jozefg 2014-07-02 02:46:31.680357 UTC
| 1 | module teaching where |
| 2 | open import Data.Nat -- Grab natural numbers |
| 3 | |
| 4 | -- Proof pair boxes a type family P which maps all values of type A |
| 5 | -- to some proof, for example (P : Nat → Set) where P n = n /= 0 |
| 6 | data ProofPair (A : Set) (P : A → Set) : Set where |
| 7 | heres-proof : (a : A) → P a → ProofPair A P -- Box the value with the proof of the value |
| 8 | |
| 9 | |
| 10 | -- Equality type family. The proof we use to represent equality |
| 11 | data Eq {A : Set} : A → A → Set where |
| 12 | refl : {a : A} → Eq a a -- Reflexivity |
| 13 | |
| 14 | -- False is the empty type, since we can't witness it |
| 15 | -- to prove it. |
| 16 | data False : Set where |
| 17 | |
| 18 | -- False implies anything |
| 19 | False-elim : {A : Set} → False → A |
| 20 | False-elim () -- Absurd case |
| 21 | |
| 22 | -- Not is simply that a such a proof |
| 23 | -- would imply false |
| 24 | not : Set → Set |
| 25 | not A = A → False |
| 26 | |
| 27 | -- Finally, let's talk about safe division |
| 28 | -- first, let's assume some unsafe division |
| 29 | -- function |
| 30 | |
| 31 | postulate unsafeDiv : ℕ → ℕ → ℕ |
| 32 | |
| 33 | -- and now our safe wrapper looks like this |
| 34 | |
| 35 | div : (top bot : ℕ) → not (Eq bot 0) → ℕ |
| 36 | div top zero p = False-elim (p refl) -- The absurd case |
| 37 | div top (suc bot) p = unsafeDiv top (suc bot) -- The normal case |
| 38 | |
| 39 | |
| 40 | -- Some example usages |
| 41 | |
| 42 | obviously-not-zero : {n : ℕ} → not (Eq (suc n) 0) |
| 43 | obviously-not-zero () -- The proof is trivial |
| 44 | |
| 45 | test : ℕ |
| 46 | test = div 5 2 obviously-not-zero |
| 47 | |
| 48 | test2 : ℕ |
| 49 | test2 = div 0 2 obviously-not-zero |
| 50 | |
| 51 | test3 : ℕ |
| 52 | test3 = div 1 6 obviously-not-zero |