assume

Using the assume rule gives the leaf nodes of the proof trees. It allows any judgement to be shown to have veracity from exactly that assumption in the list of assumptions.

Lemma assume_example :
  proofTreeOf [(e \by a1 @ (1 # 3) \in c1)] (e \by a1 @ (1 # 3) \in c1).
proofTreeOf [e \by a1 @ 1 # 3 \in c1]
  e \by a1 @ 1 # 3 \in c1
Proof.
proofTreeOf [e \by a1 @ 1 # 3 \in c1]
  e \by a1 @ 1 # 3 \in c1
apply assume.
Defined.

Eval compute in (showForProofTree assume_example).
= "\begin{prooftree}\AxiomC{$ C_{1} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e^{a_{1}}_{\frac{1}{3}} \in C_{1} \vdash_{} e^{a_{1}}_{\frac{1}{3}} \in C_{1} $}\end{prooftree}"
: string

Eval compute in (showForNaturalLanguage assume_example).
     = "

- Assuming claim 1 is supported by $e$ at weight 1/3 which actor 1 uses then claim 1 is supported by $e$ at weight 1/3 which actor 1 uses, because
  - claim 1 is a veracity claim.
- by assumption.

"
     : string
Eval compute in (showForLogSeq assume_example).
     = "

### Veracity proof that claim 1 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
  - claim 1 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
    collapsed:: true
    - Assumptions made:
      collapsed:: true
      - claim 1 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
    - Logical rule used: we assume this
  - Atomic evidence is abbreviated as follows:
    collapsed:: true
    - e = atomic evidence e

"
     : string

Note that when viewing this as an HTML page, you can click on most Coq commands to fold/unfold the output.

bot_elim

bot_elim allows us to conclude any claim from evidence for the claim that should never have veracity, \(\bot\).

Lemma bot_elim_example :
  proofTreeOf [(eB \by a1 @ (1 # 3) \in _|_)] (eB \by a1 @ (1 # 3) \in (c1 \/' c2)).
proofTreeOf [eB \by a1 @ 1 # 3 \in _|_]
  eB \by a1 @ 1 # 3 \in (c1 \/' c2)
Proof.
proofTreeOf [eB \by a1 @ 1 # 3 \in _|_]
  eB \by a1 @ 1 # 3 \in (c1 \/' c2)
apply bot_elim.
proofTreeOf [eB \by a1 @ 1 # 3 \in _|_]
  eB \by a1 @ 1 # 3 \in _|_
apply assume.
Defined.

Eval compute in (showForProofTree bot_elim_example).
= "\begin{prooftree}\AxiomC{$ \bot \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ eB^{a_{1}}_{\frac{1}{3}} \in \bot \vdash_{} eB^{a_{1}}_{\frac{1}{3}} \in \bot $} \RightLabel{ $ \bot^{-} $} \UnaryInfC{$ eB^{a_{1}}_{\frac{1}{3}} \in \bot \vdash_{} eB^{a_{1}}_{\frac{1}{3}} \in (C_{1} \vee C_{2}) $}\end{prooftree}"
: string

Eval compute in (showForNaturalLanguage bot_elim_example).
     = "

- Assuming impossible is supported by $eB$ at weight 1/3 which actor 1 uses then (claim 1 or claim 2) is supported by $eB$ at weight 1/3 which actor 1 uses, because
  - Assuming impossible is supported by $eB$ at weight 1/3 which actor 1 uses then impossible is supported by $eB$ at weight 1/3 which actor 1 uses, because
    - impossible is a veracity claim.
  - by assumption.
- by the logical principle of explosion.

"
     : string
Eval compute in (showForLogSeq bot_elim_example).
     = "

### Veracity proof that (claim 1 or claim 2) is held by actor 1 by the evidence $eB$ at weight $\frac{1}{3}$
  - (claim 1 or claim 2) is held by actor 1 by the evidence $eB$ at weight $\frac{1}{3}$
    collapsed:: true
    - Assumptions made:
      collapsed:: true
      - impossible is held by actor 1 by the evidence $eB$ at weight $\frac{1}{3}$
    - Logical rule used: the principle of explosion
      - Sub-proof:
        - impossible is held by actor 1 by the evidence $eB$ at weight $\frac{1}{3}$
          collapsed:: true
          - Assumptions made:
            collapsed:: true
            - impossible is held by actor 1 by the evidence $eB$ at weight $\frac{1}{3}$
          - Logical rule used: we assume this
  - Atomic evidence is abbreviated as follows:
    collapsed:: true
    - eB = evidence for bottom

"
     : string

and_intro

and_intro combines two proof trees, taking the minimum weight of the two as the weight for the resulting conjunction.

Lemma and_intro_example : proofTreeOf [(e1 \by a1 @ (1 # 3) \in c1); (e2 \by a1 @ (1 # 2) \in c2)] ({{e1,e2}} \by a1 @ (1 # 3) \in (c1 /\' c2)).
proofTreeOf
  [e1 \by a1 @ 1 # 3 \in c1; e2 \by a1 @ 1 # 2 \in c2]
  {{e1, e2}} \by a1 @ 1 # 3 \in (c1 /\' c2)
Proof.
proofTreeOf
  [e1 \by a1 @ 1 # 3 \in c1; e2 \by a1 @ 1 # 2 \in c2]
  {{e1, e2}} \by a1 @ 1 # 3 \in (c1 /\' c2)
apply and_intro with (w1:=(1#3)) (w2:=(1#2)) (Ps:=[e1 \by a1 @ 1 # 3 \in c1]) (Qs:=[e2 \by a1 @ 1 # 2 \in c2]).
([e1 \by a1 @ 1 # 3 \in c1] ++
 [e2 \by a1 @ 1 # 2 \in c2] ==?
 [e1 \by a1 @ 1 # 3 \in c1; e2 \by a1 @ 1 # 2 \in c2]) =
true
1 # 3 = Qmin (1 # 3) (1 # 2)
proofTreeOf [e1 \by a1 @ 1 # 3 \in c1]
  e1 \by a1 @ 1 # 3 \in c1
proofTreeOf [e2 \by a1 @ 1 # 2 \in c2]
  e2 \by a1 @ 1 # 2 \in c2 1-2: reflexivity.
proofTreeOf [e1 \by a1 @ 1 # 3 \in c1]
  e1 \by a1 @ 1 # 3 \in c1
proofTreeOf [e2 \by a1 @ 1 # 2 \in c2]
  e2 \by a1 @ 1 # 2 \in c2
apply assume.
proofTreeOf [e2 \by a1 @ 1 # 2 \in c2]
  e2 \by a1 @ 1 # 2 \in c2
apply assume.
Defined.

Eval compute in (showForProofTree and_intro_example).
= "\begin{prooftree}\AxiomC{$ C_{1} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e1^{a_{1}}_{\frac{1}{3}} \in C_{1} \vdash_{} e1^{a_{1}}_{\frac{1}{3}} \in C_{1} $}\AxiomC{$ C_{2} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e2^{a_{1}}_{\frac{1}{2}} \in C_{2} \vdash_{} e2^{a_{1}}_{\frac{1}{2}} \in C_{2} $} \RightLabel{ $ \wedge^{+} $} \BinaryInfC{$ e1^{a_{1}}_{\frac{1}{3}} \in C_{1}, e2^{a_{1}}_{\frac{1}{2}} \in C_{2} \vdash_{} (e1, e2)^{a_{1}}_{\frac{1}{3}} \in (C_{1} \wedge C_{2}) $}\end{prooftree}"
: string

Eval compute in (showForNaturalLanguage and_intro_example).
     = "

- Assuming claim 1 is supported by $e1$ at weight 1/3 which actor 1 uses, and claim 2 is supported by $e2$ at weight 1/2 which actor 1 uses then (claim 1 and claim 2) is supported by $(e1, e2)$ at weight 1/3 which actor 1 uses, because
  - Assuming claim 1 is supported by $e1$ at weight 1/3 which actor 1 uses then claim 1 is supported by $e1$ at weight 1/3 which actor 1 uses, because
    - claim 1 is a veracity claim.
  - by assumption.
  - Assuming claim 2 is supported by $e2$ at weight 1/2 which actor 1 uses then claim 2 is supported by $e2$ at weight 1/2 which actor 1 uses, because
    - claim 2 is a veracity claim.
  - by assumption.
- by a logical rule for 'and'.

"
     : string
Eval compute in (showForLogSeq and_intro_example).
     = "

### Veracity proof that (claim 1 and claim 2) is held by actor 1 by the evidence $(e1, e2)$ at weight $\frac{1}{3}$
  - (claim 1 and claim 2) is held by actor 1 by the evidence $(e1, e2)$ at weight $\frac{1}{3}$
    collapsed:: true
    - Assumptions made:
      collapsed:: true
      - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{3}$
      - claim 2 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{2}$
    - Logical rule used: and introduction
      - Sub-proofs:
        - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{3}$
          collapsed:: true
          - Assumptions made:
            collapsed:: true
            - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{3}$
          - Logical rule used: we assume this
        - claim 2 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{2}$
          collapsed:: true
          - Assumptions made:
            collapsed:: true
            - claim 2 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{2}$
          - Logical rule used: we assume this
  - Atomic evidence is abbreviated as follows:
    collapsed:: true
    - e1 = atomic evidence 1
    - e2 = atomic evidence 2

"
     : string

and_elim1

and_elim1 allows us to conclude the left conjunct from a conjunctive claim. It requires that the evidence is a Pair, here written as {{e1, e2}}. The weight remains the same.

