Keywords
Computer Science and Digital Science
 A2.1.4. Functional programming
 A2.1.11. Proof languages
 A2.4.3. Proofs
 A3.1.1. Modeling, representation
 A7. Theory of computation
 A7.2. Logic in Computer Science
Other Research Topics and Application Domains
 B7. Transport and logistics
1 Team members, visitors, external collaborators
Research Scientists
 Gilles Dowek [Team leader, Inria, Senior Researcher, HDR]
 Pablo Arnault [Inria, Researcher, from Oct 2021]
 Bruno Barras [Inria, Researcher]
 Frédéric Blanqui [Inria, Researcher, HDR]
 Valentin Blot [Inria, Researcher]
 JeanPierre Jouannaud [Inria, Emeritus, HDR]
 Luidnel Maignan [Univ ParisEst Marne La Vallée, Researcher, from Sep 2021]
 Renaud Vilmart [Inria, Starting Faculty Position]
PostDoctoral Fellow
 Pierre Vial [Inria]
PhD Students
 Louise Dubois De Prisque [Inria]
 Mohamed Yacine El Haddad [CNRS, until Jul 2021]
 Thiago Felicissimo Cesar [Univ ParisSaclay, from Oct 2021]
 Emilie Grienenberger [Ecole normale supérieure ParisSaclay]
 Gabriel Hondet [Inria]
 Amelie Ledein [Inria]
Technical Staff
 Boris Djalal [Inria, Engineer]
Interns and Apprentices
 Pauline Bonnet [CNRS, from Sep 2021]
 Aurelien Castre [Inria, from Jul 2021 until Aug 2021]
 Corentin Chabanol [Centrale Supelec, Intern, L3]
 Luc Chabassier [Inria, from Apr 2021 until Jul 2021]
 Loris Cros [Centrale Supelec, Intern, M1]
 Thiago Felicissimo Cesar [Inria, from Mar 2021 until Aug 2021]
 Yoan Geran [Inria, from Mar 2021 until Aug 2021]
 Yann Leray [Inria, from Mar 2021 until Jul 2021]
 Thomas Traversié [Centrale Supelec, Intern, M1]
 Oleksii Tsokurov [Inria, from May 2021 until Aug 2021]
Administrative Assistant
 Alexandra Merlin [Inria]
External Collaborators
 Pablo Arrighi [Univ ParisSaclay, HDR]
 Guillaume Burel [Ecole nationale supérieure d'informatique pour l'industrie et l'entreprise]
 Catherine Dubois [Ecole nationale supérieure d'informatique pour l'industrie et l'entreprise, HDR]
 Yoan Géran [ École Nationale Supérieure des Mines de Paris, From Sep 2021]
 Olivier Hermant [École Nationale Supérieure des Mines de Paris ]
 Stéphane Lengrand [SRI International  USA, until Jul 2021]
2 Overall objectives
2.1 Objectives
The projectteam investigates the design of logical frameworks, in order to ensure interoperability between proof systems, and to the development of systemindependent proof libraries. To achieve these goals, we develop
 a logical framework Dedukti, where several theories can be expressed,
 tools to import proofs developed in external proof systems to Dedukti theories,
 tools to translate proofs from one Dedukti theory to another,
 tools to export proofs expressed in Dedukti theories to an external proof system,
 tools to prove the confluence, the termination, and the consistency of theories expressed in Dedukti,
 tools to develop proofs directly in Dedukti,
 an encyclopedia Logipedia of proofs expressed in various Dedukti theories.
2.2 History
The idea that systems such as Euclidean geometry or set theory should be expressed, not as independent systems, but in a logical framework appeared with the design of the first logical framework: predicate logic, in 1928. Later, several more powerful logical frameworks have been designed: $\lambda $prolog, Isabelle, the Edinburgh logical framework, Pure type systems, and Deduction modulo theory.
The logical framework that we use is a simple $\lambda $calculus with dependent types and rewrite rules, called the $\lambda \Pi $calculus modulo theory, and also the MartinLöf logical framework, and it generalizes all the mentioned frameworks. It is implemented in the system Dedukti.
The first version of Dedukti was developed in 2011 by Mathieu Boespflug 35. From 2012 to 2015, new versions of Dedukti were developed and several theories were expressed in Dedukti, allowing to import proofs developed in Matita (with the tool Krajono), HOL Light (with the tool Holide), FoCaLiZe (with the tool Focalide), iProver, and Zenon, totalizing several hundred of megabytes of proofs. The development of Dedukti has now been completed.
We now focus on the translation of proofs from one Dedukti theory to another and to the exporting of proofs to other proof systems. In particular the Matita arithmetic library has been translated to a much weaker theory: constructive simple type theory, allowing to export it to Coq, Lean, PVS, HOL Light, and Isabelle/HOL. In the same way, the first book of Euclids elements, formalized in Coq has been exported to these systems as well. This led us to develop an online proof repository Nubo and an online encyclopedia Logipedia, allowing to share and browse this library.
We also focus on the development of new theories in Dedukti.
Finally, we develop an interactive theorem prover Lambdapi based on the same formalism as Dedukti. This interactive theorem prover is also used as a tool in the process of translating proofs from PVS and from automated theorem provers.
3 Research program
3.1 Logical Frameworks
