Require Import ssreflect ssrbool eqtype ssrnat ssrfun.

Set Implicit Arguments.
Unset Strict Implicit.
Import Prenex Implicits.

Module Axioms.

Parameter Ro : forall x : Set, x -> Set.

Axiom R_inj : forall (x : Set) (a b : x), Ro a = Ro b -> a = b.

Definition inc (x y : Set) := exists a : y, Ro a = x.
Definition sub (a b : Set) := forall x : Set, inc x a -> inc x b.

Axiom extensionality : forall a b : Set, sub a b -> sub b a -> a = b.

Inductive nonemptyT (t : Type) : Prop :=
    nonemptyT_intro : t -> nonemptyT t.
Inductive nonempty (x : Set) : Prop :=
    nonempty_intro : forall y : Set, inc y x -> nonempty x.

Parameter chooseT : forall (t : Type) (p : t -> Prop)(q:nonemptyT t), t.

Axiom chooseT_pr :
  forall (t : Type) (p : t -> Prop) (q : nonemptyT t),
    ex p -> p (chooseT p q).

Parameter IM : forall x : Set, (x -> Set) -> Set.

Axiom IM_exists :
          forall (x : Set) (f : x -> Set) (y : Set),
          inc y (IM f) -> exists a : x, f a = y.
Axiom IM_inc :
          forall (x : Set) (f : x -> Set) (y : Set),
          (exists a : x, f a = y) -> inc y (IM f).

Axiom excluded_middle : forall P : Prop, ~ ~ P -> P.
Axiom iff_eq : forall P Q : Prop, (P -> Q) -> (Q -> P) -> P = Q.

Lemma p_or_not_p : forall P : Prop, P \/ ~ P.
Proof.
move => P; apply excluded_middle => nor.
suff : ~ P by move=> q; apply nor; right.
by move=> p; apply nor; left.
Qed.

Lemma equal_or_not: forall x y:Set, x = y \/ x<> y.
Proof. move => x y; apply p_or_not_p. Qed.

Lemma inc_or_not: forall x y:Set, inc x y \/ ~ (inc x y).
Proof. move => x y; apply p_or_not_p. Qed.

End Axioms.
Export Axioms.

Module Tactics1.

Infix "&":= and (right associativity, at level 100).

Ltac dneg u := match goal with
  H : ~ _ |- ~ _ => move => u; move :H; apply
end.

Ltac ex_middle u := match goal with
  | |- inc ?a ?b => case (inc_or_not a b) ; [ done | move => u]
  | |- ?a = ?b => case (equal_or_not a b) ; [ done | move => u ]
  | |- ?p => case (p_or_not_p p) ; [ done | move => u ]
end.

Ltac EasyDeconj :=
  match goal with
  | |- (_ & _) => apply conj; [ EasyDeconj | EasyDeconj ]
  | |- _ => try solve [intuition]
  end.
Ltac EasyDeconj1 :=
  match goal with
  | |- (_ & _) => apply conj; [ EasyDeconj1 | EasyDeconj1 ]
  | |- _ => try exact
  end.

Ltac eee := EasyDeconj1.
Ltac ee := EasyDeconj.

Ltac aw := autorewrite with aw; trivial.
Ltac dw := autorewrite with dw; trivial.
Ltac awi u:= autorewrite with aw in u.
Ltac bw := autorewrite with bw; trivial.
Ltac srw:= autorewrite with sw; trivial.

Ltac fprops := auto with fprops.
Ltac gprops := auto with gprops.

Ltac set_extens v:= apply extensionality=> v.

End Tactics1.
Export Tactics1.

Module Constructions.

Definition exists_unique t (p : t -> Prop) :=
  (ex p) & (forall x y : t, p x -> p y -> x = y).

Definition strict_sub (a b : Set) := (sub a b) & (a <> b).

Lemma sub_trans : forall a b c, sub a b -> sub b c -> sub a c.
Proof. by move => a b c sab sbc x xa; apply sbc; apply sab. Qed.

Lemma sub_refl : forall x, sub x x.
Proof. by move =>x. Qed.

Lemma strict_sub_trans1 :
  forall a b c, strict_sub a b -> sub b c -> strict_sub a c.
Proof.
move => a b c [sab nab] sbc.
split; first by apply: (sub_trans sab).
by dneg nac; move: sab sbc; rewrite nac; apply extensionality.
Qed.

Lemma strict_sub_trans2 :
  forall a b c, sub a b -> strict_sub b c -> strict_sub a c.
Proof.
move => a b c sab [sbc nbc].
split; first by apply: (sub_trans sab).
by dneg nac; move: sbc sab; rewrite nac; apply extensionality.
Qed.

Definition empty (x : Set) := forall y : Set, ~ inc y x.
CoInductive emptyset : Set :=.

Lemma R_inc : forall (x : Set) (a : x), inc (Ro a) x.
Proof. by move=> x a; exists a. Qed.

Lemma inc_nonempty : forall x y, inc x y -> nonemptyT y.
Proof. by move=> _ y [ w _ ]; apply nonemptyT_intro. Qed.

