent types although theydon’t use the pullback which Pitts and Ritter do.

The approach presented here combines the Kripke models of Mitchell and Moggi withthe indexed structure, including the pullback, of Pitts and Ritter. This approach allows usto avoid the Grothendick construction while still having the required structure to adequatelymodel the dependent types.

The presentation of the Kripke structures in the following way allows us to capturein a uniform way the structure of the λΠ-calculus, in particular judgements of the formΓX ,Γ∆ `Σ M : A. The reason for capturing judgements of this form comes from the mo-tivation for presenting a semantics of the λΠ-calculus. We are presenting this semantics

6Whereas E(Σ) is valued in C, Fam(Σ) is valued in Fam, the category of families of sets, q.v. § 5.

16

Page 17: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

so that we may study the logical framework discussed earlier, in particular representationsof object-logics. The representation of an object-logic will involve judgements of the formdescribed above and it is expedient to make use of the distinguish between ΓX and Γ∆ sincethey are arisen from different aspects of the object-logic being encoded.

The Kripke prestructure we present allows us to interpret types as objects in the fibreover a context and terms as the arrows between them. While this is a useful presentation ofan encoded object-logic, we wish to be able to study proofs and transformations of proofs,i.e. consequences. We do this by building a Kripke structure out of the prestructure.

3.2 Kripke λΠ-structures

The definition of Kripke λΠ-models, beginning with λΠ-prestructures, is an inductive one.Let C denote the category of small categories and functors.

Definition 3.1 A Kripke λΠ-prestructure J is a functor

J : [W , [Dop,V ]]

where W is a small category (of “worlds”), Dop =∐

W∈W DopW , where W ranges over the

objects of W, and each category DW (the base at W ) is small; V, a subcategory of C, is acategory of values, such that:

1. Each DW has a terminal object, 1DW;

2. Each J (W )(D) has a terminal object, 1J (W )(D), preserved on the nose by each f ∗(=

J (W )(f)), where Ef−→ D ∈ DW ;

3. For each W ∈ W, D ∈ DW , A ∈ J (W )(D), there is a D • A ∈ DW together with

canonical projections D • ApD,A−→ D ∈ DW , 1J (W )(D•A)

qD,A−→ p∗D,A(A) and canonicalpullbacks in Dop

W

E • f ∗Af • A

- D • A

E

pE,f∗A

?

f- D

pD,A

?

satisfying the strictness conditions that idD∗(A) = A and idD • A = idD•A, for each A

in J (W )(D), and that g∗(f ∗A) = (g; f)∗A and (g • (f ∗A)); (f • A) = (g; f) • A, foreach appropriate A, f and g. Moreover, for each W and D, D • 1J (W )(D) = D;

17

Page 18: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

4. At each W , the arrow p∗D,A(= J (W )(pD,A)) has a right adjoint,

p∗D,A a ΠD,A :J (W )(D • A) −→ J (W )(D)

that satisfies the following (strict) Beck-Chevalley condition: for each Ef−→ D in DW ,

each A in J (W )(D) and each B in J (W )(D • A),

f ∗(ΠD,AB) = ΠE,f∗A((f • A)∗B) and (f • A)∗(app(A,B)) = app(f ∗A, (f • A)∗B),

where app is the co-unit of the adjunction.

Where no confusion can arise, we shall write just D(op) instead of D(op)W . 2

A few remarks concerning Definition 3.1 are in order.

• The pullback of (3) indicates how to interpret the tuples that constitue realizations

Γ〈M1,...,Mn〉−→ ∆. Given arrows F

g−→ E and Fh−→ D • A, the pullback determines a

unique mediating arrow u(g, h), which we write as 〈g, h〉. In the terms of Definitions

2.2 and 2.3, if g = 1Γ(= Γ〈x1,...,xm〉−→ Γ) and h = Γ

〈x1,...,xm,M〉−→ Γ, x :A, then u(g, h) =

Γ〈x1,...,xm,M〉−→ Γ, x :A.

• Alternatively, the definition of prestructures can be formulated so that the context-extension operation, •, arises from the Grothendieck construction, so that the 〈−,−〉notation be justified as in [Rit92] (cf. [Car90, Car86]).

• The requirement of (4) amounts to the existence of a natural isomorphism,

curW :homJ (W )(D•A)(p∗D,AC,B) ∼= homJ (W )(D)(C,ΠD,A(B)) :cur−1

W , (20)

where C ∈ J (W )(D • A) and B ∈ J (W )(D) with the co-unit of the adjunction, theapplication map,

appW :p∗D,AΠD,A =⇒ 1J (W )(D•A)

, given by arrows

p∗D,AΠD,A(B)appW (A,B)−→ B (21)

in J (W )(D • A).

• The arrows in the category of worlds describe the accessibility relation in the Kripkemodel. Kripke’s original paper [Kri63] takes just a preordered set of worlds. A Kripkemodel in the “usual” sense of Troelstra [Tro73] or van Dalen [Dal94] requires a partiallyordered set of worlds with a least element (a stronger condition). See also the work ofMoggi [MM68] and Moggi and Mitchell [MM91] for important related constructions.

In [MM91] we have a partial ordering, ≤, on the worlds which the same type inhabits,i.e. every a : σ at w is associated with some unique a′ : σ at w′, where w′ ≥ w. The

18

Page 19: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

partially-ordered set 〈W,≤〉 is viewed as category by taking the objects to be theelements of W and we have the unique arrow lw,w′ from w to w′ if and only if w ≤ w′.

The partially ordered set 〈W,≤〉 corresponds to the categoryW in our indexed setting,this is more complex since we are dealing with dependent types.

Corresponding to each Wα−→ W ′ inW is a natural transformation J (W )

J (α)=⇒ J (W ′).

Although these natural transformations correspond to the “transition functions” of[MM91], the situation in our setting, to which we return after Definition 3.5, is not assimple as that which obtains in [MM91].

• The functor category [W , [Dop,V ]] is a cartesian closed category so it is equivalent to[W × Dop,V ]. We do not use the second version since it does not correspond well tothe intended logical meaning. We wish to interpret Γ ` φ in [Dop,V ] and then extendit over a world to Γ `w φ by using [W , [Dop,V ]] as our categorical structure. It is lessclear how we should think of interpretations in the category [W ×Dop,V ].

The Kripke prestructure allows us to interpret types as objects in the fibre J (W )(D)and terms as the arrows between them. Later on we will consider these types to be formulaeand the terms as proofs. However, we wish to allow a finer analysis and so we move to aKripke structure. Here we interpret terms as objects in the fibre KJ (W )(D) and the arrowsas transformations of terms. We consider the terms as begin proofs and the transforma-tions between the terms as transformations between proofs and so we can study the proofsthemselves.

Definition 3.2 Let J be a Kripke λΠ-prestructure, J : [W , [Dop,V ]]. A Kripke λΠ-structureon J is a functor

KJ : [W , [Dop,V]];

we begin by defining the category V as follows:

Objects: Categories built out of V = J (W )(E), with

Objects: Arrows

AfA,B−→ B

of DW , where A = A1•. . .•Am and each Ai is an object of J (W )(E•A1•. . .•Ai−1)and each Bi is an object of J (W )(E •B1 • . . . •Bi−1);

Arrows: Arrows of DW of the form

E • AfA,C−→ E • C

which takes the object (AfA,B−→ B) to (C

fC,D−→ D).

Arrows: Functors KJ (W )(f). Let Ef−→ D be an arrow in DW so that KJ (W )(D) and

KJ (W )(E) are objects of V at world W . Let A = AfA,B−→ B in KJ (W )(D) and

C = AfC,D−→ D in KJ (W )(E). KJ (W )(f) satisfies the following conditions:

19

Page 20: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

1. KJ (W )(f)(A) = C, where C1 = f ∗(A1) and each Ci = (f • A)∗i (Ai). Here(f •A)i = (((f • A1) • A2) • . . . • Ai−1), i.e. we follow the usual convention forapplying brackets to function application;

2. If Aµ−→ A′ is an arrow in KJ (W )(D), then KJ (W )(D)(µ) = ν, the unique

mediating arrow determined by the following canonical pullback:

E • f ∗Af •A

- D •A

E • f ∗A′ f •A′-

ν(=def f ∗

µ)-

D •A′

µ

?

E

pE,A′

?

f-

pE,A

-

D

pD,A′

?

where pD,A′ = pD,A′1 , . . . , pD,A′m′ and pE,A′ = pE,A′1 . . . . , pE,A′m′ . 2

We will refer to a Kripke λΠ-structure rather than a Kripke λΠ-structure on J when noconfusion can arise by our so doing.

It is possible to extend the definition of the Kripke λΠ-structure in the following way. Wetake the categories V to have arrows which are pairs of arrows (f, g) such that the diagram

E • AfA,C- E • C

E •B

fA,B

? gB,D- E •D

fC,D

?

commutes.The pairs of arrows in KJ (W )(D) are determined by pullback, following the example

given in the definition.

3.3 Syntactic Examples

We build an example of a Kripke λΠ-structure out of the syntax. We recall that in section 2.3we defined categories B(Σ) and E(Σ) from the syntax. We use these categories to producean example of a Kripke λΠ-structure [P(Σ), [Aop,V ]], which we call T (Σ). We begin bydefining a Kripke λΠ-prestructure [P(Σ), [Aop,V ]].

20

Page 21: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Definition 3.3 The category P(Σ), a full subcategory of B(Σ), is defined as follows:

• Objects:

– 〈〉 is an object of P(Σ);

– If Γ is an object of P(Σ) and there exists an arrow Γσ−→ Γ,Γ′ in B(Σ), then

Γ,Γ′ is an object of P(Σ);

• Arrows:

homP(Σ)(Γ,∆) =def

homB(Σ)(Γ,∆) if ∆ ≡ Γ,Γ′, for some (possibly 〈〉) Γ′

∅ otherwise

We have the obvious inclusion, P(Σ)I(Σ)−→ B(Σ). Clearly, P(Σ) can be viewed as a ‘posetal’

category of contexts ordered by inclusion, Γ ⊆ Γ′. 2

Let ∆ be an object of P(Σ), we take the base at ∆ to be B(Σ)∆. We now take theopposite category B(Σ)op∆ and co-product over all ∆ in P(Σ) to obtain the category Aop =∐

∆∈W B(Σ)∆. It now remains to show that T (Σ) is in fact a functor. To do this we need toshow what T (Σ) does to objects and arrows of P(Σ). For any ∆ in P(Σ), T (Σ)(∆):Aop −→V should another functor, so again we need to describe it’s action on objects and arrowsof Aop. Before we are able to describe this functor we need to have a method of contextextension that is more suitable than just appending the new context on the right, with thisin mind we introduce consistent merge.

Definition 3.4 [Honsell] Consistent merge, Γ 1 ∆ is an extension of Γ with each componentof ∆, from left to right, discarding any duplications. If Γ and ∆ have any variables in commonthen such variables label the same types, i.e., if x :A ∈ Γ and x :B ∈ ∆, then A ≡ B. If Γand ∆ have any variables in common which are not consistent, i.e., if x :A ∈ Γ and x :B ∈ ∆and A ≡ B then we rename one of the variable using α-equivalence. Also Γ 1 〈〉 ≡ Γ. 2

We now continue by defining the action of the functor T (Σ)(∆) on objects and arrowsof A. Given an object Γ of A, the functor T (Σ)(∆) gives us the following category:

T (Σ)(∆)(Γ) =

Objects : Types A such that Γ 1 ∆ `Σ A :Type;

Arrows : E(Σ)(Γ 1 ∆) arrows.(22)

Given an arrow Γ〈M1,...,Mn〉←− Γ′ in A, where Γ′ = y1 : B1, . . . , yn : Bn, we obtain a functor

T (Σ)(∆)(Γ)〈M1,...,Mn〉∗−→ T (Σ)(∆)(Γ′).

We now define the functor 〈M1, . . . ,Mn〉∗ action on objects and arrows of T (Σ)(∆)(Γ).Let A be an object of T (Σ)(∆)(Γ), i.e., Γ 1 ∆ `Σ A : Type, then 〈M1, . . . ,Mn〉∗(A) =A[Mi/yi]

ni=1.

21

Page 22: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

The functor 〈M1, . . . ,Mn〉∗ takes an arrow AM−→ B to

A[Mj/yj]nj=1

〈M1,...,Mn〉∗M−→ B[Mj/yj]nj=1 in E(Σ)(Γ′ 1 ∆), where the functor 〈M1, . . . ,Mn〉∗M

is the realization Γ, x :A[Mj/yj]nj=1

〈x,M [Mj/yj ]nj=1〉−→ Γ′, y :B[Mj/yj]

nj=1.

We now show the functoriality of 〈M1, . . . ,Mn〉∗. Firstly, we look at it’s action on theidentity arrow for each object in T (Σ)(∆)(Γ), idA. We have that 〈M1, . . . ,Mn〉∗idA =idA[Mj/yj]

ni=1 = idA〈M1,...,Mn〉.

Let AM−→ B and B

N−→ C be arrows in T (Σ)(∆)(Γ), composing them we obtain the

arrow AN◦M−→ C. We apply 〈M1, . . . ,Mn〉∗ to the composition and obtain

A[Mj/yj]nj=1

(N◦M)[Mj/yj ]nj=1−→ C[Mj/yj]

nJ=1. Applying 〈M1〈, . . . ,Mn〉∗ to each of the arrows

individually gives A[Mj/yj]nj=1

M [Mj/yj ]nj=1−→ B[Mj/yj]

nj=1 and

B[Mj/yj]nj=1

N [Mj/yj ]nj=1−→ C[Mj/yj]

nj=1, composition of these arrows gives

A[Mj/yj]nj=1

N [Mj/yj ]nj=1◦M [Mj/yj ]

nj=1−→ C[Mj/yj]

nj=1 which is equivalent to

A[Mj/yj]nj=1

(N◦M)[Mj/yj ]nj=1−→ C[Mj/yj]

nJ=1 as required, thus 〈M1, . . . ,Mn〉∗ is a functor.

We take the category V to be the largest subcategory of the category of small categoriesand functors which contains the category T (Σ)(∆)(Γ) for all ∆ ∈ P(Σ) and Γ ∈ Aop and

the functors 〈M1, . . . ,Mn〉∗ for all realizations Γ〈M1,...,Mn〉←− Γ′ in A.

We now need to show the functoriality of T (Σ)(∆). Let idΓ be the identity for eachobject Γ ∈ Aop, then T (Σ)(∆)idΓ is the arrow id∗Γ. This is equal to the arrow idT (Σ)(∆)(Γ) asrequired.

Let Γ〈M1...,Mn〉−→ Γ′ and Γ′

〈N1,...,Np〉−→ Γ′′ be arrows in A which compose to give

Γ〈N1[Mj/yj ]

nj=1,...,Np[Mj/yj ]

nj=1〉−→ Γ′′. Applying T (Σ)(∆) to the composition gives the functor

〈N1[Mj/yj]nj=1, . . . , Np[Mj/yj]

nj=1〉∗. Applying the functor to each of the arrows individually

gives 〈M1, . . . ,Mn〉∗ and 〈N1, . . . , Np〉∗ and these compose to give〈N1[Mj/yj]

nj=1, . . . , Np[Mj/yj]

nj=1〉∗. Thus T (Σ)(∆) is a functor from Aop to V .

We now describe what T (Σ) does to arrows ∆σ−→ ∆′ in P(Σ). We define

(T (Σ)(σ))Γ(A) = A, where T (Σ)(Σ)(∆)(Γ)T (Σ)(Σ)(∆)(σ)Γ−→ T (Σ)(Σ)(∆′)(Γ). T (Σ) takes an

object ∆ ∈ P(Σ) to the category T (Σ)(Σ)(∆)(Γ). T (Σ) forgets the structure of transitions,treating P(Σ) as a poset of contexts, ordered by extension.

We show the functoriality of T (Σ). Let id∆ be the identity in P(Σ). We apply T (Σ) andobtain T (Σ)(id∆)Γ, which is the required identity by the fact that T (Σ)(id∆)Γ(A) = A. Let

∆σ−→ ∆′ and ∆′ τ−→ ∆′′ be arrows in P(Σ). We compose them to obtain ∆

τ◦σ−→ ∆′′, whichis sent to T (Σ)(τ ◦ σ)Γ. Applying T (Σ) to each of the arrows separately we have T (Σ)(σ)Γ

and T (Σ)(τ)Γ, these are composed to give the arrow T (Σ)(τ ◦ σ).Thus T (Σ) is a functor and all that remains is to show that conditions 1-4 of Definition

3.1 also hold to prove that T (Σ) is indeed a Kripke pre-structure.

1. Each B(Σ)∆ has a terminal object, given by the empty context 〈〉.

22

Page 23: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

2. Each T (Σ)(∆)(Γ) has a terminal object, given by the empty type 〈〉. Let Γ〈M1,...,Mn〉←− Γ′

in B(Σ). We have that 〈M1, . . . ,Mn〉∗ acts on 〈〉 to give 〈〉 in T (Σ)(∆)(Γ′) as required.

3. Let ∆ ∈ P(Σ), Γ ∈ B(Σ)∆, A ∈ T (Σ)(∆)(Γ). We let Γ, x :A ∈ B(Σ)∆ be our choice

for Γ • A and we have projections Γ, x : ApΓ,A−→ Γ, which is the opposite arrow of

Γ〈x,M〉−→ Γ, x : A, and 〈〉

qΓ,A−→ p∗Γ,A(A), so that we have 〈〉qΓ,A−→ A[M/x]. We have the

following pullback diagram

Γ′, y :A[Mj/yj]nj=1

〈M1, . . . ,Mn,M [Mj/yj]nj=1〉- Γ, x :A

Γ′

pΓ′,A[Mj/yj ]nj=1

?

〈M1, . . . ,Mn〉- Γ

pΓ,A

?

We have that id∗Γ(A) = A[xj/xj]nj=1 = A and that idΓ • A = 〈x,M [xj/xj]

nj=1〉 =

〈x,M〉 = idΓ,x:A for each A in T (Σ)(∆)(Γ) as required. We also have that

〈N1, . . . , Nm〉∗(〈M1, . . . ,Mn〉∗A) = 〈N1, . . . , Nm〉∗(A[Mj/yj]nj=1)

= (A[Mj/yj]nj=1)[Nk/zk]

mk=1

= A[nk[mj/yj]nj=1/zk]

mk=1

= 〈N1[Mj/yj]nj=1, . . . , Nm[Mj/yj]

nj=1〉∗A

= (〈N1, . . . , Nm〉; 〈M1, . . . ,Mn〉)∗A

where the composition of the two arrows is the composition in B(Σ).

We have that

(〈N1, . . . , Nm〉 • A[Mj/yj]nj=1); (〈M1, . . . ,Mn〉 • A)

= 〈N1 . . . , NM ,M [Mj/yj]nj=1[Nk/zk]

mk=1〉; 〈M1, . . . ,Mn,M [Mj/yj]

nj=1〉

= M1[Nk/zk]mk=1[M [Mj/yj]

nj=1[Nk/zl]

mk=1/x], . . . ,

M [Nk/zk]mk=1[M [Mj/yj]

nj=1[Nk/zl]

mk=1/x]

= 〈M1[Nk/zk]mk=1, . . . ,Mm[Nk/zk]

mk=1,M [Mj[Nk/zk]

mk=1/yj]

nj=1〉

= 〈M1[Nk/zk]mk=1, . . . ,Mn[Nk/zk]

mk=1〉 • A

= (〈N1, . . . , Nm〉; 〈M1, . . . ,Mn〉) • A

as required. Finally we have that for each ∆ ∈ W and Γ ∈ Dop, Γ • 1T (Σ)(∆)(Γ) = Γ, x :〈〉 = Γ.

4. We prove that p∗Γ,A a ΠΓ,A. We do this by establishing a bijection φ between arrowsC −→ ΠΓ,A(B) ∈ T (Σ)(∆)(Γ) and arrows p∗Γ,A(C) −→ B ∈ T (Σ)(∆)(Γ). φ is bijec-tive since if we take C −→ ΠΓ,A(B) and D −→ ΠΓ,A(E) to be non-equal arrows in

23

Page 24: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

T (Σ)(∆)(Γ) then we find that p∗Γ,A(C) −→ B and p∗Γ,A(D) −→ E are also non-equalarrows. We have that p∗Γ,A(C) = C[M/u] 6= D[N/v] = p∗Γ,A(D) and that C 6= D so thearrows between them are not equal. φ is surjective since if we let p∗Γ,A(C) −→ B bean arrow in T (Σ)(∆)(Γ, x :A) then we have B and ΠΓ,A(C) as objects in T (Σ)(∆)(Γ)since we can apply ΠΓ,A to B and we know that the object C gets mapped to p∗Γ,A(C).It remains to show that there is an arrow in T (Σ)(∆)(Γ) between these objects. There

is an arrow between them if there exists an arrow Γ, y :C〈x,M〉−→ Γ, z :ΠΓ,A(B) exists in

B(Σ). This arrow exists provided that Γ, y :C `Σ M :ΠΓ,A(B), so the arrow exists. Inparticular, ΠΓ,A(B) = Πx :A.B with ΠΓ,A corresponding to it’s introduction rule andp∗Γ,A corresponding to it’s elimination.

We have that (〈M1, . . . ,Mn〉 • A)∗B = 〈M1, . . . ,Mn,M [Mj/yj]nj=1〉∗B

= B[Mj/yj]nj=1[M [Mj/yj]

nj=1/w]. We now apply ΠΓ′,A[m/x] to this to obtain Πx :

A[M/x].B[Mj/yj]nj=1[M [Mj/yj]

nj=1/w] = Πx :A.B[mj/yj]

nj=1. This is equal to 〈M1, . . . ,

Mn〉∗(ΠΓ,AB) as required.

Finally, we show the existence of app, the co-unit of adjunction. We have that app :idT (Σ)(∆)(Γ, x :A) −→ p∗Γ,AΠΓ,A. So app(B) = p∗Γ,AΠΓ,A(B) = p∗Γ,A(Πx :A.B) = (Πx :A.B)[N/y] = B[N/y] So thinking in terms of N, we have applied (11) followed by (18)and a weakening since we are in Γ, x : A. We now need to show that the followingsquare commutes.

idT (Σ)(∆)(Γ, x :A)Bapp

- B[N/y]

idT (Σ)(∆)(Γ, x :A)C

M

? app- C[N ′/z]

p∗Γ,AΠΓ,AM

?

The arrow M is just the arrow from B −→ C since the identity map just returns Band C. We only need to show that p∗Γ,AΠΓ,AM is the correct arrow. There is an arrow

between B[N/y] and C[N ′/z] provided there is an arrow Γ, x :A,w :B[N/y]〈x,K〉−→ Γ, x :

A,w′ : C[N ′/z] in B(Σ). This arrow exists provided that Γ, x : A,w : B[N/y] `Σ M :(C[N ′/z]). This is possible since we can apply weakening to Γ, x :A to obtain Γ, x :A,w :B[N/y] and by using (11) and (18) to obtain the right hand side. Thus an arrowexists. This arrow is the same as p∗Γ,AΠΓ,A since we obtained it by applications of theequivalent rules in N. Thus the square commutes. The above argument also showsthat app is universal.

At each arrow ∆→ ∆′ of W , we must define a natural transformation T (∆)τ

=⇒ T (∆′).Inclusions will do:

24

Page 25: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Γ T (∆)(Γ) ⊂τΓ- T (∆′)(Γ)

Γ′

t

?

T (∆)(Γ′)

T (∆)(t)

?⊂

τΓ′- T (∆′)(Γ′)

T (∆′)(t)

?

Thus we have shown that [P(Σ), [Aop,V ]] is a Kripke prestructure. From this we buildthe Kripke structure over it. This is a functor KT (Σ) : [P(Σ), [Aop,V ]].

We define what KT (Σ) does to objects and arrows of Aop. Since it behaves in the sameway as T (Σ) on W , we only need to worry about what it does to objects and arrows of Aop.Let Γ be an object in Aop then KT (Σ)(∆)(Γ) defines a category in V . It’s objects are all

sections Γ 1 ∆〈1Γ1∆,N〉−→ Γ 1 ∆, z :B and its arrows are arrows 1Γ1∆.

Let Γ′ −→ Γ be an arrow in Aop, then KT (Σ)(∆)(Γ′ −→ Γ) is Γ 1 ∆ −→ Γ′ 1 ∆ and ittakes sections Γ 1 ∆ −→ Γ 1 ∆, z :B to Γ′ 1 ∆ −→ Γ′ 1 ∆, z :B[Mj/yj]

nj=1.

It remains to show functoriality. Let idΓ be the identity morphism for each object Γin Aop. KT (Σ)(∆) takes it to the arrow between sections Γ 1 ∆ −→ Γ 1 ∆, z : B andΓ 1 ∆ −→ Γ 1 ∆, z :B the required identity.

Let Γ〈M1,...,Mn〉−→ Γ′ and Γ′

〈N1,...,Np〉−→ Γ′′ be arrows in A. Composing them gives

Γ〈N1[Mj/yj ]

nj=1,...,Np[Mj/yj ]

nj=1−→ Γ′′ and applying KT (Σ)(∆) gives an arrow between sections Γ 1

∆ −→ Γ 1 ∆, z :B and Γ′′ 1 ∆ −→ Γ′′ 1 ∆, z :B[Ni[Mj/yj]nj=1/wi]

pi=1. Applying KT (Σ)(∆)

to each of the arrows separately gives arrows between Γ 1 ∆ −→ Γ 1 ∆, z : B and Γ′ 1

∆ −→ Γ′ 1 ∆, z :B[Mj/yj]nj=1 and between Γ′ 1 ∆ −→ Γ′ 1 ∆, x :C and Γ′′ 1 ∆ −→ Γ′′ 1

∆, x : C[Ni/wi]pi=1, composing these gives an arrow between Γ 1 ∆ −→ Γ 1 ∆, z : B and

Γ′′ 1 ∆ −→ Γ′′ 1 ∆, z :B[Ni[Mj/yj]nj=1/wi]

pi=1.

