Jon Sterling9603jms-005Tjms-005T.xmlSynthetic Tait computabilityBibliographyThis page collects papers and dissertations about Synthetic Tait Computability, also known as the logical relations as types / LRAT principle; if you have written a paper or dissertation on this topic, please write to me to have it added to this list.
Jon Sterling6794unstable/736unstable-736.xmlAccepted papersJon Sterling20239286793sterling-2023-grothendiecksterling-2023-grothendieck.xmlTowards a geometry for syntaxReference10.48550/arXiv.2307.09497Invited contribution to the proceedings of the Chapman Grothendieck Conference, to appearIt often happens that free algebras for a given theory satisfy useful reasoning principles that are not preserved under homomorphisms of algebras, and hence need not hold in an arbitrary algebra. For instance, if is the free monoid on a set , then the scalar multiplication function is injective. Therefore, when reasoning in the formal theory of monoids under , it is possible to use this injectivity law to make sound deductions even about monoids under A for which scalar multiplication is not injective — a principle known in algebra as the permanence of identity. Properties of this kind are of fundamental practical importance to the logicians and computer scientists who design and implement computerized proof assistants like Lean and Coq, as they enable the formal reductions of equational problems that make type checking tractable.As type theories have become increasingly more sophisticated, it has become more and more difficult to establish the useful properties of their free models that facilitate effective implementation. These obstructions have facilitated a fruitful return to foundational work in type theory, which has taken on a more geometrical flavor than ever before. Here we expose a modern way to prove a highly non-trivial injectivity law for free models of Martin-Löf type theory, paying special attention to the ways that contemporary methods in type theory have been influenced by three important ideas of the Grothendieck school: the relative point of view, the language of universes, and the recollement of generalized spaces.
Jon Sterling6808unstable/737unstable-737.xmlRefereed papersHarrison GrodinYue NiuJon SterlingRobert Harper2024156796grodin-niu-sterling-harper-2024grodin-niu-sterling-harper-2024.xml: a directed, effectful cost-aware logical frameworkReferencePOPL ’24: 51st ACM SIGPLAN Symposium on Principles of Programming Languages10.1145/3632852https://arxiv.org/abs/2307.05938We present decalf, a directed, effectful cost-aware logical framework for studying quantitative aspects of functional programs with effects. Like calf, the language is based on a formal phase distinction between the extension and the intension of a program, its pure behavior as distinct from its cost measured by an effectful step-counting primitive. The type theory ensures that the behavior is unaffected by the cost accounting. Unlike calf, the present language takes account of effects, such as probabilistic choice and mutable state; this extension requires a reformulation of calf’s approach to cost accounting: rather than rely on a “separable” notion of cost, here a cost bound is simply another program. To make this formal, we equip every type with an intrinsic preorder, relaxing the precise cost accounting intrinsic to a program to a looser but nevertheless informative estimate. For example, the cost bound of a probabilistic program is itself a probabilistic program that specifies the distribution of costs. This approach serves as a streamlined alternative to the standard method of isolating a recurrence that bounds the cost in a manner that readily extends to higher-order, effectful programs.The development proceeds by first introducing the decalf type system, which is based on an intrinsic ordering among terms that restricts in the extensional phase to extensional equality, but in the intensional phase reflects an approximation of the cost of a program of interest. This formulation is then applied to a number of illustrative examples, including pure and effectful sorting algorithms, simple probabilistic programs, and higher-order functions. Finally, we justify decalf via a model in the topos of augmented simplicial sets.Jon Sterling20241036795jms-012Qjms-012Q.xmlMissing assumptions about the interval in DecalfErratumIn section 4.2, we assumed only a (non-strict) interval object , and then asserted in Definition 4.5 the map was a monomorphism. Obviously, this need not be the case, so it needs to be turned into an assumption about . This assumption will, however, hold of the interval in simplicial sets for the following reason: the interval in simplicial sets is the nerve of the actual poset , and the statement in question holds for this poset and is preserved by the nerve functor.Taichi Uemura20221256797uemura-2023-fscduemura-2023-fscd.xmlHomotopy type theory as internal languages of diagrams of ∞-logosesReference10.4230/LIPIcs.FSCD.2023.58th International Conference on Formal Structures for Computation and Deduction (FSCD 2023)Yue NiuRobert Harper20229266798niu-harper-2022niu-harper-2022.xmlA metalanguage for cost-aware denotational semanticsReference10.48550/arXiv.2209.12669Thirty-Eighth Annual ACM/IEEE Symposium on
Logic in Computer Science (LICS)Daniel GratzerLars Birkedal202246799gratzer-birkedal-2022gratzer-birkedal-2022.xmlA stratified approach to Löb inductionReference10.4230/LIPIcs.FSCD.2022.23International Conference on Formal Structures for Computation and Deduction (FSCD)Daniel Gratzer202246800gratzer-2022gratzer-2022.xmlNormalization for multimodal type theoryReference10.1145/3531130.3532398Symposium on Logic and Computer Science (LICS)Yue NiuJon SterlingHarrison GrodinRobert Harper2022116801niu-sterling-grodin-harper-2022niu-sterling-grodin-harper-2022.xmlA cost-aware logical frameworkReferenceProceedings of the ACM on Programming Languages, Volume 6, Issue POPL10.1145/3498670We present calf, a cost-aware logical framework for studying quantitative aspects of functional programs. Taking inspiration from recent work that reconstructs traditional aspects of programming languages in terms of a modal account of phase distinctions, we argue that the cost structure of programs motivates a phase distinction between intension and extension. Armed with this technology, we contribute a synthetic account of cost structure as a computational effect in which cost-aware programs enjoy an internal noninterference property: input/output behavior cannot depend on cost. As a full-spectrum dependent type theory, calf presents a unified language for programming and specification of both cost and behavior that can be integrated smoothly with existing mathematical libraries available in type theoretic proof assistants.We evaluate calf as a general framework for cost analysis by implementing two fundamental techniques for algorithm analysis: the method of recurrence relations and physicist’s method for amortized analysis. We deploy these techniques on a variety of case studies: we prove a tight, closed bound for Euclid’s algorithm, verify the amortized complexity of batched queues, and derive tight, closed bounds for the sequential and parallel complexity of merge sort, all fully mechanized in the Agda proof assistant. Lastly we substantiate the soundness of quantitative reasoning in calf by means of a model construction.Jon SterlingRobert Harper20226804sterling-harper-2022sterling-harper-2022.xmlSheaf semantics of termination-insensitive noninterferenceReference10.4230/LIPIcs.FSCD.2022.5hash-bafkrmicr7k5fedmbhfpylzintas4g44lxony2655xvvtzczfvkxeds2ev4.pdf7th International Conference on Formal Structures for Computation and Deduction (FSCD 2022)We propose a new sheaf semantics for secure information flow over a space of abstract behaviors, based on synthetic domain theory: security classes are open/closed partitions, types are sheaves, and redaction of sensitive information corresponds to restricting a sheaf to a closed subspace. Our security-aware computational model satisfies termination-insensitive noninterference automatically, and therefore constitutes an intrinsic alternative to state of the art extrinsic/relational models of noninterference. Our semantics is the latest application of Sterling and Harper’s recent re-interpretation of phase distinctions and noninterference in programming languages in terms of Artin gluing and topos-theoretic open/closed modalities. Prior applications include parametricity for ML modules, the proof of normalization for cubical type theory by Sterling and Angiuli, and the cost-aware logical framework of Niu et al. In this paper we employ the phase distinction perspective twice: first to reconstruct the syntax and semantics of secure information flow as a lattice of phase distinctions between “higher” and “lower” security, and second to verify the computational adequacy of our sheaf semantics with respect to a version of Abadi et al.’s dependency core calculus to which we have added a construct for declassifying termination channels.Jon Sterling20236802jms-005Yjms-005Y.xmlMinor mistakes in sheaf semantics of noninterferenceErratumIn the published version of this paper, there were a few mistakes that have been corrected in the local copy hosted here.In the Critique of relational semantics for information flow, our discussion of the Failure of monotonicity stated incorrectly that algebras for the sealing monad at a higher security level could not be transformed into algebras for the sealing monad at a lower security level in the semantics of Abadi et al. This is not true, as pointed out to us privately by Carlos Tomé Cortiñas. What we meant to say was that it is not the case that a type whose component at a high security level is trivial shall always remain trivial at a lower security level.
The original version of the extended edition of this paper, we claimed that the constructive existence of tensor products on pointed dcpos was obvious; in fact, tensor products do exist, but their construction involves a reflexive coequalizer of pointed dcpos.Jon Sterling20237176803jms-005Zjms-005Z.xmlAdequacy of sheaf semantics of noninterferenceErratumA serious (and as-yet unfixed) problem was discovered in July of 2023 by Yue Niu, which undermines the proof of adequacy given; in particular, the proof that the logical relation on free algebras is admissible is not correct. I believe there is a different proof of adequacy for the calculus described, but it will have a different structure from what currently appears in the paper. We thank Yue Niu for his attention to detail and careful reading of this paper.Jon SterlingRobert Harper20211216806sterling-harper-2021sterling-harper-2021.xmlLogical relations as types: proof-relevant parametricity for program modulesReferencehash-bafkrmig7qn2kbsjj2pmppts2sdgqhcq44bnosytv3ibyzqth3zd42gktua.pdfJournal of the ACM, Volume 68, Issue 610.1145/3474834The theory of program modules is of interest to language designers not only for its practical importance to programming, but also because it lies at the nexus of three fundamental concerns in language design: the phase distinction, computational effects, and type abstraction. We contribute a fresh “synthetic” take on program modules that treats modules as the fundamental constructs, in which the usual suspects of prior module calculi (kinds, constructors, dynamic programs) are rendered as derived notions in terms of a modal type-theoretic account of the phase distinction. We simplify the account of type abstraction (embodied in the generativity of module functors) through a lax modality that encapsulates computational effects, placing projectibility of module expressions on a type-theoretic basis.Our main result is a (significant) proof-relevant and phase-sensitive generalization of the Reynolds abstraction theorem for a calculus of program modules, based on a new kind of logical relation called a parametricity structure. Parametricity structures generalize the proof-irrelevant relations of classical parametricity to proof-relevant families, where there may be non-trivial evidence witnessing the relatedness of two programs—simplifying the metatheory of strong sums over the collection of types, for although there can be no “relation classifying relations,” one easily accommodates a “family classifying small families.”Using the insight that logical relations/parametricity is itself a form of phase distinction between the syntactic and the semantic, we contribute a new synthetic approach to phase separated parametricity based on the slogan logical relations as types, by iterating our modal account of the phase distinction. We axiomatize a dependent type theory of parametricity structures using two pairs of complementary modalities (syntactic, semantic) and (static, dynamic), substantiated using the topos theoretic Artin gluing construction. Then, to construct a simulation between two implementations of an abstract type, one simply programs a third implementation whose type component carries the representation invariant.Jon Sterling20216805jms-0060jms-0060.xmlMinor mistakes in logical relations as typesErratumAfter going to press, we have fixed the following mistakes:In the definition of a logos, we mistakenly said that "colimits commute with finite limits" but we meant to say that they are preserved by pullback. We thank Sarah Z. Rovner-Frydman for noticing this mistake.
In Remark 5.15, we used the notation for the closed immersion prior to introducing it.
We have fixed a few broken links in the bibliography.The local copy hosted here has the corrections implementedJon SterlingCarlo Angiuli2021776807sterling-angiuli-2021sterling-angiuli-2021.xmlNormalization for cubical type theoryReference2021 36th Annual ACM/IEEE Symposium on Logic in Computer Science (LICS)10.1109/LICS52264.2021.9470719https://arxiv.org/abs/2101.11479We prove normalization for (univalent, Cartesian) cubical type theory, closing the last major open problem in the syntactic metatheory of cubical type theory. Our normalization result is reduction-free, in the sense of yielding a bijection between equivalence classes of terms in context and a tractable language of /-normal forms. As corollaries we obtain both decidability of judgmental equality and the injectivity of type constructors.
Jon Sterling6815unstable/738unstable-738.xmlManuscriptsTrebor Huang20231036809huang-2023huang-2023.xmlSynthetic Tait computability the hard wayReference10.48550/arXiv.2310.02051We walk through a few proofs of canonicity and normalization, each one with more aspects dissected and re-expressed in category theory, so that readers can compare the difference across proofs. During this process we isolate the different ideas that make up the proofs. Finally we arrive at synthetic Tait computability as proposed by J. Sterling. We also give a synthetic proof for parametricity of system F.Taichi Uemura202212226810uemura-2022-cohuemura-2022-coh.xmlNormalization and coherence for ∞-type theoriesReference10.48550/arXiv.2212.11764Daniel GratzerJon SterlingCarlo AngiuliThierry CoquandLars Birkedal202210106811gratzer-sterling-angiuli-coquand-birkedal-2022gratzer-sterling-angiuli-coquand-birkedal-2022.xmlControlling unfolding in type theoryReference10.48550/arXiv.2210.05420We present a novel mechanism for controlling the unfolding of definitions in
dependent type theory. Traditionally, proof assistants let users specify
whether each definition can or cannot be unfolded in the remainder of a
development; unfolding definitions is often necessary in order to reason about
them, but an excess of unfolding can result in brittle proofs and intractably
large proof goals. In our system, definitions are by default not unfolded, but
users can selectively unfold them in a local manner. We justify our mechanism
by means of elaboration to a core type theory with extension types, a
connective first introduced in the context of homotopy type theory. We prove a
normalization theorem for our core calculus and have implemented our system in
the cooltt proof assistant, providing both theoretical and practical evidence
for it.Jon SterlingDaniel GratzerLars Birkedal20221066812sterling-gratzer-birkedal-2022sterling-gratzer-birkedal-2022.xmlDenotational semantics of general store and polymorphismReference10.48550/arXiv.2210.02169We contribute the first denotational semantics of polymorphic dependent type theory extended by an equational theory for general (higher-order) reference types and recursive types, based on a combination of guarded recursion and impredicative polymorphism; because our model is based on recursively defined semantic worlds, it is compatible with polymorphism and relational reasoning about stateful abstract datatypes. We then extend our language with modal constructs for proof-relevant relational reasoning based on the logical relations as types principle, in which equivalences between imperative abstract datatypes can be established synthetically. Finally we develop a decomposition of the store model as a general construction that extends an arbitrary polymorphic call-by-push-value adjunction with higher-order store, improving on Levy's possible worlds model construction; what is new in relation to prior typed denotational models of higher-order store is that our Kripke worlds need not be syntactically definable, and are thus compatible with relational reasoning in the heap. Our work combines recent advances in the operational semantics of state with the purely denotational viewpoint of synthetic guarded domain theory.Jon Sterling202266813sterling-2022-naivesterling-2022-naive.xmlNaïve logical relations in synthetic Tait computabilityReferencehash-bafkrmialyvkzh6w6snnzr3k4h2b62bztsk4le57idughqik24bltinieki.pdfLogical relations are the main tool for proving positive properties of logics, type theories, and programming languages: canonicity, normalization, decidability, conservativity, computational adequacy, and more. Logical relations combine pure syntax with non-syntactic objects that are parameterized in syntax in a somewhat complex way; the sophistication of possible parameterizations makes logical relations a tool that is primarily accessible to specialists. In the spirit of Halmos' book Naïve Set Theory, I advocate for a new viewpoint on logical relations based on synthetic Tait computability, the internal language of categories of logical relations. In synthetic Tait computability, logical relations are manipulated as if they were sets, making the essence of many complex logical relations arguments accessible to non-specialists.Daniel Gratzer20216814gratzer-2021-crisp-inductiongratzer-2021-crisp-induction.xmlCrisp induction for intensional identity typesReferencehttps://jozefg.github.io/papers/crisp-induction-for-intensional-identity-types.pdf
Jon Sterling6818unstable/739unstable-739.xmlDissertationsDaniel Gratzer20238296816gratzer-2023-thesisgratzer-2023-thesis.xmlSyntax and semantics of modal type theoryReferencePhD Dissertation, Aarhus Universityhttps://iris-project.org/pdfs/2023-phd-gratzer.pdfOne idiosyncratic framing of type theory is as the study of operations invariant under substitution. Modal type theory, by contrast, concerns the controlled integration of operations—modalities—into type theory which violate this discipline, so-called non-fibered connectives. Modal type theory is therefore built around a fundamental tension: the desire to include modalities and powerful principles for reasoning with them on one hand, and the need to maintain the conveniences and character of Martin-Löf type theory which stem from substitution invariance.In this thesis, we thoroughly explore and discuss this contradiction. We discuss several different formulations of modal type theory, explore their various syntactic properties, and relate them through their categorical semantics. In particular, we show that most modal type theories that have arisen in the last two decades can be understood through the abstraction of weak dependent right adjoints. We also put forward a new general modal type theory, MTT, based on this abstraction.The generality of MTT means that, without any additional work, it can be specialized to an arbitrary collection of type theories related by modalities and natural transformations between them. It is therefore easy to obtain a type theory for a comonad, an adjunction, a local topos, or any other number of complex and realistic scenarios. In addition to showing that many modal type theories are closely related to specific instantiations of MTT, we thoroughly explore the syntax and semantics of MTT itself. We prove that MTT enjoys an unconditional normalization result and decidable type-checking under mild assumptions. We show how MTT may be interpreted into a wide variety of structured categories and use this to study the expressive power of the type theory and various extensions thereof.Finally, we explore several concrete applications of MTT in the context of guarded type theory and guarded denotational semantics. We propose a highly usable language for guarded recursion and explore its particular models and metatheorems. We show a relatively sharp result bounding the extent to which classical guarded recursion can be added to any type theory with decidable type-checking and propose a system to mitigate this issue. Finally, we conduct an in-depth case study using guarded MTT to obtain a fully synthetic account of the Iris program logic, proving adequacy in a fully internal manner.Jon Sterling20219136817sterling-2021-thesissterling-2021-thesis.xmlFirst steps in synthetic Tait computability: the objective metatheory of cubical type theoryReferenceDoctoral dissertation, Carnegie Mellon Universityhash-bafkrmih2tmdumryyta2loigpp27rwuzif3gsgcg4xwpngvfruaawmqy3vu.pdf10.5281/zenodo.6990769The implementation and semantics of dependent type theories can be studied in a syntax-independent way: the objective metatheory of dependent type theories exploits the universal properties of their syntactic categories to endow them with computational content, mathematical meaning, and practical implementation (normalization, type checking, elaboration). The semantic methods of the objective metatheory inform the design and implementation of correct-by-construction elaboration algorithms, promising a principled interface between real proof assistants and ideal mathematics.In this dissertation, I add synthetic Tait computability to the arsenal of the objective metatheorist. Synthetic Tait computability is a mathematical machine to reduce difficult problems of type theory and programming languages to trivial theorems of topos theory. First employed by Sterling and Harper to reconstruct the theory of program modules and their phase separated parametricity, synthetic Tait computability is deployed here to resolve the last major open question in the syntactic metatheory of cubical type theory: normalization of open terms.
