masp icon indicating copy to clipboard operation
masp copied to clipboard

Published 20 hours ago verified publisher icon anoma

Check for cases of i64/u64 overflow in note values

Open joebebel opened this issue 2 years ago • 2 comments

Unlike Zcash Sapling, notes are not limited to MAX_MONEY. The logic needs to be checked thoroughly, and tests written, to make sure that there are no overflow or other issues when the value is close to i64 or u64 limits.

joebebel avatar Apr 21 '22 10:04 joebebel

I did not figure out why we use i64 in Amount(like Zcash Sapling). And the negative Amount will be rejected when constructing note and circuit. Actually, we use u64 in note and circuit.

Another question, if we use MAX_MONEY = i64::MAX, should we still use the range [-MAX_MONEY, MAX_MONEY], or [i64::MIN, i64::MAX]?

XuyangSong avatar May 05 '22 03:05 XuyangSong

I think setting MAX_MONEY = i64::MAX and use the range [-MAX_MONEY, MAX_MONEY] makes sense. So we should undo any change which removed MAX_MONEY.

There is no reason why we need to support exactly i64::MIN amount, so it seems unnecessarily risky to try.

joebebel avatar May 05 '22 06:05 joebebel

Think that we've covered this in the i128 promotion.

cwgoes avatar Aug 15 '23 07:08 cwgoes