
Using SPARK to Prove 255-Bit Integer Arithmetic from Curve25519 - based2
https://blog.adacore.com/using-spark-to-prove-255-bit-integer-arithmetic-from-curve25519
======
eggy
Just started reading/working through the book, "Building High Integrity
Applications with Spark". I started with assembler, then basic and c, and took
Turbo Pascal in the late 80s. I am very interested in safer, secure
programming, and Spark and Rust seem to be approaching the hub from different
spokes of the same wheel. I was playing with F _/ F# toolchain, but F_ is a
bit formal for me, or at least not very clear for me.

The use of Spark on embedded devices, and CubeSats has sparked my interest ;)

I found the code and explanation in the article easy to follow although the
subject matter is not in my domain.

~~~
blub
Rust and SPARK are totally different things. SPARK was designed to build high
integrity applications, Rust was designed to build applications that don't
crash because of invalid memory accesses.

The second is a much, much weaker guarantee, basically any language used
nowadays besides C and C++ will offer the same memory safety guarantee as
Rust.

~~~
eggy
Sure they are different: OOP/Pascal-like vs. multi-paradigm/C-like language,
etc., but the point of the spoke and hub analogy is that coming from different
sides (spokes), but directing towards something like safe, secure programming
is what they have in common (the hub), and has instigated the ADA/SPARK
community to take notice, and vice versa for Rust. Look at these two
discussions for a bit of where I am going with it:

[https://www.reddit.com/r/ada/comments/7wzrqi/why_rust_was_th...](https://www.reddit.com/r/ada/comments/7wzrqi/why_rust_was_the_best_thing_that_could_have/)

[https://www.reddit.com/r/rust/comments/7ibea3/safe_pointers_...](https://www.reddit.com/r/rust/comments/7ibea3/safe_pointers_in_spark_ada_inspired_by_rusts/)

I like Rust (and I like Zig too). I like ADA/SPARK 2014. I am currently
interested in safe, secure, verifiable and validated software development, and
these PLs are on my radar. I have also considered a duo of F*/F#, but they are
not ticking as many boxes as ADA/SPARK 2014.

I'd love to see the cross pollination or competition between Rust and SPARK
2014 lead to them both improving, and borrowing concepts from each other. Rust
is being touted more and more for embedded, and SPARK 2014 is already there.
Now if I could get SPARK/Rust in a Lisp!

------
jbapple
The title should be corrected to "SPARK", not "Spark". It's used all caps each
time it's mentioned on the page. That's also how I've seen this tool referred
to elsewhere in the programming language literature:
[https://en.wikipedia.org/wiki/SPARK_(programming_language)](https://en.wikipedia.org/wiki/SPARK_\(programming_language\))

~~~
dang
Corrected now. This is an unfortunate wave-particle when it comes to casing,
which HN's software tries to autocorrect in titles.

