Theory HOL-Lattice.CompleteLattice

(*  Title:      HOL/Lattice/CompleteLattice.thy
    Author:     Markus Wenzel, TU Muenchen
*)

section ‹Complete lattices›

theory CompleteLattice imports Lattice begin

subsection ‹Complete lattice operations›

text ‹
  A \emph{complete lattice} is a partial order with general
  (infinitary) infimum of any set of elements.  General supremum
  exists as well, as a consequence of the connection of infinitary
  bounds (see \S\ref{sec:connect-bounds}).
›

class complete_lattice =
  assumes ex_Inf: "inf. is_Inf A inf"

theorem ex_Sup: "sup::'a::complete_lattice. is_Sup A sup"
proof -
  from ex_Inf obtain sup where "is_Inf {b. aA. a  b} sup" by blast
  then have "is_Sup A sup" by (rule Inf_Sup)
  then show ?thesis ..
qed

text ‹
  The general ⨅› (meet) and ⨆› (join) operations select
  such infimum and supremum elements.
›

definition
  Meet :: "'a::complete_lattice set  'a"  (_› [90] 90) where
  "A = (THE inf. is_Inf A inf)"
definition
  Join :: "'a::complete_lattice set  'a"  (_› [90] 90) where
  "A = (THE sup. is_Sup A sup)"

text ‹
  Due to unique existence of bounds, the complete lattice operations
  may be exhibited as follows.
›

lemma Meet_equality [elim?]: "is_Inf A inf  A = inf"
proof (unfold Meet_def)
  assume "is_Inf A inf"
  then show "(THE inf. is_Inf A inf) = inf"
    by (rule the_equality) (rule is_Inf_uniq [OF _ is_Inf A inf])
qed

lemma MeetI [intro?]:
  "(a. a  A  inf  a) 
    (b. a  A. b  a  b  inf) 
    A = inf"
  by (rule Meet_equality, rule is_InfI) blast+

lemma Join_equality [elim?]: "is_Sup A sup  A = sup"
proof (unfold Join_def)
  assume "is_Sup A sup"
  then show "(THE sup. is_Sup A sup) = sup"
    by (rule the_equality) (rule is_Sup_uniq [OF _ is_Sup A sup])
qed

lemma JoinI [intro?]:
  "(a. a  A  a  sup) 
    (b. a  A. a  b  sup  b) 
    A = sup"
  by (rule Join_equality, rule is_SupI) blast+


text ‹
  \medskip The ⨅› and ⨆› operations indeed determine
  bounds on a complete lattice structure.
›

lemma is_Inf_Meet [intro?]: "is_Inf A (A)"
proof (unfold Meet_def)
  from ex_Inf obtain inf where "is_Inf A inf" ..
  then show "is_Inf A (THE inf. is_Inf A inf)"
    by (rule theI) (rule is_Inf_uniq [OF _ is_Inf A inf])
qed

lemma Meet_greatest [intro?]: "(a. a  A  x  a)  x  A"
  by (rule is_Inf_greatest, rule is_Inf_Meet) blast

lemma Meet_lower [intro?]: "a  A  A  a"
  by (rule is_Inf_lower) (rule is_Inf_Meet)


lemma is_Sup_Join [intro?]: "is_Sup A (A)"
proof (unfold Join_def)
  from ex_Sup obtain sup where "is_Sup A sup" ..
  then show "is_Sup A (THE sup. is_Sup A sup)"
    by (rule theI) (rule is_Sup_uniq [OF _ is_Sup A sup])
qed

lemma Join_least [intro?]: "(a. a  A  a  x)  A  x"
  by (rule is_Sup_least, rule is_Sup_Join) blast
lemma Join_lower [intro?]: "a  A  a  A"
  by (rule is_Sup_upper) (rule is_Sup_Join)


subsection ‹The Knaster-Tarski Theorem›

text ‹
  The Knaster-Tarski Theorem (in its simplest formulation) states that
  any monotone function on a complete lattice has a least fixed-point
  (see cite‹pages 93--94› in "Davey-Priestley:1990" for example).  This
  is a consequence of the basic boundary properties of the complete
  lattice operations.
›

