# SYNOPSIS

While we are on our road to Lean-like tactic language, currently
we are at the stage of regular cubical **HTS** type checker
with **CHM**-style [5] primitives.
You may try it at Github: groupoid/anders or
install through OPAM:

```
$ opam install anders
$ anders
Anders theorem prover [MLTT][CCHM][HTS] version 0.7.2
invocation = anders | anders list
list = [] | command list
primitive = zero | one | interval
command = check <filename> | lex <filename>
| parse <filename> | prim primitive <name>
| cubicaltt <filename> | girard
| trace | verbose
| repl | help
```

Anders is fast, idiomatic and educational. We carefully draw the favourite
Lean-compatible syntax to fit 130 LOC in Menhir, the **MLTT** core
is 500 LOC and **CCHM** [4] pretypes is another 500 LOC.
It compiles under 2 seconds and
checks all the base library under 1 second [Haswell, 2013].

# SYNTAX

The syntax resembles original syntax of the reference **CCHM** type checker
**cubicaltt**, is slightly compatible with **Lean** syntax
and contains the full set of **Cubical Agda** [10] primitives.

Here is given the mathematical pseudo-code notation
of the language expressions that come immediately after parsing.
The core syntax definition of **HTS** language $E$ corresponds
to **exp** type defined in **expr.ml** OCaml module:

$$ E := cosmos\ |\ var\ |\ MLTT\ |\ CCHM\ |\ HIT \\ HIT := \mathbf{inductive}\ E\ E\ |\ \mathbf{ctor}\ name\ E\ |\ \mathbf{match}\ E\ E \\ CCHM := path\ |\ I\ |\ part\ |\ sub\ |\ kan\ |\ glue \\ MLTT := pi\ |\ sigma\ |\ id \\ $$ $$ cosmos := \mathbf{U}_j \ |\ \mathbf{V}_k \\ var := \mathbf{var}\ name\ |\ \mathbf{hole} \\ pi := \Pi\ name\ E\ E\ |\ \lambda\ name\ E\ E\ |\ E\ E \\ sigma := \Sigma\ name\ E\ E\ |\ (E,E)\ |\ E.1\ |\ E.2 \\ id := \mathbf{Id}\ E\ |\ \mathbf{ref}\ E\ |\ \mathbf{idJ}\ E \\ path := \mathbf{Path}\ E\ |\ E^i\ |\ E\ @\ E \\ I := \mathbf{I}\ |\ 0\ |\ 1\ |\ E\ \meet\ E\ |\ E\ \join\ E\ |\ \neg E \\ part := \mathbf{Partial}\ E\ E\ |\ \mathbf{[}\ (E=I) \rightarrow E, ...\ \mathbf{]} \\ sub := \mathbf{inc}\ E\ |\ \mathbf{ouc}\ E\ |\ E\ \mathbf{[}\ I\ \map\ E\ \mathbf{]} \\ kan := \mathbf{transp}\ E\ E\ |\ \mathbf{hcomp}\ E \\ glue := \mathbf{Glue}\ E\ |\ \mathbf{glue}\ E\ |\ \mathbf{unglue}\ E\ E $$ $$ $$

Further Menhir BNF notation will be used to describe the top-level language parser as type checker is written in OCaml.

**Keywords**.
The words of a top-level language (file or repl) consist of keywords or identifiers.
The keywords are following: **module**, **where**, **import**, **option**,
**def**, **axiom**, **postulate**, **theorem**, **(**, **)**,
**[**, **]**, **<**, **>**, **/**, **.1**, **.2**, **Π**,
**Σ**, **,**, **λ**, **×**, **→**, **:**, **:=**, **↦**, **U**,
**V**, **∧**, **∨**, **-**, **+**, **@**, **PathP**, **transp**,
**hcomp**, **zero**, **one**, **Partial**, **inc**, **ouc**,
**interval**, **inductive**, **Glue**, **glue**, **unglue**.

