briny 0.3.1

Low-level enforcement of memory layout integrity
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62

# `briny`


`briny` is a small, secure crate that prevents many memory bugs with a safe API - sometimes it can help prevent undefined behavior at compile time.

## Overview


## Core Philosophy


briny encapsulates the minimal necessary use of `unsafe` to provide:

- **Thread-safe shared ownership** without relying on the standard library.
- **Controlled interior mutability** without the pitfalls of raw `UnsafeCell`.
- **Safe, validated type casting** for both sized and unsized types.
- **Portable, allocation-agnostic primitives** suitable for embedded, kernel, and bare-metal environments.

The crate avoids over-engineered abstractions, prioritizing **direct, minimal, and predictable primitives** with well-defined safety boundaries.

## Key Architectural Additions


### Allocation-Free Thread-Safe References


`Darc` (Direct ARC) and `Naarc` (Non-Alloc ARC) offer reference counting for shared data **without requiring heap allocation** and without using `std`.  
Both are designed to be `Send + Sync` when the underlying type permits, enabling multi-threaded designs in `no_std` or constrained environments.
Due to their inherent simplicity, they can usually perform better than `Arc`.

### Safer Interior Mutability


`NotUnsafeCell` replaces ad-hoc `UnsafeCell` usage with a structured, safety-checked API.  
It preserves the flexibility of interior mutability while significantly reducing the risk of unsound aliasing or reentrant access.

### Safe Casting for Sized and Unsized Types


`briny` provides casting utilities that:

- Validate alignment, size, and bit-pattern safety before reinterpretation.
- Support unsized types, including slices and trait objects.
- Eliminate undefined behavior from unchecked `transmute` usage.

## Design Goals


- **`no_std` First** - Fully functional without the standard library, with optional `alloc` support.
- **Safety-Oriented** - Encapsulate `unsafe` so it is not spread throughout downstream code.
- **Thread-Aware** - Provide concurrency primitives for systems without `std::sync`.
- **Fuzz-Resistant** - Handle edge-case and malformed inputs gracefully at the memory level.

## Project Status


- Security-first API design
- 100% safe Rust (no unsafe)
- Fully tested (integration and unit tests)
- No dependencies
- `#![no_std]` support
- Not dependent on `alloc` or `std`
- Community audits welcome

## Contributing


Contributions, bug reports, and suggestions are welcome! This project aims to help build verifiably secure foundations for low-level and embedded Rust development.

### License


`briny` is under an MIT license.