Confluence by Decreasing Diagrams -- Formalized

This paper presents a formalization of decreasing diagrams in the theorem prover Isabelle. It discusses mechanical proofs showing that any locally decreasing abstract rewrite system is confluent. The valley and the conversion version of decreasing diagrams are considered.

💡 Research Summary

The paper presents a complete formalisation of the decreasing‑diagrams technique for proving confluence of abstract rewrite systems (ARS) within the Isabelle/HOL proof assistant. Decreasing diagrams, originally introduced by van Oostrom, generalise Newman’s Lemma by allowing a well‑founded ordering on rewrite labels to control the interaction of divergent rewrite steps. The authors address two canonical formulations of the technique: the “valley” version, where a pair of diverging steps can be joined by a single common successor, and the “conversion” version, where the two divergent paths may be linked by a sequence of forward and backward steps provided the multiset of labels strictly decreases with respect to a well‑founded order.

The work proceeds in three major stages. First, the authors encode the basic notions of an ARS in Isabelle: a carrier set of objects, a binary transition relation, and a labeling function that assigns a label from a set L to each rewrite step. The label set is equipped with a partial order ≤ that is proved to be well‑founded. This ordering is the cornerstone of the decreasing‑diagrams argument, because it guarantees the absence of infinite descending chains of labels. The authors also formalise multisets of labels and define a multiset extension of ≤, which is used to compare the “label content” of two conversion sequences.

Second, they formalise the two diagrammatic criteria. The valley version is expressed as a predicate valley a b c meaning that for any pair of steps a → b and a → c there exists a d such that b →* d and c →* d, and moreover the labels of the two joining sequences are strictly smaller than the original diverging labels. The conversion version, conv a b c, relaxes the shape of the joining structure: it requires the existence of a conversion b ↔* d ↔* c whose multiset of intermediate labels is decreasing. The authors prove a key equivalence lemma showing that, under the well‑founded label order, any locally decreasing conversion can be transformed into a valley diagram. This equivalence allows them to concentrate the main confluence proof on the valley formulation while still covering the more general conversion case.

Third, the central confluence theorem is proved: If an ARS is locally decreasing (i.e., every critical pair satisfies the decreasing‑diagram condition), then the ARS is confluent. The proof follows a well‑founded induction on the maximal label occurring in a critical pair. For the base case, the absence of larger labels trivially yields a valley. For the inductive step, the authors show that any pair of diverging steps labelled with a maximal label can be joined by constructing a diagram whose side‑steps are labelled with strictly smaller elements, invoking the induction hypothesis to close the diagram. The proof makes extensive use of Isabelle’s automation: the simp and auto tactics handle routine set‑theoretic reasoning, while custom tactics manage multiset comparisons and the construction of decreasing sequences. The final proof object is fully checked by Isabelle, leaving no unchecked reasoning gaps.

Beyond the core theorem, the paper supplies a reusable Isabelle library that encapsulates:

• the definition of well‑founded label orders,
• multiset extensions and associated comparison lemmas,
• generic constructions of valley and conversion diagrams,
• auxiliary lemmas for composing and decomposing rewrite sequences.

These components are deliberately abstract, enabling their application to concrete term‑rewriting systems, graph‑rewriting frameworks, or any domain where a labelled transition system with a well‑founded ordering is available.

The authors discuss the significance of mechanising decreasing diagrams. Traditional textbook proofs, while mathematically sound, are prone to subtle oversights when adapted to complex languages or optimising compilers. By providing a machine‑checked proof, the work eliminates such human error and offers a solid foundation for automated confluence checking tools. Moreover, the formalisation clarifies the precise role of label design: the choice of labeling and the associated well‑founded order directly influence the feasibility of the decreasing‑diagram condition, suggesting that label engineering should be an integral part of system design.

In conclusion, the paper delivers a rigorous, machine‑verified account of decreasing diagrams, covering both valley and conversion variants, and demonstrates that local decreasingness suffices for global confluence. The Isabelle development is publicly available, and the authors outline future directions such as automated generation of label orders, integration with existing term‑rewriting confluence provers, and case studies on real‑world programming language semantics. This contribution bridges the gap between abstract confluence theory and practical, trustworthy verification in modern theorem‑proving environments.