Updates Programs page with new details for basic questions. (#211)

* Includes questions (as comments) that I need to answer.

* Clarifies features, limitations, and the purpose of programs.

content/concepts/programs.md

@@ -3,27 +3,68 @@ title: "Programs"
 lead: "The purpose of an Entropy program is to determine whether a group of nodes should generate a signature or not. Developers can create and deploy programs, but validator nodes are the only agents that will directly interact with the programs once deployed. Programs do not return any data other than a _success_ or _failed_ response."
 ---
 
-## Features and Details
+As a simple example, a program could be designed to check the length of a message. If the message is more than 10 characters, then the program returns `OK`, and the signing nodes create and return a valid signature to the account that submits the message. If the message is more than 10 characters, then the program fails, and no signature is created.
 
-In more concrete terms, Entropy programs are WebAssembly components that implement an Entropy-specific interface. The only function that a user must manually implement is `evaluate`, which takes the user's signature request as input and returns a success or an error. If no error is returned, then the message in the signature request will be signed using the program's corresponding key pair with the specified hashing algorithm.
+```mermaid
+flowchart LR
+    A[Entropy account]
+    B{Length > 10}
+    C[Signing nodes]
+    D[Fail]
+    E[Success]
+
+    A --> | send message | B
+    B -- true --> E
+    E --> | generate signature | C
+    C --> | valid signature | A
+
+    B -- false --> D
+```
+
+{{< callout "info" >}}
+You can view a Rust implementation of this example in the [Entropy Programs GitHub repo](https://github.com/entropyxyz/programs/blob/master/examples/barebones/src/lib.rs).
+{{< /callout >}}
+
+## Requirements
+
+Entropy programs are WebAssembly components that implement an Entropy-specific interface. The only function that a user must manually implement is `evaluate`, which takes the user's signature request as input and returns a success or an error. If no error is returned, then the message in the signature request will be signed using the program's corresponding key pair with the specified hashing algorithm.
+
+### Program Configs
+
+Programs can include a configuration which allows users to modify the `evaluation` behaviour without having to recompile and upload a new program to the chain. The format of this is undefined, allowing a configuration to be defined as a serialized C-compatible struct, UTF-8 JSON string, or anything in between.
+
+### Auxiliary Data
+
+Programs can require users to include auxiliary data, separate from the message, in their signature request.
 
 ### Custom Hashing
 
 As ECDSA schemes sign 256-bit numbers, programs can include a `custom_hash` function so users can utilize less common hashing functions. In its simplest form, the function converts a signature request (which also contains the message) into a 256-bit number.
 
-An example of a custom hash implementation is available in the [entropyxyz/programs repository](https://github.com/entropyxyz/programs/).
+### Limitations
 
-The list of natively supported hashing algorithms can be found within the [entropyxyz/entropy-core](https://github.com/entropyxyz/entropy-core/blob/master/crates/shared/src/types.rs#L101) repository.
+#### Size
 
-### Program Configs
+Compiled programs must be less than `1 MB`.
 
-Programs can include a configuration, which allows users to modify the `evaluation` behavior without having to recompile and upload a new program to the chain. The format of this is undefined, allowing a configuration to be defined as a serialized C-compatible struct, UTF-8 JSON string, or anything in between.
+#### External data
 
-An example of a program that uses a config can be found within the entropyxyz/programs repository. In this example, the user specifies an allow-list of Ethereum recipients using a JSON string config.
+Programs must be deterministic and cannot currently call other chains or directly access external data. However, developers can pass in auxiliary data, which can be obtained when the program is deployed.
 
-### Auxiliary Data
+#### Calling other programs
+
+Programs cannot currently call other programs, however this is a planned feature. 
+
+As a workaround, you can set a list of programs that are evaluated one after the other. For example:
+
+1. Check a signature in the auxiliary data with the device key proxy program
+2. Check that the message is an EVM transaction with the 'to' field matching an allow list with the ACL program.
+
+#### Randomness
+
+Programs cannot access the operating system's random number generator. 
 
-Programs can require users to include auxiliary data, separate from the message, in their signature request. An example of a program that requires a zero-knowledge proof as auxiliary data can be found within the entropyxyz/programs repository.
+If the program is not deterministic, it will cause issues because the nodes will only receive a signature if all TSS nodes involved in the signature request successfully evaluate the program. However, users can input random data into the program through the auxiliary data. Programs do not have access to the operating system's random number generator. If the program is non-deterministic, there will be problems, as the nodes will only get a signature if all TSS nodes involved in the signature request successfully evaluate the program. However, users can pass random data into the program through the auxiliary data.
 
 ## Upload Programs
 
@@ -42,7 +83,7 @@ The workflow is as follows:
 
 ## Device-proxy
 
-The device-proxy program is an Entropy program available at `0000000000000000000000000000000000000000000000000000000000000000`. It's main functionality is to:
+The device-proxy program is an Entropy program available at `0000000000000000000000000000000000000000000000000000000000000000`. Its main functionality is to:
 
 1. Verify signatures based on the provided configuration and auxiliary data.
 1. Check if a given public key is in the allowed set of keys (from the provided config).