Theory Term_Abstraction

(*  Title:      Term_Abstraction.thy
    Author:     Andreas Viktor Hess, DTU
    Author:     Sebastian A. Mödersheim, DTU
    Author:     Achim D. Brucker, University of Exeter
    Author:     Anders Schlichtkrull, DTU
    SPDX-License-Identifier: BSD-3-Clause
*)

section‹Term Abstraction›
theory Term_Abstraction
  imports Transactions
begin

subsection ‹Definitions›
fun to_abs (‹α⇩₀›) where
  "α⇩₀ [] _ = {}"
| "α⇩₀ ((Fun (Val m) [],Fun (Set s) S)#D) n =
    (if m = n then insert s (α⇩₀ D n) else α⇩₀ D n)"
| "α⇩₀ (_#D) n = α⇩₀ D n"

fun abs_apply_term (infixl ‹⋅⇩_α› 67) where
  "Var x ⋅⇩_α α = Var x"
| "Fun (Val n) T ⋅⇩_α α = Fun (Abs (α n)) (map (λt. t ⋅⇩_α α) T)"
| "Fun f T ⋅⇩_α α = Fun f (map (λt. t ⋅⇩_α α) T)"

definition abs_apply_list (infixl ‹⋅⇩_α⇩_l⇩_i⇩_s⇩_t› 67) where
  "M ⋅⇩_α⇩_l⇩_i⇩_s⇩_t α ≡ map (λt. t ⋅⇩_α α) M"

definition abs_apply_terms (infixl ‹⋅⇩_α⇩_s⇩_e⇩_t› 67) where
  "M ⋅⇩_α⇩_s⇩_e⇩_t α ≡ (λt. t ⋅⇩_α α) ` M"

definition abs_apply_pairs (infixl ‹⋅⇩_α⇩_p⇩_a⇩_i⇩_r⇩_s› 67) where
  "F ⋅⇩_α⇩_p⇩_a⇩_i⇩_r⇩_s α ≡ map (λ(s,t). (s ⋅⇩_α α, t ⋅⇩_α α)) F"

definition abs_apply_strand_step (infixl ‹⋅⇩_α⇩_s⇩_t⇩_p› 67) where
  "s ⋅⇩_α⇩_s⇩_t⇩_p α ≡ (case s of
    (l,send⟨ts⟩) ⇒ (l,send⟨ts ⋅⇩_α⇩_l⇩_i⇩_s⇩_t α⟩)
  | (l,receive⟨ts⟩) ⇒ (l,receive⟨ts ⋅⇩_α⇩_l⇩_i⇩_s⇩_t α⟩)
  | (l,⟨ac: t ≐ t'⟩) ⇒ (l,⟨ac: (t ⋅⇩_α α) ≐ (t' ⋅⇩_α α)⟩)
  | (l,insert⟨t,t'⟩) ⇒ (l,insert⟨t ⋅⇩_α α,t' ⋅⇩_α α⟩)
  | (l,delete⟨t,t'⟩) ⇒ (l,delete⟨t ⋅⇩_α α,t' ⋅⇩_α α⟩)
  | (l,⟨ac: t ∈ t'⟩) ⇒ (l,⟨ac: (t ⋅⇩_α α) ∈ (t' ⋅⇩_α α)⟩)
  | (l,∀X⟨∨≠: F ∨∉: F'⟩) ⇒ (l,∀X⟨∨≠: (F ⋅⇩_α⇩_p⇩_a⇩_i⇩_r⇩_s α) ∨∉: (F' ⋅⇩_α⇩_p⇩_a⇩_i⇩_r⇩_s α)⟩))"

definition abs_apply_strand (infixl ‹⋅⇩_α⇩_s⇩_t› 67) where
  "S ⋅⇩_α⇩_s⇩_t α ≡ map (λx. x ⋅⇩_α⇩_s⇩_t⇩_p α) S"


subsection ‹Lemmata›
lemma to_abs_alt_def:
  "α⇩₀ D n = {s. ∃S. (Fun (Val n) [], Fun (Set s) S) ∈ set D}"
by (induct D n rule: to_abs.induct) auto

lemma abs_term_apply_const[simp]:
  "is_Val f ⟹ Fun f [] ⋅⇩_α a = Fun (Abs (a (the_Val f))) []"
  "¬is_Val f ⟹ Fun f [] ⋅⇩_α a = Fun f []"
by (cases f; auto)+

lemma abs_fv: "fv (t ⋅⇩_α a) = fv t"
by (induct t a rule: abs_apply_term.induct) auto

lemma abs_eq_if_no_Val:
  assumes "∀f ∈ funs_term t. ¬is_Val f"
  shows "t ⋅⇩_α a = t ⋅⇩_α b"
using assms
proof (induction t)
  case (Fun f T) thus ?case by (cases f) simp_all
qed simp