Lemma nonemptyT_not_empty : forall x:Set, nonemptyT x -> ~ empty x.
Proof. by move=> x [ w ] Ex; apply: (Ex (Ro w)(R_inc w)). Qed.

Lemma nonemptyT_not_empty0 : forall x:Set, nonemptyT x = nonempty x.
Proof.
move => x; apply iff_eq; move => [w].
  by exists (Ro w); exists w.
by apply: inc_nonempty.
Qed.

Lemma emptyset_pr: forall x, ~ inc x emptyset.
Proof. move=> _ [[]]. Qed.

Lemma is_emptyset: forall x, (forall y, ~ (inc y x)) -> x = emptyset.
Proof.
by move => x Iyx; set_extens t => Ht; [ case (Iyx t) | case (emptyset_pr Ht) ].
Qed.

Lemma not_nonempty_empty: nonempty emptyset -> False.
Proof. move=>[y]; case; case. Qed.

Lemma emptyset_dichot : forall x, (x = emptyset \/ nonempty x).
Proof.
move=> x; case: (p_or_not_p (nonempty x)) => [He | Hne]; first by auto.
by left; apply is_emptyset => y Hy; apply Hne; exists y.
Qed.

Lemma nonempty_or_empty: forall x, nonempty x = (x <> emptyset).
Proof.
move=> x; apply iff_eq.
  move=> [y [yx _]] xe; move: yx; rewrite xe; case.
by move=> xne; case (emptyset_dichot x).
Qed.

Ltac empty_tac0 :=
  match goal with
  | H:inc _ emptyset |- _ => elim (emptyset_pr H)
  end.

Ltac empty_tac v H:=
  match goal with
  | |- _ = emptyset => apply is_emptyset; move=> v H
  end.

Ltac empty_tac3 v :=
  match goal with
  | |- _ = emptyset => apply is_emptyset; move=> v
  end.

Ltac empty_tac1 u := elim (emptyset_pr (x:= u));
  match goal with H: ?x = emptyset |- _ => rewrite <- H
    | H: emptyset = ?x |- _ => rewrite H end ; fprops.

Ltac ue :=
  match goal with
    | H:?a = ?b |- _ => solve [ rewrite H ; fprops | rewrite - H ; fprops]
end.

Lemma emptyset_sub_any:
  forall x, sub emptyset x.
Proof. by move=> x t Ht; empty_tac0. Qed.

Definition Bo (x y : Set) (hyp : inc x y) :=
  chooseT (fun a : y => Ro a = x) (inc_nonempty hyp).

Lemma B_eq : forall x y (hyp : inc x y), Ro (Bo hyp) = x.
Proof. by rewrite /Bo /inc; move=> x y hyp; apply chooseT_pr. Qed.

Lemma B_back : forall (x:Set) (y:x) (hyp : inc (Ro y) x), Bo hyp = y.
Proof. by move=> x y Hyp; apply R_inj; apply B_eq. Qed.

Lemma by_cases_nonempty :
  forall (T : Type) (P : Prop) (a : P -> T) (b : ~ P -> T), nonemptyT T.
Proof.
move=> T P a b; case (p_or_not_p P) => [Ha | Hb ]; apply nonemptyT_intro; auto.
Qed.

Definition by_cases (T : Type) (P : Prop) (a : P -> T) (b : ~ P -> T) :=
  chooseT (fun x : T => (forall p : P, a p = x)
                       & (forall q : ~ P, b q = x))
    (by_cases_nonempty a b).

Lemma by_cases_if :
  forall (T : Type) (P : Prop) (a : P -> T) (b : ~ P -> T) (p : P),
    (forall p1 p2: P, a p1 = a p2) ->
    by_cases a b = a p.
Proof.
move=> T P a b p eq_ap; symmetry.
set x:= _ a b.
have [Ha _ //] : (forall p, a p = x) & (forall q, b q = x).
rewrite /x /by_cases; apply chooseT_pr; by exists (a p); split.
Qed.

Lemma by_cases_if_not :
  forall (T : Type) (P : Prop) (a : P -> T) (b : ~ P -> T) (q : ~ P),
    (forall p1 p2: ~P, b p1 = b p2) ->
    by_cases a b = b q.
Proof.
move=> T P a b q eq_bq; symmetry.
set x:= _ a b.
have [_ //] : (forall p : P, a p = x) & (forall q : ~ P, b q = x).
by rewrite /x /by_cases; apply chooseT_pr; exists (b q); split.
Qed.

Definition choose (p:Set -> Prop) :=
  chooseT (fun x => (ex p -> p x) & ~ ex p -> x = emptyset)
   (nonemptyT_intro emptyset).

Lemma choose_pr : forall p, ex p -> p (choose p).
Proof.
rewrite /choose => p exp.
pose q x := ex p -> p x & ~ ex p -> x = emptyset.
have [q1 _ ]: (q (chooseT q (nonemptyT_intro emptyset))).
  by apply chooseT_pr; elim exp; move=> x px; exists x; rewrite/q; split.
by apply q1.
Qed.

