Mark Petruska

The controversy over "You should be able to prove your program correct before you run it" is still live. For several decades after Dijkstra's pronouncement, the conventional wisdom was that he was wrong. And, with the tools and the hardware we had available, that was difficult to dispute. Attempts to apply formal proof methods scaled very badly, seldom worked at all on programs of larger than toy size, and were ridiculously expensive. However, in the future that may change. There has been a lot of theoretical progress towards practical proofs on programs of nontrivial size. They remain difficult to apply to common languages and toolchains. If we get Dijkstra's future it will be because the transition costs of moving to languages on which proofs are practical fall to the point where moving is less than the continuing cost of errors. LLMs make language-to-language translation cheap and will help. Two domains to watch are avionics and medical-device software. The transition, if and when it becomes practical, is likely to start there.

Robertino’s proposal is, in my view, very important to allow new developers to not have to face all the troubles we all had to go through. If both, his and High assurance proposals pass, those 5 production ready contracts will come with their formal proofs using Blaster. This means that developers using those could reuse them, tweak to fit their business needs and in CI/CD check that the security properties have not been broken. Everything fully automated.

Final hours before DRep voting closes. Over the last 5 weeks, IO has published full proposal breakdowns, delivery plans and milestones, FAQs, proposal rationale, open discussions with initiative leads, and the proposals that were rejected alongside the reasoning behind those decisions. The work is public and the decision now sits with the community. Review the proposals and cast your vote: https://t.co/x9KA1psEXa

Because most people don’t understand that plutus is not a smart contract language, it is the smart contract layer itself. No Plutus => no improvements to smart contracts on Cardano. Our smart contract platform desperately needs major improvements, a significant improvement to efficiency, interoperability, modules, new builtins. Right now there are gigabytes of redundant publication of the same standard library functions in the Cardano ledger history. Every single time someone publishes a smart contract language to Cardano they are redundantly republishing the same standard library functions. If left unaddressed, this bloat will continue to accumulate and plague us forever.

Plutus running ~1M scripts/month is evidence that the foundation works. And mature infrastructure is exactly where careful, targeted improvements matter most. Smart contract platforms across major ecosystems continue evolving as adoption grows. This proposal focuses on: • Estimated ~30% cost reductions • New primitives like Poseidon for ZK workloads • Property-based conformance testing to strengthen node diversity • Continuous security audits and further Agda formalization That’s how strong foundations stay strong.

Plutus is the smart contract platform behind applications built on Cardano. This proposal focuses on enhancing: • efficiency and cost-effectiveness • security, reliability, and testing • readiness for the next generation of Cardano infrastructure • the developer experience and tooling It’s about making Cardano’s core smart contract layer more efficient, more secure, and more accessible for builders. As Cardano adoption grows, investing in the foundations matters. Plutus is one of those foundations. Read the proposal: https://t.co/YQTUXqMzyC