**Indentifiers**. Identifiers support UTF-8. Indentifiers couldn't start
with **:**, **-**, **→**. Sample identifiers:

`¬-of-∨, 1=1, is-?, =, $^~]!005x, ∞, x→Nat, f'`

**Modules**. Modules represent files with declarations. More accurate,
BNF notation of module consists of imports, options and declarations.

**Imports**. The import construction supports file folder
structure (without file extensions) by using reserved symbol **/**
for hierarchy walking.

**Options**. Each option holds bool value. Language supports following options:
1) **girard** (enables U : U);
2) **pre-eval** (normalization cache);
3) **impredicative** (infinite hierarchy with impredicativity rule);

```
%start <Module.file> file
%start <Module.command> repl
repl : COLON IDENT exp1 EOF | COLON IDENT EOF | exp0 EOF | EOF
file : MODULE IDENT WHERE line* EOF
path : IDENT
line :
| IMPORT path+
| OPTION IDENT IDENT
| declarations
```

In Anders you can enable or disable language core types,
adjust syntaxes or tune inner variables of the type checker.
Here is the example how to setup minimal core able to prove
internalization of **MLTT-73** variation (**Path**
instead of **Id** and no inductive types, see base library):

```
module MLTT-Intern where
option HIT false
option CCHM false
option MLTT true
option Path true
option Interval true
option Transport true
import lib/mltt
```

In order to turn HIT into ordinary CiC calculus you may say:

```
module CiC where
option CCHM false
option MLTT true
option HIT true
import lib/list
```

**Declarations**. Language supports following top level declarations:
1) **axiom** (non-computable declaration that breakes normalization);
2) **postulate** (alternative or inverted axiom that can preserve consistency);
3) **definition** (almost any explicit term or type in type theory);
5) **lemma** (helper in big game).
4) **theorem** (something valuable or complex enough).

```
ident : IRREF | IDENT
vars : ident+
lense : LPARENS vars COLON exp1 RPARENS
telescope : lense telescope
params : telescope | []
declarations:
| DEF IDENT params DEFEQ exp1
| DEF IDENT params COLON exp1 DEFEQ exp1
| AXIOM IDENT params COLON exp1
```

Sample declarations. For example, signature **isProp (A : U)** of
type **U** could be defined as normalization-blocking axiom
without proof-term or by providing proof-term as definition.

```
axiom isProp (A : U) : U
def isSet (A : U) : U := Π (a b : A)
(x y : Path A a b), Path (Path A a b) x y
```

In this example **(A : U)**, **(a b : A)** and **(x y : Path A a b)** are
called telescopes. Each telescope consists of a series of lenses or empty.
Each lense provides a set of variables of the same type. Telescope
defines parameters of a declaration. Types in a telescope,
type of a declaration and a proof-terms are a language expressions **exp1**.

**Expressions**. All atomic language expressions are grouped
by four categories:
**exp0** (pair constructions),
**exp1** (non neutral constructions),
**exp2** (path and pi applcations),
**exp3** (neutral constructions).

```
face : LPARENS IDENT IDENT IDENT RPARENS
partial : face+ ARROW exp1
```

```
exp0 :
| exp1 COMMA exp0
| exp1
```

```
exp1:
| LAM telescope COMMA exp1
| PI telescope COMMA exp1
| SIGMA telescope COMMA exp1
| LSQ IRREF ARROW exp1 RSQ
| LSQ separated_list(COMMA, partial) RSQ
| LT vars GT exp1
| exp2 ARROW exp1
| exp2 PROD exp1
| exp2
```

The LR parsers demand to define **exp1** as expressions that
cannot be used (without a parens enclosure) as a right part of
left-associative application for both Path and Pi lambdas.

```
exp2 :
| exp2 exp3
| exp2 APPFORMULA exp3
| exp3
```

