Athena is a Haskell proof-reconstruction tool. This tool is able to translate TSTP derivations generated by Metis to Agda proof-terms. To verify such derivations generated automatically by Metis, we type-check the proof-terms generated by Athena using the proof-assistant Agda. In the following diagram, we present a work-flow using Athena during the proof-reconstruction task.
A description of this approach to reconstruct propositional derivations generated by Metis is available at:
This tool is written in Haskell and it was tested with
To install Athena, the package manager cabal is required as well,
version ≥2.2.0.0. Athena was tested with
Now, to install Athena just download this repository by running the following command:
$ git clone https://github.com/jonaprieto/athena.git
$ cd athenaTo install Athena from the command line run the following:
$ make installThe proofs generated using this tool were tested with
Using the Agda libraries listed below:
There is a possibility to install the Agda libraries (agda-prop, agda-metis and
the Agda standard library) run the following command:
$ make install-librariesFollow the instructions given by the command, the libraries will be installed in
the lib folder. If you know about these .agda files, you probably want to
specify in the .agda/defaults and .agda/libraries files the paths of the
libraries necessary for proof-reconstruction.
Athena only supports reconstruction for the Metis prover, we tested with:
To install this tool run the following command and follow the instructions.
$ make metisWe have an alternative way to use this prover and many others. Its our client for the Systems on the TPTP World:
To install this tool run the following command:
$ make online-atps
$ online-atps --version
Online-atps version 0.1.3We have included a test-suite of at least eighty theorems from Prop-Pack TPTP Collection:
$ make install
$ make install-libraries
$ make problems
$ make check
To just generate the Agda files run the command:
$ make reconsruct
Let us consider the following theorem problem No. 13 in Disjunction Section in Prop-Pack:
This problem can be encode in TPTP syntax
(file problem.tptp) as follows:
$ cat problem.tptp
fof(premise, axiom, (p => q) & (q => p)).
fof(goal, conjecture, (p | q) => (p & q)).To obtain the Metis derivation of the TPTP problem showed above, make sure your Metis version is supported by running the following command. Recall we support the version 2.4.+
$ metis --versionTo generate the TSTP derivation of problem.tptp
run the following command:
$ metis --show proof problem.tptp > problem.tstp
$ cat problem.tstp
...
fof(premise, axiom, ((p => q) & (q => p))).
fof(goal, conjecture, ((p | q) => (p & q))).
fof(subgoal_0, plain, ((p | q) => p), inference(strip, [], [goal])).
fof(subgoal_1, plain, (((p | q) & p) => q), inference(strip, [], [goal])).
fof(negate_0_0, plain, (~ ((p | q) => p)),
inference(negate, [], [subgoal_0])).
...If you are using the Online-ATPs tool run the following command:
$ online-atps --atp=metis problem.tptp > problem.tstp
Using our customized TSTP syntax, the above Metis derivation looks like:
fof(premise, axiom, (p ⊃ q) ∧ (q ⊃ p)).
fof(goal, conjecture, (p ∨ q) ⊃ (p ∧ q)).
fof(s₀, (p ∨ q) ⊃ p, inf(strip, goal)).
fof(s₁, ((p ∨ q) ∧ p) ⊃ q, inf(strip, goal)).
fof(neg₀, ¬ ((p ∨ q) ⊃ p), inf(negate, s₀)).
fof(n₀₀, (¬ p ∨ q) ∧ (¬ q ∨ p), inf(canonicalize, premise)).
fof(n₀₁, ¬ q ∨ p, inf(conjunct, n₀₀)).
fof(n₀₂, ¬ p ∧ (p ∨ q), inf(canonicalize, neg₀)).
fof(n₀₃, p ∨ q, inf(conjunct, n₀₂)).
fof(n₀₄, ¬ p, inf(conjunct, n₀₂)).
fof(n₀₅, q, inf(simplify, [n₀₃, n₀₄])).
cnf(r₀₀, ¬ q ∨ p, inf(canonicalize, n₀₁)).
cnf(r₀₁, q, inf(canonicalize, n₀₅)).
cnf(r₀₂, p, inf(resolve, q, [r₀₁, r₀₀])).
cnf(r₀₃, ¬ p, inf(canonicalize, n₀₄)).
cnf(r₀₄, ⊥, inf(resolve, p, [r₀₂, r₀₃])).
fof(neg₁, ¬ ((p ∨ q) ∧ p) ⊃ q), inf(negate, s₁)).
fof(n₁₀, ¬ q ∧ p ∧ (p ∨ q), inf(canonicalize, neg₁)).
fof(n₁₁, (¬ p ∨ q) ∧ (¬ q ∨ p), inf(canonicalize, premise)).
fof(n₁₂, ¬ p ∨ q, inf(conjunct, n₁₁)).
fof(n₁₃, ⊥, inf(simplify, [n₁₀, n₁₂])).
cnf(r₁₀, ⊥, inf(canonicalize, n₁₃)).
To obtain the Agda proof-term of the Metis derivation run the following command:
$ athena problem.tstpAthena will create the Agda file of the solution. The Agda file should look like this one:
$ cat problem.agda
------------------------------------------------------------------------------
-- File automatically generated by Athena version 0.2-xxxxx
-- TSTP file: problem.tstp.
------------------------------------------------------------------------------
module problem where
------------------------------------------------------------------------------
open import ATP.Metis 2 public
open import Data.PropFormula 2 public
------------------------------------------------------------------------------
-- Variables.
p : PropFormula
p = Var (# 0)
q : PropFormula
q = Var (# 1)
-- Axiom.
a₁ : PropFormula
a₁ = ((p ⊃ q) ∧ (q ⊃ p))
-- Premise.