Jon Sterling6819unstable/740unstable-740.xmlTechnical reports
Jon Sterling6830unstable/741unstable-741.xmlWorkshop talksRobert Harper20236216820harper-2023-calco-mfpsharper-2023-calco-mfps.xmlIntegrating cost and behavior in type theoryReferencehttp://www.cs.cmu.edu/~rwh/talks/calco-mfps-2023.pdf Plenary invited lecture for CALCO/MFPS 2023Joint work with Harrison Grodin (Carnegie Mellon), Yue Niu (Carnegie Mellon), and Jon Sterling (Cambridge).The computational view of intuitionistic dependent type theory is as an intrinsic logic of (functional) programs in which types are viewed as specifications of their behavior. Equational reasoning is particularly relevant in the functional case, where correctness can be formulated as equality between two implementations of the same behavior. Besides behavior, it is also important to specify and verify the cost of programs, measured in terms of their resource usage, with respect to both sequential and parallel evaluation. Although program cost can—and has been—verified in type theory using an extrinsic formulation of programs as data objects, what we seek here is, instead, an intrinsic account within type theory itself.In this talk we discuss Calf, the Cost-Aware Logical Framework, which is an extension of dependent call-by-push-value type theory that provides an intrinsic account of both parallel and sequential resource usage for a variety of problem-specific measures of cost. Thus, for example, it is possible to prove that insertion sort and merge sort are equal as regards behavior, but differ in terms of the number of comparisons required to achieve the same results. But how can equal functions have different cost? To provide an intrinsic account of both intensional and extensional properties of programs, we make use of Sterling's notion of Synthetic Tait Computability, a generalization of Tait's method originally developed for the study of higher type theory. In STC the concept of a “phase” plays a central role: originally as the distinction between the syntactic and semantic aspects of a computability structure, but more recently applied to the formulation of type theories for program modules and for information flow properties of programs. In Calf we distinguish two phases, the intensional and extensional, which differ as regards the significance of cost accounting—extensionally it is neglected, intensionally it is of paramount importance. Thus, in the extensional phase insertion sort and merge sort are equal, but in the intensional phase they are distinct, and indeed one is proved to have optimal behavior as regards comparisons, and the other not. Importantly, both phases are needed in a cost verification—the proof of the complexity of an algorithm usually relies on aspects of its correctness.We will provide an overview of Calf itself, and of its application in the verification of the cost and behavior of a variety of programs. So far we have been able to verify cost bounds on Euclid's Algorithm, amortized bounds on batched queues, parallel cost bounds on a joinable form of red-black trees, and the equivalence and cost of the aforementioned sorting methods. In a companion paper at this meeting Grodin and I develop an account of amortization that relates the standard inductive view of instruction sequences with the coinductive view of data structures characterized by the same operations. In ongoing work we are extending the base of verified deterministic algorithms to those taught in the undergraduate parallel algorithms course at Carnegie Mellon, and are extending Calf itself to account for probabilistic methods, which are also used in that course.Taichi Uemura202276821uemura-2022-hott-ufuemura-2022-hott-uf.xmlInternal languages of diagrams of ∞-toposesReferenceWorkshop on Homotopy Type Theory / Univalent FoundationsJonathan WeinbergerBenedikt AhrensUlrik BuchholtzPaige Randall North202276822weinberger-ahrens-buchholtz-north-2022-hott-ufweinberger-ahrens-buchholtz-north-2022-hott-uf.xmlTowards normalization of simplicial type theory via synthetic Tait computabilityReferencehttps://www.dropbox.com/s/6dhiqiaemzmewm1/weinberger_HoTTUF22_SSTC.mp4?dl=0Workshop on Homotopy Type Theory / Univalent FoundationsJon SterlingRobert Harper20226306823sterling-2022-muristerling-2022-muri.xmlSheaf semantics of termination-insensitive noninterferenceReferencehash-bafkrmidn65xp7ewox6ka5uijltbkg5ikkuuuj5zid7viz5dbu35fx44qoq.pdfMURI Team Meeting 2022Jon Sterling20237176803jms-005Zjms-005Z.xmlAdequacy of sheaf semantics of noninterferenceErratumA serious (and as-yet unfixed) problem was discovered in July of 2023 by Yue Niu, which undermines the proof of adequacy given; in particular, the proof that the logical relation on free algebras is admissible is not correct. I believe there is a different proof of adequacy for the calculus described, but it will have a different structure from what currently appears in the paper. We thank Yue Niu for his attention to detail and careful reading of this paper.Jonathan WeinbergerBenedikt AhrensUlrik BuchholtzPaige Randall North202266824weinberger-ahrens-buchholtz-north-2022-typesweinberger-ahrens-buchholtz-north-2022-types.xmlSynthetic Tait computability for simplicial type theoryReferencehttps://www.youtube.com/watch?v=jX76Kv-E_ls28th International Conference on Types for Proofs and ProgramsTaichi Uemura20225216825uemura-2022-wg6uemura-2022-wg6.xmlNormalization for initial space-valued models of type theoriesReferenceWG6 kick-off meeting: Syntax and Semantics of Type TheoriesJon Sterling20225206826sterling-2022-wg6sterling-2022-wg6.xmlNaïve logical relations in synthetic Tait computabilityReferenceWG6 kick-off meeting: Syntax and Semantics of Type TheoriesLogical relations are the main tool for proving positive properties of logics, type theories, and programming languages: canonicity, normalization, decidability, conservativity, computational adequacy, and more. Logical relations combine pure syntax with non-syntactic objects that are parameterized in syntax in a somewhat complex way; the sophistication of possible parameterizations makes logical relations a tool that is primarily accessible to specialists. In the spirit of Halmos' book Naïve Set Theory, I advocate for a new viewpoint on logical relations based on synthetic Tait computability, the internal language of categories of logical relations. In synthetic Tait computability, logical relations are manipulated as if they were sets, making the essence of many complex logical relations arguments accessible to non-specialists.Jon Sterling202110156827sterling-2021-muristerling-2021-muri.xmlNormalization for (Cartesian) cubical type theoryReferencehash-bafkrmigc53m5m72p66jxbd7oxkvrl7irbrfxdjsatj2igngbm44a6g5cnq.pdfMURI Team Meeting 2021Jon SterlingRobert Harper20216828sterling-harper-2021-mlwsterling-harper-2021-mlw.xmlA metalanguage for multi-phase modularityReferencehash-bafkrmigp2ekztc4xgmcxoxv7mxawb33zro6apew2m54hmctdosmregbpha.pdfhttps://www.youtube.com/watch?v=5kWS-umBA7kML Family WorkshopType abstraction, the phase distinction, and computational effects all play an important role in the design and implementation of ML-style module systems. We propose a simple type theoretic metalanguage φML for multi-phase modularity in which these concepts are treated individually, supporting the definition of high-level modular constructs such as generative and applicative functors, as well as all extant forms of structure sharing.Jon SterlingCarlo Angiuli20216829sterling-angiuli-2021-ctsterling-angiuli-2021-ct.xmlNormalization for cubical type theoryReferencehash-bafkrmie6j57qqrx6av73q6ropesavo76e57fcttaxm6t7qyhzpsyhjazjm.pdfhttps://www.youtube.com/watch?v=AhivFjnBakECategory Theory 2021
Jon Sterling6840unstable/742unstable-742.xmlSeminar talksJon Sterling2022696831sterling-2022-ppssterling-2022-pps.xmlNaïve logical relations in synthetic Tait computabilityReferenceProofs, Programs and Systems seminar (IRIF PPS)Logical relations are the main tool for proving positive properties of logics, type theories, and programming languages: canonicity, normalization, decidability, conservativity, computational adequacy, and more. Logical relations combine pure syntax with non-syntactic objects that are parameterized in syntax in a somewhat complex way; the sophistication of possible parameterizations makes logical relations a tool that is primarily accessible to specialists. In the spirit of Halmos' book Naïve Set Theory, I advocate for a new viewpoint on logical relations based on synthetic Tait computability, the internal language of categories of logical relations. In synthetic Tait computability, logical relations are manipulated as if they were sets, making the essence of many complex logical relations arguments accessible to non-specialists.Jon Sterling20224266832sterling-2022-bu-popvsterling-2022-bu-popv.xmlIntrinsic semantics of termination-insensitive noninterferenceReferencehash-bafkrmiakx5dlx7mjxgf2e3qfga4xmjbru46crc6ds52thmiktqyjri46n4.pdfBoston University POPV SeminarSecurity-typed programming languages aim to control the flow of high-security information to low security clients. Starting with Abadi et al.'s dependency core calculus, the denotational semantics of such languages has been dominated by an extrinsic approach in which an existing insecure model of computation (e.g. ordinary domains) is restricted by a logical relation of "indistinguishability" to prevent low-security outputs from depending on high-security inputs (noninterference). Thus in the extrinsic approach, security properties are bolted onto an insecure model by brute force, as it were. A more refined information flow policy called termination-insensitive noninterference allows high-security bits to be leaked through termination channels but not through return values; unfortunately, the adaptation of the extrinsic/relational semantics to this more relaxed policy is incompatible with the transitivity of the logical relation, contradicting the intuition of "indistinguishability".In contrast, an intrinsic semantics of security typing would involve a new computational model that evinces secure information flow and noninterference properties directly without any post hoc restriction by a logical relation. We contribute the first such intrinsic semantics of security typing in this sense by considering sheaves of dcpos on a space of abstract behaviors on which security classes arise as open/closed partitions; the security monads then arise as the closed modalities of topos theory that restrict a sheaf to its component over a closed subspace.An advantage of our intrinsic semantics is that termination-insensitive noninterference arises automatically from our computational model, namely the fact that the Sierpiński domain is not a constant sheaf; a further advantage is that our semantics is an instance of standard domain theoretic denotational semantics, albeit over a richer category of domains.(j.w.w. R. Harper)Robert Harper20211296833harper-2021-topos-instituteharper-2021-topos-institute.xmlPhase distinctions in type theoryReferencehttps://www.youtube.com/watch?v=7DYkyB1Rm3ITopos Institute Colloquium(Joint work with Jon Sterling and Yue Niu)The informal phase distinction between compile-time and run-time in programming languages is formally manifested by the distinction between kinds, which classify types, and types, which classify code. The distinction underpins standard programming methodology whereby code is first type-checked for consistency before being compiled for execution. When used effectively, types help eliminate bugs before they occur.Program modules, in even the most rudimentary form, threaten the distinction, comprising as they do both types and programs in a single unit. Matters worsen when considerating “open” modules, with free module variables standing for its imports. To maintain the separation in their presence it is necessary to limit the dependency of types, the static parts of a module, to their imported types. Such restrictions are fundamental for using dependent types to express modular structure, as originally suggested by MacQueen.To address this question Moggi gave an “analytic” formulation of program modules in which modules are explicitly separated into their static and dynamic components using tools from category theory. Recent work by Dreyer, Rossberg, and Russo develops this approach fully in their account of ML-like module systems. In this talk we consider instead a “synthetic” formulation using a proposition to segregate the static from the dynamic, in particular to define static equivalence to manage type sharing and type dependency.Jon Sterling202111196834sterling-2021-cclsterling-2021-ccl.xmlTowards a geometry for syntaxReferencehash-bafkrmig65yyrnooa2ki3usvufg3gmrp24zw3u634erewg2pwgjpthnlksq.pdfCambridge Computer LaboratoryThe purpose of this talk is to pose the question, “What are the Euclid’s postulates for syntactic metatheory?”In the fourth century B.C.E., the Greek mathematician Euclid set down his famous postulates for plane geometry, explaining geometric shapes in terms of rules that govern their construction and incidence. The dialectical relationship between theories (axioms) and their models (coordinate systems) has been the driving force in the last two millennia of geometrical investigation.In logic and computer science, workers in the “syntactic metatheory” investigate questions that lie on the fringe between a theory and its models — definability, normalization, decidability, conservativity, computational adequacy, parametricity, type safety, etc. Dominant methods attack these questions by means of explicit computations (e.g. Kripke logical relations) which practitioners have found to be both reliable and somewhat opaque. In this talk, I introduce Synthetic Tait computability — a new system of axioms that transforms these explicit computations into synthetic manipulations; classical Kripke logical relations can be seen as models or “coordinate systems” for the new geometry of syntax that is beginning to unfold.Synthetic Tait computability has already been employed to positively resolve the normalization and decidability conjectures for cubical type theory, as well as a number of other recent results.Jon Sterling20211116835sterling-2021-logsemsterling-2021-logsem.xmlBetween abstraction and composition...Referencehash-bafkrmibvdmy674htuxiv72zuvqwhdzjsygbcvw3zcishgnlucuoc3q35iq.pdfLogic and Semantics Seminar, Aarhus UniversityThe fundamental contradiction of programming and program verification can be located in the tension between abstraction and composition. We make programs more abstract in order to prevent bad interactions between components; on the other side of the coin, we impede the composition of components when we abstract them. Modern programming practice evinces many distinct levels of abstraction that must be considered at the same time — for instance, compilers break module boundaries during linking, complexity analysis breaks the abstraction of extensional equivalence, and logical relations proofs break the abstraction of closure under substitution. What is needed to meet this challenge is linguistic tools that smoothly interpolate between these different levels of abstraction. Building on my doctoral dissertation and joint work with Bob Harper, I introduce a new plan for modal programming languages and logics that treat the transition between different abstraction levels as a first-class notion.Jon Sterling20218246836sterling-2021-cmu-sssterling-2021-cmu-ss.xmlAbstraction, composition, and the phase distinctionReferencehash-bafkrmiauzlnmczowkvzdsbt3hw2hzxc35xoyii4qvpkg2cykqba7bu5pya.pdfCMU Speakers ClubProgrammers use abstraction to hide representation details from ourselves: either to avoid mistakes (e.g. confusing a list index with a length) or to exploit representation invariants (e.g. two implementations of the QUEUE interface are indistinguishable). These abstraction boundaries can unfortunately impede the linking of smaller program units into efficient composite programs, because compilers must exploit representation details in order to produce efficient code. Sometimes seen as the "waterloo of separate compilation", the need to break abstraction is answered by whole-program analysis techniques that break all abstractions (as in the MLton compiler for Standard ML). Separate compilation, however, has a number of advantages including speed, parallelization, and elegance.We present an alternative type theoretic account of abstraction-breaking during compilation based on the famous phase distinction of ML languages; rather than distinguishing between compiletime and runtime, we focus on separating "devtime" from compiletime. Our framework allows the programmer to selectively reveal representation details to the compiler without giving up the representation independence properties guaranteed by "devtime" type correctness. We also describe an application to the problem of printf-debugging, which is ordinarily obstructed by abstraction.Jon SterlingCarlo Angiuli202156837sterling-angiuli-2021-padovasterling-angiuli-2021-padova.xmlNormalization for cubical type theoryReferencePadova Logic SeminarWe prove normalization for (univalent, Cartesian) cubical type theory, closing the last major open problem in the syntactic metatheory of cubical type theory. The main difficulty in comparison to conventional type theory is located in a new feature of cubical type theories, the absence of a stable notion of neutral term: for instance, the path application (p @ i) ceases to be neutral within its “locus of instability” ∂(i) and must compute to an endpoint. We introduce a new, geometrically-inspired generalization of the notion of neutral term, stabilizing neutrals by gluing them together with partial computability data along their loci of instability — when the locus of instability is nowhere, a stabilized neutral is a conventional neutral, and when the locus of instability is everywhere, a stabilized neutral is just computability data. Our normalization result is based on a reduction-free Artin gluing argument, and yields an injective function from equivalence classes of terms in context to a tractable language of beta/eta-normal forms. As corollaries we obtain both decidability of judgmental equality, as well as injectivity of type constructors in contexts formed by assuming variables x : A and dimensions i : 𝕀.Jon Sterling202146838sterling-2021-au-ccssterling-2021-au-ccs.xmlLogical relations as typesReferencehash-bafkrmiafb2gihhkx6w3wjzpfzs5bvjxmjospi4wuhgnszcmuq3j6w4lyue.pdfhttps://www.youtube.com/watch?v=AEthjg2k718CCS Colloquium, Augusta UniversityThis is joint work with Robert Harper.How do you prove that two implementations of an abstract type behave the same in all configurations? Reynolds famously employed logical relations to establish such results; roughly, a logical relation is a structure-respecting relation between two interpretations of a theory that evinces, in the base case, a desirable invariant.We present a synthetic way to understand and interact with logical relations, related to classical logical relations in the same way that Euclidean geometry relates to point-sets. Previously a logical relation was defined in terms of the (complicated) details of how it is constructed as a certain kind of relation over syntax. We instead take the simpler view that everything in sight is a logical relation, and then use modalities to isolate those logical relations that are degenerate in either the syntactic or the semantic direction.Our “logical relations as types” principle has led to a new account of modules and representation independence (S., Harper), as well as the first proofs of normalization for cubical type theory (S., Angiuli) and general multi-modal dependent type theory (Gratzer).Jon SterlingCarlo Angiuli202126839sterling-2021-cmu-hottsterling-2021-cmu-hott.xmlNormalization for cubical type theoryReferencePittsburgh's HoTT SeminarWe prove normalization for (univalent, Cartesian) cubical type theory, closing the last major open problem in the syntactic metatheory of cubical type theory. The main difficulty in comparison to conventional type theory is located in a new feature of cubical type theories, the absence of a stable notion of neutral term: for instance, the path application p(i) ceases to be neutral within its “locus of instability” ∂(i) and must compute to an endpoint. We introduce a new, geometrically-inspired generalization of the notion of neutral term, stabilizing neutrals by gluing them together with partial computability data along their loci of instability — when the locus of instability is nowhere, a stabilized neutral is a conventional neutral, and when the locus of instability is everywhere, a stabilized neutral is just computability data. Our normalization result is based on a reduction-free Artin gluing argument, and yields an injective function from equivalence classes of terms in context to a tractable language of beta/eta-normal forms. As corollaries we obtain both decidability of judgmental equality, as well as injectivity of type constructors in contexts formed by assuming variables x : A and dimensions i : 𝕀.(j.w.w. Carlo Angiuli.)
