A Comprehensive Formalization of Propositional Logic in Coq: Deduction Systems, Meta-Theorems, and Automation Tactics

Abstract

The increasing significance of theorem proving-based formalization in mathematics and computer science highlights the necessity for formalizing foundational mathematical theories. In this work, we employ the Coq interactive theorem prover to methodically formalize the language, semantics, and syntax of propositional logic, a fundamental aspect of mathematical reasoning and proof construction. We construct four Hilbert-style axiom systems and a natural deduction system for propositional logic, and establish their equivalences through meticulous proofs. Moreover, we provide formal proofs for essential meta-theorems in propositional logic, including the Deduction Theorem, Soundness Theorem, Completeness Theorem, and Compactness Theorem. Importantly, we present an exhaustive formal proof of the Completeness Theorem in this paper. To bolster the proof of the Completeness Theorem, we also formalize concepts related to mappings and countability, and deliver a formal proof of the Cantor–Bernstein–Schröder theorem. Additionally, we devise automated Coq tactics explicitly designed for the propositional logic inference system delineated in this study, enabling the automatic verification of all tautologies, all internal theorems, and the majority of syntactic and semantic inferences within the system. This research contributes a versatile and reusable Coq library for propositional logic, presenting a solid foundation for numerous applications in mathematics, such as the accurate expression and verification of properties in software programs and digital circuits. This work holds particular importance in the domains of mathematical formalization, verification of software and hardware security, and in enhancing comprehension of the principles of logical reasoning.

1. Introduction

The rapidly evolving landscape of modern mathematics and computer science research necessitates a heightened focus on the rigorous formalization and verification of foundational theories. Theorem proving, which involves using computer programs to verify the correctness of mathematical proofs, has emerged as an indispensable tool in these disciplines. Establishing solid mathematical and logical foundations allows researchers to confidently and efficiently build upon them [1]. This paper focuses on the formalization of propositional logic, a cornerstone in both mathematics and computer science, with crucial applications in areas such as logic, computation, and verification.

Recent breakthroughs in computer science and logical foundations have spurred the development of a multitude of theorem provers. Each of these are based on various logical frameworks, offering distinctive advantages. The advent of robust theorem provers, notably Coq [2], Isabelle/HOL [3], HOL Light [4], and Lean [5,6], among others [7], has captured the keen interest of the mathematical and computer science communities [8,9]. Wilayat Khan and collaborators have proposed and developed CoCEC, a tool that amalgamates the strengths of multiple strategies. This tool employs automatic theorem proving to verify the equivalence of combinational circuits [10]. Gerwin Klein and his team share their experience in executing a formal, machine-verified verification of the seL4 microkernel, from an abstract specification to its C implementation [11]. Notably, Leroy, a recipient of the ACM Software System Award, employed the Coq theorem prover to realize the formal verification of the C language compiler, CompCert [12]. Wiedijk posited that formal mathematics represents the third revolution in the history of mathematics [13]. The significant achievements in this domain include Gonthier and Werner’s Coq-based formal proof of the Four-Color Theorem in 2005 [14], Gonthier’s machine-checked proof of the Odd Order Theorem in 2012 [15], and the formal verification of the Kepler Conjecture by Hales and his team in 2017 [16]. In a noteworthy instance, Scholze’s proof of condensed mathematics, a keystone of contemporary mathematics, was translated into Lean language and verified in 2021 [17]. Jeremy Avigad and his team detailed a proof of the Central Limit Theorem that has undergone formal verification in the Isabelle proof assistant [18]. Jean Francois Dufourd introduced a fully formalized proof of a discrete variant of the Jordan Curve Theorem [19]. John Harrison outlined the computer formalization of a complex–analytic proof of the Prime Number Theorem [20]. Furthermore, Sylvie Boldo and collaborators suggested a method to define total operators for derivatives and integrals [21]. These accomplishments have significantly amplified the prominence of theorem provers in academic and industry communities, thereby highlighting the growing significance of the formalization of fundamental mathematical and computer theories.

Propositional logic, also known as propositional calculus or sentential logic, is a cornerstone in various fields of knowledge, including mathematics, computer science, artificial intelligence, and philosophy. This fundamental system presents a formal framework for representing and analyzing the logical structure of statements and arguments. Propositional logic not only underpins Boolean algebra and computer engineering but also grounds more advanced logical systems, such as predicate logic and modal logic, which are essential in numerous mathematical domains. In essence, propositional logic occupies a pivotal position across numerous knowledge areas, offering a solid foundation for formal reasoning, analysis, and decision-making.

Formal systems for propositional logic trace their roots to Leibniz’s concept of mechanical mathematics [22]. In his “Dissertatio de arte combinatoria”, Leibniz proposed a universal language, entailing symbolic representations and a mechanical method to express any rational idea. His paramount objective centered on resolving all questions through computation. In essence, Leibniz’s concept contributes to propositional logic, and this paper substantiates the feasibility of Leibniz’s idea in propositional logic systems. Specifically, it demonstrates that the proof of all internal theorems in propositional logic formal systems can be converted into mechanical computational processes.

Based on the Calculus of Inductive Constructions, the Coq system amalgamates advancements in logic from the vantage point of $\lambda$-calculus [2,23,24]. As an interactive theorem, proving environment, Coq facilitates collaboration between users and machines to complete formal proofs. Users can simplify complex theorems by decomposing them into collections of previously verified theorems or axioms using inference rules. The Coq system provides an extensive range of built-in tactics, including specialized tactics for inductive reasoning, automated tactics, and numerical proof tactics, which are used extensively in our formalization work. Additionally, Coq’s Ltac language enables experts to add custom tactics, which can increase the concision and effectiveness of the formalization process. Our research utilizes Coq, an interactive theorem prover, to systematically formalize the theory of propositional logic.

We develop four distinct Hilbert-style axiom systems, along with a natural deduction system for propositional logic, and demonstrate their equivalences through meticulous formal proofs. This approach ensures the robustness and adaptability of our formalization, making it suitable for a wide array of research contexts.

Furthermore, we offer formal proofs for several key meta-theorems in propositional logic, encompassing the Deduction Theorem, Soundness Theorem, Completeness Theorem, and Compactness Theorem. These findings are vital to understand the properties and limitations of propositional logic as a formal system. Moreover, their formalization in Coq strengthens the groundwork for future research endeavors.

To facilitate the proof of the Completeness Theorem, we establish the bijective association between formulae and natural numbers. During this operation, we formalize crucial notions related to mappings and countability and present a comprehensive formal proof of the Cantor–Bernstein–Schr"oder theorem. This result holds significant implications for the exploration of propositional logic and its relationships with other mathematical domains.

Additionally, we devise automated Coq tactics specifically designed for the propositional logic inference system outlined in this study. These tactics allow for the automatic verification of all tautologies, internal theorems, and the majority of syntactic and semantic inferences within the system, greatly minimizing the manual effort involved in the theorem-proving process.

The primary contribution of this research is the development of a versatile and reusable Coq library for propositional logic. This library acts as a reliable foundation for a wide range of applications, especially in the realms of logic formalization and the verification of software and hardware securities. By offering a comprehensive and rigorously verified framework for propositional logic, we aim to promote progress in mathematics, computer science, and related disciplines.

The structure of the paper is as follows. In Section 2, we introduce related work. In Section 3, we lay the groundwork by formalizing propositional formulae and essential set theory concepts in preparation for constructing a propositional logic system, In Section 4, we delve into the formalization of propositional logic semantics and devise a Coq tactic capable of automatically proving all tautologies and the majority of semantic inferences within propositional logic. In Section 5, we explore four distinct Hilbert-style axiom systems, as well as a natural deduction system, demonstrate their equivalences, and furnish formal proofs for several vital meta-theorems in propositional logic, including the Deduction Theorem, Soundness Theorem, and others. In Section 6, our primary emphasis is on establishing the completeness of a formal system for propositional logic. Concurrently, we prove the countability of formulae, present formal proofs for the Cantor–Bernstein–Schröder theorem and Compactness theorem, and devise a Coq tactic for the automatic verification of all tautologies and internal theorems, as well as the majority of semantic and syntactic inferences within the formal systems. In Section 7, we offer our conclusions and contemplate potential avenues for future research. Finally, in Section 8, we offer our conclusions and contemplate potential avenues for future research.

Through the formalization of propositional logic and the development of automated Coq tactics, this research not only contributes to the field of formal mathematics, but also offers valuable insights and resources for researchers in computer science and other related disciplines. By establishing a solid foundation for propositional logic, we hope to accelerate progress in various areas of knowledge and to inspire further exploration of theorem-proving and formalization techniques.

2. Related Work

Some significant formalizations of mathematical logic have been documented in the literature. In 1959, Hao Wang utilized an IBM 704 computer to prove hundreds of mathematical logic theorems from Russell and Whitehead’s seminal work, “Principia Mathematica,” in just nine minutes [25]. Wang’s groundbreaking research demonstrated that theorem proving could be treated akin to numerical computation. Later, in 2005, Russell O’Connor successfully formalized Gödel’s first incompleteness theorem using Coq [26].

Various other notable researchers have advanced the field of formalizing logic. Johannes Hostert and collaborators developed and mechanized compact proofs of the undecidability of various problems for dyadic first-order logic over a small logical fragment [27]. Koch and Kirst mechanized central metatheoretic results about second-order logic using Coq [28]. De Almeida Borges introduced a Coq formalization of the Quantified Reflection Calculus with one modality [29]. Andrade and collaborators presented a formalization of the language, semantics, and axiomatization of justification logic in Coq [30]. Bereczky and collaborators formalized matching logic via the Coq proof assistant [31]. Bruno Bentzen advanced a recent formalization of a Henkin-style completeness proof for the propositional modal logic $S5$, utilizing the Lean theorem prover [32]. Finally, Schneider and collaborators formally verified the correctness of a monitor for metric first-order temporal logic specifications with the assistance of Isabelle/HOL [33].

