Proved basic properties of Blanchet protocol

InductiveVerification/Event.lean

@@ -15,7 +15,6 @@ class HasInitState (α : Type) where
 variable [ hasInitStateAgent : HasInitState Agent ]
   
 open HasInitState
-attribute [simp] initState
   
 -- Define the `bad` set
 abbrev DecidableMem ( A : Set Agent ) := (a : Agent) →  Decidable (a ∈ A)
@@ -214,18 +213,12 @@ lemma parts_insert_spies [Bad] :
 by
   apply parts_insert
 
-lemma analz_spies_mono [InvKey] [Bad]
-  { h : M ∈ analz (knows Agent.Spy evs) } :
-  M ∈ analz (knows Agent.Spy (ev :: evs))
+lemma analz_spies_mono [InvKey] [Bad] :
+  M ∈ analz (knows Agent.Spy evs) → M ∈ analz (knows Agent.Spy (ev :: evs))
 := by
+  intro h
   aapply analz_mono; exact knows_subset_knows_Cons
 
-lemma analz_spies_mono_neg [InvKey] [Bad]
-  { h : M ∉ analz (knows Agent.Spy (ev :: evs)) } :
-  M ∉ analz (knows Agent.Spy evs)
-:= by
-  intro h₁; apply h; aapply analz_spies_mono
-
 -- Knowledge of Agents
 lemma knows_subset_knows_Says [Bad] :
   ∀ {A A' B : Agent} {X : Msg} {evs : List Event},
@@ -382,10 +375,6 @@ lemma parts_knows_Spy_subset_used [Bad] :
       · simp; apply subset_trans; apply ih; simp
       · apply subset_trans; apply ih; simp
       
-lemma parts_knows_Spy_subset_used_neg [Bad] :
-  M ∉ used evs → M ∉ parts (knows Agent.Spy evs) := by
-  intro h₁ h₂; apply h₁; aapply parts_knows_Spy_subset_used
-      
 lemma analz_knows_Spy_subset_used [Bad] [InvKey] :
   analz (knows Agent.Spy evs) ⊆ used evs
 := by
@@ -393,10 +382,6 @@ lemma analz_knows_Spy_subset_used [Bad] [InvKey] :
   · exact analz_subset_parts
   · exact parts_knows_Spy_subset_used
 
-lemma analz_knows_Spy_subset_used_neg [Bad] [InvKey] :
-  M ∉ used evs → M ∉ analz (knows Agent.Spy evs) := by
-  intro h₁ h₂; apply h₁; aapply analz_knows_Spy_subset_used
-
 -- Parts of what the Spy knows are a subset of what is used
 lemma usedI [Bad] :
     X ∈ parts (knows Agent.Spy evs) → X ∈ used evs := by