Jon Sterling6841unstable/743unstable-743.xmlRoladex
9592References9594ContextJon Sterling20237189593jms-005Xjms-005X.xmlPublic bibliographiesI maintain several public bibliographies.Jon Sterling6742jms-005Wjms-005W.xmlCubical type theoryBibliographyThis page collects papers and dissertations about Cubical Type Theory; if you have written a paper or dissertation on this topic, please write to me to have it added to this list.
Jon Sterling6674unstable/728unstable-728.xmlAccepted papers
Jon Sterling6706unstable/729unstable-729.xmlRefereed papersNiccolò VeltriAndrea Vezzosi202326675veltri-vezzosi-2023veltri-vezzosi-2023.xmlFormalizing CCS and -calculus in Guarded Cubical AgdaReference10.1016/j.jlamp.2022.100846Samuel MimramÉmile Oleon20226286676mimram-oleon-2022mimram-oleon-2022.xmlDivision by two, in homotopy type theoryReference10.4230/LIPIcs.FSCD.2022.11International Conference on Formal Structures for Computation and Deduction (FSCD)Andrew SwanTaichi Uemura20223216677swan-uemura-2022swan-uemura-2022.xmlOn Church’s thesis in cubical assembliesReference10.1017/S0960129522000068Mathematical Structures in Computer ScienceBruno Bentzen20223156678bentzen-2022bentzen-2022.xmlNaive cubical type theoryReference10.1017/S096012952200007XMathematical Structures in Computer ScienceJon SterlingCarlo AngiuliDaniel Gratzer2022296679sterling-angiuli-gratzer-2022sterling-angiuli-gratzer-2022.xmlA cubical language for Bishop setsReference10.46298/lmcs-18(1:43)2022Logical Methods in Computer ScienceWe present XTT, a version of Cartesian cubical type theory specialized for Bishop sets à la Coquand, in which every type enjoys a definitional version of the uniqueness of identity proofs. Using cubical notions, XTT reconstructs many of the ideas underlying Observational Type Theory, a version of intensional type theory that supports function extensionality. We prove the canonicity property of XTT (that every closed boolean is definitionally equal to a constant) by Artin gluing.Thierry CoquandSimon HuberChristian Sattler202226680coquand-huber-sattler-2022coquand-huber-sattler-2022.xmlCanonicity and homotopy canonicity for cubical type theoryReference10.46298/lmcs-18(1:28)2022Logical Methods in Computer ScienceMagnus Baunsgaard KristensenRasmus Ejlers MøgelbergAndrea Vezzosi20226681kristensen-mogelberg-vezzosi-2022kristensen-mogelberg-vezzosi-2022.xmlGreatest HITs: higher inductive types in coinductive definitions via induction under clocksReference10.1145/3531130.3533359Proceedings of the 37th Annual ACM/IEEE Symposium on Logic in Computer ScienceGuillaume BrunerieAxel LjungströmAnders Mörtberg20226682brunerie-ljungstrom-mortberg-2022brunerie-ljungstrom-mortberg-2022.xmlSynthetic cohomology theory in Cubical AgdaReference30th EACSL Annual Conference on Computer Science Logic (CSL 2022)Anders Mörtberg202112106683mortberg-2021mortberg-2021.xmlCubical methods in homotopy type theory and univalent foundationsReference10.1017/S0960129521000311Mathematical Structures in Computer ScienceVikraman ChoudhuryMarcelo Fiore202110116684choudury-fiore-2021choudury-fiore-2021.xmlFree commutative monoids in homotopy type theoryReferenceProceedings of MFPS XXXVIII10.46298/entics.10492Donnacha Oisín KidneyNicolas Wu202186685kidney-wu-2021kidney-wu-2021.xmlAlgebras for weighted searchReference10.1145/3473577Proceedings of the ACM on Programming Languages (ICFP)Jon SterlingCarlo Angiuli2021776686sterling-angiuli-2021sterling-angiuli-2021.xmlNormalization for cubical type theoryReference2021 36th Annual ACM/IEEE Symposium on Logic in Computer Science (LICS)10.1109/LICS52264.2021.9470719https://arxiv.org/abs/2101.11479We prove normalization for (univalent, Cartesian) cubical type theory, closing the last major open problem in the syntactic metatheory of cubical type theory. Our normalization result is reduction-free, in the sense of yielding a bijection between equivalence classes of terms in context and a tractable language of /-normal forms. As corollaries we obtain both decidability of judgmental equality and the injectivity of type constructors.Carlo AngiuliEvan CavalloAnders MörtbergMax Zeuner2021146687acmz-2021acmz-2021.xmlInternalizing representation independence with univalenceReference10.1145/3434293Proceedings of the ACM on Programming Languages, Volume 5, Issue POPLIn their usual form, representation independence metatheorems provide an external guarantee that two implementations of an abstract interface are interchangeable when they are related by an operation-preserving correspondence. If our programming language is dependently-typed, however, we would like to appeal to such invariance results within the language itself, in order to obtain correctness theorems for complex implementations by transferring them from simpler, related implementations. Recent work in proof assistants has shown that Voevodsky’s univalence principle allows transferring theorems between isomorphic types, but many instances of representation independence in programming involve non-isomorphic representations.In this paper, we develop techniques for establishing internal relational representation independence results in dependent type theory, by using higher inductive types to simultaneously quotient two related implementation types by a heterogeneous correspondence between them. The correspondence becomes an isomorphism between the quotiented types, thereby allowing us to obtain an equality of implementations by univalence. We illustrate our techniques by considering applications to matrices, queues, and finite multisets. Our results are all formalized in Cubical Agda, a recent extension of Agda which supports univalence and higher inductive types in a computationally well-behaved way.Rasmus Ejlers MøgelbergAndrea Vezzosi20216688mogelberg-vezzosi-2021mogelberg-vezzosi-2021.xmlTwo guarded recursive powerdomains for applicative simulationReference10.4204/EPTCS.351.13Proceedings 37th Conference on Mathematical Foundations of Programming SemanticsAnders MörtbergLoïc Pujet20206689mortberg-pujet-2020mortberg-pujet-2020.xmlCubical synthetic homotopy theoryReference10.1145/3372885.3373825Proceedings of the 9th ACM SIGPLAN International Conference on Certified Programs and ProofsNiccolò VeltriAndrea Vezzosi20206690veltri-vezzosi-2020veltri-vezzosi-2020.xmlFormalizing -Calculus in Guarded Cubical AgdaReference10.1145/3372885.3373814Proceedings of the 9th ACM SIGPLAN International Conference on Certified Programs and ProofsEvan CavalloRobert Harper20206691cavallo-harper-2020cavallo-harper-2020.xmlInternal parametricity for cubical type theoryReference10.4230/LIPIcs.CSL.2020.1328th EACSL Annual Conference on Computer Science Logic (CSL 2020)Fredrik Nordvall ForsbergChuangjie XuNeil Ghani20206692forsberg-xu-ghani-2020forsberg-xu-ghani-2020.xmlThree Equivalent Ordinal Notation Systems in Cubical AgdaReference10.1145/3372885.3373835Proceedings of the 9th ACM SIGPLAN International Conference on Certified Programs and ProofsEvan CavalloAnders MörtbergAndrew Swan20206693cavallo-mortberg-swan-2020cavallo-mortberg-swan-2020.xmlUnifying cubical models of univalent type theoryReference10.4230/LIPIcs.CSL.2020.1428th EACSL Annual Conference on Computer Science Logic (CSL 2020)Marc BezemThierry CoquandSimon Huber2019816694bch-2019bch-2019.xmlThe univalence axiom in cubical setsReference10.1007/s10817-018-9472-6Journal of Automated ReasoningRasmus Ejlers MøgelbergNiccolò Veltri201916695mogelberg-veltri-2019mogelberg-veltri-2019.xmlBisimulation as path type for guarded recursive typesReference10.1145/3290317Proceedings of the ACM on Programming Languages (POPL)Andrea VezzosiAnders MörtbergAndreas Abel20196696vezzosi-mortberg-abel-2019vezzosi-mortberg-abel-2019.xmlCubical Agda: a dependently typed programming language with univalence and higher inductive typesReference10.1145/3341691Proceedings of the 24th ACM SIGPLAN International Conference on Functional ProgrammingJon SterlingCarlo AngiuliDaniel Gratzer20196697sterling-angiuli-gratzer-2019sterling-angiuli-gratzer-2019.xmlCubical syntax for reflection-free extensional equalityReferencehash-bafkrmicj5w5dosexdar6vzylw5hykvpeqrydvy4cp6llywqf7auioli4fu.pdf10.4230/LIPIcs.FSCD.2019.31FSCD ’19: International Conference on Formal Structures for Computation and DeductionWe contribute XTT, a cubical reconstruction of Observational Type Theory [Altenkirch et al., 2007] which extends Martin-Löf's intensional type theory with a dependent equality type that enjoys function extensionality and a judgmental version of the unicity of identity proofs principle (UIP): any two elements of the same equality type are judgmentally equal. Moreover, we conjecture that the typing relation can be decided in a practical way. In this paper, we establish an algebraic canonicity theorem using a novel extension of the logical families or categorical gluing argument inspired by Coquand and Shulman: every closed element of boolean type is derivably equal to either true or false.Lars BirkedalAleš BizjakRanald CloustonHans Bugge GrathwohlBas SpittersAndrea Vezzosi20196698bbcgsv-2019bbcgsv-2019.xmlGuarded cubical type theoryReference10.1007/s10817-018-9471-7Journal of Automated ReasoningThis paper improves the treatment of equality in guarded dependent type theory (𝖦𝖣𝖳𝖳), by combining it with cubical type theory (𝖢𝖳𝖳). 𝖦𝖣𝖳𝖳 is an extensional type theory with guarded recursive types, which are useful for building models of program logics, and for programming and reasoning with coinductive types. We wish to implement 𝖦𝖣𝖳𝖳 with decidable type checking, while still supporting non-trivial equality proofs that reason about the extensions of guarded recursive constructions. 𝖢𝖳𝖳 is a variation of Martin-Löf type theory in which the identity type is replaced by abstract paths between terms. 𝖢𝖳𝖳 provides a computational interpretation of functional extensionality, enjoys canonicity for the natural numbers type, and is conjectured to support decidable type-checking. Our new type theory, guarded cubical type theory (𝖦𝖢𝖳𝖳), provides a computational interpretation of extensionality for guarded recursive types. This further expands the foundations of 𝖢𝖳𝖳 as a basis for formalisation in mathematics and computer science. We present examples to demonstrate the expressivity of our type theory, all of which have been checked using a prototype type-checker implementation. We show that 𝖢𝖳𝖳 can be given semantics in presheaves on , where is the cube category, and is any small category with an initial object. We then show that the category of presheaves on provides semantics for 𝖦𝖢𝖳𝖳.Evan CavalloRobert Harper201916699cavallo-harper-2019cavallo-harper-2019.xmlHigher inductive types in cubical computational type theoryReference10.1145/3290314Proceedings of the ACM on Programming Languages (POPL)Steve Awodey20186700awodey-2018-apalawodey-2018-apal.xmlA cubical model of homotopy type theoryReference10.1016/j.apal.2018.08.002Annals of Pure and Applied LogicDaniel R. LicataIan OrtonAndrew PittsBas Spitters20186701lops-2018lops-2018.xmlInternal universes in models of homotopy type theoryReference10.4230/LIPIcs.FSCD.2018.223rd International Conference on Formal Structures for Computation and DeductionThierry CoquandSimon HuberAnders Mörtberg20186702coquand-huber-mortberg-2018coquand-huber-mortberg-2018.xmlOn higher inductive types in cubical type theoryReference10.1145/3209108.3209197Proceedings of the 33rd Annual ACM/IEEE Symposium on Logic in Computer ScienceCarlo AngiuliRobert HarperTodd Wilson20176703angiuli-harper-wilson-2017angiuli-harper-wilson-2017.xmlComputational higher-dimensional type theoryReference10.1145/3009837.3009861POPL 2017: Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming LanguagesCarlo AngiuliRobert Harper20176704angiuli-harper-2017-brouwerangiuli-harper-2017-brouwer.xmlMeaning explanations at higher dimensionReference10.1016/j.indag.2017.07.010Indagationes Mathematicae special issue: L.E.J. Brouwer, fifty years laterIan OrtonAndrew Pitts20166705orton-pitts-2016orton-pitts-2016.xmlAxioms for modelling cubical type theory in a toposReference10.4230/LIPIcs.CSL.2016.2425th EACSL Annual Conference on Computer Science Logic (CSL 2016)
Jon Sterling6708unstable/730unstable-730.xmlManuscriptsBas Spitters201610176707spitters-2016spitters-2016.xmlCubical sets and the topological toposReference10.48550/arXiv.1610.05270
