From 336922101fb8b852c9dc73b780cc69e645048e65 Mon Sep 17 00:00:00 2001
From: Luke Parker <lukeparker5132@gmail.com>
Date: Sat, 9 Aug 2025 00:23:22 -0400
Subject: [PATCH] Further harden decoy selection

It risked panicking if a non-monotonic distribution was returned. While the
provided RPC code won't return non-monotonic distributions, users are allowed
to define their own implementations and override the provided method. Said
implementations could omit this required check.
---
 networks/monero/wallet/src/decoys.rs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/networks/monero/wallet/src/decoys.rs b/networks/monero/wallet/src/decoys.rs
index 96621054..b13179f9 100644
--- a/networks/monero/wallet/src/decoys.rs
+++ b/networks/monero/wallet/src/decoys.rs
@@ -121,7 +121,9 @@ async fn select_n(
         // Find which block this points to
         let i = distribution.partition_point(|s| *s < (highest_output_exclusive_bound - 1 - o));
         let prev = i.saturating_sub(1);
-        let n = distribution[i] - distribution[prev];
+        let n = distribution[i].checked_sub(distribution[prev]).ok_or_else(|| {
+          RpcError::InternalError("RPC returned non-monotonic distribution".to_string())
+        })?;
         if n != 0 {
           // Select an output from within this block
           let o = distribution[prev] + (rng.next_u64() % n);