A refined calculus for Intuitionistic Propositional Logic - DISCo

A refined calculus forIntuitionistic Propositional LogicMauro Ferrari 1 , Camillo Fiorentini 2 , Guido Fiorino 31 Dipartimento di Informatica e Comunicazione, Università degli Studi dell’InsubriaVia Mazzini 5, 21100, Varese, Italy2 Dipartimento di Scienze dell’Informazione, Università degli Studi di MilanoVia Comelico, 39, 20135 Milano, Italy3 Dipartimento di Metodi Quantitativi per le Scienze Economiche Aziendali,Università degli Studi di Milano-BicoccaP.zza dell’Ateneo Nuovo 1, 20126 Milano, Italy †Abstract. Since 1993, when Hudelmaier developed a O(n log n)-spacedecision procedure for propositional intuitionistic logic, a lot of workhas been done to improve the efficiency of the related proof-search algorithms.This has been done working on proof-search strategies and onimplementation structures more than on logical properties of the calculi.In this paper we provide a tableau calculus using the signs T, Fand F c, with a new set of rules to treat signed formulas of the kindT((A → B) → C). The main feature of the calculus is to reduce boththe non-determinism in proof-search and the width of proofs with respectto Hudelmaier’s one. The new rules come out from a deep semanticanalysis of nested implications and their behavior in the counter-modelconstruction.1 IntroductionIn this paper we present a tableau calculus for propositional Intuitionistic LogicInt with a new set of rules to treat signed formulas of the kind T((A → B) → C).This calculus collocates itself in a long history of researches on the design ofefficient decision procedures for Int. In this context, the main concern is thetreatment of “positive” implicative formulas, namely implicative formulas havingsign T in a tableau deduction or occurring in the left-side of a sequent. Indeed,differently from Classical Logic, intuitionistic implication cannot be handled byinvertible rules and this makes the decision procedures for Intuitionistic LogicPspace-complete (see [10]).The early calculi for Int were based on the re-use of implicative formulas(see, e.g., [7]). The major drawback of this solution is that deductions mayhave infinite depth, hence some loop-checking mechanism is needed to guaranteetermination. To avoid this, Vorob’ev introduced in [11] (in the context of sequent† An extended version of this paper has been submitted to Logical Methods in ComputerScience.

calculi) rules to treat signed formulas of the kind T(A → B) according to themain connective of A; see also [3, 9], where calculi with analogous properties aregiven. In these cases, the re-use of formulas is avoided by replacing T(A → B)with ”simpler” formulas built up from the subformulas of A → B; moreover,suitable measures on formulas are defined, which guarantee the termination ofderivations. But, if on the one hand decision procedures for these calculi do notneed loop-checking mechanisms, on the other hand the rules to treat formulasof the kind T(A ∨ B → C) and T((A → B) → C) give rise to proofs that maybe of exponential length in the size of the formula to be proved. This problemis overcome in Hudelmaier’s sequent calculi described in [8], where proofs havelinear length and the related decision procedures require O(n log n)-space. In thispaper we refer to the calculus LG of [8], which has a natural translation in thetableau setting. The novelties of LG essentially regard the treatment of formulasof the kind T(A → B). To save space, in some rules of LG the repetitions offormulas is avoided by introducing new propositional