Jon Sterling6715unstable/731unstable-731.xmlDissertationsA. A. A. Kløvstad2022616709kløvstad-2022kløvstad-2022.xmlA cubical implementation of homotopical patch theoryReferenceMasters Thesis, University of Bergen, Department of InformaticsJon Sterling20219136710sterling-2021-thesissterling-2021-thesis.xmlFirst steps in synthetic Tait computability: the objective metatheory of cubical type theoryReferenceDoctoral dissertation, Carnegie Mellon Universityhash-bafkrmih2tmdumryyta2loigpp27rwuzif3gsgcg4xwpngvfruaawmqy3vu.pdf10.5281/zenodo.6990769The implementation and semantics of dependent type theories can be studied in a syntax-independent way: the objective metatheory of dependent type theories exploits the universal properties of their syntactic categories to endow them with computational content, mathematical meaning, and practical implementation (normalization, type checking, elaboration). The semantic methods of the objective metatheory inform the design and implementation of correct-by-construction elaboration algorithms, promising a principled interface between real proof assistants and ideal mathematics.In this dissertation, I add synthetic Tait computability to the arsenal of the objective metatheorist. Synthetic Tait computability is a mathematical machine to reduce difficult problems of type theory and programming languages to trivial theorems of topos theory. First employed by Sterling and Harper to reconstruct the theory of program modules and their phase separated parametricity, synthetic Tait computability is deployed here to resolve the last major open question in the syntactic metatheory of cubical type theory: normalization of open terms.Evan Cavallo202126711cavallo-2021cavallo-2021.xmlHigher inductive types and internal parametricity for cubical type theoryReferenceDoctoral Dissertation, Carnegie Mellon UniversityDonnacha Oisín Kidney202096712kidney-2020kidney-2020.xmlFiniteness in cubical type theoryReferenceMasters by Research Thesis, University College CorkJonathan Weinberger20161116713weinberger-2016weinberger-2016.xmlThe cubical model of type theoryReferencehttps://www2.mathematik.tu-darmstadt.de/~streicher/THESES/weinberger.pdfMasters Thesis, Technische Universität DarmstadtSimon Huber20166714huber-2016huber-2016.xmlCubical interpretations of type theoryReferenceDoctoral Dissertation, University of Gothenburg
Jon Sterling6720unstable/732unstable-732.xmlTechnical reportsEvan CavalloRobert Harper20187186716cavallo-harper-2018cavallo-harper-2018.xmlComputational higher type theory IV: inductive typesReferenceCarlo AngiuliKuen-Bang Hou (Favonia)Robert Harper20171256717angiuli-favonia-harper-2017angiuli-favonia-harper-2017.xmlComputational higher type theory III: univalent universes and exact equalityReferenceCarlo AngiuliRobert Harper20174266718angiuli-harper-2017angiuli-harper-2017.xmlComputational higher type theory II: dependent cubical realizabilityReferenceCarlo AngiuliRobert HarperTodd Wilson20166146719angiuli-harper-wilson-2016angiuli-harper-wilson-2016.xmlComputational higher type theory I: abstract cubical realizabilityReference
Jon Sterling6736unstable/733unstable-733.xmlWorkshop talksHugo Moeneclaey202266721moeneclaey-2022-typesmoeneclaey-2022-types.xmlCubical models are cofreely parametricReference28th International Conference on Types for Proofs and ProgramsRobert RoseMatthew WeaverDaniel R. Licata202266722rose-weaver-licata-2022-typesrose-weaver-licata-2022-types.xmlDeciding the cofibration logic of cartesian cubical type theoriesReference28th International Conference on Types for Proofs and ProgramsAntoine Van MuylderAndrea VezzosiAndreas NuytsDominique Devriese202266723van-muylder-vezzosi-nuyts-devriese-2022-typesvan-muylder-vezzosi-nuyts-devriese-2022-types.xmlExtending Cubical Agda with internal parametricityReferencehttps://types22.inria.fr/files/2022/06/TYPES_2022_paper_10.pdf28th International Conference on Types for Proofs and ProgramsAxel LjungströmAnders Mörtberg202266724ljungstrom-mortberg-2022-typesljungstrom-mortberg-2022-types.xmlThe 4th homotopy group of the 3-sphere in Cubical AgdaReference28th International Conference on Types for Proofs and ProgramsMax ZeunerAnders Mörtberg202266725mortberg-zeuner-2022-typesmortberg-zeuner-2022-types.xmlTowards a formalization of affine schemes in Cubical AgdaReference28th International Conference on Types for Proofs and ProgramsFrederik Lerbjerg AagaardMagnus Baunsgaard KristensenDaniel GratzerLars Birkedal202266726akgb-2022akgb-2022.xmlUnifying cubical and multimodal type theoryReference10.48550/ARXIV.2203.1300028th International Conference on Types for Proofs and ProgramsJon Sterling20221226727sterling-2022-witssterling-2022-wits.xmlMake three to throw away: frontiers in homotopical proof assistantsReferencehash-bafkrmifpq7uvabz7ktijuq24pfirediv7taikklozbeuqknhw3evm25pje.pdfhttps://www.youtube.com/watch?v=lqBFq7aRReYWorkshop on the Implementation of Type Systems (keynote)For six years, I have served as the founder and technical leader of the RedPRL Development Team which has produced three interactive proof assistants for variants of cubical type theory: RedPRL, redtt, and cooltt. I will share several lessons that we have learned about the design and implementation of homotopical proof assistants along this journey. This talk discusses joint work with Carlo Angiuli, Evan Cavallo, Favonia, and Reed Mullanix.Jon SterlingCarlo Angiuli20216728sterling-angiuli-2021-ctsterling-angiuli-2021-ct.xmlNormalization for cubical type theoryReferencehash-bafkrmie6j57qqrx6av73q6ropesavo76e57fcttaxm6t7qyhzpsyhjazjm.pdfhttps://www.youtube.com/watch?v=AhivFjnBakECategory Theory 2021Jon Sterling202036729sterling-2020-muristerling-2020-muri.xml(Cubical) computability structuresReferencehash-bafkrmigerogwvkxuabfo24lqf5fnbd7mebab6vh3citv7bvcgc7cqyqpmy.pdfMURI Team Meeting 2020Taichi Uemura20196730uemura-2019-typesuemura-2019-types.xmlCubical assemblies, a univalent and impredicative universe and a failure of propositional resizingReference10.4230/LIPIcs.TYPES.2018.724th International Conference on Types for Proofs and Programs (TYPES 2018)Jon SterlingCarlo AngiuliDaniel Gratzer20196731sterling-angiuli-gratzer-2019-hottsterling-angiuli-gratzer-2019-hott.xmlCubical exact equality and categorical gluingReferencehash-bafkrmih2orgei2hellqbaqzwubjlulc2osk46d4s7dpkazlxzgt3oe77n4.pdfInternational Conference on Homotopy Type Theory, 2019We contribute XTT, a cubical reconstruction of Observational Type Theory which extends intensional type theory with a dependent equality type that enjoys function extensionality and judgmental unicity of identity proofs. XTT employs a variant of the Cartesian cubical Kan operations satisfying regularity (i.e., transport in constant type families is judgmentally constant), allowing its equality type to model Martin-Lof’s identity type judgmentally. We prove canonicity for the initial model of XTT (i.e., any closed term of boolean type is equal to either true or false) using a novel cubical extension (independently proposed by Awodey) of the categorical gluing technique inspired by Coquand and Shulman, in which we glue the fundamental fibration of a category of augmented Cartesian cubical sets along a cubical nerve. We conjecture that our methods will extend to open terms, allowing us to establish normalization and decidability of the typing relation.Jon SterlingCarlo AngiuliDaniel Gratzer20196732sterling-angiuli-gratzer-2019-typessterling-angiuli-gratzer-2019-types.xmlXTT: cubical syntax for extensional equality (without equality reflection)Referencehash-bafkrmifuhsbmtkvovprpvqpzzeg63w6bp46g73yb6nz53l2wnslrumnkaa.pdfTYPES 2019Carlo AngiuliEvan CavalloKuen-Bang Hou (Favonia)Robert HarperAnders MörtbergJon Sterling201886733redtt-2018-dagstuhlredtt-2018-dagstuhl.xml: implementing cartesian cubical type theoryReferencehash-bafkrmidvxp7uolkpqxsifdgktfy5filu7kgxdh5bohnldrwtcqaqxcaggi.pdfDagstuhl Seminar 18341: Formalization of Mathematics in Type TheoryCarlo AngiuliEvan CavalloKuen-Bang Hou (Favonia)Robert HarperJon Sterling20186734redprl-2018-lfmtpredprl-2018-lfmtp.xmlThe RedPRL proof assistantReference10.4204/EPTCS.274.1International Workshop on Logical Frameworks and Meta-Languages: Theory and Practice (LFMTP), 2018RedPRL is an experimental proof assistant based on Cartesian cubical computational type theory, a new type theory for higher-dimensional constructions inspired by homotopy type theory. In the style of Nuprl, RedPRL users employ tactics to establish behavioral properties of cubical functional programs embodying the constructive content of proofs. Notably, RedPRL implements a two-level type theory, allowing an extensional, proof-irrelevant notion of exact equality to coexist with a higher-dimensional proof-relevant notion of paths.Marc BezemThierry CoquandSimon Huber20146735bch-2014bch-2014.xmlA model of type theory in cubical setsReference19th International Conference on Types for Proofs and Programs (TYPES 2013)
Jon Sterling6740unstable/734unstable-734.xmlSeminar talksJon SterlingCarlo Angiuli202156737sterling-angiuli-2021-padovasterling-angiuli-2021-padova.xmlNormalization for cubical type theoryReferencePadova Logic SeminarWe prove normalization for (univalent, Cartesian) cubical type theory, closing the last major open problem in the syntactic metatheory of cubical type theory. The main difficulty in comparison to conventional type theory is located in a new feature of cubical type theories, the absence of a stable notion of neutral term: for instance, the path application (p @ i) ceases to be neutral within its “locus of instability” ∂(i) and must compute to an endpoint. We introduce a new, geometrically-inspired generalization of the notion of neutral term, stabilizing neutrals by gluing them together with partial computability data along their loci of instability — when the locus of instability is nowhere, a stabilized neutral is a conventional neutral, and when the locus of instability is everywhere, a stabilized neutral is just computability data. Our normalization result is based on a reduction-free Artin gluing argument, and yields an injective function from equivalence classes of terms in context to a tractable language of beta/eta-normal forms. As corollaries we obtain both decidability of judgmental equality, as well as injectivity of type constructors in contexts formed by assuming variables x : A and dimensions i : 𝕀.Jon SterlingCarlo Angiuli202126738sterling-2021-cmu-hottsterling-2021-cmu-hott.xmlNormalization for cubical type theoryReferencePittsburgh's HoTT SeminarWe prove normalization for (univalent, Cartesian) cubical type theory, closing the last major open problem in the syntactic metatheory of cubical type theory. The main difficulty in comparison to conventional type theory is located in a new feature of cubical type theories, the absence of a stable notion of neutral term: for instance, the path application p(i) ceases to be neutral within its “locus of instability” ∂(i) and must compute to an endpoint. We introduce a new, geometrically-inspired generalization of the notion of neutral term, stabilizing neutrals by gluing them together with partial computability data along their loci of instability — when the locus of instability is nowhere, a stabilized neutral is a conventional neutral, and when the locus of instability is everywhere, a stabilized neutral is just computability data. Our normalization result is based on a reduction-free Artin gluing argument, and yields an injective function from equivalence classes of terms in context to a tractable language of beta/eta-normal forms. As corollaries we obtain both decidability of judgmental equality, as well as injectivity of type constructors in contexts formed by assuming variables x : A and dimensions i : 𝕀.(j.w.w. Carlo Angiuli.)Jon Sterling202066739sterling-2020-epasterling-2020-epa.xml and the future of Cartesian cubical type theoryReferencehttps://vimeo.com/425917591Every Proof Assistantredtt is an interactive proof assistant for Cartesian cubical type theory, a version of Martin-Löf type theory featuring computational versions of function extensionality, higher inductive types, and univalence. Building on ideas from Epigram, Agda, and Idris, redtt introduces a new cubical take on interactive proof development with holes. We will first introduce the basics of cubical type theory and then dive into an interactive demonstration of redtt’s features and its mathematical library.After this we will catch a first public glimpse of the future of redtt, a new prototype that our team is building currently code-named "cooltt": cooltt introduces syntax to split on disjunctions of cofibrations in arbitrary positions, implementing the full definitional eta law for disjunction. While cooltt is still in the early stages, it already has full support for univalence and cubical interactive proof development.
Jon Sterling6741unstable/735unstable-735.xmlRoladex
Jon Sterling6792jms-005Sjms-005S.xmlGuarded domain theoryBibliographyThis page collects papers and dissertations about Guarded Domain Theory; if you have written a paper or dissertation on this topic, please write to me to have it added to this list.
