Go and Rust improve how systems behave. OCaml improves what systems are allowed to do.
In financial systems, particularly those involving capital movement, the primary risk is not system crashes, but semantic errors.
A system that fails visibly can be halted and recovered. A system that executes successfully but performs the wrong action can cause irreversible loss.
Operational safety concerns whether the system crashes, corrupts memory, or behaves unpredictably at runtime.
Semantic safety concerns whether the system enforces correct state transitions, prevents invalid operations, and guarantees that only meaningful and intended actions can be executed.
These are not memory errors. They are errors of meaning.
Go emphasizes simplicity and stability, reducing the likelihood of runtime failure. Rust enforces strict memory and concurrency safety, eliminating entire classes of low-level errors. These properties are valuable, and we consider both languages suitable for infrastructure-level components.
However, in systems that manage capital movement, the dominant risk lies elsewhere.
To address semantic risk, Gratice places emphasis on languages that can encode system invariants directly into the type system. OCaml provides a strong advantage through algebraic data types, pattern matching, and explicit modeling of state transitions.
This makes it possible to represent unsigned, signed, submitted, and confirmed transactions as distinct types — such that an invalid operation cannot even be expressed in code.
Low-level execution and integration layers may use Go or Rust, where operational robustness and ecosystem support are critical. Core logic governing state transitions, policy enforcement, and transaction correctness should be implemented in a language that enables strong semantic modeling.
Go and Rust improve how systems behave under execution. OCaml improves what systems are allowed to do. For financial infrastructure, both dimensions are necessary. However, when dealing with irreversible operations such as capital transfer, semantic safety must take precedence.
At Gratice, we design systems under a simple rule: a system must not only run correctly. It must be incapable of expressing incorrect actions.