Twelf

Twelf is an implementation of the logical framework LF developed by Frank Pfenning and Carsten Schürmann at Carnegie Mellon University.^[1] It is used for logic programming and for the formalization of programming language theory.

At its simplest, a Twelf program (called a "signature") is a collection of declarations of type families (relations) and constants that inhabit those type families. For example, the following is the standard definition of the natural numbers, with z standing for zero and s the successor operator.

nat : type.

z : nat.
s : nat -> nat.

Here nat is a type, and z and s are constant terms. As a dependently typed system, types can be indexed by terms, which allows the definition of more interesting type families. Here is a definition of addition:

plus : nat -> nat -> nat -> type.

plus_zero : {M:nat} plus M z M.

plus_succ : {M:nat} {N:nat} {P:nat}
            plus M (s N) (s P)
         <- plus M N P.

The type family plus is read as a relation between three natural numbers M, N and P, such that M + N = P. We then give the constants that define the relation: the constant plus_zero indicates that M + 0 = M. The quantifier {M:nat} can be read as "for all M of type nat".

The constant plus_succ defines the case for when the second argument is the successor of some other number N (see pattern matching). The result is the successor of P, where P is the sum of M and N. This recursive call is made via the subgoal plus M N P, introduced with <-. The arrow can be understood operationally as Prolog's :-, or as logical implication ("if M + N = P, then M + (s N) = (s P)"), or most faithfully to the type theory, as the type of the constant plus_succ ("when given a term of type plus M N P, return a term of type plus M (s N) (s P)").

Twelf features type reconstruction and supports implicit parameters, so in practice, one usually does not need to explicitly write {M:nat} (etc.) above.

These simple examples do not display LF's higher-order features, nor any of its theorem checking capabilities. See the Twelf distribution for its included examples.

Twelf signatures can be executed via a search procedure. Its core is more sophisticated than Prolog, since it is higher-order and dependently typed, but it is restricted to pure operators: there is no cut or other extralogical operators (such as ones for performing I/O) as are often found in Prolog implementations, which may make it less well-suited for practical logic programming applications. Some uses of Prolog's cut rule can be obtained by declaring that certain operators belong to deterministic type families, which avoids recalculation. Also, like λProlog, Twelf generalizes Horn clauses to hereditary Harrop formulas, which allow for logically well-founded operational notions of fresh-name generation and scoped extension of the clause database.

Twelf is mainly used today as a system for formalizing mathematics, especially the metatheory of programming languages. As such, it is closely related to Rocq and Isabelle/HOL/HOL Light. However, unlike those systems, Twelf proofs are typically developed by hand. Despite this, for the problem domains at which it excels, Twelf proofs are often shorter and easier to develop than in the automated, general-purpose systems.

Twelf's built-in notion of binding and substitution facilitates the encoding of programming languages and logics, most of which make use of binding and substitution, which can often be directly encoded through higher-order abstract syntax (HOAS), where the meta-language's binders represent the object-level binders. Thus standard theorems such as type-preserving substitution and alpha conversion come "for free".

Twelf has been used to formalize many different logics and programming languages (examples are included with the distribution). Among the larger projects are a proof of safety for Standard ML,^[2] a foundational typed assembly language system from CMU,^[3] and a foundational proof carrying code system from Princeton.

Twelf is written in Standard ML, and binaries are available for Linux and Windows. As of 2006^[update], it is under active development, mostly at Carnegie Mellon University.^{[needs update]}

• List of proof assistants

• Official website, Wiki