Orthologic with Axioms

We study the proof theory and algorithms for orthologic, a logical system based on ortholattices, which have shown practical relevance in simplification and normalization of verification conditions. Ortholattices weaken Boolean algebras while having polynomial-time equivalence checking that is sound with respect to Boolean algebra semantics. We generalize ortholattice reasoning and obtain an algorithm for proving a larger class of classically valid formulas. As the key result, we analyze a proof system for orthologic augmented with axioms. An important feature of the system is that it limits the number of formulas in a sequent to at most two, which makes the extension with axioms non-trivial. We show a generalized form of cut elimination for this system, which implies a sub-formula property. From there we derive a cubic-time algorithm for provability from axioms, or equivalently, for validity in finitely presented ortholattices. We further show that propositional resolution of width 5 proves all formulas provable in orthologic with axioms. We show that orthologic system subsumes resolution of width 2 and arbitrarily wide unit resolution and is complete for reasoning about generalizations of propositional Horn clauses. Moving beyond ground axioms, we introduce effectively propositional orthologic, presenting its semantics as well as a sound and complete proof system. Our proof system implies the decidability of effectively propositional orthologic, as well as its fixed-parameter tractability for a bounded maximal number of variables in each axiom. As a special case, we obtain a generalization of Datalog with negation and disjunction.


INTRODUCTION
Our goal is to construct efficient building blocks for theorem proving and program verification.coNP-hardness of propositional logic already presents a barrier to large-scale reasoning, such as simplification of large formulas and using intermediate assertions to help software verification.We aim to improve the worst-case efficiency of reasoning while preserving the spirit of a specification language with conjunction, disjunction, and negation.We therefore investigate the concepts of ortholattices and orthologics as a basis of predictable reasoning.
Non-distributive generalizations of classical logic, including orthologic, were introduced as quantum logic to describe experiments in quantum mechanics, where it was realized that distributivity fails [Bell 1983;Birkhoff and Von Neumann 1936].The term orthologic was used in [Goldblatt 1974] for the logic corresponding to the algebraic class of ortholattices, a generalization of Boolean algebras.In particular, the class of closed subsets of a Hilbert space is an ortholattice, but not a Boolean algebra [Rawling and Selesnick 2000].In theoretical physics, ortholattices are an intermediate step towards the study of orthomodular lattices and modular ortholattices among others, [Hardegree 1981;Hyčko 2005;Kalmbach 1983;Sherif 1997].Ortholattices have also found application in modelling of epistemic modal logic [Holliday 2023;Holliday and Mandelkern 2022].Recently, researchers have proposed to use ortholattices as an efficient approximation to classical logic in automated reasoning, in the context of both proof assistants and software verifiers.
In the domain of proof assistants, researchers have recently used orthologic in the design of a proof assistant named LISA [Guilloud et al. 2023b,c].LISA's proof checker supports classical sequent calculus, but checks the assumptions and the conclusion of each step modulo orthologic equivalence.This approach retains polynomial-time checking for proofs, which is important for scalability.At the same time, it allows a single step to, for example, reorder arguments of conjunctions and disjunction, use idempotence, absorption and negation normal form transformations.
In the domain of program verifiers, a recent approach [Guilloud et al. 2023a] uses a normal-form algorithm for ortholattices to improve the cache hit ratio of verification conditions.It also serves to simplify and shorten formulas before sending them to a general but potentially costly SMT solver.
The results suggest that ortholattices can be used to simplify and check equivalence of large formulas using polynomial-time algorithms, while providing both soundness and a clear mental model of the degree of its incompleteness relative to Boolean algebra reasoning.We expect that there are other applications in the domain of programming languages, and possibly more broadly in computer science, for which long runtime and non-determinism leading to difficulties in reproducing results are major drawbacks, and hence where predictability and efficiency at the expense of classical completeness can be a desirable trade-off.
In the domain of type systems, researchers have recently revisited Boolean algebra as a component of principled approaches for expressive type systems [Parreaux and Chau 2022].Whereas most questions in Boolean algebras have no known deterministic polynomial-time algorithms, using orthologic instead of Boolean algebra could lead to faster, polynomial-time, reasoning about such situations.Being able to use axioms in orthologic inference, which is our key contribution, permits including knowledge of pre-existing subtyping and inhabitation relations in the typing context.Negated types are also relevant in languages with pattern matching: if a term fails to match a type , it is possible to deduce that : ¬ .Such precedence-based reasoning further appears in the match types of Scala [Blanvillain et al. 2022;Blanvillain 2022].Type checking procedures for programming language with variants of liquid and refinement types [Freeman and Pfenning 1991;Vazou et al. 2014] may also benefit from orthologic reasoning.
Extensions of Datalog with a negation operator [Clark 1978;Kunen 1987] is also a suitable candidate for employing orthologic reasoning, potentially leading to more expressive program analyses encoded using Datalog rules [Whaley and Lam 2004].We set the foundation for such directions with our Datalog-related results in Section 6.
To motivate the new results of this paper, note that an ortholattice algorithm in [Guilloud et al. 2023a] may reduce ∧ ∧ ¬( ∧ ¬ ) to the normal form ∧ .This normal form is based on the laws that hold in all ortholattices (equivalently, in the free ortholattice).This makes the technique widely applicable, but it also makes it weak in terms of classical and domain-specific tautologies it can prove.The present paper explores making orthologic-based reasoning more precise and more usable, asking the following questions: (1) Can we formally extend orthologic with ground non-logical axioms between propositions?
(2) Can we find a complete and efficient algorithm for solving such problems?(3) What are classes of formulas in classical logic for which orthologic proofs always exist? (4) Can orthologic (with axioms) be used beyond propositional logic, e.g., for predicate logic?Our approach to these questions is to use a sound and complete proof system for orthologic that we extend to support arbitrary non-logical axioms.Algebraically, our proof system is complete for establishing inequalities in the class of ortholattices specified by a given presentation, a set of ortholattice inequalities.From the practical point of view, using axioms to represent part of the input formula gives a sound and strictly stronger approximation of classical logic than using ortholattices without axioms.

