Proof. Exercise. (Hint: if \(f(X) = X^n + a_{n-1} X^{n-1} + \dots + a_0 \in \mathbb{Q}[X]\) is the minimal polynomial of \(\alpha,\) and \(\beta = N\alpha\) for some \(N,\) then what is the minimal polynomial of \(\beta\)?)

Proof. Let \(f \in \mathbb{Q}[X]\) be the minimal polynomial of \(\alpha.\) If \(f \in \mathbb{Z}[X],\) then clearly \(f\) is an algebraic integer.

Conversely, suppose \(f\) does not have integer coefficients, but there is some (larger-degree) monic integral polynomial \(h\) with \(h(\alpha) = 0.\) Then we must have \(h(X) = f(X) g(X)\) for some \(g \in \mathbb{Q}[X].\)

Let \(C\) be the least common multiple of the denominators of the coefficients of \(f,\) so that \(C f \in \mathbb{Z}[X],\) and similarly \(D\) for \(g.\) Then we clearly have \((C f) (D g) = (CD)h.\) Now let \(p\) be a prime dividing \(CD.\) Clearly at least one coefficient of \(C f\) is not divisible by \(p\) (since otherwise \(C / p\) would be the LCM of the denominators). Similarly at least one of the coefficients of \(D g\) is not divisible by \(p.\) So \(Cf \bmod p\) and \(D g \bmod p\) are non-zero in \(\mathbb{F}_p[X].\) But their product \(C D h\) is zero, since \(p \mid CD\) and \(h\) has integral coefficients. This contradicts the fact that \(\mathbb{F}_p[X]\) is an integral domain. So \(CD\) must in fact be 1, i.e. both \(f\) and \(g\) are integral.

Proof. If \(\alpha\) satisfies a polynomial \(f(X) = X^n + a_{n-1} X^{n - 1} + \dots,\) then \(\alpha^{n}\) is in the \(\mathbb{Z}\)-span of \(1, \dots, \alpha^{n-1},\) and by induction one can show that \(\alpha^{n+1},\) \(\alpha^{n + 2}\) etc are also in this span.

Conversely, if this group is finitely generated, then each generator can only mention finitely many powers of \(\alpha,\) so there is some \(N\) such that \(\{1, \dots, \alpha^N\}\) is a generating set. Hence \(\alpha^{N + 1}\) is in the \(\mathbb{Z}\)-span of \(\{1, \dots, \alpha^N\},\) giving a monic integral polynomial that \(\alpha\) satisfies.

Proof. Suppose \(\alpha,\) \(\beta\) satisfy polynomials of degree \(M, N\) respectively. Consider the subgroup of \(\mathbb{C}\) generated by \(\{ \alpha^i \beta^j : 0 \leqslant i < N, 0 \leqslant j < M\}.\) This is finitely generated and contains \(\alpha^r \beta^s\) for all \(r, s \in \mathbb{N},\) so in particular it contains \((\alpha \beta)^j\) and \((\alpha \pm \beta)^k\) for all \(j, k.\) Since a subgroup of a finitely generated abelian group is finitely generated, the result follows.

Proof. First, note that \(\tfrac{1 + \sqrt{d}}{2}\) is a root of \(X^2 - X + \tfrac{1 - d}{4},\) so it is an algebraic integer iff \(d = 1 \bmod 4.\)

Conversely, let \(\alpha = u + v \sqrt{d}\) with \(u, v \in \mathbb{Q},\) and suppose \(\alpha \in \bar{\mathbb{Z}}.\) Then \(\alpha' = u - v \sqrt{d}\) is also in \(\bar{\mathbb{Z}},\) since it satisfies the same polynomial that \(\alpha\) does; and hence \(\alpha + \alpha' = 2u \in \bar{\mathbb{Z}} \cap \mathbb{Q}= \mathbb{Z}.\) Similarly, \(\alpha - \alpha' = 2v \sqrt{d} \in \bar{\mathbb{Z}}\); thus \((2v)^2 d \in \mathbb{Z},\) but since \(d\) is squarefree, this implies that \(2v \in \mathbb{Z}.\)

So, if \(\alpha\) is an algebraic integer but doesn’t lie in \(\mathbb{Z}[\sqrt{d}],\) then we can subtract a \(\mathbb{Z}\)-linear combination of \(1\) and \(\sqrt{d}\) to deduce that one of \(\{ \tfrac{1}{2}, \tfrac{\sqrt{d}}{2}, \tfrac{1 + \sqrt{d}}{2}\}\) is an algebraic integer. Clearly \(\tfrac{1}{2}\) and \(\tfrac{\sqrt{d}}{2}\) are never algebraic integers (since \(4 \nmid d\)); and \(\tfrac{1 + \sqrt{d}}{2}\) is an algebraic integer iff \(d = 1 \bmod 4.\)

