It Takes Two to Contract

Design by Contract (DbC) is a programming approach that emphasizes using assertions and types to enhance code reliability and readability, without necessarily requiring language-specific support for DbC. The author, initially skeptical of DbC, argues that while assertions can seem redundant, they provide crucial benefits such as improved readability, robustness, and defense in depth, especially when code evolves over time. By employing paired assertions—one at the call site and one at the definition site—developers can ensure consistency and correctness without needing to reference both code locations simultaneously. This approach is particularly beneficial in complex systems like consensus protocols and is demonstrated in TigerBeetle's use of hash-chaining and checksums to maintain invariants across distributed systems. The practice of pairing assertions, even when seemingly duplicative, maximizes error detection and enhances code maintenance, offering a pragmatic benefit by ensuring that both local and global conditions are met.