Universe indecies **U _{j}** (inner fibrant),

**V**(outer pretypes) and

_{k}**S**(outer strict omega) are using unicode subscript letters that are already processed in lexer.

```
exp3:
| HOLE | PRE
| KAN | exp3 FST
| exp3 SND | NEGATE exp3
| exp3 AND exp3 | exp3 OR exp3
| ID exp3 | REF exp3
| IDJ exp3 | INC exp3
| OUC exp3 | PATHP exp3
| TRANSP exp3 exp3 | HCOMP exp3
| PARTIAL exp3 | IDENT LSQ exp0 MAP exp0 RSQ
| LPARENS exp0 RPARENS | IDENT
| LPARENS exp0 RPARENS LSQ exp0 MAP exp0 RSQ
```

# SEMANTICS

The idea is to have a unified layered type checker, so you can disbale/enable
any **MLTT**-style inference, assign types to universes and enable/disable hierachies.
This will be done by providing linking API for pluggable presheaf modules.
We selected 5 levels of type checker awareness from universes and pure type systems
up to synthetic language of homotopy type theory. Each layer corresponds to its
presheaves with separate configuration for universe hierarchies.

```
inductive lang : U
| UNI: cosmos → lang
| PI: pure lang → lang
| SIGMA: total lang → lang
| ID: uip lang → lang
| PATH: homotopy lang → lang
| GLUE: gluening lang → lang
| HIT: hit lang → lang
```

We want to mention here with homage to its authors all categorical models of dependent type theory: Comprehension Categories (Grothendieck, Jacobs), LCCC (Seely), D-Categories and CwA (Cartmell), CwF (Dybjer), C-Systems (Voevodsky), Natural Models (Awodey). While we can build some transports between them, we leave this excercise for our mathematical components library.

We will use here the Coquand's notation for Presheaf Type Theories in terms of restriction maps.

## Universe Hierarchies

Language supports Agda-style hierarchy of universes: fibrant (U), interval pretypes (V) and strict omega with explicit level manipulation. All universes are bounded with preorder $$ Fibrant_j \prec Pretypes_k \prec Strict_l, $$

in which $j,k,l$ are bounded with equation: $$ j < k < l. $$

Large elimination to upper universes is prohibited. This is extendable to Agda model:

```
inductive cosmos : U
| prop: nat → cosmos
| fibrant: nat → cosmos
| pretypes: nat → cosmos
| strict: nat → cosmos
| omega: cosmos
| lock: cosmos
```

## Dependent Types

**Definition** (Type).
A type is interpreted as a presheaf $A$, a family of sets $A_I$ with restriction maps
$u \mapsto u\ f, A_I \rightarrow A_J$ for $f: J\rightarrow I$. A dependent type
B on A is interpreted by a presheaf on category of elements of $A$: the objects
are pairs $(I,u)$ with $u : A_I$ and morphisms $f: (J,v) \rightarrow (I,u)$ are
maps $f : J \rightarrow$ such that $v = u\ f$. A dependent type B is thus given
by a family of sets $B(I,u)$ and restriction maps $B(I,u) \rightarrow B(J,u\ f)$.

We think of $A$ as a type and $B$ as a family of presheves $B(x)$ varying $x:A$. The operation $\Pi(x:A)B(x)$ generalizes the semantics of implication in a Kripke model.

**Defintion** (Pi). An element $w:[\Pi(x:A)B(x)](I)$ is a family

```
inductive pure (lang: U) : U
| var: name → nat → pure lang
| pi: name → nat → lang → lang → pure lang
| lambda: name → nat → lang → lang → pure lang
| app: lang → lang → pure lang
```

**Defintion** (Sigma). The set $\Sigma(x:A)B(x)$ is the set

```
inductive total (lang: U) : U
| sigma: name → lang → lang → total lang
| pair: lang → lang → total lang
| fst: lang → total lang
| snd: lang → total lang
```

The preseaf configuration with only Pi and Sigma is called **MLTT-72**.