lemma abs_list_set_is_set_abs_set: "set (M ⋅⇩_α⇩_l⇩_i⇩_s⇩_t α) = (set M) ⋅⇩_α⇩_s⇩_e⇩_t α"
unfolding abs_apply_list_def abs_apply_terms_def by simp

lemma abs_set_empty[simp]: "{} ⋅⇩_α⇩_s⇩_e⇩_t α = {}"
unfolding abs_apply_terms_def by simp

lemma abs_in:
  assumes "t ∈ M"
  shows "t ⋅⇩_α α ∈ M ⋅⇩_α⇩_s⇩_e⇩_t α"
using assms unfolding abs_apply_terms_def
by (induct t α rule: abs_apply_term.induct) blast+

lemma abs_set_union: "(A ∪ B) ⋅⇩_α⇩_s⇩_e⇩_t a = (A ⋅⇩_α⇩_s⇩_e⇩_t a) ∪ (B ⋅⇩_α⇩_s⇩_e⇩_t a)"
unfolding abs_apply_terms_def
by auto

lemma abs_subterms: "subterms (t ⋅⇩_α α) = subterms t ⋅⇩_α⇩_s⇩_e⇩_t α"
proof (induction t)
  case (Fun f T) thus ?case by (cases f) (auto simp add: abs_apply_terms_def)
qed (simp add: abs_apply_terms_def)

lemma abs_subterms_in: "s ∈ subterms t ⟹ s ⋅⇩_α a ∈ subterms (t ⋅⇩_α a)"
proof (induction t)
  case (Fun f T) thus ?case by (cases f) auto
qed simp

lemma abs_ik_append: "(ik⇩_s⇩_s⇩_t (A@B) ⋅⇩_s⇩_e⇩_t I) ⋅⇩_α⇩_s⇩_e⇩_t a = (ik⇩_s⇩_s⇩_t A ⋅⇩_s⇩_e⇩_t I) ⋅⇩_α⇩_s⇩_e⇩_t a ∪ (ik⇩_s⇩_s⇩_t B ⋅⇩_s⇩_e⇩_t I) ⋅⇩_α⇩_s⇩_e⇩_t a"
unfolding abs_apply_terms_def ik⇩_s⇩_s⇩_t_def
by fastforce

lemma to_abs_in:
  assumes "(Fun (Val n) [], Fun (Set s) []) ∈ set D"
  shows "s ∈ α⇩₀ D n"
using assms by (induct rule: to_abs.induct) auto

lemma to_abs_empty_iff_notin_db:
  "Fun (Val n) [] ⋅⇩_α α⇩₀ D = Fun (Abs {}) [] ⟷ (∄s S. (Fun (Val n) [], Fun (Set s) S) ∈ set D)"
by (simp add: to_abs_alt_def)

lemma to_abs_list_insert:
  assumes "Fun (Val n) [] ≠ t"
  shows "α⇩₀ D n = α⇩₀ (List.insert (t,s) D) n"
using assms to_abs_alt_def[of D n] to_abs_alt_def[of "List.insert (t,s) D" n]
by auto

lemma to_abs_list_insert':
  "insert s (α⇩₀ D n) = α⇩₀ (List.insert (Fun (Val n) [], Fun (Set s) S) D) n"
using to_abs_alt_def[of D n]
      to_abs_alt_def[of "List.insert (Fun (Val n) [], Fun (Set s) S) D" n]
by auto

lemma to_abs_list_remove_all:
  assumes "Fun (Val n) [] ≠ t"
  shows "α⇩₀ D n = α⇩₀ (List.removeAll (t,s) D) n"
using assms to_abs_alt_def[of D n] to_abs_alt_def[of "List.removeAll (t,s) D" n]
by auto

lemma to_abs_list_remove_all':
  "α⇩₀ D n - {s} = α⇩₀ (filter (λd. ∄S. d = (Fun (Val n) [], Fun (Set s) S)) D) n"
using to_abs_alt_def[of D n]
      to_abs_alt_def[of "filter (λd. ∄S. d = (Fun (Val n) [], Fun (Set s) S)) D" n]
by auto

