Inversion Lemma:  The translation rules are invertible.

Lemma 1:  For all terms t, there is exactly one e such that trans t e.
Proof:  By induction on the structure of the term t.

Example case t = (t1 t2):
(1) there is exactly 1 e1 such that trans t1 e1.   (by IH)
(2) there is exactly 1 e2 such that trans t2 e2.   (by IH)

By 1 and 2 and the rule for translating application:
trans (t1 t2) (e1 e2) is a valid judgement 
Moreover, there are no other terms e such that trans (t1 t2) e since
inspection of the rules shows that only the application rule can
translate (t1 t2) into anything.

Other cases are similar.
End Proof

Lemma 1a:  For all values v, there is exactly one value w such that trans v w.
Proof:  By inspection of the translation rules and appeal to lemma 1 when
considering the case that v is a function \lambda x.e.

Lemma 2:  If e1 -->* e1' then e1 e2 -->* e1' e2.
Proof:  By induction on the derivation of e1 -->* e1'.

case:

---------- (reflex)
e1 -->* e1

Note:  e1' is e1 in this case

e1 e2 -->* e1' e2     (by the reflex rule)


case:

(1) e1 --> e1''    (2) e1'' -->* e1'
------------------------------------ (transitivity)
e1 -->* e1'

(3) e1 e2 --> e1'' e2            (by 1 and rule for evaluation of application)
(4) e1'' e2  -->* e1' e2         (by 2 and IH)
(5) e1 e2  -->* e1' e2           (by 3, 4 and rule transitivity)

End Proof


Lemma 3:  If e2 -->* e2' then v e2 -->* v e2'.
Proof:  By induction on the derivation of e1 -->* e1'.  
(proof is very similar to proof of lemma 2)


Lemma 4:  If trans t e and trans v w then trans t[v/y] e[w/y]
Proof:  By induction on the derivation of trans t e.

case:

---------
trans x x

subcase for x = y:

  In this case, we must prove:

  trans x[v/x] x[w/x]

  which, by the definition of substitution, is the same as proving:

  trans v w

  which is true by assumption in the lemma.

subcase for x not= y:

  In this case, we must prove:

  trans x[v/y] x[w/y]

  which, by the definition of substitution, is the same as proving:

  trans x x

  which is true by the rule for translating variables.

End case

case

(1) trans t1 e1     (2) trans t2 e2
------------------------------------
trans (t1 t2) (e1 e2)

  In this case, we must prove:

  trans (t1 t2)[v/y] (e1 e2)[w/y]

  which, by the definition of substitution, is the same as proving:

  trans (t1[v/y] t2[v/y]) (e1[w/y] e2[w/y])

  Now to prove it:

  (3) trans (t1[v/y]) (e1[w/y])          (by 1 and IH)
  (4) trans (t2[v/y]) (e2[w/y])          (by 2 and IH)
  (5) trans (t1[v/y] t2[v/y]) (e1[w/y] e2[w/y])   (by 3, 4 and trans rule for application)

  (5 is what we needed to prove)

End Case

(Other cases are similar)

End Proof.

Theorem:
if trans t e and t --> t' 
then trans t' e' and e -->* e'.

Proof:  By induction on the derivation of t --> t'.

case: 

(1) t1 --> t1'
----------------
t1 t2 --> t1' t2

Note: 
-- the t in the theorem statement is (t1 t2)
-- the t' in the theorem statement is (t1' t2)
-- the e in the theorem statement is (e1 e2)

(2) trans (t1 t2) (e1 e2)           (by assumption in theorem 
                                      and inversion lemma)
(3) trans t1 e1                     (by 2 and inversion lemma)
(4) trans t2 e2                     (by 2 and inversion lemma)
(5) trans t1' e1'                   (by lemma 1)
(6) e1 -->* e1'                     (by 1, 3 and IH)
(7) trans (t1' t2) (e1' e2)         (by 4, 5 and trans rule for application)
(8) e1 e2 -->* e1' e2               (by 6 and lemma 2)

(7 & 8 are what we had to prove -- case complete)

case:

(1) t2 --> t2'
----------------
v1 t2 --> v1 t2'

Note: 
-- the t in the theorem statement is (v1 t2)
-- the t' in the theorem statement is (v1 t2')
-- the e in the theorem statement is (w1 e2)

(2) trans (v1 t2) (w1 e2)           (by assumption in theorem 
                                      and inversion lemma and lemma 1a)
(3) trans v1 w1                     (by 2 and inversion lemma)
(4) trans t2 e2                     (by 2 and inversion lemma)
(5) trans t2' e2'                   (by lemma 1)
(6) e2 -->* e2'                     (by 1, 4 and IH)
(7) trans (v1 t2') (w1 e2')         (by 3, 5 and trans rule for application)
(8) v1 e2 -->* w1 e2'               (by 6 and lemma 3)

(7 & 8 are what we had to prove -- case complete)

case:

-------------------
(\x.t1) v --> t1[v/x]

Note: 
-- the t in the theorem statement is   (\x.t1) v
-- the t' in the theorem statement is  t1[v/x]
-- the e in the theorem statement is   (\x.e1) w

(2) trans ((\x.t1) v) ((\x.e1) w)   (by assumption in theorem
                                      and inversion lemma and lemma 1a)
(3) trans t1 e1                     (by 2 and inversion lemma)
(4) trans v w                       (by 2 and inversion lemma)
(5) (\x.e1) w --> e1[w/x]           (by operational rules)
(6) (\x.e1) w -->* e1[w/x]          (by 5 and operational rules for multi-step)
(7) trans t1[v/x] e1[w/x]           (by lemma 4)

(6 & 7 are what we had to prove -- case complete)

case:

----------------------
true and true --> true


let F be (\x.\y.y)
let T be (\x.\y.x)

Now:

(2) trans (true and true) ((\b1.\b2.b1 b2 F) T T)  (by translation rules)
(3) trans true T                                   (by translation rules)
(4) ((\b1.\b2.b1 b2 F) T T) -->* T                 (by operational semantics)

(3 & 4 are what we had to prove -- case complete)

case:

----------------------
true and false --> false

(these and other cases for boolean operations are similar to the
case for true and true --> true)

End Proof