variables. Moreover, LGprovides rules to handle the sets containing both T(A → B) and FA, providinga rule for every main connective of A. We remark that in [8], the O(n log n)-spaceresult is proved for the calculus LE, which improves LG by providing a compactnotation to represent the pairs of formulas FA, T(A → B).The calculus T Int we introduce in this paper is a refinement of Hudelmaiercalculus LG. Here, we improve Hudelmaier’s rules by giving rules to treat formulasof the kind T((A → B) → C), for all the main connectives of B, withoutintroducing rules treating pairs of signed formulas. As discussed in the paper,even if T Int has the same computational performances of Hudelmaier’s calculi,it allows us to define a “better” decision procedure due to the following facts: (i)in general T Int proofs have width which is less than that of the correspondingLG proofs; (ii) T Int rules introduce a lower degree of non determinism. Thus,both the search space and the dimension of the proofs of T Int are narrower thanLG. The new rules of T Int exploit the ideas used in [4] to get a calculus havingproofs of depth bounded by 3n, which gives rise to an O(n log n)-space decisionprocedure.Finally, we point out that our reasoning is based on semantic tools, whereas [8]uses syntactic techniques (to prove the equivalence between LG and Gentzen calculus,the author has to introduce some intermediate calculi and prove theirequivalence). As a by-product, our decision procedure allows us to build acounter-model of A whenever A is not intuitionistically valid.To conclude, we remark that since [3, 8, 9] the main works on the improvementof decision procedures for Intuitionistic Logic were faced with the definition of“efficient” implementations, see e.g. [6, 1]. Here we reconsider the problem froma purely logical point of view.The paper is structured as follows: in the next section we introduce the notationand the preliminary definitions. In Section 3 we describe T Int and we discussthe main differences with respect to Hudelmaier’s calculus LG. In Section 4 weprove T Int is sound, while in Section 5 we prove the completeness and somecomputational complexity properties.2

2 Notation and PreliminariesWe consider the propositional language L based on a denumerable set of propositionalvariables (atoms) PV and the logical connectives ¬, ∧, ∨, →. We writeA ∈ L to mean that A is a formula of L.Kripke models are the main tool to semantically characterize propositionalintuitionistic logic Int (see e.g. [2, 5] for the details). A Kripke model for L isa structure K = 〈P, ≤, ρ, ⊩〉, where 〈P, ≤, ρ〉 is a finite poset with minimumelement ρ, and ⊩ is the forcing relation, namely a binary relation on P × PVsatisfying the monotonicity condition: α ⊩ p and α ≤ β implies β ⊩ p. Theforcing relation is extended to arbitrary formulas of L as follows:1. α ⊩ A ∧ B iff α ⊩ A and α ⊩ B;2. α ⊩ A ∨ B iff α ⊩ A or α ⊩ B;3. α ⊩ A → B iff, for every β ∈ P such that α ≤ β, β ⊩ A implies β ⊩ B;4. α ⊩ ¬A iff, for every β ∈ P such that α ≤ β, β ⊩ A does not hold.We write α A to mean that α ⊩ A does not hold. It is easy to check thatthe monotonicity property holds for arbitrary formulas, i.e., for every formulaA ∈ L, α ⊩ A and α ≤ β implies β ⊩ A. A formula A is valid in a Kripke modelK = 〈P, ≤, ρ, ⊩〉 iff ρ ⊩ A (by monotonicity property, this means that α ⊩ A forevery α ∈ P ). It is well-known [2, 5] that propositional intuitionistic logic Intcoincides with the set of formulas valid in all Kripke models.3 The Tableau CalculusThe tableau calculus T Int we introduce in this section, is a