Remove the default PositiveF64 constructor

apoelstra · apoelstra · commit beea8ebc8374 · 2026-06-15T13:28:48.000Z
It is now impossible to create an invalid PositiveF64. This eliminates
any possibility of division by 0 in the compiler.
diff --git a/src/policy/compiler.rs b/src/policy/compiler.rs
@@ -1268,7 +1268,7 @@ where
         .into_iter()
         .filter(|&(key, _)| key.ty.corr.base == types::Base::B && key.dissat_prob == dissat_prob)
         .map(|(_, val)| val)
-        .min_by_key(|ext| PositiveF64(ext.cost_1d(sat_prob, dissat_prob)))
+        .min_by_key(|ext| PositiveF64::new(ext.cost_1d(sat_prob, dissat_prob)))
         .ok_or(CompilerError::LimitsExceeded)
 }
 
@@ -1293,7 +1293,7 @@ where
                 && key.dissat_prob == dissat_prob
         })
         .map(|(_, val)| val)
-        .min_by_key(|ext| PositiveF64(ext.cost_1d(sat_prob, dissat_prob)))
+        .min_by_key(|ext| PositiveF64::new(ext.cost_1d(sat_prob, dissat_prob)))
         .ok_or(CompilerError::LimitsExceeded)
 }
 
diff --git a/src/policy/concrete.rs b/src/policy/concrete.rs
@@ -618,7 +618,7 @@ impl<Pk: MiniscriptKey> Policy<Pk> {
         // Stopping condition: When NONE of the inputs can be further enumerated.
         'outer: loop {
             //--- FIND a plausible node ---
-            let mut prob: Reverse<PositiveF64> = Reverse(PositiveF64(0.0));
+            let mut prob: Reverse<PositiveF64> = Reverse(PositiveF64::EPSILON);
             let mut curr_policy: Arc<Self> = Arc::new(Self::Unsatisfiable);
             let mut curr_pol_replace_vec: Vec<(PositiveF64, Arc<Self>)> = vec![];
             let mut no_more_enum = false;
@@ -1155,9 +1155,9 @@ fn with_huffman_tree<Pk: MiniscriptKey>(
         let (p1, s1) = node_weights.pop().expect("len must at least be two");
         let (p2, s2) = node_weights.pop().expect("len must at least be two");
 
-        let p = (p1.0).0 + (p2.0).0;
+        let p = p1.0 + p2.0;
         node_weights.push((
-            Reverse(PositiveF64(p)),
+            Reverse(p),
             TapTree::combine(s1, s2)
                 .expect("huffman tree cannot produce depth > 128 given sane weights"),
         ));
diff --git a/src/primitives/positive_f64.rs b/src/primitives/positive_f64.rs
@@ -9,16 +9,28 @@ use crate::Threshold;
 
 /// Ordered f64 for comparison.
 #[derive(Copy, Clone, PartialEq, Debug)]
-pub struct PositiveF64(pub f64);
+pub struct PositiveF64(f64);
 
 impl PositiveF64 {
+    /// The smallest representable value of a [`PositiveF64`].
+    pub const EPSILON: Self = Self(f64::EPSILON);
+
     /// The constant one.
     pub const ONE: Self = Self(1.0);
 
     /// Constant used in unit tsets
     #[cfg(test)]
     pub const ONE_QUARTER: Self = Self(0.25);
 
+    /// Attempts to create a [`PositiveF64`] from an ordinary `f64`.
+    pub const fn new(f: f64) -> Option<Self> {
+        if f > 0.0 {
+            Some(Self(f))
+        } else {
+            None
+        }
+    }
+
     /// Given an [`Option<PositiveF64>`], if it is `Some` then add it to the value.
     /// Otherwise return the unmodified value.
     ///
