# Theory C_Algebras

(*
Title: Binary Multirelations
Author: Hitoshi Furusawa, Georg Struth
Maintainer: <g.struth at sheffield.ac.uk>
*)

section ‹C-Algebras›

theory C_Algebras
imports Kleene_Algebra.Dioid
begin

no_notation
times (infixl "⋅" 70)

subsection ‹C-Monoids›

text ‹We start with the c-monoid axioms. These can be found in Section~4 of~\<^cite>‹"FurusawaS15a"›.›

class proto_monoid =
fixes s_id :: "'a" ("1⇩σ")
and s_prod :: "'a ⇒ 'a ⇒ 'a"  (infixl "⋅" 80)
assumes s_prod_idl [simp]: "1⇩σ ⋅ x = x"
and  s_prod_idr [simp]: "x ⋅ 1⇩σ  = x"

class proto_bi_monoid = proto_monoid +
fixes c_id :: "'a" ("1⇩π")
and c_prod :: "'a ⇒ 'a ⇒ 'a"  (infixl "∥" 80)
assumes c_prod_idl [simp]: "1⇩π ∥ x = x"
and c_prod_assoc: "(x ∥ y) ∥ z = x ∥ (y ∥ z)"
and c_prod_comm: "x ∥ y = y ∥ x"

class c_monoid = proto_bi_monoid +
assumes c1 [simp]: "(x ⋅ 1⇩π) ∥ x = x"
and c2 [simp]: "((x ⋅ 1⇩π) ∥ 1⇩σ) ⋅ y = (x ⋅ 1⇩π) ∥ y"
and c3: "(x ∥ y) ⋅ 1⇩π = (x ⋅ 1⇩π) ∥ (y ⋅ 1⇩π)"
and c4: "(x ⋅ y) ⋅ 1⇩π = x ⋅ (y ⋅ 1⇩π)"
and c5 [simp]: "1⇩σ ∥ 1⇩σ = 1⇩σ"

begin

text ‹Next we define domain explicitly as at the beginning of Section 4 in~\<^cite>‹"FurusawaS15a"›
and start proving the algebraic facts from Section 4. Those involving concrete multirelations, such as Proposition 4.1,
are considered in the theory file for multirelations.›

definition (in c_monoid) d :: "'a ⇒ 'a" where
"d x = (x ⋅ 1⇩π) ∥ 1⇩σ"

lemma c_prod_idr [simp]: "x ∥ 1⇩π = x"

text ‹We prove the retraction properties of Lemma 4.2.›

lemma c_idem [simp]: "1⇩π ⋅ 1⇩π = 1⇩π"
by (metis c_prod_idr local.c1)

lemma d_idem [simp]: "d (d x) = d x"

lemma p_id_idem: "(x ⋅ 1⇩π) ⋅ 1⇩π = x ⋅ 1⇩π"

text ‹Lemma 4.3.›

lemma c2_d: "d x ⋅ y = (x ⋅ 1⇩π) ∥ y"

lemma cd_2_var: "d (x ⋅ 1⇩π) ⋅ y = (x ⋅ 1⇩π) ∥ y"

lemma dc_prop1 [simp]: "d x ⋅ 1⇩π = x ⋅ 1⇩π"

lemma dc_prop2 [simp]: "d (x ⋅ 1⇩π) = d x"

lemma ds_prop [simp]: "d x ∥ 1⇩σ = d x"

lemma dc [simp]: "d 1⇩π = 1⇩σ"

text ‹Part (5) of this Lemma has already been verified above. The next two statements
verify the two algebraic properties mentioned in the proof of Proposition 4.4.›

lemma dc_iso [simp]: "d (d x ⋅ 1⇩π) = d x"
by simp

lemma cd_iso [simp]: "d (x ⋅ 1⇩π) ⋅ 1⇩π = x ⋅ 1⇩π"
by simp

text ‹Proposition 4.5.›

lemma d_conc6: "d (x ∥ y) = d x ∥ d y"
proof -
have "d (x ∥ y) = ((x ∥ y) ⋅ 1⇩π) ∥ 1⇩σ"
also have "... = (x ⋅ 1⇩π) ∥ (y ⋅ 1⇩π) ∥ 1⇩σ"
finally show ?thesis
by (metis ds_prop local.c_prod_assoc local.c_prod_comm local.d_def)
qed

lemma d_conc_s_prod_ax: "d x ∥ d y = d x ⋅ d y"
proof -
have "d x ∥ d y = (x ⋅ 1⇩π) ∥ 1⇩σ ∥ d y"
using local.d_def by presburger
also have "... = (x ⋅ 1⇩π) ∥ d y"
using d_conc6 local.c3 local.c_prod_assoc local.d_def by auto
also have "... = ((x ⋅ 1⇩π) ∥ 1⇩σ) ⋅ d y"
by simp
finally show ?thesis
using local.d_def by auto
qed

lemma d_rest_ax [simp]: "d x ⋅ x = x"

lemma d_loc_ax [simp]: "d (x ⋅ d y) = d (x ⋅ y)"
proof -
have "d (x ⋅ d y) = (x ⋅ d y ⋅ 1⇩π) ∥ 1⇩σ"
also have "... = (x ⋅ y ⋅ 1⇩π) ∥ 1⇩σ"
finally show ?thesis
qed

lemma d_exp_ax [simp]: "d (d x ⋅ y) = d x ⋅ d y"
proof -
have "d (d x ⋅ y) = d (d x ⋅ d y)"
also have "... = d (d (x ∥ y))"
also have "... = d (x ∥ y)"
by simp
finally show ?thesis
qed

lemma d_comm_ax: "d x ⋅ d y = d y ⋅ d x"
proof -
have "(d x) ⋅ (d y) = d (x ∥ y)"
also have "... = d (y ∥ x)"
using local.c_prod_comm by auto
finally show ?thesis
qed

lemma d_s_id_prop [simp]: "d 1⇩σ = 1⇩σ"
using local.d_def by auto

text ‹Next we verify the conditions of Proposition 4.6.›

lemma d_s_prod_closed [simp]: "d (d x ⋅ d y) = d x ⋅ d y"
by simp

lemma d_p_prod_closed [simp]: "d (d x ∥ d y) = d x ∥ d y"
using c2_d d_conc6 by auto

lemma d_idem2 [simp]: "d x ⋅ d x = d x"
by (metis d_exp_ax d_rest_ax)

lemma d_assoc: "(d x ⋅ d y) ⋅ d z = d x ⋅ (d y ⋅ d z)"
proof -
have "⋀x y. d x ⋅ d y = d (x ∥ y)"
thus ?thesis
qed

lemma iso_1 [simp]: "(d x ⋅ 1⇩π) ∥ 1⇩σ = d x"

text ‹Lemma 4.7.›

lemma x_c_par_idem [simp]: "(x ⋅ 1⇩π) ∥ (x ⋅ 1⇩π) = x ⋅ 1⇩π"
proof -
have "(x ⋅ 1⇩π) ∥ (x ⋅ 1⇩π) = d x ⋅ (x ⋅ 1⇩π)"
using c2_d by auto
also have "... = d (x ⋅ 1⇩π) ⋅ (x ⋅ 1⇩π)"
by simp
finally show ?thesis
using d_rest_ax by presburger
qed

lemma d_idem_par [simp]: "d x ∥ d x = d x "

lemma d_inter_r: "d x ⋅ (y ∥ z) = (d x ⋅ y) ∥ (d x ⋅ z)"
proof -
have "(d x) ⋅ (y ∥ z) = (x ⋅ 1⇩π) ∥ y ∥ z"
using c2_d local.c_prod_assoc by auto
also have "... = (x ⋅ 1⇩π) ∥ y ∥ (x ⋅ 1⇩π) ∥ z"
using local.c_prod_assoc local.c_prod_comm by force
finally show ?thesis
qed

