Rust's borrowing rules encode a fundamental invariant: you can have many readers or one writer, but never both. This single rule eliminates data races at compile time.

Ownership is not a feature of Rust. It IS Rust. Three rules, enforced at compile time, that eliminate use-after-free, double-free, and data races — without a garbage collector.

Every function in Rust is a boundary — and every boundary is a place where invariants are declared. Parameter types, return types, and the expression system all enforce contracts the compiler checks.

In Rust, every branch of a conditional must agree on its type. Every loop has explicit termination semantics. Control flow isn't just syntax — it's a set of invariants the compiler enforces.

Rust is statically typed — every value has a type known at compile time. This isn't a convenience feature. It's an invariant that eliminates entire categories of runtime failures.

Every Cargo command upholds a specific contract. Build guarantees compilation. Test guarantees verification. Publish guarantees distribution. Here's the full reference.

Cargo isn't just a convenience tool. It enforces a set of invariants about how Rust projects are structured, built, and distributed — so you can't accidentally break the build.

Rust isn't just another systems language. It's a language that encodes invariants — memory safety, thread safety, type correctness — directly into the compiler. Here's where it starts.

A block cipher encrypts fixed-size blocks. Modes of operation define how to encrypt messages longer than one block — and each mode upholds (or fails to uphold) different invariants.

AES is built from four operations, each preserving a specific invariant. Remove any one of them and the cipher breaks in a distinct, predictable way.