TPTP Problem File: ITP091^2.p
View Solutions
- Solve Problem
%------------------------------------------------------------------------------
% File : ITP091^2 : TPTP v9.0.0. Released v7.5.0.
% Domain : Interactive Theorem Proving
% Problem : Sledgehammer KnowledgeKeysSecrets problem prob_460__3295970_1
% Version : Especial.
% English :
% Refs : [BH+15] Blanchette et al. (2015), Mining the Archive of Formal
% : [Des21] Desharnais (2021), Email to Geoff Sutcliffe
% Source : [Des21]
% Names : KnowledgeKeysSecrets/prob_460__3295970_1 [Des21]
% Status : Theorem
% Rating : 0.00 v7.5.0
% Syntax : Number of formulae : 347 ( 110 unt; 66 typ; 0 def)
% Number of atoms : 1081 ( 280 equ; 0 cnn)
% Maximal formula atoms : 13 ( 3 avg)
% Number of connectives : 4602 ( 217 ~; 36 |; 95 &;3691 @)
% ( 0 <=>; 563 =>; 0 <=; 0 <~>)
% Maximal formula depth : 20 ( 8 avg)
% Number of types : 8 ( 7 usr)
% Number of type conns : 132 ( 132 >; 0 *; 0 +; 0 <<)
% Number of symbols : 60 ( 59 usr; 5 con; 0-4 aty)
% Number of variables : 983 ( 65 ^; 869 !; 29 ?; 983 :)
% ( 20 !>; 0 ?*; 0 @-; 0 @+)
% SPC : TH1_THM_EQU_NAR
% Comments : This file was generated by Sledgehammer 2021-02-23 16:21:08.412
%------------------------------------------------------------------------------
% Could-be-implicit typings (9)
thf(ty_t_Secrecy__types_OExpression,type,
secrecy_Expression: $tType ).
thf(ty_t_Secrecy__types_OSecrets,type,
secrecy_Secrets: $tType ).
thf(ty_t_Secrecy__types_OspecID,type,
secrecy_specID: $tType ).
thf(ty_t_Secrecy__types_OchanID,type,
secrecy_chanID: $tType ).
thf(ty_t_Secrecy__types_OKeys,type,
secrecy_Keys: $tType ).
thf(ty_t_Secrecy__types_OKS,type,
secrecy_KS: $tType ).
thf(ty_t_List_Olist,type,
list: $tType > $tType ).
thf(ty_t_Set_Oset,type,
set: $tType > $tType ).
thf(ty_t_Nat_Onat,type,
nat: $tType ).
% Explicit typings (57)
thf(sy_cl_Lattices_Obounded__lattice,type,
bounded_lattice:
!>[A: $tType] : $o ).
thf(sy_cl_HOL_Otype,type,
type:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Obot,type,
bot:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Oord,type,
ord:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Oorder,type,
order:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Olinorder,type,
linorder:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Opreorder,type,
preorder:
!>[A: $tType] : $o ).
thf(sy_cl_Lattices_Obounded__semilattice__sup__bot,type,
bounde1808546759up_bot:
!>[A: $tType] : $o ).
thf(sy_c_CompLocalSecrets_OLocalSecrets,type,
localSecrets: secrecy_specID > ( set @ secrecy_KS ) ).
thf(sy_c_KnowledgeKeysSecrets__Mirabelle__khazhniute_OeoutKnowCorrect,type,
knowle1667810483orrect: secrecy_specID > secrecy_KS > $o ).
thf(sy_c_KnowledgeKeysSecrets__Mirabelle__khazhniute_Oknow,type,
knowle1437066798e_know: secrecy_specID > secrecy_KS > $o ).
thf(sy_c_Lattices_Osup__class_Osup,type,
sup_sup:
!>[A: $tType] : ( A > A > A ) ).
thf(sy_c_ListExtras_Omem,type,
mem:
!>[A: $tType] : ( A > ( list @ A ) > $o ) ).
thf(sy_c_Orderings_Obot__class_Obot,type,
bot_bot:
!>[A: $tType] : A ).
thf(sy_c_Orderings_Oord__class_Oless__eq,type,
ord_less_eq:
!>[A: $tType] : ( A > A > $o ) ).
thf(sy_c_Secrecy_OcorrectCompositionKS,type,
correctCompositionKS: secrecy_specID > $o ).
thf(sy_c_Secrecy_Oeout,type,
eout: secrecy_specID > secrecy_Expression > $o ).
thf(sy_c_Secrecy_OeoutM,type,
eoutM: secrecy_specID > ( set @ secrecy_chanID ) > secrecy_Expression > $o ).
thf(sy_c_Secrecy_OexprChannel,type,
exprChannel: secrecy_chanID > secrecy_Expression > $o ).
thf(sy_c_Secrecy_Oine,type,
ine: secrecy_specID > secrecy_Expression > $o ).
thf(sy_c_Secrecy_OineM,type,
ineM: secrecy_specID > ( set @ secrecy_chanID ) > secrecy_Expression > $o ).
thf(sy_c_Secrecy_Oine__exprChannelSet,type,
ine_exprChannelSet: secrecy_specID > ( set @ secrecy_chanID ) > secrecy_Expression > $o ).
thf(sy_c_Secrecy_Oine__exprChannelSingle,type,
ine_ex1303305700Single: secrecy_specID > secrecy_chanID > secrecy_Expression > $o ).
thf(sy_c_Secrecy_OnotSpecKeysSecretsExpr,type,
notSpe1586871396tsExpr: secrecy_specID > ( list @ secrecy_Expression ) > $o ).
thf(sy_c_Secrecy_Oout__exprChannelSet,type,
out_exprChannelSet: secrecy_specID > ( set @ secrecy_chanID ) > secrecy_Expression > $o ).
thf(sy_c_Secrecy_Oout__exprChannelSingle,type,
out_ex985543062Single: secrecy_specID > secrecy_chanID > secrecy_Expression > $o ).
thf(sy_c_Secrecy_OspecKeys,type,
specKeys: secrecy_specID > ( set @ secrecy_Keys ) ).
thf(sy_c_Secrecy_OspecKeysSecrets,type,
specKeysSecrets: secrecy_specID > ( set @ secrecy_KS ) ).
thf(sy_c_Secrecy_OspecSecrets,type,
specSecrets: secrecy_specID > ( set @ secrecy_Secrets ) ).
thf(sy_c_Secrecy__types_OExpression_OkE,type,
secrecy_kE: secrecy_Keys > secrecy_Expression ).
thf(sy_c_Secrecy__types_OExpression_OsE,type,
secrecy_sE: secrecy_Secrets > secrecy_Expression ).
thf(sy_c_Secrecy__types_OKS2Expression,type,
secrec1016742679ession: secrecy_KS > secrecy_Expression ).
thf(sy_c_Secrecy__types_OKS_Ocase__KS,type,
secrecy_case_KS:
!>[A: $tType] : ( ( secrecy_Keys > A ) > ( secrecy_Secrets > A ) > secrecy_KS > A ) ).
thf(sy_c_Secrecy__types_OKS_OkKS,type,
secrecy_kKS: secrecy_Keys > secrecy_KS ).
thf(sy_c_Secrecy__types_OKS_Orec__KS,type,
secrecy_rec_KS:
!>[A: $tType] : ( ( secrecy_Keys > A ) > ( secrecy_Secrets > A ) > secrecy_KS > A ) ).
thf(sy_c_Secrecy__types_OKS_OsKS,type,
secrecy_sKS: secrecy_Secrets > secrecy_KS ).
thf(sy_c_Set_OCollect,type,
collect:
!>[A: $tType] : ( ( A > $o ) > ( set @ A ) ) ).
thf(sy_c_Set_Oinsert,type,
insert:
!>[A: $tType] : ( A > ( set @ A ) > ( set @ A ) ) ).
thf(sy_c_Set_Ois__empty,type,
is_empty:
!>[A: $tType] : ( ( set @ A ) > $o ) ).
thf(sy_c_Set_Ois__singleton,type,
is_singleton:
!>[A: $tType] : ( ( set @ A ) > $o ) ).
thf(sy_c_Set_Othe__elem,type,
the_elem:
!>[A: $tType] : ( ( set @ A ) > A ) ).
thf(sy_c_inout_OcorrectCompositionIn,type,
correctCompositionIn: secrecy_specID > $o ).
thf(sy_c_inout_OcorrectCompositionLoc,type,
correc965049635ionLoc: secrecy_specID > $o ).
thf(sy_c_inout_OcorrectCompositionOut,type,
correc990227761ionOut: secrecy_specID > $o ).
thf(sy_c_inout_OinStream,type,
inStream: secrecy_specID > ( set @ secrecy_chanID ) > $o ).
thf(sy_c_inout_Oins,type,
ins: secrecy_specID > ( set @ secrecy_chanID ) ).
thf(sy_c_inout_Oloc,type,
loc: secrecy_specID > ( set @ secrecy_chanID ) ).
thf(sy_c_inout_OlocStream,type,
locStream: secrecy_specID > ( set @ secrecy_chanID ) > $o ).
thf(sy_c_inout_Oout,type,
out: secrecy_specID > ( set @ secrecy_chanID ) ).
thf(sy_c_inout_OoutStream,type,
outStream: secrecy_specID > ( set @ secrecy_chanID ) > $o ).
thf(sy_c_inout_Osubcomponents,type,
subcomponents: secrecy_specID > ( set @ secrecy_specID ) ).
thf(sy_c_member,type,
member:
!>[A: $tType] : ( A > ( set @ A ) > $o ) ).
thf(sy_v_P,type,
p: secrecy_specID ).
thf(sy_v_PQ,type,
pq: secrecy_specID ).
thf(sy_v_Q,type,
q: secrecy_specID ).
thf(sy_v_m,type,
m: secrecy_KS ).
thf(sy_v_secret____,type,
secret: secrecy_Secrets ).
% Relevant facts (256)
thf(fact_0_not__knowQm,axiom,
~ ( knowle1437066798e_know @ q @ m ) ).
% not_knowQm
thf(fact_1_a2,axiom,
( m
= ( secrecy_sKS @ secret ) ) ).
% a2
thf(fact_2_knowPQ,axiom,
knowle1437066798e_know @ pq @ m ).
% knowPQ
thf(fact_3_sg5,axiom,
member @ secrecy_KS @ ( secrecy_sKS @ secret ) @ ( localSecrets @ pq ) ).
% sg5
thf(fact_4_KS_Oinject_I2_J,axiom,
! [X2: secrecy_Secrets,Y2: secrecy_Secrets] :
( ( ( secrecy_sKS @ X2 )
= ( secrecy_sKS @ Y2 ) )
= ( X2 = Y2 ) ) ).
% KS.inject(2)
thf(fact_5_sg6a,axiom,
~ ( ine @ q @ ( secrecy_sE @ secret ) ) ).
% sg6a
thf(fact_6_cCompLoc,axiom,
correc965049635ionLoc @ pq ).
% cCompLoc
thf(fact_7_a22,axiom,
~ ( ine @ pq @ ( secrecy_sE @ secret ) ) ).
% a22
thf(fact_8_KS_Osimps_I8_J,axiom,
! [A: $tType,F1: secrecy_Keys > A,F2: secrecy_Secrets > A,X2: secrecy_Secrets] :
( ( secrecy_rec_KS @ A @ F1 @ F2 @ ( secrecy_sKS @ X2 ) )
= ( F2 @ X2 ) ) ).
% KS.simps(8)
thf(fact_9_KS_Osimps_I6_J,axiom,
! [A: $tType,F1: secrecy_Keys > A,F2: secrecy_Secrets > A,X2: secrecy_Secrets] :
( ( secrecy_case_KS @ A @ F1 @ F2 @ ( secrecy_sKS @ X2 ) )
= ( F2 @ X2 ) ) ).
% KS.simps(6)
thf(fact_10_know_Osimps_I2_J,axiom,
! [A2: secrecy_specID,M: secrecy_Secrets] :
( ( knowle1437066798e_know @ A2 @ ( secrecy_sKS @ M ) )
= ( ( ine @ A2 @ ( secrecy_sE @ M ) )
| ( member @ secrecy_KS @ ( secrecy_sKS @ M ) @ ( localSecrets @ A2 ) ) ) ) ).
% know.simps(2)
thf(fact_11_subPQ,axiom,
( ( subcomponents @ pq )
= ( insert @ secrecy_specID @ p @ ( insert @ secrecy_specID @ q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) ) ).
% subPQ
thf(fact_12_cCompI,axiom,
correctCompositionIn @ pq ).
% cCompI
thf(fact_13_KS_Odistinct_I1_J,axiom,
! [X1: secrecy_Keys,X2: secrecy_Secrets] :
( ( secrecy_kKS @ X1 )
!= ( secrecy_sKS @ X2 ) ) ).
% KS.distinct(1)
thf(fact_14_KS_Oinduct,axiom,
! [P: secrecy_KS > $o,KS: secrecy_KS] :
( ! [X: secrecy_Keys] : ( P @ ( secrecy_kKS @ X ) )
=> ( ! [X: secrecy_Secrets] : ( P @ ( secrecy_sKS @ X ) )
=> ( P @ KS ) ) ) ).
% KS.induct
thf(fact_15_KS_Oinject_I1_J,axiom,
! [X1: secrecy_Keys,Y1: secrecy_Keys] :
( ( ( secrecy_kKS @ X1 )
= ( secrecy_kKS @ Y1 ) )
= ( X1 = Y1 ) ) ).
% KS.inject(1)
thf(fact_16_Expression_Oinject_I2_J,axiom,
! [X2: secrecy_Secrets,Y2: secrecy_Secrets] :
( ( ( secrecy_sE @ X2 )
= ( secrecy_sE @ Y2 ) )
= ( X2 = Y2 ) ) ).
% Expression.inject(2)
thf(fact_17_KS_Osimps_I7_J,axiom,
! [A: $tType,F1: secrecy_Keys > A,F2: secrecy_Secrets > A,X1: secrecy_Keys] :
( ( secrecy_rec_KS @ A @ F1 @ F2 @ ( secrecy_kKS @ X1 ) )
= ( F1 @ X1 ) ) ).
% KS.simps(7)
thf(fact_18_KS_Osimps_I5_J,axiom,
! [A: $tType,F1: secrecy_Keys > A,F2: secrecy_Secrets > A,X1: secrecy_Keys] :
( ( secrecy_case_KS @ A @ F1 @ F2 @ ( secrecy_kKS @ X1 ) )
= ( F1 @ X1 ) ) ).
