Option contracts

Research output: Contribution to journalArticlepeer-review

5 Scopus citations


Many languages support behavioral software contracts so that programmers can describe a component's obligations and promises via logical assertions in its interface. The contract system monitors program execution, checks whether the assertions hold, and, if not, blames the guilty component. Pinning down the violator gets the debugging process started in the right direction. Quality contracts impose a serious runtime cost, however, and programmers therefore compromise in many ways. Some turn off contracts for deployment, but then contracts and code quickly get out of sync during maintenance. Others test contracts randomly or probabilistically. In all cases, programmers have to cope with lack of blame information when the program eventually fails. In response, we propose option contracts as an addition to the contract tool box. Our key insight is that in ordinary contract systems, server components impose their contract on client components, giving them no choice whether to trust the server's promises or check them. With option contracts, server components may choose to tag a contract as an option and clients may choose to exercise the option or accept it, in which case they also shoulder some responsibility. We show that option contracts permit programmers to specify flexible checking policies, that their cost is reasonable, and that they satisfy a complete monitoring theorem.

Original languageEnglish (US)
Pages (from-to)475-494
Number of pages20
JournalACM SIGPLAN Notices
Issue number10
StatePublished - Oct 2013


  • Behavioral software contracts
  • Probabilistic spot checking
  • Programming language design
  • Random testing

ASJC Scopus subject areas

  • Computer Science(all)


Dive into the research topics of 'Option contracts'. Together they form a unique fingerprint.

Cite this