Size, Cost, and Capacity: A Semantic Technique for Hard Random QBFs

12/11/2017 ∙ by Olaf Beyersdorff, et al. ∙ Friedrich-Schiller-Universität Jena 0

As a natural extension of the SAT problem, an array of proof systems for quantified Boolean formulas (QBF) have been proposed, many of which extend a propositional proof system to handle universal quantification. By formalising the construction of the QBF proof system obtained from a propositional proof system by adding universal reduction (Beyersdorff, Bonacina & Chew, ITCS `16), we present a new technique for proving proof-size lower bounds in these systems. The technique relies only on two semantic measures: the cost of a QBF, and the capacity of a proof. By examining the capacity of proofs in several QBF systems, we are able to use the technique to obtain lower bounds based on cost alone. As applications of the technique, we first prove exponential lower bounds for a new family of simple QBFs representing equality. The main application is in proving exponential lower bounds with high probability for a class of randomly generated QBFs, the first `genuine' lower bounds of this kind, which apply to the QBF analogues of resolution, Cutting Planes, and Polynomial Calculus. Finally, we employ the technique to give a simple proof of hardness for the prominent formulas of Kleine Büning, Karpinski and Flögel.

READ FULL TEXT VIEW PDF
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

1. Introduction

1.1. Proof complexity and solving

The central question in proof complexity can be stated as follows: Given a logical theory and a provable theorem, what is the size of the shortest proof? This question bears tight connections to central problems in computational complexity [Bus12, CR79] and bounded arithmetic [Kra95, CN10].

Proof complexity is intrinsically linked to recent noteworthy innovations in solving, owing to the fact that any decision procedure implicitly defines a proof system for the underlying language. Relating the two fields in this way is illuminating for the practitioner; proof-size and proof-space lower bounds correspond directly to best-case running time and memory consumption for the corresponding solver. Indeed, proof complexity theory has become the main driver for the asymptotic comparison of solving implementations. However, in line with neighbouring fields (such as computational complexity), it is the central task of demonstrating lower bounds, and of developing general methods for showing such results, that proves most challenging for theoreticians.

The desire for general techniques derives from the strength of modern implementations. Cutting-edge advances in solving, spearheaded by progress in Boolean satisfiability (SAT), appear to provide a means for the efficient solution of computationally hard problems [Var14]. Contemporary SAT solvers routinely dispatch instances in millions of clauses [MZ09], and are effectively employed as oracles in more complex settings [MVC16]. The state-of-the-art procedure is based on a propositional proof system called resolution, operating on conjunctive normal form (CNF) instances using a technique known as conflict-driven clause learning (CDCL) [SS96]. Besides furthering the intense study of resolution and its fragments [Bus12], the evident success has inevitably pushed research frontiers beyond the -completeness of Boolean satisfiability.

Beyond propositional satisfiability

A case in point is the logic of quantified Boolean formulas (QBF), a theoretically important class that forms the prototypical -complete language [SM73]. QBF extends propositional logic with existential and universal quantification, and consequently offers succinct encodings of concrete problems from conformant planning [Rin07, EKLP17, CFG13], ontological reasoning [KPS09], and formal verification [BM08], amongst other areas [DHK05, BKS14, SB07]. There is a large body of work on practical QBF solving, and the relative complexities of the associated resolution-type proof systems are well understood [BWJ14, BCJ15, JM15].

The semantics of QBF has a neat interpretation as a two-player evaluation game. Given a QBF , the - and -players take turns to assign the existential and universal variables of the formula following the order of the quantifier prefix . When all variables are assigned, the -player wins if the propositional formula is satisfied; otherwise, the -player takes the win. A folklore result states that a QBF is false if and only if the -player can win the evaluation game by force; that is, if and only if there exists a winning strategy for the universal player. The concept of strategy extraction originates from QBF solving [GGB11], whereby a winning strategy ‘extracted’ from the proof certifies the truth or falsity of the instance. In practice it is not merely the truth value of the QBF that is required – for real-world applications, certificates provide further useful information [SB07].

A major paradigm in QBF practice is quantified conflict-driven clause learning (QCDCL) [GMN09], a natural extension of CDCL. The vast majority of QBF solvers build upon existing SAT techniques in a similar fashion. Such a notion can hardly be surprising when one considers that an existentially quantified QBF is merely a propositional formula. The novel challenge for the QBF practitioner, therefore, and the real test of a solver’s strength, is in the handling of universal quantification.

Proof-theoretic analysis of associated QBF proof systems makes this notion abundantly clear. Consider QU-Resolution () [KKF95, Gel12], a well-studied QBF proof system closely related to QCDCL solving.111The calculus , proposed by Van Gelder in [Gel12], generalises , introduced by Kleine Büning et al. in [KKF95], by allowing resolution over universally quantified pivots. That calculus simply extends propositional resolution with a universal reduction rule, which allows universal literals to be deleted from clauses under certain conditions. On existentially quantified QBFs, therefore, is identical to resolution, and proof-size lower bounds for the latter lift immediately to the former. From the viewpoint of quantified logic, lower bounds obtained in this way are rightly considered non-genuine; they belong in the realm of propositional proof complexity, and tell us nothing about the relative strengths of resolution-based QBF solvers.

