Skip to content

Commit c1de02e

Browse files
mjdemedeirosmjdemedeiros
committed
probWhileSplit_add_r'
1 parent 59a95c3 commit c1de02e

File tree

1 file changed

+34
-47
lines changed

1 file changed

+34
-47
lines changed

SampCert/DifferentialPrivacy/Queries/UnboundedMax/Properties.lean

+34-47
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,36 @@ noncomputable section
2727

2828
namespace SLang
2929

30+
31+
/--
32+
Stronger congruence rule for probBind: The bound-to functions have to be equal only on the support of
33+
the bound-from function.
34+
-/
35+
lemma probBind_congr_strong (p : SLang T) (f : T -> SLang U) (g : T -> SLang U) (Hcong : ∀ t : T, p t ≠ 0 -> f t = g t) :
36+
p >>= f = p >>= g := by
37+
simp
38+
unfold probBind
39+
apply SLang.ext
40+
intro u
41+
apply Equiv.tsum_eq_tsum_of_support ?G1
42+
case G1 =>
43+
apply Set.BijOn.equiv (fun x => x)
44+
simp [Function.support]
45+
have Heq : {x | ¬p x = 0 ∧ ¬f x u = 0} = {x | ¬p x = 0 ∧ ¬g x u = 0} := by
46+
apply Set.sep_ext_iff.mpr
47+
intro t Ht
48+
rw [Hcong]
49+
apply Ht
50+
rw [Heq]
51+
apply Set.bijOn_id
52+
simp [Function.support]
53+
intro t ⟨ Hp, _ ⟩
54+
simp [Set.BijOn.equiv]
55+
rw [Hcong]
56+
apply Hp
57+
58+
59+
3060
/--
3161
``SLang`` value obtained by applying a loop body exactly ``n`` times to a given distribution
3262
-/
@@ -217,61 +247,18 @@ lemma probWhileSplit_add_r' (cond : T → Bool) (body : T → SLang T) (m n : Na
217247
rename_i m''
218248
rw [bind_congr IH]
219249
clear IH
220-
generalize HK : (probWhileSplit cond body (fun x => probZero) n) = K
221250
unfold probWhileSplit
222251
simp
223252
split <;> simp
224-
· apply SLang.ext
225-
simp
226-
-- Monotonicity necessary here? Seems odd that I'd need it in the inductive proof but not the single step proof
227-
-- However, maybe not so weird. The step I'm getting stuck on is proving asociativity, which didn't
228-
-- need to happen in the 1 step proof.
229-
sorry
253+
· rename_i h
254+
apply probBind_congr_strong
255+
intro t _
256+
simp [probWhileSplit]
230257
· rw [if_neg (by trivial)]
231258
simp
232259

233260

234261

235-
/--
236-
Stronger congruence rule for probBind: The bound-to functions have to be equal only on the support of
237-
the bound-from function.
238-
-/
239-
lemma probBind_congr_strong (p : SLang T) (f : T -> SLang U) (g : T -> SLang U) (Hcong : ∀ t : T, p t ≠ 0 -> f t = g t) :
240-
p >>= f = p >>= g := by
241-
simp
242-
unfold probBind
243-
apply SLang.ext
244-
intro u
245-
apply Equiv.tsum_eq_tsum_of_support ?G1
246-
case G1 =>
247-
apply Set.BijOn.equiv (fun x => x)
248-
simp [Function.support]
249-
have Heq : {x | ¬p x = 0 ∧ ¬f x u = 0} = {x | ¬p x = 0 ∧ ¬g x u = 0} := by
250-
apply Set.sep_ext_iff.mpr
251-
intro t Ht
252-
rw [Hcong]
253-
apply Ht
254-
rw [Heq]
255-
apply Set.bijOn_id
256-
simp [Function.support]
257-
intro t ⟨ Hp, _ ⟩
258-
simp [Set.BijOn.equiv]
259-
rw [Hcong]
260-
apply Hp
261-
262-
263-
264-
265-
266-
267-
268-
269-
270-
271-
272-
273-
274-
275262

276263

277264

0 commit comments

Comments
 (0)