We have thus shown KT (Σ) is a functor and it now remains to show that the otherproperties of the Kripke structure are satisfied.

We need to show that KT (Σ)(∆)(Γ) has objects of the required form. This is the case sincewe can take A1 to be the empty type since Γ 1 ∆ `Σ 〈〉 and so it is an object of T (Σ)(∆)(Γ).We consider Γ 1 ∆ to have their types in a specific order, so we take A2 to be the first typeoccuring in Γ 1 ∆, which is an object of T (Σ)(∆)(Γ•〈〉) = T (Σ)(∆)(Γ, x :〈〉) = T (Σ)(∆)(Γ)by (16). We continue in this way so that Γ 1 ∆ is of the correct form. Similarly we constructΓ 1 ∆, z :B to be B. The arrows 1Γ1∆ are of the right form to be arrows in a Kripke structuresince we take A = C.

It just remains to show that the arrow KT (Σ)(∆)(Γ′ −→ Γ) is of the right form. Theproperty that KJ (W)(f)(A) = C where C1 = f ∗(A1) and each Ci = (f •A1 • . . .•Ai−1)

∗(Ai)holds since the arrow Γ′ −→ Γ in Aop will give the correct substitution due to the propertiesof f ∗ shown when constructing the prestructure.

25

Page 26: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

The pullback condition is given by the following commutative diagram. We take µ = 1Γ1∆

to see that KT (Σ)(∆)(Γ′ −→ Γ)(µ) = 1Γ′1∆ which is unique since it is the identity.

Γ′ 1 ∆ - Γ 1 ∆

Γ′ 1 ∆ -

1Γ ′1

-

Γ 1 ∆

1Γ1∆

?

Γ′

pΓ′1∆

?-

pΓ ′1

-

Γ

pΓ1∆

?

Thus KT (Σ) is a Kripke λΠ-structure (on T (Σ)).This is just one example of a Kripke structure and it is possible to find degenerate

examples by introducing equality. We could also have chosen to have greater structure inP(Σ), rather than treating it as a poset.

3.4 Kripke Σ-λΠ-models

A Kripke Σ-λΠ-model will be a Kripke λΠ-structure that has enough points to interpret notonly the constants of Σ but also the λΠ-terms defined over Σ and a given context, Γ.

The interpretation itself is a partial function. It is partial since we are only concernedwith interpreting well-typed terms not all possible terms. In fact we are only concerned withterms of the form Γ `Σ M : A : Type since this is the expression we get from interpretingjudgements of object-logics in LF.

Since we want to talk about equality of functions, we use ', which denotes the usualKleene partial equality. We then take the usual extensional collapse of the model underKleene partial equality, to obtain the most suitable model.

We only include as much typing and contextual information as we need when describingthe interpretation. For example we do not directly include the signature when we writedown the interpretation of a particular term or context since it is fixed throughout theinterpretation and such extra notation will only reduce the clarity of the notation.

We subscript a term by Γ, when it is in the fibre over Γ and to remind ourselves whichcontext we are working in. This is particularly important when we are changing contexts,e.g. interpreting Π.

When we do not include the subscript then we are working inDop and so actually changingthe context.

Partiality plays two roles: dependent typing partiality to bootstrap definition and Kripkesemantical partiality of information: the further up the world-ordering you go the morethings have defined interpretations: this is a mixing of lambda calculus and logic, the logicalstructure being inseparable from the term structure. Cf. Moggi and Mitchell, [MM91].

26

Page 27: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Note that since the models are βη-extensional, q.v. Theorem 4.1, the interpretation of Xdoes not differ from that of X[M/x], etc..

In the definition below, the subscripts indicate only the free variables that can, althoughdon’t necessarily, occur in object/type. They do not imply any notion of well-typing.

We now define the interpretation of terms of the λΠ-calculus in the Kripke structure. Thesyntactic example given in the previous section will provide some intuition for this definition.

Definition 3.5 Let Σ be a λΠ-signature. A Kripke Σ-λΠ-model is an ordered pair,〈KJ , [[−]]−KJ 〉, where KJ : [W , [Dop,V ]] is a Kripke λΠ-structure that has Σ-operations and

[[−]]−KJ is an interpretation, a partial function from the (raw) syntax of the λΠ-calculus to

(the components of) KJ : [W , [Dop,V ]], defined simultaneously by induction on the structureof the (raw) syntax of the λΠ-calculus as follows:

1. KJ has Σ-operations if, for all W in W,

(a) corresponding to each constant c :Πx1 :A1 . . .Πxm :Am .Type ∈ Σ, there is in eachJ (W )([[Γ]]WKJ ) an operation opc such that

opc([[(M1)Γ]]WKJ , . . . , [[(Mm)Γ]]WKJ ) is an object of J (W )([[Γ]]WKJ );

(b) corresponding to each constant c : Πx1 :A1 . . .Πxm :Am . A ∈ Σ, there is in each

J (W )([[Γ]]WKJ ) an arrow 1J (W )(D)opc−→ [[A]]WKJ , where D = [[Γ]]WKJ • [[A1]]

WKJ • . . . •

[[Am]]WKJ ;

2. An interpretation [[−]]−KJ in such a KJ satisfies, at each W :

(a) [[〈〉]]WKJ ' 1D;

(b) [[Γ, x :A]]WKJ ' [[Γ]]WKJ • [[AΓ]]WKJ ;

(c) [[Γ〈M1,...,Mn〉−→ ∆]]

W

KJ ' [[Γ]]WKJ

〈[[(M1)Γ]]WKJ,...,[[(Mn)Γ]]WKJ

〉−→ [[∆]]WKJ ;

(d) [[〈〉Γ]]WKJ ' 1[[Γ]]WKJin J (W )([[Γ]]WKJ )( i.e., the identity map on the terminal object);

(e) [[(cM1 . . .Mm)Γ]]WKJ ' opc([[(M1)Γ]]WKJ , . . . , [[(Mm)Γ]]WKJ ) in J (W )([[Γ]]WKJ ), where c :Πx1 :A1 . . .Πxm :Am .Type ∈ Σ, such that if cM1 . . .Mm =βη cM

′1 . . .M

′m, then

[[(cM1 . . .Mm)Γ]]WKJ ' [[(cM ′1 . . .M

′m)Γ]]WKJ ;

(f) [[(Πx :B.C)Γ]]WKJ ' Π[[Γ]]WKJ,[[BΓ]]WKJ

([[CΓ,x:B]]WKJ );

(g) [[cΓ]]WKJ ' curmW (opc) in J (W )([[Γ]]WKJ ), where c :Πx1 :A1 . . .Πxm :Am . A;

(h) [[xΓ]]WKJ ' p∗[[∆,x:A]]WKJ

,[[∆′]]WKJ(q[[∆]]WKJ

,[[A∆]]WKJ), where Γ ≡ ∆, x :A,∆′;

(i) [[(λx :A.M)Γ]]WKJ ' curW ([[MΓ,x:A]]WKJ );

27

Page 28: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

(j) [[(MN)Γ]]WKJ '([[〈x1, . . . , xm, N〉]]WKJ )∗(p∗

[[Γ]]WKJ,[[AΓ]]WKJ

[[MΓ]]WKJ ; appW ([[AΓ]]WKJ , [[BΓ,x:A]]WKJ )),

where Γ ≡ x1 :A1, . . . , xm :Am.

We require the following conditions:

(a) Syntactic monotonicity: if [[X]]WKJ is defined, then so is [[X ′]]WKJ , for every subterm

X ′ of X7;

(b) Accessibility: the functor J (W ) (which we might also call KJ (W )) has domain

D(=∐

W∈W DW ), so that [[Γ]]WKJ ∈ DW and [[Γ]]W′

KJ ∈ DW ′. If there is an arrow

Wα−→ W ′ in W, then (i) there is a functor κα : DW −→ DW ′ such that κα :

[[Γ]]WKJ 7→ [[Γ]]W′

KJ ; and (ii) J (W ′)([[Γ]]WKJ ) = J (W ′)([[Γ]]W′

KJ ) and J (W )([[Γ]]WKJ ) =

J (W )([[Γ]]W′

KJ ), for each term Γ; otherwise, J (W ′)([[Γ]]WKJ ) is undefined.

The second accessibility condition (ii) is a simple instance of a more general con-dition. We can require that there exist functors τα

[[Γ]]WKJand τα

[[Γ]]W′

KJ

such that the

following diagram, in which ηα[[Γ]]WKJ

and ηα[[Γ]]W

′KJ

are components of the natural trans-

formation J (α), commutes:

J (W )([[Γ]]WKJ )

ηα[[Γ]]WKJ- J (W ′)([[Γ]]WKJ )

J (W )([[Γ]]W′

KJ )

τα[[Γ]]WKJ

?

ηα[[Γ]]W

′KJ

- J (W ′)([[Γ]]W′

KJ )

τα[[Γ]]W

′KJ

?

We also require the following coherence condition:

J (W ′)(κα([[Γ]]WKJ )) = (τα[[Γ]]WKJ

; ηα[[Γ]]W

′KJ

)(J (W )([[Γ]]WKJ )).

In this definition, we have the simple case in which both τα[[Γ]]WKJ

and τα[[Γ]]W

′KJ

are

identities in V. In this simple setting, we shall we refer to τα[[Γ]]WKJ

; ηα[[Γ]]W

′KJ

(=

ηα[[Γ]]WKJ

; τα[[Γ]]W

′KJ

) as N α. In case W is posetal, so that α : W ≤ W ′, we write

NW,W ′. 2

7Note that X ranges over all of the grammar of raw terms of λΠ with signature Σ.

28

Page 29: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

The Σ-operations guarantee that we have enough points for the signature. This meansthat the constants are generators and that we have an object corresponding to applicationof c to Mn terms.

There is substantial scope, beyond the reach of this paper, for investigating differentchoices of τα

[[Γ]]WKJin Definition 3.5. Roughly, it concerns relativization: the idea of interpreting

constructs at one world, and reasoning about them from the point of view of another.The next three lemmas, 3.6, 3.7 and 3.8, are consequences of the Definition 3.5. We

include them here in order to emphasize the organization of the models we have defined.However, their proofs, which are by induction on the structure of proofs in the system N,must be performed simultaneously with the proof of Theorem 4.1, the soundness theoremfor the M : A : Type-fragment of λΠ. To see why this must be so, consider that the well-formedness of types, and so of contexts, depends in general on the well-formedness of objects.Moreover, the definedness of the interpretation of an object in a model depends upon thedefinedness of its type and the context in which its variables are declared.

Lemma 3.6 (context interpretation) Let Σ be a signature and 〈KJ , [[−]]−KJ 〉, where KJ :

[W , [Dop,V ]], be a Kripke Σ-λΠ-model. If N proves `Σ Γ context, then, for each W at whichit is defined, [[Γ]]WKJ is an object of D. 2

Lemma 3.7 (type interpretation) Let Σ be a signature and let 〈KJ , [[−]]−KJ 〉, where KJ :

[W , [Dop,V ]], be a Kripke Σ-λΠ-model. If N proves Γ `Σ A : Type, then, for each W atwhich it is defined, [[AΓ]]WKJ is an object of J (W )([[Γ]]WKJ ). 2

Lemma 3.8 (term interpretation) Let Σ be a signature and let 〈KJ , [[−]]−KJ 〉, where KJ :

[W , [Dop,V ]], be a Kripke Σ-λΠ-model. If N proves Γ `Σ M :A, then for each W at which

it is defined, [[〈〉Γ]]WKJ

[[MΓ]]WKJ−→ [[AΓ]]WKJ is an arrow of JW ([[Γ]]WKJ . 2

The astute reader will have noticed that the results above do not make use of the KripkeλΠ-structure. As we have mentioned before, the Kripke λΠ-structure allows us to capturenot just formulae and proofs but proofs and proof transformations, i.e., consequence. Thiswill be seen in detail in Chapter 6.

3.5 Adding definitional equality: λΠ=

So far we have considered the basic λΠ-calculus, which comes equipped with the intensionalαβη-equality. However, as we saw in § 1, from the point of view of the λ-calculus as atheory of functions, it is both important and interesting to consider also definitional equality.Specifically, we are interested in extending our signatures to include declarations of the formM = N :A by taking the following rule of signature formation (see also Table 2):

` Σ sig `Σ M :A `Σ N :A

` Σ,M = N :A sig.

29

Page 30: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Roughly, equational declarations of this form correspond, under the propositions-as-typescorrespondence, to theories in the internal logic.8 For example, if the term language of theinternal logic be extended with arithmetic terms, we might wish to assert that

(0 + 0) = 0:IN.

We might also add declarations of the form A = B :K, or indeed of the form K = L kind,to signatures but these extensions seem to be beyond our present requirements.

Our presentation of definitional equality is similar to that of Harper [Har88]. In additionto the judgements in λΠ, we consider also the following equality judgements:

Γ `Σ K = L kind K and L are equal kindsΓ `Σ A = B :K A and B are equal types of kind KΓ `Σ M = N :A M and N are equal objects of type A.

The additional inference rules required to support these judgements are given in Table 2;the system N extended with the these rules is called N=. When c ∈ Dom(Σ), we write Σ(c)for the unique K or A such that either c : K ∈ Σ or c : A ∈ Σ. When x ∈ Dom(Γ), wewrite Γ(x) for the unique A such that x :A ∈ Γ and Γx for the prefix of Γ up to, but notincluding, the declaration x. We let ε range the right-hand sides of equational judgementsand let X range over the right-hand sides of both equational and inhabitation judgements.The main syntactic metatheoretic properties of λΠ= (minor variations on [Har88], extendingTheorem 2.1) are summarized in Propositions 3.9 and 3.10. Although, for clarity, they arestated separately, they must be proved simultaneously not only with one another but alsowith Theorem 2.1, by induction on the structure of proofs in N=.

Proposition 3.9 (Harper 1988) 1. If Γ `Σ X, then FV(X) ⊆ Dom(Γ).

2. If Γ `Σ X, `Σ Γ′ context and, for all x ∈ FV(X), Γx `Σ Γ(x) = Γ′(x) : Type, thenΓ′ `Σ X.

3. Unicity of classifiers:

(a) If Γ `Σ A :K and if Γ `Σ A :L, then Γ `Σ K = L kind;

(b) If Γ `Σ M :A and if Γ `Σ M :B, then Γ `Σ A = B :Type. 2

Proposition 3.10 (Harper 1988) 1. If Γ `Σ K = L kind, `Σ Γ′ context and, for allx ∈ FV(K) ∪ FV(L), Γx `Σ Γ(x) = Γ′(x) :Type, then Γ′ `Σ K = L kind.

2. Well-formedness of equands:

(a) If Γ `Σ K = L kind, then Γ `Σ K kind and Γ `Σ L kind;

(b) If Γ `Σ A = B :K, then Γ `Σ B :K and Γ `Σ B :K;

8For details, see § 6.2.

30

Page 31: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

(c) If Γ `Σ M = N :A, then Γ `Σ M :A and Γ `Σ N :A.

3. Invertibility of kind- and type-equations:

(a) If Γ `Σ Πx :A .K = Πx :B .L kind, then Γ `Σ A = B :Type and Γ, x :A `Σ K =L kind;

(b) If Γ `Σ Πx :A .C = Πx :B .D kind, then Γ `Σ A = B :Type and Γ, x :A `Σ C =D :Type.

4. Substitution (Cut): If Γ, x :A `Σ ε and Γ `Σ M :A, then Γ `Σ ε[M/x]. 2

Turning to the algebraic formulation of the syntax, we can construct a syntactic categoryof contexts and realizations B(Σ)= by quotienting the category B(Σ) by the provable equality=, the equality = being extended from types to contexts by induction on the length ofcontexts and from objects to realizations by induction on the length of realizations. Similarly,we can obtain the categories E(Σ)=, Con(Σ)= and Fam(Σ)=.

Finally, turning to semantics, we extend our definition of λΠ-models to λΠ=-models.

Definition 3.11 Let Σ be a λΠ=-signature. We extend Definition 3.5 to λΠ= by adding therequirement that if M = N :A ∈ Σ, then [[M〈〉]]

W

KJand [[N〈〉]]

W

KJare defined at each world W

and [[M〈〉]]W

KJ= [[N〈〉]]

W

KJ. We call such a model an equational Kripke Σ-λΠ=-model. 2

31

Page 32: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Equations in signatures` Σ sig `Σ M :A `Σ N :A

` Σ,M = N :A sig(23)

Equivalence relation

Γ `Σ K kind

Γ `Σ K = K kind(24)

Γ `Σ A :K

Γ `Σ A = A kind(25)

Γ `Σ M :A

Γ `Σ M = M :A(26)

Γ `Σ K = L kind

Γ `Σ L = K kind(27)

Γ `Σ A = B :K

Γ `Σ B = A :K(28)

Γ `Σ M = N :A

Γ `Σ N = M :A(29)

Γ `Σ J = K kind Γ `Σ K = L kind

Γ `Σ J = L kind(30)

Γ `Σ A = B :K Γ `Σ B = C :K

Γ `Σ A = C :K(31)

Γ `Σ M = N :A Γ `Σ N = P :A

Γ `Σ M = P :A(32)

Structural equality rules

`Σ Γ M = N :A ∈ Σ

Γ `Σ M = N :A(33)

Γ `Σ A = B :K Γ `Σ K = L kind

Γ `Σ A = B :L(34)

Γ `Σ M = N :A Γ `Σ A = B :Type

Γ `Σ M = N :B(35)

Γ `Σ A = B :K `Σ Γ′ context Γx `Σ Γ(x) = Γ′(x) :Type x ∈ FV(A,B,K)

Γ′ `Σ A = B :K(36)

Γ `Σ M = N :A `Σ Γ′ context Γx `Σ Γ(x) = Γ′(x) :Type x ∈ FV(M,N,A)

Γ′ `Σ M = N :A(37)

Table 2: rules for definitional equality (continued on next page)

32

Page 33: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Kind equality

Γ `Σ A = B :Type Γ, x :A `Σ K = L kind

Γ `Σ Πx :A .K = Πx :A .L kind(38)

Types and families equality

Γ `Σ A = B :Type Γ, x :A `Σ C = D :Type

Γ `Σ Πx :A .C = Πx :B . D :Type(39)

Γ `Σ A = B :Type Γ, x :A `Σ C = D :K

Γ `Σ λx :A .C = λx :B . D :Πx :A .K(40)

Γ `Σ B = C :Πx :A .K Γ `Σ M = N :A

Γ `Σ BM = CN :K[M/x](41)

Γ `Σ A :K Γ `Σ K = L kind

Γ `Σ A :L(42)

Object equality

Γ `Σ A = B :Type Γ, x :A `Σ M = N :C

Γ `Σ λx :A .M = λx :B . N :Πx :A .C(43)

Γ `Σ M = N :Πx :A .B Γ `Σ P = Q :A

Γ `Σ MP = NQ :B[P/x](44)

Γ `Σ M :A Γ `Σ A = B :Type

Γ `Σ M :B(45)

Table 2: rules for definitional equality (continued from previous page)

33

Page 34: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

3.6 Satisfaction

We shall define two notions of satisfaction. Firstly,

W |=KJΣ (M :A)[Γ],

i.e., in the Kripke λΠ-model KJ , W forces (M :A) with respect to Γ. This notion will beextended to λΠ=.

Secondly, we consider the satisfaction of a realization,

W |=⇒KJΣ (∆

〈M1,...,Mn〉−→ Θ)[Γ],

i.e., in the Kripke λΠ-model KJ , W forces (∆〈M1,...,Mn〉−→ Θ) with respect to Γ. Again, this

notion will be extended to λΠ=.Clearly, the former can be considered a special case of the latter by setting ∆ ≡ 〈〉 and

Θ ≡ x :A. This is based on the fact that the interpretation equates 〈〉 〈M〉−→ x :A with M :A.It is convenient to consider them separately and no confusion will arise.

Definition 3.12 ( |= -satisfaction for λΠ) Let Σ be a signature, KJ : [W , [Dop,V ]] be aKripke Σ-λΠ-model and let Γ be a context, A be a type and M be an object. In the modelKJ , the world W satisfies the inhabitation of A by M with respect to Γ, i.e.,

W |=KJΣ (M :A)[Γ],

if and only if [[Γ]]WKJ , [[AΓ]]WKJ and [[MΓ]]WKJ are defined and, for all Wα−→ W ′,

[[1KJ (W ′)([[Γ]]W′

KJ)]]W

KJ

[[MΓ]]W′

KJ−→ [[AΓ]]W′

KJ , where

[[1KJ (W )([[Γ]]WKJ)]]W

KJ

[[MΓ]]WKJ- [[AΓ]]WKJ

[[1KJ (W ′)([[Γ]]W′

KJ)]]W

KJ

N α

↓[[MΓ]]W

KJ-

N α

[[AΓ]]W′

KJ

N α

2

We extend the definition of satisfaction to a Kripke λΠ=-model, in the natural way.

Definition 3.13 ( |= -satisfaction for λΠ=) Let Σ be a λΠ=-signature, KJ : [W , [Dop,V ]]be an equational Kripke Σ-λΠ=-model and let Γ be a context, A be a type and M and N beobjects. In the model KJ , the world W satisfies (i) the equation A = B :Type with repsectto Γ, i.e.,

W |=KJΣ (A = B :Type)[Γ],

34

Page 35: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

if and only if [[AΓ]]WKJ ' [[BΓ]]WKJ , and (ii) the equation M = N :A with respect to Γ, i.e.,

W |=KJΣ (M = N :A)[Γ],

if and only if W |=KJΣ (M :A)[Γ], W |=KJ

Σ (N :A)[Γ] and [[MΓ]]WKJ ' [[NΓ]]WKJ . 2

The raw syntax of signatures, contexts, kinds, types and objects can be extended to araw syntax of contexts and realizations as follows: if Γ and ∆, where ∆ ≡ y1 :B1, . . . , yn :Bn,are raw contexts, then a raw realization from Γ to ∆ is an n-tuple 〈M1, . . . ,Mn〉 of rawobjects.

Definition 3.14 ( |=⇒ -satisfaction for λΠ) Let Σ be a signature, KJ : [W , [Dop,V ]] be aKripke Σ-λΠ-model and let Γ, ∆ and Θ be contexts and σ be a realization. In the Σ-λΠ-model model KJ , the world W satisfies the realization ∆

σ−→ Θ with respect to Γ i.e.,

W |=⇒KJΣ (∆

σ−→ Θ)[Γ],

if and only if [[Γ]]WKJ , [[∆Γ]]WKJ , [[σΓ]]WKJ and [[ΘΓ]]WKJ are defined and, for each Wα−→ W ′,

[[∆Γ]]W′

KJ

[[σΓ]]W′

KJ−→ [[ΘΓ]]W′

KJ ,

where

[[∆Γ]]WKJ

[[σΓ]]WKJ- [[ΘΓ]]WKJ

[[∆Γ]]W′

KJ

N α

↓[[σΓ]]W

KJ-

N α

[[ΘΓ]]W′

KJ ,

N α

extending the interpretation [[−]]−KJ to raw realizations over an object in the base in theobvious way so that if σ = 〈M1, . . . ,Mn〉, then

[[σΓ]]WKJ = 〈[[(M1)Γ]]WKJ , . . . , [[(Mn)Γ]]WKJ 〉,

is defined over [[Γ]]WKJ . 2

Again, we extend the definition to a Kripke λΠ=-model.

Definition 3.15 ( |=⇒ -satisfaction for λΠ=) Let Σ be a λΠ=-signature,KJ : [W , [Dop,V ]] be an equational Kripke Σ-λΠ=-model and let Γ and ∆ = y1 :B1, . . . , ym :Bm and ∆′ = y′1 :B′

1, . . . , y′m :B′

m, Θ = z1 :C1, . . . , zm :Cm and Θ′ = z′1 :C ′1, . . . , z

′m :C ′

m becontexts and σ = 〈M1, . . . ,Mm〉 and σ′ = 〈M ′

1, . . . ,M′n〉 be realizations. In the Σ-λΠ=-model

model KJ , the world W satisfies the realization ∆σ−→ Θ with respect to Γ i.e.,

W |=⇒KJΣ (∆ = ∆′ σ=σ′−→ Θ = Θ′)[Γ], 9

if and only if [[∆Γ]]WKJ ' [[∆′Γ]]WKJ , [[ΘΓ]]WKJ ' [[Θ′

Γ]]WKJ and [[σΓ]]WKJ ' [[σ′Γ]]WKJ . 2

9A special case is W |=⇒KJΣ (∆ = ∆ σ=σ′−→ Θ = Θ)[Γ], which amounts to W |=⇒KJ

Σ (∆ σ=σ′−→ Θ)[Γ].

35

Page 36: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

The following lemma follows immediately from Definitions 3.12 and 3.14:

Lemma 3.16 The predicate |=KJΣ can be considered a special case of the predicate |=⇒KJ

Σ

as follows: if W |=⇒KJΣ (1

〈M〉−→ x :A)[Γ], then W |=KJΣ (M :A)[Γ].

Proof Let W |=KJΣ (1

〈M〉−→ x : A)[Γ]. Then [[Γ]]WKJ , [[1Γ]]WKJ , [[MΓ]]WKJ and [[x :AΓ]]WKJ are

defined. [[1Γ]]WKJ = [[1KJ (W )([[Γ]]WKJ)]]W

KJsince they are both the identity in the category over Γ.

