Chapter 48 Soundness

In this chapter we relate TFL’s semantics to its natural deduction proof system (as defined in part IV). We will prove that the formal proof system is safe: you can only prove sentences from premises from which they actually follow. Intuitively, a formal proof system is sound if⁠f it does not allow you to prove any invalid arguments. This is obviously a highly desirable property. It tells us that our proof system will never lead us astray. Indeed, if our proof system were not sound, then we would not be able to trust our proofs. The aim of this chapter is to prove that our proof system is sound.

Let’s make the idea more precise. We’ll abbreviate a list of sentences using the Greek letter $\Gamma$ (‘gamma’). A formal proof system is sound (relative to a given semantics) if⁠f, whenever there is a formal proof of $\mathscr{C}$ from assumptions among $\Gamma$ , then $\Gamma$ genuinely entails $\mathscr{C}$ (given that semantics). Otherwise put, to prove that TFL’s proof system is sound, we need to prove the following

Soundness Theorem. For any sentences $\Gamma$ and $\mathscr{C}$ : if $\Gamma\vdash\mathscr{C}$ , then $\Gamma\vDash\mathscr{C}$

To prove this, we will check each of the rules of TFL’s proof system individually. We want to show that no application of those rules ever leads us astray. Since a proof just involves repeated application of those rules, this will show that no proof ever leads us astray. Or at least, that is the general idea.

To begin with, we must make the idea of ‘leading us astray’ more precise. Say that a line of a proof is shiny if⁠f the assumptions on which that line depends entail the sentence on that line.¹¹ 1 The word ‘shiny’ is not standard among logicians. To illustrate the idea, consider the following:

Line number	Subproof level	Formula	Justification
$1$	0	$F\rightarrow(G\wedge H)$	PR
$2$	open subproof, 1	$F$	AS
$3$	1	$G\wedge H$	$\rightarrow$ E $1$ , $2$
$4$	1	$G$	$\wedge$ E $3$
$5$	close subproof, 0	$F\rightarrow G$	$\rightarrow$ I $2$ – $4$

Line $1$ is shiny if⁠f $F\rightarrow(G\wedge H)\vDash F\rightarrow(G\wedge H)$ . You should be easily convinced that line $1$ is, indeed, shiny! Similarly, line $4$ is shiny if⁠f $F\rightarrow(G\wedge H),F\vDash G$ . Again, it is easy to check that line $4$ is shiny. As is every line in this TFL-proof. We want to show that this is no coincidence. That is, we want to prove:

Shininess Lemma. Every line of every TFL-proof is shiny.

Then we will know that we have never gone astray, on any line of a proof. Indeed, given the Shininess Lemma, it will be easy to prove the Soundness Theorem:

Proof. Suppose $\Gamma\vdash\mathscr{C}$ . Then there is a TFL-proof, with $\mathscr{C}$ appearing on its last line, whose only undischarged assumptions are among $\Gamma$ . The Shininess Lemma tells us that every line on every TFL-proof is shiny. So this last line is shiny, i.e., $\Gamma\vDash\mathscr{C}$ . QED

It remains to prove the Shininess Lemma.

To do this, we observe that every line of any TFL-proof is either a premise or an assumption, or it is obtained by applying some rule. Premises are automatically shiny: if $\mathscr{A}$ is a premise, then it is among the sentences in $\Gamma$ , and $\Gamma\vDash\mathscr{A}$ trivially. Assumptions are also shiny, since the any assumption $\mathscr{A}$ depends on itself, and $\mathscr{A}\vDash\mathscr{A}$ . So what we want to show is that no application of a rule of TFL’s proof system will lead us astray. More precisely, say that a rule of inference is rule-sound if⁠f for all TFL-proofs, if we obtain a line on a TFL-proof by applying that rule, and every earlier line in the TFL-proof is shiny, then our new line is also shiny. What we need to show is that every rule in TFL’s proof system is rule-sound.

We will do this below. But having demonstrated the rule-soundness of every rule, the Shininess Lemma will follow immediately:

Proof. Start with line $1$ of any TFL proof. It must be either a premise or an assumption, and those are all shiny, as we’ve seen above. Take the next line, $2$ . If it is a premise or assumption, it is shiny. If not, it is obtained from line $1$ using an inference which is rule-sound. Since line $1$ is shiny, line $2$ is also shiny. Take the next line, $3$ . If it is a premise or assumption, it is shiny. If not, it is obtained from a previous line using an inference which is rule-sound, and we’ve established that all previous lines are shiny. Thus, line $3$ is also shiny. And so on. In general, the sentence written on line $n$ must either be a premise or assumption (which is shiny) or be obtained using a formal inference rule which is rule-sound. Since every earlier line is shiny, line $n$ itself is shiny. We can simply go through this reasoning, for any TFL proof, starting with line $1$ and continuing to the last line, and get that every line of every TFL-proof is shiny. QED

It remains to show that every rule is rule-sound. This is not difficult, but it is time-consuming, since we need to check each rule individually, and TFL’s proof system has plenty of rules! To speed up the process marginally, we will introduce a convenient abbreviation: ‘ $\Delta_{i}$ ’ (‘delta’) will abbreviate the assumptions (if any) on which line $i$ depends in our TFL-proof (context will indicate which TFL-proof we have in mind). This includes all premises of our proof, and all assumptions of subproofs which are still open at line $i$ . Let’s first record our observation about premises and assumptions from above.

