TPTP Problem File: ITP087^2.p
View Solutions
- Solve Problem
%------------------------------------------------------------------------------
% File : ITP087^2 : TPTP v9.0.0. Released v7.5.0.
% Domain : Interactive Theorem Proving
% Problem : Sledgehammer KnowledgeKeysSecrets problem prob_277__3294194_1
% Version : Especial.
% English :
% Refs : [BH+15] Blanchette et al. (2015), Mining the Archive of Formal
% : [Des21] Desharnais (2021), Email to Geoff Sutcliffe
% Source : [Des21]
% Names : KnowledgeKeysSecrets/prob_277__3294194_1 [Des21]
% Status : Theorem
% Rating : 0.33 v9.0.0, 0.00 v7.5.0
% Syntax : Number of formulae : 350 ( 110 unt; 65 typ; 0 def)
% Number of atoms : 1072 ( 276 equ; 0 cnn)
% Maximal formula atoms : 13 ( 3 avg)
% Number of connectives : 4567 ( 205 ~; 36 |; 96 &;3683 @)
% ( 0 <=>; 547 =>; 0 <=; 0 <~>)
% Maximal formula depth : 20 ( 8 avg)
% Number of types : 8 ( 7 usr)
% Number of type conns : 114 ( 114 >; 0 *; 0 +; 0 <<)
% Number of symbols : 59 ( 58 usr; 5 con; 0-3 aty)
% Number of variables : 977 ( 64 ^; 864 !; 30 ?; 977 :)
% ( 19 !>; 0 ?*; 0 @-; 0 @+)
% SPC : TH1_THM_EQU_NAR
% Comments : This file was generated by Sledgehammer 2021-02-23 16:19:38.787
%------------------------------------------------------------------------------
% Could-be-implicit typings (9)
thf(ty_t_Secrecy__types_OExpression,type,
secrecy_Expression: $tType ).
thf(ty_t_Secrecy__types_OSecrets,type,
secrecy_Secrets: $tType ).
thf(ty_t_Secrecy__types_OspecID,type,
secrecy_specID: $tType ).
thf(ty_t_Secrecy__types_OchanID,type,
secrecy_chanID: $tType ).
thf(ty_t_Secrecy__types_OKeys,type,
secrecy_Keys: $tType ).
thf(ty_t_Secrecy__types_OKS,type,
secrecy_KS: $tType ).
thf(ty_t_List_Olist,type,
list: $tType > $tType ).
thf(ty_t_Set_Oset,type,
set: $tType > $tType ).
thf(ty_t_Nat_Onat,type,
nat: $tType ).
% Explicit typings (56)
thf(sy_cl_Lattices_Obounded__lattice,type,
bounded_lattice:
!>[A: $tType] : $o ).
thf(sy_cl_HOL_Otype,type,
type:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Obot,type,
bot:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Oord,type,
ord:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Oorder,type,
order:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Olinorder,type,
linorder:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Opreorder,type,
preorder:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Oorder__bot,type,
order_bot:
!>[A: $tType] : $o ).
thf(sy_cl_Lattices_Obounded__semilattice__sup__bot,type,
bounde1808546759up_bot:
!>[A: $tType] : $o ).
thf(sy_c_CompLocalSecrets_OLocalSecrets,type,
localSecrets: secrecy_specID > ( set @ secrecy_KS ) ).
thf(sy_c_KnowledgeKeysSecrets__Mirabelle__khazhniute_OeoutKnowCorrect,type,
knowle1667810483orrect: secrecy_specID > secrecy_KS > $o ).
thf(sy_c_KnowledgeKeysSecrets__Mirabelle__khazhniute_Oknow,type,
knowle1437066798e_know: secrecy_specID > secrecy_KS > $o ).
thf(sy_c_Lattices_Osup__class_Osup,type,
sup_sup:
!>[A: $tType] : ( A > A > A ) ).
thf(sy_c_ListExtras_Omem,type,
mem:
!>[A: $tType] : ( A > ( list @ A ) > $o ) ).
thf(sy_c_Orderings_Obot__class_Obot,type,
bot_bot:
!>[A: $tType] : A ).
thf(sy_c_Orderings_Oord__class_Oless__eq,type,
ord_less_eq:
!>[A: $tType] : ( A > A > $o ) ).
thf(sy_c_Secrecy_OcorrectCompositionKS,type,
correctCompositionKS: secrecy_specID > $o ).
thf(sy_c_Secrecy_OcorrectCompositionKeys,type,
correc17873122onKeys: secrecy_specID > $o ).
thf(sy_c_Secrecy_Oeout,type,
eout: secrecy_specID > secrecy_Expression > $o ).
thf(sy_c_Secrecy_OeoutM,type,
eoutM: secrecy_specID > ( set @ secrecy_chanID ) > secrecy_Expression > $o ).
thf(sy_c_Secrecy_OexprChannel,type,
exprChannel: secrecy_chanID > secrecy_Expression > $o ).
thf(sy_c_Secrecy_Oine,type,
ine: secrecy_specID > secrecy_Expression > $o ).
thf(sy_c_Secrecy_OineM,type,
ineM: secrecy_specID > ( set @ secrecy_chanID ) > secrecy_Expression > $o ).
thf(sy_c_Secrecy_Oine__exprChannelSet,type,
ine_exprChannelSet: secrecy_specID > ( set @ secrecy_chanID ) > secrecy_Expression > $o ).
thf(sy_c_Secrecy_Oine__exprChannelSingle,type,
ine_ex1303305700Single: secrecy_specID > secrecy_chanID > secrecy_Expression > $o ).
thf(sy_c_Secrecy_OnotSpecKeysSecretsExpr,type,
notSpe1586871396tsExpr: secrecy_specID > ( list @ secrecy_Expression ) > $o ).
thf(sy_c_Secrecy_Oout__exprChannelSet,type,
out_exprChannelSet: secrecy_specID > ( set @ secrecy_chanID ) > secrecy_Expression > $o ).
thf(sy_c_Secrecy_Oout__exprChannelSingle,type,
out_ex985543062Single: secrecy_specID > secrecy_chanID > secrecy_Expression > $o ).
thf(sy_c_Secrecy_OspecKeys,type,
specKeys: secrecy_specID > ( set @ secrecy_Keys ) ).
thf(sy_c_Secrecy_OspecKeysSecrets,type,
specKeysSecrets: secrecy_specID > ( set @ secrecy_KS ) ).
thf(sy_c_Secrecy_OspecSecrets,type,
specSecrets: secrecy_specID > ( set @ secrecy_Secrets ) ).
thf(sy_c_Secrecy__types_OExpression_OkE,type,
secrecy_kE: secrecy_Keys > secrecy_Expression ).
thf(sy_c_Secrecy__types_OExpression_OsE,type,
secrecy_sE: secrecy_Secrets > secrecy_Expression ).
thf(sy_c_Secrecy__types_OKS2Expression,type,
secrec1016742679ession: secrecy_KS > secrecy_Expression ).
thf(sy_c_Secrecy__types_OKS_OkKS,type,
secrecy_kKS: secrecy_Keys > secrecy_KS ).
thf(sy_c_Secrecy__types_OKS_OsKS,type,
secrecy_sKS: secrecy_Secrets > secrecy_KS ).
thf(sy_c_Set_OCollect,type,
collect:
!>[A: $tType] : ( ( A > $o ) > ( set @ A ) ) ).
thf(sy_c_Set_Oinsert,type,
insert:
!>[A: $tType] : ( A > ( set @ A ) > ( set @ A ) ) ).
thf(sy_c_Set_Ois__empty,type,
is_empty:
!>[A: $tType] : ( ( set @ A ) > $o ) ).
thf(sy_c_Set_Ois__singleton,type,
is_singleton:
!>[A: $tType] : ( ( set @ A ) > $o ) ).
thf(sy_c_Set_Othe__elem,type,
the_elem:
!>[A: $tType] : ( ( set @ A ) > A ) ).
thf(sy_c_inout_OcorrectCompositionIn,type,
correctCompositionIn: secrecy_specID > $o ).
thf(sy_c_inout_OcorrectCompositionLoc,type,
correc965049635ionLoc: secrecy_specID > $o ).
thf(sy_c_inout_OcorrectCompositionOut,type,
correc990227761ionOut: secrecy_specID > $o ).
thf(sy_c_inout_OinStream,type,
inStream: secrecy_specID > ( set @ secrecy_chanID ) > $o ).
thf(sy_c_inout_Oins,type,
ins: secrecy_specID > ( set @ secrecy_chanID ) ).
thf(sy_c_inout_Oloc,type,
loc: secrecy_specID > ( set @ secrecy_chanID ) ).
thf(sy_c_inout_OlocStream,type,
locStream: secrecy_specID > ( set @ secrecy_chanID ) > $o ).
thf(sy_c_inout_Oout,type,
out: secrecy_specID > ( set @ secrecy_chanID ) ).
thf(sy_c_inout_Osubcomponents,type,
subcomponents: secrecy_specID > ( set @ secrecy_specID ) ).
thf(sy_c_member,type,
member:
!>[A: $tType] : ( A > ( set @ A ) > $o ) ).
thf(sy_v_P,type,
p: secrecy_specID ).
thf(sy_v_PQ,type,
pq: secrecy_specID ).
thf(sy_v_Q,type,
q: secrecy_specID ).
thf(sy_v_key____,type,
key: secrecy_Keys ).
thf(sy_v_m,type,
m: secrecy_KS ).
% Relevant facts (256)
thf(fact_0_cCompKS,axiom,
correctCompositionKS @ pq ).
% cCompKS
thf(fact_1_notKSQ,axiom,
~ ( member @ secrecy_KS @ m @ ( specKeysSecrets @ q ) ) ).
% notKSQ
thf(fact_2_notKSP,axiom,
~ ( member @ secrecy_KS @ m @ ( specKeysSecrets @ p ) ) ).
% notKSP
thf(fact_3_subPQ,axiom,
( ( subcomponents @ pq )
= ( insert @ secrecy_specID @ p @ ( insert @ secrecy_specID @ q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) ) ).
% subPQ
thf(fact_4_cCompI,axiom,
correctCompositionIn @ pq ).
% cCompI
thf(fact_5_assms_I3_J,axiom,
knowle1437066798e_know @ p @ m ).
% assms(3)
thf(fact_6_a1,axiom,
( m
= ( secrecy_kKS @ key ) ) ).
% a1
thf(fact_7_correctCompositionKS__PQ,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ks: secrecy_KS] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ PQ ) )
=> ( ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ P ) )
| ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ Q ) ) ) ) ) ) ).
% correctCompositionKS_PQ
thf(fact_8_correctCompositionKS__neg1,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ks: secrecy_KS] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ Q ) )
=> ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ PQ ) ) ) ) ) ) ).
% correctCompositionKS_neg1
thf(fact_9_correctCompositionKS__negP,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ks: secrecy_KS] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ PQ ) )
=> ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ P ) ) ) ) ) ).
% correctCompositionKS_negP
thf(fact_10_correctCompositionKS__negQ,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ks: secrecy_KS] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ PQ ) )
=> ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ Q ) ) ) ) ) ).
% correctCompositionKS_negQ
thf(fact_11_singletonI,axiom,
! [A: $tType,A2: A] : ( member @ A @ A2 @ ( insert @ A @ A2 @ ( bot_bot @ ( set @ A ) ) ) ) ).
% singletonI
thf(fact_12_KS_Oinject_I1_J,axiom,
! [X1: secrecy_Keys,Y1: secrecy_Keys] :
( ( ( secrecy_kKS @ X1 )
= ( secrecy_kKS @ Y1 ) )
= ( X1 = Y1 ) ) ).
% KS.inject(1)
thf(fact_13_insertCI,axiom,
! [A: $tType,A2: A,B: set @ A,B2: A] :
( ( ~ ( member @ A @ A2 @ B )
=> ( A2 = B2 ) )
=> ( member @ A @ A2 @ ( insert @ A @ B2 @ B ) ) ) ).
% insertCI
thf(fact_14_insert__iff,axiom,
! [A: $tType,A2: A,B2: A,A3: set @ A] :
( ( member @ A @ A2 @ ( insert @ A @ B2 @ A3 ) )
= ( ( A2 = B2 )
| ( member @ A @ A2 @ A3 ) ) ) ).
% insert_iff
thf(fact_15_insert__absorb2,axiom,
! [A: $tType,X: A,A3: set @ A] :
( ( insert @ A @ X @ ( insert @ A @ X @ A3 ) )
= ( insert @ A @ X @ A3 ) ) ).
% insert_absorb2
thf(fact_16_empty__iff,axiom,
! [A: $tType,C: A] :
~ ( member @ A @ C @ ( bot_bot @ ( set @ A ) ) ) ).
% empty_iff
thf(fact_17_all__not__in__conv,axiom,
! [A: $tType,A3: set @ A] :
( ( ! [X2: A] :
~ ( member @ A @ X2 @ A3 ) )
= ( A3
= ( bot_bot @ ( set @ A ) ) ) ) ).
% all_not_in_conv
thf(fact_18_Collect__empty__eq,axiom,
! [A: $tType,P: A > $o] :
( ( ( collect @ A @ P )
= ( bot_bot @ ( set @ A ) ) )
= ( ! [X2: A] :
~ ( P @ X2 ) ) ) ).
% Collect_empty_eq
thf(fact_19_empty__Collect__eq,axiom,
! [A: $tType,P: A > $o] :
( ( ( bot_bot @ ( set @ A ) )
= ( collect @ A @ P ) )
= ( ! [X2: A] :
~ ( P @ X2 ) ) ) ).
% empty_Collect_eq
thf(fact_20_bot__apply,axiom,
! [C2: $tType,D: $tType] :
( ( bot @ C2 )
=> ( ( bot_bot @ ( D > C2 ) )
= ( ^ [X2: D] : ( bot_bot @ C2 ) ) ) ) ).
% bot_apply
thf(fact_21_singletonD,axiom,
! [A: $tType,B2: A,A2: A] :
( ( member @ A @ B2 @ ( insert @ A @ A2 @ ( bot_bot @ ( set @ A ) ) ) )
=> ( B2 = A2 ) ) ).
% singletonD
thf(fact_22_bot__set__def,axiom,
! [A: $tType] :
( ( bot_bot @ ( set @ A ) )
= ( collect @ A @ ( bot_bot @ ( A > $o ) ) ) ) ).
