Lambda the Ultimate

Rephrasing what you've said, parametricity gives that ∀φ. φ(f x y) = f (φx) (φy), viewing a relation φ as a multi-valued function. Choosing the φ you suggest (φ x = {x}, φ y = {y}, and φ _ = {}), seems to just show that (f x y ∈ {x,y}) for each x and y, not that f is defined at all inputs by one of two equations. And as I noted, that can be obtained by just instantiating a with {x,y}.

I don't think a noramlization based argument will work for me, but that aside, I think the argument you've sketched will have a similar problem. Compare to:

g : ∀a. Bool → a → a → a

Any such function g will ultimately have to choose between its two a-typed parameters, just like f, but there are four possibilities for g.

You're right about parametricity.
It seems there is some amount of purity involved. If you have a random x y construct in your language, then the admissible behaviors for ∀α.α→α→α change, yet this doesn't endanger parametricity of the type system. So parametricity isn't going to help here.

Note that normalization gives the uniformity you're looking for : a normal form for f is is of the form Λα.λx₀.λy₀.t with t normal form in the context α,x₀:α,y₀:α, so is either xâ‚€ or yâ‚€ : ∀α.α→α→α admits only two elements upto βη-equivalence.

You're right. I misunderstood the argument you had in mind, but I agree that a normalization argument would work. Still, it's not clear to me how to formally reason about situations like this in general. I was hoping someone would provide a link to a formal system that does this kind of reasoning out of the box :). Not that your suggestion of normalization wasn't helpful. It was, thank you!

I was thinking about this again yesterday and I think this does actually follow from parametricity. We just need to look at a different relation.

For any x:a, y:a we know that either (f x y = x) or (f x y = y), by one of the arguments above. Suppose x != y and consider the first case (f x y = x). Choose ~ to partition two equivalence classes: the class equal to x and the class not equal to x. i.e. (w~z = (w==x) == (z==x)). Then by parametricity, if y' ~ y, or equivalently y' != x, then (f x y' ~ f x y), or equivalently (f x y' = x). In the other case, y' = x, then instantiating the type at singleton(x) gives that (f x y' = x) still holds.

Thus if (f:a->a->a) and (f x y = x) at some particular x,y, then (f x y = x) uniformly for all y. So this would seem to imply that 'random' isn't parametric.

Choose w~z = (w==x) >= (z==x), where true > false.

Then, for y' ~ y, meaning any y', since y!=x, we have f x y' ~ f x y, which means f x y' = x, since f x y = x. This also generalizes more easily (e.g. to f: a->a->a->a).

Section 7 of Theorems for Free treat fixpoints. The fail operator you discussed is similar, since fail and (fix id) are similar. In both cases, the solution is to use a different (and weaker) logical relation.

So your statement 'functions that fail won't be semantically equal to themselves' is misleading. The correct solution is to adopt a different notion of semantic equality. (The Clinton Principle: It depends on what the meaning of the word 'is' is.)

This could work. I don't know how well it would generalize to other cases. For example, a useful case is proving that any term of type (forall a. (s -> a) -> (t -> a) -> a) either has type (forall a b. (s -> a) -> b -> a) or (forall a b. b -> (t -> a) -> a). i.e. that a church encoded sum is either Left S or Right T.

I wouldn't know whether this particular property holds. You could use techniques from the Wadler paper; I don't really understand the paper. But, after glancing at that, I have the feeling that the property is stated very informally, and that the the hard part --the heart-- of the proof, which is the (inductive) proof over an object logic, is swept under the carpet. (Though, informally, the hard part holds trivially, I don't think the proof is trivial.)

Though I guess a better answer is that if you know that a function, given its type, can only decompose into two functions, then all functions must implement either one of those semantically equivalent functions, is the way to go.

(You could go further than that, and formalize some algebra over manners in which you can compose functions and semantical equivalences between specifically typed functions regarding an object logic/typed LC/or something. You could even try to generalize that with respect to object logics which satisfy specific properties.)

I have described this technique at the end of my original post, "The other way to prove these things...". It depends on a result of normalization of language (or at least the particular value you're studying), because otherwise you could have divergent terms (eg. `let rec z = z in z` or `raise Exit`) with the correct types that return neither 'x' nor 'y'.

Defining "normalization" at higher types needs a bit of work. What does it mean for a value ot type (forall a. (a -> a) -> (a -> a)) to be normalizing? Is `id := (fun f x -> f x)` normalizing at that type? Yet `id (fun x -> raise Exit)` doesn't return a result.

It's a property you would formalize in a meta logic regarding an object logic. For the object logic you need to formalize the language, reduction rules, and typing rules, as well as derive that all well-typed terms are normalizing. I agree with the divergence but for a tad more trivial reason, probably you meant the same, "if some_infinite_computation then x else y" can't be well typed.

(I think I was mistaken. There are two views on "if some_infinite_computation then x else y". It doesn't return x or y, therefor the property doesn't hold; or it can only return x or y, therefor the property holds. It starts to depend on what exact property you're proving.)