NEWTON
Asked
2 months ago
65
views
1
This question has a bounty of $0.00 in testnet ETH. Answers to this question are eligible to win that bounty.
These are testnet contracts. Not real ETH.
$0.00
Hey, I'm curious if uint256 variables are safe to use? They are using 2x128 bits, while a native felt uses only 252 bits.
Can anyone explain?
vargastartup
asked
2 months ago
1
Accepted answer
they are safe if used correctly.
this means specifically that every time there is a Uint256
input to a function (especially if that is not a privileged function and any user can call it), you must call uint256_check()
on it first. if you do that, you'll be safe and you don't have to worry about Uint256
's security issues.
to understand specifically why that is and how the Uint256
functions work, you can refer to an article we wrote on the topic:
https://twitter.com/ggballas/status/1591119157034090513
if you're looking to go to mainnet with your dapp, you're welcome to consult with us for free about any security issues. we specialize in starknet: https://gingersec.xyz/
ggballas
answered
2 months ago
How do you optimize gas in Cairo with Uint256/felt?
Cairo error "Expected expression of type 'starkware.cairo.common.uint256.Uint256' to have an address."
Cairo: How to reassign Uint256 in a conditional
Fixed Point pow operation error
Cairo Error: 'range_check_ptr' cannot be used as an implicit return value. Consider using a 'with' statement.
How can I send a Uint256 amount of ERC20 tokens from L1 to starknet? And how should I build my payload for "sendMessageToL2" to match the Uint256 format of Cairo?
What is the maximum value an uint and felt can store in Cairo Language?
Which is this extension that shows you errors before compilation ser?
Does anyone have an example of a positional request to `starknet_addInvokeTransaction` on devnet that is working?
Cairo: let vs tempvar what is the difference?
Any idea what this could be caused by?
How do I connect my DAPP to Starknet mainnet using starknetjs?
How long does starkgate bridge process?
Equivalent to Solidity's keccak256(abi.encodePacked())?