Response to usage of unwrap in non-test code

This commit replaces all usage of `unwrap` with `expect` within `networks/monero`, clarifying why the panic risked is unreachable. This commit also replaces some uses of `unwrap` with solutions which are guaranteed not to fail. Notably, compilation on 128-bit systems is prevented, ensuring `u64::try_from(usize::MAX)` will never panic at runtime. Slight breaking changes are additionally included as necessary to massage out some avoidable panics.
2025-12-09 12:49:23 +00:00 · 2025-08-08 21:28:47 -04:00
parent 4f65a0b147
commit a5f4c450c6
31 changed files with 310 additions and 169 deletions
--- a/networks/monero/primitives/src/lib.rs
+++ b/networks/monero/primitives/src/lib.rs
@@ -124,7 +124,7 @@ impl Commitment {
  /// defined serialization.
  pub fn serialize(&self) -> Vec<u8> {
    let mut res = Vec::with_capacity(32 + 8);
-    self.write(&mut res).unwrap();
+    self.write(&mut res).expect("write failed but <Vec as io::Write> doesn't fail");
    res
  }

@@ -230,7 +230,7 @@ impl Decoys {
  pub fn serialize(&self) -> Vec<u8> {
    let mut res =
      Vec::with_capacity((1 + (2 * self.offsets.len())) + 1 + 1 + (self.ring.len() * 64));
-    self.write(&mut res).unwrap();
+    self.write(&mut res).expect("write failed but <Vec as io::Write> doesn't fail");
    res
  }

--- a/networks/monero/primitives/src/unreduced_scalar.rs
+++ b/networks/monero/primitives/src/unreduced_scalar.rs
@@ -14,7 +14,8 @@ use monero_io::*;
 static PRECOMPUTED_SCALARS: LazyLock<[Scalar; 8]> = LazyLock::new(|| {
  let mut precomputed_scalars = [Scalar::ONE; 8];
  for (i, scalar) in precomputed_scalars.iter_mut().enumerate().skip(1) {
-    *scalar = Scalar::from(u8::try_from((i * 2) + 1).unwrap());
+    *scalar =
+      Scalar::from(u64::try_from((i * 2) + 1).expect("enumerating more than u64::MAX / 2 items"));
  }
  precomputed_scalars
 });
@@ -59,7 +60,7 @@ impl UnreducedScalar {
    let bits = self.as_bits();
    let mut naf = [0i8; 256];
    for (b, bit) in bits.into_iter().enumerate() {
-      naf[b] = i8::try_from(bit).unwrap();
+      naf[b] = i8::try_from(bit).expect("bit didn't fit within an i8");
    }

    for i in 0 .. 256 {
@@ -129,8 +130,13 @@ impl UnreducedScalar {
    for &numb in self.non_adjacent_form().iter().rev() {
      recovered += recovered;
      match numb.cmp(&0) {
-        Ordering::Greater => recovered += PRECOMPUTED_SCALARS[usize::try_from(numb).unwrap() / 2],
-        Ordering::Less => recovered -= PRECOMPUTED_SCALARS[usize::try_from(-numb).unwrap() / 2],
+        Ordering::Greater => {
+          recovered += PRECOMPUTED_SCALARS[usize::try_from(numb).expect("positive i8 -> usize") / 2]
+        }
+        Ordering::Less => {
+          recovered -=
+            PRECOMPUTED_SCALARS[usize::try_from(-numb).expect("negated negative i8 -> usize") / 2]
+        }
        Ordering::Equal => (),
      }
    }