Universal reduction is applicable to many suitable propositional proof systems , giving rise to a general model for QBF systems in the shape of [BBC16], which adds to the propositional rules of the universal reduction rule ‘’. As a consequence, the phenomenon of genuineness extends well beyond resolution. In this paper, in addition to resolution we consider three stronger systems: Cutting Planes (), a well-studied calculus that works with linear inequalities; the algebraic system Polynomial Calculus (with Resolution, ); and Frege’s eponymous ‘textbook’ system for propositional logic. Their simulation order is depicted in Figure 1.

and are incomparable

-simulates and is exponentially separated from

Figure 1. The simulation order of the four QBF proof systems featured in this paper. A proof system -simulates the system if each -proof of a formula can be translated in polynomial time into an -proof of [CR79]. If neither nor p-simulates the other, then they are incomparable.

What is generally desired (and seemingly elusive) in the QBF community is the development of general techniques for genuine lower bounds.222Instead of using a more descriptive name such as ‘quantifier-alternation-exploiting lower bounds’ we refer throughout this work simply to ‘genuine lower bounds’ to preserve readability, hopefully without loss in clarity. The current work embraces maximal generality, and contributes a new technique for genuine QBF lower bounds in the general setting of .

When is a lower bound genuine?

Naturally, the aforementioned objections to non-genuine QBF lower bounds may be raised in the abstract setting of , as that system encompasses the propositional proof system . Indeed, given any unsatisfiable propositional formulas that require large proofs in , one can easily construct any number of contrived QBF families – even with arbitrarily many quantifier alternations – each of which require large proofs in , but whose hardness stems from the original propositional formulas. That such lower bounds ought to be identified as non-genuine was highlighted in [Che17] (cf. also [BHP17]).

A formal model for genuine QBF lower bounds was proposed in [BHP17]. The model essentially adds an oracle to the proof system, which allows any logically correct propositional inference to be derived in a single step. Propositional hardness is thus removed from the system. In the context of , the addition of an oracle essentially gives -derivations for free; any formula derivable in can be introduced immediately. If a lower bound persists despite the oracle, then the proof either requires many universal reduction steps, or requires reductions on large lines.

The model provides an adequate definition of a genuine lower bound, and we adopt a similar approach in this article. We work with semantic refutations, in which any logically correct inference or universal reduction step is allowed (Definition 3). The technique we introduce gives a lower bound on the size of a semantic refutation, i.e. a lower bound that still holds with an oracle. We therefore deal exclusively in genuine results.

Random formulas

In the design and testing of solvers, large sets of formulas are needed to make effective comparisons between implementations. While many formulas have been constructed by hand, often representing some combinatorial principle, it is of clear benefit to have a procedure to randomly generate such formulas. The search for a better understanding of when such formulas are likely to be true or false, and their likely hardness for solvers, brings us to the study of the proof complexity of random CNFs and QBFs.

In propositional proof complexity, random 3-SAT instances, the most commonly studied random CNFs, are relatively well understood. There is a constant such that if a random CNF on variables contains more than clauses, then the CNF is unsatisfiable with probability approaching 1 [FP83]; the upper bound for has regularly been improved (see [DKMP08], and references therein for previous upper bounds). Further, if the number of clauses is below , the CNF requires exponential-size resolution refutations with high probability [BP96]. Hardness results for random CNFs are also known for Polynomial Calculus [AR01, BI10] and for Cutting Planes [HP17, FPPR17].

In contrast, comparatively little is known about randomly generated QBFs. The addition of universally quantified variables raises questions as to what model should be used to generate such QBFs – care is needed to ensure a suitable balance between universal and existential variables.333If any clause contains only universal variables, then there is a constant-size refutation using only this clause. The best-studied model is that of (1,2)-QCNFs [CI05], for which bounds on the threshold number of clauses needed for a false QBF were shown in [CDER15]. However, to the best of our knowledge, nothing has yet been shown on the proof complexity of randomly generated QBFs. Proving such lower bounds constitutes the major application of our new technique.

1.2. Our contributions

The primary contribution of this work is the proposal of a novel and semantically-grounded technique for proving genuine QBF lower bounds in , representing a significant forward step in the understanding of reasons for hardness in the proof complexity of quantified Boolean formulas.

We exemplify the technique with a new family of hard QBFs, notable for their simplicity, which we strongly suggest should henceforth occupy a prominent place in QBF proof complexity. As our principal application we prove exponential lower-bounds in three concrete systems for a large class of randomly generated QBFs. This is the first time that genuine lower bounds have been shown en masse for randomly generated QBFs. Lastly, we note that our technique can be applied to give a simple proof of hardness for a family of well known QBFs from [KKF95].

In addition, we also determine exact conditions on a so-called base system by which is properly defined and receptive to our method. We detail our contributions below, beginning with a description of the framework, followed by the lower bound technique, and concluding with several applications.