A thesis, which is at the root of our research effort, is that logical systems should be expressed as theories in a logical framework. As a consequence, proofchecking systems should not be focused on one theory, such as Simple type theory, MartinLöf's type theory, or the Calculus of constructions, but should be theory independent. On the more theoretical side, the proof search algorithms, or the algorithmic interpretation of proofs should not depend on the theory in which proofs are expressed, but this theory should just be a parameter. This is for instance expressed in the title of our invited talk at ICALP 2012: A theory independent CurryDe BruijnHoward correspondence36.
Various limits of Predicate logic have led to the development of various families of logical frameworks: $\lambda $prolog and Isabelle have allowed terms containing free variables, the Edinburgh logical framework has allowed proofs to be expressed as $\lambda $terms, Pure type systems have allowed propositions to be considered as terms, and Deduction modulo theory has allowed theories to be defined not only with axioms, but also with computation rules.
The $\lambda \Pi $calculus modulo theory, that is implemented in the system Dedukti and that is a synthesis of the Edinburgh logical framework and of Deduction modulo theory, subsumes them all.
3.2 Interoperability and proof encyclopediae
Using a single prover to check proofs coming from different systems naturally leads to investigate how these proofs can be translated from one theory to another and used in a system different from the system in which they have been developed. This issue is of prime importance because developments in proof systems are getting bigger and, unlike other communities in computer science, the proof checking community has given little effort in the direction of standardization and interoperability.
For each proof, independently of the system in which it has been developed, we should be able to identify the systems in which it can be expressed. For instance, we have shown that many proofs developed in the Matita prover did not use the full strength of the logic of Matita and could be exported, for instance, to the systems of the HOL family, that are based on a weaker logic.
Rather than importing proofs from one system, transforming them, and exporting them to another system, we can use the same tools to develop a systemindependent online repository of proofs Nubo and even a systemindependent proof encyclopedia Logipedia. In such a repository, each proof is labeled with the theories in which it can be expressed and so with the systems in which it can be used.
3.3 Interactive theorem proving
We also want to investigate how the $\lambda \Pi $calculus modulo theory can be used as the basis of an interactive theorem prover. This leads to two new scientific questions: first, how much can a tactic system be theory independent, and then how does rewriting extends the possibility to write tactics.
This has led to the development of Lambdapi, which is an interactive theorem prover for the $\lambda \Pi $calculus modulo theory. Several tactics have been developed for this system, which are intended to help a human user to write proofs in our system instead of writing proof terms by hand.
3.4 Proof automation
Interoperability between interactive and automatic theorem provers can be fruitful to both systems: results coming from automatic solvers can be checked by a thirdparty software with an identified kernel, and interactive provers can benefit from more automation. We are pushing towards this last application by extending the SMTCoq plugin for the Coq proof assistant with new logical transformations that encode Coq goals into firstorder logic, which is the input logic of the class of automatic provers called SMT solvers.
4 Application domains
4.1 Interoperability
Our main impact applications, for instance to proofs of programs, or to air traffic control, are through our cooperation with other teams.
We view our work on interoperability and on the design of a formal proof encyclopedia as a service to the formal proof community.
5 Highlights of the year
5.1 Awards
Frédéric Blanqui's European COST project EuroProofNet has been accepted. EuroProofNet is the European research network on digital proofs. It aims at boosting the interoperability and usability of proof systems. It started on November 2021 and already gathers more than 220 researchers from 30 different countries. EuroProofNet organizes meetings and schools, and provides grants to its members for shortterm scientific missions in another lab or country.
Frédéric Blanqui and Gabriel Hondet published a new release of the proof assistant Lambdapi. Lambdapi has been used in various works and, in particular, in Quentin Garchery's PhD 38.
Yacine El Haddad defended his PhD thesis on the integration of automated theorem provers in proof assistants 23.
Gilles Dowek and Alejandro DíazCaro have received the Best paper award (shared with another paper) at the 18th International Colloquium on Theoretical Aspects of Computing.
Renaud Vilmart received an accessit to the 2020 Gilles Kahn Ph.D. thesis award.
Yoan Géran has received the Best student paper award at the 46th International Symposium on Mathematical Foundations of Computer Science.
5.2 New software
5.2.1 Lambdapi

