Labelled Natural Deduction for Public Announcement Logic with Common Knowledge

Abstract

Public announcement logic is a logic that studies epistemic updates. In this paper, we propose a sound and complete labelled natural deduction system for public announcement logic with the common knowledge operator (PAC). The completeness of the proposed system is proved indirectly through a Hilbert calculus for PAC known to be complete and sound. We conclude with several discussions regarding the system including some problems of the system in attaining normalisation and subformula property.

1. Introduction

An agent’s knowledge over a proposition may be updated when new information is given. Public announcement logic (PAL) is a logic that formalises the notion of this epistemic updates. The common knowledge operator on the other hand is an operator that attempts to formalise the notion of common or mutual knowledge among a group of agents. One can understand the common knowledge of proposition A as everyone knowing that A, everyone knowing that everyone knowing that A, and so on ad infinitum. The interaction between public announcement and common knowledge helps us understand the dynamic of (common) knowledge of a group in social interaction. One significant implication of understanding the dynamic of (common) knowledge may be realised in cryptography, particularly cryptographic protocol, as the information in a protocol is dynamic and the common knowledge of a piece of information between, say, two agents might be required to be achieved in a protocol.

We assume here that public announcement logic with common knowledge (PAC) is a multi-modal extension of the modal logic S5 and that an announced formula is always true. Several proof systems have been proposed for PAL: a display calculus [1], sequent calculi [2,3,4], a tableau calculus [5], and a Hilbert calculus [6]. The proposed proof systems for (normal) modal logics with the common knowledge operator, on the other hand, are for example the Tait calculus of [7,8,9] and the hypersequent calculus of [10]. So far, all known proof systems for the logic with the interaction of public announcement and common knowledge are formulated as Hilbert calculi for example the Hilbert calculus for public announcement logic with common knowledge (PAC) of [6].

In this paper, we propose a labelled natural deduction for public announcement logic with common knowledge (NPAC). We begin by presenting the syntax of PAC in which there are two types of formula: labelled and relational formulas. The Kripke semantics of the logic is based on the notion of a restricted model that gives meaning to an indexed or updated formula. Then, we present the labelled natural deduction for PAC. Its soundness is proved by translating PAC into NPAC. Finally, we discuss the assumption that we made regarding the announcement being always true and some difficulties of some of the rules that are needed to be resolved for NPAC to be normalisable and to satisfy the subformula property.

2. Syntax

We assume a countably infinite set of atomic propositions $p,q,r,\dots ,$ a set $\mathcal{W}$ of worlds $x,y,z,\dots ,$ a finite set G of agent-symbols $a,b,c,\dots ;$ and corresponding knowledge operators $K_a,K_b,K_c,\dots$ and finite set $R_G$ of binary relation symbols $R_a,R_b,R_c,\dots .$ We assume also sets of agent-symbols $\overrightarrow{a},\overrightarrow{a_1},\overrightarrow{a_2}\dots ;$ and corresponding group knowledge operators ${\mathcal{E}}_{\overrightarrow{a}},{\mathcal{E}}_{\overrightarrow{a_1}},{\mathcal{E}}_{\overrightarrow{a_2}},\dots$ and common knowledge operators ${\mathcal{C}}_{\overrightarrow{a}},{\mathcal{C}}_{\overrightarrow{a_1}},{\mathcal{C}}_{\overrightarrow{a_2}},\dots .$ We use the sequence notation for a set of agent-symbols for brevity and it should intuitively be understood as an occurrence-insensitive, unordered sequence of agent-symbols as it should be in a set. For example, if $\overrightarrow{a}=\{a,b,c\}$ then instead of writing ${\mathcal{E}}_{\{a,b,c\}}A$ and ${\mathcal{C}}_{\{a,b,c\}}A$ we occasionally write ${\mathcal{E}}_{abc}A$ and ${\mathcal{C}}_{abc}A$. Finally, we assume a transitive closure symbol ${}^{\ast }$, a falsum symbol ⊥, an implication operator ⊃, and a binary announcement operator $\left[A\right]B$ for arbitrary basic formulas A and B defined below.

A basic formula A is defined by the following scheme

$$A:=|\perp |A\supset A|K_{a}A|{\mathcal{E}}_{\overrightarrow{a}}A\left|{\mathcal{C}}_{\overrightarrow{a}}A\right|\left[A\right]A$$

$\neg A$ is defined as $A\supset \perp$ and other propositional operators are defined in the obvious manner. Besides basic formulas, there are two forms of formula in PAC: labelled and relational formulas. A labelled formula is of the form $x{:}^{\overrightarrow{F}}A$ where A is a basic formula, x is a world, and $\overrightarrow{F}$ is a (possibly empty) finite sequence of basic formulas. A relational formula is of the form $x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y$ or $x{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }y$. $\overrightarrow{F}$ here is added as an index to keep track of the world updates in the syntax. For brevity, we use “formula” for labelled or relational formulas $\mathcal{A},\mathcal{B},\mathcal{C},\dots ;$ or basic formulas $A,B,C,\dots .$ Whichever the situation is, it can be easily understood by the script or the non-script font used.

3. Semantics

A Kripke model for PAC is a structure $\mathcal{M}=⟨\mathcal{W},R_G,\mathcal{V}⟩$ such that $\mathcal{W}$ is a non-empty finite set of worlds, $R_G={\bigcup }_{a\in G}{R}_a$ where $R_a$ is an equivalence relation on $\mathcal{W}$, and $\mathcal{V}:\mathcal{W}\times P\to \{0,1\}$ is a valuation function that for every pair of world x and atomic proposition p yields the truth value of p at x.