1.2.1. The universal reduction formalism.

In order to present our contribution in total generality, we take the concept of (introduced in [BBC16] for a hierarchy of Frege systems) and formalise conditions on yielding a sound and complete QBF proof system (Theorem 4.2). We identify three natural properties that are sufficient: (a) The set of derivable axioms is semantically equivalent to the input formula; (b) The system exhibits logical correctness and implicational completeness; (c) The system is closed under restrictions. Any line-based propositional calculus possessing all three properties is referred to as a base system (Definition 8). Formalising the framework of base systems renders our technique applicable to the complete spectrum of systems. All the concrete propositional calculi considered in this work (i.e. those appearing in Figure 1) are demonstrably base systems. We note that static propositional proof systems (such as Nullstellensatz) cannot be upgraded to simply because they are not line-based.

1.2.2. A new technique for genuine QBF lower bounds

Our technique is based on careful construction and analysis of strategy extraction in [BBC16], a process by which a winning strategy for the universal player can be efficiently obtained from a refutation. Given a refutation of a QBF , round-based strategy extraction works by first restricting according to the -player’s move, then collecting the response for the -player from some line in , and iterating until the evaluation game concludes.

We define two measures called cost and capacity (Definitions 5.1 and 5.2). The cost of is defined such that any winning strategy contains at least responses to some universal block. Cost, therefore, is a natural semantically-grounded measure that provides a lower bound on the total number of extracted responses. The upper bound is given by the capacity of , a measure defined such that any response contributed from a given line in may be selected from a set of cardinality at most .

Putting the two measures together, we obtain our main result, the Size-Cost-Capacity Theorem (Theorem 5.3), which states that the size of is at least . We also show explicitly that Size-Cost-Capacity returns a lower bound on the size of a semantic refutation, which illustrates that all results obtained by application of our technique are genuine QBF lower bounds in the aforementioned sense.

For direct applications of Size-Cost-Capacity, we first supply upper bounds on the capacity of refutations in concrete proof systems. We prove that all and refutations have capacity equal to  (Propositions 5.2 and 4), whereupon cost alone gives an absolute proof-size lower bound (Corollaries 5.3 and 4). The case for the QBF version of Polynomial Calculus with Resolution () is much more challenging, and requires some linear algebra, owing to the underlying algebraic composition of Polynomial Calculus. Interestingly, it turns out that the capacity of a refutation in that system is no greater than its size (Proposition 5), thus proof size is at least the square root of cost (Corollary 6.2). Equipped with these corollaries, showing that the cost of a QBF is superpolynomial yields immediate proof-size lower bounds for all three systems simultaneously.

1.2.3. Applications of the technique

We demonstrate the effectiveness of our new technique on three applications.

A. The equality formulas: a non-trivial special case.

We introduce a new family of hard QBFs that we call the equality formulas (Definition 3.1), so called because the only winning strategy for the -player in the evaluation game is to copy exactly the moves of the -player. We first prove that the equality formulas have exponential cost (Proposition 5.1). Using Size-Cost-Capacity, we therefore prove that they require exponential-size refutations in , and . We also demonstrate that the formulas have linear-size refutations in (Proposition 6.3), which shows that proofs can have exponential capacity.

Closer inspection reveals that this lower bound is of a very specific type – it is a genuine QBF lower bound (the formulas are not harbouring propositional hardness) that does not derive from a circuit lower bound (the winning strategy is not hard to compute in an associated circuit class). In existing QBF literature, the only other example of such a family comes from the famous formulas of Kleine Büning et al. [KKF95] (cf. item C. below). Those formulas are significantly more complex, and exhibit unbounded quantifier alternation compared to the (bounded) prefix of the equality formulas.

Indeed, the equality formulas appear to capture rather well the role that high cost plays in round-based strategy extraction to enforce large refutations. For that reason, we include a direct proof of hardness for in Section 3. This intended as a primer, to illustrate by example the concept and method-of-proof behind our lower bound technique.

B. The first hard random QBFs.

For the major application of our technique, we define a class of random QBFs (Definition 7) and prove that they are hard with high probability in all three systems , and (Theorem 7). We generate instances that combine the overall structure of the equality formulas with the existing model of random QBFs [CI05] used in the competitive evaluation of solvers [Pul16, BLB10]. Thus, while at first glance these formulas may seem rather structured, they are simply a disjunction of QBFs generated using a minor variation on the (1,2)-QCNF model of [CI05].

Drawing on the existing literature [dlV01, CR92, CDER15], we show that suitable choices of parameters force our generated formulas to be false and have exponential cost with high probability (Lemma 7). Perhaps surprisingly, the cost lower bound is constructed by applying results on the unsatisfiability of random 2-SAT instances [dlV01] and the truth of random (1,2)-QCNFs [CDER15]. These results both concern only the truth value of the corresponding formulas, and taken individually seem unrelated to cost. However, by carefully choosing the number of clauses so as to allow the application of both results, we can construct a cost lower bound using a novel semantic argument.

Our contribution constitutes the first proof-size lower bounds for randomly generated formulas in the QBF proof complexity literature. We emphasize that these are genuine QBF lower bounds in the aforementioned sense; they are not merely hard random CNFs lifted to QBF.

C. New proofs of known lower bounds.

Our final application uses Size-Cost-Capacity to provide a new proof of the hardness of the prominent QBFs of Kleine Büning, Karpinski and Flögel [KKF95]. We consider a common modification of the formulas, denoted by , in which each universal variable is ‘doubled’. This modification is known to lift lower bounds in to lower bounds in [BWJ14], where we can apply Size-Cost-Capacity.