Proof. This is a disguised version of Proposition 10.10. Let \(\gamma = 1 / \alpha.\) Then \(\gamma \in \overline{\mathbb{Q}},\) so there is some \(N \in \mathbb{N}_+\) such that \(N\gamma\) is an algebraic integer. Let \(\beta = N\gamma\) for any such \(N.\) Then \(\beta = N / \alpha\) is in \(K,\) and it’s an algebraic integer, so it’s in \(\mathcal{O}_K\); and we have \(\alpha \beta = N.\)

Proof. Let’s suppose first that \(K = \mathbb{Q}(\alpha).\) Then the numbers \(1, \alpha, \alpha^2, \dots, \alpha^{d-1}\) are a \(\mathbb{Q}\)-basis of \(K,\) where \(d = [K: \mathbb{Q}].\) In this basis, the matrix of \(M_\alpha\) looks like \[\begin{pmatrix} 0 & 0 & 0 & \dots & \star\\ 1 & 0 & 0 & \dots & \star\\ 0 & 1 & 0 & \dots & \star \\ \vdots & \vdots & \vdots \end{pmatrix}\] where the \(\star\)’s in the right-most column are (up to sign) the coefficients of the minimal polynomial of \(\alpha.\) This is a matrix of integers; so its determinant and trace are integers.

If \(K\) is larger than \(\mathbb{Q}(\alpha),\) then one can check that \[\operatorname{Nm}_{K / \mathbb{Q}}(\alpha) = \left(\operatorname{Nm}_{L / \mathbb{Q}}(\alpha)\right)^{[K : L]}, \qquad \operatorname{Tr}_{K / \mathbb{Q}}(\alpha) =[K : L] \cdot \operatorname{Tr}_{L / \mathbb{Q}}(x)\] where \(L = \mathbb{Q}(\alpha)\); and the result follows from the previous case.

Proof. This is an instance of a general result (see Addendum below) applying to any finite-dimensional \(\mathbb{Q}\)-vector space equipped with a non-degenerate quadratic form.

To apply this in our situation, we need to check that the “trace form” \((x, y) \mapsto \operatorname{Tr}_{K/\mathbb{Q}}(xy)\) is a quadratic form (which is obvious), and that it is non-degenerate. So, suppose \(x \in K\) satisfies \(\operatorname{Tr}_{K/\mathbb{Q}}(xy) = 0\) for all \(y \in K.\) If \(x \ne 0,\) then we can take \(y = x^{-1}\) and we have \(\operatorname{Tr}(xy) = \operatorname{Tr}(1) = [K : \mathbb{Q}] \ne 0,\) a contradiction. Hence we must have \(x = 0,\) showing that the trace form is non-degenerate.

Proof. Let \(x \in \mathcal{O}_K.\) Then for any \(y \in \mathcal{O}_K,\) we have \(xy \in \mathcal{O}_K\) (because \(\mathcal{O}_K\) is a ring), and hence \(\operatorname{Tr}(xy) \in \mathbb{Z}\) by Proposition 11.4. Thus \(x \in \mathcal{O}_K^\vee.\)

Proof. We know \(\mathcal{O}_K\) is a subring, so we need to show \(\mathcal{O}_K\) is a full lattice.

First we claim \(\mathcal{O}_K\) contains a full lattice. Let \(x_1, \dots, x_d\) be a \(\mathbb{Q}\)-basis of \(\mathcal{O}_K.\) If we multiply each \(x_i\) by a non-zero integer, then the new set is still a basis, so by Proposition 10.10 we can arrange that the \(x_i\) are all in \(\mathcal{O}_K.\) Thus \(\mathcal{L} = \mathbb{Z}x_1 + \dots + \mathbb{Z}x_d\) is a full lattice contained in \(\mathcal{O}_K.\) (Note there’s no reason for it to be an order.)

Now, if \(\mathcal{L}\) is a full lattice such that \(\mathcal{L} \subseteq \mathcal{O}_K,\) then \(\mathcal{L}^\vee \supseteq \mathcal{O}_K^\vee\); and \(\mathcal{L}^\vee\) is also a full lattice. Since \[\mathcal{L}^\vee \supseteq \mathcal{O}_K^\vee \supseteq \mathcal{O}_K \supseteq \mathcal{L}.\] So we have sandwiched \(\mathcal{O}_K\) between two full lattices, \(\mathcal{L}\) and \(\mathcal{L}^\vee.\) Since \(\mathcal{O}_K \supseteq \mathcal{L},\) we know that \(\mathcal{O}_K\) spans \(K\) as a \(\mathbb{Q}\)-vector space. Since \(\mathcal{O}_K \subseteq \mathcal{L}^\vee,\) we know that \(\mathcal{O}_K\) is finitely-generated. Thus \(\mathcal{O}_K\) is a full lattice (and hence an order).