Lemma and_elim1_example : proofTreeOf [(e1 \by a1 @ (1 # 3) \in c1); (e2 \by a1 @ (1 # 2) \in c2)] (e1 \by a1 @ (1 # 3) \in c1).
proofTreeOf
  [e1 \by a1 @ 1 # 3 \in c1; e2 \by a1 @ 1 # 2 \in c2]
  e1 \by a1 @ 1 # 3 \in c1
Proof.
proofTreeOf
  [e1 \by a1 @ 1 # 3 \in c1; e2 \by a1 @ 1 # 2 \in c2]
  e1 \by a1 @ 1 # 3 \in c1
apply and_elim1 with (e2:=e2) (C2:=c2).
proofTreeOf
  [e1 \by a1 @ 1 # 3 \in c1; e2 \by a1 @ 1 # 2 \in c2]
  {{e1, e2}} \by a1 @ 1 # 3 \in (c1 /\' c2)
apply and_intro with (w1:=(1#3)) (w2:=(1#2)) (Ps:=[e1 \by a1 @ 1 # 3 \in c1]) (Qs:=[e2 \by a1 @ 1 # 2 \in c2]).
([e1 \by a1 @ 1 # 3 \in c1] ++
 [e2 \by a1 @ 1 # 2 \in c2] ==?
 [e1 \by a1 @ 1 # 3 \in c1; e2 \by a1 @ 1 # 2 \in c2]) =
true
1 # 3 = Qmin (1 # 3) (1 # 2)
proofTreeOf [e1 \by a1 @ 1 # 3 \in c1]
  e1 \by a1 @ 1 # 3 \in c1
proofTreeOf [e2 \by a1 @ 1 # 2 \in c2]
  e2 \by a1 @ 1 # 2 \in c2 1-2: reflexivity.
proofTreeOf [e1 \by a1 @ 1 # 3 \in c1]
  e1 \by a1 @ 1 # 3 \in c1
proofTreeOf [e2 \by a1 @ 1 # 2 \in c2]
  e2 \by a1 @ 1 # 2 \in c2
apply assume.
proofTreeOf [e2 \by a1 @ 1 # 2 \in c2]
  e2 \by a1 @ 1 # 2 \in c2
apply assume.
Defined.

Eval compute in (showForProofTree and_elim1_example).
= "\begin{prooftree}\AxiomC{$ C_{1} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e1^{a_{1}}_{\frac{1}{3}} \in C_{1} \vdash_{} e1^{a_{1}}_{\frac{1}{3}} \in C_{1} $}\AxiomC{$ C_{2} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e2^{a_{1}}_{\frac{1}{2}} \in C_{2} \vdash_{} e2^{a_{1}}_{\frac{1}{2}} \in C_{2} $} \RightLabel{ $ \wedge^{+} $} \BinaryInfC{$ e1^{a_{1}}_{\frac{1}{3}} \in C_{1}, e2^{a_{1}}_{\frac{1}{2}} \in C_{2} \vdash_{} (e1, e2)^{a_{1}}_{\frac{1}{3}} \in (C_{1} \wedge C_{2}) $} \RightLabel{ $ \land^{-1} $} \UnaryInfC{$ e1^{a_{1}}_{\frac{1}{3}} \in C_{1}, e2^{a_{1}}_{\frac{1}{2}} \in C_{2} \vdash_{} e1^{a_{1}}_{\frac{1}{3}} \in C_{1} $}\end{prooftree}"
: string

Eval compute in (showForNaturalLanguage and_elim1_example).
     = "

- Assuming claim 1 is supported by $e1$ at weight 1/3 which actor 1 uses, and claim 2 is supported by $e2$ at weight 1/2 which actor 1 uses then claim 1 is supported by $e1$ at weight 1/3 which actor 1 uses, because
  - Assuming claim 1 is supported by $e1$ at weight 1/3 which actor 1 uses, and claim 2 is supported by $e2$ at weight 1/2 which actor 1 uses then (claim 1 and claim 2) is supported by $(e1, e2)$ at weight 1/3 which actor 1 uses, because
    - Assuming claim 1 is supported by $e1$ at weight 1/3 which actor 1 uses then claim 1 is supported by $e1$ at weight 1/3 which actor 1 uses, because
      - claim 1 is a veracity claim.
    - by assumption.
    - Assuming claim 2 is supported by $e2$ at weight 1/2 which actor 1 uses then claim 2 is supported by $e2$ at weight 1/2 which actor 1 uses, because
      - claim 2 is a veracity claim.
    - by assumption.
  - by a logical rule for 'and'.
- by a logical rule for 'and'.

"
     : string
Eval compute in (showForLogSeq and_elim1_example).
     = "

### Veracity proof that claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{3}$
  - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{3}$
    collapsed:: true
    - Assumptions made:
      collapsed:: true
      - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{3}$
      - claim 2 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{2}$
    - Logical rule used: and elimination (1)
      - Sub-proof:
        - (claim 1 and claim 2) is held by actor 1 by the evidence $(e1, e2)$ at weight $\frac{1}{3}$
          collapsed:: true
          - Assumptions made:
            collapsed:: true
            - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{3}$
            - claim 2 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{2}$
          - Logical rule used: and introduction
            - Sub-proofs:
              - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{3}$
                collapsed:: true
                - Assumptions made:
                  collapsed:: true
                  - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{3}$
                - Logical rule used: we assume this
              - claim 2 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{2}$
                collapsed:: true
                - Assumptions made:
                  collapsed:: true
                  - claim 2 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{2}$
                - Logical rule used: we assume this
  - Atomic evidence is abbreviated as follows:
    collapsed:: true
    - e1 = atomic evidence 1
    - e2 = atomic evidence 2

"
     : string

and_elim2

and_elim2 is similar to and_elim1 but allows us to conclude the right conjunct.

Lemma and_elim2_example : proofTreeOf [(e1 \by a1 @ (1 # 3) \in c1); (e2 \by a1 @ (1 # 2) \in c2)] (e2 \by a1 @ (1 # 3) \in c2).
proofTreeOf
  [e1 \by a1 @ 1 # 3 \in c1; e2 \by a1 @ 1 # 2 \in c2]
  e2 \by a1 @ 1 # 3 \in c2
Proof.
proofTreeOf
  [e1 \by a1 @ 1 # 3 \in c1; e2 \by a1 @ 1 # 2 \in c2]
  e2 \by a1 @ 1 # 3 \in c2
apply and_elim2 with (e1:=e1) (C1:=c1).
proofTreeOf
  [e1 \by a1 @ 1 # 3 \in c1; e2 \by a1 @ 1 # 2 \in c2]
  {{e1, e2}} \by a1 @ 1 # 3 \in (c1 /\' c2)
apply and_intro with (w1:=(1#3)) (w2:=(1#2)) (Ps:=[e1 \by a1 @ 1 # 3 \in c1]) (Qs:=[e2 \by a1 @ 1 # 2 \in c2]).
([e1 \by a1 @ 1 # 3 \in c1] ++
 [e2 \by a1 @ 1 # 2 \in c2] ==?
 [e1 \by a1 @ 1 # 3 \in c1; e2 \by a1 @ 1 # 2 \in c2]) =
true
1 # 3 = Qmin (1 # 3) (1 # 2)
proofTreeOf [e1 \by a1 @ 1 # 3 \in c1]
  e1 \by a1 @ 1 # 3 \in c1
proofTreeOf [e2 \by a1 @ 1 # 2 \in c2]
  e2 \by a1 @ 1 # 2 \in c2 1-2: reflexivity.
proofTreeOf [e1 \by a1 @ 1 # 3 \in c1]
  e1 \by a1 @ 1 # 3 \in c1
proofTreeOf [e2 \by a1 @ 1 # 2 \in c2]
  e2 \by a1 @ 1 # 2 \in c2
apply assume.
proofTreeOf [e2 \by a1 @ 1 # 2 \in c2]
  e2 \by a1 @ 1 # 2 \in c2
apply assume.
Defined.

Eval compute in (showForProofTree and_elim2_example).
= "\begin{prooftree}\AxiomC{$ C_{1} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e1^{a_{1}}_{\frac{1}{3}} \in C_{1} \vdash_{} e1^{a_{1}}_{\frac{1}{3}} \in C_{1} $}\AxiomC{$ C_{2} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e2^{a_{1}}_{\frac{1}{2}} \in C_{2} \vdash_{} e2^{a_{1}}_{\frac{1}{2}} \in C_{2} $} \RightLabel{ $ \wedge^{+} $} \BinaryInfC{$ e1^{a_{1}}_{\frac{1}{3}} \in C_{1}, e2^{a_{1}}_{\frac{1}{2}} \in C_{2} \vdash_{} (e1, e2)^{a_{1}}_{\frac{1}{3}} \in (C_{1} \wedge C_{2}) $} \RightLabel{ $ \land^{-2} $} \UnaryInfC{$ e1^{a_{1}}_{\frac{1}{3}} \in C_{1}, e2^{a_{1}}_{\frac{1}{2}} \in C_{2} \vdash_{} e2^{a_{1}}_{\frac{1}{3}} \in C_{2} $}\end{prooftree}"
: string

Eval compute in (showForNaturalLanguage and_elim2_example).
     = "

- Assuming claim 1 is supported by $e1$ at weight 1/3 which actor 1 uses, and claim 2 is supported by $e2$ at weight 1/2 which actor 1 uses then claim 2 is supported by $e2$ at weight 1/3 which actor 1 uses, because
  - Assuming claim 1 is supported by $e1$ at weight 1/3 which actor 1 uses, and claim 2 is supported by $e2$ at weight 1/2 which actor 1 uses then (claim 1 and claim 2) is supported by $(e1, e2)$ at weight 1/3 which actor 1 uses, because
    - Assuming claim 1 is supported by $e1$ at weight 1/3 which actor 1 uses then claim 1 is supported by $e1$ at weight 1/3 which actor 1 uses, because
      - claim 1 is a veracity claim.
    - by assumption.
    - Assuming claim 2 is supported by $e2$ at weight 1/2 which actor 1 uses then claim 2 is supported by $e2$ at weight 1/2 which actor 1 uses, because
      - claim 2 is a veracity claim.
    - by assumption.
  - by a logical rule for 'and'.
- by a logical rule for 'and'.