## Path Equality

The fundamental development of equality inside **MLTT**
provers led us to the notion of ∞-groupoid as spaces.
In this way Path identity type appeared in the core
of type checker along with De Morgan algebra on
built-in interval type.

```
inductive homotopy (lang: U) : U
| PathP: lang → lang → lang → homotopy lang
| plam: name → lang → lang → homotopy lang
| papp: lang → lang → homotopy lang
| I: homotopy lang
| zero: homotopy lang
| one: homotopy lang
| meet: lang → lang → homotopy lang
| join: lang → lang → homotopy lang
| neg: lang → homotopy lang
| system: lang → homotopy lang
| Partial: lang → homotopy lang
| transp: lang → lang → homotopy lang
| hcomp: lang → homotopy lang
| Sub: lang → homotopy lang
| inc: lang → homotopy lang
| ouc: lang → homotopy lang
```

**Definition** (Cubical Presheaf $\mathbb{I}$).
The identity types modeled with another presheaf, the presheaf on Lawvere
category of distributive lattices (theory of De Morgan algebras) denoted
with $\Box$ — $\mathbb{I} : \Box^{op} \rightarrow \mathrm{Set}$.

**Properties of $\mathbb{I}$**. The presheaf $\mathbb{I}$:
i) has to distinct global elements $0$ and $1$ (B$_1$);
ii) $\mathbb{I}$(I) has a decidable equality for each $I$ (B$_2$);
iii) $\mathbb{I}$ is tiny so the path functor $X \mapsto X^\mathbb{I}$ has right adjoint (B$_3$).;
iv) $\mathbb{I}$ has meet and join (connections).

**Interval Pretypes**. While having pretypes universe **V** with interval and
associated De Morgan algebra **(∧, ∨, -, 0, 1, I)** is enough to
perform DNF normalization and proving some basic statements about path, including:
contractability of singletons,
homotopy transport, congruence, functional extensionality; it is not enough for
proving β rule for Path type or path composition.

**Generalized Transport**. Generalized transport **transp** adresses
first problem of deriving the computational β rule for Path types:

```
theorem Path-β (A : U) (a : A) (C : D A) (d: C a a (refl A a))
: Equ (C a a (refl A a)) d (J A a C d a (refl A a))
:= λ (A : U), λ (a : A), λ (C : Π (x : A), Π (y : A), PathP (<_> A) x y → U),
λ (d : C a a (<_> a)), <j> transp (<_> C a a (<_> a)) -j d
```

Transport is defined on fibrant types (only) and type checker should cover all the cases.
Note that **transpⁱ (Pathʲ A v w) φ u₀** case is relying on **comp** operation
which depends on **hcomp** primitive.

```
transpⁱ N φ u₀ = u₀
transpⁱ U φ A = A
transpⁱ (Π (x : A), B) φ u₀ v = transpⁱ B(x/w) φ (u₀ w(i/0))
transpⁱ (Σ (x : A), B) φ u₀ = (transpⁱ A φ (u₀.1),transpⁱ B(x/v) φ(u₀.2))
transpⁱ (Pathʲ A v w) φ u₀ = 〈j〉compⁱ A [φ ↦ u₀ j, (j=0) ↦ v, (j=1) ↦ w] (u₀ j)
transpⁱ (Glue [φ ↦ (T,w)] A) ψ u₀ = glue [φ(i/1) ↦ t′₁] a′₁ : B(i/1)
```

```
w = transpFill⁻ⁱ A φ v, v : A(i/1)
v = transpFillⁱ A φ u₀.1
u : A(j/0), v : A(j/1)
transp⁻ⁱ A φ u = (transpⁱ A(i/1−i) φ u)(i/1−i) : A(i/0)
transpFillⁱ A φ u₀ = transpʲ A(i/i∧j) (φ∨(i=0)) u₀ : A
```