Proof of uniqueness. Note that \(H \cong \mathbb{Z}^m\) iff there exists a set of \(m\) elements \(h_1, \dots, h_m \in H\) which are independent generators, i.e. every \(x \in H\) can be written as \(x = \sum a_i h_i\) for a unique \((a_1, \dots, a_m) \in \mathbb{Z}^m.\)

Let \(W\) be the \(\mathbb{Q}\)-vector space spanned by \(H.\) Then \(h_1, \dots, h_m\) clearly span \(W\) as a \(\mathbb{Q}\)-vector space. They are also \(\mathbb{Q}\)-linearly independent, because if we had a nontrivial \(\mathbb{Q}\)-linear relation between them, we could clear denominators to get a nontrivial \(\mathbb{Z}\)-linear relation. Hence we must have \(m = \dim W,\) which clearly satisfies \(0 \leqslant m \leqslant n.\)

Proof of existence. To deduce existence, we’ll use induction on \(n.\) The result is trivial for \(n = 0,\) so assume it holds for \(n -1.\)

Given \(H \subseteq \mathbb{Z}^n,\) consider the “forget the last entry” map \(\mathbb{Z}^n \to \mathbb{Z}^{n-1}.\) The image \(\bar{H}\) of \(H\) is a subgroup of \(\mathbb{Z}^{n-1},\) so (by the induction hypothesis) we can find an independent generating set \(\bar{h}_1, \dots, \bar{h}_r,\) for some \(r \leqslant n-1.\) Choose arbitrary elements \(h_1, \dots, h_r\) of \(H\) mapping to \(\bar{h}_1, \dots, \bar{h}_r.\) Then any \(h \in H\) can be uniquely written as \(\sum_{i = 1}^r a_i h_i + (0, \dots, 0, x),\) for some \((a_1, \dots, a_r) \in \mathbb{Z}^r\) and \(x \in \mathbb{Z}.\)

Now consider the subgroup \(X = \{x \in \mathbb{Z}: (0, \dots, 0, x) \in H\}.\) This is a subgroup of \(\mathbb{Z},\) so it must be either \(\{0\},\) or \(d \mathbb{Z}\) for some \(d \geqslant 1.\) If \(X = \{0\},\) then \(h_1, \dots, h_r\) are an independent generating set of \(H.\) If \(X = d\mathbb{Z}\) for \(d \geqslant 1,\) then we set \(h_{r + 1} = (0, \dots, 0, d)\); then \((h_1, \dots, h_{r+1})\) are an independent generating set.

Proof. If \([\mathbb{Z}^n : H]\) is finite, of size \(d\) say, then every element of the quotient \(\mathbb{Z}^n / H\) has order dividing \(d\) (“element order divides group order”); so \(d v \in H\) for every \(v \in \mathbb{Z}^n.\) In particular, \(H\) contains \(d e_j\) for each \(j,\) and thus spans \(\mathbb{Q}^n.\) So it must be isomorphic to \(\mathbb{Z}^n.\)

Proof. Let \(\mathbf{v} = (v_1, \dots, v_d)\) be an (ordered) independent generating set of \(\mathcal{L}\); then it is also a \(\mathbb{Q}\)-basis of \(V,\) since \(\mathcal{L}\) is full. Let \(M\) be the matrix with \((i, j)\) entry \(\langle v_i, v_j\rangle\) (the matrix of the bilinear form).

Since the pairing \(\langle-,- \rangle\) is non-degenerate, \(M\) is non-singular, so it has an inverse \(M^{-1}.\)

Let \(b_i\) be the \(i\)-th row of \(M^{-1}\); and let \(w_i = b_1 v_1 + \dots + b_d v_d\) be the vector whose coordinates in the basis \(\mathbf{v}\) are \(b_i.\) Then \(\mathbf{w} = (w_1, \dots, w_d)\) is also a basis of \(V,\) and one computes that \[\langle w_i, v_j\rangle = \begin{cases} 1 & \text{if $i = j$}\\ 0 & \text{otherwise}.\end{cases}\]

Hence, if we write an arbitrary \(x\in V\) as \(x = \sum c_i w_i\) for some \(\vec{c} \in \mathbb{Q}^d,\) we have \(x \in \mathcal{L}^\vee\) iff \(c_i \in \mathbb{Z}\) for all \(i.\) Thus \(\mathcal{L}^\vee\) is precisely the \(\mathbb{Z}\)-linear combinations of the basis \(\mathbf{w},\) showing that it is a full lattice.