"
     : string
Eval compute in (showForLogSeq and_elim2_example).
     = "

### Veracity proof that claim 2 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{3}$
  - claim 2 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{3}$
    collapsed:: true
    - Assumptions made:
      collapsed:: true
      - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{3}$
      - claim 2 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{2}$
    - Logical rule used: and elimination (2)
      - Sub-proof:
        - (claim 1 and claim 2) is held by actor 1 by the evidence $(e1, e2)$ at weight $\frac{1}{3}$
          collapsed:: true
          - Assumptions made:
            collapsed:: true
            - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{3}$
            - claim 2 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{2}$
          - Logical rule used: and introduction
            - Sub-proofs:
              - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{3}$
                collapsed:: true
                - Assumptions made:
                  collapsed:: true
                  - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{3}$
                - Logical rule used: we assume this
              - claim 2 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{2}$
                collapsed:: true
                - Assumptions made:
                  collapsed:: true
                  - claim 2 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{2}$
                - Logical rule used: we assume this
  - Atomic evidence is abbreviated as follows:
    collapsed:: true
    - e1 = atomic evidence 1
    - e2 = atomic evidence 2

"
     : string

or_intro1

or_intro1 allows us to conclude a disjunctive claim by tagging the evidence with Left, represented in Latex as \(i(...)\). This indicates that the disjunctive claim has veracity because the left disjunct had been shown to have veracity. The right disjunct can be any claim.

Lemma or_intro1_example :
  proofTreeOf [(e \by a1 @ (1 # 3) \in c1)] ((Left e) \by a1 @ (1 # 3) \in (c1 \/' c2)).
proofTreeOf [e \by a1 @ 1 # 3 \in c1]
  (Left e) \by a1 @ 1 # 3 \in (c1 \/' c2)
Proof.
proofTreeOf [e \by a1 @ 1 # 3 \in c1]
  (Left e) \by a1 @ 1 # 3 \in (c1 \/' c2)
apply or_intro1.
proofTreeOf [e \by a1 @ 1 # 3 \in c1]
  e \by a1 @ 1 # 3 \in c1
apply assume.
Defined.

Eval compute in (showForProofTree or_intro1_example).
= "\begin{prooftree}\AxiomC{$ C_{1} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e^{a_{1}}_{\frac{1}{3}} \in C_{1} \vdash_{} e^{a_{1}}_{\frac{1}{3}} \in C_{1} $} \RightLabel{ $ \lor^{+1} $} \UnaryInfC{$ e^{a_{1}}_{\frac{1}{3}} \in C_{1} \vdash_{} i(e)^{a_{1}}_{\frac{1}{3}} \in (C_{1} \vee C_{2}) $}\end{prooftree}"
: string

Eval compute in (showForNaturalLanguage or_intro1_example).
     = "

- Assuming claim 1 is supported by $e$ at weight 1/3 which actor 1 uses then (claim 1 or claim 2) is supported by $i(e)$ at weight 1/3 which actor 1 uses, because
  - Assuming claim 1 is supported by $e$ at weight 1/3 which actor 1 uses then claim 1 is supported by $e$ at weight 1/3 which actor 1 uses, because
    - claim 1 is a veracity claim.
  - by assumption.
- by a logical rule for 'or'.

"
     : string
Eval compute in (showForLogSeq or_intro1_example).
     = "

### Veracity proof that (claim 1 or claim 2) is held by actor 1 by the evidence $i(e)$ at weight $\frac{1}{3}$
  - (claim 1 or claim 2) is held by actor 1 by the evidence $i(e)$ at weight $\frac{1}{3}$
    collapsed:: true
    - Assumptions made:
      collapsed:: true
      - claim 1 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
    - Logical rule used: or introduction (1)
      - Sub-proof:
        - claim 1 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
          collapsed:: true
          - Assumptions made:
            collapsed:: true
            - claim 1 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
          - Logical rule used: we assume this
  - Atomic evidence is abbreviated as follows:
    collapsed:: true
    - e = atomic evidence e

"
     : string

or_intro2

or_intro2 similarly allows us to conclude a disjunctive claim but by tagging the evidence with Right, represented in Latex as \(j(...)\). The left disjunct can be any claim.

Lemma or_intro2_example :
  proofTreeOf [(e \by a1 @ (1 # 3) \in c2)] ((Right e) \by a1 @ (1 # 3) \in (c1 \/' c2)).
proofTreeOf [e \by a1 @ 1 # 3 \in c2]
  (Right e) \by a1 @ 1 # 3 \in (c1 \/' c2)
Proof.
proofTreeOf [e \by a1 @ 1 # 3 \in c2]
  (Right e) \by a1 @ 1 # 3 \in (c1 \/' c2)
apply or_intro2.
proofTreeOf [e \by a1 @ 1 # 3 \in c2]
  e \by a1 @ 1 # 3 \in c2
apply assume.
Defined.

Eval compute in (showForProofTree or_intro2_example).
= "\begin{prooftree}\AxiomC{$ C_{2} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e^{a_{1}}_{\frac{1}{3}} \in C_{2} \vdash_{} e^{a_{1}}_{\frac{1}{3}} \in C_{2} $} \RightLabel{ $ \lor^{+2} $} \UnaryInfC{$ e^{a_{1}}_{\frac{1}{3}} \in C_{2} \vdash_{} j(e)^{a_{1}}_{\frac{1}{3}} \in (C_{1} \vee C_{2}) $}\end{prooftree}"
: string

Eval compute in (showForNaturalLanguage or_intro2_example).
     = "

- Assuming claim 2 is supported by $e$ at weight 1/3 which actor 1 uses then (claim 1 or claim 2) is supported by $j(e)$ at weight 1/3 which actor 1 uses, because
  - Assuming claim 2 is supported by $e$ at weight 1/3 which actor 1 uses then claim 2 is supported by $e$ at weight 1/3 which actor 1 uses, because
    - claim 2 is a veracity claim.
  - by assumption.
- by a logical rule for 'or'.

"
     : string
Eval compute in (showForLogSeq or_intro2_example).
     = "

### Veracity proof that (claim 1 or claim 2) is held by actor 1 by the evidence $j(e)$ at weight $\frac{1}{3}$
  - (claim 1 or claim 2) is held by actor 1 by the evidence $j(e)$ at weight $\frac{1}{3}$
    collapsed:: true
    - Assumptions made:
      collapsed:: true
      - claim 2 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
    - Logical rule used: or introduction (2)
      - Sub-proof:
        - claim 2 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
          collapsed:: true
          - Assumptions made:
            collapsed:: true
            - claim 2 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
          - Logical rule used: we assume this
  - Atomic evidence is abbreviated as follows:
    collapsed:: true
    - e = atomic evidence e

"
     : string

or_elim1

or_elim1 allows us to conclude the left disjunct from a disjunctive claim whose veracity came from the left disjunct, as evident from tagged evidence.

Lemma or_elim1_example :
  proofTreeOf [(e \by a1 @ (1 # 3) \in c1)] (e \by a1 @ (1 # 3) \in c1).
proofTreeOf [e \by a1 @ 1 # 3 \in c1]
  e \by a1 @ 1 # 3 \in c1
Proof.
proofTreeOf [e \by a1 @ 1 # 3 \in c1]
  e \by a1 @ 1 # 3 \in c1
apply or_elim1 with (C2:=c2).
proofTreeOf [e \by a1 @ 1 # 3 \in c1]
  (Left e) \by a1 @ 1 # 3 \in (c1 \/' c2)

Here we see the proof state before and after or_elim1 is applied.

apply or_intro1.
proofTreeOf [e \by a1 @ 1 # 3 \in c1]
  e \by a1 @ 1 # 3 \in c1
apply assume.
Defined.

Eval compute in (showForProofTree or_elim1_example).
= "\begin{prooftree}\AxiomC{$ C_{1} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e^{a_{1}}_{\frac{1}{3}} \in C_{1} \vdash_{} e^{a_{1}}_{\frac{1}{3}} \in C_{1} $} \RightLabel{ $ \lor^{+1} $} \UnaryInfC{$ e^{a_{1}}_{\frac{1}{3}} \in C_{1} \vdash_{} i(e)^{a_{1}}_{\frac{1}{3}} \in (C_{1} \vee C_{2}) $} \RightLabel{ $ \lor^{-1} $} \UnaryInfC{$ e^{a_{1}}_{\frac{1}{3}} \in C_{1} \vdash_{} e^{a_{1}}_{\frac{1}{3}} \in C_{1} $}\end{prooftree}"
: string

Eval compute in (showForNaturalLanguage or_elim1_example).
     = "

- Assuming claim 1 is supported by $e$ at weight 1/3 which actor 1 uses then claim 1 is supported by $e$ at weight 1/3 which actor 1 uses, because
  - Assuming claim 1 is supported by $e$ at weight 1/3 which actor 1 uses then (claim 1 or claim 2) is supported by $i(e)$ at weight 1/3 which actor 1 uses, because
    - Assuming claim 1 is supported by $e$ at weight 1/3 which actor 1 uses then claim 1 is supported by $e$ at weight 1/3 which actor 1 uses, because
      - claim 1 is a veracity claim.
    - by assumption.
  - by a logical rule for 'or'.
- by a logical rule for 'or'.