text ‹Now we provide the counterexamples of Lemma 4.8.›

lemma "(x ∥ y) ⋅ d z = (x ⋅ d z) ∥ (y ⋅ d z)"
nitpick
oops

lemma "(x ⋅ y) ⋅ d z = x ⋅ (y ⋅ d z)"
nitpick
oops

lemma "1⇩π ⋅ x = 1⇩π"
nitpick
oops

end

subsection ‹C-Trioids›

text ‹We can now define the class of c-trioids and prove properties in this class. This covers
the algebraic material of Section 5 in~\<^cite>‹"FurusawaS15a"›.›

class proto_dioid = join_semilattice_zero + proto_monoid +
assumes  s_prod_distr: "(x + y) ⋅ z = x ⋅ z + y ⋅ z"
and  s_prod_subdistl: "x ⋅ y + x ⋅ z ≤ x ⋅ (y + z)"
and  s_prod_annil [simp]: "0 ⋅ x = 0"

begin

lemma s_prod_isol: "x ≤ y ⟹ z ⋅ x ≤ z ⋅ y"
by (metis join.sup.boundedE order_prop s_prod_subdistl)

lemma s_prod_isor: "x ≤ y ⟹ x ⋅ z ≤ y ⋅ z"
using local.order_prop local.s_prod_distr by auto

end

class proto_trioid = proto_dioid + proto_bi_monoid +
assumes  p_prod_distl: "x ∥ (y + z) = x ∥ y + x ∥ z"
and  p_rpd_annir [simp]: "x ∥ 0 = 0"

sublocale proto_trioid ⊆ ab_semigroup_mult c_prod
proof
fix x y z
show  "x ∥ y ∥ z = x ∥ (y ∥ z)"
by (rule c_prod_assoc)
show "x ∥ y = y ∥ x"
by (rule c_prod_comm)
qed

sublocale proto_trioid ⊆ dioid_one_zero "(+)" "(∥)" "1⇩π" 0 "(≤)" "(<)"
proof
fix x y z
show "(x + y) ∥ z = x ∥ z + y ∥ z"
show "1⇩π ∥ x = x"
using local.c_prod_idl by blast
show "x ∥ 1⇩π = x"
show "0 + x = x"
show "0 ∥ x = 0"
show "x ∥ 0 = 0"
by (rule p_rpd_annir)
show "x + x = x"
show "x ∥ (y + z) = x ∥ y + x ∥ z"
by (rule p_prod_distl)
qed

class c_trioid = proto_trioid + c_monoid +
assumes  c6: "x ⋅ 1⇩π ≤ 1⇩π"

begin

text ‹We show that every c-trioid is a c-monoid.›

subclass c_monoid ..

subclass proto_trioid ..

lemma "1⇩π ⋅ 0 = 1⇩π"
nitpick
oops

lemma zero_p_id_prop [simp]: "(x ⋅ 0) ⋅ 1⇩π = x ⋅ 0"

text ‹The following facts prove and refute properties related to sequential and parallel subidentities.›

lemma d_subid: "d x = x ⟹ x ≤ 1⇩σ"
by (metis local.c6 local.c_idem local.d_def local.dc local.mult_isor)

lemma "x ≤ 1⇩σ ⟹ d x = x"
nitpick
oops

lemma p_id_term: "x ⋅ 1⇩π = x ⟹ x ≤ 1⇩π"
by (metis local.c6)

lemma "x ≤ 1⇩π ⟹ x ⋅ 1⇩π = x"
nitpick
oops

text ‹Proposition 5.1. is covered by the theory file on multirelations.
We verify the remaining conditions in Proposition 5.2.›

lemma dlp_ax: "x ≤ d x ⋅ x"
by simp

lemma d_add_ax: "d (x + y) = d x + d y"
proof -
have "d (x + y) = ((x + y) ⋅ 1⇩π) ∥ 1⇩σ"
using local.d_def by blast
also have "... = (x ⋅ 1⇩π) ∥ 1⇩σ + (y ⋅ 1⇩π) ∥ 1⇩σ"
finally show ?thesis
qed

lemma d_sub_id_ax: "d x ≤ 1⇩σ"
proof -
have "d x = (x ⋅ 1⇩π) ∥ 1⇩σ"
also have "... ≤ 1⇩π ∥ 1⇩σ"
using local.c6 local.mult_isor by blast
finally show ?thesis
by simp
qed

lemma d_zero_ax [simp]: "d 0 = 0"

text‹We verify the algebraic conditions in Proposition 5.3.›

lemma d_absorb1 [simp]: "d x + (d x ⋅ d y) = d x"
proof (rule order.antisym)
have "d x + (d x ⋅ d y) ≤ d x + (d x ⋅ 1⇩σ)"
by (metis d_sub_id_ax c2_d d_def join.sup.bounded_iff join.sup.semilattice_axioms join.sup_ge1 s_prod_isol semilattice.idem)
thus "d x + (d x ⋅ d y) ≤ d x"
by simp
show "d x ≤ d x + ((d x) ⋅ (d y))"
using join.sup_ge1 by blast
qed

lemma d_absorb2 [simp]: "d x ⋅ (d x + d y) = d x"
proof -
have "x ⋅ 1⇩π ∥ d x = d x"
by (metis local.c1 local.dc_prop1)
thus ?thesis
by (metis d_absorb1 local.c2_d local.p_prod_distl)
qed

lemma d_dist1: "d x ⋅ (d y + d z) = d x ⋅ d y + d x ⋅ d z"

lemma d_dist2: "d x + (d y ⋅ d z) = (d x + d y) ⋅ (d x + d z)"
proof -
have "(d x + d y) ⋅ (d x + d z) = d x ⋅ d x + d x ⋅ d z + d y ⋅ d x + d y ⋅ d z"
using add_assoc d_dist1 local.s_prod_distr by force
also have "... = d x + d x ⋅ d z + d x ⋅ d y + d y ⋅ d z"
using local.d_comm_ax by auto
finally show ?thesis
by simp
qed

lemma d_add_prod_closed [simp]: "d (d x + d y) = d x + d y"

text ‹The following properties are not covered in the article.›

lemma x_zero_prop: "(x ⋅ 0) ∥ y = d (x ⋅ 0) ⋅ y"

lemma cda_add_ax: "d ((x + y) ⋅ z) = d (x ⋅ z) + d (y ⋅ z)"

lemma d_x_zero: "d (x ⋅ 0) = (x ⋅ 0) ∥ 1⇩σ"

text ‹Lemma 5.4 is verified below because its proofs are simplified by using facts from the next subsection.›

subsection ‹Results for Concurrent Dynamic Algebra›

text ‹The following proofs and refutation are related to Section 6 in~\<^cite>‹"FurusawaS15a"›.
We do not consider those involving Kleene algebras in this section. We also do not introduce specific
notation for diamond operators.›

text ‹First we prove Lemma 6.1. Part (1) and (3) have already been verified above. Part (2) and (4) require
additional assumptions which are present in the context of concurrent dynamic algebra~\<^cite>‹"FurusawaS15b"›. We
also present the counterexamples from Lemma 6.3.›

lemma "(x ⋅ y) ⋅ d z = x ⋅ (y ⋅ d z)"
nitpick
oops

lemma "d((x ⋅ y) ⋅ z) = d (x ⋅ d (y ⋅ z))"
nitpick
oops

lemma  cda_ax1: "(x ⋅ y) ⋅ d z = x ⋅ (y ⋅ d z) ⟹ d((x ⋅ y) ⋅ z) = d (x ⋅ d (y ⋅ z))"
by (metis local.d_loc_ax)

lemma d_inter: "(x ∥ y) ⋅ d z = (x ⋅ d z) ∥ (y ⋅ d z)"
nitpick
oops

lemma "d ((x ∥ y) ⋅ z) = d (x ⋅ z) ⋅ d (y ⋅ z)"
nitpick
oops

lemma cda_ax2:
assumes "(x ∥ y) ⋅ d z = (x ⋅ d z) ∥ (y ⋅ d z)"
shows "d ((x ∥ y) ⋅ z) = d (x ⋅ z) ⋅ d (y ⋅ z)"
by (metis assms local.d_conc6 local.d_conc_s_prod_ax local.d_loc_ax)

