The theory of functions in GST
Overview
 This document introduces definitions and derives results relating to the representation of functions in galactic set theory.
 Introduction A new "gst-fun" theory is created as a child of "gst-ax". The theory will contain the definitions of ordered pairs, relations and functions and related material for general use. Ordered Pairs We now introduce ordered pairs, which are required for representing functions as graphs. Relations A relation is defined as a set of ordered pairs. Cartesian product and relation space are defined. Domain, Range and Field The domain, range and field of a relation are defined.
 Functions Definition of partial and total functions and the corresponding function spaces. Functional Abstraction Functional abstraction is defined as a new variable binding construct yeilding a functional set. Application and Extensionality In this section we define function application and show that functions are extensional. Proof Context Listing of Theory gst-fun
Introduction
 A new "gst-fun" theory is created as a child of "gst-ax". The theory will contain the definitions of ordered pairs, relations and functions and related material for general use.
 Motivation Most of the specification work which I am likely to do with galactic set theory will make use of functions. My first application of the functions will be in the theory of pure functors, which is frivolous and unlikely to be widely applied, and so I am creating this theory first so that more generally applicable results which are required for the theory of pure functors will be available separately. I have no clear idea of what this theory will contain, it will initially contain basic materials about functions, but will be augmented by anything else that turns out to be necessary elsewhere and which can appropriately be placed here.
The Theory gst-fun
The new theory is first created, together with a proof context which we will build up as we develop the theory.
 xl-sml open_theory "gst-ax"; force_new_theory "gst-fun"; force_new_pc "gst-fun"; merge_pcs ["xl_cs__conv"] "gst-fun"; set_merge_pcs ["basic_hol", "gst-ax", "gst-fun"];

Ordered Pairs
 We now introduce ordered pairs, which are required for representing functions as graphs.
Ordered Pairs

 xl-sml declare_infix (240,"");

This is more abstract than the usual definition since it conceals the way in which ordered pairs are encoded. Behind the scenes the usual definition is used to prove that this looser definition is a conservative extension.
 xl-holconst \$ : 'a GS 'a GS 'a GS s t u v:'a GS s t = u v s = u t = v

 xl-sml add_pc_thms "gst-fun" [get_spec \$]; set_merge_pcs ["basic_hol", "gst-ax", "gst-fun"];

Projections
The following functions may be used for extracting the components of ordered pairs.
 xl-holconst fst snd : 'a GS 'a GS s t fst(s t) = s snd(s t) = t
Relations
 A relation is defined as a set of ordered pairs. Cartesian product and relation space are defined.
Cartesian Product
The following theorem is required to introduce the conservative specification of cartesian product. The witness for the proof is shown, involving a double application of replacement. This is necessary because the loose specification of ordered pair does not provide sufficient information for a more conventional definition using separation.
 xl-sml declare_infix(240,""); set_goal([], \$ s t e e s t l rl s r t e = l r ); a (_tac s t ( Image (se (Image (te se te) t)) s) );

After completing this proof (script display inhibited) cartesian product can be specified by conservative extension as follows:
 xl-holconst \$ : 'a GS 'a GS 'a GS s t e e s t l rl s r t e = l r
Pair-Projection inverse theorem

 xl-sml set_goal ([],s t p p s t fst(p) snd(p) = p); a (prove_tac[_spec]); a (asm_rewrite_tac[]); val fs_thm = save_pop_thm "fs_thm";

Var in Product theorem

 xl-sml set_goal([],p s t p (s t) fst p s snd p t); a (prove_tac[get_spec\$] THEN_TRY asm_rewrite_tac[]); val v_thm = save_pop_thm "v_thm"; add_pc_thms "gst-fun" [v_thm]; set_merge_pcs ["basic_hol", "gst-ax", "gst-fun"];

Pair in Product theorem

 xl-sml set_goal([],l r s t (l r) (s t) l s r t); a (prove_tac[get_spec\$]); a (_tac l THEN _tac r THEN asm_prove_tac[]); val _thm = save_pop_thm "_thm"; add_pc_thms "gst-fun" [_thm]; set_merge_pcs ["basic_hol", "gst-ax", "gst-fun"];