% KS.simps(5)
thf(fact_19_know__composition__neg1,axiom,
! [P: secrecy_specID,M: secrecy_KS,Q: secrecy_specID,PQ: secrecy_specID] :
( ~ ( knowle1437066798e_know @ P @ M )
=> ( ~ ( knowle1437066798e_know @ Q @ M )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ( correctCompositionIn @ PQ )
=> ~ ( knowle1437066798e_know @ PQ @ M ) ) ) ) ) ) ).
% know_composition_neg1
thf(fact_20_know__composition__neg__ine__s,axiom,
! [P: secrecy_specID,Secret: secrecy_Secrets,Q: secrecy_specID,PQ: secrecy_specID] :
( ~ ( knowle1437066798e_know @ P @ ( secrecy_sKS @ Secret ) )
=> ( ~ ( knowle1437066798e_know @ Q @ ( secrecy_sKS @ Secret ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ~ ( ine @ PQ @ ( secrecy_sE @ Secret ) ) ) ) ) ) ).
% know_composition_neg_ine_s
thf(fact_21_not__know__s__not__ine,axiom,
! [A2: secrecy_specID,M: secrecy_Secrets] :
( ~ ( knowle1437066798e_know @ A2 @ ( secrecy_sKS @ M ) )
=> ~ ( ine @ A2 @ ( secrecy_sE @ M ) ) ) ).
% not_know_s_not_ine
thf(fact_22_KS_Oexhaust,axiom,
! [Y: secrecy_KS] :
( ! [X12: secrecy_Keys] :
( Y
!= ( secrecy_kKS @ X12 ) )
=> ~ ! [X22: secrecy_Secrets] :
( Y
!= ( secrecy_sKS @ X22 ) ) ) ).
% KS.exhaust
thf(fact_23_LocalSecretsComposition__ine1__s,axiom,
! [S: secrecy_Secrets,PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID] :
( ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ PQ ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ~ ( ine @ Q @ ( secrecy_sE @ S ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ Q ) )
=> ( ine @ P @ ( secrecy_sE @ S ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_ine1_s
thf(fact_24_LocalSecretsComposition__ine2__s,axiom,
! [S: secrecy_Secrets,PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID] :
( ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ PQ ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ~ ( ine @ P @ ( secrecy_sE @ S ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ Q ) )
=> ( ine @ Q @ ( secrecy_sE @ S ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_ine2_s
thf(fact_25_LocalSecretsComposition__neg1__s,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,S: secrecy_Secrets] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ~ ( ine @ P @ ( secrecy_sE @ S ) )
=> ( ~ ( ine @ Q @ ( secrecy_sE @ S ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ Q ) )
=> ~ ( member @ secrecy_KS @ ( secrecy_sKS @ S ) @ ( localSecrets @ PQ ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_neg1_s
thf(fact_26_TBtheorem1a,axiom,
! [PQ: secrecy_specID,E: secrecy_Expression,P: secrecy_specID,Q: secrecy_specID] :
( ( ine @ PQ @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( ine @ P @ E )
| ( ine @ Q @ E ) ) ) ) ) ).
% TBtheorem1a
thf(fact_27_TBtheorem3a,axiom,
! [P: secrecy_specID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ~ ( ine @ P @ E )
=> ( ~ ( ine @ Q @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ~ ( ine @ PQ @ E ) ) ) ) ) ).
% TBtheorem3a
thf(fact_28_singletonI,axiom,
! [A: $tType,A3: A] : ( member @ A @ A3 @ ( insert @ A @ A3 @ ( bot_bot @ ( set @ A ) ) ) ) ).
% singletonI
thf(fact_29_LocalSecretsComposition1,axiom,
! [Ls: secrecy_KS,P: secrecy_specID,PQ: secrecy_specID,Q: secrecy_specID] :
( ( member @ secrecy_KS @ Ls @ ( localSecrets @ P ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( member @ secrecy_KS @ Ls @ ( localSecrets @ PQ ) ) ) ) ).
% LocalSecretsComposition1
thf(fact_30_insertCI,axiom,
! [A: $tType,A3: A,B: set @ A,B2: A] :
( ( ~ ( member @ A @ A3 @ B )
=> ( A3 = B2 ) )
=> ( member @ A @ A3 @ ( insert @ A @ B2 @ B ) ) ) ).
% insertCI
thf(fact_31_insert__iff,axiom,
! [A: $tType,A3: A,B2: A,A2: set @ A] :
( ( member @ A @ A3 @ ( insert @ A @ B2 @ A2 ) )
= ( ( A3 = B2 )
| ( member @ A @ A3 @ A2 ) ) ) ).
% insert_iff
thf(fact_32_insert__absorb2,axiom,
! [A: $tType,X3: A,A2: set @ A] :
( ( insert @ A @ X3 @ ( insert @ A @ X3 @ A2 ) )
= ( insert @ A @ X3 @ A2 ) ) ).
% insert_absorb2
thf(fact_33_empty__Collect__eq,axiom,
! [A: $tType,P: A > $o] :
( ( ( bot_bot @ ( set @ A ) )
= ( collect @ A @ P ) )
= ( ! [X4: A] :
~ ( P @ X4 ) ) ) ).
% empty_Collect_eq
thf(fact_34_Collect__empty__eq,axiom,
! [A: $tType,P: A > $o] :
( ( ( collect @ A @ P )
= ( bot_bot @ ( set @ A ) ) )
= ( ! [X4: A] :
~ ( P @ X4 ) ) ) ).
% Collect_empty_eq
thf(fact_35_all__not__in__conv,axiom,
! [A: $tType,A2: set @ A] :
( ( ! [X4: A] :
~ ( member @ A @ X4 @ A2 ) )
= ( A2
= ( bot_bot @ ( set @ A ) ) ) ) ).
% all_not_in_conv
thf(fact_36_empty__iff,axiom,
! [A: $tType,C: A] :
~ ( member @ A @ C @ ( bot_bot @ ( set @ A ) ) ) ).
% empty_iff
thf(fact_37_ex__in__conv,axiom,
! [A: $tType,A2: set @ A] :
( ( ? [X4: A] : ( member @ A @ X4 @ A2 ) )
= ( A2
!= ( bot_bot @ ( set @ A ) ) ) ) ).
% ex_in_conv
thf(fact_38_equals0I,axiom,
! [A: $tType,A2: set @ A] :
( ! [Y3: A] :
~ ( member @ A @ Y3 @ A2 )
=> ( A2
= ( bot_bot @ ( set @ A ) ) ) ) ).
% equals0I
thf(fact_39_equals0D,axiom,
! [A: $tType,A2: set @ A,A3: A] :
( ( A2
= ( bot_bot @ ( set @ A ) ) )
=> ~ ( member @ A @ A3 @ A2 ) ) ).
% equals0D
thf(fact_40_emptyE,axiom,
! [A: $tType,A3: A] :
~ ( member @ A @ A3 @ ( bot_bot @ ( set @ A ) ) ) ).
% emptyE
thf(fact_41_mk__disjoint__insert,axiom,
! [A: $tType,A3: A,A2: set @ A] :
( ( member @ A @ A3 @ A2 )
=> ? [B3: set @ A] :
( ( A2
= ( insert @ A @ A3 @ B3 ) )
& ~ ( member @ A @ A3 @ B3 ) ) ) ).
% mk_disjoint_insert
thf(fact_42_insert__commute,axiom,
! [A: $tType,X3: A,Y: A,A2: set @ A] :
( ( insert @ A @ X3 @ ( insert @ A @ Y @ A2 ) )
= ( insert @ A @ Y @ ( insert @ A @ X3 @ A2 ) ) ) ).
% insert_commute
thf(fact_43_insert__eq__iff,axiom,
! [A: $tType,A3: A,A2: set @ A,B2: A,B: set @ A] :
( ~ ( member @ A @ A3 @ A2 )
=> ( ~ ( member @ A @ B2 @ B )
=> ( ( ( insert @ A @ A3 @ A2 )
= ( insert @ A @ B2 @ B ) )
= ( ( ( A3 = B2 )
=> ( A2 = B ) )
& ( ( A3 != B2 )
=> ? [C2: set @ A] :
( ( A2
= ( insert @ A @ B2 @ C2 ) )
& ~ ( member @ A @ B2 @ C2 )
& ( B
= ( insert @ A @ A3 @ C2 ) )
& ~ ( member @ A @ A3 @ C2 ) ) ) ) ) ) ) ).
% insert_eq_iff
thf(fact_44_insert__absorb,axiom,
! [A: $tType,A3: A,A2: set @ A] :
( ( member @ A @ A3 @ A2 )
=> ( ( insert @ A @ A3 @ A2 )
= A2 ) ) ).
% insert_absorb
thf(fact_45_mem__Collect__eq,axiom,
! [A: $tType,A3: A,P: A > $o] :
( ( member @ A @ A3 @ ( collect @ A @ P ) )
= ( P @ A3 ) ) ).
% mem_Collect_eq
thf(fact_46_Collect__mem__eq,axiom,
! [A: $tType,A2: set @ A] :
( ( collect @ A
@ ^ [X4: A] : ( member @ A @ X4 @ A2 ) )
= A2 ) ).
% Collect_mem_eq
thf(fact_47_Collect__cong,axiom,
! [A: $tType,P: A > $o,Q: A > $o] :
( ! [X: A] :
( ( P @ X )
= ( Q @ X ) )
=> ( ( collect @ A @ P )
= ( collect @ A @ Q ) ) ) ).
% Collect_cong
thf(fact_48_ext,axiom,
! [B4: $tType,A: $tType,F: A > B4,G: A > B4] :
( ! [X: A] :
( ( F @ X )
= ( G @ X ) )
=> ( F = G ) ) ).
% ext
thf(fact_49_insert__ident,axiom,
! [A: $tType,X3: A,A2: set @ A,B: set @ A] :
( ~ ( member @ A @ X3 @ A2 )
=> ( ~ ( member @ A @ X3 @ B )
=> ( ( ( insert @ A @ X3 @ A2 )
= ( insert @ A @ X3 @ B ) )
= ( A2 = B ) ) ) ) ).
% insert_ident
thf(fact_50_Set_Oset__insert,axiom,
! [A: $tType,X3: A,A2: set @ A] :
( ( member @ A @ X3 @ A2 )
=> ~ ! [B3: set @ A] :
( ( A2
= ( insert @ A @ X3 @ B3 ) )
=> ( member @ A @ X3 @ B3 ) ) ) ).
% Set.set_insert
thf(fact_51_insertI2,axiom,
! [A: $tType,A3: A,B: set @ A,B2: A] :
( ( member @ A @ A3 @ B )
=> ( member @ A @ A3 @ ( insert @ A @ B2 @ B ) ) ) ).
% insertI2
thf(fact_52_insertI1,axiom,
! [A: $tType,A3: A,B: set @ A] : ( member @ A @ A3 @ ( insert @ A @ A3 @ B ) ) ).
% insertI1
thf(fact_53_insertE,axiom,
! [A: $tType,A3: A,B2: A,A2: set @ A] :
( ( member @ A @ A3 @ ( insert @ A @ B2 @ A2 ) )
=> ( ( A3 != B2 )
=> ( member @ A @ A3 @ A2 ) ) ) ).
% insertE
thf(fact_54_singleton__inject,axiom,
! [A: $tType,A3: A,B2: A] :
( ( ( insert @ A @ A3 @ ( bot_bot @ ( set @ A ) ) )
= ( insert @ A @ B2 @ ( bot_bot @ ( set @ A ) ) ) )
=> ( A3 = B2 ) ) ).
% singleton_inject
thf(fact_55_insert__not__empty,axiom,
! [A: $tType,A3: A,A2: set @ A] :
( ( insert @ A @ A3 @ A2 )
!= ( bot_bot @ ( set @ A ) ) ) ).
% insert_not_empty
thf(fact_56_doubleton__eq__iff,axiom,
! [A: $tType,A3: A,B2: A,C: A,D: A] :
( ( ( insert @ A @ A3 @ ( insert @ A @ B2 @ ( bot_bot @ ( set @ A ) ) ) )
= ( insert @ A @ C @ ( insert @ A @ D @ ( bot_bot @ ( set @ A ) ) ) ) )
= ( ( ( A3 = C )
& ( B2 = D ) )
| ( ( A3 = D )
& ( B2 = C ) ) ) ) ).
% doubleton_eq_iff
thf(fact_57_singleton__iff,axiom,
! [A: $tType,B2: A,A3: A] :
( ( member @ A @ B2 @ ( insert @ A @ A3 @ ( bot_bot @ ( set @ A ) ) ) )
= ( B2 = A3 ) ) ).
% singleton_iff
thf(fact_58_singletonD,axiom,
! [A: $tType,B2: A,A3: A] :
( ( member @ A @ B2 @ ( insert @ A @ A3 @ ( bot_bot @ ( set @ A ) ) ) )
=> ( B2 = A3 ) ) ).
% singletonD
thf(fact_59_LocalSecretsComposition__neg1,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ks: secrecy_KS] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ! [M2: secrecy_Keys] :
( ( Ks
= ( secrecy_kKS @ M2 ) )
=> ( ~ ( ine @ P @ ( secrecy_kE @ M2 ) )
& ~ ( ine @ Q @ ( secrecy_kE @ M2 ) ) ) )
=> ( ! [M2: secrecy_Secrets] :
( ( Ks
= ( secrecy_sKS @ M2 ) )
=> ( ~ ( ine @ P @ ( secrecy_sE @ M2 ) )
& ~ ( ine @ Q @ ( secrecy_sE @ M2 ) ) ) )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( localSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( localSecrets @ Q ) )
=> ~ ( member @ secrecy_KS @ Ks @ ( localSecrets @ PQ ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_neg1
thf(fact_60_the__elem__eq,axiom,
! [A: $tType,X3: A] :
( ( the_elem @ A @ ( insert @ A @ X3 @ ( bot_bot @ ( set @ A ) ) ) )
= X3 ) ).
% the_elem_eq
thf(fact_61_bot__apply,axiom,
! [C3: $tType,D2: $tType] :
( ( bot @ C3 )
=> ( ( bot_bot @ ( D2 > C3 ) )
= ( ^ [X4: D2] : ( bot_bot @ C3 ) ) ) ) ).