By rearranging the quantifier prefix to quantify all the additional universal variables in the penultimate quantifier block, we obtain a weaker formula with exponential cost (Proposition 8). An elementary reduction then shows that requires exponential size refutations (Corollary 8). As lower bounds on these modified formulas are shown to be equivalent to lower bounds on the original formulas, our technique even proves the original lower bounds from [KKF95] (cf. also [BCJ15]), and provides some insight as to the source of hardness.

1.3. Relation to previous work

It is fair to say that there is a scarcity of general methods for showing genuine lower bounds in systems like . In contrast, a number of techniques for propositional calculi have emerged from the intense study of resolution [Bus12, Seg07].

Researchers have of course attempted to lift these techniques to quantified logic, but with mixed success. The seminal size-width relations for resolution [BW01], which describe proof size in terms of proof width, are rendered ineffectual by universal quantification [BCMS18a]. The prover-delayer techniques of [BGL13, PI00] have been successfully lifted to QBF, but only apply to the weaker tree-like systems [BCS17]

, whereas solving techniques such as QCDCL are based on the stronger DAG-like versions. Feasible interpolation

[Kra97] is an established propositional technique that has been successfully adapted [BCMS17], but it is applicable only to a small class of hand-crafted QBFs of a rather specific syntactic form.

Strategy extraction for QBF lower bounds has been explored previously by exploiting connections to circuit complexity [BCJ15, BBC16, BP16]. In particular, [BBC16] established tight relations between circuit and proof complexity, lifting even strong circuit lower bounds for circuits [Raz87, Smo87] to QBF lower bounds for [BBC16], which is unparalleled in the propositional domain. In fact, for strong proof systems such as , this strategy extraction technique is sufficient to prove any genuine QBF lower bound, in the sense that any superpolynomial lower bound for arises either due to a lower bound for , or due to a lower bound for Boolean circuits [BP16]. However for weaker systems such as , this does not hold and there exist lower bounds which are neither a propositional lower bound nor a circuit lower bound [BHP17]. The reasons underlying such hardness results are at present not well understood. The development of techniques for, or a characterisation of, such lower bounds would be an important step in QBF proof complexity.

The major drawback of the existing approach of [BCJ15, BBC16, BP16], of course, is the rarity of superpolynomial lower bounds from circuit complexity [Vol99], especially for larger circuit classes to which the stronger QBF proof systems connect. With Size-Cost-Capacity we employ a much different approach to strategy extraction. Our technique is motivated by semantics and does not interface with circuit complexity whatsoever. Instead, lower bounds are determined directly from the semantic properties of the instance, and consequently we make advances out of the reach of previous techniques.

1.4. Organisation of the paper

We provide the relevant background in Section 2. In Section 3, we introduce the equality formulas and give the direct proof of hardness for , while providing an overview of round-based strategy extraction. Section 4 introduces our framework, including the formal definition of a base system and the proofs of soundness and completeness of . Our lower bound technique follows in Section 5, comprising definitions of cost and capacity and the proof of the Size-Cost-Capacity Theorem. Upper bounds on capacity for and are the subject of Section 6. Our major application to random QBFs is presented in Section 7. In Section 8 we apply Size-Cost-Capacity to the formulas of Kleine Büning et al. [KKF95]. We offer some concluding thoughts in Section 9.

2. Preliminaries

2.1. Quantified Boolean formulas

A conjunctive normal form (CNF) formula is a conjunction of clauses, each of which is a disjunction of literals, and a literal is a Boolean variable or its negation. We represent a CNF as a set of clauses, and a clause as a set of literals.

A quantified Boolean formula (QBF) in closed prenex form is typically denoted . In the quantifier prefix , the are pairwise-disjoint sets of Boolean variables (or blocks)444Whereas a block is a set, it is written explicitly in a prefix as a string of variables . each of which is quantified either existentially or universally by the associated quantifier , and consecutive blocks are oppositely quantified. The propositional part is a propositional formula all of whose variables are quantified in . A QCNF is a QBF whose propositional part is a CNF.

For a literal , we write iff or . By the variables of we mean the set . The set of existential variables of , denoted , is the union of those whose associated quantifier is , and we define the universal variables of similarly. The prefix defines a binary relation on the variables of , such that holds iff , and , in which case we say that is left of ( is right of ) with respect to . For two variable sets , we write iff each variable in is left of each variable in with respect to .

A literal is a Boolean variable or its negation , and we write . A total assignment to a set of Boolean variables is a function , typically represented as a set of literals in which the literal (resp. ) represents the assignment (resp. ). The set of all total assignments to is denoted . A partial assignment to is a total assignment to a subset of . The projection of to a set of Boolean variables is the assignment .

The restriction of by an assignment is , where is obtained from by removing each variable in (and any redundant quantifiers), and is the restriction of by . Restriction of propositional formulas is defined by the conventional inductive semantics of propositional logic; that is, is obtained from by substituting each occurrence of a variable in by its associated truth value, and simplifying the resulting formula in the usual way.