Keywords:
Dependent types, Rewriting, Proof assistant

Functional Description:
Lambdapi is an interactive proof development system featuring dependent types like in MartinLőf’s type theory, but allowing to define objects and types using oriented equations, aka rewriting rules, and reason modulo those equations. This allows to simplify some proofs, and formalize complex mathematical objects that are otherwise impossible or difficult to formalize in more traditional proof systems.
Lambdapi comes with Emacs and VSCode support.
Lambdapi can also read and output Dedukti files, and can thus be used as an higherlevel intermediate language for translating proofs from one system to Dedukti.
Lambdapi is a logical framework and does not come with a predefined logic. However, it is easy to define a logic by declaring a few symbols and rules. A library of predefined logic is also provided.
Here are some of the features of Lambdapi:  Emacs and VSCode plugins (based on LSP)  support for unicode (UTF8) and userdefined infix operators  symbols can be declared commutative, or associative and commutative  some arguments can be declared as implicit: the system will try to find out their value automatically  symbol and rule declarations are separated so that one can easily define inductiverecursive types or turn a proved equation into a rewriting rule  support for interactive resolution of typing goals, and unification goals as well, using tactics  a rewrite tactic similar to the one of SSReflect in Coq  the possibility of calling external automated provers  a command is provided for automatically generating an induction principle for (mutually defined) strictlypositive inductive types  Lambdapi can call external provers for checking the confluence and termination of userdefined rewriting rules by translating them to the XTC and HRS formats used in the termination and confluence competitions
 URL:

Contact:
Frederic Blanqui
5.2.2 Dedukti

Keyword:
Logical Framework

Functional Description:
Dedukti is a proofchecker for the LambdaPicalculus modulo. As it can be parametrized by an arbitrary set of rewrite rules, defining an equivalence relation, this calculus can express many different theories. Dedukti has been created for this purpose: to allow the interoperability of different theories.
Dedukti's core is based on the standard algorithm for typechecking semifull pure type systems and implements a stateoftheart reduction machine inspired from Matita's and modified to deal with rewrite rules.
Dedukti's input language features term declarations and definitions (opaque or not) and rewrite rule definitions. A basic module system allows the user to organize his project in different files and compile them separately.
Dedukti features matching modulo beta for a large class of patterns called Miller's patterns, allowing for more rewriting rules to be implemented in Dedukti.
 URL:
 Publications:

Contact:
François Thiré

Participants:
François Thiré, Gaspard Ferey, Guillaume Genestier, Rodolphe Lepigre
5.2.3 personoj

Keywords:
PVS, Automated theorem proving, Dedukti, Machine translation

Functional Description:
Personoj comprises a set of PVS patches that may be used to export PVS specifications (propositions and definitions) or to export successive sequents of a proof to lambdapi. Another program is able to process these sequents and call automated theorem provers through Why3 to prove the implications of the successive sequents.