refinement of theone introduced in [9] and [4]. It works on signed formulas, namely expressionsof the kind TA, FA or F c A, where A ∈ L. Signed formulas have a naturalinterpretation in Kripke semantics. Given a Kripke model K = 〈P, ≤, ρ, ⊩〉, anelement α ∈ P and a signed formula H, we say that α realizes H in K, and wewrite K, α ✄ H, iff one of the following conditions holds:– H = TA and α ⊩ A;– H = FA and α A;– H = F c A and α ⊩ ¬A.K, α̸ ✄H means that K, α ✄ H does not hold. Given a set S of signed formulas,we write K, α ✄ S to mean that K, α ✄ H for every H ∈ S; we say that S isrealizable if K, α ✄ S for some K and α. We call the certain part of S the setS c = {TA | TA ∈ S} ∪ {F c A | F c A ∈ S}We remark that, by the monotonicity property, K, α ✄ S and α ≤ β impliesK, β ✄ S c .The rules of the tableau calculus T Int are shown in Tables 1-3. In the ruleswe write S, H as a shorthand for S ∪ {H}. Every rule applies to a set of signed3

S, T(A ∧ B) S, F(A ∧ B) S, F c(A ∧ B)S, TA, TB T∧ S, FA | S, FB F∧ S, F cA | S, F Fc∧cBS, T(A ∨ B) S, F(A ∨ B) S, F c(A ∨ B)S, TA | S, TB T∨ S, FA, FB F∨ S, F cA, F cB Fc∨Tables 2 and 3S, F(A → B) S, F c(A → B)S c, TA, FB F→ S c, TA, F cBFc→S, T(¬A) S, F(¬A) S, F c(¬A)S, F cA T¬ S c, TA F¬ S c, TAS c = {TA | TA ∈ S} ∪ {F cA | F cA ∈ S}Fc¬Table 1. The T Int calculusformulas, but only acts on the signed formula H explicitly indicated in thepremise; we call H the major premise of the rule, whereas we call all the othersigned formulas minor premises of the rule. The sets in the consequence areobtained by decomposing in some way the major premise of the rule and eithercopying all the minor premises (see e.g. the rule T∧ of Table 1) or only copyingthe certain part of the minor premises (see e.g. the rule F → of Table 1). Wecall splitting rules the rules of T Int having two sets in the consequence.Some rules require additional conditions in order to be applied. The ruleT → certain of Table 2 can be applied only if S = S c (that is, the set Sof minor premises does not contain F-signed formulas). The rule MP (modusponens) of Table 2, having T(A → B) as major premise, requires the presenceof TA among the minor premises. We point out that in [8] this rule is given inthe restricted form where A is a propositional variable.Finally, we notice that some rules of Tables 2 and 3 require the introductionof a new atom q, namely a propositional variable q not occurring in the premisesof the rule. This expedient goes back to [8] and avoids duplications of non atomicformulas in the consequence of a rule (namely, repetitions of subformulas of themajor premise); for instance, without the introduction of q, the consequenceof T → ∨ should be S, T(A → C), T(B → C), where C occurs twice, and thisprevents the definition of a linear complexity measure on sets of signed formulas.A set S of signed formulas is contradictory if either {TA, FA} ⊆ S or{TA, F c A} ⊆ S, for some formula A. Clearly, contradictory sets cannot berealized. A proof table (or proof tree) for S is a finite tree τ with S as root andsuch that all the children of a node S ′ of τ are the sets in the consequence of arule applied to S ′ . If all the leaves of τ are contradictory sets, we say that τ is a4

