src/ZF/Constructible/L_axioms.thy
author paulson
Tue Jul 30 11:39:57 2002 +0200 (2002-07-30)
changeset 13434 78b93a667c01
parent 13429 2232810416fc
child 13440 cdde97e1db1c
permissions -rw-r--r--
better sats rules for higher-order operators
     1 
     2 header {* The ZF Axioms (Except Separation) in L *}
     3 
     4 theory L_axioms = Formula + Relative + Reflection + MetaExists:
     5 
     6 text {* The class L satisfies the premises of locale @{text M_triv_axioms} *}
     7 
     8 lemma transL: "[| y\<in>x; L(x) |] ==> L(y)"
     9 apply (insert Transset_Lset)
    10 apply (simp add: Transset_def L_def, blast)
    11 done
    12 
    13 lemma nonempty: "L(0)"
    14 apply (simp add: L_def)
    15 apply (blast intro: zero_in_Lset)
    16 done
    17 
    18 lemma upair_ax: "upair_ax(L)"
    19 apply (simp add: upair_ax_def upair_def, clarify)
    20 apply (rule_tac x="{x,y}" in rexI)
    21 apply (simp_all add: doubleton_in_L)
    22 done
    23 
    24 lemma Union_ax: "Union_ax(L)"
    25 apply (simp add: Union_ax_def big_union_def, clarify)
    26 apply (rule_tac x="Union(x)" in rexI)
    27 apply (simp_all add: Union_in_L, auto)
    28 apply (blast intro: transL)
    29 done
    30 
    31 lemma power_ax: "power_ax(L)"
    32 apply (simp add: power_ax_def powerset_def Relative.subset_def, clarify)
    33 apply (rule_tac x="{y \<in> Pow(x). L(y)}" in rexI)
    34 apply (simp_all add: LPow_in_L, auto)
    35 apply (blast intro: transL)
    36 done
    37 
    38 subsubsection{*For L to satisfy Replacement *}
    39 
    40 (*Can't move these to Formula unless the definition of univalent is moved
    41 there too!*)
    42 
    43 lemma LReplace_in_Lset:
    44      "[|X \<in> Lset(i); univalent(L,X,Q); Ord(i)|]
    45       ==> \<exists>j. Ord(j) & Replace(X, %x y. Q(x,y) & L(y)) \<subseteq> Lset(j)"
    46 apply (rule_tac x="\<Union>y \<in> Replace(X, %x y. Q(x,y) & L(y)). succ(lrank(y))"
    47        in exI)
    48 apply simp
    49 apply clarify
    50 apply (rule_tac a=x in UN_I)
    51  apply (simp_all add: Replace_iff univalent_def)
    52 apply (blast dest: transL L_I)
    53 done
    54 
    55 lemma LReplace_in_L:
    56      "[|L(X); univalent(L,X,Q)|]
    57       ==> \<exists>Y. L(Y) & Replace(X, %x y. Q(x,y) & L(y)) \<subseteq> Y"
    58 apply (drule L_D, clarify)
    59 apply (drule LReplace_in_Lset, assumption+)
    60 apply (blast intro: L_I Lset_in_Lset_succ)
    61 done
    62 
    63 lemma replacement: "replacement(L,P)"
    64 apply (simp add: replacement_def, clarify)
    65 apply (frule LReplace_in_L, assumption+, clarify)
    66 apply (rule_tac x=Y in rexI)
    67 apply (simp_all add: Replace_iff univalent_def, blast)
    68 done
    69 
    70 subsection{*Instantiating the locale @{text M_triv_axioms}*}
    71 text{*No instances of Separation yet.*}
    72 
    73 lemma Lset_mono_le: "mono_le_subset(Lset)"
    74 by (simp add: mono_le_subset_def le_imp_subset Lset_mono)
    75 
    76 lemma Lset_cont: "cont_Ord(Lset)"
    77 by (simp add: cont_Ord_def Limit_Lset_eq OUnion_def Limit_is_Ord)
    78 
    79 lemmas Pair_in_Lset = Formula.Pair_in_LLimit
    80 
    81 lemmas L_nat = Ord_in_L [OF Ord_nat]
    82 
    83 theorem M_triv_axioms_L: "PROP M_triv_axioms(L)"
    84   apply (rule M_triv_axioms.intro)
    85         apply (erule (1) transL)
    86        apply (rule nonempty)
    87       apply (rule upair_ax)
    88      apply (rule Union_ax)
    89     apply (rule power_ax)
    90    apply (rule replacement)
    91   apply (rule L_nat)
    92   done
    93 
    94 lemmas rall_abs = M_triv_axioms.rall_abs [OF M_triv_axioms_L]
    95   and rex_abs = M_triv_axioms.rex_abs [OF M_triv_axioms_L]
    96   and ball_iff_equiv = M_triv_axioms.ball_iff_equiv [OF M_triv_axioms_L]
    97   and M_equalityI = M_triv_axioms.M_equalityI [OF M_triv_axioms_L]
    98   and empty_abs = M_triv_axioms.empty_abs [OF M_triv_axioms_L]
    99   and subset_abs = M_triv_axioms.subset_abs [OF M_triv_axioms_L]
   100   and upair_abs = M_triv_axioms.upair_abs [OF M_triv_axioms_L]
   101   and upair_in_M_iff = M_triv_axioms.upair_in_M_iff [OF M_triv_axioms_L]
   102   and singleton_in_M_iff = M_triv_axioms.singleton_in_M_iff [OF M_triv_axioms_L]
   103   and pair_abs = M_triv_axioms.pair_abs [OF M_triv_axioms_L]
   104   and pair_in_M_iff = M_triv_axioms.pair_in_M_iff [OF M_triv_axioms_L]
   105   and pair_components_in_M = M_triv_axioms.pair_components_in_M [OF M_triv_axioms_L]
   106   and cartprod_abs = M_triv_axioms.cartprod_abs [OF M_triv_axioms_L]
   107   and union_abs = M_triv_axioms.union_abs [OF M_triv_axioms_L]
   108   and inter_abs = M_triv_axioms.inter_abs [OF M_triv_axioms_L]
   109   and setdiff_abs = M_triv_axioms.setdiff_abs [OF M_triv_axioms_L]
   110   and Union_abs = M_triv_axioms.Union_abs [OF M_triv_axioms_L]
   111   and Union_closed = M_triv_axioms.Union_closed [OF M_triv_axioms_L]
   112   and Un_closed = M_triv_axioms.Un_closed [OF M_triv_axioms_L]
   113   and cons_closed = M_triv_axioms.cons_closed [OF M_triv_axioms_L]
   114   and successor_abs = M_triv_axioms.successor_abs [OF M_triv_axioms_L]
   115   and succ_in_M_iff = M_triv_axioms.succ_in_M_iff [OF M_triv_axioms_L]
   116   and separation_closed = M_triv_axioms.separation_closed [OF M_triv_axioms_L]
   117   and strong_replacementI = M_triv_axioms.strong_replacementI [OF M_triv_axioms_L]
   118   and strong_replacement_closed = M_triv_axioms.strong_replacement_closed [OF M_triv_axioms_L]
   119   and RepFun_closed = M_triv_axioms.RepFun_closed [OF M_triv_axioms_L]
   120   and lam_closed = M_triv_axioms.lam_closed [OF M_triv_axioms_L]
   121   and image_abs = M_triv_axioms.image_abs [OF M_triv_axioms_L]
   122   and powerset_Pow = M_triv_axioms.powerset_Pow [OF M_triv_axioms_L]
   123   and powerset_imp_subset_Pow = M_triv_axioms.powerset_imp_subset_Pow [OF M_triv_axioms_L]
   124   and nat_into_M = M_triv_axioms.nat_into_M [OF M_triv_axioms_L]
   125   and nat_case_closed = M_triv_axioms.nat_case_closed [OF M_triv_axioms_L]
   126   and Inl_in_M_iff = M_triv_axioms.Inl_in_M_iff [OF M_triv_axioms_L]
   127   and Inr_in_M_iff = M_triv_axioms.Inr_in_M_iff [OF M_triv_axioms_L]
   128   and lt_closed = M_triv_axioms.lt_closed [OF M_triv_axioms_L]
   129   and transitive_set_abs = M_triv_axioms.transitive_set_abs [OF M_triv_axioms_L]
   130   and ordinal_abs = M_triv_axioms.ordinal_abs [OF M_triv_axioms_L]
   131   and limit_ordinal_abs = M_triv_axioms.limit_ordinal_abs [OF M_triv_axioms_L]
   132   and successor_ordinal_abs = M_triv_axioms.successor_ordinal_abs [OF M_triv_axioms_L]
   133   and finite_ordinal_abs = M_triv_axioms.finite_ordinal_abs [OF M_triv_axioms_L]
   134   and omega_abs = M_triv_axioms.omega_abs [OF M_triv_axioms_L]
   135   and number1_abs = M_triv_axioms.number1_abs [OF M_triv_axioms_L]
   136   and number2_abs = M_triv_axioms.number2_abs [OF M_triv_axioms_L]
   137   and number3_abs = M_triv_axioms.number3_abs [OF M_triv_axioms_L]
   138 
   139 declare rall_abs [simp]
   140 declare rex_abs [simp]
   141 declare empty_abs [simp]
   142 declare subset_abs [simp]
   143 declare upair_abs [simp]
   144 declare upair_in_M_iff [iff]
   145 declare singleton_in_M_iff [iff]
   146 declare pair_abs [simp]
   147 declare pair_in_M_iff [iff]
   148 declare cartprod_abs [simp]
   149 declare union_abs [simp]
   150 declare inter_abs [simp]
   151 declare setdiff_abs [simp]
   152 declare Union_abs [simp]
   153 declare Union_closed [intro, simp]
   154 declare Un_closed [intro, simp]
   155 declare cons_closed [intro, simp]
   156 declare successor_abs [simp]
   157 declare succ_in_M_iff [iff]
   158 declare separation_closed [intro, simp]
   159 declare strong_replacementI
   160 declare strong_replacement_closed [intro, simp]
   161 declare RepFun_closed [intro, simp]
   162 declare lam_closed [intro, simp]
   163 declare image_abs [simp]
   164 declare nat_into_M [intro]
   165 declare Inl_in_M_iff [iff]
   166 declare Inr_in_M_iff [iff]
   167 declare transitive_set_abs [simp]
   168 declare ordinal_abs [simp]
   169 declare limit_ordinal_abs [simp]
   170 declare successor_ordinal_abs [simp]
   171 declare finite_ordinal_abs [simp]
   172 declare omega_abs [simp]
   173 declare number1_abs [simp]