Contact:
Gabriel Hondet
5.2.4 Agda2Dedukti

Keywords:
Compilation, Proof assistant, Higherorder logic, Rewriting systems

Functional Description:
Translation of Agda proofs to the Logical Framework Dedukti.
 URL:

Contact:
Guillaume Genestier

Partner:
Chalmers University
5.2.5 Coqine

Name:
Coq In dEdukti

Keywords:
Higherorder logic, Formal methods, Proof

Functional Description:
CoqInE is a plugin for the Coq software translating Coq proofs into Dedukti terms. It provides a Dedukti signature file faithfully encoding the underlying theory of Coq (or a sufficiently large subset of it). Current development is mostly focused on implementing support for Coq universe polymorphism. The generated ouput is meant to be typecheckable using the latest version of Dedukti.
 URL:

Contact:
Guillaume Burel
5.2.6 Krajono

Keyword:
Proof

Functional Description:
Krajono translates Matita proofs into Dedukti[CiC] (encoding of CiC in Dedukti) terms.

Contact:
François Thiré
5.2.7 Holide

Keyword:
Proof

Functional Description:
Holide translates HOL proofs to Dedukti[OT] proofs, using the OpenTheory standard (common to HOL Light and HOL4). Dedukti[OT] being the encoding of OpenTheory in Dedukti.
 URL:

Contact:
Guillaume Burel
5.2.8 Logipedia

Name:
Logipedia

Keywords:
Formal methods, Web Services, Logical Framework

Functional Description:
Logipedia is composed of two distinct parts: 1) A backend that translates proofs expressed in a theory encoded in Dedukti to other systems such as Coq, Lean or HOL 2) A frontend that prints these proofs in a "nice way" via a website. Using the website, the user can search for a definition or a theorem then, download the whole proof into the wanted system.
Currently, the available systems are: Coq, Matita, Lean, PVS and OpenTheory. The proofs comes from a logic called STTForall.
In the long run, more systems and more logic should be added.

Release Contributions:
This is the beta version of Logipedia. It implements the functionalities mentioned above.
 URL:

Contact:
François Thiré
5.2.9 nubo

Name:
Nubo

Keywords:
Interoperability, Proof

Functional Description:
Nubo is a repository of formal proofs for computer scientists and mathematicians. Nubo aims to leverage the interoperability issues raised by the substantial quantity of proof systems. To do so, it relies on a formalism in which many proofs of other systems can be stated. This formalism allows to translate formal developements to and fro foreign systems. Nubo stores, classifies and serves those formal developments expressed in this general formalism. As such, developers may exchange their proofs, whatever their favourite system is.
 URL:

Contact:
Gabriel Hondet
5.2.10 ekstrakto

Keywords:
TPTP, TSTP, Proof assistant, Dedukti

Functional Description:
Extracting TPTP problems from a TSTP trace. Proof reconstruction in Dedukti from TSTP trace.
 URL:

Contact:
Mohamed Yacine El Haddad
5.2.11 Zenon Modulo

Keywords:
Firstorder logic, Automated theorem proving, Deduction Modulo

Functional Description:
Zenon Modulo is an extension of the automated theorem prover Zenon. Compared to Super Zenon, it can deal with rewrite rules both over propositions and terms. Like Super Zenon, Zenon Modulo is able to deal with any firstorder theory by means of a similar heuristic.
 URL:

Contact:
Pierre Halmagrand
5.2.12 CoLoR

Name:
Coq Library on Rewriting and termination

Keywords:
Coq, Formalisation

Functional Description:
CoLoR is a Coq library on rewriting theory and termination. It provides many definitions and theorems on various mathematical structures (quasiordered sets, relations, ordered semirings, etc.), data structures (lists, vectors, matrices, polynomials, finite graphs), term structures (strings, firstorder terms, lambdaterms, etc.), transformation techniques (dependency pairs, semantic labeling, etc.) and (non)termination criteria (polynomial and matrix interpretations, recursive path ordering, computability closure, etc.).
 URL:
 Publications:

Authors:
Frederic Blanqui, Sebastien Hinderer

Contact:
Frederic Blanqui
5.2.13 SizeChangeTool

Keywords:
Rewriting systems, Proof assistant, Termination

Functional Description:
A terminationchecker for higherorder rewriting with dependent types.
Took part in the Termination Competition 2018 ( http://terminationportal.org/wiki/Termination_Competition_2018 ) in the "HigherOrder Rewriting (union Beta)" category.
 URL:

Contact:
Guillaume Genestier

Partner:
Mines ParisTech
5.2.14 SKonverto

Name:
SKonverto

Keywords:
Skolemization, Firstorder logic, Proof assistant

Functional Description:
SKonverto is a tool that transforms Lambdapi proofs containing Skolem symbols into proofs without these symbols.
 URL:

Contact:
Mohamed Yacine El Haddad
6 New results
6.1 Development of Lambdapi
Participants: Frédéric Blanqui, Luc Chabassier, Loris Cros, Gabriel Hondet, Thomas Traversié.
Frédéric Blanqui and Gabriel Hondet published a new release of Lambdapi. Lambdapi is a proof assistant for the λΠcalculus modulo rewriting. It extends Dedukti with metavariables, implicit arguments, etc. and an interactive proof mode for solving typing and unification goals using tactics. Typing goals corresponding to firstorder formulas can be discharged by calling external automated theorem provers via the Why3 library. Lambdapi can read and output Dedukti files and can thus be used as an intermediate higherlevel language for translating proofs from one system to Dedukti.
Many improvements have been made on Lambdapi in 2021: parser generator changed to Menhir; generation of induction principles extended to parametrized strictlypositive types; addition of the tactics induction, admit and generalize; addition of associative and commutative symbols; addition of structured proof scripts (Aurélien Castre's internship), improvement of the Emacs and VSCode interface (Ashish Kumar Barnawal).
Lambdapi has been used in 2021 by:
 Luc Chabassier in his master internship to formalize a translation of extensional type theory in MartinLöf's type theory extended with functional extensionality and uniqueness of identity proofs (Streicher's axiom K).
 Thomas Traversié in his internship to formalize set theory.
 Quentin Garchery in his PhD work for verifying Why3 transformation certificates 38. He also developped a Lambdapi library on binary integers.
Loris Cros, in his internship supervised by Bruno Barras, has continued developing algorithms to check criterions related to confluence of rewrite systems in Dedukti. He also started the implemtation of a completion algorithm in order to deal with rewriting modulo associativity and commutativity (AC).
6.2 Theory of λΠcalculus modulo rewriting and other logical formalisms
Participants: Frédéric Blanqui, Gilles Dowek, JeanPierre Jouannaud.
Gilles Dowek has investigated a alternative presentation of Pure Type Systems, where the notion of wellformed context has been dropped. This work has been published in the proceedings of Logical Frameworks and MetaLanguages 31.
Frédéric Blanqui has investigated and implemented in Lambdapi how to encode type universes without using matching modulo associativity and commutativity, which is complex to implement. It is based on a technique introduced in 34.
Gilles Dowek, Gaspard Férey, JeanPierre Jouannaud, Jiaxiang Liu have investigated confluence criterions for nonterminating HigherOrder Rewrite Theories.
6.3 New theories in the λΠcalculus modulo rewriting
Participants: Bruno Barras, Frédéric Blanqui, Valentin Blot, Luc Chabassier, Gilles Dowek, Thiago Felicissimo, Yoan Géran, Émilie Grienenberger, Olivier Hermant, Gabriel Hondet, Amélie Ledein, Yann Leray, Thomas Traversié.
Frédéric Blanqui, Gilles Dowek, Émilie Grienenberger, Gabriel Hondet, and Francois Thiré have studied a theory in Dedukti, called U, that enables to express proofs in various theories (constructive and non constructive predicate logic, constructive and non constructive simple type theory, with and without polymorphism, with and without predicate subtyping, the Calculus of constructions, etc.) and shown that each of these theories corresponds to a selection of axioms in the theory U. This paper has been published in the proceedings of Formal Structures for Computation and Deduction 14.
During his Master internship, Luc Chabassier implemented in lambdapi a translation from the Extensional Type Theory (ETT) to Intensional Type Theory (ITT), inspired from the paper "Eliminating Reflection From Type Theory" (Winterhalter, Sozeau et Tabareau) 42. In contrast to what the authors did, his translation his welltyped by construction, rather than building an untyped term that has to be proved correct after the fact.
During his Master internship, Thiago Felicissimo worked on the translations from the proof assistant Agda to Dedukti and Lambdapi. In particular, he showed how to translate copattern matching coinduction 32, and implemented this in the tool Agda2Dedukti.
Gabriel Hondet and Frédéric Blanqui showed how to encode in the λΠcalculus modulo rewriting, predicate subtyping and proof irrelevance, two important features of the PVS proof assistant. They proved that this encoding is correct and that encoded proofs can be mechanically checked by Dedukti, a type checker for the λΠcalculus modulo theory using rewriting 39.
Luc Chabassier has started a Phd, supervised by Bruno Barras and Gilles Dowek, which goal is to study new approaches to formalize Category Theory in proof assistants, potentially exploiting the rewriting features of Dedukti.
Yoan Géran has started a Phd, supervised by Olivier Hermant and Gilles Dowek, on reverse mathematics in Dedukti. His objective is to refine the translation framework from Coq to Dedukti with a focus on universes, to develop the corresponding tool, Vodk, along with reverse mathematics techniques to analyze and minimize the Dedukti proofs.
Thomas Traversié, during his internship supervised by Valentin Blot and Gilles Dowek, implemented set theory in Lambdapi. In particular, he encoded sets by a structure of pointed graphs, following the lines given in the paper "Cut elimination for Zermelo set theory" (Dowek and Miquel) 37.
Yann Leray improved and developed the translations from the proof assistant Isabelle to Lambdapi and Dedukti 30.
During her thesis, which started in October 2020, Amélie Ledein is interested in the verification of formal semantics proofs (such as the proof that a language is deterministic or the socalled subject reduction property) of programming languages as well as the reuse of these proofs in another proof assistant. A first result obtained concerns the translation of K, a framework for defining formal semantics of programming languages from which different tools are automatically derived, into Dedukti. The implementation of this translation, named KaMeLo, is available here. This work was presented during an LVP research day in 2021, and will be published at the JFLA national conference in June 2022.
6.4 Translation from one theory to another
Participants: Frédéric Blanqui, Guillaume Burel, Yacine El Haddad, Gabriel Hondet.
Gabriel Hondet investigated how to translate theories with implicit subtyping into Lambdapi without translating the subtyping derivations. The framework has been modified to be able to synthesise back the subtyping derivations using a generic coercion insertion algorithm. The mechanism has been implemented in the tool Personoj and tested on the translation of the standard library of PVS.
Yacine El Haddad, Guillaume Burel and Frédéric Blanqui showed the correctness of a deskolemization transformation consisting in building a proof in a deep encoding of natural deduction in the λΠcalculus modulo rewriting of a firstorder formula from a proof of its skolemization. This transformation has been implemented in the tool SKonverto.