% bot_set_def
thf(fact_23_bot__fun__def,axiom,
! [B3: $tType,A: $tType] :
( ( bot @ B3 )
=> ( ( bot_bot @ ( A > B3 ) )
= ( ^ [X2: A] : ( bot_bot @ B3 ) ) ) ) ).
% bot_fun_def
thf(fact_24_ex__in__conv,axiom,
! [A: $tType,A3: set @ A] :
( ( ? [X2: A] : ( member @ A @ X2 @ A3 ) )
= ( A3
!= ( bot_bot @ ( set @ A ) ) ) ) ).
% ex_in_conv
thf(fact_25_equals0I,axiom,
! [A: $tType,A3: set @ A] :
( ! [Y: A] :
~ ( member @ A @ Y @ A3 )
=> ( A3
= ( bot_bot @ ( set @ A ) ) ) ) ).
% equals0I
thf(fact_26_equals0D,axiom,
! [A: $tType,A3: set @ A,A2: A] :
( ( A3
= ( bot_bot @ ( set @ A ) ) )
=> ~ ( member @ A @ A2 @ A3 ) ) ).
% equals0D
thf(fact_27_emptyE,axiom,
! [A: $tType,A2: A] :
~ ( member @ A @ A2 @ ( bot_bot @ ( set @ A ) ) ) ).
% emptyE
thf(fact_28_mk__disjoint__insert,axiom,
! [A: $tType,A2: A,A3: set @ A] :
( ( member @ A @ A2 @ A3 )
=> ? [B4: set @ A] :
( ( A3
= ( insert @ A @ A2 @ B4 ) )
& ~ ( member @ A @ A2 @ B4 ) ) ) ).
% mk_disjoint_insert
thf(fact_29_insert__commute,axiom,
! [A: $tType,X: A,Y2: A,A3: set @ A] :
( ( insert @ A @ X @ ( insert @ A @ Y2 @ A3 ) )
= ( insert @ A @ Y2 @ ( insert @ A @ X @ A3 ) ) ) ).
% insert_commute
thf(fact_30_insert__eq__iff,axiom,
! [A: $tType,A2: A,A3: set @ A,B2: A,B: set @ A] :
( ~ ( member @ A @ A2 @ A3 )
=> ( ~ ( member @ A @ B2 @ B )
=> ( ( ( insert @ A @ A2 @ A3 )
= ( insert @ A @ B2 @ B ) )
= ( ( ( A2 = B2 )
=> ( A3 = B ) )
& ( ( A2 != B2 )
=> ? [C3: set @ A] :
( ( A3
= ( insert @ A @ B2 @ C3 ) )
& ~ ( member @ A @ B2 @ C3 )
& ( B
= ( insert @ A @ A2 @ C3 ) )
& ~ ( member @ A @ A2 @ C3 ) ) ) ) ) ) ) ).
% insert_eq_iff
thf(fact_31_insert__absorb,axiom,
! [A: $tType,A2: A,A3: set @ A] :
( ( member @ A @ A2 @ A3 )
=> ( ( insert @ A @ A2 @ A3 )
= A3 ) ) ).
% insert_absorb
thf(fact_32_insert__ident,axiom,
! [A: $tType,X: A,A3: set @ A,B: set @ A] :
( ~ ( member @ A @ X @ A3 )
=> ( ~ ( member @ A @ X @ B )
=> ( ( ( insert @ A @ X @ A3 )
= ( insert @ A @ X @ B ) )
= ( A3 = B ) ) ) ) ).
% insert_ident
thf(fact_33_Set_Oset__insert,axiom,
! [A: $tType,X: A,A3: set @ A] :
( ( member @ A @ X @ A3 )
=> ~ ! [B4: set @ A] :
( ( A3
= ( insert @ A @ X @ B4 ) )
=> ( member @ A @ X @ B4 ) ) ) ).
% Set.set_insert
thf(fact_34_insertI2,axiom,
! [A: $tType,A2: A,B: set @ A,B2: A] :
( ( member @ A @ A2 @ B )
=> ( member @ A @ A2 @ ( insert @ A @ B2 @ B ) ) ) ).
% insertI2
thf(fact_35_insertI1,axiom,
! [A: $tType,A2: A,B: set @ A] : ( member @ A @ A2 @ ( insert @ A @ A2 @ B ) ) ).
% insertI1
thf(fact_36_insertE,axiom,
! [A: $tType,A2: A,B2: A,A3: set @ A] :
( ( member @ A @ A2 @ ( insert @ A @ B2 @ A3 ) )
=> ( ( A2 != B2 )
=> ( member @ A @ A2 @ A3 ) ) ) ).
% insertE
thf(fact_37_singleton__inject,axiom,
! [A: $tType,A2: A,B2: A] :
( ( ( insert @ A @ A2 @ ( bot_bot @ ( set @ A ) ) )
= ( insert @ A @ B2 @ ( bot_bot @ ( set @ A ) ) ) )
=> ( A2 = B2 ) ) ).
% singleton_inject
thf(fact_38_insert__not__empty,axiom,
! [A: $tType,A2: A,A3: set @ A] :
( ( insert @ A @ A2 @ A3 )
!= ( bot_bot @ ( set @ A ) ) ) ).
% insert_not_empty
thf(fact_39_doubleton__eq__iff,axiom,
! [A: $tType,A2: A,B2: A,C: A,D2: A] :
( ( ( insert @ A @ A2 @ ( insert @ A @ B2 @ ( bot_bot @ ( set @ A ) ) ) )
= ( insert @ A @ C @ ( insert @ A @ D2 @ ( bot_bot @ ( set @ A ) ) ) ) )
= ( ( ( A2 = C )
& ( B2 = D2 ) )
| ( ( A2 = D2 )
& ( B2 = C ) ) ) ) ).
% doubleton_eq_iff
thf(fact_40_singleton__iff,axiom,
! [A: $tType,B2: A,A2: A] :
( ( member @ A @ B2 @ ( insert @ A @ A2 @ ( bot_bot @ ( set @ A ) ) ) )
= ( B2 = A2 ) ) ).
% singleton_iff
thf(fact_41_the__elem__eq,axiom,
! [A: $tType,X: A] :
( ( the_elem @ A @ ( insert @ A @ X @ ( bot_bot @ ( set @ A ) ) ) )
= X ) ).
% the_elem_eq
thf(fact_42_is__singletonI,axiom,
! [A: $tType,X: A] : ( is_singleton @ A @ ( insert @ A @ X @ ( bot_bot @ ( set @ A ) ) ) ) ).
% is_singletonI
thf(fact_43_a11,axiom,
ine @ p @ ( secrecy_kE @ key ) ).
% a11
thf(fact_44_TBtheorem3b,axiom,
! [P: secrecy_specID,M: set @ secrecy_chanID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ~ ( ineM @ P @ M @ E )
=> ( ~ ( ineM @ Q @ M @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ~ ( ineM @ PQ @ M @ E ) ) ) ) ) ).
% TBtheorem3b
thf(fact_45_mem__Collect__eq,axiom,
! [A: $tType,A2: A,P: A > $o] :
( ( member @ A @ A2 @ ( collect @ A @ P ) )
= ( P @ A2 ) ) ).
% mem_Collect_eq
thf(fact_46_Collect__mem__eq,axiom,
! [A: $tType,A3: set @ A] :
( ( collect @ A
@ ^ [X2: A] : ( member @ A @ X2 @ A3 ) )
= A3 ) ).
% Collect_mem_eq
thf(fact_47_Collect__cong,axiom,
! [A: $tType,P: A > $o,Q: A > $o] :
( ! [X3: A] :
( ( P @ X3 )
= ( Q @ X3 ) )
=> ( ( collect @ A @ P )
= ( collect @ A @ Q ) ) ) ).
% Collect_cong
thf(fact_48_ext,axiom,
! [B3: $tType,A: $tType,F: A > B3,G: A > B3] :
( ! [X3: A] :
( ( F @ X3 )
= ( G @ X3 ) )
=> ( F = G ) ) ).
% ext
thf(fact_49_TBtheorem1b,axiom,
! [PQ: secrecy_specID,M: set @ secrecy_chanID,E: secrecy_Expression,P: secrecy_specID,Q: secrecy_specID] :
( ( ineM @ PQ @ M @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( ineM @ P @ M @ E )
| ( ineM @ Q @ M @ E ) ) ) ) ) ).
% TBtheorem1b
thf(fact_50_a11ext,axiom,
( ( ine @ p @ ( secrecy_kE @ key ) )
| ( ine @ q @ ( secrecy_kE @ key ) ) ) ).
% a11ext
thf(fact_51_Set_Ois__empty__def,axiom,
! [A: $tType] :
( ( is_empty @ A )
= ( ^ [A4: set @ A] :
( A4
= ( bot_bot @ ( set @ A ) ) ) ) ) ).
% Set.is_empty_def
thf(fact_52_correctCompositionIn__prop1,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,X: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ X @ ( ins @ PQ ) )
=> ( ( member @ secrecy_chanID @ X @ ( ins @ P ) )
| ( member @ secrecy_chanID @ X @ ( ins @ Q ) ) ) ) ) ) ).
% correctCompositionIn_prop1
thf(fact_53_correctCompositionIn__L2,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
| ( member @ secrecy_chanID @ Ch @ ( ins @ Q ) ) ) ) ) ) ).
% correctCompositionIn_L2
thf(fact_54_is__singleton__def,axiom,
! [A: $tType] :
( ( is_singleton @ A )
= ( ^ [A4: set @ A] :
? [X2: A] :
( A4
= ( insert @ A @ X2 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% is_singleton_def
thf(fact_55_Expression_Oinject_I1_J,axiom,
! [X1: secrecy_Keys,Y1: secrecy_Keys] :
( ( ( secrecy_kE @ X1 )
= ( secrecy_kE @ Y1 ) )
= ( X1 = Y1 ) ) ).
% Expression.inject(1)
thf(fact_56_not__ine__ineM,axiom,
! [P: secrecy_specID,E: secrecy_Expression,M: set @ secrecy_chanID] :
( ~ ( ine @ P @ E )
=> ~ ( ineM @ P @ M @ E ) ) ).
% not_ine_ineM
thf(fact_57_ineM__ine,axiom,
! [P: secrecy_specID,M: set @ secrecy_chanID,E: secrecy_Expression] :
( ( ineM @ P @ M @ E )
=> ( ine @ P @ E ) ) ).
% ineM_ine
thf(fact_58_not__know__k__not__ine,axiom,
! [A3: secrecy_specID,M2: secrecy_Keys] :
( ~ ( knowle1437066798e_know @ A3 @ ( secrecy_kKS @ M2 ) )
=> ~ ( ine @ A3 @ ( secrecy_kE @ M2 ) ) ) ).
% not_know_k_not_ine
thf(fact_59_is__singleton__the__elem,axiom,
! [A: $tType] :
( ( is_singleton @ A )
= ( ^ [A4: set @ A] :
( A4
= ( insert @ A @ ( the_elem @ A @ A4 ) @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% is_singleton_the_elem
thf(fact_60_is__singletonI_H,axiom,
! [A: $tType,A3: set @ A] :
( ( A3
!= ( bot_bot @ ( set @ A ) ) )
=> ( ! [X3: A,Y: A] :
( ( member @ A @ X3 @ A3 )
=> ( ( member @ A @ Y @ A3 )
=> ( X3 = Y ) ) )
=> ( is_singleton @ A @ A3 ) ) ) ).
% is_singletonI'
thf(fact_61_TBtheorem1a,axiom,
! [PQ: secrecy_specID,E: secrecy_Expression,P: secrecy_specID,Q: secrecy_specID] :
( ( ine @ PQ @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( ine @ P @ E )
| ( ine @ Q @ E ) ) ) ) ) ).
% TBtheorem1a
thf(fact_62_TBtheorem3a,axiom,
! [P: secrecy_specID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ~ ( ine @ P @ E )
=> ( ~ ( ine @ Q @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ~ ( ine @ PQ @ E ) ) ) ) ) ).
% TBtheorem3a
thf(fact_63_is__singletonE,axiom,
! [A: $tType,A3: set @ A] :
( ( is_singleton @ A @ A3 )
=> ~ ! [X3: A] :
( A3
!= ( insert @ A @ X3 @ ( bot_bot @ ( set @ A ) ) ) ) ) ).
% is_singletonE
thf(fact_64_bot__empty__eq,axiom,
! [A: $tType] :
( ( bot_bot @ ( A > $o ) )
= ( ^ [X2: A] : ( member @ A @ X2 @ ( bot_bot @ ( set @ A ) ) ) ) ) ).
% bot_empty_eq
thf(fact_65_Collect__empty__eq__bot,axiom,
! [A: $tType,P: A > $o] :
( ( ( collect @ A @ P )
= ( bot_bot @ ( set @ A ) ) )
= ( P
= ( bot_bot @ ( A > $o ) ) ) ) ).
% Collect_empty_eq_bot
thf(fact_66_TBlemma3b,axiom,
! [P: secrecy_specID,M: set @ secrecy_chanID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID,Ch: secrecy_chanID] :
( ~ ( ineM @ P @ M @ E )
=> ( ~ ( ineM @ Q @ M @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ Ch @ M )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ PQ ) )
=> ~ ( exprChannel @ Ch @ E ) ) ) ) ) ) ) ).
% TBlemma3b
thf(fact_67_correctCompositionIn__L1,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ~ ( member @ secrecy_chanID @ Ch @ ( loc @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
=> ( member @ secrecy_chanID @ Ch @ ( ins @ PQ ) ) ) ) ) ) ).
% correctCompositionIn_L1
thf(fact_68_KS2Expression_Osimps_I1_J,axiom,
! [M2: secrecy_Keys] :
( ( secrec1016742679ession @ ( secrecy_kKS @ M2 ) )
= ( secrecy_kE @ M2 ) ) ).
% KS2Expression.simps(1)
thf(fact_69_TBtheorem4a__empty,axiom,
! [P: secrecy_specID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ( ine @ P @ E )
| ( ine @ Q @ E ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( ( loc @ PQ )
= ( bot_bot @ ( set @ secrecy_chanID ) ) )
=> ( ine @ PQ @ E ) ) ) ) ) ).