2.2. QBF semantics

Semantics are neatly described in terms of strategies in the two-player evaluation game. The game takes place over rounds, during which the variables of a QBF are assigned strictly in the linear order of the prefix .555An arbitrary QBF can be written in this form by allowing and to be empty. In the round, the existential player selects an assignment to and the universal player responds with an assignment to . At the conclusion the players have constructed a total assignment . The existential player wins iff ; the universal player wins iff .

A strategy for the universal player details exactly how she should respond to all possible moves of the existential player. Formally, a -strategy for is a function that satisfies the following for each and each : if and agree on , then and agree on .666Two assignments agree on a set if and only if their projections to that set are identical. We say that is winning iff for each .

Existential strategies are defined dually. Given a QBF , an -strategy for is a function that satisfies the following for each and each : if and agree on , then and agree on . We say that is winning iff for each .

[folklore] A QBF is false if and only if it has a winning -strategy, and is true if and only if it has winning -strategy.

2.3. QBF resolution

Resolution is a well-studied refutational proof system for propositional CNF formulas with a single inference rule: the resolvent may be derived from clauses and . Resolution is refutationally sound and complete: that is, the empty clause can be derived from a CNF iff it is unsatisfiable. Resolution becomes implicationally complete with the addition of the weakening rule, which allows literals to be added to clauses arbitrarily.

QU-Resolution () [KKF95, Gel12] is a resolution-based proof system for false QCNFs. The calculus supplements resolution with a universal reduction rule which allows (literals in) universal variables to be removed from a clause provided that they are right of all existentials in with respect to . Tautological clauses are explicitly forbidden; for any variable , one may not derive a clause containing both and . The rules of are given in Figure 2. Note that we choose to include weakening of clauses as a valid inference rule, to emphasize the implicational completeness of the underlying propositional system.

A derivation of a clause from a QCNF is a sequence of clauses in which (a) each is either introduced as an axiom (i.e. ) or is derived from previous clauses in the sequence using resolution or universal reduction, and (b) the conclusion is the unique clause that is not an antecedent in the application of one of these inference rules. A refutation of is a derivation of the empty clause from .

Axiom: is a clause in the matrix . Weakening: Each variable appearing in is in . The consequent is non-tautologous. Resolution: The resolvent is non-tautologous. Universal reduction: contains only universal literals. Each variable in is right of each existential variable in , with respect to .
Figure 2. The rules of QU-Resolution. The input is a QCNF whose propositional part contains no tautological clauses.

3. A direct proof of hardness for the equality formulas

In this section, we introduce the equality formulas and give a direct proof of their hardness in the well-known QBF proof system . The material in this section is intended to illuminate, by means of an accessible example, the paradigm of round-based strategy extraction, and our exploitation of it as a new lower-bound technique.

3.1. The equality formulas.

The salient feature of the equality formulas, defined below, is that each instance has a unique winning strategy, and the cardinality of its range is exactly .

[equality formulas] For , the equality formula is

Note that the propositional part of is the CNF consisting of the long clause and each pair of clauses for .

The equality formulas are false, and it is clear that there is only one winning strategy for the universal player; namely, she must assign each the same value as the corresponding . Proceeding this way, she forces all unit clauses to be present on the board with only the final block left to play. Then the existential player must lose, since satisfying all such unit clauses entails falsifying the long clause . This is indeed the only way to win, since any other reply from the universal player would drop at least one unit clause, allowing her opponent to satisfy the long clause.

The upshot is that the existential player can force his opponent to play any one of the total assignments to the universal variables. It follows that the range of the unique winning -strategy for is exactly the set . The fact that this set has exponential cardinality is a key feature that we exploit in our lower bound proof.

3.2. Overview of round-based strategy extraction.

Strategy extraction is an important QBF paradigm that was motivated by solving certification (cf. [NPPT09, GGB11]), and subsequently received much attention in the literature [BJ12, PSS16, ELW13, BBC16]. In this paper, we follow the algorithm given in [GGB11], which for the sake of clarity we refer to as round-based strategy extraction.

Given a refutation of a QCNF , round-based strategy extraction is an iterative procedure that computes a winning -strategy. During the course of the game, the -player maintains a restriction of the refutation, from which her winning responses may be determined. In each round she performs two operations:

  • [labelwidth=10cm]

  • restrict the current refutation by the -player’s move ;

  • ‘read off’ a response from the current refutation, then restrict by .

These operations are repeated round by round until the game concludes. At termination, we obtain a refutation of the input formula under a total assignment. Since is sound, the assignment must falsify the propositional part of the formula. Hence, the correctness of the procedure rests on the fact that restrictions by and preserve the refutation. This is detailed below over Propositions 3.2 and 3.2.

To streamline the material, we work with a normal form of derivation in which universal reduction has stronger side conditions: one must remove all the universal literals from the rightmost universal block appearing in the clause. Formally, one may derive from by universal reduction provided that and is a subset of some universal block in , where is the prefix of the input QBF.

It is easy to see that derivations can be placed in such a normal form with no increase in size. To do so, one first applies as large a universal reduction as possible to every clause, yielding a new refutation in which each clause is a subset of the corresponding one from the original refutation. One then takes the first occurrence of the empty clause as the conclusion, and keeps only the subderivation of this conclusion, discarding all other clauses (as well as any duplicates), which are rendered redundant.