theorem Knaster_Tarski:
  assumes mono: "x y. x  y  f x  f y"
  obtains a :: "'a::complete_lattice" where
    "f a = a" and "a'. f a' = a'  a  a'"
proof
  let ?H = "{u. f u  u}"
  let ?a = "?H"
  show "f ?a = ?a"
  proof -
    have ge: "f ?a  ?a"
    proof
      fix x assume x: "x  ?H"
      then have "?a  x" ..
      then have "f ?a  f x" by (rule mono)
      also from x have "...  x" ..
      finally show "f ?a  x" .
    qed
    also have "?a  f ?a"
    proof
      from ge have "f (f ?a)  f ?a" by (rule mono)
      then show "f ?a  ?H" ..
    qed
    finally show ?thesis .
  qed

  fix a'
  assume "f a' = a'"
  then have "f a'  a'" by (simp only: leq_refl)
  then have "a'  ?H" ..
  then show "?a  a'" ..
qed

theorem Knaster_Tarski_dual:
  assumes mono: "x y. x  y  f x  f y"
  obtains a :: "'a::complete_lattice" where
    "f a = a" and "a'. f a' = a'  a'  a"
proof
  let ?H = "{u. u  f u}"
  let ?a = "?H"
  show "f ?a = ?a"
  proof -
    have le: "?a  f ?a"
    proof
      fix x assume x: "x  ?H"
      then have "x  f x" ..
      also from x have "x  ?a" ..
      then have "f x  f ?a" by (rule mono)
      finally show "x  f ?a" .
    qed
    have "f ?a  ?a"
    proof
      from le have "f ?a  f (f ?a)" by (rule mono)
      then show "f ?a  ?H" ..
    qed
    from this and le show ?thesis by (rule leq_antisym)
  qed

  fix a'
  assume "f a' = a'"
  then have "a'  f a'" by (simp only: leq_refl)
  then have "a'  ?H" ..
  then show "a'  ?a" ..
qed


subsection ‹Bottom and top elements›

text ‹
  With general bounds available, complete lattices also have least and
  greatest elements.
›

definition
  bottom :: "'a::complete_lattice"  () where
  " = UNIV"

definition
  top :: "'a::complete_lattice"  () where
  " = UNIV"

lemma bottom_least [intro?]: "  x"
proof (unfold bottom_def)
  have "x  UNIV" ..
  then show "UNIV  x" ..
qed

lemma bottomI [intro?]: "(a. x  a)   = x"
proof (unfold bottom_def)
  assume "a. x  a"
  show "UNIV = x"
  proof
    fix a show "x  a" by fact
  next
    fix b :: "'a::complete_lattice"
    assume b: "a  UNIV. b  a"
    have "x  UNIV" ..
    with b show "b  x" ..
  qed
qed

lemma top_greatest [intro?]: "x  "
proof (unfold top_def)
  have "x  UNIV" ..
  then show "x  UNIV" ..
qed

lemma topI [intro?]: "(a. a  x)   = x"
proof (unfold top_def)
  assume "a. a  x"
  show "UNIV = x"
  proof
    fix a show "a  x" by fact
  next
    fix b :: "'a::complete_lattice"
    assume b: "a  UNIV. a  b"
    have "x  UNIV" ..
    with b show "x  b" ..
  qed
qed


subsection ‹Duality›

text ‹
  The class of complete lattices is closed under formation of dual
  structures.
›

instance dual :: (complete_lattice) complete_lattice
proof
  fix A' :: "'a::complete_lattice dual set"
  show "inf'. is_Inf A' inf'"
  proof -
    have "sup. is_Sup (undual ` A') sup" by (rule ex_Sup)
    then have "sup. is_Inf (dual ` undual ` A') (dual sup)" by (simp only: dual_Inf)
    then show ?thesis by (simp add: dual_ex [symmetric] image_comp)
  qed
qed

text ‹
  Apparently, the ⨅› and ⨆› operations are dual to each
  other.
›

theorem dual_Meet [intro?]: "dual (A) = (dual ` A)"
proof -
  from is_Inf_Meet have "is_Sup (dual ` A) (dual (A))" ..
  then have "(dual ` A) = dual (A)" ..
  then show ?thesis ..
qed

theorem dual_Join [intro?]: "dual (A) = (dual ` A)"
proof -
  from is_Sup_Join have "is_Inf (dual ` A) (dual (A))" ..
  then have "(dual ` A) = dual (A)" ..
  then show ?thesis ..
qed

text ‹
  Likewise are ⊥› and ⊤› duals of each other.
›

theorem dual_bottom [intro?]: "dual  = "
proof -
  have " = dual "
  proof
    fix a' have "  undual a'" ..
    then have "dual (undual a')  dual " ..
    then show "a'  dual " by simp
  qed
  then show ?thesis ..
qed