Let $\mathcal{M}$ be a Kripke model and A a basic formula. A restricted Kripke model for PAC is a structure ${\mathcal{M}}^A=⟨{\mathcal{W}}^A,R_G^A,{\mathcal{V}}^A⟩$ such that ${\mathcal{W}}^A=\{x\in \mathcal{W}:{\vDash }^{\mathcal{M}}x:A\}$ is a non-empty finite set of worlds, $R_G^A={\bigcup }_{a\in G}{R}_a^A$ where $R_a^A=R_a\cap ({\mathcal{W}}^A\times {\mathcal{W}}^A)$, and ${\mathcal{V}}^A{=\mathcal{V}|}_{{\mathcal{W}}^A\times P}$. We write ${\mathcal{M}}^{A_1,A_2,\dots ,A_n}$ or simply ${\mathcal{M}}^{\overrightarrow{F}}$ instead of ${{(}^{\dots }{({({\mathcal{M}}^{A_1})}^{A_2})}^{\dots })}^{A_n}$, and similarly ${\mathcal{W}}^{\overrightarrow{F}}$, $R_G^{\overrightarrow{F}}$, and ${\mathcal{V}}^{\overrightarrow{F}}$. For instance, we have ${\vDash }^{{\mathcal{M}}^A}x:B$ if $x\in {\mathcal{W}}^{A,B}$ since $x\in {({\mathcal{W}}^A)}^B=\{x\in {\mathcal{W}}^A:{\vDash }^{{\mathcal{M}}^A}x:B\}$.

Let $R_{\overrightarrow{a}}={\bigcup }_{a\in \overrightarrow{a}}{R}_a$ and $R^{\ast }$ be the transitive closure of a relation R. Truth for a formula $\mathcal{A}$ in a model ${\mathcal{M}}^{\overrightarrow{F_1}}$ (notation: ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1}}}\mathcal{A}$) is defined by main induction on the length of $\overrightarrow{F_1}$ with side induction on the complexity of $\mathcal{A}$:

• ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1}}}x{R}_a^{\overrightarrow{F_2}}y$ iff $(x,y)\in R_a^{\overrightarrow{F_1},\overrightarrow{F_2}}$.
• ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1}}}x{R}_{\overrightarrow{a}}^{\overrightarrow{F_2}}y$ iff $(x,y)\in R_{\overrightarrow{a}}^{\overrightarrow{F_1},\overrightarrow{F_2}}$.
• ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1}}}x{(R_{\overrightarrow{a}}^{\overrightarrow{F_2}})}^{\ast }y$ iff $(x,y)\in {(R_{\overrightarrow{a}}^{\overrightarrow{F_1},\overrightarrow{F_2}})}^{\ast }$.
• ${⊭}^{{\mathcal{M}}^{\overrightarrow{F_1}}}x{:}^{\overrightarrow{F_2}}\perp$ for every $x\in \mathcal{W}$ and every pair of sequences of formulas $\overrightarrow{F_1}$ and $\overrightarrow{F_2}$.
• ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1}}}x{:}^{\overrightarrow{F_2}}p$ iff ${\mathcal{V}}^{\overrightarrow{F_1},\overrightarrow{F_2}}(x,p)=1$.
• ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1}}}x{:}^{\overrightarrow{F_2}}A\supset B$ iff ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1},\overrightarrow{F_2}}}x:A$ implies ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1},\overrightarrow{F_2}}}x:B$.
• ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1}}}x{:}^{\overrightarrow{F_2}}{K}_{a}A$ iff, for every y, ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1},\overrightarrow{F_2}}}x{R}_{a}y$ implies ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1},\overrightarrow{F_2}}}y:A$.
• ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1}}}x{:}^{\overrightarrow{F_2}}{\mathcal{E}}_{\overrightarrow{a}}A$ iff, for every y, ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1},\overrightarrow{F_2}}}x{R}_{\overrightarrow{a}}y$ implies ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1},\overrightarrow{F_2}}}y:A$.
• ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1}}}x{:}^{\overrightarrow{F_2}}{\mathcal{C}}_{\overrightarrow{a}}A$ iff, for every y, ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1},\overrightarrow{F_2}}}x{(R_{\overrightarrow{a}})}^{\ast }y$ implies ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1},\overrightarrow{F_2}}}y:A$.
• ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1}}}x{:}^{\overrightarrow{F_2}}\left[A\right]B$ iff ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1},\overrightarrow{F_2}}}x:A$ implies ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F_1},\overrightarrow{F_2},A}}x:B$.

We say that, for a set of labelled or relational formulas $\mathsf{\Gamma }$ and a formula $\mathcal{A}$, $\mathsf{\Gamma }\vDash \mathcal{A}$ if ${\vDash }^{\mathcal{M}}\mathsf{\Gamma }$ implies ${\vDash }^{\mathcal{M}}\mathcal{A}$ for every model $\mathcal{M}$. We also say that, for a set of basic formulas $\mathsf{\Delta }$ and a basic formula A, $\mathsf{\Delta }\vDash A$ if ${\vDash }^{\mathcal{M}}x:\mathsf{\Delta }$ implies ${\vDash }^{\mathcal{M}}x:A$ for every model $\mathcal{M}$ and every world x in $\mathcal{W}$.