% TBtheorem4a_empty
thf(fact_70_know_Osimps_I1_J,axiom,
! [A3: secrecy_specID,M2: secrecy_Keys] :
( ( knowle1437066798e_know @ A3 @ ( secrecy_kKS @ M2 ) )
= ( ( ine @ A3 @ ( secrecy_kE @ M2 ) )
| ( member @ secrecy_KS @ ( secrecy_kKS @ M2 ) @ ( localSecrets @ A3 ) ) ) ) ).
% know.simps(1)
thf(fact_71_correctCompositionKS__exprChannel__k__P,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Key: secrecy_Keys,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
=> ( ( exprChannel @ Ch @ ( secrecy_kE @ Key ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ PQ ) )
& ( exprChannel @ Ch @ ( secrecy_kE @ Key ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_k_P
thf(fact_72_LocalSecretsComposition__neg__loc__k,axiom,
! [Key: secrecy_Keys,P: secrecy_specID,Ch: secrecy_chanID] :
( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( localSecrets @ P ) )
=> ( ( exprChannel @ Ch @ ( secrecy_kE @ Key ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( specKeysSecrets @ P ) )
=> ~ ( member @ secrecy_chanID @ Ch @ ( loc @ P ) ) ) ) ) ).
% LocalSecretsComposition_neg_loc_k
thf(fact_73_LocalSecretsComposition1,axiom,
! [Ls: secrecy_KS,P: secrecy_specID,PQ: secrecy_specID,Q: secrecy_specID] :
( ( member @ secrecy_KS @ Ls @ ( localSecrets @ P ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( member @ secrecy_KS @ Ls @ ( localSecrets @ PQ ) ) ) ) ).
% LocalSecretsComposition1
thf(fact_74_LocalSecretsComposition__exprChannel__k,axiom,
! [X: secrecy_chanID,Keys: secrecy_Keys,P: secrecy_specID,Q: secrecy_specID] :
( ( exprChannel @ X @ ( secrecy_kE @ Keys ) )
=> ( ~ ( ine @ P @ ( secrecy_kE @ Keys ) )
=> ( ~ ( ine @ Q @ ( secrecy_kE @ Keys ) )
=> ( ~ ( member @ secrecy_chanID @ X @ ( ins @ P ) )
& ~ ( member @ secrecy_chanID @ X @ ( ins @ Q ) ) ) ) ) ) ).
% LocalSecretsComposition_exprChannel_k
thf(fact_75_ine__def,axiom,
( ine
= ( ^ [SP: secrecy_specID,E2: secrecy_Expression] :
? [Ch2: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch2 @ ( ins @ SP ) )
& ( exprChannel @ Ch2 @ E2 ) ) ) ) ).
% ine_def
thf(fact_76_ine__ins__neg1,axiom,
! [P: secrecy_specID,M2: secrecy_Expression,X: secrecy_chanID] :
( ~ ( ine @ P @ M2 )
=> ( ( exprChannel @ X @ M2 )
=> ~ ( member @ secrecy_chanID @ X @ ( ins @ P ) ) ) ) ).
% ine_ins_neg1
thf(fact_77_ineM__L1,axiom,
! [Ch: secrecy_chanID,M: set @ secrecy_chanID,P: secrecy_specID,E: secrecy_Expression] :
( ( member @ secrecy_chanID @ Ch @ M )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
=> ( ( exprChannel @ Ch @ E )
=> ( ineM @ P @ M @ E ) ) ) ) ).
% ineM_L1
thf(fact_78_ineM__def,axiom,
( ineM
= ( ^ [SP: secrecy_specID,M3: set @ secrecy_chanID,E2: secrecy_Expression] :
? [Ch2: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch2 @ ( ins @ SP ) )
& ( member @ secrecy_chanID @ Ch2 @ M3 )
& ( exprChannel @ Ch2 @ E2 ) ) ) ) ).
% ineM_def
thf(fact_79_correctCompositionInLoc__exprChannel,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ch: secrecy_chanID,M2: secrecy_Expression] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
=> ( ( exprChannel @ Ch @ M2 )
=> ( ! [X3: secrecy_chanID] :
( ( member @ secrecy_chanID @ X3 @ ( ins @ PQ ) )
=> ~ ( exprChannel @ X3 @ M2 ) )
=> ( member @ secrecy_chanID @ Ch @ ( loc @ PQ ) ) ) ) ) ) ) ).
% correctCompositionInLoc_exprChannel
thf(fact_80_TBtheorem4a__PQ,axiom,
! [P: secrecy_specID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ( ine @ P @ E )
| ( ine @ Q @ E ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ? [Ch3: secrecy_chanID] :
( ( ( member @ secrecy_chanID @ Ch3 @ ( ins @ P ) )
| ( member @ secrecy_chanID @ Ch3 @ ( ins @ Q ) ) )
& ( exprChannel @ Ch3 @ E )
& ~ ( member @ secrecy_chanID @ Ch3 @ ( loc @ PQ ) ) )
=> ( ine @ PQ @ E ) ) ) ) ) ).
% TBtheorem4a_PQ
thf(fact_81_TBtheorem4a__P,axiom,
! [P: secrecy_specID,E: secrecy_Expression,PQ: secrecy_specID,Q: secrecy_specID] :
( ( ine @ P @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ? [Ch3: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch3 @ ( ins @ P ) )
& ( exprChannel @ Ch3 @ E )
& ~ ( member @ secrecy_chanID @ Ch3 @ ( loc @ PQ ) ) )
=> ( ine @ PQ @ E ) ) ) ) ) ).
% TBtheorem4a_P
thf(fact_82_TBtheorem4b__PQ,axiom,
! [P: secrecy_specID,M: set @ secrecy_chanID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ( ineM @ P @ M @ E )
| ( ineM @ Q @ M @ E ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ? [Ch3: secrecy_chanID] :
( ( ( member @ secrecy_chanID @ Ch3 @ ( ins @ P ) )
| ( member @ secrecy_chanID @ Ch3 @ ( ins @ Q ) ) )
& ( member @ secrecy_chanID @ Ch3 @ M )
& ( exprChannel @ Ch3 @ E )
& ~ ( member @ secrecy_chanID @ Ch3 @ ( loc @ PQ ) ) )
=> ( ineM @ PQ @ M @ E ) ) ) ) ) ).
% TBtheorem4b_PQ
thf(fact_83_TBtheorem4b__P,axiom,
! [P: secrecy_specID,M: set @ secrecy_chanID,E: secrecy_Expression,PQ: secrecy_specID,Q: secrecy_specID] :
( ( ineM @ P @ M @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ? [Ch3: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch3 @ ( ins @ Q ) )
& ( exprChannel @ Ch3 @ E )
& ~ ( member @ secrecy_chanID @ Ch3 @ ( loc @ PQ ) )
& ( member @ secrecy_chanID @ Ch3 @ M ) )
=> ( ineM @ PQ @ M @ E ) ) ) ) ) ).
% TBtheorem4b_P
thf(fact_84_correctCompositionKS__exprChannel__k__Qex,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Key: secrecy_Keys,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ Q ) )
=> ( ( exprChannel @ Ch @ ( secrecy_kE @ Key ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ? [Ch4: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch4 @ ( ins @ PQ ) )
& ( exprChannel @ Ch4 @ ( secrecy_kE @ Key ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_k_Qex
thf(fact_85_correctCompositionKS__exprChannel__k__Pex,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Key: secrecy_Keys,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
=> ( ( exprChannel @ Ch @ ( secrecy_kE @ Key ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ? [Ch4: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch4 @ ( ins @ PQ ) )
& ( exprChannel @ Ch4 @ ( secrecy_kE @ Key ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_k_Pex
thf(fact_86_correctCompositionKS__exprChannel__k__Q,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Key: secrecy_Keys,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ Q ) )
=> ( ( exprChannel @ Ch @ ( secrecy_kE @ Key ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ PQ ) )
& ( exprChannel @ Ch @ ( secrecy_kE @ Key ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_k_Q
thf(fact_87_TBtheorem4b__notP1,axiom,
! [P: secrecy_specID,M: set @ secrecy_chanID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ineM @ P @ M @ E )
=> ( ~ ( ineM @ Q @ M @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ? [Ch3: secrecy_chanID] :
( ( ine_ex1303305700Single @ P @ Ch3 @ E )
& ( member @ secrecy_chanID @ Ch3 @ M )
& ( member @ secrecy_chanID @ Ch3 @ ( loc @ PQ ) ) )
=> ~ ( ineM @ PQ @ M @ E ) ) ) ) ) ) ).
% TBtheorem4b_notP1
thf(fact_88_TBtheorem4a__notP1,axiom,
! [P: secrecy_specID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ine @ P @ E )
=> ( ~ ( ine @ Q @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ? [Ch3: secrecy_chanID] :
( ( ine_ex1303305700Single @ P @ Ch3 @ E )
& ( member @ secrecy_chanID @ Ch3 @ ( loc @ PQ ) ) )
=> ~ ( ine @ PQ @ E ) ) ) ) ) ) ).
% TBtheorem4a_notP1
thf(fact_89_LocalSecretsComposition__neg1__k,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Keys: secrecy_Keys] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ~ ( ine @ P @ ( secrecy_kE @ Keys ) )
=> ( ~ ( ine @ Q @ ( secrecy_kE @ Keys ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Keys ) @ ( localSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Keys ) @ ( localSecrets @ Q ) )
=> ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Keys ) @ ( localSecrets @ PQ ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_neg1_k
thf(fact_90_LocalSecretsComposition__ine2__k,axiom,
! [K: secrecy_Keys,PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID] :
( ( member @ secrecy_KS @ ( secrecy_kKS @ K ) @ ( localSecrets @ PQ ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ~ ( ine @ P @ ( secrecy_kE @ K ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ K ) @ ( localSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ K ) @ ( localSecrets @ Q ) )
=> ( ine @ Q @ ( secrecy_kE @ K ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_ine2_k
thf(fact_91_LocalSecretsComposition__ine1__k,axiom,
! [K: secrecy_Keys,PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID] :
( ( member @ secrecy_KS @ ( secrecy_kKS @ K ) @ ( localSecrets @ PQ ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ~ ( ine @ Q @ ( secrecy_kE @ K ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ K ) @ ( localSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ K ) @ ( localSecrets @ Q ) )
=> ( ine @ P @ ( secrecy_kE @ K ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_ine1_k
thf(fact_92_TBtheorem4b__notPQ,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,ChSetP: set @ secrecy_chanID,E: secrecy_Expression,ChSetQ: set @ secrecy_chanID,M: set @ secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( ine_exprChannelSet @ P @ ChSetP @ E )
=> ( ( ine_exprChannelSet @ Q @ ChSetQ @ E )
=> ( ! [X3: secrecy_chanID] :
( ( member @ secrecy_chanID @ X3 @ ChSetP )
=> ( member @ secrecy_chanID @ X3 @ ( loc @ PQ ) ) )
=> ( ! [X3: secrecy_chanID] :
( ( member @ secrecy_chanID @ X3 @ ChSetQ )
=> ( member @ secrecy_chanID @ X3 @ ( loc @ PQ ) ) )
=> ~ ( ineM @ PQ @ M @ E ) ) ) ) ) ) ) ).
% TBtheorem4b_notPQ
thf(fact_93_TBtheorem4b__notP2,axiom,
! [Q: secrecy_specID,M: set @ secrecy_chanID,E: secrecy_Expression,PQ: secrecy_specID,P: secrecy_specID,ChSet: set @ secrecy_chanID] :
( ~ ( ineM @ Q @ M @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( ine_exprChannelSet @ P @ ChSet @ E )
=> ( ! [X3: secrecy_chanID] :
( ( member @ secrecy_chanID @ X3 @ ChSet )
=> ( member @ secrecy_chanID @ X3 @ ( loc @ PQ ) ) )
=> ~ ( ineM @ PQ @ M @ E ) ) ) ) ) ) ).
% TBtheorem4b_notP2
thf(fact_94_ine__exprChannelSingle__Set,axiom,
! [P: secrecy_specID,Ch: secrecy_chanID,E: secrecy_Expression] :
( ( ine_ex1303305700Single @ P @ Ch @ E )
=> ( ine_exprChannelSet @ P @ ( insert @ secrecy_chanID @ Ch @ ( bot_bot @ ( set @ secrecy_chanID ) ) ) @ E ) ) ).
% ine_exprChannelSingle_Set
thf(fact_95_ine__exprChannelSet__Single,axiom,
! [P: secrecy_specID,Ch: secrecy_chanID,E: secrecy_Expression] :
( ( ine_exprChannelSet @ P @ ( insert @ secrecy_chanID @ Ch @ ( bot_bot @ ( set @ secrecy_chanID ) ) ) @ E )
=> ( ine_ex1303305700Single @ P @ Ch @ E ) ) ).
% ine_exprChannelSet_Single
thf(fact_96_ine__exprChannelSet__def,axiom,
( ine_exprChannelSet
= ( ^ [SP: secrecy_specID,ChSet2: set @ secrecy_chanID,E2: secrecy_Expression] :
( ! [X2: secrecy_chanID] :
( ( member @ secrecy_chanID @ X2 @ ChSet2 )
=> ( ( member @ secrecy_chanID @ X2 @ ( ins @ SP ) )
& ( exprChannel @ X2 @ E2 ) ) )
& ! [X2: secrecy_chanID] :
( ( ~ ( member @ secrecy_chanID @ X2 @ ChSet2 )
& ( member @ secrecy_chanID @ X2 @ ( ins @ SP ) ) )
=> ~ ( exprChannel @ X2 @ E2 ) ) ) ) ) ).
% ine_exprChannelSet_def
thf(fact_97_ine__empty__exprChannelSet,axiom,
! [P: secrecy_specID,ChSet: set @ secrecy_chanID,E: secrecy_Expression] :
( ( ine_exprChannelSet @ P @ ChSet @ E )
=> ( ( ChSet
= ( bot_bot @ ( set @ secrecy_chanID ) ) )
=> ~ ( ine @ P @ E ) ) ) ).
% ine_empty_exprChannelSet
thf(fact_98_ine__nonempty__exprChannelSet,axiom,
! [P: secrecy_specID,ChSet: set @ secrecy_chanID,E: secrecy_Expression] :
( ( ine_exprChannelSet @ P @ ChSet @ E )
=> ( ( ChSet
!= ( bot_bot @ ( set @ secrecy_chanID ) ) )
=> ( ine @ P @ E ) ) ) ).