**Partial Elements**. In order to explicitly define **hcomp**
we need to specify n-cubes where some faces are missing. Partial
primitives **isOne**, **1=1** and **UIP** on pretypes are
derivable in Anders due to landing strict equality **Id** in **V** universe.
The idea is that **(Partial A r)** is the type of cubes in **A**
that are only defined when **IsOne r** holds. **(Partial A r)**
is a special version of the function space **IsOne r → A**
with a more extensional equality: two of its elements are considered
judgmentally equal if they represent the same subcube of **A**.
They are equal whenever they reduce to equal terms for all the
possible assignment of variables that make **r** equal to **1**.

```
def Partial′ (A : U) (i : I) := Partial A i
def isOne : I -> V := Id I 1
def 1=1 : isOne 1 := ref 1
def UIP (A : V) (a b : A) (p q : Id A a b) : Id (Id A a b) p q := ref p
```

**Cubical Subtypes**. For **(A : U) (i : I) (Partial A i)**
we can define subtype **A [ i ↦ u ]**. A term of this type is a term of
type A that is definitionally equal to u when **(IsOne i)** is satisfied.

```
def sub′ (A : U) (i : I) (u : Partial A i) : V := A [i ↦ u ]
def inc′ (A : U) (i : I) (a : A) : A [i ↦ [(i = 1) → a]] := inc a
def ouc′ (A : U) (i : I) (u : Partial A i) (a : A [i ↦ u]) : A := ouc a
```

We have forth and back fusion rules **ouc (inc v) = v**
and **inc (outc v) = v**. Moreover, **ouc v** will reduce to u 1=1 when i=1.

**Homogeneous Composition**. Homogeneous composition **hcomp** is the answer to second problem:
with **hcomp** and **transp** one can express path composition,
groupoid, category of groupoids (groupoid interpretation and internalization in type theory).
One of the main roles of homogeneous composition is to be a carrier in [higher]
inductive type constructors for calculating of homotopy colimits and
direct encoding of CW-complexes (or internal models as gluening of pushout cells).

```
def comp (A : I → U) (r : I) (u : Π (i : I), Partial (A i) r) (u₀ : (A 0)[r ↦ u 0]) : A 1
:= hcomp (A 1) r (λ (i : I), [(φ : r = 1) → transp (<j> A (i ∨ j)) i (u i φ)])
(inc (transp (<i> A i) 0 (ouc u₀)))
```

The type checker equations for **hcomp** primitive are following:

```
hcompⁱ N [φ ↦ 0] 0 = 0
hcompⁱ N [φ ↦ S u] (S u₀) = S (hcompⁱ N [φ ↦ u] u₀)
hcompⁱ U [φ ↦ E] A = Glue [φ ↦ (E(i/1), equivⁱ E(i/1−i))] A
hcompⁱ (Π (x : A), B) [φ ↦ u] u₀ v = hcompⁱ B(x/v) [φ ↦ u v] (u₀ v)
hcompⁱ (Σ (x : A), B) [φ ↦ u] u₀ = (v(i/1), compⁱ B(x/v) [φ ↦ u.2] u₀.2)
hcompⁱ (Pathʲ A v w) [φ ↦ u] u₀ = 〈j〉 hcompⁱ A [ φ ↦ u j, (j = 0) ↦ v, (j = 1) ↦ w ] (u₀ j)
hcompⁱ (Glue [φ ↦ (T,w)] A) [ψ ↦ u] u₀
= glue [φ ↦ t₁] a₁
= glue [φ ↦ u(i/1)] (unglue u(i/1))
= u(i/1) : Glue [φ ↦ (T,w)] A
```

```
hfillⁱ A [φ ↦ u] u₀ = hcompʲ A [φ ↦ u(i/i∧j), (i=0) ↦ u₀] u₀ : A
v = hfillⁱ A [φ ↦ u.1] u₀.1
t₁ = u(i/1) : T
a₁ = unglue u(i/1) : A
glue [φ ↦ t₁] a1 = t₁ : T
```

## Strict Equality

To avoid conflicts with path equalities which live in fibrant universes strict equalities live in pretypes universes.

```
inductive strict (lang: U) : U
| Id: name → lang → total lang
| ref: lang → lang → total lang
| idJ: lang → lang → lang → total lang
```

You may think of **(Id A a b)** [Coquand] to be the type of pairs $\varphi, \omega$
with $\varphi$ in $\mathbb{F}$ and $\omega$ in **(Path A a b)**
such that $\varphi$ implies $const(\omega)$ where $const(\omega) := \Pi(i:I)[\omega(i)=\omega(0)]$.
The reflexivity proof is then an element in **(Id A a b)**.