For the rest of this section, we assume derivations to be in this normal form. It is easy to see that normal refutations need at most one universal reduction on the leftmost block, since the consequent of such a reduction must be the empty clause.

Restriction by the -player’s move.

Informally, the restriction of a refutation by an arbitrary assignment (denoted ) is obtained simply by restricting the axiom clauses by , discarding any that are satisfied, and carrying out the steps of the orignal refutation wherever possible. Under a formal definition of restriction, it is easy to prove that existential restrictions preserve refutations.

Let be a refutation of a QCNF , and let be a partial assignment to the existential variables of . Then is a refutation of .

It follows immediately that restriction by the -player’s move preserves the current refutation.

Restriction by the -player’s response.

Arbitrary universal restrictions do not preserve refutations, as it is possible that a universal assignment satisfies the antecedent of a universal reduction step, but not the consequent. However, a universal restriction does indeed preserve a refutation provided it does not satisfy any reduced literals. If the first block of is universal, then we have at most one universal reduction on , since the refutation finishes after this step. Therefore, restriction by a total assignment to need only be consistent with the literals reduced in this step (if it exists) in order to preserve the refutation. For non-trivial refutations, all of these reduced literals appear in the penultimate clause.

Let be a non-trivial refutation of a QCNF whose first block is universal, let , and let be the set of -literals appearing in the penultimate clause of . If , then is a refutation of .

Hence, if the current refutation is non-trivial, the -player may read off the -literals from the penultimate clause, negate them, and extend them arbitrarily to an assignment . Preservation of the current refutation under restriction by is guaranteed by Proposition 3.2. If the current refutation is trivial, an arbitrary is clearly sufficient.

3.3. Direct proof of hardness.

Propositions 3.2 and 3.2 form the basis of a lower-bound proof for the equality formulas, via the following lemma.

Let , let be a refutation of , and let be a total assignment to the universal variables of . Then there exists a clause in that contains as a subset.

Proof.

Let , let , and let be the total assignment to defined by

Observe that, by the nature of the equality formulas, is the unique total assignment to under which is false. Moreover, is non-trivial, since the propositional part of does not contain the empty clause. Let be the set of -literals appearing in the penultimate clause of , and let . Now, if , then is false, by Proposition 3.2 and the soundness of . Therefore, if extends , then . It follows that , or equivalently, The lemma follows since any clause in is a subset of some clause in , by definition of restriction of clauses. ∎

Since disallows tautological clauses, the lower bound is an easy consequence of the preceding lemma.

Let , and let be a refutation of . Then .

Proof.

Aiming for contradiction, suppose that . Observe that there are exactly total assignments to . Then, by Lemma 3.3, there exist distinct total assignments and a clause in such that and are both subsets of . Since and are distinct, there is some literal satisfying and . But then is a tautological clause, and does not appear in any derivation. ∎

In a nutshell, Theorem 3.3 was proved by equating the minimum refutation size with the cardinality of the range of a winning -strategy for . Our argument here was aided by two facts: has a unique winning -strategy and contains a single universal block. Of course, neither fact holds for QBFs in general. Nonetheless, in the sequel we generalise the method to prove an absolute proof-size lower bound for any instance in .

4. Our framework

In this section, we develop a framework for Size-Cost-Capacity centred on a precise description of the formalism. In Subsection 4.1, we first describe what we mean by a ‘line-based’ propositional proof system , and then introduce the notion of a ‘base system’ - a line-based system satisfying some natural conditions. In Subsection 4.2 we define with respect to a line-based system , and prove that it is sound and complete if is a base system.

4.1. Propositional base systems

We associate the basic concept of a line-based propositional proof system with the following two features:

  • A set of lines , containing at least the two lines and that represent trivial truth and trivial falsity, respectively.

  • A set of inference rules and an axiom function that maps each propositional formula to a set of axioms . The axiom function should be polynomial-time computable, and the validity of applications of inference rules should be polynomial-time checkable.

Following convention, a -derivation from a propositional formula is a sequence of lines from , in which each line is either an axiom from the set , or may be derived from previous lines using an inference rule in . The final line is called the conclusion of , and is a refutation iff .

In order to facilitate the restriction of -derivations, we require two further features:

  • A variables function that maps each line to a finite set of Boolean variables , satisfying . Additionally, for each line in a -derivation from .777Note that this does not exclude extended Frege systems (), whose lines can be represented as Boolean circuits as in [Jeř05, p. 71].

  • A restriction operator (denoted by square brackets) that takes each line , under restriction by any partial assignment to , to a line . If is a total assignment, then is either or . Restriction of by an arbitrary Boolean assignment is defined as the restriction of by the projection of to .