% ine_nonempty_exprChannelSet
thf(fact_99_ine__exprChannelSingle__def,axiom,
( ine_ex1303305700Single
= ( ^ [SP: secrecy_specID,Ch2: secrecy_chanID,E2: secrecy_Expression] :
( ( member @ secrecy_chanID @ Ch2 @ ( ins @ SP ) )
& ( exprChannel @ Ch2 @ E2 )
& ! [X2: secrecy_chanID,T: nat] :
( ( ( member @ secrecy_chanID @ X2 @ ( ins @ SP ) )
& ( X2 != Ch2 ) )
=> ~ ( exprChannel @ X2 @ E2 ) ) ) ) ) ).
% ine_exprChannelSingle_def
thf(fact_100_TBtheorem4a__notP2,axiom,
! [Q: secrecy_specID,E: secrecy_Expression,PQ: secrecy_specID,P: secrecy_specID,ChSet: set @ secrecy_chanID] :
( ~ ( ine @ Q @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( ine_exprChannelSet @ P @ ChSet @ E )
=> ( ! [X3: secrecy_chanID] :
( ( member @ secrecy_chanID @ X3 @ ChSet )
=> ( member @ secrecy_chanID @ X3 @ ( loc @ PQ ) ) )
=> ~ ( ine @ PQ @ E ) ) ) ) ) ) ).
% TBtheorem4a_notP2
thf(fact_101_TBtheorem4a__notPQ,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,ChSetP: set @ secrecy_chanID,E: secrecy_Expression,ChSetQ: set @ secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( ine_exprChannelSet @ P @ ChSetP @ E )
=> ( ( ine_exprChannelSet @ Q @ ChSetQ @ E )
=> ( ! [X3: secrecy_chanID] :
( ( member @ secrecy_chanID @ X3 @ ChSetP )
=> ( member @ secrecy_chanID @ X3 @ ( loc @ PQ ) ) )
=> ( ! [X3: secrecy_chanID] :
( ( member @ secrecy_chanID @ X3 @ ChSetQ )
=> ( member @ secrecy_chanID @ X3 @ ( loc @ PQ ) ) )
=> ~ ( ine @ PQ @ E ) ) ) ) ) ) ) ).
% TBtheorem4a_notPQ
thf(fact_102_subcomponents__loc,axiom,
! [X: secrecy_specID] :
( ( correc965049635ionLoc @ X )
=> ( ( ( subcomponents @ X )
= ( bot_bot @ ( set @ secrecy_specID ) ) )
=> ( ( loc @ X )
= ( bot_bot @ ( set @ secrecy_chanID ) ) ) ) ) ).
% subcomponents_loc
thf(fact_103_LocalSecretsComposition__neg__k,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,M2: secrecy_Keys] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ M2 ) @ ( specKeysSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ M2 ) @ ( specKeysSecrets @ Q ) )
=> ( ~ ( ine @ P @ ( secrecy_kE @ M2 ) )
=> ( ~ ( ine @ Q @ ( secrecy_kE @ M2 ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ M2 ) @ ( sup_sup @ ( set @ secrecy_KS ) @ ( localSecrets @ P ) @ ( localSecrets @ Q ) ) )
=> ~ ( member @ secrecy_KS @ ( secrecy_kKS @ M2 ) @ ( localSecrets @ PQ ) ) ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_neg_k
thf(fact_104_correctCompositionKS__exprChannel__s__P,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Secret: secrecy_Secrets,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
=> ( ( exprChannel @ Ch @ ( secrecy_sE @ Secret ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ PQ ) )
& ( exprChannel @ Ch @ ( secrecy_sE @ Secret ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_s_P
thf(fact_105_correctCompositionKS__exprChannel__s__Q,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Secret: secrecy_Secrets,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ Q ) )
=> ( ( exprChannel @ Ch @ ( secrecy_sE @ Secret ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ PQ ) )
& ( exprChannel @ Ch @ ( secrecy_sE @ Secret ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_s_Q
thf(fact_106_correctCompositionKS__exprChannel__s__Pex,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Secret: secrecy_Secrets,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
=> ( ( exprChannel @ Ch @ ( secrecy_sE @ Secret ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ? [Ch4: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch4 @ ( ins @ PQ ) )
& ( exprChannel @ Ch4 @ ( secrecy_sE @ Secret ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_s_Pex
thf(fact_107_UnCI,axiom,
! [A: $tType,C: A,B: set @ A,A3: set @ A] :
( ( ~ ( member @ A @ C @ B )
=> ( member @ A @ C @ A3 ) )
=> ( member @ A @ C @ ( sup_sup @ ( set @ A ) @ A3 @ B ) ) ) ).
% UnCI
thf(fact_108_Un__iff,axiom,
! [A: $tType,C: A,A3: set @ A,B: set @ A] :
( ( member @ A @ C @ ( sup_sup @ ( set @ A ) @ A3 @ B ) )
= ( ( member @ A @ C @ A3 )
| ( member @ A @ C @ B ) ) ) ).
% Un_iff
thf(fact_109_KS_Oinject_I2_J,axiom,
! [X22: secrecy_Secrets,Y22: secrecy_Secrets] :
( ( ( secrecy_sKS @ X22 )
= ( secrecy_sKS @ Y22 ) )
= ( X22 = Y22 ) ) ).
% KS.inject(2)
thf(fact_110_Expression_Oinject_I2_J,axiom,
! [X22: secrecy_Secrets,Y22: secrecy_Secrets] :
( ( ( secrecy_sE @ X22 )
= ( secrecy_sE @ Y22 ) )
= ( X22 = Y22 ) ) ).
% Expression.inject(2)
thf(fact_111_Un__empty,axiom,
! [A: $tType,A3: set @ A,B: set @ A] :
( ( ( sup_sup @ ( set @ A ) @ A3 @ B )
= ( bot_bot @ ( set @ A ) ) )
= ( ( A3
= ( bot_bot @ ( set @ A ) ) )
& ( B
= ( bot_bot @ ( set @ A ) ) ) ) ) ).
% Un_empty
thf(fact_112_Un__insert__right,axiom,
! [A: $tType,A3: set @ A,A2: A,B: set @ A] :
( ( sup_sup @ ( set @ A ) @ A3 @ ( insert @ A @ A2 @ B ) )
= ( insert @ A @ A2 @ ( sup_sup @ ( set @ A ) @ A3 @ B ) ) ) ).
% Un_insert_right
thf(fact_113_Un__insert__left,axiom,
! [A: $tType,A2: A,B: set @ A,C4: set @ A] :
( ( sup_sup @ ( set @ A ) @ ( insert @ A @ A2 @ B ) @ C4 )
= ( insert @ A @ A2 @ ( sup_sup @ ( set @ A ) @ B @ C4 ) ) ) ).
% Un_insert_left
thf(fact_114_UnE,axiom,
! [A: $tType,C: A,A3: set @ A,B: set @ A] :
( ( member @ A @ C @ ( sup_sup @ ( set @ A ) @ A3 @ B ) )
=> ( ~ ( member @ A @ C @ A3 )
=> ( member @ A @ C @ B ) ) ) ).
% UnE
thf(fact_115_UnI1,axiom,
! [A: $tType,C: A,A3: set @ A,B: set @ A] :
( ( member @ A @ C @ A3 )
=> ( member @ A @ C @ ( sup_sup @ ( set @ A ) @ A3 @ B ) ) ) ).
% UnI1
thf(fact_116_UnI2,axiom,
! [A: $tType,C: A,B: set @ A,A3: set @ A] :
( ( member @ A @ C @ B )
=> ( member @ A @ C @ ( sup_sup @ ( set @ A ) @ A3 @ B ) ) ) ).
% UnI2
thf(fact_117_bex__Un,axiom,
! [A: $tType,A3: set @ A,B: set @ A,P: A > $o] :
( ( ? [X2: A] :
( ( member @ A @ X2 @ ( sup_sup @ ( set @ A ) @ A3 @ B ) )
& ( P @ X2 ) ) )
= ( ? [X2: A] :
( ( member @ A @ X2 @ A3 )
& ( P @ X2 ) )
| ? [X2: A] :
( ( member @ A @ X2 @ B )
& ( P @ X2 ) ) ) ) ).
% bex_Un
thf(fact_118_ball__Un,axiom,
! [A: $tType,A3: set @ A,B: set @ A,P: A > $o] :
( ( ! [X2: A] :
( ( member @ A @ X2 @ ( sup_sup @ ( set @ A ) @ A3 @ B ) )
=> ( P @ X2 ) ) )
= ( ! [X2: A] :
( ( member @ A @ X2 @ A3 )
=> ( P @ X2 ) )
& ! [X2: A] :
( ( member @ A @ X2 @ B )
=> ( P @ X2 ) ) ) ) ).
% ball_Un
thf(fact_119_Un__assoc,axiom,
! [A: $tType,A3: set @ A,B: set @ A,C4: set @ A] :
( ( sup_sup @ ( set @ A ) @ ( sup_sup @ ( set @ A ) @ A3 @ B ) @ C4 )
= ( sup_sup @ ( set @ A ) @ A3 @ ( sup_sup @ ( set @ A ) @ B @ C4 ) ) ) ).
% Un_assoc
thf(fact_120_Un__absorb,axiom,
! [A: $tType,A3: set @ A] :
( ( sup_sup @ ( set @ A ) @ A3 @ A3 )
= A3 ) ).
% Un_absorb
thf(fact_121_Un__commute,axiom,
! [A: $tType] :
( ( sup_sup @ ( set @ A ) )
= ( ^ [A4: set @ A,B5: set @ A] : ( sup_sup @ ( set @ A ) @ B5 @ A4 ) ) ) ).
% Un_commute
thf(fact_122_Un__left__absorb,axiom,
! [A: $tType,A3: set @ A,B: set @ A] :
( ( sup_sup @ ( set @ A ) @ A3 @ ( sup_sup @ ( set @ A ) @ A3 @ B ) )
= ( sup_sup @ ( set @ A ) @ A3 @ B ) ) ).
% Un_left_absorb
thf(fact_123_Un__left__commute,axiom,
! [A: $tType,A3: set @ A,B: set @ A,C4: set @ A] :
( ( sup_sup @ ( set @ A ) @ A3 @ ( sup_sup @ ( set @ A ) @ B @ C4 ) )
= ( sup_sup @ ( set @ A ) @ B @ ( sup_sup @ ( set @ A ) @ A3 @ C4 ) ) ) ).
% Un_left_commute
thf(fact_124_KS2Expression_Osimps_I2_J,axiom,
! [M2: secrecy_Secrets] :
( ( secrec1016742679ession @ ( secrecy_sKS @ M2 ) )
= ( secrecy_sE @ M2 ) ) ).
% KS2Expression.simps(2)
thf(fact_125_Un__empty__right,axiom,
! [A: $tType,A3: set @ A] :
( ( sup_sup @ ( set @ A ) @ A3 @ ( bot_bot @ ( set @ A ) ) )
= A3 ) ).
% Un_empty_right
thf(fact_126_Un__empty__left,axiom,
! [A: $tType,B: set @ A] :
( ( sup_sup @ ( set @ A ) @ ( bot_bot @ ( set @ A ) ) @ B )
= B ) ).
% Un_empty_left
thf(fact_127_not__know__s__not__ine,axiom,
! [A3: secrecy_specID,M2: secrecy_Secrets] :
( ~ ( knowle1437066798e_know @ A3 @ ( secrecy_sKS @ M2 ) )
=> ~ ( ine @ A3 @ ( secrecy_sE @ M2 ) ) ) ).
% not_know_s_not_ine
thf(fact_128_KS_Oexhaust,axiom,
! [Y2: secrecy_KS] :
( ! [X12: secrecy_Keys] :
( Y2
!= ( secrecy_kKS @ X12 ) )
=> ~ ! [X23: secrecy_Secrets] :
( Y2
!= ( secrecy_sKS @ X23 ) ) ) ).
% KS.exhaust
thf(fact_129_KS_Oinduct,axiom,
! [P: secrecy_KS > $o,KS: secrecy_KS] :
( ! [X3: secrecy_Keys] : ( P @ ( secrecy_kKS @ X3 ) )
=> ( ! [X3: secrecy_Secrets] : ( P @ ( secrecy_sKS @ X3 ) )
=> ( P @ KS ) ) ) ).
% KS.induct
thf(fact_130_KS_Odistinct_I1_J,axiom,
! [X1: secrecy_Keys,X22: secrecy_Secrets] :
( ( secrecy_kKS @ X1 )
!= ( secrecy_sKS @ X22 ) ) ).
% KS.distinct(1)
thf(fact_131_Expression_Odistinct_I1_J,axiom,
! [X1: secrecy_Keys,X22: secrecy_Secrets] :
( ( secrecy_kE @ X1 )
!= ( secrecy_sE @ X22 ) ) ).
% Expression.distinct(1)
thf(fact_132_know_Osimps_I2_J,axiom,
! [A3: secrecy_specID,M2: secrecy_Secrets] :
( ( knowle1437066798e_know @ A3 @ ( secrecy_sKS @ M2 ) )
= ( ( ine @ A3 @ ( secrecy_sE @ M2 ) )
| ( member @ secrecy_KS @ ( secrecy_sKS @ M2 ) @ ( localSecrets @ A3 ) ) ) ) ).
% know.simps(2)
thf(fact_133_singleton__Un__iff,axiom,
! [A: $tType,X: A,A3: set @ A,B: set @ A] :
( ( ( insert @ A @ X @ ( bot_bot @ ( set @ A ) ) )
= ( sup_sup @ ( set @ A ) @ A3 @ B ) )
= ( ( ( A3
= ( bot_bot @ ( set @ A ) ) )
& ( B
= ( insert @ A @ X @ ( bot_bot @ ( set @ A ) ) ) ) )
| ( ( A3
= ( insert @ A @ X @ ( bot_bot @ ( set @ A ) ) ) )
& ( B
= ( bot_bot @ ( set @ A ) ) ) )
| ( ( A3
= ( insert @ A @ X @ ( bot_bot @ ( set @ A ) ) ) )
& ( B
= ( insert @ A @ X @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ) ).