Various studies have concentrated on the formalization of propositional logic. One such work formalized the completeness and decidability of Propositional Dynamic Logic (PDL) and its converse (CPDL) in Coq/Ssreflect [34]. Another research effort focused on formalizing the syntax, semantics, soundness, and completeness of separation logic in Coq [35]. From et al. presented soundness and completeness proofs of a sequent calculus for first-order logic, formalized via the interactive proof assistant Isabelle/HOL [36]. A third study addressed the completeness theorem for first-order logic [37], considering both classical and intuitionistic logic. As PDL, separation logic, and first-order logic are all extensions of propositional logic, these works can be viewed as encompassing propositional logic to a certain degree. In addition, Julius Michaelis and Tobias Nipkow formalized a range of proof systems for classical propositional logic (sequent calculus, natural deduction, Hilbert systems, resolution) in Isabelle/HOL and proved the most important meta-theoretic results about semantics and proofs [38]. In a different study, closely related to our research [39], key theorems about classical propositional logic were formalized using the Coq proof assistant. Its primary contributions involved proving the soundness and completeness of natural deduction calculus and demonstrating the equivalence between natural deduction calculus, Hilbert systems, and sequent calculus, as well as cutting elimination for sequent calculus.

3. Preliminary

In propositional logic, simple propositions serve as the minimal units of analysis, and are no longer decomposed. We refer to these elementary propositions as formulae in propositional logic. Prior to constructing a formal system for propositional logic, it is not only necessary to define the concept of propositional formulae, which are the subject of study in propositional logic, but also to formalize the set–theoretic content involved. This formalization process ensures a rigorous foundation for the examination of propositional logic within the Coq framework.

3.1. Formula

The formation rules for formulae are as follows:

• Each propositional variable, such as $x_0$, $x_1$, …, $x_n$, …, is considered a formula.
• If p is a formula, then its negation, ¬p, is also a formula.
• If p and q are formulae, then their implication, (p→q), is also a formula.
• Every formula is formed through a finite number of applications of the first three rules.

These rules provide a structured framework for creating and manipulating formulae in propositional logic, ensuring a consistent and rigorous approach in the field. Their formal descriptions are as follows:

Inductive Formula : Set :=
  | Var : nat -> Formula
  | Not : Formula -> Formula
  | Imp : Formula -> Formula -> Formula.
Notation "¬ q" := (Not q)(at level 5,right associativity).
Notation "p → q" := (Imp p q)(at level 8,right associativity).
Notation " p ∨ q " := (¬p → q)(at level 7, right associativity).
Notation " p ∧ q " := (¬(p → ¬q))(at level 6, right associativity).
Notation " p ↔ q " := ((p → q)∧(q → p))(at level 9, right associativity).

The provided Coq code defines an inductive data type, a formula which represents formulae in propositional logic. The data type has three constructors:

• Var: This constructor takes a natural number as an argument and generates a propositional variable. The natural number serves as an index to identify the propositional variable.
• Not: This constructor takes a formula as an argument and generates its negation, representing the logical NOT operation.
• Imp: This constructor takes two formula instances as arguments and creates an implication between them, representing the logical implication (→) operation.

The code also introduces 5 notations to provide a more intuitive syntax for expressing formulae (See

Table 1. Notations of Formulae.

Notation	Function	Precedence Level	Associativity
$\neg q$	Not q	5	Right
$p\to q$	Imp p q	8	Right
$p\bigvee q$	¬p → q	7	Right
$p\bigwedge q$	¬(p →¬q)	6	Right
$p\leftrightarrow q$	(p → q)⋀(q → p)	9	Right

).

3.2. Set Theory

The given Coq code imports the $Coq.Sets.Ensembles$ module and defines notations and lemmas for working with sets, which sre used in the formalization of a propositional logic formal system.

Require Import Coq.Sets.Ensembles.
Notation "a ∈ A" := (In _ A a) (at level 10).
Notation "B ∪ C" := (Union _ B C) (at level 65, left associativity).
Notation "[ a ]" := (Singleton _ a) (at level 0, right associativity).
Notation "A ⊆ B" := (Included \_ A B) (at level 70).
Corollary UnionI : forall {U} (a:U) B C, a ∈ (B ∪ C) <-> a∈ B \/ a∈ C.
Proof ... Qed.
Corollary Single : forall {U} (a x:U), a ∈ [ x ] -> a = x.
Proof ... Qed.
Global Hint Resolve UnionI Single: sets.
Definition Φ := Empty_set Formula.
Ltac ES :=
  match goal with
  | H: ?a ∈ Φ |- _ => destruct H
  | H: ?p0 ∈ [?p] |- _ => apply Single in H; rewrite H in *; ES
  | H: ?a ∈ (?B ∪ ?C) |- _ => apply UnionI in H; ES
  | |- ?a ∈ (?B ∪ ?C) => apply UnionI; ES
  | H: ?B \/ ?C |- _ => destruct H; ES
  | H: ?B /\ ?C |- _ => destruct H; ES
  | |- forall a, ?Q => intros; ES
  | |- ?P <-> ?Q => split; intros; ES
  | |- _ => eauto with sets
  end.

The code introduces the following notations for sets as shown in

Table 2. Notations of Ensembles.

Notation	Meaning	Precedence Level	Associativity
$a\in A$	a belongs to set A	10	Left
$B\cup C$	Union of sets B and C	65	Left
$\left[a\right]$	Singleton set containing a	0	Right
$A\subseteq B$	A is a subset of B	70	Right

:

The code also defines two corollaries and adds them to the set hint database:

UnionI: This corollary establishes that an element a belongs to the union of sets B and C if, and only if, a belongs to either B or C. Single: This corollary asserts that if an element a belongs to a singleton set [x], then a must be equal to x. The definition $\mathsf{\Phi }$ represents the empty set of formulae using the Empty_set Formula constructor.

Lastly, the ES Ltac tactic is defined to simplify reasoning about sets in the context of the formalization. The tactic consists of a series of pattern matching and rewriting rules for handling set-related goals and hypotheses. The tactic is designed to be recursive, simplifying the goal until it can be solved using the auto tactic with the set hint database.

This code lays the foundation for working with sets in the context of a propositional system, streamlining the reasoning and formalization processes.

We refer to the previously defined $Formula$ and its constructors as the language of propositional logic, which serves as the subject of investigation in this study. To discuss these research subjects, we also require another language, resulting in two distinct levels of language. The language of propositional logic that we define is our research subject and is called the object language. The language used to discuss the object language is known as the meta-language, which, in this case, can be considered to be Coq.

Having defined the language, the next steps involve formalizing the formal semantics and inference systems of propositional logic, thereby providing a solid foundation for the analysis and exploration of logical systems within the Coq framework.

4. Semanic

An essential characteristic of propositions is their truth values, which depend on whether they accurately reflect objective circumstances. In propositional logic, the interpretation of propositions adheres to the principle of bivalence, meaning a proposition is either true or false, and these truth values are referred to as the truth values of propositional logic.

In this study, we utilize $true$ and $false$ of Coq’s $bool$ type to symbolize truth and falsity respectively. Since the negation, conjunction, and disjunction functions for the bool type have been previously defined in the Coq core library, we only need to define the implication and equivalence functions:

Definition Contain_bool p q : bool :=
  match p, q with
  | true, true => true
  | true, false => false
  | false, true => true
  | false, false => true
  end.
  

Definition Equal_bool p q : bool :=
  match p, q with
  | true, true => true
  | true, false => false
  | false, true => false
  | false, false => true
  end.

We also define the following notations for these functions, as provided in

Table 3. Boolean Functions.

Notation	p	q	Return
${\neg }^{\prime }p$	true		false
	false		true
$p{\vee }^{\prime }q$	true	true	true
	true	false	true
	false	true	true
	false	false	false
$p{\wedge }^{\prime }q$	true	true	true
	true	false	false
	false	true	false
	false	false	false
$p{\to }^{\prime }q$	true	true	true
	true	false	false
	false	true	true
	false	false	true
$p{\leftrightarrow }^{\prime }q$	true	true	true
	true	false	false
	false	true	false
	false	false	true

:

Notation " ¬’ p " := (negb p)(at level 5).
Notation "p ∨’ q" := (orb p q)(at level 7).
Notation " p ∧’ q " := (andb p q)(at level 6).
Notation "p →’ q" := (Contain_bool p q)(at level 8).
Notation " p ↔’ q " := (Equal_bool p q)(at level 9).

To explore the semantics of propositional logic requires the establishment of appropriate connections between formulae (Formulae) and truth values (bools). This necessitates a semantic valuation function v, tasked with attributing a truth valuation to each proposition. However, this function is not arbitrary, as it must express the effect of logical connectives and reduce the truth valuations of compound propositions to those of their components.

A valuation is a mapping v: Formula -> bool that exhibits “preservation of operations”. Preservation of operations means that:

(1)

v (¬p)) = ¬’(v p);

(2)

v (p → q)) = (v p) →’ (v q).

The Coq description of valuation is as follows:

Definition keep_not v := (forall p, (v (¬p)) = ¬’(v p)).
Definition keep_imp v := (forall p q, (v (p → q)) = (v p) →’ (v q)).
Definition value (v : Formula -> bool) := keep_not v /\ keep_imp v.

A tautology (or logical validity) is a proposition p for which all valuations v assign true. In this case, p is called a tautology or logical validity of the propositional logic, denoted by ⊨ p.

