import Mathlib

/-!
# Minimum of a list of natural numbers

Our next example is an algorithm to find the minimum of a non-empty list of natural numbers, with a proof of correctness. The proof of correctness consists of two statements about the algorithm: (1) the minimum is in the list, and (2) the minimum is less than or equal to each element in the list.

To avoid name collisions we will use the name `smallest`
-/

/-- The smallest element in a non-empty list of natural numbers  -/
def 
smallest: (l : List ℕ) → l ≠ [] → ℕ
smallest (
l: List ℕ
l : 
List: Type ?u.2 → Type ?u.2
List 
ℕ: Type
ℕ)(
_: l ≠ []
_: 
l: List ℕ
l ≠ 
[]: List ?m.9
[]) : 
ℕ: Type
ℕ := 
  match 
l: List ℕ
l with
  | 
head: ℕ
head :: 
tail: List ℕ
tail => 
      if 
c: ?m.130
c:
tail: List ℕ
tail = 
[]: List ?m.57
[] then 
head: ℕ
head
      else 
       
Nat.min: ℕ → ℕ → ℕ
Nat.min 
head: ℕ
head (
smallest: (l : List ℕ) → l ≠ [] → ℕ
smallest 
tail: List ℕ
tail 
c: ?m.130
c) 

/-!
An example

```lean
#eval smallest [7, 8, 1,2,3,4,5] (by decide)
```
-/

#eval
1
 
smallest: (l : List ℕ) → l ≠ [] → ℕ
smallest [
7: ?m.491
7, 
8: ?m.503
8, 
1: ?m.511
1,
2: ?m.520
2,
3: ?m.528
3,
4: ?m.536
4,
5: ?m.544
5] (by
Goals accomplished! 🐙 
[7, 8, 1, 2, 3, 4, 5] ≠ []decide
Goals accomplished! 🐙)

/-- the result of `smallest` applied to a list is a member of that list -/
theorem 
smallest_in_list: ∀ (l : List ℕ) (hyp : l ≠ []), smallest l hyp ∈ l
smallest_in_list 
  (
l: List ℕ
l : 
List: Type ?u.1081 → Type ?u.1081
List 
ℕ: Type
ℕ)(
hyp: l ≠ []
hyp : 
l: List ℕ
l ≠ 
[]: List ?m.1088
[]) : 
    
smallest: (l : List ℕ) → l ≠ [] → ℕ
smallest 
l: List ℕ
l 
hyp: l ≠ []
hyp ∈ 
l: List ℕ
l := by
Goals accomplished! 🐙
  
l: List ℕ

hyp: l ≠ []

smallest l hyp ∈ lmatch 
l: List ℕ
l with
  
l: List ℕ

hyp: l ≠ []

smallest l hyp ∈ l| 
head: ℕ
head :: 
tail: List ℕ
tail =>
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

smallest (head :: tail) hyp ∈ head :: tail 
      
l: List ℕ

hyp: l ≠ []

smallest l hyp ∈ lby_cases 
c: ?m.1347
c:
tail: List ℕ
tail = 
[]: List ?m.1278
[]
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: tail = []

pos
smallest (head :: tail) hyp ∈ head :: tail
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

neg
smallest (head :: tail) hyp ∈ head :: tail
      
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

smallest (head :: tail) hyp ∈ head :: tail· 
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: tail = []

pos
smallest (head :: tail) hyp ∈ head :: tail
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

neg
smallest (head :: tail) hyp ∈ head :: tailsimp [
smallest: (l : List ℕ) → l ≠ [] → ℕ
smallest, 
c: ?m.1347
c]
Goals accomplished! 🐙
      
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

smallest (head :: tail) hyp ∈ head :: tail· 
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

neg
smallest (head :: tail) hyp ∈ head :: tailsimp [
smallest: (l : List ℕ) → l ≠ [] → ℕ
smallest, 
c: ?m.1354
c]
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

neg
head ≤ smallest tail (_ : ¬tail = []) ∨ Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tail
        
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

neg
smallest (head :: tail) hyp ∈ head :: tailby_cases 
c': ?m.20774
c':
head: ℕ
head ≤ 
smallest: (l : List ℕ) → l ≠ [] → ℕ
smallest 
tail: List ℕ
tail (
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

neg
head ≤ smallest tail (_ : ¬tail = []) ∨ Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tailby
Goals accomplished! 🐙 
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

tail ≠ []simp [
c: ¬tail = []
c]
Goals accomplished! 🐙)
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': head ≤ smallest tail (_ : ¬tail = [])

pos
head ≤ smallest tail (_ : ¬tail = []) ∨ Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tail
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

neg
head ≤ smallest tail (_ : ¬tail = []) ∨ Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tail
        
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

neg
smallest (head :: tail) hyp ∈ head :: tail· 
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': head ≤ smallest tail (_ : ¬tail = [])

pos
head ≤ smallest tail (_ : ¬tail = []) ∨ Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tail
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

neg
head ≤ smallest tail (_ : ¬tail = []) ∨ Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tailleft
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': head ≤ smallest tail (_ : ¬tail = [])

pos.h
head ≤ smallest tail (_ : ¬tail = [])
          
