val plus : nat -> nat -> nat =
fn x => rec x of 
   p 0 => fn y => y
 | p (s n) => fn y => s (p n y)
 end;

proof plus0R : (!m:nat. m = plus m 0) =
begin
[m : nat;
 0 = plus 0 0;
 [x : nat , x = plus x 0;
  s x = plus (s x) 0];
 m = plus m 0];
(!m:nat. m = plus m 0);
end;

proof plusSR : (!n:nat. !m:nat. s(plus n m) = plus n (s(m))) = 
begin
[x : nat;
 0 = 0;
 [y : nat , y = y;
  s(y) = s(y)];
 x = x];
!x:nat.(x = x);

[n : nat;
 [m : nat;
  s m : nat;
  s(m) = s(m);
  s(plus 0 m) = plus 0 (s(m));
  [x : nat ,  s(plus x m) = plus x (s(m));
   s(plus (s x) m) = plus (s x) (s(m))];
  s(plus n m) = plus n (s(m))]; 
 !m:nat. s(plus n m) = plus n (s(m))]; 
(!n:nat. !m:nat. s(plus n m) = plus n (s(m)));
end;

proof eqtrans : !x:nat. !y:nat. !z:nat. (x = y) => (y = z) => (x = z) =
begin
[x : nat;
 % zero case x
 [y : nat;
  % zero case y
  [z : nat; 
   [0 = 0;
    [0 = z;
     0 = z];
   (0 = z) => (0 = z)];
   (0 = 0) => (0 = z) => (0 = z)];
  !z:nat. (0 = 0) => (0 = z) => (0 = z);

  % succ case y
  [y : nat , !z:nat. (0 = y) => (y = z) => (0 = z);
   [z : nat;
    [0 = s y;
     (s y = z) => (0 = z)];
    (0 = s y) => (s y = z) => (0 = z)];
   !z:nat. (0 = s y) => (s y = z) => (0 = z)];
  !z:nat. (0 = y) => (y = z) => (0 = z)];

 !y:nat. !z:nat. (0 = y) => (y = z) => (0 = z);

 % succ case x
 [x : nat, !y:nat. !z:nat. (x = y) => (y = z) => (x = z);
  [y : nat;
   % zero case y
   [z : nat;
    [((s x) = 0);
     (0 = z) => ((s x)= z)];
    ((s x) = 0) => (0 = z) => ((s x)= z)];
   !z:nat. ((s x) = 0) => (0 = z) => ((s x)= z);


   % succ case y
   [y : nat , !z:nat. ((s x) = y) => (y = z) => ((s x)= z);
    [z : nat;
     [((s x) = (s y));
      x = y;
       % zero case z 
       [((s y) = 0);
        ((s x)= 0)];
       ((s y) = 0) => ((s x)= 0);  
       % succ case z
       [z : nat, ((s y) = z) => ((s x)= z);
        [s y = s z;
	 y = z;
	 !z:nat. (x = y) => (y = z) => (x = z);
	 (x = y) => (y = z) => (x = z);
	 (y = z) => (x = z);
	 (x = z);
	 s x = s z];
        ((s y) = (s z)) => ((s x)= (s z))];  
      ((s y) = z) => ((s x)= z)];  
     ((s x) = (s y)) => ((s y) = z) => ((s x)= z)];  
    !z:nat. ((s x) = (s y)) => ((s y) = z) => ((s x)= z)];  
  
   !z:nat. ((s x) = y) => (y = z) => ((s x)= z)];
  !y:nat. !z:nat. ((s x) = y) => (y = z) => ((s x)= z)];
 !y:nat. !z:nat. (x = y) => (y = z) => (x = z)];
!x:nat. !y:nat. !z:nat. (x = y) => (y = z) => (x = z);
end;

term eqrefl : (!m:nat. m = m) = 
fn m => rec m of 
          r 0 => eq0
        | r (s x) => eqS (r x)
end; 

term plus0R : (!m:nat. m = plus m 0) =
fn m => rec m of 
          p 0 => eq0
        | p (s x) => eqS (p x)
end; 

term plusSR : (!m:nat. !n:nat. s (plus m n) = plus m (s n)) =
fn m => rec m of
   r 0 => fn n => eqrefl (s n)
 | r (s x) => fn n => eqS (r x n)
end;

term pluscomm : (!m:nat. !n:nat. plus m n = plus n m) =
fn m => fn n => 
 rec m of 
   r 0 => plus0R n
 | r (s m') => eqS (r m')
end;