Nonstandard functional interpretations and categorical models

# Nonstandard functional interpretations and categorical models

Amar Hadzihasanovic111Department of Computer Science, University of Oxford, Wolfson Building, Parks Road, OX1 3QD Oxford. Email address: amarh@cs.ox.ac.uk. Supported by an EPSRC Doctoral Training Grant.  and Benno van den Berg222Institute for Logic, Language and Computation, Universiteit van Amsterdam, P.O. Box 94242, 1090 GE Amsterdam. Email address: bennovdberg@gmail.com. Supported by the Netherlands Organisation for Scientific Research (NWO).
4 February 2014
###### Abstract

Recently, the second author, Briseid and Safarik introduced nonstandard Dialectica, a functional interpretation that is capable of eliminating instances of familiar principles of nonstandard arithmetic - including overspill, underspill, and generalisations to higher types - from proofs. We show that, under few metatheoretical assumptions, the properties of this interpretation are mirrored by first order logic in a constructive sheaf model of nonstandard arithmetic due to Moerdijk, later developed by Palmgren. In doing so, we also draw some new connections between nonstandard principles, and principles that are rejected by strict constructivism.

Furthermore, we introduce a variant of the Diller-Nahm interpretion with two different kinds of quantifiers (with and without computational meaning), similar to Hernest’s light Dialectica interpretation, and show that one can obtain nonstandard Dialectica from this by weakening the computational content of the existential quantifiers – a process we call herbrandisation. We also define a constructive sheaf model mirroring this new functional interpretation and show that the process of herbrandisation has a clear meaning in terms of these sheaf models.

## 1 Introduction

The focus of this paper stands at a confluence of two quite different paths in mathematical logic.

On one end, there is nonstandard arithmetic, and analysis: a subject that has been an upshot of classical model theory, and even after it was recognised that it was amenable to a syntactic treatment, as in Nelson’s internal set theory [19], it mostly remained within the boundaries of classical set theory. On the other end, there is the markedly proof-theoretic topic of functional interpretations, stemming from Gödel’s Dialectica interpretation [8]; and, in particular, its recent revival through the programme of proof mining [13].

Where these ends meet, is in a general inclination towards the constructivisation of mathematics. The first explicit model of nonstandard analysis, due to Schmieden and Laugwitz [28], was actually fully constructive, but had a quite weak transfer property. On the other hand, Robinson’s model of nonstandard arithmetic [27], and subsequent ones which were elementary extensions of the standard model, were built from nonconstructive objects, such as nonprincipal ultrafilters of sets. Even in the syntactic approach, it was soon realised that many useful principles led to instances of the excluded middle. But did nonstandard analysis really have nothing to offer to constructive analysts?

Not everyone was convinced, including, notably, Per Martin-Löf, who pushed the question in the early 1990s: first, Erik Palmgren succeeded in building a model with a restricted, yet useful transfer principle [22]; then, in 1995, Ieke Moerdijk described the first constructive model of nonstandard arithmetic with a full transfer principle - a topos of sheaves over a category of filters [18]. Later, by working in this topos, Palmgren provided simplified, nonstandard proofs of several theorems of constructive analysis, and so demonstrated the usefulness of this model [23, 24, 25, 26].

But if nonstandard proofs do provide some constructive information, we might as well try to extract it in an automated fashion. In 2012, the second author, Briseid and Safarik succeeded in defining a functional interpretation, nonstandard Dialectica [3], which could eliminate nonstandard principles from proofs of intuitionistic arithmetic in all finite types, enriched, à la Nelson, with a predicate , “ is standard”, for all types ; also yielding a proof of conservativity of these principles over the base system. Section 2 is a review.

Now, some of the principles validated by nonstandard Dialectica were known to hold in Moerdijk’s topos - including a form of Nelson’s idealisation axiom, an underspill principle, and the undecidability of the standardness predicate. Our first aim was to investigate how deep this connection would go.