Jon Sterling6743unstable/744unstable-744.xmlAccepted papers
Jon Sterling6771unstable/745unstable-745.xmlRefereed papersJon SterlingDaniel GratzerLars Birkedal2024276744sterling-gratzer-birkedal-2024-univalentsterling-gratzer-birkedal-2024-univalent.xmlTowards univalent reference typesReference10.4230/LIPIcs.CSL.2024.47CSL ’24: 32nd EACSL Annual Conference on Computer Science Logic 2024We develop a denotational semantics for general reference types in an impredicative version of guarded homotopy type theory, an adaptation of synthetic guarded domain theory to Voevodsky’s univalent foundations. We observe for the first time the profound impact of univalence on the denotational semantics of mutable state. Univalence automatically ensures that all computations are invariant under symmetries of the heap—a bountiful source of program equivalences. In particular, even the most simplistic univalent model enjoys many new program equivalences that do not hold when the same constructions are carried out in the universes of traditional set-level (extensional) type theory.Frederik Lerbjerg AagaardJon SterlingLars Birkedal202311236745aagaard-sterling-birkedal-2023aagaard-sterling-birkedal-2023.xmlA denotationally-based program logic for higher-order storeReference10.46298/entics.1223239th International Conference on Mathematical Foundations of Programming SemanticsSeparation logic is used to reason locally about stateful programs. State of the art program logics for higher-order store are usually built on top of untyped operational semantics, in part because traditional denotational methods have struggled to simultaneously account for general references and parametric polymorphism. The recent discovery of simple denotational semantics for general references and polymorphism in synthetic guarded domain theory has enabled us to develop Tulip, a higher-order separation logic over the typed equational theory of higher-order store for a monadic version of System . The Tulip logic differs from operationally-based program logics in two ways: predicates range over the meanings of typed terms rather than over the raw code of untyped terms, and they are automatically invariant under the equational congruence of higher-order store, which applies even underneath a binder. As a result, “pure” proof steps that conventionally require focusing the Hoare triple on an operational redex are replaced by a simple equational rewrite in Tulip. We have evaluated Tulip against standard examples involving linked lists in the heap, comparing our abstract equational reasoning with more familiar operational-style reasoning. Our main result is the soundness of Tulip, which we establish by constructing a BI-hyperdoctrine over the denotational semantics of in an impredicative version of synthetic guarded domain theory.Daniele PalombiJon Sterling20232226746palombi-sterling-2023palombi-sterling-2023.xmlClassifying topoi in synthetic guarded domain theory: the universal property of multi-clock guarded recursionReference10.46298/entics.1032338th International Conference on Mathematical Foundations of Programming SemanticsSeveral different topoi have played an important role in the development and applications of synthetic guarded domain theory (SGDT), a new kind of synthetic domain theory that abstracts the concept of guarded recursion frequently employed in the semantics of programming languages. In order to unify the accounts of guarded recursion and coinduction, several authors have enriched SGDT with multiple “clocks” parameterizing different time-streams, leading to more complex and difficult to understand topos models. Until now these topoi have been understood very concretely qua categories of presheaves, and the logico-geometrical question of what theories these topoi classify has remained open. We show that several important topos models of SGDT classify very simple geometric theories, and that the passage to various forms of multi-clock guarded recursion can be rephrased more compositionally in terms of the lower bagtopos construction of Vickers and variations thereon due to Johnstone. We contribute to the consolidation of SGDT by isolating the universal property of multi-clock guarded recursion as a modular construction that applies to any topos model of single-clock guarded recursion.Niccolò VeltriAndrea Vezzosi202326747veltri-vezzosi-2023veltri-vezzosi-2023.xmlFormalizing CCS and -calculus in Guarded Cubical AgdaReference10.1016/j.jlamp.2022.100846Daniel GratzerLars Birkedal202246748gratzer-birkedal-2022gratzer-birkedal-2022.xmlA stratified approach to Löb inductionReference10.4230/LIPIcs.FSCD.2022.23International Conference on Formal Structures for Computation and Deduction (FSCD)Liang-Ting ChenHsiang-Shang Ko20221276749chen-ko-2022chen-ko-2022.xmlRealising intensional S4 and GL modalitiesReference10.4230/LIPIcs.CSL.2022.1430th EACSL Annual Conference on Computer Science Logic (CSL 2022)Magnus Baunsgaard KristensenRasmus Ejlers MøgelbergAndrea Vezzosi20226750kristensen-mogelberg-vezzosi-2022kristensen-mogelberg-vezzosi-2022.xmlGreatest HITs: higher inductive types in coinductive definitions via induction under clocksReference10.1145/3531130.3533359Proceedings of the 37th Annual ACM/IEEE Symposium on Logic in Computer ScienceRasmus Ejlers MøgelbergAndrea Vezzosi20216751mogelberg-vezzosi-2021mogelberg-vezzosi-2021.xmlTwo guarded recursive powerdomains for applicative simulationReference10.4204/EPTCS.351.13Proceedings 37th Conference on Mathematical Foundations of Programming SemanticsAleš BizjakRasmus Ejlers Møgelberg20206752bizjak-mogelberg-2020bizjak-mogelberg-2020.xmlDenotational semantics for guarded dependent type theoryReferenceMathematical Structures in Computer ScienceNiccolò VeltriAndrea Vezzosi20206753veltri-vezzosi-2020veltri-vezzosi-2020.xmlFormalizing -Calculus in Guarded Cubical AgdaReference10.1145/3372885.3373814Proceedings of the 9th ACM SIGPLAN International Conference on Certified Programs and ProofsRasmus Ejlers MøgelbergNiccolò Veltri201916754mogelberg-veltri-2019mogelberg-veltri-2019.xmlBisimulation as path type for guarded recursive typesReference10.1145/3290317Proceedings of the ACM on Programming Languages (POPL)Lars BirkedalAleš BizjakRanald CloustonHans Bugge GrathwohlBas SpittersAndrea Vezzosi20196755bbcgsv-2019bbcgsv-2019.xmlGuarded cubical type theoryReference10.1007/s10817-018-9471-7Journal of Automated ReasoningThis paper improves the treatment of equality in guarded dependent type theory (𝖦𝖣𝖳𝖳), by combining it with cubical type theory (𝖢𝖳𝖳). 𝖦𝖣𝖳𝖳 is an extensional type theory with guarded recursive types, which are useful for building models of program logics, and for programming and reasoning with coinductive types. We wish to implement 𝖦𝖣𝖳𝖳 with decidable type checking, while still supporting non-trivial equality proofs that reason about the extensions of guarded recursive constructions. 𝖢𝖳𝖳 is a variation of Martin-Löf type theory in which the identity type is replaced by abstract paths between terms. 𝖢𝖳𝖳 provides a computational interpretation of functional extensionality, enjoys canonicity for the natural numbers type, and is conjectured to support decidable type-checking. Our new type theory, guarded cubical type theory (𝖦𝖢𝖳𝖳), provides a computational interpretation of extensionality for guarded recursive types. This further expands the foundations of 𝖢𝖳𝖳 as a basis for formalisation in mathematics and computer science. We present examples to demonstrate the expressivity of our type theory, all of which have been checked using a prototype type-checker implementation. We show that 𝖢𝖳𝖳 can be given semantics in presheaves on , where is the cube category, and is any small category with an initial object. We then show that the category of presheaves on provides semantics for 𝖦𝖢𝖳𝖳.Aleš BizjakLars Birkedal201846756bizjak-birkedal-2018-entcsbizjak-birkedal-2018-entcs.xmlOn models of higher-order separation logicReference10.1016/j.entcs.2018.03.016Adrien Guatto20186757guatto-2018guatto-2018.xmlA generalized modality for recursionReference10.1145/3209108.3209148LICS ’18: 33rd Annual ACM/IEEE Symposium on Logic in Computer ScienceAleš BizjakLars Birkedal20186758bizjak-birkedal-2018-tcsbizjak-birkedal-2018-tcs.xmlA model of guarded recursion via generalised equilogical spacesReference10.1016/j.tcs.2018.02.012Theoretical Computer ScienceJon SterlingRobert Harper20186759sterling-harper-2018sterling-harper-2018.xmlGuarded computational type theoryReferencehash-bafkrmie3t5ai2zxuejiwtnjln2d2aixnjqhqqifmu63oz4leeikydgbghu.pdf10.1145/3209108.3209153LICS ’18: 33rd Annual ACM/IEEE Symposium on Logic in Computer ScienceNakano’s later modality can be used to specify and define recursive functions which are causal or synchronous; in concert with a notion of clock variable, it is possible to also capture the broader class of productive (co)programs. Until now, it has been difficult to combine these constructs with dependent types in a way that preserves the operational meaning of type theory and admits a hierarchy of universes. We present an operational account of guarded dependent type theory with clocks called Guarded Computational Type Theory, featuring a novel clock intersection connective that enjoys the clock irrelevance principle, as well as a predicative hierarchy of universes which does not require any indexing in clock contexts. Guarded Computational Type Theory is simultaneously a programming language with a rich specification logic, as well as a computational metalanguage that can be used to develop semantics of other languages and logics.Stefan MiliusTadeusz Litak20176760milius-litak-2017milius-litak-2017.xmlGuard Your Daggers and Traces: On The Equational Properties of Guarded Reference10.3233/FI-2017-1475Fundamenta InformaticaeRasmus Ejlers MøgelbergMarco Paviotti20166761mogelberg-paviotti-2016mogelberg-paviotti-2016.xmlDenotational Semantics of Recursive Types in Synthetic Guarded Domain TheoryReference10.1145/2933575.2934516Proceedings of the 31st Annual ACM/IEEE Symposium on Logic in Computer ScienceAleš BizjakHans Bugge GrathwohlRanald CloustonRasmus Ejlers MøgelbergLars Birkedal20166762bgcmb-2016bgcmb-2016.xmlGuarded dependent type theory with coinductive typesReference10.1007/978-3-662-49630-5_2Foundations of Software Science and Computation Structures: 19th International ConferenceMarco PaviottiRasmus Ejlers MøgelbergLars Birkedal20156763paviotti-mogelberg-birkedal-2015paviotti-mogelberg-birkedal-2015.xmlA Model of PCF in Guarded Type TheoryReference10.1016/j.entcs.2015.12.020The 31st Conference on the Mathematical Foundations of Programming Semantics (MFPS XXXI)Aleš BizjakLars BirkedalMarino Miculan20146764bizjak-birkedal-miculan-2014bizjak-birkedal-miculan-2014.xmlA model of countable nondeterminism in guarded type theoryReference10.1007/978-3-319-08918-8_8Rewriting and Typed Lambda Calculi -- Joint International Conference, RTA-TLCA 2014Lars BirkedalRasmus Ejlers Møgelberg20136765birkedal-mogelberg-2013birkedal-mogelberg-2013.xmlIntensional type theory with guarded recursive types qua fixed points on universesReference10.1109/LICS.2013.27Proceedings of the 2013 28th Annual ACM/IEEE Symposium on Logic in Computer ScienceRobert AtkeyConor McBride20136766atkey-mcbride-2013atkey-mcbride-2013.xmlProductive coprogramming with guarded recursionReference10.1145/2500365.2500597Proceedings of the 18th ACM SIGPLAN International Conference on Functional ProgrammingLars BirkedalRasmus Ejlers MøgelbergJan SchwinghammerKristian Støvring20116767bmss-2011bmss-2011.xmlFirst steps in synthetic guarded domain theory: step-indexing in the topos of treesReference10.1109/LICS.2011.16Proceedings of the 2011 IEEE 26th Annual Symposium on Logic in Computer ScienceWe present the topos of trees as a model of guarded recursion. We study the internal dependently-typed higher-order logic of and show that models two modal operators, on predicates and types, which serve as guards in recursive definitions of terms, predicates, and types. In particular, we show how to solve recursive type equations involving dependent types. We propose that the internal logic of provides the right setting for the synthetic construction of abstract versions of step-indexed models of programming languages and program logics. As an example, we show how to construct a model of a programming language with higher-order store and recursive types entirely inside the internal logic of .Lars BirkedalKristian StøvringJacob Junker Thamsborg20106768birkedal-støvring-thamsborg-2010-solutionbirkedal-støvring-thamsborg-2010-solution.xmlThe category-theoretic solution of recursive metric-space equationsReference10.1016/j.tcs.2010.07.010Theoretical Computer ScienceHiroshi Nakano20006769nakano-2000nakano-2000.xmlA modality for recursionReference10.1109/LICS.2000.855774Proceedings of the Fifteenth Annual IEEE Symposium on Logic in Computer ScienceAndré ArnoldMaurice Nivat198066770arnold-nivat-1980arnold-nivat-1980.xmlMetric interpretations of infinite trees and semantics of non deterministic recursive programsReference10.1016/0304-3975(80)90045-6Theoretical Computer Science
Jon Sterling6773unstable/746unstable-746.xmlManuscriptsJon SterlingDaniel GratzerLars Birkedal20221066772sterling-gratzer-birkedal-2022sterling-gratzer-birkedal-2022.xmlDenotational semantics of general store and polymorphismReference10.48550/arXiv.2210.02169We contribute the first denotational semantics of polymorphic dependent type theory extended by an equational theory for general (higher-order) reference types and recursive types, based on a combination of guarded recursion and impredicative polymorphism; because our model is based on recursively defined semantic worlds, it is compatible with polymorphism and relational reasoning about stateful abstract datatypes. We then extend our language with modal constructs for proof-relevant relational reasoning based on the logical relations as types principle, in which equivalences between imperative abstract datatypes can be established synthetically. Finally we develop a decomposition of the store model as a general construction that extends an arbitrary polymorphic call-by-push-value adjunction with higher-order store, improving on Levy's possible worlds model construction; what is new in relation to prior typed denotational models of higher-order store is that our Kripke worlds need not be syntactically definable, and are thus compatible with relational reasoning in the heap. Our work combines recent advances in the operational semantics of state with the purely denotational viewpoint of synthetic guarded domain theory.
Jon Sterling6779unstable/747unstable-747.xmlDissertationsDaniel Gratzer20238296774gratzer-2023-thesisgratzer-2023-thesis.xmlSyntax and semantics of modal type theoryReferencePhD Dissertation, Aarhus Universityhttps://iris-project.org/pdfs/2023-phd-gratzer.pdfOne idiosyncratic framing of type theory is as the study of operations invariant under substitution. Modal type theory, by contrast, concerns the controlled integration of operations—modalities—into type theory which violate this discipline, so-called non-fibered connectives. Modal type theory is therefore built around a fundamental tension: the desire to include modalities and powerful principles for reasoning with them on one hand, and the need to maintain the conveniences and character of Martin-Löf type theory which stem from substitution invariance.In this thesis, we thoroughly explore and discuss this contradiction. We discuss several different formulations of modal type theory, explore their various syntactic properties, and relate them through their categorical semantics. In particular, we show that most modal type theories that have arisen in the last two decades can be understood through the abstraction of weak dependent right adjoints. We also put forward a new general modal type theory, MTT, based on this abstraction.The generality of MTT means that, without any additional work, it can be specialized to an arbitrary collection of type theories related by modalities and natural transformations between them. It is therefore easy to obtain a type theory for a comonad, an adjunction, a local topos, or any other number of complex and realistic scenarios. In addition to showing that many modal type theories are closely related to specific instantiations of MTT, we thoroughly explore the syntax and semantics of MTT itself. We prove that MTT enjoys an unconditional normalization result and decidable type-checking under mild assumptions. We show how MTT may be interpreted into a wide variety of structured categories and use this to study the expressive power of the type theory and various extensions thereof.Finally, we explore several concrete applications of MTT in the context of guarded type theory and guarded denotational semantics. We propose a highly usable language for guarded recursion and explore its particular models and metatheorems. We show a relatively sharp result bounding the extent to which classical guarded recursion can be added to any type theory with decidable type-checking and propose a system to mitigate this issue. Finally, we conduct an in-depth case study using guarded MTT to obtain a fully synthetic account of the Iris program logic, proving adequacy in a fully internal manner.Marco Paviotti20166775paviotti-2016paviotti-2016.xmlDenotational semantics in Synthetic Guarded Domain TheoryReferenceIT-Universitetet i KøbenhavnAleš Bizjak20166776bizjak-2016bizjak-2016.xmlOn semantics and applications of guarded recursionReferenceAarhus UniversityAndrea Vezzosi20156777vezzosi-2015vezzosi-2015.xmlGuarded Recursive Types in Type TheoryReferenceInstitutionen för data- och informationsteknik, Datavetenskap (Chalmers), Chalmers tekniska högskolaJacob Junker Thamsborg2010596778thamsborg-2010thamsborg-2010.xmlDenotational world-indexed logical relations and friendsReferenceIT-Universitetet i København
Jon Sterling6781unstable/748unstable-748.xmlTechnical reportsFranck BreugelJeroen Warmerdam19946780breugel-warmerdam-1994breugel-warmerdam-1994.xmlSolving domain equations in a category of compact metric spacesReferenceCWI (Centre for Mathematics and Computer Science)
Jon Sterling6787unstable/749unstable-749.xmlWorkshop talksJon SterlingDaniel GratzerLars Birkedal20232176782sterling-gratzer-birkedal-2023-ficssterling-gratzer-birkedal-2023-fics.xmlDenotational semantics of general store and polymorphismReferencehash-bafkrmig7pcke5cku7gmwwyfiufvq3ryetshmedkgwkup7qdeorpahsdilq.pdfFixed Points in Computer Science 2023We contribute the first denotational semantics of polymorphic dependent type theory extended by an
equational theory for general (higher-order) reference types and recursive types, based on a
combination of guarded recursion and impredicative polymorphism; because our model is based on
recursively defined semantic worlds, it is compatible with polymorphism and relational reasoning
about stateful abstract datatypes. What is new in relation to prior typed denotational models of
higher-order store is that our Kripke worlds need not be syntactically definable, and are thus
compatible with relational reasoning in the heap. Our work combines recent advances in the
operational semantics of state with the purely denotational viewpoint of synthetic guarded domain theory.Lars BirkedalJan SchwinghammerKristian Støvring20106783birkedal-schwinghammer-stovring-2010birkedal-schwinghammer-stovring-2010.xmlA metric model of lambda calculus with guarded recursionReferenceFixed Points in Computer Science 2010Martín Hötzel Escardó19996784escardo-1999escardo-1999.xmlA metric model of PCFReferenceWorkshop on Realizability Semantics and ApplicationsJan RuttenDaniele Turi19926785rutten-turi-1992rutten-turi-1992.xmlOn the foundation of final semantics: non-standard sets, metric spaces, partial ordersReferenceProceedings of the REX Workshop on Semantics: Foundations and ApplicationsPierre AmericaJan Rutten19876786america-rutten-1987america-rutten-1987.xmlSolving reflexive domain equations in a category of complete metric spacesReferenceProceedings of the 3rd Workshop on Mathematical Foundations of Programming Language Semantics
Jon Sterling6790unstable/750unstable-750.xmlSeminar talksJon Sterling20234176788sterling-2023-logsemsterling-2023-logsem.xmlDenotational semantics in impredicative guarded dependent type theoryReferencehash-bafkrmiczxyoaqvsobp544cpqfjrr5tisnm36cmkyb2pykcw5owku7hzoai.pdfLogic and Semantics Seminar, Aarhus UniversityImpredicative guarded dependent type theory (iGDTT) is a new version of type theory that combines guarded recursion (the "later" modality) with impredicative polymorphism (universal and existential types). It turns out that these two features are sufficient to define a very simple denotational semantics for System F with recursive types and higher-order store. We believe that the expressivity of iGDTT brings us one step closer to a general metalanguage for realistic denotational semantics, and provides a compelling strategy to elude the burden of operational semantics. As a further benefit, we are now able to justify the extension of full dependent type theory with a Haskell-style IO-monad and IORef types.Jon Sterling20221186789sterling-2022-itusterling-2022-itu.xmlDenotational semantics in impredicative guarded dependent type theoryReferencehash-bafkrmigiix5np3fp4npmgxvmx7kl7nb52ieyiazbwdxh6amdbfxdhnp2fy.pdfProgramming, Logic and Semantics, ITU CopenhagenImpredicative guarded dependent type theory (iGDTT) is a new version of type theory that combines
guarded recursion (the "later" modality) with impredicative polymorphism (universal and existential types).