% singleton_Un_iff
thf(fact_134_Un__singleton__iff,axiom,
! [A: $tType,A3: set @ A,B: set @ A,X: A] :
( ( ( sup_sup @ ( set @ A ) @ A3 @ B )
= ( insert @ A @ X @ ( bot_bot @ ( set @ A ) ) ) )
= ( ( ( A3
= ( bot_bot @ ( set @ A ) ) )
& ( B
= ( insert @ A @ X @ ( bot_bot @ ( set @ A ) ) ) ) )
| ( ( A3
= ( insert @ A @ X @ ( bot_bot @ ( set @ A ) ) ) )
& ( B
= ( bot_bot @ ( set @ A ) ) ) )
| ( ( A3
= ( insert @ A @ X @ ( bot_bot @ ( set @ A ) ) ) )
& ( B
= ( insert @ A @ X @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ) ).
% Un_singleton_iff
thf(fact_135_insert__is__Un,axiom,
! [A: $tType] :
( ( insert @ A )
= ( ^ [A5: A] : ( sup_sup @ ( set @ A ) @ ( insert @ A @ A5 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% insert_is_Un
thf(fact_136_LocalSecretsComposition__neg__loc__s,axiom,
! [Secret: secrecy_Secrets,P: secrecy_specID,Ch: secrecy_chanID] :
( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( localSecrets @ P ) )
=> ( ( exprChannel @ Ch @ ( secrecy_sE @ Secret ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( specKeysSecrets @ P ) )
=> ~ ( member @ secrecy_chanID @ Ch @ ( loc @ P ) ) ) ) ) ).
% LocalSecretsComposition_neg_loc_s
thf(fact_137_LocalSecretsComposition__neg__s,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,M2: secrecy_Secrets] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ M2 ) @ ( specKeysSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ M2 ) @ ( specKeysSecrets @ Q ) )
=> ( ~ ( ine @ P @ ( secrecy_sE @ M2 ) )
=> ( ~ ( ine @ Q @ ( secrecy_sE @ M2 ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ M2 ) @ ( sup_sup @ ( set @ secrecy_KS ) @ ( localSecrets @ P ) @ ( localSecrets @ Q ) ) )
=> ~ ( member @ secrecy_KS @ ( secrecy_sKS @ M2 ) @ ( localSecrets @ PQ ) ) ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_neg_s
thf(fact_138_LocalSecretsComposition__ine1__s,axiom,
! [S: secrecy_Secrets,PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID] :
( ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ PQ ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ~ ( ine @ Q @ ( secrecy_sE @ S ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ Q ) )
=> ( ine @ P @ ( secrecy_sE @ S ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_ine1_s
thf(fact_139_LocalSecretsComposition__ine2__s,axiom,
! [S: secrecy_Secrets,PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID] :
( ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ PQ ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ~ ( ine @ P @ ( secrecy_sE @ S ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ Q ) )
=> ( ine @ Q @ ( secrecy_sE @ S ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_ine2_s
thf(fact_140_LocalSecretsComposition__neg1__s,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,S: secrecy_Secrets] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ~ ( ine @ P @ ( secrecy_sE @ S ) )
=> ( ~ ( ine @ Q @ ( secrecy_sE @ S ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ Q ) )
=> ~ ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ PQ ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_neg1_s
thf(fact_141_LocalSecretsComposition__exprChannel__s,axiom,
! [X: secrecy_chanID,Secrets: secrecy_Secrets,P: secrecy_specID,Q: secrecy_specID] :
( ( exprChannel @ X @ ( secrecy_sE @ Secrets ) )
=> ( ~ ( ine @ P @ ( secrecy_sE @ Secrets ) )
=> ( ~ ( ine @ Q @ ( secrecy_sE @ Secrets ) )
=> ( ~ ( member @ secrecy_chanID @ X @ ( ins @ P ) )
& ~ ( member @ secrecy_chanID @ X @ ( ins @ Q ) ) ) ) ) ) ).
% LocalSecretsComposition_exprChannel_s
thf(fact_142_LocalSecretsComposition__neg,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ks: secrecy_KS] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ Q ) )
=> ( ! [M4: secrecy_Keys] :
( ( Ks
= ( secrecy_kKS @ M4 ) )
=> ( ~ ( ine @ P @ ( secrecy_kE @ M4 ) )
& ~ ( ine @ Q @ ( secrecy_kE @ M4 ) ) ) )
=> ( ! [M4: secrecy_Secrets] :
( ( Ks
= ( secrecy_sKS @ M4 ) )
=> ( ~ ( ine @ P @ ( secrecy_sE @ M4 ) )
& ~ ( ine @ Q @ ( secrecy_sE @ M4 ) ) ) )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( sup_sup @ ( set @ secrecy_KS ) @ ( localSecrets @ P ) @ ( localSecrets @ Q ) ) )
=> ~ ( member @ secrecy_KS @ Ks @ ( localSecrets @ PQ ) ) ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_neg
thf(fact_143_LocalSecretsComposition__neg1,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ks: secrecy_KS] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ! [M4: secrecy_Keys] :
( ( Ks
= ( secrecy_kKS @ M4 ) )
=> ( ~ ( ine @ P @ ( secrecy_kE @ M4 ) )
& ~ ( ine @ Q @ ( secrecy_kE @ M4 ) ) ) )
=> ( ! [M4: secrecy_Secrets] :
( ( Ks
= ( secrecy_sKS @ M4 ) )
=> ( ~ ( ine @ P @ ( secrecy_sE @ M4 ) )
& ~ ( ine @ Q @ ( secrecy_sE @ M4 ) ) ) )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( localSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( localSecrets @ Q ) )
=> ~ ( member @ secrecy_KS @ Ks @ ( localSecrets @ PQ ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_neg1
thf(fact_144_correctCompositionKS__exprChannel__s__Qex,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Secret: secrecy_Secrets,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ Q ) )
=> ( ( exprChannel @ Ch @ ( secrecy_sE @ Secret ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ? [Ch4: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch4 @ ( ins @ PQ ) )
& ( exprChannel @ Ch4 @ ( secrecy_sE @ Secret ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_s_Qex
thf(fact_145_sup__bot_Oright__neutral,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [A2: A] :
( ( sup_sup @ A @ A2 @ ( bot_bot @ A ) )
= A2 ) ) ).
% sup_bot.right_neutral
thf(fact_146_sup__bot_Oneutr__eq__iff,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [A2: A,B2: A] :
( ( ( bot_bot @ A )
= ( sup_sup @ A @ A2 @ B2 ) )
= ( ( A2
= ( bot_bot @ A ) )
& ( B2
= ( bot_bot @ A ) ) ) ) ) ).
% sup_bot.neutr_eq_iff
thf(fact_147_sup__bot_Oleft__neutral,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [A2: A] :
( ( sup_sup @ A @ ( bot_bot @ A ) @ A2 )
= A2 ) ) ).
% sup_bot.left_neutral
thf(fact_148_sup__bot_Oeq__neutr__iff,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [A2: A,B2: A] :
( ( ( sup_sup @ A @ A2 @ B2 )
= ( bot_bot @ A ) )
= ( ( A2
= ( bot_bot @ A ) )
& ( B2
= ( bot_bot @ A ) ) ) ) ) ).
% sup_bot.eq_neutr_iff
thf(fact_149_sup__eq__bot__iff,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [X: A,Y2: A] :
( ( ( sup_sup @ A @ X @ Y2 )
= ( bot_bot @ A ) )
= ( ( X
= ( bot_bot @ A ) )
& ( Y2
= ( bot_bot @ A ) ) ) ) ) ).
% sup_eq_bot_iff
thf(fact_150_sup__bot__left,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [X: A] :
( ( sup_sup @ A @ ( bot_bot @ A ) @ X )
= X ) ) ).
% sup_bot_left
thf(fact_151_sup__bot__right,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [X: A] :
( ( sup_sup @ A @ X @ ( bot_bot @ A ) )
= X ) ) ).
% sup_bot_right
thf(fact_152_bot__eq__sup__iff,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [X: A,Y2: A] :
( ( ( bot_bot @ A )
= ( sup_sup @ A @ X @ Y2 ) )
= ( ( X
= ( bot_bot @ A ) )
& ( Y2
= ( bot_bot @ A ) ) ) ) ) ).
% bot_eq_sup_iff
thf(fact_153_ineM__Un1,axiom,
! [P: secrecy_specID,A3: set @ secrecy_chanID,E: secrecy_Expression,B: set @ secrecy_chanID] :
( ( ineM @ P @ A3 @ E )
=> ( ineM @ P @ ( sup_sup @ ( set @ secrecy_chanID ) @ A3 @ B ) @ E ) ) ).
% ineM_Un1
thf(fact_154_locStream__def,axiom,
( locStream
= ( ^ [X2: secrecy_specID] :
( ^ [Y3: set @ secrecy_chanID,Z: set @ secrecy_chanID] : ( Y3 = Z )
@ ( loc @ X2 ) ) ) ) ).
% locStream_def
thf(fact_155_inStream__def,axiom,
( inStream
= ( ^ [X2: secrecy_specID] :
( ^ [Y3: set @ secrecy_chanID,Z: set @ secrecy_chanID] : ( Y3 = Z )
@ ( ins @ X2 ) ) ) ) ).
% inStream_def
thf(fact_156_notSpecKeysSecretsExpr__def,axiom,
( notSpe1586871396tsExpr
= ( ^ [P2: secrecy_specID,E3: list @ secrecy_Expression] :
( ! [X2: secrecy_Keys] :
( ( mem @ secrecy_Expression @ ( secrecy_kE @ X2 ) @ E3 )
=> ~ ( member @ secrecy_KS @ ( secrecy_kKS @ X2 ) @ ( specKeysSecrets @ P2 ) ) )
& ! [Y4: secrecy_Secrets] :
( ( mem @ secrecy_Expression @ ( secrecy_sE @ Y4 ) @ E3 )
=> ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Y4 ) @ ( specKeysSecrets @ P2 ) ) ) ) ) ) ).
% notSpecKeysSecretsExpr_def
thf(fact_157_TBtheorem5a__empty,axiom,
! [P: secrecy_specID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ( eout @ P @ E )
| ( eout @ Q @ E ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( ( loc @ PQ )
= ( bot_bot @ ( set @ secrecy_chanID ) ) )
=> ( eout @ PQ @ E ) ) ) ) ) ).
% TBtheorem5a_empty
thf(fact_158_correctCompositionKS__subcomp4,axiom,
! [C4: secrecy_specID,X: secrecy_specID,Xa: secrecy_Secrets] :
( ( correctCompositionKS @ C4 )
=> ( ( member @ secrecy_specID @ X @ ( subcomponents @ C4 ) )
=> ( ( member @ secrecy_Secrets @ Xa @ ( specSecrets @ X ) )
=> ( member @ secrecy_Secrets @ Xa @ ( specSecrets @ C4 ) ) ) ) ) ).
% correctCompositionKS_subcomp4
thf(fact_159_correctCompositionKS__subcomp3,axiom,
! [C4: secrecy_specID,X: secrecy_specID,Xa: secrecy_Keys] :
( ( correctCompositionKS @ C4 )
=> ( ( member @ secrecy_specID @ X @ ( subcomponents @ C4 ) )
=> ( ( member @ secrecy_Keys @ Xa @ ( specKeys @ X ) )
=> ( member @ secrecy_Keys @ Xa @ ( specKeys @ C4 ) ) ) ) ) ).
% correctCompositionKS_subcomp3
thf(fact_160_TBtheorem2a,axiom,
! [PQ: secrecy_specID,E: secrecy_Expression,P: secrecy_specID,Q: secrecy_specID] :
( ( eout @ PQ @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( eout @ P @ E )
| ( eout @ Q @ E ) ) ) ) ) ).
% TBtheorem2a
thf(fact_161_correctCompositionKS__subcomp1,axiom,
! [C4: secrecy_specID,X: secrecy_specID,Xa: secrecy_Keys] :
( ( correctCompositionKS @ C4 )
=> ( ( member @ secrecy_specID @ X @ ( subcomponents @ C4 ) )
=> ( ( member @ secrecy_Keys @ Xa @ ( specKeys @ C4 ) )
=> ? [X3: secrecy_specID] :
( ( member @ secrecy_specID @ X3 @ ( subcomponents @ C4 ) )
& ( member @ secrecy_Keys @ Xa @ ( specKeys @ X3 ) ) ) ) ) ) ).
% correctCompositionKS_subcomp1
thf(fact_162_correctCompositionKS__subcomp2,axiom,
! [C4: secrecy_specID,X: secrecy_specID,Xa: secrecy_Secrets] :
( ( correctCompositionKS @ C4 )
=> ( ( member @ secrecy_specID @ X @ ( subcomponents @ C4 ) )
=> ( ( member @ secrecy_Secrets @ Xa @ ( specSecrets @ C4 ) )
=> ? [X3: secrecy_specID] :
( ( member @ secrecy_specID @ X3 @ ( subcomponents @ C4 ) )
& ( member @ secrecy_Secrets @ Xa @ ( specSecrets @ X3 ) ) ) ) ) ) ).
% correctCompositionKS_subcomp2
thf(fact_163_TBtheorem5a__notP1,axiom,
! [P: secrecy_specID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( eout @ P @ E )
=> ( ~ ( eout @ Q @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ? [Ch3: secrecy_chanID] :
( ( out_ex985543062Single @ P @ Ch3 @ E )
& ( member @ secrecy_chanID @ Ch3 @ ( loc @ PQ ) ) )
=> ~ ( eout @ PQ @ E ) ) ) ) ) ) ).
% TBtheorem5a_notP1
thf(fact_164_TBtheorem5a__notP2,axiom,
! [Q: secrecy_specID,E: secrecy_Expression,PQ: secrecy_specID,P: secrecy_specID,ChSet: set @ secrecy_chanID] :
( ~ ( eout @ Q @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( out_exprChannelSet @ P @ ChSet @ E )
=> ( ! [X3: secrecy_chanID] :
( ( member @ secrecy_chanID @ X3 @ ChSet )
=> ( member @ secrecy_chanID @ X3 @ ( loc @ PQ ) ) )
=> ~ ( eout @ PQ @ E ) ) ) ) ) ) ).