text ‹Next we present some results that do not feature in the article.›

lemma "(x ⋅ y) ⋅ 0 = x ⋅ (y ⋅ 0)"
nitpick
oops

lemma d_x_zero_prop [simp]: "d (x ⋅ 0) ⋅ 1⇩π = x ⋅ 0"
by simp

lemma "x ≤ 1⇩σ ∧ y ≤ 1⇩σ ⟶ x ⋅ y = x ∥ y"
nitpick
oops

lemma "x ⋅ (y ∥ z) ≤ (x ⋅ y) ∥ (x ⋅ z)"
nitpick
oops

lemma "x ≤ x ∥ x"
nitpick
oops

text ‹Lemma 5.4›

lemma d_lb1: "d x ⋅ d y ≤ d x"

lemma d_lb2: "d x ⋅ d y ≤ d y"
using d_lb1 local.d_comm_ax by fastforce

lemma d_glb: "d z ≤ d x ∧ d z ≤ d y ⟹ d z ≤ d x ⋅ d y"

lemma d_glb_iff: "d z ≤ d x ∧ d z ≤ d y ⟷ d z ≤ d x ⋅ d y"
using d_glb d_lb1 d_lb2 local.order_trans by blast

lemma x_zero_le_c: "x ⋅ 0 ≤ 1⇩π"

lemma p_subid_lb1: "(x ⋅ 0) ∥ (y ⋅ 0) ≤ x ⋅ 0"
using local.mult_isol x_zero_le_c by fastforce

lemma p_subid_lb2: "(x ⋅ 0) ∥ (y ⋅ 0) ≤ y ⋅ 0"
using local.mult_commute p_subid_lb1 by fastforce

lemma p_subid_idem [simp]: "(x ⋅ 0) ∥ (x ⋅ 0) = x ⋅ 0"
by (metis local.c1 zero_p_id_prop)

lemma p_subid_glb: "z ⋅ 0 ≤ x ⋅ 0 ∧ z ⋅ 0 ≤ y ⋅ 0 ⟹ z ⋅ 0 ≤ (x ⋅ 0) ∥ (y ⋅ 0)"
using local.mult_isol_var by force

lemma p_subid_glb_iff: "z ⋅ 0 ≤ x ⋅ 0 ∧ z ⋅ 0 ≤ y ⋅ 0 ⟷ z ⋅ 0 ≤ (x ⋅ 0) ∥ (y ⋅ 0)"
using local.order_trans p_subid_glb p_subid_lb1 p_subid_lb2 by blast

lemma x_c_glb: "z ⋅ 1⇩π ≤ x ⋅ 1⇩π ∧ z ⋅ 1⇩π ≤ y ⋅ 1⇩π ⟹ z ⋅ 1⇩π ≤ (x ⋅ 1⇩π) ∥ (y ⋅ 1⇩π)"
using local.mult_isol_var by force

lemma x_c_lb1: "(x ⋅ 1⇩π) ∥ (y ⋅ 1⇩π) ≤ x ⋅ 1⇩π"
using local.c6 local.mult_isol_var by force

lemma x_c_lb2: "(x ⋅ 1⇩π) ∥ (y ⋅ 1⇩π) ≤ y ⋅ 1⇩π"
using local.mult_commute x_c_lb1 by fastforce

lemma x_c_glb_iff: "z ⋅ 1⇩π ≤ x ⋅ 1⇩π ∧ z ⋅ 1⇩π ≤ y ⋅ 1⇩π ⟷ z ⋅ 1⇩π ≤ (x ⋅ 1⇩π) ∥ (y ⋅ 1⇩π)"
by (meson local.order.trans x_c_glb x_c_lb1 x_c_lb2)

end

subsection ‹C-Lattices›

text ‹We can now define c-lattices and prove the results from Section 7 in~\<^cite>‹"FurusawaS15a"›.›

class pbl_monoid = proto_trioid +
fixes U :: 'a
fixes meet :: "'a ⇒ 'a ⇒ 'a" (infixl "⊓" 70)
assumes U_def: "x ≤ U"
and meet_assoc: "(x ⊓ y) ⊓ z = x ⊓ (y ⊓ z)"
and meet_comm: "x ⊓ y = y ⊓ x"
and meet_idem [simp]: "x ⊓ x = x"
and absorp1: "x ⊓ (x + y) = x"
and absorp2: "x + (x ⊓ y) = x"

begin

sublocale lattice "(⊓)" "(≤)" "(<)" "(+)"
proof
show a: "⋀x y. x ⊓ y ≤ x"
show b: " ⋀x y. x ⊓ y ≤ y"
using a local.meet_comm by fastforce
show " ⋀x y z. x ≤ y ⟹ x ≤ z ⟹ x ≤ y ⊓ z"
by (metis b local.absorp1 local.less_eq_def local.meet_assoc)
qed

lemma meet_glb: "z ≤ x ∧ z ≤ y ⟹ z ≤ x ⊓ y"
by simp

lemma meet_prop:  "z ≤ x ∧ z ≤ y ⟷ z ≤ x ⊓ y"
by simp

end

class pbdl_monoid = pbl_monoid +
assumes lat_dist1: "x + (y ⊓ z) = (x + y) ⊓ (x + z)"

begin

lemma lat_dist2: "(x ⊓ y) + z = (x + z) ⊓ (y + z)"

lemma lat_dist3: "x ⊓ (y + z) = (x ⊓ y) + (x ⊓ z)"
proof -
have "⋀x y z. x ⊓ ((x + y) ⊓ z) = x ⊓ z"
by (metis local.absorp1 local.meet_assoc)
thus ?thesis
using lat_dist2 local.absorp2 add_commute by force
qed

lemma lat_dist4: "(x + y) ⊓ z = (x ⊓ z) + (y ⊓ z)"
using lat_dist3 local.meet_comm by auto

lemma d_equiv_prop: "(∀z. z + x = z + y ∧ z ⊓ x = z ⊓ y) ⟹ x = y"

end

text ‹The symbol $\overline{1}_\pi$ from~\<^cite>‹"FurusawaS15a"› is written nc in this theory file.›

class c_lattice =  pbdl_monoid +
fixes nc :: "'a"
assumes cl1 [simp]: "x ⋅ 1⇩π + x ⋅ nc = x ⋅ U"
and  cl2 [simp]: "1⇩π ⊓ (x + nc) = x ⋅ 0"
and cl3: "x ⋅ (y ∥ z) ≤ (x ⋅ y) ∥ (x ⋅ z)"
and cl4: "z ∥ z ≤ z ⟹ (x ∥ y) ⋅ z = (x ⋅ z) ∥ (y ⋅ z)"
and cl5: "x ⋅ (y ⋅ (z ⋅ 0)) = (x ⋅ y) ⋅ (z ⋅ 0)"
and cl6 [simp]: "(x ⋅ 0) ⋅ z = x ⋅ 0"
and cl7 [simp]: "1⇩σ ∥ 1⇩σ = 1⇩σ"
and cl8 [simp]: "((x ⋅ 1⇩π) ∥ 1⇩σ) ⋅ y = (x ⋅ 1⇩π) ∥ y"
and cl9 [simp]: "((x ⊓ 1⇩σ) ⋅ 1⇩π) ∥ 1⇩σ = x ⊓ 1⇩σ"
and cl10:  "((x ⊓ nc) ⋅ 1⇩π) ∥ 1⇩σ = 1⇩σ ⊓ (x ⊓ nc) ⋅ nc"
and cl11 [simp]: "((x ⊓ nc) ⋅ 1⇩π) ∥ nc = (x ⊓ nc) ⋅ nc"

begin

text ‹We show that every c-lattice is a c-trioid (Proposition 7.1) Proposition 7.2 is again
covered by the theory for multirelations.›