The following propositions will be used to establish the soundness of NPAC in Section 5.

Proposition 1.

For every Kripke model $\mathcal{M}$, ${\vDash }^{\mathcal{M}}x{:}^{A}B$ iff ${\vDash }^{{\mathcal{M}}^A}x:B$.

Proof. 

This can be proved via an induction over the complexity of B. We show only cases where (1) B is atomic p, (2) B is ${\mathcal{C}}_{\overrightarrow{a}}D$, and (3) B is $\left[D\right]E$. (1) ${\vDash }^{\mathcal{M}}x{:}^{A}p$ iff ${\mathcal{V}}^A(x,p)=1$ iff ${\vDash }^{{\mathcal{M}}^A}x:p$. (2) ${\vDash }^{\mathcal{M}}x{:}^A{\mathcal{C}}_{\overrightarrow{a}}D$ iff, for every y, ${\vDash }^{\mathcal{M}}x{(R_{\overrightarrow{a}}^A)}^{\ast }y$ implies ${\vDash }^{{\mathcal{M}}^A}y:D$ iff, for every y, $(x,y)\in {(R_{\overrightarrow{a}}^A)}^{\ast }$ implies ${\vDash }^{{\mathcal{M}}^A}y:D$ iff, for every y, ${\vDash }^{{\mathcal{M}}^A}x{(R_{\overrightarrow{a}})}^{\ast }y$ implies ${\vDash }^{{\mathcal{M}}^A}y:D$ iff ${\vDash }^{{\mathcal{M}}^A}x:{\mathcal{C}}_{\overrightarrow{a}}D$. (3) ${\vDash }^{\mathcal{M}}x{:}^A\left[D\right]E$ iff ${\vDash }^{{\mathcal{M}}^A}x:D$ implies ${\vDash }^{{\mathcal{M}}^{A,D}}x:E$ iff ${\vDash }^{{\mathcal{M}}^A}x:\left[D\right]E$.  □

Given the standard definition of $A\wedge B$ as $(A\supset (B\supset \perp ))\supset \perp$, we have that ${\vDash }^{\mathcal{M}}x:A\wedge B$ iff ${\vDash }^{\mathcal{M}}x:A$ and ${\vDash }^{\mathcal{M}}x:B$.

Proposition 2.

For every Kripke model $\mathcal{M}$, ${\mathcal{W}}^{A\wedge \left[A\right]B}={\mathcal{W}}^{A,B}$.

Proof. 

$x\in {\mathcal{W}}^{A\wedge \left[A\right]B}$ iff ${\vDash }^{\mathcal{M}}x:A\wedge \left[A\right]B$ iff ${\vDash }^{\mathcal{M}}x:A$ and ${\vDash }^{\mathcal{M}}x:\left[A\right]B$ iff ${\vDash }^{\mathcal{M}}x:A$ and $({\vDash }^{\mathcal{M}}x:A$ implies ${\vDash }^{\mathcal{M}}x{:}^{A}B)$ iff ${\vDash }^{\mathcal{M}}x:A$ and ${\vDash }^{\mathcal{M}}x{:}^{A}B$ iff (by Proposition 1) ${\vDash }^{\mathcal{M}}x:A$ and ${\vDash }^{{\mathcal{M}}^A}x:B$ iff $x\in {\mathcal{M}}^A$ and ${\vDash }^{{\mathcal{M}}^A}x:B$ iff $x\in {\mathcal{W}}^{A,B}$.  □

Proposition 3.

• ${\vDash }^{\mathcal{M}}x{R}_a^{\overrightarrow{F},A}y$ iff ${\vDash }^{\mathcal{M}}x{R}_a^{\overrightarrow{F}}y$, ${\vDash }^{\mathcal{M}}x{:}^{\overrightarrow{F}}A$, and ${\vDash }^{\mathcal{M}}y{:}^{\overrightarrow{F}}A$.
• $x{(R_{\overrightarrow{a}}^{\overrightarrow{F},A})}^{\ast }y\vDash x{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }y$.
• $\vDash x{:}^{\overrightarrow{F_1},A,B,\overrightarrow{F_2}}C$ iff $\vDash x{:}^{\overrightarrow{F_1},A\wedge \left[A\right]B,\overrightarrow{F_2}}C$.
• For every $1\le i\le n$, $x{R}_{a_i}^{\overrightarrow{F}}y\vDash x{R}_{a_1\dots a_n}^{\overrightarrow{F}}y$.
• If ${\vDash }^{\mathcal{M}}x{R}_{a_1\dots a_n}^{\overrightarrow{F}}y$ and, for every $1\le i\le n$, $({\vDash }^{\mathcal{M}}x{R}_{a_i}^{\overrightarrow{F}}y$ implies ${\vDash }^{\mathcal{M}}\mathcal{A}$) then ${\vDash }^{\mathcal{M}}\mathcal{A}$.
• $x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y\vDash x{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }y$.
• For every $n\ge 1$, $\{x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{z}_1,z_1{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{z}_2,\dots ,z_n{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y\}\vDash x{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }y$.
• If ${\vDash }^{\mathcal{M}}x{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }y$, $({\vDash }^{\mathcal{M}}x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y$ implies ${\vDash }^{\mathcal{M}}\mathcal{A})$, and for every natural number n$({\vDash }^{\mathcal{M}}x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{z}_1,{\vDash }^{\mathcal{M}}{z}_1{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{z}_2,\dots ,$ and ${\vDash }^{\mathcal{M}}{z}_n{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y$ implies ${\vDash }^{\mathcal{M}}\mathcal{A}$); then, ${\vDash }^{\mathcal{M}}\mathcal{A}$.