It turns out that these two features are sufficient to define a very simple denotational semantics for
System F with recursive types and higher-order store. We believe that the expressivity of iGDTT
brings us one step closer to a general metalanguage for realistic denotational semantics,
and provides a compelling strategy to elude the burden of operational semantics.
As a further benefit, we are now able to justify the extension of full dependent
type theory with a Haskell-style IO-monad and IORef types.
Jon Sterling6791unstable/751unstable-751.xmlRoladex
Jon Sterling6842jms-005Tjms-005T.xmlSynthetic Tait computabilityBibliographyThis page collects papers and dissertations about Synthetic Tait Computability, also known as the logical relations as types / LRAT principle; if you have written a paper or dissertation on this topic, please write to me to have it added to this list.
Jon Sterling6794unstable/736unstable-736.xmlAccepted papersJon Sterling20239286793sterling-2023-grothendiecksterling-2023-grothendieck.xmlTowards a geometry for syntaxReference10.48550/arXiv.2307.09497Invited contribution to the proceedings of the Chapman Grothendieck Conference, to appearIt often happens that free algebras for a given theory satisfy useful reasoning principles that are not preserved under homomorphisms of algebras, and hence need not hold in an arbitrary algebra. For instance, if is the free monoid on a set , then the scalar multiplication function is injective. Therefore, when reasoning in the formal theory of monoids under , it is possible to use this injectivity law to make sound deductions even about monoids under A for which scalar multiplication is not injective — a principle known in algebra as the permanence of identity. Properties of this kind are of fundamental practical importance to the logicians and computer scientists who design and implement computerized proof assistants like Lean and Coq, as they enable the formal reductions of equational problems that make type checking tractable.As type theories have become increasingly more sophisticated, it has become more and more difficult to establish the useful properties of their free models that facilitate effective implementation. These obstructions have facilitated a fruitful return to foundational work in type theory, which has taken on a more geometrical flavor than ever before. Here we expose a modern way to prove a highly non-trivial injectivity law for free models of Martin-Löf type theory, paying special attention to the ways that contemporary methods in type theory have been influenced by three important ideas of the Grothendieck school: the relative point of view, the language of universes, and the recollement of generalized spaces.
Jon Sterling6808unstable/737unstable-737.xmlRefereed papersHarrison GrodinYue NiuJon SterlingRobert Harper2024156796grodin-niu-sterling-harper-2024grodin-niu-sterling-harper-2024.xml: a directed, effectful cost-aware logical frameworkReferencePOPL ’24: 51st ACM SIGPLAN Symposium on Principles of Programming Languages10.1145/3632852https://arxiv.org/abs/2307.05938We present decalf, a directed, effectful cost-aware logical framework for studying quantitative aspects of functional programs with effects. Like calf, the language is based on a formal phase distinction between the extension and the intension of a program, its pure behavior as distinct from its cost measured by an effectful step-counting primitive. The type theory ensures that the behavior is unaffected by the cost accounting. Unlike calf, the present language takes account of effects, such as probabilistic choice and mutable state; this extension requires a reformulation of calf’s approach to cost accounting: rather than rely on a “separable” notion of cost, here a cost bound is simply another program. To make this formal, we equip every type with an intrinsic preorder, relaxing the precise cost accounting intrinsic to a program to a looser but nevertheless informative estimate. For example, the cost bound of a probabilistic program is itself a probabilistic program that specifies the distribution of costs. This approach serves as a streamlined alternative to the standard method of isolating a recurrence that bounds the cost in a manner that readily extends to higher-order, effectful programs.The development proceeds by first introducing the decalf type system, which is based on an intrinsic ordering among terms that restricts in the extensional phase to extensional equality, but in the intensional phase reflects an approximation of the cost of a program of interest. This formulation is then applied to a number of illustrative examples, including pure and effectful sorting algorithms, simple probabilistic programs, and higher-order functions. Finally, we justify decalf via a model in the topos of augmented simplicial sets.Jon Sterling20241036795jms-012Qjms-012Q.xmlMissing assumptions about the interval in DecalfErratumIn section 4.2, we assumed only a (non-strict) interval object , and then asserted in Definition 4.5 the map was a monomorphism. Obviously, this need not be the case, so it needs to be turned into an assumption about . This assumption will, however, hold of the interval in simplicial sets for the following reason: the interval in simplicial sets is the nerve of the actual poset , and the statement in question holds for this poset and is preserved by the nerve functor.Taichi Uemura20221256797uemura-2023-fscduemura-2023-fscd.xmlHomotopy type theory as internal languages of diagrams of ∞-logosesReference10.4230/LIPIcs.FSCD.2023.58th International Conference on Formal Structures for Computation and Deduction (FSCD 2023)Yue NiuRobert Harper20229266798niu-harper-2022niu-harper-2022.xmlA metalanguage for cost-aware denotational semanticsReference10.48550/arXiv.2209.12669Thirty-Eighth Annual ACM/IEEE Symposium on
Logic in Computer Science (LICS)Daniel GratzerLars Birkedal202246799gratzer-birkedal-2022gratzer-birkedal-2022.xmlA stratified approach to Löb inductionReference10.4230/LIPIcs.FSCD.2022.23International Conference on Formal Structures for Computation and Deduction (FSCD)Daniel Gratzer202246800gratzer-2022gratzer-2022.xmlNormalization for multimodal type theoryReference10.1145/3531130.3532398Symposium on Logic and Computer Science (LICS)Yue NiuJon SterlingHarrison GrodinRobert Harper2022116801niu-sterling-grodin-harper-2022niu-sterling-grodin-harper-2022.xmlA cost-aware logical frameworkReferenceProceedings of the ACM on Programming Languages, Volume 6, Issue POPL10.1145/3498670We present calf, a cost-aware logical framework for studying quantitative aspects of functional programs. Taking inspiration from recent work that reconstructs traditional aspects of programming languages in terms of a modal account of phase distinctions, we argue that the cost structure of programs motivates a phase distinction between intension and extension. Armed with this technology, we contribute a synthetic account of cost structure as a computational effect in which cost-aware programs enjoy an internal noninterference property: input/output behavior cannot depend on cost. As a full-spectrum dependent type theory, calf presents a unified language for programming and specification of both cost and behavior that can be integrated smoothly with existing mathematical libraries available in type theoretic proof assistants.We evaluate calf as a general framework for cost analysis by implementing two fundamental techniques for algorithm analysis: the method of recurrence relations and physicist’s method for amortized analysis. We deploy these techniques on a variety of case studies: we prove a tight, closed bound for Euclid’s algorithm, verify the amortized complexity of batched queues, and derive tight, closed bounds for the sequential and parallel complexity of merge sort, all fully mechanized in the Agda proof assistant. Lastly we substantiate the soundness of quantitative reasoning in calf by means of a model construction.Jon SterlingRobert Harper20226804sterling-harper-2022sterling-harper-2022.xmlSheaf semantics of termination-insensitive noninterferenceReference10.4230/LIPIcs.FSCD.2022.5hash-bafkrmicr7k5fedmbhfpylzintas4g44lxony2655xvvtzczfvkxeds2ev4.pdf7th International Conference on Formal Structures for Computation and Deduction (FSCD 2022)We propose a new sheaf semantics for secure information flow over a space of abstract behaviors, based on synthetic domain theory: security classes are open/closed partitions, types are sheaves, and redaction of sensitive information corresponds to restricting a sheaf to a closed subspace. Our security-aware computational model satisfies termination-insensitive noninterference automatically, and therefore constitutes an intrinsic alternative to state of the art extrinsic/relational models of noninterference. Our semantics is the latest application of Sterling and Harper’s recent re-interpretation of phase distinctions and noninterference in programming languages in terms of Artin gluing and topos-theoretic open/closed modalities. Prior applications include parametricity for ML modules, the proof of normalization for cubical type theory by Sterling and Angiuli, and the cost-aware logical framework of Niu et al. In this paper we employ the phase distinction perspective twice: first to reconstruct the syntax and semantics of secure information flow as a lattice of phase distinctions between “higher” and “lower” security, and second to verify the computational adequacy of our sheaf semantics with respect to a version of Abadi et al.’s dependency core calculus to which we have added a construct for declassifying termination channels.Jon Sterling20236802jms-005Yjms-005Y.xmlMinor mistakes in sheaf semantics of noninterferenceErratumIn the published version of this paper, there were a few mistakes that have been corrected in the local copy hosted here.In the Critique of relational semantics for information flow, our discussion of the Failure of monotonicity stated incorrectly that algebras for the sealing monad at a higher security level could not be transformed into algebras for the sealing monad at a lower security level in the semantics of Abadi et al. This is not true, as pointed out to us privately by Carlos Tomé Cortiñas. What we meant to say was that it is not the case that a type whose component at a high security level is trivial shall always remain trivial at a lower security level.
The original version of the extended edition of this paper, we claimed that the constructive existence of tensor products on pointed dcpos was obvious; in fact, tensor products do exist, but their construction involves a reflexive coequalizer of pointed dcpos.Jon Sterling20237176803jms-005Zjms-005Z.xmlAdequacy of sheaf semantics of noninterferenceErratumA serious (and as-yet unfixed) problem was discovered in July of 2023 by Yue Niu, which undermines the proof of adequacy given; in particular, the proof that the logical relation on free algebras is admissible is not correct. I believe there is a different proof of adequacy for the calculus described, but it will have a different structure from what currently appears in the paper. We thank Yue Niu for his attention to detail and careful reading of this paper.Jon SterlingRobert Harper20211216806sterling-harper-2021sterling-harper-2021.xmlLogical relations as types: proof-relevant parametricity for program modulesReferencehash-bafkrmig7qn2kbsjj2pmppts2sdgqhcq44bnosytv3ibyzqth3zd42gktua.pdfJournal of the ACM, Volume 68, Issue 610.1145/3474834The theory of program modules is of interest to language designers not only for its practical importance to programming, but also because it lies at the nexus of three fundamental concerns in language design: the phase distinction, computational effects, and type abstraction. We contribute a fresh “synthetic” take on program modules that treats modules as the fundamental constructs, in which the usual suspects of prior module calculi (kinds, constructors, dynamic programs) are rendered as derived notions in terms of a modal type-theoretic account of the phase distinction. We simplify the account of type abstraction (embodied in the generativity of module functors) through a lax modality that encapsulates computational effects, placing projectibility of module expressions on a type-theoretic basis.Our main result is a (significant) proof-relevant and phase-sensitive generalization of the Reynolds abstraction theorem for a calculus of program modules, based on a new kind of logical relation called a parametricity structure. Parametricity structures generalize the proof-irrelevant relations of classical parametricity to proof-relevant families, where there may be non-trivial evidence witnessing the relatedness of two programs—simplifying the metatheory of strong sums over the collection of types, for although there can be no “relation classifying relations,” one easily accommodates a “family classifying small families.”Using the insight that logical relations/parametricity is itself a form of phase distinction between the syntactic and the semantic, we contribute a new synthetic approach to phase separated parametricity based on the slogan logical relations as types, by iterating our modal account of the phase distinction. We axiomatize a dependent type theory of parametricity structures using two pairs of complementary modalities (syntactic, semantic) and (static, dynamic), substantiated using the topos theoretic Artin gluing construction. Then, to construct a simulation between two implementations of an abstract type, one simply programs a third implementation whose type component carries the representation invariant.Jon Sterling20216805jms-0060jms-0060.xmlMinor mistakes in logical relations as typesErratumAfter going to press, we have fixed the following mistakes:In the definition of a logos, we mistakenly said that "colimits commute with finite limits" but we meant to say that they are preserved by pullback. We thank Sarah Z. Rovner-Frydman for noticing this mistake.
In Remark 5.15, we used the notation for the closed immersion prior to introducing it.
We have fixed a few broken links in the bibliography.The local copy hosted here has the corrections implementedJon SterlingCarlo Angiuli2021776807sterling-angiuli-2021sterling-angiuli-2021.xmlNormalization for cubical type theoryReference2021 36th Annual ACM/IEEE Symposium on Logic in Computer Science (LICS)10.1109/LICS52264.2021.9470719https://arxiv.org/abs/2101.11479We prove normalization for (univalent, Cartesian) cubical type theory, closing the last major open problem in the syntactic metatheory of cubical type theory. Our normalization result is reduction-free, in the sense of yielding a bijection between equivalence classes of terms in context and a tractable language of /-normal forms. As corollaries we obtain both decidability of judgmental equality and the injectivity of type constructors.
