From ca9d2b5103354e45433195afa0c03a9ee488ffb6 Mon Sep 17 00:00:00 2001
From: Pascal <95504829+CryptoPascal31@users.noreply.github.com>
Date: Mon, 13 Nov 2023 09:45:26 +0100
Subject: [PATCH] Create kip-0024.md

---
 kip-0024.md | 73 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 73 insertions(+)
 create mode 100644 kip-0024.md

diff --git a/kip-0024.md b/kip-0024.md
new file mode 100644
index 0000000..8b511d9
--- /dev/null
+++ b/kip-0024.md
@@ -0,0 +1,73 @@
+---
+KIP: "0024"
+Title: Pact Pure primitive
+Author: CryptoPascal
+Status: Draft
+Type: Standard
+Category: Pact
+Created: 2023-11-10
+---
+
+## Abstract
+
+The Proposal is to add a new built-in in Pact:
+
+- `pure` to encapsulate and validate that a function call is "Read Only" pure.
+
+
+## Motivation
+
+The introduction of module references introduced a lot of new possible security flaws.
+
+This has been stated in the official documentation. [1]
+
+Module writers need extreme care when handling modrefs, especially when modrefs are user supplied.
+
+Module writers should consider all the risks and infinite possibilities of re-entrancy, and cheating modules. 
+
+While it is still possible to mitigate these issues by carefully managing capabilities scopes, having a `pure` native helps to add a new layer of defense against an attacker. 
+
+If a module developer assumes that a function call should not have any side effects (*eg:* `fungible-v2::get-balance`), he can enclose it in `(pure )`, 
+and will be assured that the callee is not trying to cheat or modify a state somewhere.
+
+
+## Specification
+
+#### Signature
+```
+action <a> -> <a>
+```
+#### Behaviour
+```
+IF action FAIL => FAIL and propagate the error
+IF action performs a non "ReadOnly pure" operation => FAIL
+IF action returns a value => RETURN the same value   
+```
+
+The behaviour is similar to the existing `(try )` function [2] , but without trying to catch errors.
+
+#### Example
+*with the coin contract*
+
+```pact
+
+(pure (coin.get-balance "existing-account"))
+  > 3.0
+
+(pure (coin.get-balance "unknown-account"))
+  > fails -> Error: with-read: row not found
+
+(pure (coin.create-account "new-account" ks))
+  > fails -> Failure: Illegal database access attempt (writeRow)
+
+```
+
+## Backwards Compatibility
+
+Introducing a new native doesn't cause backward compatibility issues.
+
+
+## References
+* [1] Pact PR [#1256] (https://github.com/kadena-io/pact/pull/1256)
+* [2] Pact PR [#605] (https://github.com/kadena-io/pact/pull/605)
+