21 - Simple Induction

Induction is a powerful idea that can dramatically simplify some proofs that would otherwise be quite hairy.

Here we'll see how simple induction can unlock a not-so-simple task.

Task

Prove the following is true for every natural number $n$,

$$2^{n}\ge n+1$$

It is not immediately obvious how to do this in our head. 

Maths

Let's introduce the idea of induction. To prove a proposition $P$ is true for any natural number n, we need to show two things:

• Base case: $P$ is true for $n=0$.
• Inductive step: $P$ true for $n$ implies $P$ true for $(n+1)$.

The following illustrates how these two things together allow us to prove $P(n)$ is true for all n. We can see why some describe induction as knocking over dominoes.

For our task, let $P(n)$ be the proposition $2^{n}\ge n+1$. We need to show both the base case and the inductive step.

The base case $P(0)$ is the proposition $2^{0}\ge 0+1$. Because $2^{0}=1\ge 1$, the base case $P(0)$ is true.

The inductive step is the implication $P(n)\implies P(n+1)$. To prove this implication, we assume $P(n)$ is true and derive $P(n+1)$. That is, we assume $2^{n}\ge n+1$ and derive $2^{n+1}\ge(n+1)+1$.

• Let's start with $2^{n+1}=2\cdot2^{n}$.
• By assumption $2^{n}\ge n+1$, so $2\cdot2^{n}\ge2\cdot(n+1)$.
• Expanding $2\cdot(n+1)=(n+1)+n+1$ lets us see $(n+1)+n+1\ge(n+1)+1$. This is because $n$ can't be negative.
• Putting all this together, we have $2^{n+1}\ge(n+1)+1$.

In the inductive step, the assumption that $P(n)$ is true is called the induction hypothesis.

We have shown the base case $P(0)$ and the inductive step $P(n)\implies P(n+1)$ are true, and so, by induction, we can say $P(n)$ is true for all natural numbers $n$.

Let's write this out in a form that takes us towards a Lean proof.

$$\begin{align}P(n):2^{n}&\ge n+1&&\text{proof objective}\\&&&\\\text{base case }P(0)&&&\\&&&\\2^{0}&=1&&\\&\ge0+1&&\text{so }P(0)\text{ is true}\\&&&\\\text{inductive step }P(n)&\implies P(n+1)&&\\&&&\\P(n):2^{n}&\ge n+1&&\text{induction hypothesis}\tag{1}\label{21.1}\\&&&\\2^{n+1}&=2\cdot2^{n}&&\\&\ge2\cdot(n+1)&&\text{by }(\ref{21.1})\\&=(n+1)+1+n&&\\&\ge(n+1)+1&&\text{so }P(n+1)\text{ is true}\\&&&\\P(n):2^{n}&\ge n+1&&\text{by induction}\tag*{\(\Box\)}\end{align}$$

Code

The following Lean program proves, by induction, that $2^{n}\ge n+1$ for all natural numbers $n$.

-- 21 - Simple Induction

import Mathlib.Tactic

example {n : ℕ} : 2^n ≥ n + 1 := by
  induction n with
  | zero =>
    norm_num
  | succ n ih =>
    calc
      2^(n + 1) = 2 * 2^n := by ring
      _ ≥ 2 * (n + 1) := by rel [ih]
      _ = (n + 1) + 1 + n := by ring
      _ ≥ (n + 1) + 1 := by norm_num

The proof header is as we'd expect, but the rest of the proof has a structure we've not seen before.

The induction is started using induction n with which tells Lean we want to do induction on the variable n. We need to specify the variable because some tasks may have more than one variable.

After that we have two sections, starting with | zero => for the base case, and | succ n ih => for the inductive step.

• The code indented under | zero => is the proof of the base case 2 ^ 0 ≥ 0 + 1, which here can be resolved by norm_num.
• The code indented under | succ n ih => is the proof of the inductive step 2 ^ (n + 1) ≥ n + 1 + 1, which here requires a calc section. The inductive hypothesis is established as ih.

Infoview

Placing the cursor before induction n with shows the original proof goal.

⊢ 2 ^ n ≥ n + 1

Moving the cursor to the start of the next line | zero => shows the goal for the base case.

⊢ 2 ^ 0 ≥ 0 + 1

Placing the curser just before | succ n ih => shows the goal for the inductive step, and also the inductive hypothesis ih.

ih : 2 ^ n ≥ n + 1
⊢ 2 ^ (n + 1) ≥ n + 1 + 1

---

Exercise

Write a Lean program to prove, by induction, that

$$3^{n}\ge n+1$$

for any natural number $n$.

20 - Contradictory Cases

When we explored proof by cases, each case led to the proof objective. 

In general, not all cases permitted by a hypothesis will lead to the proof objective. Some cases may lead to a contradiction, meaning they are ruled out as possible cases.

Task

If P is a proposition, show that

$$\neg(\neg P)\implies P$$

We may be tempted to cancel the two negations on the left. For this task we'll pretend we don't yet know this is a valid simplification. 

We haven't specified what proposition $P$ is. That means our theorem, if we can prove it, will hold for any proposition. 

So proving $\neg(\neg P)\implies P$ will justify our intuition that two negations do indeed cancel out.

Maths

A fundamental idea is that a proposition is either true or false, and there is no other possibility. This is called the Law of the Excluded Middle.

It means there are only two possibilities for our proposition $P$. It is either true, or it is false. 

Let's consider each case.

• P is true. This is the proof objective, so there is nothing more to do.
• P is false. That is, $\neg P$ is true. This contradicts the given hypothesis that $\neg(\neg P)$ is true. A contradiction arises from an invalid assumption, so it can't be the case that $P$ is false. 

To summarise, we've shown that $P$ true is possible, but $P$ false is not.

A couple of points about our reasoning are worth explaining. 

First, two statements of the form $Q$ and $\neg Q$ are contradictory. This is how, in the second case, we justify $\neg P$ and $\neg(\neg P)$ are contradictory.

Second, it may look like a circular argument that the first case assumes $P$ is true to prove $P$ is true. It isn't circular because we consider all the possibilities for $P$, which here means considering $P$ is false. It just so happens we then rule out this possibility. 

Let's try to write this in small steps as preparation for a Lean proof.

\begin{align}\neg(\neg P)&\implies P&&\text{proof objective}\\&&&\\&\neg(\neg P)&&\text{hypothesis}\tag{1}\label{20.1}\\&P&&\text{proof goal}\tag{2}\label{20.2}\\&&&\\P&\lor\neg P&&\text{law of excluded middle}\tag{3}\label{20.3}\\&&&\\\text{case }P&&&\text{using fact }(\ref{20.3})\\&P&&\text{proof goal}\\&&&\\\text{case }\neg P&&&\text{using fact }(\ref{20.3})\\&\neg P&&\text{contradicts hypothesis }(\ref{20.1})\\&&&\text{}\\\neg(\neg P)&\implies P&&\text{only consistent case}\tag*{\(\Box\)}\end{align}

We've not proved an implication before so let's clarify how it's done. To prove an implication $A\implies B$, we assume $A$ as a hypothesis and then prove $B$. 

So to prove $\neg(\neg P)\implies P$, we take $\neg(\neg P)$ as a hypothesis (1) and set $P$ as a proof goal (2).

The rest is a proof by cases, and proceeds just as we discussed above.

Code

The following Lean program proves $\neg(\neg P)\implies P$, where $P$ is a proposition.

-- 20 - Contradictory Cases

import Mathlib.Tactic

example {P : Prop} : ¬(¬P) → P := by
  intro g
  by_cases h : P
  · exact h
  · contradiction

The proof header declares P as a proposition using {P : Prop}. 

The proof starts with intro g which converts the proof objective, the implication ¬(¬P) → P, into a hypothesis g : ¬¬P and a new goal P. 

Next, by_cases h : P creates the two cases for P using the Law of the Excluded Middle. Just like a proof by cases, Lean will replace the current goal with two new separate goals, one with h : P as a hypothesis, the other with h : ¬P as a hypothesis.

The rest of the proof handles each case, using focussing dots to organise the sub-proofs.

• The first case is h : P. This exactly matches the goal P, so we can use exact h to resolve this case.
• The second case is h : ¬P. This directly contradicts the hypothesis g : ¬¬P created at the start of the proof, so we can use contradiction to resolve this case. That means ¬P is ruled out as a possibility.

Infoview

Placing the cursor before intro g shows the original proof goal.

⊢ ¬¬P → P

Moving the cursor to the start of the next line shows ¬¬P established as a new hypothesis g, and P set as the new goal.

g : ¬¬P
⊢ P

Placing the curser after by_cases h : P shows the two new goals, one for each case.

case pos
P : Prop
g : ¬¬P
h : P
⊢ P

case neg
P : Prop
g : ¬¬P
h : ¬P
⊢ P

---

Exercise

If $P$ is a proposition, write a Lean program to show that

$$P\implies\neg(\neg P)$$

To keep the proof as short as the example above, try applying the law of the excluded middle, not to $P$, but to $(\neg P)$.

19 - Reductio Ad Absurdum

In this final Part IV we'll explore some more interesting kinds of proof.

Here we'll take a first look at proof by contradiction.

Task

Given these two facts about natural numbers $a$ and $b$,

$$(a=5) \implies (b=6)$$

$$b=7$$

show that

$$\neg a=5$$

The symbol $\neg$  means negation, and can be read as “it is not the case that”. 

So here, $\neg a=5$ reads as “it is not the case that $a=5$”, or more simply, “$a$ is not 5.”

Maths

Looking at $a=5\implies b=6$ tells us that if $a=5$ then $b=6$. But $b$ is supposed to be 7. So it can't be the case that $a=5$. 

This intuition matches the more formal approach we'll take. 

To prove a statement is false we show that applying correct logical steps to it leads to a contradiction.  This is called proof by contradiction.

Let's say that again, but with symbols. To show $\neg P$ we need to show the statement $P$ leads to a contradiction.

For our task, $P$ is $a=5$. So, to show $\neg a=5$, we need to show $a=5$, if taken as a hypothesis, leads to a contradiction.

Let's do this in small steps.

\begin{align}(a=5)&\implies(b=6)&&\text{given fact}\tag{1}\label{19.1}\\b&=7&&\text{given fact}\tag{2}\label{19.2}\\&&&\\\neg a&=5&&\text{proof objective}\\&&&\\\text{assume }a&=5&&\text{for contradiction}\tag{3}\label{19.3}\\b&=6&&\text{using }(\ref{19.1})\\&\ne7&&\text{arithmetic}\tag{4}\label{19.4}\\&&&\\\text{(\ref{19.4})}&\text{ contradicts (\ref{19.2})}&&\text{(\ref{19.3}) must be false}\tag*{\(\Box\)}\end{align}

Proof by contradiction is sometimes called reductio ad absurdum, Latin for “reduction to absurdity”. In our example, the absurdity is the notion that $b=6$ and $b=7$ are both true.

Code

The following Lean program proves $\neg a=5$, given $a=5\implies b=6$ and $b=7$, for natural numbers $a$ and $b$.

-- 19 - Proof by Contradiction

import Mathlib.Tactic

example {a b : ℕ} (h1: a = 5 → b = 6) (h2: b = 7) : ¬a = 5 := by
  by_contra g
  apply h1 at g
  have h2x : ¬b = 7 := by linarith
  contradiction

As we saw earlier, to prove $\neg P$ we assume $P$ is true and derive a contradiction. The by_contra g starts this journey. It takes the goal ¬a = 5, creates a new hypothesis g : a = 5, and sets the goal to False. 

A goal of False means we have to show a contradiction. How do we do this in Lean?

We do it by arranging for two contradictory hypotheses to exist, one of the form Q and the other ¬Q. The two need to be exactly the same, except one has a negation in front of it. Once that's done, we use contradition to resolve the False goal.

The code between by_contra g and contradiction has only one purpose, to arrange for two contradictory hypotheses. Let's break it down:

• The first hypothesis h1 : a = 5 → b = 6 is applied to the newly created hypothesis g : a = 5. Because g matches the antecedent of h1, g is changed to b = 6.
• b = 6 does contradict the second hypothesis h2 : b = 7 but we need to arrange for hypotheses of the form Q and ¬Q.
• To do this we create a new intermediate result h2x : ¬b = 7, justified by the linarith tactic. This tactic is surprisingly capable. It will search the current hypotheses by itself to find any that will help, and it can justify the leap from b = 6 to ¬b = 7.
• We now have two directly contradictory hypotheses, the given h2 : b = 7 and the derived h2x : ¬b = 7. We're now ready to use contradiction to complete the proof.

Infoview

Placing the cursor before by_contra g shows the original proof goal.

⊢ ¬a = 5

Moving the cursor to the start of the next line shows a = 5 has been added as hypothesis g, and the proof goal changed to False.

g : a = 5
⊢ False

Placing the cursor just before contradiction shows the two directly contradictory hypotheses h2 and h2x.

h2 : b = 7
g : b = 6
h2x : ¬b = 7

---

Easy Exercise

Write a Lean program to prove $\neg a=5$, given $a>5\iff b=6$ and $b=6$.

Here $a$ and $b$ are natural numbers.

18 - Our Own Definition

At the start of Part III we used Mathlib's definition of odd and even numbers.

Here we'll create our own definition of triangle numbers.

Task

The following picture illustrates triangle numbers. The first few are 1, 3, 6, 10, 15, 21 and 28. 

In general, the $n$th triangle number is 

$$\frac{n \cdot (n+1)}{2}$$

We saw previously the Mathlib definition of Odd didn't produce the $n$th odd number. Instead the definition is a proposition about a supplied number. So Odd 3 is true, but Odd 4 is false.

Our task is to create a definition of triangle numbers that is a proposition, true only if the supplied number is actually a triangle number.

Maths

A proposition for a triangle number $T$ could be:

$$\exists n\in\mathbb{N}\quad[\;T=\frac{n\cdot(n+1)}{2}\;]$$

This proposition is only true if $T$ is a triangle number. That is, if $T$ can be expressed in the form $n\cdot(n+1)/2$ for some natural number $n$.

When working with natural numbers, we should be cautious about dividing them. In this case division is safe because either $n$ or $(n+1)$ is an even number, and so $n \cdot (n+1)$ is divisible by $2$. 

Even so, let's avoid division of natural numbers as good practice. We'll adjust the proposition to the equivalent:

$$\exists n\in\mathbb{N}\quad[\;2 T=n\cdot(n+1)\;]$$

That is, $T$ is a triangle number if $2 T$ can be expressed in the form $n\cdot(n+1)$ for some natural number $n$.

Code

The following Lean code creates a definition of triangle numbers.

-- 18 - Our Own Definition

import Mathlib.Tactic

def Triangle (a : ℕ) : Prop := ∃ n, 2 * a = n * (n + 1)

example : Triangle 10 := by
  dsimp [Triangle]
  use 4

The keyword def signals we're about to create a named definition. Here the name is Triangle.

After that is a declaration of variables, here a as a natural number. The round brackets require anyone using the definition to provide a as a parameter.

The Prop specifies that Triangle a will be a proposition, a statement that can be true or false. 

After the := is the actual detail of the definition of a triangle number, ∃ n, 2 * a = n * (n + 1). 

The following picture summarises the structure of simple definitions.

When creating our own definitions, it is considerate to provide a minimal example that illustrates how to use the definition. 

Here the example is a proof of Triangle 10, a proposition that says $10$ is a triangle number. The dsimp [Triangle] unfolds the definition in the Infoview. Because the definition is a “there exists” statement, the proof is resolved by a simple use 4.

Infoview

Placing the cursor before dsimp [Triangle] in the illustrative example shows the proof objective.

⊢ Triangle 10

Moving the cursor to the start of the next line shows the goal with the definition of Triangle unfolded.

⊢ ∃ n, 20 = n * (n + 1)

Types & Terms

Let's take a first peek at the hierarchy of objects in Lean.

Compare the definition of Triangle with a definition of Triple that I just made up:

def Triangle (a : ℕ) : Prop := ∃ n, 2 * a = n * (n + 1)

def Triple (a : ℕ) : ℕ := 3 * a

The type of Triangle a is Prop, a proposition. The type of Triple a is ℕ, a natural number.

We say the detail ∃ n, 2 * a = n * (n + 1) is a term of type Prop. Similarly, 3 * a is a term of type ℕ.

Appendix A illustrates the hierarchy of objects in Lean and Mathlib. The diagram there shows 13 is a term of type ℕ. What may be surprising is that proofs are terms of type Prop.

Knowing this isn't crucial at this stage of our learning, but it can help us read and write Lean proofs with an additional level of understanding.

---

Easy Exercise

Create a definition of square numbers named Square. It should be a proposition which is only true if a given number can be written in the form $n^{2}$, for some natural number $n$.

Write a proof showing 25 is a square number, illustrating the use of Square.

Appendix B - Libraries

Packaging your own lemmas and theorems into a library is a tidier way of maintaining them, and making them available for others to use.

Library

In your project's lakefile.lean file, add a reference to the Lean file which contains your lemmas. 

lean_lib MyLeanLemmas

Replace MyLeanLemmas with the name you want for your own library.

Using A Library

To use the lemmas in the MyLeanLemmas library, we simply use import at the top of our lean program.

import Mathlib.Tactic

import MyLeanLemmas

It is a good habit to import additional libraries after any official Mathlib libraries. 

17 - Using Our Own Lemma

In the last post we created our own lemma. 

Here we'll make use of that lemma to prove a disequality. 

Task

For any natural number $n$, show that

$$n^{2}\ne7$$

Maths

Intuitively, we can see that small n leads to an $n^{2}$ less than 7, and large $n$ results in $n^{2}$ larger than 7. 

So a proof strategy is to split the natural number sequence into two, so that all the smaller numbers result in $n^{2}<7$, and all the larger numbers in $n^{2}>7$. If every possible choice for $n$ leads to either $n^{2}<7$ or $n^{2}>7$, then clearly $n^{2}\ne7$.

Let's write this out in small steps as preparation for a Lean proof.

$$\begin{align}n^{2}&\ne7&&\text{proof objective}\\&&&\\n\le m&\lor m+1\le n&&\text{our lemma, for }m,n\in\mathbb{N}\tag{1}\label{17.1}\\&&&\\n\le2&\lor3\le n&&\text{lemma (\ref{17.1}) with }m=2\tag{2}\label{17.2}\\&&&\\\text{case }n\le2&&&\text{using }(\ref{17.2})\\n^{2}&\le4&&\\&<7&&\\n^{2}&\ne7&&\text{lemma }a < b\implies a\ne b\tag{3}\label{17.3}\\&&&\\\text{case }n\ge3&&&\text{using }(\ref{17.2})\\n^{2}&\ge9&&\\&>7&&\\n^{2}&\ne7&&\text{lemma }a > b\implies a\ne b\tag{4}\label{17.4}\\&&&\\n&\ne7&&\text{conclusion of both cases}\tag*{\(\Box\)}\end{align}$$

We use our lemma (1) to split the natural numbers into two sets, so that for any $n\in\mathbb{N}$ we have either $n\le2$ or $3\le n$. 

This is a disjunction of two cases, $n\le2$ and $n\ge3$. 

• The first case $n\le2$ means $n^{2}\le4$, which also means $n^{2}<7$. The conclusion $n^{2}\ne7$ seem obvious, but we do need to justify it. We can use a tiny lemma $a<b\implies a\ne b$.
• The second case $n\ge3$ means $n^{2}\ge9$, which also means $n^{2}>7$. Using another small lemma $a>b\implies a\ne b$, we conclude $n^{2}\ne7$.

Both cases lead to $n^{2}\ne7$, completing the proof.

Code

The following Lean program proves $n^{2}\ne7$ for any natural number n using our lemma. 

-- 17 - Using Our Own Lemma

import Mathlib.Tactic

---

lemma Nat.le_or_succ_le (a b : ℕ): a ≤ b ∨ b + 1 ≤ a := by
  rw [Nat.add_one_le_iff]
  exact le_or_lt a b

---

example {n : ℕ} :  n^2 ≠ 7  := by
  have h := Nat.le_or_succ_le n 2
  obtain ha | hb := h
  · apply ne_of_lt
    calc
      n^2 ≤ 2^2 := by rel [ha]
      _ < 7 := by norm_num
  · apply ne_of_gt
    calc
      n^2 ≥ 3^2 := by rel [hb]
      _ > 7 := by norm_num

The code is separated into two sections by comment dashes. 

The first section is a copy of the lemma we developed in the last chapter, Nat.le_or_succ_le.

The second section is the Lean proof that $n^{2}\ne7$. Let's break it down.

• Our lemma Nat.le_or_succ_le with parameters n and 2, gives us n ≤ 2 ∨ 2 + 1 ≤ n. We capture this as hypothesis h using have. 
• That hypothesis h is a disjunction, so we use obtain to split it into two cases, n ≤ 2 and 2 + 1 ≤ n.
• The first case starts by changing the goal from n^2 ≠ 7 to n^2 < 7 by applying a Mathlib lemma ne_of_lt. Its definition confirms that if we can prove n^2 < 7 then we've proven n^2 ≠ 7:

lemma ne_of_lt (h : a < b) : a %$\ne$% b :=

We then use a calc section to show n^2 ≤ 2^2 from the current case n ≤ 2 , then 2^2 < 7, all of which resolves the goal n^2 < 7.

• The second case is similar. It starts by changing the goal from n^2 ≠ 7 to n^2 > 7 by applying a Mathlib lemma ne_of_gt. Its definition confirms that if we can prove n^2 > 7 then we've proven n^2 ≠ 7:

lemma ne_of_gt (h : b < a) : a %$\ne$% b :=

Again, we use a calc section to show n^2 ≥ 3^2 from the current case 2 + 1 ≤ n , then 3^2 > 7, all of which resolves the goal n^2 > 7.

Libraries of Lemmas

If our lemma Nat.le_or_succ_le is used in several proofs, then having a copy accompanying each can become a little untidy, and make it more difficult to maintain. 

In the wider world of software, re-usable code is packaged into libraries. We can do the same with Lean lemmas and theorems. Appendix B explains briefly how to do this.

---

Easy Exercise

Write a Lean proof to show that $n^{3}\ne10$, for any natural number $n$.

16 - Writing Our Own Lemma

Mathlib has many lemmas and theorems for us to use. We can also write our own.

Here we'll create a small but convenient lemma about the natural numbers.

Task

If we pick a natural number $b$, then any other natural number $a$ must be less than or equal to $b$, or greater than or equal to $b+1$. 

The following illustrates this idea.

By the definition of natural numbers, $b+1$ is the successor of $b$, so we can be sure a is not in the “gap” from b to b+1.

Our task is to create a lemma for natural numbers $a$ and $b$ that says

$$\boxed{a\le b\;\lor\;b+1\le a}$$

Let's bring this to life with an example. If we say $b=7$, but leave $a$ unspecified, the lemma tells us that either $a\le7$ or $8\le a$, which makes sense.

Maths

To prove our lemma we'll try to make use of lemmas that also exist in Mathlib, not only to shorten the proof, but also to ease the transition to a Lean proof.

$$\begin{align}a\le b\;&\lor\;b+1\le a&&\text{proof objective, }a,b\in\mathbb{N}\\&&&\\a\le b\;&\lor\;b<a&&\text{known lemma, }a,b\in\mathbb{N}\tag{1}\label{16.1}\\m+1\le n&\iff m<n&&\text{known lemma, }m,n\in\mathbb{N}\tag{2}\label{16.2}\\&&&\\a\le b\;&\lor\;b+1\le a&&\text{apply lemma }(\ref{16.2})\text{ to }(\ref{16.1})\tag*{\(\Box\)}\end{align}$$

Lemma (1) is already very close to our proof objective. It says that $a\le b\lor b<a$ for any natural numbers $a$ and $b$. 

Lemma (2) says that $m+1\le n$ is equivalent to $m<n$, for natural numbers $m$ and $n$. It lets us rewrite $b<a$ as $b+1\le a$, which immediately gives us the proof objective.

Both lemmas (1) and (2) exist in Mathlib.

Code

The following Lean code creates a lemma that says either $a\le b$ or $b+1\le a$, for natural numbers $a$ and $b$. 

-- 16 - Writing Our Own Lemma

import Mathlib.Tactic

lemma Nat.le_or_succ_le (a b: ℕ): a ≤ b ∨ b + 1 ≤ a := by
  rw [Nat.add_one_le_iff]
  exact le_or_lt a b

example {c : ℕ} :  c ≤ 2 ∨ 3 ≤ c  := by
  exact Nat.le_or_succ_le c 2

The lemma header starts with lemma Nat.le_or_succ_le to tell Lean we want to create a new lemma named Nat.le_or_succ_le. 

The Nat. prefix is conventional for lemmas about natural numbers. The rest of the name le_or_succ_le tries to follow the naming convention to describe what the lemma is about. 

The Lean proofs we've previously explored started with example and no name. They can be thought of as anonymous lemmas, anonymous because there was no need to refer to them after they'd been proved.

The remainder of the header declares a and b as natural numbers, and states the lemma's proposal a ≤ b ∨ b + 1 ≤ a. The round brackets around the variables (a b : ℕ) require anyone using the lemma to always provide a and b as parameters.

Our lemma is proved in just two lines of code by making effective use of existing Mathlib lemmas:

• The first line of the proof rewrites the goal using a Mathlib lemma Nat.add_one_le_iff. Let's check its header:

• 
  theorem add_one_le_iff : n + 1 ≤ m ↔ n < m :=

The rw tactic is akin to “find and replace”, so it looks at the goal a ≤ b ∨ b + 1 ≤ a and finds b + 1 ≤ a matches the left hand side of the Nat.add_one_le_iff lemma. The matched b + 1 ≤ a is  rewritten with the right hand side of the lemma b < a.

• As we'll see in the Infoview, the goal is now a ≤ b ∨ b < a.
• The final line of the proof applies another Mathlib lemma le_or_lt. Let's check its header:

• 
  lemma le_or_lt (a b : α) : a ≤ b ∨ b < a :=
  

  This lemma le_or_lt says that, given two numbers a and b, then a ≤ b ∨ b < a. This matches our current goal exactly, so we can use exact to resolve it and complete the proof.

Notice how the header of the Mathlib lemma le_or_lt (a b : α) uses round brackets requiring us to provide a and b when we use it.

Infoview

Placing the cursor before rw [Nat.add_one_le_iff] shows the original proof goal.

⊢ a ≤ b ∨ b + 1 ≤ a

Moving the cursor to the start of the next line shows the rewritten goal.

⊢ a ≤ b ∨ b < a

Minimal Example

When writing your own lemmas, it is considerate to provide a minimal example showing how to use them. 

The minimal example here illustrates how to use our lemma to prove $c\le2\lor3\le c$ for any natural number $c$.  

With a set to c, and b set to 2, our lemma becomes c ≤ 2 ∨ 3 ≤ c. This matches the proof goal exactly, allowing us to use exact to complete the proof neatly in one line.

Forwards & Backwards

Comparing the maths and Lean proofs, we can see they are similar, but not quite the same.

• The maths proof starts with a lemma $a\le b\lor b<a$ and uses another lemma to arrive at the goal $a\le b\lor b+1\le a$.
• The Lean proof starts with the goal $a\le b\lor b+1\le a$ and uses another lemma to  arrive at an equivalent statement, which happens to be a known lemma $a\le b\lor b<a$.

The proofs go in opposite directions. Where one starts, the other finishes.

Starting with the proof objective and resolving it down to known true facts, rather than building up from known facts to a proof objective, will be a little more common with Lean proofs because many of the tactics bias towards operating on the current goal.

Just for interest, the following is a Lean proof which follows the same path as the maths proof.

lemma Nat.le_or_succ_le (a b: ℕ): a ≤ b ∨ b + 1 ≤ a := by
  have h : a ≤ b ∨ b < a := le_or_lt a b
  rw [← Nat.succ_le] at h
  exact h

The left arrow in rw [← Nat.succ_le] selects the reverse direction of the bidirectional lemma.

---

Easy Exercise

Write a lemma for integers $a$ and $b$ that says

$$a\le b\;\lor\;b+1\le a$$

Create a minimal example illustrating how your lemma can prove the following for any integer $c$.

$$c\le-5\;\lor\;-4\le c$$