Definition Tautology p := forall v, value v -> v p = true.
Notation " ⊨ p " := (Tautology p)(at level 80).

The following is the definition of “Semantic_inference”, where $\mathsf{\Gamma }$ is a set of propositional formulae and p is a propositional formula. For all valuation functions v, if v qualifies as a valuation, then, when all propositional formulae q in $\mathsf{\Gamma }$ are true under the valuation v (v q = true), the propositional formula p is also true under the valuation v (v p = true). This definition describes the process of deducing another formula p from a set of formulae $\mathsf{\Gamma }$ under given semantics, and is denoted as “$\mathsf{\Gamma }$⊨ p”.

Definition Semantic_inference (Γ:Ensemble Formula) p := forall v, value v ->
  (forall q, q ∈ Γ -> v q = true) -> v p = true.
Notation " Γ ⊨ p " := (Semantic_inference Γ p)(at level 80)

By formalizing these concepts in Coq, we effectively reason the semantics of propositional logic and analyze its properties within a rigorous framework.

4.1. Automated Proving for Tautology-Related Goals

The following tactics are designed to automatically reason tautology-related goals in Coq.

Ltac debo :=
  match goal with
  | H : false = true |- _ => inversion H
  | H : true = false |- _ => inversion H
  | H : false = ?Q,
    H0 : true = ?Q |- _ => rewrite <- H in H0
  | H : ?Q = false,
    H0 : ?Q = true |- _ => rewrite H in H0
  | H :  ?Q = false,
    H0 : true = ?Q |- _ => rewrite H in H0
  | H : ?Q = true,
    H0 : false = ?Q |- _ => rewrite H in H0
  | b : bool |- _ => destruct b
  | |- forall x, ?Q => intros
  | H : keep_not _
    |- _ => rewrite -> H in *
  | H : keep_imp _
    |- _ => rewrite -> H in *
  | |- _ => auto
  end.
    
Ltac autobool p :=
  match p with
  | ?x →’ ?y => autobool x; autobool y
  | ?x ∨’ ?y => autobool x; autobool y
  | ?x ∧’ ?y => autobool x; autobool y
  | ?x ↔’ ?y => autobool x; autobool y
  | ¬’ ?x => autobool x
  | _ => destruct p
  end.
    
Ltac autos := repeat debo;
  match goal with
  | |- forall x, ?Q => intros; autos
  | |- _ <-> _ => split; intros; autos
  | |- _ => red; autos
  | H : value _
    |- _ => destruct H; autos
  | |- ?l = ?r => autobool l
  | |- ?l = ?r => autobool r
  end; auto.

The provided tactics debo, autobool, and autos work in conjunction to automate the proof of tautology-related goals in Coq. These tactics streamline proofs by handling specific cases and destructing propositions when necessary. Here is an explanation of each tactic and its logic:

debo: This tactic addresses various cases that arise while proving goals involving boolean values and propositions. It handles contradictions, rewrites equalities, destructs booleans, introduces variables, and applies definitions of keep_not and keep_imp to simplify the proof state.

autobool: This tactic simplifies proofs involving propositional logic with boolean operators. It destructs compound propositions and recursively applies itself to the subcomponents, breaking down the proof goal into simpler parts. The tactic handles implications, disjunctions, conjunctions, biconditionals, and negations.

autos: This tactic automates the proof of tautologies by applying the debo tactic repeatedly and managing various proof states. It handles goals requiring quantification, biconditional statements, and proposition equalities. The tactic also destructs values and applies the autobool tactic to simplify the proof state.

These tactics work together to simplify and automate the process of proving tautology-related goals in Coq. By addressing specific cases, destructing propositions, and handling equalities, these tactics make the proof process more efficient and logical. In fact, all tautologies can be proven automatically using the $autos$ tactic, as shown below.

Goal forall p: Formula, ⊨ p → p.
Proof. autos. Qed.
Goal forall p: Formula, ⊨ p ∨ ¬p.
Proof. autos. Qed.
Goal forall p: Formula, ⊨ ¬ (¬ p ∧ p).
Proof. autos. Qed.
Goal forall p q: Formula, ⊨ ((p → q) → p) → p.
Proof. autos. Qed.
Goal forall p q: Formula, ⊨ (q → p) → (¬p → ¬q).
Proof. autos. Qed.
Goal forall p q r: Formula, ⊨ (p ∨ q) ∨ r ↔ p ∨ (q ∨ r).
Proof. autos. Qed.
Goal forall p q: Formula, ⊨ p ∨ q ↔ q ∨ p.
Proof. autos. Qed.
Goal forall p q r: Formula, ⊨ ((p ∧ q) ∧ r) ↔ (p ∧ (q ∧ r)).
Proof. autos. Qed.
Goal forall p q r: Formula, ⊨ (p ∧ (q ∨ r))↔ ((p ∧ q) ∨ (p ∧ r)).
Proof. autos. Qed.
Goal forall p q r: Formula, ⊨ (p ∨ (q ∧ r))↔ ((p ∨ q) ∧ (p ∨ r)).
Proof. autos. Qed.
Goal forall p q: Formula, ⊨ (¬ (p ∨ q)) ↔ (¬ p ∧ ¬ q).
Proof. autos. Qed.
Goal forall p q: Formula, ⊨ (¬ (p ∧ q)) ↔ (¬ p ∨ ¬ q).
Proof. autos. Qed.

4.2. Automated Proving for Semantic Inferences

The subsequent Coq script consists of several facts and lemmas regarding tautologies and semantic inferencing in propositional logic. These facts and lemmas facilitate the establishment of fundamental properties and rules involving tautologies and semantic inference.

Fact Tautology_and : forall p q ,  ⊨ p ->  ⊨ q ->  ⊨ p ∧ q.
Fact Tautology_or : forall p q ,  ⊨ p ->  ⊨ q ->  ⊨ p ∨ q.
Fact Tautology_latertrue : forall p q , ⊨ q ->  ⊨ p → q .
Fact Tautology_frontfalse : forall p q , ⊨ p ->  ⊨ ¬p → q.
Fact Semantic_inference_I : forall p, Φ ⊨ p <-> ⊨ p.
Fact Semantic_inference_II : forall Γ p, p ∈ Γ -> Γ ⊨ p.
Fact Semantic_inference_III : forall p, ⊨ p -> forall Γ, Γ ⊨ p.
Fact Semantic_inference_IV : forall p q, Φ∪[p] ⊨ q <-> [p] ⊨ q.
Lemma semantic_MP : forall Γ p q, Γ ⊨ p -> Γ ⊨ p → q -> Γ ⊨ q.
Lemma semantic_deny_front : forall p q, [¬p]⊨ p → q.
Lemma semantic_later : forall p q, [q]⊨ p → q.

Combining the previously introduced common properties of tautologies and semantic inference, we can derive the Semantic Deduction Theorem, and further design an Ltac tactic for automated proof of semantic inference.

Semantic Deduction Theorem: For any set of premises $\mathsf{\Gamma }$ and formulae p and q, the union of $\mathsf{\Gamma }$ and the singleton set containing p semantically infers q if, and only if, $\mathsf{\Gamma }$ semantically infers the implication p → q. This lemma states the Semantic Deduction Theorem in propositional logic.

Lemma semantic_deductive : forall Γ p q, Γ∪[p] ⊨ q <-> Γ ⊨ p → q.

Based on the aforementioned conclusions, we designed an automated Coq tactic for proving semantic inferences:

Ltac autosemantic :=
  match goal with
  | |- ⊨ _ => autos
  | |- Φ⊨ _ => apply Semantic_inference_I; autosemantic
  | |- [_]⊨ _ => apply Semantic_inference_IV; autosemantic
  | |- _∪[_]⊨ _ => apply <-semantic_deductive; autosemantic
  | |- forall x, ?Q => intros; autosemantic
  | |- _ => apply Semantic_inference_III; autosemantic
  end.

Figure 1 illustrates the principle underpinning the ’autosemantic’ tactic, as it applies to semantic inferences with the form “$\mathsf{\Gamma }$⊨ p”. Depending on the structure of $\mathsf{\Gamma }$, these inferences can be classified into five categories:

Case 1: If the goal is presented as “⊨ _”, the tactic directly calls the tautology-proving tactic $autos$ to complete the proof.

Case 2: When $\mathsf{\Gamma }$ is an empty set, resulting in a goal in the form “$\mathsf{\Phi }$⊨ _”, Semantic_inference_I is applied to transform the goal into “⊨ _”, and the tautology-proving strategy $autos$ is called to complete the proof.

Case 3: If the goal takes the form “$\mathsf{\Gamma }$∪[p]⊨q”, the Semantic Deduction Theorem is applied to transform the goal into “$\mathsf{\Gamma }$⊨ p → q”, and the autosemantic is called recursively.

Case 4: With the goal in the form “[]⊨”, Semantic_inference_IV is applied to transform the goal into “$\mathsf{\Phi }$∪[]⊨”, which then falls under Case 3, and the autosemantic is called recursively.

Case 5: For any goal “$\mathsf{\Gamma }$⊨ p” that does not fit into the aforementioned four categories, Semantic_inference_III is directly applied to transform the goal into the tautological form “⊨ p”, and the proof strategy autos is called.