Lemma choose_not : forall p, ~(ex p) -> choose p = emptyset.
Proof.
rewrite /choose => p nexp.
pose q x := ex p -> p x & ~ ex p -> x = emptyset.
have [_ ] : (q (chooseT q (nonemptyT_intro emptyset))).
 by apply chooseT_pr; exists emptyset; split.
by apply.
Qed.

Definition rep (x : Set) := choose (fun y : Set => inc y x).

Lemma nonempty_rep : forall x, nonempty x -> inc (rep x) x.
Proof. by rewrite /rep => x [y yinx ]; apply choose_pr; exists y. Qed.

Lemma not_exists_pr : forall p : Set -> Prop, (~ ex p) = (forall x, ~ p x).
Proof.
move=> p; apply iff_eq => [nexp x px| allnp [x px]]; last by apply (allnp x).
by elim nexp; exists x.
Qed.

Lemma exists_proof : forall p : Set -> Prop, ~ (forall x : Set, ~ p x) -> ex p.
Proof.
move=> p; rewrite -not_exists_pr; apply excluded_middle.
Qed.

Lemma exists_proof2 : forall p : Set ->Set ->Prop, ~ (forall x y, ~ p x y)
  -> (exists x, exists y, p x y).
Proof.
by move => p h; ex_middle h1; elim h => x y pxy; elim h1; exists x; exists y.
Qed.

Definition Yo : Prop -> Set -> Set -> Set :=
  fun P x y => by_cases (fun _ : P => x) (fun _ : ~ P => y).

Lemma Y_if : forall (P : Prop) (hyp : P) x y z, x = z -> Yo P x y = z.
Proof.
rewrite /Yo => P hP x y z xeqz.
by rewrite -xeqz -[x]/((fun _:P => x) hP); apply by_cases_if.
Qed.

Lemma Y_if_not :
  forall (P : Prop) (hyp : ~ P) x y z, y = z -> Yo P x z = y.
Proof.
rewrite /Yo => P hnP x y z yeqz.
by rewrite -yeqz -[y]/((fun _:~P => y) hnP); apply by_cases_if_not.
Qed.

Lemma Y_if_rw : forall (P:Prop) (hyp :P) x y, Yo P x y = x.
Proof. by move=> p hP x y; apply Y_if. Qed.

Lemma Y_if_not_rw : forall (P:Prop) (hyp : ~P) x y, Yo P x y = y.
Proof. by move=> p hnP x y; apply Y_if_not. Qed.

Ltac Ytac eq:=
  match goal with
  | |- context [Yo (?i = ?j) _ _ ] =>
      case (equal_or_not i j) => eq;
         [rewrite (Y_if_rw eq) | rewrite (Y_if_not_rw eq) ]
end.

Ltac Ytac1 eq:=
  match goal with
  | |- context [Yo (inc ?i ?j) _ _ ] =>
      case (inc_or_not i j) => eq;
   [rewrite (Y_if_rw eq) | rewrite (Y_if_not_rw eq) ]
end.

Ltac Ytac0 := match goal with
  | h: ?p |- context [Yo ?p _ _ ] => rewrite (Y_if_rw h)
  | h: (~ ?p) |- context [Yo ?p _ _ ] => rewrite (Y_if_not_rw h)
  | h: ?j <> ?i |- context [Yo (?i = ?j) _ _ ]
     => rewrite (Y_if_not_rw (sym_not_equal h))
  | |- context [Yo (?i = ?i) _ _ ] => rewrite (Y_if_rw (refl_equal i))
end.

Lemma IM_rw: forall (x : Set) (f : x -> Set) (y : Set),
  inc y (IM f) = exists a : x, f a = y.
Proof. by move=> x f y; apply iff_eq ; [ apply IM_exists | apply IM_inc]. Qed.

CoInductive Zorec (x : Set) (f : x -> Prop) : Set :=
  Zorec_c :forall (a: x), f a -> Zorec f.

Definition Zo (x:Set) (p:Set -> Prop) :=
  IM (fun (z : Zorec (fun (a : x) => p (Ro a))) => let (a, _) := z in Ro a).

Lemma Z_inc : forall x (p: Set -> Prop) y, inc y x -> p y -> inc y (Zo x p).
Proof.
rewrite /Zo => x p y [a Roa]; rewrite -{1} Roa => py.
 by apply IM_inc; exists (Zorec_c (f:= (fun a : x => p (Ro a))) py).
Qed.

Lemma Z_rw: forall x p y, inc y (Zo x p) = (inc y x & p y).
Proof.
move=> x y p; apply iff_eq; last by move=> [u v] ;apply Z_inc.
move=> H; case: (IM_exists H) => v Hv; rewrite -Hv.
by case v => a Poa; ee; apply R_inc.
Qed.

Lemma Z_sub : forall x p, sub (Zo x p) x.
Proof. by move=> x p y; rewrite Z_rw; intuition. Qed.
End Constructions.

Export Constructions.

Module Little.

Inductive two_points : Set :=
  | two_points_a | two_points_b.

Definition TPa := Ro two_points_a.
Definition TPb := Ro two_points_b.

Lemma two_points_rw: forall x,
  inc x two_points = (x= TPa \/ x = TPb).
Proof.
rewrite /TPa /TPb /inc => x; apply iff_eq.
  by case; case; auto.
case; [ by exists two_points_a | by exists two_points_b].
Qed.