subclass c_trioid
proof
fix x y
show "x ⋅ 1⇩π ∥ 1⇩σ ⋅ y = x ⋅ 1⇩π ∥ y"
by auto
show "x ∥ y ⋅ 1⇩π = x ⋅ 1⇩π ∥ (y ⋅ 1⇩π)"
show "x ⋅ y ⋅ 1⇩π = x ⋅ (y ⋅ 1⇩π)"
by (metis local.absorp1 local.cl2 local.cl5)
show "1⇩σ ∥ 1⇩σ = 1⇩σ"
by (meson local.cl7)
show x: "x ⋅ 1⇩π ≤ 1⇩π"
by (metis local.absorp1 local.cl2 local.cl5 local.inf_le1 local.s_prod_idl)
show "x ⋅ 1⇩π ∥ x = x"
by (metis x order.eq_iff local.cl3 local.mult_1_right local.mult_commute local.mult_isol local.s_prod_idr)
qed

text ‹First we verify the complementation conditions after the definition of c-lattices.›

lemma c_nc_comp1 [simp]: "1⇩π + nc = U"
by (metis local.cl1 local.s_prod_idl)

lemma c_nc_comp2 [simp]: "1⇩π ⊓ nc = 0"

lemma  c_0: "x ⊓ 1⇩π = x ⋅ 0"
by (metis c_nc_comp2 local.add_zeror local.cl2 local.lat_dist3 local.meet_comm)

text ‹Next we verify the conditions in Proposition 7.2.›

lemma d_s_subid: "d x = x ⟷ x ≤ 1⇩σ"
by (metis local.cl9 local.d_def local.d_subid local.inf.absorb_iff1)

lemma term_p_subid: "x ⋅ 1⇩π = x ⟷ x ≤ 1⇩π"
by (metis c_0 local.cl6 local.inf.absorb_iff1 local.p_id_term)

lemma term_p_subid_var: "x ⋅ 0 = x ⟷ x ≤ 1⇩π"
using c_0 local.inf.absorb_iff1 by auto

lemma vec_iff: "d x ⋅ U = x ⟷ (x ⋅ 1⇩π) ∥ U = x"

lemma nc_iff1: "x ≤ nc ⟷ x ⊓ 1⇩π = 0"
proof
fix x
assume assm: "x ≤ nc"
hence "x = x ⊓ nc"
hence "x ⊓ 1⇩π = x ⊓ nc ⊓ 1⇩π"
by auto
then show "x ⊓ 1⇩π = 0"
by (metis assm c_0 c_nc_comp2 local.cl2 local.less_eq_def)
next
fix x
assume assm: "x ⊓ 1⇩π = 0"
have  "x = (x ⊓ nc) + (x ⊓ 1⇩π)"
by (metis c_nc_comp1 local.U_def local.add_comm local.lat_dist3 local.inf.absorb_iff1)
hence "x = x ⊓ nc"
using assm by auto
thus "x ≤ nc"
using local.inf.absorb_iff1 by auto
qed

lemma nc_iff2: "x ≤ nc ⟷ x ⋅ 0 = 0"
using c_0 nc_iff1 by auto

text ‹The results of Lemma 7.3 are again at the multirelational level.
Hence we continue with Lemma 7.4.›

lemma assoc_p_subid: "(x ⋅ y) ⋅ (z ⋅ 1⇩π) = x ⋅ (y ⋅ (z ⋅ 1⇩π))"
by (metis c_0 local.c6 local.cl5 local.inf.absorb_iff1)

lemma zero_assoc3: "(x ⋅ y) ⋅ 0 = x ⋅ (y ⋅ 0)"
by (metis local.cl5 local.s_prod_annil)

lemma x_zero_interr: "(x ⋅ 0) ∥ (y ⋅ 0) = (x ∥ y) ⋅ 0"

lemma p_subid_interr: "(x ⋅ z ⋅ 1⇩π) ∥ (y ⋅ z ⋅ 1⇩π) = (x ∥ y) ⋅ z ⋅ 1⇩π"

lemma d_interr: "(x ⋅ d z) ∥ (y ⋅ d z) = (x ∥ y) ⋅ d z"

lemma subidem_par: "x ≤ x ∥ x"
proof -
have "x = x ⋅ 1⇩σ"
by auto
also have "... = x ⋅ (1⇩σ ∥ 1⇩σ)"
by auto
finally show ?thesis
by (metis local.cl3 local.cl7)
qed

lemma meet_le_par: "x ⊓ y ≤ x ∥ y"
proof -
have "x ⊓ y = (x ⊓ y) ⊓ (x ⊓ y)"
using local.meet_idem by presburger
thus ?thesis
using local.inf_le1 local.inf_le2 local.mult_isol_var local.order_trans subidem_par by blast
qed

text‹Next we verify Lemma 7.5 and prove some related properties.›

lemma x_split [simp]: "(x ⊓ nc) + (x ⊓ 1⇩π) = x"
proof -
have "x = x ⊓ U"
using local.U_def local.inf.absorb_iff1 by auto
also have "... = x ⊓ (nc + 1⇩π)"
finally show ?thesis
by (metis local.lat_dist3)
qed

lemma x_split_var [simp]: "(x ⊓ nc) + (x ⋅ 0) = x"
by (metis local.c_0 x_split)

lemma s_subid_closed [simp]: "x ⊓ nc ⊓ 1⇩σ = x ⊓ 1⇩σ"
proof -
have "x ⊓ 1⇩σ = ((x ⊓ nc) + (x ⊓ 1⇩π)) ⊓ 1⇩σ"
using x_split by presburger
also have "... = (x ⊓ nc ⊓ 1⇩σ) + (x ⊓ 1⇩π ⊓ 1⇩σ)"
also have "... = (x ⊓ nc ⊓ 1⇩σ) + (x ⊓ 0)"
by (metis c_0 local.meet_assoc local.meet_comm local.s_prod_idl)
finally show ?thesis
by (metis local.absorp1 local.add_zeror local.lat_dist1 local.meet_comm)
qed

lemma sub_id_le_nc: "x ⊓ 1⇩σ ≤ nc"
by (metis local.inf.absorb_iff2 local.inf_left_commute local.meet_comm s_subid_closed)

lemma s_x_c [simp]: "1⇩σ ⊓ (x ⋅ 1⇩π) = 0"
proof -
have "1⇩σ ⊓ 1⇩π = 0"
using c_0 local.s_prod_idl by presburger
hence "1⇩σ ⊓ x ⋅ 1⇩π ≤ 0"
using local.c6 local.inf_le1 local.inf_le2 local.meet_prop local.order.trans by blast
thus ?thesis
using local.less_eq_def local.no_trivial_inverse by blast
qed

lemma s_x_zero [simp]: "1⇩σ ⊓ (x ⋅ 0) = 0"
by (metis local.cl6 s_x_c)

lemma c_nc [simp]: "(x ⋅ 1⇩π) ⊓ nc = 0"
proof -
have "x ⋅ 1⇩π ⊓ nc ≤ 1⇩π"
by (meson local.c6 local.dual_order.trans local.inf_le1)
thus ?thesis
by (metis local.inf_le2 nc_iff2 term_p_subid_var)
qed

lemma zero_nc [simp]: "(x ⋅ 0) ⊓ nc = 0"
by (metis c_nc local.cl6)

lemma nc_zero [simp]: "(x ⊓ nc) ⋅ 0 = 0"
by (meson local.inf_le2 nc_iff2)

text ‹Lemma 7.6.›

lemma c_def [simp]: "U ⋅ 0 = 1⇩π"
by (metis c_nc_comp1 c_0 local.absorp1 local.meet_comm)

lemma c_x_prop [simp]: "1⇩π ⋅ x = 1⇩π"
using c_def local.cl6 by blast

lemma U_idem_s_prod [simp]: "U ⋅ U = U"
by (metis local.U_def order.eq_iff local.s_prod_idl local.s_prod_isor)

lemma U_idem_p_prod [simp]: "U ∥ U = U"
using local.U_def order.eq_iff subidem_par by presburger

lemma U_c [simp]: "U ⋅ 1⇩π = 1⇩π"
by (metis U_idem_s_prod local.c_def zero_assoc3)