   174 declare number2_abs [simp]
   175 declare number3_abs [simp]
   176 
   177 
   178 subsection{*Instantiation of the locale @{text reflection}*}
   179 
   180 text{*instances of locale constants*}
   181 constdefs
   182   L_F0 :: "[i=>o,i] => i"
   183     "L_F0(P,y) == \<mu>b. (\<exists>z. L(z) \<and> P(<y,z>)) --> (\<exists>z\<in>Lset(b). P(<y,z>))"
   184 
   185   L_FF :: "[i=>o,i] => i"
   186     "L_FF(P)   == \<lambda>a. \<Union>y\<in>Lset(a). L_F0(P,y)"
   187 
   188   L_ClEx :: "[i=>o,i] => o"
   189     "L_ClEx(P) == \<lambda>a. Limit(a) \<and> normalize(L_FF(P),a) = a"
   190 
   191 
   192 text{*We must use the meta-existential quantifier; otherwise the reflection
   193       terms become enormous!*}
   194 constdefs
   195   L_Reflects :: "[i=>o,[i,i]=>o] => prop"      ("(3REFLECTS/ [_,/ _])")
   196     "REFLECTS[P,Q] == (??Cl. Closed_Unbounded(Cl) &
   197                            (\<forall>a. Cl(a) --> (\<forall>x \<in> Lset(a). P(x) <-> Q(a,x))))"
   198 
   199 
   200 theorem Triv_reflection:
   201      "REFLECTS[P, \<lambda>a x. P(x)]"
   202 apply (simp add: L_Reflects_def)
   203 apply (rule meta_exI)
   204 apply (rule Closed_Unbounded_Ord)
   205 done
   206 
   207 theorem Not_reflection:
   208      "REFLECTS[P,Q] ==> REFLECTS[\<lambda>x. ~P(x), \<lambda>a x. ~Q(a,x)]"
   209 apply (unfold L_Reflects_def)
   210 apply (erule meta_exE)
   211 apply (rule_tac x=Cl in meta_exI, simp)
   212 done
   213 
   214 theorem And_reflection:
   215      "[| REFLECTS[P,Q]; REFLECTS[P',Q'] |]
   216       ==> REFLECTS[\<lambda>x. P(x) \<and> P'(x), \<lambda>a x. Q(a,x) \<and> Q'(a,x)]"
   217 apply (unfold L_Reflects_def)
   218 apply (elim meta_exE)
   219 apply (rule_tac x="\<lambda>a. Cl(a) \<and> Cla(a)" in meta_exI)
   220 apply (simp add: Closed_Unbounded_Int, blast)
   221 done
   222 
   223 theorem Or_reflection:
   224      "[| REFLECTS[P,Q]; REFLECTS[P',Q'] |]
   225       ==> REFLECTS[\<lambda>x. P(x) \<or> P'(x), \<lambda>a x. Q(a,x) \<or> Q'(a,x)]"
   226 apply (unfold L_Reflects_def)
   227 apply (elim meta_exE)
   228 apply (rule_tac x="\<lambda>a. Cl(a) \<and> Cla(a)" in meta_exI)
   229 apply (simp add: Closed_Unbounded_Int, blast)
   230 done
   231 
   232 theorem Imp_reflection:
   233      "[| REFLECTS[P,Q]; REFLECTS[P',Q'] |]
   234       ==> REFLECTS[\<lambda>x. P(x) --> P'(x), \<lambda>a x. Q(a,x) --> Q'(a,x)]"
   235 apply (unfold L_Reflects_def)
   236 apply (elim meta_exE)
   237 apply (rule_tac x="\<lambda>a. Cl(a) \<and> Cla(a)" in meta_exI)
   238 apply (simp add: Closed_Unbounded_Int, blast)
   239 done
   240 
   241 theorem Iff_reflection:
   242      "[| REFLECTS[P,Q]; REFLECTS[P',Q'] |]
   243       ==> REFLECTS[\<lambda>x. P(x) <-> P'(x), \<lambda>a x. Q(a,x) <-> Q'(a,x)]"
   244 apply (unfold L_Reflects_def)
   245 apply (elim meta_exE)
   246 apply (rule_tac x="\<lambda>a. Cl(a) \<and> Cla(a)" in meta_exI)
   247 apply (simp add: Closed_Unbounded_Int, blast)
   248 done
   249 
   250 
   251 lemma reflection_Lset: "reflection(Lset)"
   252 apply (blast intro: reflection.intro Lset_mono_le Lset_cont Pair_in_Lset) +
   253 done
   254 
   255 theorem Ex_reflection:
   256      "REFLECTS[\<lambda>x. P(fst(x),snd(x)), \<lambda>a x. Q(a,fst(x),snd(x))]
   257       ==> REFLECTS[\<lambda>x. \<exists>z. L(z) \<and> P(x,z), \<lambda>a x. \<exists>z\<in>Lset(a). Q(a,x,z)]"
   258 apply (unfold L_Reflects_def L_ClEx_def L_FF_def L_F0_def L_def)
   259 apply (elim meta_exE)
   260 apply (rule meta_exI)
   261 apply (erule reflection.Ex_reflection [OF reflection_Lset])
   262 done
   263 
   264 theorem All_reflection:
   265      "REFLECTS[\<lambda>x. P(fst(x),snd(x)), \<lambda>a x. Q(a,fst(x),snd(x))]
   266       ==> REFLECTS[\<lambda>x. \<forall>z. L(z) --> P(x,z), \<lambda>a x. \<forall>z\<in>Lset(a). Q(a,x,z)]"
   267 apply (unfold L_Reflects_def L_ClEx_def L_FF_def L_F0_def L_def)
   268 apply (elim meta_exE)
   269 apply (rule meta_exI)
   270 apply (erule reflection.All_reflection [OF reflection_Lset])
   271 done
   272 
   273 theorem Rex_reflection:
   274      "REFLECTS[ \<lambda>x. P(fst(x),snd(x)), \<lambda>a x. Q(a,fst(x),snd(x))]
   275       ==> REFLECTS[\<lambda>x. \<exists>z[L]. P(x,z), \<lambda>a x. \<exists>z\<in>Lset(a). Q(a,x,z)]"
   276 apply (unfold rex_def)
   277 apply (intro And_reflection Ex_reflection, assumption)
   278 done
   279 
   280 theorem Rall_reflection:
   281      "REFLECTS[\<lambda>x. P(fst(x),snd(x)), \<lambda>a x. Q(a,fst(x),snd(x))]
   282       ==> REFLECTS[\<lambda>x. \<forall>z[L]. P(x,z), \<lambda>a x. \<forall>z\<in>Lset(a). Q(a,x,z)]"
   283 apply (unfold rall_def)
   284 apply (intro Imp_reflection All_reflection, assumption)
   285 done
   286 
   287 lemmas FOL_reflections =
   288         Triv_reflection Not_reflection And_reflection Or_reflection
   289         Imp_reflection Iff_reflection Ex_reflection All_reflection
   290         Rex_reflection Rall_reflection
   291 
   292 lemma ReflectsD:
   293      "[|REFLECTS[P,Q]; Ord(i)|]
   294       ==> \<exists>j. i<j & (\<forall>x \<in> Lset(j). P(x) <-> Q(j,x))"
   295 apply (unfold L_Reflects_def Closed_Unbounded_def)
   296 apply (elim meta_exE, clarify)
   297 apply (blast dest!: UnboundedD)
   298 done
   299 
   300 lemma ReflectsE:
   301      "[| REFLECTS[P,Q]; Ord(i);
   302          !!j. [|i<j;  \<forall>x \<in> Lset(j). P(x) <-> Q(j,x)|] ==> R |]
   303       ==> R"
   304 apply (drule ReflectsD, assumption, blast)
   305 done
   306 
   307 lemma Collect_mem_eq: "{x\<in>A. x\<in>B} = A \<inter> B"
   308 by blast
   309 
   310 
   311 subsection{*Internalized Formulas for some Set-Theoretic Concepts*}
   312 
   313 lemmas setclass_simps = rall_setclass_is_ball rex_setclass_is_bex
   314 
   315 subsubsection{*Some numbers to help write de Bruijn indices*}
   316 
   317 syntax
   318     "3" :: i   ("3")
   319     "4" :: i   ("4")
   320     "5" :: i   ("5")
   321     "6" :: i   ("6")
   322     "7" :: i   ("7")
   323     "8" :: i   ("8")
   324     "9" :: i   ("9")
   325 
   326 translations
   327    "3"  == "succ(2)"
   328    "4"  == "succ(3)"
   329    "5"  == "succ(4)"
   330    "6"  == "succ(5)"
   331    "7"  == "succ(6)"
   332    "8"  == "succ(7)"
   333    "9"  == "succ(8)"
   334 
   335 
   336 subsubsection{*The Empty Set, Internalized*}
   337 
   338 constdefs empty_fm :: "i=>i"
   339     "empty_fm(x) == Forall(Neg(Member(0,succ(x))))"
   340 
   341 lemma empty_type [TC]:
   342      "x \<in> nat ==> empty_fm(x) \<in> formula"
   343 by (simp add: empty_fm_def)
   344 
   345 lemma arity_empty_fm [simp]:
   346      "x \<in> nat ==> arity(empty_fm(x)) = succ(x)"
   347 by (simp add: empty_fm_def succ_Un_distrib [symmetric] Un_ac)
   348 
   349 lemma sats_empty_fm [simp]:
   350    "[| x \<in> nat; env \<in> list(A)|]
   351     ==> sats(A, empty_fm(x), env) <-> empty(**A, nth(x,env))"
   352 by (simp add: empty_fm_def empty_def)
   353 
   354 lemma empty_iff_sats:
   355       "[| nth(i,env) = x; nth(j,env) = y;
   356           i \<in> nat; env \<in> list(A)|]
   357        ==> empty(**A, x) <-> sats(A, empty_fm(i), env)"
   358 by simp
   359 
   360 theorem empty_reflection:
   361      "REFLECTS[\<lambda>x. empty(L,f(x)),
   362                \<lambda>i x. empty(**Lset(i),f(x))]"
   363 apply (simp only: empty_def setclass_simps)
   364 apply (intro FOL_reflections)
   365 done
   366 
   367 text{*Not used.  But maybe useful?*}
   368 lemma Transset_sats_empty_fm_eq_0:
   369    "[| n \<in> nat; env \<in> list(A); Transset(A)|]
   370     ==> sats(A, empty_fm(n), env) <-> nth(n,env) = 0"
   371 apply (simp add: empty_fm_def empty_def Transset_def, auto)
   372 apply (case_tac "n < length(env)")
   373 apply (frule nth_type, assumption+, blast)
   374 apply (simp_all add: not_lt_iff_le nth_eq_0)
   375 done
   376 
   377 
   378 subsubsection{*Unordered Pairs, Internalized*}
   379 
   380 constdefs upair_fm :: "[i,i,i]=>i"
   381     "upair_fm(x,y,z) ==
   382        And(Member(x,z),
   383            And(Member(y,z),
   384                Forall(Implies(Member(0,succ(z)),
   385                               Or(Equal(0,succ(x)), Equal(0,succ(y)))))))"
   386 
