gas optimization via unchecked blocks creates tension with arithmetic safety guarantees

# gas optimization via unchecked blocks creates tension with arithmetic safety guarantees Solidity 0.8+ overflow protection costs additional gas per arithmetic operation — roughly 100-200 gas for the comparison and conditional revert. Developers under gas pressure use `unchecked { }` blocks to recover this cost, but each unchecked block reintroduces the exact vulnerability class the compiler was designed to prevent. Since [[unchecked arithmetic blocks reintroduce overflow vulnerabilities in post-0.8 solidity]], every unchecked block is an implicit claim that the developer's bounds analysis is correct. The [[cetus dex exploit demonstrated that unchecked arithmetic in post-0.8 solidity recreates overflow vulnerabilities|Cetus DEX exploit]] ($223M) demonstrates the cost when this claim is wrong. No general resolution exists — the tension is structural and each unchecked usage requires individual risk assessment. The same tension applies to [[inline assembly bypasses solidity safety checks including type enforcement and overflow protection|inline assembly]], which provides even greater gas savings but with even fewer safety guarantees. --- Relevant Notes: - [[unchecked arithmetic blocks reintroduce overflow vulnerabilities in post-0.8 solidity]] — the vulnerability this tension produces - [[cetus dex exploit demonstrated that unchecked arithmetic in post-0.8 solidity recreates overflow vulnerabilities]] — the consequence when the tension resolves incorrectly - [[solidity 0.8.0 introduced default arithmetic overflow protection making unchecked blocks the new attack surface]] — the protection that creates the gas cost - [[inline assembly bypasses solidity safety checks including type enforcement and overflow protection]] — assembly presents the same gas-vs-safety tension with even fewer guardrails - [[yul division by zero returns zero rather than reverting unlike solidity checked arithmetic]] — Yul extends this tension further: unchecked preserves div-by-zero protection, but Yul removes it entirely Topics: - [[vulnerability-patterns]] - [[solidity-behaviors]]