set f = xor2c ;
let x, y, z be set ; :: thesis: ( z <> [<*x,y*>,xor2c] implies for s being State of (GFA1AdderCirc (x,y,z))
for a1, a2, a3 being Element of BOOLEAN st a1 = s . x & a2 = s . y & a3 = s . z holds
( (Following (s,2)) . (GFA1AdderOutput (x,y,z)) = (a1 'xor' ('not' a2)) 'xor' ('not' a3) & (Following (s,2)) . [<*x,y*>,xor2c] = a1 'xor' ('not' a2) & (Following (s,2)) . x = a1 & (Following (s,2)) . y = a2 & (Following (s,2)) . z = a3 ) )
assume A1: z <> [<*x,y*>,xor2c] ; :: thesis: for s being State of (GFA1AdderCirc (x,y,z))
for a1, a2, a3 being Element of BOOLEAN st a1 = s . x & a2 = s . y & a3 = s . z holds
( (Following (s,2)) . (GFA1AdderOutput (x,y,z)) = (a1 'xor' ('not' a2)) 'xor' ('not' a3) & (Following (s,2)) . [<*x,y*>,xor2c] = a1 'xor' ('not' a2) & (Following (s,2)) . x = a1 & (Following (s,2)) . y = a2 & (Following (s,2)) . z = a3 )
set xy = [<*x,y*>,xor2c];
set A = GFA1AdderCirc (x,y,z);
let s be State of (GFA1AdderCirc (x,y,z)); :: thesis: for a1, a2, a3 being Element of BOOLEAN st a1 = s . x & a2 = s . y & a3 = s . z holds
( (Following (s,2)) . (GFA1AdderOutput (x,y,z)) = (a1 'xor' ('not' a2)) 'xor' ('not' a3) & (Following (s,2)) . [<*x,y*>,xor2c] = a1 'xor' ('not' a2) & (Following (s,2)) . x = a1 & (Following (s,2)) . y = a2 & (Following (s,2)) . z = a3 )
let a1, a2, a3 be Element of BOOLEAN ; :: thesis: ( a1 = s . x & a2 = s . y & a3 = s . z implies ( (Following (s,2)) . (GFA1AdderOutput (x,y,z)) = (a1 'xor' ('not' a2)) 'xor' ('not' a3) & (Following (s,2)) . [<*x,y*>,xor2c] = a1 'xor' ('not' a2) & (Following (s,2)) . x = a1 & (Following (s,2)) . y = a2 & (Following (s,2)) . z = a3 ) )
assume that
A2: ( a1 = s . x & a2 = s . y ) and
A3: a3 = s . z ; :: thesis: ( (Following (s,2)) . (GFA1AdderOutput (x,y,z)) = (a1 'xor' ('not' a2)) 'xor' ('not' a3) & (Following (s,2)) . [<*x,y*>,xor2c] = a1 'xor' ('not' a2) & (Following (s,2)) . x = a1 & (Following (s,2)) . y = a2 & (Following (s,2)) . z = a3 )
thus (Following (s,2)) . (GFA1AdderOutput (x,y,z)) = xor2c . <*(xor2c . <*a1,a2*>),a3*> by A1, A2, A3, FACIRC_1:62
.= xor2c . <*(a1 'xor' ('not' a2)),a3*> by Def4
.= (a1 'xor' ('not' a2)) 'xor' ('not' a3) by Def4 ; :: thesis: ( (Following (s,2)) . [<*x,y*>,xor2c] = a1 'xor' ('not' a2) & (Following (s,2)) . x = a1 & (Following (s,2)) . y = a2 & (Following (s,2)) . z = a3 )
(Following (s,2)) . [<*x,y*>,xor2c] = xor2c . <*a1,a2*> by A1, A2, FACIRC_1:62;
hence (Following (s,2)) . [<*x,y*>,xor2c] = a1 'xor' ('not' a2) by Def4; :: thesis: ( (Following (s,2)) . x = a1 & (Following (s,2)) . y = a2 & (Following (s,2)) . z = a3 )
thus ( (Following (s,2)) . x = a1 & (Following (s,2)) . y = a2 & (Following (s,2)) . z = a3 ) by A1, A2, A3, FACIRC_1:62; :: thesis: verum