And a deep connection it is: with the exception of one principle, which requires an assumption about the metatheory, all the characteristic principles of nonstandard Dialectica are true in the topos model, for free. Section 3 is devoted to showing this. During this investigation, we also chanced upon two new principles, sequence overspill and sequence underspill, which appear to be more natural equivalents of principles that have been taken into consideration, earlier, in the context of proof-theoretic nonstandard arithmetic. We map their relation to other familiar principles from nonstandard and constructive analysis in Section 2.

Several characteristic principles of nonstandard Dialectica have a peculiarity: they are herbrandised. This is explained in more detail in Section 4; in short, where “traditional” functional interpretations would produce a single witness of an existential statement, these principles produce a finite sequence of potential witnesses, of which at least one is an actual witness. This property destroys the computational meaning of intuitionistic disjunction, yet seems unavoidable in the interpretation of nonstandard arithmetic.

The categorical analysis of nonstandard Dialectica supplied a very convenient way of “de-herbrandising”, through a simple change in the Grothendieck topology, down from finite covers to singleton covers. Full transfer is lost - in the new topos, disjunction is stronger than in the metatheory - as well as the link to nonstandard arithmetic; but the de-herbrandised principles induce a new functional interpretation, which we call uniform Diller-Nahm, and is the main focus of Section 4.

Uniform Diller-Nahm can be seen as an extension of the Diller-Nahm variant of the Dialectica interpretation [7], and has some striking similarities to light Dialectica [9], a variant of Dialectica with two different kinds of quantifiers - computational, and non computational - introduced in 2005 by Mircea-Dan Hernest, for the purpose of more efficient program extraction from formal proofs. Yet, irrespective of its technical value, the characteristic proof system of uniform Diller-Nahm might have a dignity of its own.

In 1985, Vladimir Lifschitz proposed a simple extension of Heyting arithmetic, where a distinction could be made between calculable, and non calculable natural numbers [15]; a synthesis of classical and intuitionistic arithmetic. Under the interpretation of the predicate as “ is calculable”, the proof system of uniform Diller-Nahm seems to be well-suited for Lifschitz’s intended calculus. This is also discussed in Section 4.

Finally, in Section 5, we survey some open questions.

Note. This work is based on research done by the first author, under the supervision of the second author, in partial fulfillment of the requirements for the degree of Laurea Magistrale in Mathematics at the University of Pavia.

## 2 The nonstandard Dialectica interpretation

We start by briefly recalling the definition of the system E-HA, as introduced in [3]; we refer to the original paper for a detailed presentation.

### 2.1 The system E-HAω∗st

We take E-HA to be an extension of the system called E-HA in [29], with additional types and constants for handling finite sequences. More precisely, the collection of types is generated by the inductive clauses

• is in ;

• if , are in , then and are in ;

and, for all types in , we have constants (empty sequence), (prepending operator), and (list recursor), with defining axioms

 SA:∀s:σ∗(s=⟨⟩σ∨∃x:σ∃s′:σ∗(s=Cxs′)), [l]{Lσ,τxy⟨⟩τ=σx,Lσ,τxy(Czs)=σy(Lσ,τxys)⟨z⟩,x:σ,y:σ→τ→σ,z:τ,s:τ∗,

where is the “singleton” .

• Notation. We use (and ) as variables of sequence type.

This system has an extensionality axiom

 ∀f,g:σ→τ(f=σ→τg↔∀x:σfx=τgx)

for all types , .

Using the projectors and combinators from the language of E-HA, it is possible, already in the latter system, to introduce a coding of finite sequences of elements of any type, as in [12, p. 59]; therefore, E-HA is a definitional, hence conservative, extension of E-HA. However, finite sequences seem to be quite ubiquitous in arguments of nonstandard arithmetic, mostly due to the expanded notion of “finiteness” in a nonstandard model; so it seems preferable to have them built into our syntax.

