Theory DistinctTreeProver
section ‹Distinctness of Names in a Binary Tree \label{sec:DistinctTreeProver}›
theory DistinctTreeProver
imports Main
begin
text ‹A state space manages a set of (abstract) names and assumes
that the names are distinct. The names are stored as parameters of a
locale and distinctness as an assumption. The most common request is
to proof distinctness of two given names. We maintain the names in a
balanced binary tree and formulate a predicate that all nodes in the
tree have distinct names. This setup leads to logarithmic certificates.
›
subsection ‹The Binary Tree›