Γ : Ctxt
Γ = [ a₁ ]
-- Conjecture.
goal : PropFormula
goal = ((p ∨ q) ⊃ (p ∧ q))
-- Subgoals.
subgoal₀ : PropFormula
subgoal₀ = ((p ∨ q) ⊃ p)
subgoal₁ : PropFormula
subgoal₁ = (((p ∨ q) ∧ p) ⊃ q)
------------------------------------------------------------------------------
-- Proof of subgoal₀.
------------------------------------------------------------------------------
proof₀ : Γ ⊢ subgoal₀
proof₀ =
(RAA
(resolve-thm ⊥ p
(resolve-thm p q
(simplify-thm q
(conjunct-thm (p ∨ q)
(canonicalize-thm ((¬ p) ∧ (p ∨ q))
(assume {Γ = Γ} (¬ subgoal₀))))
(conjunct-thm (¬ p)
(canonicalize-thm ((¬ p) ∧ (p ∨ q))
(assume {Γ = Γ} (¬ subgoal₀)))))
(conjunct-thm ((¬ q) ∨ p)
(canonicalize-thm (((¬ p) ∨ q) ∧ ((¬ q) ∨ p))
(weaken (¬ subgoal₀)
(assume {Γ = ∅} a₁)))))
(conjunct-thm (¬ p)
(canonicalize-thm ((¬ p) ∧ (p ∨ q))
(assume {Γ = Γ} (¬ subgoal₀))))))
------------------------------------------------------------------------------
-- Proof of subgoal₁.
------------------------------------------------------------------------------
proof₁ : Γ ⊢ subgoal₁
proof₁ =
(RAA
(simplify-thm ⊥
(canonicalize-thm ((¬ q) ∧ (p ∧ (p ∨ q)))
(assume {Γ = Γ} (¬ subgoal₁)))
(conjunct-thm ((¬ p) ∨ q)
(canonicalize-thm (((¬ p) ∨ q) ∧ ((¬ q) ∨ p))
(weaken (¬ subgoal₁)
(assume {Γ = ∅} a₁))))))
------------------------------------------------------------------------------
-- Proof of the goal.
------------------------------------------------------------------------------
proof : Γ ⊢ goal
proof =
⊃-elim
strip-thm
(∧-intro proof₀ proof₁)Now, we are ready to verify the Metis derivation by type-checking with Agda the reconstructed proof showed above. Make sure the Agda version is 2.6.0.1.
$ agda --version
Agda version 2.6.0.1
$ agda problem.agda
As we can see in the Agda code showed above, the term proof,
the proof-term of the Metis derivation is referring to the
proof-terms proof₀ and proof₁. Recall, Metis stripes the goal
into subgoals to prove it. Therefore, these terms are the proof-terms
for the refutations of the subgoals s₀ and s₁. We show in the
following sections the respective natural deduction trees for these
refutations.
For this subgoal, its respective TSTP derivation is the following:
fof(premise, axiom, (p ⊃ q) ∧ (q ⊃ p)).
fof(goal, conjecture, (p ∨ q) ⊃ (p ∧ q)).
fof(s₀, (p ∨ q) ⊃ p, inf(strip, goal)).
...
fof(neg₀, ¬ ((p ∨ q) ⊃ p), inf(negate, s₀)).
fof(n₀₀, (¬ p ∨ q) ∧ (¬ q ∨ p), inf(canonicalize, premise)).
fof(n₀₁, ¬ q ∨ p, inf(conjunct, n₀₀)).
fof(n₀₂, ¬ p ∧ (p ∨ q), inf(canonicalize, neg₀)).
fof(n₀₃, p ∨ q, inf(conjunct, n₀₂)).
fof(n₀₄, ¬ p, inf(conjunct, n₀₂)).
fof(n₀₅, q, inf(simplify, [n₀₃, n₀₄])).
cnf(r₀₀, ¬ q ∨ p, inf(canonicalize, n₀₁)).
cnf(r₀₁, q, inf(canonicalize, n₀₅)).
cnf(r₀₂, p, inf(resolve, q, [r₀₁, r₀₀])).
cnf(r₀₃, ¬ p, inf(canonicalize, n₀₄)).
cnf(r₀₄, ⊥, inf(resolve, p, [r₀₂, r₀₃])).
...
The refutation tree is the following:
For this subgoal, its respective TSTP derivation is the following:
fof(premise, axiom, (p ⊃ q) ∧ (q ⊃ p)).
...
fof(s₁, ((p ∨ q) ∧ p) ⊃ q, inf(strip, goal)).
...
fof(neg₁, ¬ (((p ∨ q) ∧ p) ⊃ q), inf(negate, s₁)).
fof(n₁₀, ¬ q ∧ p ∧ (p ∨ q), inf(canonicalize, neg₁)).
fof(n₁₁, (¬ p ∨ q) ∧ (¬ q ∨ p), inf(canonicalize, premise)).
fof(n₁₂, ¬ p ∨ q, inf(conjunct, n₁₁)).
fof(n₁₃, ⊥, inf(simplify, [n₁₀, n₁₂])).
cnf(r₁₀, ⊥, inf(canonicalize, n₁₃)).
The refutation tree is the following:
Remark : Metis does not print out the above proof where the explicit use of subgoals is necessary to prove the goal. In our Agda file we did.
Please report any inconsistency to improve this work by opening an issue. Thanks!