lemma to_abs_db⇩_s⇩_s⇩_t_append:
  assumes "∀u s. insert⟨u, s⟩ ∈ set B ⟶ Fun (Val n) [] ≠ u ⋅ ℐ"
    and "∀u s. delete⟨u, s⟩ ∈ set B ⟶ Fun (Val n) [] ≠ u ⋅ ℐ"
  shows "α⇩₀ (db'⇩_s⇩_s⇩_t A ℐ D) n = α⇩₀ (db'⇩_s⇩_s⇩_t (A@B) ℐ D) n"
using assms
proof (induction B rule: List.rev_induct)
  case (snoc b B)
  hence IH: "α⇩₀ (db'⇩_s⇩_s⇩_t A ℐ D) n = α⇩₀ (db'⇩_s⇩_s⇩_t (A@B) ℐ D) n" by auto
  have *: "∀u s. b = insert⟨u,s⟩ ⟶ Fun (Val n) [] ≠ u ⋅ ℐ"
          "∀u s. b = delete⟨u,s⟩ ⟶ Fun (Val n) [] ≠ u ⋅ ℐ"
    using snoc.prems by simp_all
  show ?case
  proof (cases b)
    case (Insert u s)
    hence **: "db'⇩_s⇩_s⇩_t (A@B@[b]) ℐ D = List.insert (u ⋅ ℐ,s ⋅ ℐ) (db'⇩_s⇩_s⇩_t (A@B) ℐ D)"
      using db⇩_s⇩_s⇩_t_append[of "A@B" "[b]"] by simp
    have "Fun (Val n) [] ≠ u ⋅ ℐ" using *(1) Insert by auto
    thus ?thesis using IH ** to_abs_list_insert by metis
  next
    case (Delete u s)
    hence **: "db'⇩_s⇩_s⇩_t (A@B@[b]) ℐ D = List.removeAll (u ⋅ ℐ,s ⋅ ℐ) (db'⇩_s⇩_s⇩_t (A@B) ℐ D)"
      using db⇩_s⇩_s⇩_t_append[of "A@B" "[b]"] by simp
    have "Fun (Val n) [] ≠ u ⋅ ℐ" using *(2) Delete by auto
    thus ?thesis using IH ** to_abs_list_remove_all by metis
  qed (simp_all add: db⇩_s⇩_s⇩_t_no_upd_append[of "[b]" "A@B"] IH)
qed simp

lemma to_abs_neq_imp_db_update:
  assumes "α⇩₀ (db⇩_s⇩_s⇩_t A I) n ≠ α⇩₀ (db⇩_s⇩_s⇩_t (A@B) I) n"
  shows "∃u s. u ⋅ I = Fun (Val n) [] ∧ (insert⟨u,s⟩ ∈ set B ∨ delete⟨u,s⟩ ∈ set B)"
proof -
  { fix D have ?thesis when "α⇩₀ D n ≠ α⇩₀ (db'⇩_s⇩_s⇩_t B I D) n" using that
    proof (induction B I D rule: db'⇩_s⇩_s⇩_t.induct)
      case 2 thus ?case
        by (metis db'⇩_s⇩_s⇩_t.simps(2) list.set_intros(1,2) subst_apply_pair_pair to_abs_list_insert)
    next
      case 3 thus ?case
        by (metis db'⇩_s⇩_s⇩_t.simps(3) list.set_intros(1,2) subst_apply_pair_pair to_abs_list_remove_all)
    qed simp_all
  } thus ?thesis using assms by (metis db⇩_s⇩_s⇩_t_append db⇩_s⇩_s⇩_t_def)
qed

lemma abs_term_subst_eq:
  fixes δ θ::"(('a,'b,'c,'d) prot_fun, ('e,'f prot_atom) term × nat) subst"
  assumes "∀x ∈ fv t. δ x ⋅⇩_α a = θ x ⋅⇩_α b"
    and "∄n T. Fun (Val n) T ∈ subterms t"
  shows "t ⋅ δ ⋅⇩_α a = t ⋅ θ ⋅⇩_α b"
using assms
proof (induction t)
  case (Fun f T) thus ?case
  proof (cases f)
    case (Val n)
    hence False using Fun.prems(2) by blast
    thus ?thesis by metis
  qed auto
qed simp

lemma abs_term_subst_eq':
  fixes δ θ::"(('a,'b,'c,'d) prot_fun, ('e,'f prot_atom) term × nat) subst"
  assumes "∀x ∈ fv t. δ x ⋅⇩_α a = θ x"
    and "∄n T. Fun (Val n) T ∈ subterms t"
  shows "t ⋅ δ ⋅⇩_α a = t ⋅ θ"
using assms
proof (induction t)
  case (Fun f T) thus ?case
  proof (cases f)
    case (Val n)
    hence False using Fun.prems(2) by blast
    thus ?thesis by metis
  qed auto
qed simp

lemma abs_val_in_funs_term:
  assumes "f ∈ funs_term t" "is_Val f"
  shows "Abs (α (the_Val f)) ∈ funs_term (t ⋅⇩_α α)"
using assms by (induct t α rule: abs_apply_term.induct) auto

end