Rust - Loren1166/NautilusTrader- GitHub Wiki

Rust

The Rust programming language is an ideal fit for implementing the mission-critical core of the platform and systems. This is because Rust will ensure that it is free of memory errors and data race conditions, being 'correct by construction' through its formal specification of types, ownership and lifetimes at compile time. Rust 编程语言非常适合实现平台和系统的关键核心。这是因为 Rust 将确保它没有内存错误和数据竞争条件，通过在编译时对类型、所有权和生命周期的正式规范，它是“按构造正确”的。

Furthermore, due to the absence of a built-in runtime and garbage collector, along with the language's ability to access the lowest-level primitives, we can anticipate that future implementations will be highly performant. This combination of accuracy and performance is highly valued for a high-frequency trading (HFT) platform. 此外，由于没有内置的运行时和垃圾收集器，以及该语言访问最低级别原语的能力，我们可以预期未来的实现将具有很高的性能。对于高频交易 (HFT) 平台来说，这种准确性和性能的结合非常有价值。

Python Binding | Python 绑定

Interoperating from Python calling Rust can be achieved by binding a Rust C-ABI compatible interface generated using cbindgen with Cython. This approach is to aid a smooth transition to greater amounts of Rust in the codebase, and reducing amounts of Cython (which will eventually be eliminated). We want to avoid a need for Rust to call Python using the FFI. In the future PyO3 will be used. 通过将使用 cbindgen 生成的与 Cython 绑定的 Rust C-ABI 兼容接口，可以实现从 Python 调用 Rust 的互操作。这种方法有助于平滑过渡到代码库中更大数量的 Rust，并减少 Cython 的数量（最终将被淘汰）。我们希望避免 Rust 需要使用 FFI 调用 Python。将来将使用 PyO3。

Unsafe Rust | 不安全 Rust

It will be necessary to write unsafe Rust code to be able to achieve the value of interoperating between Python and Rust. The ability to step outside the boundaries of safe Rust is what makes it possible to implement many of the most fundamental features of the Rust language itself, just as C and C++ are used to implement their own standard libraries. 为了实现 Python 和 Rust 之间互操作的价值，有必要编写不安全的 Rust 代码。能够超越安全 Rust 的边界，使得实现 Rust 语言本身的许多最基本的功能成为可能，就像 C 和 C++ 用于实现它们自己的标准库一样。

Great care will be taken with the use of Rusts unsafe facility - which just enables a small set of additional language features, thereby changing the contract between the interface and caller, shifting some responsibility for guaranteeing correctness from the Rust compiler, and onto us. The goal is to realize the advantages of the unsafe facility, whilst avoiding any undefined behavior. The definition for what the Rust language designers consider undefined behavior can be found in the language reference. 在使用 Rust 的不安全工具时，我们会非常小心，它只启用了一小组额外的语言功能，从而改变了接口和调用者之间的契约，将一些保证正确性的责任从 Rust 编译器转移到我们身上。目标是实现不安全工具的优势，同时避免任何未定义的行为。Rust 语言设计者认为未定义行为的定义可以在语言参考中找到。

Safety Policy | 安全策略

To maintain the high standards of correctness the project strives for, it's necessary to specify a reasonable policy to adhere to when implementing unsafe Rust. 为了维持项目所追求的高标准正确性，有必要指定一个合理的策略，在实现不安全的 Rust 时要遵守。

If a function is unsafe to call, there must be a Safety section in the documentation explaining why the function is unsafe and covering the invariants which the function expects the callers to uphold, and how to meet their obligations in that contract. 如果一个函数调用不安全，则文档中必须有一个安全部分，解释为什么该函数不安全，并涵盖该函数期望调用者维护的不变量，以及如何履行该契约中的义务。
All unsafe code blocks must be completely covered by unit tests within the same source file. 所有不安全的代码块必须由同一源文件中的单元测试完全覆盖。

Resources | 资源

The Rustonomicon - The Dark Arts of Unsafe Rust Rustonomicon - 不安全 Rust 的黑暗艺术
The Rust Reference - Unsafety Rust 参考 - 不安全性
Safe Bindings in Rust - Russell Johnston Rust 中的安全绑定 - Russell Johnston
Google - Rust and C interoperability Google - Rust 和 C 互操作性