evm: Fix possible overflow on backfilling

Author: djb15

evm/src/libraries/RateLimiter.sol

@@ -240,7 +240,7 @@ abstract contract RateLimiter is IRateLimiter, IRateLimiterEvents {
         RateLimitParams storage rateLimitParams
     ) internal {
         rateLimitParams.lastTxTimestamp = uint64(block.timestamp);
-        rateLimitParams.currentCapacity = capacity.add(amount).min(rateLimitParams.limit);
+        rateLimitParams.currentCapacity = capacity.saturatingAdd(amount).min(rateLimitParams.limit);
     }
 
     function _isOutboundAmountRateLimited(TrimmedAmount memory amount)

evm/src/libraries/TrimmedAmount.sol

@@ -105,6 +105,31 @@ library TrimmedAmountLib {
         return TrimmedAmount(a.amount + b.amount, a.decimals);
     }
 
+    function saturatingAdd(
+        TrimmedAmount memory a,
+        TrimmedAmount memory b
+    ) internal pure returns (TrimmedAmount memory) {
+        // on initialization
+        if (isZero(a)) {
+            return b;
+        }
+
+        if (isZero(b)) {
+            return a;
+        }
+
+        if (a.decimals != b.decimals) {
+            revert NumberOfDecimalsNotEqual(a.decimals, b.decimals);
+        }
+
+        uint256 saturatedSum;
+        unchecked {
+            saturatedSum = uint256(a.amount) + uint256(b.amount);
+            saturatedSum = saturatedSum > type(uint64).max ? type(uint64).max : saturatedSum;
+        }
+        return TrimmedAmount(uint64(saturatedSum), a.decimals);
+    }
+
     function min(
         TrimmedAmount memory a,
         TrimmedAmount memory b