Currently, if I write an Rust function that needs some conditions to be checked by the coder, it makes sense to mark the function unsafe. This has the undesirable effect of disabling safety checks for the entirety of the function when there might just be a single statement that introduces the unsafety.
I propose that safety checks be enabled for unsafe functions if they contain at least one unsafe {} block. This would help catch accidental usage of unsafe operations.
If that isn't practical, then as odd as it sounds maybe we need a safe {} block, but then there would be the complexity of needing to be able to put arbitrary levels of unsafe blocks inside safe blocks and vice versa.
This can be worked around by having a "safe" internal function, that actually isn't safe and exporting it as an unsafe function. IMO this introduces extra risk of misunderstanding were someone may come along later and mistake the "safe" version as actually safe.