[Re-merge] Fix for arithmetic side effect

[evgeny-s]

Description

Re-merge #2721

Related Issue(s)

• Closes #[issue number]

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Other (please describe):

Breaking Change

If this PR introduces a breaking change, please provide a detailed description of the impact and the migration path for existing applications.

Checklist

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have run ./scripts/fix_rust.sh to ensure my code is formatted and linted correctly
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published in downstream modules

Screenshots (if applicable)

Please include any relevant screenshots or GIFs that demonstrate the changes made.

Additional Notes

Please provide any additional information or context that may be helpful for reviewers.

[github-actions]

🛡️ AI Review — Skeptic (security review)

VERDICT: SAFE

BASELINE scrutiny: established write-permission contributor with matching commit authors; no Gittensor allowlist match found; branch fix/arith-side-effect -> devnet-ready.

Static review only. The PR is narrowly scoped to pallets/limit-orders fixed-point conversion error handling and a targeted regression test. It does not modify .github/ai-review/*, .github/copilot-instructions.md, dependencies, build scripts, or lockfiles.

Findings

No findings.

Conclusion

No malicious behavior or security vulnerability was found in the diff. The conversion failure path now propagates as a dispatch error instead of panicking or silently overflowing, and the added test covers that error case.

---

🔍 AI Review — Auditor (domain review)

VERDICT: 👍

Author has write permission and substantial repo history; no curated/on-chain Gittensor allowlist match found. One overlapping open PR (#2685) touches the same files but appears to be a separate feature, not duplicate work.

The Auditor proposed a replacement PR description, but the current body is non-trivial; not overwriting. Maintainers: ask the Auditor to regenerate if you want it.

The prior Auditor concern has been addressed: the PR now adds a targeted ArithmeticOverflow regression test for the sell-side net_amount_for_event path.

Static review found the implementation narrowly scoped: TAO-to-alpha conversion now propagates fixed-point division failure, callers abort with ArithmeticOverflow, and the zero-price behavior remains explicit. I attempted the focused test (cargo test -p pallet-limit-orders net_amount_for_event_sell_overflow_returns_error), but this sandbox cannot write to /home/runner/.rustup, so rustup stopped before the test could start. I also attempted the devnet spec-version RPC check, but DNS resolution for dev.chain.opentensor.ai failed here, so I made no spec-version auto-fix.

Findings

No findings.

Prior-comment reconciliation

• ad2e943b: addressed — The rerun adds net_amount_for_event_sell_overflow_returns_error, which asserts that an overflowing sell-side TAO-to-alpha conversion returns ArithmeticOverflow.

Conclusion

Approving: the missing regression coverage from the prior review is now present, and I found no remaining domain blockers in the diff. CI should still run the focused pallet tests and the normal devnet spec-version check in an environment with working toolchain/network access.

---

📜 Previous run (superseded)

Sev	File	Finding	Status
MEDIUM	pallets/limit-orders/src/lib.rs:1233	Add a regression test for ArithmeticOverflow	✅ Addressed The rerun adds net_amount_for_event_sell_overflow_returns_error, which asserts that an overflowing sell-side TAO-to-alpha conversion returns ArithmeticOverflow.

[github-actions]

AI review — see the sticky summary comment for the verdict and the inline comments below for specific findings.

[github-actions]

🔄 AI review updated — Skeptic: SAFE Auditor: 👎

[github-actions]

🔄 AI review updated — Skeptic: SAFE Auditor: 👍