[eyelidlessness]

I’m curious what you’re distinguishing here. To me a type system and a contract system are identical concepts with different descriptions.

It seems like you might be highlighting the structural typing aspects of TypeScript’s type system versus nominal or concrete types in many others, but that’s been clear for most TS usage for since well before `satisfies` so I’m not sure if my interpretation is right.

[richdougherty]

I agree, there's doesn't seem to be any reason why you can't use types to express something like contracts. I think the general name for these kinds of types is 'refinement types':

"a refinement type is a type endowed with a predicate which is assumed to hold for any element of the refined type. Refinement types can express preconditions when used as function arguments or postconditions when used as return types"

- https://en.wikipedia.org/wiki/Refinement_type

There's even some literature linking contracts and types directly:

"Traditional static type systems are effective for verifying basic interface specifications. Dynamically-checked contracts support more precise specifications, but these are not checked until run time, resulting in incomplete detection of defects. ... This paper explores the key ideas and implications of hybrid type checking, in the context of the λ-calculus extended with contract types, i.e., with dependent function types and with arbitrary refinements of base types."

- https://users.soe.ucsc.edu/~cormac/papers/toplas09.pdf

[dccoolgai]

For a start:

https://en.m.wikipedia.org/wiki/Design_by_contract

[paulirish]

Hey dude. Hijacking this thread cuz I cannot reply on https://news.ycombinator.com/item?id=32804400 any longer. ;)

Good call on Sour Grapes though. I had thought you meant that one. I also reallllly enjoyed it!

[nextaccountic]

Traditional design by contract checks the contracts at runtime. They can be understood as a form of dynamic typing with quite complicated types, which may be equivalent to refinement types

But you can check contracts at compile time too. It's quite the same thing as static typing with something like refinement types. That's because, while with contracts we can add preconditions like "the size of this array passed as parameter must be a prime number", with refinement types we can define the type of arrays whose size is a prime number, and then have this type as the function argument. (likewise, postconditions can be modeled by the return type of the function)

See for example this Rust library: https://docs.rs/contracts/latest/contracts/

It will by default check the contracts at runtime, but has an option to check them at compile time with https://github.com/facebookexperimental/MIRAI

Now, this Rust library isn't generally understood as creating another type system on top of Rust, but we could do the legwork to develop a type theory that models how it works, and show the equivalence.

Or, another example, Liquid Haskell: https://ucsd-progsys.github.io/liquidhaskell/ it implements a variant of refinement types called liquid types, which is essentially design by contract checked at compile type. In this case, the type theory is already developed. I expect Liquid Haskell to be roughly comparable to Rust's contracts checked by MIRAI.

Now, what we could perhaps say is that refinement types are so powerful that they don't feel like regular types! And, while that's true, there are type systems even more powerful: dependent types used in languages like Coq, Lean and F* to prove mathematical theorems (your type is a theorem, and your code, if it typechecks, is a proof of that theorem).

Dependent types were leveraged to create a verified TLS implementation that mathematically proves the absence of large class of bugs, miTLS https://www.mitls.org/ (they discovered a number of vulnerabilities in TLS implementations and proved that their implementation isn't vulnerable), and HACL* https://github.com/hacl-star/hacl-star a verified crypto implementation used by Firefox and Wireguard. They are part of Project Everest https://project-everest.github.io/ which aims to develop provably secure communications software.