The Coq mailing list

[<stolz+coq AT ifi.uio.no>]

[My programmer instinct made me ask first on
http://stackoverflow.com/q/19479716/60462 -- apologies for missing out on the
coq-club so far!]

I have defined a simple structure:

Require Import Ensembles.

Record ConfigStructure {T:Type} : Type := mkCS {
  E: Ensemble T;
  C: Ensemble (Ensemble T);
  CS_wf : forall x y, In _ C x -> In _ x y -> In _ E y;
  rooted := In (Ensemble T) C (Empty_set T)
}.

CS_wf enforces a semantic well-formedness property upon construction, based on
the two arguments. Now later, I need to compare two records for equality --
what do I with the proof-component?

I started out with the following---I guess the two well-formedness should also
occur on the lhs?

Lemma CS_split: forall T e1 c1 wf1 e2 c2 wf2,
e1 = e2 /\ c1 = c2 -> mkCS T e1 c1 wf1 = mkCS T e2 c2 wf2.
Proof.
intros.
destruct H as [He Hc].
destruct He; destruct Hc.
f_equal.
Abort.

which takes me up to:

T : Type
e1 : Ensemble T
c1 : Ensemble (Ensemble T)
wf1 : forall (x : Ensemble T) (y : T),
      In (Ensemble T) c1 x -> In T x y -> In T e1 y
wf2 : forall (x : Ensemble T) (y : T),
      In (Ensemble T) c1 x -> In T x y -> In T e1 y
============================
 wf1 = wf2

I guess proof irrelevance also comes into play?

Grateful for any advice,
   Volker