FAQ
Frequently asked questions
Straight answers about what fastC is, what "agent-first" actually means, and how it stacks up against the languages you already use.
What is fastC?
fastC is a small systems programming language with capability-typed I/O, mandatory contracts, and zero executable build scripts. It compiles to portable, readable C11, ships 53 KB stripped binaries, and is built for a world where most code is written by an AI agent and reviewed by a human. It is MIT-licensed and feature-complete at v1.0.
What does "agent-first" or "agent-friendly" language mean?
An agent-first language is designed around the fact that the modal author of code is now a stochastic model, not a careful human. fastC is agent-first in four concrete ways: a function's signature declares its capabilities, contracts, purity, and complexity so an agent can read what a function may do without reading its body; diagnostics are one structured JSON envelope instead of prose to parse; the toolchain speaks Model Context Protocol (MCP) natively via `fastc mcp`; and the language refuses whole classes of mistake at compile time rather than miscompiling them. The compiler is the only deterministic step between a stochastic author and a stochastic reviewer.
How is fastC different from Rust, Zig, C, C++, Go, Python, and TypeScript?
fastC is the only language that combines capability-typed I/O, mandatory pre/postcondition contracts, zero executable build scripts, vendored dependencies with enforced provenance (sha256 + cosign + SLSA L3), and a CI-enforced compile-time budget. Rust wins on borrow-checked safety and ecosystem; Zig wins on cross-compilation and C interop; C and C++ win on ubiquity and maturity but are unsafe by default; Go wins on goroutines but ships 2.4 MB binaries with a GC; Python and TypeScript win on ecosystem and agent familiarity but are interpreted/managed and carry the PyPI/npm install-script threat model. fastC's niche is small, safe, native binaries an agent writes and a human audits.
What are capability-typed I/O and capabilities in fastC?
In fastC, the authority to do I/O is a typed value passed as a function argument, not ambient. Capabilities like CapFsRead, CapNetConnect, and CapProcSpawn are a finite, named set, minted only in `main` via `caps::init()` and flowed downward through call arguments. A function whose signature carries no capability structurally cannot read files, open sockets, or spawn processes — the compiler refuses the call. This makes "can this code exfiltrate data?" a signature-reading exercise instead of a full audit.
What are contracts in fastC?
Contracts are pre- and postconditions — `@requires` and `@ensures` — that fastC treats as compile-time obligations on public APIs. They are discharged through three tiers: a syntactic pass proves the free cases, Z3 proves linear-integer tautologies under a 500 ms per-obligation budget, and anything unproven falls back to a runtime `fc_trap`. Proven obligations cost zero at runtime, and the build emits a per-obligation `discharge.json` report showing which clauses were proven and which still cost a runtime check.
Why does fastC forbid executable build scripts?
Because build-time code execution is the source of most modern supply-chain attacks. fastC has no `build.rs`, no `build.zig`, no `cgo`, no `proc_macro`, and no package `postinstall` — the manifest is purely declarative and dependencies are git URLs with a commit hash, a sha256, and cosign keyless signatures, vendored into the project tree. The build cannot be attacked via untrusted code because the build does not run untrusted code.
Does fastC work with Claude, Cursor, Copilot, and other AI coding tools?
Yes. fastC ships `fastc mcp`, a Model Context Protocol server that exposes the compiler's structured artifacts — capabilities, contracts, diagnostics, and the module graph — to Claude Code, Cursor, Codex, and any MCP-capable agent. Agents read `fastc explain --json` and `fastc context` instead of text-parsing compiler output, and `fastc fix` applies the compiler's own fix-it hints.
What does fastC compile to, and how big are its binaries?
fastC compiles to portable, readable C11, which you can audit, and then to a native binary via any C compiler. A stripped hello-world is 53 KB on M3 — the same class as C (33 KB) and Zig (50 KB), versus 342 KB for Rust and 2.4 MB for Go. Compile time runs roughly 30–40% faster than a Rust release build, and `fastc build --dev` uses tcc for sub-10 ms inner-loop C steps.
Is fastC production ready?
fastC is v1.0 feature-complete with 340+ tests, an MIT license, and Sigstore + SLSA L3 provenance on releases. The language surface and the 11-package fastc-core standard library are final for the v1.x line. Async/await (stage 2.3) and SMT-first contract discharge (stage 2.1) are deferred to later milestones and documented as such, so you can evaluate it against your threat model today.
What is fastc-core?
fastc-core is fastC's curated standard-library ecosystem: eleven packages that ship one canonical answer per domain — cli, log, json, toml, http, time, base64, uuid, crypto-primitives, regex, and sqlite. Each declares its capabilities in its public signatures, ships a v0.1.0 release with content-hashed, cosign-signed provenance, and removes the ecosystem-research decision an agent would otherwise get wrong.
What license is fastC, and who builds it?
fastC is MIT-licensed and built by fastc-lang. The compiler is written in Rust (1.85+), emits portable C11, and lives at github.com/fastc-lang/fastc, with documentation at docs.fastc-lang.com.
How do I get started with fastC?
Install fastC, then scaffold and build a project from the quickstart at docs.fastc-lang.com/getting-started/. A fastC program looks like C — `fn`, `let`, `i32`, braces — but its signatures carry capabilities, contracts, and annotations the compiler enforces. The getting-started guide covers installation, your first compile, editor setup, and testing.
More depth in the comparisons, the thesis, and the full docs at docs.fastc-lang.com.