   387 lemma upair_type [TC]:
   388      "[| x \<in> nat; y \<in> nat; z \<in> nat |] ==> upair_fm(x,y,z) \<in> formula"
   389 by (simp add: upair_fm_def)
   390 
   391 lemma arity_upair_fm [simp]:
   392      "[| x \<in> nat; y \<in> nat; z \<in> nat |]
   393       ==> arity(upair_fm(x,y,z)) = succ(x) \<union> succ(y) \<union> succ(z)"
   394 by (simp add: upair_fm_def succ_Un_distrib [symmetric] Un_ac)
   395 
   396 lemma sats_upair_fm [simp]:
   397    "[| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)|]
   398     ==> sats(A, upair_fm(x,y,z), env) <->
   399             upair(**A, nth(x,env), nth(y,env), nth(z,env))"
   400 by (simp add: upair_fm_def upair_def)
   401 
   402 lemma upair_iff_sats:
   403       "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
   404           i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)|]
   405        ==> upair(**A, x, y, z) <-> sats(A, upair_fm(i,j,k), env)"
   406 by (simp add: sats_upair_fm)
   407 
   408 text{*Useful? At least it refers to "real" unordered pairs*}
   409 lemma sats_upair_fm2 [simp]:
   410    "[| x \<in> nat; y \<in> nat; z < length(env); env \<in> list(A); Transset(A)|]
   411     ==> sats(A, upair_fm(x,y,z), env) <->
   412         nth(z,env) = {nth(x,env), nth(y,env)}"
   413 apply (frule lt_length_in_nat, assumption)
   414 apply (simp add: upair_fm_def Transset_def, auto)
   415 apply (blast intro: nth_type)
   416 done
   417 
   418 theorem upair_reflection:
   419      "REFLECTS[\<lambda>x. upair(L,f(x),g(x),h(x)),
   420                \<lambda>i x. upair(**Lset(i),f(x),g(x),h(x))]"
   421 apply (simp add: upair_def)
   422 apply (intro FOL_reflections)
   423 done
   424 
   425 subsubsection{*Ordered pairs, Internalized*}
   426 
   427 constdefs pair_fm :: "[i,i,i]=>i"
   428     "pair_fm(x,y,z) ==
   429        Exists(And(upair_fm(succ(x),succ(x),0),
   430               Exists(And(upair_fm(succ(succ(x)),succ(succ(y)),0),
   431                          upair_fm(1,0,succ(succ(z)))))))"
   432 
   433 lemma pair_type [TC]:
   434      "[| x \<in> nat; y \<in> nat; z \<in> nat |] ==> pair_fm(x,y,z) \<in> formula"
   435 by (simp add: pair_fm_def)
   436 
   437 lemma arity_pair_fm [simp]:
   438      "[| x \<in> nat; y \<in> nat; z \<in> nat |]
   439       ==> arity(pair_fm(x,y,z)) = succ(x) \<union> succ(y) \<union> succ(z)"
   440 by (simp add: pair_fm_def succ_Un_distrib [symmetric] Un_ac)
   441 
   442 lemma sats_pair_fm [simp]:
   443    "[| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)|]
   444     ==> sats(A, pair_fm(x,y,z), env) <->
   445         pair(**A, nth(x,env), nth(y,env), nth(z,env))"
   446 by (simp add: pair_fm_def pair_def)
   447 
   448 lemma pair_iff_sats:
   449       "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
   450           i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)|]
   451        ==> pair(**A, x, y, z) <-> sats(A, pair_fm(i,j,k), env)"
   452 by (simp add: sats_pair_fm)
   453 
   454 theorem pair_reflection:
   455      "REFLECTS[\<lambda>x. pair(L,f(x),g(x),h(x)),
   456                \<lambda>i x. pair(**Lset(i),f(x),g(x),h(x))]"
   457 apply (simp only: pair_def setclass_simps)
   458 apply (intro FOL_reflections upair_reflection)
   459 done
   460 
   461 
   462 subsubsection{*Binary Unions, Internalized*}
   463 
   464 constdefs union_fm :: "[i,i,i]=>i"
   465     "union_fm(x,y,z) ==
   466        Forall(Iff(Member(0,succ(z)),
   467                   Or(Member(0,succ(x)),Member(0,succ(y)))))"
   468 
   469 lemma union_type [TC]:
   470      "[| x \<in> nat; y \<in> nat; z \<in> nat |] ==> union_fm(x,y,z) \<in> formula"
   471 by (simp add: union_fm_def)
   472 
   473 lemma arity_union_fm [simp]:
   474      "[| x \<in> nat; y \<in> nat; z \<in> nat |]
   475       ==> arity(union_fm(x,y,z)) = succ(x) \<union> succ(y) \<union> succ(z)"
   476 by (simp add: union_fm_def succ_Un_distrib [symmetric] Un_ac)
   477 
   478 lemma sats_union_fm [simp]:
   479    "[| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)|]
   480     ==> sats(A, union_fm(x,y,z), env) <->
   481         union(**A, nth(x,env), nth(y,env), nth(z,env))"
   482 by (simp add: union_fm_def union_def)
   483 
   484 lemma union_iff_sats:
   485       "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
   486           i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)|]
   487        ==> union(**A, x, y, z) <-> sats(A, union_fm(i,j,k), env)"
   488 by (simp add: sats_union_fm)
   489 
   490 theorem union_reflection:
   491      "REFLECTS[\<lambda>x. union(L,f(x),g(x),h(x)),
   492                \<lambda>i x. union(**Lset(i),f(x),g(x),h(x))]"
   493 apply (simp only: union_def setclass_simps)
   494 apply (intro FOL_reflections)
   495 done
   496 
   497 
   498 subsubsection{*Set ``Cons,'' Internalized*}
   499 
   500 constdefs cons_fm :: "[i,i,i]=>i"
   501     "cons_fm(x,y,z) ==
   502        Exists(And(upair_fm(succ(x),succ(x),0),
   503                   union_fm(0,succ(y),succ(z))))"
   504 
   505 
   506 lemma cons_type [TC]:
   507      "[| x \<in> nat; y \<in> nat; z \<in> nat |] ==> cons_fm(x,y,z) \<in> formula"
   508 by (simp add: cons_fm_def)
   509 
   510 lemma arity_cons_fm [simp]:
   511      "[| x \<in> nat; y \<in> nat; z \<in> nat |]
   512       ==> arity(cons_fm(x,y,z)) = succ(x) \<union> succ(y) \<union> succ(z)"
   513 by (simp add: cons_fm_def succ_Un_distrib [symmetric] Un_ac)
   514 
   515 lemma sats_cons_fm [simp]:
   516    "[| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)|]
   517     ==> sats(A, cons_fm(x,y,z), env) <->
   518         is_cons(**A, nth(x,env), nth(y,env), nth(z,env))"
   519 by (simp add: cons_fm_def is_cons_def)
   520 
   521 lemma cons_iff_sats:
   522       "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
   523           i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)|]
   524        ==> is_cons(**A, x, y, z) <-> sats(A, cons_fm(i,j,k), env)"
   525 by simp
   526 
   527 theorem cons_reflection:
   528      "REFLECTS[\<lambda>x. is_cons(L,f(x),g(x),h(x)),
   529                \<lambda>i x. is_cons(**Lset(i),f(x),g(x),h(x))]"
   530 apply (simp only: is_cons_def setclass_simps)
   531 apply (intro FOL_reflections upair_reflection union_reflection)
   532 done
   533 
   534 
   535 subsubsection{*Successor Function, Internalized*}
   536 
   537 constdefs succ_fm :: "[i,i]=>i"
   538     "succ_fm(x,y) == cons_fm(x,x,y)"
   539 
   540 lemma succ_type [TC]:
   541      "[| x \<in> nat; y \<in> nat |] ==> succ_fm(x,y) \<in> formula"
   542 by (simp add: succ_fm_def)
   543 
   544 lemma arity_succ_fm [simp]:
   545      "[| x \<in> nat; y \<in> nat |]
   546       ==> arity(succ_fm(x,y)) = succ(x) \<union> succ(y)"
   547 by (simp add: succ_fm_def)
   548 
   549 lemma sats_succ_fm [simp]:
   550    "[| x \<in> nat; y \<in> nat; env \<in> list(A)|]
   551     ==> sats(A, succ_fm(x,y), env) <->
   552         successor(**A, nth(x,env), nth(y,env))"
   553 by (simp add: succ_fm_def successor_def)
   554 
   555 lemma successor_iff_sats:
   556       "[| nth(i,env) = x; nth(j,env) = y;
   557           i \<in> nat; j \<in> nat; env \<in> list(A)|]
   558        ==> successor(**A, x, y) <-> sats(A, succ_fm(i,j), env)"
   559 by simp
   560 
   561 theorem successor_reflection:
   562      "REFLECTS[\<lambda>x. successor(L,f(x),g(x)),
   563                \<lambda>i x. successor(**Lset(i),f(x),g(x))]"
   564 apply (simp only: successor_def setclass_simps)
   565 apply (intro cons_reflection)
   566 done
   567 
   568 
   569 subsubsection{*The Number 1, Internalized*}
   570 
   571 (* "number1(M,a) == (\<exists>x[M]. empty(M,x) & successor(M,x,a))" *)
   572 constdefs number1_fm :: "i=>i"
   573     "number1_fm(a) == Exists(And(empty_fm(0), succ_fm(0,succ(a))))"
   574 
   575 lemma number1_type [TC]:
   576      "x \<in> nat ==> number1_fm(x) \<in> formula"
   577 by (simp add: number1_fm_def)
   578 
   579 lemma arity_number1_fm [simp]:
   580      "x \<in> nat ==> arity(number1_fm(x)) = succ(x)"
   581 by (simp add: number1_fm_def succ_Un_distrib [symmetric] Un_ac)
   582 
   583 lemma sats_number1_fm [simp]:
   584    "[| x \<in> nat; env \<in> list(A)|]