Jon Sterling6815unstable/738unstable-738.xmlManuscriptsTrebor Huang20231036809huang-2023huang-2023.xmlSynthetic Tait computability the hard wayReference10.48550/arXiv.2310.02051We walk through a few proofs of canonicity and normalization, each one with more aspects dissected and re-expressed in category theory, so that readers can compare the difference across proofs. During this process we isolate the different ideas that make up the proofs. Finally we arrive at synthetic Tait computability as proposed by J. Sterling. We also give a synthetic proof for parametricity of system F.Taichi Uemura202212226810uemura-2022-cohuemura-2022-coh.xmlNormalization and coherence for ∞-type theoriesReference10.48550/arXiv.2212.11764Daniel GratzerJon SterlingCarlo AngiuliThierry CoquandLars Birkedal202210106811gratzer-sterling-angiuli-coquand-birkedal-2022gratzer-sterling-angiuli-coquand-birkedal-2022.xmlControlling unfolding in type theoryReference10.48550/arXiv.2210.05420We present a novel mechanism for controlling the unfolding of definitions in
dependent type theory. Traditionally, proof assistants let users specify
whether each definition can or cannot be unfolded in the remainder of a
development; unfolding definitions is often necessary in order to reason about
them, but an excess of unfolding can result in brittle proofs and intractably
large proof goals. In our system, definitions are by default not unfolded, but
users can selectively unfold them in a local manner. We justify our mechanism
by means of elaboration to a core type theory with extension types, a
connective first introduced in the context of homotopy type theory. We prove a
normalization theorem for our core calculus and have implemented our system in
the cooltt proof assistant, providing both theoretical and practical evidence
for it.Jon SterlingDaniel GratzerLars Birkedal20221066812sterling-gratzer-birkedal-2022sterling-gratzer-birkedal-2022.xmlDenotational semantics of general store and polymorphismReference10.48550/arXiv.2210.02169We contribute the first denotational semantics of polymorphic dependent type theory extended by an equational theory for general (higher-order) reference types and recursive types, based on a combination of guarded recursion and impredicative polymorphism; because our model is based on recursively defined semantic worlds, it is compatible with polymorphism and relational reasoning about stateful abstract datatypes. We then extend our language with modal constructs for proof-relevant relational reasoning based on the logical relations as types principle, in which equivalences between imperative abstract datatypes can be established synthetically. Finally we develop a decomposition of the store model as a general construction that extends an arbitrary polymorphic call-by-push-value adjunction with higher-order store, improving on Levy's possible worlds model construction; what is new in relation to prior typed denotational models of higher-order store is that our Kripke worlds need not be syntactically definable, and are thus compatible with relational reasoning in the heap. Our work combines recent advances in the operational semantics of state with the purely denotational viewpoint of synthetic guarded domain theory.Jon Sterling202266813sterling-2022-naivesterling-2022-naive.xmlNaïve logical relations in synthetic Tait computabilityReferencehash-bafkrmialyvkzh6w6snnzr3k4h2b62bztsk4le57idughqik24bltinieki.pdfLogical relations are the main tool for proving positive properties of logics, type theories, and programming languages: canonicity, normalization, decidability, conservativity, computational adequacy, and more. Logical relations combine pure syntax with non-syntactic objects that are parameterized in syntax in a somewhat complex way; the sophistication of possible parameterizations makes logical relations a tool that is primarily accessible to specialists. In the spirit of Halmos' book Naïve Set Theory, I advocate for a new viewpoint on logical relations based on synthetic Tait computability, the internal language of categories of logical relations. In synthetic Tait computability, logical relations are manipulated as if they were sets, making the essence of many complex logical relations arguments accessible to non-specialists.Daniel Gratzer20216814gratzer-2021-crisp-inductiongratzer-2021-crisp-induction.xmlCrisp induction for intensional identity typesReferencehttps://jozefg.github.io/papers/crisp-induction-for-intensional-identity-types.pdf
Jon Sterling6818unstable/739unstable-739.xmlDissertationsDaniel Gratzer20238296816gratzer-2023-thesisgratzer-2023-thesis.xmlSyntax and semantics of modal type theoryReferencePhD Dissertation, Aarhus Universityhttps://iris-project.org/pdfs/2023-phd-gratzer.pdfOne idiosyncratic framing of type theory is as the study of operations invariant under substitution. Modal type theory, by contrast, concerns the controlled integration of operations—modalities—into type theory which violate this discipline, so-called non-fibered connectives. Modal type theory is therefore built around a fundamental tension: the desire to include modalities and powerful principles for reasoning with them on one hand, and the need to maintain the conveniences and character of Martin-Löf type theory which stem from substitution invariance.In this thesis, we thoroughly explore and discuss this contradiction. We discuss several different formulations of modal type theory, explore their various syntactic properties, and relate them through their categorical semantics. In particular, we show that most modal type theories that have arisen in the last two decades can be understood through the abstraction of weak dependent right adjoints. We also put forward a new general modal type theory, MTT, based on this abstraction.The generality of MTT means that, without any additional work, it can be specialized to an arbitrary collection of type theories related by modalities and natural transformations between them. It is therefore easy to obtain a type theory for a comonad, an adjunction, a local topos, or any other number of complex and realistic scenarios. In addition to showing that many modal type theories are closely related to specific instantiations of MTT, we thoroughly explore the syntax and semantics of MTT itself. We prove that MTT enjoys an unconditional normalization result and decidable type-checking under mild assumptions. We show how MTT may be interpreted into a wide variety of structured categories and use this to study the expressive power of the type theory and various extensions thereof.Finally, we explore several concrete applications of MTT in the context of guarded type theory and guarded denotational semantics. We propose a highly usable language for guarded recursion and explore its particular models and metatheorems. We show a relatively sharp result bounding the extent to which classical guarded recursion can be added to any type theory with decidable type-checking and propose a system to mitigate this issue. Finally, we conduct an in-depth case study using guarded MTT to obtain a fully synthetic account of the Iris program logic, proving adequacy in a fully internal manner.Jon Sterling20219136817sterling-2021-thesissterling-2021-thesis.xmlFirst steps in synthetic Tait computability: the objective metatheory of cubical type theoryReferenceDoctoral dissertation, Carnegie Mellon Universityhash-bafkrmih2tmdumryyta2loigpp27rwuzif3gsgcg4xwpngvfruaawmqy3vu.pdf10.5281/zenodo.6990769The implementation and semantics of dependent type theories can be studied in a syntax-independent way: the objective metatheory of dependent type theories exploits the universal properties of their syntactic categories to endow them with computational content, mathematical meaning, and practical implementation (normalization, type checking, elaboration). The semantic methods of the objective metatheory inform the design and implementation of correct-by-construction elaboration algorithms, promising a principled interface between real proof assistants and ideal mathematics.In this dissertation, I add synthetic Tait computability to the arsenal of the objective metatheorist. Synthetic Tait computability is a mathematical machine to reduce difficult problems of type theory and programming languages to trivial theorems of topos theory. First employed by Sterling and Harper to reconstruct the theory of program modules and their phase separated parametricity, synthetic Tait computability is deployed here to resolve the last major open question in the syntactic metatheory of cubical type theory: normalization of open terms.
Jon Sterling6819unstable/740unstable-740.xmlTechnical reports
Jon Sterling6830unstable/741unstable-741.xmlWorkshop talksRobert Harper20236216820harper-2023-calco-mfpsharper-2023-calco-mfps.xmlIntegrating cost and behavior in type theoryReferencehttp://www.cs.cmu.edu/~rwh/talks/calco-mfps-2023.pdf Plenary invited lecture for CALCO/MFPS 2023Joint work with Harrison Grodin (Carnegie Mellon), Yue Niu (Carnegie Mellon), and Jon Sterling (Cambridge).The computational view of intuitionistic dependent type theory is as an intrinsic logic of (functional) programs in which types are viewed as specifications of their behavior. Equational reasoning is particularly relevant in the functional case, where correctness can be formulated as equality between two implementations of the same behavior. Besides behavior, it is also important to specify and verify the cost of programs, measured in terms of their resource usage, with respect to both sequential and parallel evaluation. Although program cost can—and has been—verified in type theory using an extrinsic formulation of programs as data objects, what we seek here is, instead, an intrinsic account within type theory itself.In this talk we discuss Calf, the Cost-Aware Logical Framework, which is an extension of dependent call-by-push-value type theory that provides an intrinsic account of both parallel and sequential resource usage for a variety of problem-specific measures of cost. Thus, for example, it is possible to prove that insertion sort and merge sort are equal as regards behavior, but differ in terms of the number of comparisons required to achieve the same results. But how can equal functions have different cost? To provide an intrinsic account of both intensional and extensional properties of programs, we make use of Sterling's notion of Synthetic Tait Computability, a generalization of Tait's method originally developed for the study of higher type theory. In STC the concept of a “phase” plays a central role: originally as the distinction between the syntactic and semantic aspects of a computability structure, but more recently applied to the formulation of type theories for program modules and for information flow properties of programs. In Calf we distinguish two phases, the intensional and extensional, which differ as regards the significance of cost accounting—extensionally it is neglected, intensionally it is of paramount importance. Thus, in the extensional phase insertion sort and merge sort are equal, but in the intensional phase they are distinct, and indeed one is proved to have optimal behavior as regards comparisons, and the other not. Importantly, both phases are needed in a cost verification—the proof of the complexity of an algorithm usually relies on aspects of its correctness.We will provide an overview of Calf itself, and of its application in the verification of the cost and behavior of a variety of programs. So far we have been able to verify cost bounds on Euclid's Algorithm, amortized bounds on batched queues, parallel cost bounds on a joinable form of red-black trees, and the equivalence and cost of the aforementioned sorting methods. In a companion paper at this meeting Grodin and I develop an account of amortization that relates the standard inductive view of instruction sequences with the coinductive view of data structures characterized by the same operations. In ongoing work we are extending the base of verified deterministic algorithms to those taught in the undergraduate parallel algorithms course at Carnegie Mellon, and are extending Calf itself to account for probabilistic methods, which are also used in that course.Taichi Uemura202276821uemura-2022-hott-ufuemura-2022-hott-uf.xmlInternal languages of diagrams of ∞-toposesReferenceWorkshop on Homotopy Type Theory / Univalent FoundationsJonathan WeinbergerBenedikt AhrensUlrik BuchholtzPaige Randall North202276822weinberger-ahrens-buchholtz-north-2022-hott-ufweinberger-ahrens-buchholtz-north-2022-hott-uf.xmlTowards normalization of simplicial type theory via synthetic Tait computabilityReferencehttps://www.dropbox.com/s/6dhiqiaemzmewm1/weinberger_HoTTUF22_SSTC.mp4?dl=0Workshop on Homotopy Type Theory / Univalent FoundationsJon SterlingRobert Harper20226306823sterling-2022-muristerling-2022-muri.xmlSheaf semantics of termination-insensitive noninterferenceReferencehash-bafkrmidn65xp7ewox6ka5uijltbkg5ikkuuuj5zid7viz5dbu35fx44qoq.pdfMURI Team Meeting 2022Jon Sterling20237176803jms-005Zjms-005Z.xmlAdequacy of sheaf semantics of noninterferenceErratumA serious (and as-yet unfixed) problem was discovered in July of 2023 by Yue Niu, which undermines the proof of adequacy given; in particular, the proof that the logical relation on free algebras is admissible is not correct. I believe there is a different proof of adequacy for the calculus described, but it will have a different structure from what currently appears in the paper. We thank Yue Niu for his attention to detail and careful reading of this paper.Jonathan WeinbergerBenedikt AhrensUlrik BuchholtzPaige Randall North202266824weinberger-ahrens-buchholtz-north-2022-typesweinberger-ahrens-buchholtz-north-2022-types.xmlSynthetic Tait computability for simplicial type theoryReferencehttps://www.youtube.com/watch?v=jX76Kv-E_ls28th International Conference on Types for Proofs and ProgramsTaichi Uemura20225216825uemura-2022-wg6uemura-2022-wg6.xmlNormalization for initial space-valued models of type theoriesReferenceWG6 kick-off meeting: Syntax and Semantics of Type TheoriesJon Sterling20225206826sterling-2022-wg6sterling-2022-wg6.xmlNaïve logical relations in synthetic Tait computabilityReferenceWG6 kick-off meeting: Syntax and Semantics of Type TheoriesLogical relations are the main tool for proving positive properties of logics, type theories, and programming languages: canonicity, normalization, decidability, conservativity, computational adequacy, and more. Logical relations combine pure syntax with non-syntactic objects that are parameterized in syntax in a somewhat complex way; the sophistication of possible parameterizations makes logical relations a tool that is primarily accessible to specialists. In the spirit of Halmos' book Naïve Set Theory, I advocate for a new viewpoint on logical relations based on synthetic Tait computability, the internal language of categories of logical relations. In synthetic Tait computability, logical relations are manipulated as if they were sets, making the essence of many complex logical relations arguments accessible to non-specialists.Jon Sterling202110156827sterling-2021-muristerling-2021-muri.xmlNormalization for (Cartesian) cubical type theoryReferencehash-bafkrmigc53m5m72p66jxbd7oxkvrl7irbrfxdjsatj2igngbm44a6g5cnq.pdfMURI Team Meeting 2021Jon SterlingRobert Harper20216828sterling-harper-2021-mlwsterling-harper-2021-mlw.xmlA metalanguage for multi-phase modularityReferencehash-bafkrmigp2ekztc4xgmcxoxv7mxawb33zro6apew2m54hmctdosmregbpha.pdfhttps://www.youtube.com/watch?v=5kWS-umBA7kML Family WorkshopType abstraction, the phase distinction, and computational effects all play an important role in the design and implementation of ML-style module systems. We propose a simple type theoretic metalanguage φML for multi-phase modularity in which these concepts are treated individually, supporting the definition of high-level modular constructs such as generative and applicative functors, as well as all extant forms of structure sharing.Jon SterlingCarlo Angiuli20216829sterling-angiuli-2021-ctsterling-angiuli-2021-ct.xmlNormalization for cubical type theoryReferencehash-bafkrmie6j57qqrx6av73q6ropesavo76e57fcttaxm6t7qyhzpsyhjazjm.pdfhttps://www.youtube.com/watch?v=AhivFjnBakECategory Theory 2021
Jon Sterling6840unstable/742unstable-742.xmlSeminar talksJon Sterling2022696831sterling-2022-ppssterling-2022-pps.xmlNaïve logical relations in synthetic Tait computabilityReferenceProofs, Programs and Systems seminar (IRIF PPS)Logical relations are the main tool for proving positive properties of logics, type theories, and programming languages: canonicity, normalization, decidability, conservativity, computational adequacy, and more. Logical relations combine pure syntax with non-syntactic objects that are parameterized in syntax in a somewhat complex way; the sophistication of possible parameterizations makes logical relations a tool that is primarily accessible to specialists. In the spirit of Halmos' book Naïve Set Theory, I advocate for a new viewpoint on logical relations based on synthetic Tait computability, the internal language of categories of logical relations. In synthetic Tait computability, logical relations are manipulated as if they were sets, making the essence of many complex logical relations arguments accessible to non-specialists.Jon Sterling20224266832sterling-2022-bu-popvsterling-2022-bu-popv.xmlIntrinsic semantics of termination-insensitive noninterferenceReferencehash-bafkrmiakx5dlx7mjxgf2e3qfga4xmjbru46crc6ds52thmiktqyjri46n4.pdfBoston University POPV SeminarSecurity-typed programming languages aim to control the flow of high-security information to low security clients. Starting with Abadi et al.'s dependency core calculus, the denotational semantics of such languages has been dominated by an extrinsic approach in which an existing insecure model of computation (e.g. ordinary domains) is restricted by a logical relation of "indistinguishability" to prevent low-security outputs from depending on high-security inputs (noninterference). Thus in the extrinsic approach, security properties are bolted onto an insecure model by brute force, as it were. A more refined information flow policy called termination-insensitive noninterference allows high-security bits to be leaked through termination channels but not through return values; unfortunately, the adaptation of the extrinsic/relational semantics to this more relaxed policy is incompatible with the transitivity of the logical relation, contradicting the intuition of "indistinguishability".In contrast, an intrinsic semantics of security typing would involve a new computational model that evinces secure information flow and noninterference properties directly without any post hoc restriction by a logical relation. We contribute the first such intrinsic semantics of security typing in this sense by considering sheaves of dcpos on a space of abstract behaviors on which security classes arise as open/closed partitions; the security monads then arise as the closed modalities of topos theory that restrict a sheaf to its component over a closed subspace.An advantage of our intrinsic semantics is that termination-insensitive noninterference arises automatically from our computational model, namely the fact that the Sierpiński domain is not a constant sheaf; a further advantage is that our semantics is an instance of standard domain theoretic denotational semantics, albeit over a richer category of domains.