We use strict equality in **HTS** for pretypes and partial elements which live in **V**.
The presheaf configuration with Pi, Sigma and Id is called **MLTT-73**.
The presheaf configuration with Pi, Sigma, Id and Path is called **HTS**.

## Glue Types

The main purpose of Glue types is to construct a cube where some faces have been replaced by equivalent types. This is analogous to how hcomp lets us replace some faces of a cube by composing it with other cubes, but for Glue types you can compose with equivalences instead of paths. This implies the univalence principle and it is what lets us transport along paths built out of equivalences.

```
inductive gluening (lang: U) : U
| Glue: lang → lang → lang → gluening lang
| glue: lang → lang → gluening lang
| unglue: lang → lang → gluening lang
```

## Higher Inductive Types

The further development of induction inside **MLTT** provers led
to the theory of polynomial functors and well-founded trees,
known in programming languages as inductive types with **inductive**
and **record** core primitives.

Inductive types could be encoded in PTS/Cedile using non-recursive representation of Bohm-Berarducci schemes or with categorical impredicative encoding by Steve Awodey. We want to have optional infinite impredicative universe in type checker for such experiments in PTS mode.

Anders supports Lean-compatible inductive definition so we can copy-paste terms between Lean and Anders.

```
inductive tele (A: U) : U | emp: tele A | tel: name → A → tele A → tele A
inductive branch (A: U) : U | br: name → branch A | args: list name → A → branch A
inductive label (A: U) : U | lab: name → label A | t: tele A → label A
inductive hit (lang: U)
| form: name → tele lang → list (label lang) → hit lang
| ctor: name → list lang → hit lang
| htor: name → list lang → list lang → lang → hit lang
| case: name → lang → list (branch lang) → hit lang
```

The non-well-founded trees or infinite coinductive trees
are useful for modeling infinite processes and are part
of Milner's Pi-calculus. Coinductive streams could be found in many **MLTT** base libraries.

## ANDERS.PDF |

# Bibliography

## HTS

1) A simple type system with two identity types [Voevodsky]. 2) Two-level type theory and applications [Annenkov, Capriotti, Kraus, Sattler]. 3) Syntax for two-level type theory [Bonacina, Ahrens].

## CCHM

4) Cubical Type Theory: a constructive interpretation of the univalence axiom [Cohen, Coquand, Huber, Mörtberg]; 5) On Higher Inductive Types in Cubical Type Theory [Coquand, Huber, Mörtberg]; 6) Canonicity for Cubical Type Theory [Huber]; 7) Canonicity and homotopy canonicity for cubical type theory [Coquand, Huber, Sattler]; 8) Cubical Synthetic Homotopy Theory [Mörtberg, Pujet]; 9) Unifying Cubical Models of Univalent Type Theory [Cavallo, Mörtberg, Swan]; 10) Cubical Agda: A Dependently Typed PL with Univalence and HITs [Vezzosi, Mörtberg, Abel]; 11) A Cubical Type Theory for Higher Inductive Types [Huber]; 12) Gluing for type theory [Kaposi, Huber, Sattler]. 13) Cubical Methods in HoTT/UF [Mörtberg].

## MLTT

14) An intuitionistic theory of types [Martin-Löf]; 15) An intuitionistic theory of types: predicative part. [Martin-Löf]; 16) Programming in Martin-Löf’s Type Theory [Nordström, Petersson, Smith]; 17) A simple type-theoretic language: Mini-TT [Coquand, Kinoshita, Nordström, Takeyama];