Proof. 

1. For an arbitrary $\mathcal{M}$, ${\vDash }^{\mathcal{M}}x{R}_a^{\overrightarrow{F},A}y$ iff $(x,y)\in R_a^{\overrightarrow{F},A}=R^{\overrightarrow{F}}\cap ({\mathcal{W}}^{\overrightarrow{F},A}\times {\mathcal{W}}^{\overrightarrow{F},A})$ iff $(x,y)\in R_a^{\overrightarrow{F}}$ and $(x,y)\in ({\mathcal{W}}^{\overrightarrow{F},A}\times {\mathcal{W}}^{\overrightarrow{F},A})$ iff $(x,y)\in R_a^{\overrightarrow{F}}$ and $x,y\in {\mathcal{W}}^{\overrightarrow{F},A}$ iff $(x,y)\in R_a^{\overrightarrow{F}}$, ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F}}}x:A$, and ${\vDash }^{{\mathcal{M}}^{\overrightarrow{F}}}y:A$ iff ${\vDash }^{\mathcal{M}}x{R}_a^{\overrightarrow{F}}y$, ${\vDash }^{\mathcal{M}}x{:}^{\overrightarrow{F}}A$, and ${\vDash }^{\mathcal{M}}y{:}^{\overrightarrow{F}}A$. 2. Clearly, $R_{\overrightarrow{a}}^{\overrightarrow{F},A}\subset R_{\overrightarrow{a}}^{\overrightarrow{F}}$. So, ${(R_{\overrightarrow{a}}^{\overrightarrow{F},A})}^{\ast }\subset {(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }$. Therefore, for an arbitrary $\mathcal{M}$, ${\vDash }^{\mathcal{M}}x{(R_{\overrightarrow{a}}^{\overrightarrow{F},A})}^{\ast }y$ implies $(x,y)\in {(R_{\overrightarrow{a}}^{\overrightarrow{F},A})}^{\ast }\subset {(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }$ implies ${\vDash }^{\mathcal{M}}x{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }y$. 3. Use Proposition 2. 4. If ${\vDash }^{\mathcal{M}}x{R}_{a_i}^{\overrightarrow{F}}y$ then $(x,y)\in R_{a_i}^{\overrightarrow{F}}\subset {\bigcup }_{a\in \{a_1,\dots ,a_i,\dots ,a_n\}}{R}_a^{\overrightarrow{F}}=R_{a_1\dots a_n}^{\overrightarrow{F}}$. Therefore ${\vDash }^{\mathcal{M}}x{R}_{a_1\dots a_n}^{\overrightarrow{F}}y$. 5. Suppose that the antecedent is true. Then, $(x,y)\in R_{a_1\dots a_n}^{\overrightarrow{F}}={\bigcup }_{a_i\in \{a_1,\dots ,a_n\}}{R}_{a_i}^{\overrightarrow{F}}$. Then $(x,y)\in R_{a_1}^{\overrightarrow{F}},\dots ,$ or $(x,y)\in R_{a_n}^{\overrightarrow{F}}$. Then ${\vDash }^{\mathcal{M}}x{R}_{a_1}^{\overrightarrow{F}}y,\dots ,$ or ${\vDash }^{\mathcal{M}}x{R}_{a_n}^{\overrightarrow{F}}y$. Therefore, since ${\vDash }^{\mathcal{M}}x{R}_{a_i}^{\overrightarrow{F}}y$ implies ${\vDash }^{\mathcal{M}}\mathcal{A}$ for every $1\le i\le n$, ${\vDash }^{\mathcal{M}}\mathcal{A}$. 6. Suppose that, for an arbitrary $\mathcal{M}$, ${\vDash }^{\mathcal{M}}x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y$. Then $(x,y)\in R_{\overrightarrow{a}}^{\overrightarrow{F}}$ but $R_{\overrightarrow{a}}^{\overrightarrow{F}}\subset {(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }$. So, ${\vDash }^{\mathcal{M}}x{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }y$. 7. Suppose that, for an arbitrary $\mathcal{M}$ and an arbitrary $n\ge 1$, ${\vDash }^{\mathcal{M}}x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{z}_1,{\vDash }^{\mathcal{M}}{z}_1{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{z}_2,\dots ,$ and ${\vDash }^{\mathcal{M}}{z}_n{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y$. Then $(x,z_1),(z_1,z_2),\dots ,$$(z_n,y)\in R_{\overrightarrow{a}}^{\overrightarrow{F}}y$. Since $R_{\overrightarrow{a}}^{\overrightarrow{F}}\subset {(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }$ and ${(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }$ is the transitive closure of $R_{\overrightarrow{a}}^{\overrightarrow{F}}$, then by iteration $(x,y)\in {(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }$. Therefore, ${\vDash }^{\mathcal{M}}x{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }y$. 8. Suppose that, for an arbitrary $\mathcal{M}$, ${\vDash }^{\mathcal{M}}x{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }y$, $({\vDash }^{\mathcal{M}}x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y$ implies ${\vDash }^{\mathcal{M}}\mathcal{A})$, and for every natural number n$({\vDash }^{\mathcal{M}}x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{z}_1,{\vDash }^{\mathcal{M}}{z}_1{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{z}_2,\dots ,$ and ${\vDash }^{\mathcal{M}}{z}_n{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y$ implies ${\vDash }^{\mathcal{M}}\mathcal{A})$. So, $(x,y)\in {(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }=R_{\overrightarrow{a}}^{\overrightarrow{F}}\cup R$ for some relation R. If $(x,y)\in R_{\overrightarrow{a}}^{\overrightarrow{F}}$ then ${\vDash }^{\mathcal{M}}x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y$ and, by the second supposition, ${\vDash }^{\mathcal{M}}\mathcal{A}$. If not then $(x,y)\notin R_{\overrightarrow{a}}^{\overrightarrow{F}}$ but $(x,y)\in R\subset {(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }$. By contradiction, assume that for every natural number n, ${⊭}^{\mathcal{M}}x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{z}_1,{⊭}^{\mathcal{M}}{z}_1{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{z}_2,\dots ,$ or ${⊭}^{\mathcal{M}}{z}_n{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y$. In other words, for every natural number n there are no $z_1,z_2,\dots ,$ and $z_n$ such that $(x,z_1),(z_1,z_2),\dots ,(z_n,y)\in R_{\overrightarrow{a}}^{\overrightarrow{F}}$. Then, since ${(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }$ is a transitive closure, $(x,y)\notin {(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }$. This is a contradiction. Therefore, ${\vDash }^{\mathcal{M}}x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{z}_1,{\vDash }^{\mathcal{M}}{z}_1{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{z}_2,\dots ,$ and ${\vDash }^{\mathcal{M}}{z}_n{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y$ for some natural number n. Therefore, by the third supposition, ${\vDash }^{\mathcal{M}}\mathcal{A}$. Hence, from either of the two cases, ${\vDash }^{\mathcal{M}}\mathcal{A}$.  □