S, TA, T(A → B)S, TA, TBMPS, T(A → B)T→certain if S = ScS, F cA | S, TBS, T((A ∧ B) → C)S, T(A → (B → C)) T→∧S, T(¬A → B)S c, TA | S, TB T→¬S, T((A ∨ B) → C)T→∨ with q a new atomS, T(A → q), T(B → q), T(q → C)Table 2. Rules for T →closed proof table for S. A closed proof table is a proof of the calculus: a formulaA is provable in T Int iff there exists a closed proof table for {FA}.To conclude this section we discuss the main novelties of our calculus; inparticular we consider the differences among T Int and the tableau calculi of [9,4] and the sequent calculi introduced in [8]. For sequent calculi we present therules adopting the standard translation into tableau rules.First of all we notice that the rules of Tables 1 and 2 essentially coincidewith those described in [9], where the sign F c is introduced to characterizeintuitionistic negation. As for the rules of Table 3, they replace the ruleS, T((A → B) → C)T→→S c , TA, FB, T(B → C) | S, TCof [9], that goes back to [3] and [11] (given in a sequent calculus style), and therule F io →→ of [4] shown at the end of this section.The rule T →→ has been introduced by Vorob’ev to avoid loop-checking inthe decision procedure. On the other hand, the double occurrence of formulaB in the leftmost conclusion of T →→ gives rise to deductions that may beof exponential depth in the length of the formula to be proved (see [8, 6] for adetailed discussion). In [8] the problem is solved by introducing, beside the ruleT →→, some rules to treat the leftmost conclusion of T →→, according to themain connective of B. Moreover, the calculus LG of [8] provides rules to handlethe pairs of formulas FB, T(B → C), according to the main connective of B.5

Obviously, to build up a closed proof table it may be necessary to try both rules.In contrast, in T Int only the application of the T →→ ∨-rule is required, indeed:S, T((A → X ∨ Y ) → C)T→→∨S c , TA, Fq, T(X → q), T(Y → q), T(q → C) | S, TCIn this case, our rule allows us to reduce the non-determinism in proof-search.Now, let us consider the rule of LG for the case B = X ∧ YS, F(X ∧ Y ), T(X ∧ Y → C)Hud→∧S, FX, T(X → (Y → C)) | S, FY, T(Y → (X → C))and let us consider the tableauS, T((A → X ∧ Y ) → C)S c , TA, F(X ∧ Y ), T(X ∧ Y → C) | S, TC T→→Hud→∧S c , TA, FX, T(X → (Y → C)) | S c , TA, FY, T(Y → (X → C)) | S, TCIn our calculus, for the same initial set we get:S, T((A → X ∧ Y ) → C)T→→∧S c , TA, Fq, T(X → (Y → q)), T(q → C) | S, TCwhere q is a new propositional variable. We point out that our rule decreasesthe width of the proof tree. As a matter of fact, to decide the realizability of theinitial set, with T Int two sets have to be decided, instead of three sets as in LG.Finally, let us consider the LG rule for the case B = X → Y :S, F(X → Y ), T((X → Y ) → C)S c , TX, FY, T(Y → C)Hud→→and let use consider the tableauS, T((A → (X → Y )) → C)S c , TA, F(X → Y ), T((X → Y ) → C) | S, TC T→→S c , TA, TX, FY, T(Y → C) | S, TCHud→→In our calculus the corresponding tableau isS, T((A → (X → Y )) → C)T→→→S c , TA, TX, Fq, T(Y → q), T(q → C) | S, TCwith q a new propositional variable. We point out that we apply one noninvertiblerule, whereas in the previous proof tree two non-invertible rules are7

equired. A deeper discussion about the proof-search strategy is given after theCompleteness Theorem (Section 5).We emphasize that rules of Table 3 are a refinement of the ruleS, T((A → B) → C)F io→→S c , TA, Fq, T(B → q), T(q → C) | S, TCwith q a new atomintroduced in [4]. The calculus of [4] gives rise to proof trees having depthbounded by 6n, where n is the length of the formula to be proved, and thisyields a O(n log n)-space decision procedure for Int. Rules of Table 3 are obtainedby specializing rule F io →→ according to the main connective of B. Howwe discuss later, the new rules allow us to get proof trees having depth 3n atmost.4 SoundnessIn order to prove the soundness T Int we show that every rule of T Int