Orthola ices
Ortholattices are a weaker structure than Boolean algebras, where distributivity does not necessarily hold.Table 1 shows their axiomatization.All Boolean algebras are ortholattices; they are precisely those ortholattices that are distributive.Figure 1 shows two characteristic finite nondistributive ortholattices; keeping these structures in mind may provide intuition for reasoning inside the class of all ortholattices.Orthologic is the logical system that corresponds to ortholattices, analogously to how classical logic corresponds to Boolean algebras (and intuitionistic logic to Heyting algebras). V1: Table 1.Laws of orthola ices, algebraic varieties with signature ( , ∧, ∨, 0, 1, ¬) from [Guilloud et al. 2023a].These non-minimal laws illustrate the duality between ∧ and ∨ and have explicit bo om and top element.

Example of Using Axioms
Using axioms in orthologic inference allows us to prove more classical implications than by encoding the entire problem into one formula, increasing the power of reasoning.To understand why, note that proving validity of an implication → in all ortholattices can be phrased as proving ≤ in all ortholattices, for all values to which and can evaluate in those ortholattices.Such an inequality needs to hold in the ortholattice 6 in Figure 1 when evaluates to, for example, .On the other hand, using axioms, we can encode an implication problem as follows: prove that, in every ortholattice, if = 1, then also = 1.Because is restricted to be 1, what remains to prove is a weaker statement, provable for more formulas.The conclusion remains sound with respect to the {0, 1} lattice of classical logic, where = 1 is the only non-trivial case to check for inequality.
Such algebraic reasoning has a counterpart in proof-theoretic derivations.We present in Section 3 a system for derivation of formulas from axioms.Our system is complete for algebraic reasoning in ortholattices, allowing us to derive if we allow ∧ (¬ ∨ ) as an axiom.Importantly, proof search in our system remains polynomial time, a result that we establish by showing a generalized notion of cut elimination.
The use of axioms (equivalently, ortholattice presentations) cannot emulate all instances of classical propositional logic axioms (indeed, proof search in our system remains in polynomial time instead of coNP).However, the above example hints that we can indeed use axioms to prove a larger set of classically valid problems than by using one monolithic formula in orthologic.Indeed, we show a number of practically important classes of problems for which reasoning in orthologic from axioms is complete, pointing to scenarios where orthologic may find useful applications.

Contributions
This paper shows how to use ortholattice reasoning with axioms as a sound polynomial-time deductive approach.We make the following contributions: • We first show that a proof system for orthologic with axioms satisfies a form of the Cut Elimination property, where Cut rules are restricted to eliminate only axioms and can only appear near leaves in the proof.From this, we deduce a subformula property.• We show that, in the presence of axioms, there is an orthologic backward proof search procedure with worst case asymptotic time O( 2 (| | + 1)), where is the size of the problem and | | the total number of axioms.Without axioms, the algorithm is quadratic.• We study how orthologic with axioms can help solve some classes of classical problems and show that special case of satisfiability instances (2CNF, Horn clauses, renamed Horn, q-Horn, extended Horn) admit orthologic proofs, i.e. these problems are satisfiable in orthologic if and only if they are satisfiable in classical logic.• We show that orthologic decision problems can be flattened, similarly to the Tseitin transform [Tseitin 1983], and we use this to give an upper bound on the proving power of orthologic in terms of the width of classical resolution proofs.• We show how orthologic reasoning can be extended to fragments of predicate logic.We show that such quantified orthologic agrees with classical logic on the semantic of Datalog, and hence that Datalog programs admit proofs, making another possible generalization of Datalog to logic programming with negation and disjunction.Note that the above-mentioned consequences for Horn-like problems, Tseitin's transform, and Datalog extensions all crucially rely on being able to solve problems that consist of both axioms and a formula to prove from them; they cannot be reduced to proving an unconditional validity of an orthologic formula.

PRELIMINARIES
We briefly present key concepts and notation which will be used in the present article.Ortholattices are the algebraic variety whose equational laws are presented in Table 1.As in any lattice, we can define an order relation ≤ by: ≤ ⇐⇒ ( = ( ∧ )) which is also equivalent to ( = ( ∨ )).This yields a partially ordered set (poset) whose corresponding axiomatization is shown in Table 2. Axiomatization of orthola ices in the signature ( , ≤, ∧, ∨, 0, 1, ¬) as partially ordered sets.We use & for conjunction between atomic formulas of axioms, to differentiate it from the term-level la ice operation ∧.This axiomatization corresponds to one in Table 1: in one direction, define ≤ to be ∧ = ; in the other direction, define = to be ( ≤ ) & ( ≤ ).
By definition, Boolean algebras are precisely ortholattices that are distributive.Figure 1 shows ortholattices 6 and 4 that are not Boolean algebras.In fact, an ortholattice is a Boolean algebra if and only if it does not contain 6 nor 4 as a sub-ortholattice [Davey and Priestley 2002;Kalmbach 1983].Despite being strictly weaker than laws of Boolean algebra, properties in Table 1 and Table 2 allow us to prove a number of desirable facts.This includes all laws of bounded lattices (absorption, reordering and de-duplicating conjuncts and disjuncts), as well as laws relating complement to lattice operators (such as the laws needed to transform formulas to negation-normal form).Laws of Boolean algebra that do not necessarily hold include distributivity, modularity, and properties such as (¬ ∨ ) = 1 implying ≤ .
Similarly to how Boolean Algebra is the algebraic structure corresponding to classical logic, ortholattices form a class of structures that corresponds to a logic, orthologic, for which we study proof-theoretic and algorithmic properties in the following sections.We denote classical logic by and orthologic by .
Definition 2.1 (Terms).T denotes the term algebra over the signature of ortholattices over a fixed countably infinite set of variables, that is, the set of all terms which can be built from variables and (∧, ∨, 0, 1, ¬).We typically represent terms with lowercase Greek letters and variables with , , , possibly with indices.Terms are constructed inductively as trees.Leaves are labeled with 0, 1, or variables.Nodes are labeled with logical symbols.Since ∨ and ∧ are commutative, the children of a node form a set (non-ordered).T = T , and is also the set of formulas for both classical logic and orthologic.
Note that the laws of both and imply that 0 can always be represented by ∧ ¬ and 1 as ∨ ¬ .To simplify proofs, we thus may omit the cases corresponding to 0 and 1.
The word problem for an algebra consists in, given two terms in the language of the algebra, deciding if they are always equal by the laws of the algebra or not.For ortholattices, we can relax the definition to allow inequality queries, as they can be expressed as equivalent equalities.A (finite) presentation for an algebra is a (finite) set of equalities (which we relax to inequalities in ortholattices) { 1 ≤ 1 , ..., ≤ }.The uniform word problem for presented ortholattices is the task consisting in, given a presentation and two terms and , deciding if ≤ follows from the laws of ortholattices and the axioms in .
In the terminology of classical first-order logic, the laws of ortholattice in Table 2 are a finite set of universally quantified formulas, T , and they define a first-order theory.The presentation (axioms) is a set of quantifier-free formulas, whereas ≤ is also a quantifier-free formula, with variables possibly in common with those of .We can then view the uniform word problem as a special case of the question of semantic consequence in first-order logic: T ∪ | = ≤ .