4. Hilbert Axiomatisation

The sound and complete Hilbert calculus PAC consists of the following axioms and rules [6]:

• All propositional tautologies
• $K_a(A\supset B)\supset (K_{a}A\supset K_{a}B)$
• $K_{a}A\supset A$
• $K_{a}A\supset K_a{K}_{a}A$
• $\neg K_{a}A\supset K_a\neg K_{a}A$
• $\left[A\right]p\supset \subset (A\supset p)$
• $\left[A\right]\neg B\supset \subset (A\supset \neg [A]B)$
• $\left[A\right](B\wedge C)\supset \subset ([A]B\wedge [A]C)$
• $\left[A\right]K_{a}B\supset \subset A\supset K_a\left[A\right]B$
• $\left[A\right]\left[B\right]C\supset \subset [A\wedge [A\left]B\right]C$
• ${\mathcal{C}}_{\overrightarrow{a}}(A\supset B)\supset ({\mathcal{C}}_{\overrightarrow{a}}A\supset {\mathcal{C}}_{\overrightarrow{a}}B)$
• ${\mathcal{C}}_{\overrightarrow{a}}A\supset (A\wedge {\mathcal{E}}_{\overrightarrow{a}}{\mathcal{C}}_{\overrightarrow{a}}A)$
• From A and $A\supset B$, infer B
• From A, infer $K_{a}A$
• From A, infer ${\mathcal{C}}_{\overrightarrow{a}}A$
• From A, infer $\left[B\right]A$
• From $A\supset \left[B\right]C$ and $A\wedge B\supset {\mathcal{E}}_{\overrightarrow{a}}A$, infer $A\supset \left[B\right]{\mathcal{C}}_{\overrightarrow{a}}C$

5. Labelled Natural Deduction for PAC

As we are internalising the worlds into the logic, we would of course want to exploit the behaviour of the relation between the worlds into NPAC from which we can introduce the common knowledge operator. While other proof systems introduce the common knowledge operator from the group knowledge operator, we want to introduce the common knowledge operator in a way that reflects the semantics where we use the transitive closure of a relation. Now, to introduce the transitive closure of a relation ${(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }$ we can use the following property: $x{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }y$ if and only if $x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y$ or there exists a natural number n, $z_1,\dots ,$ and $z_n$ such that $x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{z}_1$, $z_1{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{z}_2,\dots ,$ and $z_n{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y$ [6]. However, this is problematic since the natural number n is arbitrary. We resolve this by using infinitely many introduction rules of ${(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }$ and a corresponding elimination rule with infinitely many minor premises. One can observe that by using infinitely many premises in the ${(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }$E rule in Table 1 we exhaust all possible number of worlds that connect the world x and y in a way similar to that in which we exhaust all individual constants in first-order logic by using an $\omega$-rule for existential elimination.

Table 1. Relational rules for NPAC.

Introduction Rule	Elimination Rule

Labelled natural deduction for PAC (NPAC) consists of the rules in Table 1, Table 2, Table 3, Table 4 and Table 5. Note that the standard introduction and elimination rules for conjunction ∧ and disjunction ∨ are derivable from those for ⊃ and ⊥ in the obvious way. In the sequel, we will make use of some of them to shorten some derivations, in particular of those for conjunction: ∧I, ∧E${}_1$, and ∧E${}_2$. We let p in the atom rules ${}^A$I, ${}^A$E${}_1$, and ${}^A$E${}_2$ to be either a propositional formula or ⊥. To capture the arbitrariness of y, we impose y as an eigenvariable respectively in the $K_a$I, ${\mathcal{E}}_{\overrightarrow{a}}$I, and ${\mathcal{C}}_{\overrightarrow{a}}$I rules. Similarly, we impose $z_1,\dots ,z_n$ for every $n\ge 1$ as eigenvariables in the ${(R_{\overrightarrow{a}})}^{\ast }$E rule. As usual, we assume a formula in square brackets to indicate a discharged assumption. Each discharged assumption can be discharged zero or multiple times by each application of a rule. The subscript n in the symbol $z_n$ in Table 1 can be understood as the number of worlds that connect the world x to y.