Since every type is provably inhabited, we can conservatively add for every type a constant . Using the list recursor, one can define all the basic operations on finite sequences one needs in practice.

1. A length function , satisfying

 |⟨⟩σ|=0,|Cas|=S|s|,

for , .

2. A projection function of type , satisfying

 (⟨⟩σ)i =∅σfor all i, (Cas)0 =a, (Cas)Si =si.
3. A concatenation operation , such that

 ⟨⟩σ⋅t=t,Cas⋅t=Ca(s⋅t).

As expected, concatenation is provably associative, so we will iterate it without bothering with brackets.

The following, easy properties are all established in [3].

1. E-HA

2. E-HA

###### Proof.

Let . By the sequence axiom , either or for some , . If , the latter case leads to a contradiction, for .

If , then the former case leads to a contradiction, and we have proven the directions left to right. The converses are immediate. ∎

###### Proposition 2.2.

E-HA proves the induction schema for sequences

 IA∗:(φ(⟨⟩σ)∧∀x:σ∀s:σ∗(φ(s)→φ(Cxs)))→∀s:σ∗φ(s).
###### Proof.

Suppose and . By the previous lemma,

 ∀s:σ∗(|s|=0→φ(s)).

Fix , and assume . Let be of length . Again by the previous lemma, for some , and of length , and holds by hypothesis. Therefore, holds as well; and we have proved

 ∀s:σ∗(|s|=n→φ(s))→∀s:σ∗(|s|=Sn→φ(s)).

By ordinary induction, it follows that . ∎

###### Definition 2.3.

Let . We say that and are extensionally equal, and write , if

 |s|=|t|∧∀i<|s|(si=ti).

E-HA

###### Proof.

By induction for sequences. Suppose . If , then , so, by Lemma 2.1, .

Otherwise, for some . Then for ; again, by Lemma 2.1, for some . But , and ; by the inductive hypothesis, . Therefore, . ∎

Since finite sequences will be used as a replacement for finite sets, we will borrow some set-theoretic notation.

###### Definition 2.5.

Let , . We define the abbreviations

1. ( is an element of );

2. ( is contained in ).

We will drop subscripts in most occasions. We also extend the relation to sequence-valued functionals, pointwise: for ,

The relation determines a preorder, provably in E-HA.

In the definition of the nonstandard Dialectica translation, one needs a form of application for finite sequences - and an associated form of -abstraction - that is monotone in the first component, with respect to the preorder we just defined.

###### Definition 2.6 (Finite sequence application and abstraction).

Let , , . Then

 s[a] :=(s0a)⋅…⋅(s|s|−1a):τ∗, Λx:σ.t :=C(λx:σ.t)⟨⟩:(σ→τ∗)∗.

The new application and abstraction are interdefinable with the usual ones. In fact, we have the following, easy compatibility result.

###### Proposition 2.7.

E-HA proves that for all , ,

 (Λx:σ.s)[a]=(λx:σ.s)a=s[a/x].
###### Lemma 2.8.

E-HA proves that for all , ,

 s⊆s′→s[a]⊆s′[a].
###### Proof.

See [3, Lemma 2.22]. ∎

Since we do not have product types, we will often work with tuples of types and of terms, for which we follow the conventions of [12]; the following is a brief summary.

• Notation. We write , for tuples of types and terms. stands for the empty tuple. We write

 fx––:=(…(fx0)x1)…)xn,

with the appropriate types; while, if , stands for . We will have, correspondingly,

 λx––.f––:=λx––.f0,…λx––.fm,

and the same for finite sequence application.

Relations distribute as expected: for instance, if , with the same length and types as ,

 x––=σ––y–:=n⋀i=0xi=σiyi;

and if is a tuple of sequences,

 x––∈σ––s–:=n⋀i=0xi∈σisi.

Most of the results we have listed so far are easily extended to tuples of terms; in particular, those concerning finite sequence application and abstraction.

We now lay the syntactic groundwork for doing nonstandard arithmetic in our system.

