Btrust

Why Rust Is Becoming Essential in Bitcoin

Btrust

Btrust

6 min read
Why Rust Is Becoming Essential in Bitcoin

Written by Jamal Errakibi

This article is a written version of my talk “Why Rust Is Becoming Essential in Bitcoin,” which I gave during the 2025 Btrust Developer Day

If you prefer watching instead of reading, you can watch the talk linked here.

Rust has been voted the most loved programming language for nine years in a row, according to the 2025 Stack Overflow Developer Survey.

survey.stackoverflow.co/2025
survey.stackoverflow.co/2025

Yet ironically, it’s also considered one of the hardest languages to learn. Why? Because it introduces unique concepts like ownership and borrowing, ideas that don’t exist in most mainstream programming languages.

Today, many Bitcoin projects already use Rust: rust-bitcoin, BDK, rust-lightning, Fedimint, BitVM, Payjoin, Stratum V2, and more.

So the real question isn't, “Can Rust work for Bitcoin?”

It’s "Why are so many Bitcoin projects choosing Rust?"

The answer, in my opinion, comes down to what I like to call the three pillars of Rust.

The 3 Pillars of Rust

Rust is built around three strong ideas:

  1. Memory safety without a garbage collector
  2. High performance
  3. A strong type system

Let’s explore why each of these makes Rust a natural fit for Bitcoin development.

1. Memory Safety (Without a Garbage Collector)

Memory safety means your program never manipulates memory incorrectly, a common source of bugs and vulnerabilities in software.

This is not a small issue. Industry leaders like Google, Microsoft, Mozilla, and Apple have all reported that around 70% of their security bugs are related to memory safety problems.

Even with thousands of engineers, most serious vulnerabilities still come from memory-unsafe code.

~70% of the vulnerabilities Microsoft assigns a CVE each year continue to be memory safety issues.” — Microsoft Security Response Center

“If we’d had a time machine and could have written this component in Rust from the start, 51 (73.9%) of these bugs would not have been possible.” — Mozilla

Even the U.S. government released a report saying that future software should be memory safe. If you want to build critical infrastructure (or even get contracts with the White House), memory safety is no longer optional.

Common Memory Bugs (C/C++)

These are the classic memory bugs we see in languages like C and C++:

  • Use-after-free
  • Double free
  • Data races
  • Dangling references
  • Buffer overflows

Rust gives us a way to avoid entire classes of these bugs before the code even runs. All of this happens at compile time.

Memory Safety in Bitcoin Core

This is not theoretical.

Bitcoin Core itself has had real bugs caused by memory unsafety:

These are exactly the kinds of bugs Rust is designed to prevent.

How Rust Solves This

Rust avoids these problems through ownership and borrowing.

We won’t go deep into the details here, but the key idea is simple:

Rust makes entire classes of bugs impossible at compile time.

Not by tests. Not by runtime checks. But before the program even runs.

How Rust Does Memory Management

To really appreciate Rust’s approach to memory safety, it helps to understand how memory is managed in other languages.

Languages like Java, Go, and C# use a garbage collector to decide when memory should be freed. But a garbage collector is a full secondary process running in the background, and it comes with additional runtime cost and unpredictability.

C doesn’t have a garbage collector, but in return you have to manage memory manually. You allocate memory yourself, and you are responsible for freeing it correctly, which is exactly where most memory bugs come from.

Rust, on the other hand, does not have a garbage collector, and memory is managed by design using the ownership and borrowing model.

2. Performance

Rust is fast for three main reasons:

  1. No garbage collector
  2. Energy efficiency
  3. Stack-first memory model

Let’s break this down.

No Garbage Collector

A garbage collector is a secondary process running in the background. It decides when to pause your program and clean up memory.

This makes performance unpredictable.

Discord Case Study (Go → Rust)

Discord migrated one of their services from Go to Rust.

https://discord.com/blog/why-discord-is-switching-from-go-to-rust

  • The purple line represents the old Go service. You can clearly see periodic latency spikes, caused by GC pauses.
  • The blue line is the Rust version. Much smoother, more predictable, and more deterministic.

Energy Efficiency

This study compares energy consumption across programming languages.

https://greenlab.di.uminho.pt/wp-content/uploads/2017/09/paperSLE.pdf

In the benchmark results, Rust is very close to C in terms of energy usage and significantly better than languages like Java or Python.

Less CPU time → less energy → lower costs. This matters a lot at scale.

Stack by Default

Rust is stack-heavy by default.

That means Rust tries to put data on the stack whenever possible, because it’s faster, safer, and doesn’t require allocation.

The heap is only used when we actually need dynamic or growable data structures.

This design choice alone removes a lot of overhead and complexity.

3. Type safety

“Safe Rust code is guaranteed to avoid undefined behavior. Type safety is a key element to reliability.” - Rustacean Principles   

Memory safety prevents how things go wrong at runtime. Type safety prevents what you are allowed to express in code.

Rust also helps you prevent bugs that have nothing to do with memory. It does this with a strong type system: you can make invalid states hard (or impossible) to represent.

What this means in practice:

- You avoid “null” problems by using Option<T> (a value is either Some(...) or None).

- You handle failures explicitly with Result<T, E> instead of hoping things “just work.”

- You can use enums to model protocol states and force exhaustive handling with match.

- You can create “newtypes” (small wrapper types) so you don’t mix up values that are both integers but mean different things.

Why these matter for Bitcoin codebases:

Bitcoin software is full of values that look similar but are not interchangeable: sats vs BTC, txid vs block hash, script types, network (mainnet/testnet), locktime/sequence rules, and more.

In weaker type systems, these often get represented as plain integers or strings, and mistakes compile fine.

In Rust, you can encode the meaning into the type and let the compiler catch mix-ups early.

Quick example:

Risks of Rust

Rust is not perfect.

1. Steep Learning Curve

Rust is hard at the beginning. The compiler feels strict. Sometimes too strict.

But that pain is usually teaching you something important.

2. The Compiler Can’t Catch Everything

Rust prevents memory bugs, but it can’t prevent logical mistakes.

A good example is the Cloudflare outage on November 18, 2025, which was caused by a misuse of unwrap().

In Rust, unwrap() basically means, “Give me the value or crash.”

Sometimes that’s exactly what you want. Sometimes it’s not.

Rust gives you powerful tools, but you still need to use them carefully.

Conclusion

Rust is like doing peer programming with the compiler.

It’s like having a super strict senior engineer sitting next to you all the time. You try something unsafe, and the compiler is like:

“Nope. Try again. Fix that first.”

It’s annoying, but it saves you.

Rust also Makes Things Simpler for Reviewers

Rust makes code reviews easier.

Because many classes of bugs are literally impossible, reviewers don’t waste time looking for:

  • Use-after-free
  • Data races
  • Lifetime issues

The compiler already handled that.

So reviewers can focus on logic, not memory mistakes.

If you want to dive deeper into Rust and its use in Bitcoin, the following resources are highly recommended:

Read more