On Ethereum Solidity, a special library called SafeMath
needs to be used when dealing with unsigned integer balance number. This is because of the integer overflow exploits.
Does NEAR smart contracts written in Rust need similar mitigations? Or does Rust trap the oveflow automatically and panic?
By default, Rust has overflow checks enabled for debug builds, but disabled in optimized release builds. You can easily tweak it in Cargo.toml
by setting overflow-checks
in profile.release
section:
[profile.release]
# ...
overflow-checks = true
NEAR core contracts opt-into the paranoid mode.
Even if you choose to use saturating_*
or checked_*
methods explicitly, extra checks are still recommended.