   585     ==> sats(A, number1_fm(x), env) <-> number1(**A, nth(x,env))"
   586 by (simp add: number1_fm_def number1_def)
   587 
   588 lemma number1_iff_sats:
   589       "[| nth(i,env) = x; nth(j,env) = y;
   590           i \<in> nat; env \<in> list(A)|]
   591        ==> number1(**A, x) <-> sats(A, number1_fm(i), env)"
   592 by simp
   593 
   594 theorem number1_reflection:
   595      "REFLECTS[\<lambda>x. number1(L,f(x)),
   596                \<lambda>i x. number1(**Lset(i),f(x))]"
   597 apply (simp only: number1_def setclass_simps)
   598 apply (intro FOL_reflections empty_reflection successor_reflection)
   599 done
   600 
   601 
   602 subsubsection{*Big Union, Internalized*}
   603 
   604 (*  "big_union(M,A,z) == \<forall>x[M]. x \<in> z <-> (\<exists>y[M]. y\<in>A & x \<in> y)" *)
   605 constdefs big_union_fm :: "[i,i]=>i"
   606     "big_union_fm(A,z) ==
   607        Forall(Iff(Member(0,succ(z)),
   608                   Exists(And(Member(0,succ(succ(A))), Member(1,0)))))"
   609 
   610 lemma big_union_type [TC]:
   611      "[| x \<in> nat; y \<in> nat |] ==> big_union_fm(x,y) \<in> formula"
   612 by (simp add: big_union_fm_def)
   613 
   614 lemma arity_big_union_fm [simp]:
   615      "[| x \<in> nat; y \<in> nat |]
   616       ==> arity(big_union_fm(x,y)) = succ(x) \<union> succ(y)"
   617 by (simp add: big_union_fm_def succ_Un_distrib [symmetric] Un_ac)
   618 
   619 lemma sats_big_union_fm [simp]:
   620    "[| x \<in> nat; y \<in> nat; env \<in> list(A)|]
   621     ==> sats(A, big_union_fm(x,y), env) <->
   622         big_union(**A, nth(x,env), nth(y,env))"
   623 by (simp add: big_union_fm_def big_union_def)
   624 
   625 lemma big_union_iff_sats:
   626       "[| nth(i,env) = x; nth(j,env) = y;
   627           i \<in> nat; j \<in> nat; env \<in> list(A)|]
   628        ==> big_union(**A, x, y) <-> sats(A, big_union_fm(i,j), env)"
   629 by simp
   630 
   631 theorem big_union_reflection:
   632      "REFLECTS[\<lambda>x. big_union(L,f(x),g(x)),
   633                \<lambda>i x. big_union(**Lset(i),f(x),g(x))]"
   634 apply (simp only: big_union_def setclass_simps)
   635 apply (intro FOL_reflections)
   636 done
   637 
   638 
   639 subsubsection{*Variants of Satisfaction Definitions for Ordinals, etc.*}
   640 
   641 text{*Differs from the one in Formula by using "ordinal" rather than "Ord"*}
   642 
   643 
   644 lemma sats_subset_fm':
   645    "[|x \<in> nat; y \<in> nat; env \<in> list(A)|]
   646     ==> sats(A, subset_fm(x,y), env) <-> subset(**A, nth(x,env), nth(y,env))"
   647 by (simp add: subset_fm_def Relative.subset_def)
   648 
   649 theorem subset_reflection:
   650      "REFLECTS[\<lambda>x. subset(L,f(x),g(x)),
   651                \<lambda>i x. subset(**Lset(i),f(x),g(x))]"
   652 apply (simp only: Relative.subset_def setclass_simps)
   653 apply (intro FOL_reflections)
   654 done
   655 
   656 lemma sats_transset_fm':
   657    "[|x \<in> nat; env \<in> list(A)|]
   658     ==> sats(A, transset_fm(x), env) <-> transitive_set(**A, nth(x,env))"
   659 by (simp add: sats_subset_fm' transset_fm_def transitive_set_def)
   660 
   661 theorem transitive_set_reflection:
   662      "REFLECTS[\<lambda>x. transitive_set(L,f(x)),
   663                \<lambda>i x. transitive_set(**Lset(i),f(x))]"
   664 apply (simp only: transitive_set_def setclass_simps)
   665 apply (intro FOL_reflections subset_reflection)
   666 done
   667 
   668 lemma sats_ordinal_fm':
   669    "[|x \<in> nat; env \<in> list(A)|]
   670     ==> sats(A, ordinal_fm(x), env) <-> ordinal(**A,nth(x,env))"
   671 by (simp add: sats_transset_fm' ordinal_fm_def ordinal_def)
   672 
   673 lemma ordinal_iff_sats:
   674       "[| nth(i,env) = x;  i \<in> nat; env \<in> list(A)|]
   675        ==> ordinal(**A, x) <-> sats(A, ordinal_fm(i), env)"
   676 by (simp add: sats_ordinal_fm')
   677 
   678 theorem ordinal_reflection:
   679      "REFLECTS[\<lambda>x. ordinal(L,f(x)), \<lambda>i x. ordinal(**Lset(i),f(x))]"
   680 apply (simp only: ordinal_def setclass_simps)
   681 apply (intro FOL_reflections transitive_set_reflection)
   682 done
   683 
   684 
   685 subsubsection{*Membership Relation, Internalized*}
   686 
   687 constdefs Memrel_fm :: "[i,i]=>i"
   688     "Memrel_fm(A,r) ==
   689        Forall(Iff(Member(0,succ(r)),
   690                   Exists(And(Member(0,succ(succ(A))),
   691                              Exists(And(Member(0,succ(succ(succ(A)))),
   692                                         And(Member(1,0),
   693                                             pair_fm(1,0,2))))))))"
   694 
   695 lemma Memrel_type [TC]:
   696      "[| x \<in> nat; y \<in> nat |] ==> Memrel_fm(x,y) \<in> formula"
   697 by (simp add: Memrel_fm_def)
   698 
   699 lemma arity_Memrel_fm [simp]:
   700      "[| x \<in> nat; y \<in> nat |]
   701       ==> arity(Memrel_fm(x,y)) = succ(x) \<union> succ(y)"
   702 by (simp add: Memrel_fm_def succ_Un_distrib [symmetric] Un_ac)
   703 
   704 lemma sats_Memrel_fm [simp]:
   705    "[| x \<in> nat; y \<in> nat; env \<in> list(A)|]
   706     ==> sats(A, Memrel_fm(x,y), env) <->
   707         membership(**A, nth(x,env), nth(y,env))"
   708 by (simp add: Memrel_fm_def membership_def)
   709 
   710 lemma Memrel_iff_sats:
   711       "[| nth(i,env) = x; nth(j,env) = y;
   712           i \<in> nat; j \<in> nat; env \<in> list(A)|]
   713        ==> membership(**A, x, y) <-> sats(A, Memrel_fm(i,j), env)"
   714 by simp
   715 
   716 theorem membership_reflection:
   717      "REFLECTS[\<lambda>x. membership(L,f(x),g(x)),
   718                \<lambda>i x. membership(**Lset(i),f(x),g(x))]"
   719 apply (simp only: membership_def setclass_simps)
   720 apply (intro FOL_reflections pair_reflection)
   721 done
   722 
   723 subsubsection{*Predecessor Set, Internalized*}
   724 
   725 constdefs pred_set_fm :: "[i,i,i,i]=>i"
   726     "pred_set_fm(A,x,r,B) ==
   727        Forall(Iff(Member(0,succ(B)),
   728                   Exists(And(Member(0,succ(succ(r))),
   729                              And(Member(1,succ(succ(A))),
   730                                  pair_fm(1,succ(succ(x)),0))))))"
   731 
   732 
   733 lemma pred_set_type [TC]:
   734      "[| A \<in> nat; x \<in> nat; r \<in> nat; B \<in> nat |]
   735       ==> pred_set_fm(A,x,r,B) \<in> formula"
   736 by (simp add: pred_set_fm_def)
   737 
   738 lemma arity_pred_set_fm [simp]:
   739    "[| A \<in> nat; x \<in> nat; r \<in> nat; B \<in> nat |]
   740     ==> arity(pred_set_fm(A,x,r,B)) = succ(A) \<union> succ(x) \<union> succ(r) \<union> succ(B)"
   741 by (simp add: pred_set_fm_def succ_Un_distrib [symmetric] Un_ac)
   742 
   743 lemma sats_pred_set_fm [simp]:
   744    "[| U \<in> nat; x \<in> nat; r \<in> nat; B \<in> nat; env \<in> list(A)|]
   745     ==> sats(A, pred_set_fm(U,x,r,B), env) <->
   746         pred_set(**A, nth(U,env), nth(x,env), nth(r,env), nth(B,env))"
   747 by (simp add: pred_set_fm_def pred_set_def)
   748 
   749 lemma pred_set_iff_sats:
   750       "[| nth(i,env) = U; nth(j,env) = x; nth(k,env) = r; nth(l,env) = B;
   751           i \<in> nat; j \<in> nat; k \<in> nat; l \<in> nat; env \<in> list(A)|]
   752        ==> pred_set(**A,U,x,r,B) <-> sats(A, pred_set_fm(i,j,k,l), env)"
   753 by (simp add: sats_pred_set_fm)
   754 
   755 theorem pred_set_reflection:
   756      "REFLECTS[\<lambda>x. pred_set(L,f(x),g(x),h(x),b(x)),
   757                \<lambda>i x. pred_set(**Lset(i),f(x),g(x),h(x),b(x))]"
   758 apply (simp only: pred_set_def setclass_simps)
   759 apply (intro FOL_reflections pair_reflection)
   760 done
   761 
   762 
   763 
   764 subsubsection{*Domain of a Relation, Internalized*}
   765 
   766 (* "is_domain(M,r,z) ==
   767         \<forall>x[M]. (x \<in> z <-> (\<exists>w[M]. w\<in>r & (\<exists>y[M]. pair(M,x,y,w))))" *)
   768 constdefs domain_fm :: "[i,i]=>i"
   769     "domain_fm(r,z) ==
   770        Forall(Iff(Member(0,succ(z)),
   771                   Exists(And(Member(0,succ(succ(r))),
   772                              Exists(pair_fm(2,0,1))))))"
   773 
   774 lemma domain_type [TC]:
   775      "[| x \<in> nat; y \<in> nat |] ==> domain_fm(x,y) \<in> formula"
   776 by (simp add: domain_fm_def)