(j.w.w. R. Harper)Robert Harper20211296833harper-2021-topos-instituteharper-2021-topos-institute.xmlPhase distinctions in type theoryReferencehttps://www.youtube.com/watch?v=7DYkyB1Rm3ITopos Institute Colloquium(Joint work with Jon Sterling and Yue Niu)The informal phase distinction between compile-time and run-time in programming languages is formally manifested by the distinction between kinds, which classify types, and types, which classify code. The distinction underpins standard programming methodology whereby code is first type-checked for consistency before being compiled for execution. When used effectively, types help eliminate bugs before they occur.Program modules, in even the most rudimentary form, threaten the distinction, comprising as they do both types and programs in a single unit. Matters worsen when considerating “open” modules, with free module variables standing for its imports. To maintain the separation in their presence it is necessary to limit the dependency of types, the static parts of a module, to their imported types. Such restrictions are fundamental for using dependent types to express modular structure, as originally suggested by MacQueen.To address this question Moggi gave an “analytic” formulation of program modules in which modules are explicitly separated into their static and dynamic components using tools from category theory. Recent work by Dreyer, Rossberg, and Russo develops this approach fully in their account of ML-like module systems. In this talk we consider instead a “synthetic” formulation using a proposition to segregate the static from the dynamic, in particular to define static equivalence to manage type sharing and type dependency.Jon Sterling202111196834sterling-2021-cclsterling-2021-ccl.xmlTowards a geometry for syntaxReferencehash-bafkrmig65yyrnooa2ki3usvufg3gmrp24zw3u634erewg2pwgjpthnlksq.pdfCambridge Computer LaboratoryThe purpose of this talk is to pose the question, “What are the Euclid’s postulates for syntactic metatheory?”In the fourth century B.C.E., the Greek mathematician Euclid set down his famous postulates for plane geometry, explaining geometric shapes in terms of rules that govern their construction and incidence. The dialectical relationship between theories (axioms) and their models (coordinate systems) has been the driving force in the last two millennia of geometrical investigation.In logic and computer science, workers in the “syntactic metatheory” investigate questions that lie on the fringe between a theory and its models — definability, normalization, decidability, conservativity, computational adequacy, parametricity, type safety, etc. Dominant methods attack these questions by means of explicit computations (e.g. Kripke logical relations) which practitioners have found to be both reliable and somewhat opaque. In this talk, I introduce Synthetic Tait computability — a new system of axioms that transforms these explicit computations into synthetic manipulations; classical Kripke logical relations can be seen as models or “coordinate systems” for the new geometry of syntax that is beginning to unfold.Synthetic Tait computability has already been employed to positively resolve the normalization and decidability conjectures for cubical type theory, as well as a number of other recent results.Jon Sterling20211116835sterling-2021-logsemsterling-2021-logsem.xmlBetween abstraction and composition...Referencehash-bafkrmibvdmy674htuxiv72zuvqwhdzjsygbcvw3zcishgnlucuoc3q35iq.pdfLogic and Semantics Seminar, Aarhus UniversityThe fundamental contradiction of programming and program verification can be located in the tension between abstraction and composition. We make programs more abstract in order to prevent bad interactions between components; on the other side of the coin, we impede the composition of components when we abstract them. Modern programming practice evinces many distinct levels of abstraction that must be considered at the same time — for instance, compilers break module boundaries during linking, complexity analysis breaks the abstraction of extensional equivalence, and logical relations proofs break the abstraction of closure under substitution. What is needed to meet this challenge is linguistic tools that smoothly interpolate between these different levels of abstraction. Building on my doctoral dissertation and joint work with Bob Harper, I introduce a new plan for modal programming languages and logics that treat the transition between different abstraction levels as a first-class notion.Jon Sterling20218246836sterling-2021-cmu-sssterling-2021-cmu-ss.xmlAbstraction, composition, and the phase distinctionReferencehash-bafkrmiauzlnmczowkvzdsbt3hw2hzxc35xoyii4qvpkg2cykqba7bu5pya.pdfCMU Speakers ClubProgrammers use abstraction to hide representation details from ourselves: either to avoid mistakes (e.g. confusing a list index with a length) or to exploit representation invariants (e.g. two implementations of the QUEUE interface are indistinguishable). These abstraction boundaries can unfortunately impede the linking of smaller program units into efficient composite programs, because compilers must exploit representation details in order to produce efficient code. Sometimes seen as the "waterloo of separate compilation", the need to break abstraction is answered by whole-program analysis techniques that break all abstractions (as in the MLton compiler for Standard ML). Separate compilation, however, has a number of advantages including speed, parallelization, and elegance.We present an alternative type theoretic account of abstraction-breaking during compilation based on the famous phase distinction of ML languages; rather than distinguishing between compiletime and runtime, we focus on separating "devtime" from compiletime. Our framework allows the programmer to selectively reveal representation details to the compiler without giving up the representation independence properties guaranteed by "devtime" type correctness. We also describe an application to the problem of printf-debugging, which is ordinarily obstructed by abstraction.Jon SterlingCarlo Angiuli202156837sterling-angiuli-2021-padovasterling-angiuli-2021-padova.xmlNormalization for cubical type theoryReferencePadova Logic SeminarWe prove normalization for (univalent, Cartesian) cubical type theory, closing the last major open problem in the syntactic metatheory of cubical type theory. The main difficulty in comparison to conventional type theory is located in a new feature of cubical type theories, the absence of a stable notion of neutral term: for instance, the path application (p @ i) ceases to be neutral within its “locus of instability” ∂(i) and must compute to an endpoint. We introduce a new, geometrically-inspired generalization of the notion of neutral term, stabilizing neutrals by gluing them together with partial computability data along their loci of instability — when the locus of instability is nowhere, a stabilized neutral is a conventional neutral, and when the locus of instability is everywhere, a stabilized neutral is just computability data. Our normalization result is based on a reduction-free Artin gluing argument, and yields an injective function from equivalence classes of terms in context to a tractable language of beta/eta-normal forms. As corollaries we obtain both decidability of judgmental equality, as well as injectivity of type constructors in contexts formed by assuming variables x : A and dimensions i : 𝕀.Jon Sterling202146838sterling-2021-au-ccssterling-2021-au-ccs.xmlLogical relations as typesReferencehash-bafkrmiafb2gihhkx6w3wjzpfzs5bvjxmjospi4wuhgnszcmuq3j6w4lyue.pdfhttps://www.youtube.com/watch?v=AEthjg2k718CCS Colloquium, Augusta UniversityThis is joint work with Robert Harper.How do you prove that two implementations of an abstract type behave the same in all configurations? Reynolds famously employed logical relations to establish such results; roughly, a logical relation is a structure-respecting relation between two interpretations of a theory that evinces, in the base case, a desirable invariant.We present a synthetic way to understand and interact with logical relations, related to classical logical relations in the same way that Euclidean geometry relates to point-sets. Previously a logical relation was defined in terms of the (complicated) details of how it is constructed as a certain kind of relation over syntax. We instead take the simpler view that everything in sight is a logical relation, and then use modalities to isolate those logical relations that are degenerate in either the syntactic or the semantic direction.Our “logical relations as types” principle has led to a new account of modules and representation independence (S., Harper), as well as the first proofs of normalization for cubical type theory (S., Angiuli) and general multi-modal dependent type theory (Gratzer).Jon SterlingCarlo Angiuli202126839sterling-2021-cmu-hottsterling-2021-cmu-hott.xmlNormalization for cubical type theoryReferencePittsburgh's HoTT SeminarWe prove normalization for (univalent, Cartesian) cubical type theory, closing the last major open problem in the syntactic metatheory of cubical type theory. The main difficulty in comparison to conventional type theory is located in a new feature of cubical type theories, the absence of a stable notion of neutral term: for instance, the path application p(i) ceases to be neutral within its “locus of instability” ∂(i) and must compute to an endpoint. We introduce a new, geometrically-inspired generalization of the notion of neutral term, stabilizing neutrals by gluing them together with partial computability data along their loci of instability — when the locus of instability is nowhere, a stabilized neutral is a conventional neutral, and when the locus of instability is everywhere, a stabilized neutral is just computability data. Our normalization result is based on a reduction-free Artin gluing argument, and yields an injective function from equivalence classes of terms in context to a tractable language of beta/eta-normal forms. As corollaries we obtain both decidability of judgmental equality, as well as injectivity of type constructors in contexts formed by assuming variables x : A and dimensions i : 𝕀.(j.w.w. Carlo Angiuli.)
Jon Sterling6841unstable/743unstable-743.xmlRoladex
9600BacklinksJon Sterling2023989595jms-008Mjms-008M.xmlProfessional historyFrom September 2023, I am an Associate Professor in Logical Foundations and Formal Methods at University of Cambridge.From 2022, I was a Marie Skłodowska-Curie Postdoctoral Fellow hosted at Aarhus University working with Professor Lars Birkedal.From 2016 to 2021, I was a PhD student of Professor Robert Harper at Carnegie Mellon University, where I wrote my doctoral thesis on synthetic Tait computability and its application to normalization for cubical type theory.Jon Sterling20238159596jms-0076jms-0076.xmlContext and overall objectivesSoftware systems mediate a growing proportion of human activity, e.g. communication, transport, medicine, industrial and agricultural production, etc. As a result, it is urgent to understand and better control both the correctness and security properties of these increasingly complex software systems. The diversity of verification requirements speaks to a need for models of program execution that smoothly interpolate between many different levels of abstraction. Models of program execution vary in expressiveness along the spectrum of possible programming languages and specification logics. At one extreme, dependent type theory is a language for mathematically-inspired functional programming that is sufficiently expressive to serve as its own specification logic. Dependent type theory has struggled, however, to incorporate several computational effects that are common in every-day programming languages, such as state and concurrency. One of the most extreme forms of computational effect is “higher-order mutable state”, which is when programs can read and write data as well as entire subroutines to the computer’s memory during execution. Programming languages that support these features require very sophisticated specification logics due to the myriad details that must be surfaced in their semantic models.Recently there have been several significant technical advances in mathematical semantics for programming languages that have been ripe for exploitation. For instance, in my doctoral thesis I developed a new technique called Synthetic Tait Computability or “STC” that smoothly combines multiple levels of abstraction into a single language. Inspired by sophisticated mathematical techniques invented in topos theory and category theory for entirely different purposes, STC enables low-level details (even down to execution steps) to be manipulated in a simpler and more abstract way than ever before, making them easier to control mathematically. Perhaps more importantly, the STC method makes it possible to import ideas and techniques from other mathematical fields that are comparatively more developed than programming languages. Another related advance is the use of Synthetic Guarded Domain Theory or “SGDT” as a mathematical language in which to describe and reason about the behavior of computer programs, potentially exhibiting complex interactions with their environment and with other programs. A third advance setting the stage for this project is the development of Univalent Foundations and Homotopy Type Theory, a new and backwards-compatible foundation of mathematics that places symmetries and reversible transformations of mathematical structures in the forefront.The goal of the TypeSynth project has been to combine these three ideas to break a long-standing logjam in the mathematical understanding of computer programming: the denotational semantics and equational separation logic of higher-order mutable state.Jon Sterling20238159597jms-007Ajms-007A.xmlEffectful synthetic Tait computabilityA third achievement of the TypeSynth project was to extend the highly successful “Synthetic Tait Computability” method, developed in my doctoral thesis, to the case of realistic programming languages with computational effects. The purpose of this extension was to achieve strong representation independence results, by which we can show the computational indistinguishability of even two programs that allocate memory cells of different types that are linked not by a bijection but by a mere relation, in contrast to univalent reference types. We have gone quite a bit beyond our expectations, as our account of STC for higher-order store applies not only to the simple polymorphic store model, but also to the full dependent type theory. This allows many classic results from the literature that previously required very complicated reasoning with the semantic model to be reconstructed in a simpler and more direct fashion.Jon Sterling20238159598jms-0077jms-0077.xmlWork performed and main achievementsI highlight the three main achievements of the TypeSynth project below:a new denotational semantics of higher-order store;
an equational higher-order separation logic based on the above denotational semantics;
the extension of synthetic Tait computability to support computational effects including guarded recursion and higher-order store.Jon Sterling20238157242jms-0078jms-0078.xmlDenotational semantics of higher-order storeThe TypeSynth plan to develop denotational semantics of higher-order store had two components: the first was to develop a practical semantic model of polymorphic higher-order store without garbage collection, and the second was to extend this model to support the equational theory of garbage collection. For the former, the results have greatly outstripped expectations: I have succeeded in constructing not only the indended model of store with polymorphism, but in fact a model of full dependent type theory with higher-order store — posing the prospect for being able to write and verify the correctness of programs in the same language. This result is the first of its kind for higher-order store, and is a significant advance. In the final months of the project, we have also gone further beyond this result in a different direction, and constructed a version of the model of higher-order store satisfying a new gamut of compelling representation independence equations which I refer to as the theory of “univalent reference types”: in short, two programs can be considered equal even if they allocate memory cells of different types, so long as the two types are in bijection and programs' interaction with the memory cell respects this bijection.I have begun to extend these results to include the equational theory of garbage collection, but as the TypeSynth project has been terminated nearly one year early (due to my recent appointment as Associate Professor at University of Cambridge), this further exploitation of the TypeSynth methodology will continue beyond the conclusion of the project.Jon Sterling20238157243jms-0079jms-0079.xmlEquational higher-order separation logic for higher-order storeIn collaboration with my colleagues Frederik Ljerbjerg Aagaard and Professor Lars Birkedal, I have developed a guarded higher-order separation logic called TULIP over the TypeSynth denotational model of higher-order store. This logic represents a significant step forward in the march toward simple, abstract, and compositional reasoning about higher-order stateful programs. Prior program logics (such as Iris and the Verified Software Toolchain) interact with computer programs only indirectly, by verifying properties of a specific “transition function” that simulates the steps that a (highly idealized) computer would take when executing a program; this style is called “operational”. Unfortunately, the important structural properties of programs are highly unnatural to express at the level of transition steps, and as such, existing operationally-based program logics impose a great deal of bureaucracy by forcing those verifying programs to manually mediate the mismatch between the viewpoint of the machine (which cannot see program structure), and the viewpoint of the programmer (which is entirely based on program structure). An equational, or "denotationally-based", program logic like TULIP instead treats programs directly without needing to pass through an encoding in terms of machine transitions. An immediate benefit of the equational approach is that program equivalences can be glued together directly in any context, a kind of practical compositionality that is unique to equational and denotationally-based program logics. Our development of the TULIP logic is a strong first step in this direction.Jon Sterling20238157244jms-007Ajms-007A.xmlEffectful synthetic Tait computabilityA third achievement of the TypeSynth project was to extend the highly successful “Synthetic Tait Computability” method, developed in my doctoral thesis, to the case of realistic programming languages with computational effects. The purpose of this extension was to achieve strong representation independence results, by which we can show the computational indistinguishability of even two programs that allocate memory cells of different types that are linked not by a bijection but by a mere relation, in contrast to univalent reference types. We have gone quite a bit beyond our expectations, as our account of STC for higher-order store applies not only to the simple polymorphic store model, but also to the full dependent type theory. This allows many classic results from the literature that previously required very complicated reasoning with the semantic model to be reconstructed in a simpler and more direct fashion.Jon Sterling20229599jms-0061jms-0061.xmlTypeSynth: synthetic methods in program verificationFellowship10.3030/101065303Marie Skłodowska-Curie Actions Postdoctoral Fellowship
Beneficiary:
Jonathan Sterling
Award:
Marie Skłodowska-Curie Actions Postdoctoral Fellowship
Funder:
European Commission, Horizon Europe Framework Programme (HORIZON)
Host:
Aarhus University, Center for Basic Research in Program Verification
Years:
2022–2024 (terminated 2023)
Amount:
214,934.4 EUR
See the Final Report and Bibliography.Abstract. Software systems mediate a growing proportion of human activity, e.g. communication, transport, medicine, industrial and agricultural production, etc. As a result, it is urgent to understand and better control both the correctness and security properties of these increasingly complex software systems. The diversity of verification requirements speaks to a need for models of program execution that smoothly interpolate between many different levels of abstraction.Models of program execution vary in expressiveness along the spectrum of possible programming languages and specification logics. At one extreme, dependent type theory is a language for mathematically-inspired functional programming that is sufficiently expressive to serve as its own specification logic. Dependent type theory has struggled, however, to incorporate several computational effects that are common in every-day programming languages, such as state and concurrency. Languages that support these features require very sophisticated specification logics due to the myriad details that must be surfaced in their semantic models.In the context of dependent type theory, I have recently developed a new technique called Synthetic Tait Computability or STC that smoothly combines multiple levels of abstraction into a single language. Inspired by sophisticated mathematical techniques invented in topos theory and category theory for entirely different purposes, STC enables low-level details (even down to execution steps) to be manipulated in a simpler and more abstract way than ever before, making them easier to control mathematically. Perhaps more importantly, the STC method makes it possible to import ideas and techniques from other mathematical fields that are comparatively more developed than programming languages.The goal of the TypeSynth project is to extend the successful STC approach to a wider class of programming models, in particular programming languages with effects.9601Related9602Contributions