Yacine El Haddad defended his PhD thesis on the integration of automated theorem provers in proof assistants 23. His contributions are:
 Calling external provers. Since the provers do not use the same logic and system as the proof assistant, we elaborated a translation between Lambdapi’s logic which is the λΠcalculus Modulo Theory and the provers’ logic which is firstorder logic. This translation is implemented inside Lambdapi as part of its tactic language. Moreover, we showed that this translation is correct, i.e., if there is a proof of the translation of a formula in firstorder logic, then there is a proof of that formula in the λΠcalculus Modulo Theory.
 Reconstructing proofs. Proof assistants do not always support the output of external provers. However, for some proof assistants, there is a prover that outputs a format supported by that proof assistant. This is the case of Lambdapi with ZenonModulo and ArchSAT, and Coq with Zenon. We designed an architecture to reconstruct proofs generated by provers into Lambdapi by detecting which information is missing and asking a prover supported by Lambdapi to generate that missing information. The proposed solution does not depend on a specific prover and can reconstruct a considerable amount of proofs. The output format of the provers chosen is TSTP since it is the standard format used to test automated theorem provers. This solution is implemented as an independent tool named Ekstrakto.
 Transforming Skolemized proofs. Provers can use many techniques to prove a formula, and one of these techniques is Skolemization. This transformation step transforms the original formula into an equisatisfiable but not syntactically equivalent formula. We implemented an algorithm that transforms the proof of the new formula into a proof of the original one. The presented algorithm is proved correct and could be used separately if the proof fits a particular specification. This algorithm is implemented as a tool named SKonverto, which could be used with Ekstrakto to build proofs in Lambdapi.
Yoan Géran, during his internship, has analyzed the GeoCoq proof library, that contain the proofs of Euclid's Elements, book I. He has shown that it can be shrinked from the Calculus of Constructions with universes to fit in a logic as weak as predicate logic. Through the tools developed at Deducteam, this allowed GeoCoq to be exported to 7 systems : HOL Light, Lean, Matita, OpenTheory (hence Isabelle/HOL and HOL4), and PVS.
6.5 Automation for the Coq proof assistant
Participants: Valentin Blot, Louise Dubois de Prisque, Pierre Vial.
In order to automatize the Coq proof assistant, tactics which send a firstorder goal to SMT solvers are available in the SMTCoq plugin.
Valentin Blot, Louise Dubois de Prisque and Pierre Vial, with the external collaboration of Chantal Keller, developed a new Coq automatic tactic15 which generates and proves firstorder statements about Coq terms (datatypes and functions). This enriches the semantics of information transmitted to SMTCoq and increases automation in the Coq proof assistant.
This tactic snipe is modular and combines independent transformations, which allows incremental development.
6.6 Theory of inductive definitions
Participants: Catherine Dubois, Amélie Ledein.
Catherine Dubois, Amélie Ledein and Mathieu Montin (Loria) have developed the LIBNDT library, implemented both in Agda and Coq, concerning a class of nested inductive types. This library proposes a generic type LNDT (linked nested datatype) of which some common data types (List, Maybe, Nest and even Bush  in Agda only for the latter) can be constructed as various instances. A paper has been accepted for publication in the international workshop MSFP 2022 (Mathematically Structured Functional Programming).
6.7 Quantum Computing
Participants: Pablo Arnault, Gilles Dowek, Renaud Vilmart.
Gilles Dowek and Alejandro DíazCaro have investigated an extension of propositional logic with a new connective, called sup, that has the introduction rules of the conjunction and the elimination rules of the disjunction and shown that this connective enables to model nondeterministic and nonreversible processes such as quantum measurement. This work 25 has been published in the proceedings of the 18th International Colloquium on Theoretical Aspects of Computing, where it has received the Best paper award (shared with another paper).
Renaud Vilmart, together with collaborators Benoît Valiron and Kostia Chardonnet have laid the foundations for a geometry of interactionstyle of semantics for graphical language ZXCalculus, devoted to quantum computing. This paper has been published in the proceedings of MFCS 2021 17, and also in the proceedings of TLLA 20121 16.
Renaud Vilmart has investigated the links between graphical language ZHCalculus and Quantum Multiplevalued Decision Diagrams (QMDDs) used in verification of quantum processes. This paper has been published in the proceedings of MFCS 2021 19.
Renaud Vilmart has published a paper at FoSSaCS 2021 41. This paper does not appear in the team's publications, as it was submitted before the author joined Deducteam.
Pablo Arnault has introduced a discretetime quantum walk (DQW) defined on a polar grid, a primer, and are hence able to define an angular momentum for this DQW, which is conserved at the discrete level, i.e., on the spacetime lattice. Ha has shown that in the continuum limit the standard relativistic Landau levels of the Dirac equation are recovered in the case the Hamiltonian has been codiagonalized with, not the linear momentum, but the angular one. Those results have been published in 13.
Pablo Arnault has shown that one can discretize the Dirac equation under the form of a DQW without specifying a particular representation of the Clifford algebra. A new Clifford algebra has been defined from the operators defining the DQW, by requiring that the square of the DQW delivers what we define as a valid discretization of the Dirac equation (this parallels exactly, at the discrete level, Dirac’s original procedure in the continuum). We then show that the DQW contains, natively, a Wilson term that enables to avoid fermion doubling, and this without breaking unitarity, while discretetime versions of standard lattice gauge theory are usually formulated in a Lagrangian way so that unitarity is not inbuilt, has to be proven, and is actually frequently broken. Those results appear in 24.
7 Bilateral contracts and grants with industry
7.1 Bilateral contracts with industry
Participants: Valentin Blot.
Valentin Blot and Chantal Keller have funding for a 4year project (2021–2025) involving a PhD student, a research engineer (2 years) and a postdoctoral researcher (2 years). This funding is part of the Inria  Nomadic labs partnership for Tezos blockchain.
8 Partnerships and cooperations
8.1 International initiatives
8.1.1 STIC/MATH/CLIMAT AmSud project
Participants: Gilles Dowek.
QAPLA