Relation Space
This is the set of all relations over some domain and codomain, i.e. the power set of the cartesian product.
 xl-sml declare_infix(240,"");

 xl-holconst \$ : 'a GS 'a GS 'a GS s t s t = (s t)
Relation Subset Product Theorem
We prove here that relations are subsets of cartesian products.
 xl-sml set_goal ([], s t r r s t r (s t)); a (prove_tac[get_spec\$, gst_relext_clauses]); val _thm = save_pop_thm "_thm";

Relation Space Non-Empty
We prove here that the empty set is a member of every relation space.
 xl-sml set_goal ([], s t s t); a (prove_tac[get_spec\$, gst_relext_clauses]); val _thm = save_pop_thm "_thm"; add_pc_thms "gst-fun" [_thm]; set_merge_pcs ["basic_hol", "gst-ax", "gst-fun"];

Another Pair-Projection Inverse Theorem
Couched in terms of membership of relation spaces.
 xl-sml set_goal ([], p r s t p r r s t fst(p) snd(p) = p); a (prove_tac[ get_spec \$, _thm]); a (REPEAT (asm_fc_tac[fs_thm])); val fs_thm1 = save_pop_thm "fs_thm1";

Member of Relation Theorem

 xl-sml set_goal ([],p r s t p r r s t fst(p) s snd(p) t); a (prove_tac[ get_spec \$, _thm]); a (asm_fc_tac[]); a (fc_tac[v_thm]); a (asm_fc_tac[]); a (fc_tac[v_thm]); val _thm = save_pop_thm "_thm";

Relations

 xl-holconst rel : 'a GS BOOL x rel x y y x s t y = s t
Empty Set a Relation

 xl-sml val rel__thm = prove_thm ( "rel__thm", rel , prove_tac[get_specrel]);

Relational Composition

 xl-sml declare_infix (250,"o");

 xl-holconst \$o : 'a GS 'a GS 'a GS f g f o g = Image (p (fst(fst p) snd(snd p))) (Sep (g f) p snd(fst p)=fst(snd p))
Domain, Range and Field
 The domain, range and field of a relation are defined.
domain
The domain is the set of elements which are related to something under the relationship.
 xl-holconst dom : 'a GS 'a GS x dom x = Image fst x
The domain of the empty set

 xl-sml (* add_pc_thms "gst-fun" (map get_spec []); set_merge_pcs ["basic_hol", "gst-ax", "gst-fun"]; *) set_goal([],dom = ); a (prove_tac[get_specdom, gst_relext_clauses]); val dom__thm = save_pop_thm "dom__thm";

range

 xl-holconst ran : 'a GS 'a GS x ran x = Image snd x
The range of the empty set

 xl-sml set_goal([],ran = ); a (prove_tac[get_specran, gst_relext_clauses]); val ran__thm = save_pop_thm "ran__thm";

field

 xl-holconst field : 'a GS 'a GS s e e (field s) e (dom s) e (ran s)
The field of the empty set

 xl-sml set_goal([],field = ); a (prove_tac[gst_relext_clauses]); val field__thm = save_pop_thm "field__thm";

Functions
 Definition of partial and total functions and the corresponding function spaces.
Functions

 xl-holconst fun : 'a GS BOOL x fun x rel x s t u s u x s t x u = t
Empty Set a Function

 xl-sml val fun__thm = prove_thm ( "fun__thm", fun , prove_tac[ get_spec fun]);

Partial Function Space
This is the set of all partial functions (i.e. many one mapings) over some domain and codomain.
 xl-sml declare_infix (240, "");

 xl-holconst \$ : 'a GS 'a GS 'a GS s t s t = Sep (s t) fun
Partial Function Space Non-Empty
First the theorem that the empty set is a partial function over any domain and codomain.
 xl-sml set_goal([], s t s t); a (prove_tac[ get_spec \$, fun__thm]); val _thm = save_pop_thm "_thm";

And then that every partial function space is non-empty.
 xl-sml set_goal([], s t f f s t); a (REPEAT strip_tac THEN _tac THEN rewrite_tac [_thm]); val _thm = save_pop_thm "_thm";

