Convert SafeMath to use assert instead of require

[bingen]

Generally speaking, at least for subtraction and division, we are not using SafeMath for input validation, so having underflows or zero divisions would likely mean a bug. Having assert instead of require would allow some of these bugs to be caught by tools like Echidna.

Some references:

OpenZeppelin/openzeppelin-contracts#1120
https://media.consensys.net/when-to-use-revert-assert-and-require-in-solidity-61fb2c0e5a57

[tabshaikh]

Can I help on this?

[bingen]

Hi @tabshaikh , thanks a lot for the offering! This issue is not a high priority now, for 2 reasons:

• It depends on being able to get this other one done: Add Echidna scripts to the CI #293
• As we have already deployed to mainnet, we don’t plan to do much changens to contracts in the short term.

To change this, we should analyze first all the usages of Safe Math along our code base, and make sure that legit reverts like for instance due to user input are properly protected.

If you still feel like you want to give it a try, I would be happy to review it and help.

[tabshaikh]

Then @bingen could me point to anything that's high priority would like to help and learn :)