[[x :AΓ]]WKJ = [[〈〉, x :AΓ]]WKJ = [[〈〉]]WKJ • [[AΓ]]WKJ = [[AΓ]]WKJ since [[〈〉]]WKJ is the identity, we canapply 2.(d) of Definition 3.5. So we have

[[1KJ (W )([[Γ]]WKJ)]]W

KJ

[[MΓ]]WKJ- [[AΓ]]WKJ

[[1KJ (W )([[Γ]]W′

KJ)]]W

KJ

N α

↓[[MΓ]]W

KJ-

N α

[[AΓ]]W′

KJ

N α

i.e. W |=KJW (M :A)[Γ]. 2

We writeW ′ ≥ W to indicate that there exists an arrowWα−→ W ′ inW . Furthermore, if

Wα−→ W ′ then we write [[−]]

[α]KJ to denote [[−]]WKJ after α, e.g., if [[AΓ]]WKJ ∈ J (W )([[Γ]]WKJ ) and

Wα−→ W ′ then we write [[AΓ]]

[α]KJ for N α([[AΓ]]WKJ ) ∈ J (W ′)([[Γ]]W

KJ ), etc... We write [[Γ]][α]KJ

for κα([[Γ]]WKJ ). Similarly, if Ef−→ D in Dop and if (−) is interpreted over D, then we write

(−)[f ] to denote (−) interpreted over E: e.g., if (∆σ−→ Θ) is interpreted as [[(∆

σ−→ Θ)]]W

KJ

over D, then (∆σ−→ Θ)[f ] is interpreted as KJ (W )(f)([[(∆

σ−→ Θ]]W

KJ ) over E.The remaining lemmata in this section give the basic logical properties of the satisfaction

relations |= and |=⇒ .

Lemma 3.17 (monotonicity of satisfaction) Let Σ be a signature and let 〈KJ , [[−]]−KJ 〉,where KJ : [W , [Dop,V ]], be a Kripke Σ-λΠ-model. If W |=⇒KJ

Σ (∆σ−→ Θ)[Γ], W

α−→ W ′,

then W ′ |=⇒KJΣ (∆

σ−→ Θ)[α][Γ].

Proof Let W |=ΣKJ (∆

σ−→ Θ)[Γ] and Wα−→ W ′. By the accessibility condition

of Definition 3.5, Wα−→ W ′ gives a functor N α, which we can apply to the realization

∆σ−→ Θ and obtain (∆

σ−→ Θ)[α]. Accessibility also gives us that KJ (W ′)(∆σ−→ Θ)[α] =

KJ (W )(N α)(∆σ−→ Θ) and so we have the result. 2

Lemma 3.18 (weakening of satisfaction) Let Σ be a signature and let 〈KJ , [[−]]−KJ 〉, in

which KJ : [W , [Dop,V ]], be a Kripke Σ-λΠ-model. If W |=⇒KJΣ (Ξ

σ−→ Ξ′)[Γ,Γ′] and if

N proves `Σ Γ,∆,Γ′ context, then W |=⇒KJΣ (Ξ

σ−→ Ξ′)[p][Γ,∆,Γ′], where [[Γ,∆,Γ′]]WKJp−→

[[Γ,Γ′]]WKJ is the obvious projection.

36

Page 37: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Proof Since N proves `Σ Γ,∆,Γ′ context, we can interpret Γ,∆,Γ′ in KJ as [[Γ,∆,Γ′]]WKJ .

We have a projection [[Γ,∆,Γ′]]WKJp−→ [[Γ,Γ′]]WKJ . This can be applied to [[Ξ

σ−→ Ξ′]]W

KJ to ob-

tain (Ξσ−→ Ξ′)[p] = KJ (W )(p)([[Ξ

σ−→ Ξ′]]W

KJ ) and so we haveW |=⇒ΣKJ (Ξ

σ−→ Ξ′)[p][Γ,∆,Γ′].2

Lemma 3.19 (substitutivity of satisfaction) Let Σ be a signature and let 〈KJ , [[−]]−KJ 〉,where KJ : [W , [Dop,V ]], be a Kripke Σ-λΠ-model. If W |=⇒KJ

Σ (∆σ−→ Θ)[Γ, x : C,Γ′], N

proves Γ `Σ N :C and W |=KJΣ (N :C)[Γ], then W |=⇒KJ

Σ (∆[N/x]σ[N/x]−→ Θ[N/x])[Γ,Γ′[N/x]].

Proof Since we have Γ `Σ N :C, it can be interpreted by [[1Γ]]WKJ

[[〈N〉]]WKJ−→ [[x :C]]WKJ . This

can be extended to [[Γ]]WKJ

[[〈x,N〉]]WKJ−→ [[Γ, x :C]]WKJ and since [[〈1Γ, N〉]]WKJ • [[Γ′]]WKJ =

[[〈1Γ, N, 1Γ′[N/x]〉]]WKJ . Thus we have the following canonical pullback in DopW :

[[Γ,Γ′[N/x]]]WKJ

[[〈1Γ, N, 1Γ′[N/x]〉]]WKJ- [[Γ, x :C,Γ′]]WKJ

[[Γ]]WKJ

p

?

[[〈x,N〉]]WKJ- [[Γ, x :C]]WKJ

p

?

where each p denotes the obvious composition of projections. It follows that from Defini-tion 3.2 that

KJ (W )([[〈x,N〉]]WKJ )([[∆]]WKJ

[[σ]]WKJ−→ [[Θ]]WKJ ) = ([[∆[N/x]]]WKJ

[[σ[N/x]]]WKJ−→ [[Θ[N/x]]]WKJ )︸ ︷︷ ︸i.e., (∆

σ−→Θ)[f ]

,

where f = [[〈x,N〉]]WKJ . 2

Lemma 3.20 (strengthening of satisfaction) Let Σ be a signature and let 〈KJ , [[−]]−KJ 〉,where KJ : [W , [Dop,V ]], be a Kripke Σ-λΠ-model. If W |=⇒KJ

Σ (∆σ−→ Θ)[Γ, x :C], N proves

`Σ Γ, x : C context and x 6∈ FV(Θ, σ,Γ), then W |=⇒KJΣ (∆

σ−→ Θ)[q][Γ] where [[Γ]]WKJq−→

[[Γ, x :C]]WKJ .

Proof Arguing by induction on the structure of syntax, we see that the map q has an imageunder KJ that constructs the appropriate interpretation of (∆

σ−→ Θ)[q]. The argument issimilar to that of Lemma 3.17. 2

37

Page 38: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Lemma 3.21 (exchange) Let 〈KJ , [[−]]−KJ 〉 be a Kripke Σ-λΠ-model. If

W |=KJΣ (X)[Γ,∆] and [[∆,Γ]]WKJ and [[X∆,Γ]]WKJ are defined, then W |=KJ

Σ (X)[∆,Γ].

Proof In defining [[X∆,Γ]]WKJ we have the required existence of interpretation of terms as well

as the necessary arrow defined by the interpretation of the term. Thus W |=KJΣ (X)[∆,Γ]

is defined given the existence of the necessary functor, N α, which is just obtained fromDefinition 3.5. 2

Lemma 3.22 (Π-forcing) Let Σ be a signature and let 〈KJ , [[−]]−KJ 〉, where

KJ : [W , [Dop,V ]], be a Kripke Σ-λΠ-model. W |=KJΣ (M : Πx : A .B)[Γ] if and only if,

for all Wα−→ W ′ and for all N such that W ′ |=KJ

Σ (N : A)[α][Γ], there is a P such that

W ′ |=KJΣ (P :B[N/x])[α][Γ] and P =βη MN . Similarly for the non-dependent function space,

→.

Proof By induction on the structure of the syntax, we see that if W |=KJΣ (M : Πx :

A .B)[Γ], then 1KJ (W )([[Γ]]WKJ)

[[MΓ]]WKJ−→ [[(Πx :A .B)Γ]]WKJ is defined over [[Γ]]WKJ . If Wα−→ W ′,

then, by Lemma 3.17, 1KJ (W ′)([[Γ]][α]KJ

)

[[MΓ]][α]KJ−→ [[(Πx :A .B)Γ]]

[α]KJ is defined over [[Γ]]

[α]KJ . By

hypothesis, 1KJ (W ′)([[Γ]][α]KJ

)

[[NΓ]][α]KJ−→ [[AΓ]]

[α]KJ is defined over [[Γ]]

[α]KJ . Moreover, by Lemma 3.17,

we must have that the adjunction defining the function space at W ′ is in the image of [[−]]W′

KJ ,i.e.,

p∗[[Γ]]W

′KJ

,[[AΓ]]W′

KJ[[MΓ]]W

KJ ; appW ([[AΓ]]W′

KJ , [[BΓ,x:A]]W′

KJ )

is an arrow 1J (W ′)([[Γ,x:A]]W′

KJ)−→ [[BΓ,x:A]]W

KJ over [[Γ, x :A]]W′

KJ . It remains to show that

W ′ |=KJΣ (MN :B[N/x])[Γ],

i.e., that 1KJ (W ′)([[Γ]]WKJ)

[[(MN)Γ]]W′

KJ−→ [[(B[N/x])Γ]]W′

KJ . By Definition 3.5, [[(MN)Γ]]W′

KJ is defined

and equal to

[[〈x1, . . . , xm, N〉]]W′

KJ )∗(p∗[[Γ]]W

′KJ

,[[AΓ]]W′

KJ[[MΓ]]W

KJ ; appW ([[AΓ]]W′

KJ , [[BΓ,x:A]]W′

KJ )),

where as usual Γ ≡ x1 :A1, . . . , xm :Am. A brief inspection of this expression reveals that ithas the correct type: from (21), appW ([[AΓ]]W

KJ , [[BΓ,x:A]]W′

KJ ) is an arrow

[[(Πx :A .B)Γ,x:A]]W′

KJ −→ [[BΓ,x:A]]W′

KJ over [[Γ, x :A]]W′

KJ ; similarly, p∗[[Γ]]W

′KJ

,[[AΓ]]W′

KJ

[[MΓ]]W′

KJ is an

arrow 1J (W ′)([[Γ,x:A]]W′

KJ)−→ [[(Πx :A .B)Γ,x:A]]W

KJ over [[Γ, x :A]]W′

KJ , so that

p∗[[Γ]]W

′KJ

,[[AΓ]]W′

KJ

[[MΓ]]W′

KJ ; appW ([[AΓ]]W′

KJ , [[BΓ,x:A]]W′

KJ ) is an arrow 1J (W ′)([[Γ,x:A]]W′

KJ)−→ [[BΓ,x:A]]W

KJ

38

Page 39: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

over [[Γ, x :A]]W′

KJ ; finally, [[(MN)Γ]]W′

KJ is the image of this arrow over [[Γ]]WKJ , under the pullback

functor ([[〈x1, . . . , xm, N〉]]W′

KJ )∗, which performs the required substitution.For the converse, we observe that the argument can be reversed. 2

4 Soundness and Completeness of λΠ and λΠ=

4.1 Introduction

We show soundness and completeness of λΠ and λΠ= in two stages, we firstly show soundnessand completeness for |= and secondly for |=⇒ .

The proof of soundness in both cases is carried out by induction over the structure ofproofs in the system N(=) and is rather lengthy. The proof of model existence in both casesis of interest since instead of defining a prime extension of a theory, a model is constructedout of the algebraic presentation of the syntax.

4.2 Soundness and completeness of λΠ and λΠ= for |=We begin by analysing the relationship between |= and syntactic consequence. The firststep is to prove soundness of λΠfor |= .

Theorem 4.1 (soundness of λΠ for |= ) Let Σ be a signature, let 〈KJ , [[−]]−KJ 〉, where

KJ : [W , [Dop,V ]], be any Kripke Σ-λΠ-model and let W be any world in this model. IfΓ `Σ M : A is provable in the system N and if [[Γ]]WKJ , [[MΓ]]WKJ and [[AΓ]]WKJ are defined,

then W |=KJΣ (M :A)[Γ] (and so [[MΓ]]WKJ is a section of [[AΓ]]WKJ over [[Γ]]WKJ ). Moreover, if

U =βη V , then [[U ]]WKJ ' [[V ]]WKJ .

Proof The proof is by induction on the structure of proofs in the system N and must,formally, be performed simultaneously with the proofs of Lemmas 3.6, 3.7 and 3.8. To seewhy this must be so, consider that in order for the interpretation of a type to be well-defined, then the interpretation of the context in which its variables are declared must bewell-defined. Similarly, if the interpretation of an object as arrow is to be well-defined, thenthe interpretation of its type as an object in the category over the interpretation of thecontext in which its variables are declared must be well-defined. Provided we are mindfulof these inductive dependencies, we can proceed without undue concern. Bearing theseremarks, together with the statements of Lemmas 3.6, 3.7 and 3.8, in mind, we proceed togive the main cases in the argument. We give the main steps in each of the cases, leavingthe reader to perform some calculations should he so desire.

Suppose Γ `Σ c :Πx1 :A1 . . .Πxm :Am . A︸ ︷︷ ︸C

is an axiom sequent of N (15). By Definition 3.5,

KJ has enough points to interpret all of the constants, including c :C, in Σ and [[cΓ]]WKJ =

39

Page 40: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

curmW (opc), where 1J (W )([[Γ]]WKJ)•D

opc−→ [[AΓ]]WKJ and where D = [[(A1)Γ]]WKJ • [[(A2)Γ,A1]]WKJ• . . . •

[[(Am)Γ,Am−1]]WKJ

.

In order to obtain W |=KJΣ (c :C)[Γ], for W such that [[CΓ]]WKJ is defined, it remains to

prove that

1KJ (W )([[Γ]]WKJ)

[[c]]WKJ−→ [[C]]WKJ .

By the induction hypothesis, pace Lemma 3.6, we have that [[Γ]]WKJ is well-defined. According

to Definition 3.5, [[c]]WKJ = curmW (opc). The satisfaction condition follows immediately from(20).

Suppose (Γ ≡) ∆, x :A,∆′ `Σ x :A is an axiom sequent (16). In order to obtain W |=KJΣ

(x :A)[Γ], for W such that [[AΓ]]WKJ is defined, it remains to prove that

1KJ (W )([[Γ]]WKJ)

[[x]]WKJ−→ [[A]]WKJ .

By the induction hypothesis, pace Lemmas 3.6, 3.7 and 3.8, we have that [[Γ]]WKJ , [[AΓ]]WKJ and

[[x]]WKJ are well-defined.

According to Definition 3.5, [[x]]WKJ = p∗[[∆,x:A]]WKJ

,[[∆′]]WKJ(q[[∆]]WKJ

,[[A∆]]WKJ). The satisfaction

condition is obtained by noting that, according to Definition 3.1, q[[∆]]WKJ,[[A∆]]WKJ

has the

appropriate domain and co-domain and that the pullback functors f ∗ preserve the terminalobjects in the fibres on the nose.

Suppose the last rule of N applied is ΠI (17),

Γ, x :A `Σ M :B

Γ `Σ λx :A .M :Πx :A .B.

By the induction hypothesis, pace Lemmas 3.6, 3.7 and 3.8, we have, for W such that[[BΓ,x:A]]WKJ is defined, that

W |=KJΣ (M :B)[Γ, x :A],

i.e., that 1KJ (W )([[Γ,x:A]]WKJ)

[[MΓ,x:A]]WKJ−→ [[BΓ,x:A]]WKJ . According to Definition 3.5,

[[(λx :A .M)Γ]]WKJ is defined and equal to curW ([[M(Γ,x:A)]]W

KJ), from which it follows via

(20) that 1KJ (W )([[Γ]]WKJ)

[[(λx:A .M)Γ]]WKJ−→ [[(Πx :A .B)Γ]]WKJ .

Suppose the last rule of N applied is ΠE (18),

Γ `Σ M :Πx :A .B Γ `Σ N :A

Γ `Σ MN :B[N/x].

By the induction hypothesis, pace Lemmas 3.6, 3.7 and 3.8, we have that

W |=KJΣ (M :Πx :A .B)[Γ],

40

Page 41: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

i.e., that 1KJ (W )([[Γ]]WKJ)

[[MΓ]]WKJ−→ [[Πx :A .BΓ]]WKJ , and that

W |=KJΣ (N :A)[Γ],

i.e., that 1KJ (W )([[Γ]]WKJ)

[[NΓ]]WKJ−→ [[AΓ]]WKJ . We must show that

W |=KJΣ (MN :B[N/x])[Γ],

i.e., that 1KJ (W )([[Γ]]WKJ)

[[(MN)Γ]]WKJ−→ [[(B[N/x])Γ]]WKJ . According to Definition 3.5, the arrow

[[(MN)Γ]]WKJ is defined and equal to

([[〈x1, . . . , xm, N〉]]WKJ )∗(p∗[[Γ]]WKJ

,[[AΓ]]WKJ[[MΓ]]WKJ ; appW ([[AΓ]]WKJ , [[BΓ,x:A]]WKJ )),

where Γ ≡ x1 :A1, . . . , xm :Am. A brief inspection of this expression reveals that it has thecorrect type: from (21), and by the induction hypothesis, appW ([[AΓ]]WKJ , [[BΓ,x:A]]WKJ ) is an

arrow [[(Πx :A .B)Γ,x:A]]WKJ −→ [[BΓ,x:A]]WKJ over [[Γ, x :A]]WKJ ; similarly, p∗[[Γ]]WKJ

,[[AΓ]]WKJ[[MΓ]]WKJ is

an arrow 1J (W )([[Γ,x:A]]WKJ) −→ [[(Πx :A .B)Γ,x:A]]WKJ over [[Γ, x :A]]WKJ , so that

p∗[[Γ]]WKJ

,[[AΓ]]WKJ[[MΓ]]WKJ ; appW ([[AΓ]]WKJ , [[BΓ,x:A]]WKJ )

is an arrow 1J (W )([[Γ,x:A]]WKJ) −→ [[BΓ,x:A]]WKJ over [[Γ, x :A]]WKJ ; finally, [[(MN)Γ]]WKJ is the image

of this arrow over [[Γ]]WKJ , under the pullback functor ([[〈x1, . . . , xm, N〉]]WKJ )∗, which performsthe required substitution.

Suppose the last rule of N applied is that for βη-equality (19),

Γ `Σ M :A Γ `Σ A′ :Type A =βη A

Γ `Σ M :A′.

This case follows, in a standard way [Pit00, Rit92, Str89, Jac91], from the interpretation ofthe dependent function space via the right adjoint to substitution. The only novelty here isthat the focus of our attention must be the rightmost premiss, A =βη A

′. It is convenient toobserve that, since we are restricting our semantics to the Γ `Σ M :A :Type-fragment of theλΠ, β-equalities are generated by the rule

βΓ, x :A `Σ M :B Γ `Σ N :A

Γ `Σ (λx :A .M)N =β M [N/x] :B[N/x],

for some appropriate Γ. Similarly, η-equalities are generated by the rule

ηΓ `Σ M :Πx :A .B y 6∈ FV(Γ, x :A)

Γ `Σ λy :A .My =η M,

41

Page 42: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

for some appropriate Γ: that is, in our fragment, the type A is a βη-redex just in case thereis an object M on which A depends that is a βη-redex. The argument then exploits thenatural isomorphism (20) and Lemma 3.19 to get β-equality and Lemmas 3.18 and 3.19 toget η-equality. So if M =βη N , then [[M ]]WKJ ' [[N ]]WKJ .

A similar argument is presented in full detail in [Str89]; we leave the detailed calculationin our setting to the reader.10 2

Corollary 4.2 (definitional equality) Let Σ be a λΠ=-signature and let 〈KJ , [[−]]−KJ 〉 bean equational Kripke Σ-λΠ=-model.

1. If Γ `Σ A : Type, Γ `Σ B : Type and Γ `Σ A = B : Type are provable in N=, then[[AΓ]]WKJ ' [[BΓ]]WKJ ;

2. If Γ `Σ M :A, Γ `Σ N :A and Γ `Σ M = N :A are provable in N=, then [[MΓ]]WKJ '[[NΓ]]WKJ .

Proof By induction on the structure of proofs in N=, making essential use of the require-ment in the definition of an equational Kripke Σ-λΠ=-model that if M = N :A ∈ Σ, then[[M〈〉]]

W

KJ= [[N〈〉]]

W

KJ.

We begin with (23) and from the premise we know that [[M ]]WKJ and [[N ]]WKJ . Since theyhave the same type they are equal and so we have the result.

The equivalence relation rules all follow from interpreting the term and type proved andusing the normal properties of equality. We show the transitive rule, (32).

Γ `Σ M = N :A Γ `Σ N = P :A

Γ `Σ M = P :A

By the induction hypothesis, we have that [[M ]]WKJ , [[N ]]WKJ , [[P ]]WKJ are all defined and that

[[M ]]WKJ = [[N ]]WKJ and [[N ]]WKJ = [[P ]]WKJ are equal. Since we are dealing with equality within

the model we have [[M ]]WKJ = [[P ]]WKJ as required.We now show the structural equality rules. (33) follows from the fact that when we have

a context Γ and the interpretations [[M ]]WKJ and [[N ]]WKJ exist and are equal, we can interpretthem over the context Γ and they remain equal, thus giving the result.

Applying the induction hypothesis to the premises of (35) means that [[M ]]WKJ and [[N ]]WKJexist and are equal. We also have that [[A]]WKJ and [[B]]WKJ exist and are equal. We now usethe fact that we have equality in our model, so we have that the co-domains of the arrows[[M ]]WKJ and [[N ]]WKJ are equal and so we can change the co-domain to [[B]]WKJ and thus get ourresult.

Rules (36) and (37) are obtained by using the fact that the equality in between thecontexts Γ and Γ′ follows into the model with the free variable conditions insuring that weare able to have this equality.

10In a semantics of λΠ-calculus with just β-equality, the dependent function space would be modeled bya semi-adjunction [Hay85, Jac91].

42

Page 43: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

We assume the last rule used was (39).

Γ `Σ A = B :Type Γ, x :A `Σ C = D :Type

Γ `Σ Πx :A .C = Πx :B .D :Type

By induction hypothesis we have that [[AΓ]]WKJ and [[BΓ]]WKJ exist and are equal. We also

have [[CΓ,x:A]]WKJ and [[DΓ,x:A]]WKJ are equal. Using Theorem 4.1 to obtain the interpretation

[[Πx :A .CΓ]]WKJ and [[Πx :B .DΓ]]WKJ . They are equal since the equality follows from the equal-ity in the premises.

The last rule used was (43).

Γ `Σ A = B :Type Γ, x :A `Σ M = N :C

Γ `Σ λx :A .M = λx :B .N :Πx :A .C

We apply the induction hypothesis to the premises to obtain [[AΓ]]WKJ = [[BΓ]]WKJ and

[[MΓ,x:A]]WKJ = [[NΓ,x:B]]WKJ . We have the interpretations of the terms [[λx :A .M ]]WKJ and

[[λx :B .N ]]WKJ by Theorem 4.1, they are equal since the equality follows from the premises.We take the last rule to be used to be (44)

Γ `Σ M = N :Πx :A .B Γ `Σ P = Q :A

Γ `Σ MP = NQ :B[P/x]

By the induction hypothesis we have [[M ]]WKJ = [[N ]]WKJ and [[P ]]WKJ = [[Q]]WKJ . The interpreta-

tion of [[MP ]]WKJ and [[NQ]]WKJ follow from Theorem 4.1. They are equal since the equalitiesfollow from the equalities present in the premises.

Finally, we have (45),Γ `Σ M :A Γ `Σ A = B :Type

Γ `Σ M :B

to which we apply the induction hypothesis and obtain [[M ]]WKJ and [[A]]WKJ = [[B]]WKJ . Since

[[M ]]WKJ is an arrow from the interpretation of the empty context to [[A]]WKJ , then since [[A]]WKJ =

[[B]]WKJ , it can also be an arrow from the empty context to [[B]]WKJ . Thus giving the result.2

Turning to completeness, we begin with the appropriate definition of validity for |= .

Definition 4.3 ( |= -validity for λΠ) Γ |=Σ M :A, i.e., M :A is valid with respect to Γ,if and only if, for all models 〈KJ , [[−]]−KJ 〉 and all worlds W such that [[Γ]]WKJ , [[MΓ]]WKJ and

[[AΓ]]WKJ are defined, W |=KJΣ (M :A)[Γ]. 2

Validity can be extended to equational Kripke Σ-λΠ=-models as follows:

43

Page 44: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Definition 4.4 ( |= -validity for λΠ=) (i) Γ |=Σ A = B :Type, i.e., A = B :Type is validwith respect to Γ, if and only if, for all equational Kripke Σ-λΠ=-models 〈KJ , [[−]]−KJ 〉 and

all worlds W such that [[Γ]]WKJ , [[AΓ]]WKJ and [[BΓ]]WKJ are defined, W |=KJΣ (A = B :Type)[Γ].

(ii) Γ |=Σ M = N : A, i.e., M = N : A is valid with respect to Γ, if and only if, for allequational Kripke Σ-λΠ=-models 〈KJ , [[−]]−KJ 〉 and all worlds W such that [[Γ]]WKJ , [[MΓ]]WKJ ,

[[NΓ]]WKJ and [[AΓ]]WKJ are defined, W |=KJΣ (M = N :A)[Γ]. 2

Lemma 4.5 (model existence) There is a Kripke Σ-λΠ-model 〈KJ , [[−]]−KJ 〉 with a world

W0 such that if Γ 6`Σ M :A, then W0 6|=KJΣ (M :A)[Γ].

Proof We exhibit a suitable model by construction.The Kripke Σ-λΠ-structure constructed in Section 3.3 is the structure we need. We just

need to show that we have an interpretation to go with it. In this case the interpretation[[−]]−KT (Σ)

is the obvious one, we interpret [[Γ]]∆KT (Σ)as the α-equivalence class of Γ 1 ∆. Types

A are interpreted as an object in T (Σ)(∆)(Γ), i.e. the type A such that Γ 1 ∆ `Σ A :Type.Finally the judgment Γ `Σ M :A is interpreted as the arrow M from the initial object 〈, 〉,the empty type, to the type A in T (Σ)(∆)(Γ).

It follows from proposition 2.4 that ∆ |=ΣKT (Σ)

(M :A)[Γ] if and only if Γ 1 ∆ `Σ M :A.