Title:
Quantum aspects of programming languages

Local supervisor:
Gilles Dowek

Begin date:
Fri Jan 01 2021

End date:
Sat Dec 31 2022

Partners:
 Universidad de Buenos Aires
 Universidad de la Republica Uruguay
 Universidad de Chile

Summary:
The design of quantum programming languages is a rich framework that allows studying intrinsic properties of the computation we are modelling, such as parallelism, entanglement, superposition, etc; also, it is a way to study new logics (quantum logics with a computational ground), as well as to study classical logics from a new perspective. Finally, the studying the foundational bases of programming languages gives a path to develop proper implementations. This project proposes to study several aspects of quantum programming languages, with different approaches (quantum control/classical data, quantum control and data, categorical techniques, semantical techniques, realizability). The final aim is to merge different approaches in order to study from logics to implementations.
8.2 International research visitors
8.2.1 Visits of international scientists
Alejandro DíazCaro visited Deducteam for two weeks in November.
8.2.2 Visits to international teams
Research stays abroad
Gilles Dowek has visited the University of Buenos Aires for two weeks.
Gilles Dowek has visited the Pontifícia Universidade Católica do Rio de Janeiro for two weeks. He has give two talks there "A New connective in natural deduction, and its application to quantum computing" and "Ecumenism: logical constants and beyond".
8.3 European initiatives
8.3.1 Horizon Europe
Participants: Frédéric Blanqui.
EuroProofNet Frédéric Blanqui is the chair of the European COST action CA20111 EuroProofNet. EuroProofNet is the European research network on digital proofs. It aims at boosting the interoperability and usability of proof systems. It started on November 2021 and already gathers more than 220 researchers from 30 different countries. EuroProofNet organizes meetings and schools, and provides grants to its members for shortterm scientific missions in another lab or country.
8.4 National initiatives
Participants: Gilles Dowek, Catherine Dubois.
The ANR project (20222025) ICSPA (Interoperable and Confident Setbased Proof Assistants) has been accepted in the context of the AAPG 2021 call. It is coordinated by Catherine Dubois and has the following academic partners Samovar – Inria Grand Est – Inria ParisSaclay – LIRMM – IRIT with the industrial partner Clearsy. The project starts on January 1st 2022. This project aims at reinforcing the confidence in proofs carried out mechanically for the setbased specification formalisms B, EventB, and TLA+ that are used in industry.This will be done by verifying these proofs formally and independently with the proof verifier Dedukti. The project also aims at designing and implementing an exchange framework, through which those three systems can share their proofs and theories, making them effectively interoperable.
The ANR PROGRAMme is an ANR for junior researcher Liesbeth Demol (CNRS, UMR 8163 STL, University Lille 3) to which G. Dowek participates. The subject is: “What is a program? Historical and Philosophical perspectives”. This project aims at developing the first coherent analysis and pluralistic understanding of “program” and its implications to theory and practice.
9 Dissemination
9.1 Promoting scientific activities
9.1.1 Scientific events: selection
Member of the conference program committees
Frédéric Blanqui was PC member of FSCD'21, CICM'21 and TYPES'21.
Gilles Dowek has been a PC member of CADE, ITP, Happoc, and NFR.
Reviewer
Renaud Vilmart has reviewed papers for Logics in Computer Science (LICS), Quantum Physics and Logics (QPL) and Symposium on Theory of Computing (STOC).
9.1.2 Journal
Reviewer  reviewing activities
Renaud Vilmart has reviewed papers for Journal of the ACM (JACM), Logical Methods in Computer Science (LMCS), Physical Review A (PRA), Theoretical Computer Science (TCS) and Transactions on Quantum Computing (TQC).
9.1.3 Invited talks
Gilles Dowek has given an invited talk "Sharing proofs across logics and systems: a boost for formal methods?" at ABZ 2021.
Gilles Dowek has given an invited talk "Sharing geometry proofs across logics and systems" at the 13th International Conference on Automated Deduction in Geometry.
Gilles Dowek has given an invited talk "A framework to express the axioms of mathematics" at the VI congresso latinoamericano de matemáticos.
Gilles Dowek has given an invited talk "How can we make formal proof teachable?" at Theorem Proving Components for Educational Software 2021.
Gilles Dowek has given an invited talk Explanation: from ethics to logic" at the Symposium Fairness, Integrity and Transparency in Formal Systems: Challenges for a Society Increasingly Dominated by Technology, coorganised by the Japan Association for Philosophy of Science and the Division for Logic, Methodology and Philosophy of Science and Technology of the International Union of History and Philosophy of Science and Technology. The video is online.
Bruno Barras has given an invited talk “Type Theory in Set Theory, in Type Theory" at the conference celebrating the 90 Years of Gödel's Incompleteness Theorems, held in Nürtingen (Germany), in July 2021.
9.1.4 Leadership within the scientific community
Frédéric Blanqui is member of the steering committees of the International School on Rewriting (ISR), the international TYPES conference, and of the ACM/IEEE Symposium on Logic in Computer Science (LICS).
9.1.5 Scientific expertise
Gilles Dowek is a member of the of the Comité national pilote d'éthique du numérique.
Gilles Dowek is a member of the Conseil national du numérique.
Gilles Dowek is a member of the Scientific board of the Societé informatique de France.
Gilles Dowek is a member of the Comite national francais d'histoire et de philosophie des sciences et des techniques.
9.1.6 Research administration
Frédéric Blanqui is assistant director of the doctoral school ED STIC on computer science of the University ParisSaclay.
9.2 Teaching  Supervision  Juries
9.2.1 Teaching
 Master: Renaud Vilmart, Calcul quantique avancé et codes correcteurs, 10h, M2, QDCS, France
 Master: Frédéric Blanqui, formal languages, 21h, M1, ENSIIE, France
 Master: Frédéric Blanqui, rewriting theory, 14h, M1, ENS ParisSaclay, France
 Master: Bruno Barras, Proof Assistants, 12h, M2, MPRI, France
 Master: Gabriel Hondet, rewriting theory TD, 14h, M1, ENS ParisSaclay, France
 License: Amélie Ledein, orientedobject programming (Scala)  project, 15h, L3, ENS ParisSaclay, France
 License: Amélie Ledein, functional programming (OCaml)  project, 15h, L3, ENS ParisSaclay, France
 License: Thiago Felicissimo, functional programming  TD, 20h, L3, Faculté des Sciences d'Orsay, France
 License: Thiago Felicissimo, logic  TD, 20h, L3, Faculté des Sciences d'Orsay, France
 License: Gabriel Hondet, operating systems and architecture TD, 22.5h, L3, ENS ParisSaclay, France
 License: Gabriel Hondet, programming TD, 12h, L3, ENS ParisSaclay, France
 License: Gabriel Hondet, projet bases de données, 22.5h, L3, ENS ParisSaclay, France
 License: Renaud Vilmart, Projet informatique, 50h, L2, Faculté des Sciences d'Orsay, France
 License: Louise Dubois de Prisque, Logic, 22h
 License: Louise Dubois de Prisque, Compiling, 22h
 License: Louise Dubois de Prisque, Logical and algorithmic tools, 18h
 License: Bruno Barras, Introductory course to Intuitionistic Proofs, 6h, L3, University of Paris
 Gilles Dowek has taught an introductory course on Logic at the École normale de ParisSaclay. For this flippedclassroom course, he has shot twelve one hour videos that are online "Douze leçons de logique".
 Gilles Dowek has organized a research workshop for students of the École normale de ParisSaclay.
 IUT d'Orsay, 2nd year: Pierre Vial, Compiling, 44h
 Polytech ParisSaclay, 4th year: Pierre Vial, handson in Functional programming (OCaml), 16h
9.2.2 Supervision
Frédéric Blanqui and Gilles Dowek advise the doctoral work of Gabriel Hondet.
Frédéric Blanqui and Gilles Dowek advise the doctoral work of Thiago Felicissimo.
Bruno Barras and Gilles Dowek advise the doctoral work of Luc Chabassier.
Gilles Dowek and Olivier Hermant advise the doctoral work of Yoan Géran.
Frédéric Blanqui and Gilles Dowek have advised the masters internship of Thiago Felicissimo.
Gilles Dowek and Olivier Hermant have advised the masters internship of Yoan Géran.
Gilles Dowek has advised the masters internship of Oleksii Tsokurov.
Valentin Blot and Gilles Dowek advise the parcours recherche of Thomas Traversié.
Gilles Dowek and JeanPierre Jouannaud advise the parcours recherche of Corentin Chabanol.
Bruno Barras advise the parcours recherche of Loris Cros.
9.3 Popularization
9.3.1 Internal or external Inria responsibilities
Frédéric Blanqui is member of the Evaluation Committee of Inria.
Frédéric Blanqui is member of the scientific committee of Inria Saclay.
9.3.2 Articles and contents
Renaud Vilmart has written an article for the blog “Binaire du Monde”, related to his PhD work.
10 Scientific production
10.1 Major publications