The autosemantic tactic automates the proof of semantic inference for goals, such as the following: $\mathsf{\Gamma }\models p$, $\left[p_0\right]\models p$, $\mathsf{\Gamma }\cup \left[p_0\right]\models p$, $\left[p_0\right]\cup$ … $\cup \left[p_n\right]\models p$, $\mathsf{\Gamma }\cup \left[p_0\right]\cup$ … $\cup \left[p_n\right]\models p$ as well as for all tautologies. It uses the previously defined lemmas and facts to simplify and prove the goals. Some examples are provided to demonstrate the usage of the autosemantic:

Goal forall Γ p, Γ ⊨ (¬p → p) → p.
Proof. autosemantic. Qed.
Goal forall p q, Φ ⊨ (q → p) → (¬p → ¬q).
Proof. autosemantic. Qed.
Goal forall p q r, [p → q]∪[q → r] ⊨ p → r.
Proof. autosemantic. Qed.
Goal forall Γ p q r, Γ ⊨ (p ∨ q) ∨ r ↔ p ∨ (q ∨ r).
Proof. autosemantic. Qed.
Goal forall p, ⊨ ¬ (¬ p ∧ p).
Proof. autosemantic. Qed.
Goal forall p q, [p] ⊨  q → p.
Proof. autosemantic. Qed.

5. Formal Deduction Systems for Propositional Logic

Propositional logic formal systems can be broadly categorized into two types: Hilbert-style systems and Gentzen-style systems.

The Hilbert-style system, also known as the axiomatic system, is a formal deduction system that uses a minimal set of axioms and inference rules to prove logical statements. It typically has fewer, but more complex, rules, and proofs in this system can be quite lengthy and unintuitive.

On the other hand, the Gentzen-style system, which includes natural deduction and sequent calculus, is designed to be more intuitive and closer to the way humans reason about logic. In these systems, proofs are generally constructed through a series of smaller, more natural steps, and there are usually more inference rules that are easier to understand.

The natural deduction system is a part of the Gentzen-style system. It is a formal proof system that models logical reasoning through the introduction and elimination of logical connectives (e.g., conjunction, disjunction, implication, negation). The natural deduction system aims to capture the informal reasoning used in everyday arguments, making the proof construction process more intuitive and human-like.

5.1. A Hilbert-Style System for Propositional Logic

Łukasiewicz’s axiomatic system (system L) for propositional logic is a Hilbert-style system based on a minimal set of axioms and the $modusponens$ (MP) rule of inference. The system is designed to derive all valid formulae or tautologies of classical propositional logic. Łukasiewicz’s axioms are typically presented in the following form:

L1: (A → (B → A))

L2: ((A → (B → C)) → ((A → B) → (A → C)))

L3: ((¬A →¬B) → (B → A))

Here, A, B, and C are propositional variables, and → denotes implication, while ¬ represents negation.

Using these axioms and the MP rule of inference, which states that if A and (A → B) are both true, then B must also be true, it is possible to derive all the valid formulae of classical propositional logic. System L is known for its simplicity and elegance, and it has been influential in the development of modern logic.

Reserved Notation " Γ ⊢ p " (at level 80).
Inductive deduce_L (Γ : Ensemble Formula): Formula -> Prop :=
  | L0 : forall p, p ∈ Γ -> Γ ⊢ p
  | L1 : forall p q, Γ ⊢ (p → (q → p))
  | L2 : forall p q r, Γ ⊢ ((p → (q → r)) → ((p → q) → (p → r)))
  | L3 : forall p q, Γ ⊢ ((¬p → ¬q)→ (q → p))
  | MP : forall p q, Γ ⊢ (p → q) -> Γ ⊢ p -> Γ ⊢ q
where " Γ ⊢ p " := (deduce_L Γ p).
Notation " ⊢ p " := (deduce_L Φ p) (at level 80).

The code defines an inductive type deduce_L that represents a Hilbert-style deductive system (system L) for propositional logic. The system is based on a given set of formulae $\mathsf{\Gamma }$, and it uses a custom notation “$\mathsf{\Gamma }$⊢ p” (at level 80) to represent that formula p can be deduced from the set $\mathsf{\Gamma }$.

The inductive type deduce_L consists of the following constructors (axioms and inference rules):

L0: If a formula p belongs to the set $\mathsf{\Gamma }$, then p can be deduced from $\mathsf{\Gamma }$. This constructor represents the axiom of assumption.

L1: Axiom 1, also known as the Identity axiom, asserts that for any formulae p and q, $\mathsf{\Gamma }$⊢ (p → (q → p)). It represents the rule that if p is true, then q → p is also true.

L2: Axiom 2, also known as the Hypothetical Syllogism axiom, asserts that for any formulae p, q, and r, $\mathsf{\Gamma }$⊢ ((p → (q → r)) → ((p → q) → (p → r))). It represents the rule that if p implies q implies r, and p implies q, then p implies r.

L3: Axiom 3, also known as the Contrapositive axiom, asserts that for any formulae p and q, $\mathsf{\Gamma }$⊢ ((¬p →¬q) → (q → p)). It represents the rule that if the negation of p implies the negation of q, then q implies p.

MP: The Modus Ponens inference rule states that if $\mathsf{\Gamma }$⊢ (p → q) and $\mathsf{\Gamma }$⊢ p, then $\mathsf{\Gamma }$⊢ q. This rule allows deriving q if both p → q and p can be deduced from $\mathsf{\Gamma }$.

Finally, the code defines a notation “⊢ p” (at level 80) as a shorthand for “$\mathsf{\Phi }$⊢ p”, where $\mathsf{\Phi }$ is an empty set of formulae.

The following are some important theorems within the Hilbert-style system:

⊢ p → p

⊢¬q → (q → p)

⊢ (¬p → p) → p

⊢ p →¬¬p

⊢ (q → p) → (¬p →¬q)

⊢ ((p → q) → p) → p

[¬¬p] ⊢ p

⊢¬¬p → p

Lemma law_identity : forall Γ p,
  Γ ⊢ p → p.
Lemma law_deny_antecedent : forall Γ p q,
  Γ ⊢ ¬q → (q → p).
Lemma law_negetion_affirmation : forall Γ p,
  Γ ⊢ (¬p → p) → p.
Lemma law_double_negation_second : forall Γ p ,
  Γ ⊢ p → ¬¬p.
Lemma law_inverse_prop : forall Γ p q,
  Γ ⊢ (q → p) → (¬p → ¬q).
Lemma law_peirce : forall Γ p q ,
  Γ ⊢ ((p → q) → p) → p.
Lemma law_double_negation_aux : forall p,
  [¬¬p] ⊢ p.
Lemma law_double_negation : forall  Γ p,
  Γ ⊢ ¬¬p → p.

All of the above theorems have been verified within the Hilbert-style deductive system L. These theorems demonstrate the power and expressiveness of the Hilbert-style system, enabling rigorous proofs of various propositional logic properties within the Coq proof assistant.

5.2. Meta-Theorems

We completed the verification of several elementary meta-theorems within the Hilbert-style deductive system L, including the Deductive Theorem, the Indirect Proof Rule, the Reductio ad Absurdum, and the Syllogism. These theorems facilitate the transformation of proofs and provide more modular approaches to proving theorems. Their formalizations are in subsequent sections:

Theorem Deductive_Theorem : forall Γ p q, Γ∪[p] ⊢ q <-> Γ ⊢ p → q.
Theorem rule_Indirect : forall Γ p q, Γ∪[¬p] ⊢ q -> Γ∪[¬p] ⊢ ¬q -> Γ ⊢ p.
Theorem rule_Reduction_absurdity :
  forall Γ p q, Γ∪[p] ⊢ q -> Γ∪[p] ⊢ ¬q -> Γ ⊢ ¬p.
Theorem syllogism : forall Γ p q r , Γ∪[p] ⊢ q -> Γ∪[r] ⊢ p -> Γ∪[r] ⊢ q.

In addition, there are several essential metatheorems that demonstrate the fundamental properties and behavior of a logical system. Some of the most important metatheorems include Soundness, Consistency, Completeness, and Compactness. In the following, we introduce Soundness and Consistency. The formalization and verification processes for Completeness and Compactness are presented in Section 5.

5.2.1. Soundness

Soundness asserts that if a formula is derivable in the logic system, it is also a tautology (i.e., true in every possible interpretation). Soundness guarantees that any theorem proven within the system is indeed valid.

$\mathsf{\Gamma }⊢p\Rightarrow \mathsf{\Gamma }\models p$

The formalizations are as follow:

Theorem soundness_L : forall Γ p, Γ ⊢ p -> Γ ⊨ p.
Proof.
  red; intros.
  induction H; autot.
  rewrite IHdeduce_L2 in *.
  inversion IHdeduce_L1.
Qed.

The following code presents a proof of the Soundness Theorem for the Hilbert-style formal system L. The theorem states that if a proposition p is provable in the formal system L from a set of assumptions $\mathsf{\Gamma }$, then p is also semantically entailed by $\mathsf{\Gamma }$ (i.e., p is true in all interpretations in which all elements of $\mathsf{\Gamma }$ are true). The code demonstrates the soundness of the formal system, meaning that every provable statement is true in the underlying semantics. The following is an explanation of the code:

The proof proceeds by induction on the derivation of p in the formal system L, denoted as $\mathsf{\Gamma }$⊢ p. The induction base case and the inductive steps are handled by the auto tactic, which automatically applies the appropriate entailment axioms and rules.

The proof uses two induction hypotheses, IHdeduce_L1 and IHdeduce_L2, to reason the entailment of the subformulae involved in the Modus Ponens (MP) rule.

Finally, it completes the proof of the Soundness Theorem for the Hilbert-style formal system L.

5.2.2. Consistency

With the Soundness Theorem in place, we can prove the consistency of the formal system L, which states that there is no formula p such that both $\mathsf{\Gamma }$⊢ p and $\mathsf{\Gamma }$⊢¬p hold simultaneously. First, we define the concept of a consistent set as follows:

∀ q, ~$(\mathsf{\Gamma }⊢q\wedge \mathsf{\Gamma }⊢\neg q)$

Definition consistent (Γ : Ensemble Formula) := forall q, ~ (Γ ⊢ q /\ Γ ⊢ ¬q).