Table 2. Propositional rules for NPAC.

Reductio ad Absurdum
Introduction Rule	Elimination Rule

Table 3. Modal rules for NPAC.

Introduction Rule	Elimination Rule

Table 4. S5 rules for NPAC.

Table 5. Composition rules for NPAC.

Note that $R_{\overrightarrow{a}}$ has a finite number, n, of introduction rules according to the number of agents in $\overrightarrow{a}$ and a corresponding elimination rule with n minor premises. On the other hand, ${(R_{\overrightarrow{a}})}^{\ast }$ has infinitely many introduction rules and a corresponding elimination rule with infinitely many minor premises, thereby making the derivations in the system to be trees with possibly infinitely many branches where each branch is, however, always finite in length.

We write $\mathsf{\Gamma }⊢\mathcal{A}$ to mean that there is a derivation$\mathsf{\Pi }$ of a labelled or relational formula $\mathcal{A}$ in which all undischarged assumptions belong to the set of labelled or relational formula $\mathsf{\Gamma }$. One can refer to [11] for more details on the notion of derivation in natural deduction in general.

The following are needed for the completeness proof.

Proposition 4.

• $⊢x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}x$
• $x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y⊢y{R}_{\overrightarrow{a}}^{\overrightarrow{F}}x$
• $⊢x{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }x$
• $\{x{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }y,y{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }z\}⊢x{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }z$
• $x{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }y⊢y{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }x$

Proof. 

• Let $\overrightarrow{a}=\{a_1,\dots ,a_n\}$.

  
• Let $\overrightarrow{a}=\{a_1,\dots ,a_n\}$.

  
• 
• ${\sum }_4\equiv$

  

  where ${\mathsf{\Pi }}_0$ is

  

  and similarly for ${\mathsf{\Pi }}_n$ for every $n\ge 1$ but with ${\left[x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{x}_1\right]}^1\cdots {\left[x_n{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y\right]}^1{\left[y{R}_{\overrightarrow{a}}^{\overrightarrow{F}}z\right]}^2$ and ${\left[x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{x}_1\right]}^1\cdots {\left[x_n{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y\right]}^1{\left[y{R}_{\overrightarrow{a}}^{\overrightarrow{F}}{y}_1\right]}^2\cdots {\left[y_m{R}_{\overrightarrow{a}}^{\overrightarrow{F}}z\right]}^2$ as its top most formulas.
• 

  where ${\mathsf{\Pi }}_n$ is

  

   □

Proposition 5.

1. 

$x{R}_{\overrightarrow{a}}^{\overrightarrow{F},A}y⊢x{R}_{\overrightarrow{a}}^{\overrightarrow{F}}y$

2. 

$x{R}_{\overrightarrow{a}}^{\overrightarrow{F},A}y⊢x{:}^{\overrightarrow{F}}A$

3. 

$x{R}_{\overrightarrow{a}}^{\overrightarrow{F},A}y⊢y{:}^{\overrightarrow{F}}A$

4. 

$x{(R_{\overrightarrow{a}}^{\overrightarrow{F},A})}^{\ast }y⊢x{(R_{\overrightarrow{a}}^{\overrightarrow{F}})}^{\ast }y$

5. 

$x{(R_{\overrightarrow{a}}^{\overrightarrow{F},A})}^{\ast }y⊢x{:}^{\overrightarrow{F}}A$

6. 

$x{(R_{\overrightarrow{a}}^{\overrightarrow{F},A})}^{\ast }y⊢y{:}^{\overrightarrow{F}}A$

Proof. 

• 
• 
• 
• ${\sum }_4^{\prime }\equiv$

  
• 
• 

   □

6. Soundness and Completeness

Theorem 1

(Soundness). Let $\mathsf{\Gamma }\cup \mathcal{A}$ be a set of formulas. NPAC is sound (i.e., $\mathsf{\Gamma }⊢\mathcal{A}$ implies $\mathsf{\Gamma }\vDash \mathcal{A}$).

Proof. 

From the semantic definition, Proposition 2, and Proposition 3, it is easy to see that all NPAC rules are truth-preserving rules. The proof proceeds by induction over the number of applications of rules in the deduction $\mathsf{\Pi }$ of $\mathcal{A}$.  □

Theorem 2

(Completeness). Let $\mathsf{\Delta }\cup A$ be a set of formulas. NPAC is complete (i.e., $\mathsf{\Delta }\vDash A$ implies $\mathsf{\Delta }⊢A$).

Proof. 