lemma s_le_nc: "1⇩σ ≤ nc"
by (metis local.meet_idem sub_id_le_nc)

lemma nc_c [simp]: "nc ⋅ 1⇩π = 1⇩π"
proof (rule order.antisym)
have "nc ⋅ 1⇩π = nc ⋅ 1⇩π ⋅ 0"
also have "... = nc ⋅ 1⇩π ⊓ 1⇩π"
finally show "nc ⋅ 1⇩π ≤ 1⇩π"
using local.c6 by blast
show "1⇩π ≤ nc ⋅ 1⇩π"
using local.s_prod_isor s_le_nc by fastforce
qed

lemma nc_nc [simp]: "nc ⋅ nc = nc"
proof -
have "nc ⋅ nc = (nc ⋅ 1⇩π) ∥ nc"
by (metis local.cl11 local.meet_idem)
thus ?thesis
by simp
qed

lemma U_nc [simp]: "U ⋅ nc = U"
proof -
have "U ⋅ nc = (1⇩π + nc) ⋅ nc"
by force
also have "... = 1⇩π ⋅ nc + nc ⋅ nc"
using local.s_prod_distr by blast
also have "... = 1⇩π + nc"
by simp
finally show ?thesis
by auto
qed

lemma nc_U [simp]: "nc ⋅ U = U"
proof -
have "nc ⋅ U = nc ⋅ 1⇩π + nc ⋅ nc"
using local.cl1 by presburger
thus ?thesis
by simp
qed

lemma nc_nc_par [simp]: "nc ∥ nc = nc"
proof -
have "nc ∥ nc = (nc ∥ nc ⊓ nc)  + (nc ∥ nc) ⋅ 0"
by simp
also have "... = nc  + (nc ⋅ 0) ∥ (nc ⋅ 0)"
by (metis local.meet_comm local.inf.absorb_iff1 subidem_par x_zero_interr)
also have "... = nc + 0 ∥ 0"
by (metis local.absorp1 local.meet_comm nc_zero)
finally show ?thesis
qed

lemma U_nc_par [simp]: "U ∥ nc = nc"
proof -
have "U ∥ nc = nc ∥ nc + 1⇩π ∥ nc"
also have "... = nc + nc"
by force
finally show ?thesis
by simp
qed

text ‹We prove Lemma 7.8 and related properties.›

lemma x_y_split [simp]: "(x ⊓ nc) ⋅ y + x ⋅ 0 = x ⋅ y"
by (metis c_0 local.cl6 local.s_prod_distr x_split)

lemma x_y_prop: "1⇩σ ⊓ (x ⊓ nc) ⋅ y = 1⇩σ ⊓ x ⋅ y"
proof -
have "1⇩σ ⊓ x ⋅ y = 1⇩σ ⊓ ((x ⊓ nc) ⋅ y + x ⋅ 0)"
using x_y_split by presburger
also have "... = (1⇩σ ⊓ (x ⊓ nc) ⋅ y) + (1⇩σ ⊓ x ⋅ 0)"
finally show ?thesis
qed

lemma s_nc_U: "1⇩σ ⊓ x ⋅ nc = 1⇩σ ⊓ x ⋅ U"
proof -
have "1⇩σ ⊓ x ⋅ U = 1⇩σ ⊓ (x ⋅ nc + x ⋅ 1⇩π)"
also have "... = (1⇩σ ⊓ x ⋅ nc) + (1⇩σ ⊓ x ⋅ 1⇩π)"
using local.lat_dist3 by blast
finally show ?thesis
qed

lemma sid_le_nc_var:  "1⇩σ ⊓ x ≤ 1⇩σ ⊓ x ∥ nc"
proof -
have "1⇩σ ⊓ x = x ⊓ (1⇩σ ⊓ nc)"
by (metis (no_types) local.inf.absorb1 local.inf.commute s_le_nc)
hence "1⇩σ ⊓ x ∥ nc + 1⇩σ ⊓ x = (x ∥ nc + x ⊓ nc) ⊓ 1⇩σ"
using local.inf.commute local.inf.left_commute local.lat_dist4 by auto
thus ?thesis
by (metis (no_types) local.inf.commute local.join.sup.absorb_iff1 meet_le_par)
qed

lemma s_nc_par_U: "1⇩σ ⊓ x ∥ nc = 1⇩σ ⊓ x ∥ U"
proof -
have "1⇩σ ⊓ x ∥ U = 1⇩σ ⊓ (x ∥ nc + x)"
by (metis c_nc_comp1 local.add_comm local.distrib_left local.mult_oner)
also have "... = (1⇩σ ⊓ x ∥ nc) + (x ⊓ 1⇩σ)"
by (metis local.lat_dist3 local.meet_comm)
also have "... = 1⇩σ ⊓ x ∥ nc"
by (metis local.add_comm local.less_eq_def local.meet_comm sid_le_nc_var)
finally show ?thesis
by metis
qed

lemma x_c_nc_split: "(x ⋅ 1⇩π) ∥ nc = (x ⊓ nc) ⋅ nc + (x ⋅ 0) ∥ nc"
by (metis local.cl11 local.mult_commute local.p_prod_distl x_y_split)

lemma x_c_U_split: "(x ⋅ 1⇩π) ∥ U = x ⋅ U + (x ⋅ 0) ∥ U"
proof -
have "x ⋅ U + (x ⋅ 0) ∥ U = (x ⊓ nc) ⋅ U + (x ⋅ 0) ∥ U"
by (metis U_c U_idem_s_prod U_nc local.add_assoc' local.cl1 local.distrib_left local.mult_oner x_y_split)
also have "... = (x ⊓ nc) ⋅ nc + (x ⊓ nc) ⋅ 1⇩π + (x ⋅ 0) ∥ nc + x ⋅ 0"
by (metis add_commute c_nc_comp1 local.cl1 local.combine_common_factor local.mult_1_right local.mult_commute)
also have "... = (x ⋅ 1⇩π) ∥ nc + x ⋅ 1⇩π"
thus ?thesis
by (metis c_nc_comp1 calculation local.add_comm local.distrib_left local.mult_oner)
qed

subsection ‹Domain in C-Lattices›

text ‹We now prove variants of the domain axioms and verify the properties of Section 8 in~\<^cite>‹"FurusawaS15a"›.›

lemma cl9_d [simp]: "d (x ⊓ 1⇩σ) = x ⊓ 1⇩σ"

lemma cl10_d: "d (x ⊓ nc) = 1⇩σ ⊓ (x ⊓ nc) ⋅ nc"
using local.cl10 local.d_def by auto

lemma cl11_d [simp]: "d (x ⊓ nc) ⋅ nc = (x ⊓ nc) ⋅ nc"
using local.c2_d by force

lemma cl10_d_var1: "d (x ⊓ nc) = 1⇩σ ⊓ x ⋅ nc"

lemma cl10_d_var2: "d (x ⊓ nc) = 1⇩σ ⊓ (x ⊓ nc) ⋅ U"

lemma cl10_d_var3: "d (x ⊓ nc) = 1⇩σ ⊓ x ⋅ U"

text ‹We verify the remaining properties of Lemma 8.1.›

lemma d_U [simp]: "d U = 1⇩σ"

lemma d_nc [simp]: "d nc = 1⇩σ"
using local.d_def by auto

lemma alt_d_def_nc_nc: "d (x ⊓ nc) = 1⇩σ ⊓ ((x ⊓ nc) ⋅ 1⇩π) ∥ nc"

lemma alt_d_def_nc_U: "d (x ⊓ nc) = 1⇩σ ⊓ ((x ⊓ nc) ⋅ 1⇩π) ∥ U"
by (metis alt_d_def_nc_nc local.c2_d s_nc_U)

text ‹We verify the identity before Lemma 8.2 of~\<^cite>‹"FurusawaS15a"› together with variants.›

lemma d_def_split [simp]: "d (x ⊓ nc) + d (x ⋅ 0) = d x"