   777 
   778 lemma arity_domain_fm [simp]:
   779      "[| x \<in> nat; y \<in> nat |]
   780       ==> arity(domain_fm(x,y)) = succ(x) \<union> succ(y)"
   781 by (simp add: domain_fm_def succ_Un_distrib [symmetric] Un_ac)
   782 
   783 lemma sats_domain_fm [simp]:
   784    "[| x \<in> nat; y \<in> nat; env \<in> list(A)|]
   785     ==> sats(A, domain_fm(x,y), env) <->
   786         is_domain(**A, nth(x,env), nth(y,env))"
   787 by (simp add: domain_fm_def is_domain_def)
   788 
   789 lemma domain_iff_sats:
   790       "[| nth(i,env) = x; nth(j,env) = y;
   791           i \<in> nat; j \<in> nat; env \<in> list(A)|]
   792        ==> is_domain(**A, x, y) <-> sats(A, domain_fm(i,j), env)"
   793 by simp
   794 
   795 theorem domain_reflection:
   796      "REFLECTS[\<lambda>x. is_domain(L,f(x),g(x)),
   797                \<lambda>i x. is_domain(**Lset(i),f(x),g(x))]"
   798 apply (simp only: is_domain_def setclass_simps)
   799 apply (intro FOL_reflections pair_reflection)
   800 done
   801 
   802 
   803 subsubsection{*Range of a Relation, Internalized*}
   804 
   805 (* "is_range(M,r,z) ==
   806         \<forall>y[M]. (y \<in> z <-> (\<exists>w[M]. w\<in>r & (\<exists>x[M]. pair(M,x,y,w))))" *)
   807 constdefs range_fm :: "[i,i]=>i"
   808     "range_fm(r,z) ==
   809        Forall(Iff(Member(0,succ(z)),
   810                   Exists(And(Member(0,succ(succ(r))),
   811                              Exists(pair_fm(0,2,1))))))"
   812 
   813 lemma range_type [TC]:
   814      "[| x \<in> nat; y \<in> nat |] ==> range_fm(x,y) \<in> formula"
   815 by (simp add: range_fm_def)
   816 
   817 lemma arity_range_fm [simp]:
   818      "[| x \<in> nat; y \<in> nat |]
   819       ==> arity(range_fm(x,y)) = succ(x) \<union> succ(y)"
   820 by (simp add: range_fm_def succ_Un_distrib [symmetric] Un_ac)
   821 
   822 lemma sats_range_fm [simp]:
   823    "[| x \<in> nat; y \<in> nat; env \<in> list(A)|]
   824     ==> sats(A, range_fm(x,y), env) <->
   825         is_range(**A, nth(x,env), nth(y,env))"
   826 by (simp add: range_fm_def is_range_def)
   827 
   828 lemma range_iff_sats:
   829       "[| nth(i,env) = x; nth(j,env) = y;
   830           i \<in> nat; j \<in> nat; env \<in> list(A)|]
   831        ==> is_range(**A, x, y) <-> sats(A, range_fm(i,j), env)"
   832 by simp
   833 
   834 theorem range_reflection:
   835      "REFLECTS[\<lambda>x. is_range(L,f(x),g(x)),
   836                \<lambda>i x. is_range(**Lset(i),f(x),g(x))]"
   837 apply (simp only: is_range_def setclass_simps)
   838 apply (intro FOL_reflections pair_reflection)
   839 done
   840 
   841 
   842 subsubsection{*Field of a Relation, Internalized*}
   843 
   844 (* "is_field(M,r,z) ==
   845         \<exists>dr[M]. is_domain(M,r,dr) &
   846             (\<exists>rr[M]. is_range(M,r,rr) & union(M,dr,rr,z))" *)
   847 constdefs field_fm :: "[i,i]=>i"
   848     "field_fm(r,z) ==
   849        Exists(And(domain_fm(succ(r),0),
   850               Exists(And(range_fm(succ(succ(r)),0),
   851                          union_fm(1,0,succ(succ(z)))))))"
   852 
   853 lemma field_type [TC]:
   854      "[| x \<in> nat; y \<in> nat |] ==> field_fm(x,y) \<in> formula"
   855 by (simp add: field_fm_def)
   856 
   857 lemma arity_field_fm [simp]:
   858      "[| x \<in> nat; y \<in> nat |]
   859       ==> arity(field_fm(x,y)) = succ(x) \<union> succ(y)"
   860 by (simp add: field_fm_def succ_Un_distrib [symmetric] Un_ac)
   861 
   862 lemma sats_field_fm [simp]:
   863    "[| x \<in> nat; y \<in> nat; env \<in> list(A)|]
   864     ==> sats(A, field_fm(x,y), env) <->
   865         is_field(**A, nth(x,env), nth(y,env))"
   866 by (simp add: field_fm_def is_field_def)
   867 
   868 lemma field_iff_sats:
   869       "[| nth(i,env) = x; nth(j,env) = y;
   870           i \<in> nat; j \<in> nat; env \<in> list(A)|]
   871        ==> is_field(**A, x, y) <-> sats(A, field_fm(i,j), env)"
   872 by simp
   873 
   874 theorem field_reflection:
   875      "REFLECTS[\<lambda>x. is_field(L,f(x),g(x)),
   876                \<lambda>i x. is_field(**Lset(i),f(x),g(x))]"
   877 apply (simp only: is_field_def setclass_simps)
   878 apply (intro FOL_reflections domain_reflection range_reflection
   879              union_reflection)
   880 done
   881 
   882 
   883 subsubsection{*Image under a Relation, Internalized*}
   884 
   885 (* "image(M,r,A,z) ==
   886         \<forall>y[M]. (y \<in> z <-> (\<exists>w[M]. w\<in>r & (\<exists>x[M]. x\<in>A & pair(M,x,y,w))))" *)
   887 constdefs image_fm :: "[i,i,i]=>i"
   888     "image_fm(r,A,z) ==
   889        Forall(Iff(Member(0,succ(z)),
   890                   Exists(And(Member(0,succ(succ(r))),
   891                              Exists(And(Member(0,succ(succ(succ(A)))),
   892                                         pair_fm(0,2,1)))))))"
   893 
   894 lemma image_type [TC]:
   895      "[| x \<in> nat; y \<in> nat; z \<in> nat |] ==> image_fm(x,y,z) \<in> formula"
   896 by (simp add: image_fm_def)
   897 
   898 lemma arity_image_fm [simp]:
   899      "[| x \<in> nat; y \<in> nat; z \<in> nat |]
   900       ==> arity(image_fm(x,y,z)) = succ(x) \<union> succ(y) \<union> succ(z)"
   901 by (simp add: image_fm_def succ_Un_distrib [symmetric] Un_ac)
   902 
   903 lemma sats_image_fm [simp]:
   904    "[| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)|]
   905     ==> sats(A, image_fm(x,y,z), env) <->
   906         image(**A, nth(x,env), nth(y,env), nth(z,env))"
   907 by (simp add: image_fm_def Relative.image_def)
   908 
   909 lemma image_iff_sats:
   910       "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
   911           i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)|]
   912        ==> image(**A, x, y, z) <-> sats(A, image_fm(i,j,k), env)"
   913 by (simp add: sats_image_fm)
   914 
   915 theorem image_reflection:
   916      "REFLECTS[\<lambda>x. image(L,f(x),g(x),h(x)),
   917                \<lambda>i x. image(**Lset(i),f(x),g(x),h(x))]"
   918 apply (simp only: Relative.image_def setclass_simps)
   919 apply (intro FOL_reflections pair_reflection)
   920 done
   921 
   922 
   923 subsubsection{*Pre-Image under a Relation, Internalized*}
   924 
   925 (* "pre_image(M,r,A,z) ==
   926         \<forall>x[M]. x \<in> z <-> (\<exists>w[M]. w\<in>r & (\<exists>y[M]. y\<in>A & pair(M,x,y,w)))" *)
   927 constdefs pre_image_fm :: "[i,i,i]=>i"
   928     "pre_image_fm(r,A,z) ==
   929        Forall(Iff(Member(0,succ(z)),
   930                   Exists(And(Member(0,succ(succ(r))),
   931                              Exists(And(Member(0,succ(succ(succ(A)))),
   932                                         pair_fm(2,0,1)))))))"
   933 
   934 lemma pre_image_type [TC]:
   935      "[| x \<in> nat; y \<in> nat; z \<in> nat |] ==> pre_image_fm(x,y,z) \<in> formula"
   936 by (simp add: pre_image_fm_def)
   937 
   938 lemma arity_pre_image_fm [simp]:
   939      "[| x \<in> nat; y \<in> nat; z \<in> nat |]
   940       ==> arity(pre_image_fm(x,y,z)) = succ(x) \<union> succ(y) \<union> succ(z)"
   941 by (simp add: pre_image_fm_def succ_Un_distrib [symmetric] Un_ac)
   942 
   943 lemma sats_pre_image_fm [simp]:
   944    "[| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)|]
   945     ==> sats(A, pre_image_fm(x,y,z), env) <->
   946         pre_image(**A, nth(x,env), nth(y,env), nth(z,env))"
   947 by (simp add: pre_image_fm_def Relative.pre_image_def)
   948 
   949 lemma pre_image_iff_sats:
   950       "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
   951           i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)|]
   952        ==> pre_image(**A, x, y, z) <-> sats(A, pre_image_fm(i,j,k), env)"
   953 by (simp add: sats_pre_image_fm)
   954 
   955 theorem pre_image_reflection:
   956      "REFLECTS[\<lambda>x. pre_image(L,f(x),g(x),h(x)),
   957                \<lambda>i x. pre_image(**Lset(i),f(x),g(x),h(x))]"
   958 apply (simp only: Relative.pre_image_def setclass_simps)
   959 apply (intro FOL_reflections pair_reflection)
   960 done
   961 
   962 
   963 subsubsection{*Function Application, Internalized*}
   964 
   965 (* "fun_apply(M,f,x,y) ==
   966         (\<exists>xs[M]. \<exists>fxs[M].