COMPLETE PROOF SYSTEM AND CUT ELIMINATION
We formulate our proof system for orthologic as a sequent calculus.We represent sequents by decorating the formulas with superscript or , depending on whether they appear on the left or right side.For example, , stands for ⊢ in more conventional notation.
Definition 3.1.If is a formula, we call and annotated formulas.A sequent is a set of at most two annotated formulas.We use Γ and Δ to represent sets that are either empty or contain exactly one annotated formula (|Γ| ≤ 1, |Δ| ≤ 1).
Figure 2 shows our sequent calculus for orthologic, parameterised by a set of sequents called axioms.In the present article, orthologic, or denotes this specific proof system.Without the support for arbitrary axioms, an equivalent system, with a different presentation, was introduced in [Schulte Mönting 1981].
Note that the axioms we consider in this section are not universally quantified: they refer to arbitrary but fixed propositions.
One can think of this proof system as Gentzen's sequent calculus for classical logic [Gentzen 1935] restricted to ensure the following syntactic invariant: At any given place in a proof, a sequent never has more than two formulas on both sides combined.
This restriction on the proof system bears resemblance to the syntactic restriction of intuitionistic sequent calculus, where a sequent can never have more than one formula on the right side, a restriction lifted in the classical logic sequent calculus system.Compared to intuitionistic logic, orthologic allows us to prove ⊢ , ¬ , represented as , (¬ ) , using the following steps.Hyp , RightNot , (¬ )  On the other hand, orthologic restricts the number of assumptions on the left side of the sequent.This strong restriction will be rewarded by the existence of a polynomial-time proof search procedure.
Definition 3.2.We say that a deduction rule is admissible if any sequent that can be proven with the rule can be proven without.

Orthola ice Semantics for Orthologic
We interpret a sequent , as ≤ in an ortholattice.More generally, we have the following definition.
Definition 3.3.The interpretation of a sequent is given by the following table, where ∅ denotes the empty sequent: The intended reading of the table above is a mapping of sequents (which are sets) to ortholattice atomic formulas up to logical equivalence.The set { , } can be mapped to either ≤ ¬ or to ¬ ≤ , but these are equivalent in an ortholattice (analogously for mapping { , }).
The interpretation of a deduction rule in Figure 2 with premises 1 , . . ., and a conclusion , is the universally quantified first-order logic formula 1 & . . .& =⇒ .Given an axiom set we talk about ortholattice with presentation by taking the interpretation of all axioms in .Our proof system can prove every axiom of ortholattices (Table 2) and, conversely.
Lemma 3.4 (Soundness and Completeness of Deduction Rules).Let be an arbitrary (possibly infinite) set of axioms.A sequent has a derivation from using the rules of orthologic (Figure 2) iff its interpretation is in the first-order theory of ortholattices (Table 2) with presentation .

P
. Sketch.For every Table 2 law of the form 1 ∧ . . .∧ → , a matching deduction rule 1 ... is easily seen to be admissible.Conversely, for every deduction rule of Figure 2, the corresponding law is a consequence (in first order logic) of the axioms of Table 2.
For any axiom set , this makes our system (with the Cut rule) sound and complete for the class of all ortholattices satisfying axioms in .Note that this interpretation is compatible with the interpretation of sequents in classical logic.We can use the soundness and completeness to obtain simple model-theoretic proofs for orthologic.We can show, for example, that substitution of equivalent formulas is admissible.Lemma 3.5.Let Γ and Δ denote sets with at most one labelled formula each.Let Γ [ := ] denote the substitution inside Γ of (a placeholder formula symbol) by .The following rule for substitution of equivalent formulas is admissible in orthologic: and , can be shown then arbitrary occurrences of in a proven sequent can be replaced by .

P
. The argument is semantic.Fix any ortholattice O satisfying the axioms.Since both , and , are provable, it follows that = in O. Hence,