###### Definition 2.9.

The system E-HA is an extension of E-HA, whose language includes a (unary) predicate , , for all types of ; and the external quantifiers , .

• Notation. Following Nelson, so-called internal formulae - those in the language of E-HA - are always denoted with small Greek letters, and generic, external formulae with capital Greek letters.

The following axioms are added to those of E-HA:

1. the defining axioms of the external quantifiers:

 ∀stx:σΦ(x)↔∀x:σ(stσ(x)→Φ(x)), ∃stx:σΦ(x)↔∃x:σ(stσ(x)∧Φ(x));
2. axioms for the standardness predicate:

 [l]stσ(x)∧x=σy→stσ(y),stσ(a)for all \emph{closed} a:σ,stσ→τ(f)∧stσ(x)→stτ(fx);
3. the external induction schema:

 IAst:(Φ(0)∧∀stx:0(Φ(x)→Φ(Sx)))→∀stx:0Φ(x).

Since it is part of E-HA, the system E-HA also contains, besides the external induction schema, an “internal” induction schema , which is assumed to hold for internal formulae only.

So far, there is nothing inherently nonstandard about the system we have defined. In fact, one could interpret as , and all the new axioms would be provable in E-HA. This simple fact also implies that E-HA is a conservative extension of E-HA.

However, there are some simple results, of the kind we would expect from a “standardness property”, that can already be proved.

###### Proposition 2.10.

For every formula , E-HA proves

 Φ(x)∧x=y→Φ(y).
###### Proof.

Easy induction on the logical structure of , utilising the fact that the standardness predicate is extensional. ∎

###### Proof.

Apply external induction to the formula . ∎

Basically anything one can get from standard sequences is standard.

1. E-HA

2. E-HA

3. E-HA

4. E-HA

5. E-HA

###### Proof.

Everything follows from the standardness axioms, coupled with the fact that the list recursor is standard. ∎

A simple consequence of the lemma is that the operations of sequence application and abstraction, as defined in the previous section, preserve standardness.

###### Corollary 2.13.
1. E-HA

2. E-HA

Finally, we prove that finite sequences of standard elements are standard; the converse is already a consequence of Lemma 2.12.(a)-(b).

###### Lemma 2.14.

E-HA proves that

 ∀s:σ∗(st(|s|)∧∀i<|s|st(si)→st(s)).
###### Proof.

Suppose is finite, and that, for all , is standard. By an iteration of Lemma 2.12.(d), is also standard. Clearly, and are extensionally equal; by Corollary 2.4, . Thus, is standard. ∎

This, in turn, is used to prove an external induction schema for sequences.

###### Proposition 2.15.

E-HA proves the external induction schema for sequences

 IA∗st:(Φ(⟨⟩σ)∧∀stx:σ∀sts:σ∗(Φ(s)→Φ(Cxs)))→∀sts:σ∗Φ(s).
###### Proof.

From the previous lemma, one obtains that if and is standard, then and are also standard. Then one argues precisely as in Proposition 2.2, applying external instead of ordinary induction. ∎

The linguistic blocks are in place for the definition of the nonstandard Dialectica interpretation.

### 2.2 The Dst translation

###### Definition 2.16.

To every formula of the language of E-HA, with free variables , we associate inductively its nonstandard Dialectica translation

 Φ(a––)Dst=∃sts–∀sty–φDst(s–,y–,a––),

where is internal, and all the variables in are of sequence type.

• , for internal atomic;

• .

Let , :

• ;

• ;

• ;

• ;

• ;

• ;

• .

The idea is that, in the interpretation, realisers should be finite sequences of potential realisers, of which at least one is an actual realiser. Hence, if is a valid realiser, then any with should work as well. That this is the case is guaranteed by the following proposition.

###### Definition 2.17.

A formula is upwards closed in if

 Φ(s)∧s⊆s′→Φ(s′).
###### Proposition 2.18.

