Description
Arithmetic with BoxedUint needs to deal with values whose number of limbs don't match. This is true of Uint as well, but there everything is nicely type safe.
So far the internal BoxedUint::chain operation (which addition and subtraction are implemented in terms of) handles widening to the widest of the two inputs.
The wrapping_* and checked_* functions use the self/left-hand side argument as the overflow width.
The mul_wide operation widens to as many limbs as are in the sum of the number of limbs in the operands (though should perhaps be renamed to just BoxedUint::mul for consistency with Uint::mul, which is also a widening multiply.
This seems like a reasonable enough approach, but whatever one we take should be thoroughly documented, both as an overall policy and on the individual functions.
We should also ensure it's consistent with how Uint performs widening, where applicable.