Partial Cut Elimination
As a sequent calculus, our system has structural rules, introduction rules for each logical symbol and a Cut rule, but no elimination rule.Consequently, by inspecting all rules, we conclude that Cut is the only rule whose premises contain formulas that are not subformulas of the concluding sequent.Definition 3.6.In an instance of a Cut rule in Figure 2, we call the formula the cut formula.In an instance of a left or right rule, the newly constructed formula is called the principal formula.In the Weaken rule, if Δ contains a formula, it is also called the principal formula.[Schulte Mönting 1981] showed that orthologic, without arbitrary non-logical axioms, admits cut elimination.The crucial challenge is that, in contrast to classical or intuitionistic calculus, we cannot simply add additional assumptions to the left-hand side of sequents in orthologic derivations.The reason is the restriction on the number of formulas in sequents.The following example illustrates this phenomenon.
Example 3.1.We saw in Section 1.2 that ( ∧ (¬ ∨ )) ≤ is not always valid.In particular, the sequent ( ∧ (¬ ∨ )) , is not provable in orthologic without axioms.However, with axiom ( ∧ (¬ ∨ )) , the sequent is provable as follows.First, (¬ ∨ ) is provable: In a classical sequent calculus system, the above derivation using the axiom ∧ (¬ ∨ ) could be transformed into a new derivation where each sequent has an additional assumption ∧ (¬ ∨ ) and where the use of axiom rule is replaced with the use of the Hyp rule.This transformation does not apply to : it would create sequents with more than two formulas, which, by the definition in Figure 2 cannot appear in proofs.
For this reason, the ability to add non-logical axioms is crucial in orthologic.We aim to extend the cut elimination property to proofs containing arbitrary axioms.This will allow us to devise an efficient decision procedure for orthologic with axioms, and, by extension, the word problem for finitely presented ortholattices.Moreover, the proof we present is constructive, in the sense that it shows an algorithmic way to eliminate instances of the Cut rule from a proof.Furthermore, we need not worry about the size of the transformed proof, because our Cut elimination property will enable us to derive a subformula property and a bound on the size of the proof of any given formula.
However, the system does not allow for complete cut elimination in the presence of axioms, as the following short example shows.
Example 3.2.Let 1 , 2 , be distrinct variables and let the sequent ( 1 ∨ 2 ) , be the only axiom.The sequent 1 , is then provable: 1 , but it cannot be proven without using the Cut rule.To see why, note that Hyp, LeftAnd, RightAnd, LeftOr, RightOr, LeftNot, RightNot do not yield sequents whose syntactic form can be 1 , .Furthermore, Ax does not produce the desired sequent as it is not the axiom.Finally, Weaken does not help because its premise would not be provable: neither 1 nor are individually provable from the axiom, as can be seen by a semantic argument: it could be, for example, that both 1 and have value 0 or both have value 1 in an ortholattice that satisfies the axiom.
Thus, cut rule is in general necessary when reasoning from axioms, and we need to formulate a suitable generalization of the concept of cut elimination.For this purpose, we define the rank of an instance of the cut rule.
Definition 3.7.An instance of the Cut rule has rank 1 if either of its premises is an axiom.It has rank 2 if either of its premises is the conclusion of a rank 1 Cut rule.
The following theorem is our main result.It implies that the Cut rule can be eliminated or restricted to only cut with respect to axioms.Part (1) has immediate consequences for the subformula property.Part (2) gives further insight into normalized proofs, further restricts our proof procedure in the next section, and it helps with the inductive argument in the proof of the theorem.
Theorem 3.8 (Cut Elimination for Orthologic).If a sequent is provable in the system of Figure 2 with axioms Ax( • , ) • , for all ( • , ) ∈ ( and are formulas, • and are side annotation), then there is a proof of that sequent from the same axioms such that: (1) All instances of the Cut rule use only formulas among 1 , ... , 1 , ..., as cut formulas.
(2) All instances of the Cut rule are rank 1 or 2.

P
. If a proof does not satisfy the properties (1) and ( 2) of the theorem statement, then there is a Cut rule for which the condition in (1) or (2) does not hold.Consider a derivation using such a Cut rule as the last step; when Cut is not bottommost, the properties follow trivially by induction.Let the proof be of the form: where A and B are the proof trees whose conclusions are respectively the left and right premises and is the Cut formula.We show that there exists a proof of Γ, Δ that satisfies the two properties of the theorem.
We proceed by induction on the length of the proof.Hence, we can assume by induction that A and B satisfy properties 1 and 2. By induction hypothesis, it suffices to show how to transform the proof of Γ, Δ into one where Cut is used only in subproofs strictly smaller than the proof we started with.We do case analysis on A and B, showing for each case how to transform the proof in this way.↩→ denotes this transformation.
Case 1. Suppose A ends (and hence starts) with a Hypothesis rule.Then, Γ = and , Δ can be reached using only B. The case where B is a Hypothesis rule is symmetric.
Case 2. (A ends with Weaken) Case 2.a Suppose A ends with a Weaken rule and is not the principal formula (see Definition 3.6).
In the transformed proof, A ′ is part of A, so Cut applies to a smaller subproof and can be transformed to satisfy the properties (1) and ( 2) by inductive hypothesis.
Case 2.b Suppose A ends with a Weaken rule and is the principal formula.
Case 3. (A ends with a Left rule where is not principal) Case 3.a Suppose A ends with a LeftAnd rule where Γ = ( ∧ ) The cases where B ends with a Right rule are symmetric.
Case 4. If A ends with Right rule where is not the principal formula, the transformation is symmetric to the Left rule case.Similarly if B ends with a Left rule where is not the principal formula.
Case 5. (A ends with Right rule and B with a Left rule, is principal in both) Case 5.a Suppose A ends with a RightOr rule, i.e. = ( ∨ ).In this case, B has to end with a LeftOr rule, as it is the only Left rule that can produce ( ∨ ) Case 5.b If A ends with a RightAnd rule and B with a LeftAnd, the transformation is symmetric to case 5.a Case 5.c If A ends with a RightNot rule and B a LeftNot rule, and = ¬ is principal in both: , Δ Cut Γ, Δ Case 6. Suppose either A or B end with an Axiom rule.Then, properties 1 and 2 are immediate.
Case 7. Suppose A ends with a Cut rule, which by induction we can assume is rank 1 or 2. Case 7.a If A is rank 1, the following transformation works, since if A ′′ is an axiom both properties immediately hold for both Cuts, and if A ′ is an axiom, both properties hold for the last cut and the other cut has smaller size.
Case 7.b Suppose A is rank 2 and it is A ′ that ends with a rank 1 Cut: 2 is, the same transformation as above works because the last cut again has the axiom as a cut formula.If A ′ 1 is an Axiom, we transform to the following: Then, the new Cut 3 is of rank 1 and its cut formula is part of an axiom.Cut 2 is of strictly smaller size than the proof we started from, so by induction its conclusion can be obtained with a proof satisfying properties 1 and 2. Case 7.c Suppose now that A ′′ is a rank 1 Cut.We transform the proof as follows: 2 is an axiom.In both cases, Cut 3 is of rank 2 and its cut formula is part of an axiom.The proofs ending with Cut 1 and Cut 2 are of strictly smaller size than the original proof, so by induction they can be made to satisfy the desired properties 1 and 2 (one of them is already rank 1).
The above cases cover all possibilities for how the premises of the topmost cut in the proof are constructed, concluding the proof.
Since sequent calculus for orthologic has no elimination rule, traversing a sequent backwards in its proof obtained by Theorem 3.8 we obtain the following subformula property.
Corollary 3.9 (Subformula Property for Orthologic).If a sequent has a proof in the proof system of Figure 2 with axioms, then it has such a proof where each formula in each sequent ocurring in the proof is a subformula of or a subformula of an axiom.