The required world W0 is then given by ∆ = 〈〉. Similarly, if ∆ |=⇒ΣKT (Σ)

(Γ 1 ∆〈1Γ1∆,N〉−→ Γ 1

∆, z :B)[Γ] then Γ 1 ∆ `Σ N :B. 2

To obtain a suitable equational Kripke Σ-λΠ=-model we quotient by equality and get thefollowing corollary.

Corollary 4.6 (equational model existence) There is an equational Kripke Σ-λΠ=

-model 〈K=T (Σ), [[−]]−K=

T (Σ)〉 with a world W0 such that (i) if Γ 6`Σ A = B :Type, then

W0 6|=K=T (Σ)

Σ (A = B :Type)[Γ], and (ii) if Γ 6`Σ M = N :A, then W0 6|=K=T (Σ)

Σ (M = N :A)[Γ].

Proof Parts (i) and (ii) are proved simultaneously. We take the model KT (Σ) of the lemmaand form a model K=

T (Σ) as KT (Σ)/=, the quotient by the definitional equality =, as follows:

• We define the subcategory P(Σ)= of B(Σ)= in the same way as before except we useB(Σ)= instead of B(Σ). Since P(Σ)= is a subcategory, we do not need to quotient itby provable equality since this property will be inherited from B(Σ)=.

• We take the base category to be the co-product of B(Σ)=∆s, where each ∆ is an objectof P(Σ)=.

• We define T (Σ)=(∆)(Γ) to be the same as T (Σ)(∆)(Γ) except that we use E(Σ)=

instead of E(Σ) and we need to quotient it by provable equality. This is done by startingon the signature and using induction to proceed through types and realizations.

44

Page 45: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

• Using a result similar to Proposition 2.4 for the quotient categories, we see that∆ |=Σ

KT (Σ)=(A = B : Type)[Γ] holds if and only if Γ 1 ∆ `Σ A = B : Type and

∆ |=ΣKT (Σ)=

(M = N : A)[Γ] holds if and only if Γ 1 ∆ `Σ M = N : A. Thus the

required world W0 is given by ∆ ≡ 〈〉.

• KT (Σ)=(∆)(Γ) is just KT (Σ)(∆)(Γ) quotiented by provable equality.

We elide the remaining details. 2

The previous lemma provides a simple, non-trivial example of a base of the form Dop =∐W D

opW . The components are the categories B(Σ)∆, defined by (22).

Note that model existence in our Kripke model theory coincides with the existence of theclassifying category (at world W0).

It is informative to compare this proof with that of the completeness theorem for theintuitionistic predicate calculus with respect to Kripke models, as presented in, for example,[Dal94]. In that argument, the Model Existence Lemma makes use of the notion of a primeextension of a theory, whereas our Lemma 4.5 apparently does not. A prime theory is onethat is (i) closed under syntactic entailment, i.e., saturated, and that (ii) satisfies certaindisjunction and existence properties. A prime extension is then an extension that is prime.In the absence of the positive connectives, we are able to do without such a construction,at the cost of constructing long βη-normal forms when dealing with occurrences of functiontypes of the form

Γ, x :Πy :A .B `X .

Theorem 4.7 (completeness) Γ `Σ M :A if and only if Γ |=Σ M :A.

Proof

(only if) By soundness, Theorem 4.1;

(if) Suppose that Γ 6`Σ M :A. Then Lemma 4.5 yields a contradiction. 2

Corollary 4.8 (equational completeness) We have to have completeness when we haveboth equality of terms and equality of types. Γ `Σ M = N :A if and only if Γ |=Σ M = N :Aand Γ `Σ A = B :Type if and only if Γ |=Σ A = N :Type.

Proof

(only if) By soundness, Corollary 4.2;

(if) Suppose that Γ 6 `Σ M = N : A and that Γ 6 `Σ A = B : Type. Then Corollary 4.6provides a contradiction. 2

45

Page 46: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

4.3 Soundness and completeness of λΠ and λΠ= for |=⇒We must also analyse the relationship between |=⇒ and syntactic consequence.

During the proof of the Lemma 4.5, we find that the |=⇒ is the appropriate notion ofsatisfaction in the Kripke λΠ-structure. We have developed the extra structure on top ofthe Kripke λΠ-prestructure to be able to deal with realizations. The Kripke λΠ-prestructurewas enough to deal with sequents of the form Γ `Σ M :A, however we also wish to studyjudgements of the form `Σ Γ −→ ∆. The reason for this is that we wish to study judgementsof the form ΓX ,Γ∆ `Σ MΨ :Aφ where MΨ corresponds to a proof-object and Aφ correspondsto a formulae.

To this end, we introduce a calculus for constructing realizations of the form ∆σ−→ Θ

over some fixed Γ, i.e., realizations of the form Γ,∆〈1Γ,σ〉−→ Γ,Θ.

Definition 4.9 (the system C) Let Γ ≡ x1 :A1, . . . , xm :Am and let Θ ≡ y1 :D1, . . . , yn :Dn be valid λΠ-contexts.

Axiom

`Σ Γ〈@1,...,@n〉−→ Θ

(46)

where each @i ∈ Σ ∪ Γ and N proves Γ `Σ @i :Di[@j/yj]i−1j=1 for 1 ≤ i ≤ n;

`Σ Γ〈M1,...,Mi,...,Mn〉−→ Θ ( `Σ Γ

〈1Γ,M′k〉−→ Γ, Dk[Mj/yj]

k−1j=1)1≤k≤n

Application

`Σ Γ〈M1,...,M ′

i ,...,Mn〉−→ Θ

(47)

where @:Πx :B .C ∈ Σ ∪ Γ, N proves Γ `Σ P :B and @P =βη M′i ;

`Σ Γ, x :A〈1Γ,x,M〉−→ Γ, x :A, y :B

Introduction

`Σ Γ〈1Γ,λx:A .M〉−→ Γ, y :Πx :A .B

(48)

`Σ Γσ−→ Θ

Equality Γ =βη Γ′, σ =βη σ′, Θ =βη Θ′

`Σ Γ′σ′−→ Θ′

(49)

where each equality is defined component-wise; By adding all of the definitional equalitiesinduced by the rules of Table 2, we obtain the system C=. 2

Lemma 4.10 (soundness of C for N) Let Γ ≡ x1 : A1, . . . , xm : Am be clausal. If C

proves `Σ Γ〈M1,...,Mn〉−→ ∆, where ∆ ≡ y1 :B1, . . . , yn :Bn, then N proves

Γ `Σ Mi :Bi[Mj/yj]i−1j=1, for each 1 ≤ i ≤ n.

Proof The proof is by induction on the structure of C-proofs. We begin with the Axiomrule. By definition we have that Γ `Σ @i :Di[@j/yj]

i−1j=1, which is what we are required to

prove.

46

Page 47: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Next we look at the case where the Application rule is the last rule to have been applied.Firstly, we fix i and we can derive Γ `Σ @i :Πx :B .C since it either belongs to the signatureor the context. We then apply (18)

Γ `Σ @:Πx :B .C Γ `Σ P :B

Γ `Σ @P :C[P/x]

This happens within Γ〈M1,...,Mn〉−→ Θ. Since @P =βη M

′i and Γ `Σ M

′i :Di[Mj/yj]

i−1j=1, we can

apply (19) to get the correct term in the correct place.We let Introduction by the last rule used. By the induction hypothesis, we have that

Γ, x :A `Σ M :B. We apply (16) to obtain Γ `Σ λx :A .M :Πx :A .B.Finally, we consider the case where Equality is the last rule used. We have βη-equality

on all levels, so we obtain Γ′ `Σ M′i :B

′i[M

′j/y

′j]i−1j′=1. 2

Corollary 4.11 (soundness of C= for N=) Let Γ ≡ x1 : A1, . . . , xm : Am and ∆ ≡ y1 :

B1, . . . , yn : Bn be clausal. If C= proves `Σ Γσ=σ′−→ ∆ then N= proves Γ `Σ Mi = M ′

i :Di[Mj/yj]

i−1j=1.

Proof By induction on the structure of C=-proofs. We have already proved the resultfor the structure of C which coincides with C=. We now prove for just the extra rules.

We assume the last rule used was the Axiom for equality

`Σ Γσ=σ′−→ Θ

where σ = 〈@1, . . . ,@n〉 and σ′ = 〈@′1, . . . ,@

′n〉 and N= proves Γ `Σ @i = @′

i :Di[@j/yj]i−1j=1

for 1 ≤ i ≤ n. The result follows from the fact the definition gives us that N= provesΓ `Σ @i = @′

i :Di[@j/yj]i−1j=1 for 1 ≤ i ≤ n.

All the equivalence relation rules are proved by assuming the induction hypothesis forthe premise and then applying the equivalent rule for N= to obtain the required conclusion.We show the transitive rule.

The transitive rule for C= is the following

`Σ Γσ1=σ2−→ Θ `Σ Γ

σ2=σ3−→ Θ.

`Σ Γσ1=σ3−→ Θ

We apply the induction hypothesis to the two premises to obtain Γ `Σ Mi = Ni :Di[Mj/yj]i−1j=1

and Γ `Σ Ni = Pi :Di[Ni/yj]i−1j=1. The types are the same since we can replace Mj by Nj in

the first judgement. We can now apply (37) to obtain Γ `Σ Mi = Pi :Di[Mj/yj]i−1j=1.

The final rule is the equality version of application. The rule is

`Σ Γσ1=σ2−→ Θ ( `Σ Γ

〈1Γ,M′k〉=〈1Γ,N

′k〉−→ Γ, Dk[Mj/yj]

k−1j=1)1≤k≤n

`Σ Γ〈M1,...,M ′

i ,...Mn〉=〈N1,...,N ′i ,...,Nn〉−→ Θ

47

Page 48: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

with side conditions @ = @′ :Πx :B .C ∈ Σ∪Γ, N= proves Γ `Σ P = Q :B, @P =βη M′i and

@′Q =βη N′i . We fix i and derive Γ `Σ @ = @′ :Πx :B .C since it is either in the signature or

the context. We now apply (44) to obtain Γ `Σ @P = @′Q :C[P/x]. This happens within

Γ〈M1,...,Mn〉=〈N1,...,Nn〉−→ Θ. Since @P =βη M

′i and @′Q =βη N

′i we can apply the equality version

of (19) to get the correct term in the correct place. 2

It is important to understand that Lemma 4.10 and Corollary 4.11 do not imply thatN is an adequate axiomatization of |=⇒ . The reason is the following: it is possible for

arrows of the form [[∆σ−→ Θ]]

W

KJ , i.e., for which W |=⇒KJΣ (∆

σ−→ Θ)[Γ], to exist in the fibre

over [[Γ]]WKJ in the absence of the existence of putatively corresponding arrows of the form

1[[Γ]]WKJ

[[M ]]WKJ−→ [[A]]WKJ , i.e., for which W |=KJΣ (M : A)[Γ]. The satisfaction relation |=⇒ is

defined, on the raw syntax, independently of |= and gives the semantic counterpart to the

judgement `Σ −−−→ − of C, just as |= gives the semantic counterpart to the judgement

− `Σ − :− of N.

Lemma 4.12 (completeness of C for N) Let the context Γ ≡ x1 : A1, . . . , xm : Am beclausal. If N proves Γ `Σ Mi :Bi[Mj/yj]

i−1j=1, for each 1 ≤ i ≤ n, then C proves

`Σ Γ〈x1,...,xm,Mi〉−→ Γ, yi :Bi[Mj/yj]

i−1j=1, for each 1 ≤ i ≤ n.

Proof By induction on the structure of N-proofs.We begin by assuming the last rule used was (15). The sequent is Γ `Σ c :Πx1 :A1 . . .Πxm :

Am . A. We apply (46) to obtain `Σ Γ〈x,c:Πx1:A1...Πxn:Am〉−→ Γ, y :A.

We have Γ `Σ x : A as our sequent and the last rule used was (16). Applying (46) we

obtain `Σ Γ〈x,x〉−→ Γ, A.

The last rule applied was (17), so we have

Γ, x :A `Σ M :B

Γ `Σ λx :A .A .M :Πx :A .B

and we have `Σ Γ, x :A〈x,M〉−→ Γ, x :A, y :B by the induction hypothesis. We apply (48) to

obtain `Σ Γ〈x,λx:A .M〉−→ Γ, y :Πx :A .B.

We assume the last rule was (18),

Γ `Σ M :Πx :A .B Γ `Σ N :A.

Γ `Σ MN :B[N/x]

By the induction hypothesis we have `Σ Γ〈x,M〉−→ Γ, y : Πx :A .B. We apply (47) to obtain

`Σ Γ〈x,MN〉−→ Γ, y :B[N/x].

Finally, we have that the last rule applied was (19),

Γ `Σ M :A Γ `Σ A′ :Type A =βη A

.Γ `Σ M :A′

48

Page 49: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

By the induction hypothesis we have `Σ Γ〈x,M〉−→ Γ, y :A. We apply (49) to obtain `Σ Γ

〈x,M〉−→Γ, y :A′. 2

Corollary 4.13 (completeness of C= for N=) Let the context Γ ≡ x1 :A1, . . . , xm :Ambe clausal. If N= proves Γ `Σ Mi = Ni : Bi[Mj/yj]

i−1j=1 for each 1 ≤ i ≤ n, then C=

proves `Σ Γσ=σ′−→ Γ, yi : Bi[Mj/yj]

i−1j=1 for 1 ≤ i ≤ n and σ = 〈x,M1, . . . ,Mn〉 and σ′ =

〈x,N1 . . . , Nn〉.

Proof By induction on the structure of N=-proofs. We only need to deal with thestructure of N= which is additional to N.

The equivalence relation rules all follow from applying the induction hypothesis to thepremise, applying the corresponding rule for C= and obtaining the result. We show thetransitive rule as an example.

Γ `Σ M = N :A Γ `Σ N = P :A

Γ `Σ M = P :A

We apply the induction hypothesis to the premises and so have `Σ Γσ1=σ2−→ Γ, yi :Bi[Mj/yj]

i−1j=1

and `Σ Γσ2=σ3−→ Γ, xi :Ci[Nj/xj]

i−1j=1 in C=. We apply the C= rule for transitivity and obtain

`Σ Γσ1=σ2−→ Γ, yi :Bi[Mj/yj]

i−1j=1. We could apply the C= rule because we have that Mi = Ni

for all 1 ≤ i ≤ n.We conclude by assuming the last rule used is the equality version of application

Γ `Σ M = N :Πx :A .B Γ, x :A `Σ M = N :C

Γ `Σ λx :A .M = λx :B .N :Πx :A .C

We apply the induction hypothesis to the two premises, to obtain `Σ Γ〈M〉=〈N〉−→ Γ, y : Πx :

A .B and `Σ Γ〈M〉=〈N〉−→ Γ, z :C. We apply the C= rule for equality application and obtain

`Σ Γ〈λx:A .M〉=〈λx:B .N〉−→ Γ, w :Πx :A .C. 2

Definition 4.14 ( |=⇒ -validity)

Γ |=⇒Σ ∆σ−→ Θ

if and only if, for all models 〈KJ , [[−]]−KJ 〉 and all worlds W such that [[Γ]]WKJ , [[σΓ]]WKJ aredefined,

W |=⇒KJΣ (∆

σ−→ Θ)[Γ].

2

Lemma 4.15 (model existence) There is a Kripke Σ-λΠ-model 〈KJ , [[−]]−KJ 〉 with a world

W0 such that if 6`Σ ∆σ−→ Θ, then W0 6|=⇒KJ

Σ (∆σ−→ Θ)[Γ].

49

Page 50: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Proof The Kripke Σ-λΠ-structure constructed in Section 3.3 is the structure we need.The interpretation from Lemma 4.5 is the correct interpretation. During the proof it was

noted that if ∆ |=⇒ΣKT (Σ)

(Γ 1 ∆〈1Γ1∆,N〉−→ Γ 1 ∆, z :B)[Γ] then Γ 1 ∆ `Σ N :B. The required

world W0 is given by ∆ ≡ 〈〉. We also need to use Lemma 4.12 to get the correct result. 2

Corollary 4.16 (equational model existence) There is a Kripke Σ-λΠ=-model

〈KJ =, [[−]]−KJ=〉 with a world W0 such that if 6 `Σ ∆ = ∆′ σ=σ′−→ Θ = Θ′ then W0 6|=⇒Σ

KJ=(∆ =

∆′ σ=σ′−→ Θ = Θ′)[Γ].

Proof The equational Kripke Σ-λΠ-model sketched in Corollary 4.6, is the requiredmodel. We need to use the full Kripke structure since we are dealing with realizations ratherthan the prestructure. To get the required result, we use Corollary 4.13 together with theequality result obtained for the equational Kripke Σ-λΠ-model in Corollary 4.6 gives therequired result. 2

Theorem 4.17 (completeness) `Σ Γσ−→ Θ if and only if |=⇒Σ Γ

σ−→ Θ.

Proof

(only if) By soundness of C for N, Lemma 4.10 and Theorem 4.1.

(if) Suppose that 6`Σ Γσ−→ Θ. Then Lemma 4.15 yields a contradiction. 2

Corollary 4.18 (completeness for C=) `Σ Γ = Γ′σ=σ′−→ Θ = Θ′ if and only if |=⇒Σ Γ =

Γ′σ=σ′−→ Θ = Θ′.

Proof

(only if) By soundness of C= for N=, Corollary 4.11 and Corollary 4.2.

(if) Suppose that 6`Σ Γ = Γ′σ=σ′−→ Θ = Θ′. Then Corollary 4.16 yields a contradiction. 2

5 Applicative structures and logical relations

5.1 Introduction

The transition from prestructures to structures provides a clue to what consitutes an appro-priate definition of logical relations [Plo80, Sta85, MM91] for first-order dependent functiontypes.11 In structures, we construct the fibre over terms and types but rather out of contextsand realizations. The fibre over terms and types gives the meaning of a context not out ofthe meaning of terms and types but rather out of the meaning of contexts and realizations.We have, in fact, constructed the fibre over a context out of the category of contexts andsubstitutions, i.e., the base category, itself.

This reflection of the fibred structure in the base leads us back to the contextual categoriesfirst presented by Cartmell [Car90, Car86] and reformulated by Pitts [Pit00].

11Indeed, for the type systems of the cube [Bar93].

50

Page 51: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

5.2 Applicative Structures

In [Car86], the category Fam of sets families of sets is introduced (Fam is also discussed in[Str89, Dyb95, Hof96]).12

The definition of Fam was introduced in Definition 2.6. We generalise it to the categoryof families. Given a category V , Fam(V), can be defined as follows:

Objects: families {Vi}i∈I of objects of V , which can be described by a pair (I, V ), in which V isindexed over I;

Arrows: an arrow (f, {fi}i∈I) : (I, V ) −→ (J, V ′) is given by a function f :I −→ J such that foreach i ∈ I, fi :Vi −→ V ′

f(i) in V .

Dybjer [Dyb95] and Hofmann [Hof96] have defined set-theoretic models of dependenttypes using the category of families of sets, Fam. The idea is simple, yet it provides adifferent class of models from those described in § 3.3, which we can distinguish here byconsidering the form of the interpretation of the syntax. Starting with a category C ofcontexts, one constructs a functor F :Cop −→ Fam as follows:

• Take a category C, with a terminal object, of semantics contexts and semantic contextmorphisms;

• Take the object-part

F(Γ) = (Ty(Γ), Tm(Γ)) = (Ty(Γ), Tm(Γ, A)A∈Ty(Γ))

where Ty(Γ) is a set of semantic types and, for each Γ ∈ C and each A ∈ Ty(Γ),Tm(Γ, A) is a set of semantic terms;

• The arrow-part of F is given by semantic substitution via inverse images.

More generally, we can extend our notion of Kripke Σ-λΠ-model, Definition 3.5 to have fami-lies. The main distinction between models with and without families lies in the interpretationof the syntax of λΠ.

To define models with families, we begin with a prestructure

J : [W , [Dop,V ]],

as in Definition 3.1. For structures with families we must have not only the construction −but also Fam(−):

FJ : [W , [Dop,Fam(V)]].

Recall that for each V , there is a choice of V such that V ∼= V .

12Hofmann’s use of the term LF should not be confused with ours (see § 1 and [Pym01a]). His use refersto Martin-Lof’s ‘logical framework’ [SNP90] whereas our use refers to the LF logical framework [HHP87,HHP93, AHMP92, HST94, Pym90, Pym01b], in which the mechanism by which logics are represented playsan important role, summarized by “Framework = Language + Representation” [Pym01b, Pym01a, IP02].

51

Page 52: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

An interpretation with families, [[−]]−FJ , is, following the usual pattern, a partial functionfrom the (raw) syntax of λΠ to the components of the structure

FJ : [W , [Dop,Fam(V)]]

which, at each world W , is defined according to the prescription below.

1. Contexts Γ are mapped to objects [[Γ]]WFJ of D. Realizations σ = 〈M1, . . . ,Mn〉 are

mapped to arrows [[σ]]WFJ of D.

For example, we take T (Σ) constructed in § 3.3 and build FT (Σ). We take [[Γ]]∆FT (Σ)to

be Γ ∈ B(Σ)∆ and [[Γ′σ−→ Γ]]

FT (Σ)to be Γ′

σ−→ Γ ∈ B(Σ)∆ .

2. It follows that, for each world W , F(W )([[Γ]]WFJ ) is an object of Fam(V). Fam(V) is

a family of categories (I, V ), where each V i has as objects arrows ∆f−→ Θ over Γ in

D and has arrows given by arrows ∆ −→ ∆′ over Γ in D.

Types A, in context Γ, are mapped to elements of the indexing sets I in the pairs(I, V ).13 Corresponding to each i(= [[AΓ]]WFJ ) ∈ I is a category V i, chosen as in

Definition 3.2 as a choice of D-arrows over [[Γ]]WFJ .

For example, we take each category V i to have as objects sections Γ 1 ∆〈1Γ1∆,N〉−→ Γ 1

∆, z : B with the arrows being the identity Γ 1 ∆1Γ1∆−→ Γ 1 ∆. The indexing set

consists of types A, where Γ 1 ∆ `Σ A : Type. The types here can be made up ofmultiple types, since we can consider types of the form A1 • . . . •Am in general, whichin our example corresponds to looking at the set indexed by j = A1, . . . , Am. Thus wecan have Γ 1 ∆ −→ Γ 1 ∆, x1 :A1, . . . , xm :Am as the category picked out by j.

3. Objects M in context Γ are mapped to objects of the category V [[AΓ]]WF, for some A,

and so is a D-arrow [[Γ]]WFJf−→ [[Γ, x :A]]WFJ such that f ; p[[Γ,x:A]]WFJ

= 1[[Γ]]WFJ. For this

purpose, it is sufficient that each V i, for i ∈ I, be discrete.

For example, given a type A, Vi=[[A]]∆FT (Σ)

corresponds to the category whose objects

are sections Γ 1 ∆〈1Γ1∆,M〉−→ Γ 1 ∆, z : A. Thus [[M ]]∆FT (Σ)

corresponds to an arrow

[[〈, 〉]]∆FT (Σ)

[[M ]]∆FT (Σ)−→ z :A ∈ B(Σ).

It is also possible to create a prestructure with families. In particular, we begin with aprestructure

J : [W , [Dop,V ]]

13It seems that generalizing to interpret types as categories would require generalizing the family construc-tion Fam(−) to permit indexing by objects, perhaps in a manner resembling a subobject classifier [MM92].In our present formulation, I is the set of objects of J (W )([[Γ]]WFJ

).

52

Page 53: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

and apply the construction Fam to obtain

FJ : [W , [Dop,Fam(V)]].

An example of a prestructure with families can be obtained by modifying the constructionof T (Σ) in § 3.3. Instead of using E(Σ), we use Fam(Σ) from Definition 2.7. We have overeach Γ in B(Σ)∆ a family (Ty(Γ 1 ∆), Tm(Γ 1 ∆, A)Tm(Γ1∆)), where Ty(Γ 1 ∆) is the setof well-formed types over Γ and each Tm(Γ 1 ∆, A) is the set of well-formed terms of typeA over Γ.

We sketch the formal definition of an equational Kripke Σ-λΠ=-model with families,eliding repetitive details, as follows:14

Definition 5.1 (equational Kripke Σ-λΠ=-models with families) Let Σ be aλΠ=-signature. A Kripke Σ-λΠ-model with families is an ordered pair, 〈F=

J , [[−]]−F=J〉, where

F : [W , [Dop,Fam(V)]] is an Kripke Σ-λΠ-structure with families and [[−]]−F=J

is an interpre-

tation with families, defined simultaneously by induction on the structure of the (raw) syntaxof the λΠ= according to the prescription above and following the cases of Definitions 3.5 and3.11. 2

It should be clear that we can obtain soundness and completeness of the system N=

for equational Kripke Σ-λΠ=-models with families. If we were to permit in (3), above, theinterpretation of realizations over Γ, as in Definition 3.14, then we should be able to obtainsoundness and completeness of C for Kripke Σ-λΠ-models with families.

The presence of families allows a type and its inhabitants to be interpreted in a singleobject, (I, V ). It is this feature which makes models with families the appropriate basis foran account of logical relations (q.v. § 5.5) for dependent types. To this end, we now defineset-theoretic equational Kripke λΠ=-applicative structures (KλΠ=ASs).

The idea is that we modify the equational Kripke λΠ=-model with families constructionto obtain the necessary applicative structure. In particular, we produce a similar structureto Cartmell’s contextual category Fam [Car86]. We follow a construction similar to that in[Hof96] to go from Set to Fam.

We restrict the category of worlds, W , to a poset of worlds for simplicity, thereby sim-plifying the structure of transitions. The functor ηW,W

A between worlds now becomes ≤.Rather than having a copy of Set over each world, we take a set DW to be over each W ∈ Wsince we wish to remain within Set. If we repeated the co-product construction we usedearlier, we would end up in a different category. We then take a family of sets indexed byelements of DW and make an assignment to each element of the family of sets.

