nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqjd874v63430gng67kpw5m597f34dr9vr0yhkp8dkmnma8208raysyd6kk0 (nprofile…6kk0) nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqh2h820tdg9kk8eufek4a3ajn9eld5pq77fha7kwezpzgsvhdm97sqlnalw (nprofile…nalw) This is something that I feel is commonly misunderstood about Rust by people outside the community: the whole point of Rust is that you can build sound abstractions on top of small amounts of unsafe code. This is the key tradeoff that Rust got right: if you insist that the compiler is able to verify absolutely everything, you either get extremely limited expressiveness, or introduce a lot of complexity for being able to prove arbitrary memory management patterns correct (see e.g. RefinedC and how they essentially need to pull in an entire proof assistant, or ATS which again, is itself a very obtuse proof assistant).
Rust found the perfect middle ground: lots of practical impact for correctness, with the effort required still being low enough to get massive adoption.
mei
npub1mx…mgnxv
2025-05-20 18:32:51 UTC
in reply to nevent1q…9yt7
Author Public Key
npub1mx50e9vuyx0eytmncz2mvv68kgc6402qypkm22uk9uk9x7u6vl3symgnxvSeen on
wss://relay.mostr.pubPublished at
2025-05-20 18:32:51 UTCEvent JSON
{
"id": "aa14b36830c08ddd2a5b04d5841991751aabc0d0ff865d7f213a21ed6b38bce3",
"pubkey": "d9a8fc959c219f922f73c095b63347b231aabd40206db52b962f2c537b9a67e3",
"created_at": 1747765971,
"kind": 1,
"tags": [
[
"p",
"934feab351ac5e89a35eb05d4dd0be4c6ad19583792f609db6dcf7d3a9e71f49",
"wss://relay.mostr.pub"
],
[
"p",
"baae753d6d416d63e789cdabd8f6532e7eda041ef26fdf59d910448832edd97d",
"wss://relay.mostr.pub"
],
[
"p",
"ba51d3bb7fc92891016b5873c0b4f7c6a0550c964ec565ece24b6fc2dcf93301",
"wss://relay.mostr.pub"
],
[
"p",
"634c9dbf56bdcf5129da46baf0f19d3360f8254555d6fc3bfc0ce0216b28e624",
"wss://relay.mostr.pub"
],
[
"e",
"61e432ad16b2578eaea66c9105b9b85b51c37921d52bcf59caddc1d50f7b39ba",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://donotsta.re/objects/e38ab6b6-69dc-4842-93b1-367a2ae1fb48",
"activitypub"
],
[
"client",
"Mostr",
"31990:6be38f8c63df7dbf84db7ec4a6e6fbbd8d19dca3b980efad18585c46f04b26f9:mostr",
"wss://relay.mostr.pub"
]
],
"content": "nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqjd874v63430gng67kpw5m597f34dr9vr0yhkp8dkmnma8208raysyd6kk0 nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqh2h820tdg9kk8eufek4a3ajn9eld5pq77fha7kwezpzgsvhdm97sqlnalw This is something that I feel is commonly misunderstood about Rust by people outside the community: the whole point of Rust is that you can build sound abstractions on top of small amounts of unsafe code. This is the key tradeoff that Rust got right: if you insist that the compiler is able to verify absolutely everything, you either get extremely limited expressiveness, or introduce a lot of complexity for being able to prove arbitrary memory management patterns correct (see e.g. RefinedC and how they essentially need to pull in an entire proof assistant, or ATS which again, is itself a very obtuse proof assistant).\n\nRust found the perfect middle ground: lots of practical impact for correctness, with the effort required still being low enough to get massive adoption.",
"sig": "a78129eead50d40f0fedb5d381b04753376c08055e8996b23cb5658565ed1b8a8c479a149316f0e76dc3401bb695243d4030b8a3fb29989d40b7520dd356e6cd"
}