% bot_apply
thf(fact_62_LocalSecretsComposition__neg1__k,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Keys: secrecy_Keys] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ~ ( ine @ P @ ( secrecy_kE @ Keys ) )
=> ( ~ ( ine @ Q @ ( secrecy_kE @ Keys ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Keys ) @ ( localSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Keys ) @ ( localSecrets @ Q ) )
=> ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Keys ) @ ( localSecrets @ PQ ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_neg1_k
thf(fact_63_LocalSecretsComposition__ine2__k,axiom,
! [K: secrecy_Keys,PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID] :
( ( member @ secrecy_KS @ ( secrecy_kKS @ K ) @ ( localSecrets @ PQ ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ~ ( ine @ P @ ( secrecy_kE @ K ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ K ) @ ( localSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ K ) @ ( localSecrets @ Q ) )
=> ( ine @ Q @ ( secrecy_kE @ K ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_ine2_k
thf(fact_64_LocalSecretsComposition__ine1__k,axiom,
! [K: secrecy_Keys,PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID] :
( ( member @ secrecy_KS @ ( secrecy_kKS @ K ) @ ( localSecrets @ PQ ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ~ ( ine @ Q @ ( secrecy_kE @ K ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ K ) @ ( localSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ K ) @ ( localSecrets @ Q ) )
=> ( ine @ P @ ( secrecy_kE @ K ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_ine1_k
thf(fact_65_know__composition__neg__ine__k,axiom,
! [P: secrecy_specID,Key: secrecy_Keys,Q: secrecy_specID,PQ: secrecy_specID] :
( ~ ( knowle1437066798e_know @ P @ ( secrecy_kKS @ Key ) )
=> ( ~ ( knowle1437066798e_know @ Q @ ( secrecy_kKS @ Key ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ~ ( ine @ PQ @ ( secrecy_kE @ Key ) ) ) ) ) ) ).
% know_composition_neg_ine_k
thf(fact_66_is__singletonI,axiom,
! [A: $tType,X3: A] : ( is_singleton @ A @ ( insert @ A @ X3 @ ( bot_bot @ ( set @ A ) ) ) ) ).
% is_singletonI
thf(fact_67_KS2Expression_Osimps_I2_J,axiom,
! [M: secrecy_Secrets] :
( ( secrec1016742679ession @ ( secrecy_sKS @ M ) )
= ( secrecy_sE @ M ) ) ).
% KS2Expression.simps(2)
thf(fact_68_Expression_Oinject_I1_J,axiom,
! [X1: secrecy_Keys,Y1: secrecy_Keys] :
( ( ( secrecy_kE @ X1 )
= ( secrecy_kE @ Y1 ) )
= ( X1 = Y1 ) ) ).
% Expression.inject(1)
thf(fact_69_KS2Expression_Osimps_I1_J,axiom,
! [M: secrecy_Keys] :
( ( secrec1016742679ession @ ( secrecy_kKS @ M ) )
= ( secrecy_kE @ M ) ) ).
% KS2Expression.simps(1)
thf(fact_70_bot__set__def,axiom,
! [A: $tType] :
( ( bot_bot @ ( set @ A ) )
= ( collect @ A @ ( bot_bot @ ( A > $o ) ) ) ) ).
% bot_set_def
thf(fact_71_Expression_Odistinct_I1_J,axiom,
! [X1: secrecy_Keys,X2: secrecy_Secrets] :
( ( secrecy_kE @ X1 )
!= ( secrecy_sE @ X2 ) ) ).
% Expression.distinct(1)
thf(fact_72_is__singleton__the__elem,axiom,
! [A: $tType] :
( ( is_singleton @ A )
= ( ^ [A4: set @ A] :
( A4
= ( insert @ A @ ( the_elem @ A @ A4 ) @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% is_singleton_the_elem
thf(fact_73_is__singletonI_H,axiom,
! [A: $tType,A2: set @ A] :
( ( A2
!= ( bot_bot @ ( set @ A ) ) )
=> ( ! [X: A,Y3: A] :
( ( member @ A @ X @ A2 )
=> ( ( member @ A @ Y3 @ A2 )
=> ( X = Y3 ) ) )
=> ( is_singleton @ A @ A2 ) ) ) ).
% is_singletonI'
thf(fact_74_bot__fun__def,axiom,
! [B4: $tType,A: $tType] :
( ( bot @ B4 )
=> ( ( bot_bot @ ( A > B4 ) )
= ( ^ [X4: A] : ( bot_bot @ B4 ) ) ) ) ).
% bot_fun_def
thf(fact_75_not__know__k__not__ine,axiom,
! [A2: secrecy_specID,M: secrecy_Keys] :
( ~ ( knowle1437066798e_know @ A2 @ ( secrecy_kKS @ M ) )
=> ~ ( ine @ A2 @ ( secrecy_kE @ M ) ) ) ).
% not_know_k_not_ine
thf(fact_76_is__singletonE,axiom,
! [A: $tType,A2: set @ A] :
( ( is_singleton @ A @ A2 )
=> ~ ! [X: A] :
( A2
!= ( insert @ A @ X @ ( bot_bot @ ( set @ A ) ) ) ) ) ).
% is_singletonE
thf(fact_77_is__singleton__def,axiom,
! [A: $tType] :
( ( is_singleton @ A )
= ( ^ [A4: set @ A] :
? [X4: A] :
( A4
= ( insert @ A @ X4 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% is_singleton_def
thf(fact_78_know_Osimps_I1_J,axiom,
! [A2: secrecy_specID,M: secrecy_Keys] :
( ( knowle1437066798e_know @ A2 @ ( secrecy_kKS @ M ) )
= ( ( ine @ A2 @ ( secrecy_kE @ M ) )
| ( member @ secrecy_KS @ ( secrecy_kKS @ M ) @ ( localSecrets @ A2 ) ) ) ) ).
% know.simps(1)
thf(fact_79_TBtheorem4a__empty,axiom,
! [P: secrecy_specID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ( ine @ P @ E )
| ( ine @ Q @ E ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( ( loc @ PQ )
= ( bot_bot @ ( set @ secrecy_chanID ) ) )
=> ( ine @ PQ @ E ) ) ) ) ) ).
% TBtheorem4a_empty
thf(fact_80_TBtheorem1b,axiom,
! [PQ: secrecy_specID,M3: set @ secrecy_chanID,E: secrecy_Expression,P: secrecy_specID,Q: secrecy_specID] :
( ( ineM @ PQ @ M3 @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( ineM @ P @ M3 @ E )
| ( ineM @ Q @ M3 @ E ) ) ) ) ) ).
% TBtheorem1b
thf(fact_81_TBtheorem3b,axiom,
! [P: secrecy_specID,M3: set @ secrecy_chanID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ~ ( ineM @ P @ M3 @ E )
=> ( ~ ( ineM @ Q @ M3 @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ~ ( ineM @ PQ @ M3 @ E ) ) ) ) ) ).
% TBtheorem3b
thf(fact_82_Set_Ois__empty__def,axiom,
! [A: $tType] :
( ( is_empty @ A )
= ( ^ [A4: set @ A] :
( A4
= ( bot_bot @ ( set @ A ) ) ) ) ) ).
% Set.is_empty_def
thf(fact_83_correctCompositionIn__L2,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
| ( member @ secrecy_chanID @ Ch @ ( ins @ Q ) ) ) ) ) ) ).
% correctCompositionIn_L2
thf(fact_84_correctCompositionIn__prop1,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,X3: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ X3 @ ( ins @ PQ ) )
=> ( ( member @ secrecy_chanID @ X3 @ ( ins @ P ) )
| ( member @ secrecy_chanID @ X3 @ ( ins @ Q ) ) ) ) ) ) ).
% correctCompositionIn_prop1
thf(fact_85_TBtheorem4a__notP1,axiom,
! [P: secrecy_specID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ine @ P @ E )
=> ( ~ ( ine @ Q @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ? [Ch2: secrecy_chanID] :
( ( ine_ex1303305700Single @ P @ Ch2 @ E )
& ( member @ secrecy_chanID @ Ch2 @ ( loc @ PQ ) ) )
=> ~ ( ine @ PQ @ E ) ) ) ) ) ) ).
% TBtheorem4a_notP1
thf(fact_86_not__ine__ineM,axiom,
! [P: secrecy_specID,E: secrecy_Expression,M3: set @ secrecy_chanID] :
( ~ ( ine @ P @ E )
=> ~ ( ineM @ P @ M3 @ E ) ) ).
% not_ine_ineM
thf(fact_87_ineM__ine,axiom,
! [P: secrecy_specID,M3: set @ secrecy_chanID,E: secrecy_Expression] :
( ( ineM @ P @ M3 @ E )
=> ( ine @ P @ E ) ) ).
% ineM_ine
thf(fact_88_TBtheorem4b__notP1,axiom,
! [P: secrecy_specID,M3: set @ secrecy_chanID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ineM @ P @ M3 @ E )
=> ( ~ ( ineM @ Q @ M3 @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ? [Ch2: secrecy_chanID] :
( ( ine_ex1303305700Single @ P @ Ch2 @ E )
& ( member @ secrecy_chanID @ Ch2 @ M3 )
& ( member @ secrecy_chanID @ Ch2 @ ( loc @ PQ ) ) )
=> ~ ( ineM @ PQ @ M3 @ E ) ) ) ) ) ) ).
% TBtheorem4b_notP1
thf(fact_89_correctCompositionIn__L1,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ~ ( member @ secrecy_chanID @ Ch @ ( loc @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
=> ( member @ secrecy_chanID @ Ch @ ( ins @ PQ ) ) ) ) ) ) ).
% correctCompositionIn_L1
thf(fact_90_subcomponents__loc,axiom,
! [X3: secrecy_specID] :
( ( correc965049635ionLoc @ X3 )
=> ( ( ( subcomponents @ X3 )
= ( bot_bot @ ( set @ secrecy_specID ) ) )
=> ( ( loc @ X3 )
= ( bot_bot @ ( set @ secrecy_chanID ) ) ) ) ) ).
% subcomponents_loc
thf(fact_91_TBtheorem4b__notPQ,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,ChSetP: set @ secrecy_chanID,E: secrecy_Expression,ChSetQ: set @ secrecy_chanID,M3: set @ secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( ine_exprChannelSet @ P @ ChSetP @ E )
=> ( ( ine_exprChannelSet @ Q @ ChSetQ @ E )
=> ( ! [X: secrecy_chanID] :
( ( member @ secrecy_chanID @ X @ ChSetP )
=> ( member @ secrecy_chanID @ X @ ( loc @ PQ ) ) )
=> ( ! [X: secrecy_chanID] :
( ( member @ secrecy_chanID @ X @ ChSetQ )
=> ( member @ secrecy_chanID @ X @ ( loc @ PQ ) ) )
=> ~ ( ineM @ PQ @ M3 @ E ) ) ) ) ) ) ) ).
% TBtheorem4b_notPQ
thf(fact_92_TBtheorem4b__notP2,axiom,
! [Q: secrecy_specID,M3: set @ secrecy_chanID,E: secrecy_Expression,PQ: secrecy_specID,P: secrecy_specID,ChSet: set @ secrecy_chanID] :
( ~ ( ineM @ Q @ M3 @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( ine_exprChannelSet @ P @ ChSet @ E )
=> ( ! [X: secrecy_chanID] :
( ( member @ secrecy_chanID @ X @ ChSet )
=> ( member @ secrecy_chanID @ X @ ( loc @ PQ ) ) )
=> ~ ( ineM @ PQ @ M3 @ E ) ) ) ) ) ) ).
% TBtheorem4b_notP2
thf(fact_93_TBtheorem4a__notPQ,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,ChSetP: set @ secrecy_chanID,E: secrecy_Expression,ChSetQ: set @ secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( ine_exprChannelSet @ P @ ChSetP @ E )
=> ( ( ine_exprChannelSet @ Q @ ChSetQ @ E )
=> ( ! [X: secrecy_chanID] :
( ( member @ secrecy_chanID @ X @ ChSetP )
=> ( member @ secrecy_chanID @ X @ ( loc @ PQ ) ) )
=> ( ! [X: secrecy_chanID] :
( ( member @ secrecy_chanID @ X @ ChSetQ )
=> ( member @ secrecy_chanID @ X @ ( loc @ PQ ) ) )
=> ~ ( ine @ PQ @ E ) ) ) ) ) ) ) ).
% TBtheorem4a_notPQ
thf(fact_94_TBtheorem4a__notP2,axiom,
! [Q: secrecy_specID,E: secrecy_Expression,PQ: secrecy_specID,P: secrecy_specID,ChSet: set @ secrecy_chanID] :
( ~ ( ine @ Q @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( ine_exprChannelSet @ P @ ChSet @ E )
=> ( ! [X: secrecy_chanID] :
( ( member @ secrecy_chanID @ X @ ChSet )
=> ( member @ secrecy_chanID @ X @ ( loc @ PQ ) ) )
=> ~ ( ine @ PQ @ E ) ) ) ) ) ) ).
% TBtheorem4a_notP2
thf(fact_95_TBtheorem4b__PQ,axiom,
! [P: secrecy_specID,M3: set @ secrecy_chanID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ( ineM @ P @ M3 @ E )
| ( ineM @ Q @ M3 @ E ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ? [Ch2: secrecy_chanID] :
( ( ( member @ secrecy_chanID @ Ch2 @ ( ins @ P ) )
| ( member @ secrecy_chanID @ Ch2 @ ( ins @ Q ) ) )
& ( member @ secrecy_chanID @ Ch2 @ M3 )
& ( exprChannel @ Ch2 @ E )
& ~ ( member @ secrecy_chanID @ Ch2 @ ( loc @ PQ ) ) )
=> ( ineM @ PQ @ M3 @ E ) ) ) ) ) ).
% TBtheorem4b_PQ
thf(fact_96_ine__exprChannelSet__def,axiom,
( ine_exprChannelSet
= ( ^ [SP: secrecy_specID,ChSet2: set @ secrecy_chanID,E2: secrecy_Expression] :
( ! [X4: secrecy_chanID] :
( ( member @ secrecy_chanID @ X4 @ ChSet2 )
=> ( ( member @ secrecy_chanID @ X4 @ ( ins @ SP ) )
& ( exprChannel @ X4 @ E2 ) ) )
& ! [X4: secrecy_chanID] :
( ( ~ ( member @ secrecy_chanID @ X4 @ ChSet2 )
& ( member @ secrecy_chanID @ X4 @ ( ins @ SP ) ) )
=> ~ ( exprChannel @ X4 @ E2 ) ) ) ) ) ).
% ine_exprChannelSet_def
thf(fact_97_ine__def,axiom,
( ine
= ( ^ [SP: secrecy_specID,E2: secrecy_Expression] :
? [Ch3: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch3 @ ( ins @ SP ) )
& ( exprChannel @ Ch3 @ E2 ) ) ) ) ).
% ine_def
thf(fact_98_ine__ins__neg1,axiom,
! [P: secrecy_specID,M: secrecy_Expression,X3: secrecy_chanID] :
( ~ ( ine @ P @ M )
=> ( ( exprChannel @ X3 @ M )
=> ~ ( member @ secrecy_chanID @ X3 @ ( ins @ P ) ) ) ) ).