   967          upair(M,x,x,xs) & image(M,f,xs,fxs) & big_union(M,fxs,y))" *)
   968 constdefs fun_apply_fm :: "[i,i,i]=>i"
   969     "fun_apply_fm(f,x,y) ==
   970        Exists(Exists(And(upair_fm(succ(succ(x)), succ(succ(x)), 1),
   971                          And(image_fm(succ(succ(f)), 1, 0),
   972                              big_union_fm(0,succ(succ(y)))))))"
   973 
   974 lemma fun_apply_type [TC]:
   975      "[| x \<in> nat; y \<in> nat; z \<in> nat |] ==> fun_apply_fm(x,y,z) \<in> formula"
   976 by (simp add: fun_apply_fm_def)
   977 
   978 lemma arity_fun_apply_fm [simp]:
   979      "[| x \<in> nat; y \<in> nat; z \<in> nat |]
   980       ==> arity(fun_apply_fm(x,y,z)) = succ(x) \<union> succ(y) \<union> succ(z)"
   981 by (simp add: fun_apply_fm_def succ_Un_distrib [symmetric] Un_ac)
   982 
   983 lemma sats_fun_apply_fm [simp]:
   984    "[| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)|]
   985     ==> sats(A, fun_apply_fm(x,y,z), env) <->
   986         fun_apply(**A, nth(x,env), nth(y,env), nth(z,env))"
   987 by (simp add: fun_apply_fm_def fun_apply_def)
   988 
   989 lemma fun_apply_iff_sats:
   990       "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
   991           i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)|]
   992        ==> fun_apply(**A, x, y, z) <-> sats(A, fun_apply_fm(i,j,k), env)"
   993 by simp
   994 
   995 theorem fun_apply_reflection:
   996      "REFLECTS[\<lambda>x. fun_apply(L,f(x),g(x),h(x)),
   997                \<lambda>i x. fun_apply(**Lset(i),f(x),g(x),h(x))]"
   998 apply (simp only: fun_apply_def setclass_simps)
   999 apply (intro FOL_reflections upair_reflection image_reflection
  1000              big_union_reflection)
  1001 done
  1002 
  1003 
  1004 subsubsection{*The Concept of Relation, Internalized*}
  1005 
  1006 (* "is_relation(M,r) ==
  1007         (\<forall>z[M]. z\<in>r --> (\<exists>x[M]. \<exists>y[M]. pair(M,x,y,z)))" *)
  1008 constdefs relation_fm :: "i=>i"
  1009     "relation_fm(r) ==
  1010        Forall(Implies(Member(0,succ(r)), Exists(Exists(pair_fm(1,0,2)))))"
  1011 
  1012 lemma relation_type [TC]:
  1013      "[| x \<in> nat |] ==> relation_fm(x) \<in> formula"
  1014 by (simp add: relation_fm_def)
  1015 
  1016 lemma arity_relation_fm [simp]:
  1017      "x \<in> nat ==> arity(relation_fm(x)) = succ(x)"
  1018 by (simp add: relation_fm_def succ_Un_distrib [symmetric] Un_ac)
  1019 
  1020 lemma sats_relation_fm [simp]:
  1021    "[| x \<in> nat; env \<in> list(A)|]
  1022     ==> sats(A, relation_fm(x), env) <-> is_relation(**A, nth(x,env))"
  1023 by (simp add: relation_fm_def is_relation_def)
  1024 
  1025 lemma relation_iff_sats:
  1026       "[| nth(i,env) = x; nth(j,env) = y;
  1027           i \<in> nat; env \<in> list(A)|]
  1028        ==> is_relation(**A, x) <-> sats(A, relation_fm(i), env)"
  1029 by simp
  1030 
  1031 theorem is_relation_reflection:
  1032      "REFLECTS[\<lambda>x. is_relation(L,f(x)),
  1033                \<lambda>i x. is_relation(**Lset(i),f(x))]"
  1034 apply (simp only: is_relation_def setclass_simps)
  1035 apply (intro FOL_reflections pair_reflection)
  1036 done
  1037 
  1038 
  1039 subsubsection{*The Concept of Function, Internalized*}
  1040 
  1041 (* "is_function(M,r) ==
  1042         \<forall>x[M]. \<forall>y[M]. \<forall>y'[M]. \<forall>p[M]. \<forall>p'[M].
  1043            pair(M,x,y,p) --> pair(M,x,y',p') --> p\<in>r --> p'\<in>r --> y=y'" *)
  1044 constdefs function_fm :: "i=>i"
  1045     "function_fm(r) ==
  1046        Forall(Forall(Forall(Forall(Forall(
  1047          Implies(pair_fm(4,3,1),
  1048                  Implies(pair_fm(4,2,0),
  1049                          Implies(Member(1,r#+5),
  1050                                  Implies(Member(0,r#+5), Equal(3,2))))))))))"
  1051 
  1052 lemma function_type [TC]:
  1053      "[| x \<in> nat |] ==> function_fm(x) \<in> formula"
  1054 by (simp add: function_fm_def)
  1055 
  1056 lemma arity_function_fm [simp]:
  1057      "x \<in> nat ==> arity(function_fm(x)) = succ(x)"
  1058 by (simp add: function_fm_def succ_Un_distrib [symmetric] Un_ac)
  1059 
  1060 lemma sats_function_fm [simp]:
  1061    "[| x \<in> nat; env \<in> list(A)|]
  1062     ==> sats(A, function_fm(x), env) <-> is_function(**A, nth(x,env))"
  1063 by (simp add: function_fm_def is_function_def)
  1064 
  1065 lemma function_iff_sats:
  1066       "[| nth(i,env) = x; nth(j,env) = y;
  1067           i \<in> nat; env \<in> list(A)|]
  1068        ==> is_function(**A, x) <-> sats(A, function_fm(i), env)"
  1069 by simp
  1070 
  1071 theorem is_function_reflection:
  1072      "REFLECTS[\<lambda>x. is_function(L,f(x)),
  1073                \<lambda>i x. is_function(**Lset(i),f(x))]"
  1074 apply (simp only: is_function_def setclass_simps)
  1075 apply (intro FOL_reflections pair_reflection)
  1076 done
  1077 
  1078 
  1079 subsubsection{*Typed Functions, Internalized*}
  1080 
  1081 (* "typed_function(M,A,B,r) ==
  1082         is_function(M,r) & is_relation(M,r) & is_domain(M,r,A) &
  1083         (\<forall>u[M]. u\<in>r --> (\<forall>x[M]. \<forall>y[M]. pair(M,x,y,u) --> y\<in>B))" *)
  1084 
  1085 constdefs typed_function_fm :: "[i,i,i]=>i"
  1086     "typed_function_fm(A,B,r) ==
  1087        And(function_fm(r),
  1088          And(relation_fm(r),
  1089            And(domain_fm(r,A),
  1090              Forall(Implies(Member(0,succ(r)),
  1091                   Forall(Forall(Implies(pair_fm(1,0,2),Member(0,B#+3)))))))))"
  1092 
  1093 lemma typed_function_type [TC]:
  1094      "[| x \<in> nat; y \<in> nat; z \<in> nat |] ==> typed_function_fm(x,y,z) \<in> formula"
  1095 by (simp add: typed_function_fm_def)
  1096 
  1097 lemma arity_typed_function_fm [simp]:
  1098      "[| x \<in> nat; y \<in> nat; z \<in> nat |]
  1099       ==> arity(typed_function_fm(x,y,z)) = succ(x) \<union> succ(y) \<union> succ(z)"
  1100 by (simp add: typed_function_fm_def succ_Un_distrib [symmetric] Un_ac)
  1101 
  1102 lemma sats_typed_function_fm [simp]:
  1103    "[| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)|]
  1104     ==> sats(A, typed_function_fm(x,y,z), env) <->
  1105         typed_function(**A, nth(x,env), nth(y,env), nth(z,env))"
  1106 by (simp add: typed_function_fm_def typed_function_def)
  1107 
  1108 lemma typed_function_iff_sats:
  1109   "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
  1110       i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)|]
  1111    ==> typed_function(**A, x, y, z) <-> sats(A, typed_function_fm(i,j,k), env)"
  1112 by simp
  1113 
  1114 lemmas function_reflections =
  1115         empty_reflection number1_reflection
  1116         upair_reflection pair_reflection union_reflection
  1117         big_union_reflection cons_reflection successor_reflection
  1118         fun_apply_reflection subset_reflection
  1119         transitive_set_reflection membership_reflection
  1120         pred_set_reflection domain_reflection range_reflection field_reflection
  1121         image_reflection pre_image_reflection
  1122         is_relation_reflection is_function_reflection
  1123 
  1124 lemmas function_iff_sats =
  1125         empty_iff_sats number1_iff_sats
  1126         upair_iff_sats pair_iff_sats union_iff_sats
  1127         cons_iff_sats successor_iff_sats
  1128         fun_apply_iff_sats  Memrel_iff_sats
  1129         pred_set_iff_sats domain_iff_sats range_iff_sats field_iff_sats
  1130         image_iff_sats pre_image_iff_sats
  1131         relation_iff_sats function_iff_sats
  1132 
  1133 
  1134 theorem typed_function_reflection:
  1135      "REFLECTS[\<lambda>x. typed_function(L,f(x),g(x),h(x)),
  1136                \<lambda>i x. typed_function(**Lset(i),f(x),g(x),h(x))]"
  1137 apply (simp only: typed_function_def setclass_simps)
  1138 apply (intro FOL_reflections function_reflections)
  1139 done
  1140 
  1141 
  1142 subsubsection{*Composition of Relations, Internalized*}
  1143 
  1144 (* "composition(M,r,s,t) ==
  1145         \<forall>p[M]. p \<in> t <->
  1146                (\<exists>x[M]. \<exists>y[M]. \<exists>z[M]. \<exists>xy[M]. \<exists>yz[M].