Lemma two_points_distinct: TPa <> TPb.
Proof. move=> eq; pose e:=(R_inj eq); discriminate e. Qed.

Lemma two_points_distinctb: TPb <> TPa.
Proof. move=> eq; pose e:= (R_inj eq); discriminate e. Qed.

Lemma inc_TPa_two_points: inc TPa two_points.
Proof. rewrite /TPa; apply R_inc. Qed.

Lemma inc_TPb_two_points: inc TPb two_points.
Proof. by rewrite /TPb; apply R_inc. Qed.

Definition doubleton (x y : Set) :=
  IM (two_points_rect x y).

Lemma doubleton_first : forall x y, inc x (doubleton x y).
Proof. by rewrite /doubleton => x y; apply IM_inc; exists two_points_a. Qed.

Lemma doubleton_second : forall x y : Set, inc y (doubleton x y).
Proof. by rewrite /doubleton => x y; apply IM_inc; exists two_points_b. Qed.

Lemma doubleton_or :
 forall x y z : Set, inc z (doubleton x y) -> z = x \/ z = y.
Proof. by move=> x y z izd; case: (IM_exists izd) => a; case a; auto. Qed.

Hint Resolve doubleton_first doubleton_second inc_TPa_two_points inc_TPb_two_points: fprops.

Lemma doubleton_rw : forall x y z : Set,
  inc z (doubleton x y) = (z = x \/ z = y).
Proof.
move=> x y z; apply iff_eq; [apply doubleton_or | by case => ->; fprops].
Qed.

Lemma two_points_pr2: doubleton TPa TPb = two_points.
Proof.
by set_extens x; rewrite two_points_rw doubleton_rw.
Qed.

Lemma doubleton_inj : forall x y z w,
  doubleton x y = doubleton z w -> (x = z & y = w) \/ (x = w & y = z).
Proof.
move=> x y z w eql.
have x_zw: inc x (doubleton z w) by rewrite -eql; fprops.
have y_zw: inc y (doubleton z w) by rewrite -eql; fprops.
case (doubleton_or x_zw) => xs.
  left; ee.
  have w_xy: inc w (doubleton x y) by rewrite eql; fprops.
  case (doubleton_or w_xy); last by [].
  by case (doubleton_or y_zw) ; move: xs => -> ->.
case (doubleton_or y_zw); first by right.
have z_xy: inc z (doubleton x y) by rewrite eql; fprops.
by case (doubleton_or z_xy); intuition.
Qed.

Definition singleton x := doubleton x x.

Lemma doubleton_singleton : forall x, doubleton x x = singleton x.
Proof. by []. Qed.

Lemma singleton_rw: forall x y, inc y (singleton x) = (y = x).
Proof.
move=> x y; rewrite doubleton_rw; apply iff_eq; intuition.
Qed.

Hint Rewrite two_points_rw doubleton_rw singleton_rw: aw.

Lemma singleton_inc : forall x, inc x (singleton x).
Proof. move => x; aw. Qed.

Hint Resolve sub_refl singleton_inc: fprops.

Lemma singleton_eq : forall x y, inc y (singleton x) -> y = x.
Proof. by move => x y; aw. Qed.

Lemma singleton_inj : forall x y, singleton x = singleton y -> x = y.
Proof. by move => x y eq; apply singleton_eq; rewrite -eq; fprops. Qed.

Lemma nonempty_singleton: forall x, nonempty (singleton x).
Proof. by move => x; exists x; fprops. Qed.

Lemma sub_singleton: forall x y,
  inc x y -> sub (singleton x) y.
Proof. by move=> x y ixy t itsx; rewrite (singleton_eq itsx). Qed.

Hint Resolve nonempty_singleton: fprops.

Lemma singleton_emptyset_not_empty: (singleton emptyset) <> emptyset.
Proof. rewrite - nonempty_or_empty; fprops. Qed.

Hint Resolve singleton_emptyset_not_empty two_points_distinctb: fprops.

Definition is_singleton x := exists u, x = singleton u.

Lemma is_singleton_rw: forall x,
  is_singleton x = (nonempty x & (forall a b, inc a x -> inc b x -> a = b)).
Proof.
move=> x; apply iff_eq.
  by move=> [z] ->; split; [fprops | move=> a b; aw=> -> ->].
move=> [[y yx] h]; exists y.
by set_extens u; aw; [ move => ax; apply: h | move=> -> ].
Qed.

Lemma is_singleton_pr: forall y x,
 ( (inc x y) & (forall z, inc z y -> z = x)) -> y = singleton x.
Proof. by move=> y x [xy zy]; set_extens t; aw; [ apply zy | move=> ->].
Qed.

Lemma singleton_pr1: forall a x, nonempty x ->
  (forall z, inc z x -> z = a) -> x = singleton a.
Proof.
move=> a x [y yx] p.
move: (p _ yx) => aux; rewrite aux in yx.
apply is_singleton_pr; split=>//.
Qed.

Lemma nonempty_doubleton: forall x y, nonempty (doubleton x y).
Proof. by move=> x y; exists x; fprops. Qed.

