In [39]:
import DSL._, Constants._

[32mimport [39m[36mDSL._, Constants._[39m

De Bruijn indices are numbers that disambiguate each shadowed variable inside lambdas.

For example:

     λ(x : Natural) → λ(x : Natural) → 123 + x

This code shadows the outer `x` inside the inner lambda. An equivalent code without shadowing is:

     λ(x : Natural) → λ(t : Natural) → 123 + t

Here we just renamed the inner `x` to `t`. What if we do not want to rename `x` to `t` but still want to refer to the outer `x`?
In µDhall, we can write `x@1` for that:

     λ(x : Natural) → λ(x : Natural) → 123 + x@1

This code is equivalent to:

     λ(x : Natural) → λ(t : Natural) → 123 + x

The `1` in `x@1` is the de Bruijn index of the outer variable `x` when accessed from the inner scope.
De Bruijn indices are non-negative integers.

We usually do not write `x@0`, we write just `x`.

Each de Bruijn index points to a specific nested lambda in some outer scope for a variable with a given name. For example, in this code:

     λ(x : Natural) → λ(t : Natural) → λ(x : Natural) → 123 + x@1

the variable `x@1` still points to the outer `x`. The presence of another lambda with the argument `t` does not matter for counting the nested depth for `x`.

At top level, it is invalid to use an index that is greater than the number of nested lambdas. For example, these expressions are invalid at top level (as there cannot be any outer scope):

     λ(x : Natural) → 123 + x@1
     λ(x : Natural) → λ(x : Natural) → 123 + x@2

At top level, these expressions are just as invalid as the expression `123 + x` since we never defined `x`.

The variable `x` in the expression `123 + x` is considered **free**; meaning that it should be defined in the outer scope.
Similarly, `x@1` in `λ(x : Natural) → 123 + x@1` is free. It is invalid to have expressions with free variables at top level.
At the top level, all variables must be bound. Expressions with free variables must be within bodies of some functions that bind their free variables.

When a function of the form `λ x → ...` is applied to an argument, we will need to substitute the outer `x`. Then we may need to recalculate some de Bruijn indices.

Suppose we would like to evaluate a function applied to an argument in this code:

     ( (x : Natural) → λ(y : Natural) → λ(x : Natural) → x + x@1 + x@2 ) y

This expression has free variables `y` and `x@2`, so it can occur only within a function body that binds `x` and `y`. It is worth remarking that here we are about to evaluate an expression "under a lambda". That is, we are going to simplify the body of a function before applying that function.

To evaluate this expression correctly, we cannot simply substitute `y` instead of `x`. Instead:

- the outer `x` corresponds to `x@1` within the expression, so we need to substitute `y` instead of `x@1` while keeping `x` and `x@2` unchanged
- `y` is already bound in the inner scope; so, we need to write `y@1` instead of `y`, in order to refer to the free variable `y` in the outside scope
- as we remove the outer `x`, the free variable `x@2` will now become `x@1`.

So, we must evaluate the given expression like this:

     ( (x : Natural) → λ(y : Natural) → λ(x : Natural) → x + x@1 + x@2 ) y
       = 
     λ(y : Natural) → λ(x : Natural) → x + y@1 + x@1  

During a single substitution, sometimes we need to shift the index upwards by 1, and sometimes downwards by 1. Also note that the variable `x@0` was left unchanged: the decrementing of indices for `x` starts only at index `1` because we are in a scope under a `λ x`.

This motivates the general "shift" operation for working with de Bruijn indices. That operation is defined in the Dhall standard [here](https://github.com/dhall-lang/dhall-lang/blob/master/standard/shift.md) as a function of _four_ arguments:

     // d = +1 or d = -1: whether we will increment or decrement the indices
     // x is the variable symbol on which the indices will be shifted
     // m is the minimum index value for shifting; we will shift x@n only if n >= m
     // e1 is an expression where we will shift all bound variables named `x`
     // e2 is the resulting expression
     
     shift(d, x, m, e1) = e2

The Dhall documentation uses the "proof notation" for all definitions. The proof notation shows how to prove a desired statement (or "judgment") by proving some other statements first, or by referring to axioms. The equation `shift(d, x, m, e1) = e2` is seen as a judgment that the result of evaluating the `shift` function with some arguments happens to equal `e2`. But we prefer to interpret that equation as a recipe for computing `e2` given `d`, `x`, `m`, and `e1`.

Adapting the Dhall specification to µDhall, we write the following specification for `shift`, casing on each of the 9 expression types:

1. Variables get shifted if their index is above threshold:

       shift(d, x, m, x@n) = x@(n + d)  ; shift if n >= m
       shift(d, x, m, x@n) = x@n        ; no change if n < m
       shift(d, x, m, y@n) = y@n        ; no change if x and y are different symbols

3. All expressions other than lambdas, function types, and `let` expressions, will just recursively shift all their sub-expressions.
4. Lambdas and function types introduce a new bound variable, say `x`. If we are also shifting the symbol `x`, we will need to avoid shifting that new bound variable; so, we need to increment the threshold when descending into the body. Note however that in `λ(x : T)` the variable `x` is not in scope for its type `T`; so we do not need to increment the threshold when shifting `T`. The specification looks like this:
    ```
    shift(d, x, m, A₀) = A₁   shift(d, x, m + 1, b₀) = b₁
    ─────────────────────────────────────────────────────
    shift(d, x, m, λ(x : A₀) → b₀) = λ(x : A₁) → b₁


    shift(d, x, m, A₀) = A₁     shift(d, x, m, b₀) = b₁
    ───────────────────────────────────────────────────  ; x ≠ y
    shift(d, x, m, λ(y : A₀) → b₀) = λ(y : A₁) → b₁


    shift(d, x, m, A₀) = A₁   shift(d, x, m + 1, b₀) = b₁
    ─────────────────────────────────────────────────────
    shift(d, x, m, ∀(x : A₀) → b₀) = ∀(x : A₁) → b₁


    shift(d, x, m, A₀) = A₁     shift(d, x, m, b₀) = b₁
    ───────────────────────────────────────────────────  ; x ≠ y
    shift(d, x, m, ∀(y : A₀) → b₀) = ∀(y : A₁) → b₁
    ```
    When we shift a symbol that is not bound, we just recursively shift all sub-expressions.
5. The `let` expressions also introduce a bound variable:
   ```
   shift(d, x, m, a₀) = a₁
   shift(d, x, m + 1, b₀) = b₁
   ───────────────────────────────────────────────────
   shift(d, x, m, let x = a₀ in b₀) = let x = a₁ in b₁


   shift(d, x, m, b₀) = b₁     shift(d, x, m, a₀) = a₁
   ───────────────────────────────────────────────────  ; x ≠ y
   shift(d, x, m, let y = a₀ in b₀) = let y = a₁ in b₁   
   ```
6. All other expressions just recursively shift all their sub-expressions.

Now we are ready to write the code for the `shift` function.