We prove completeness by showing that all axioms and rules of PAC are derivable in NPAC. As PAC is complete, it follows that NPAC is also complete. There are 17 axioms and rules needed to be shown to be derivable from NPAC. Observe that the axioms of PAC of the form “A” are captured by the derivability of $x{:}^{\overrightarrow{F}}A$ in NPAC where x and $\overrightarrow{F}$ are arbitrary and that rules of PAC of the form “from $A,B,C,\dots ,$ infer D’’ are captured by showing that the derivability of $x_1{:}^{\overrightarrow{F_1}}A,x_2{:}^{\overrightarrow{F_2}}B,x_3{:}^{\overrightarrow{F_3}}C,\dots$ in NPAC implies the derivability of $y{:}^{\overrightarrow{G}}D$ in NPAC where $x_1,x_2,x_3,\cdots ,\overrightarrow{F_1},\overrightarrow{F_2},\overrightarrow{F_3},\dots ,y,\overrightarrow{G}$ are arbitrary.

In the following proof, we let the world x and the sequence of formulas $\overrightarrow{F}$ to be arbitrary. We remove the $\overrightarrow{F}$ in the following proof (except in 16) without loss of generality. One can refer the proof for S5 axioms and rules (i.e., $1,2,3,4,5,13,14$) in [12]. The following is the rest of the proof.

6. Atomic permanence. For one direction,

For the other direction,

7. Announcement and negation. For one direction,

For the other direction,

8. Announcement and conjunction. For one direction,

For the other direction,

9. Announcement and knowledge. For one direction,

For the other direction,

10. Announcement composition. For one direction,

For the other direction,

11. Distribution of ${\mathcal{C}}_{\overrightarrow{\mathcal{a}}}$.

12. Mix of common knowledge.

15. Necessitation of ${\mathcal{C}}_{\overrightarrow{a}}$. Suppose that $⊢A$. Then, $⊢y:A$ for every $y\in \mathcal{W}$. Let $\mathsf{\Pi }$ be a derivation of $y:A$ and x be an arbitrary world. Then:

Therefore, $x:{\mathcal{C}}_{\overrightarrow{a}}A$ for every $x\in \mathcal{W}$. Hence, $⊢{\mathcal{C}}_{\overrightarrow{a}}A$.

16. Necessitation of $\left[B\right]$. Suppose that $⊢A$. Then $⊢y{:}^{\overrightarrow{F}}A$ for every $y\in \mathcal{W}$ and every sequence of formulas $\overrightarrow{F}$. Then:

Therefore, $x:\left[B\right]A$ for every $x\in \mathcal{W}$. Hence, $⊢\left[B\right]A$.

17. Announcement and common knowledge. Similarly as in 15 and 16, suppose that $⊢A\supset \left[B\right]C$ and $⊢A\wedge B\supset {\mathcal{E}}_{\overrightarrow{a}}A$. Now, for every $x_i\in \mathcal{W}$ let ${\mathsf{\Pi }}_{x_i}$ be a derivation of $x_i:A\supset \left[B\right]C$ and ${\mathsf{\Pi }}_{x_i}^{\prime }$ be a derivation of $x_i:A\wedge B\supset {\mathcal{E}}_{\overrightarrow{a}}A$. Then the derivation $\mathsf{\Pi }$ of $x:A\supset \left[B\right]{\mathcal{C}}_{\overrightarrow{a}}C$ is as follow:

where ${\mathsf{\Pi }}_0^{\prime }$ and ${\mathsf{\Pi }}_n^{\prime }$ are respectively

and

Therefore, $x:A\supset \left[B\right]{\mathcal{C}}_{\overrightarrow{a}}C$ for every $x\in \mathcal{W}$. Hence, $⊢A\supset \left[B\right]{\mathcal{C}}_{\overrightarrow{a}}C$.  □

Note that although the soundness proof presented here establishes the validity of every derivable labelled or relational formula, the indirect completeness proof establishes only the derivability of every valid basic formula. In other words, we can at least sure that there is a derivation of a basic formula where it is true in every world given every update. Hence, we only establish weak completeness rather than strong completeness where all valid formulas (including relational and labelled) are derivable. There might still be a possibility of not having a derivation of a valid labelled formula where its basic formula is true in a specific world given a specific update, and a valid relational formula in general. One can refer to [13] for more discussion on weak and strong completeness in a labelled proof system.

7. Discussion

As we have stated in the introduction, we assume that the announcement made is always true. Public announcement logic with this assumption was initially proposed by Plaza in [14]. We can, however, make a weaker assumption by saying that an announcement can be either true or false, as done by Gerbrandy and Groenevel in [15]. There are several reasons why we allow an announcement to be false. One of them is that an announcement made in a social setting may not always be true. In a cryptographic perspective, for example, a piece of information announced by an agent is not always trustful. One can refer to [16] for more discussion on the differences between a Gerbrandy–Groenevel (GG) style public announcement logic and Plaza-style public announcement logic.

To obtain a labelled natural deduction system for PAC in GG-style, say, GG-NPAC, we therefore change the announcement rules $\left[A\right]$I and $\left[A\right]$E in NPAC as follows:

Now, these rules make it harder to establish an announcement formula $x{:}^{\overrightarrow{F}}\left[A\right]B$. As shown in ${\left[A\right]}_{GG}$I rule, we do not make an assumption of $x{:}^{\overrightarrow{F}}A$ as we do in $\left[A\right]$I in Plaza-style NPAC. This captures that the formula A being announced is not necessarily true. As an obvious example, $\left[p\right]p$ is a valid formula in Plaza-style PAC but not valid in GG-style PAC. Proof theoretically, we can capture this example since we can derive $x{:}^{\overrightarrow{F}}\left[p\right]p$ for arbitrary x and $\overrightarrow{F}$:

Hence $\left[p\right]p$ is derivable in Plaza-style NPAC. On the other hand, we cannot derive $x{:}^{\overrightarrow{F}}\left[p\right]p$ for some x and $\overrightarrow{F}$ in GG-NPAC since we have to derive $x{:}^{\overrightarrow{F},p}p$ to introduce $x{:}^{\overrightarrow{F}}\left[p\right]p$ by ${\left[p\right]}_{GG}$I. However, $x{:}^{\overrightarrow{F},p}p$ can only be obtained by atom introduction rule ${}^p$I which requires $x{:}^{\overrightarrow{F}}p$ to be outright provable which is impossible for some atomic proposition p. Hence $\left[p\right]p$ is not derivable in GG-NPAC. We will leave further investigations on GG-NPAC, especially on the interaction between common knowledge and announcement in GG-style, for future research.