Lemma sub_doubleton: forall x y z,
  inc x z -> inc y z -> sub (doubleton x y) z.
Proof. by move=> x y z xz yz t; aw; case => ->. Qed.

Lemma doubleton_symm: forall a b,
  doubleton a b = doubleton b a.
Proof. move=> a b; set_extens t; aw; intuition. Qed.

Definition small_set x :=
  forall u v, inc u x -> inc v x -> u = v.

Lemma emptyset_small: small_set emptyset.
Proof. move=> u v ux; empty_tac0. Qed.

Lemma singleton_small: forall x, small_set (singleton x).
Proof. by move=> x u v ; aw; move => -> ->. Qed.

Lemma small_set_pr: forall x, small_set x ->
  x = emptyset \/ is_singleton x.
Proof.
move=> x sx; case (emptyset_dichot x); first by auto.
move=> ne; right;rewrite is_singleton_rw //.
Qed.

End Little.

Export Little.

Module Complement.

Definition complement (a b : Set) := Zo a (fun x : Set => ~ inc x b).

Lemma complement_rw :
  forall a b x, inc x (complement a b) = (inc x a & ~ inc x b).
Proof. by rewrite /complement=> a b x; rewrite Z_rw. Qed.

Hint Rewrite complement_rw: sw.

Lemma use_complement :
  forall a b x, inc x a -> ~ inc x (complement a b) -> inc x b.
Proof. by move=> a b x xa nx_cab; ex_middle h; case nx_cab; srw. Qed.

Lemma sub_complement: forall a b, sub (complement a b) a.
Proof. by move=> a b t; srw; case. Qed.

Lemma empty_complement: forall a b,
  complement a b = emptyset -> sub a b.
Proof.
move=> a b eql t ta.
by apply (@use_complement a b t) => // ; rewrite eql; apply emptyset_pr.
Qed.

Lemma strict_sub_nonempty_complement : forall x y,
  strict_sub x y -> nonempty (complement y x).
Proof.
move=> x y [s neq].
rewrite nonempty_or_empty; dneg ceq.
by apply extensionality=> //; apply empty_complement.
Qed.

Lemma double_complement: forall a x,
  sub a x -> complement x (complement x a) = a.
Proof.
move=> a x sax.
set_extens t; srw.
  by move=> [tx not_p]; ex_middle h; case not_p.
by move=> ta; apply conj; [apply (sax _ ta) | move => [tx nta ] ].
Qed.

Hint Rewrite double_complement: sw.

Lemma complement_itself : forall x,
  complement x x = emptyset.
Proof. move=>x; apply is_emptyset=> y; srw; intuition. Qed.

Lemma complement_emptyset : forall x,
  complement x emptyset = x.
Proof.
move=> x; set_extens t; srw; first by intuition.
by move=> tx; ee; apply emptyset_pr.
Qed.

Lemma not_inc_complement_singleton: forall a b,
  ~ (inc b (complement a (singleton b))).
Proof. by move=> a b; srw;aw ; move => [ _ nbb]; apply nbb. Qed.

Lemma complement_monotone : forall a b x,
  sub a x -> sub b x -> (sub a b = sub (complement x b) (complement x a)).
Proof.
move=> a b x ax bx; apply iff_eq; rewrite /sub => ab t.
  by srw; move=> [tx ntb]; ee; dneg ta; apply ab.
move => ta.
case (inc_or_not t (complement x b)); last by apply use_complement; apply ax.
move=> tcxb; move: (ab _ tcxb); srw; intuition.
Qed.

End Complement.
Export Complement.

Module Image.

Definition fun_image (x : Set) (f : Set -> Set) := IM (fun a : x => f (Ro a)).

Lemma fun_image_rw : forall f x y,
  inc y (fun_image x f) = exists z, (inc z x & f z = y).
Proof.
rewrite/fun_image => f x y; rewrite IM_rw; apply iff_eq; case=> a.
   by exists (Ro a); ee ; apply R_inc.
by move=> [ax fay]; exists (Bo ax); rewrite (B_eq ax).
Qed.

Lemma inc_fun_image : forall x f a, inc a x -> inc (f a) (fun_image x f).
Proof. by move => x f a; rewrite fun_image_rw; exists a. Qed.

Hint Rewrite fun_image_rw : aw.

End Image.
Export Image.

Module Powerset.

Definition powerset (x : Set) :=
  IM (fun p : x -> two_points =>
    Zo x (fun y : Set => forall hyp : inc y x, p (Bo hyp) = two_points_a)).

Lemma powerset_inc : forall x y, sub x y -> inc x (powerset y).
Proof.
rewrite /powerset => x y sxy; apply IM_inc.
exists (fun b:y =>by_cases (fun _:inc (Ro b) x => two_points_a)
    (fun _:~inc (Ro b) x => two_points_b)).
set_extens t; rewrite Z_rw.
  move => [tx bc]; ex_middle w.
  by set e:=(bc tx); move: e; rewrite B_eq by_cases_if_not=> e.
by move=> tx; split;[ apply sxy | move=> h; rewrite B_eq by_cases_if].
Qed.

