ABCDEFGHIJKLMNOPQRSTUVWXYZ
1
Goal(Selected) hypothesesStep (in mathematical english)Lean equivalentNotes
2
Observe that A holds because of reason rhave h:A := by rCan omit h, in which case the result is called `this` by default
If the reason r is a one-liner, "observe h:A" can work
3
Observe that X is equal to Y by definitionhave : X = Y := by rflor "observe : X = Y"
4
We claim that A holds. ...have h:A := by
<proof of A>
5
Ah: AThe claim followsassumptionCan also use `exact h`
6
This follows by definitionrfl
7
This follows by reason rexact rCan try exact? to find if an exact solution already exists
8
By A, it suffices to show that ... apply A
9
h: AUsing h, we may reduce tosimp [h]can combine multiple simplfiications using simp [h1, h2, ...]
can use `simp only [hypotheses]` for a more targeted simplification
can try simp? to suggest tools to use
10
h: AWe can rewrite our goal using A as ...rw [h]
also have `nth_rewrite n [h]` for more precise rewriting
can combine multiple rewrites using rw [h,h',...]
If one wants to apply h in reverse, use rw [<- h]
A rewrite that turns a goal into an existing assumption can close the proof using rwa [h]
If one needs to use associativity before rewriting, use assoc_rw
11
We can rewrite our goal using A (which is true for reason r) as ...rw [(show A by r)]Can also use (by r: A) instead of (show A by r)
12
AApplying reason r to A, we conclude Bhave h:B := r A
13
A ∧ BFirst we prove A. ...
Now we prove B. ...		constructor
. <proof of A>
<proof of B>
14
A ∧ B ∧ C ∧ DWe now prove each of A, B, C, D in turn.refine ⟨ ?_, ?_, ?_, ?_ ⟩
15
h: A ∧ BBy hypothesis, we have A and Brcases h with \langle hA, hB \ranglecan also use h.1 and h.2
an intro followed by rcases can be merged into an rintro.
A rcases item that is used immediately for rw can be replaced with an rfl
16
h: A ∧ B ∧ C ∧ DBy hypothesis, we have A, B, C, Dobtain ⟨ hA, hB, hC, hD ⟩ := h
17
From h, we obtain A and BAlso works for more complex expressions than simple conjunctions
18
A \iff BFirst we prove A implies B. ...
Now we prove B implies A		constructor
. <proof of A implies B>
<proof of B implies A>
19
We will obtain a contradictionexfalso
20
A \Or BIt will suffice to prove Aleftcan also use Or.inl
21
A \Or BIt will suffice to prove Brightcan also use Or.inr
22
h: A \Or BWe divide into cases.
First, suppose that A holds. ...
Now, suppose that B holds ...		rcases h with ha | hb
23
We divide into cases depending on the natural number n
First, suppose that n=0. ...
Now, suppose that n=m+1 for some m ...		rcases n with _ | mAlso works for other inductive types than the natural numbers, e.g., finite sets
24
We divide into cases.
First, suppose that A is true. ...
Now, suppose that A is false ...
by_cases h:A
. <proof assuming A>
<proof assuming not-A>		can also use
rcases em A with ha | hna
. <proof assuming A>
<proof assuming not-A>
25
We divide into cases.
First, suppose that n=0. ...
Next, suppose that n=1. ...
Finally, suppose that n is of the form n+2...		match n with
| 0 => ...
| 1 => ...
| n+2 => ...
26
h: A, nh: not-ABut this is absurd.absurd h nh
One can save a line or two sometimes by deriving A or not-A directly, e.g., using the `(show A by r)` syntax
27
A, not-AThis gives the required contradiction.contradiction
28
ASuppose for contradiction that A failsby_contra nh
29
not-ASuppose for contradiction that A holdsintro ha
30
Ah: BTaking contrapositives, it suffices to show that not-A implies not-B.contrapose! h
31
We compute
x = y (by reason r)
= z (by reason s)
= w (by reason t)		calc x = y := by r
_ = z := by s
_ = w := by t
Calc can also handle chained inequalities like \leq and <. gcongr is a useful tactic to justify intermediate steps in such cases
32
A implies BThus, suppose that A holds.intro haFor complex hypotheses it can be convenient to use rintro instead
Can omit ha, in which case the hypothesis of A is placed in `this`
33
\forall x \in X, ANow let x be an element of X.intro x, hx
34
ha: a \in X
h: \forall x \in X: A(x)		Since a is in X, A(a) holdshave haa := h a ha
If one wants to use A(a) directly one can just use `h a ha` anywhere one would have otherwise used haa
Can also use `specialize h a ha`, but this replaces h with `h a ha`.
35
\exists x, AWe will take x to equal ause a
36
h: \exists x ABy hypothesis, there exists x obeying Arcases h with \langle x, hxa \rangle
37
AWe need to show A'show A'
If there are multiple goals, show finds the goal that matches A' and moves it to the front of the goal queue
38
ABy definition, we may rewrite the hypothesis A as A'change A' at Acan siimilarly use "change X" to change the goal to a definitionally equivalent X
39
h:A f: A \implies BBy f, we may replace A by Breplace h := f h
40
h: AWe may replace A with B by reason rreplace h : B := by r
41
h: AThe hypothesis A is no longer needed and can be discarded.clear h
42
ha: A
hb: B		The only hypotheses we will use in the sequel are A and Bclear_except hA hB
43
We simplify this assimp
If one simplifies to one of the assumptions, we can use `simpa` instead of `simp` and `assumption`
44
h : AWe can simplify the hypothesis A assimp at hCan be combined with [hypotheses], `simp only`, etc. Can also use wildcard *
45
By definition, this can be rewritten asdsimpIs a more restrictive version of simp, only uses definitional equalities.
46
But this follows from the laws of algebra in a ringring
47
Since we are in a field, we can simplify this tofield_simp [hypotheses]
field_simp is good for clearing denominators; often followed by ring. Hypotheses of denominators being non-zero are located automatically, or introduced as additional goals
48
h : ASince we are in a field, we can simplify A tofield_simp [hypotheses] at h
49
But this follows from the laws of linear inequalitieslinarith
50
But this follows (by logical tautology)tauto
51
Which can be numerically verifiednorm_num
52
negating all the quantifiers, we reduce to showingpush_neg
53
One is now tempted to try...apply?
54
To conclude, one could tryexact?
55
f=gIt suffices to show that f(x)=g(x) for every xext x
56
S = TIt suffices to show that x \in S iff x \in Text x
57
sum_{x in X} f(x) = sum_{x in X} g(x)
It suffices to show that for all x in X, that f(x) = g(x)Finset.sum_congr rflIf g is ranging over another set Y, can replace rfl here with a proof that X=Y
58
f(x)=f(y)It will suffice to show that x=ycongr
sometimes congr! works better. Sometimes congr breaks things down too much, and one has to use congr 1, congr 2, etc. instead or the more precise congrm
59
x+y \leq x'+y'It suffices to show that x \leq x' and y \leq y'gcongr
Works well with calc. If sums or products are involved, may need to use "gcongr with i hi" etc. in order to access the bound variables
60
X \subset YLet x \in X. We need to show that x \in Yintro x hx
61
x in X \cup Yx is in X or x is in Yrintro xX | xY
62
x in X \cap Yx is in X and x is in Yrintro \langle xX, xY \rangle
63
X = YIt suffices to show X \subset Y and Y \subset Xapply Subset.antisymm
64
x = yIt suffices to show x \leq y and y \leq xapply le_antisymm
65
We induct on n.
First we establish the base case n=0. ...
Now suppose inductively that the claim holds for n. ..		induction' n with n ih
. <proof of base case>
<proof of inductive case>
66
X=YWe rewrite our goal as Y=Xsymm
67
AWe claim it suffices to show B. ...
Now we show B. ...		suffices B by
<proof of A given B>
<proof of B>
If B is very close in form to A, convert can work (and if B is definitionally equal to A, change can work)
68
We replace X by Y, which is possible thanks to rrw [(show X=Y by r)]
69
h: X = YApplying f to both sides, we conclude f(X)=f(Y)apply_fun f at h
Can also use `replace h := congr_arg f h` or `replace h := by congrm (f $h)`.
Similarly can use congrm (1 + $h) to add 1 to both sides, etc.
gcongr can be used in situations where one is proving inequalities rather than equalities.
70
something involving (if A then x else y)
First suppose that A is true.