Now we will discuss several problems of NPAC in attaining normalisation and subformula property. At first glance, the rules of NPAC satisfy some principles laid down by proof-theoretic semantics [17,18]. Firstly, the rules are in harmony in the sense that everything that is required to introduce a formula is similar to everything that is obtained by eliminating that very formula. One possible way to see this is to observe that all rules follow almost identically the common pattern of propositional rules (e.g., the $R_{\overrightarrow{a}}^{\overrightarrow{F}}$ rules resemble the disjunction rules but with n many rules for the introduction and n many minor premises in the elimination instead of two). Secondly, by properly defining the rank of a formula, which will involve an ordinal analysis considering that introducing the common knowledge operator may require infinite premises, we can see that every formula is introduced (eliminated) with a rank higher (lower) than the rank of the premise(s).

Another principle that is of main importance is normalisation. However, there are two main difficulties of showing the normalisation for NPAC. Firstly, the conclusion of an application of ⊥ rule may be the major premise of an elimination rule and such formula occurrences would violate the subformula property. However one can resolve this by introducing conversions involving the ⊥ rule as done in [19,20]. Nevertheless, to resolve this problem, one has to show the derivability of some formula $x{:}^{\overrightarrow{F_2}}\perp$ from some formula $y{:}^{\overrightarrow{F_1}}\perp$ as shown below as an example showing how to reduce a maximal formula of the form $x{:}^{\overrightarrow{F}}\left[A\right]B$ obtained by the ⊥ rule:

The critical step marked by * can be justified however if we can show that ⊥ is global: if ⊥ is proved to be in one of the worlds (even the updated ones) then ⊥ is proved to be in all worlds (including the updated ones). The condition of ⊥ is global is then sufficient to introduce the conversions to resolve the problem mentioned above. Using a similar method as in [12], the globality of ⊥ can be obtained by using two different world symbols as shown in ⊥ rule in Table 2. The globality of ⊥ in NPAC is shown in the following Proposition 6 in the point number 5.

Proposition 6.

1. 

$x{:}^{\overrightarrow{F}}\perp ⊢y{:}^{\overrightarrow{F}}\perp$

2. 

$x{:}^{\overrightarrow{F},A}\perp ⊢x{:}^{\overrightarrow{F}}\perp$

3. 

$x{:}^{\overrightarrow{F}}\perp ⊢x{:}^{\overrightarrow{F},A}\perp$

4. 

$x{:}^{\overrightarrow{F_1}}\perp ⊢x{:}^{\overrightarrow{F_2}}\perp$

5. 

$x{:}^{\overrightarrow{F_1}}\perp ⊢y{:}^{\overrightarrow{F_2}}\perp$

Proof. 

• 
• 
• 
• We first remove all formulas in $\overrightarrow{F_1}$ by application(s) of (2), then we add the formulas listed in $\overrightarrow{F_2}$ by application(s) of (3).
• By (1) and (4).  □

The second difficulty is connected with the composition rules. If one were to view that $co{m}_1$ as an introduction rule and $co{m}_2$ as an elimination rule they would seem to be in harmony (because we could define a conversion in an obvious way). However, the interaction of the composition rules with the rules for logical operators may introduce derivation like the following which obviously does not have the subformula property:

Clearly, the formula $x{:}^{B\wedge \left[B\right]C}{A}_1\wedge A_2$ does not occur either in the conclusion nor in the premises but it is impossible to reduce $\sum$ by the conventional conversions. Situation of this kind could be resolved by defining permutative conversion for the composition rules. Another possible solution perhaps is to show that the composition rules are indeed admissible in NPAC which we conjecture is to be the case. In fact, more generally, we conjecture the following proposition of which the problem of the composition rules is just a specific case.

Proposition 7.

Without using the composition rules, if $x{:}^{\overrightarrow{F}}p⊣⊢x{:}^{\overrightarrow{G}}p$ and $y{R}_a^{\overrightarrow{F}}z⊣⊢y{R}_a^{\overrightarrow{G}}z$ then $u{:}^{\overrightarrow{F},\overrightarrow{S}}A⊣⊢u{:}^{\overrightarrow{G},\overrightarrow{S}}A$.

Now, we can show that $x{:}^{\overrightarrow{F},A,B}p⊣⊢x{:}^{\overrightarrow{F},A\wedge \left[A\right]B}p$ and $y{R}_a^{\overrightarrow{F},A,B}z⊣⊢y{R}_a^{\overrightarrow{F},A\wedge \left[A\right]B}z$ without using the composition rules. Then, by using Proposition 7, we can conclude that the composition rules are derivable, and a fortiori admissible in NPAC. We will leave this problem and the possible solutions for now for future research.