Definition 5.2 (EKλΠ=AS) Let Σ be a λΠ=-signature. An equational Kripke Σ-λΠ=-applicative structure is an equational Kripke Σ-λΠ=-model with families F in which

• W is assigned to any poset, regarded as a category;

14It should be clear that we could restrict our attention to λΠ, however, for the remainder of this sectionwe shall be concerned primarily with equational theories; consequently, we go directly to λΠ=.

53

Page 54: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

• D is assigned to Set;

• Fam(V) is assigned to Fam.

The interpretation [[−]]−F is the one sketched above. 2

We present a Kripke λΠ-applicative structure by using an example from [Dyb95]. Welet F : [W , [Setop,Fam]] 15 and we fix a world W ∈ W and consider the structure overit. We now have a functor F(W ) : Setop −→ Fam. We call the objects of Set contextsand its morphisms substitutions. We define Type(Γ) to be the set of all Γ-indexed sets.F(W )(Γ) = (Γ `Σ A)

A∈Type(Γ), so F(W )(Γ) is a family of terms indexed by types in context

Γ over signature Σ. We define Γ `Σ A =∏

γ∈ΓA(γ). Let δ be a substitution, then the twocomponents of F(W )(Γ) interpret substitution in types and terms respectively. We writeA[δ] for the application of the first component to a type A and M [δ] for the application of thesecond component to a term M . We define A[δ](γ) = A(δ(γ)) and M [δ](γ) = M(δ(γ)). Wetake the empty context to be the terminal object of Set. Finally, we take Γ•A =

∑γ∈ΓA(γ).

We also have the pullback

∆ • A[δ]〈δ ◦ p, q〉

- Γ • A

p

?

δ- Γ

p

?

where the morphism p :Γ•A −→ Γ is the first projection of the object Γ•A of Set and termq ∈ Γ • A[p] is the second projection. This pullback diagram corresponds to the structurewe had in the Kripke λΠ-prestructure.

All that remains is to give an interpretation in this example. We give define of [[−]]WF asfollows:

• [[Γ]]WF =∐

1≤i≤n{Ai}, where Γ = x1 :A1, . . . , xn :An;

• [[AΓ]]WF ∈ Type(Γ);

• [[Γ `Σ A]]WF = Type(Γ);

• [[Γ `Σ M :A]]WF = (Γ `Σ A)A∈Type(Γ)

.

It should be clear that EKλΠ=ASs can be written in the form

FJ (W )([[Γ]]WFJ ) = (Ty([[Γ]]WFJ ), Tm([[Γ]]WFJ , [[AΓ]]WFJ )[[AΓ]]WFJ∈Ty([[Γ]]WFJ

)).

15The use of Set here refers to the category of all small sets, not the category of all sets. The reason forthis is that we want to have a small category there and the category of all sets in not small.

54

Page 55: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

5.3 Logical Relations

Recalling the work of [Plo80, Sta85, MM91], we realise that logical relations can be formu-lated over the applicative structures we have just defined and a suitable fundamental lemmacan be proved.

We now define logical relations for applicative structures recalling that the EKλΠ=ASscan written in the form

FJ (W )([[Γ]]WFJ ) = (Ty([[Γ]]WFJ ), Tm([[Γ]]WFJ , [[AΓ]]WFJ )[[AΓ]]WFJ∈Ty([[Γ]]WFJ

)).

Definition 5.3 (equational Kripke λΠ=-logical relations) Let Σ be a λΠ=-signatureand let F1 and F2 be EKλΠ=ASs over the same poset of worlds, W. An equational KripkeΣ-λΠ=-logical relation over F1 and F2 is a triple of families of relations, indexed respectivelyby worlds, worlds and contexts, and worlds, contexts and types,

R = (RCon,RTy,ROb)

where

(Con) RConW ⊆ (Set � [[−]]WF1

)× (Set � [[−]]WF2),

(Ty) RTyW,Γ ⊆ Ty[[Γ]]WF1

× Ty[[Γ]]WF2

, and

(Tm) RObW,Γ,A ⊆ Tm[[Γ]]WF1

([[AΓ]]WF1)× Tm[[Γ]]WF2

([[AΓ]]WF2),

subject to the following conditions:

(Kconst) For each c :Πx1 :A1 . . .Πxm :Am .Type ∈ Σ and for each M1, . . . ,Mm such that, for allW ≤ W ′ and each 1 ≤ i ≤ m,

RObW,Γ,Ai[Mj/xj ]

i−1j=1

([[Mi]]WF1, [[Mi]]

WF2

),

we have

RTyW ′,Γ(op1

c(N α([[M1]]WF1

), . . . ,N α([[Mm]]WF1)), op2

c(N α([[M1]]WF2

), . . . ,N α([[Mm]]WF2)))

where op1c and op2

c are the points corresponding to c in F1 and F2, respectively;

(Tconst) For each c : Πx1 :A1 . . .Πxm :Am . A ∈ Σ and for each M1, . . . ,Mm such that, for allW ≤ W ′ and each 1 ≤ i ≤ m,

RObW ′,Γ,Ai[Mj/xj ]

i−1j=1

(N α([[Mi]]WF1

),N α([[Mi]]WF2

)),

we have

RObW,Γ,A[Mj/xj ]mj=1

(op1c([[M1]]

WF1, . . . , [[Mm]]WF1

, op2c([[M1]]

WF2, . . . , [[Mm]]WF2

))

where op1c and op2

c are the points corresponding to c in F1 and F2, respectively;

55

Page 56: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

(Mon) • If RConW ([[Γ]]WF1

, [[Γ]]WF2), then, for all W ≤ W ′,

RConW ′ (κW,W

′([[Γ]]WF1

), κW,W′([[Γ]]WF2

));

• If RTyW,Γ([[AΓ]]WF1

, [[AΓ]]WF2), then, for all W ≤ W ′,

RTyW ′,Γ(NW,W ′

([[AΓ]]WF1),NW,W ′

([[AΓ]]WF2));

• If RObW,Γ,A([[MΓ]]WF1

, [[MΓ]]WF2), then, for all W ≤ W ′,

RObW ′,Γ,A(NW,W ′

([[MΓ]]WF1),NW,W ′

([[MΓ]]WF2));

(Conex) If RConW ([[Γ]]WF1

, [[Γ]]WF2) and RTy

W,Γ([[AΓ]]WF1, [[AΓ]]WF2

), if and only if

RConW ([[Γ, x :A]]WF1

, [[Γ, x :A]]WF2);

(Compre) If RObW,Γ,Πx:A .B([[MΓ]]WF1

, [[MΓ]]WF2) if and only if, for all W ≤ W ′,

RObW,Γ,A([[NΓ]]WF1

, [[NΓ]]WF2)

impliesRObW ′,Γ,B[N/x](NW,W ′

([[MΓ]]WF1)[[NΓ]]WF1

,NW,W ′([[MΓ]]WF2

)[[NΓ]]WF2).

2

As an example of an equational Kripke Σ-λΠ=-logical relation, we use the example ofan applicative structure sketched above. We take F1 and F2 to be the applicative structureand we have the following, RCon

∆ = {(γ, γ)|γ ∈ Γ 1 ∆}, we take RTy∆,Γ to be ({γ, x)|γ ∈ Γ 1

∆, x ∈ {A} ⊂ Ty(Γ 1 ∆)}) × ({γ, x)|γ ∈ Γ 1 ∆, x ∈ {A} ⊂ Ty(Γ 1 ∆)}) and finallyROb

∆,Γ,A = {(M,M)|M ∈ Tm(Γ 1 ∆, A)}. Due to the underlying structure of the KripkeΣ-λΠ=-model with families, the other conditions on the logical relation hold.

Lemma 5.4 (fundamental lemma) Let Σ be a λΠ=-signature, let F1 and F2 be EKλΠ=

ASs and let R be an equational Kripke Σ-λΠ=-logical relation over them. If N= provesΓ `Σ M :A and, at each world W , RCon

W ([[Γ]]WF1, [[Γ]]WF2

), then, at each world W ,

1. RTyW,Γ([[AΓ]]WF1

, [[AΓ]]WF2),

2. RObW,Γ,A([[MΓ]]WF1

, [[MΓ]]WF2).

56

Page 57: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Proof By induction on the structure proofs in N=.We begin by considering the case where Γ `Σ c : Πx1 :A1 . . .Πxm :Am . A︸ ︷︷ ︸

C

is an axiom

sequent of N= (15). By induction hypothesis, we have that RConW ([[Γ]]WF1

, [[Γ]]WF2) holds. We

need to show that RTyW,Γ([[CΓ]]WF1

, [[CΓ]]WF2) is a relation on Ty[[Γ]]WF1

× Ty[[Γ]]WF2

. So we need to

show that [[CΓ]]WFiis a subset of Ty[[Γ]]WFi

. We can interpret [[CΓ]]WFiby Definition 5.2 and so we

have that [[CΓ]]WFi⊂ Ty[[Γ]]WFi

and thus RTyW,Γ([[CΓ]]WF1

, [[CΓ]]WF2) holds. For ROb

W,Γ,C([[cΓ]]WF1, [[cΓ]]WF2

),

we see that we have enough points to interpret c and so we have that the required relationholds since it will be a subset of Tm[[Γ]]WF1

([[CΓ]]WF1)× Tm[[Γ]]WF2

([[CΓ]]WF2).

Let (Γ ≡)∆, x :A,∆′ `Σ x :A is an axiom sequent (16). We need to show that [[xΓ]]WFiand

[[AΓ]]WFiare defined and that they are subsets of Tm[[Γ]]WFi

([[AΓ]]WFi) and Ty[[Γ]]WFi

respectively. We

need to show that [[xΓ]]WFiis an object of Fi and that [[AΓ]]WFi

is an arrow from 〈〉 −→ [[xΓ]]WFiin

Fi. By the induction hypothesis, we have [[Γ]]WFiis defined. By Definition 5.2, we have that

[[xΓ]]WFiis defined by the D-arrow [[Γ]]WFi

f−→ [[Γ, x :A]]WFi. Similarly, [[AΓ]]WFi

is given by the pair

(I, V ). So we have the required relation holding.We assume that the last rule of N= applied is (17). By the induction hypothesis, we

have that RConW ([[Γ, x :A]]WF1

, [[Γ, x :A]]WF2) and RCon

W ([[Γ]]WF1, [[Γ]]WF2

) hold. We need to show that

if RTyW,Γ,x:A([[BΓ,x:A]]WF1

, [[BΓ,x:A]]WF2) holds then RTy

W,Γ([[Πx :A .B]]WF1, [[Πx :A .B]]WF2

) holds and sim-

ilarly if RTmW,Γ,x:A,B([[MΓ,x:A]]WF1

, [[MΓ,x:A]]WF2) holds then

RTmW,Γ,Πx:A .B([[λx :A .MΓ]]WF1

, [[λx :A .MΓ]]WF2) holds. This amounts to showing that

[[Πx :A .BΓ]]WFiis an object of Fi and [[λx :A .MΓ]]WFi

is an arrow 〈〉 −→ [[Πx :A .BΓ]]WFi. We

have that [[Πx :A .BΓ]]WFiis just the product over x :A of [[BΓ,x:A]]WFi

, thus giving us the result.

[[λx :A .MΓ]]WFiis interpreted as a map between families of sets. In particular, it is a map

from the family of sets representing [[Γ]]WFiand [[Γ,Πx :A .B]]WFi

, thus giving us the requiredrelation.

Suppose the last rule of N= applied is (18). We have to show that ifRTyW,Γ([[Πx :A .B]]WF1

, [[Πx :A .B]]WF2) and RTy

W,Γ([[A]]WF1, [[A]]WF2

) hold then we have

RTyW,Γ([[B[N/x]]]WF1

, [[B[N/x]]]WF2), similarly if ROb

W,Γ,Πx:A .B([[M ]]WF1, [[M ]]WF2

) and

RObW,Γ,A([[N ]]WF1

, [[N ]]WF2) hold then ROb

W,Γ,B[N/x]([[MN ]]WF1, [[MN ]]WF2

) holds. [[B[N/x]]WFiis a pair

(I, V ). The choice of V is determined by D-arrows. By definition 3.5, we have that thechoice of D-arrow is well-defined here along with the indexing set. For [[MN ]]WFi

, we need to

have a D-arrow from [[Γ]]WFito [[Γ, y :B[N/x]]]WFi

. This is given by interpreting

([[〈x1, . . . , xm, N〉]]WKJ )∗(p∗[[Γ]]WKJ

,[[AΓ]]WKJ[[MΓ]]WKJ ; appW ([[AΓ]]WKJ , [[BΓ,x:A]]WKJ )) in our set-theoretic

setting. We have that ([[〈x1, . . . , xm, N〉]]WKJ )∗ is a substitution between families of sets, andthe rest is a map within the family of sets over Γ. This coupled with the substitution meanswe have a map from an indexed family of sets to the indexed family of sets denoted by[[B[N/x]]]WFi

giving us the correct map and the result.

57

Page 58: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

We assume that the last rule applied is βη-equality (19). The case follows from using thesubstitution which corresponds to the inverse of the dependent product of families of sets.

The remaining cases for N= are all to do with equality, we note that having equality inthe context means that it will pass through the types and finally into the terms. 2

The fundamental lemma tells us that anything which is provable in N= is definable inthe equational Kripke Σ-λΠ=logical relation. This means that the interpretation of the termexists within the relation. We are interested in looking at what effect changing the signaturehas on what can and can not be defined within a particular equational Kripke Σ-λΠ=logicalrelation.

To illustrate the point, we take Σ to be empty. When Σ is empty according to N=, therecan be no derivable terms. By the fundamental lemma, this means there are no contexts,terms and types in the equational Kripke Σ-λΠ=logical relation apart from the empty contextand type which are built into the relation since it has initial objects. However, it is clearfrom the logical relation that it contains no structure at all, so no term is not definable inthe equational Kripke Σ-λΠ=logical relation.

We take Σ = A :Type. There are now definable terms in the signature. In particular wecan derive 〈〉 `Σ λx :A.x :Πx :A.A and 〈〉 `Σ (λx :A)(x :A) :A in N=, so these terms are inthe equational Kripke Σ-λΠ=logical relation. We describe the Kripke Σ-λΠ=logical relationin detail. P(Σ) only has two objects the empty context and x :A with 〈〉 ≤ x :A. Over theworld x :A, we have the set containing A. We build the family over A. Since we only havethe type A, something of the form (λx :A)(x :A) :B would not be definable.

5.4 Extensional Kripke Σ-λΠ=-logical partial equivalence relations

In [MM91], Mitchell and Moggi show that partial equivalence relations can be used to explainthe interaction between the classical metatheory of the simply-typed λ-calculus and Kripkeλ-models. Here we show that a similar technique works in for models of λΠ. Specifically, weshow that there is a (Kripke) counter-model to the semantic implication discused in § 1.2.

We restrict ourselves to relations which are on one equational Kripke Σ-λΠ=-applicativestructure. We obtain an equational Kripke Σ-λΠ=-logical partial equivalence relation, whichwe abbreviate to KλΠ=PERs, by requiring R, i.e., each member of RCon, RTy and ROb tobe symmetric and transitive.

We begin by showing that partial equivalence at any level in the logical relation meansit holds at all levels.

Lemma 5.5 (partial equivalence) Let Σ be a λΠ=-signature, let F be EKλΠ=AS and letR = (RCon,RTy,ROb) be an equational Kripke Σ-λΠ=-logical relation on it. Suppose that,for each c :Πx1 :A1 . . .Πxm :Am .Type ∈ Σ and for each M1, . . . ,Mm such that:

• For all W ≤ W ′ and each 1 ≤ i ≤ m,

RObW,Γ,Ai[Mj/xj ]

i−1j=1

([[Mi]]WF , [[Mi]]

WF ),

58

Page 59: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

we have

RTyW ′,Γ(opc(N α([[M1]]

WF ), . . . ,N α([[Mm]]WF )), opc(N α([[M1]]

WF ), . . . ,N α([[Mm]]WF )))

where opc are the points corresponding to c in F ;

• For each c : Πx1 :A1 . . .Πxm :Am . A ∈ Σ and for each M1, . . . ,Mm such that, for allW ≤ W ′ and each 1 ≤ i ≤ m,

RObW ′,Γ,Ai[Mj/xj ]

i−1j=1

(N α([[Mi]]WF ),N α([[Mi]]

WF )),

we have

RObW,Γ,A[Mj/xj ]mj=1

(opc([[M1]]WF , . . . , [[Mm]]WF , opc([[M1]]

WF , . . . , [[Mm]]WF ))

where opc are the points corresponding to c in F .

Then the following are equivalent:

1. RCon is a partial equivalence relation;

2. RTy is a partial equivalence relation;

3. ROb is a partial equivalence relation.

Proof By induction on the structure of contexts, types and objects.Let RCon be a partial equivalence relation. Let σ and τ be types. Let RTy([[σ]]WF , [[τ ]]

WF ),

taking Γ to be the empty context, we apply (Conex) and have that RCon([[x :σ]]WF , [[y :τ ]]WF )

and since RCon is symmetric, we have that RCon([[y :τ ]]WF , [[x :σ]]WF ). We now apply (Connex)

again to see that RTy([[τ ]]WF , [[σ]]WF ). Thus RTy is symmetric.

Let σ, τ and ρ be types. Let RTy([[σ]]WF , [[τ ]]WF ) and RTy([[τ ]]WF , [[ρ]]

WF ). We apply (Connex)

with Γ as the empty context and obtain RCon([[x :σ]]WF , [[y :τ ]]WF ) and RCon([[y :τ ]]WF , [[z :ρ]]WF ).

Since RCon is a partial equivalence relation we obtain that RCon([[x :σ]]WF , [[z :ρ]]WF ) and so we

can apply (Connex) to obtain RTy([[σ]]WF , [[τ ]]WF ). Thus RTy is transitive.

Let RTy be a partial equivalence relation. We show that RCon is a partial equivalencerelation by induction on the length of context. We begin by showing the base cases.

Let RCon([[x :σ]]WF , [[y :τ ]]WF ), by (Connex), we have that RTy([[σ]]WF , [[τ ]]WF ). Since RTy is

a partial equivalence relation we have that RTy([[τ ]]WF , [[τ ]]WF ) and can apply (Connex) to

obtain RCon([[y :τ ]]WF , [[x :σ]]WF ), so RCon is symmetric.

Let RCon([[x :σ]]WF , [[y :τ ]]WF ) and RCon([[y :τ ]]WF , [[z :ρ]]WF ). We apply (Connex) to obtain

RTy([[x :σ]]WF , [[y :τ ]]WF ) and RTy([[y :τ ]]WF , [[z :ρ]]WF ). Since RTy is transitive we have

RTy([[x :σ]]WF , [[z :ρ]]WF ) and by applying (Connex) we have RCon([[σ]]WF , [[ρ]]WF ) and so RCon is

reflexive.We now show the induction steps. Let RCon([[Γ, x :σ]]WF , [[∆, y :τ ]]WF ) and apply (Connex)

to obtain RCon([[Γ]]WF , [[∆]]WF ) and RTy([[σ]]WF , [[τ ]]WF ). Applying the induction hypothesis and

59

Page 60: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

that RTy is symmetric we obtain RCon([[∆]]WF , [[Γ]]WF ) and RTy([[τ ]]WF , [[σ]]WF ). We now apply

(Connex) to obtain RCon([[∆, y :τ ]]WF , [[Γ, x :σ]]WF ) and so RCon is symmetric.

Let RCon([[Γ, x :σ]]WF , [[∆, y :τ ]]WF ) and RCon([[∆, y :τ ]]WF , [[θ, z :ρ]]WF ) and apply (Connex) to

obtain RCon([[Γ]]WF , [[∆]]WF ), RCon([[∆]]WF , [[θ]]WF ), RTy([[σ]]WF , [[τ ]]

WF ) and RTy([[τ ]]WF , [[ρ]]

WF ). We

apply the induction hypothesis and the fact thatRTy is transitive to obtainRCon([[Γ]]WF , [[θ]]WF )

andRTy([[x :σ]]WF , [[z :ρ]]WF ). Finally, we apply (Connex) to obtainRCon([[Γ, x :σ]]WF , [[θ, z :ρ]]WF )and thus RCon is transitive.

Need to check definition of logical relations is correct since

currently unable to complete proof due to

lack of axiom comparing terms to anything else 2

The first two conditions of the lemma are present in the definition of a Kripke Σ-λΠ=-applicative structure. We include them with the lemma since we have gone from workingwith two Kripke Σ-λΠ=-applicative structures to one and wish to stress the point.

5.5 Kripke logical relations on classical applicative structures

We take a classical Σ-λΠ=-applicative structure to be a pair U = 〈U , [[−]]U〉, in which U :[Dop,V ] carries the structure carried by an equational Kripke Σ-λΠ=-applicative structureat a fixed world and [[X]]U is defined for all X derivable in N=.16

Given a classical applicative structure, U = 〈U , [[−]]U〉, we define the Kripke applicativestructure [W ,U ] as follows (we sketch just a few key points):

• W is a discrete category of worlds with a transition function between worlds which isthe identity on each world;

• W is a poset;

• We take the structure over each world to be a copy of the classical applicative structure.

Let U and V be classical Σ-λΠ=-applicative structures. We say that R is a Kripke logicalrelation on the classical applicative structures U and V if R is a Kripke logical relation on[W ,U ] and [W ,V ].

In the case of a relation on U , i.e., V = U , we form the quotient U/R provided R is aKripke Σ-λΠ=-logical partial equivalence relation.

Lemma 5.6 (quotients yield Kripke applicative structures) In the notation of thediscussion above, U/R is an equational Kripke Σ-λΠ=-applicative structure.

Proof The categoryW is a poset, so it is quotiented by R but this will still be a poset andthe structure over each W ∈ W is the same, so for any choice of representative we have thesame structure over it. By the Fundamental Lemma, Lemma 5.4, we have that if N= provesΓ `Σ M :A then [[AΓ]]UW is related to all other interpretations of that type, similarly for the

16We can also achieve this by taking a Kripke applicative structure in which W is the category with oneobject and one arrow.

60

Page 61: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

interpretation of the term M . Thus all the interpretations of the same term are in the sameequivalence class, similarly for the interpretations of types. This quotienting together withthe structure of U means we have an equational Kripke Σ-λΠ=-applicative structure. 2

Lemma 5.7 Let U/R be as above and let f, g ∈ [[(Πx :A .B)Γ]]WU/R. Then, for all W ≤ W ′

and for all a ∈ [[AΓ]]W′

U/R, U/R satisfies the following extensionality condition:

(NW,W ′f)a = (NW,W ′

g)a implies f = g. (50)

Proof There are two cases, the first being when a is the empty set. If a is the empty setthen we have that NW,W ′

f = NW,W ′g, i.e. f = g for all worlds accessible from W , so f = g

everywhere since we have the same structure over each world W .If a is not the empty set, then fa = ga for all worlds accessible from W . We now use

Proposition 3.9 3.(b) to show that we have f = g at all worlds accesible from W and hencef = g. 2

We wish to show completeness for the classical Σ-λΠ=-applicative structure. To do thiswe need to have a suitable notation of satisfaction. We can now longer talk about worldssince we are in a classical setting but we see that the definition of satisfaction is very similarto Definition 3.13.

Definition 5.8 (Classical Satisfaction) Let U be a classical Σ-λΠ=-applicative structureand let Γ be a context, A be a type and M and N be objects. The applicative structure Usatisfies (i) the equation A = B :Type with respect to Γ, i.e.,

U |=Σ (A = B :Type)[Γ],

if and only if [[AΓ]]U ' [[BΓ]]U , and (ii) the equation M = N :A with respect to Γ, i.e.,

U |=Σ (M = N :A)[Γ],

if and only if U |=Σ (M :A)[Γ], U |=Σ (N :A)[Γ] and [[MΓ]]U ' [[NΓ]]U .

Note that we are using the interpretation on any derivable term we are given with thedefinition of a classical Σ-λΠ=structure. We now prove soundness.

Lemma 5.9 (Soundness) Let U be a classical Σ-λΠ=-applicative structure and let Γ be acontext, A be a type and M and N be objects. (i) If Γ `Σ A = B : Type then U |=Σ (A =B :Type)[Γ], (ii) if Γ `Σ M = N :A then U |=Σ (M = N :A)[Γ].

Proof The proof is by induction on the structure of proofs in the system N=. We beginwith (23) and by the induction hypothesis we know that [[M ]]U and [[N ]]U are defined. Wesee that [[M ]]U ' [[N ]]U holds giving us U |=Σ (M = N :A)[〈〉].

The equivalence rules all follow from interpreting the term and type proved and usingthe properties of '. We show the transitive rule, (32). By the induction hypothesis, we have

61

Page 62: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

that [[MΓ]]U , [[NΓ]]U and [[PΓ]]U are all defined and that [[MΓ]]U ' [[NΓ]]U and [[NΓ]]U ' [[PΓ]]U .We use the equality of ' to obtain [[MΓ]]U ' [[PΓ]]U and thus U |=Σ (M = P :A)[Γ].

We now show the structural equality rules. (33) follows from the fact that when we havea context Γ and the interpretations [[M ]]U and [[N ]]U exist and are equal, we can interpretthem over the context Γ and the remain equal, thus giving the result.

Applying the induction hypothesis to the premises of (35) means that [[MΓ]]U and [[NΓ]]Uexist and are equal. We also have that [[AΓ]]U and [[BΓ]]U exist and are equal. We now usethe fact that we have equality in the model, so we have the that the domains of the arrows[[MΓ]]U and [[NΓ]]U are equal and so we can change the co-domain to [[BΓ]]U and thus get ourresult.

Rules (36) and (37) are obtained by using the fact that the equality in between thecontexts Γ and Γ′ follows into the model with the free variable conditions insuring that weare able to have the equality.

We assume the last rule used was (39). By the induction hypothesis, we have that [[AΓ]]Uand [[BΓ]]U exist and are equal. We also have that [[CΓ,x:A]]U and [[DΓ,x:A]]U are equal. We havethat [[Πx :A .CΓ]]U and [[Πx :B .DΓ]]U exist and are equal since the equality follows from theequality in the premise.