The consistency theorem states that the empty set is a consistent set, which can be described as:

Theorem consistency_L : consistency Φ.

Consistency can be easily derived from the soundness of the formal system L. This demonstrates that the formal system L is consistent, meaning that it does not lead to contradictions, which is a desirable property for a logical system.

5.3. Several Hilbert-Style Systems of Classical Propositional Logic

Several Hilbert-style systems, equivalent to system L, can be constructed by choosing different formulae as axioms, resulting in different systems. In addition to L1, L2, and L3, the following tautologies can also be designated as axioms:

(L’3) ¬q → (q → p).

(L’4) (¬p → p) → p.

(F’3) ¬¬p → p.

(F3) (¬p →¬q) → ((¬p → q) → p).

(F’4) (p → q) → (p →¬q) →¬p.

The formalization of these axioms in Coq is as follows:

Definition AL1 (P : Formula -> Prop) :=
  forall p q, P (p → (q → p)).
Definition AL2 (P : Formula -> Prop) :=
  forall p q r, P ((p → (q → r)) → ((p → q) → (p → r))).
Definition AL3 (P : Formula -> Prop) :=
  forall p q, P ((¬p → ¬q)→ (q → p)).
Definition AL’3 (P : Formula -> Prop) :=
  forall p q, P (¬q → (q → p)).
Definition AL’4 (P : Formula -> Prop) :=
  forall p, P (¬p → p)→ p.
Definition AF’3 (P : Formula -> Prop) :=
  forall p, P (¬¬p → p).
Definition AF3 (P : Formula -> Prop):=
  forall p q, P (¬p → ¬q) → ((¬p → q) → p).
Definition AF’4 (P : Formula -> Prop):=
  forall p q, P (p → q) → (p → ¬q) → ¬p.
Definition MP_rule (P : Formula -> Prop) :=
  forall p q, P (p → q) -> P p -> P q.

Next, we discuss four axiomatic systems as shown in

Table 4. Four axiomatic systems.

System	L0	L1	L2	L3	L’3	L’4	F3	F’3	F’4	MP
L	✓	✓	✓	✓	×	×	×	×	×	✓
$L^{\prime }$	✓	✓	✓	×	✓	✓	×	×	×	✓
F	✓	✓	✓	×	×	×	✓	×	×	✓
$F^{\prime }$	✓	✓	✓	×	×	×	×	✓	✓	✓

:

system L: L1, L2, L3.

system L’: L1, L2, L’3, L’4.

system F: L1, L2, F3.

system F’: L1, L2, F’3, F’4.

Once system L is defined, we define the other three Hilbert-style systems, L’, F and F’.

Section classical_logic.
Variable Γ : Ensemble Formula.
Inductive deduce_L’ : Formula -> Prop :=
  | L’0 : forall p, p ∈ Γ -> deduce_L’ p
  | L’1 : AL1 _
  | L’2 : AL2 _
  | L’3 : AL’3 _
  | L’4 : AL’4 _
  | L’MP : MP_rule deduce_L’.

Inductive deduce_F : Formula -> Prop :=
  | F0 : forall p, p ∈ Γ -> deduce_F p
  | F1 : AL1 _
  | F2 : AL2 _
  | F3 : AF3 _
  | FMP : MP_rule deduce_F.

Inductive deduce_F’ : Formula -> Prop :=
  | F’0 : forall p, p ∈ Γ -> deduce_F’ p
  | F’1 : AL1 _
  | F’2 : AL2 _
  | F’3 : AF’3 _
  | F’4 : AF’4 _
  | F’MP : MP_rule deduce_F’.

End classical_logic.

Notation " Γ ⊢L’ p " := (deduce_L’ Γ p)(at level 80).
Notation " Γ ⊢F p " := (deduce_F Γ p)(at level 80).
Notation " Γ ⊢F’ p " := (deduce_F’ Γ p)(at level 80).

These different Hilbert-style systems illustrate the flexibility in choosing axioms for propositional logic. By selecting various sets of axioms, we can construct equivalent systems that share the same inferential power but employ different foundational principles.

In order to prove the equivalence of the four systems L, L’, F, and F’, we follow the steps shown in Figure 2:

Equivalence between systems F and F’:

$\mathsf{\Gamma }$${⊢}_F$ p ⇔$\mathsf{\Gamma }$${⊢}_{F^{\prime }}$ p

Theorem eq_FF’ : forall p Γ, Γ ⊢F p <-> Γ ⊢F’ p.

System L’ implies L:

$\mathsf{\Gamma }$${⊢}_{L^{\prime }}$ p ⇒$\mathsf{\Gamma }$⊢ p

Theorem L’_to_L : forall p Γ, Γ ⊢L’ p -> Γ ⊢ p.

System L implies F:

$\mathsf{\Gamma }$⊢ p ⇒$\mathsf{\Gamma }$${⊢}_F$ p

Theorem L_to_F : forall p Γ, Γ ⊢ p -> Γ ⊢F p.

System F implies L’:

$\mathsf{\Gamma }$${⊢}_F$ p ⇒$\mathsf{\Gamma }$${⊢}_{L^{\prime }}$ p

Theorem F_to_L’ : forall p Γ, Γ ⊢F p -> Γ ⊢L’ p.

Through the proofs of these theorems, we establish the equivalence between the four systems L, L’, F, and F’. These results demonstrate the interconnectedness of these different formal systems for propositional logic, which is important in understanding and utilizing logical reasoning. Additionally, this equivalence provides a strong foundation for bth the study and application of propositional logic, as it showcases the relationships between the different systems and their respective strengths in various contexts.

5.4. A Natural Deduction System

Following is the formal description of a natural deduction system:

Reserved Notation " Γ ⊢N p " (at level 80).
Inductive deduce_N (Γ:Ensemble Formula):Formula -> Prop:=
  |DN0 : forall p, p ∈ Γ -> Γ ⊢N p
  |DN1 : forall p q, Γ ∪ [p] ⊢N q -> Γ ⊢N (p → q)
  |DN2 : forall p q, Γ ⊢N p -> Γ ⊢N (p → q) -> Γ ⊢N q
  |DN3 : forall p q, Γ ⊢N p -> Γ ⊢N (p ∨ q)
  |DN4 : forall p q, Γ ⊢N p -> Γ ⊢N (q ∨ p)
  |DN5 : forall p q r, Γ ⊢N (p ∨ q) -> Γ ⊢N (p → r) ->
       Γ ⊢N (q → r) -> Γ ⊢N r
  |DN6 : forall p q, Γ ⊢N p -> Γ ⊢N q -> Γ ⊢N (p ∧ q)
  |DN7 : forall p q, Γ ⊢N (p ∧ q) -> Γ ⊢N p
  |DN8 : forall p q, Γ ⊢N (p ∧ q) -> Γ ⊢N p
  |DN9 : forall p q, Γ ⊢N (p → q) -> Γ ⊢N (q → p) ->
       Γ ⊢N (p ↔ q)
  |DN10: forall p q, Γ ⊢N (p ↔ q) -> Γ ⊢N p -> Γ ⊢N q
  |DN11: forall p q, Γ ⊢N (p ↔ q) -> Γ ⊢N q -> Γ ⊢N p
  |DN12 : forall p q, Γ ⊢N (p ↔ q) -> Γ ⊢N (p → q)
  |DN13 : forall p q, Γ ⊢N (p ↔ q) -> Γ ⊢N (q → p)
  |DN14 : forall p q, Γ ∪ [¬p] ⊢N q -> Γ ∪ [¬p] ⊢N ¬q ->
       Γ ⊢N p
where " Γ ⊢N p " := (deduce_N Γ p).
Notation "⊢N p" := (deduce_N Φ p)(at level 80).

The natural deduction reasoning system and Hilbert-style systems are both formal systems for representing propositional logic. They differ in the way they structure proofs and the inference rules they employ. Natural deduction and Hilbert-style systems both represent propositional logic, but exhibit differences in proof structures, inference rules, and degrees of intuitiveness. The former closely mirrors human reasoning, while the latter offers a more formalized approach, apt for automated theorem proving. Therefore, proving the equivalence between Hilbert-style systems and natural deduction systems is of considerable importance. We have already demonstrated the equivalence between four different Hilbert-style systems, and now we only need to prove the equivalence between one of the Hilbert systems, system L, and the natural deduction system.

To prove the equivalence, we first show that if $\mathsf{\Gamma }$⊢ p, then $\mathsf{\Gamma }{⊢}_{N}p$. We provide the following theorems:

${⊢}_N$ (p → (q → p))

${⊢}_N$ ((p → (q → r)) → ((p → q) → (p → r)))

${⊢}_N$ ((¬p →¬q)→ (q → p))

Theorem N_L1 : forall Γ p q, Γ ⊢N (p → (q → p)).
Theorem N_L2 : forall Γ p q r, Γ ⊢N ((p → (q → r)) → ((p → q) → (p → r))).
Theorem N_L3 : forall Γ p q, Γ ⊢N ((¬p → ¬q)→ (q → p)).

If a formula p can be derived in System L, it can also be derived in the natural deduction system.

$\mathsf{\Gamma }⊢p\Rightarrow \mathsf{\Gamma }{⊢}_{N}p$

Theorem L_to_N : forall Γ p,Γ ⊢ p -> Γ ⊢N p.
Proof.
  intros. induction H.
  - constructor. auto.
  - apply N_L1.
  - apply N_L2.
  - apply N_L3.
  - eapply DN2; eauto.
Qed.

Similarly, we can prove the other direction: if a formula p can be derived in the natural deduction system, it can also be derived in System L.