Function Space
This is the set of all total functions over some domain and codomain.
 xl-sml declare_infix (240, "");

 xl-holconst \$ : 'a GS 'a GS 'a GS s t s t = Sep (s t) r dom r = s
Function Space Non-Empty
First, for the special case of function spaces with empty domain we prove the theorem that the empty set is a member:
 xl-sml set_goal([],s t t); a (prove_tac[get_spec \$, fun__thm, _thm]); val _thm = save_pop_thm "_thm";

Then that whenever the codomain is non-empty the function space is non-empty.
 xl-sml set_goal([], s t (x x t) f f s t); a (REPEAT strip_tac THEN _tac s (Unit x)); a (rewrite_tac [get_spec \$, get_spec \$, get_spec \$]); a (once_rewrite_tac [gst_relext_clauses]); a (rewrite_tac[ get_spec dom, get_spec fun, get_spec rel, get_spec \$] THEN REPEAT strip_tac THEN TRY (asm_rewrite_tac[])); (* *** Goal "1" *** *) a (_tac l THEN _tac r THEN asm_rewrite_tac[]); (* *** Goal "2" *** *) a (_tac l THEN _tac r THEN asm_rewrite_tac[]); (* *** Goal "3" *** *) a (_tac e x THEN asm_rewrite_tac[]); a (_tac e THEN _tac x THEN asm_rewrite_tac[]); val _thm = save_pop_thm "_thm";

Functional Abstraction
 Functional abstraction is defined as a new variable binding construct yeilding a functional set.
Abstraction

Because of the closeness to lambda abstraction "g" is used as the name of a new binder for set theoretic functional abstraction.

 xl-sml declare_binder "g";

To define a functional set we need a HOL function over sets together with a set which is to be the domain of the function. Specification of the range is not needed. The binding therefore yields a function which maps sets to sets (maps the domain to the function).

The following definition is a placeholder, a more abstract definition might eventually be substituted. The function is defined as that subset of the cartesian product of the set s and its image under the function f which coincides with the graph of f over s.

 xl-holconst\$g: ('a GS 'a GS) 'a GS 'a GS f s \$g f s = Sep (s (Image f s)) (p snd p = f (fst p))
Application and Extensionality
 In this section we define function application and show that functions are extensional.
Application
Application by juxtaposition cannot be overloaded and is used for application of HOL functions. Application of functional sets is therefore defined as an infix operator whose name is the empty name subscripted by "g".
 xl-sml declare_infix (250,"g");

The particular form shown here is innovative in the value specified for applications of functions to values outside their domain. The merit of the particular value chosen is that it makes true an extensionality theorem which quantifies over all sets as arguments to the function, which might not otherwise be the case. Whether this form is useful I don't know. Generally a result with fewer conditionals is harder to prove but easier to use, but in this case I'm not so sure of the benefit.

It may be noted that it may also be used to apply a non-functional relation, if what you want it some arbitrary value (selected by the choice function) to which some object relates.
 xl-holconst \$g : 'a GS 'a GS 'a GS f x f g x = if y x y f then y x y f else f
The following basic lemma is useful in reasoning about function application:
 xl-sml set_goal([], f x (1y x y f) x (f g x) f ); a (prove_tac[get_spec\$g]); a (LEMMA_T y x y f (fn x=> rewrite_tac[x]) THEN1 ( _tac y THEN prove_tac[])); a (all__tac); a (_tac y THEN prove_tac[]); val app_thm1 = save_pop_thm "app_thm1";

Note that the result is not conditional on f being a function.

The next theorem applies to functions only and obtains the necessary uniqueness of image from that assumption.

 xl-sml set_goal([], f x y fun f (x y f) f g x = y ); a (prove_tac[get_spec\$g, get_spec fun]); a (LEMMA_T y x y f (fn x=> rewrite_tac[x]) THEN1 ( _tac y THEN prove_tac[])); a (all__tac); a (_tac y THEN prove_tac[]); a (REPEAT (asm_fc_tac[])); val app_thm2 = save_pop_thm "app_thm2";