Let be a formula of E-HA, . Then proves that is upwards closed in :

 \emph{E-HA}ω∗⊢φ(s–,y–,a––)∧s–⊆s–′→φ(s–′,y–,a––).
###### Proof.

By induction on the logical structure of , using Lemma 2.8 in the clauses for and . ∎

In [3], the nonstandard Dialectica interpretation was given a characterisation in terms of five principles. We provide here an alternative characterisation, which keeps the following three principles from the former.

1. The herbrandised axiom of choice:

 HACst:∀stx:σ∃sty:τΦ(x,y)→∃st(f:σ→τ∗)∗∀stx:σ∃y∈f[x]Φ(x,y).
2. The herbrandised independence of premise principle:

 HIPst∀:(∀stx:σφ(x)→∃sty:τΨ(y))→∃stt:τ∗(∀stx:σφ(x)→∃y∈tΨ(y)).
3. The principle called non-classical realisation in [3] - which, as we will see in Section 4, could also be called herbrandised nonstandard uniformity:

 NCR:∀y:τ∃stx:σΦ(x,y)→∃sts:σ∗∀y:τ∃x∈sΦ(x,y).

In addition to these, the former characterisation had idealisation

 I:∀sts:σ∗∃y:τ∀x∈sφ(x,y)→∃y:τ∀stx:σφ(x,y),

whose dual

 R:∀y:τ∃stx:σφ(x,y)→∃sts:σ∗∀y:τ∃x∈sφ(x,y)

is clearly a consequence of , and the herbrandised generalised Markov’s principle

 HGMPst:(∀stx:σφ(x)→ψ)→∃sts:σ∗(∀x∈sφ(x)→ψ).

We will replace them as follows.

###### Definition 2.19.

Let . We say that is a hyperfinite enumeration of the type if

 ∀stx:σ(x∈s).

We define, for all types , a predicate

 hyper(s):=∀stx:σ(x∈s),

as well as quantifiers ranging over hyperfinite enumerations, with defining axioms

 ∀hyps:σ∗Φ(s):=∀s:σ∗(hyperσ(s)→Φ(s)), ∃hyps:σ∗Φ(s):=∃s:σ∗(hyperσ(s)∧Φ(s)).

The most basic nonstandard principles are, arguably, overspill and underspill in the type of natural numbers:

 OS0: ∀stn:0φ(n)→∃n:0(¬st(n)∧φ(n)), US0: ∀n:0(¬st(n)→φ(n))→∃stn:0φ(n).

These principles are almost invariably used with formulae of the form , stating that a certain property holds up to a number . From the assumption , which says that holds up to any standard natural number, allows one to derive that holds up to some nonstandard (infinite) number .

From , one can obtain a hyperfinite enumeration of the natural numbers, so that ; and, in a way, it is this fact - that induces a hyperfinite enumeration - that is relevant to the argument, rather than being nonstandard. This suggests the following generalisation of overspill and underspill to all finite types.

We introduce the principle of sequence overspill

 OS∗:∀sts:σ∗φ(s)→∃hyps:σ∗φ(s),

and its dual, sequence underspill

 US∗:∀hyps:σ∗φ(s)→∃sts:σ∗φ(s).

E-HA.

###### Proof.

Assume , and suppose . Let be a standard sequence of sequences; then is again standard, so holds. Furthermore, by construction, for all , ; in other words,

 ∀stt:(σ∗)∗∃s:σ∗∀t′∈t(t′⊆s∧φ(s)).

By idealisation, we obtain

 ∃s:σ∗∀stt:σ∗(t⊆s∧φ(s)).

It remains to prove that , an easy consequence of Lemma 2.12.

Conversely, assume , and suppose . By sequence overspill, it follows that

 ∃y:τ∃hyps:σ∗∀x∈sφ(x,y),

which implies

 ∃y:τ∀stx:σ∗φ(x,y).