"
     : string
Eval compute in (showForLogSeq or_elim1_example).
     = "

### Veracity proof that claim 1 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
  - claim 1 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
    collapsed:: true
    - Assumptions made:
      collapsed:: true
      - claim 1 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
    - Logical rule used: or elimination (1)
      - Sub-proof:
        - (claim 1 or claim 2) is held by actor 1 by the evidence $i(e)$ at weight $\frac{1}{3}$
          collapsed:: true
          - Assumptions made:
            collapsed:: true
            - claim 1 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
          - Logical rule used: or introduction (1)
            - Sub-proof:
              - claim 1 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
                collapsed:: true
                - Assumptions made:
                  collapsed:: true
                  - claim 1 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
                - Logical rule used: we assume this
  - Atomic evidence is abbreviated as follows:
    collapsed:: true
    - e = atomic evidence e

"
     : string

or_elim2

or_elim2 similarly allows us to conclude the right disjunct from a disjunctive claim whose veracity came from the right disjunct.

Lemma or_elim2_example :
  proofTreeOf [(e \by a1 @ (1 # 3) \in c2)] (e \by a1 @ (1 # 3) \in c2).
proofTreeOf [e \by a1 @ 1 # 3 \in c2]
  e \by a1 @ 1 # 3 \in c2
Proof.
proofTreeOf [e \by a1 @ 1 # 3 \in c2]
  e \by a1 @ 1 # 3 \in c2
apply or_elim2 with (C1:=c1).
proofTreeOf [e \by a1 @ 1 # 3 \in c2]
  (Right e) \by a1 @ 1 # 3 \in (c1 \/' c2)
apply or_intro2.
proofTreeOf [e \by a1 @ 1 # 3 \in c2]
  e \by a1 @ 1 # 3 \in c2
apply assume.
Defined.

Eval compute in (showForProofTree or_elim2_example).
= "\begin{prooftree}\AxiomC{$ C_{2} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e^{a_{1}}_{\frac{1}{3}} \in C_{2} \vdash_{} e^{a_{1}}_{\frac{1}{3}} \in C_{2} $} \RightLabel{ $ \lor^{+2} $} \UnaryInfC{$ e^{a_{1}}_{\frac{1}{3}} \in C_{2} \vdash_{} j(e)^{a_{1}}_{\frac{1}{3}} \in (C_{1} \vee C_{2}) $} \RightLabel{ $ \lor^{-2} $} \UnaryInfC{$ e^{a_{1}}_{\frac{1}{3}} \in C_{2} \vdash_{} e^{a_{1}}_{\frac{1}{3}} \in C_{2} $}\end{prooftree}"
: string

Eval compute in (showForNaturalLanguage or_elim2_example).
     = "

- Assuming claim 2 is supported by $e$ at weight 1/3 which actor 1 uses then claim 2 is supported by $e$ at weight 1/3 which actor 1 uses, because
  - Assuming claim 2 is supported by $e$ at weight 1/3 which actor 1 uses then (claim 1 or claim 2) is supported by $j(e)$ at weight 1/3 which actor 1 uses, because
    - Assuming claim 2 is supported by $e$ at weight 1/3 which actor 1 uses then claim 2 is supported by $e$ at weight 1/3 which actor 1 uses, because
      - claim 2 is a veracity claim.
    - by assumption.
  - by a logical rule for 'or'.
- by a logical rule for 'or'.

"
     : string
Eval compute in (showForLogSeq or_elim2_example).
     = "

### Veracity proof that claim 2 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
  - claim 2 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
    collapsed:: true
    - Assumptions made:
      collapsed:: true
      - claim 2 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
    - Logical rule used: or elimination (2)
      - Sub-proof:
        - (claim 1 or claim 2) is held by actor 1 by the evidence $j(e)$ at weight $\frac{1}{3}$
          collapsed:: true
          - Assumptions made:
            collapsed:: true
            - claim 2 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
          - Logical rule used: or introduction (2)
            - Sub-proof:
              - claim 2 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
                collapsed:: true
                - Assumptions made:
                  collapsed:: true
                  - claim 2 is held by actor 1 by the evidence $e$ at weight $\frac{1}{3}$
                - Logical rule used: we assume this
  - Atomic evidence is abbreviated as follows:
    collapsed:: true
    - e = atomic evidence e

"
     : string

trust

All the other rules require the actor to stay the same, trust allows the actor holding that the claim has veracity to change. An application of the rule trust is intended to implicitly declare that the named trust relation, in this case trustT, relates the two actors a1 and a2 with the weight wTrust. Currently, there is no mechanism forcing that trust is used in a consistent manner. One could, for instance, use trustT with Penelope and Quentin with weight \(\frac{1}{3}\) and then elsewhere use trustT again with Penelope Quentin but with weight \(\frac{1}{2}\). This could be prevented with a technique such as explored in the branch WIP-with-fDef-as-proofTreeOf-parameter for the related challenge of ensuring that functions are applied consistently (which has been solved with apply_abstraction in the current code-base, not requiring by_def1/by_def2). See: https://github.com/Coda-Coda/Veracity-Logic-Mechanised/blob/5351832ae3d9a32b3a13eb5a5865b35b30ff3b47/Coq/VeracityLogic.v#L398 for the fDef approach.

Lemma trust_example :
  proofTreeOf [(e \by Penelope @ (1 # 3) \in c1)] (e \by Quentin @ (1 # 6) \in c1).
proofTreeOf [e \by Penelope @ 1 # 3 \in c1]
  e \by Quentin @ 1 # 6 \in c1
Proof.
proofTreeOf [e \by Penelope @ 1 # 3 \in c1]
  e \by Quentin @ 1 # 6 \in c1

Applying the rule trust leaves us with three subgoals.

apply trust with (a2:=Penelope) (wTrust:=1#2) (w1:=1#3).
trustRelation
1 # 6 = (1 # 3) * (1 # 2)
proofTreeOf [e \by Penelope @ 1 # 3 \in c1]
  e \by Penelope @ 1 # 3 \in c1

The first is just to name which trust relation we are using, in this case trustT. It would be better if we could have used the syntax (name:=trustT) but unfortunately we cannot do that in this case.

The second subgoal can be solved by reflexivity.

The third subgoal now has the actor Penelope rather then Quentin.

apply trustT.
1 # 6 = (1 # 3) * (1 # 2)
proofTreeOf [e \by Penelope @ 1 # 3 \in c1]
  e \by Penelope @ 1 # 3 \in c1 reflexivity.
proofTreeOf [e \by Penelope @ 1 # 3 \in c1]
  e \by Penelope @ 1 # 3 \in c1
apply assume.
Defined.

Eval compute in (showForProofTree trust_example).
= "\begin{prooftree}\AxiomC{$ C_{1} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e^{P}_{\frac{1}{3}} \in C_{1} \vdash_{} e^{P}_{\frac{1}{3}} \in C_{1} $} \AxiomC{$QTP$}  \RightLabel{ $ trust\ T\ (\frac{1}{2})$} \BinaryInfC{$ e^{P}_{\frac{1}{3}} \in C_{1} \vdash_{T} e^{Q}_{\frac{1}{6}} \in C_{1} $}\end{prooftree}"
: string

Eval compute in (showForNaturalLanguage trust_example).
     = "

- Assuming claim 1 is supported by $e$ at weight 1/3 which Penelope uses then claim 1 is supported by $e$ at weight 1/6 which Quentin uses, because
  - Assuming claim 1 is supported by $e$ at weight 1/3 which Penelope uses then claim 1 is supported by $e$ at weight 1/3 which Penelope uses, because
    - claim 1 is a veracity claim.
  - by assumption.
- by the trust relation trust relation T with weight 1/2.

"
     : string
Eval compute in (showForLogSeq trust_example).
     = "

### Veracity proof that claim 1 is held by Quentin by the evidence $e$ at weight $\frac{1}{6}$
  - claim 1 is held by Quentin by the evidence $e$ at weight $\frac{1}{6}$
    collapsed:: true
    - Assumptions made:
      collapsed:: true
      - claim 1 is held by Penelope by the evidence $e$ at weight $\frac{1}{3}$
    - Trust relations used:
      collapsed:: true
      - trust relation T
    - Logical rule used: trust, with relation trust relation T with weight $\frac{1}{2}$
      - Sub-proof:
        - claim 1 is held by Penelope by the evidence $e$ at weight $\frac{1}{3}$
          collapsed:: true
          - Assumptions made:
            collapsed:: true
            - claim 1 is held by Penelope by the evidence $e$ at weight $\frac{1}{3}$
          - Logical rule used: we assume this
  - Atomic evidence is abbreviated as follows:
    collapsed:: true
    - e = atomic evidence e

"
     : string

As a side note, notice that we end all these proof tree "Lemmas" with the keyword Defined. Recall that proofTreeOf Ps j is a Type not a Prop and that we use pattern matching on proof trees to generate Latex strings and perform other computations about proof trees. The keyword Defined makes the proof tree definitions transparent and not opaque, which makes it possible (among other things) to generate Latex strings from them. For more information about Defined see https://coq.inria.fr/doc/V8.17.1/refman/proofs/writing-proofs/proof-mode.html?highlight=defined#coq:cmd.Defined.

In addition to this, notice that we are using Coq's "proof mode" to construct values of type proofTreeOf Ps j. While it feels a bit like we are doing proofs about propositions, we are actually just constructing trees, values, that follow the rules of the proofTreeOf type. This is a somewhat related to the Curry-Howard correspondence where we see that constructing proofs of propositions is like constructing values of a particular type. The fact that we can use "proof mode" to carry out both tasks is related to the Curry-Howard correspondence. For more information on the Curry-Howard correspondence, see: https://softwarefoundations.cis.upenn.edu/lf-current/ProofObjects.html.

impl_intro

impl_intro allows us to conclude implicative claims, such as \((C_1 \wedge C_2) \rightarrow C_1\). This gives us evidence such as (Lambda _e_ (1#4) e), which represents the abstraction \(\lambda(e)(e)\), where the evidence it is applied to (which will replace \(e\)) must have weight \(\frac{1}{4}\). For an overview of abstractions, see: The machinery for applying abstractions.