Lemma pos_neg_all : forall Γ p q, Γ ⊢ p → q -> Γ ⊢ ¬p → q -> Γ ⊢ q.
Lemma des_or : forall Γ p q r, Γ ⊢ ¬p → q -> Γ ⊢ p → r -> Γ ⊢ q → r -> Γ ⊢ r.
Lemma pq_and : forall Γ p q , Γ ⊢ p -> Γ ⊢ q -> Γ ⊢ p∧q.
Theorem N_to_L : forall Γ p,Γ ⊢N p -> Γ ⊢ p.

Finally, we can prove the complete equivalence between the System L and the natural deduction system.

$\mathsf{\Gamma }⊢p\iff \mathsf{\Gamma }{⊢}_{N}p$

Theorem L_eq_N : forall Γ p,Γ ⊢ p <-> Γ ⊢N p.
Proof.
  split.
  - apply L_to_N.
  - apply N_to_L.
Qed.

This proof establishes the complete equivalence of System L and the natural deduction system. For any given set of formulae, $\mathsf{\Gamma }$, and a formula p, derivability in System Limplies derivability in the natural deduction system, and vice versa. This establishes the equivalence between the two formal systems for classical propositional logic, highlighting their importance in understanding and utilizing logical reasoning. Furthermore, this result connects the more intuitive natural deduction system to the more formalized Hilbert-style systems, which are well-suited for automated theorem proving, thus providing a strong foundation for the study and application of propositional logic.

6. Completeness

The completeness theorem in propositional logic states that for any consistent set of formulae $\mathsf{\Gamma }$ and a propositional formula p, if $\mathsf{\Gamma }$ semantically entails p ($\mathsf{\Gamma }$⊨ p), then p is syntactically derivable from $\mathsf{\Gamma }$ ($\mathsf{\Gamma }$⊢ p). In other words, the theorem asserts that if a formula is true in every model that makes all the formulae in $\mathsf{\Gamma }$ true, then there must be a formal proof of that formula using the axioms and inference rules of the logic system.

$\mathsf{\Gamma }\models p\Rightarrow \mathsf{\Gamma }⊢p$

The description of the completeness theorem in Coq is as follows.

Theorem complete : forall Γ p, Γ ⊨ p -> Γ ⊢ p.

In order to prove the completeness theorem, we utilize Henkin’s proof method. Proposed by Leon Henkin in 1949, this method represents a potent and innovative approach to validating the completeness theorem in both propositional and first-order logic. The key step in Henkin’s proof method for the completeness theorem in propositional logic is constructing the maximal consistent set from a consistent set. Prior to delineating Henkin’s method for constructing maximal consistent sets, it is pertinent to first define a maximal consistent set:

Definition maximal_consistent_set Γ :=
  consistency Γ /\ forall p, consistency (Γ∪[p]) -> p∈Γ.

In order to construct the maximal consistent set, it is necessary to import two libraries in Coq: Coq.Logic.Classical and Coq.Logic.Epsilon. The Classical library provides the axiom of the Law of Excluded Middle, stated as follows:

classic : forall P : Prop, P \/ ~ P.

In the Epsilon library, we have the following axiom:

epsilon_statement : forall (A : Type) (P : A -> Prop),
  inhabited A -> {x : A | (exists x0 : A, P x0) -> P x}.

These two imported libraries facilitate derivation of the strengthened version of the Law of Excluded Middle:

Theorem classicT : forall P:Prop, {P} + {~P}.

With this at our disposal, we can initiate the proof of completeness through the construction of the maximal consistent set. The Henkin Construction Method is described below.

• Henkin Construction Method

Enumerate all formulae: $\{{\psi }_0,{\psi }_1,{\psi }_2,\dots \}$. Then construct ${\mathsf{\Gamma }}^{\ast }$

$$\begin{array}{cc}\hfill {\mathsf{\Gamma }}_0& =\mathsf{\Gamma }\hfill \\ \hfill {\mathsf{\Gamma }}_{i+1}& =\left\{\begin{array}{cc}{\mathsf{\Gamma }}_i\cup \left\{{\psi }_{i+1}\right\},\hfill & \mathrm{if}\mathrm{consistent}\hfill \\ {\mathsf{\Gamma }}_i\cup \{\neg {\psi }_{i+1}\},\hfill & \mathrm{if}{\mathsf{\Gamma }}_i\cup \left\{{\psi }_{i+1}\right\}\mathrm{is}\mathrm{inconsistent}\hfill \\ {\mathsf{\Gamma }}_i,\hfill & \mathrm{otherwise}\hfill \end{array}\right.\hfill \\ \hfill {\mathsf{\Gamma }}^{\ast }& =\bigcup _{i=0}^{\infty }{\mathsf{\Gamma }}_i\hfill \end{array}$$

Suppose f is a bijection from the set of natural numbers to the set of all formulae (we prove the existence of such an f later), and $\mathsf{\Gamma }$ is a consistent set. Then, according to Henkin’s construction method, the extended set ${\mathsf{\Gamma }}_n$ is defined as follows:

Fixpoint mapf Γ n (f: nat -> Formula) : Ensemble Formula :=
  match n with
  | O => Γ
  | S m => match (classicT (consistency ((mapf Γ m f)∪[f m]))) with
           | left _ => mapf Γ m f ∪ [f m]
           | right _ => (mapf Γ m f)
           end 
end.

The provided code defines a function, $mapf$, which constructs an extension of the consistent set $\mathsf{\Gamma }$ using Henkin’s construction method. For each natural number n, it checks whether adding the formula $f_m$ to the set at step m preserves consistency. If it does, the formula is added to the set; otherwise, the set remains unchanged.

The definition of a maximal consistent set is then given as follows:

Definition maxmapf Γ f: Ensemble Formula :=
  fun p => exists n, p ∈ (mapf Γ n f).

The maxmapf definition then takes the union of all sets obtained from each iteration, resulting in the maximal consistent set.

6.1. Bijective Function between Nat and Formula

As mentioned earlier, in order to extend a consistent set to a maximal consistent set, it becomes imperative to affirm the existence of a bijection from the set of all natural numbers (nat) to the set of all formulae (Formula) to enumerate all formulae. The proof strategy is as follows:

• Prove the existence of an injection from nat to Formula.
• Prove the existence of an injection from Formula to nat.
• Invoke the Cantor–Bernstein–Schröeder theorem, which states that if there exists an injection from set A to set B and an injection from set B to set A, then there exists a bijection between A and B.

It is straightforward to establish an injection from nat to Formula (e.g., by mapping each natural number n to the propositional variable Var n). Thus, our next steps are to:

• Prove the existence of an injection from Formula to nat (i.e., demonstrate that Formula is countable).
• Prove the Cantor–Bernstein–Schröeder theorem.

By completing these steps, we prove the existence of a bijection between nat and Formula, which is essential to extend a consistent set to a maximal consistent set.

6.1.1. Formula Is Countable

Our goal is to prove that Formula is countable, indicating the presence of an injective function from Formula to nat. In order to describe and prove this goal in Coq, it is necessary to define concepts related to mappings. Provided below are definitions of injective, surjective, and bijective functions:

Definition function_injective {A B} (f: A -> B): Prop :=
  forall a1 a2, f a1 = f a2 -> a1 = a2.
Definition function_surjective {A B} (f: A -> B): Prop :=
  forall b, exists a, f a = b.
Inductive function_bijective {A B} (f: A -> B): Prop :=
  | fun_bij_intro : function_injective f -> function_surjective f
    -> function_bijective f.

Cao previously proposed a method for formalizing the countability of inductive types [40]. In this section, we refer to Cao’s method while proving the countability of formulae. To facilitate the application of this method to our proof of the Completeness Theorem, we employed function definitions for mapping types instead of relation definitions. For example, “injection A B” can be understood as “there exists an injective function from A to B”:

Record injection (A B: Type): Type := {
  inj_f:> A -> B;
  in_inj: function_injective inj_f
}.
Record surjection (A B: Type): Type := {
  sur_f:> A -> B;
  su_surj: function_surjective sur_f
}.
Record bijection (A B: Type): Type := {
  bij_f:> A -> B;
  in_bij: function_injective bij_f;
  su_bij: function_surjective bij_f
}.

We then define $Countable$:

Definition Countable (A: Type): Type := injection A nat.

The following definition constructs an injective function from a given bijective function f.

Definition bijection_injection {A B} (f: bijection A B): injection A B :=
  Build_injection _ _ f (in_bij _ _ f).

The following theorems allow us to reason the properties and relationships for mappings.

Theorem injection_trans {A B C} (f1: injection A B) (f2: injection B C):
  injection A C.
Theorem bijection_sym {A B} (f: bijection A B): bijection B A.

Injection_trans states the transitivity of injection. Bijection_sym states the symmetry of bijection.

The following definition shows that a certain set is countable when another set is countable.

Definition injection_Countable {A B} (R: injection A B) (CB: Countable B):
  Countable A := injection_trans R CB.

The following means $nat+nat$ and $nat\star nat$ are both countable.

Theorem nat2_nat_bijection: bijection (nat + nat) nat.
Theorem natnat_nat_bijection: bijection (nat ⋆ nat) nat.

Nat2_nat_bijection states that there exists a bijection between the sum type $nat+nat$ and $nat$. The sum type represents a disjoint union of two sets, so, in this case, it represents the union of two sets of natural numbers. A bijection between the sum type and natural numbers implies that the union of these two sets of natural numbers is countable, as there is a one-to-one correspondence between the elements of the union and the natural numbers.

