Interactive Theorem Proving in Lean

Lecture 5: Prime versus irreducible elements

GRACE Spring School, Clervaux (Luxembourg). June 1-5, 2026.
Florent Schaffhauser, Heidelberg University.

Recap from Lecture 4

• It is useful to learn to distinguish property from data, in order for instance to identify which -types are subtypes.
• In practice, it is convenient to implement algebraic structures such as groups and rings as record types (structures, in Lean). This automatically gives us access to the various fields of the structure (meaning, the arguments of the constructor) via the appropriate projections.
• Given a structure α and a structure β extending α, we can use the projection β.toα : β → α as a coercion from β to α. Thanks to a type-class inference mechanism, functions defined on α then become automatically applicable on terms of type β. Similarly, if a structure has a field carrier (or similar) that is a type, we can use the projection α.carrier : α → Type

Plan for Lecture 5

• In this lecture, we give an example of a mini-formalization project.

• We want to be able to state and prove in Lean that, in an integral ring, prime elements are irreducible.

• The two major steps in such a project are:

  1. To build or import a library of notions such as integral ring, prime elements, etc.
  2. To write pen-and-paper proofs in a way that shortens the distance to the implementation of those proofs.

• You will be provided with a file that takes care of Step i and we will now go over Step ii together.

The statement

Theorem. Let be an integral ring and let be an element of such that . Then the following property holds:

• As an example, think of etc.
• For the formalisation, it is more convenient to work in a commutative monoid , in which the following cancellation property hold:

• Then we can just apply the final result to the cancellative monoid and this avoids having to string along the condition everywhere in the proof.

Cancellative monoids

In our project, cancellative commutative monoids will be defined as follows, extending the monoid structure introduced in the previous lecture.

def Op.isCommutative {X : Type} (μ : Op X) : Prop :=
  ∀ x y : X, μ x y = μ y x

structure CommMonoid extends Monoid where
  comm : op.isCommutative

def Op.isLeftCancellative {X : Type} (μ : Op X) : Prop :=
  ∀ x y z : X, μ x y = μ x z → y = z

structure LeftCancelMonoid extends Monoid where
  left_cancel : op.isLeftCancellative

structure CancelCommMonoid extends CommMonoid, LeftCancelMonoid

Divisibility

Let be a monoid, we denote by the neutral element of .

instance instNeutralMonoid (M : Monoid) : Neutral M.carrier where
  element := M.neutral_elt

notation "e" => Neutral.element

Let now be a commutative monoid. We say that divides in if there exists a such that .

instance instDvd {M : CommMonoid} : Dvd M.carrier where
  dvd := fun (a b : M) ↦ ∃ c : M, b = a ★ c

Units

The relation a divides b will be denoted by a ∣ b (obtained by \|+SPC or +TAB). We say that an element is a unit if divides the neutral element (i.e. ).

def isUnit {M : CommMonoid} (a : M) : Prop := 
  a ∣ e

The property for to be a unit in will be denoted by . Note that this defines a predicate isUnit : CommMonoid → Prop.

Prime elements

Let be a commutative monoid and let be an element of . We say that is prime if:

1. is not a unit.
2. satisfies the following property ("Euclid's lemma").

In Lean, we choose to represent this as a record (hence the use of the structure keyword).

structure isPrime {M : CommMonoid} (p : M) where
  not_unit : ¬isUnit p
  Euclid   : ∀ a b : M, p ∣ (a ★ b) → (p ∣ a) ∨ (p ∣ b)

Note that isPrime p : Prop but we implement it as a structure rather than as the proposition ¬isUnit p ∧ (∀ a b : M, p ∣ (a ★ b) → (p ∣ a) ∨ (p ∣ b)).

Irreducible elements

Let be a commutative monoid and let be an element of . We say that is irreducible if:

1. is not a unit.
2. satisfies the following property.

Again we choose to represent this as a structure.

structure isIrred {M : CommMonoid} (p : M) where
  not_unit    : ¬isUnit p
  unit_factor : ∀ a b : M, p = (a ★ b) → isUnit a ∨ isUnit b

And again isIrred p : Prop but we implement it as a structure rather than as the proposition ¬isUnit p ∧ (∀ a b : M, p = (a ★ b) → isUnit a ∨ isUnit b).

Prime implies irreducible

• Let be a cancellation and let be an element in . Our goal is to prove that if is prime, then is irreducible.

• Let us assume that is prime. From that we extract that is not a unit and that Euclid's lemma holds for .

• To prove that is irreducible, we must prove that is not a unit and that, for all , if then is a unit or is unit (and we have to say which one).

  • First, we prove that is not a unit. It follows from our assumption that is prime.
  • Now we take such that and we have to prove that is a unit or is a unit.

Subcases

• Since , we have . So, by Euclid's lemma applied to , we have (a proof that) .

• We can pattern match on the (proof of the) latter and consider the following two cases:

  1. .
  2. .

• In the first case, we will show that (Lemma 1 in the file).

• In the second case, we will show that (Lemma 2 in the file).

Proof of Lemma 1

• We want to show that, in a cancellative monoid, if and , then is a unit.
• From () ) we can extract an element and a proof that . By substituting into the equality , we get .
• Since , by left-cancellation, we get , which exactly means that i.e. that is a unit.
• Note that we have not used the commutativity property.

Proof of Lemma 2 and proof of the the theorem

• The proof of Lemma 2 is similar, except that you will have to use the commutativity property.
• It is strongly advised to write an informal proof on paper before writing the formal proof.
• Or you can start by formalising the proof of Lemma 1.
• Once you are done with the lemmas, you can write the proof of Theorem PrimeImpliesIrreducible (or you can start with that, leaving Lemma1 and Lemma2 sorried and using them as is in the proof of the theorem).

How about a converse to the main result?

To prove a converse statement, you will need to assume that any two elements and in admit a GCD, i.e. that for all , there exists a such that the following properties hold:

1. .
2. .
3. .

This is a nice formalization project, in which you first have to introduce a proposition isGCD a b d : Prop, parameterized by three elements a b d : M. Morally this is just the conjunction of the three properties above, but declaring it as a structure is much better, since you avoid having to deal with the associativity properties of ∧.

The project file

• Here is the file in which you can find all the required notions to formalise the result in a minimal way!

• Go to the end of it and backtrack as needed. For the proof itself, is recommended to follow the approach sketched in these slides.

• Thank you for your attention, questions and hard work during the course and have fun writing formal proofs! 🥳

  

Proof term for Lemma 1

• As a last remark, note that even in rather sophisticated contexts like the present one, it should still be possible to write clean proof terms that do not use Lean's tactics language.

• For instance, here is the proof for Lemma 1.

  theorem Lemma1 {M : CancelCommMonoid} {p a b : M} : p = a ★ b → p ∣ a → isUnit b := 
    fun eq div => match div with
    | ⟨d, hd⟩ => Exists.intro d 
      <| left_cancel M a _ _ 
        <| (right_neutral a).symm ▸ assoc _ _ _ ▸ eq ▸ hd
  

• You can compare it to the tactic proof in the solutions file to the project!