(* Equalities ***************************************************************)

lemma minus_plus_m_m_commutative: ∀n,m:nat. n = m + n - m.
// qed-.

lemma plus_minus_m_m_commutative (n) (m): m ≤ n → n = m+(n-m).
/2 width=1 by plus_minus_associative/ qed-.

lemma plus_to_minus_2: ∀m1,m2,n1,n2. n1 ≤ m1 → n2 ≤ m2 →
                       m1+n2 = m2+n1 → m1-n1 = m2-n2.
#m1 #m2 #n1 #n2 #H1 #H2 #H
@plus_to_minus >plus_minus_associative //
qed-.

(* Note: uses minus_minus_comm, minus_plus_m_m, commutative_plus, plus_minus *)
lemma plus_minus_minus_be: ∀x,y,z. y ≤ z → z ≤ x → (x - z) + (z - y) = x - y.
#x #z #y #Hzy #Hyx >plus_minus // >commutative_plus >plus_minus //
qed-.

lemma lt_succ_pred: ∀m,n. n < m → m = ↑↓m.
#m #n #Hm >S_pred /2 width=2 by ltn_to_ltO/
qed-.

fact plus_minus_minus_be_aux: ∀i,x,y,z. y ≤ z → z ≤ x → i = z - y → x - z + i = x - y.
/2 width=1 by plus_minus_minus_be/ qed-.

lemma le_plus_minus: ∀m,n,p. p ≤ n → m + n - p = m + (n - p).
/2 by plus_minus/ qed-.

lemma le_plus_minus_comm: ∀n,m,p. p ≤ m → m + n - p = m - p + n.
/2 by plus_minus/ qed-.

lemma minus_minus_comm3: ∀n,x,y,z. n-x-y-z = n-y-z-x.
// qed.

(* Properties ***************************************************************)

lemma eq_nat_dec: ∀n1,n2:nat. Decidable (n1 = n2).
#n1 elim n1 -n1 [| #n1 #IHn1 ] * [2,4: #n2 ]
[1,4: @or_intror #H destruct
| elim (IHn1 n2) -IHn1 /3 width=1 by or_intror, or_introl/
| /2 width=1 by or_introl/
]
qed-.

lemma lt_or_eq_or_gt: ∀m,n. ∨∨ m < n | n = m | n < m.
#m #n elim (lt_or_ge m n) /2 width=1 by or3_intro0/
#H elim H -m /2 width=1 by or3_intro1/
#m #Hm * /3 width=1 by not_le_to_lt, le_S_S, or3_intro2/
qed-.

lemma monotonic_le_minus_l2: ∀x1,x2,y,z. x1 ≤ x2 → x1 - y - z ≤ x2 - y - z.
/3 width=1 by monotonic_le_minus_l/ qed.

lemma minus_le_trans_sn: ∀x1,x2. x1 ≤ x2 → ∀x. x1-x ≤ x2.
/2 width=3 by transitive_le/ qed.

lemma le_plus_to_minus_l: ∀a,b,c. a + b ≤ c → b ≤ c-a.
/2 width=1 by le_plus_to_minus_r/
qed-.

lemma le_plus_to_minus_comm: ∀n,m,p. n ≤ p+m → n-p ≤ m.
/2 width=1 by le_plus_to_minus/ qed-.

lemma le_inv_S1: ∀m,n. ↑m ≤ n → ∃∃p. m ≤ p & ↑p = n.
#m *
[ #H lapply (le_n_O_to_eq … H) -H
  #H destruct
| /3 width=3 by monotonic_pred, ex2_intro/
]
qed-.

(* Note: this might interfere with nat.ma *)
lemma monotonic_lt_pred: ∀m,n. m < n → 0 < m → pred m < pred n.
#m #n #Hmn #Hm whd >(S_pred … Hm)
@le_S_S_to_le >S_pred /2 width=3 by transitive_lt/
qed.

lemma lt_S_S: ∀x,y. x < y → ↑x < ↑y.
/2 width=1 by le_S_S/ qed.

lemma lt_S: ∀n,m. n < m → n < ↑m.
/2 width=1 by le_S/ qed.

lemma monotonic_lt_minus_r:
∀p,q,n. q < n -> q < p → n-p < n-q.
#p #q #n #Hn #H
lapply (monotonic_le_minus_r … n H) -H #H
@(le_to_lt_to_lt … H) -H
/2 width=1 by lt_plus_to_minus/
qed.