lemma d_def_split_var [simp]: "d (x ⊓ nc) + (x ⋅ 0) ∥ 1⇩σ = d x"
by (metis d_def_split local.d_x_zero)

lemma ax7 [simp]: "(1⇩σ ⊓ x ⋅ U) + (x ⋅ 0) ∥ 1⇩σ = d x"
by (metis cl10_d_var3 d_def_split_var)

text ‹Lemma 8.2.›

lemma dom12_d: "d x = 1⇩σ ⊓ (x ⋅ 1⇩π) ∥ nc"
proof -
have "1⇩σ ⊓ (x ⋅ 1⇩π) ∥ nc = 1⇩σ ⊓ ((x ⊓ nc) ⋅ 1⇩π + x ⋅ 0) ∥ nc"
using x_y_split by presburger
also have "... = (1⇩σ ⊓ ((x ⊓ nc) ⋅ 1⇩π) ∥ nc) + (1⇩σ ⊓ (x ⋅ 0) ∥ nc)"
also have "... = d (x ⊓ nc) + d (x ⋅ 0)"
by (metis add_commute c_0 cl10_d_var1 local.add_zerol local.annil local.c2_d local.d_def local.mult_commute local.mult_onel local.zero_p_id_prop x_split)
finally show ?thesis
by (metis d_def_split)
qed

lemma dom12_d_U: "d x = 1⇩σ ⊓ (x ⋅ 1⇩π) ∥ U"

lemma dom_def_var: "d x = (x ⋅ U ⊓ 1⇩π) ∥ 1⇩σ"
by (simp add: c_0 local.d_def zero_assoc3)

text‹Lemma 8.3.›

lemma ax5_d [simp]: "d (x ⊓ nc) ⋅ U = (x ⊓ nc) ⋅ U"
proof -
have "d (x ⊓ nc) ⋅ U = d (x ⊓ nc) ⋅ nc + d (x ⊓ nc) ⋅ 1⇩π"
also have "... = (x ⊓ nc) ⋅ nc + (x ⊓ nc) ⋅ 1⇩π"
by simp
finally show ?thesis
qed

lemma ax5_0 [simp]: "d (x ⋅ 0) ⋅ U = (x ⋅ 0) ∥ U"
using local.x_zero_prop by presburger

lemma x_c_U_split2: "d x ⋅ nc = (x ⊓ nc) ⋅ nc + (x ⋅ 0) ∥ nc"

lemma x_c_U_split3: "d x ⋅ U = (x ⊓ nc) ⋅ U + (x ⋅ 0) ∥ U"
by (metis d_def_split local.s_prod_distr ax5_0 ax5_d)

lemma x_c_U_split_d: "d x ⋅ U = x ⋅ U + (x ⋅ 0) ∥ U"
using local.c2_d x_c_U_split by presburger

lemma x_U_prop2: "x ⋅ nc = d (x ⊓ nc) ⋅ nc + x ⋅ 0"
by (metis local.c2_d local.cl11 x_y_split)

lemma x_U_prop3: "x ⋅ U = d (x ⊓ nc) ⋅ U + x ⋅ 0"
by (metis ax5_d x_y_split)

lemma d_x_nc [simp]: "d (x ⋅ nc) = d x"
using local.c4 local.d_def by auto

lemma d_x_U [simp]: "d (x ⋅ U) = d x"

text ‹The next properties of domain are important, but do not feature in~\<^cite>‹"FurusawaS15a"›.
Proofs can be found in~\<^cite>‹"FurusawaS15b"›.›

lemma d_llp1: "d x ≤ d y ⟹ x ≤ d y ⋅ x"
by (metis local.d_rest_ax local.s_prod_isor)

lemma d_llp2: "x ≤ d y ⋅ x ⟹ d x ≤ d y"
proof -
assume a1: "x ≤ d y ⋅ x"
have "∀x y. d (x ∥ y) = x ⋅ 1⇩π ∥ d y"
using local.c2_d local.d_conc6 local.d_conc_s_prod_ax by presburger
hence "d x ≤ d (y ⋅ 1⇩π)"
using a1 by (metis (no_types) local.c2_d local.c6 local.c_prod_comm order.eq_iff local.mult_isol local.mult_oner)
thus ?thesis
by simp
qed

lemma demod1: "d (x ⋅ y) ≤ d z ⟹ x ⋅ d y ≤ d z ⋅ x"
proof -
assume "d (x ⋅ y) ≤ d z"
hence "∀v. x ⋅ y ⋅ 1⇩π ∥ v ≤ z ⋅ 1⇩π ∥ v"
by (metis (no_types) local.c2_d local.s_prod_isor)
hence "∀v. x ⋅ (y ⋅ 1⇩π ∥ v) ≤ z ⋅ 1⇩π ∥ (x ⋅ v)"
by (metis local.c4 local.cl3 local.dual_order.trans)
thus ?thesis
by (metis local.c2_d local.s_prod_idr)
qed

lemma demod2: "x ⋅ d y ≤ d z ⋅ x ⟹ d (x ⋅ y) ≤ d z"
proof -
assume "x ⋅ d y ≤ d z ⋅ x"
hence "d (x ⋅ y) ≤ d (d z ⋅ x)"
by (metis local.d_def local.d_loc_ax local.mult_isor local.s_prod_isor)
thus ?thesis
using local.d_conc6 local.d_conc_s_prod_ax local.d_glb_iff by fastforce
qed

subsection ‹Structural Properties of C-Lattices›

text ‹Now we consider the results from Section 9 and 10 in~\<^cite>‹"FurusawaS15a"›.
First we verify the conditions for Proposition 9.1.›

lemma d_meet_closed [simp]: "d (d x ⊓ d y) = d x ⊓ d y"
using d_s_subid local.d_sub_id_ax local.inf_le1 local.order_trans by blast

lemma d_s_prod_eq_meet: "d x ⋅ d y = d x ⊓ d y"
apply (rule order.antisym)
apply (metis local.d_lb1 local.d_lb2 local.meet_glb)
by (metis d_meet_closed local.inf_le1 local.inf_le2 local.d_glb)

lemma d_p_prod_eq_meet: "d x ∥ d y = d x ⊓ d y"

lemma s_id_par_s_prod: "(x ⊓ 1⇩σ) ∥ (y ⊓ 1⇩σ) = (x ⊓ 1⇩σ) ⋅ (y ⊓ 1⇩σ)"
by (metis cl9_d local.d_conc_s_prod_ax)

lemma s_id_par [simp]: "x ⊓ 1⇩σ ∥ x ⊓ 1⇩σ = x ⊓ 1⇩σ"
using local.meet_assoc local.meet_comm local.inf.absorb_iff1 meet_le_par by auto

text ‹We verify the remaining conditions in Proposition 9.2.›

lemma p_subid_par_eq_meet: "(x ⋅ 0) ∥ (y ⋅ 0) = (x ⋅ 0) ⊓ (y ⋅ 0)"
by (simp add: local.meet_glb local.order.antisym local.p_subid_lb1 local.p_subid_lb2 meet_le_par)

lemma p_subid_par_eq_meet_var: "(x ⋅ 1⇩π) ∥ (y ⋅ 1⇩π) = (x ⋅ 1⇩π) ⊓ (y ⋅ 1⇩π)"
by (metis c_x_prop p_subid_par_eq_meet zero_assoc3)

lemma x_zero_add_closed: "x ⋅ 0 + y ⋅ 0 = (x + y) ⋅ 0"

lemma x_zero_meet_closed: "(x ⋅ 0) ⊓ (y ⋅ 0) = (x ⊓ y) ⋅ 0"
by (metis c_0 local.cl6 local.meet_assoc local.meet_comm)

text ‹The following set of lemmas investigates the closure properties of vectors, including Lemma 9,3.›

lemma U_par_zero [simp]: "(0 ⋅ c) ∥ U = 0"
by fastforce

lemma U_par_s_id [simp]: "(1⇩σ ⋅ 1⇩π) ∥ U = U"
by auto

lemma U_par_p_id [simp]: "(1⇩π ⋅ 1⇩π) ∥ U = U"
by auto

lemma U_par_nc [simp]: "(nc ⋅ 1⇩π) ∥ U = U"
by auto

lemma d_add_var: "d x ⋅ z + d y ⋅ z = d (x + y) ⋅ z"