% TBtheorem5a_notP2
thf(fact_165_TBtheorem5a__notPQ,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,ChSetP: set @ secrecy_chanID,E: secrecy_Expression,ChSetQ: set @ secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( out_exprChannelSet @ P @ ChSetP @ E )
=> ( ( out_exprChannelSet @ Q @ ChSetQ @ E )
=> ( ! [X3: secrecy_chanID] :
( ( member @ secrecy_chanID @ X3 @ ChSetP )
=> ( member @ secrecy_chanID @ X3 @ ( loc @ PQ ) ) )
=> ( ! [X3: secrecy_chanID] :
( ( member @ secrecy_chanID @ X3 @ ChSetQ )
=> ( member @ secrecy_chanID @ X3 @ ( loc @ PQ ) ) )
=> ~ ( eout @ PQ @ E ) ) ) ) ) ) ) ).
% TBtheorem5a_notPQ
thf(fact_166_out__exprChannelSet__Single,axiom,
! [P: secrecy_specID,Ch: secrecy_chanID,E: secrecy_Expression] :
( ( out_exprChannelSet @ P @ ( insert @ secrecy_chanID @ Ch @ ( bot_bot @ ( set @ secrecy_chanID ) ) ) @ E )
=> ( out_ex985543062Single @ P @ Ch @ E ) ) ).
% out_exprChannelSet_Single
thf(fact_167_out__exprChannelSingle__Set,axiom,
! [P: secrecy_specID,Ch: secrecy_chanID,E: secrecy_Expression] :
( ( out_ex985543062Single @ P @ Ch @ E )
=> ( out_exprChannelSet @ P @ ( insert @ secrecy_chanID @ Ch @ ( bot_bot @ ( set @ secrecy_chanID ) ) ) @ E ) ) ).
% out_exprChannelSingle_Set
thf(fact_168_TBtheorem5b__notPQ,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,ChSetP: set @ secrecy_chanID,E: secrecy_Expression,ChSetQ: set @ secrecy_chanID,M: set @ secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( out_exprChannelSet @ P @ ChSetP @ E )
=> ( ( out_exprChannelSet @ Q @ ChSetQ @ E )
=> ( ( M
= ( sup_sup @ ( set @ secrecy_chanID ) @ ChSetP @ ChSetQ ) )
=> ( ! [X3: secrecy_chanID] :
( ( member @ secrecy_chanID @ X3 @ ChSetP )
=> ( member @ secrecy_chanID @ X3 @ ( loc @ PQ ) ) )
=> ( ! [X3: secrecy_chanID] :
( ( member @ secrecy_chanID @ X3 @ ChSetQ )
=> ( member @ secrecy_chanID @ X3 @ ( loc @ PQ ) ) )
=> ~ ( eoutM @ PQ @ M @ E ) ) ) ) ) ) ) ) ).
% TBtheorem5b_notPQ
thf(fact_169_eout__know__s,axiom,
! [C4: secrecy_specID,M2: secrecy_Secrets] :
( ( knowle1667810483orrect @ C4 @ ( secrecy_sKS @ M2 ) )
= ( ( eout @ C4 @ ( secrecy_sE @ M2 ) )
= ( ( member @ secrecy_Secrets @ M2 @ ( specSecrets @ C4 ) )
| ( knowle1437066798e_know @ C4 @ ( secrecy_sKS @ M2 ) ) ) ) ) ).
% eout_know_s
thf(fact_170_not__know__s__not__eout,axiom,
! [M2: secrecy_Secrets,A3: secrecy_specID] :
( ~ ( member @ secrecy_Secrets @ M2 @ ( specSecrets @ A3 ) )
=> ( ~ ( knowle1437066798e_know @ A3 @ ( secrecy_sKS @ M2 ) )
=> ( ( knowle1667810483orrect @ A3 @ ( secrecy_sKS @ M2 ) )
=> ~ ( eout @ A3 @ ( secrecy_sE @ M2 ) ) ) ) ) ).
% not_know_s_not_eout
thf(fact_171_not__eout__eoutM,axiom,
! [P: secrecy_specID,E: secrecy_Expression,M: set @ secrecy_chanID] :
( ~ ( eout @ P @ E )
=> ~ ( eoutM @ P @ M @ E ) ) ).
% not_eout_eoutM
thf(fact_172_eoutM__eout,axiom,
! [P: secrecy_specID,M: set @ secrecy_chanID,E: secrecy_Expression] :
( ( eoutM @ P @ M @ E )
=> ( eout @ P @ E ) ) ).
% eoutM_eout
thf(fact_173_TBtheorem2b,axiom,
! [PQ: secrecy_specID,M: set @ secrecy_chanID,E: secrecy_Expression,P: secrecy_specID,Q: secrecy_specID] :
( ( eoutM @ PQ @ M @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( eoutM @ P @ M @ E )
| ( eoutM @ Q @ M @ E ) ) ) ) ) ).
% TBtheorem2b
thf(fact_174_TBtheorem5b__notP2,axiom,
! [Q: secrecy_specID,M: set @ secrecy_chanID,E: secrecy_Expression,PQ: secrecy_specID,P: secrecy_specID,ChSet: set @ secrecy_chanID] :
( ~ ( eoutM @ Q @ M @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( out_exprChannelSet @ P @ ChSet @ E )
=> ( ! [X3: secrecy_chanID] :
( ( member @ secrecy_chanID @ X3 @ ChSet )
=> ( member @ secrecy_chanID @ X3 @ ( loc @ PQ ) ) )
=> ~ ( eoutM @ PQ @ M @ E ) ) ) ) ) ) ).
% TBtheorem5b_notP2
thf(fact_175_TBtheorem5b__notP1,axiom,
! [P: secrecy_specID,M: set @ secrecy_chanID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( eoutM @ P @ M @ E )
=> ( ~ ( eoutM @ Q @ M @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ? [Ch3: secrecy_chanID] :
( ( out_ex985543062Single @ P @ Ch3 @ E )
& ( member @ secrecy_chanID @ Ch3 @ M )
& ( member @ secrecy_chanID @ Ch3 @ ( loc @ PQ ) ) )
=> ~ ( eoutM @ PQ @ M @ E ) ) ) ) ) ) ).
% TBtheorem5b_notP1
thf(fact_176_eout__know__k,axiom,
! [C4: secrecy_specID,M2: secrecy_Keys] :
( ( knowle1667810483orrect @ C4 @ ( secrecy_kKS @ M2 ) )
= ( ( eout @ C4 @ ( secrecy_kE @ M2 ) )
= ( ( member @ secrecy_Keys @ M2 @ ( specKeys @ C4 ) )
| ( knowle1437066798e_know @ C4 @ ( secrecy_kKS @ M2 ) ) ) ) ) ).
% eout_know_k
thf(fact_177_not__know__k__not__eout,axiom,
! [M2: secrecy_Keys,A3: secrecy_specID] :
( ~ ( member @ secrecy_Keys @ M2 @ ( specKeys @ A3 ) )
=> ( ~ ( knowle1437066798e_know @ A3 @ ( secrecy_kKS @ M2 ) )
=> ( ( knowle1667810483orrect @ A3 @ ( secrecy_kKS @ M2 ) )
=> ~ ( eout @ A3 @ ( secrecy_kE @ M2 ) ) ) ) ) ).
% not_know_k_not_eout
thf(fact_178_eoutKnowCorrect__L1k,axiom,
! [C4: secrecy_specID,M2: secrecy_Keys] :
( ( knowle1667810483orrect @ C4 @ ( secrecy_kKS @ M2 ) )
=> ( ( eout @ C4 @ ( secrecy_kE @ M2 ) )
=> ( ( member @ secrecy_Keys @ M2 @ ( specKeys @ C4 ) )
| ( knowle1437066798e_know @ C4 @ ( secrecy_kKS @ M2 ) ) ) ) ) ).
% eoutKnowCorrect_L1k
thf(fact_179_eout__know__nonKS__k,axiom,
! [M2: secrecy_Keys,A3: secrecy_specID] :
( ~ ( member @ secrecy_Keys @ M2 @ ( specKeys @ A3 ) )
=> ( ( eout @ A3 @ ( secrecy_kE @ M2 ) )
=> ( ( knowle1667810483orrect @ A3 @ ( secrecy_kKS @ M2 ) )
=> ( knowle1437066798e_know @ A3 @ ( secrecy_kKS @ M2 ) ) ) ) ) ).
% eout_know_nonKS_k
thf(fact_180_eout__know__nonKS__s,axiom,
! [M2: secrecy_Secrets,A3: secrecy_specID] :
( ~ ( member @ secrecy_Secrets @ M2 @ ( specSecrets @ A3 ) )
=> ( ( eout @ A3 @ ( secrecy_sE @ M2 ) )
=> ( ( knowle1667810483orrect @ A3 @ ( secrecy_sKS @ M2 ) )
=> ( knowle1437066798e_know @ A3 @ ( secrecy_sKS @ M2 ) ) ) ) ) ).
% eout_know_nonKS_s
thf(fact_181_eoutKnowCorrect__L1s,axiom,
! [C4: secrecy_specID,M2: secrecy_Secrets] :
( ( knowle1667810483orrect @ C4 @ ( secrecy_sKS @ M2 ) )
=> ( ( eout @ C4 @ ( secrecy_sE @ M2 ) )
=> ( ( member @ secrecy_Secrets @ M2 @ ( specSecrets @ C4 ) )
| ( knowle1437066798e_know @ C4 @ ( secrecy_sKS @ M2 ) ) ) ) ) ).
% eoutKnowCorrect_L1s
thf(fact_182_TBtheorem5b__PQ,axiom,
! [P: secrecy_specID,M: set @ secrecy_chanID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ( eoutM @ P @ M @ E )
| ( eoutM @ Q @ M @ E ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ? [Ch3: secrecy_chanID] :
( ( ( member @ secrecy_chanID @ Ch3 @ ( out @ P ) )
| ( member @ secrecy_chanID @ Ch3 @ ( out @ Q ) ) )
& ( member @ secrecy_chanID @ Ch3 @ M )
& ( exprChannel @ Ch3 @ E )
& ~ ( member @ secrecy_chanID @ Ch3 @ ( loc @ PQ ) ) )
=> ( eoutM @ PQ @ M @ E ) ) ) ) ) ).
% TBtheorem5b_PQ
thf(fact_183_TBtheore54b__P,axiom,
! [P: secrecy_specID,M: set @ secrecy_chanID,E: secrecy_Expression,PQ: secrecy_specID,Q: secrecy_specID] :
( ( eoutM @ P @ M @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ? [Ch3: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch3 @ ( out @ Q ) )
& ( exprChannel @ Ch3 @ E )
& ~ ( member @ secrecy_chanID @ Ch3 @ ( loc @ PQ ) )
& ( member @ secrecy_chanID @ Ch3 @ M ) )
=> ( eoutM @ PQ @ M @ E ) ) ) ) ) ).
% TBtheore54b_P
thf(fact_184_TBtheorem5a__PQ,axiom,
! [P: secrecy_specID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ( eout @ P @ E )
| ( eout @ Q @ E ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ? [Ch3: secrecy_chanID] :
( ( ( member @ secrecy_chanID @ Ch3 @ ( out @ P ) )
| ( member @ secrecy_chanID @ Ch3 @ ( out @ Q ) ) )
& ( exprChannel @ Ch3 @ E )
& ~ ( member @ secrecy_chanID @ Ch3 @ ( loc @ PQ ) ) )
=> ( eout @ PQ @ E ) ) ) ) ) ).
% TBtheorem5a_PQ
thf(fact_185_eout__def,axiom,
( eout
= ( ^ [SP: secrecy_specID,E2: secrecy_Expression] :
? [Ch2: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch2 @ ( out @ SP ) )
& ( exprChannel @ Ch2 @ E2 ) ) ) ) ).
% eout_def
thf(fact_186_eoutM__def,axiom,
( eoutM
= ( ^ [SP: secrecy_specID,M3: set @ secrecy_chanID,E2: secrecy_Expression] :
? [Ch2: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch2 @ ( out @ SP ) )
& ( member @ secrecy_chanID @ Ch2 @ M3 )
& ( exprChannel @ Ch2 @ E2 ) ) ) ) ).
% eoutM_def
thf(fact_187_out__exprChannelSet__def,axiom,
( out_exprChannelSet
= ( ^ [SP: secrecy_specID,ChSet2: set @ secrecy_chanID,E2: secrecy_Expression] :
( ! [X2: secrecy_chanID] :
( ( member @ secrecy_chanID @ X2 @ ChSet2 )
=> ( ( member @ secrecy_chanID @ X2 @ ( out @ SP ) )
& ( exprChannel @ X2 @ E2 ) ) )
& ! [X2: secrecy_chanID] :
( ( ~ ( member @ secrecy_chanID @ X2 @ ChSet2 )
& ( member @ secrecy_chanID @ X2 @ ( out @ SP ) ) )
=> ~ ( exprChannel @ X2 @ E2 ) ) ) ) ) ).
% out_exprChannelSet_def
thf(fact_188_out__exprChannelSingle__def,axiom,
( out_ex985543062Single
= ( ^ [SP: secrecy_specID,Ch2: secrecy_chanID,E2: secrecy_Expression] :
( ( member @ secrecy_chanID @ Ch2 @ ( out @ SP ) )
& ( exprChannel @ Ch2 @ E2 )
& ! [X2: secrecy_chanID,T: nat] :
( ( ( member @ secrecy_chanID @ X2 @ ( out @ SP ) )
& ( X2 != Ch2 ) )
=> ~ ( exprChannel @ X2 @ E2 ) ) ) ) ) ).
% out_exprChannelSingle_def
thf(fact_189_correctCompositionOut__prop1,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,X: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( member @ secrecy_chanID @ X @ ( out @ PQ ) )
=> ( ( member @ secrecy_chanID @ X @ ( out @ P ) )
| ( member @ secrecy_chanID @ X @ ( out @ Q ) ) ) ) ) ) ).
% correctCompositionOut_prop1
thf(fact_190_TBtheorem45a__P,axiom,
! [P: secrecy_specID,E: secrecy_Expression,PQ: secrecy_specID,Q: secrecy_specID] :
( ( eout @ P @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ? [Ch3: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch3 @ ( out @ P ) )
& ( exprChannel @ Ch3 @ E )
& ~ ( member @ secrecy_chanID @ Ch3 @ ( loc @ PQ ) ) )
=> ( eout @ PQ @ E ) ) ) ) ) ).
