Etude XII

Invariants and Contracts

Promises, obligations, and counterexamples as design guardrails.

Core Notes

Invariants are non-negotiable. Contracts name the promises and obligations at each API boundary.

pre: deps closed | post: state monotone
Every contract must link to a counterexample that motivated it.

Applied Thread

Applied: write contract tests for merge, run them at deploy time, and surface failures in the workbench.

trace: Def → Check(tests) → Counterexample(log) → Repair(patch)