P
. Let be a sequent that has a proof.By Theorem 3.8, consider a proof of with properties (1) and (2).We view the proof as a directed tree with root , whose nodes are the sequents occurring in the proof.We show that each formula in the node is a subformula of or of an axiom, by induction on the distance of the tree node to the root .The property trivially holds for the root .Suppose now that the property holds for a node ′ in the tree; we show that it also holds for its children.We consider all applicable rules in Figure 2. Hyp rule has no children, so there is nothing to show.Consider a Cut rule and one of its children, Γ, .Then Γ is a subformula because it is a part of ′ , whereas is a part of the axiom by property (1).The case for the other child , Δ of the Cut rule is analogous.The case of the Left and Right rules are easy: we observe that their premises are sequents whose formulas are subformulas of the conclusion ′ , so they are a subformula of ′ or of axioms, by inductive hypothesis and the transitivity of the "subformula" relation.Finally, if ′ is obtained using the axiom rule, then its formulas are subformulas of the axioms by definition.

CUBIC-TIME PROOF SEARCH
In this section we show that the subformula property (Corollary 3.9) not only implies a quadratic bound on the size of proofs, but also allows us to define an ( 3 ) proof search procedure.Such deterministic polynomial-time search is in contrast to co-NP completeness of validity in classical propositional logic [Cook 1971] and to PSPACE completeness of validity in intuitionistic logic [Statman 1979;Urzyczyn 1997].We assume that the set of axioms is finite throughout this section.
Our approach is to eliminate from the proof system in Figure 2 deduction steps which do not satisfy the conditions of Theorem 3.8.We assume that no axiom is a trivial one ≤ , as that one does not help prove anything.
Algorithm 1: Cubic-Time Proof Search for with Axioms 1 type Formula * // an annotated formula or a special None value 2 A: Set[(Formula * , Formula * )] ← Input // set of axioms 3 AxFormulas: Set[Formula] ← { { , } | { , • } ∈ A} // formulas from axiom sequents 4 proven: Set[(Formula * , Formula * )] ← Set.empty // formulas already proven 5 visited: Set[(Formula * , Formula * )] ← Set.empty // formulas whose proof is being attempted 6 def prove(Γ: Formula * , Δ: Formula For a formula, sequent or set of formulas or sequents , let denote the number of subformulas in .This is asymptotically equal to the number of symbols needed to represent .In particular for the set of axioms, is the number of subformulas in all axioms of whereas | | is the number of axioms. Lemma 4.1 (Bound on Intermediate Sequents).There is a function that when given computes a set relevant( ) containing at most 4( + ) 2 intermediate sequents such that if is provable then it is provable with a proof whose all sequents appear in relevant( ).

P
. By Corollary 3.9, there is a proof where each formula is a subformula of or of .Let relevant( ) be the set of all sequents built from these formulas.There are at most 2( + ) of labelled subformulas.A sequent has at most two labelled subformulas, and the number of sequents is bounded by the number of ordered pairs of labelled formulas, which is 4( Lemma 4.2 (Bound on Branching).Let be a set of axioms, and let be a sequent.Then, if has a proof in the system of Figure 2 then there are at most 7 + 4| | valid instances of rules whose conclusion is .We call the sequents above in these steps the possible parents of .

P
. Let be a sequent of the form Γ, Δ.We state in parentheses the maximal number of valid instances for each of the rules in Figure 2: • (1) can be deduced by an application of the hypothesis rule or from the axiom rule (not both as we assume the axioms are non-trivial) • (2) Γ, Δ can follow using weakening, from either Γ or Δ • (2) Γ, Δ can follow using a Left or a Right rule on Γ in at most two ways, depending on the structure of Γ: -If Γ = (¬ ) then can be deduced from , Δ with LeftNot -If Γ = ( ∧ ) then can be deduced in two ways using LeftAnd: from , Δ and from , Δ -If Γ = ( ∨ ) then can be deduced in exactly one way using LeftOr: from both , Δ and , Δ.

P
. In Algorithm 1 we present pseudocode for backward search.Each line from 8 to 16 corresponds to trying a specific deduction rule.
For an input sequent , the proof strategy consists in recursively computing the possible parents of .By Lemma 4.1, proof of a sequent need only involve at most 4( + ) 2 intermediate sequents, which is O( 2 ).Moreover, note that to compute the possible parents of a sequent, we need not observe the formulas entirely but only their roots, so computing one possible parent is constant time.Moreover, by Lemma 4.2, a sequent can only have at most + 4| | possible parents, so reducing a sequent to all of its possible parents has complexity O(1 + | |).The final complexity of the proof search procedure is bounded by generating parents for all possible sequents we can encounter, which is Note on the complexity of memoization.The complexity argument of the previous proof requires memoization to be efficient.However, a naive implementation of the "visited" and "proven" sets can increase the total runtime if the sets are implemented as lists or rely on structural equality of formulas, which has itself complexity linear in the size of the formulas.Instead, we can use the following approach.Assign to every annotated formula a unique integer (of size O(log( )), or a word in the usual word RAM model).Then assign a field to every annotated formula, storing a hash table with integers as keys and Booleans as values.When a sequent of the form , is proven, set a.m(b.id) and b.m(a.id) to True.If the proof search fails, set them to False.With this representation, the checks of lines 7-10 reduce to one access in a hash table, and line 24 to one update (which takes amortized constant time in the word RAM model).