It should be clear that the purpose of the restriction operator is to encompass the natural semantics of . For that reason, we made the natural stipulation that restriction by a total assignment to the variables of a line yields either trivial truth or trivial falsity. We may therefore associate with any line the Boolean function on that computes the propositional models of , with respect to the semantics of the restriction operator for . [associated Boolean function] Let be a line-based propositional proof system and let . The associated Boolean function for is , defined by

It is useful to define the usual notion of semantic entailment on the lines of . Given two lines , we say that semantically entails if

and and are said to be semantically equivalent (written ) if they semantically entail one another. We say that a finite set of lines semantically entails if

Beyond the notion of line-based, we identify three natural properties. The first of these guarantees that the propositional models of the axioms are exactly those of the input formula, and the second guarantees soundness and completeness in the classical sense of propositional logic.888The (proof-complexity-theoretic) concepts of soundness and completeness for arbitrary proof systems in the sense of Cook and Reckhow are weaker than their counterparts in propositional logic. The third property ensures that the restriction operator behaves sensibly; that is, the propositional models of the restricted line are computed by the restriction of the associated Boolean function. We introduce the term base system for those possessing all three. [base system] A base system is a line-based propositional proof system satisfying the following three properties:

  • Axiomatic equivalence. For each propositional formula and each , iff each satisfies .

  • Inferential equivalence. For each finite set of lines and each line , can be derived from iff semantically entails .

  • Restrictive closure. For each and each partial assignment to , the Boolean functions and are identical.

As a first example, we note that resolution (with weakening, and excluding tautological clauses) forms a base system. The axiomatic equivalence is trivial, as is inferential equivalence, which follows directly from implicational completeness999Formally, one should introduce a special clause that can be derived from the empty set of clauses. and logical correctness. Taking the conventional definitions of the variable function and restriction operator, the restrictive closure of resolution is readily verified. This is to be expected of course, since the restriction of clauses is based on a standard definition of semantics in propositional logic.

4.2. The formalism

Universal reduction is a widely used rule of inference in QBF proof systems, by which universal variables may be assigned under certain conditions. More precisely, a line may be restricted by a partial assignment to a universal block provided it is rightmost in , with respect to the prefix of the input QBF; that is, is right of every block in whose intersection with is non-empty. We state the rule formally in Figure 3. By restrictive closure, the restriction of a line by an assignment to results in the exclusion of from the domain of the associated Boolean function. Universal reduction should therefore be viewed as a sound method for deleting universal variables.

is a partial assignment to a universal block of . contains no variables right of , with respect to .
Figure 3. The universal reduction rule, where is the input QBF.

The purpose of universal reduction is to lift a propositional proof system to a QBF system , as in the following definition.

[ [BBC16]] Let be a line-based propositional proof system. Then is the system consisting of the inference rules of in addition to universal reduction, in which references to the input formula in the rules of are interpreted as references to the propositional part of the input QBF .

We lift some notation from to as follows. We denote the lines available in (syntactically equivalent to the lines available in ) by , where is the prefix of the input QBF. For , we write and for the subsets of consisting of the existentially and universally quantified variables, respectively.

Soundness and completeness of is not guaranteed for an arbitrary line-based system , but it is guaranteed if is a base system. The following lemma establishes completeness.

Let be a base system. Every false QBF has a refutation.

Proof.

Let be a false QBF with universal variables , and let be a winning -strategy for . For each , let be the set of existential variables left of in .

For each , let be the Boolean function with domain that maps to iff, for each , the assignment of matches that of the strategy on the assignment to . Formally, iff for every extension of to , where and are the existential and universal subassignments of . Intuitively, maps to iff the universal player plays according to the strategy up to the variable . Also, let be the trivial Boolean function that maps the empty assignment to .

It is an immediate consequence of the axiomatic equivalence of that, for any Boolean function , there exists a set of lines in whose conjunction has as its associated Boolean function. (, where is a propositional formula representing , is one such set.) In particular, for each , there exists a set of lines whose conjunction has as its associated Boolean function. Observe that essentially encodes the statement that the universal player does not play according to the strategy up to the variable .

By backwards induction on , we show that can derive each set . At the final step , we hence prove the lemma, since is the identically zero Boolean function on an empty set of variables, which implies that is semantically equivalent to .

For the base case, observe that semantically entails , since encodes the statement that the universal player does not play according the whole strategy . Therefore in a derivation from one may derive each line in , by the axiomatic equivalence and inferential equivalence of .

For the inductive step, let . Since is the rightmost variable appearing in , by universal reduction one may derive both sets of lines

It is readily verified that the union of and semantically entails , which may then be derived by the inferential equivalence of . This completes the inductive step, and the proof. ∎

Soundness of the can in fact be proved for a relaxed definition of refutation in which any logically correct propositional inference is allowed, and lines introduced by universal reduction need only be semantically equivalent to the consequent from the original definition (Figure 3). A sequence satisfying these relaxed conditions we call a semantic refutation.

[semantic refutation] Let be a base system. A semantic refutation of a QBF is a sequence of lines from , in which and each satisfies at least one of the following:

  • Axiom.

  • Semantic consequence. semantically entails .

  • Semantic universal reduction. , where , and is a partial assignment to a universal block of that is rightmost in .

Semantic refutations feature in the following section, where they are used to show that the Size-Cost-Capacity Theorem returns a genuine refutation-size lower bound. We introduce them at this point because the soundness of semantic refutations, proved in the following lemma, is used in the proof of that theorem.

Let be a base system. If a QBF has a semantic refutation, then it is false.

Proof.