(* Inversion & forward lemmas ***********************************************)

lemma lt_refl_false: ∀n. n < n → ⊥.
#n #H elim (lt_to_not_eq … H) -H /2 width=1 by/
qed-.

lemma lt_zero_false: ∀n. n < 0 → ⊥.
#n #H elim (lt_to_not_le … H) -H /2 width=1 by/
qed-.

lemma lt_le_false: ∀x,y. x < y → y ≤ x → ⊥.
/3 width=4 by lt_refl_false, lt_to_le_to_lt/ qed-.

lemma le_dec (n) (m): Decidable (n≤m).
#n elim n -n [ /2 width=1 by or_introl/ ]
#n #IH * [ /3 width=2 by lt_zero_false, or_intror/ ]
#m elim (IH m) -IH
[ /3 width=1 by or_introl, le_S_S/
| /4 width=1 by or_intror, le_S_S_to_le/
]
qed-.

lemma succ_inv_refl_sn: ∀x. ↑x = x → ⊥.
#x #H @(lt_le_false x (↑x)) //
qed-.

lemma le_plus_xSy_O_false: ∀x,y. x + S y ≤ 0 → ⊥.
#x #y #H lapply (le_n_O_to_eq … H) -H <plus_n_Sm #H destruct
qed-.

lemma le_plus_xySz_x_false: ∀y,z,x. x + y + S z ≤ x → ⊥.
#y #z #x elim x -x /3 width=1 by le_S_S_to_le/
#H elim (le_plus_xSy_O_false … H)
qed-.

lemma plus_xySz_x_false: ∀z,x,y. x + y + S z = x → ⊥.
/2 width=4 by le_plus_xySz_x_false/ qed-.

lemma plus_xSy_x_false: ∀y,x. x + S y = x → ⊥.
/2 width=4 by plus_xySz_x_false/ qed-.

lemma pred_inv_fix_sn: ∀x. ↓x = x → 0 = x.
* // #x <pred_Sn #H
elim (succ_inv_refl_sn x) //
qed-.

lemma discr_plus_xy_y: ∀x,y. x + y = y → x = 0.
// qed-.

lemma discr_plus_x_xy: ∀x,y. x = x + y → y = 0.
/2 width=2 by le_plus_minus_comm/ qed-.

lemma plus2_le_sn_sn: ∀m1,m2,n1,n2. m1 + n1 = m2 + n2 → m1 ≤ m2 → n2 ≤ n1.
#m1 #m2 #n1 #n2 #H #Hm
lapply (monotonic_le_plus_l n1 … Hm) -Hm >H -H
/2 width=2 by le_plus_to_le/
qed-.

lemma plus2_le_sn_dx: ∀m1,m2,n1,n2. m1 + n1 = n2 + m2 → m1 ≤ m2 → n2 ≤ n1.
/2 width=4 by plus2_le_sn_sn/ qed-.

lemma plus2_le_dx_sn: ∀m1,m2,n1,n2. n1 + m1 = m2 + n2 → m1 ≤ m2 → n2 ≤ n1.
/2 width=4 by plus2_le_sn_sn/ qed-.

lemma plus2_le_dx_dx: ∀m1,m2,n1,n2. n1 + m1 = n2 + m2 → m1 ≤ m2 → n2 ≤ n1.
/2 width=4 by plus2_le_sn_sn/ qed-.

lemma lt_S_S_to_lt: ∀x,y. ↑x < ↑y → x < y.
/2 width=1 by le_S_S_to_le/ qed-.

(* Note this should go in nat.ma *)
lemma discr_x_minus_xy: ∀x,y. x = x - y → x = 0 ∨ y = 0.
#x @(nat_ind_plus … x) -x /2 width=1 by or_introl/
#x #_ #y @(nat_ind_plus … y) -y /2 width=1 by or_intror/
#y #_ >minus_plus_plus_l
#H lapply (discr_plus_xy_minus_xz … H) -H
#H destruct
qed-.

lemma lt_inv_O1: ∀n. 0 < n → ∃m. ↑m = n.
* /2 width=2 by ex_intro/
#H cases (lt_le_false … H) -H //
qed-.

lemma lt_inv_S1: ∀m,n. ↑m < n → ∃∃p. m < p & ↑p = n.
#m * /3 width=3 by lt_S_S_to_lt, ex2_intro/
#H cases (lt_le_false … H) -H //
qed-.

lemma lt_inv_gen: ∀y,x. x < y → ∃∃z. x ≤ z & ↑z = y.
* /3 width=3 by le_S_S_to_le, ex2_intro/
#x #H elim (lt_le_false … H) -H //
qed-.

lemma plus_inv_O3: ∀x,y. x + y = 0 → x = 0 ∧ y = 0.
/2 width=1 by plus_le_0/ qed-.

lemma plus_inv_S3_sn: ∀x1,x2,x3. x1+x2 = ↑x3 →
                      ∨∨ ∧∧ x1 = 0 & x2 = ↑x3
                       | ∃∃y1. x1 = ↑y1 & y1 + x2 = x3.
* /3 width=1 by or_introl, conj/
#x1 #x2 #x3 <plus_S1 #H destruct
/3 width=3 by ex2_intro, or_intror/
qed-.

lemma plus_inv_S3_dx: ∀x2,x1,x3. x1+x2 = ↑x3 →
                      ∨∨ ∧∧ x2 = 0 & x1 = ↑x3
                       | ∃∃y2. x2 = ↑y2 & x1 + y2 = x3.
* /3 width=1 by or_introl, conj/
#x2 #x1 #x3 <plus_n_Sm #H destruct
/3 width=3 by ex2_intro, or_intror/
qed-.

lemma zero_eq_plus: ∀x,y. 0 = x + y → 0 = x ∧ 0 = y.
* /2 width=1 by conj/ #x #y normalize #H destruct
qed-.

lemma nat_split: ∀x. x = 0 ∨ ∃y. ↑y = x.
* /3 width=2 by ex_intro, or_introl, or_intror/
qed-.

lemma nat_elim_le_sn (Q:relation …):
      (∀m1,m2. (∀m. m < m2-m1 → Q (m2-m) m2) → m1 ≤ m2 → Q m1 m2) →
      ∀n1,n2. n1 ≤ n2 → Q n1 n2.
#Q #IH #n1 #n2 #Hn
<(minus_minus_m_m … Hn) -Hn
lapply (minus_le n2 n1)
let d ≝ (n2-n1)
@(nat_elim1 … d) -d -n1 #d
@pull_2 #Hd
<(minus_minus_m_m … Hd) in ⊢ (%→?); -Hd
let n1 ≝ (n2-d) #IHd
@IH -IH [| // ] #m #Hn
/4 width=3 by lt_to_le, lt_to_le_to_lt/
qed-.

(* Decidability of predicates ***********************************************)

lemma dec_lt (R:predicate nat):
      (∀n. Decidable … (R n)) →
      ∀n. Decidable … (∃∃m. m < n & R m).
#R #HR #n elim n -n [| #n * ]
[ @or_intror * /2 width=2 by lt_zero_false/
| * /4 width=3 by lt_S, or_introl, ex2_intro/
| #H0 elim (HR n) -HR
  [ /3 width=3 by or_introl, ex2_intro/
  | #Hn @or_intror * #m #Hmn #Hm
    elim (le_to_or_lt_eq … Hmn) -Hmn #H destruct [ -Hn | -H0 ]
    /4 width=3 by lt_S_S_to_lt, ex2_intro/
  ]
]
qed-.

lemma dec_min (R:predicate nat):
      (∀n. Decidable … (R n)) → ∀n. R n →
      ∃∃m. m ≤ n & R m & (∀p. p < m → R p → ⊥).
#R #HR #n
@(nat_elim1 n) -n #n #IH #Hn
elim (dec_lt … HR n) -HR [ -Hn | -IH ]
[ * #p #Hpn #Hp
  elim (IH … Hpn Hp) -IH -Hp #m #Hmp #Hm #HNm
  @(ex3_intro … Hm HNm) -HNm
  /3 width=3 by lt_to_le, le_to_lt_to_lt/
| /4 width=4 by ex3_intro, ex2_intro/
]
qed-.