  1147                 pair(M,x,z,p) & pair(M,x,y,xy) & pair(M,y,z,yz) &
  1148                 xy \<in> s & yz \<in> r)" *)
  1149 constdefs composition_fm :: "[i,i,i]=>i"
  1150   "composition_fm(r,s,t) ==
  1151      Forall(Iff(Member(0,succ(t)),
  1152              Exists(Exists(Exists(Exists(Exists(
  1153               And(pair_fm(4,2,5),
  1154                And(pair_fm(4,3,1),
  1155                 And(pair_fm(3,2,0),
  1156                  And(Member(1,s#+6), Member(0,r#+6))))))))))))"
  1157 
  1158 lemma composition_type [TC]:
  1159      "[| x \<in> nat; y \<in> nat; z \<in> nat |] ==> composition_fm(x,y,z) \<in> formula"
  1160 by (simp add: composition_fm_def)
  1161 
  1162 lemma arity_composition_fm [simp]:
  1163      "[| x \<in> nat; y \<in> nat; z \<in> nat |]
  1164       ==> arity(composition_fm(x,y,z)) = succ(x) \<union> succ(y) \<union> succ(z)"
  1165 by (simp add: composition_fm_def succ_Un_distrib [symmetric] Un_ac)
  1166 
  1167 lemma sats_composition_fm [simp]:
  1168    "[| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)|]
  1169     ==> sats(A, composition_fm(x,y,z), env) <->
  1170         composition(**A, nth(x,env), nth(y,env), nth(z,env))"
  1171 by (simp add: composition_fm_def composition_def)
  1172 
  1173 lemma composition_iff_sats:
  1174       "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
  1175           i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)|]
  1176        ==> composition(**A, x, y, z) <-> sats(A, composition_fm(i,j,k), env)"
  1177 by simp
  1178 
  1179 theorem composition_reflection:
  1180      "REFLECTS[\<lambda>x. composition(L,f(x),g(x),h(x)),
  1181                \<lambda>i x. composition(**Lset(i),f(x),g(x),h(x))]"
  1182 apply (simp only: composition_def setclass_simps)
  1183 apply (intro FOL_reflections pair_reflection)
  1184 done
  1185 
  1186 
  1187 subsubsection{*Injections, Internalized*}
  1188 
  1189 (* "injection(M,A,B,f) ==
  1190         typed_function(M,A,B,f) &
  1191         (\<forall>x[M]. \<forall>x'[M]. \<forall>y[M]. \<forall>p[M]. \<forall>p'[M].
  1192           pair(M,x,y,p) --> pair(M,x',y,p') --> p\<in>f --> p'\<in>f --> x=x')" *)
  1193 constdefs injection_fm :: "[i,i,i]=>i"
  1194  "injection_fm(A,B,f) ==
  1195     And(typed_function_fm(A,B,f),
  1196        Forall(Forall(Forall(Forall(Forall(
  1197          Implies(pair_fm(4,2,1),
  1198                  Implies(pair_fm(3,2,0),
  1199                          Implies(Member(1,f#+5),
  1200                                  Implies(Member(0,f#+5), Equal(4,3)))))))))))"
  1201 
  1202 
  1203 lemma injection_type [TC]:
  1204      "[| x \<in> nat; y \<in> nat; z \<in> nat |] ==> injection_fm(x,y,z) \<in> formula"
  1205 by (simp add: injection_fm_def)
  1206 
  1207 lemma arity_injection_fm [simp]:
  1208      "[| x \<in> nat; y \<in> nat; z \<in> nat |]
  1209       ==> arity(injection_fm(x,y,z)) = succ(x) \<union> succ(y) \<union> succ(z)"
  1210 by (simp add: injection_fm_def succ_Un_distrib [symmetric] Un_ac)
  1211 
  1212 lemma sats_injection_fm [simp]:
  1213    "[| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)|]
  1214     ==> sats(A, injection_fm(x,y,z), env) <->
  1215         injection(**A, nth(x,env), nth(y,env), nth(z,env))"
  1216 by (simp add: injection_fm_def injection_def)
  1217 
  1218 lemma injection_iff_sats:
  1219   "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
  1220       i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)|]
  1221    ==> injection(**A, x, y, z) <-> sats(A, injection_fm(i,j,k), env)"
  1222 by simp
  1223 
  1224 theorem injection_reflection:
  1225      "REFLECTS[\<lambda>x. injection(L,f(x),g(x),h(x)),
  1226                \<lambda>i x. injection(**Lset(i),f(x),g(x),h(x))]"
  1227 apply (simp only: injection_def setclass_simps)
  1228 apply (intro FOL_reflections function_reflections typed_function_reflection)
  1229 done
  1230 
  1231 
  1232 subsubsection{*Surjections, Internalized*}
  1233 
  1234 (*  surjection :: "[i=>o,i,i,i] => o"
  1235     "surjection(M,A,B,f) ==
  1236         typed_function(M,A,B,f) &
  1237         (\<forall>y[M]. y\<in>B --> (\<exists>x[M]. x\<in>A & fun_apply(M,f,x,y)))" *)
  1238 constdefs surjection_fm :: "[i,i,i]=>i"
  1239  "surjection_fm(A,B,f) ==
  1240     And(typed_function_fm(A,B,f),
  1241        Forall(Implies(Member(0,succ(B)),
  1242                       Exists(And(Member(0,succ(succ(A))),
  1243                                  fun_apply_fm(succ(succ(f)),0,1))))))"
  1244 
  1245 lemma surjection_type [TC]:
  1246      "[| x \<in> nat; y \<in> nat; z \<in> nat |] ==> surjection_fm(x,y,z) \<in> formula"
  1247 by (simp add: surjection_fm_def)
  1248 
  1249 lemma arity_surjection_fm [simp]:
  1250      "[| x \<in> nat; y \<in> nat; z \<in> nat |]
  1251       ==> arity(surjection_fm(x,y,z)) = succ(x) \<union> succ(y) \<union> succ(z)"
  1252 by (simp add: surjection_fm_def succ_Un_distrib [symmetric] Un_ac)
  1253 
  1254 lemma sats_surjection_fm [simp]:
  1255    "[| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)|]
  1256     ==> sats(A, surjection_fm(x,y,z), env) <->
  1257         surjection(**A, nth(x,env), nth(y,env), nth(z,env))"
  1258 by (simp add: surjection_fm_def surjection_def)
  1259 
  1260 lemma surjection_iff_sats:
  1261   "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
  1262       i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)|]
  1263    ==> surjection(**A, x, y, z) <-> sats(A, surjection_fm(i,j,k), env)"
  1264 by simp
  1265 
  1266 theorem surjection_reflection:
  1267      "REFLECTS[\<lambda>x. surjection(L,f(x),g(x),h(x)),
  1268                \<lambda>i x. surjection(**Lset(i),f(x),g(x),h(x))]"
  1269 apply (simp only: surjection_def setclass_simps)
  1270 apply (intro FOL_reflections function_reflections typed_function_reflection)
  1271 done
  1272 
  1273 
  1274 
  1275 subsubsection{*Bijections, Internalized*}
  1276 
  1277 (*   bijection :: "[i=>o,i,i,i] => o"
  1278     "bijection(M,A,B,f) == injection(M,A,B,f) & surjection(M,A,B,f)" *)
  1279 constdefs bijection_fm :: "[i,i,i]=>i"
  1280  "bijection_fm(A,B,f) == And(injection_fm(A,B,f), surjection_fm(A,B,f))"
  1281 
  1282 lemma bijection_type [TC]:
  1283      "[| x \<in> nat; y \<in> nat; z \<in> nat |] ==> bijection_fm(x,y,z) \<in> formula"
  1284 by (simp add: bijection_fm_def)
  1285 
  1286 lemma arity_bijection_fm [simp]:
  1287      "[| x \<in> nat; y \<in> nat; z \<in> nat |]
  1288       ==> arity(bijection_fm(x,y,z)) = succ(x) \<union> succ(y) \<union> succ(z)"
  1289 by (simp add: bijection_fm_def succ_Un_distrib [symmetric] Un_ac)
  1290 
  1291 lemma sats_bijection_fm [simp]:
  1292    "[| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)|]
  1293     ==> sats(A, bijection_fm(x,y,z), env) <->
  1294         bijection(**A, nth(x,env), nth(y,env), nth(z,env))"
  1295 by (simp add: bijection_fm_def bijection_def)
  1296 
  1297 lemma bijection_iff_sats:
  1298   "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
  1299       i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)|]
  1300    ==> bijection(**A, x, y, z) <-> sats(A, bijection_fm(i,j,k), env)"
  1301 by simp
  1302 
  1303 theorem bijection_reflection:
  1304      "REFLECTS[\<lambda>x. bijection(L,f(x),g(x),h(x)),
  1305                \<lambda>i x. bijection(**Lset(i),f(x),g(x),h(x))]"
  1306 apply (simp only: bijection_def setclass_simps)
  1307 apply (intro And_reflection injection_reflection surjection_reflection)
  1308 done
  1309 
  1310 
  1311 subsubsection{*Restriction of a Relation, Internalized*}
  1312 
  1313 
  1314 (* "restriction(M,r,A,z) ==
  1315         \<forall>x[M]. x \<in> z <-> (x \<in> r & (\<exists>u[M]. u\<in>A & (\<exists>v[M]. pair(M,u,v,x))))" *)
  1316 constdefs restriction_fm :: "[i,i,i]=>i"
  1317     "restriction_fm(r,A,z) ==
  1318        Forall(Iff(Member(0,succ(z)),
  1319                   And(Member(0,succ(r)),
  1320                       Exists(And(Member(0,succ(succ(A))),
  1321                                  Exists(pair_fm(1,0,2)))))))"
  1322 
  1323 lemma restriction_type [TC]:
  1324      "[| x \<in> nat; y \<in> nat; z \<in> nat |] ==> restriction_fm(x,y,z) \<in> formula"
  1325 by (simp add: restriction_fm_def)
  1326 
  1327 lemma arity_restriction_fm [simp]:
  1328      "[| x \<in> nat; y \<in> nat; z \<in> nat |]
  1329       ==> arity(restriction_fm(x,y,z)) = succ(x) \<union> succ(y) \<union> succ(z)"
  1330 by (simp add: restriction_fm_def succ_Un_distrib [symmetric] Un_ac)
  1331 
  1332 lemma sats_restriction_fm [simp]:
  1333    "[| x \<in> nat; y \<in> nat; z \<in> nat; env \<in> list(A)|]
  1334     ==> sats(A, restriction_fm(x,y,z), env) <->
  1335         restriction(**A, nth(x,env), nth(y,env), nth(z,env))"
  1336 by (simp add: restriction_fm_def restriction_def)
  1337 
  1338 lemma restriction_iff_sats:
  1339       "[| nth(i,env) = x; nth(j,env) = y; nth(k,env) = z;
  1340           i \<in> nat; j \<in> nat; k \<in> nat; env \<in> list(A)|]
  1341        ==> restriction(**A, x, y, z) <-> sats(A, restriction_fm(i,j,k), env)"
  1342 by simp
  1343 
  1344 theorem restriction_reflection:
  1345      "REFLECTS[\<lambda>x. restriction(L,f(x),g(x),h(x)),
  1346                \<lambda>i x. restriction(**Lset(i),f(x),g(x),h(x))]"
  1347 apply (simp only: restriction_def setclass_simps)
  1348 apply (intro FOL_reflections pair_reflection)
  1349 done
  1350 
  1351 subsubsection{*Order-Isomorphisms, Internalized*}
  1352 
  1353 (*  order_isomorphism :: "[i=>o,i,i,i,i,i] => o"
  1354    "order_isomorphism(M,A,r,B,s,f) ==
  1355         bijection(M,A,B,f) &
  1356         (\<forall>x[M]. x\<in>A --> (\<forall>y[M]. y\<in>A -->
  1357           (\<forall>p[M]. \<forall>fx[M]. \<forall>fy[M]. \<forall>q[M].