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': head ≤ smallest tail (_ : ¬tail = [])

pos
head ≤ smallest tail (_ : ¬tail = []) ∨ Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tail
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

neg
head ≤ smallest tail (_ : ¬tail = []) ∨ Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tailassumption
Goals accomplished! 🐙
        
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

neg
smallest (head :: tail) hyp ∈ head :: tail· 
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

neg
head ≤ smallest tail (_ : ¬tail = []) ∨ Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tailright
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

neg.h
Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tail
          
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

neg
head ≤ smallest tail (_ : ¬tail = []) ∨ Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tailhave 
lem: Nat.min head (smallest tail ?m.20906) = smallest tail ?m.20907
lem : 
            
Nat.min: ℕ → ℕ → ℕ
Nat.min 
head: ℕ
head (
smallest: (l : List ℕ) → l ≠ [] → ℕ
smallest 
tail: List ℕ
tail (
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

neg.h
Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tailby
Goals accomplished! 🐙 
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

tail ≠ []simp [
c: ¬tail = []
c]
Goals accomplished! 🐙)) = 
smallest: (l : List ℕ) → l ≠ [] → ℕ
smallest 
tail: List ℕ
tail (
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

neg.h
Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tailby
Goals accomplished! 🐙 
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

tail ≠ []simp [
c: ¬tail = []
c]
Goals accomplished! 🐙) := 
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

neg.h
Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tailby
Goals accomplished! 🐙
              
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

Nat.min head (smallest tail (_ : ¬tail = [])) = smallest tail (_ : ¬tail = [])apply 
Nat.min_eq_right: ∀ {a b : ℕ}, b ≤ a → min a b = b
Nat.min_eq_right
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

h
smallest tail (_ : ¬tail = []) ≤ head
              
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

Nat.min head (smallest tail (_ : ¬tail = [])) = smallest tail (_ : ¬tail = [])apply 
Nat.le_of_not_le: ∀ {a b : ℕ}, ¬a ≤ b → b ≤ a
Nat.le_of_not_le
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

h.a
¬head ≤ smallest tail (_ : ¬tail = []) 
              
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

Nat.min head (smallest tail (_ : ¬tail = [])) = smallest tail (_ : ¬tail = [])assumption
Goals accomplished! 🐙
          
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

neg
head ≤ smallest tail (_ : ¬tail = []) ∨ Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tailrw [
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

lem: Nat.min head (smallest tail (_ : ¬tail = [])) = smallest tail (_ : ¬tail = [])

neg.h
Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tail
lem: Nat.min head (smallest tail ?m.20906) = smallest tail ?m.20907
lem
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

lem: Nat.min head (smallest tail (_ : ¬tail = [])) = smallest tail (_ : ¬tail = [])

neg.h
smallest tail (_ : ¬tail = []) ∈ tail]
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

lem: Nat.min head (smallest tail (_ : ¬tail = [])) = smallest tail (_ : ¬tail = [])

neg.h
smallest tail (_ : ¬tail = []) ∈ tail
          
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

c: ¬tail = []

c': ¬head ≤ smallest tail (_ : ¬tail = [])

neg
head ≤ smallest tail (_ : ¬tail = []) ∨ Nat.min head (smallest tail (_ : ¬tail = [])) ∈ tailsimp [
smallest_in_list: ∀ (l : List ℕ) (hyp : l ≠ []), smallest l hyp ∈ l
smallest_in_list]
Goals accomplished! 🐙

#check
Nat.min_eq_right {a b : ℕ} (h : b ≤ a) : min a b = b 
Nat.min_eq_right: ∀ {a b : ℕ}, b ≤ a → min a b = b
Nat.min_eq_right -- Nat.min_eq_right {a b : ℕ} (h : b ≤ a) : min a b = b         

/-- An example of using `left` and `right` tactics. -/
def 
egNat: ℕ
egNat : 
ℕ: Type
ℕ := by
Goals accomplished! 🐙
  
ℕright
ℕ
  
ℕleft
Goals accomplished! 🐙

#eval
1
 
egNat: ℕ
egNat -- 1

/--
`smallest` is less than or equal to each element in the list
-/
theorem 
smallest_le: ∀ (l : List ℕ) (hyp : l ≠ []) (m : ℕ), m ∈ l → smallest l hyp ≤ m
smallest_le (
l: List ℕ
l : 
List: Type ?u.21976 → Type ?u.21976
List 
ℕ: Type
ℕ) (
hyp: l ≠ []
hyp : 
l: List ℕ
l ≠ 
[]: List ?m.21983
[]) : 
  ∀ 
m: ℕ
m : 
ℕ: Type
ℕ, 
m: ℕ
m ∈ 
l: List ℕ
l → 
smallest: (l : List ℕ) → l ≠ [] → ℕ
smallest 
l: List ℕ
l 
hyp: l ≠ []
hyp ≤ 
m: ℕ
m  := match 
l: List ℕ
l with
  | 
head: ℕ
head :: 
tail: List ℕ
tail => by
Goals accomplished! 🐙
    
