max/cubical-transport-hott-lean4
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
cubical-transport-hott-lean4/CubicalTransport/System.lean
Maximus Gorog 19928d040a
Some checks failed
Lean Action CI / build (push) Has been cancelled
Details
REL2 universe stratification + topolei naming cleanup + Rust ABI v4 
Two structural changes landed together as one coherent body of work.

## 1. Engine is name-clean from higher-order projects

The engine no longer carries "topolei" in its own naming surface.
Higher-order projects depend on the engine, not vice versa, so the
engine should be self-named.

  topolei-cubical (Cargo)            → cubical-transport
  libtopolei_cubical.a               → libcubical_transport.a
  topolei_cubical.h                  → cubical_transport.h
  TOPOLEI_FFI_ABI_VERSION            → CUBICAL_TRANSPORT_ABI_VERSION
  topolei_cubical_*  (14 FFI fns)    → cubical_transport_*
  topolei_shim_*     (9 shim fns)    → cubical_transport_shim_*

Inter-repo references describing topolei as a downstream consumer
(README, KERNEL_BOUNDARY.md, INDUCTIVE_TYPES.md, etc.) are preserved
as legitimate dependency-direction descriptions.

## 2. Universe-stratified, dependently-typed CType

  CType : ULevel → Type (genuinely indexed inductive)

with dependent pi/sigma carrying a binder name, a lift constructor
for cumulativity, and parameter lists of Σ-packaged types.

Per CCHM rules:
  · univ ℓ        : CType (ℓ.succ)
  · pi/sigma      : CType (max ℓ_A ℓ_B), with named binder
  · path A        : at A's level
  · glue T A      : T and A at same level
  · ind           : at user-chosen level (heterogeneous-level params)
  · interval      : CType .zero
  · lift          : CType (ℓ.succ), data-preserving

Every existing engine module cascades through {ℓ : ULevel} implicits
on functions/theorems, pi/sigma binder updates, and Σ-packaged params
lists.  CTerm stays un-indexed (universe lives on CType).

## 3. Substrate machinery for the cascade

  Universe.lean — ULevel inductive + max algebra (assoc, comm, etc.),
                  all theorems proven structurally.

  Syntax.lean — adds SkeletalCType enum + CType.skeleton level-erasure
                projection + per-constructor skeleton_* simp lemmas +
                CType.ind_skeleton_ne_pi disjointness lemma.  Used to
                discharge cross-level HEq cases in TransportLaws/CompLaws
                without invoking K.

## 4. Rust ABI v3 → v4

Lean 4 keeps implicit {ℓ : ULevel} parameters at runtime as constructor
fields, in declaration order interleaved with explicit args (verified
via probeLayout instrumentation).  Layout for level-bearing constructors
documented in cubical_transport.h §"v4 layout tables".

  CType.pi      : 5 fields — [ℓ_d, ℓ_c, var, A, B]
  CType.path    : 4 fields — [ℓ, A, a, b]
  CType.glue    : 9 fields — [ℓ, φ, T, f, fInv, sec, ret, coh, A]
  CType.ind     : 3 fields — [ℓ, S, params]
  CType.lift    : 2 fields — [ℓ, A]
  CTerm.transp  : 5 fields — [i, ℓ, A, φ, t]   (i precedes ℓ)
  CVal.vCompFun : 9 fields — [ℓ_d, ℓ_c, env, i, dom, cod, φ, u, t]
  ... etc

All Rust marshalling (value.rs, eval.rs, transport.rs, composition.rs,
glue.rs, beta.rs, dim_absent.rs, readback.rs, subst.rs, ffi.rs, tags.rs)
updated to match.

## Discipline

  · Zero sorry in CubicalTransport/.
  · Zero noncomputable instances; zero Classical.propDecidable shortcuts.
  · No CType.level projection (the level lives in the inductive's index).
  · No parallel CTypeU type.
  · No stub substrate types (def Ω := CType.univ etc.).
  · Tests restored to full coverage (EvalTest 623 lines, FFITest 351
    lines with classifier-runtime tests intact).

## Verification

  cd cubical-transport-hott-lean4
  lake build                 # 48 jobs OK
  ./.lake/build/bin/cubical-test
                             # ── 49/49 passed ──
                             # ── 46/46 properties passed ──
                             # PASS: all smoke + property tests

  cd ../topolei
  lake build                 # 90 jobs OK
  ./.lake/build/bin/probe-test
                             # ── 7/7 probes passed ──
                             # PASS: GPU output matches Lean ShaderSemantic