% ine_ins_neg1
thf(fact_99_ineM__def,axiom,
( ineM
= ( ^ [SP: secrecy_specID,M4: set @ secrecy_chanID,E2: secrecy_Expression] :
? [Ch3: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch3 @ ( ins @ SP ) )
& ( member @ secrecy_chanID @ Ch3 @ M4 )
& ( exprChannel @ Ch3 @ E2 ) ) ) ) ).
% ineM_def
thf(fact_100_ineM__L1,axiom,
! [Ch: secrecy_chanID,M3: set @ secrecy_chanID,P: secrecy_specID,E: secrecy_Expression] :
( ( member @ secrecy_chanID @ Ch @ M3 )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
=> ( ( exprChannel @ Ch @ E )
=> ( ineM @ P @ M3 @ E ) ) ) ) ).
% ineM_L1
thf(fact_101_ine__exprChannelSingle__def,axiom,
( ine_ex1303305700Single
= ( ^ [SP: secrecy_specID,Ch3: secrecy_chanID,E2: secrecy_Expression] :
( ( member @ secrecy_chanID @ Ch3 @ ( ins @ SP ) )
& ( exprChannel @ Ch3 @ E2 )
& ! [X4: secrecy_chanID,T: nat] :
( ( ( member @ secrecy_chanID @ X4 @ ( ins @ SP ) )
& ( X4 != Ch3 ) )
=> ~ ( exprChannel @ X4 @ E2 ) ) ) ) ) ).
% ine_exprChannelSingle_def
thf(fact_102_LocalSecretsComposition__exprChannel__s,axiom,
! [X3: secrecy_chanID,Secrets: secrecy_Secrets,P: secrecy_specID,Q: secrecy_specID] :
( ( exprChannel @ X3 @ ( secrecy_sE @ Secrets ) )
=> ( ~ ( ine @ P @ ( secrecy_sE @ Secrets ) )
=> ( ~ ( ine @ Q @ ( secrecy_sE @ Secrets ) )
=> ( ~ ( member @ secrecy_chanID @ X3 @ ( ins @ P ) )
& ~ ( member @ secrecy_chanID @ X3 @ ( ins @ Q ) ) ) ) ) ) ).
% LocalSecretsComposition_exprChannel_s
thf(fact_103_LocalSecretsComposition__exprChannel__k,axiom,
! [X3: secrecy_chanID,Keys: secrecy_Keys,P: secrecy_specID,Q: secrecy_specID] :
( ( exprChannel @ X3 @ ( secrecy_kE @ Keys ) )
=> ( ~ ( ine @ P @ ( secrecy_kE @ Keys ) )
=> ( ~ ( ine @ Q @ ( secrecy_kE @ Keys ) )
=> ( ~ ( member @ secrecy_chanID @ X3 @ ( ins @ P ) )
& ~ ( member @ secrecy_chanID @ X3 @ ( ins @ Q ) ) ) ) ) ) ).
% LocalSecretsComposition_exprChannel_k
thf(fact_104_ine__nonempty__exprChannelSet,axiom,
! [P: secrecy_specID,ChSet: set @ secrecy_chanID,E: secrecy_Expression] :
( ( ine_exprChannelSet @ P @ ChSet @ E )
=> ( ( ChSet
!= ( bot_bot @ ( set @ secrecy_chanID ) ) )
=> ( ine @ P @ E ) ) ) ).
% ine_nonempty_exprChannelSet
thf(fact_105_ine__empty__exprChannelSet,axiom,
! [P: secrecy_specID,ChSet: set @ secrecy_chanID,E: secrecy_Expression] :
( ( ine_exprChannelSet @ P @ ChSet @ E )
=> ( ( ChSet
= ( bot_bot @ ( set @ secrecy_chanID ) ) )
=> ~ ( ine @ P @ E ) ) ) ).
% ine_empty_exprChannelSet
thf(fact_106_ine__exprChannelSingle__Set,axiom,
! [P: secrecy_specID,Ch: secrecy_chanID,E: secrecy_Expression] :
( ( ine_ex1303305700Single @ P @ Ch @ E )
=> ( ine_exprChannelSet @ P @ ( insert @ secrecy_chanID @ Ch @ ( bot_bot @ ( set @ secrecy_chanID ) ) ) @ E ) ) ).
% ine_exprChannelSingle_Set
thf(fact_107_ine__exprChannelSet__Single,axiom,
! [P: secrecy_specID,Ch: secrecy_chanID,E: secrecy_Expression] :
( ( ine_exprChannelSet @ P @ ( insert @ secrecy_chanID @ Ch @ ( bot_bot @ ( set @ secrecy_chanID ) ) ) @ E )
=> ( ine_ex1303305700Single @ P @ Ch @ E ) ) ).
% ine_exprChannelSet_Single
thf(fact_108_correctCompositionInLoc__exprChannel,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ch: secrecy_chanID,M: secrecy_Expression] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
=> ( ( exprChannel @ Ch @ M )
=> ( ! [X: secrecy_chanID] :
( ( member @ secrecy_chanID @ X @ ( ins @ PQ ) )
=> ~ ( exprChannel @ X @ M ) )
=> ( member @ secrecy_chanID @ Ch @ ( loc @ PQ ) ) ) ) ) ) ) ).
% correctCompositionInLoc_exprChannel
thf(fact_109_TBlemma3b,axiom,
! [P: secrecy_specID,M3: set @ secrecy_chanID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID,Ch: secrecy_chanID] :
( ~ ( ineM @ P @ M3 @ E )
=> ( ~ ( ineM @ Q @ M3 @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ Ch @ M3 )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ PQ ) )
=> ~ ( exprChannel @ Ch @ E ) ) ) ) ) ) ) ).
% TBlemma3b
thf(fact_110_TBtheorem4a__P,axiom,
! [P: secrecy_specID,E: secrecy_Expression,PQ: secrecy_specID,Q: secrecy_specID] :
( ( ine @ P @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ? [Ch2: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch2 @ ( ins @ P ) )
& ( exprChannel @ Ch2 @ E )
& ~ ( member @ secrecy_chanID @ Ch2 @ ( loc @ PQ ) ) )
=> ( ine @ PQ @ E ) ) ) ) ) ).
% TBtheorem4a_P
thf(fact_111_TBtheorem4a__PQ,axiom,
! [P: secrecy_specID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ( ine @ P @ E )
| ( ine @ Q @ E ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ? [Ch2: secrecy_chanID] :
( ( ( member @ secrecy_chanID @ Ch2 @ ( ins @ P ) )
| ( member @ secrecy_chanID @ Ch2 @ ( ins @ Q ) ) )
& ( exprChannel @ Ch2 @ E )
& ~ ( member @ secrecy_chanID @ Ch2 @ ( loc @ PQ ) ) )
=> ( ine @ PQ @ E ) ) ) ) ) ).
% TBtheorem4a_PQ
thf(fact_112_TBtheorem4b__P,axiom,
! [P: secrecy_specID,M3: set @ secrecy_chanID,E: secrecy_Expression,PQ: secrecy_specID,Q: secrecy_specID] :
( ( ineM @ P @ M3 @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ? [Ch2: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch2 @ ( ins @ Q ) )
& ( exprChannel @ Ch2 @ E )
& ~ ( member @ secrecy_chanID @ Ch2 @ ( loc @ PQ ) )
& ( member @ secrecy_chanID @ Ch2 @ M3 ) )
=> ( ineM @ PQ @ M3 @ E ) ) ) ) ) ).
% TBtheorem4b_P
thf(fact_113_locStream__def,axiom,
( locStream
= ( ^ [X4: secrecy_specID] :
( ^ [Y4: set @ secrecy_chanID,Z: set @ secrecy_chanID] : ( Y4 = Z )
@ ( loc @ X4 ) ) ) ) ).
% locStream_def
thf(fact_114_inStream__def,axiom,
( inStream
= ( ^ [X4: secrecy_specID] :
( ^ [Y4: set @ secrecy_chanID,Z: set @ secrecy_chanID] : ( Y4 = Z )
@ ( ins @ X4 ) ) ) ) ).
% inStream_def
thf(fact_115_Collect__empty__eq__bot,axiom,
! [A: $tType,P: A > $o] :
( ( ( collect @ A @ P )
= ( bot_bot @ ( set @ A ) ) )
= ( P
= ( bot_bot @ ( A > $o ) ) ) ) ).
% Collect_empty_eq_bot
thf(fact_116_bot__empty__eq,axiom,
! [A: $tType] :
( ( bot_bot @ ( A > $o ) )
= ( ^ [X4: A] : ( member @ A @ X4 @ ( bot_bot @ ( set @ A ) ) ) ) ) ).
% bot_empty_eq
thf(fact_117_LocalSecretsComposition__neg__loc__s,axiom,
! [Secret: secrecy_Secrets,P: secrecy_specID,Ch: secrecy_chanID] :
( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( localSecrets @ P ) )
=> ( ( exprChannel @ Ch @ ( secrecy_sE @ Secret ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( specKeysSecrets @ P ) )
=> ~ ( member @ secrecy_chanID @ Ch @ ( loc @ P ) ) ) ) ) ).
% LocalSecretsComposition_neg_loc_s
thf(fact_118_LocalSecretsComposition__neg__loc__k,axiom,
! [Key: secrecy_Keys,P: secrecy_specID,Ch: secrecy_chanID] :
( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( localSecrets @ P ) )
=> ( ( exprChannel @ Ch @ ( secrecy_kE @ Key ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( specKeysSecrets @ P ) )
=> ~ ( member @ secrecy_chanID @ Ch @ ( loc @ P ) ) ) ) ) ).
% LocalSecretsComposition_neg_loc_k
thf(fact_119_correctCompositionKS__exprChannel__s__Qex,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Secret: secrecy_Secrets,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ Q ) )
=> ( ( exprChannel @ Ch @ ( secrecy_sE @ Secret ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ? [Ch4: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch4 @ ( ins @ PQ ) )
& ( exprChannel @ Ch4 @ ( secrecy_sE @ Secret ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_s_Qex
thf(fact_120_correctCompositionKS__exprChannel__s__Pex,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Secret: secrecy_Secrets,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
=> ( ( exprChannel @ Ch @ ( secrecy_sE @ Secret ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ? [Ch4: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch4 @ ( ins @ PQ ) )
& ( exprChannel @ Ch4 @ ( secrecy_sE @ Secret ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_s_Pex
thf(fact_121_correctCompositionKS__exprChannel__s__Q,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Secret: secrecy_Secrets,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ Q ) )
=> ( ( exprChannel @ Ch @ ( secrecy_sE @ Secret ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ PQ ) )
& ( exprChannel @ Ch @ ( secrecy_sE @ Secret ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_s_Q
thf(fact_122_correctCompositionKS__exprChannel__s__P,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Secret: secrecy_Secrets,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
=> ( ( exprChannel @ Ch @ ( secrecy_sE @ Secret ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Secret ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ PQ ) )
& ( exprChannel @ Ch @ ( secrecy_sE @ Secret ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_s_P
thf(fact_123_correctCompositionKS__PQ,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ks: secrecy_KS] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ PQ ) )
=> ( ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ P ) )
| ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ Q ) ) ) ) ) ) ).
% correctCompositionKS_PQ
thf(fact_124_correctCompositionKS__neg1,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ks: secrecy_KS] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ Q ) )
=> ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ PQ ) ) ) ) ) ) ).
% correctCompositionKS_neg1
thf(fact_125_correctCompositionKS__negP,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ks: secrecy_KS] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ PQ ) )
=> ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ P ) ) ) ) ) ).
% correctCompositionKS_negP
thf(fact_126_correctCompositionKS__negQ,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ks: secrecy_KS] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ PQ ) )
=> ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ Q ) ) ) ) ) ).
% correctCompositionKS_negQ
thf(fact_127_know__composition,axiom,
! [M: secrecy_KS,P: secrecy_specID,Q: secrecy_specID,PQ: secrecy_specID] :
( ~ ( member @ secrecy_KS @ M @ ( specKeysSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ M @ ( specKeysSecrets @ Q ) )
=> ( ( ( knowle1437066798e_know @ P @ M )
| ( knowle1437066798e_know @ Q @ M ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( correctCompositionKS @ PQ )
=> ( knowle1437066798e_know @ PQ @ M ) ) ) ) ) ) ) ).
% know_composition
thf(fact_128_know__composition1,axiom,
! [M: secrecy_KS,P: secrecy_specID,Q: secrecy_specID,PQ: secrecy_specID] :
( ~ ( member @ secrecy_KS @ M @ ( specKeysSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ M @ ( specKeysSecrets @ Q ) )
=> ( ( knowle1437066798e_know @ P @ M )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( correctCompositionKS @ PQ )
=> ( knowle1437066798e_know @ PQ @ M ) ) ) ) ) ) ) ).
% know_composition1
thf(fact_129_know__composition2,axiom,
! [M: secrecy_KS,P: secrecy_specID,Q: secrecy_specID,PQ: secrecy_specID] :
( ~ ( member @ secrecy_KS @ M @ ( specKeysSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ M @ ( specKeysSecrets @ Q ) )
=> ( ( knowle1437066798e_know @ Q @ M )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( correctCompositionKS @ PQ )
=> ( knowle1437066798e_know @ PQ @ M ) ) ) ) ) ) ) ).
% know_composition2
thf(fact_130_correctCompositionKS__exprChannel__k__P,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Key: secrecy_Keys,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
=> ( ( exprChannel @ Ch @ ( secrecy_kE @ Key ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ PQ ) )
& ( exprChannel @ Ch @ ( secrecy_kE @ Key ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_k_P
thf(fact_131_correctCompositionKS__exprChannel__k__Q,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Key: secrecy_Keys,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ Q ) )
=> ( ( exprChannel @ Ch @ ( secrecy_kE @ Key ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ PQ ) )
& ( exprChannel @ Ch @ ( secrecy_kE @ Key ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_k_Q
thf(fact_132_correctCompositionKS__exprChannel__k__Pex,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Key: secrecy_Keys,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ P ) )
=> ( ( exprChannel @ Ch @ ( secrecy_kE @ Key ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ? [Ch4: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch4 @ ( ins @ PQ ) )
& ( exprChannel @ Ch4 @ ( secrecy_kE @ Key ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_k_Pex
thf(fact_133_correctCompositionKS__exprChannel__k__Qex,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Key: secrecy_Keys,Ch: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( localSecrets @ PQ ) )
=> ( ( member @ secrecy_chanID @ Ch @ ( ins @ Q ) )
=> ( ( exprChannel @ Ch @ ( secrecy_kE @ Key ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ Key ) @ ( specKeysSecrets @ PQ ) )
=> ( ( correctCompositionIn @ PQ )
=> ? [Ch4: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch4 @ ( ins @ PQ ) )
& ( exprChannel @ Ch4 @ ( secrecy_kE @ Key ) ) ) ) ) ) ) ) ) ) ).