The last rule used was (43). We apply the induction hypothesis to obtain [[AΓ]]U = [[BΓ]]Uand [[MΓ,x:A]]U = [[NΓ,x:B]]U . We have that [[λx :A .MΓ]]U and [[λx :B .N ]]U exist and are equalsince the equality follows from equality in the premise.

We take the last rule to be used to be (44). By the induction hypothesis, we have that[[MΓ]]U = [[NΓ]]U and [[PΓ]]U = [[QΓ]]U . The interpretations of [[MPΓ]]U and [[NQΓ]]U exist areequal since the equality follows from equality in the premise.

Finally, we have (45) to which we apply the induction hypothesis and obtain [[MΓ]]U and[[AΓ]]U = [[BΓ]]U . Since [[MΓ]]U is an arrow from the interpretation of the empty context to[[AΓ]]U , then since [[AΓ]]U = [[BΓ]]U , it can also be an arrow from the empty context to [[BΓ]]U .Thus giving the result. 2

We now expand the definition of satisfaction to validity.

Definition 5.10 (Classical Validity) (i) Γ |=Σ A = B :Type, i.e., A = B :Type is validwith respect to Γ, if and only if, for all classical Σ-λΠ=-applicative structures U such that[[Γ]]U , [[A]]U and [[B]]U are defined, U |=Σ (A = B : Type)[Γ]. (ii) Γ |=Σ M = N :A, i.e.,M=N:A is valid with respect to Γ, if and only if, for all classical Σ-λΠ=-applicative structuresU such that [[Γ]]U , [[M ]]U , [[N ]]U and [[A]]U are defined, Γ |=Σ (M = N :A)[Γ].

Model existence is very similar to Lemma 4.5.

Lemma 5.11 (Model Existence) There is a classical Σ-λΠ=-applicative structure with a

world W0 such that (i) if Γ 6 `Σ A = B : Type then U 6|=(Σ A = B : Type)[Γ] and (ii) if

Γ 6`Σ M = N :A then U 6|=Σ (M = N :A)[Γ].

Proof We provide a suitable model by construction. Our classical Σ-λΠ=-applicativestructure is very similar to the Kripke Σ-λΠ=-model we constructed previously. We take D to

62

Page 63: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

be B(Σ) and we define a functor B(Σ)op −→ V as follows. Each Γ in B(Σ) defines a category

in V . The objects of this category are sections Γ1Γ,N−→ Γ, z :B and its arrows are the identity

arrows 1Γ. An arrow Γ′ −→ Γ in B(Σ)op is now an arrow Γ −→ Γ′ between sections. Wenow quotient the model by definitional equality to obtain the correct model. We now needto show that if Γ 6 `Σ A = B : Type then U 6|=Σ (A = B : Type)[Γ] and if Γ 6 `Σ M = N :Athen U 6|=Σ (M = N : A)[Γ]. Dealing with Γ 6 `Σ A = B : Type, we have to show that[[AΓ]]U 6' [[BΓ]]U . If either (or both) of [[AΓ]]U or [[BΓ]]U are not defined then we are done. Wehave to deal with the case where they are both defined. Γ 6 `Σ A = B :Type means that wecannot derive A = B :Type in N=. We can however derive A :Type and B :Type, since wehave assumed that [[AΓ]]U and [[BΓ]]U are defined. We have [[AΓ]]U precisely when we have a

section Γ〈1Γ,N〉−→ Γ, x :A. To see why this is the case, look at the construction of the Kripke

structure in §3.3. Similarly, we have [[BΓ]]U when we have a section Γ〈1Γ,M〉−→ Γ, y :B. Since

we have that Γ 6 `Σ A = B : Type, these two sections are not equal, proving [[AΓ]]U 6' [[BΓ]]Uas required. A similar argument works for U 6|=Σ (M = N :A)[Γ], except that the term isdefined by the section, not the underlying structure. 2

We now prove completeness.

Theorem 5.12 (classical equational completeness) Let U be a classical Σ-λΠ=

-applicative structure. Then Γ `Σ A = B : Type if and only if Γ |=Σ A = B : Type andΓ `Σ M = N :A if and only if Γ |=Σ M = N :A.

Proof sketch

(only if) This is soundness, Lemma 5.9.

(if) Suppose that Γ 6 `Σ M = N :A and that Γ 6 `Σ A = B :Type then Lemma 5.11 providesa contradiction. 2

In the proof of Lemma 4.5, we used worlds to show that the constructed model did notsatisfy the equality. In the classical setting, we do not have worlds17. This meant that theproof was more difficult. So while we can do all the constructions from a classical perspective,using Kripke structures appears to be more natural.

5.6 A counter-model to semantic implication

We construct a counter-model to the implication (2). We present a classical Σ-λΠ=

-applicative structure together with a Kripke logical partial equivalence which produces aKripke Σ-λΠ=-applicative structure by taking a quotient. We provide types A, B and Ctogether with a function

f : (Π x :A .Π y :B(x) .Π z :B(x) . B(x)) −→ C

17We can also view the classical setting as having worlds, but with no transition between worlds. Thenthe same thing happens over each individual world and is just another way of viewing the classical situation.We used the multiple worlds with no transitions perspective to show that our classical applicative structuretogether with a quotienting with a Kripke logical relation was actually a Kripke Σ-λΠ=-applicative structure.

63

Page 64: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

and projections

π2 = λx :A . λy :B(x) . λz :B(x) . y :Πx :A .Πy :B(x) .Πz :B(x) . B(x)

π3 = λx :A . λy :B(x) . λz :B(x) . z :Πx :A .Πy :B(x) .Πz :B(x) . B(x)

such thatλx :A.fπ2 = λx :A.fπ3

holds but notfπ2 = fπ3.

We let U be the classical Σ-λΠ=-applicative structure we constructed in Theorem 5.12.We also take β, η equivalence classes, so that within the model anything which is β, η-equivalent is equal.

We now need to define R, we only need to define R on contexts since the rest followsfrom the definition. The key idea is to have one world where A is empty and another whereit is not. The reason for this is that if we proved the semantic implication, thinking entirelyin terms of functions, we would have dealt with the two cases where either A was (globally)empty or (globally) non-empty.

So to provide a counter-model, we need to have both non-empty and empty A. We takeW = 0, 1 with 0 ≤ 1 and let RCon

0 ([[A]]U , [[A]]U) be the empty set while RCon1 ([[A]]U , [[A]]U) is

the identity.It remains to show that

λx :A.fπ2 = λx :A.fπ3

holds at both worlds. At world 0, we take RCon0 ([[B]]U , [[B]]U) and RCon

0 ([[C]]U , [[C]]U) to be

identies. This means at world 0, we have RObj0,Γ,A(λx :A.fπ2, λx :A.fπ3).

At world 1, we take RCon1 ([[B]]U , [[B]]U) and RCon

1 ([[C]]U , [[C]]U) to be the identies. Again

RObj1,Γ,A(λx :A.fπ2, λx :A.fπ3) holds.We now take quotient U by R to obtain a Kripke Σ-λΠ=-applicative structure. Since

RObjW,Γ,A(λx :A.fπ2, λx :A.fπ3) holds for all W , λx :A.fπ2 = λx :A.fπ3 holds in the quotient.

Since fπ2 and fπ3 are not β, η-equivalent and they are not related by RCon0 then we have

that fπ2 = fπ3 does not hold at world 0.Thus U/R satisfies

λx :A.fπ2 = λx :A.fπ3

but notfπ2 = fπ3.

The argument for proving that the above implication holds involving cases, either A isempty or not empty, involves the law of the excluded middle. So providing a Kripke Σ-λΠ=-applicative structure which is intuitionistic means that we are able to provide a counter-modelsince the law of excluded middle which was critical to the argument no longer holds.

64

Page 65: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

5.7 Representability of Functors

Initially, we consider under what conditions the functor F : [W , [Setop,Fam]], given after Def-inition 5.2 is representable. We consider whether or not the functors F ′(W ) :Setop −→ Famand F ′′ :W × Setop −→ Fam are representable. Since the usual definition of representable,[Mac69], requires a functor with domain Set, we solve this problem by taking the dis-joint union of each set in the family over the indexing set. So the domain of F is now∐

A∈Type(Γ)(Γ `Σ A) ∈ Set.

We begin by considering the functor F ′ :Setop −→ Set. We take Γ =∏

1≤i≤n{Ai} as ourchoice of element of Set. Let f :c −→ c′ be an arrow in Setop. We need to find a g such thatthe diagram

F ′(W )(Γ,−)cgc

- F ′(W )c

F ′(W )(Γ,−)c′

F ′(W )(Γ,−)f

? gc′- F ′(W )c′

F ′(W )f

?

commutes. We define g to take a morphism f :Γ −→ ∆ to∐

γ∈Type(∆)

∏γ∈∆A(γ) and thus

our diagram commutes. Hence F ′ is representable.We now consider the functor F ′′ :W×Setop −→ Set. We take (W,Γ), where Γ is defined

above, as our choice of an element of Set. Let g : (W,∆) −→ (W ′,∆′) be an arrow inW ×Setop We need to find a k such that the diagram

F ′′((W,Γ),−)(W,∆)k(W, d)

- F ′′(W,∆)

F ′′((W ′,Γ),−)(W ′,∆′)

F ′′((W,Γ),−)g

? k(W ′,∆′)- F ′′(W ′,∆′)

F ′′g

?

commutes. We choose k to be a function from hom((W,Γ), (W,Γ) to∐

γ∈Type(∆)

∏γ∈∆A(γ).

We take ψ to be the same as g but with a dummy argument for worlds.

6 The internal logic and its models

6.1 Introduction

This chapter shows one application of the semantic framework we have created for the λΠ-calculus. It is included in this paper rather than the sequel because it shows how the workdeveloped in this paper can be used to talk about the properties of the internal logic. In thesequel, this work is expanded to talk about a ‘generic’ logic and we wish to give motivationfor that work within this paper.

65

Page 66: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

To obtain the internal logic of our Kripke structure, we consider a slightly refined defini-tion of them. We restrict to closed cartesian categories since this allows us to set up an inter-nal language in the usual way, [McL92]. We take types in the base category as sorts. So thatthe base category object x1 :A1, . . . , xn :An becomes x1 :S1, . . . , xn :Sn, where each Si is a sort.

The arrows in the base category become terms x1 :S1, . . . , xn :Sn〈t1,...,tn〉−→ y1 :T1, . . . , ym :Tm.

However, since we have an indexed structure, we are able to introduce formulae thus takingthe internal language to an internal logic. We take a formula containing variables in the setX = {x1 : S1, . . . , xn : Sn} as being an object in the fibre over the object x1 : S1, . . . , xn : Snwhen we are in the Kripke prestructure. Since we are in a closed cartesian category, we canuse the product to capture conjunction, the exponential to capture implication and the rightadjoint of projection to capture universal quantification.

When we consider the internal logic of the Kripke structure rather than the Kripkeprestructure, we interpret a proof of a formula rather than a formula as an object over thefibre x1 :S1, . . . , xn :Sn and then arrows in the fibre are then transformations of proofs. Thismeans we can analyse the proofs in a much finer way than we could in the prestructure.

6.2 The propositions-as-types correspondence

Within this section, technical details have been toned down to allow us to present the essentialpoints which we wish to use as our motivation for developing a more general understandingof the propositions-as-types correspondence. Also as we mention below, this material isalready well explained within the literature and so the reader is advised to consultant theappropriate references for a fuller account.

In this section, we begin with a brief review of the formulation the {⊃,∀}-fragment of min-imal first-order logic as a system of natural deduction and give its consequent propositions-as-types correspondence with λΠ. We proceed to describe the logic semantically as a classof categorical Kripke models.

The λΠ-calculus is in propositions-as-types (Curry-Howard-de Bruijn-Barendregt) corre-spondence with the {⊃,∀}-fragment of minimal first-order logic. Specifically, the correspon-dence can formulated in the style of Barendregt [Bar93].

Let LT denote the {⊃,∀}-fragment of many-sorted minimal first-order logic with theoryT , consisting a finite set of constants of basic sort, function symbols of finite arity (0-aryfunctions are constants) and atomic predicate letters of finite arity. We assume a countablyinfinite stock of variables of each basic sort. We can then form terms by typed application,just as for simple types. We elide the formal details.

A natural deduction system for the {⊃,∀}-fragment of many sorted minimal first-orderlogic is defined as follows:

[φ]

...

ψ⊃ I

φ⊃ψ

...

φ

...

φ⊃ψ⊃E

ψ

66

Page 67: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

...

φ∀I∀ x :S . φ

(x not free in anyassumption uponwhich φ depends)

...

∀ x :S . φ∀E (t ∈ Term S).

φ[t/x]

We extend our view of the {⊃,∀}-fragment of minimal first-order logic to include proof-objects. To this end, we use Barendregt’s notation [Bar93] for natural deductions, δ : (∆ ` φ),as follows:

φ ∈ ∆ ⇒ αφ : (∆ ` φ)δ1 : (∆ ` φ⊃ψ) , δ2 : (∆ ` φ) ⇒ δ1δ2 : (∆ ` ψ)

δ : (∆, φ ` ψ) ⇒ Iφδ : (∆ ` φ⊃ψ)δ : (∆ ` ∀x :A . φ) , t ∈ Term A ⇒ δt : (∆ ` φ[t/x])

δ : (∆ ` φ) , x :A 6∈ FV(∆) ⇒ Gx :A . δ : (∆ ` ∀x :A . φ)

We are now able to define the (proof-theoretic) propositions-as-types correspondence,following [Bar93].

Definition 6.1 (term translation) We define {{−}}T

• {{x}}T = x :S, where S is the type corresponding to the sort of x

• X = x1, . . . , xn, Γ{{X}}T= x1 :S1, . . . , xn :Sn

• {{c}}T = c :S,

• {{f}}T = f :S1 × . . .× Sn −→ S,

• {{φ}}T = Aφ.

• {{φ⊃ψ}}T = Πx :{{φ}}T . {{ψ}}T , where x does not occur free in {{ψ}}T .

• {{∀ x :S . φ}}T = Πx :S . {{φ}}T

• ∆ = φ1, . . . , φn, Γ{{∆}}T= x1 :{{φ1}}T , . . . , xn :{{φn}}T

• {{(X) ∆ `δLTφ}}T = Γ{{X}}T

,Γ{{∆}}T`ΣLT

{{δ}}T :{{φ}}T , where X is the set of variablesin the formulae contained within ∆. Γ{{X}}T

= {x1 :S1, . . . , xn :Sn} where each Si is thetype chosen to correspond to the sort Si associated with the variable present in X. Wealso have that `ΣLT

Γ{{X}}T,Γ{{∆}}T

context. 2

67

Page 68: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Here ΣLTis the λΠ-signature in propositions-as-types correspondence with LT . It is the

following collection of constants:

Si :Type for each sort of the logic⊃ :Type −→ Type −→ Type∀ : (Si −→ Type) −→ Type⊃ I :Πφ :Type .Πψ :Type . (φ −→ ψ) −→ (φ⊃ψ)⊃ E :Πφ :Type .Πψ :Type . (φ −→ (φ⊃ψ)) −→ φ∀ I :ΠF :Si(Πx :Si . Fx) −→ (∀(λx :Si . Fx))∀ E :ΠF :Si −→ Type .Πx :Si . (∀(λ(x :Si . Fx)) −→ Fx

Proposition 6.2 (propositions-as-types correspondence) The sequent (X) ∆ `ΦLT

φhas a natural deduction proof if and only if N proves Γ{{X}}T

,Γ{{∆}}T`ΣLT

{{Φ}}T :{{φ}}T .

Proof Both directions of the proof require induction, the if direction requiring inductionover the structure of the natural deduction system with proof-objects while the only ifdirection requires induction over N.

(⇒) Firstly, we consider (X) ∆ `αφ

LTφ where φ ∈ ∆. By definition, this corresponds to

Γ{{X}}T,Γ{{∆}}T

`ΣLT{{αφ}}T : {{φ}}T . Since we have φ ∈ ∆, we have x : {{φ}}T ∈ Γ{{∆}}T

and ` Γ{{X}}T,Γ{{∆}}T

context. We now apply (15) to obtain Γ{{X}}T,Γ{{∆}}T

`ΣLT{{αφ}}T :

{{φ}}T as required.

We now assume that we have (X) ∆ `δ1LTφ⊃ψ and (X) ∆ `δ2LT

φ. We translate these toobtain Γ{{X}}T

,Γ{{∆}}T`ΣLT

{{δ1}}T : Πx : {{φ}}T . {{ψ}}T and Γ{{X}}T,Γ{{∆}}T

`ΣLT{{δ2}}T :

{{φ}}T . We apply (18) to obtain Γ{{X}}T,Γ{{∆}}T

`ΣLT{{δ1}}T{{δ2}}T{{ψ}}T [{{δ2}}T/x].

Since x does not occur free in {{ψ}}T , the final type is just {{ψ}}T which gives us thecorrect translated term.

We consider the case where we have (X) ∆, φ `δLTψ. This translates to Γ{{X}}T

,Γ{{∆}}T,

x : {{φ}}T `ΣLT{{δ}}T : {{ψ}}T . We now apply (17) to obtain Γ{{X}}T

,Γ{{∆}}T`ΣLT

λx :{{φ}}T . {{δ}}T : Πx : {{φ}}T . {{ψ}}T . This is of the required form since λx : {{φ}}T . {{δ}}Tcorresponds to the translation of Iφδ.

We assume that we have (X) ∆ `δLT∀ x :A . φ and that t ∈ Term A. t ∈ Term A means

that we have that there is a term {{t}}T :A, which can be derived from our context, i.e.Γ{{X}}T

,Γ{{∆}}T`ΣLT

t :A. The translation of the derivation is Γ{{X}}T,Γ{{∆}}T

`ΣLTΠx :

A . {{φ}}T and so we can now apply (18) to obtain Γ{{X}}T,Γ{{∆}}T

`ΣLT{{δ}}T t :{{φ}}T

[{{t}}T/x] as required.

Finally, we have (X) ∆ `δLTφ and x : A /∈ FV(∆). The derivation translates to

ΓibXT ,Γ{{∆}}T`ΣLT

{{δ}}T :{{φ}}T and the side condition means that we can extend thecontext by x : A and so have the derivation Γ{{X}}T

,Γ{{∆}}T, x : A `ΣLT

{{δ}}T : {{φ}}T .We now apply (17) to obtain Γ{{X}}T

,Γ{{∆}}T`ΣLT

λx : A . {{δ}}T : Πx : A . {{φ}}T . Hereλx :A . {{δ}}T is the translation of Gx :A . δ.

68

Page 69: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

(⇐) Throughout this direction, we assume that Γ corresponds to Γ{{X}}T, {{∆}}T and will

not make the distinction between the two contexts.

We begin by assuming the last rule used was (15), which means we have `ΣLTΓ context

and c :A ∈ ΣLT. We translate this back into the object logic to obtain that there is a

sort in the object-logic which has been translated to the type A in N.

We now assume that we have (16) and so we have `ΣLTΓ context and x :A ∈ Γ. We

translate this back into the object logic to obtain that φ ∈ ∆, where φ is the formulatranslated to the type A. We now apply the first of the natural deduction rules andsee that we have a proof αφ : (∆ `LT

φ), which translates to Γ `ΣLTx :A.

Taking the last rule applied to be (17), we translate the premiss to obtain ∆, φ `δLTψ,

we now apply the third natural deduction rule and obtain ∆ `IφδLTψ, which is translated

back to N to give Γ `ΣLTλx :A .M :Πx :A .B as required.

Let (18) be the last rule of N used. We translate it to obtain ∆ `δ1LTΦ⊃ψ and

∆ `δ2LTφ. We apply the second natural deduction rule if x does not occur free in B to

obtain ∆ `δ1δ2LTψ, which corresponds to Γ `ΣLT

MN :B, which is the correct form ofthe rule if x is free in B. If x is free in B, then there exists a term t :A and so we canapply the fourth natural deduction rule and obtain a derivation which when translatedback gives us the same term as before but with B[N/x] instead of B. 2

6.3 The semantics of the internal logic, LT

The semantics of the logic LT can be given in many ways. Perhaps the most familiar isKripke’s approach [Kri65], in which propositions are interpreted in a structure at a world.Informally, let M be a Kripke model of LT , consisting of a preordered set of worlds, astructure at each world, with enough points to interpret the constants, function symbolsand predicate letters of T , and an assignment ρ of the variables of LT in a structure at aworld. The satisfaction relation w, ρ ‖−MT φ, read as, “ the world w forces proposition φ in

Kripke model M with respect to assignment ρ”, or w, ρ ‖−MT φ, is defined by induction onthe structure of propositions as follows:

• w, ρ ‖−MT p(t) iff [[ t ]]w

M is defined and is in [[p]]wM;

(• w, ρ ‖−MT φ ∧ ψ iff w, ρ ‖−MT φ and w, ρ ‖−MT ψ;)

• w, ρ ‖−MT φ⊃ψ iff, for all wf−→ w′, (w′, ρ[f ] ‖−MT φ implies w′, ρ[f ] ‖−MT ψ).

• w, ρ ‖−MT ∀x :T . φ iff, for all wf−→ w′, all a ∈ [[T ]]wM and terms t such that [[t]]wM = a,

(w′, ρ[f ][x := a] ‖−MT φ[t/x])

We have included the rule for conjunction for completeness, we are only concerned withthe {⊃,∀}-fragment of minimal first-order logic, since this is the logic that the λΠ-calculusnaturally provides a model for and the logical framework is this fragment of first-order logic

69

Page 70: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

with proof objects. Since the following Kripke structures (and prestructures) are built outof cartesian closed categories, we have the intuitive interpretation of conjunction alreadypresent.

We are concerned with the extension of forcing to consequences labelled with proof-objects. We consider a version of Kripke semantics for the {⊃,∀}-fragment of minimalfirst-order logic with proof-objects. Our formulation will be appropriate for considering asemantic account of the propositions-as-types correspondence. Specifically, we formulateKripke models of LT within the same categorical framework as our Kripke Σ-λΠ-models.

The Kripke prestructure is a special case of a hyperdoctrine over a category of worlds.The definition of a hyperdoctrine given by Seely in [See83] provides a model for intuitionisticlinear logic. We are only dealing with the case where we have the connectives {∀, ⊃}. Therelationship between our definition and that of Seely is the following:

• We only ask for an induced functor p∗V for projections. Seely asks for an inducedfunctor for all morphisms in his base category.

• We only require the existence of a right adjoint to functors between fibres. Seely asksfor a right and left adjoint. We do not need the left adjoint here since it modelsexistential quantification and we only have universal quantification.

• The Beck-Chevalley condition is a special case of the Beck condition given in Seely andin this special case gives us Frobenius reciprocity. This is discussed in Seely § 8.

• Seely requires that the base category has a terminal object and has finite products.We impose that it be a cartesian closed category.

We present our definition in the same way as we presented the Kripke prestructure, so thatthey will live in the same category. We will then be able to interpret objects in our fibres asformulae and morphisms as proofs.

When we interpret the {∀, ⊃}-fragment of minimal first-order logic in a category, weneed to make sure that the category has enough structure to interpret each constant of thelanguage and keeps each constant of the same sort distinct. We define this condition:

Definition 6.3 (enough points) We say that a category C has enough points to interpreta language L if for each constant c :S, there exists an arrow 1

c−→ [[S]] and for two constants

c1 :S 6= c2 :S, interpreted 1c1−→ [[S]] and 1

c2−→ [[S]], we have that for all arrows f : [[S]] −→ [[S ′]]that fc1 6= fc2. 2

Definition 6.4 (Kripke prestructures for LT ) A Kripke prestructure for the logic LT isa functor J : [W , [Bop,V ]], such that (i) W is a small category of worlds; (ii) B is a smallcartesian closed category; (iii) V is a (sub)category (of C) of values such that

• For all W ∈ W and U ∈ B, J (W )(U) is cartesian closed and has enough points tointerpret the {∀, ⊃}-fragment of minimal first-order logic;

70

Page 71: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

• For each arrow f : R −→ U ∈ B, there is a functor f ∗ : J (W )(U) −→ J (W )(R).This functor preserves on the nose the terminal object 1J (W )(U) ∈ J (W )(U) and thecartesian closed structure of J (W )(U);

• For projections U × V pV−→ U in B, each functor (J (W )(pU,V ) =)p∗U,V :J (U × V ) −→J (W )(U) has a right adjoint p∗V a ∀V ;

• For f :R −→ U be an arrow in B, for each L ∈ J (W )(U × V ) and U ∈ B we have

f ∗(∀VL) = ∀U((f × V )∗L)

We know have a semantic model where we are able to interpret formulae and proofs.However we wish to interpret consequence, to obtain a model which is able to do this, weperform the following construction on the fibres of the Kripke prestructure so that our newfibre contains as objects collections of objects from the Kripke prestructure (which we useto interpret formulae). The objects in the fibres of our Kripke structure can now be used tointerpret proofs and so the morphisms in our category will be used to interpret consequence.

Definition 6.5 (Kripke structures for LT ) Let J be a Kripke λΠ-prestructure,J : [W , [Bop,V ]]. A Kripke λΠ-structure on J is a functor

KJ : [W , [Bop,V]];

we begin by defining the category V as follows:

Objects: Categories built out of V = J (W )(E), with

Objects: Arrows

AfA,A−→ A

in V , where A = A1 × . . .× Am;

Arrows: Arrows

(AfA,A−→ A) −→ (B

fB,B−→ B)

are arrows Aµ−→ B in V , where B = B1 × . . .×Bn.

Arrows: Functors KJ (W )(f) :KJ (W )(Y ) −→ KJ (W )(X), where Xf−→ Y in B and J (W )(X)

and J (W )(Y ) are objects of the category V at world W . The functor has the followingproperties:

1. The functor KJ (W )(f) takes an object of KJ (W )(Y ), the arrow fC,C, and returnsan object in KJ (W )(X), which is the arrow:

KJ (W )(f)(fC,C) =n∏i=1

J (W )(f)(Ci)J (W )(f)(fC,C)−→ J (W )(f)(C).

