Add a distinction between a "valid" and a "representable" Number

- "valid" means the value is <= Number::maxIntValue, which has been changed to maxMantissa / 100. A valid number could get bigger and be ok - such as when paying late interest on a loan. - "representable" means the value is <= Number::maxMantissa. An unrepresentable number WILL be rounded or truncated. - Adds a fourth level of enforcement: "compatible". It is used for converting XRP to Number (for AMM), and when doing explicit checks. - "weak" will now throw if the number is unrepresentable.
2025-11-20 11:05:54 +00:00 · 2025-11-07 18:30:09 -05:00
parent 0175dd70db
commit 8e56af20ee
13 changed files with 184 additions and 19 deletions
--- a/include/xrpl/basics/Number.h
+++ b/include/xrpl/basics/Number.h
@@ -28,12 +28,17 @@ public:
    /** Describes whether and how to enforce this number as an integer.
     *
     * - none: No enforcement. The value may vary freely. This is the default.
-     * - weak: If the absolute value is greater than maxIntValue, valid() will
-     *   return false.
-     * - strong: Assignment operations will throw if the absolute value is above
-     *   maxIntValue.
+     * - compatible: If the absolute value is greater than maxIntValue, valid()
+     *   will return false. Needed for backward compatibility with XRP used in
+     *   AMMs, and available for functions that will do their own checking. This
+     *   is the default for automatic conversions from XRPAmount to Number.
+     * - weak: Like compatible, plus, if the value is unrepresentable (larger
+     *   than maxMantissa), assignment and other operations will throw.
+     * - strong: Like weak, plus, if the absolute value is invalid (larger than
+     *   maxIntValue), assignment and other operations will throw. This is the
+     *   defalut for automatic conversions from MPTAmount to Number.
     */
-    enum EnforceInteger { none, weak, strong };
+    enum EnforceInteger { none, compatible, weak, strong };

 private:
    using rep = std::int64_t;
@@ -42,8 +47,7 @@ private:

    // The enforcement setting is not serialized, and does not affect the
    // ledger. If not "none", the value is checked to be within the valid
-    // integer range. With "strong", the checks will be made as automatic as
-    // possible.
+    // integer range. See the enum description for more detail.
    EnforceInteger enforceInteger_ = none;

 public:
@@ -53,8 +57,8 @@ public:
    constexpr static rep maxMantissa = minMantissa * 10 - 1;
    static_assert(maxMantissa == 9'999'999'999'999'999LL);

-    constexpr static rep maxIntValue = maxMantissa / 10;
-    static_assert(maxIntValue == 999'999'999'999'999LL);
+    constexpr static rep maxIntValue = maxMantissa / 100;
+    static_assert(maxIntValue == 99'999'999'999'999LL);

    // The range for the exponent when normalized
    constexpr static int minExponent = -32768;
@@ -93,6 +97,15 @@ public:

    bool
    valid() const noexcept;
+    bool
+    representable() const noexcept;
+    /// Combines setIntegerEnforcement(EnforceInteger) and valid()
+    bool
+    valid(EnforceInteger enforce);
+    /// Because this function is const, it should only be used for one-off
+    /// checks
+    bool
+    valid(EnforceInteger enforce) const;

    constexpr Number
    operator+() const noexcept;