The Higher-Order Prover Leo-II

Christoph Benzmüller, Nik Sultana, Lawrence C. Paulson, Frank Theiß
2015 Journal of automated reasoning  
Leo-II is an automated theorem prover for classical higher-order logic. The prover has pioneered cooperative higher-order-first-order proof automation, it has influenced the development of the TPTP THF infrastructure for higher-order logic, and it has been applied in a wide array of problems. Leo-II may also be called in proof assistants as an external aid tool to save user effort. For this it is crucial that Leo-II returns proof information in a standardised syntax, so that these proofs can
more » ... ntually be transformed and verified within proof assistants. Recent progress in this direction is reported for the Isabelle/HOL system. Leo-II is a standalone, resolution-based higher-order (HO) automated theorem prover (ATP) that is designed for cooperation with specialist provers for fragments of HO logic. The idea is to combine the strengths of the different systems. On the other hand, Leo-II itself, as an external reasoner, aims to support HO proof assistants such as Isabelle/HOL [47], HOL [34] or HOL Light [36] . The predecessor of Leo-II, Leo-I [16], was originally designed as a fully-automated subsystem of the interactive proof assistant and proof planner Ωmega [53] . Similar in spirit to Andrews' pioneering TPS system [4], Leo-I was intended to solve selected subgoals automatically in order to save user interaction or support a proof planner. Technically, however, the resolution-based Leo provers differ significantly from the matings-based TPS system. Leo-I was hard-wired to the Ωmega proof assistant. The prover already supported native (versus Huet's axiomatic) treatment of the extensionality principles [8] and it cooperated with first-order (FO) ATPs via the flexible ΩAnts agent architecture within Ωmega [26] . Both native extensionality treatment and cooperation with specialist reasoners for fragments of HO logic have been adopted in Leo-II, and also in other systems, most notably in the recent Satallax prover by Brown [30] . Leo-II's calculus is based on Resolution by Unification and Equality [33] . That is, unification constraints are disagreement pairs, and are amenable to resolution. The prover supports primitive equality handling (in Leo-I equality was expanded using Leibniz' definition), calculus-level treatment of choice, and depth-bounded HO pre-unification. The rest of the article is structured as follows. More information on the theory and background of Leo-II is provided in Sect. 2. The prover's main loop and its direct collaboration with FO ATPs are outlined in Sect. 3. An example proof of Leo-II is presented in Sect. 4. The prover can also be used in interactive mode; however, this feature is not described here. Leo-II also implements term sharing and term indexing (Sect. 5). Leo-II's native input language is TPTP THF0 [64]. Section 6 describes how the development of the THF0 language, which in turn fostered significant improvements in HO theorem proving, has been paralleled and influenced by the development of Leo-II. In that section it is also explained why Leo-II (and other THF0 compliant provers) can readily be used for automating a wide spectrum of quantified non-classical logics via semantic embeddings. Proof certificates, which have been a central objective of the Leo provers from the beginning, are covered in Sect. 7. Leo-II's proof certificates are exploited in the prover's recent integration with Isabelle/HOL, through which Leo-II proofs can now be transformed and verified (Sect. 8). Section 9 summarises selected applications of Leo-II and points to integrations of Leo-II with other systems. The Leo-II prover can be easily deployed and installed. The source code is freely available from http://www.leoprover.org under a BSD-style license.
doi:10.1007/s10817-015-9348-y pmid:30174358 pmcid:PMC6109767 fatcat:35dv765knbdsjnvfi6ihgbjhha