% correctCompositionKS_exprChannel_k_Qex
thf(fact_134_LocalSecretsComposition__neg,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,Ks: secrecy_KS] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( specKeysSecrets @ Q ) )
=> ( ! [M2: secrecy_Keys] :
( ( Ks
= ( secrecy_kKS @ M2 ) )
=> ( ~ ( ine @ P @ ( secrecy_kE @ M2 ) )
& ~ ( ine @ Q @ ( secrecy_kE @ M2 ) ) ) )
=> ( ! [M2: secrecy_Secrets] :
( ( Ks
= ( secrecy_sKS @ M2 ) )
=> ( ~ ( ine @ P @ ( secrecy_sE @ M2 ) )
& ~ ( ine @ Q @ ( secrecy_sE @ M2 ) ) ) )
=> ( ~ ( member @ secrecy_KS @ Ks @ ( sup_sup @ ( set @ secrecy_KS ) @ ( localSecrets @ P ) @ ( localSecrets @ Q ) ) )
=> ~ ( member @ secrecy_KS @ Ks @ ( localSecrets @ PQ ) ) ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_neg
thf(fact_135_LocalSecretsComposition__neg__s,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,M: secrecy_Secrets] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ M ) @ ( specKeysSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ M ) @ ( specKeysSecrets @ Q ) )
=> ( ~ ( ine @ P @ ( secrecy_sE @ M ) )
=> ( ~ ( ine @ Q @ ( secrecy_sE @ M ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_sKS @ M ) @ ( sup_sup @ ( set @ secrecy_KS ) @ ( localSecrets @ P ) @ ( localSecrets @ Q ) ) )
=> ~ ( member @ secrecy_KS @ ( secrecy_sKS @ M ) @ ( localSecrets @ PQ ) ) ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_neg_s
thf(fact_136_LocalSecretsComposition__neg__k,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,M: secrecy_Keys] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc965049635ionLoc @ PQ )
=> ( ( correctCompositionKS @ PQ )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ M ) @ ( specKeysSecrets @ P ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ M ) @ ( specKeysSecrets @ Q ) )
=> ( ~ ( ine @ P @ ( secrecy_kE @ M ) )
=> ( ~ ( ine @ Q @ ( secrecy_kE @ M ) )
=> ( ~ ( member @ secrecy_KS @ ( secrecy_kKS @ M ) @ ( sup_sup @ ( set @ secrecy_KS ) @ ( localSecrets @ P ) @ ( localSecrets @ Q ) ) )
=> ~ ( member @ secrecy_KS @ ( secrecy_kKS @ M ) @ ( localSecrets @ PQ ) ) ) ) ) ) ) ) ) ) ).
% LocalSecretsComposition_neg_k
thf(fact_137_notSpecKeysSecretsExpr__def,axiom,
( notSpe1586871396tsExpr
= ( ^ [P2: secrecy_specID,E3: list @ secrecy_Expression] :
( ! [X4: secrecy_Keys] :
( ( mem @ secrecy_Expression @ ( secrecy_kE @ X4 ) @ E3 )
=> ~ ( member @ secrecy_KS @ ( secrecy_kKS @ X4 ) @ ( specKeysSecrets @ P2 ) ) )
& ! [Y5: secrecy_Secrets] :
( ( mem @ secrecy_Expression @ ( secrecy_sE @ Y5 ) @ E3 )
=> ~ ( member @ secrecy_KS @ ( secrecy_sKS @ Y5 ) @ ( specKeysSecrets @ P2 ) ) ) ) ) ) ).
% notSpecKeysSecretsExpr_def
thf(fact_138_UnCI,axiom,
! [A: $tType,C: A,B: set @ A,A2: set @ A] :
( ( ~ ( member @ A @ C @ B )
=> ( member @ A @ C @ A2 ) )
=> ( member @ A @ C @ ( sup_sup @ ( set @ A ) @ A2 @ B ) ) ) ).
% UnCI
thf(fact_139_Un__iff,axiom,
! [A: $tType,C: A,A2: set @ A,B: set @ A] :
( ( member @ A @ C @ ( sup_sup @ ( set @ A ) @ A2 @ B ) )
= ( ( member @ A @ C @ A2 )
| ( member @ A @ C @ B ) ) ) ).
% Un_iff
thf(fact_140_Un__empty,axiom,
! [A: $tType,A2: set @ A,B: set @ A] :
( ( ( sup_sup @ ( set @ A ) @ A2 @ B )
= ( bot_bot @ ( set @ A ) ) )
= ( ( A2
= ( bot_bot @ ( set @ A ) ) )
& ( B
= ( bot_bot @ ( set @ A ) ) ) ) ) ).
% Un_empty
thf(fact_141_Un__insert__right,axiom,
! [A: $tType,A2: set @ A,A3: A,B: set @ A] :
( ( sup_sup @ ( set @ A ) @ A2 @ ( insert @ A @ A3 @ B ) )
= ( insert @ A @ A3 @ ( sup_sup @ ( set @ A ) @ A2 @ B ) ) ) ).
% Un_insert_right
thf(fact_142_Un__insert__left,axiom,
! [A: $tType,A3: A,B: set @ A,C4: set @ A] :
( ( sup_sup @ ( set @ A ) @ ( insert @ A @ A3 @ B ) @ C4 )
= ( insert @ A @ A3 @ ( sup_sup @ ( set @ A ) @ B @ C4 ) ) ) ).
% Un_insert_left
thf(fact_143_UnE,axiom,
! [A: $tType,C: A,A2: set @ A,B: set @ A] :
( ( member @ A @ C @ ( sup_sup @ ( set @ A ) @ A2 @ B ) )
=> ( ~ ( member @ A @ C @ A2 )
=> ( member @ A @ C @ B ) ) ) ).
% UnE
thf(fact_144_UnI1,axiom,
! [A: $tType,C: A,A2: set @ A,B: set @ A] :
( ( member @ A @ C @ A2 )
=> ( member @ A @ C @ ( sup_sup @ ( set @ A ) @ A2 @ B ) ) ) ).
% UnI1
thf(fact_145_UnI2,axiom,
! [A: $tType,C: A,B: set @ A,A2: set @ A] :
( ( member @ A @ C @ B )
=> ( member @ A @ C @ ( sup_sup @ ( set @ A ) @ A2 @ B ) ) ) ).
% UnI2
thf(fact_146_bex__Un,axiom,
! [A: $tType,A2: set @ A,B: set @ A,P: A > $o] :
( ( ? [X4: A] :
( ( member @ A @ X4 @ ( sup_sup @ ( set @ A ) @ A2 @ B ) )
& ( P @ X4 ) ) )
= ( ? [X4: A] :
( ( member @ A @ X4 @ A2 )
& ( P @ X4 ) )
| ? [X4: A] :
( ( member @ A @ X4 @ B )
& ( P @ X4 ) ) ) ) ).
% bex_Un
thf(fact_147_ball__Un,axiom,
! [A: $tType,A2: set @ A,B: set @ A,P: A > $o] :
( ( ! [X4: A] :
( ( member @ A @ X4 @ ( sup_sup @ ( set @ A ) @ A2 @ B ) )
=> ( P @ X4 ) ) )
= ( ! [X4: A] :
( ( member @ A @ X4 @ A2 )
=> ( P @ X4 ) )
& ! [X4: A] :
( ( member @ A @ X4 @ B )
=> ( P @ X4 ) ) ) ) ).
% ball_Un
thf(fact_148_Un__assoc,axiom,
! [A: $tType,A2: set @ A,B: set @ A,C4: set @ A] :
( ( sup_sup @ ( set @ A ) @ ( sup_sup @ ( set @ A ) @ A2 @ B ) @ C4 )
= ( sup_sup @ ( set @ A ) @ A2 @ ( sup_sup @ ( set @ A ) @ B @ C4 ) ) ) ).
% Un_assoc
thf(fact_149_Un__absorb,axiom,
! [A: $tType,A2: set @ A] :
( ( sup_sup @ ( set @ A ) @ A2 @ A2 )
= A2 ) ).
% Un_absorb
thf(fact_150_Un__commute,axiom,
! [A: $tType] :
( ( sup_sup @ ( set @ A ) )
= ( ^ [A4: set @ A,B5: set @ A] : ( sup_sup @ ( set @ A ) @ B5 @ A4 ) ) ) ).
% Un_commute
thf(fact_151_Un__left__absorb,axiom,
! [A: $tType,A2: set @ A,B: set @ A] :
( ( sup_sup @ ( set @ A ) @ A2 @ ( sup_sup @ ( set @ A ) @ A2 @ B ) )
= ( sup_sup @ ( set @ A ) @ A2 @ B ) ) ).
% Un_left_absorb
thf(fact_152_Un__left__commute,axiom,
! [A: $tType,A2: set @ A,B: set @ A,C4: set @ A] :
( ( sup_sup @ ( set @ A ) @ A2 @ ( sup_sup @ ( set @ A ) @ B @ C4 ) )
= ( sup_sup @ ( set @ A ) @ B @ ( sup_sup @ ( set @ A ) @ A2 @ C4 ) ) ) ).
% Un_left_commute
thf(fact_153_Un__empty__left,axiom,
! [A: $tType,B: set @ A] :
( ( sup_sup @ ( set @ A ) @ ( bot_bot @ ( set @ A ) ) @ B )
= B ) ).
% Un_empty_left
thf(fact_154_Un__empty__right,axiom,
! [A: $tType,A2: set @ A] :
( ( sup_sup @ ( set @ A ) @ A2 @ ( bot_bot @ ( set @ A ) ) )
= A2 ) ).
% Un_empty_right
thf(fact_155_singleton__Un__iff,axiom,
! [A: $tType,X3: A,A2: set @ A,B: set @ A] :
( ( ( insert @ A @ X3 @ ( bot_bot @ ( set @ A ) ) )
= ( sup_sup @ ( set @ A ) @ A2 @ B ) )
= ( ( ( A2
= ( bot_bot @ ( set @ A ) ) )
& ( B
= ( insert @ A @ X3 @ ( bot_bot @ ( set @ A ) ) ) ) )
| ( ( A2
= ( insert @ A @ X3 @ ( bot_bot @ ( set @ A ) ) ) )
& ( B
= ( bot_bot @ ( set @ A ) ) ) )
| ( ( A2
= ( insert @ A @ X3 @ ( bot_bot @ ( set @ A ) ) ) )
& ( B
= ( insert @ A @ X3 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ) ).
% singleton_Un_iff
thf(fact_156_Un__singleton__iff,axiom,
! [A: $tType,A2: set @ A,B: set @ A,X3: A] :
( ( ( sup_sup @ ( set @ A ) @ A2 @ B )
= ( insert @ A @ X3 @ ( bot_bot @ ( set @ A ) ) ) )
= ( ( ( A2
= ( bot_bot @ ( set @ A ) ) )
& ( B
= ( insert @ A @ X3 @ ( bot_bot @ ( set @ A ) ) ) ) )
| ( ( A2
= ( insert @ A @ X3 @ ( bot_bot @ ( set @ A ) ) ) )
& ( B
= ( bot_bot @ ( set @ A ) ) ) )
| ( ( A2
= ( insert @ A @ X3 @ ( bot_bot @ ( set @ A ) ) ) )
& ( B
= ( insert @ A @ X3 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ) ).
% Un_singleton_iff
thf(fact_157_insert__is__Un,axiom,
! [A: $tType] :
( ( insert @ A )
= ( ^ [A5: A] : ( sup_sup @ ( set @ A ) @ ( insert @ A @ A5 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% insert_is_Un
thf(fact_158_sup__bot_Oright__neutral,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [A3: A] :
( ( sup_sup @ A @ A3 @ ( bot_bot @ A ) )
= A3 ) ) ).
% sup_bot.right_neutral
thf(fact_159_sup__bot_Oneutr__eq__iff,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [A3: A,B2: A] :
( ( ( bot_bot @ A )
= ( sup_sup @ A @ A3 @ B2 ) )
= ( ( A3
= ( bot_bot @ A ) )
& ( B2
= ( bot_bot @ A ) ) ) ) ) ).
% sup_bot.neutr_eq_iff
thf(fact_160_sup__bot_Oleft__neutral,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [A3: A] :
( ( sup_sup @ A @ ( bot_bot @ A ) @ A3 )
= A3 ) ) ).
% sup_bot.left_neutral
thf(fact_161_sup__bot_Oeq__neutr__iff,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [A3: A,B2: A] :
( ( ( sup_sup @ A @ A3 @ B2 )
= ( bot_bot @ A ) )
= ( ( A3
= ( bot_bot @ A ) )
& ( B2
= ( bot_bot @ A ) ) ) ) ) ).
% sup_bot.eq_neutr_iff
thf(fact_162_sup__bot__left,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [X3: A] :
( ( sup_sup @ A @ ( bot_bot @ A ) @ X3 )
= X3 ) ) ).
% sup_bot_left
thf(fact_163_sup__bot__right,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [X3: A] :
( ( sup_sup @ A @ X3 @ ( bot_bot @ A ) )
= X3 ) ) ).
% sup_bot_right
thf(fact_164_bot__eq__sup__iff,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [X3: A,Y: A] :
( ( ( bot_bot @ A )
= ( sup_sup @ A @ X3 @ Y ) )
= ( ( X3
= ( bot_bot @ A ) )
& ( Y
= ( bot_bot @ A ) ) ) ) ) ).
% bot_eq_sup_iff
thf(fact_165_sup__eq__bot__iff,axiom,
! [A: $tType] :
( ( bounde1808546759up_bot @ A )
=> ! [X3: A,Y: A] :
( ( ( sup_sup @ A @ X3 @ Y )
= ( bot_bot @ A ) )
= ( ( X3
= ( bot_bot @ A ) )
& ( Y
= ( bot_bot @ A ) ) ) ) ) ).
% sup_eq_bot_iff
thf(fact_166_ineM__Un1,axiom,
! [P: secrecy_specID,A2: set @ secrecy_chanID,E: secrecy_Expression,B: set @ secrecy_chanID] :
( ( ineM @ P @ A2 @ E )
=> ( ineM @ P @ ( sup_sup @ ( set @ secrecy_chanID ) @ A2 @ B ) @ E ) ) ).