theorem dual_top [intro?]: "dual  = "
proof -
  have " = dual "
  proof
    fix a' have "undual a'  " ..
    then have "dual   dual (undual a')" ..
    then show "dual   a'" by simp
  qed
  then show ?thesis ..
qed


subsection ‹Complete lattices are lattices›

text ‹
  Complete lattices (with general bounds available) are indeed plain
  lattices as well.  This holds due to the connection of general
  versus binary bounds that has been formally established in
  \S\ref{sec:gen-bin-bounds}.
›

lemma is_inf_binary: "is_inf x y ({x, y})"
proof -
  have "is_Inf {x, y} ({x, y})" ..
  then show ?thesis by (simp only: is_Inf_binary)
qed

lemma is_sup_binary: "is_sup x y ({x, y})"
proof -
  have "is_Sup {x, y} ({x, y})" ..
  then show ?thesis by (simp only: is_Sup_binary)
qed

instance complete_lattice  lattice
proof
  fix x y :: "'a::complete_lattice"
  from is_inf_binary show "inf. is_inf x y inf" ..
  from is_sup_binary show "sup. is_sup x y sup" ..
qed

theorem meet_binary: "x  y = {x, y}"
  by (rule meet_equality) (rule is_inf_binary)

theorem join_binary: "x  y = {x, y}"
  by (rule join_equality) (rule is_sup_binary)


subsection ‹Complete lattices and set-theory operations›

text ‹
  The complete lattice operations are (anti) monotone wrt.\ set
  inclusion.
›

theorem Meet_subset_antimono: "A  B  B  A"
proof (rule Meet_greatest)
  fix a assume "a  A"
  also assume "A  B"
  finally have "a  B" .
  then show "B  a" ..
qed

theorem Join_subset_mono: "A  B  A  B"
proof -
  assume "A  B"
  then have "dual ` A  dual ` B" by blast
  then have "(dual ` B)  (dual ` A)" by (rule Meet_subset_antimono)
  then have "dual (B)  dual (A)" by (simp only: dual_Join)
  then show ?thesis by (simp only: dual_leq)
qed

text ‹
  Bounds over unions of sets may be obtained separately.
›

theorem Meet_Un: "(A  B) = A  B"
proof
  fix a assume "a  A  B"
  then show "A  B  a"
  proof
    assume a: "a  A"
    have "A  B  A" ..
    also from a have "  a" ..
    finally show ?thesis .
  next
    assume a: "a  B"
    have "A  B  B" ..
    also from a have "  a" ..
    finally show ?thesis .
  qed
next
  fix b assume b: "a  A  B. b  a"
  show "b  A  B"
  proof
    show "b  A"
    proof
      fix a assume "a  A"
      then have "a   A  B" ..
      with b show "b  a" ..
    qed
    show "b  B"
    proof
      fix a assume "a  B"
      then have "a   A  B" ..
      with b show "b  a" ..
    qed
  qed
qed

theorem Join_Un: "(A  B) = A  B"
proof -
  have "dual ((A  B)) = (dual ` A  dual ` B)"
    by (simp only: dual_Join image_Un)
  also have " = (dual ` A)  (dual ` B)"
    by (rule Meet_Un)
  also have " = dual (A  B)"
    by (simp only: dual_join dual_Join)
  finally show ?thesis ..
qed

text ‹
  Bounds over singleton sets are trivial.
›

theorem Meet_singleton: "{x} = x"
proof
  fix a assume "a  {x}"
  then have "a = x" by simp
  then show "x  a" by (simp only: leq_refl)
next
  fix b assume "a  {x}. b  a"
  then show "b  x" by simp
qed

theorem Join_singleton: "{x} = x"
proof -
  have "dual ({x}) = {dual x}" by (simp add: dual_Join)
  also have " = dual x" by (rule Meet_singleton)
  finally show ?thesis ..
qed

text ‹
  Bounds over the empty and universal set correspond to each other.
›

theorem Meet_empty: "{} = UNIV"
proof
  fix a :: "'a::complete_lattice"
  assume "a  {}"
  then have False by simp
  then show "UNIV  a" ..
next
  fix b :: "'a::complete_lattice"
  have "b  UNIV" ..
  then show "b  UNIV" ..
qed

theorem Join_empty: "{} = UNIV"
proof -
  have "dual ({}) = {}" by (simp add: dual_Join)
  also have " = UNIV" by (rule Meet_empty)
  also have " = dual (UNIV)" by (simp add: dual_Meet)
  finally show ?thesis ..
qed

end