This concludes the proof. ∎

Several consequences of are listed in [24] and in [3], which, by the previous proposition, are also consequences of . For us, it is particularly relevant that implies an external version of the lesser limited principle of omniscience, a nonconstructive principle well-known in the area of reverse mathematics, see e.g. [10]; namely,

 LLPOst:∀stx,y:σ(φ(x)∨ψ(y))→(∀stx:σφ(x)∨∀stx:σψ(x)).

E-HA.

###### Proof.

Suppose . We prove by external sequence induction that

 ∀sts:σ∗(∀x∈sφ(x)∨∀x∈sψ(x)). (1)

For , is vacuously true. Suppose it is true for some arbitrary, standard , and pick any standard . We want to show .

Suppose (the case where is true is similar). Since

 ∀stx,y:σ(φ(x)∨ψ(y)),

we have

 ∀b∈Cas(φ(a)∨ψ(b));

since is a finite sequence, we can run through all and see whether holds. If so, then holds and we are done; otherwise, we will get that holds for all and we again achieve the desired disjunction. Now, applying sequence overspill to (1) gives

 ∃hyps:σ∗(∀x∈sφ(x)∨∀x∈sψ(x)),

which implies . ∎

Notice that alone would have sufficed to prove the restriction of to type 0.

Since is equivalent to , it would make sense if were equivalent to ; yet things are not so simple. In fact, only one implication seems to hold.

E-HA.

###### Proof.

Suppose . Then

 ∀hyps:σ∗∀y:τ∃x∈sφ(x,y),

which, by sequence underspill, implies . ∎

What is missing, in order to obtain an equivalence, is precisely the last characteristic principle.

E-HA.

###### Proof.

Suppose . Then

 ∃hyps:σ∗∀x∈sφ(x)→ψ,

which is intuitionistically equivalent to

 ∀hyps:σ∗(∀x∈sφ(x)→ψ).

An application of sequence underspill leads to the conclusion. ∎

We now complete the characterisation of .

E-HA.

###### Proof.

Suppose ; that is,

 ∀s:σ∗(∀stx:σ(x∈s)→φ(s)).

By the herbrandised generalised Markov’s principle, this is equivalent to

 ∀s:σ∗∃stt:σ∗(t⊆s→φ(s));

which, by realisation and intuitionistic logic, implies

 ∃stt:(σ∗)∗∀s:σ∗(∀t′∈t(t′⊆s)→φ(s)).

Take a standard as in (2.2), and pick . By Lemma 2.12, is standard, and, for all , ; therefore, it holds that . We thus prove

 ∃sts:σ∗φ(s),

and the sequence overspill principle. ∎

Replacing with a contradiction, e.g. , and choosing a negated , we see that - hence, as well - implies an external version of Markov’s principle, another noted principle that is rejected by strict constructivism:

 MPst:(∀stx:σ(φ(x)∨¬φ(x))∧¬¬∃stx:σφ(x))→∃stx:σφ(x).

This is another instance of a principle whose nature appears markedly nonstandard, forcing a nonconstructive mode of reasoning.

###### Theorem 2.25 (Soundness of the nonstandard Dialectica interpretation).

Suppose

 \emph{E-HA}ω∗st+OS∗+US∗+NCR+HACst+HIPst∀+Δint⊢Φ(a––),

where is a set of internal sentences. Let . Then from the proof we can extract a tuple of closed terms such that

 \emph{E-HA}ω∗+Δint⊢∀y–φDst(t–,y–,a––).
###### Proof.

This is [3, Theorem 5.5], coupled with the fact that over E-HA. We provide explicit realisers for the new principles.

The interpretation of is

 ∃stS∀sts′(∀s∈S[s′]φ(s)→∃s(s′⊆s∧φ(s))),

and we can take .

The interpretation of is

 ∃stT∀sts′′(∀s∃s′∈s′′(s′⊆s→φ(s))→∃t∈T[s′′]φ(t));

since implies , unless is the empty sequence (in which case, the premise is false anyway), we can take

 T:=Λs′<