Premises and assumptions in TFL proofs are shiny.

If $\mathscr{A}$ is a premise on line $n$ , then it is among $\Delta_{n}$ as that includes all premises of the proof. If it is introduced as an assumption of a subproof on line $n$ , then everything in the subproof (including line $n$ , i.e., $\mathscr{A}$ itself) depends on $\mathscr{A}$ , and so $\mathscr{A}$ is among $\Delta_{n}$ . In either case, $\Delta_{n}\vDash\mathscr{A}$ .

Now let’s proceed to show that all the inference rules are rule-sound.

$\wedge$ I is rule-sound.

Proof. Consider any application of $\wedge$ I in any TFL-proof, i.e., something like:

Line number	Formula	Justification
$i$	$\mathscr{A}$
$j$	$\mathscr{B}$
$n$	$\mathscr{A}\wedge\mathscr{B}$	$\wedge$ I $i$ , $j$

To show that $\wedge$ I is rule-sound, we assume that every line before line $n$ is shiny; and we aim to show that line $n$ is shiny, i.e., that $\Delta_{n}\vDash\mathscr{A}\wedge\mathscr{B}$ .

So, let $v$ be any valuation that makes all of $\Delta_{n}$ true.

We first show that $v$ makes $\mathscr{A}$ true. To prove this, note that all of $\Delta_{i}$ are among $\Delta_{n}$ . By hypothesis, line $i$ is shiny. So any valuation that makes all of $\Delta_{i}$ true makes $\mathscr{A}$ true. Since $v$ makes all of $\Delta_{i}$ true, it makes $\mathscr{A}$ true too.

We can similarly see that $v$ makes $\mathscr{B}$ true.

So $v$ makes $\mathscr{A}$ true and $v$ makes $\mathscr{B}$ true. Consequently, $v$ makes $\mathscr{A}\wedge\mathscr{B}$ true. So any valuation that makes all sentences among $\Delta_{n}$ true also makes $\mathscr{A}\wedge\mathscr{B}$ true. That is: line $n$ is shiny. QED

All of the remaining lemmas establishing rule-soundness will have, essentially, the same structure as this one did.

$\wedge$ E is rule-sound.

Proof. Assume that every line before line $n$ on some TFL-proof is shiny, and that $\wedge$ E is used on line $n$ . So the situation is:

Line number	Subproof level	Formula	Justification
$i$	0	$\mathscr{A}\wedge\mathscr{B}$
$n$	0	$\mathscr{A}$	$\wedge$ E $i$

(or perhaps with $\mathscr{B}$ on line $n$ instead; but similar reasoning will apply in that case). Let $v$ be any valuation that makes all of $\Delta_{n}$ true. Note that all of $\Delta_{i}$ are among $\Delta_{n}$ . By hypothesis, line $i$ is shiny. So any valuation that makes all of $\Delta_{i}$ true makes $\mathscr{A}\wedge\mathscr{B}$ true. So $v$ makes $\mathscr{A}\wedge\mathscr{B}$ true, and hence makes $\mathscr{A}$ true. So $\Delta_{n}\vDash\mathscr{A}$ . QED

$\vee$ I is rule-sound.

We leave this as an exercise.

$\vee$ E is rule-sound.

Proof. Assume that every line before line $n$ on some TFL-proof is shiny, and that $\wedge$ E is used on line $n$ . So the situation is:

Line number	Subproof level	Formula	Justification
$m$	0	$\mathscr{A}\vee\mathscr{B}$
$i$	open subproof, 1	$\mathscr{A}$	AS
$j$	1	$\mathscr{C}$
$k$	close subproof, open subproof, 1	$\mathscr{B}$	AS
$l$	1	$\mathscr{C}$
$n$	close subproof, 0	$\mathscr{C}$	$\vee$ E $m$ , $i$ – $j$ , $k$ – $l$

Let $v$ be any valuation that makes all of $\Delta_{n}$ true. Note that all of $\Delta_{m}$ are among $\Delta_{n}$ . By hypothesis, line $m$ is shiny. So any valuation that makes $\Delta_{n}$ true makes $\mathscr{A}\vee\mathscr{B}$ true. So in particular, $v$ makes $\mathscr{A}\vee\mathscr{B}$ true, and hence either $v$ makes $\mathscr{A}$ true, or $v$ makes $\mathscr{B}$ true. We now reason through these two cases:

1.