Lemma impl_intro_example : proofTreeOf [] ((Lambda _e1_ (1#4) e1) \by a1 @ (1 # 4) \in (Implies c1 c1)).
proofTreeOf []
  (Lambda _e1_ (1 # 4) e1) \by a1 @ 1 # 4 \in
  (c1 ->' c1)

The application of impl_intro generates three side conditions:

• The check that e is not used in an "inner abstraction"
• The check that Ps (the assumptions of the judgement "above" impl_intro) contains the evidence that will become the variable in our abstraction.
• The check that Qs (the assumptions of the judgement "below" impl_intro) is Ps with the evidence mentioned in the previous bullet point removed from it. In this case Qs must be the empty list.

These three subgoals are all solvable by reflexivity, so we solve them using the notation 1-3: reflexivity. When writing proofs, it may be helpful to instead use 1-3: try reflexivity, so that Coq will discharge all the goals solvable by reflexivity and leave the rest unsolved, rather than failing. This is only relevant if, during the process of constructing a proof, at that point some of the conditions do not hold and perhaps some variables such as with (Ps:=[e \by a1 @ 1 # 4 \in c1]) need tweaking. However, here there are no such problems and reflexivity solves the 3 subgoals.

apply impl_intro with (Ps:=[e1 \by a1 @ 1 # 4 \in c1]).
notUsedInInnerAbstraction _e1_ e1 = true
contains (AtomicEvid _e1_) \by a1 @ 1 # 4 \in c1
  [e1 \by a1 @ 1 # 4 \in c1] = true
(remove judgement_eq_dec
   (AtomicEvid _e1_) \by a1 @ 1 # 4 \in c1
   [e1 \by a1 @ 1 # 4 \in c1] ==? []) = true
proofTreeOf [e1 \by a1 @ 1 # 4 \in c1]
  e1 \by a1 @ 1 # 4 \in c1
1-3: reflexivity.
proofTreeOf [e1 \by a1 @ 1 # 4 \in c1]
  e1 \by a1 @ 1 # 4 \in c1
apply assume.
Defined.

Eval compute in (showForProofTree impl_intro_example).
= "\begin{prooftree}\AxiomC{$ C_{1} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e1^{a_{1}}_{\frac{1}{4}} \in C_{1} \vdash_{} e1^{a_{1}}_{\frac{1}{4}} \in C_{1} $} \RightLabel{ $ \rightarrow^+ $} \UnaryInfC{$ \lambda(e1_{\frac{1}{4}})(e1)^{a_{1}}_{\frac{1}{4}} \in (C_{1} \rightarrow C_{1}) $}\end{prooftree}"
: string

Eval compute in (showForNaturalLanguage impl_intro_example).
     = "

- (claim 1 implies claim 1) is supported by $\lambda(e1_{\frac{1}{4}})(e1)$ at weight 1/4 which actor 1 uses, because
  - Assuming claim 1 is supported by $e1$ at weight 1/4 which actor 1 uses then claim 1 is supported by $e1$ at weight 1/4 which actor 1 uses, because
    - claim 1 is a veracity claim.
  - by assumption.
- by a logical rule for implication.

"
     : string
Eval compute in (showForLogSeq impl_intro_example).
     = "

### Veracity proof that (claim 1 implies claim 1) is held by actor 1 by the evidence $\lambda(e1_{\frac{1}{4}})(e1)$ at weight $\frac{1}{4}$
  - (claim 1 implies claim 1) is held by actor 1 by the evidence $\lambda(e1_{\frac{1}{4}})(e1)$ at weight $\frac{1}{4}$
    - Logical rule used: implication introduction
      - Sub-proof:
        - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{4}$
          collapsed:: true
          - Assumptions made:
            collapsed:: true
            - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{4}$
          - Logical rule used: we assume this
  - Atomic evidence is abbreviated as follows:
    collapsed:: true
    - e1 = atomic evidence 1

"
     : string

impl_elim

Given a proof tree concluding in a judgement with an implicative claim and a second proof tree which shows that the antecedent of the implicative claim has veracity, impl_elim allows us to apply the abstraction from the evidence for that implicative claim to conclude the consequent of the implicative claim. The evidence becomes the result of applying the abstraction to the evidence from the second proof tree. See: The machinery for applying abstractions for information about applying abstractions.

We require that the evidence for the antecedent has the same weight as the evidence which was in the application of impl_intro when the abstraction was constructed. This is done to prevent scenarios which could lead to problematic weights greater than 1 being possible by applying a combination of and_intro, impl_intro, and impl_elim and handling weights when abstractions are applied by multiplying the weights of both pieces of evidence with each other. For example, \(y_1 \in C_1 \vdash ((y,y),y)_2 \in ((C_1 \wedge C_1) \wedge C_1)\) could be concluded with that approach. However, what should be possible is \(y_1 \in C_1 \vdash ((y,y),y)_1 \in ((C_1 \wedge C_1) \wedge C_1)\).

Lemma impl_elim_example : proofTreeOf [(e2 \by a1 @ (1 # 4) \in c1)] ((e2 \by a1 @ (1 # 4) \in c1)).
proofTreeOf [e2 \by a1 @ 1 # 4 \in c1]
  e2 \by a1 @ 1 # 4 \in c1

impl_elim produces side-conditions corresponding to:

• H2 : notUsedInInnerAbstraction x bx = true
• (Ps ++ Qs ==? Rs) = true.

Here, we have discharged H2 by providing the proof eq_refl, which asserts that any value is equal to itself (Coq evaluates the LHS and RHS first). Instead, we could have used eapply instead of apply and deleted (H2:=eq_refl). This would leave us with the shelved subgoal notUsedInInnerAbstraction _e1_ e1 = true which we could then bring into focus using Unshelve and solve using 4: reflexivity. For more information about eq_refl see for example: https://www.cs.cornell.edu/courses/cs3110/2018fa/lec/21-coq-logic/notes.html. For information about shelving goals see: https://coq.inria.fr/doc/V8.17.1/refman/proofs/writing-proofs/proof-mode.html#shelving-goals.

We discharge the second side-condition using reflexivity. It is checking that the assumptions in the resulting judgement are the combination of the assumptions from the proof trees "above" it.

apply impl_elim with (x:=_e1_) (bx:=e1) (w1:=1#4) (C1:=c1) (Ps:=[]) (Qs:=[e2 \by a1 @ 1 # 4 \in c1]) (H2:=eq_refl).
([] ++ [e2 \by a1 @ 1 # 4 \in c1] ==?
 [e2 \by a1 @ 1 # 4 \in c1]) = true
proofTreeOf []
  (Lambda _e1_ (1 # 4) e1) \by a1 @ 1 # 4 \in
  (c1 ->' c1)
proofTreeOf [e2 \by a1 @ 1 # 4 \in c1]
  (AtomicEvid _e2_) \by a1 @ 1 # 4 \in c1
reflexivity.
proofTreeOf []
  (Lambda _e1_ (1 # 4) e1) \by a1 @ 1 # 4 \in
  (c1 ->' c1)
proofTreeOf [e2 \by a1 @ 1 # 4 \in c1]
  (AtomicEvid _e2_) \by a1 @ 1 # 4 \in c1

Next we use bullets to show the proof structure and focus relevant parts of the proof. For more information about bullets see: https://coq.inria.fr/doc/V8.17.1/refman/proofs/writing-proofs/proof-mode.html#bullets.

The first bullet corresponds to the proof of the implicative claim. It is the same as impl_intro_example. In fact, we could have explicitly used that proof here instead repeating the tactics from that proof, e.g. exact impl_intro_example.

The second bullet corresponds to the proof of the antecedent of the implicative claim, using different evidence, e2, but of the same weight.

-
proofTreeOf []
  (Lambda _e1_ (1 # 4) e1) \by a1 @ 1 # 4 \in
  (c1 ->' c1) apply impl_intro with (Ps:=[e1 \by a1 @ 1 # 4 \in c1]).
notUsedInInnerAbstraction _e1_ e1 = true
contains (AtomicEvid _e1_) \by a1 @ 1 # 4 \in c1
  [e1 \by a1 @ 1 # 4 \in c1] = true
(remove judgement_eq_dec
   (AtomicEvid _e1_) \by a1 @ 1 # 4 \in c1
   [e1 \by a1 @ 1 # 4 \in c1] ==? []) = true
proofTreeOf [e1 \by a1 @ 1 # 4 \in c1]
  e1 \by a1 @ 1 # 4 \in c1 1-3: reflexivity.
proofTreeOf [e1 \by a1 @ 1 # 4 \in c1]
  e1 \by a1 @ 1 # 4 \in c1
  apply assume.
-
proofTreeOf [e2 \by a1 @ 1 # 4 \in c1]
  (AtomicEvid _e2_) \by a1 @ 1 # 4 \in c1 apply assume.
Defined.

Here is the same proof without the commentary and unfolded proof state.