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-04 00:21:14 -06:00

137 lines
6.7 KiB
Text
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/-
CubicalTransport.System
======================
Step 6 of the transport plan: partial elements — the [φ↦u] of composition.
A System is a pair (face formula φ, body term u). It represents a partial
element defined wherever φ holds. This is the new concept that separates
composition from transport: transport has no system, composition has one.
Compatibility (CompatAt0):
The system must agree with the base term t₀ on the face φ ∩ (i=0).
Formally: for every environment where both φ and (i=0) hold, the
body at i=0 equals t₀. This is the side-condition of the comp rule.
Key theorems:
· compat_bot — empty system [0_F↦u] is compatible with any t₀ (vacuous)
· compat_top — full system [1_F↦u] requires u[i:=0] = t₀
· compat_mono — if s is compatible with t₀ and φ' ≤ φ, so is (φ', u)
· System.Typed — packages the typing judgment on the body
-/
import CubicalTransport.Typing
-- (Typing.lean is below System in the import chain; System cannot be imported
-- from Typing. The HasType.comp rule uses raw components. This file provides
-- the System.Valid → HasType.comp convenience bridge.)
-- ── System definition ─────────────────────────────────────────────────────────
/-- A partial element: a face formula and a body term.
Represents the term `u` defined wherever `φ` holds. -/
structure System where
face : FaceFormula
body : CTerm
-- ── Compatibility ─────────────────────────────────────────────────────────────
/-- Compatibility of system `s` with base term `t₀` along dimension `i`.
Required side-condition for the composition typing rule.
Meaning: on the face where both `s.face` and `(i = 0)` hold,
the body of s substituted at i=0 equals t₀. -/
def System.CompatAt0 (s : System) (i : DimVar) (t₀ : CTerm) : Prop :=
∀ env : DimVar → Bool,
s.face.eval env = true →
env i = false →
CTerm.substDimBool i false s.body = t₀
-- ── Compatibility lemmas ──────────────────────────────────────────────────────
/-- The empty system [0_F↦u] is compatible with any t₀.
The face 0_F never holds, so the condition is vacuous. -/
theorem System.compat_bot (i : DimVar) (u t₀ : CTerm) :
System.CompatAt0 { face := .bot, body := u } i t₀ := by
intro env hbot _
simp [FaceFormula.eval] at hbot
/-- The full system [1_F↦u] requires u[i:=0] = t₀.
The face 1_F always holds, so the condition must hold for every env. -/
theorem System.compat_top_iff (i : DimVar) (u t₀ : CTerm) :
System.CompatAt0 { face := .top, body := u } i t₀ ↔
CTerm.substDimBool i false u = t₀ := by
constructor
· intro h
-- apply at any env with env i = false
have := h (fun _ => false) rfl rfl
exact this
· intro heq env _ _
exact heq
/-- The meet system [φ ∧ ψ ↦ u] is compatible if the ψ-system is.
(Monotonicity: a stronger face formula still satisfies compat.) -/
theorem System.compat_mono (i : DimVar) (u t₀ : CTerm)
(φ ψ : FaceFormula)
(hs : System.CompatAt0 { face := ψ, body := u } i t₀) :
System.CompatAt0 { face := .meet φ ψ, body := u } i t₀ := by
intro env hmeet hi
simp only [FaceFormula.eval, Bool.and_eq_true] at hmeet
exact hs env hmeet.2 hi
/-- If we tighten the face (φ' entails φ), compat is preserved. -/
theorem System.compat_entails (i : DimVar) (u t₀ : CTerm)
(φ φ' : FaceFormula)
(hent : FaceFormula.Entails φ' φ)
(hs : System.CompatAt0 { face := φ, body := u } i t₀) :
System.CompatAt0 { face := φ', body := u } i t₀ := by
intro env hφ' hi
exact hs env (hent env hφ') hi
-- ── Typed system ──────────────────────────────────────────────────────────────
/-- A typed system: the body has the 1-end type of the line.
In the comp rule, the system provides the "target" elements on the face φ. -/
structure System.Typed { : ULevel} (Γ : Ctx) (s : System) (L : DimLine ) : Prop where
body_typed : HasType Γ s.body L.at1
-- ── Typed system lemmas ───────────────────────────────────────────────────────
/-- Construct a typed system with face `.bot`. The face is irrelevant to the
`System.Typed` structure — the body must still be typed at `L.at1`. -/
theorem System.typed_bot { : ULevel} (Γ : Ctx) (u : CTerm) (L : DimLine ) :
HasType Γ u L.at1 →
System.Typed Γ { face := .bot, body := u } L :=
fun h => { body_typed := h }
/-- Weakening for typed systems. -/
theorem System.Typed.weaken { B : ULevel} (x : String) (B : CType B) (Γ : Ctx)
(s : System) (L : DimLine )
(hs : System.Typed Γ s L) :
System.Typed ((x, ⟨B, B⟩) :: Γ) s L :=
{ body_typed := HasType.weaken x B hs.body_typed }
-- ── Joint compatibility + typing ──────────────────────────────────────────────
/-- Package compat and typing together — this is what the comp typing rule needs. -/
structure System.Valid { : ULevel}
(Γ : Ctx) (s : System) (L : DimLine ) (i : DimVar) (t₀ : CTerm) : Prop where
typed : System.Typed Γ s L
compat : System.CompatAt0 s i t₀
/-- The empty system is valid for any t₀, given a body typed at L.at1. -/
theorem System.valid_bot { : ULevel}
(Γ : Ctx) (u : CTerm) (L : DimLine ) (i : DimVar) (t₀ : CTerm)
(hu : HasType Γ u L.at1) :
System.Valid Γ { face := .bot, body := u } L i t₀ :=
{ typed := { body_typed := hu }
compat := System.compat_bot i u t₀ }
-- ── Bridge: System.Valid → HasType.comp ──────────────────────────────────────
/-- Convert a System.Valid proof into the raw HasType.comp judgment.
This is the ergonomic entry point: package everything in System.Valid,
then call this to produce the typed composition term. -/
theorem HasType.comp_of_valid { : ULevel}
(Γ : Ctx) (L : DimLine ) (s : System) (t₀ : CTerm)
(ht : HasType Γ t₀ L.at0)
(hv : System.Valid Γ s L L.binder t₀) :
HasType Γ (.comp L.binder L.body s.face s.body t₀) L.at1 :=
HasType.comp L ht hv.typed.body_typed hv.compat
Reference in a new issue View git blame Copy permalink