Lemma powerset_sub : forall x y, inc x (powerset y) -> sub x y.
Proof.
rewrite/powerset=> x y ixpy.
by case (IM_exists ixpy)=> t eql; rewrite -eql; apply Z_sub.
Qed.

Lemma powerset_inc_rw : forall x y, inc x (powerset y) = sub x y.
Proof.
move=> x y; apply iff_eq ; [ apply powerset_sub | apply powerset_inc].
Qed.

Hint Rewrite powerset_inc_rw : aw.

Lemma inc_x_powerset_x: forall x, inc x (powerset x).
Proof. by move=> x; aw. Qed.

Lemma inc_e_powerset_x: forall x, inc emptyset (powerset x).
Proof. move=> x; aw; apply emptyset_sub_any. Qed.

Lemma powerset_monotone: forall a b,
  sub a b -> sub (powerset a) (powerset b).
Proof. by move=> a b sab x; aw; move => sxa;apply: (sub_trans _ sab). Qed.

Lemma powerset_emptyset :
  powerset emptyset = singleton emptyset.
Proof.
set_extens t; aw => eq.
  apply extensionality=> //; apply emptyset_sub_any.
 rewrite eq; apply emptyset_sub_any.
Qed.

End Powerset.
Export Powerset.

Module Union.

Record Union_integral (x : Set) : Set :=
  {Union_param : x; Union_elt : Ro Union_param}.

Definition union (x : Set) :=
  IM (fun i : Union_integral x => Ro (Union_elt i)).

Lemma union_inc : forall x y a, inc x y -> inc y a -> inc x (union a).
Proof.
rewrite /union=> x y a xy ya.
have Bya: Ro (Bo ya) = y by apply B_eq.
have xBya: (inc x (Ro (Bo ya))) by rewrite Bya.
by apply IM_inc; exists (Build_Union_integral (Bo xBya)); simpl; apply B_eq.
Qed.

Lemma union_exists : forall x a,
    inc x (union a) -> exists y, inc x y & inc y a.
Proof.
rewrite /union=> x a xu; case (IM_exists xu) => t pt.
by exists (Ro (Union_param t)); rewrite -pt; split; apply R_inc.
Qed.

Lemma union_rw: forall x a,
  inc x (union a)= (exists y, inc x y & inc y a).
Proof.
move=> x y; apply iff_eq ; first by apply union_exists.
by case=> a [xa ay]; apply: (union_inc xa ay).
Qed.

Hint Rewrite union_rw : sw.

Lemma union_sub: forall x y, inc x y -> sub x (union y).
Proof. by move=>x y xy t tx ; apply union_inc with x. Qed.

Lemma sub_union : forall x z,
  (forall y, inc y z -> sub y x) -> sub (union z) x.
Proof.
by move=> x z asub t; srw; move => [a [ta az]] ; apply (asub _ az).
Qed.

Lemma union_empty: union emptyset = emptyset.
Proof.
empty_tac x xi; case (union_exists xi)=> y [ _ ye].
by move: ye; apply emptyset_pr.
Qed.

Definition union2 (x y : Set) := union (doubleton x y).

Lemma union2_or : forall x y a, inc a (union2 x y) -> inc a x \/ inc a y.
Proof.
rewrite/union2 => x y a; srw.
by case => t [ aat td ]; case (doubleton_or td)=> <-; auto.
Qed.

Lemma union2_first : forall x y a, inc a x -> inc a (union2 x y).
Proof. by rewrite /union2=> x y a ax; apply union_inc with x; fprops. Qed.

Lemma union2_second : forall x y a, inc a y -> inc a (union2 x y).
Proof. by rewrite /union2=> x y a ax; apply union_inc with y; fprops. Qed.

Lemma union2_rw : forall a b x,
  inc x (union2 a b) = (inc x a \/ inc x b).
Proof.
move=> a b x; apply iff_eq; first by apply union2_or.
by case ; [apply union2_first | apply union2_second].
Qed.

Hint Rewrite union2_rw: aw.

Lemma union2sub_first: forall a b, sub a (union2 a b).
Proof. by move=> a b t tu; apply union2_first. Qed.

Lemma union2sub_second: forall a b, sub b (union2 a b).
Proof. by move=> a b t tu; apply union2_second. Qed.

Lemma union2sub: forall a b c, sub a c -> sub b c -> sub (union2 a b) c.
Proof. by move=> a b c ac bc x; aw; case; [apply ac | apply bc]. Qed.

Lemma union2idem: forall x, union2 x x = x.
Proof.
by move=> x; set_extens t=> tx; [case (union2_or tx) | apply union2_first].
Qed.

Lemma union2C: forall x y, union2 x y = union2 y x.
Proof. by move=> x y; set_extens t; aw; intuition. Qed.

Lemma union_singleton: forall x,
  union (singleton x) = x.
Proof. move=>x; rewrite -doubleton_singleton; apply union2idem. Qed.

Lemma union_doubleton: forall x y,
  union2 (singleton x)(singleton y) = doubleton x y.
Proof. by move=> x y ; set_extens t; aw. Qed.