% ineM_Un1
thf(fact_167_TBtheorem5a__empty,axiom,
! [P: secrecy_specID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ( eout @ P @ E )
| ( eout @ Q @ E ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( ( loc @ PQ )
= ( bot_bot @ ( set @ secrecy_chanID ) ) )
=> ( eout @ PQ @ E ) ) ) ) ) ).
% TBtheorem5a_empty
thf(fact_168_correctCompositionKS__subcomp1,axiom,
! [C4: secrecy_specID,X3: secrecy_specID,Xa: secrecy_Keys] :
( ( correctCompositionKS @ C4 )
=> ( ( member @ secrecy_specID @ X3 @ ( subcomponents @ C4 ) )
=> ( ( member @ secrecy_Keys @ Xa @ ( specKeys @ C4 ) )
=> ? [X: secrecy_specID] :
( ( member @ secrecy_specID @ X @ ( subcomponents @ C4 ) )
& ( member @ secrecy_Keys @ Xa @ ( specKeys @ X ) ) ) ) ) ) ).
% correctCompositionKS_subcomp1
thf(fact_169_correctCompositionKS__subcomp2,axiom,
! [C4: secrecy_specID,X3: secrecy_specID,Xa: secrecy_Secrets] :
( ( correctCompositionKS @ C4 )
=> ( ( member @ secrecy_specID @ X3 @ ( subcomponents @ C4 ) )
=> ( ( member @ secrecy_Secrets @ Xa @ ( specSecrets @ C4 ) )
=> ? [X: secrecy_specID] :
( ( member @ secrecy_specID @ X @ ( subcomponents @ C4 ) )
& ( member @ secrecy_Secrets @ Xa @ ( specSecrets @ X ) ) ) ) ) ) ).
% correctCompositionKS_subcomp2
thf(fact_170_TBtheorem2a,axiom,
! [PQ: secrecy_specID,E: secrecy_Expression,P: secrecy_specID,Q: secrecy_specID] :
( ( eout @ PQ @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( eout @ P @ E )
| ( eout @ Q @ E ) ) ) ) ) ).
% TBtheorem2a
thf(fact_171_correctCompositionKS__subcomp4,axiom,
! [C4: secrecy_specID,X3: secrecy_specID,Xa: secrecy_Secrets] :
( ( correctCompositionKS @ C4 )
=> ( ( member @ secrecy_specID @ X3 @ ( subcomponents @ C4 ) )
=> ( ( member @ secrecy_Secrets @ Xa @ ( specSecrets @ X3 ) )
=> ( member @ secrecy_Secrets @ Xa @ ( specSecrets @ C4 ) ) ) ) ) ).
% correctCompositionKS_subcomp4
thf(fact_172_correctCompositionKS__subcomp3,axiom,
! [C4: secrecy_specID,X3: secrecy_specID,Xa: secrecy_Keys] :
( ( correctCompositionKS @ C4 )
=> ( ( member @ secrecy_specID @ X3 @ ( subcomponents @ C4 ) )
=> ( ( member @ secrecy_Keys @ Xa @ ( specKeys @ X3 ) )
=> ( member @ secrecy_Keys @ Xa @ ( specKeys @ C4 ) ) ) ) ) ).
% correctCompositionKS_subcomp3
thf(fact_173_TBtheorem5a__notP1,axiom,
! [P: secrecy_specID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( eout @ P @ E )
=> ( ~ ( eout @ Q @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ? [Ch2: secrecy_chanID] :
( ( out_ex985543062Single @ P @ Ch2 @ E )
& ( member @ secrecy_chanID @ Ch2 @ ( loc @ PQ ) ) )
=> ~ ( eout @ PQ @ E ) ) ) ) ) ) ).
% TBtheorem5a_notP1
thf(fact_174_TBtheorem5a__notPQ,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,ChSetP: set @ secrecy_chanID,E: secrecy_Expression,ChSetQ: set @ secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( out_exprChannelSet @ P @ ChSetP @ E )
=> ( ( out_exprChannelSet @ Q @ ChSetQ @ E )
=> ( ! [X: secrecy_chanID] :
( ( member @ secrecy_chanID @ X @ ChSetP )
=> ( member @ secrecy_chanID @ X @ ( loc @ PQ ) ) )
=> ( ! [X: secrecy_chanID] :
( ( member @ secrecy_chanID @ X @ ChSetQ )
=> ( member @ secrecy_chanID @ X @ ( loc @ PQ ) ) )
=> ~ ( eout @ PQ @ E ) ) ) ) ) ) ) ).
% TBtheorem5a_notPQ
thf(fact_175_TBtheorem5a__notP2,axiom,
! [Q: secrecy_specID,E: secrecy_Expression,PQ: secrecy_specID,P: secrecy_specID,ChSet: set @ secrecy_chanID] :
( ~ ( eout @ Q @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( out_exprChannelSet @ P @ ChSet @ E )
=> ( ! [X: secrecy_chanID] :
( ( member @ secrecy_chanID @ X @ ChSet )
=> ( member @ secrecy_chanID @ X @ ( loc @ PQ ) ) )
=> ~ ( eout @ PQ @ E ) ) ) ) ) ) ).
% TBtheorem5a_notP2
thf(fact_176_out__exprChannelSingle__Set,axiom,
! [P: secrecy_specID,Ch: secrecy_chanID,E: secrecy_Expression] :
( ( out_ex985543062Single @ P @ Ch @ E )
=> ( out_exprChannelSet @ P @ ( insert @ secrecy_chanID @ Ch @ ( bot_bot @ ( set @ secrecy_chanID ) ) ) @ E ) ) ).
% out_exprChannelSingle_Set
thf(fact_177_out__exprChannelSet__Single,axiom,
! [P: secrecy_specID,Ch: secrecy_chanID,E: secrecy_Expression] :
( ( out_exprChannelSet @ P @ ( insert @ secrecy_chanID @ Ch @ ( bot_bot @ ( set @ secrecy_chanID ) ) ) @ E )
=> ( out_ex985543062Single @ P @ Ch @ E ) ) ).
% out_exprChannelSet_Single
thf(fact_178_TBtheorem5b__notPQ,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,ChSetP: set @ secrecy_chanID,E: secrecy_Expression,ChSetQ: set @ secrecy_chanID,M3: set @ secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( out_exprChannelSet @ P @ ChSetP @ E )
=> ( ( out_exprChannelSet @ Q @ ChSetQ @ E )
=> ( ( M3
= ( sup_sup @ ( set @ secrecy_chanID ) @ ChSetP @ ChSetQ ) )
=> ( ! [X: secrecy_chanID] :
( ( member @ secrecy_chanID @ X @ ChSetP )
=> ( member @ secrecy_chanID @ X @ ( loc @ PQ ) ) )
=> ( ! [X: secrecy_chanID] :
( ( member @ secrecy_chanID @ X @ ChSetQ )
=> ( member @ secrecy_chanID @ X @ ( loc @ PQ ) ) )
=> ~ ( eoutM @ PQ @ M3 @ E ) ) ) ) ) ) ) ) ).
% TBtheorem5b_notPQ
thf(fact_179_eout__know__s,axiom,
! [C4: secrecy_specID,M: secrecy_Secrets] :
( ( knowle1667810483orrect @ C4 @ ( secrecy_sKS @ M ) )
= ( ( eout @ C4 @ ( secrecy_sE @ M ) )
= ( ( member @ secrecy_Secrets @ M @ ( specSecrets @ C4 ) )
| ( knowle1437066798e_know @ C4 @ ( secrecy_sKS @ M ) ) ) ) ) ).
% eout_know_s
thf(fact_180_not__know__s__not__eout,axiom,
! [M: secrecy_Secrets,A2: secrecy_specID] :
( ~ ( member @ secrecy_Secrets @ M @ ( specSecrets @ A2 ) )
=> ( ~ ( knowle1437066798e_know @ A2 @ ( secrecy_sKS @ M ) )
=> ( ( knowle1667810483orrect @ A2 @ ( secrecy_sKS @ M ) )
=> ~ ( eout @ A2 @ ( secrecy_sE @ M ) ) ) ) ) ).
% not_know_s_not_eout
thf(fact_181_not__eout__eoutM,axiom,
! [P: secrecy_specID,E: secrecy_Expression,M3: set @ secrecy_chanID] :
( ~ ( eout @ P @ E )
=> ~ ( eoutM @ P @ M3 @ E ) ) ).
% not_eout_eoutM
thf(fact_182_eoutM__eout,axiom,
! [P: secrecy_specID,M3: set @ secrecy_chanID,E: secrecy_Expression] :
( ( eoutM @ P @ M3 @ E )
=> ( eout @ P @ E ) ) ).
% eoutM_eout
thf(fact_183_TBtheorem2b,axiom,
! [PQ: secrecy_specID,M3: set @ secrecy_chanID,E: secrecy_Expression,P: secrecy_specID,Q: secrecy_specID] :
( ( eoutM @ PQ @ M3 @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( eoutM @ P @ M3 @ E )
| ( eoutM @ Q @ M3 @ E ) ) ) ) ) ).
% TBtheorem2b
thf(fact_184_TBtheorem5b__notP2,axiom,
! [Q: secrecy_specID,M3: set @ secrecy_chanID,E: secrecy_Expression,PQ: secrecy_specID,P: secrecy_specID,ChSet: set @ secrecy_chanID] :
( ~ ( eoutM @ Q @ M3 @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( out_exprChannelSet @ P @ ChSet @ E )
=> ( ! [X: secrecy_chanID] :
( ( member @ secrecy_chanID @ X @ ChSet )
=> ( member @ secrecy_chanID @ X @ ( loc @ PQ ) ) )
=> ~ ( eoutM @ PQ @ M3 @ E ) ) ) ) ) ) ).
% TBtheorem5b_notP2
thf(fact_185_TBtheorem5b__notP1,axiom,
! [P: secrecy_specID,M3: set @ secrecy_chanID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( eoutM @ P @ M3 @ E )
=> ( ~ ( eoutM @ Q @ M3 @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ? [Ch2: secrecy_chanID] :
( ( out_ex985543062Single @ P @ Ch2 @ E )
& ( member @ secrecy_chanID @ Ch2 @ M3 )
& ( member @ secrecy_chanID @ Ch2 @ ( loc @ PQ ) ) )
=> ~ ( eoutM @ PQ @ M3 @ E ) ) ) ) ) ) ).
% TBtheorem5b_notP1
thf(fact_186_eout__know__nonKS__k,axiom,
! [M: secrecy_Keys,A2: secrecy_specID] :
( ~ ( member @ secrecy_Keys @ M @ ( specKeys @ A2 ) )
=> ( ( eout @ A2 @ ( secrecy_kE @ M ) )
=> ( ( knowle1667810483orrect @ A2 @ ( secrecy_kKS @ M ) )
=> ( knowle1437066798e_know @ A2 @ ( secrecy_kKS @ M ) ) ) ) ) ).
% eout_know_nonKS_k
thf(fact_187_eoutKnowCorrect__L1k,axiom,
! [C4: secrecy_specID,M: secrecy_Keys] :
( ( knowle1667810483orrect @ C4 @ ( secrecy_kKS @ M ) )
=> ( ( eout @ C4 @ ( secrecy_kE @ M ) )
=> ( ( member @ secrecy_Keys @ M @ ( specKeys @ C4 ) )
| ( knowle1437066798e_know @ C4 @ ( secrecy_kKS @ M ) ) ) ) ) ).
% eoutKnowCorrect_L1k
thf(fact_188_not__know__k__not__eout,axiom,
! [M: secrecy_Keys,A2: secrecy_specID] :
( ~ ( member @ secrecy_Keys @ M @ ( specKeys @ A2 ) )
=> ( ~ ( knowle1437066798e_know @ A2 @ ( secrecy_kKS @ M ) )
=> ( ( knowle1667810483orrect @ A2 @ ( secrecy_kKS @ M ) )
=> ~ ( eout @ A2 @ ( secrecy_kE @ M ) ) ) ) ) ).
% not_know_k_not_eout
thf(fact_189_eout__know__k,axiom,
! [C4: secrecy_specID,M: secrecy_Keys] :
( ( knowle1667810483orrect @ C4 @ ( secrecy_kKS @ M ) )
= ( ( eout @ C4 @ ( secrecy_kE @ M ) )
= ( ( member @ secrecy_Keys @ M @ ( specKeys @ C4 ) )
| ( knowle1437066798e_know @ C4 @ ( secrecy_kKS @ M ) ) ) ) ) ).
% eout_know_k
thf(fact_190_eout__know__nonKS__s,axiom,
! [M: secrecy_Secrets,A2: secrecy_specID] :
( ~ ( member @ secrecy_Secrets @ M @ ( specSecrets @ A2 ) )
=> ( ( eout @ A2 @ ( secrecy_sE @ M ) )
=> ( ( knowle1667810483orrect @ A2 @ ( secrecy_sKS @ M ) )
=> ( knowle1437066798e_know @ A2 @ ( secrecy_sKS @ M ) ) ) ) ) ).
% eout_know_nonKS_s
thf(fact_191_eoutKnowCorrect__L1s,axiom,
! [C4: secrecy_specID,M: secrecy_Secrets] :
( ( knowle1667810483orrect @ C4 @ ( secrecy_sKS @ M ) )
=> ( ( eout @ C4 @ ( secrecy_sE @ M ) )
=> ( ( member @ secrecy_Secrets @ M @ ( specSecrets @ C4 ) )
| ( knowle1437066798e_know @ C4 @ ( secrecy_sKS @ M ) ) ) ) ) ).
% eoutKnowCorrect_L1s
thf(fact_192_TBtheore54b__P,axiom,
! [P: secrecy_specID,M3: set @ secrecy_chanID,E: secrecy_Expression,PQ: secrecy_specID,Q: secrecy_specID] :
( ( eoutM @ P @ M3 @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ? [Ch2: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch2 @ ( out @ Q ) )
& ( exprChannel @ Ch2 @ E )
& ~ ( member @ secrecy_chanID @ Ch2 @ ( loc @ PQ ) )
& ( member @ secrecy_chanID @ Ch2 @ M3 ) )
=> ( eoutM @ PQ @ M3 @ E ) ) ) ) ) ).
