Rail: A self-hosting language that speaks TLS alone

What Rail is

Rail is a tiny, self-hosting systems language that prides itself on doing more with less. Its compiler is 4,687 lines of Rail that produce a 729 KB ARM64 binary which, when run, rebuilds the compiler byte-for-byte — fixed point bootstrapping, no C toolchain required. The runtime, including the garbage collector and allocator, is written in ARM64 assembly embedded in the compiler; no libc, no OpenSSL, no transitive C dependencies. Neat trick. Clever engineering. Who doesn't love a bootstrap that closes the loop?

Technical highlights

It has been reported that v3.0.0 adds a full TLS 1.3 client implemented in Rail itself — import "stdlib/anthropic_client.rail" and your program can call an HTTPS API with zero OpenSSL, curl, or external helpers. The repo claims support for x25519 ECDHE, ECDSA-P256 cert verification, SAN hostname checks, ChaCha20-Poly1305 record layer and full X.509 chain validation back to macOS /etc/ssl/cert.pem for api.anthropic.com. Apple Silicon (ARM64 macOS) is the primary target, with Linux ARM64, Linux x86_64 and WASM backends also supported. The surface is deliberately narrow: the project ships the crypto primitives it uses (ChaCha20-Poly1305, x25519, SHA-* families, ECDSA P-256/P-384, RSA-PSS/PKCS1) and nothing more.

Why it matters

Beyond neat engineering, Rail is a statement about supply-chain minimalism and reproducible trust: the compiler is the source of truth and the regression suite at once — if it compiles, it runs. It has been reported that the project even uses the compiler as a verifier in self-training loops for LLM-driven code generation, with three lineages and a claimed 92% strict pass rate on one PCFG lineage — the compiler as fitness function; eerie, a bit beautiful, and terrifying if you like surprises. Whether you care about tiny trusted bootstraps, reproducible builds, or just the sheer audacity of "HTTPS in pure Rail," this project is worth a look.

Sources: github.com/zemo-g, Hacker News