Merge branch 'tomas/more-checked-arith' (#3214)

* origin/tomas/more-checked-arith:
  changelog: add #3214
  doc/sdk: fix bare urls
  doc/gas: fix broken link
  apps: fix lint warnings
  apps: add lints
  namada: fix lint warnings
  namada: add lints
  vp_env: fix lint warnings
  vp_env: add lints
  tx_env: add lints
  ethereum_bridge: fix lint warnings
  ethereum_bridge: add lints
  ibc: fix lint warnings
  ibc: add lints
  vm_env: fix lint warnings
  vm_env: add lints
  state: fix lint warnings
  state: add lints
  token: fix lint warnings
  token: add lints
  proof_of_stake: fix lint warnings
  proof_of_stake: add lints
  governance: fix lint warnings
  governance: add lints
  account: fix lint warnings
  account: add lints
  shielded_token: fix lint warnings
  shielded_token: add lints
  trans_token: add lints
  parameters: add lints
  controller: fix lint warnings
  controller: add lints
  storage: fix lint warnings
  storage: add lints
  vote_ext: add lints
  tx: fix lints warnings
  tx: add lints
  gas: fix lints warning
  gas: add lints
  merkle_tree: fix lints warning
  merkle_tree: add lints
  crates: update for checked events gas
  events: use checked arith
  events: add lints
  replay_protection: add lints

Author: brentstone

.changelog/unreleased/improvements/3214-more-checked-arith.md

@@ -0,0 +1,2 @@
+- Sanitized unchecked arithmetics and conversions in the codebase.
+  ([\#3214](https://github.com/anoma/namada/pull/3214))

Cargo.lock

@@ -2,6 +2,20 @@
 //! using public key(s) and signature threshold (minimum number of signatures
 //! needed to authorize an action) stored on-chain.
 
+#![doc(html_favicon_url = "https://dev.namada.net/master/favicon.png")]
+#![doc(html_logo_url = "https://dev.namada.net/master/rustdoc-logo.png")]
+#![deny(rustdoc::broken_intra_doc_links)]
+#![deny(rustdoc::private_intra_doc_links)]
+#![warn(
+    missing_docs,
+    rust_2018_idioms,
+    clippy::cast_sign_loss,
+    clippy::cast_possible_truncation,
+    clippy::cast_possible_wrap,
+    clippy::cast_lossless,
+    clippy::arithmetic_side_effects
+)]
+
 mod storage;
 mod storage_key;
 mod types;

crates/account/src/lib.rs

@@ -1,7 +1,7 @@
 //! Cryptographic signature keys storage API
 
 use namada_core::storage;
-use namada_storage::{Result, StorageRead, StorageWrite};
+use namada_storage::{Result, ResultExt, StorageRead, StorageWrite};
 
 use super::*;
 
@@ -31,7 +31,7 @@ where
     S: StorageWrite + StorageRead,
 {
     for (index, public_key) in public_keys.iter().enumerate() {
-        let index = index as u8;
+        let index = u8::try_from(index).into_storage_result()?;
         pks_handle(owner).insert(storage, index, public_key.clone())?;
     }
     let threshold_key = threshold_key(owner);
@@ -114,6 +114,7 @@ where
     S: StorageWrite + StorageRead,
 {
     let total_pks = pks_handle(owner).len(storage)?;
+    let total_pks = u8::try_from(total_pks).into_storage_result()?;
     for index in 0..total_pks as u8 {
         pks_handle(owner).remove(storage, &index)?;
     }

crates/account/src/storage.rs

@@ -55,6 +55,7 @@ pub struct UpdateAccount {
     pub threshold: Option<u8>,
 }
 
+#[allow(clippy::cast_possible_truncation)]
 #[cfg(any(test, feature = "testing"))]
 /// Tests and strategies for accounts
 pub mod tests {

crates/account/src/types.rs

@@ -138,6 +138,7 @@ serde_json = {workspace = true, features = ["raw_value"]}
 serde.workspace = true
 sha2.workspace = true
 signal-hook.workspace = true
+smooth-operator.workspace = true
 sysinfo.workspace = true
 tar.workspace = true
 tempfile.workspace = true

crates/apps/Cargo.toml

@@ -1,6 +1,8 @@
 //! Library code for benchmarks provides a wrapper of the ledger's shell
 //! `BenchShell` and helper functions to generate transactions.
 
+#![allow(clippy::arithmetic_side_effects)]
+
 use std::cell::RefCell;
 use std::collections::BTreeSet;
 use std::fs::{File, OpenOptions};

crates/apps/src/lib/bench_utils.rs

@@ -1,3 +1,5 @@
+#![allow(clippy::arithmetic_side_effects)]
+
 pub mod masp;
 pub mod rpc;
 pub mod tx;

crates/apps/src/lib/client/mod.rs

@@ -95,7 +95,10 @@ impl<'de> Deserialize<'de> for GenesisAddress {
         impl<'de> serde::de::Visitor<'de> for FieldVisitor {
             type Value = GenesisAddress;
 
-            fn expecting(&self, formatter: &mut Formatter) -> std::fmt::Result {
+            fn expecting(
+                &self,
+                formatter: &mut Formatter<'_>,
+            ) -> std::fmt::Result {
                 formatter.write_str(
                     "a bech32m encoded public key or an established address",
                 )
@@ -324,6 +327,7 @@ pub struct Parameters {
 ///
 /// This includes adding the Ethereum bridge parameters and
 /// adding a specified number of validators.
+#[allow(clippy::arithmetic_side_effects)]
 #[cfg(all(any(test, feature = "benches"), not(feature = "integration")))]
 pub fn make_dev_genesis(
     num_validators: u64,

crates/apps/src/lib/config/genesis.rs

@@ -254,8 +254,14 @@ impl Finalized {
             if !is_localhost {
                 set_ip(&mut config.ledger.cometbft.rpc.laddr, "0.0.0.0");
             }
-            set_port(&mut config.ledger.cometbft.rpc.laddr, first_port + 1);
-            set_port(&mut config.ledger.cometbft.proxy_app, first_port + 2);
+            set_port(
+                &mut config.ledger.cometbft.rpc.laddr,
+                first_port.checked_add(1).expect("Port must not overflow"),
+            );
+            set_port(
+                &mut config.ledger.cometbft.proxy_app,
+                first_port.checked_add(2).expect("Port must not overflow"),
+            );
 
             // Validator node should turned off peer exchange reactor
             config.ledger.cometbft.p2p.pex = false;
@@ -318,7 +324,10 @@ impl Finalized {
                 .ok()
                 .map(Hash::sha256);
 
-        let min_duration: i64 = 60 * 60 * 24 * 365 / (epochs_per_year as i64);
+        let epy_i64 = i64::try_from(epochs_per_year)
+            .expect("`epochs_per_year` must not exceed `i64::MAX`");
+        #[allow(clippy::arithmetic_side_effects)]
+        let min_duration: i64 = 60 * 60 * 24 * 365 / epy_i64;
         let epoch_duration = EpochDuration {
             min_num_of_blocks,
             min_duration: namada::core::time::Duration::seconds(min_duration)