Most applications don’t fail because algorithms are hard—they fail because our models allow states that make no sense in the domain. “User without email but verified”, “order that’s both shipped and cancelled”, “sum < 0”, “modal dialog both closed and active”. These states should be impossible from the start. Among the most time-consuming bugs to track down are the ones where we look at our application state and say “this shouldn’t be possible.”
