Type system

Author: Rigidity

docs/definitions/constants.md

@@ -9,7 +9,7 @@ The simplest example of a program in Rue is the classic hello world example.
 Write the following program in a file named `hello.rue`:
 
 ```rue title="hello.rue"
-fun main() -> Bytes {
+fn main() -> Bytes {
     "Hello, world!"
 }
 ```
@@ -21,7 +21,7 @@ You don't need to use `return` at the end of a function. Everything in Rue must
 Now, run the following command to run the file:
 
 ```bash
-rue build hello.rue --run
+rue build hello.rue
 ```
 
-You should see `"Hello, world!"` printed in the console.
+The output should be `(q . "Hello, world!)"`, which when run with CLVM outputs the string on its own.

docs/definitions/functions.md

@@ -0,0 +1,44 @@
+---
+slug: /security
+---
+
+# Security
+
+## Untrusted Values
+
+While Rue's type system aims to provide the means to comprehensively check the type of values at runtime, the types of values passed into the `main` function are currently assumed to be correct by default.
+
+This means that a program like this is actually incorrect:
+
+```rue
+fn main(
+    parent_coin_id: Bytes32,
+    puzzle_hash: Bytes32,
+    amount: Int,
+) -> Bytes32 {
+    sha256(parent_coin_id + puzzle_hash + amount as Bytes)
+}
+```
+
+Because the length of the untrusted values `parent_coin_id` and `puzzle_hash` are unchecked, they may be manipulated in a way that increases the length of `amount` without affecting the concatenated value.
+
+For example, if `parent_coin_id` was 28 bytes, `puzzle_hash` was shifted 4 bytes to the left, and the value of `amount` grew by 4 bytes, it would suddenly be much larger than it was before without changing the hash.
+
+This is what led to the [CAT1 vulnerability](https://www.chia.net/2022/07/29/cat1-vulnerability-explained-cve-and-cwe/).
+
+The solution is to use a more general type and check the invariants you care about at runtime:
+
+```rue
+fn main(
+    parent_coin_id: Bytes,
+    puzzle_hash: Bytes,
+    amount: Int,
+) -> Bytes32 {
+    assert parent_coin_id is Bytes32;
+    assert puzzle_hash is Bytes32;
+
+    sha256(parent_coin_id + puzzle_hash + amount as Bytes)
+}
+```
+
+Now, if someone tried to play tricks with the lengths, the assertions would fail and the program would raise an error.

docs/definitions/let-bindings.md

@@ -0,0 +1,41 @@
+---
+slug: /aliases
+---
+
+# Aliases
+
+A type alias allows you to reuse complex types multiple times without having to repeat yourself.
+
+For example:
+
+```rue
+type MathOp = fn(a: Int, b: Int) -> Int;
+
+fn adder(a: Int, y: Int) -> Int {
+    a + b
+}
+
+fn get_adder() -> MathOp {
+    adder
+}
+```
+
+## Recursion
+
+You can use type aliases for recursive type definitions:
+
+```rue
+type List<T> = nil | (T, List<T>);
+```
+
+The type system should be equipped to handle recursive types like this, and they are quite useful for modeling complex CLVM values.
+
+:::warning
+There is currently nothing preventing you from making a type that _always_ references itself (without any base case or nesting):
+
+```rue
+type Value = Value;
+```
+
+This type will allow any value to be assigned to it, and some things may unexpectedly fail. A future release will likely forbid such type declarations from being created.
+:::