Let be a semantic refutation of a QBF . Aiming for contradiction suppose that is true, and let be a winning -strategy for . For each line , we say that models if for each . By induction on , we show that models . At the final step , we therefore reach a contradiction since cannot be modelled by any -strategy.

Since is in , the base case follows immediately from the axiomatic equivalence of . For the inductive step, let and suppose that models each . The case where is an axiom is identical to the base case. If was derived by semantic consequence, then semantically entails , and it is easy to see that models .

It remains to consider the case where was derived by semantic universal reduction. Then , where , and is a partial assignment to a universal block of that is rightmost in . Let , and let be the assignment obtained from by overwriting the assignments to with those of ; that is,

By the inductive hypothesis, . Since , we must have , by the restrictive closure of . Therefore . As and agree on all universal blocks left of with respect to , and agree on all existential blocks left of , by definition of -strategy. Then, as is rightmost in , and agree on . Therefore . Thus models , completing the inductive step and the proof. ∎

We arrive at the following result.

If is a base system, then is a sound and complete QBF proof system.

Proof.

Immediate from Lemmata 4.2 and 4.2, and the fact that any refutation is also a semantic refutation. ∎

5. The Size-Cost-Capacity Theorem

In this section, we define the measures ‘cost’ (Subsection 5.1) and ‘capacity’ (Subsection 5.2), then state and prove our central result, the Size-Cost-Capacity Theorem (Subsection 5.3). In Subsection 5.3, we also formalise strategy extraction in and prove its correctness. Throughout this section we assume that is a base system.

5.1. Cost

Recall that in Section 3 we proved the hardness of the equality formulas in by appealing to the minimum cardinality of the range of a winning strategy. For , the minimum cardinality is easy to compute because the winning strategy per instance is unique, and must contain all possible responses for the single universal block.

In order to generalise that proof method to arbitrary instances in , we require a more sophisticated measure that accounts for the multiple responses collected during round-based strategy extraction in general. Fit for this purpose, we define a measure called cost. The cost of a false QBF is the minimum, over all winning strategies, of the largest number of responses for a single universal block.

[cost] Let be a false QBF. Further, for each winning -strategy for and each , let be the function that maps each to the projection of to , and let . The cost of is

The cost of is simple to compute. There is only one winning strategy and only one universal block exhibiting responses; hence . The cost of the equality formula is .

5.2. Capacity

The principal notion of strategy extraction is that the -player’s response (for any given round) can be read off from a suitable restriction of the refutation; as we described in Section 3, in the response can be determined from the penultimate clause. In the general setting of , we seek a method of determining the response that does not depend upon the particulars of . We introduce the concept of a response map for this purpose.

For base system and a line in , the rightmost block of is the rightmost block of for which contains a variable in .

[response map] Let be a base system, let be a line in whose rightmost block is universal, and let . A response map for with respect to is a function satisfying the following for each :

If is not a tautology, then falsifies .

We call a line reducible if its rightmost block is universally quantified.

[response map set] Given a semantic refutation of a QBF whose reducible lines are , a response map set for is a set in which each is a response map for with respect to .

We can illustrate Definitions 5.2 and 5.2 with an example. Let be a QBF, and let be a refutation of whose reducible clauses are . Consider some particular reducible clause in whose rightmost block is , and let . Further, let be any total assignment to that falsifies the -literals of . The function mapping each to is a response map for , and is a response map set for . To see this, it is sufficient to observe that, for , if satisfies , then is a tautology; otherwise, falsifies .

This example demonstrates that the lines in resolution – clauses – admit very simple response maps that are, in fact, constant functions. Indeed, given a refutation we can construct a response map set which needs only one response per reducible line. In the sequel, given a refutation we shall be interested in response map sets needing the fewest responses; formally, response maps whose ranges have minimal cardinality. This minimal cardinality is determined by the capacity of a refutation.

[capacity] Let be a refutation of a QCNF . The capacity of a response map set for is . The capacity of is the minimal capacity of any response map set for .

Intuitively, this definition ensures that, given any refutation , there is some response map set for in which each line uses at most responses. Since refutations have response map sets in which each line uses exactly one response, the capacity of any refutation is .

Every refutation has capacity equal to .

Proof.

Let be a refutation. The response map given in Example 5.2 satisfies for each . The capacity of any response map is at least ; hence . ∎

5.3. Strategy extraction and Size-Cost-Capacity

We begin this subsection with a definition of strategy extraction for . Given a semantic refutation and response map for it, we may obtain a winning -strategy by round-by-round restriction of the refutation, whereby the universal response for a given round is obtained by querying the response map on the first suitable reducible line.

[round-based strategy extraction] Let be a semantic refutation of a QBF with reducible lines and response map set . Further, for each and :

  • let be the empty assignment;

  • let be the projection of to ;

  • let be the first line in such that and is non-tautological;

  • if is some , then let , otherwise let , where is the minimal index for which is the rightmost block of .

  • let .

The extracted strategy for with respect to is

It is clear that the extracted strategy is well-defined, since each exists; in particular, for any and , and is non-tautological, where is the final line in . (Moreover, each natural number exists, since we can assume without loss of generality that each universal variable appears in some axiom of the refutation.) To assist the proof that the extracted strategy is indeed winning, we first prove two useful propositions which demonstrate that semantic