Potential panic from debug_assert

[sea212]

Provided by SRLabs runtime review.

Summary Multiple pallets are using debug_assert, which can cause a panic or logic errors in the runtime. Issue details

debug_assert is being used in multiple pallets. We were able to trigger a panic condition for the following debug_asserts in pallet prediction-markets and parimutuel:

• debug_assert!(false, "{}", warning);
• debug_assert!(false, "{}", warning);
• debug_assert!(false, "{}", warning);
• debug_assert!(false);
• debug_assert!(false);

Risk The nodes compiled in debug mode will panic as intended during debugging and development, although, some nodes might run in debug mode even if they are in production. For the nodes built in release mode, logic inconsistencies may appear.

Mitigation Using debug_assert is a best practice deviation and it should not be used other than for debugging purpose. We suggest replacing the usage of debug_assert with proper checking and error handling.