lemma d_interr_U: "(d x ⋅ U) ∥ (d y ⋅ U) = d (x ∥ y) ⋅ U"

lemma d_meet:
assumes "⋀ x y z. (x ⊓ y ⊓ 1⇩σ) ⋅ z = (x ⊓ 1⇩σ) ⋅ z ⊓ (y ⊓ 1⇩σ) ⋅ z"
shows "d x ⋅ z ⊓ d y ⋅ z = (d x ⊓ d y) ⋅ z"
proof -
have "(d x ⊓ d y) ⋅ z = (d x ⊓ d y ⊓ 1⇩σ) ⋅ z"
using local.d_sub_id_ax local.meet_assoc local.inf.absorb_iff1 by fastforce
also have "... = (d x ⊓ 1⇩σ) ⋅ z ⊓ (d y ⊓ 1⇩σ) ⋅ z"
using assms by auto
finally show ?thesis
by (metis local.d_sub_id_ax local.inf.absorb_iff1)
qed

text ‹Proposition 9.4›

lemma nc_zero_closed [simp]: "0 ⊓ nc = 0"

lemma nc_s [simp]: "1⇩σ ⊓ nc = 1⇩σ"
using local.inf.absorb_iff1 s_le_nc by blast

lemma nc_add_closed: "(x ⊓ nc) + (y ⊓ nc) = (x + y) ⊓ nc"
using local.lat_dist4 by force

lemma nc_meet_closed: "(x ⊓ nc) ⊓ (y ⊓ nc) = x ⊓ y ⊓ nc"
using local.meet_assoc local.meet_comm local.inf_le1 local.inf.absorb_iff1 by fastforce

lemma nc_scomp_closed: "((x ⊓ nc) ⋅ (y ⊓ nc)) ≤ nc"
by (simp add: c_0 nc_iff1 zero_assoc3)

lemma nc_scomp_closed_alt [simp]: "((x ⊓ nc) ⋅ (y ⊓ nc)) ⊓ nc = (x ⊓ nc) ⋅ (y ⊓ nc)"
using local.inf.absorb_iff1 nc_scomp_closed by blast

lemma nc_ccomp_closed: "(x ⊓ nc) ∥ (y ⊓ nc) ≤  nc"
proof -
have "(x ⊓ nc) ∥ (y ⊓ nc) ≤ nc ∥ nc"
by (meson local.inf_le2 local.mult_isol_var)
thus ?thesis
by auto
qed

lemma nc_ccomp_closed_alt [simp]: "(x ∥ (y ⊓ nc)) ⊓ nc = x ∥ (y ⊓ nc)"
by (metis U_nc_par local.U_def local.inf_le2 local.mult_isol_var local.inf.absorb_iff1)

text ‹Lemma 9.6.›

lemma tarski_prod:
assumes "⋀x. x ⊓ nc ≠ 0 ⟹ nc ⋅ ((x ⊓ nc) ⋅ nc) = nc"
and "⋀x y z. d x ⋅ (y ⋅ z) = (d x ⋅ y) ⋅ z"
shows "((x ⊓ nc) ⋅ nc) ⋅ ((y ⊓ nc) ⋅ nc) = (if  (y ⊓ nc)  = 0 then 0 else (x ⊓ nc) ⋅ nc)"
proof (cases "y ⊓ nc = 0")
fix x y
assume  assm: "y ⊓ nc = 0"
show "(x ⊓ nc) ⋅ nc ⋅ ((y ⊓ nc) ⋅ nc) = (if y ⊓ nc = 0 then 0 else (x ⊓ nc) ⋅ nc)"
by (metis assm c_0 local.cl6 local.meet_comm nc_zero zero_assoc3)
next
fix x y
assume assm: "y ⊓ nc ≠ 0"
have "((x ⊓ nc) ⋅ nc) ⋅ ((y ⊓ nc) ⋅ nc) = (d (x ⊓ nc) ⋅ nc) ⋅ ((y ⊓ nc) ⋅ nc)"
by simp
also have "... = d (x ⊓ nc) ⋅ (nc ⋅ ((y ⊓ nc) ⋅ nc))"
also have "... = d (x ⊓ nc) ⋅ nc"
finally show "(x ⊓ nc) ⋅ nc ⋅ ((y ⊓ nc) ⋅ nc) = (if y ⊓ nc = 0 then 0 else (x ⊓ nc) ⋅ nc)"
qed

text ‹We show the remaining conditions of Proposition 9.8.›

lemma nc_prod_aux [simp]: "((x ⊓ nc) ⋅ nc) ⋅ nc = (x ⊓ nc) ⋅ nc"
proof -
have "((x ⊓ nc) ⋅ nc) ⋅ nc = (d (x ⊓ nc) ⋅ nc) ⋅ nc"
by simp
also have "... = d (x ⊓ nc) ⋅ (nc ⋅ nc)"
by (metis cl11_d d_x_nc local.cl11 local.meet_idem nc_ccomp_closed_alt nc_nc)
also have "... = d (x ⊓ nc) ⋅ nc"
by auto
finally show ?thesis
by simp
qed

lemma nc_vec_add_closed: "((x ⊓ nc) ⋅ nc + (y ⊓ nc) ⋅ nc) ⋅ nc =  (x ⊓ nc) ⋅ nc + (y ⊓ nc) ⋅ nc"

lemma nc_vec_par_closed: "(((x ⊓ nc) ⋅ nc) ∥ ((y ⊓ nc) ⋅ nc)) ⋅ nc =  ((x ⊓ nc) ⋅ nc) ∥ ((y ⊓ nc) ⋅ nc)"

lemma nc_vec_par_is_meet:
assumes "⋀ x y z. (d x ⊓ d y) ⋅ z = d x ⋅ z ⊓ d y ⋅ z"
shows "((x ⊓ nc) ⋅ nc) ∥ ((y ⊓ nc) ⋅ nc) = ((x ⊓ nc) ⋅ nc) ⊓ ((y ⊓ nc) ⋅ nc)"
proof -
have "((x ⊓ nc) ⋅ nc) ∥ ((y ⊓ nc) ⋅ nc) = (d (x ⊓ nc) ⋅ nc) ∥ (d (y ⊓ nc) ⋅ nc)"
by auto
also have "... = (d (x ⊓ nc) ∥ d (y ⊓ nc)) ⋅ nc"
also have "... = (d (x ⊓ nc) ⊓ d (y ⊓ nc)) ⋅ nc"
finally show ?thesis
qed

lemma nc_vec_meet_closed:
assumes "⋀ x y z. (d x ⊓ d y) ⋅ z = d x ⋅ z ⊓ d y ⋅ z"
shows "((x ⊓ nc) ⋅ nc ⊓ (y ⊓ nc) ⋅ nc) ⋅ nc =  (x ⊓ nc) ⋅ nc ⊓ (y ⊓ nc) ⋅ nc"
proof -
have "((x ⊓ nc) ⋅ nc ⊓ (y ⊓ nc) ⋅ nc) ⋅ nc = (((x ⊓ nc) ⋅ nc) ∥ ((y ⊓ nc) ⋅ nc)) ⋅ nc"
also have "... = ((x ⊓ nc) ⋅ nc) ∥ ((y ⊓ nc) ⋅ nc)"
finally show ?thesis
qed