% TBtheore54b_P
thf(fact_193_TBtheorem5b__PQ,axiom,
! [P: secrecy_specID,M3: set @ secrecy_chanID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ( eoutM @ P @ M3 @ E )
| ( eoutM @ Q @ M3 @ E ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ? [Ch2: secrecy_chanID] :
( ( ( member @ secrecy_chanID @ Ch2 @ ( out @ P ) )
| ( member @ secrecy_chanID @ Ch2 @ ( out @ Q ) ) )
& ( member @ secrecy_chanID @ Ch2 @ M3 )
& ( exprChannel @ Ch2 @ E )
& ~ ( member @ secrecy_chanID @ Ch2 @ ( loc @ PQ ) ) )
=> ( eoutM @ PQ @ M3 @ E ) ) ) ) ) ).
% TBtheorem5b_PQ
thf(fact_194_TBtheorem45a__P,axiom,
! [P: secrecy_specID,E: secrecy_Expression,PQ: secrecy_specID,Q: secrecy_specID] :
( ( eout @ P @ E )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ? [Ch2: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch2 @ ( out @ P ) )
& ( exprChannel @ Ch2 @ E )
& ~ ( member @ secrecy_chanID @ Ch2 @ ( loc @ PQ ) ) )
=> ( eout @ PQ @ E ) ) ) ) ) ).
% TBtheorem45a_P
thf(fact_195_eout__def,axiom,
( eout
= ( ^ [SP: secrecy_specID,E2: secrecy_Expression] :
? [Ch3: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch3 @ ( out @ SP ) )
& ( exprChannel @ Ch3 @ E2 ) ) ) ) ).
% eout_def
thf(fact_196_eoutM__def,axiom,
( eoutM
= ( ^ [SP: secrecy_specID,M4: set @ secrecy_chanID,E2: secrecy_Expression] :
? [Ch3: secrecy_chanID] :
( ( member @ secrecy_chanID @ Ch3 @ ( out @ SP ) )
& ( member @ secrecy_chanID @ Ch3 @ M4 )
& ( exprChannel @ Ch3 @ E2 ) ) ) ) ).
% eoutM_def
thf(fact_197_out__exprChannelSet__def,axiom,
( out_exprChannelSet
= ( ^ [SP: secrecy_specID,ChSet2: set @ secrecy_chanID,E2: secrecy_Expression] :
( ! [X4: secrecy_chanID] :
( ( member @ secrecy_chanID @ X4 @ ChSet2 )
=> ( ( member @ secrecy_chanID @ X4 @ ( out @ SP ) )
& ( exprChannel @ X4 @ E2 ) ) )
& ! [X4: secrecy_chanID] :
( ( ~ ( member @ secrecy_chanID @ X4 @ ChSet2 )
& ( member @ secrecy_chanID @ X4 @ ( out @ SP ) ) )
=> ~ ( exprChannel @ X4 @ E2 ) ) ) ) ) ).
% out_exprChannelSet_def
thf(fact_198_out__exprChannelSingle__def,axiom,
( out_ex985543062Single
= ( ^ [SP: secrecy_specID,Ch3: secrecy_chanID,E2: secrecy_Expression] :
( ( member @ secrecy_chanID @ Ch3 @ ( out @ SP ) )
& ( exprChannel @ Ch3 @ E2 )
& ! [X4: secrecy_chanID,T: nat] :
( ( ( member @ secrecy_chanID @ X4 @ ( out @ SP ) )
& ( X4 != Ch3 ) )
=> ~ ( exprChannel @ X4 @ E2 ) ) ) ) ) ).
% out_exprChannelSingle_def
thf(fact_199_correctCompositionOut__prop1,axiom,
! [PQ: secrecy_specID,P: secrecy_specID,Q: secrecy_specID,X3: secrecy_chanID] :
( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ( member @ secrecy_chanID @ X3 @ ( out @ PQ ) )
=> ( ( member @ secrecy_chanID @ X3 @ ( out @ P ) )
| ( member @ secrecy_chanID @ X3 @ ( out @ Q ) ) ) ) ) ) ).
% correctCompositionOut_prop1
thf(fact_200_TBtheorem5a__PQ,axiom,
! [P: secrecy_specID,E: secrecy_Expression,Q: secrecy_specID,PQ: secrecy_specID] :
( ( ( eout @ P @ E )
| ( eout @ Q @ E ) )
=> ( ( ( subcomponents @ PQ )
= ( insert @ secrecy_specID @ P @ ( insert @ secrecy_specID @ Q @ ( bot_bot @ ( set @ secrecy_specID ) ) ) ) )
=> ( ( correc990227761ionOut @ PQ )
=> ( ? [Ch2: secrecy_chanID] :
( ( ( member @ secrecy_chanID @ Ch2 @ ( out @ P ) )
| ( member @ secrecy_chanID @ Ch2 @ ( out @ Q ) ) )
& ( exprChannel @ Ch2 @ E )
& ~ ( member @ secrecy_chanID @ Ch2 @ ( loc @ PQ ) ) )
=> ( eout @ PQ @ E ) ) ) ) ) ).
% TBtheorem5a_PQ
thf(fact_201_outStream__def,axiom,
( outStream
= ( ^ [X4: secrecy_specID] :
( ^ [Y4: set @ secrecy_chanID,Z: set @ secrecy_chanID] : ( Y4 = Z )
@ ( out @ X4 ) ) ) ) ).
% outStream_def
thf(fact_202_adv__not__know2,axiom,
! [P: secrecy_specID,A2: secrecy_specID,M: secrecy_Secrets] :
( ( ord_less_eq @ ( set @ secrecy_chanID ) @ ( out @ P ) @ ( ins @ A2 ) )
=> ( ~ ( knowle1437066798e_know @ A2 @ ( secrecy_sKS @ M ) )
=> ~ ( eout @ P @ ( secrecy_sE @ M ) ) ) ) ).
% adv_not_know2
thf(fact_203_order__refl,axiom,
! [A: $tType] :
( ( preorder @ A )
=> ! [X3: A] : ( ord_less_eq @ A @ X3 @ X3 ) ) ).
% order_refl
thf(fact_204_subsetI,axiom,
! [A: $tType,A2: set @ A,B: set @ A] :
( ! [X: A] :
( ( member @ A @ X @ A2 )
=> ( member @ A @ X @ B ) )
=> ( ord_less_eq @ ( set @ A ) @ A2 @ B ) ) ).
% subsetI
thf(fact_205_subset__antisym,axiom,
! [A: $tType,A2: set @ A,B: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A2 @ B )
=> ( ( ord_less_eq @ ( set @ A ) @ B @ A2 )
=> ( A2 = B ) ) ) ).
% subset_antisym
thf(fact_206_subset__empty,axiom,
! [A: $tType,A2: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A2 @ ( bot_bot @ ( set @ A ) ) )
= ( A2
= ( bot_bot @ ( set @ A ) ) ) ) ).
% subset_empty
thf(fact_207_empty__subsetI,axiom,
! [A: $tType,A2: set @ A] : ( ord_less_eq @ ( set @ A ) @ ( bot_bot @ ( set @ A ) ) @ A2 ) ).
% empty_subsetI
thf(fact_208_insert__subset,axiom,
! [A: $tType,X3: A,A2: set @ A,B: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ ( insert @ A @ X3 @ A2 ) @ B )
= ( ( member @ A @ X3 @ B )
& ( ord_less_eq @ ( set @ A ) @ A2 @ B ) ) ) ).
% insert_subset
thf(fact_209_Un__subset__iff,axiom,
! [A: $tType,A2: set @ A,B: set @ A,C4: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ ( sup_sup @ ( set @ A ) @ A2 @ B ) @ C4 )
= ( ( ord_less_eq @ ( set @ A ) @ A2 @ C4 )
& ( ord_less_eq @ ( set @ A ) @ B @ C4 ) ) ) ).
% Un_subset_iff
thf(fact_210_singleton__insert__inj__eq_H,axiom,
! [A: $tType,A3: A,A2: set @ A,B2: A] :
( ( ( insert @ A @ A3 @ A2 )
= ( insert @ A @ B2 @ ( bot_bot @ ( set @ A ) ) ) )
= ( ( A3 = B2 )
& ( ord_less_eq @ ( set @ A ) @ A2 @ ( insert @ A @ B2 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% singleton_insert_inj_eq'
thf(fact_211_singleton__insert__inj__eq,axiom,
! [A: $tType,B2: A,A3: A,A2: set @ A] :
( ( ( insert @ A @ B2 @ ( bot_bot @ ( set @ A ) ) )
= ( insert @ A @ A3 @ A2 ) )
= ( ( A3 = B2 )
& ( ord_less_eq @ ( set @ A ) @ A2 @ ( insert @ A @ B2 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% singleton_insert_inj_eq
thf(fact_212_subset__singletonD,axiom,
! [A: $tType,A2: set @ A,X3: A] :
( ( ord_less_eq @ ( set @ A ) @ A2 @ ( insert @ A @ X3 @ ( bot_bot @ ( set @ A ) ) ) )
=> ( ( A2
= ( bot_bot @ ( set @ A ) ) )
| ( A2
= ( insert @ A @ X3 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% subset_singletonD
thf(fact_213_subset__singleton__iff,axiom,
! [A: $tType,X5: set @ A,A3: A] :
( ( ord_less_eq @ ( set @ A ) @ X5 @ ( insert @ A @ A3 @ ( bot_bot @ ( set @ A ) ) ) )
= ( ( X5
= ( bot_bot @ ( set @ A ) ) )
| ( X5
= ( insert @ A @ A3 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% subset_singleton_iff
thf(fact_214_le__funD,axiom,
! [B4: $tType,A: $tType] :
( ( ord @ B4 )
=> ! [F: A > B4,G: A > B4,X3: A] :
( ( ord_less_eq @ ( A > B4 ) @ F @ G )
=> ( ord_less_eq @ B4 @ ( F @ X3 ) @ ( G @ X3 ) ) ) ) ).
% le_funD
thf(fact_215_le__funE,axiom,
! [B4: $tType,A: $tType] :
( ( ord @ B4 )
=> ! [F: A > B4,G: A > B4,X3: A] :
( ( ord_less_eq @ ( A > B4 ) @ F @ G )
=> ( ord_less_eq @ B4 @ ( F @ X3 ) @ ( G @ X3 ) ) ) ) ).
% le_funE
thf(fact_216_le__funI,axiom,
! [B4: $tType,A: $tType] :
( ( ord @ B4 )
=> ! [F: A > B4,G: A > B4] :
( ! [X: A] : ( ord_less_eq @ B4 @ ( F @ X ) @ ( G @ X ) )
=> ( ord_less_eq @ ( A > B4 ) @ F @ G ) ) ) ).
% le_funI
thf(fact_217_le__fun__def,axiom,
! [B4: $tType,A: $tType] :
( ( ord @ B4 )
=> ( ( ord_less_eq @ ( A > B4 ) )
= ( ^ [F3: A > B4,G2: A > B4] :
! [X4: A] : ( ord_less_eq @ B4 @ ( F3 @ X4 ) @ ( G2 @ X4 ) ) ) ) ) ).
% le_fun_def
thf(fact_218_order__subst1,axiom,
! [A: $tType,B4: $tType] :
( ( ( order @ B4 )
& ( order @ A ) )
=> ! [A3: A,F: B4 > A,B2: B4,C: B4] :
( ( ord_less_eq @ A @ A3 @ ( F @ B2 ) )
=> ( ( ord_less_eq @ B4 @ B2 @ C )
=> ( ! [X: B4,Y3: B4] :
( ( ord_less_eq @ B4 @ X @ Y3 )
=> ( ord_less_eq @ A @ ( F @ X ) @ ( F @ Y3 ) ) )
=> ( ord_less_eq @ A @ A3 @ ( F @ C ) ) ) ) ) ) ).
% order_subst1
thf(fact_219_order__subst2,axiom,
! [A: $tType,C3: $tType] :
( ( ( order @ C3 )
& ( order @ A ) )
=> ! [A3: A,B2: A,F: A > C3,C: C3] :
( ( ord_less_eq @ A @ A3 @ B2 )
=> ( ( ord_less_eq @ C3 @ ( F @ B2 ) @ C )
=> ( ! [X: A,Y3: A] :
( ( ord_less_eq @ A @ X @ Y3 )
=> ( ord_less_eq @ C3 @ ( F @ X ) @ ( F @ Y3 ) ) )
=> ( ord_less_eq @ C3 @ ( F @ A3 ) @ C ) ) ) ) ) ).
% order_subst2
thf(fact_220_ord__eq__le__subst,axiom,
! [A: $tType,B4: $tType] :
( ( ( ord @ B4 )
& ( ord @ A ) )
=> ! [A3: A,F: B4 > A,B2: B4,C: B4] :
( ( A3
= ( F @ B2 ) )
=> ( ( ord_less_eq @ B4 @ B2 @ C )
=> ( ! [X: B4,Y3: B4] :
( ( ord_less_eq @ B4 @ X @ Y3 )
=> ( ord_less_eq @ A @ ( F @ X ) @ ( F @ Y3 ) ) )
=> ( ord_less_eq @ A @ A3 @ ( F @ C ) ) ) ) ) ) ).
% ord_eq_le_subst
thf(fact_221_ord__le__eq__subst,axiom,
! [A: $tType,B4: $tType] :
( ( ( ord @ B4 )
& ( ord @ A ) )
=> ! [A3: A,B2: A,F: A > B4,C: B4] :
( ( ord_less_eq @ A @ A3 @ B2 )
=> ( ( ( F @ B2 )
= C )
=> ( ! [X: A,Y3: A] :
( ( ord_less_eq @ A @ X @ Y3 )
=> ( ord_less_eq @ B4 @ ( F @ X ) @ ( F @ Y3 ) ) )
=> ( ord_less_eq @ B4 @ ( F @ A3 ) @ C ) ) ) ) ) ).
% ord_le_eq_subst
thf(fact_222_eq__iff,axiom,
! [A: $tType] :
( ( order @ A )
=> ( ( ^ [Y4: A,Z: A] : ( Y4 = Z ) )
= ( ^ [X4: A,Y5: A] :
( ( ord_less_eq @ A @ X4 @ Y5 )
& ( ord_less_eq @ A @ Y5 @ X4 ) ) ) ) ) ).
% eq_iff
thf(fact_223_antisym,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [X3: A,Y: A] :
( ( ord_less_eq @ A @ X3 @ Y )
=> ( ( ord_less_eq @ A @ Y @ X3 )
=> ( X3 = Y ) ) ) ) ).
% antisym
thf(fact_224_linear,axiom,
! [A: $tType] :
( ( linorder @ A )
=> ! [X3: A,Y: A] :
( ( ord_less_eq @ A @ X3 @ Y )
| ( ord_less_eq @ A @ Y @ X3 ) ) ) ).