Lemma impl_elim_example' : proofTreeOf
  [(e2 \by a1 @ (1 # 4) \in c1)]
  ((e2 \by a1 @ (1 # 4) \in c1)).
proofTreeOf [e2 \by a1 @ 1 # 4 \in c1]
  e2 \by a1 @ 1 # 4 \in c1
apply impl_elim with
  (x:=_e1_)
  (bx:=e1)
  (w1:=1#4)
  (C1:=c1)
  (Ps:=[])
  (Qs:=[e2 \by a1 @ 1 # 4 \in c1])
  (H2:=eq_refl).
([] ++ [e2 \by a1 @ 1 # 4 \in c1] ==?
 [e2 \by a1 @ 1 # 4 \in c1]) = true
proofTreeOf []
  (Lambda _e1_ (1 # 4) e1) \by a1 @ 1 # 4 \in
  (c1 ->' c1)
proofTreeOf [e2 \by a1 @ 1 # 4 \in c1]
  (AtomicEvid _e2_) \by a1 @ 1 # 4 \in c1
  reflexivity.
proofTreeOf []
  (Lambda _e1_ (1 # 4) e1) \by a1 @ 1 # 4 \in
  (c1 ->' c1)
proofTreeOf [e2 \by a1 @ 1 # 4 \in c1]
  (AtomicEvid _e2_) \by a1 @ 1 # 4 \in c1
-
proofTreeOf []
  (Lambda _e1_ (1 # 4) e1) \by a1 @ 1 # 4 \in
  (c1 ->' c1) apply impl_intro with
    (Ps:=[e1 \by a1 @ 1 # 4 \in c1]).
notUsedInInnerAbstraction _e1_ e1 = true
contains (AtomicEvid _e1_) \by a1 @ 1 # 4 \in c1
  [e1 \by a1 @ 1 # 4 \in c1] = true
(remove judgement_eq_dec
   (AtomicEvid _e1_) \by a1 @ 1 # 4 \in c1
   [e1 \by a1 @ 1 # 4 \in c1] ==? []) = true
proofTreeOf [e1 \by a1 @ 1 # 4 \in c1]
  e1 \by a1 @ 1 # 4 \in c1
      1-3: reflexivity.
proofTreeOf [e1 \by a1 @ 1 # 4 \in c1]
  e1 \by a1 @ 1 # 4 \in c1
  apply assume.
-
proofTreeOf [e2 \by a1 @ 1 # 4 \in c1]
  (AtomicEvid _e2_) \by a1 @ 1 # 4 \in c1 apply assume.
Defined.

Eval compute in (showForProofTree impl_elim_example).
= "\begin{prooftree}\AxiomC{$ C_{1} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e1^{a_{1}}_{\frac{1}{4}} \in C_{1} \vdash_{} e1^{a_{1}}_{\frac{1}{4}} \in C_{1} $} \RightLabel{ $ \rightarrow^+ $} \UnaryInfC{$ \lambda(e1_{\frac{1}{4}})(e1)^{a_{1}}_{\frac{1}{4}} \in (C_{1} \rightarrow C_{1}) $}\AxiomC{$ C_{1} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e2^{a_{1}}_{\frac{1}{4}} \in C_{1} \vdash_{} e2^{a_{1}}_{\frac{1}{4}} \in C_{1} $} \RightLabel{ $ \rightarrow^{-} $} \BinaryInfC{$ e2^{a_{1}}_{\frac{1}{4}} \in C_{1} \vdash_{} e2^{a_{1}}_{\frac{1}{4}} \in C_{1} $}\end{prooftree}"
: string

Eval compute in (showForNaturalLanguage impl_elim_example).
     = "

- Assuming claim 1 is supported by $e2$ at weight 1/4 which actor 1 uses then claim 1 is supported by $e2$ at weight 1/4 which actor 1 uses, because
  - (claim 1 implies claim 1) is supported by $\lambda(e1_{\frac{1}{4}})(e1)$ at weight 1/4 which actor 1 uses, because
    - Assuming claim 1 is supported by $e1$ at weight 1/4 which actor 1 uses then claim 1 is supported by $e1$ at weight 1/4 which actor 1 uses, because
      - claim 1 is a veracity claim.
    - by assumption.
  - by a logical rule for implication.
  - Assuming claim 1 is supported by $e2$ at weight 1/4 which actor 1 uses then claim 1 is supported by $e2$ at weight 1/4 which actor 1 uses, because
    - claim 1 is a veracity claim.
  - by assumption.
- by a logical rule for implication.

"
     : string
Eval compute in (showForLogSeq impl_elim_example).
     = "

### Veracity proof that claim 1 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{4}$
  - claim 1 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{4}$
    collapsed:: true
    - Assumptions made:
      collapsed:: true
      - claim 1 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{4}$
    - Logical rule used: implication elimination
      - Sub-proofs:
        - (claim 1 implies claim 1) is held by actor 1 by the evidence $\lambda(e1_{\frac{1}{4}})(e1)$ at weight $\frac{1}{4}$
          - Logical rule used: implication introduction
            - Sub-proof:
              - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{4}$
                collapsed:: true
                - Assumptions made:
                  collapsed:: true
                  - claim 1 is held by actor 1 by the evidence $e1$ at weight $\frac{1}{4}$
                - Logical rule used: we assume this
        - claim 1 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{4}$
          collapsed:: true
          - Assumptions made:
            collapsed:: true
            - claim 1 is held by actor 1 by the evidence $e2$ at weight $\frac{1}{4}$
          - Logical rule used: we assume this
  - Atomic evidence is abbreviated as follows:
    collapsed:: true
    - e2 = atomic evidence 2

"
     : string

proofTreeOf_wrapped example

This example shows how we can use proofTreeOf_wrapped to only declare up front the actor and claim, leaving the assumption list, evidence and weight for Coq to infer or for clarification by later tactics. We make use of eexists _ _ _ with underscores to indicate that Coq should try infer these values as the proof progresses. The underscores correspond to the fields in the proofTreeOf_wrapped record, in order.

So we have underscores for:

• _Ps: the list of assumptions
• _e: the evidence
• _w: the weight of the concluding judgement

In this proof, Coq can infer all these from the application of assume as well as the actor and claim supplied to proofTreeOf_wrapped.

Definition exampleWithProofOf : proofTreeOf_wrapped a1 C1.
proofTreeOf_wrapped a1 C1
Proof.
proofTreeOf_wrapped a1 C1
eexists _ _ _.
proofTreeOf ?Goal ?Goal0 \by a1 @ ?Goal1 \in C1
apply (assume _e_ a1 1).
Defined.

Eval compute in showForProofTree exampleWithProofOf.
= "\begin{prooftree}\AxiomC{$ C_{1} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e^{a_{1}}_{1} \in C_{1} \vdash_{} e^{a_{1}}_{1} \in C_{1} $}\end{prooftree}"
: string

Eval compute in showForNaturalLanguage exampleWithProofOf.
     = "

- Assuming claim 1 is supported by $e$ at weight 1 which actor 1 uses then claim 1 is supported by $e$ at weight 1 which actor 1 uses, because
  - claim 1 is a veracity claim.
- by assumption.

"
     : string
Eval compute in showForLogSeq exampleWithProofOf.
     = "

### Veracity proof that claim 1 is held by actor 1 by the evidence $e$ at weight $1$
  - claim 1 is held by actor 1 by the evidence $e$ at weight $1$
    collapsed:: true
    - Assumptions made:
      collapsed:: true
      - claim 1 is held by actor 1 by the evidence $e$ at weight $1$
    - Logical rule used: we assume this
  - Atomic evidence is abbreviated as follows:
    collapsed:: true
    - e = atomic evidence e

"
     : string

Process example

This example corresponds to the second example in section 4.2 in the arXiv paper (v4) (top of page 13). Please see the paper for further information about this example.

When viewing as a webpage: For ease of reading in the following examples, the proof state will not be expanded. However, clicking on a Coq tactic or command will unfold the proof state or output at that point.