Merging Axioms for adratic Complexity
In the particular case where = ∅, Algorithm 1 is quadratic, which is also the best known result for the word problem and normalization problem in both ortholattices and lattices [Guilloud et al. 2023a;Whitman 1941].In general, it can be beneficial to keep the number of axioms as small as possible.For this purpose, we can combine axioms with the same left-hand side into one.Given two axioms representing ≤ 1 and ≤ 2 we can merge them into an equivalent one ≤ 1 ∧ 2 .Indeed, given an axiom sequent { , ( 1 ∧ 2 ) } we can derive { , 1 } as follows: , 1 Dually, we can merge axioms with the same right-hand side, 1 ≤ and 2 ≤ into 1 ∨ 2 ≤ .Finally, ≤ ¬ can be rewritten into ≤ ¬ and vice versa.We can repeat this process until all left-hand sides and all right-hand sides of axioms are distinct, and no left side is a complement of a right side (we can even use normal forms for ortholattices to make such checks more general [Guilloud et al. 2023a]).Such axiom pre-processing transformations do not change the set of provable formulas.They can be done in time O( 2 ) and they reduce | | while not increasing .Using such transformations can thus improve the cubic bound for certain kinds of axiom sets.As a very special case, if all axioms have the form 1 ≤ and ≤ 0 (corresponding to singleton sequents), we can combine them into a single axiom, obtaining O( 2 ) complexity.
Corollary 4.4.There is an O( 2 ) algorithm for checking provability from axiom sets in which all axioms are singleton sequents.

PROOF STRENGTH OF ORTHOLOGIC WITH AXIOMS
The previous section established a cubic time algorithm (Algorithm 1) for deriving all consequences of axioms that hold in orthologic.This generalization is sound for classical logic while still being efficient.A key question then is: how precise is it as an approximation of classical logic?
To help answer this question, we present several classes of classical problems that our algorithm solves exactly: it is not only sound for them (as it is for all problems), but also complete: it always finds a proof if, e.g., a SAT solver would find it.Furthermore, we partly characterize our proof system in terms of restricted forms of resolution for propositional logic.
We are interested in traditional classes of deduction problems that are solvable by proofs.Formally, we define the deduction problem in orthologic, and, respectively, classical logic.Definition 5.1.An instance of the deduction problem is characterized by a pair ( , ) where is a set of axioms and the goal, all of which are sequents whose interpretation as inequality is given by Section 3. The deduction problem in (resp.) consists in deciding if the goal can be derived from axioms in orthologic (resp.classical logic).If this is the case, then the instance is called valid.Definition 5.2.An instance of the deduction problem is -solvable if and only if it has the same validity in and .A class of instances of the deduction problem is -solvable if and only if all its members are -solvable.

As
is sound relative to , the following are equivalent formulations of -solvability: • The instance has a proof in if and only if it has a proof in .• The goal of the instance is true in all ortholattice interpretations satisfying the axioms if and only if it is true in all {0, 1} interpretations satisfying the axioms.In particular, if the goal of the instance is the empty sequent (hence, we talk about the consistency of axioms), -solvability of ( , ∅) is equivalent to each of the following statements: • The axioms of the instance are either unsatisfiable in or satisfiable in .• The axioms of the instance either have a non-trivial Boolean model, or admit only the trivial one-element structure as a model among all ortholattices.
In particular, Theorem 4.3 gives a polynomial-time decision procedure with respect to classical logic for any class of deduction problems instances that are -solvable.
In the sequel, we look at the satisfiability of propositional logic formulas in conjunctive normal form (CNF), which are conjunctions of clauses, as their analysis plays an important role in proof theory of and the practice of SAT solving.Among the simplest and most studied refutationally complete systems for is resolution on clauses, shown in Figure 3.
Fig. 3.The Resolution proof system with hypothesis and weakening rules.and ′ represent arbitrary sets of literals.This system is complete for deriving contradictions in , with formulas expressed in conjunctive normal form, even without the Weaken and Hypothesis rules [Robinson and Voronkov 2001, Chapter 2].

Completeness for 2SAT
We start with the simplest example of a CNF, the 2CNF class.A 2CNF formula is a finite set of clauses 1 , ..., , where each clause is a disjunction of two literals or a single literal.For example, ( ∨ ¬ ), (¬ ∨ ), (¬ ) is a 2CNF formula.2SAT if the problem of deciding if a 2CNF formula is satisfiable, i.e. if it has a model in the two-element Boolean algebra.Conversely, the instance is unsatisfiable if and only if the conjunction of the clauses implies falsity.
We next show how to encode a 2SAT instance into an deduction problem.The idea is to view a 2SAT instance as a deduction problem ( , ∅) where each axiom in is a sequent containing at most two labelled variables as formulas.We create an axiom sequent for each clause, where a negative literal ¬ becomes labelled formula and a positive literal becomes .For example, {¬ , } becomes , .Similarly, { , } becomes , , whereas { } becomes .This encoding is equivalent (in ) to the 2SAT instance, with the interpretation of sequents given in Definition 3.3.
Consider the Resolution prof system shown in Figure 3.For 2SAT instances, the outcome of resolution can be simulated by orthologic using the Cut rule, which allows us to prove the following.

