You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently UInt wraps on overflow. Please, make it panic on overflow if cfg(overflow_checks) is enabled, i. e. exactly same thing rustc does with standard numbers. Here is why.
First and foremost, UInt is used mainly for representing monetary values. Wrapping behavior is unnatural for monetary values. So, UInt should panic on overflow. But still some users may want to skip checks for speed reasons. So, we should provide way to configure behavior. The most natural thing to do is to make UInt panic when standard numbers panic and wrap when standard types wrap. So, we should use cfg(overflow_checks).
Of course, this is breaking change, so it should be done in next major version.
I use alloy for managing my personal cryptocurrency, i. e. for transferring it around. Unnoticed overflows may cause loss of money, I absolutely don't want this. So, I plan to create my wrapper around U256, which will panic on overflow. And I also will use clippy::arithmetic_side_effects to make sure that I will not use arithmetic directly on ruint/alloy's U256. But ideally this should be fixed in alloy itself.
I already reported this problem to ruint ( recmo/uint#408 ), but they rejected my request. So, I propose to create alloy's wrapper, which will panic on overflow (if cfg(overflow_checks)).
If you don't want to replace UInt everywhere, then at least create panicking wrapper and use it in places, where we clearly know that we are dealing with money. For example, Provider::get_balance. This method clearly returns monetary value, there is no any sense for wrapping behavior for this value (but I still suggest checking cfg(overflow_checks) for consistency with standard types)
Additional context
No response
The text was updated successfully, but these errors were encountered:
Component
primitives
Describe the feature you would like
Currently
UInt
wraps on overflow. Please, make it panic on overflow ifcfg(overflow_checks)
is enabled, i. e. exactly same thing rustc does with standard numbers. Here is why.First and foremost,
UInt
is used mainly for representing monetary values. Wrapping behavior is unnatural for monetary values. So,UInt
should panic on overflow. But still some users may want to skip checks for speed reasons. So, we should provide way to configure behavior. The most natural thing to do is to makeUInt
panic when standard numbers panic and wrap when standard types wrap. So, we should usecfg(overflow_checks)
.Of course, this is breaking change, so it should be done in next major version.
I use
alloy
for managing my personal cryptocurrency, i. e. for transferring it around. Unnoticed overflows may cause loss of money, I absolutely don't want this. So, I plan to create my wrapper aroundU256
, which will panic on overflow. And I also will useclippy::arithmetic_side_effects
to make sure that I will not use arithmetic directly onruint
/alloy
'sU256
. But ideally this should be fixed inalloy
itself.Also, currently Solidity throws exception on integer overflow by default ( https://docs.soliditylang.org/en/v0.8.28/types.html#integers ), so currently
alloy
is less safe than Solidity!I already reported this problem to
ruint
( recmo/uint#408 ), but they rejected my request. So, I propose to createalloy
's wrapper, which will panic on overflow (ifcfg(overflow_checks)
).If you don't want to replace
UInt
everywhere, then at least create panicking wrapper and use it in places, where we clearly know that we are dealing with money. For example,Provider::get_balance
. This method clearly returns monetary value, there is no any sense for wrapping behavior for this value (but I still suggest checkingcfg(overflow_checks)
for consistency with standard types)Additional context
No response
The text was updated successfully, but these errors were encountered: