theory Lambda 
  imports "Nominal" 
begin

atom_decl name

section {* Alpha-Equated Lambda-Terms *}

nominal_datatype lam =
  Var "name"
| App "lam" "lam" 
| Lam "\<guillemotleft>name\<guillemotright>lam" ("Lam [_]._")

section {* Capture-Avoiding Substitution *}

consts subst :: "lam \<Rightarrow> name \<Rightarrow> lam \<Rightarrow> lam"  ("_[_::=_]")

nominal_primrec
  "(Var x)[y::=s] = (if x=y then s else (Var x))"
  "(App t1 t2)[y::=s] = App (t1[y::=s]) (t2[y::=s])"
  "x\<sharp>(y,s) \<Longrightarrow> (Lam [x].t)[y::=s] = Lam [x].(t[y::=s])"
apply(finite_guess)+
apply(rule TrueI)+
apply(simp add: abs_fresh)+
apply(fresh_guess)+
done

lemma  subst_eqvt[eqvt]:
  fixes pi::"name prm"
  shows "pi\<bullet>(t1[x::=t2]) = (pi\<bullet>t1)[(pi\<bullet>x)::=(pi\<bullet>t2)]"
by (nominal_induct t1 avoiding: x t2 rule: lam.strong_induct)
   (auto simp add: perm_bij fresh_atm fresh_bij)

lemma forget: 
  assumes a: "x\<sharp>L"
  shows "L[x::=P] = L"
  using a 
by (nominal_induct L avoiding: x P rule: lam.strong_induct)
   (auto simp add: abs_fresh fresh_atm)

lemma fresh_fact:
  fixes z::"name"
  shows "\<lbrakk>z\<sharp>s; (z=y \<or> z\<sharp>t)\<rbrakk> \<Longrightarrow> z\<sharp>t[y::=s]"
by (nominal_induct t avoiding: z y s rule: lam.strong_induct)
   (auto simp add: abs_fresh fresh_prod fresh_atm)

lemma subst_rename: 
  assumes a: "y\<sharp>t"
  shows "t[x::=s] = ([(y,x)]\<bullet>t)[y::=s]"
using a 
by (nominal_induct t avoiding: x y s rule: lam.strong_induct)
     (auto simp add: calc_atm fresh_atm abs_fresh)

text {* 
  The purpose of the two lemmas below is to work
  around some quirks in Isabelle's handling of 
  meta_quantifiers and meta_implications. 
  *} 

lemma meta_impCE:
  assumes major: "P ==> PROP Q"
    and 1: "~ P ==> R"
    and 2: "PROP Q ==> R"
  shows R
proof (cases P)
  assume P
  then have "PROP Q" by (rule major)
  then show R by (rule 2)
next
  assume "~ P"
  then show R by (rule 1)
qed

declare meta_allE [elim]
    and meta_impCE [elim!]

end