Summary
Warn on unsafe arithmetic in high-value financial code paths, especially unchecked u128 operations and missing bounds in AMM logic.
Related to #3
Why it matters
• Unchecked u128 mul/div can overflow silently.
• Fixed-point Q64.64 math can lose precision or overflow without guard rails.
• Missing slippage or invariant checks can allow value extraction or pool imbalance.
Proposed Approach
• Warn on * or / with u128 unless checked_*, mul_div, or equivalent safe helpers are used.
• For Q64.64 ops, suggest explicit rounding and overflow handling.
• In swap/AMM code paths, detect absence of a slippage bound (require!(amount_out >= min_out)) or invariant check before state mutation.
Examples
Flag:
let k = a * b; // a, b are u128
Pass:
let k = a.checked_mul(b).ok_or(Error::Overflow)?;
Summary
Warn on unsafe arithmetic in high-value financial code paths, especially unchecked u128 operations and missing bounds in AMM logic.
Related to #3
Why it matters
Proposed Approach
Examples
Flag:
Pass: