Logical Step-Indexed Logical Relations

Appel and McAllester’s “step-indexed” logical relations have proven to be a simple and effective technique for reasoning about programs in languages with semantically interesting types, such as general recursive types and general reference types. However, proofs using step-indexed models typically involve tedious, error-prone, and proof-obscuring step-index arithmetic, so it is important to develop clean, high-level, equational proof principles that avoid mention of step indices. In this paper, we show how to reason about binary step-indexed logical relations in an abstract and elegant way. Specifically, we define a logic LSLR, which is inspired by Plotkin and Abadi’s logic for parametricity, but also supports recursively defined relations by means of the modal “later” operator from Appel, Melli`es, Richards, and Vouillon’s “very modal model” paper. We encode in LSLR a logical relation for reasoning relationally about programs in call-by-value System F extended with general recursive types. Using this logical relation, we derive a set of useful rules with which we can prove contextual equivalence and approximation results without counting steps.

💡 Research Summary

The paper addresses a long‑standing usability problem of step‑indexed logical relations (SILR): while SILR provide a simple inductive definition for languages with recursive and mutable features, proofs in this framework inevitably involve cumbersome arithmetic on step indices, which obscures the main argument and is error‑prone. To eliminate this overhead, the authors introduce a new logic, LSLR (Logic for Step‑Indexed Logical Relations), which abstracts away the explicit handling of step indices while preserving the expressive power of SILR.

LSLR is built by combining two prior ideas. First, Plotkin and Abadi’s logic for relational parametricity (PAL) supplies a second‑order intuitionistic framework with universal quantification over relation variables, essential for reasoning about polymorphic types. Second, the “later” modality (⊲) from Appel, Melliès, Richards, and Vouillon’s very modal model provides a way to talk about truth in strictly future worlds. By integrating ⊲ into PAL, the authors obtain a modal, second‑order logic that can define recursive relations µr.R, provided that the recursive variable r appears only under a later guard (contractiveness). This ensures well‑foundedness because the underlying Kripke worlds are natural numbers ordered by the “future” relation m < n.

The Kripke model for LSLR interprets worlds as natural numbers; a proposition holds at world n if it holds at all smaller worlds (downward‑closed sets). The later operator ⊲P means “P holds at every strictly smaller world”. The crucial Löb rule (⊲P ⇒ P) ⇒ P gives an induction principle over worlds, allowing one to prove properties that must hold for all step indices without ever mentioning the index explicitly.

Using LSLR, the authors encode a logical relation for call‑by‑value System Fµ, which extends System F with iso‑recursive types (µα.τ) and standard polymorphism (∀,∃). The logical relation is defined compositionally:

• Base types are related by syntactic equality.
• Function types τ₁→τ₂ relate two functions when, for any pair of arguments related at τ₁, the applications are related at τ₂.
• Polymorphic types use universal quantification over type variables; existential types use existential quantification.
• Recursive types are interpreted via µr.R, where R is contractive thanks to the later modality.

The authors prove that this logical relation is sound and complete with respect to contextual approximation (⊑ctx) and contextual equivalence (≈ctx). Soundness shows that if two terms are related, then any well‑typed context preserves termination behavior; completeness shows that contextual equivalence implies the logical relation. Both proofs rely solely on LSLR’s inference rules and the Löb principle, never on explicit step‑index calculations.

A symmetric version of the relation is also defined, enabling direct equational reasoning (≈) rather than just inequational reasoning (⊑). The paper derives a suite of proof rules—function extensionality, recursion unfolding, polymorphic instantiation, etc.—that can be applied mechanically inside LSLR. These rules are then used to prove several non‑trivial examples:

1. Equality of two differently written recursive functions.
2. Approximation between a polymorphic identity function and a more specialized version.
3. Representation independence for abstract data types that involve both mutable state and existential types.

For each example, the authors compare the LSLR‑based proof with the original step‑indexed proof by Ahmed. The LSLR proofs are considerably shorter, avoid any arithmetic on indices, and make the high‑level reasoning transparent.

The paper also discusses corrections to an earlier conference version (LICS 2009), fixing a technical flaw in the treatment of recursive types and extending the logic to handle a broader class of type constructors.

In the related‑work section, LSLR is positioned against traditional SILR, Kripke logical relations, and bisimulation techniques. The authors argue that LSLR offers the same expressive power as SILR while providing a higher‑level, equational proof style that is more amenable to mechanisation and pedagogical use.

In conclusion, LSLR demonstrates that step‑indexed logical relations need not be tied to low‑level step arithmetic. By embedding SILR into a modal, second‑order logic with the later modality, one obtains a clean, abstract proof system that can reason about recursive and polymorphic languages efficiently. This advancement promises to make relational reasoning more accessible and to facilitate the development of automated proof assistants for advanced type systems.