Natnat_nat_bijection states that there exists a bijection between the product type $nat\star nat$ and $nat$. The product type represents a Cartesian product of two sets, so, in this case, it represents the set of all pairs of natural numbers. A bijection between the product type and natural numbers implies that the set of all pairs of natural numbers is countable, as there is a one-to-one correspondence between the elements of the Cartesian product and the natural numbers.

To establish the countability of $Formula$, we assign a rank to each Formula based on its structure:

Fixpoint rankF (p: Formula): nat :=
  match p with
  | Var _ => 0
  | Not x => 1 + rankF x
  | Imp x y => 1 + rankF x + rankF y
  end.

Our goal is to prove that for each n, the set of all Formulae with rank less than, or equal to, n is countable:

Lemma rankF_countable : forall n,
  Countable {x : Formula | rankF x <= n}.

After proving the countability of formulae with rank less than, or equal to, n for all n, we use the injection_Countable theorem to show that the Formula itself is countable:

Theorem Formula_contable : Countable Formula.
Proof.
  apply (@injection_Countable _ {n : nat & {x : Formula | rankF x <= n}}).
  ...
Qed.

By demonstrating that the Formula is countable, we lay the groundwork for our subsequent proof. Now, we proceed to prove the Cantor–Bernstein–Schröeder theorem.

6.1.2. Cantor–Bernstein–Schröeder Theorem

The Cantor–Bernstein–Schröeder theorem is a fundamental result in set theory. It asserts that if there exist injective functions $f:A\to B$ and $g:B\to A$ between sets A and B, then a bijective function $h:A\to B$ also exists. Our team previously formalized the Cantor–Bernstein–Schröeder theorem based on the Morse–Kelley axiomatic set theory (MK) [41,42]. However, the object language of propositional logic formulae, Formula, is an inductive type in Coq rather than a “Class” in MK. Consequently, we need to formalize the Cantor–Bernstein–Schröeder theorem for this specific situation. In the following, we present descriptions of essential definitions and lemmas required to prove the Cantor–Bernstein–Schröeder theorem.

Image of a function: Given a function f and a set M, the image of f acting on M is the set of all elements of the form f(a), where a ∈ M:

Inductive image_set {A B : Type} (f : A -> B) (M: Ensemble A) : Ensemble B :=
  image_intro : forall a, a ∈ M -> (f a) ∈ (image_set f M).

Inverse function: If for every x, $g\left(f\right(x\left)\right)=x$, then g is called the inverse function of f:

Definition function_rev {A B : Type} (f : A -> B) (g : B -> A) :=
  forall x, g (f x) = x.

Constructing an inverse function: Given a function f, we can construct its inverse function as follows:

Definition fun_rev {A B : Type} (f : A -> B) (a: A) (y: B) : A :=
 match (classicT (exists x, f x = y)) with
 | left l => proj1_sig (constructive_indefinite_description _ l)
 | right _ => a
 end.

If A is non-empty and f is an injective function from A to B, then f has an inverse function:

Lemma injection_funrev : forall {A B : Type} (f : A -> B),
  inhabited A -> function_injective f -> exists g, function_rev f g.

$Sectionbernstein$ proves the Cantor–Bernstein–Schröeder theorem. First, we state the preconditions of the theorem:

Section bernstein.
Context {A B : Type}
        (f : A -> B)
        (g : B -> A).
Hypothesis Inj_f : function_injective f.
Hypothesis Inj_g : function_injective g.
Hypothesis Inhabited_B : inhabited B.

For ease of proof, we provide the condition that B is non-empty for the convenience of the proof. This does not affect the application of the Cantor–Bernstein–Schröeder theorem to nat and Formula since Formula is evidently non-empty.

Now, we outline the proof of the Cantor–Bernstein–Schröeder theorem:

$$\begin{array}{cc}\hfill C_0& =A\backslash g\left[B\right]\hfill \\ \hfill C_{(n+1)}& =g\left[f\left[C_n\right]\right]\hfill \\ \hfill C^{\ast }& =\bigcup _{i=0}^{\infty }{C}_i\hfill \end{array}$$

Fixpoint Cn n : Ensemble A :=
  match n with
  | O => Complement _ (image_set g (Full_set B))
  | S n’ => image_set g (image_set f (Cn n’))
  end.
Let Cset : Ensemble A := fun x => exists n, x ∈ (Cn n).

For all a∈A, define h:

$$\begin{array}{cc}\hfill h\left(a\right)& =\left\{\begin{array}{cc}f\left(a\right),\hfill & \mathrm{if}\mathrm{a}\in C^{\ast }\hfill \\ g^{-1}\left(a\right),\hfill & \mathrm{if}\mathrm{a}\notin C^{\ast }\hfill \end{array}\right.\hfill \end{array}$$

The formulization of h follows:

Let g_rev := proj1_sig (constructive_indefinite_description _
(injection_funrev g Inhabited_B Inj_g)).
Let h a :=
  match (classicT (a∈Cset))with
  | left _ => f a
  | right _ => g_rev a
  end.

Finally, we verify that the constructed function h is a bijection, which completes the proof of the Cantor–Bernstein–Schröeder theorem.

Lemma Bernstein : function_bijective h.
 
Theorem Bernstein_Theorem : bijection A B.
Proof. apply (Build_bijection _ _ h); apply Bernstein. Qed.
End bernstein.

Having proven that Formula is countable and having proven the Cantor–Bernstein–Schröeder theoremwe are now in a position to demonstrate the existence of a bijection between nat and Formula.

Theorem bijection_nat_formula : bijection nat Formula.
Proof.
 pose proof @Bernstein_Theorem nat Formula.
 pose proof Formula_contable. destruct X.
 assert (@function_injective nat Formula (fun n => (Var n))).
 { hnf; intros. inversion H0; auto. }
 apply (H _ _ H0 in_inj). constructor. exact (Var 0).
Qed.

We use the proof of the Cantor–Bernstein–Schröeder theorem (Bernstein_Theorem) and the proof that Formula is countable (Formula_contable). We then show that the function $(f_n=v_n)$ is injective by constructing an injective function from nat to Formula. Finally, we apply the Cantor–Bernstein–Schröeder theorem to these functions, which results in a bijection between nat and Formula, as stated in the theorem bijection_nat_formula.

6.2. Proof of Competeness

As demonstrated earlier, there exists a bijection between nat and Formula, denoted by f. It can be easily proven that for any consistent set $\mathsf{\Gamma }$, the result obtained after applying the Henkin construction, “maxmapf $\mathsf{\Gamma }$ f,” is a maximal consistent set.

Assuming ${\mathsf{\Gamma }}^{\ast }$ is any maximal consistent set, we define a truth-function $v_m$.

$$\begin{array}{cc}\hfill v_m\left(p\right)& =\left\{\begin{array}{cc}true,\hfill & \mathrm{if}\mathrm{p}\in {\mathsf{\Gamma }}^{\ast }\hfill \\ false,\hfill & \mathrm{if}\mathrm{p}\notin {\mathsf{\Gamma }}^{\ast }\hfill \end{array}\right.\hfill \end{array}$$

Formally, it is defined as follows:

Definition valuemaxf Γ (p:Formula) : bool :=
    match (classicT (p ∈ Γ)) with
	     | left _ => true
	     | right _ => false
     end.

Lemma 1.

It can be verified that when Γ is a maximal consistent set, the truth-function $v_m$ constructed above is indeed a valuation.

Lemma 2.

Let p be any formula, and Γ be any maximal consistent set. Then, $v_m\left(p\right)=true$ if, and only if, $p\in \mathsf{\Gamma }$.

The formal description is as follows:

Lemma valuemaxfI : forall Γ, maximal_consistent_set Γ -> value (valuemaxf Γ).
Lemma valuemaxfII : forall Γ, maximal_consistent_set Γ ->
  forall p, (valuemaxf Γ) p = true <-> p ∈ Γ.

The proof steps for the completeness theorem are as follows:

• If $\mathsf{\Gamma }$ is not a consistent set, then $\mathsf{\Gamma }⊢p$ trivially holds. From now on, we only consider the case where $\mathsf{\Gamma }$ is a consistent set.
• Using proof by contradiction, assume that $\mathsf{\Gamma }⊢p$ does not hold. We only need to find a valuation that assigns true to all formulae in $\mathsf{\Gamma }$ but assigns false to p, which would contradict the assumption that $\mathsf{\Gamma }\models p$.
• Since $\mathsf{\Gamma }$ is a consistent set and $\mathsf{\Gamma }⊢p$ does not hold, it can be proven that $\mathsf{\Gamma }\cup \neg p$ is also a consistent set.
• Following the previously discussed method, we extend the consistent set $\mathsf{\Gamma }\cup \neg p$ to obtain the maximal consistent set ${\mathsf{\Gamma }}^{\prime }$.
• According to Lemma 1, the truth-function $v_m$ constructed from the maximal consistent set ${\mathsf{\Gamma }}^{\prime }$ is a valuation.
• According to Lemma 2, the valuation $v_m$ obtained in step 5 satisfies the conditions required in step 2, thus completing the proof of the completeness theorem.

Figure 3 shows the interactive window of the completeness theorem proof process in CoqIDE.

6.3. An Automated Proof Tactic for Propositional Logic

The completeness theorem shows semantic and syntactic inferences to be equivalent in the propositional systems. With the completeness theorem, we can translate the proof of propositions in propositional logic systems into computation, and then let the computer perform the tedious calculation process, thereby achieving automatic proof. By transforming syntactic inference into semantic inference, we can apply the previously discussed algorithm for semantic inference to automatically prove syntactic inference.