P
. Consider a 2CNF and its representation as a set of sequents.The instance is unsatisfiable in if and only if there exist a derivation of the empty clause in Resolution.We proceed by induction on the Resolution derivation to show that if a clause is derived, then there is anproof of the corresponding sequent.
Consider a Resolution step between two clauses of (at most) two elements.The sequent corresponding to its conclusion can be deduced from the sequent corresponding to its premises by a single application of the Cut rule in orthologic.
Where and are one arbitrary literals (or no literal) and Γ and Δ represent the corresponding annotated formula (or absence thereof).Weaken and Hypothesis steps are similarly simulated by the eponymous steps in .
Conversely, if the empty sequent is derivable in orthologic, then no non-trivial ortholattice satisfy the assumptions, and hence no Boolean algebra.
Definition 5.6.For an arbitrary variable , the complement of is ¬ and the complement of ¬ is .Two deduction problems 1 and 2 are renamings of each other if there exists a set of variables such that complementing variables of in the axioms and goal of 1 yields 2 .
Lemma 5.7.Let be a deduction instance such that is valid in if and only if it is valid in .Then all renamed versions of are valid in if and only if they are valid in .

P
. In , if 1 and 2 are renamed versions of each other by a set of variables , 1 and 2 have the same validity.Indeed, suppose there is an ortholattice O and assignement 1 : → O that is a counter model of (meaning it satisfies the axioms but not the goal, so 1 is invalid).Then define 2 such that 2 ( ) = 1 ( ) if ∉ and 2 ( ) = ¬ 1 ( ) if ∈ .It is then easy to check that since ¬¬ = in , 2 is a counter model for 2 .Hence if 1 is invalid then 2 is invalid.Conversely, if 2 admits a counter model, then 1 admits a counter model as well.
Similarly in , 1 and 2 have the same validity by the same argument, considering assignments → {0, 1} as counter models.Hence, since 1 has the same validity in and , so does 2 .

Tseitin's Transformation for Orthologic Axioms
Tseitin's transformation for classical logic transforms a formula with arbitrary alternations of conjunctions and disjunctions into one in Conjunctive Normal Form (CNF) that is equisatisfiable.The transformation works by introducing a linear number of new variables, and runs in near linear time.This justifies the focus of SAT solvers on solving formulas in CNF.
The essence of Tseitin's transformation in classical logic is to introduce variables, such as , that serve as names for subformulas, such as , with the interpretation of bound to be equal the interpretation of .Unfortunately, we cannot express such transformation as a single formula, because knowing that ¬ ∨ equals 1 inside a formula does not imply ≤ .On the other hand, once we make use of the power of axioms, the usual Tseitin's transformation again becomes possible.This shows the importance of adding axioms to orthologic reasoning.
Definition 5.8 ( -Tseitin transformation).Given a deduction problem instance with axioms and goal (where we assume without loss of generality that all formulas are in negation normal form), pick an arbitrary strict subexpression of a formula in or of the form ∧ or ∨ , for some literals and .Pick a fresh variable , introduce the axioms , and , and replace by in and .Repeat until all formulas have height at most 2. We say that a problem ( , ) is in Tseitin normal form if it is obtained from another problem using this transformation.
The transformation does not alter the validity of a deduction problem instance in , since we merely defined aliases for subexpressions.Indeed, having both ( , ) and ( , ) as axioms is equivalent to forcing = in all models.

Resolution Width for Orthologic Proofs in CNF Consider an
proof for a deduction problem to which we applied -Tseitin's transformation.If • and denote arbitrary {_ , _ } annotations, the resulting problem will only contain sequents of the form: { • , ( ∧ ) }, { • , ( ∨ ) }, { • , }, { • }, and ∅, for some literals , and .Moreover, remember that by the subformula property (Corollary 3.9), if the problem admits a proof, then it has a proof that only uses formulas among , ∧ and ∨ (for any literals and appearing in the problem).Hence, we can constrain every proof of to involve only sequents of at most 4 literals.In classical logic, every sequent appearing in the proof would then be equivalent to a conjunction of disjunctions of literals (i.e. a conjunction of clauses).In the simplest case: For sequents involving a left disjunction or right conjunction, using greatest lower bound and lowest upper bound properties of ∧ and ∨: And similarly with all combinations of and , where, for example, a conjunction with polarity behaves much like a disjunction with polarity.We say that such a set of clauses represents the corresponding sequent.Crucially, each of these clauses contains at most 4 literals.We now consider again the Resolution proof system of Figure 3.Note that we work with plain resolution and not extended resolution that introduces fresh variables on the fly [Tseitin 1983].
Definition 5.9.The width of a resolution proof is the number of literals in the largest clause appearing in the proof.
The next theorem characterizes the width of those classical logic resolution proofs that suffice to establish all formulas provable by derivations.
Theorem 5.10.An proof of a problem in -Tseitin normal form can be simulated by Figure 3 proofs of width 5.