Lemma union2A: forall x y z,
  union2 x (union2 y z) = union2 (union2 x y) z.
Proof. move=> x y z; set_extens t; aw ;intuition. Qed.

Definition tack_on x y := union2 x (singleton y).

Lemma tack_on_or : forall x y z, inc z (tack_on x y) ->
  (inc z x \/ z = y).
Proof. rewrite/tack_on=> x y z; aw. Qed.

Lemma tack_on_rw: forall x y z,
  (inc z (tack_on x y) ) = (inc z x \/ z = y).
Proof. move=> x y z; rewrite /tack_on; aw. Qed.

Hint Rewrite tack_on_rw : aw.

Lemma inc_tack_on_x: forall a b, inc a (tack_on b a).
Proof. by move=> a b; aw; auto. Qed.

Lemma inc_tack_on_sub: forall a b, sub b (tack_on b a).
Proof. by move=> a b t; aw; auto. Qed.

Lemma inc_tack_on_y: forall a b y, inc y b -> inc y (tack_on b a).
Proof. by move=> a b y; aw; auto. Qed.

Hint Resolve inc_tack_on_x inc_tack_on_y inc_tack_on_sub: fprops.

Lemma tack_on_when_inc: forall x y, inc y x -> tack_on x y = x.
Proof.
move=> x y yx.
apply extensionality; last by apply inc_tack_on_sub.
by move=> t; aw; case => // ->.
Qed.

Lemma tack_on_sub: forall x y z, sub x z -> inc y z -> sub (tack_on x y) z.
Proof. by move=> x y z xz yz t; aw; case ; [ apply xz | move=> -> ]. Qed.

Lemma tack_on_complement: forall x y, inc y x ->
  x = tack_on (complement x (singleton y)) y.
Proof.
move=> x y yx; set_extens t; aw; srw; aw.
  by case (equal_or_not t y); intuition.
by case; [intuition | move=> ->].
Qed.

End Union.

Export Union.

Module Intersection.

Definition intersection (x : Set) :=
  Zo (union x) (fun y : Set => forall z : Set, inc z x -> inc y z).

Lemma intersection_empty: intersection emptyset = emptyset.
Proof.
rewrite/intersection union_empty; empty_tac3 x.
rewrite Z_rw; move => [xe _]; empty_tac0.
Qed.

Lemma intersection_inc : forall x a,
  nonempty x -> (forall y, inc y x -> inc a y) -> inc a (intersection x).
Proof.
rewrite /intersection => x a nx all_ayx; case nx=> y yx; apply Z_inc=> //.
move: (all_ayx _ yx) (yx); apply union_inc.
Qed.

Lemma intersection_forall :
 forall x a y, inc a (intersection x) -> inc y x -> inc a y.
Proof.
rewrite /intersection => x a y; rewrite Z_rw; srw; move=> [_]; apply.
Qed.

Lemma intersection_sub : forall x y, inc y x -> sub (intersection x) y.
Proof. by move=> x y yx t ti; move: ti yx; apply intersection_forall.
Qed.

Definition intersection2 x y := intersection (doubleton x y).

Lemma intersection2_inc :
  forall x y a, inc a x -> inc a y -> inc a (intersection2 x y).
Proof.
rewrite/intersection2 => x y a ax ay.
apply: intersection_inc; first by apply nonempty_doubleton.
by move=> t; aw; case=> ->.
Qed.

Lemma intersection2_first :
 forall x y a, inc a (intersection2 x y) -> inc a x.
Proof.
rewrite/intersection2 => x y a ai.
by apply: intersection_forall; [ by apply ai | fprops].
Qed.

Lemma intersection2_second :
 forall x y a, inc a (intersection2 x y) -> inc a y.
Proof.
rewrite/intersection2 => x y a ai.
by apply: intersection_forall; [ by apply ai |fprops ].
Qed.

Lemma intersection2_rw: forall x y a,
  inc a (intersection2 x y) = (inc a x & inc a y).
Proof.
move=> x y a; apply iff_eq => ai.
  by split; [ apply (intersection2_first ai) | apply (intersection2_second ai)].
by move: ai=> [ax ay]; apply intersection2_inc.
Qed.

Hint Rewrite intersection2_rw: aw.

Lemma intersection2sub_first: forall a b, sub (intersection2 a b) a.
Proof. by move=>a b t; apply intersection2_first. Qed.

Lemma intersection2sub_second: forall a b, sub (intersection2 a b) b.
Proof. by move=>a b t; apply intersection2_second. Qed.

Lemma intersection2sub: forall a b c, sub c a -> sub c b ->
 sub c (intersection2 a b).
Proof. move=>a b c ca cb t tc; aw; ee. Qed.

Lemma intersection2idem: forall x, intersection2 x x = x.
Proof. move=> x; set_extens t; first by apply intersection2_first.
by move=> tx; apply intersection2_inc.
Qed.

Lemma intersection_singleton: forall x,
  intersection (singleton x) = x.
Proof. move=>x; rewrite -doubleton_singleton; apply intersection2idem. Qed.

Lemma intersection2C: forall x y, intersection2 x y = intersection2 y x.
Proof. by move=>x y; set_extens t; aw; intuition. Qed.