lemma nc_vec_seq_closed:
assumes "⋀x. x ⊓ nc ≠ 0 ⟹ nc ⋅ ((x ⊓ nc) ⋅ nc) = nc"
and "⋀x y z. d x ⋅ (y ⋅ z) = (d x ⋅ y) ⋅ z"
shows "(((x ⊓ nc) ⋅ nc) ⋅ ((y ⊓ nc) ⋅ nc)) ⋅ nc =  ((x ⊓ nc) ⋅ nc) ⋅ ((y ⊓ nc) ⋅ nc)"
proof -
have one : "y ⊓ nc = 0 ⟹ (((x ⊓ nc) ⋅ nc) ⋅ ((y ⊓ nc) ⋅ nc)) ⋅ nc = ((x ⊓ nc) ⋅ nc) ⋅ ((y ⊓ nc) ⋅ nc)"
by simp
have "y ⊓ nc ≠ 0 ⟹ (((x ⊓ nc) ⋅ nc) ⋅ ((y ⊓ nc) ⋅ nc)) ⋅ nc = ((x ⊓ nc) ⋅ nc) ⋅ ((y ⊓ nc) ⋅ nc)"
by (simp add: assms(1) assms(2) tarski_prod)
thus ?thesis
using one by blast
qed

text ‹Proposition 10.1 and 10.2.›

lemma iso3 [simp]: "d (d x ⋅ U) = d x "
by simp

lemma iso4 [simp]: "d ((x ⋅ 1⇩π) ∥ U) ⋅ U = (x ⋅ 1⇩π) ∥ U"
by (simp add: local.c3 local.c4 vec_iff)

lemma iso5 [simp]:  "((x ⋅ 1⇩π) ∥ U) ⋅ 1⇩π = x ⋅ 1⇩π"

lemma iso6 [simp]: "(((x ⋅ 1⇩π) ∥ U) ⋅ 1⇩π) ∥ U = (x ⋅ 1⇩π) ∥ U"
by simp

lemma iso3_sharp [simp]: "d (d (x ⊓ nc) ⋅ nc) = d (x ⊓ nc)"
using d_s_subid local.c4 local.d_def local.inf_le1 by auto

lemma iso4_sharp [simp]: "d ((x ⊓ nc) ⋅ nc) ⋅ nc = (x ⊓ nc) ⋅ nc"

lemma iso5_sharp [simp]: "(((x ⊓ nc) ⋅ 1⇩π) ∥ nc) ⋅ 1⇩π = (x ⊓ nc) ⋅ 1⇩π"

lemma iso6_sharp [simp]: "(((x ⊓ nc) ⋅ nc) ⋅ 1⇩π) ∥ nc = (x ⊓ nc) ⋅ nc"
using local.c4 local.cl11 nc_c by presburger

text‹We verify Lemma 15.2 at this point, because it is helpful for the following proofs.›

lemma uc_par_meet: "x ∥ U ⊓ y ∥ U = x ∥ U ∥ y ∥ U"
apply (rule order.antisym)
apply (metis local.c_prod_assoc meet_le_par)
by (metis U_idem_p_prod local.U_def local.c_prod_assoc local.meet_prop local.mult.left_commute local.mult_double_iso)

lemma uc_unc [simp]: "x ∥ U ∥ x ∥ U = x ∥ U"
by (metis local.meet_idem uc_par_meet)

lemma uc_interr: "(x ∥ y) ⋅ (z ∥ U) = (x ⋅ (z ∥ U)) ∥ (y ⋅ (z ∥ U))"
proof -
have "(z ∥ U) ∥ (z ∥ U) = z ∥ U"
by (metis local.c_prod_assoc uc_unc)
thus ?thesis
qed

text‹We verify the remaining cases of Proposition 10.3.›

lemma sc_hom_meet: "(d x ⊓ d y) ⋅ 1⇩π = (d x) ⋅ 1⇩π ⊓ (d y) ⋅ 1⇩π"
by (metis d_p_prod_eq_meet local.c3 p_subid_par_eq_meet_var)

lemma sc_hom_seq: "(d x ⋅ d y) ⋅ 1⇩π = (d x ⊓ d y) ⋅ 1⇩π"

lemma cs_hom_meet: "d (x ⋅ 1⇩π ⊓ y ⋅ 1⇩π)  = d (x ⋅ 1⇩π) ⊓ d (y ⋅ 1⇩π)"
by (metis d_p_prod_eq_meet local.d_conc6 p_subid_par_eq_meet_var)

lemma sv_hom_meet: "(d x ⊓ d y) ⋅ U = (d x) ⋅ U ⊓ (d y) ⋅ U"
proof -
have "(d x ⊓ d y) ⋅ U = ((d x) ⋅ U) ∥ ((d y) ⋅ U)"
by (simp add: d_interr_U d_p_prod_eq_meet local.d_conc6)
thus ?thesis
by (simp add: local.c2_d local.c_prod_assoc uc_par_meet)
qed

lemma sv_hom_par: "(x ∥ y) ⋅ U = (x ⋅ U) ∥ (y ⋅ U)"

lemma vs_hom_meet: "d (((x ⋅ 1⇩π) ∥ U) ⊓ ((y ⋅ 1⇩π) ∥ U)) = d ((x ⋅ 1⇩π) ∥ U) ⊓ d ((y ⋅ 1⇩π) ∥ U)"
proof -
have f1: "⋀x y. x ⋅ 1⇩π ∥ 1⇩σ ⊓ y ⋅ 1⇩π ∥ 1⇩σ = x ∥ y ⋅ 1⇩π ∥ 1⇩σ"
using d_p_prod_eq_meet local.d_conc6 local.d_def by auto
hence "⋀x y. x ⋅ 1⇩π ∥ U ⊓ y ⋅ 1⇩π ∥ U = x ∥ y ⋅ 1⇩π ∥ U"
using local.d_def sv_hom_meet by force
thus ?thesis
using f1 by (simp add: local.d_def)
qed

lemma cv_hom_meet: "(x ⋅ 1⇩π ⊓ y ⋅ 1⇩π) ∥ U = (x ⋅ 1⇩π) ∥ U ⊓ (y ⋅ 1⇩π) ∥ U"
proof -
have "d (x ∥ y) ⋅ U = x ⋅ 1⇩π ∥ U ⊓ y ⋅ 1⇩π ∥ U"
by (simp add: d_p_prod_eq_meet local.c2_d local.d_conc6 sv_hom_meet)
thus ?thesis
using local.c2_d local.c3 p_subid_par_eq_meet_var by auto
qed

lemma cv_hom_par [simp]: " x ∥ U ∥ y ∥ U = (x ∥ y) ∥ U"
by (metis U_idem_p_prod local.mult.left_commute local.mult_assoc)

lemma vc_hom_meet: "((x ⋅ 1⇩π) ∥ U ⊓ (y ⋅ 1⇩π) ∥ U) ⋅ 1⇩π = ((x ⋅ 1⇩π) ∥ U) ⋅ 1⇩π ⊓ ((y ⋅ 1⇩π) ∥ U) ⋅ 1⇩π"
by (metis cv_hom_meet iso5 local.c3 p_subid_par_eq_meet_var)

lemma vc_hom_seq: "(((x ⋅ 1⇩π) ∥ U) ⋅ ((y ⋅ 1⇩π) ∥ U)) ⋅ 1⇩π = (((x ⋅ 1⇩π) ∥ U) ⋅ 1⇩π) ⋅ (((y ⋅ 1⇩π) ∥ U) ⋅ 1⇩π)"
proof -
have "(((x ⋅ 1⇩π) ∥ U) ⋅ ((y ⋅ 1⇩π) ∥ U)) ⋅ 1⇩π = ((x ⋅ 1⇩π) ∥ U) ⋅ (y ⋅ 1⇩π)"
also have "... = (x ⋅ 1⇩π) ∥ (U ⋅ (y ⋅ 1⇩π))"
by (metis assoc_p_subid local.cl8)
also have "... = (x ⋅ 1⇩π) ∥ (nc ⋅ (y ⋅ 1⇩π) + 1⇩π ⋅ (y ⋅ 1⇩π))"
also have "... = (x ⋅ 1⇩π) ∥ 1⇩π"
by (metis add_commute c_x_prop local.absorp2 local.c4 local.meet_comm local.mult_oner p_subid_par_eq_meet_var)
thus ?thesis
have "(d x) ⋅ nc ⊓ (d y) ⋅ nc ≤ ((d x)