preservesrealizability. The following lemma is helpful to treat the rules of Table 3.Lemma 1. Let K = 〈P, ≤, ρ, ⊩〉 be a Kripke model and let α ∈ P such thatK, α ✄ S, T((A → B) → C) and K, α̸ ✄TCLet V be the set of propositional variables occurring in S ∪ {T((A → B) → C)}and let q be a propositional variable such that q ∉ V. Then, there exists a Kripkemodel K ′ = 〈P ′ , ≤ ′ , ρ ′ , ⊩ ′ 〉 and α ′ ∈ P ′ such thatK ′ , α ′ ✄ S c , TA, Fq, T(B → q), T(q → B), T(q → C)Proof. Let K ′ = 〈P, ≤, ρ, ⊩ ′ 〉 be the Kripke model based on the same poset〈P, ρ, ≤〉 of K with ⊩ ′ defined as follows:– if p ∈ V, then, for every γ ∈ P , γ ⊩ ′ p iff γ ⊩ p;– for every γ ∈ P , γ ⊩ ′ q iff γ ⊩ B;– if p ∉ V ∪ {q}, then, for every γ ∈ P , γ ′ p.It is easy to check that, if H is a formula whose propositional variables belongto V and γ ∈ P , γ ⊩ H iff γ ⊩ ′ H. In particular, by the hypothesis α ⊩ (A →B) → C and α C, we get α ⊩ ′ (A → B) → C and α ′ C. This impliesα ′ A → B, therefore there exists β ∈ P such that α ≤ β, β ⊩ ′ A and β ′ B.We get:1. β ⊩ ′ B → q and β ⊩ ′ q → B (by definition of ⊩ ′ on q);2. β ⊩ ′ A and β ′ q (by (1) and by the fact that β ′ B);3. β ⊩ ′ q → C (by the fact that β ⊩ ′ (A → B) → C and β ⊩ ′ q → B).8

Summarizing, by Points (1)-(3) we concludeK ′ , β ✄ S c , TA, Fq, T(B → q), T(q → B), T(q → C)which proves the assertion.⊓⊔Now we prove that the rules of T Int preserve realizability:Lemma 2. Let S be a set of signed formulas, let K = 〈P, ≤, ρ, ⊩〉 be a Kripkemodel, let α ∈ P such that K, α ✄ S and let R be a rule of T Int applicable toS. Then, there exist a set S ′ in the consequence of the rule R, a Kripke modelK ′ = 〈P ′ , ≤ ′ , ρ ′ , ⊩ ′ 〉 and α ′ ∈ P ′ such that K ′ , α ′ ✄ S ′ .Proof. We have to analyze the rules R of T Int ; we only discuss the most relevantcases of Tables 2 and 3.Rule T → certain: let us assume K, α ✄ S c , T(A → B). By finiteness of P , thereis φ ∈ P such that α ≤ φ and φ is a final element of K (that is, for every ψ ∈ P ,φ ≤ ψ implies φ = ψ). By the monotonicity property, K, φ ✄ S c , T(A → B). Ifφ ⊩ B, we immediately get K, α ✄ S c , TB; otherwise φ A and, being φ a finalelement, this implies φ ⊩ ¬A, hence K, φ ✄ S c , F c A.Rule T →→ Atom: if K, α ✄ S, T((A → p) → C), then α ⊩ (A → p) → C,thus either α ⊩ C or α A → p. In the first case we immediately deduce thatK, α ✄ S, TC. In the second case, there exists β ∈ P such that α ≤ β, β ⊩ Aand β p. Moreover, since β ⊩ (A → p) → C, we also have β ⊩ p → C. Weconclude that K, β ✄ S c , TA, Fp, T(p → C).Rule T →→ ∨: if K, α ✄ S, T((A → (X ∨ Y )) → C), then α ⊩ (A → (X ∨ Y )) →C. If α ⊩ C, we immediately get K, α ✄ S, TC. Otherwise, by Lemma 1 thereexist a Kripke model K ′ = 〈P ′ , ≤ ′ , ρ ′ ⊩ ′ 〉 and α ′ ∈ P ′ such thatK ′ , α ′ ✄ S c , TA, Fq, T((X ∨ Y ) → q), T(q → (X ∨ Y )), T(q → C)Since α ′ ⊩ ′ (X ∨ Y ) → q implies both α ′ ⊩ ′ X → q and α ′ ⊩ ′ Y → q, we getK ′ , α ′ ✄ S c , TA, Fq, T(X → q), T(Y → q), T(q → C).Rule T →→→: if K, α ✄ S, T((A → (X → Y )) → C), then α ⊩ (A → (X →Y )) → C. If α ⊩ C, we immediately get K, α ✄ S, TC. Otherwise, by Lemma 1there exist a Kripke model K ′ = 〈P ′ , ≤ ′ , ρ ′ ⊩ ′ 〉 and α ′ ∈ P ′ such thatK ′ , α ′ ✄ S c , TA, Fq, T((X → Y ) → q), T(q → (X → Y )), T(q → C)Since α ′ ⊩ ′ (X → Y ) → q and α ′ ′ q, there exists β ′ ∈ P ′ such that α ′ ≤ ′ β ′ ,β ′ ⊩ ′ X and β ′ ′ Y . Since β ′ ⊩ ′ q → (X → Y ), we have β ′ q. Moreover, sinceβ ′ ⊩ ′ (X → Y ) → q, it holds that β ′ ⊩ ′ Y → q. Summarizing, we getK ′ , β ′ ✄ S c , TA, Fq, TX, T(Y → q), T(q → C)⊓⊔9

The previous lemma is the main step to prove the soundness of the calculusT Int . Indeed, let us assume that there exists a closed proof table τ of T Int for{FA}. If {FA} is realizable, by the the previous lemma there exists a leaf S ofτ such that S is realizable, a contradiction (recall that S is a contradictory set).It follows that {FA} is not realizable, and this means that A is valid in all theKripke models, that is A ∈ Int. Thus:Theorem 1 (Soundness). If there exists a closed proof table for {FA}, thenA is intuitionistically valid.5 CompletenessTo prove the completeness we need to introduce the following complexity measuredeg on formulas:– if p is a propositional variable, then deg(p) = 0;– deg(A ∧ B) = deg(A) + deg(B) + 2;– deg(A ∨ B) = deg(A) + deg(B) + 3;– deg(A → B) = deg(A) + deg(B)+ 1;– deg(¬A) = deg(A) + 1.We extend the function deg to signed formulas as follows:– For a signed formula SA (S ∈ {T, F, F c }), deg(SA) = deg(A).– For a finite set S of signed formulas, deg(S) = ∑ H∈S deg(H).It is easy to check that, if S ′ is a set in the consequence of a rule of T Int appliedto a finite set of signed formulas S, then deg(S ′ ) < deg(S).To describe our proof search strategy, we introduce the notion of rule relatedto S, H, where S is a set of signed formulas and H a signed formula.- If H has not the form T(A → B), the rule related to S, H is the only rule ofTable 1 having H as major premise and S \ {H} as set of minor premises.- If H = T(A → B) and TA ∈ S, the rule related to S, H is the rule MP ofTable 2 having H as major premise and S \ {H} as set of minor premises.- If H = T(A → B), TA ∉ S and S = S c , the rule related to S, H is the ruleT → certain of Table 2 having H as major premise and S \ {H} as set ofminor premises.- If H = T(A → B), TA ∉ S and S ≠ S c , the rule related to S, H is one ofthe rules of Table 2 and 3 having H as major premise and S \ {H} as set ofminor premises (there exists only one applicable rule).We notice that given S and H there exists at most a rule R of T Int related toS, H. If R is a splitting rule, we denote with R 1 S,H and R2 S,H the leftmost set andthe rightmost set in the consequence of R respectively; for non-splitting rules wedenote with R 1 S,H the only set in the consequence of R. A set of signed formulasS is consistent if there exists no closed proof table for S.10

Lemma 3. Let S be a finite set of signed formulas. If S is consistent, then Sis realizable.Proof. We prove the assertion by complete induction on deg(S). Let us assumethe assertion holds for all S ′ such that deg(S ′ ) < deg(S); we prove it for S.Let S ⊆ S be the set of signed formulas H of S satisfying one of the followingconditions:(i). H = SA, where S ∈ {T, F, F c }, and A = B ∧ C or A = B ∨ C.(ii). H = T(¬A) or H = T(A ∧ B → C) or H = T(A ∨ B → C).(iii). H = T(A → B) and TA ∈ S.(iv). H = T(A → B) and S = S c .(v). H = T(¬A → C) and (S \ {H}) ∪ {TC} is consistent.(vi). H = T((A → p) → C), p is a propositional variable, and (S \{H})∪{TC}is consistent.(vii). H = T((A → ¬B) → C) and (S \ {H}) ∪ {TC} is consistent.(viii). H = T((A → (X ∧ Y )) → C) and (S \ {H}) ∪ {TC} is consistent.(ix). H = T((A → (X ∨ Y )) → C) and (S \ {H}) ∪ {TC} is consistent.(x). H = T((A → (X → Y )) → C) and (S \ {H}) ∪ {TC} is consistent.Let us assume that S ≠ ∅ and let H be any formula of S. Since S is consistent,there exists k ∈ {1, 2} such that the set S ′ = R k S,H is consistent; moreover, if His one of the signed formulas in cases (v), (vi), (vii), (viii), (ix) and (x), we takeS ′ = RS,H 2 (i.e. S′ = (S \ {H}) ∪ {TC}). Since deg(S ′ ) < deg(S), by inductionhypothesis there exists a Kripke model K = 〈P, ≤, ρ, ⊩〉 such that K, ρ ✄ S ′ . Itis easy to check that K, ρ ✄ S, and this proves the assertion.Now, let us assume that S = ∅. Let S 1 ⊆ S be the set of formulas H ∈ Ssatisfying one of the following conditions:1. H = Tp or H = F c p or H = Fp, with p a propositional variable.2. H = T(p → B), with p a propositional variable and Tp ∉ S.Let S 2 ⊆ S be the set of formulas H ∈ S satisfying one of the following conditions:3. H = F(A → B), or H = F c (A → B), or H = F(¬A) or H = F c (¬A).4. H = T(¬A → C) and R 1 S,H is consistent.5. H = T((A → B) → C) and R 1 S,H is consistent.Since S is consistent and S is empty, S 1 ∪ S 2 = S. If S 2 = ∅, then S = S 1 canbe realized in the Kripke model K = 〈P, ≤, ρ, ⊩〉 where P = {ρ} and, for everypropositional variable p, ρ ⊩ p iff Tp ∈ S.Now, let us suppose that S 2 = {H 1 , . . . , H n } and let j ∈ {1, . . . , n}. Bydefinition of S 2 , the set T j = R 1 S,H is consistent. Since deg(T j) < deg(S), byinduction hypothesis there exists a Kripke model K j = 〈P j , ≤ j , ρ j , ⊩ j 〉 suchthat K j , ρ j ✄ T j (we assume that the P j ’s are pairwise disjoint). We build the11

Kripke model K = 〈P, ≤, ρ, ⊩〉 where ρ is a new element (ρ ∉ ⋃ 1≤j≤n P j) andthe immediate successors of ρ are the elements ρ 1 , . . . , ρ n , formally:P = ( ⋃P j ) ∪ {ρ} ≤ = ( ⋃≤ j ) ∪ {(ρ, α) | α ∈ P }1≤j≤n1≤j≤nFinally, for every α ∈ P and every propositional variable p, α ⊩ p iff one of thefollowing conditions holds:– α ∈ P j and α ⊩ j p.– α = ρ and Tp ∈ S.We point out that, if α ∈ P j , then α ⊩ H iff α ⊩ j H; in particular, K, ρ j ✄ T jfor every 1 ≤ j ≤ n. We prove that K, ρ ✄ H for every H ∈ S.If H = Tp, by definition ρ ⊩ p. If H = Fp, then, by consistency, Tp ∉ S,hence ρ p. If H = F c p, then F c p ∈ T j for every 1 ≤ j ≤ n; it follows thatρ j ⊩ ¬p for every 1 ≤ j ≤ n, hence ρ ⊩ ¬p.Let H = T(p → B) and let α ∈ P such that α ⊩ p. Since Tp ∉ S (byPoint (2)), by definition ρ p. Let k be such that α ∈ P k . Since ρ k ⊩ p → Band ρ k ≤ α, it follows that α ⊩ B.Let H = F(A → B), then there exists k such that T k = (S c \{H})∪{TA, FB}and K, ρ k ✄ T k . It follows that ρ k ⊩ A and ρ k B, hence ρ A → B.Let H = T((A → X ∧ Y ) → C), then there exists k such thatT k= (S c \ {H}) ∪ {TA, Fp, T(X → (Y → p)), T(p → C)}and K, ρ k ✄ T k . Let α ∈ P such that α ⊩ A → X ∧ Y . Since ρ k ⊩ A andρ k X ∧ Y (otherwise, ρ k ⊩ p would follow), α ≠ ρ. Let j be such that α ∈ P j .If j = k, we have ρ k ≤ α, which implies α ⊩ C. If j ≠ k, since H ∈ T j , K, ρ j ✄T jand ρ j ≤ α, and we get α ⊩ C. The remaining cases are similar.⊓⊔By the above lemma, it follows that, if {FA} is not realizable then thereexists a closed proof table for {FA}. Since A ∈ Int implies that {FA} is notrealizable, we get:Theorem 2 (Completeness). If A ∈ Int, then there exists a closed proof tablefor {FA}.The proof of Lemma 3 implicitly defines a decision procedure for IntuitionisticLogic; indeed, starting from a finite set S of signed formulas, either a closed prooftable or a counter-model for S is built. In the following we give some insights onthe strategy we apply in the decision procedure.As usual, applying invertible rules before non-invertible ones reduces thesearch-space. In our decision procedure, cases (i)-(iv) in the definition of S correspondto the application of invertible rules. Accordingly, if there exists H ∈ Ssatisfying one of cases (i)-(iv), we firstly apply the rule related to S, H; if thesearch for a closed proof table fails, we conclude that S is not provable (there isno need to backtrack and try the application of another rule to S).12