% linear
thf(fact_225_eq__refl,axiom,
! [A: $tType] :
( ( preorder @ A )
=> ! [X3: A,Y: A] :
( ( X3 = Y )
=> ( ord_less_eq @ A @ X3 @ Y ) ) ) ).
% eq_refl
thf(fact_226_le__cases,axiom,
! [A: $tType] :
( ( linorder @ A )
=> ! [X3: A,Y: A] :
( ~ ( ord_less_eq @ A @ X3 @ Y )
=> ( ord_less_eq @ A @ Y @ X3 ) ) ) ).
% le_cases
thf(fact_227_order_Otrans,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [A3: A,B2: A,C: A] :
( ( ord_less_eq @ A @ A3 @ B2 )
=> ( ( ord_less_eq @ A @ B2 @ C )
=> ( ord_less_eq @ A @ A3 @ C ) ) ) ) ).
% order.trans
thf(fact_228_le__cases3,axiom,
! [A: $tType] :
( ( linorder @ A )
=> ! [X3: A,Y: A,Z2: A] :
( ( ( ord_less_eq @ A @ X3 @ Y )
=> ~ ( ord_less_eq @ A @ Y @ Z2 ) )
=> ( ( ( ord_less_eq @ A @ Y @ X3 )
=> ~ ( ord_less_eq @ A @ X3 @ Z2 ) )
=> ( ( ( ord_less_eq @ A @ X3 @ Z2 )
=> ~ ( ord_less_eq @ A @ Z2 @ Y ) )
=> ( ( ( ord_less_eq @ A @ Z2 @ Y )
=> ~ ( ord_less_eq @ A @ Y @ X3 ) )
=> ( ( ( ord_less_eq @ A @ Y @ Z2 )
=> ~ ( ord_less_eq @ A @ Z2 @ X3 ) )
=> ~ ( ( ord_less_eq @ A @ Z2 @ X3 )
=> ~ ( ord_less_eq @ A @ X3 @ Y ) ) ) ) ) ) ) ) ).
% le_cases3
thf(fact_229_antisym__conv,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [Y: A,X3: A] :
( ( ord_less_eq @ A @ Y @ X3 )
=> ( ( ord_less_eq @ A @ X3 @ Y )
= ( X3 = Y ) ) ) ) ).
% antisym_conv
thf(fact_230_order__class_Oorder_Oeq__iff,axiom,
! [A: $tType] :
( ( order @ A )
=> ( ( ^ [Y4: A,Z: A] : ( Y4 = Z ) )
= ( ^ [A5: A,B6: A] :
( ( ord_less_eq @ A @ A5 @ B6 )
& ( ord_less_eq @ A @ B6 @ A5 ) ) ) ) ) ).
% order_class.order.eq_iff
thf(fact_231_ord__eq__le__trans,axiom,
! [A: $tType] :
( ( ord @ A )
=> ! [A3: A,B2: A,C: A] :
( ( A3 = B2 )
=> ( ( ord_less_eq @ A @ B2 @ C )
=> ( ord_less_eq @ A @ A3 @ C ) ) ) ) ).
% ord_eq_le_trans
thf(fact_232_ord__le__eq__trans,axiom,
! [A: $tType] :
( ( ord @ A )
=> ! [A3: A,B2: A,C: A] :
( ( ord_less_eq @ A @ A3 @ B2 )
=> ( ( B2 = C )
=> ( ord_less_eq @ A @ A3 @ C ) ) ) ) ).
% ord_le_eq_trans
thf(fact_233_order__class_Oorder_Oantisym,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [A3: A,B2: A] :
( ( ord_less_eq @ A @ A3 @ B2 )
=> ( ( ord_less_eq @ A @ B2 @ A3 )
=> ( A3 = B2 ) ) ) ) ).
% order_class.order.antisym
thf(fact_234_order__trans,axiom,
! [A: $tType] :
( ( preorder @ A )
=> ! [X3: A,Y: A,Z2: A] :
( ( ord_less_eq @ A @ X3 @ Y )
=> ( ( ord_less_eq @ A @ Y @ Z2 )
=> ( ord_less_eq @ A @ X3 @ Z2 ) ) ) ) ).
% order_trans
thf(fact_235_dual__order_Orefl,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [A3: A] : ( ord_less_eq @ A @ A3 @ A3 ) ) ).
% dual_order.refl
thf(fact_236_linorder__wlog,axiom,
! [A: $tType] :
( ( linorder @ A )
=> ! [P: A > A > $o,A3: A,B2: A] :
( ! [A6: A,B7: A] :
( ( ord_less_eq @ A @ A6 @ B7 )
=> ( P @ A6 @ B7 ) )
=> ( ! [A6: A,B7: A] :
( ( P @ B7 @ A6 )
=> ( P @ A6 @ B7 ) )
=> ( P @ A3 @ B2 ) ) ) ) ).
% linorder_wlog
thf(fact_237_dual__order_Otrans,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [B2: A,A3: A,C: A] :
( ( ord_less_eq @ A @ B2 @ A3 )
=> ( ( ord_less_eq @ A @ C @ B2 )
=> ( ord_less_eq @ A @ C @ A3 ) ) ) ) ).
% dual_order.trans
thf(fact_238_dual__order_Oeq__iff,axiom,
! [A: $tType] :
( ( order @ A )
=> ( ( ^ [Y4: A,Z: A] : ( Y4 = Z ) )
= ( ^ [A5: A,B6: A] :
( ( ord_less_eq @ A @ B6 @ A5 )
& ( ord_less_eq @ A @ A5 @ B6 ) ) ) ) ) ).
% dual_order.eq_iff
thf(fact_239_dual__order_Oantisym,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [B2: A,A3: A] :
( ( ord_less_eq @ A @ B2 @ A3 )
=> ( ( ord_less_eq @ A @ A3 @ B2 )
=> ( A3 = B2 ) ) ) ) ).
% dual_order.antisym
thf(fact_240_in__mono,axiom,
! [A: $tType,A2: set @ A,B: set @ A,X3: A] :
( ( ord_less_eq @ ( set @ A ) @ A2 @ B )
=> ( ( member @ A @ X3 @ A2 )
=> ( member @ A @ X3 @ B ) ) ) ).
% in_mono
thf(fact_241_subsetD,axiom,
! [A: $tType,A2: set @ A,B: set @ A,C: A] :
( ( ord_less_eq @ ( set @ A ) @ A2 @ B )
=> ( ( member @ A @ C @ A2 )
=> ( member @ A @ C @ B ) ) ) ).
% subsetD
thf(fact_242_equalityE,axiom,
! [A: $tType,A2: set @ A,B: set @ A] :
( ( A2 = B )
=> ~ ( ( ord_less_eq @ ( set @ A ) @ A2 @ B )
=> ~ ( ord_less_eq @ ( set @ A ) @ B @ A2 ) ) ) ).
% equalityE
thf(fact_243_subset__eq,axiom,
! [A: $tType] :
( ( ord_less_eq @ ( set @ A ) )
= ( ^ [A4: set @ A,B5: set @ A] :
! [X4: A] :
( ( member @ A @ X4 @ A4 )
=> ( member @ A @ X4 @ B5 ) ) ) ) ).
% subset_eq
thf(fact_244_equalityD1,axiom,
! [A: $tType,A2: set @ A,B: set @ A] :
( ( A2 = B )
=> ( ord_less_eq @ ( set @ A ) @ A2 @ B ) ) ).
% equalityD1
thf(fact_245_equalityD2,axiom,
! [A: $tType,A2: set @ A,B: set @ A] :
( ( A2 = B )
=> ( ord_less_eq @ ( set @ A ) @ B @ A2 ) ) ).
% equalityD2
thf(fact_246_subset__iff,axiom,
! [A: $tType] :
( ( ord_less_eq @ ( set @ A ) )
= ( ^ [A4: set @ A,B5: set @ A] :
! [T: A] :
( ( member @ A @ T @ A4 )
=> ( member @ A @ T @ B5 ) ) ) ) ).
% subset_iff
thf(fact_247_subset__refl,axiom,
! [A: $tType,A2: set @ A] : ( ord_less_eq @ ( set @ A ) @ A2 @ A2 ) ).
% subset_refl
thf(fact_248_Collect__mono,axiom,
! [A: $tType,P: A > $o,Q: A > $o] :
( ! [X: A] :
( ( P @ X )
=> ( Q @ X ) )
=> ( ord_less_eq @ ( set @ A ) @ ( collect @ A @ P ) @ ( collect @ A @ Q ) ) ) ).
% Collect_mono
thf(fact_249_subset__trans,axiom,
! [A: $tType,A2: set @ A,B: set @ A,C4: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A2 @ B )
=> ( ( ord_less_eq @ ( set @ A ) @ B @ C4 )
=> ( ord_less_eq @ ( set @ A ) @ A2 @ C4 ) ) ) ).
% subset_trans
thf(fact_250_set__eq__subset,axiom,
! [A: $tType] :
( ( ^ [Y4: set @ A,Z: set @ A] : ( Y4 = Z ) )
= ( ^ [A4: set @ A,B5: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A4 @ B5 )
& ( ord_less_eq @ ( set @ A ) @ B5 @ A4 ) ) ) ) ).
% set_eq_subset
thf(fact_251_Collect__mono__iff,axiom,
! [A: $tType,P: A > $o,Q: A > $o] :
( ( ord_less_eq @ ( set @ A ) @ ( collect @ A @ P ) @ ( collect @ A @ Q ) )
= ( ! [X4: A] :
( ( P @ X4 )
=> ( Q @ X4 ) ) ) ) ).
% Collect_mono_iff
thf(fact_252_insert__mono,axiom,
! [A: $tType,C4: set @ A,D3: set @ A,A3: A] :
( ( ord_less_eq @ ( set @ A ) @ C4 @ D3 )
=> ( ord_less_eq @ ( set @ A ) @ ( insert @ A @ A3 @ C4 ) @ ( insert @ A @ A3 @ D3 ) ) ) ).
% insert_mono
thf(fact_253_subset__insert,axiom,
! [A: $tType,X3: A,A2: set @ A,B: set @ A] :
( ~ ( member @ A @ X3 @ A2 )
=> ( ( ord_less_eq @ ( set @ A ) @ A2 @ ( insert @ A @ X3 @ B ) )
= ( ord_less_eq @ ( set @ A ) @ A2 @ B ) ) ) ).
% subset_insert
thf(fact_254_subset__insertI,axiom,
! [A: $tType,B: set @ A,A3: A] : ( ord_less_eq @ ( set @ A ) @ B @ ( insert @ A @ A3 @ B ) ) ).
% subset_insertI
thf(fact_255_subset__insertI2,axiom,
! [A: $tType,A2: set @ A,B: set @ A,B2: A] :
( ( ord_less_eq @ ( set @ A ) @ A2 @ B )
=> ( ord_less_eq @ ( set @ A ) @ A2 @ ( insert @ A @ B2 @ B ) ) ) ).
% subset_insertI2
% Type constructors (24)
thf(tcon_HOL_Obool___Lattices_Obounded__lattice,axiom,
bounded_lattice @ $o ).
thf(tcon_Set_Oset___Lattices_Obounded__lattice_1,axiom,
! [A7: $tType] : ( bounded_lattice @ ( set @ A7 ) ) ).
thf(tcon_fun___Lattices_Obounded__lattice_2,axiom,
! [A7: $tType,A8: $tType] :
( ( bounded_lattice @ A8 )
=> ( bounded_lattice @ ( A7 > A8 ) ) ) ).
thf(tcon_fun___Lattices_Obounded__semilattice__sup__bot,axiom,
! [A7: $tType,A8: $tType] :
( ( bounded_lattice @ A8 )
=> ( bounde1808546759up_bot @ ( A7 > A8 ) ) ) ).
thf(tcon_fun___Orderings_Opreorder,axiom,
! [A7: $tType,A8: $tType] :
( ( preorder @ A8 )
=> ( preorder @ ( A7 > A8 ) ) ) ).
thf(tcon_fun___Orderings_Oorder,axiom,
! [A7: $tType,A8: $tType] :
( ( order @ A8 )
=> ( order @ ( A7 > A8 ) ) ) ).
thf(tcon_fun___Orderings_Oord,axiom,
! [A7: $tType,A8: $tType] :
( ( ord @ A8 )
=> ( ord @ ( A7 > A8 ) ) ) ).
thf(tcon_fun___Orderings_Obot,axiom,
! [A7: $tType,A8: $tType] :
( ( bot @ A8 )
=> ( bot @ ( A7 > A8 ) ) ) ).
thf(tcon_Nat_Onat___Orderings_Opreorder_3,axiom,
preorder @ nat ).
thf(tcon_Nat_Onat___Orderings_Olinorder,axiom,
linorder @ nat ).
thf(tcon_Nat_Onat___Orderings_Oorder_4,axiom,
order @ nat ).
thf(tcon_Nat_Onat___Orderings_Oord_5,axiom,
ord @ nat ).
thf(tcon_Nat_Onat___Orderings_Obot_6,axiom,
bot @ nat ).
thf(tcon_Set_Oset___Lattices_Obounded__semilattice__sup__bot_7,axiom,
! [A7: $tType] : ( bounde1808546759up_bot @ ( set @ A7 ) ) ).
thf(tcon_Set_Oset___Orderings_Opreorder_8,axiom,
! [A7: $tType] : ( preorder @ ( set @ A7 ) ) ).
thf(tcon_Set_Oset___Orderings_Oorder_9,axiom,
! [A7: $tType] : ( order @ ( set @ A7 ) ) ).
thf(tcon_Set_Oset___Orderings_Oord_10,axiom,
! [A7: $tType] : ( ord @ ( set @ A7 ) ) ).
thf(tcon_Set_Oset___Orderings_Obot_11,axiom,
! [A7: $tType] : ( bot @ ( set @ A7 ) ) ).
thf(tcon_HOL_Obool___Lattices_Obounded__semilattice__sup__bot_12,axiom,
bounde1808546759up_bot @ $o ).
thf(tcon_HOL_Obool___Orderings_Opreorder_13,axiom,
preorder @ $o ).
thf(tcon_HOL_Obool___Orderings_Olinorder_14,axiom,
linorder @ $o ).
thf(tcon_HOL_Obool___Orderings_Oorder_15,axiom,
order @ $o ).
thf(tcon_HOL_Obool___Orderings_Oord_16,axiom,
ord @ $o ).
thf(tcon_HOL_Obool___Orderings_Obot_17,axiom,
bot @ $o ).
% Conjectures (1)
thf(conj_0,conjecture,
~ ( member @ secrecy_KS @ ( secrecy_sKS @ secret ) @ ( localSecrets @ q ) ) ).
%------------------------------------------------------------------------------