The Ltac $aut{o}_{P}logic$ tactic is defined as follows:

Ltac auto_Plogic := intros;
  match goal with
  | |- _ ⊢N _ => apply L_eq_N; auto_Plogic
  | |- _ ⊢L’ _ => apply F_to_L’; auto_Plogic
  | |- _ ⊢F _ => apply L_to_F; auto_Plogic
  | |- _ ⊢F’ _ => apply eq_FF’; auto_Plogic
  | |- forall x, ?Q => intros; auto_Plogic
  | |- _ ⊢ _ => apply complete; auto_Plogic
  | |- _ => autosemantic
  end.

The principle of the $auto\_Plogic$ tactic is that when the goal is a syntactic inference in system L, the completeness theorem is applied to transform the goal into a semantic inference, and to recursively call $auto\_Plogic$. When the goal is a syntactic inference in other formal systems, the equivalent theorems are applied to transform the goal into a syntactic inference in system L, and to recursively call $auto\_Plogic$. When the goal is a semantic inference, the semantic inference proof tactic $autosemantic$ is applied. At this point, all tautologies, internal theorems and semantic and syntactic inferences of well-formed formulae in propositional logic can be proven using the $auto\_Plogic$ tactic.

Figure 4 shows the interactive proof window for proving some syntactic and semantic inferences using the auto_Plogic tactic.

6.4. Compactness

The Compactness Theorem is an important result in propositional logic. It establishes a relationship between finite and infinite sets of formulae, stating that for all sets of formulae $\mathsf{\Gamma }$ and a formula p,$\mathsf{\Gamma }$ semantically entails p ($\mathsf{\Gamma }\models p$) if, and only if, there exists a finite subset $\mathsf{\Gamma }$′ of $\mathsf{\Gamma }$, such that $\mathsf{\Gamma }$′ semantically entails p ($\mathsf{\Gamma }$′ ⊨ p). The formal description is as follows:

Theorem compactness : forall Γ p, Γ ⊨ p <->
  exists Γ’ ,Γ’ ⊆ Γ /\ Finite  Γ’ /\ Γ’ ⊨ p.

In the context of proof strategies, the Compactness Theorem can be divided into two parts:

⇒ :

$\mathsf{\Gamma }$⊨ p ⇒∃$\mathsf{\Gamma }$’ , $\mathsf{\Gamma }$’ ⊆$\mathsf{\Gamma }$∧ Finite _ $\mathsf{\Gamma }$’ ∧$\mathsf{\Gamma }$’⊨ p.

It can be derived using the Completeness Theorem.

⇐ :

∃$\mathsf{\Gamma }$’ , $\mathsf{\Gamma }$’ ⊆$\mathsf{\Gamma }$∧ Finite _ $\mathsf{\Gamma }$’ ∧$\mathsf{\Gamma }$’⊨ p ⇒$\mathsf{\Gamma }$⊨ p.

The Compactness Theorem has an important corollary as follows:

Theorem (compactness_consistency): For all sets of formulae $\mathsf{\Gamma }$, $\mathsf{\Gamma }$ is consistent if, and only if, for all finite subsets $\mathsf{\Gamma }$′ of $\mathsf{\Gamma }$, $\mathsf{\Gamma }$′ is consistent. The formal description of it is as follows:

Theorem compactness_consistency : forall Γ, consistency Γ <->
  (forall Γ’ , Γ’ ⊆ Γ -> Finite _ Γ’ -> consistency Γ’).

This corollary of the Compactness Theorem relates the consistency of a set of formulae $\mathsf{\Gamma }$ to the consistency of its finite subsets. This result highlights the connection between the consistency of an infinite set of formulae and the consistency of its finite subsets, which is a significant observation in the study of propositional logic.

7. Results and Discussion

Through this research, we achieved a notable advancement in the field of mathematical formalization by successfully formalizing propositional logic in the Coq proof assistant. In the following sections, we articulate the salient outcomes of our research, delve into their implications, and discuss how these results could be practically applied within areas such as mathematical formalization, the creation of propositional logic elements, and the verification of security within software and hardware systems.

7.1. Results

Our research culminated in a number of substantial achievements:

• We accomplished the formalization of the language, semantics, and syntax of propositional logic in Coq, resulting in a reusable Coq library.
• We designed and validated the equivalences of four distinct Hilbert-style axiom systems alongside a natural deduction system within the scope of propositional logic.
• We formalized and demonstrated the proofs for pivotal meta-theorems within propositional logic, including, but not limited to, the Deduction Theorem, Soundness Theorem, Completeness Theorem, and Compactness Theorem.
• We presented an automated Coq tactic, which can prove all tautologies, internal theorems and the majority of syntactic and semantic inferences within the propositional logic systems.

Comparison with other related work:

• Michaelis and Nipkow formalized a range of proof systems for classical propositional logic [38] (sequent calculus, natural deduction, Hilbert systems, resolution) in Isabelle/HOL and proved the most significant meta-theoretic results, including compactness, soundness, completeness, translations between proof systems, cut–elimination, interpolation, and model existence. While their work was conducted within Isabelle/HOL, our project was executed in Coq, with a different definition for formulae and varying deductive systems under study. Both Coq and Isabelle/HOL offer powerful suites of automation tools and tactics to assist proof construction, but Coq’s Ltac may present enhanced flexibility, enabling the creation of more intricate custom tactics. Within this context, we developed automated proof strategies for propositional logic systems based on Coq’s Ltac.
• Van Doorn formalized key theorems about classical propositional logic using the Coq proof assistant [39]. Both our work and Van Doorn’s aimed to formalize propositional logic in the Coq theorem prover. The primary difference lies in our respective system definitions: where Van Doorn used lists to define sets, we used Ensembles, an approach that effectively narrows the gap between formalized code and manual proofs. Furthermore, we introduced an automated Coq tactic to accomplish automatic proofs within propositional logic systems.

7.2. Discussion

The fruits of our research bear implications for various domains [43]:

Mathematical Formalization: Our formalization of propositional logic creates a robust foundation for future mathematical theories, streamlining the formalization process and fortifying the accuracy of proofs through the formal proofs of key meta-theorems and the automated Coq tactic developed. For instance, one can define $⊢p\leftrightarrow q$ as the equivalence of two formulae p and q based on the findings in this paper, which quickly leads to an instance of Lindenbaum algebra. The formalized construction of Hinkin’s maximal consistent set can also be applied to the formalization of the completeness theorem in first-order logic. The formalization of sets, mappings, and the Bernstein theorem provides a foundation for the formalization of mathematical theories, such as set theory and algebra.

Program/Software Verification: From a practical perspective, our formalization enables the precise expression and verification of properties in software programs [35,44]. Propositional logic can serve as a cornerstone for constructing and understanding Hoare logic. For instance, the precondition and postcondition in Hoare logic are often expressed as formulae in propositional logic. Additionally, some of Hoare logic’s inference rules can be viewed as an extension or application of propositional logic’s inference rules. Hoare logic, a system specifically designed for program correctness proof, uses a structure called Hoare triples to describe the behavior of programs and logical reasoning to verify if this behavior meets expectations.

Hardware Security Verification: Our robust formalization of propositional logic and automated tactics for proving semantic inferences could significantly aid in verifying the correctness of hardware systems. For instance, we could formalize elements like AND gates, OR gates, and NOT gates in circuits as Boolean functions in propositional logic semantics and, subsequently, formalize the circuit system. By providing a formal proof of system correctness, this ensures that the system is free from logical errors that might lead to security vulnerabilities [11].

In conclusion, this research’s findings open new avenues for advanced applications in mathematical formalization and system security verification, making it a valuable resource for both academia and industry. Future endeavors will be directed towards improving the automated proof tactics and extending the scope of formalization to encompass more intricate logical systems.

8. Conclusions and Future Work

This paper presents a comprehensive formalization of propositional logic using the Coq interactive theorem prover. We meticulously tackled the language, semantics, and syntax of propositional logic, constructing four Hilbert-style axiom systems and a natural deduction system, and established their equivalences through rigorous proofs. Moreover, we provided formal proofs for crucial meta-theorems in propositional logic, including the Deduction Theorem, Soundness Theorem, Completeness Theorem, and Compactness Theorem.

To support Henkin’s proof of the Completeness Theorem, we established a bijective function between all formulae and all natural numbers. During this process, we formalized concepts related to mappings and countability, and we provided a formal proof of the Cantor–Bernstein–Schröder theorem. This result holds significant implications for the exploration of propositional logic and its relationships with other mathematical domains.

The Completeness Theorem demonstrates the equivalence of semantic and syntactic inference in propositional systems. With the Completeness Theorem, we can translate the proof of propositions in propositional logic systems into computation, thereby facilitating their automatic execution by computers. We implemented this automated proof algorithm by devising an automated Coq tactic, enabling the automatic verification of all tautologies, internal theorems and the majority of syntactic and semantic inferences within the system, significantly reducing manual effort in the theorem-proving process. This unequivocally demonstrates that propositional logic is decidable.

Our research contributes a versatile and reusable Coq library for propositional logic, offering a robust foundation for numerous applications. This library is particularly valuable in the fields of mathematical formalization and the verification of software and hardware security. The complete source files containing the Coq formalization and proofs in this paper are accessible at: https://github.com/guodk/A-Comprehensive-Formalization-of-Propositional-Logic-in-Coq, accessed on 21 April 2023 .

Looking forward, potential avenues for future research include extending the formalization to cover other logical systems, such as predicate logic, modal logic, and temporal logic. Moreover, there is an opportunity to explore the integration of our Coq library with other formal verification tools, such as model checkers and static analyzers, to facilitate the development of secure and reliable software and hardware systems. Finally, our work can be used as a foundation for the study of satisfiability and complexity aspects of propositional logic, which could contribute to a deeper understanding of the inherent computational limitations and possibilities within the realm of formal reasoning.