Now suppose that A is false.		split
. <proof if A is true>
<proof if A is false>
71
Expanding out all the definitions, our goal is to establishunfold
Can also "unfold at h" to expand out h. Can use dunfold if one only wants to expand using definitional equalities
72
x>0 or x >= 0This positivity is clear from the hypothesespositivity
73
f(x:\N) = f(x:\R)This expression is the same whether we think of x as a natural number or a realnorm_cast
74
c + b + a = b + a + dWe move all the a terms to the left, and the b terms to the rightmove_add [<- a b]move_mul is similar, but for products
75
Let X denote the quantity Ylet X := Y
76
We will abbreviate the expression Y as Xset X := Y
The difference between this and let is that it actively seeks out all occurrences of Y and replaces them with X
Can use set X := Y with h if one wants to use h : X = Y as a hypothesis
Can also use generalize : Y = X (or generalize h : Y = X) to make X a new variable rather than definitionally equal to Y
77
We prove the latter goal firstswapAlso `swap n`, `rotate`, and `rotate n` for similar goal permuting maneuvers
78
We claim A. (proof of A). We now continue with the rest of the proof.have h:A
79
Later we will prove A. Assuming this claim for the moment .... . Now, we prove A.suffices h : A from
<proof assuming h>
<proof of A>		can also use `have h : A; swap`
80
Suppose P is true. (some arguments) we now conclude Q is true. In summary, P implies Q.have hPQ (hP: P) : ?Q := by
-- (some arguments reaching a conclusion hQ:Q)
exact hQ
81
We now perform the following arguments. (some arguments). In summary, we have established P.have hP: ?P := by
-- (some arguments reaching a conclusion hP:P)
exact hP
82
Let n be a natural number. (some arguments) We now conclude that P(n) is true.
In summary, P(n) is true for all natural numbers .		have hP (n : \Nat) : ?P := by
-- (some arguments reaching a conclusion hP: P n)
exact hP
83
Without loss of generality we may assume P.wlog h : P
. <proof assuming not-P, and that the goal was provable assuming P>
<proof assuming P>		See also "wlog h : P generalizing ..." to generalize selected variables
84
X \leq Yh: X' \leq Y'It suffices to show that X=X' and Y=Y'convert h using 1
Works for many more general relations than \leq here; can also work with other depths of conversion than 1
85
X \leq Yh: X \leq ZIt suffices to show that Z \leq Yapply h.transcan also use `apply le_trans h _`
86
X<Yh: X \leq ZIt suffices to show that Z < Yapply h.trans_lt
87
X \leq Yh: Z \leq YIt suffices to show that X \leq Yapply le_trans _ h
88
X \leq Yh: X = ZIt suffices to show that Z \leq Yrw [h]
89
X \leq Yh: Z = YIt suffices to show that X \leq Zrw [<- h]
90
X \leq Yh: X' \leq Y'It suffices to show that X \leq X' and Y' \leq Yapply le_trans _ (le_trans h _)
91
X \leq YSuppose for contradiction that Y < Xby_contra h; simp at h
92
X \leq YIt suffices to show that f(X) \leq f(Y) (because f is an order isomorphism)apply_fun f
See https://leanprover-community.github.io/mathlib_docs/tactics.html#apply_fun for several variants of this
93
X \leq YIt suffices to show that X + Z \leq Y + Zrw [<- add_le_add_right]many variants, e.g., add_le_add_left, sub_le_sub_right , etc.
94
X \leq YIt suffices to show that X Z \leq Y Z (and that Z>0)apply mul_le_mul_right
95
A
B
C		We establish all these goals by the same argument:all_goals { <list of tactics> }
Can enclose <list of tactics> inside (try ...) in case some of the goals cannot be accomplished this way
The braces {} can be dropped if there is only one tactic, and you do not expect to always close the argument
96
We conjecture that A holdstheorem A_conj : A := by sorryCan use `have` instead of `theorem` inside a proof environment
97
We may rewrite our goal using the identity (x+y)(x-y)=x^2-y^2 asrw [show ∀ x :ℝ, ∀ y : ℝ, (x+y)*(x-y) = x*x-y*y by intros; ring]
98
∀ᶠ x in f, Q xh: ∀ᶠ x in f, P x
h': ∀ᶠ x in f, P' x		It suffices to show Q x for x obeying P x and P' xfilter_upwards [h, h']
99
h: Nonempty AWe arbitrarily select an element x from the nonempty set Aobtain ⟨ x ⟩ := h
100
h: Nonempty AWe use a canonical choice function to select an element x from the nonempty set Ax = h.someCan also use x = h.arbitrary or x = Classical.choice h