$v$ makes $\mathscr{A}$ true. All of $\Delta_{i}$ are among $\Delta_{n}$ , with the possible exception of $\mathscr{A}$ . Since $v$ makes all of $\Delta_{n}$ true, and also makes $\mathscr{A}$ true, $v$ makes all of $\Delta_{i}$ true. Now, by assumption, line $j$ is shiny; so $\Delta_{j}\vDash\mathscr{C}$ . But the sentences $\Delta_{i}$ are just the sentences $\Delta_{j}$ , so $\Delta_{i}\vDash\mathscr{C}$ . So, any valuation that makes all of $\Delta_{i}$ true makes $\mathscr{C}$ true. But $v$ is just such a valuation. So $v$ makes $\mathscr{C}$ true.
2.

$v$ makes $\mathscr{B}$ true. Reasoning in exactly the same way, considering lines $k$ and $l$ , $v$ makes $\mathscr{C}$ true.

Either way, $v$ makes $\mathscr{C}$ true. So $\Delta_{n}\vDash\mathscr{C}$ . QED

$\neg$ E is rule-sound.

Proof. Assume that every line before line $n$ on some TFL-proof is shiny, and that $\neg$ E is used on line $n$ . So the situation is:

Line number	Formula	Justification
$i$	$\mathscr{A}$
$j$	$\neg\mathscr{A}$
$n$	$\bot$	$\neg$ E $i$ , $j$

Note that all of $\Delta_{i}$ and all of $\Delta_{j}$ are among $\Delta_{n}$ . By hypothesis, lines $i$ and $j$ are shiny. So any valuation which makes all of $\Delta_{n}$ true would have to make both $\mathscr{A}$ and $\neg\mathscr{A}$ true. But no valuation can do that. So no valuation makes all of $\Delta_{n}$ true. So $\Delta_{n}\vDash\bot$ , vacuously. QED

X is rule-sound.

We leave this as an exercise.

$\neg$ I is rule-sound.

Proof. Assume that every line before line $n$ on some TFL-proof is shiny, and that $\neg$ I is used on line $n$ . So the situation is:

Line number	Subproof level	Formula	Justification
$i$	open subproof, 1	$\mathscr{A}$	AS
$j$	1	$\bot$
$n$	close subproof, 0	$\neg\mathscr{A}$	$\neg$ I $i$ – $j$

Let $v$ be any valuation that makes all of $\Delta_{n}$ true. Note that all of $\Delta_{n}$ are among $\Delta_{i}$ , with the possible exception of $\mathscr{A}$ itself. By hypothesis, line $j$ is shiny. But no valuation can make ‘ $\bot$ ’ true, so no valuation can make all of $\Delta_{j}$ true. Since the sentences $\Delta_{i}$ are just the sentences $\Delta_{j}$ , no valuation can make all of $\Delta_{i}$ true. Since $v$ makes all of $\Delta_{n}$ true, it must therefore make $\mathscr{A}$ false, and so make $\neg\mathscr{A}$ true. So $\Delta_{n}\vDash\neg\mathscr{A}$ . QED

IP, $\rightarrow$ I, $\rightarrow$ E, $\leftrightarrow$ I, and $\leftrightarrow$ E are all rule-sound.

We leave these as exercises.

This establishes that all the basic rules of our proof system are rule-sound. Finally, we show:

All of the derived rules of our proof system are rule-sound.

Proof. Suppose that we used a derived rule to obtain some sentence, $\mathscr{A}$ , on line $n$ of some TFL-proof, and that every earlier line is shiny. Every use of a derived rule can be replaced (at the cost of long-windedness) with multiple uses of basic rules. That is to say, we could have used basic rules to write $\mathscr{A}$ on some line $n+k$ , without introducing any further assumptions. So, applying our individual results that all basic rules are rule-sound several times ( $k+1$ times, in fact), we can see that line $n+k$ is shiny. Hence the derived rule is rule-sound. QED

And that’s that! We have shown that every rule—basic or otherwise—is rule-sound, which is all that we required to establish the Shininess Lemma, and hence the Soundness Theorem.

But it might help to round off this chapter if we repeat my informal explanation of what we have done. A formal proof is just a sequence—of arbitrary length—of applications of rules. We have shown that any application of any rule will not lead you astray. It follows that no formal proof will lead you astray. That is: our proof system is sound.

Practice exercises

A. Complete the Lemmas left as exercises in this chapter. That is, show that the following are rule-sound:

1.

$\vee$ I. (Hint: this is similar to the case of $\wedge$ E.)
2.

X. (Hint: this is similar to the case of $\neg$ E.)
3.

$\rightarrow$ I. (Hint: this is similar to $\vee$ E.)
4.

$\rightarrow$ E.
5.

IP. (Hint: this is similar to the case of $\neg$ I.)