% TBtheorem45a_P
thf(fact_191_adv__not__know2,axiom,
! [P: secrecy_specID,A3: secrecy_specID,M2: secrecy_Secrets] :
( ( ord_less_eq @ ( set @ secrecy_chanID ) @ ( out @ P ) @ ( ins @ A3 ) )
=> ( ~ ( knowle1437066798e_know @ A3 @ ( secrecy_sKS @ M2 ) )
=> ~ ( eout @ P @ ( secrecy_sE @ M2 ) ) ) ) ).
% adv_not_know2
thf(fact_192_adv__not__know1,axiom,
! [P: secrecy_specID,A3: secrecy_specID,M2: secrecy_Keys] :
( ( ord_less_eq @ ( set @ secrecy_chanID ) @ ( out @ P ) @ ( ins @ A3 ) )
=> ( ~ ( knowle1437066798e_know @ A3 @ ( secrecy_kKS @ M2 ) )
=> ~ ( eout @ P @ ( secrecy_kE @ M2 ) ) ) ) ).
% adv_not_know1
thf(fact_193_correctCompositionKeys__subcomp1,axiom,
! [C4: secrecy_specID,X: secrecy_specID,Xb: secrecy_Keys] :
( ( correc17873122onKeys @ C4 )
=> ( ( member @ secrecy_specID @ X @ ( subcomponents @ C4 ) )
=> ( ( member @ secrecy_Keys @ Xb @ ( specKeys @ C4 ) )
=> ? [X3: secrecy_specID] :
( ( member @ secrecy_specID @ X3 @ ( subcomponents @ C4 ) )
& ( member @ secrecy_Keys @ Xb @ ( specKeys @ X3 ) ) ) ) ) ) ).
% correctCompositionKeys_subcomp1
thf(fact_194_order__refl,axiom,
! [A: $tType] :
( ( preorder @ A )
=> ! [X: A] : ( ord_less_eq @ A @ X @ X ) ) ).
% order_refl
thf(fact_195_subset__antisym,axiom,
! [A: $tType,A3: set @ A,B: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A3 @ B )
=> ( ( ord_less_eq @ ( set @ A ) @ B @ A3 )
=> ( A3 = B ) ) ) ).
% subset_antisym
thf(fact_196_subsetI,axiom,
! [A: $tType,A3: set @ A,B: set @ A] :
( ! [X3: A] :
( ( member @ A @ X3 @ A3 )
=> ( member @ A @ X3 @ B ) )
=> ( ord_less_eq @ ( set @ A ) @ A3 @ B ) ) ).
% subsetI
thf(fact_197_empty__subsetI,axiom,
! [A: $tType,A3: set @ A] : ( ord_less_eq @ ( set @ A ) @ ( bot_bot @ ( set @ A ) ) @ A3 ) ).
% empty_subsetI
thf(fact_198_subset__empty,axiom,
! [A: $tType,A3: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A3 @ ( bot_bot @ ( set @ A ) ) )
= ( A3
= ( bot_bot @ ( set @ A ) ) ) ) ).
% subset_empty
thf(fact_199_insert__subset,axiom,
! [A: $tType,X: A,A3: set @ A,B: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ ( insert @ A @ X @ A3 ) @ B )
= ( ( member @ A @ X @ B )
& ( ord_less_eq @ ( set @ A ) @ A3 @ B ) ) ) ).
% insert_subset
thf(fact_200_Un__subset__iff,axiom,
! [A: $tType,A3: set @ A,B: set @ A,C4: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ ( sup_sup @ ( set @ A ) @ A3 @ B ) @ C4 )
= ( ( ord_less_eq @ ( set @ A ) @ A3 @ C4 )
& ( ord_less_eq @ ( set @ A ) @ B @ C4 ) ) ) ).
% Un_subset_iff
thf(fact_201_singleton__insert__inj__eq,axiom,
! [A: $tType,B2: A,A2: A,A3: set @ A] :
( ( ( insert @ A @ B2 @ ( bot_bot @ ( set @ A ) ) )
= ( insert @ A @ A2 @ A3 ) )
= ( ( A2 = B2 )
& ( ord_less_eq @ ( set @ A ) @ A3 @ ( insert @ A @ B2 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% singleton_insert_inj_eq
thf(fact_202_singleton__insert__inj__eq_H,axiom,
! [A: $tType,A2: A,A3: set @ A,B2: A] :
( ( ( insert @ A @ A2 @ A3 )
= ( insert @ A @ B2 @ ( bot_bot @ ( set @ A ) ) ) )
= ( ( A2 = B2 )
& ( ord_less_eq @ ( set @ A ) @ A3 @ ( insert @ A @ B2 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% singleton_insert_inj_eq'
thf(fact_203_subset__singleton__iff,axiom,
! [A: $tType,X4: set @ A,A2: A] :
( ( ord_less_eq @ ( set @ A ) @ X4 @ ( insert @ A @ A2 @ ( bot_bot @ ( set @ A ) ) ) )
= ( ( X4
= ( bot_bot @ ( set @ A ) ) )
| ( X4
= ( insert @ A @ A2 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% subset_singleton_iff
thf(fact_204_subset__singletonD,axiom,
! [A: $tType,A3: set @ A,X: A] :
( ( ord_less_eq @ ( set @ A ) @ A3 @ ( insert @ A @ X @ ( bot_bot @ ( set @ A ) ) ) )
=> ( ( A3
= ( bot_bot @ ( set @ A ) ) )
| ( A3
= ( insert @ A @ X @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% subset_singletonD
thf(fact_205_subset__Un__eq,axiom,
! [A: $tType] :
( ( ord_less_eq @ ( set @ A ) )
= ( ^ [A4: set @ A,B5: set @ A] :
( ( sup_sup @ ( set @ A ) @ A4 @ B5 )
= B5 ) ) ) ).
% subset_Un_eq
thf(fact_206_subset__UnE,axiom,
! [A: $tType,C4: set @ A,A3: set @ A,B: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ C4 @ ( sup_sup @ ( set @ A ) @ A3 @ B ) )
=> ~ ! [A6: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A6 @ A3 )
=> ! [B6: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ B6 @ B )
=> ( C4
!= ( sup_sup @ ( set @ A ) @ A6 @ B6 ) ) ) ) ) ).
% subset_UnE
thf(fact_207_Un__absorb2,axiom,
! [A: $tType,B: set @ A,A3: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ B @ A3 )
=> ( ( sup_sup @ ( set @ A ) @ A3 @ B )
= A3 ) ) ).
% Un_absorb2
thf(fact_208_Un__absorb1,axiom,
! [A: $tType,A3: set @ A,B: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A3 @ B )
=> ( ( sup_sup @ ( set @ A ) @ A3 @ B )
= B ) ) ).
% Un_absorb1
thf(fact_209_Un__upper2,axiom,
! [A: $tType,B: set @ A,A3: set @ A] : ( ord_less_eq @ ( set @ A ) @ B @ ( sup_sup @ ( set @ A ) @ A3 @ B ) ) ).
% Un_upper2
thf(fact_210_Un__upper1,axiom,
! [A: $tType,A3: set @ A,B: set @ A] : ( ord_less_eq @ ( set @ A ) @ A3 @ ( sup_sup @ ( set @ A ) @ A3 @ B ) ) ).
% Un_upper1
thf(fact_211_Un__least,axiom,
! [A: $tType,A3: set @ A,C4: set @ A,B: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A3 @ C4 )
=> ( ( ord_less_eq @ ( set @ A ) @ B @ C4 )
=> ( ord_less_eq @ ( set @ A ) @ ( sup_sup @ ( set @ A ) @ A3 @ B ) @ C4 ) ) ) ).
% Un_least
thf(fact_212_Un__mono,axiom,
! [A: $tType,A3: set @ A,C4: set @ A,B: set @ A,D3: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A3 @ C4 )
=> ( ( ord_less_eq @ ( set @ A ) @ B @ D3 )
=> ( ord_less_eq @ ( set @ A ) @ ( sup_sup @ ( set @ A ) @ A3 @ B ) @ ( sup_sup @ ( set @ A ) @ C4 @ D3 ) ) ) ) ).
% Un_mono
thf(fact_213_bot_Oextremum__uniqueI,axiom,
! [A: $tType] :
( ( order_bot @ A )
=> ! [A2: A] :
( ( ord_less_eq @ A @ A2 @ ( bot_bot @ A ) )
=> ( A2
= ( bot_bot @ A ) ) ) ) ).
% bot.extremum_uniqueI
thf(fact_214_bot_Oextremum__unique,axiom,
! [A: $tType] :
( ( order_bot @ A )
=> ! [A2: A] :
( ( ord_less_eq @ A @ A2 @ ( bot_bot @ A ) )
= ( A2
= ( bot_bot @ A ) ) ) ) ).
% bot.extremum_unique
thf(fact_215_bot_Oextremum,axiom,
! [A: $tType] :
( ( order_bot @ A )
=> ! [A2: A] : ( ord_less_eq @ A @ ( bot_bot @ A ) @ A2 ) ) ).
% bot.extremum
thf(fact_216_subset__insertI2,axiom,
! [A: $tType,A3: set @ A,B: set @ A,B2: A] :
( ( ord_less_eq @ ( set @ A ) @ A3 @ B )
=> ( ord_less_eq @ ( set @ A ) @ A3 @ ( insert @ A @ B2 @ B ) ) ) ).
% subset_insertI2
thf(fact_217_subset__insertI,axiom,
! [A: $tType,B: set @ A,A2: A] : ( ord_less_eq @ ( set @ A ) @ B @ ( insert @ A @ A2 @ B ) ) ).
% subset_insertI
thf(fact_218_subset__insert,axiom,
! [A: $tType,X: A,A3: set @ A,B: set @ A] :
( ~ ( member @ A @ X @ A3 )
=> ( ( ord_less_eq @ ( set @ A ) @ A3 @ ( insert @ A @ X @ B ) )
= ( ord_less_eq @ ( set @ A ) @ A3 @ B ) ) ) ).
% subset_insert
thf(fact_219_insert__mono,axiom,
! [A: $tType,C4: set @ A,D3: set @ A,A2: A] :
( ( ord_less_eq @ ( set @ A ) @ C4 @ D3 )
=> ( ord_less_eq @ ( set @ A ) @ ( insert @ A @ A2 @ C4 ) @ ( insert @ A @ A2 @ D3 ) ) ) ).
% insert_mono
thf(fact_220_dual__order_Oantisym,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [B2: A,A2: A] :
( ( ord_less_eq @ A @ B2 @ A2 )
=> ( ( ord_less_eq @ A @ A2 @ B2 )
=> ( A2 = B2 ) ) ) ) ).
% dual_order.antisym
thf(fact_221_dual__order_Oeq__iff,axiom,
! [A: $tType] :
( ( order @ A )
=> ( ( ^ [Y3: A,Z: A] : ( Y3 = Z ) )
= ( ^ [A5: A,B7: A] :
( ( ord_less_eq @ A @ B7 @ A5 )
& ( ord_less_eq @ A @ A5 @ B7 ) ) ) ) ) ).
% dual_order.eq_iff
thf(fact_222_dual__order_Otrans,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [B2: A,A2: A,C: A] :
( ( ord_less_eq @ A @ B2 @ A2 )
=> ( ( ord_less_eq @ A @ C @ B2 )
=> ( ord_less_eq @ A @ C @ A2 ) ) ) ) ).
% dual_order.trans
thf(fact_223_linorder__wlog,axiom,
! [A: $tType] :
( ( linorder @ A )
=> ! [P: A > A > $o,A2: A,B2: A] :
( ! [A7: A,B8: A] :
( ( ord_less_eq @ A @ A7 @ B8 )
=> ( P @ A7 @ B8 ) )
=> ( ! [A7: A,B8: A] :
( ( P @ B8 @ A7 )
=> ( P @ A7 @ B8 ) )
=> ( P @ A2 @ B2 ) ) ) ) ).
% linorder_wlog
thf(fact_224_dual__order_Orefl,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [A2: A] : ( ord_less_eq @ A @ A2 @ A2 ) ) ).
% dual_order.refl
thf(fact_225_order__trans,axiom,
! [A: $tType] :
( ( preorder @ A )
=> ! [X: A,Y2: A,Z2: A] :
( ( ord_less_eq @ A @ X @ Y2 )
=> ( ( ord_less_eq @ A @ Y2 @ Z2 )
=> ( ord_less_eq @ A @ X @ Z2 ) ) ) ) ).
% order_trans
thf(fact_226_order__class_Oorder_Oantisym,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [A2: A,B2: A] :
( ( ord_less_eq @ A @ A2 @ B2 )
=> ( ( ord_less_eq @ A @ B2 @ A2 )
=> ( A2 = B2 ) ) ) ) ).
% order_class.order.antisym
thf(fact_227_ord__le__eq__trans,axiom,
! [A: $tType] :
( ( ord @ A )
=> ! [A2: A,B2: A,C: A] :
( ( ord_less_eq @ A @ A2 @ B2 )
=> ( ( B2 = C )
=> ( ord_less_eq @ A @ A2 @ C ) ) ) ) ).
% ord_le_eq_trans
thf(fact_228_ord__eq__le__trans,axiom,
! [A: $tType] :
( ( ord @ A )
=> ! [A2: A,B2: A,C: A] :
( ( A2 = B2 )
=> ( ( ord_less_eq @ A @ B2 @ C )
=> ( ord_less_eq @ A @ A2 @ C ) ) ) ) ).
% ord_eq_le_trans
thf(fact_229_order__class_Oorder_Oeq__iff,axiom,
! [A: $tType] :
( ( order @ A )
=> ( ( ^ [Y3: A,Z: A] : ( Y3 = Z ) )
= ( ^ [A5: A,B7: A] :
( ( ord_less_eq @ A @ A5 @ B7 )
& ( ord_less_eq @ A @ B7 @ A5 ) ) ) ) ) ).
% order_class.order.eq_iff
thf(fact_230_antisym__conv,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [Y2: A,X: A] :
( ( ord_less_eq @ A @ Y2 @ X )
=> ( ( ord_less_eq @ A @ X @ Y2 )
= ( X = Y2 ) ) ) ) ).