Definition process_example : proofTreeOf_wrapped Penelope (c3 ->' (c2 ->' (c1 ->' (c1 /\' c2 /\' c3)))).
proofTreeOf_wrapped Penelope
  (c3 ->' c2 ->' c1 ->' c1 /\' c2 /\' c3)
Proof.
proofTreeOf_wrapped Penelope
  (c3 ->' c2 ->' c1 ->' c1 /\' c2 /\' c3)
eexists  _ _ _.
proofTreeOf ?Goal
  ?Goal0 \by Penelope @ ?Goal1 \in
  (c3 ->' c2 ->' c1 ->' c1 /\' c2 /\' c3)
eapply impl_intro with (x:=_z_) (Ps := [j3]) (Qs:=[]) (w1 := 1) (w2 := 1).
notUsedInInnerAbstraction _z_ ?bx = true
contains (AtomicEvid _z_) \by Penelope @ 1 \in c3 [j3] =
true
(remove judgement_eq_dec
   (AtomicEvid _z_) \by Penelope @ 1 \in c3 [j3] ==?
 []) = true
proofTreeOf [j3]
  ?bx \by Penelope @ 1 \in
  (c2 ->' c1 ->' c1 /\' c2 /\' c3) 1-3: shelve.
proofTreeOf [j3]
  ?bx \by Penelope @ 1 \in
  (c2 ->' c1 ->' c1 /\' c2 /\' c3)
eapply impl_intro with (x:=_y_) (Ps := [j2;j3]) (Qs:=[j3]) (w1 := 1) (w2 := 1).
notUsedInInnerAbstraction _y_ ?bx = true
contains (AtomicEvid _y_) \by Penelope @ 1 \in c2
  [j2; j3] = true
(remove judgement_eq_dec
   (AtomicEvid _y_) \by Penelope @ 1 \in c2 [j2; j3] ==?
 [j3]) = true
proofTreeOf [j2; j3]
  ?bx \by Penelope @ 1 \in (c1 ->' c1 /\' c2 /\' c3) 1-3: shelve.
proofTreeOf [j2; j3]
  ?bx \by Penelope @ 1 \in (c1 ->' c1 /\' c2 /\' c3)
eapply impl_intro with (x:=_x_) (Ps := [j1;j2;j3]) (Qs:=[j2;j3]) (w1 := 1) (w2 := 1).
notUsedInInnerAbstraction _x_ ?bx = true
contains (AtomicEvid _x_) \by Penelope @ 1 \in c1
  [j1; j2; j3] = true
(remove judgement_eq_dec
   (AtomicEvid _x_) \by Penelope @ 1 \in c1
   [j1; j2; j3] ==? [j2; j3]) = true
proofTreeOf [j1; j2; j3]
  ?bx \by Penelope @ 1 \in (c1 /\' c2 /\' c3) 1-3: shelve.
proofTreeOf [j1; j2; j3]
  ?bx \by Penelope @ 1 \in (c1 /\' c2 /\' c3)
eapply and_intro with (Ps := [j1;j2]) (w3 := 1).
([j1; j2] ++ ?Qs ==? [j1; j2; j3]) = true
1 = Qmin ?w1 ?w2
proofTreeOf [j1; j2]
  ?e1 \by Penelope @ ?w1 \in (c1 /\' c2)
proofTreeOf ?Qs ?e2 \by Penelope @ ?w2 \in c3 1-2: shelve.
proofTreeOf [j1; j2]
  ?e1 \by Penelope @ ?w1 \in (c1 /\' c2)
proofTreeOf ?Qs ?e2 \by Penelope @ ?w2 \in c3
eapply and_intro with (w3 := 1).
(?Ps ++ ?Qs0 ==? [j1; j2]) = true
1 = Qmin ?w1 ?w20
proofTreeOf ?Ps ?e1 \by Penelope @ ?w1 \in c1
proofTreeOf ?Qs0 ?e20 \by Penelope @ ?w20 \in c2
proofTreeOf ?Qs ?e2 \by Penelope @ ?w2 \in c3 1-2: shelve.
proofTreeOf ?Ps ?e1 \by Penelope @ ?w1 \in c1
proofTreeOf ?Qs0 ?e20 \by Penelope @ ?w20 \in c2
proofTreeOf ?Qs ?e2 \by Penelope @ ?w2 \in c3
apply assume with (e := _x_) (w := 1).
proofTreeOf ?Qs0 ?e20 \by Penelope @ ?w20 \in c2
proofTreeOf ?Qs ?e2 \by Penelope @ ?w2 \in c3
apply assume with (e := _y_) (w := 1).
proofTreeOf ?Qs ?e2 \by Penelope @ ?w2 \in c3
apply assume with (e := _z_) (w := 1).
Unshelve.
notUsedInInnerAbstraction _z_
  (Lambda _y_ 1
     (Lambda _x_ 1
        {{AtomicEvid _x_, AtomicEvid _y_,
        AtomicEvid _z_}})) = true
contains (AtomicEvid _z_) \by Penelope @ 1 \in c3 [j3] =
true
(remove judgement_eq_dec
   (AtomicEvid _z_) \by Penelope @ 1 \in c3 [j3] ==?
 []) = true
notUsedInInnerAbstraction _y_
  (Lambda _x_ 1
     {{AtomicEvid _x_, AtomicEvid _y_,
     AtomicEvid _z_}}) = true
contains (AtomicEvid _y_) \by Penelope @ 1 \in c2
  [j2; j3] = true
(remove judgement_eq_dec
   (AtomicEvid _y_) \by Penelope @ 1 \in c2 [j2; j3] ==?
 [j3]) = true
notUsedInInnerAbstraction _x_
  {{AtomicEvid _x_, AtomicEvid _y_, AtomicEvid _z_}} =
true
contains (AtomicEvid _x_) \by Penelope @ 1 \in c1
  [j1; j2; j3] = true
(remove judgement_eq_dec
   (AtomicEvid _x_) \by Penelope @ 1 \in c1
   [j1; j2; j3] ==? [j2; j3]) = true
([j1; j2] ++
 [(AtomicEvid _z_) \by Penelope @ 1 \in c3] ==?
 [j1; j2; j3]) = true
1 = Qmin 1 1
([(AtomicEvid _x_) \by Penelope @ 1 \in c1] ++
 [(AtomicEvid _y_) \by Penelope @ 1 \in c2] ==?
 [j1; j2]) = true
1 = Qmin 1 1
all: reflexivity.
Defined.

Eval compute in (showForProofTree process_example).
= "\begin{prooftree}\AxiomC{$ C_{1} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ x^{P}_{1} \in C_{1} \vdash_{} x^{P}_{1} \in C_{1} $}\AxiomC{$ C_{2} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ y^{P}_{1} \in C_{2} \vdash_{} y^{P}_{1} \in C_{2} $} \RightLabel{ $ \wedge^{+} $} \BinaryInfC{$ x^{P}_{1} \in C_{1}, y^{P}_{1} \in C_{2} \vdash_{} (x, y)^{P}_{1} \in (C_{1} \wedge C_{2}) $}\AxiomC{$ C_{3} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ z^{P}_{1} \in C_{3} \vdash_{} z^{P}_{1} \in C_{3} $} \RightLabel{ $ \wedge^{+} $} \BinaryInfC{$ x^{P}_{1} \in C_{1}, y^{P}_{1} \in C_{2}, z^{P}_{1} \in C_{3} \vdash_{} ((x, y), z)^{P}_{1} \in ((C_{1} \wedge C_{2}) \wedge C_{3}) $} \RightLabel{ $ \rightarrow^+ $} \UnaryInfC{$ y^{P}_{1} \in C_{2}, z^{P}_{1} \in C_{3} \vdash_{} \lambda(x_{1})(((x, y), z))^{P}_{1} \in (C_{1} \rightarrow ((C_{1} \wedge C_{2}) \wedge C_{3})) $} \RightLabel{ $ \rightarrow^+ $} \UnaryInfC{$ z^{P}_{1} \in C_{3} \vdash_{} \lambda(y_{1})(\lambda(x_{1})(((x, y), z)))^{P}_{1} \in (C_{2} \rightarrow (C_{1} \rightarrow ((C_{1} \wedge C_{2}) \wedge C_{3}))) $} \RightLabel{ $ \rightarrow^+ $} \UnaryInfC{$ \lambda(z_{1})(\lambda(y_{1})(\lambda(x_{1})(((x, y), z))))^{P}_{1} \in (C_{3} \rightarrow (C_{2} \rightarrow (C_{1} \rightarrow ((C_{1} \wedge C_{2}) \wedge C_{3})))) $}\end{prooftree}"
: string

Eval compute in (showForNaturalLanguage process_example).
     = "

- (claim 3 implies (claim 2 implies (claim 1 implies ((claim 1 and claim 2) and claim 3)))) is supported by $\lambda(z_{1})(\lambda(y_{1})(\lambda(x_{1})(((x, y), z))))$ at weight 1 which Penelope uses, because
  - Assuming claim 3 is supported by $z$ at weight 1 which Penelope uses then (claim 2 implies (claim 1 implies ((claim 1 and claim 2) and claim 3))) is supported by $\lambda(y_{1})(\lambda(x_{1})(((x, y), z)))$ at weight 1 which Penelope uses, because
    - Assuming claim 2 is supported by $y$ at weight 1 which Penelope uses, and claim 3 is supported by $z$ at weight 1 which Penelope uses then (claim 1 implies ((claim 1 and claim 2) and claim 3)) is supported by $\lambda(x_{1})(((x, y), z))$ at weight 1 which Penelope uses, because
      - Assuming claim 1 is supported by $x$ at weight 1 which Penelope uses, claim 2 is supported by $y$ at weight 1 which Penelope uses, and claim 3 is supported by $z$ at weight 1 which Penelope uses then ((claim 1 and claim 2) and claim 3) is supported by $((x, y), z)$ at weight 1 which Penelope uses, because
        - Assuming claim 1 is supported by $x$ at weight 1 which Penelope uses, and claim 2 is supported by $y$ at weight 1 which Penelope uses then (claim 1 and claim 2) is supported by $(x, y)$ at weight 1 which Penelope uses, because
          - Assuming claim 1 is supported by $x$ at weight 1 which Penelope uses then claim 1 is supported by $x$ at weight 1 which Penelope uses, because
            - claim 1 is a veracity claim.
          - by assumption.
          - Assuming claim 2 is supported by $y$ at weight 1 which Penelope uses then claim 2 is supported by $y$ at weight 1 which Penelope uses, because
            - claim 2 is a veracity claim.
          - by assumption.
        - by a logical rule for 'and'.
        - Assuming claim 3 is supported by $z$ at weight 1 which Penelope uses then claim 3 is supported by $z$ at weight 1 which Penelope uses, because
          - claim 3 is a veracity claim.
        - by assumption.
      - by a logical rule for 'and'.
    - by a logical rule for implication.
  - by a logical rule for implication.
- by a logical rule for implication.

"
     : string
Eval compute in (showForLogSeq process_example).
     = "