The "Type" of an Application (1)
The following theorem states that the result of applying a partial function to a value in its domain is a value in its codomain.
 xl-sml set_goal([], f s t u f s t u dom f f g u t); a (prove_tac[ get_spec \$, get_spec dom]); a (all_fc_tac [fs_thm1]); a (lemma_tac fst e snd e f THEN1 asm_rewrite_tac[]); a (lemma_tac f g u = snd e THEN1 ( bc_thm_tac app_thm2 THEN asm_rewrite_tac[])); a (asm_rewrite_tac[]); a (all_fc_tac [_thm]); val g_thm = save_pop_thm "g_thm";

The "Type" of an Application (2)
The following theorem states that the result of applying a total function to a value in its domain is a value in its codomain.
 xl-sml set_goal([], f s t u f s t u s f g u t); a (prove_tac[ get_spec \$]); a (bc_thm_tac g_thm); a (_tac s THEN asm_rewrite_tac[]); val g_thm1 = save_pop_thm "g_thm1";

Partial functions are total
Every partial function is total over its domain. (there is an ambiguity in the use of the term "domain" for a partial function. It might mean the left hand operand of some partial function space construction within which the partial function concerned may be found, or it might mean the set of values over which the function is defined. Here we are saying that if f is a partial function over A, then its domain is some subset of A and f is a total function over that subset of A.)
 xl-sml set_goal([],f s t u f s t f dom f t); a (rewrite_tac[ get_spec \$, get_spec \$, get_spec dom, get_spec \$]); a (once_rewrite_tac[gst_relext_clauses]); a (REPEAT strip_tac); a (rewrite_tac[get_spec \$]); a (asm_fc_tac[]); a (all_fc_tac[ fs_thm, v_thm]); a (_tac fst e THEN _tac snd e THEN asm_rewrite_tac[]); a (_tac e THEN asm_rewrite_tac[]); val _thm = save_pop_thm "_thm";

The Identity Function

 xl-holconst id : 'a GS 'a GS s id s = Sep (s s) x fst x = snd x

 xl-sml set_goal([],s x x id s y y s x = y y); a (prove_tac[get_spec id] THEN_TRY (asm_rewrite_tac[ get_spec\$, get_spec\$])); (* *** Goal "1" *** *) a (fc_tac[get_spec\$]); a (asm_ante_tac fst x = snd x THEN asm_rewrite_tac[] THEN strip_tac THEN all_var_elim_asm_tac); a (_tac r THEN asm_rewrite_tac[]); (* *** Goal "2" *** *) a (REPEAT (_tac y) THEN asm_rewrite_tac[]); val id_thm1 = save_pop_thm "id_thm1";

 xl-sml set_goal([],s x x s (id s) g x = x); a (once_rewrite_tac[gst_relext_clauses]); a (rewrite_tac[get_spec \$g, id_thm1]); a (REPEAT_N 4 strip_tac); a (LEMMA_T y y' y' s x = y' y = y' (fn x=> rewrite_tac[x] THEN asm_tac x) THEN1 (REPEAT_N 2 (_tac x) THEN asm_rewrite_tac[])); a (all__tac THEN asm_rewrite_tac[]); val id_ap_thm = save_pop_thm "id_ap_thm";

Identity Function in Partial Function Space

 xl-sml set_goal([],s t u s t u id s t u); a (rewrite_tac[gst_relext_clauses]); a (prove_tac[get_spec \$, get_spec id, get_spec \$, get_spec \$]); (* *** Goal "1" *** *) a (once_rewrite_tac[gst_relext_clauses]); a (prove_tac[get_spec \$]); a (MAP_EVERY _tac [l, r] THEN REPEAT strip_tac THEN (REPEAT (asm_fc_tac[]))); (* *** Goal "2" *** *) a (prove_tac[get_spec fun, get_spec rel, get_spec \$]); val id_thm1 = save_pop_thm "id_thm1"; set_goal([],s t u s t id s t t); a (prove_tac[]); a (bc_thm_tac id_thm1); a (asm_rewrite_tac [ prove_rule [gst_relext_clauses] t t = t]); val id_thm2 = save_pop_thm "id_thm2";

Relational Composition
 In this section we define Relational Composition.
Proof Context

 xl-sml add_pc_thms "gst-fun" ([ field__thm, fun__thm, _thm]); set_merge_pcs ["basic_hol", "gst-ax", "gst-fun"]; commit_pc "gst-fun";