71

Page 72: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

2. The functor KJ (W )(f) takes an arrow of KJ (W )(Y ), A1×. . .×Amµ−→ B1×. . .×

Bn, and returns the arrow ν = J (W )(f)(µ), where C1×. . .×Cmν−→ D1×. . .×Dn,

where J (W )(f)(Ai) = Ci for 1 ≤ i ≤ m and J (W )(f)(Bj) = Dj for 1 ≤ j ≤ n.2

Definition 6.6 (Kripke models of LT ) A Kripke model of the logic LT consists of a pair〈KJ , [[−]]−,ρKJ 〉, where KJ : [W , [Bop,V ]] is a Kripke structure for LT and the partial function

[[−]]−,ρKJ is an interpretation of LT in KJ , which is defined by induction on the structureof (i) terms, which are interpreted in B, and (ii) propositions, with variables in the setX = {x1 :S1, . . . , xm :Sm}, which are interpreted in the fibre over [[S1]]

w,ρKJ × . . . × [[Sm]]w,ρKJ .18

The terms are interpreted, exploiting the cartesian closed structure of B, as follows:

• Constants c of sort S are interpreted as arrows in B [[c]]w,ρKJ :1 −→ S;

• Variables x of sort S are interpreted as arrows in B [[x]]w,ρKJS −→ S;

• Functions f :S1 × . . .× Sn −→ S are interpreted as arrows [[f ]]w,ρKJS1 × . . .× Sn −→ Sin B;

• Tuples of terms are interpreted as arrows in B:

〈t1, . . . , tn〉 :A1 × . . .× Am −→ B1 × . . .×Bn,

where, for each 1 ≤ i ≤ n, x1 :A1, . . . , xm :Am `LTti :Bi;

• Term-formation by application is interpreted by function space application in B.

The connectives are interpreted, exploiting the cartesian closed structure, of the fibres asfollows:

(• Conjunction: if [[p1]]w,ρKJ = A1 in KJ (w)(X) and [[p2]]

w,ρKJ = A2 in KJ (w)(X), then

[[p1 ∧ p2]]w,ρKJ = A1 × A2 in KJ (w)(X);)

• Implication: if [[p1]]w,ρKJ = A1 in KJ (w)(X) and [[p2]]

w,ρKJ = A2 in KJ (w)(X), then

[[p1 ⊃ p2]]w,ρKJ = A2

A1 in KJ (w)(X);

• Universal: if [[p(x)]]w,ρKJ in KJ (w)(X, x :A), then [[∀x :A . p]]w,ρ\xKJ = ∀A[[p]]

W,ρ\xKJ in

KJ (w)(X).

We require, in order for the definition of interpretations by induction on the syntacticstructure of LT , the following syntactic monotonicity condition: if [[X]]w,ρKJ is defined, then so

is [[X ′]]w,ρKJ , for every subterm or subformula X ′ of X. We also require the following accessi-

bility condition: if there is an arrow wα−→ w′ in W, then J (w′)([[X]]w,ρKJ ) ' J (w′)([[X]]w

′,ρKJ )

and J (w)([[X]]w,ρKJ ) ' J (w)([[X]]w′,ρ

KJ ).19 2

18Note that if X = ∅, then [[φ(X)]]w,ρKJ

is an object of KJ (w)([[1]]w,ρKJ

).19Note that here X ranges over the whole syntax of LT sequents (cf. Definition 3.5).

72

Page 73: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Satisfaction in LT models follows a pattern similar to that for λΠ-models. However, sincethe base category is concerned only with terms, rather than with propositions as well, wecan begin with the satisfaction of propositions, rather than of consequences

Definition 6.7 (‖−-satisfaction) Let 〈KJ , [[−]]−,ρKJ 〉 be a Kripke model of LT . The satis-

faction (forcing) relation w, ρ ‖−KJT φ is defined, by induction on the structure of formulae,as follows:

• w, ρ ‖−KJT p(X) iff there exists an arrow 1f−→ [[p(X)]]w,ρKJ in KJ (w)([[S]]w,ρKJ ), where

X = {x1 :S1, . . . , xm :Sm} and S = S1 × . . .× Sm;

(• w, ρ ‖−KJT φ ∧ ψ iff w, ρ ‖−KJT φ and w, ρ ‖−KJT ψ;)

• w, ρ ‖−KJT φ⊃ψ iff, for all wf−→ w′, (w′, ρ[f ] ‖−KJT φ implies w′, ρ[f ] ‖−KJT ψ);

• w, ρ ‖−KJT ∀x :T . φ iff, for all wf−→ w′, all a ∈ [[T ]]w,ρKJ and terms t such that [[t]]w,ρKJ = a;

• w′, ρ[f ][x := a] ‖−KJT φ[t/x].

If Γ = φ1, . . . , φm, then we write w, ρ ‖−KJT Γ if, for each 1 ≤ i ≤ m, w, ρ ‖−KJT φi. We write

w, ρ ‖−KJT (Γ ` φ), or more commonly w, ρ,Γ ‖−KJT φ, if w, ρ ‖−KJT Γ implies w, ρ ‖−KJT φ. 2

The notion of satisfaction given in Definition 6.7 is a straightforward generalization ofthe informal one discussed above, formulated categorically. Moreover, it is monotone: if

w, ρ ‖−KJT φ, if wf−→ w′ and if [[φ]]

w′,ρ[f ]KJ is defined, then w′, ρ[f ] ‖−KJT φ. More economically

than Definition 6.7, we have the following characterization of satisfaction:

Lemma 6.8 (‖−-forcing via global sections) Let 〈KJ , [[−]]−,ρKJ 〉 be a Kripke model of LT ,let φ(X) be a proposition with variables in X of sorts S1, . . . , Sm and let S = S1 × . . .× Sm.Then w, ρ ‖−KJT φ(X) if and only if there is an arrow 1

m−→ [[φ(X)]]w,ρKJ in KJ (w)([[S]]w,ρKJ ).

Proof By induction on the structure of propositions.Let φ = ψ1 ∧ ψ2, by the induction hypothesis, we have arrows 1

m1−→ [[ψ1(X)]]w,ρKJ and

1m2−→ [[ψ2(X)]]w,ρKJ in KJ (w)([[S]]w,ρKJ ). Since KJ (w)([[S]]w,ρKJ ) is cartesian closed, it follows

that there is an arrow 1 −→ [[ψ1(X)]]w,ρKJ × [[ψ2(X)]]w,ρKJ . Conversely, given an arrow 1 −→[[ψ1(X)]]w,ρKJ × [[ψ2(X)]]w,ρKJ , there exist projections [[ψ1(X)]]w,ρKJ × [[ψ2(X)]]w,ρKJ

pi−→ [[ψi(X)]]w,ρKJsince KJ (w)([[S]]w,ρKJ is cartesian closed. We compose the arrows and obtain two arrows

1 −→ [[ψ1(X)]]w,ρKJ and 1 −→ [[ψ2(X)]]w,ρKJ .

Suppose φ = ψ1⊃ψ2. The induction hypothesis gives arrows 1m1−→ [[ψ1(X)]]w,ρKJ and

1m2−→ [[ψ2(X)]]w,ρKJ in KJ (w)([[S]]w,ρKJ ). Since KJ (w)([[S]]w,ρKJ ) is cartesian closed, it follows that

there is an arrow 1 × [[ψ1(X)]]w,ρKJ −→ [[ψ2(X)]]w,ρKJ in KJ (w)([[S]]w,ρKJ ). Consequently, there is

an arrow 1 −→ ([[ψ2(X)]]w,ρKJ )[[ψ1(X)]]w,ρ

KJ . But [[ψ1(X)⊃ψ2(X)]]w,ρKJ = ([[ψ2(X)]]w,ρKJ )[[ψ1(X)]]w,ρ

KJ .

73

Page 74: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Conversely, given an arrow 1 −→ [[ψ1(X)⊃ψ2(X)]]w,ρKJ , it follows immediately that the

existence of an arrow 1 −→ [[ψ1(X)]]w,ρKJ implies the existence of an arrow 1 −→ [[ψ2(X)]]w,ρKJ .

Let φ = ∀ x :T . ψ(X), by the induction hypothesis there exists an arrow 1m−→ [[ψ(X)]]w,ρKJ

in KJ (w)(X, x : T ). Since KJ (w)(X, x : T ) is cartesian closed, we can apply the adjoint

∀T and obtain an arrow 1 −→ ∀T [[ψ(X)]]w,ρ/xKJ in KJ (w)([[S]]w,ρKJ . Since [[∀ x :T . φ(X)]]

w,ρ/xKJ =

∀T [[φ(X)]]w,ρ/xKJ , we are done.

Conversely, suppose we are given the arrow 1 −→ [[∀ c :T . φ(X)]]w,ρ/xKJ , then we have an

arrow 1 −→ ∀T [[φ(X)]]w,ρ/xKJ by definition. Since KJ (w)([[S]]

w,ρ/xKJ ) is cartesian closed, there

also exists a left adjoint to p∗T and so we have an arrow 1 −→ [[φ(X)]]w,ρKJ (or an arrow which

is isomorphic to it) in KJ (w)([[S]]w,ρKJ ). 2

We readily obtain the following, by induction on the structure of proofs:

Proposition 6.9 (soundness for ‖−) Let 〈KJ , [[−]]−,ρKJ 〉 be any Kripke model of LT . If

Γ `T φ has a natural deduction proof, then, at every world w, we have w, ρ,Γ ‖−KJT φ.

Proof We proceed by induction on the structure of proofs.We assume that the last rule used was ⊃ I. So we have that w, ρ,Γ, ψ ‖−KJT φ, this means

that we have w, ρ ‖−KJT Γ and w, ρ ‖−KJT ψ imply w, ρ ‖−KJT φ. Since w, ρ ‖−KJT ψ holds, wehave an arrow 1 −→ [[ψ]]w,ρKJ and also an arrow 1 −→ [[φ]]w,ρKJ , so since we are in a cartesian

closed category, we have an arrow 1 −→ [[φ⊃ψ]]w,ρKJ and so we have that w, ρ,Γ ‖−KJT φ⊃ψ.

Assuming the last rule used was ⊃E, we have w, ρ,Γ ‖−KJT φ and w, ρ,Γ ‖−KJT φ⊃ψ bythe induction hypothesis. This means that we have arrows 1 −→ [[φ]]w,ρKJ and 1 −→ [[φ⊃ψ]]w,ρKJ ,

since we are in a cartesian closed category, we can recover the arrow 1 −→ [[ψ]]w,ρKJ and so

have w, ρ,Γ ‖−KJT ψ.

Let ∀ I be the last rule used. We have that w, ρ,Γ ‖−KJT φ holds by the induction hy-pothesis. We have an arrow 1 −→ [[φ]]w,ρKJ , which together with the side condition and thefact that we are in a cartesian closed category means we can apply the adjoint ∀S. Thus wehave an arrow 1 −→ [[∀ x :S . φ]]w,ρKJ and so w, ρ,Γ ‖−KJT ∀ x :T . φ.

Finally, we assume that the last rule applied was ∀ E. By the induction hypothesis,we have that w, ρ,Γ ‖−KJT ∀ x : S . φ, so there is an arrow 1 −→ [[∀ x :S . φ]]w,ρKJ , since weare in a cartesian closed category we can apply the right adjoint to pS and so obtain anarrow 1 −→ [[φ[t/x]]]w,ρKJ , with the substitution occurring to deal with the ρ/x normallyproduced. Since we are dealing with adjoints this arrow is up to isomorphism. We havew, ρ,Γ ‖−KJT φ[t/x] as required. 2

Call a set ∆ of propositions prime if ∆ is closed under `T .20 By a standard result([Dal94], Lemma 5.3.8, pp. 168–169), we can extend Γ to a prime Γ′ such that Γ′ 6`T φ.For this lemma, just as in the corresponding lemma for λΠ-models 4.5, we do not requiresuch a construction. This is because we will construct our model not out of propositional

20This is all we require of the usual definition of a prime theory [Dal94], which also requires disjunctionand existence properties, since we are only dealing with the {⊃ ,∀} fragment.

74

Page 75: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

consequences but out of the proof-objects which realize consequences: we consider, for eachΓ, all propositions φ and all proofs Φ such that Φ realizes, i.e., is a proof of, φ from Γ

We recall the definition of consistent merge, Definition 3.4. We use this to allow us tomerge contexts of different sorts without worrying about having the same sort occurringmultiple times.

Lemma 6.10 (model existence) There exists a Kripke model 〈KT , [[−]]−,ρKT 〉 of LT with a

world w0 such that if Γ 6`T φ, then w0, ρ ‖−KTT Γ and w0, ρ 6‖−TKT φ.

Proof We sketch the construction of 〈KT , [[−]]−,ρKT 〉, exhibiting w0, where T : [W , [Bop,V ]].The category B is defined as follows:

Objects: Contexts of the form x1 : S1, . . . , xm : Sm, for m ≥ 0 (m = 0 gives the unique emptycontext, 〈〉, the terminal object of B);

Arrows: Tuples of the form

x1 :S1, . . . , xm :Sm〈t1,...,tn〉−→ y1 :T1, . . . , yn :Tn

such that, for each 1 ≤ i ≤ n, x1 :S1, . . . , xm :Sm `LTti : Ti. (Terms ti will be of the

form fis1 . . . smi. In particular, a variable x of sort S arises as an arrow x :S

〈x〉−→ x :S.)

The category W of worlds is a category of collections of occurence markers:

Objects: Collections of occurence markers ∆ = ξ1 :φ1, . . . , ξn :φn where ξi marks the occurenceof φi;

Arrows: There is an arrow ∆ −→ ∆′ if and only if ∆ ⊂ ∆′.

Clearly, W can be viewed as a ‘posetal’ category of contexts ordered by inclusion, ∆ ⊆ ∆′.The choice of worlds as being collections of occurence markers means that we can talk abouta proof (X) φ1, . . . , φn `LT

φ as being true in a world if we have proofs of φ1, . . . , φn. Anoccurence marker corresponding to φ tells us that we have a proof of φ at that world.

At each object ∆ ofW and each object X of B, we define a category T (∆)(X) as follows:

T (∆)(Γ) =

Objects : Propositions φ such that the set of free variables in φ= X and ξ :φ ∈ ∆;

Arrows : Proofs φ(X)Φ−→ ψ(Y ) such that φ `Φ

T ψ.

Let φΦ−→ ψ and ψ

Ψ−→ χ be arrows.

Then φΦ;Ψ−→ χ is given by φ `Φ;Ψ

T χ.

(51)

At each object ∆ of W and each arrow Xf−→ Y of B, we must define the functor

f ∗(= T (∆)(f)) T (∆)(X) −→ T (∆)(Y ). As usual, e.g., [Law70, See83], this is given bysubstitution.

75

Page 76: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

At each arrow ∆→ ∆′ of W , we must define a natural transformation T (∆)τ

=⇒ T (∆′).As in the example constructed in Section 3.3, inclusions will do:

Γ T (∆)(Γ) ⊂τΓ- T (∆′)(Γ)

Γ′

t

?

T (∆)(Γ′)

T (∆)(t)

?⊂

τΓ′- T (∆′)(Γ′)

T (∆′)(t)

?

So far we have a Kripke prestructure, we now construct a Kripke structure KT . To dothis, we just have to define the category KT (∆)(X) since the category of worlds and thebase category are the same as in the prestructure. Given ∆ ∈ W and X ∈ B, we defineKJ (∆)(X) as follows:

Objects: Categories, where:

Objects: Arrows φ1 × . . .× φn −→ φ of T (∆)(X);

Arrows: Arrows (φ1 × . . .× φn −→ φ) −→ (ψ1 × . . .× ψn −→ ψ) exist if there is an arrowφ1,× . . .× φn −→ ψ1 × . . .× ψn in T (∆)(X);

with

Arrows: Functors KT (W )(f) :KT (∆)(X) −→ KT (∆)(Y ) where Yf−→ X ∈ B. These functors

are substitution on formulae determined by f ∗ defined above. They act in the followingway:

1. Given an object φ1 × . . .× φng−→ φ of KJ (∆)(X), the functor returns an arrow

of KJ (∆)(Y ) determined by f ∗, given by f ∗(φ1)× . . .× f ∗(φn)f∗(g)−→ f ∗(φ);

2. Given an arrow φ1× . . .× φnµ−→ ψ1× . . .×ψn of KJ (∆)(X) returns an arrow of

KJ (∆)(Y ) determined by f ∗, given by f ∗(φ1)× . . .× f ∗(φn)f∗(µ)−→ f ∗(ψ1)× . . .×

f ∗(ψn).

This construction corresponds to having the proof φ1, . . . , φn `LTφ in {∀, ⊃}-fragment

of minimal first-order logic and arrows are understood as that we can transform a proofφ1, . . . , φn `LT

φ to ψ1, . . . , ψn `LTψ if we have a proof from φ1, . . . , φ1 to ψ1, . . . , ψn but

does not mean we have a proof of ψ from φ. Functors just give substitution on each formulae.The interpretation [[−]]WKT should be intuitively clear from the construction so far. We see

that w, ρ,Γ ‖−T φ if and only if w, ρ,Γ ‖−T φ and that all the formulae in Γ have occurencemarkers in w. Taking w0 to be the empty world, we have that if Γ `LT

φ then w0, ρ,Γ ‖−T φ.2

76

Page 77: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Analogously to the first-order situation, cf. [Dal94] or § 4.2, we define Γ ‖−T φ as follows:Γ ‖−T φ, where Γ = φ1, . . . , φm, if, for all Kripke models 〈KJ , [[−]]−,ρKJ 〉 and all worlds w of

KJ , w, ρ ‖−KJT φi, for each 1 ≤ i ≤ m, implies w, ρ ‖−MT φ.

Theorem 6.11 (completeness for ‖−) Γ ‖−T φ if and only if Γ `T φ has a natural de-duction proof.

Proof

(only if) This is soundness.

(if) Suppose Γ 6`T φ. Then Lemma 6.10 yields a contradiction. 2

In the presence of conjunction, the formulation of satisfaction of propositions can alsobe extended to consequences as follows: if Γ = φ1, . . . , φm, then w, ρ,Γ ‖−KJT φ iff, for all

wf−→ w′, (w′, ρ[f ] ‖−KJT

∧∧Γ implies w′, ρ[f ] ‖−KJT φ), where

∧∧Γ = φ1 ∧ . . . ∧ φm.

Lemma 6.12 (satisfaction of consequences) Let 〈KJ , [[−]]−,ρKJ 〉 be any Kripke model of

LT . If Γ = φ1, . . . , φm, then w, ρ,Γ ‖−KJT φ if and only if for all wf−→ w′, (w′, ρ[f ] ‖−KJT

∧∧Γ

implies w′, ρ[f ] ‖−KJT φ), where∧∧

Γ = φ1 ∧ . . . ∧ φm.

Proof Let Γ = φ1, . . . , φm.

(⇒) Let wf−→ w′ and w′, ρ[f ] ‖−KJT

∧∧Γ. Then we have w′, ρ[f ] ‖−KJT φ by the monotonicity

of consequence.

(⇐) Let wf−→ w′ and if w′, ρ[f ] ‖−KJT

∧∧Γ holds then we have w′, ρ[f ] ‖−KJT φ. Since the

result holds for all f , we take f to be the identity map from w to w and so we havew, ρ ‖−KJT

∧∧Γ gives us w, ρ ‖−KJT φ. Sincew, ρ ‖−KJT

∧∧Γ holds, we know that there

exists an arrow 1m−→ [[

∧∧Γ]]w,ρ

KJin KJ (w)([[S]]w,rhoKJ , where S is the product of all the

sorts of the propositions in Γ. Thus we have that Γ = φ1, . . . , φm is an object in thebase category and that we are in the fibre over it. So there is an arrow 1

n−→ [[φ]]w,ρKJ in

KJ (w)([[Γ]]w,ρKJ ), which gives us w, ρ,Γ ‖−KJT φ as required. 2

In the above proof, we have exploited arrows with contextual targets to obtain the result.However, this is result does not exploit the internal logic because we have removed theunderlying language by allowing our contexts to be just lists of formulae and allowing themto also be present in the fibre over themselves. Thus we have to find a way to interpretconsequences using the internal logic.

Now we see that our models have enough structure to interpret not only the conse-quences but also the proofs, or realizers of consequences, of LT (see also [See87]) providedwe work with the Kripke structures rather than the Kripke prestructures we have used uptill now. Let x1 : S1, . . . , xm : Sm and let X denote the set of variables {x1, . . . , xm}. Letδ : (φ1(X), . . . , φm(X) ` φ(X)) be a natural deduction proof.

77

Page 78: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Let, for each 1 ≤ i ≤ m, [[φi]]w,ρKJ and also [[φ]]w,ρKJ be defined. If [[δ]]w,ρKJ , the interpretation

of δ, is defined, then it is an object

(i=m∏i=1

[[φi]]w,ρKJ )

[[δ]]w,ρKJ−→ [[φ]]w,ρKJ

in KJ (w)([[S]]w,ρKJ ), defined by induction on the structure of natural deduction proofs. We

write w, ρ ‖→MT δ : (Γ `T φ) if and only if

(i=m∏i=1

[[φi]]w,ρKJ )

[[δ]]w,ρKJ−→ [[φ]]w,ρKJ

is defined in KJ . We now prove soundness for ‖→.

Proposition 6.13 (soundness for ‖→) Let 〈KJ , [[−]]−,ρKJ 〉 be any Kripke model for LT . If

δ : (Γ `T φ) is a natural deduction proof then w, ρ ‖→KJT δ : (Γ `T φ).

Proof We proceed by induction on the structure of proofs.Firstly, we consider the case where δ is a leaf. Thus we have a proof δ : (Γ `T φ) where

φ ∈ Γ. Since KJ (w)(Γ) is Cartesian closed, then there exists a projection from∏i=m

i=1 [[φi]]wKJ

to [[φ]]wKJ , which is [[δ]]wKJ as required.We now assume that the last rule applied was ⊃ E. By the induction hypothesis, we

have (∏i=m

i=1 [[φi]]wKJ

[[δ1]]wKJ−→ φ⊃ψ and (∏i=m

i=1 [[φi]]wKJ )

[[δ2]]wKJ−→ φ. Since KJ (w)(Γ) is Cartesian

closed, we can use the evaluation functor to obtain an arrow (∏i=m

i=1 [[φi]]wKJ )

[[δ]]wKJ−→ ψ.

Let the last rule applied by ⊃ I. By the induction hypothesis, we have (∏i=m

i=1 [[φi]]wKJ ×

[[φ]]wKJ )[[δ1]]wKJ−→ ψ. Since KJ (w)(Γ) is Cartesian closed, we can uncurry to obtain an arrow

(∏i=m

i=1 [[φi]]wKJ )

[[δ]]wKJ−→ [[φ⊃ψ]]wKJ .Let ∀ E be the last rule applied. By the induction hypothesis, we have that

(∏i=m

i=1 [[φi]]wKJ )

[[δ1]]wKJ−→ [[∀x :A . φ]]wKJ . Since we interpret [[∀x :A . φ]]wKJ as ∀A[[φ]]wKJ , we can apply

the left adjoint to projection and obtain an object [[φ]]wKJ , or at least one isomorphic to it inthe fibre over Γ without x :A. We return to the fibre over Γ via a substitution induced bythe arrow in the base between Γ and the object Γ without x :A, this substitution is t for x,

where t :A. Thus we have an arrow (∏i=m

i=1 [[φi]]wKJ )

[[δ1]]wKJ−→ [[φ[t/x]]]wKJ .Finally, we assume that ∀ I is the last rule applied. Applying the induction hypothesis, we

have that (∏i=m

i=1 [[φi]]wKJ )

[[δ1]]wKJ−→ [[φ]]wKJ and we also have the side condition that x :A /∈ FV (Γ),this means that we can consider the whole thing to be happening in the fibre over Γ, x :A. We

can thus apply the functor ∀A and so obtain an arrow from (∏i=m

i=1 [[φi]]wKJ )

[[δ]]wKJ−→ [[∀x :A . φ]]wKJ .2

78

Page 79: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

We now produce a term model by construction. This model will be a Kripke structurebuilt out of the Kripke prestructure defined in Lemma 6.10. The construction is very similarto the construction of a Kripke structure in Section 3.3.

Lemma 6.14 (model existence) There exists a Kripke model 〈KT , [[−]]−,ρKT 〉 of LT with a

world w0 such that if there exists a proof δ : (Γ 6`T φ), then w0, ρ ‖→KJT δ : (Γ `T φ) and

w0, ρ 6‖→KTT φ.

Proof We present a suitable model by construction. We begin by defining a categoryV , where V is defined in Lemma 6.10. The objects of V are arrows (

∏i=mi=1 φi) −→ φ in V .

We have these objects since V is Cartesian closed. Arrows in V are arrows ((∏i=m

i=1 φi) −→φ) −→ ((

∏j=nj=1 ψj) −→ ψ) given by the arrow (

∏i=mi=1 φi) −→ (

∏j=nj=1 ψj) in V .

We now define the category V . The objects of this category are categories V definedabove. The arrows are functors KJ (w)(f) where f :Γ −→ Γ′ in B and the functor just takessections (

∏i=mi=1 φ

′i) −→ φ in KJ (w)(Γ′) to sections (

∏i=mi=1 φi) −→ φ in KJ (w)(Γ).

Finally, we sketch the interpretation which is the one suggested from the syntax in themodel and is just a development of the one sketched in Lemma 6.10. We interpret a natural

deduction proof δ : (φ1, . . . , φm ` φ) as an object (∏i=m

i=1 [[φi]]w,ρKJ )

[[δ]]w,ρKJ−→ [[φ]]w,ρKJ in KJ (w)([[S]]w,ρKJ ),

where S = S1× . . .×Sm, X = {x1, . . . , xm}, the syntactic variables contained in φ1, . . . , φn, φand we have x1 :S1, . . . , xm :Sm with w containing occurence markers for φ1, . . . , φn.