1
inproceedingsExpressing theories in the
$$ $$ calculus modulo theory and in the Dedukti system.22nd International Conference on Types for Proofs and Programs, TYPES 2016Novi SAd, SerbiaMay 2016  2 articleA generalization of the TakeutiGandy interpretation.Mathematical Structures in Computer Science2552015, 10711099URL: https://doi.org/10.1017/S0960129514000504
 3 articleDefinitions by rewriting in the Calculus of Constructions.Mathematical Structures in Computer Science1512005, 3792
 4 articleThe Computability Path Ordering.Logical Methods in Computer ScienceOctober 2015
 5 inproceedingsAn interpretation of system F through bar recursion.32nd ACM/IEEE Symposium on Logic in Computer ScienceIEEE2017
 6 articleFirstOrder Automated Reasoning with Theories: When Deduction Modulo Theory Meets Practice.Journal of Automated Reasoning2019

7
inproceedingsEmbedding Pure Type Systems in the
$$ $$ calculus modulo.Typed lambda calculi and applications4583Lecture Notes in Computer ScienceSpringerVerlag2007, 102117  8 articleTheorem proving modulo.Journal of Automated Reasoning312003, 3373
 9 articleResolution is CutFree.Journal of Automated Reasoning443March 2010, 245276
 10 articleTableaux Modulo Theories Using Superdeduction.Global Journal of Advanced Software Engineering (GJASE)1December 2014, 113
 11 articleVerifying B Proof Rules using Deep Embedding and Automated Theorem Proving.Software and Systems Modeling (SoSyM)June 2013
10.2 Publications of the year
International journals
 12 articleConfluence of leftlinear higherorder rewrite theories by checking their nested critical pairs.Mathematical Structures in Computer ScienceJanuary 2022, 136
 13 articleDirac quantum walks with conserved angular momentum.Quantum Studies: Mathematics and Foundations84November 2021, 419430
International peerreviewed conferences
 14 inproceedingsSome Axioms for Mathematics.FSCD 2021  6th International Conference on Formal Structures for Computation and DeductionBuenos Aires / Virtual, ArgentinaJuly 2021
 15 inproceedingsGeneral Automation in Coq through Modular Transformations.Seventh Workshop on Proof Exchange in Theorem ProvingProceedings of the Seventh Workshop on Proof eXchange for Theorem ProvingPittsburgh, United StatesEPTCSJuly 2021
 16 inproceedingsGeometry of Interaction for ZXDiagrams.TLLA 2021  5th International Workshop on Trends in Linear Logic and ApplicationsRome / Virtual, ItalyJune 2021
 17 inproceedingsGeometry of Interaction for ZXDiagrams.MFCS 2021  46th International Symposium on Mathematical Foundations of Computer Science202Leibniz International Proceedings in Informatics (LIPIcs)Tallinn, EstoniaAugust 2021, 30:130:16
 18 inproceedingsSafe, Fast, Concurrent Proof Checking for the lambdaPi Calculus Modulo Rewriting.11th ACM SIGPLAN International Conference on Certified Programs and Proofs (CPP ’22)Philadelphia, PA, United StatesJanuary 2022
 19 inproceedingsQuantum MultipleValued Decision Diagrams in Graphical Calculi.MFCS 2021  46th International Symposium on Mathematical Foundations of Computer Science202Leibniz International Proceedings in Informatics (LIPIcs)Tallinn, EstoniaAugust 2021, 89:189:15
Conferences without proceedings
 20 inproceedingsBécassine à la chasse au Coq.JFLA 2022  Journées Francophones des Langages ApplicatifsSaintMédardd'Excideuil, FranceJune 2022
 21 inproceedingsConfluence in NonLeftLinear Untyped HigherOrder Rewrite Theories.PPDP 2021  23rd International Symposium on Principles and Practice of Declarative ProgrammingTallin, EstoniaSeptember 2021
 22 inproceedingsVers une traduction de K en Dedukti.JFLA 2022  Journées Francophones des Langages ApplicatifsSaintMédardd'Excideuil, FranceJune 2022
Doctoral dissertations and habilitation theses
 23 thesisIntegrating Automated Theorem Provers in Proof Assistants.Université ParisSaclaySeptember 2021
Reports & preprints
 24 miscClifford algebra from quantum automata and unitary Wilson fermions.February 2022
 25 miscA New Connective in Natural Deduction, and its Application to Quantum Computing ⋆.January 2022
 26 miscConfluence in UnTyped HigherOrder Theories by means of Critical Pairs.September 2021
 27 miscUnification of Drags and Confluence of Drag Rewriting.February 2021
 28 miscUnification of Drags and Confluence of Drag Rewriting.October 2021
 29 miscClassical simulation of quantum circuits with partial and graphical stabiliser decompositions.March 2022
 30 reportM1 Internship ReportTranslating proofs between Isabelle and Dedukti.Deducteam  Inria ParisSaclay / ENS ParisSaclaySeptember 2021
Other scientific publications
 31 miscInteracting Safely with an Unsafe Environment.Pittsburgh, United StatesJuly 2021, 30  38
 32 thesisRepresenting Agda and coinduction in the λΠcalculus modulo rewriting.LSV, ENS Paris Saclay, Université ParisSaclaySeptember 2021
10.3 Cited publications
 33 unpublishedClifford algebra from quantum automata and unitary Wilson fermions.February 2022, working paper or preprint

34
inproceedings
://doi.org/10.1007/9783540713166 8On the implementation of construction functions for nonfree concrete data types.Proceedings of the 16th European Symposium on Programming\em, Lecture Notes in Computer Science 442115 pages2007 
35
phdthesisConception d'un noyau de vérification de preuves pour le
$$ calcul modulo.École Polytechnique2011  36 inproceedingsA Theory Independent Curryde Bruijnhoward Correspondence.Proceedings of the 39th International Colloquium Conference on Automata, Languages, and Programming  Volume Part IIICALP'12Berlin, HeidelbergWarwick, UKSpringerVerlag2012, 1315URL: http://dx.doi.org/10.1007/9783642315855_2
 37 articleCut elimination for Zermelo set theory.Manuscript, available from the web pages of the authors2007

38
inproceedings
://doi.org/10.4204/EPTCS.336.2A Framework for Proofcarrying Logical Transformations.Proceedings of the 7th International Workshop on Proof eXchange for Theorem Proving\em, Electronic Proceedings in Theoretical Computer Science 3362021 
39
inproceedings
://doi.org/10.4230/LIPIcs.TYPES.2020.6Encoding of Predicate Subtyping and Proof Irrelevance in the $$ calculus Modulo Theory.Proceedings of the 26th International Conference on Types for Proofs and Programs\em, Leibniz International Proceedings in Informatics 1882021  40 articleDirac quantum walks with conserved angular momentum.Quantum Studies: Mathematics and Foundations84November 2021, 419430
 41 inproceedingsThe Structure of SumOverPaths, its Consequences, and Completeness for Clifford.Foundations of Software Science and Computation StructuresChamSpringer International Publishing2021, 531550
 42 inproceedingsEliminating reflection from type theory.Proceedings of the 8th ACM SIGPLAN International Conference on Certified Programs and Proofs, CPP 2019, Cascais, Portugal, January 1415, 2019ACM2019, 91103URL: https://doi.org/10.1145/3293880.3294095