Lemma intersection2A: forall x y z,
  intersection2 x (intersection2 y z) = intersection2 (intersection2 x y) z.
Proof. move=> x y z; set_extens t; aw ;intuition. Qed.

Lemma intersection2_sub: forall x y,
  sub x y = (intersection2 x y = x).
Proof.
move=> x y; apply iff_eq; last by move=> <-; apply intersection2sub_second.
move=> sxy; set_extens t; aw; first by intuition.
by move=> tx; ee; apply sxy.
Qed.

Definition disjoint x y := intersection2 x y = emptyset.

Lemma disjoint_pr: forall a b,
  (forall u, inc u a -> inc u b -> False) -> disjoint a b.
Proof. move=> a b p; red; empty_tac3 u; aw; case; apply p. Qed.

Lemma disjoint_complement : forall x y,
  disjoint y (complement x y).
Proof. by move=> x y; apply disjoint_pr; move=> u uy; srw; intuition. Qed.

Lemma disjoint_symmetric : forall x y,
  disjoint x y -> disjoint y x.
Proof. by move=> x y; rewrite /disjoint intersection2C. Qed.

Ltac empty_tac2 u :=
  match goal with H: disjoint ?x ?y |- _ =>
     elim (emptyset_pr (x:= u)); rewrite <- H; apply intersection2_inc =>//
  end.

End Intersection.

Export Intersection.

Module Pair.

Definition kpair x y := doubleton (singleton x) (doubleton x y).
Definition kpr1 x := union (intersection x).
Definition kpr2 x :=
   union (Zo (union x) (fun z => (doubleton (kpr1 x) z) = (union x))).

Module Type PairSig.
Parameter first_proj second_proj : Set -> Set.
Parameter pair_ctor : Set -> Set -> Set.
Axiom kpr1E: first_proj = kpr1.
Axiom kpr2E: second_proj = kpr2.
Axiom kprE: pair_ctor = kpair.
End PairSig.

Module Pair : PairSig.
Definition pair_ctor := kpair.
Definition first_proj := kpr1.
Definition second_proj := kpr2.
Lemma kprE: pair_ctor = kpair. Proof. by []. Qed.
Lemma kpr1E: first_proj = kpr1. Proof. by []. Qed.
Lemma kpr2E: second_proj = kpr2. Proof. by []. Qed.
End Pair.

Notation J := Pair.pair_ctor.
Notation P := Pair.first_proj.
Notation Q := Pair.second_proj.

Lemma kpr0_pair: forall x y, intersection (J x y) = singleton x.
Proof.
move=> x y; rewrite Pair.kprE.
have sx_k: (inc (singleton x) (kpair x y)) by rewrite/ kpair; fprops.
apply is_singleton_pr; split.
  apply intersection_inc; first by exists (singleton x).
  by rewrite/kpair =>z; aw; case=> ->; fprops.
move=> z zi; suff: inc z (singleton x) by aw.
by move: zi sx_k; apply intersection_forall.
Qed.

Lemma pr1_pair: forall x y, P (J x y) = x.
Proof. by move=> x y; rewrite Pair.kpr1E /kpr1 kpr0_pair union_singleton. Qed.

Lemma pr2_pair: forall x y, Q (J x y) = y.
Proof.
move=> x y; rewrite Pair.kpr2E /kpr2.
have ->: (union (J x y) = doubleton x y).
  rewrite Pair.kprE /kpair; set_extens t =>ts; last first.
     by apply: (union_inc ts); fprops.
  case (union_exists ts) => a; rewrite doubleton_rw; move => [ta aeq].
  by move: aeq ta; case => -> //; aw => ->; fprops.
rewrite - Pair.kpr1E pr1_pair - {3}(union_singleton y); apply f_equal.
set_extens t; rewrite Z_rw /kpair; aw;last by move=> ->; auto.
move=> [h1 h2]; case h1 => // tx.
have : inc y (doubleton x t) by rewrite h2; fprops.
by aw; case; move => ->.
Qed.

Hint Rewrite pr1_pair pr2_pair : aw.

Lemma pr1_def : forall a b c d, J a b = J c d -> a = c.
Proof.
move=> a b c d eql.
by transitivity (P (J a b)); [| rewrite eql]; rewrite pr1_pair.
Qed.

Lemma pr2_def : forall a b c d, J a b = J c d -> b = d.
Proof.
move=> a b c d eql.
by transitivity (Q (J a b)); [ | rewrite eql ]; rewrite pr2_pair.
Qed.

Definition is_pair (x : Set ) := (J (P x) (Q x) = x).

Lemma pair_is_pair : forall x y : Set, is_pair (J x y).
Proof. move=> x y; rewrite /is_pair; aw. Qed.

Hint Resolve pair_is_pair: fprops.

Lemma pair_exten : forall a b,
  is_pair a -> is_pair b -> P a = P b -> Q a = Q b -> a = b.
Proof.
move=> a b pa pb Pab Qab.
by transitivity (J (P a) (Q a)) ; [| rewrite Pab Qab]; aw.
Qed.

End Pair.

Export Pair.