  1358             pair(M,x,y,p) --> fun_apply(M,f,x,fx) --> fun_apply(M,f,y,fy) -->
  1359             pair(M,fx,fy,q) --> (p\<in>r <-> q\<in>s))))"
  1360   *)
  1361 
  1362 constdefs order_isomorphism_fm :: "[i,i,i,i,i]=>i"
  1363  "order_isomorphism_fm(A,r,B,s,f) ==
  1364    And(bijection_fm(A,B,f),
  1365      Forall(Implies(Member(0,succ(A)),
  1366        Forall(Implies(Member(0,succ(succ(A))),
  1367          Forall(Forall(Forall(Forall(
  1368            Implies(pair_fm(5,4,3),
  1369              Implies(fun_apply_fm(f#+6,5,2),
  1370                Implies(fun_apply_fm(f#+6,4,1),
  1371                  Implies(pair_fm(2,1,0),
  1372                    Iff(Member(3,r#+6), Member(0,s#+6)))))))))))))))"
  1373 
  1374 lemma order_isomorphism_type [TC]:
  1375      "[| A \<in> nat; r \<in> nat; B \<in> nat; s \<in> nat; f \<in> nat |]
  1376       ==> order_isomorphism_fm(A,r,B,s,f) \<in> formula"
  1377 by (simp add: order_isomorphism_fm_def)
  1378 
  1379 lemma arity_order_isomorphism_fm [simp]:
  1380      "[| A \<in> nat; r \<in> nat; B \<in> nat; s \<in> nat; f \<in> nat |]
  1381       ==> arity(order_isomorphism_fm(A,r,B,s,f)) =
  1382           succ(A) \<union> succ(r) \<union> succ(B) \<union> succ(s) \<union> succ(f)"
  1383 by (simp add: order_isomorphism_fm_def succ_Un_distrib [symmetric] Un_ac)
  1384 
  1385 lemma sats_order_isomorphism_fm [simp]:
  1386    "[| U \<in> nat; r \<in> nat; B \<in> nat; s \<in> nat; f \<in> nat; env \<in> list(A)|]
  1387     ==> sats(A, order_isomorphism_fm(U,r,B,s,f), env) <->
  1388         order_isomorphism(**A, nth(U,env), nth(r,env), nth(B,env),
  1389                                nth(s,env), nth(f,env))"
  1390 by (simp add: order_isomorphism_fm_def order_isomorphism_def)
  1391 
  1392 lemma order_isomorphism_iff_sats:
  1393   "[| nth(i,env) = U; nth(j,env) = r; nth(k,env) = B; nth(j',env) = s;
  1394       nth(k',env) = f;
  1395       i \<in> nat; j \<in> nat; k \<in> nat; j' \<in> nat; k' \<in> nat; env \<in> list(A)|]
  1396    ==> order_isomorphism(**A,U,r,B,s,f) <->
  1397        sats(A, order_isomorphism_fm(i,j,k,j',k'), env)"
  1398 by simp
  1399 
  1400 theorem order_isomorphism_reflection:
  1401      "REFLECTS[\<lambda>x. order_isomorphism(L,f(x),g(x),h(x),g'(x),h'(x)),
  1402                \<lambda>i x. order_isomorphism(**Lset(i),f(x),g(x),h(x),g'(x),h'(x))]"
  1403 apply (simp only: order_isomorphism_def setclass_simps)
  1404 apply (intro FOL_reflections function_reflections bijection_reflection)
  1405 done
  1406 
  1407 subsubsection{*Limit Ordinals, Internalized*}
  1408 
  1409 text{*A limit ordinal is a non-empty, successor-closed ordinal*}
  1410 
  1411 (* "limit_ordinal(M,a) ==
  1412         ordinal(M,a) & ~ empty(M,a) &
  1413         (\<forall>x[M]. x\<in>a --> (\<exists>y[M]. y\<in>a & successor(M,x,y)))" *)
  1414 
  1415 constdefs limit_ordinal_fm :: "i=>i"
  1416     "limit_ordinal_fm(x) ==
  1417         And(ordinal_fm(x),
  1418             And(Neg(empty_fm(x)),
  1419                 Forall(Implies(Member(0,succ(x)),
  1420                                Exists(And(Member(0,succ(succ(x))),
  1421                                           succ_fm(1,0)))))))"
  1422 
  1423 lemma limit_ordinal_type [TC]:
  1424      "x \<in> nat ==> limit_ordinal_fm(x) \<in> formula"
  1425 by (simp add: limit_ordinal_fm_def)
  1426 
  1427 lemma arity_limit_ordinal_fm [simp]:
  1428      "x \<in> nat ==> arity(limit_ordinal_fm(x)) = succ(x)"
  1429 by (simp add: limit_ordinal_fm_def succ_Un_distrib [symmetric] Un_ac)
  1430 
  1431 lemma sats_limit_ordinal_fm [simp]:
  1432    "[| x \<in> nat; env \<in> list(A)|]
  1433     ==> sats(A, limit_ordinal_fm(x), env) <-> limit_ordinal(**A, nth(x,env))"
  1434 by (simp add: limit_ordinal_fm_def limit_ordinal_def sats_ordinal_fm')
  1435 
  1436 lemma limit_ordinal_iff_sats:
  1437       "[| nth(i,env) = x; nth(j,env) = y;
  1438           i \<in> nat; env \<in> list(A)|]
  1439        ==> limit_ordinal(**A, x) <-> sats(A, limit_ordinal_fm(i), env)"
  1440 by simp
  1441 
  1442 theorem limit_ordinal_reflection:
  1443      "REFLECTS[\<lambda>x. limit_ordinal(L,f(x)),
  1444                \<lambda>i x. limit_ordinal(**Lset(i),f(x))]"
  1445 apply (simp only: limit_ordinal_def setclass_simps)
  1446 apply (intro FOL_reflections ordinal_reflection
  1447              empty_reflection successor_reflection)
  1448 done
  1449 
  1450 subsubsection{*Omega: The Set of Natural Numbers*}
  1451 
  1452 (* omega(M,a) == limit_ordinal(M,a) & (\<forall>x[M]. x\<in>a --> ~ limit_ordinal(M,x)) *)
  1453 constdefs omega_fm :: "i=>i"
  1454     "omega_fm(x) ==
  1455        And(limit_ordinal_fm(x),
  1456            Forall(Implies(Member(0,succ(x)),
  1457                           Neg(limit_ordinal_fm(0)))))"
  1458 
  1459 lemma omega_type [TC]:
  1460      "x \<in> nat ==> omega_fm(x) \<in> formula"
  1461 by (simp add: omega_fm_def)
  1462 
  1463 lemma arity_omega_fm [simp]:
  1464      "x \<in> nat ==> arity(omega_fm(x)) = succ(x)"
  1465 by (simp add: omega_fm_def succ_Un_distrib [symmetric] Un_ac)
  1466 
  1467 lemma sats_omega_fm [simp]:
  1468    "[| x \<in> nat; env \<in> list(A)|]
  1469     ==> sats(A, omega_fm(x), env) <-> omega(**A, nth(x,env))"
  1470 by (simp add: omega_fm_def omega_def)
  1471 
  1472 lemma omega_iff_sats:
  1473       "[| nth(i,env) = x; nth(j,env) = y;
  1474           i \<in> nat; env \<in> list(A)|]
  1475        ==> omega(**A, x) <-> sats(A, omega_fm(i), env)"
  1476 by simp
  1477 
  1478 theorem omega_reflection:
  1479      "REFLECTS[\<lambda>x. omega(L,f(x)),
  1480                \<lambda>i x. omega(**Lset(i),f(x))]"
  1481 apply (simp only: omega_def setclass_simps)
  1482 apply (intro FOL_reflections limit_ordinal_reflection)
  1483 done
  1484 
  1485 
  1486 lemmas fun_plus_reflections =
  1487         typed_function_reflection composition_reflection
  1488         injection_reflection surjection_reflection
  1489         bijection_reflection restriction_reflection
  1490         order_isomorphism_reflection
  1491         ordinal_reflection limit_ordinal_reflection omega_reflection
  1492 
  1493 lemmas fun_plus_iff_sats =
  1494         typed_function_iff_sats composition_iff_sats
  1495         injection_iff_sats surjection_iff_sats
  1496         bijection_iff_sats restriction_iff_sats
  1497         order_isomorphism_iff_sats
  1498         ordinal_iff_sats limit_ordinal_iff_sats omega_iff_sats
  1499 
  1500 end