Search code examples
nearprotocol

NEAR and safe math on unsigned integers


On Ethereum Solidity, a special library called SafeMath needs to be used when dealing with unsigned integer balance number. This is because of the integer overflow exploits.

Does NEAR smart contracts written in Rust need similar mitigations? Or does Rust trap the oveflow automatically and panic?


Solution

  • By default, Rust has overflow checks enabled for debug builds, but disabled in optimized release builds. You can easily tweak it in Cargo.toml by setting overflow-checks in profile.release section:

    [profile.release]
    # ...
    overflow-checks = true
    

    NEAR core contracts opt-into the paranoid mode.

    Even if you choose to use saturating_* or checked_* methods explicitly, extra checks are still recommended.