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

∀ (m : ℕ), m ∈ head :: tail → smallest (head :: tail) hyp ≤ msimp [
smallest: (l : List ℕ) → l ≠ [] → ℕ
smallest, 
hyp: head :: tail ≠ []
hyp]
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

(if c : tail = [] then head else Nat.min head (smallest tail c)) ≤ head ∧   ∀ (a : ℕ), a ∈ tail → (if c : tail = [] then head else Nat.min head (smallest tail c)) ≤ a
    
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

∀ (m : ℕ), m ∈ head :: tail → smallest (head :: tail) hyp ≤ mapply 
And.intro: ∀ {a b : Prop}, a → b → a ∧ b
And.intro
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

left
(if c : tail = [] then head else Nat.min head (smallest tail c)) ≤ head
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

right
∀ (a : ℕ), a ∈ tail → (if c : tail = [] then head else Nat.min head (smallest tail c)) ≤ a
    
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

∀ (m : ℕ), m ∈ head :: tail → smallest (head :: tail) hyp ≤ m· 
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

left
(if c : tail = [] then head else Nat.min head (smallest tail c)) ≤ head
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

right
∀ (a : ℕ), a ∈ tail → (if c : tail = [] then head else Nat.min head (smallest tail c)) ≤ asplit
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

h✝: tail = []

left.inl
head ≤ head
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

h✝: ¬tail = []

left.inr
Nat.min head (smallest tail h✝) ≤ head  
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

left
(if c : tail = [] then head else Nat.min head (smallest tail c)) ≤ head<;>
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

h✝: tail = []

left.inl
head ≤ head
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

h✝: ¬tail = []

left.inr
Nat.min head (smallest tail h✝) ≤ head 
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

left
(if c : tail = [] then head else Nat.min head (smallest tail c)) ≤ headsimp
Goals accomplished! 🐙 
    
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

∀ (m : ℕ), m ∈ head :: tail → smallest (head :: tail) hyp ≤ m· 
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

right
∀ (a : ℕ), a ∈ tail → (if c : tail = [] then head else Nat.min head (smallest tail c)) ≤ aintro 
a: ℕ
a 
hyp': a ∈ tail
hyp'
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

a: ℕ

hyp': a ∈ tail

right
(if c : tail = [] then head else Nat.min head (smallest tail c)) ≤ a
      
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

right
∀ (a : ℕ), a ∈ tail → (if c : tail = [] then head else Nat.min head (smallest tail c)) ≤ ahave 
c'': tail ≠ []
c'' : 
tail: List ℕ
tail ≠ 
[]: List ?m.38124
[] := 
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

a: ℕ

hyp': a ∈ tail

right
(if c : tail = [] then head else Nat.min head (smallest tail c)) ≤ aby
Goals accomplished! 🐙
        
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

a: ℕ

hyp': a ∈ tail

tail ≠ []intro 
contra: tail = []
contra
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

a: ℕ

hyp': a ∈ tail

contra: tail = []

False
        
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

a: ℕ

hyp': a ∈ tail

tail ≠ []rw [
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

a: ℕ

hyp': a ∈ tail

contra: tail = []

False
contra: tail = []
contra
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

a: ℕ

hyp': a ∈ []

contra: tail = []

False]
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

a: ℕ

hyp': a ∈ []

contra: tail = []

False at 
hyp': a ∈ tail
hyp'
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

a: ℕ

hyp': a ∈ []

contra: tail = []

False
        
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

a: ℕ

hyp': a ∈ tail

tail ≠ []contradiction
Goals accomplished! 🐙
      
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

right
∀ (a : ℕ), a ∈ tail → (if c : tail = [] then head else Nat.min head (smallest tail c)) ≤ asimp [
c'': tail ≠ []
c'']
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

a: ℕ

hyp': a ∈ tail

c'': tail ≠ []

right
head ≤ a ∨ smallest tail (_ : ¬tail = []) ≤ a
      
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

right
∀ (a : ℕ), a ∈ tail → (if c : tail = [] then head else Nat.min head (smallest tail c)) ≤ aright
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

a: ℕ

hyp': a ∈ tail

c'': tail ≠ []

right.h
smallest tail (_ : ¬tail = []) ≤ a
      
l: List ℕ

head: ℕ

tail: List ℕ

hyp: head :: tail ≠ []

right
∀ (a : ℕ), a ∈ tail → (if c : tail = [] then head else Nat.min head (smallest tail c)) ≤ aexact 
smallest_le: ∀ (l : List ℕ) (hyp : l ≠ []) (m : ℕ), m ∈ l → smallest l hyp ≤ m
smallest_le 
tail: List ℕ
tail 
c'': tail ≠ []
c'' 
a: ℕ
a 
hyp': a ∈ tail
hyp'
Goals accomplished! 🐙

#check
List.mem_cons.{u_1} {α✝ : Type u_1} {a b : α✝} {l : List α✝} : a ∈ b :: l ↔ a = b ∨ a ∈ l 
List.mem_cons: ∀ {α : Type u_1} {a b : α} {l : List α}, a ∈ b :: l ↔ a = b ∨ a ∈ l
List.mem_cons