Otherwise, let us assume that no formula H ∈ S satisfies cases (i)-(iv) andthat there exists H = T(A → B) in S. In this hypothesis, we firstly try to builda proof table for the “invertible” consequence R 2 S,H = (S \ {H}) ∪ {TC}; if sucha proof does not exist, we get a counter-model for S and S is not provable. Onthe other hand, if we find a proof for R 2 S,H but R1 S,H is not provable, one of thecases (4)-(5) holds: nothing can be concluded and we have to try the applicationof another rule to S (this corresponds to the fact that, to build the countermodelfor S, we have to find out, for all H ′ ∈ S, a counter-model for R 1 S,H ′). Inall the other cases, either non-invertible rules are applicable to S (case (3)), orno rules at all (cases (1)-(2)).Finally, we remark that a proof table for a set S not containing F-signedformulas is essentially a classical derivation. Indeed, in the proof we can alwaysapply one of the rules of Table 1, MP and T → certain, which are classicalrules and do not generate F-signed formulas.We conclude with some remarks about the complexity of our calculus. Firstof all we notice that, for a finite set S of signed formulas, deg(S) ≤ 3|S|, where|S| is the number of symbols occurring in S. Since in a proof the complexity ofa set decreases after the application of a rule, the depth of every proof tree forS is linearly bounded by |S|. More precisely, one can prove:Proposition 1. Let S be a finite set of signed formulas. Then, the depth ofevery proof table for S is at most 3|S|.By inspecting the rules of T Int , it easy to check that the number of symbolsin every consequence of a rule of T Int increases of a constant value at most. As aconsequence, a depth-first decision procedure for S requires at most O(n log n)bits to store the data structures.References1. A. Avellone, G. Fiorino, and U. Moscato. A new O(n log n)-space decision procedurefor propositional intuitionistic logic. In Andrei Voronkov Matthias Baaz,Johann Makowsky, editor, LPAR 2002: Short Contributions, CSL 2003: ExtendedPosters, volume VIII of Kurt Gödel Society, Collegium Logicum, pages 17–33, 2004.2. A. Chagrov and M. Zakharyaschev. Modal Logic. Oxford University Press, 1997.3. R. Dyckhoff. Contraction-free sequent calculi for intuitionistic logic. Journal ofSymbolic Logic, 57(3):795–807, 1992.4. G. Fiorino. Decision procedures for propositional intermediate logics. PhD thesis,Dipartimento di Scienze dell’Informazione, Università degli Studi di Milano, Italy,2001.5. M.C. Fitting. Intuitionistic Logic, Model Theory and Forcing. North-Holland,1969.6. D. Galmiche and D. Larchey-Wendling. Structural sharing and efficient proofsearchin propositional intuitionistic logic. In ASIAN’99, volume 1742 of LNCS,pages 101–112, 1999.7. G. Gentzen. Investigations into logical deduction. In M.E. Szabo, editor, TheCollected Works of Gerhard Gentzen, pages 68–131. North-Holland, 1969.13

8. J. Hudelmaier. An O(n log n)-space decision procedure for intuitionistic propositionallogic. Journal of Logic and Computation, 3(1):63–75, 1993.9. P. Miglioli, U. Moscato, and M. Ornaghi. Avoiding duplications in tableau systemsfor intuitionistic logic and Kuroda logic. Logic Journal of the IGPL, 5(1):145–167,1997.10. R. Statman. Intuitionistic logic is polynomial-space complete. Theoretical ComputerScience, 9(1):67–72, 1979.11. N. N. Vorob’ev. A new algorithm of derivability in a constructive calculus of statements.In Sixteen papers on logic and algebra, volume 94 of American MathematicalSociety Translations, Series 2, pages 37–71. American Mathematical Society, Providence,R.I., 1970.14