### Veracity proof that (claim 3 implies (claim 2 implies (claim 1 implies ((claim 1 and claim 2) and claim 3)))) is held by Penelope by the evidence $\lambda(z_{1})(\lambda(y_{1})(\lambda(x_{1})(((x, y), z))))$ at weight $1$
  - (claim 3 implies (claim 2 implies (claim 1 implies ((claim 1 and claim 2) and claim 3)))) is held by Penelope by the evidence $\lambda(z_{1})(\lambda(y_{1})(\lambda(x_{1})(((x, y), z))))$ at weight $1$
    - Logical rule used: implication introduction
      - Sub-proof:
        - (claim 2 implies (claim 1 implies ((claim 1 and claim 2) and claim 3))) is held by Penelope by the evidence $\lambda(y_{1})(\lambda(x_{1})(((x, y), z)))$ at weight $1$
          collapsed:: true
          - Assumptions made:
            collapsed:: true
            - claim 3 is held by Penelope by the evidence $z$ at weight $1$
          - Logical rule used: implication introduction
            - Sub-proof:
              - (claim 1 implies ((claim 1 and claim 2) and claim 3)) is held by Penelope by the evidence $\lambda(x_{1})(((x, y), z))$ at weight $1$
                collapsed:: true
                - Assumptions made:
                  collapsed:: true
                  - claim 2 is held by Penelope by the evidence $y$ at weight $1$
                  - claim 3 is held by Penelope by the evidence $z$ at weight $1$
                - Logical rule used: implication introduction
                  - Sub-proof:
                    - ((claim 1 and claim 2) and claim 3) is held by Penelope by the evidence $((x, y), z)$ at weight $1$
                      collapsed:: true
                      - Assumptions made:
                        collapsed:: true
                        - claim 1 is held by Penelope by the evidence $x$ at weight $1$
                        - claim 2 is held by Penelope by the evidence $y$ at weight $1$
                        - claim 3 is held by Penelope by the evidence $z$ at weight $1$
                      - Logical rule used: and introduction
                        - Sub-proofs:
                          - (claim 1 and claim 2) is held by Penelope by the evidence $(x, y)$ at weight $1$
                            collapsed:: true
                            - Assumptions made:
                              collapsed:: true
                              - claim 1 is held by Penelope by the evidence $x$ at weight $1$
                              - claim 2 is held by Penelope by the evidence $y$ at weight $1$
                            - Logical rule used: and introduction
                              - Sub-proofs:
                                - claim 1 is held by Penelope by the evidence $x$ at weight $1$
                                  collapsed:: true
                                  - Assumptions made:
                                    collapsed:: true
                                    - claim 1 is held by Penelope by the evidence $x$ at weight $1$
                                  - Logical rule used: we assume this
                                - claim 2 is held by Penelope by the evidence $y$ at weight $1$
                                  collapsed:: true
                                  - Assumptions made:
                                    collapsed:: true
                                    - claim 2 is held by Penelope by the evidence $y$ at weight $1$
                                  - Logical rule used: we assume this
                          - claim 3 is held by Penelope by the evidence $z$ at weight $1$
                            collapsed:: true
                            - Assumptions made:
                              collapsed:: true
                              - claim 3 is held by Penelope by the evidence $z$ at weight $1$
                            - Logical rule used: we assume this
  - Atomic evidence is abbreviated as follows:
    collapsed:: true
    - x = atomic evidence x
    - y = atomic evidence y
    - z = atomic evidence z

"
     : string

impl_intro example

This example shows a basic application of the impl_intro rule to show that the claim \(C_1 \rightarrow C_1\) has veracity. We use 1 for the weights in this example.

Definition impl_intro1 : proofTreeOf_wrapped a1 ((Implies c1 c1)).
proofTreeOf_wrapped a1 (c1 ->' c1)
eexists [] _ _.
proofTreeOf [] ?Goal \by a1 @ ?Goal0 \in (c1 ->' c1)
eapply (impl_intro _e1_ _ _ 1 1 _ _ _ _ _ _ _).
proofTreeOf ?Ps ?bx \by a1 @ 1 \in c1
eapply (assume _e1_ _ 1).
Unshelve.
notUsedInInnerAbstraction _e1_ (AtomicEvid _e1_) =
true
contains (AtomicEvid _e1_) \by a1 @ 1 \in c1
  [(AtomicEvid _e1_) \by a1 @ 1 \in c1] = true
(remove judgement_eq_dec
   (AtomicEvid _e1_) \by a1 @ 1 \in c1
   [(AtomicEvid _e1_) \by a1 @ 1 \in c1] ==? []) =
true
all: reflexivity.
Defined.

Eval compute in (showForProofTree impl_intro1).
= "\begin{prooftree}\AxiomC{$ C_{1} \textit{ is a veracity claim} $} \RightLabel{ $ assume $}\UnaryInfC{$ e1^{a_{1}}_{1} \in C_{1} \vdash_{} e1^{a_{1}}_{1} \in C_{1} $} \RightLabel{ $ \rightarrow^+ $} \UnaryInfC{$ \lambda(e1_{1})(e1)^{a_{1}}_{1} \in (C_{1} \rightarrow C_{1}) $}\end{prooftree}"
: string

Eval compute in (showForNaturalLanguage impl_intro1).
     = "

- (claim 1 implies claim 1) is supported by $\lambda(e1_{1})(e1)$ at weight 1 which actor 1 uses, because
  - Assuming claim 1 is supported by $e1$ at weight 1 which actor 1 uses then claim 1 is supported by $e1$ at weight 1 which actor 1 uses, because
    - claim 1 is a veracity claim.
  - by assumption.
- by a logical rule for implication.

"
     : string
Eval compute in (showForLogSeq impl_intro1).
     = "

### Veracity proof that (claim 1 implies claim 1) is held by actor 1 by the evidence $\lambda(e1_{1})(e1)$ at weight $1$
  - (claim 1 implies claim 1) is held by actor 1 by the evidence $\lambda(e1_{1})(e1)$ at weight $1$
    - Logical rule used: implication introduction
      - Sub-proof:
        - claim 1 is held by actor 1 by the evidence $e1$ at weight $1$
          collapsed:: true
          - Assumptions made:
            collapsed:: true
            - claim 1 is held by actor 1 by the evidence $e1$ at weight $1$
          - Logical rule used: we assume this
  - Atomic evidence is abbreviated as follows:
    collapsed:: true
    - e1 = atomic evidence 1

"
     : string

impl_intro and impl_elim example

This example shows a basic application of impl_elim.

Definition impl_intro_elim : proofTreeOf_wrapped a1 (c1).
proofTreeOf_wrapped a1 c1
eexists [(AtomicEvid _e2_) \by a1 @ 1 \in c1] _ 1.
proofTreeOf [(AtomicEvid _e2_) \by a1 @ 1 \in c1]
  ?Goal \by a1 @ 1 \in c1

The tactics on the next four lines are not required for the proof and could be deleted, however they help to highlight what is happening with the application of the abstraction: \(\lambda(e_1)(e_1)(e_2) = e_2\).

eassert (apply_abstraction _e1_ e1 e2 _ = e2).
apply_abstraction _e1_ e1 e2 ?H2 = e2
H: apply_abstraction _e1_ e1 e2 ?H2 = e2
proofTreeOf [(AtomicEvid _e2_) \by a1 @ 1 \in c1]
  ?Goal \by a1 @ 1 \in c1
simpl.
e2 = e2
H: apply_abstraction _e1_ e1 e2 ?H2 = e2
proofTreeOf [(AtomicEvid _e2_) \by a1 @ 1 \in c1]
  ?Goal \by a1 @ 1 \in c1 reflexivity.
H: apply_abstraction _e1_ e1 e2 ?H2 = e2
proofTreeOf [(AtomicEvid _e2_) \by a1 @ 1 \in c1]
  ?Goal \by a1 @ 1 \in c1 Unshelve.
H: apply_abstraction _e1_ e1 e2 ?H2 = e2
proofTreeOf [(AtomicEvid _e2_) \by a1 @ 1 \in c1]
  ?Goal \by a1 @ 1 \in c1
evid
notUsedInInnerAbstraction _e1_ e1 = true 3: reflexivity.
H: apply_abstraction _e1_ e1 e2 eq_refl = e2
proofTreeOf [(AtomicEvid _e2_) \by a1 @ 1 \in c1]
  ?Goal \by a1 @ 1 \in c1
evid 2: shelve.
H: apply_abstraction _e1_ e1 e2 eq_refl = e2
proofTreeOf [(AtomicEvid _e2_) \by a1 @ 1 \in c1]
  ?Goal \by a1 @ 1 \in c1
fold e2.
H: apply_abstraction _e1_ e1 e2 eq_refl = e2
proofTreeOf [e2 \by a1 @ 1 \in c1]
  ?Goal \by a1 @ 1 \in c1
rewrite <- H.
H: apply_abstraction _e1_ e1 e2 eq_refl = e2
proofTreeOf
  [(apply_abstraction _e1_ e1 e2 eq_refl) \by a1 @
   1 \in c1] ?Goal \by a1 @ 1 \in c1

eapply (impl_elim _e1_ e1 e2 a1 1 1 C1 C1 _ _ _ _).
H: apply_abstraction _e1_ e1 e2 eq_refl = e2
proofTreeOf ?Ps
  (Lambda _e1_ 1 e1) \by a1 @ 1 \in (C1 ->' C1)
H: apply_abstraction _e1_ e1 e2 eq_refl = e2
proofTreeOf ?Qs e2 \by a1 @ 1 \in C1
eapply (impl_intro _e1_ _ _ 1 1 _ _ _ [] _ _ _).
H: apply_abstraction _e1_ e1 e2 eq_refl = e2
proofTreeOf ?Ps e1 \by a1 @ 1 \in C1
H: apply_abstraction _e1_ e1 e2 eq_refl = e2
proofTreeOf ?Qs e2 \by a1 @ 1 \in C1
eapply (assume _e1_ _ 1).
H: apply_abstraction _e1_ e1 e2 eq_refl = e2
proofTreeOf ?Qs e2 \by a1 @ 1 \in C1
eapply (assume _e2_ _ 1).
Unshelve.
H: apply_abstraction _e1_ e1 e2 eq_refl = e2
([] ++ [(AtomicEvid _e2_) \by a1 @ 1 \in C1] ==?
 [(apply_abstraction _e1_ e1 e2 eq_refl) \by a1 @
  1 \in c1]) = true
notUsedInInnerAbstraction _e1_ e1 = true
H: apply_abstraction _e1_ e1 e2 eq_refl = e2
notUsedInInnerAbstraction _e1_ e1 = true
H: apply_abstraction _e1_ e1 e2 eq_refl = e2
contains (AtomicEvid _e1_) \by a1 @ 1 \in C1
  [(AtomicEvid _e1_) \by a1 @ 1 \in C1] = true
H: apply_abstraction _e1_ e1 e2 eq_refl = e2
(remove judgement_eq_dec
   (AtomicEvid _e1_) \by a1 @ 1 \in C1
   [(AtomicEvid _e1_) \by a1 @ 1 \in C1] ==? []) =
true
all: try reflexivity.
Defined.