It follows from the definition of ‖→ that we have that δ : (Γ `T φ) is a natural deductionproof if and only if w0, ρ ‖→KJ

T δ : (Γ `T φ) thus setting w0 = 〈〉 gives the result. 2

We now have a completeness result for ‖→.

Theorem 6.15 (completeness for ‖→) ‖→ δ : (Γ `T φ) if and only if δ : (Γ `T φ) is anatural deduction proof.

Proof

(only if) This is soundness.

(if) Suppose δ : (Γ `T φ) is not a natural deduction proof. Then Lemma 6.14 yields acontradiction. 2

6.4 The propositions-as-types isomorphism

Finally, we are now able to set up what we shall call the propositions-as-types isomorphism,an indexed isomorphism between suitable Kripke models, induced by the propositions-as-types correspondence.

We begin with the notion of an indexed functor, between indexed categories.

Definition 6.16 (indexed functors) Let F :Aop −→ C and G :Bop −→ C be strict indexedcategories. An indexed functor from F to G consists of a pair τ = (β, ε) in which β :A −→ B

79

Page 80: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

is a functor and ε :F =⇒ βop;G is a natural transformation. We extend this definition tofunctors F : [W , [Aop, C]] and G : [X , [Bop, C]]. An indexed functor from F to G consists of atriple

τ = (α, β, (εw)w∈W),

where α :W −→ X , β :A −→ B are functors and, for each object w of W, εw :F(w) =⇒βop;G(α(w)) is a natural transformation such that for each f :v −→ w in W, the diagram

v F(v) =====εv ⇒ βop; G(α(v))

w

f

?F(w)

F(f) �wwwwwwww

=====εw⇒ βop; G(α(w))

G(α(f))�wwwwwwww

commutes. 2

Definition 6.17 (indexed isomorphisms) An indexed functor τ = (β, ε) is an indexedisomorphism if β is an isomorphism and ε is a natural isomorphism. An indexed functorτ = (α, β, (εw)w) is an indexed isomorphism if α and β are isomorphisms and each εw is anatural isomorphism. 2

In general, we are going to have examples where the indexed categories are of the formF : [W , [Aop, C]] and G : [X , [Bop,D]] and so we need to generalize the definition of indexedfunctor and indexed isomorphism to the following.

Definition 6.18 (generalized indexed functors) Let F :Aop −→ C and G : Bop −→ Dbe strict indexed categories. A generalized indexed functor from F to G consists of a tripleτ = (β, γ, ε) in which β : A −→ B and γ : C −→ D be functors and ε : F ; γ =⇒ βop;Gis a natural transformation. We extend this definition to functors F : [W , [Aop, C]] andG : [X , [Bop,D]]. A generalized indexed functor from F to G consists of a quadruple

τ = (α, β, γ, (εw)w∈W),

where α :W −→ X , β : A −→ B, γ : C −→ D be functors and, for each object w of W,εw :F(w); γ =⇒ βop;G(α(w)) is a natural transformation such that for each f :v −→ w, thediagram

v F(v); γ ====εv ⇒ βop; G(α(v))

w

f

?F(w); γ

F(f) �wwwwwwww

====εw⇒ βop; G(α(w))

G(α(f))�wwwwwwww

commutes. 2

80

Page 81: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Similarly, we generalize the definition of indexed isomorphisms.

Definition 6.19 (generalized indexed isomorphisms) A generalized indexed functorτ = (β, γ, ε) is a generalized indexed isomorphism if β and γ are isomorphisms and ε isa natural isomorphism. A generalized indexed functor τ = (α, β, γ, (εw)w) is a generalizedindexed isomorphism if α, β and γ are isomorphisms and each εw is a natural isomorphism.2

Definition 6.20 (category of models) 21 We define the categoryM of models as follows:

Objects: Each object of M is either an equational Kripke Σ-λΠ-model, KJ , or a Kripke LT -model, RS ;

Arrows: There are four cases:

1. An arrow〈KJ , [[−]]−KJ 〉

h−→ 〈K′J ′ , [[−]]−K′J ′ 〉

is given by a generalized indexed functor (α, β, γ, (εw)w) :KJ −→ K′J ′ such that

if αw = w′, then h([[X]]wKJ ) = [[X]]w′

K′J ′;

2. An arrow〈RS , [[−]]−,ρRS 〉

h−→ 〈R′S′ , [[−]]−,ρ

R′S′〉

is given by a generalized indexed functor (α, β, γ, (εx)x) :RS −→ R′S′ such that if

αx = x′, then h([[X]]x,ρR′S′) = [[X]]x

′,ρ′

R′S′;

3. An arrow〈KJ , [[−]]−KJ 〉

h−→ 〈RS , [[−]]−,ρRS 〉

is given by a generalized indexed functor (α, β, γ, (εw)w) :KJ −→ RS such that ifαw = x, then h([[{{X}}T ]]wKJ ) = [[X]]x,ρRS ;

4. An arrow

〈RS , [[−]]−,ρRS 〉h−→ 〈KJ , [[−]]−KJ 〉

is given by a generalized indexed functor (α, β, γ, (εx)x) :RS −→ KJ such that ifαx = w, then h([[X]]x,ρRS ) = [[{{X}}T ]]wKJ . 2

Let 〈KJ , [[−]]−KJ 〉 and 〈RS , [[−]]−,ρRS 〉 be objects of M. A morphism h between them isan isomorphism of models if it is an indexed isomorphism such that, abusing notation byallowing X to range over all of the syntax of LT and suppressing information about worlds,

h([[{{X}}T ]]KJ ) = [[X]]RS .

It is important that we are able to compare the relationship between consequences inthe internal logic LT and the consequences of the Kripke λΠ-model. The reason for this

21Notation: to avoid confusion, we use RS , etc., for first-order models.

81

Page 82: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

is that we are not just concerned about the existence of proofs of formulae in the logic,we are concerned with the transformations of these proofs, i.e the consequences of the logic.Comparing the relationship between these consequences will allow us to prove general resultsabout the internal logic and capture the subtlety of the consequences of it.

When we introduced the Kripke model of the internal logic, we noted that even thoughwe where dealing with the {∀, ⊃}-fragment of minimal intuitionistic logic, we still hadconjunction since we were working with cartesian closed categories. We were thus able torepresent conjunction as product in these categories in the usual way. When we show theisomorphism between the models of the internal logic and those of λΠ, it is natural to askwhat happens to conjunction. Conjunction can be interpreted as a constant in the typetheory, ∧ : o −→ o −→ o and thus we do not need to have a product in the fibres of themodel of λΠ.

The {∀, ⊃}-fragment of minimal first-order intuitionistic logic is not dependent in thefollowing sense, propositions do not depend on proof variables. This means that in certainsubcategories • will turn out to be symmetric and a categorical product. We exploit thesesubcategories in the following proof.

GENERALITY OF STRUCTURE OF PROOFS, OPEN TERMS, FRIEDMAN.

Proposition 6.21 (propositions-as-types isomorphism) Let T be a theory of the{⊃ ,∀}-fragment of minimal first-order logic and let 〈KJ , [[−]]−KJ 〉, where KJ : [W , [Dop,V]],be a Kripke ΣLT

-λΠ-model, where ΣLTis the λΠ-signature in propositions-as-types correspon-

dence with LT . Then there is a a Kripke LT -model, 〈RS , [[−]]−,ρRS 〉, where RS : [X , [Eop,U]],together with a (generalized indexed) isomorphism of models,

h = (α, β, γ, (εw)w) :KJ ∼= RS ,

induced by the propositions-as-types correspondence, which respects the interpretation of syn-tax. Specifically, abusing notation by allowing X to range over all of the syntax of LT andsuppressing information about worlds, if [[X]]xRS and [[{{X}}T ]]WKJ are defined, then

h([[{{X}}T ]]KJ ) = [[X]]RS .

Proof Given 〈KJ , [[−]]−KJ 〉, we sketch the construction of 〈RS , [[−]]−,ρRS 〉, together withan isomorphism of models h.

• We take X =W with α = 1W . Thus α is an isomorphism.

• We take E to be the subcategory of D which has all pullbacks. In this subcategory • issymmetric and thus a product. Since this subcategory has all pullbacks and a terminalobject, it is cartesian closed.

We take β to be subcategory restriction. We require β to be an isomorphism. We haveto show that D does not contain any more objects than E . This is true in this casesince LT is first-order and so ΣLT

-λΠ has all pullbacks.

82

Page 83: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

• We take U to be the subcategory of V with objects being the categories with objects

of the form AfA,A−→ A. The arrows are obtained by the obvious restrictions.

We take γ to be subcategory restriction. Again, it turns out that γ is an isomorphismbecause we are modelling ΣLT

-λΠ which will be of this form.

• It remains to show that we have an εw which is a natural isomorphism. We define foreach w ∈ W , εw to be a natural transformation between KJ (w); γ and βop;RS(w),since α is the identity. Applying γ to KJ (w) produces a functor Dop −→ U andsimilarly for the other functor. Given an object D ∈ Dop, we assign it an arrowεwD : KJ (w); γD −→ βop;RS(w)D; the identity arrow. This will mean that εw is anatural transformation and similarly a natural isomorphism.

• Finally, we have to show the correspondence between the two interpretations. Thisfollows from the propositions-as-types correspondence. An argument using inductionis required. The case for a variable is clear and context extension follows from noticingthat • is a product. The interpretation of proofs follows from the construction ofKripke structures out of prestructures and the restriction to the case where the righthand side is a single object.

2

We call the isomorphism constructed in Proposition 6.21 the propositions-as-types iso-morphism.

In the above proof, we argued that β and γ were isomorphisms because the signaturefor λΠ had come from a first-order logic and restricted to a non-dependent version of theKripke λΠ-model. The dependent Kripke λΠ-model is also a model for ΣLT

-λΠ and we haverestricted to the case with only the required structure so that we get an isomorphism.

Next, we show as a corollary of the existence of the propositions-as-types isomorphism,that a model of the representation of an object-logic can be uniformly constructed from amodel of the object-logic. This result is inspired by one of Simpson [Sim93], in the sequel,we provide a generalized version of Simpson’s result.

Corollary 6.22 (induced models) Let LT be a theory of the {∀, ⊃}-fragment of minimalfirst-order logic and let 〈RS , [[−]]ρ,−RS 〉, where RS : [X , [Eop,U]], be a Kripke LT -model. Let ΣLT

be the λΠ-signature in propositions-as-types correspondence with LT . Then there is a KripkeΣLT

-λΠ-model, 〈KJ , [[−]]−KJ 〉, where KJ : [W , [Dop,V]], induced by the correspondence.

Proof We notice that in the previous proposition, that the restricted subcategorieswhich were isomorphic were also Kripke λΠ-models. We then just view a Kripke LT -model asa special case of a Kripke λΠ-model and so we have our induced structure. The propositions-as-types correspondence deals with the interpretation. 2

To finish off this section, we prove a representation theorem, while this result is alreadyknown, we are more concerned with how the proof proceeds. We emphasise how ‘easy’ thisproof is in our set-up, in particular the faithfulness direction, which is traditionally seen ashard.

83

Page 84: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Theorem 6.23 (representation) Given a proof Φ of φ then

Φ: (X) φ1, . . . , φn `LTφ

if and only ifΓX , x1 :φ1, . . . , xn :φn `ΣLT

MΦ :φ

and there is a bijection between proofs in LT and proof terms in ΣLT-λΠ.

Proof Proposition 6.2 tells us that given a proof Φ of φ in LT , there exists a corre-sponding proof term MΦ in λΠ in the correct context.

The other direction follows from the propositions-as-types isomorphism. By the com-pleteness of Kripke λΠ-models (Theorem 4.17), we have that the derivation of a term MΦ

corresponds to Γ |=ΣLTMΦ : φ in the Kripke λΠ-model. Note that we have collapsed the

contexts. The propositions-as-types isomorphism gives us that there is a corresponding ex-pression in the Kripke LT -model and by the completeness of Kripke LT -models (Theorem6.11), this corresponds to a proof in LT of φ. The bijection is a consequence of the aboveargument. 2

The above result provides motivation for the general representation theorems presentedin the sequel. The reason for setting up Kripke models in the way we have is so thatrepresentation theorems are straightforward to prove and can be done so in a uniform way.

6.5 Kripke models vs. classical models

We conclude the technical work of this paper with a reconstruction, in the dependently typedsetting, of a simple but pleasing result formulated for models of the simply typed λ-calculusby Mitchell and Moggi [MM91].

We need to extend the internal logic LT to include negation. We do this in a standard,semantic, way by introducing a proposition ⊥ such that, for every model KJ of LT and everyworld w,

w, ρ 6‖−TKJ⊥,

i.e., there is no model KJ with any world w in which there is an arrow 1[[X]]w,ρKJ−→ [[⊥]]w,ρKJ ,

for any set of variables X. We then define the usual intuitionistic negation ¬φ =def φ ⊃ ⊥.In order to establish that there are Kripke models which do not arise as a Kripke quotient

of and classical model, we shall not need to go beyond models that are based on our (set-theoretic) applicative structures. Moreover, we shall restrict our attention to applicativestructures without families, as in § 5. The consequence of this restriction, from the point ofview of LT , is that we are able to interpret not consequences but just propositions. However,we must recall that such models admit the usual (typed) first-order existential quantifier;i.e., for LT , the existential quantifier can be interpreted, at each variable x :S, as a functorthat is left adjoint to the inverse image of the projection [[X, x :S]]

p−→ [[X]], and for λΠ, theexistential quantifier can be interpreted as a functor that is left adjoint to the inverse imageof the projection [[Γ, x :S]]

p−→ [[Γ]].

84

Page 85: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

Theorem 6.24 (Kripke models are non-classical) There is an equational KripkeΣ-λΠ=-applicative structure U which is not elementarily equivalent to any V/R, where V isany equational Σ-λΠ=-applicative structure and R is any Kripke Σ-λΠ=-partial equivalenceR on V.

The idea of the proof is to give a proposition in the internal logic of λΠ, extended with⊥ as described above, which is valid in all quotients V/R but which is not valid in every U .We want the proposition to be the classical assertion that

¬¬p⊃ p,

so it will hold in all the classical quotients but not the non-classical Kripke Σ-λΠ=-applicativestructure. Thus, we exploit the classical and non-classical aspects of the different models toobtain our proof.

Proof We define φ as being the proposition standing for if ¬(∃x : A . x = x) and¬¬(∃x : A⊃B . x = x) then (∃x : A⊃B . x = x). This proposition holds in all quotientsV/R, since these are classical by Lemma 5.6. We now construct a Kripke Σ-λΠ=-applicativestructure U where this does not hold.

We take W to be the poset containing two elements 0 < 1. We follow the example afterDefinition 5.2 and take the context over 0 as being y :A, z :B and the develop the rest of thestructure over this context as per the example. Thus we have that ¬¬(∃x :A⊃B . x = x)at 0. We now take the structure over 1 and the context y :A, z :B as only containing closedλ-terms proved from the context y :A, z :B. Thus we have that ∃x :A⊃B . x = x does nothold at 1 and so the proposition φ does not hold in U . 2

7 Discussion

In this paper, we have introduced the λΠ-calculus and developed a categorical semantics forit. We have shown this semantics to be sound and complete with respect to two differentnotions of satisfaction. These two notions of satisfaction allow us to study the relationshipbetween formulae and their proofs and consequence within the internal logic.

We introduce the appropriate notion of logical relations and prove the fundamental forthem. In particular, we define partial equivalent relations using the techniques presented in[MM91] and show that the results presented therein carry through to our presentation of thematerial.

Finally, we show that the the Kripke models introduced can be adapted for the {∀, ⊃}fragment of minimal intuitionistic first-order logic and that the propositions-as-types cor-respondence induces an isomorphism of models which we call the propositions-as-types iso-morphism. In fact, we have shown that the judgements-as-types encoding which we willintroduce in the next paper is ’isomorphic’ to the propositions-as-types correspondence inthe case of intuitionistic logic,

Summary, with remarks on weaknesses and extensions.

85

Page 86: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

The second paper in this sequence introduces the LF logical framework. We will see thata logical framework is a language together with a representation. The language used willbe the λΠ-calculus we have introduced in this paper. The paper will be concerned withdeveloping a theory of representation for a general logic presented in a uniform way. TheKripke structures presented in this paper provides a semantics for the meta-logic of LF andprovides a notion of truth which will allow us to prove general results about encodings (andrepresentations) of object-logics in a logical framework.

The third paper in this sequence looks at considering the semantics of the λΠ-calculusas a logic programming language. It considers the λΠ-calculus as a system of first-orderdependent function types and as a presentation of the {∀, ⊃} fragment of minimal first-order predicate logic with proof objects. The paper shows that all the usual results of logicprogramming can be applied to the semantics of the λΠ-calculus while taking into accountthat a wide variety of logics can be encoded into it.

Attack the usefulness/point of ‘adequate representation’ Flag work on ‘judged logic’ andits encoding.

Lipton — Kripke semantics and semantics of logic programming. Semantics ofpropositions-as-types gives some kind of an account of the relationship between my view andLipton’s view. Can one see whether the connection is essentially syntactic or semantic ?Acknowledgements. The authors are grateful to S. Abramsky, M. Collinson, D. Galmiche,R. Harper, F. Honsell, G. Huet, M. Hyland, J. Lipton, G. McCusker, E. Moggi, P. O’Hearn,G. Plotkin, A.J. Power, E. Ritter, E. Robinson, A. Simpson, T. Streicher, P. Taylor andL. Wallen for their comments on various aspects of this work.

References

[AHMP92] Arnon Avron, Furio Honsell, Ian Mason, and Randy Pollack. Used typed lambdacalculus to implement formal systems on a machine. Journal of Automated Rea-soning, 9:309–354, 1992.

[Bar93] Henk Barendregt. Lambda calculi with types. In Handbook of Logic in ComputerScience, volume 2. Oxford University Press, 1993.

[Car86] John Cartmell. Generalised algebraic theories and contextual categories. Annalsof Pure and Applied Logic, 32:209–243, 1986.

[Car90] John Cartmell. Generalised Algebraic Theories and Contextual Categories. PhDthesis, University of Oxford, 1990.

[Coq90] Thierry Coquand. A proof of strong normalization for the theory of constructionsusing a kripke-like interpretation, May 1990. Lecture given at the First Workshopon Logical Frameworks, Sophia-Antipolis, France.

[Daa80] Diedrik T. Van Daalen. The Language Theory of AUTOMATH. PhD thesis,Technical University of Eindhoven, 1980.

86

Page 87: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

[Dal94] Dirk Van Dalen. Logic and Structure. Springer, 1994.

[Dyb95] Peter Dybjer. Internal type theory. In BRA TYPES workshop. Springer LNCS,1995.

[Ehr88] Thomas Ehrhard. A categorical semantics of constructions. In Logic in ComputerScience, pages 264–273. IEEE, Computer Science Press, 1988.

[Fel91] Amy Felty. Encoding dependent types in an intuitionistic logic. In GordonPlotkin and Gerard Huet, editors, Logical Frameworks. Cambridge UniversityPress, 1991.

[Har88] Robert Harper. An equational formulation of lf. Technical report, University ofEdinburgh, 1988. LFCS report ECS-LFCS-88-67.

[Hay85] Susumu Hayashi. Adjunction of semifunctors: categorical structures in non-extensional lambda calculus. Theoretical Computer Science, 41:95–104, 1985.

[HHP87] Robert Harper, Furio Honsell, and Gordon Plotkin. A framework for defininglogics. In Proceedings 2nd Annual IEEE Symp. on Logic in Computer Science,LICS’87, Ithaca, NY, USA, 22–25 June 1987, pages 194–204. IEEE ComputerSociety Press, New York, 1987.

[HHP93] Robert Harper, Furio Honsell, and Gordon Plotkin. A framework for defininglogics. Journal of the Association for Computing Machinery, 40(1):143–184,1993.

[Hof96] Martin Hofmann. Syntax and semantics of dependent types. In A. Pitts andP. Dybjer, editors, Semantics and Logics of Computation. Cambridge UniversityPress, 1996.

[HS86] J. Roger Hindley and Jonathan P. Seldin. Introduction to Combinators andλ-Calculus. Cambridge University Press, 1986.

[HST94] Robert Harper, Donald Sannella, and Andrzej Tarlecki. Structured theory pre-sentations and logic representations. Annals of Pure and Applied Logic, 67(1-3):113–160, 1994.

[IP02] Samin Ishtiaq and David J. Pym. Dependently-typed, bunched λ-calculus. Jour-nal of Logic and Computation, 12(6):1061–1104, 2002.

[Jac91] Bart Jacobs. Categorical Type Theory. PhD thesis, University of Nijmegen, 1991.

[Jac93] Bart Jacobs. Comprehension categories and the semantics of type dependency.Theoretical Computer Science, 107:179–207, 1993.

[Jac99] Bart Jacobs. Categorical Logic and Type Theory. Elsevier, 1999.

87

Page 88: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

[Kri63] Saul A. Kripke. Semantical analysis of modal logic I. Zeitschrift fur mathematicheLogik und Grundlagen der Mathematik, 16:83–94, 1963.

[Kri65] Saul Kripke. Semantical analysis of intuitionistic logic. In Formal Systems andRecursive Functions, pages 92–130. North-Holland Publishing Company, 1965.

[Law70] William Lawvere. Equality in hyperdoctrines and comprehension schema as anadjoint functor. In Proceedings of the American Mathematical Society Symposiumon Pure Mathematics XVII, pages 1–14, 1970.

[Mac69] Saunders Mac Lane. Categories for the Working Mathematician. Springer, 1969.

[McL92] Colin McLarity. Elementary Categories, Elementary Toposes. Oxford UniverssityPress, 1992.

[Mey82] Albert R. Meyer. What is a model of the lambda calculus? Information andControl, 52:87–122, 1982.

[ML82] Per Martin-Lof. On the meanings of the logical constants and the justificationsof the logical laws, 1982.

[ML87] Per Martin-Lof. Truth of a proposition, evidence of a judgement, validity of aproof. Synthese, 73:407–420, 1987.

[MM68] John C. Mitchell and Eugenio Moggi. Kripke-style models for typed lambdacalculus. In LICS, 1968.

[MM91] John C. Mitchell and Eugenio Moggi. Kripke-style models for typed lambdacalculus. Annals of Pure and Applied Logic, 51:99–124, 1991.

[MM92] Saunders Mac Lane and Ieke Moerdijk. Sheaves in Geometry and Logic. Springer,1992.

[Pit00] Andrew M. Pitts. Categorical logic. In S. Abramsky, D. M. Gabbay, and T. S. E.Maibaum, editors, Handbook of Logic in Computer Science, Volume 5. Algebraicand Logical Structures, chapter 2, pages 39–128. Oxford University Press, 2000.

[Plo80] Gordon Plotkin. Lambda-definability in the full type hierarchy. In To H. B.Curry: Essays on Combinatory Logic, Lambda Calculus and Formalism, pages363–374. Academic Press, 1980.

[Pym90] David J. Pym. Proofs, Search and Computation in General Logic. PhD thesis,University of Edinburgh, 1990.

[Pym95] David J. Pym. A note on the proof theory of the λΠ-calculus. Studia Logica,54:199–230, 1995.

88

Page 89: Functorial Kripke-Beth-Joyal models of the λΠ-calculus I ...

[Pym01a] David J. Pym. Functorial kripke-beth-joyal models of the λΠ-calculus II: the LFlogical framework. www.cs.bath.ac.uk/~pym/kripke2.ps, 2001.

[Pym01b] David J. Pym. Notes towards a semantics for proof-search. In Didier Galmiche,editor, Type-theoretic Languages: Proof-search and Semantics, ENCTS 37, 2001.

[Rit92] Eike Ritter. Categorical Abstract Machines for Higher-Order Typed Lambda Cal-culi. PhD thesis, University of Cambridge, 1992.

[Rit94] Eike Ritter. Normalization for typed lambda calculi with explicit substitution.In Proceedings of the 1993 Annual Conference of the European Association forComputer Science Logic, pages 295–304. Lecture Notes in Computer ScienceNo. 832, Berlin, Heidelberg, New York, 1994.

[RP95] Eike Ritter and Andrew M. Pitts. A fully abstract translation between a λ-calculus with reference types and Standard ML. In 2nd Int. Conf. on TypedLambda Calculus and Applications, Edinburgh, 1995, volume 902 of Lecture Notesin Computer Science, pages 397–413. Springer-Verlag, Berlin, 1995.

[Sal90] Anne Salvesen. A proof of the church-rosser property for the edinburgh LFwith η-conversion, May 1990. Lecture given at the First Workshop on LogicalFrameworks, Sophia-Antipolis, France.

[See83] Robert A. Seely. Hyperdoctrines, natural deduction, and the beck condition.Zeitschrift fur Mathematik Logic und Grundlagen, 29:505–542, 1983.

[See87] Robert A. Seely. Categorical semantics for higher order polymorphic lambdacalculus. Journal of Symbolic Logic, 52:969–989, 1987.

[Sim93] Alex Simpson. Kripke semantics for a logical framework. http://homepages.

inf.ed.ac.uk/als/Research/kripke.ps.gz, 1993.

[SNP90] Jan Smith, Bengt Nordstrom, and Kent Petersson. Programming in Martin-Lof ’sType Theory. Oxford University Press, 1990.

[Sta85] Richard Statman. Logical relations and the typed lambda-calculus. Informationand Control, 65:85–97, 1985.

[Str89] Thomas Striecher. Completeness and Correctness of a Categorical Semantics ofthe Calculus of Constructions. PhD thesis, University of Passau, 1989.

[Tro73] Anne Troelstra. Metamathematical investigations of intuitionistic arithmeticsand analysis. Lecture Notes in Mathematics 344. Springer-Verlag, 1973.

89