% antisym_conv
thf(fact_231_le__cases3,axiom,
! [A: $tType] :
( ( linorder @ A )
=> ! [X: A,Y2: A,Z2: A] :
( ( ( ord_less_eq @ A @ X @ Y2 )
=> ~ ( ord_less_eq @ A @ Y2 @ Z2 ) )
=> ( ( ( ord_less_eq @ A @ Y2 @ X )
=> ~ ( ord_less_eq @ A @ X @ Z2 ) )
=> ( ( ( ord_less_eq @ A @ X @ Z2 )
=> ~ ( ord_less_eq @ A @ Z2 @ Y2 ) )
=> ( ( ( ord_less_eq @ A @ Z2 @ Y2 )
=> ~ ( ord_less_eq @ A @ Y2 @ X ) )
=> ( ( ( ord_less_eq @ A @ Y2 @ Z2 )
=> ~ ( ord_less_eq @ A @ Z2 @ X ) )
=> ~ ( ( ord_less_eq @ A @ Z2 @ X )
=> ~ ( ord_less_eq @ A @ X @ Y2 ) ) ) ) ) ) ) ) ).
% le_cases3
thf(fact_232_order_Otrans,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [A2: A,B2: A,C: A] :
( ( ord_less_eq @ A @ A2 @ B2 )
=> ( ( ord_less_eq @ A @ B2 @ C )
=> ( ord_less_eq @ A @ A2 @ C ) ) ) ) ).
% order.trans
thf(fact_233_le__cases,axiom,
! [A: $tType] :
( ( linorder @ A )
=> ! [X: A,Y2: A] :
( ~ ( ord_less_eq @ A @ X @ Y2 )
=> ( ord_less_eq @ A @ Y2 @ X ) ) ) ).
% le_cases
thf(fact_234_eq__refl,axiom,
! [A: $tType] :
( ( preorder @ A )
=> ! [X: A,Y2: A] :
( ( X = Y2 )
=> ( ord_less_eq @ A @ X @ Y2 ) ) ) ).
% eq_refl
thf(fact_235_linear,axiom,
! [A: $tType] :
( ( linorder @ A )
=> ! [X: A,Y2: A] :
( ( ord_less_eq @ A @ X @ Y2 )
| ( ord_less_eq @ A @ Y2 @ X ) ) ) ).
% linear
thf(fact_236_antisym,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [X: A,Y2: A] :
( ( ord_less_eq @ A @ X @ Y2 )
=> ( ( ord_less_eq @ A @ Y2 @ X )
=> ( X = Y2 ) ) ) ) ).
% antisym
thf(fact_237_eq__iff,axiom,
! [A: $tType] :
( ( order @ A )
=> ( ( ^ [Y3: A,Z: A] : ( Y3 = Z ) )
= ( ^ [X2: A,Y4: A] :
( ( ord_less_eq @ A @ X2 @ Y4 )
& ( ord_less_eq @ A @ Y4 @ X2 ) ) ) ) ) ).
% eq_iff
thf(fact_238_ord__le__eq__subst,axiom,
! [A: $tType,B3: $tType] :
( ( ( ord @ B3 )
& ( ord @ A ) )
=> ! [A2: A,B2: A,F: A > B3,C: B3] :
( ( ord_less_eq @ A @ A2 @ B2 )
=> ( ( ( F @ B2 )
= C )
=> ( ! [X3: A,Y: A] :
( ( ord_less_eq @ A @ X3 @ Y )
=> ( ord_less_eq @ B3 @ ( F @ X3 ) @ ( F @ Y ) ) )
=> ( ord_less_eq @ B3 @ ( F @ A2 ) @ C ) ) ) ) ) ).
% ord_le_eq_subst
thf(fact_239_ord__eq__le__subst,axiom,
! [A: $tType,B3: $tType] :
( ( ( ord @ B3 )
& ( ord @ A ) )
=> ! [A2: A,F: B3 > A,B2: B3,C: B3] :
( ( A2
= ( F @ B2 ) )
=> ( ( ord_less_eq @ B3 @ B2 @ C )
=> ( ! [X3: B3,Y: B3] :
( ( ord_less_eq @ B3 @ X3 @ Y )
=> ( ord_less_eq @ A @ ( F @ X3 ) @ ( F @ Y ) ) )
=> ( ord_less_eq @ A @ A2 @ ( F @ C ) ) ) ) ) ) ).
% ord_eq_le_subst
thf(fact_240_order__subst2,axiom,
! [A: $tType,C2: $tType] :
( ( ( order @ C2 )
& ( order @ A ) )
=> ! [A2: A,B2: A,F: A > C2,C: C2] :
( ( ord_less_eq @ A @ A2 @ B2 )
=> ( ( ord_less_eq @ C2 @ ( F @ B2 ) @ C )
=> ( ! [X3: A,Y: A] :
( ( ord_less_eq @ A @ X3 @ Y )
=> ( ord_less_eq @ C2 @ ( F @ X3 ) @ ( F @ Y ) ) )
=> ( ord_less_eq @ C2 @ ( F @ A2 ) @ C ) ) ) ) ) ).
% order_subst2
thf(fact_241_order__subst1,axiom,
! [A: $tType,B3: $tType] :
( ( ( order @ B3 )
& ( order @ A ) )
=> ! [A2: A,F: B3 > A,B2: B3,C: B3] :
( ( ord_less_eq @ A @ A2 @ ( F @ B2 ) )
=> ( ( ord_less_eq @ B3 @ B2 @ C )
=> ( ! [X3: B3,Y: B3] :
( ( ord_less_eq @ B3 @ X3 @ Y )
=> ( ord_less_eq @ A @ ( F @ X3 ) @ ( F @ Y ) ) )
=> ( ord_less_eq @ A @ A2 @ ( F @ C ) ) ) ) ) ) ).
% order_subst1
thf(fact_242_Collect__mono__iff,axiom,
! [A: $tType,P: A > $o,Q: A > $o] :
( ( ord_less_eq @ ( set @ A ) @ ( collect @ A @ P ) @ ( collect @ A @ Q ) )
= ( ! [X2: A] :
( ( P @ X2 )
=> ( Q @ X2 ) ) ) ) ).
% Collect_mono_iff
thf(fact_243_le__fun__def,axiom,
! [B3: $tType,A: $tType] :
( ( ord @ B3 )
=> ( ( ord_less_eq @ ( A > B3 ) )
= ( ^ [F2: A > B3,G2: A > B3] :
! [X2: A] : ( ord_less_eq @ B3 @ ( F2 @ X2 ) @ ( G2 @ X2 ) ) ) ) ) ).
% le_fun_def
thf(fact_244_set__eq__subset,axiom,
! [A: $tType] :
( ( ^ [Y3: set @ A,Z: set @ A] : ( Y3 = Z ) )
= ( ^ [A4: set @ A,B5: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A4 @ B5 )
& ( ord_less_eq @ ( set @ A ) @ B5 @ A4 ) ) ) ) ).
% set_eq_subset
thf(fact_245_le__funI,axiom,
! [B3: $tType,A: $tType] :
( ( ord @ B3 )
=> ! [F: A > B3,G: A > B3] :
( ! [X3: A] : ( ord_less_eq @ B3 @ ( F @ X3 ) @ ( G @ X3 ) )
=> ( ord_less_eq @ ( A > B3 ) @ F @ G ) ) ) ).
% le_funI
thf(fact_246_le__funE,axiom,
! [B3: $tType,A: $tType] :
( ( ord @ B3 )
=> ! [F: A > B3,G: A > B3,X: A] :
( ( ord_less_eq @ ( A > B3 ) @ F @ G )
=> ( ord_less_eq @ B3 @ ( F @ X ) @ ( G @ X ) ) ) ) ).
% le_funE
thf(fact_247_le__funD,axiom,
! [B3: $tType,A: $tType] :
( ( ord @ B3 )
=> ! [F: A > B3,G: A > B3,X: A] :
( ( ord_less_eq @ ( A > B3 ) @ F @ G )
=> ( ord_less_eq @ B3 @ ( F @ X ) @ ( G @ X ) ) ) ) ).
% le_funD
thf(fact_248_subset__trans,axiom,
! [A: $tType,A3: set @ A,B: set @ A,C4: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A3 @ B )
=> ( ( ord_less_eq @ ( set @ A ) @ B @ C4 )
=> ( ord_less_eq @ ( set @ A ) @ A3 @ C4 ) ) ) ).
% subset_trans
thf(fact_249_Collect__mono,axiom,
! [A: $tType,P: A > $o,Q: A > $o] :
( ! [X3: A] :
( ( P @ X3 )
=> ( Q @ X3 ) )
=> ( ord_less_eq @ ( set @ A ) @ ( collect @ A @ P ) @ ( collect @ A @ Q ) ) ) ).
% Collect_mono
thf(fact_250_subset__refl,axiom,
! [A: $tType,A3: set @ A] : ( ord_less_eq @ ( set @ A ) @ A3 @ A3 ) ).
% subset_refl
thf(fact_251_subset__iff,axiom,
! [A: $tType] :
( ( ord_less_eq @ ( set @ A ) )
= ( ^ [A4: set @ A,B5: set @ A] :
! [T: A] :
( ( member @ A @ T @ A4 )
=> ( member @ A @ T @ B5 ) ) ) ) ).
% subset_iff
thf(fact_252_equalityD2,axiom,
! [A: $tType,A3: set @ A,B: set @ A] :
( ( A3 = B )
=> ( ord_less_eq @ ( set @ A ) @ B @ A3 ) ) ).
% equalityD2
thf(fact_253_equalityD1,axiom,
! [A: $tType,A3: set @ A,B: set @ A] :
( ( A3 = B )
=> ( ord_less_eq @ ( set @ A ) @ A3 @ B ) ) ).
% equalityD1
thf(fact_254_subset__eq,axiom,
! [A: $tType] :
( ( ord_less_eq @ ( set @ A ) )
= ( ^ [A4: set @ A,B5: set @ A] :
! [X2: A] :
( ( member @ A @ X2 @ A4 )
=> ( member @ A @ X2 @ B5 ) ) ) ) ).
% subset_eq
thf(fact_255_equalityE,axiom,
! [A: $tType,A3: set @ A,B: set @ A] :
( ( A3 = B )
=> ~ ( ( ord_less_eq @ ( set @ A ) @ A3 @ B )
=> ~ ( ord_less_eq @ ( set @ A ) @ B @ A3 ) ) ) ).
% equalityE
% Type constructors (28)
thf(tcon_HOL_Obool___Lattices_Obounded__lattice,axiom,
bounded_lattice @ $o ).
thf(tcon_Set_Oset___Lattices_Obounded__lattice_1,axiom,
! [A8: $tType] : ( bounded_lattice @ ( set @ A8 ) ) ).
thf(tcon_fun___Lattices_Obounded__lattice_2,axiom,
! [A8: $tType,A9: $tType] :
( ( bounded_lattice @ A9 )
=> ( bounded_lattice @ ( A8 > A9 ) ) ) ).
thf(tcon_fun___Lattices_Obounded__semilattice__sup__bot,axiom,
! [A8: $tType,A9: $tType] :
( ( bounded_lattice @ A9 )
=> ( bounde1808546759up_bot @ ( A8 > A9 ) ) ) ).
thf(tcon_fun___Orderings_Oorder__bot,axiom,
! [A8: $tType,A9: $tType] :
( ( order_bot @ A9 )
=> ( order_bot @ ( A8 > A9 ) ) ) ).
thf(tcon_fun___Orderings_Opreorder,axiom,
! [A8: $tType,A9: $tType] :
( ( preorder @ A9 )
=> ( preorder @ ( A8 > A9 ) ) ) ).
thf(tcon_fun___Orderings_Oorder,axiom,
! [A8: $tType,A9: $tType] :
( ( order @ A9 )
=> ( order @ ( A8 > A9 ) ) ) ).
thf(tcon_fun___Orderings_Oord,axiom,
! [A8: $tType,A9: $tType] :
( ( ord @ A9 )
=> ( ord @ ( A8 > A9 ) ) ) ).
thf(tcon_fun___Orderings_Obot,axiom,
! [A8: $tType,A9: $tType] :
( ( bot @ A9 )
=> ( bot @ ( A8 > A9 ) ) ) ).
thf(tcon_Nat_Onat___Orderings_Oorder__bot_3,axiom,
order_bot @ nat ).
thf(tcon_Nat_Onat___Orderings_Opreorder_4,axiom,
preorder @ nat ).
thf(tcon_Nat_Onat___Orderings_Olinorder,axiom,
linorder @ nat ).
thf(tcon_Nat_Onat___Orderings_Oorder_5,axiom,
order @ nat ).
thf(tcon_Nat_Onat___Orderings_Oord_6,axiom,
ord @ nat ).
thf(tcon_Nat_Onat___Orderings_Obot_7,axiom,
bot @ nat ).
thf(tcon_Set_Oset___Lattices_Obounded__semilattice__sup__bot_8,axiom,
! [A8: $tType] : ( bounde1808546759up_bot @ ( set @ A8 ) ) ).
thf(tcon_Set_Oset___Orderings_Oorder__bot_9,axiom,
! [A8: $tType] : ( order_bot @ ( set @ A8 ) ) ).
thf(tcon_Set_Oset___Orderings_Opreorder_10,axiom,
! [A8: $tType] : ( preorder @ ( set @ A8 ) ) ).
thf(tcon_Set_Oset___Orderings_Oorder_11,axiom,
! [A8: $tType] : ( order @ ( set @ A8 ) ) ).
thf(tcon_Set_Oset___Orderings_Oord_12,axiom,
! [A8: $tType] : ( ord @ ( set @ A8 ) ) ).
thf(tcon_Set_Oset___Orderings_Obot_13,axiom,
! [A8: $tType] : ( bot @ ( set @ A8 ) ) ).
thf(tcon_HOL_Obool___Lattices_Obounded__semilattice__sup__bot_14,axiom,
bounde1808546759up_bot @ $o ).
thf(tcon_HOL_Obool___Orderings_Oorder__bot_15,axiom,
order_bot @ $o ).
thf(tcon_HOL_Obool___Orderings_Opreorder_16,axiom,
preorder @ $o ).
thf(tcon_HOL_Obool___Orderings_Olinorder_17,axiom,
linorder @ $o ).
thf(tcon_HOL_Obool___Orderings_Oorder_18,axiom,
order @ $o ).
thf(tcon_HOL_Obool___Orderings_Oord_19,axiom,
ord @ $o ).
thf(tcon_HOL_Obool___Orderings_Obot_20,axiom,
bot @ $o ).
% Conjectures (1)
thf(conj_0,conjecture,
~ ( member @ secrecy_KS @ m @ ( specKeysSecrets @ pq ) ) ).
%------------------------------------------------------------------------------