P
. Consider an proof that satisfies properties of Theorem 3.8.We proceed by induction on the structure of such proof.The cases of non-cut rules are immediate.Namely, Hypothesis and Weakening in are directly simulated by the corresponding steps in Resolution.In LeftNot, the principal formula must be a literal, so that the clause representation of the conclusion is the same as the interpretation of the premise.In LeftOr, similarly, the representation of the conclusion is the conjunction of the representations of the premises.LeftAnd is simulated in a Resolution proof by Weakening.Right-steps are symmetrical to Left-steps.The only non-trivial case is the Cut rule.The cut formula can have different shape (1) The cut formula is a literal Γ, , Δ Cut Γ, Δ We then have technically 36 different cases to describe depending on whether Γ and Δ are conjunctions, disjunctions or literals and their polarity.We show the two extreme cases, and all other can be deduced by symmetry.If Γ and Δ are left conjunctions, right disjunctions or literals, the Cut rule is simulated with a single Resolution instance: Where each of the clause in the conclusion can be reached by using Resolution on two of the clauses in the premises.
In this section, variables denote variable symbols at the term level, and not propositional variables.We fix two disjoint countably infinite sets of symbols: constants , and variables .A predicate signature Σ specifies a finite set of predicate symbols { 1 , . . ., } with their non-negative arities , and a finite non-empty set of constants ¯ = { 1 , . . ., }. Define the set of atomic formulas over Σ as An EPR formula (over Σ) is a formula constructed from Σ using ∧, ∨, ¬, corresponding to T Σ ( ).An annotated EPR formula is or where is an EPR formula.An EPR sequent is a set of at most two annotated EPR formulas.The degree of a formula or sequent is the number of distinct free variables in it.The degree of a finite set of sequents, ( ), is the maximum of degrees of its sequents.An atomic formula, formula, or a sequent is ground if it contains no variables (only constants), that is, it has degree zero.Definition 6.1.An EPR deduction instance is a set ( , ) where (the axioms) is a set of EPR sequents and (the goal) is an EPR sequent.Definition 6.2.An instance of a formula (respectively, sequent) is a formula (or sequent) obtained by replacing all occurrences of some variables by other variables or constants.The expansion of a formula (respectively, sequent), denoted * , is the set of all of its instances.* is countable, and infinite if contains at least one variable.If is a set of sequents then * = { * | ∈ }.For an EPR deduction instance ( , ) its expansion is ( * , ).Definition 6.3.EPR-OL-D is the problem, given a signature Σ and EPR deduction instance ( , ) over Σ, decide whether its expansion ( * , ) is a valid deduction instance (in the sense of Definition 5.1).
We first show as an intermediate lemma that we only need to look at instances of using variables appearing in and constants in and .
Lemma 6.4.Suppose has a proof P involving axioms in * .Then it has a proof containing only variables that appear in and constants in and .

P
. If a variable appears somewhere in P but not in , then it has to be eliminated by a Cut rule at some point.
A Γ, ( ) B ( ) , Δ Cut Γ, Δ Let ∈ ¯ be any constant symbol of Σ.Let A [ := ] be the proof A with every instance of replaced by .For any given axiom ∈ * , [ := ] is also an axiom of * , so that all axioms steps occurring in A [ := ] are correct.It is easy to see that all non-axioms steps in A [ := ] remain correct under the substitution.Because by assumption the Cut rules eliminates from the formula, Γ does not contain and hence the conclusion of A [ := ] is exactly Γ, ( ) .The same can be done to B, so that we obtain a proof where does not appear: To eliminate constant, we use the same argument except that since axioms are not stable under renaming of constants (but all other rules and in particular the hypothesis rule are), we cannot eliminate constant symbols appearing in .Guilloud et al. [2023a] use ortholattices in the context of software verification as an approximation of Boolean algebra.They present an algorithm able to normalize any formula into an equivalent one (by ortholattices laws) of smallest size, with the goal of improving caching efficiency and reducing formula size for SMT solving.Their approach does not involve a proof system and does not support axioms in general.
Researchers have explored extensions of Datalog with negation and disjunction, with various computable semantics.Most of these models do not correspond to classical models of predicate logic.Datalog is declarative, but most of its extensions rely on procedural semantics.In a line of work starting with [Clark 1978], negation has been introduced with a failure meaning, where if cannot be verified, then ¬ is taken to hold.[Kunen 1987] introduces a formal (but not decidable) semantic for negation as failure.[Apt et al. 1988] introduces the notion of stratified programs.This consists in specifying layers of clauses evaluated increasingly, so that if is not shown in a level, ¬ is assumed in the next, which differs from orthologic semantics.[Gelfond and Lifschitz 1991] introduce a notion of classical negation but the logic is not classical, as ¬ → and ¬ → are not equivalent in the proposed semantics.The use of Datalog in program analysis inspired researchers to define Datalog with lattice semantics [Madsen et al. 2016], which explicitly incorporates the concept of fixed point of particular lattices into the language semantics.Our approach is instead to view Datalog in the broader context of validity in all ortholattices, with orthologic as a convervative approximation of validity for classical logic that is always sound and, in several cases we identified, complete.

CONCLUSIONS
We have studied algorithmic and proof-theoretic properties of orthologic, a sound generalization of classical logic based on ortholattices.We have shown a form of generalized cut elimination for propositional orthologic in the presence of axiom, implying a subformula property.We have used this result to design a cubic-time proof search procedure for orthologic with axioms (quadratic with bounded cardinality of axiom sets).Furthermore, we have shown that some classes of classical decision problems including 2CNF, propositional Horn clause generalizations and Datalog always admit proofs.This provides sound and complete polynomial-time reasoning for a number of theorem proving tasks in classical logic.We anticipate applications of orthologic with axioms in predictable proof automation inside proof checkers, program verifiers, and expressive type systems.
b) Rule for additional non-logical axioms.

Fig. 2 .
Fig. 2. Sequent-calculus rules for Orthologic derivations from a set of axioms .Sets Γ and Δ are either empty or a single formula on any side.

-
Right rules are symmetrical and either Left or Right rules apply to Γ, not both • (2) Γ, Δ can follow using a Left or Right rule on Δ in also at most two ways, entirely analogously to the previous case.• (4| |) Γ, Δ can be deduced using the Cut rule in 4| | different ways: the cut formula can be any formula among the left or right sides of axioms (thanks to Theorem 3.8 property (1)), for at most 2| | different formulas, and for each the Cut instance can be either of Γ, , Δ Cut Γ, Δ or Δ, , Γ Cut Γ, Δ We thus obtain the desired bound 1 + 2 + 2 + 2 + 4| | = 7 + 4| |.Theorem 4.3.There is a proof search procedure for running in time O((1 + | |) 2 ), where | | is the number of given axioms and the total size of the problem.

Table 2 [
Kalmbach 1983;Meinander 2010].Note also that for any terms , we have = if and only if both ≤ and ≤ .The relation = defined this way is a congruence relation for ≤, ∧, ∨ and ¬ and thus becomes equality in the quotient structure.From the point of view of first-order logic with equality, each model of Table1axioms can be extended to a model of Table2by defining the inequality ≤ as the truth value of the atomic formula = ( ∧ ).Moreover, we have the converse: each model of Table 2 axioms induces a quotient structure with respect to the ≤ & ≤ relation; this structure is a model of Table 1 axioms. P1: