-
Notifications
You must be signed in to change notification settings - Fork 12.3k
Open
Labels
Description
If VestingWallet
receives over type(uint256).max
, then the function below will revert every time it is called, effectively bricking the vesting wallet.
openzeppelin-contracts/contracts/finance/VestingWallet.sol
Lines 139 to 144 in 5def3f7
/** | |
* @dev Calculates the amount of tokens that has already vested. Default implementation is a linear vesting curve. | |
*/ | |
function vestedAmount(address token, uint64 timestamp) public view virtual returns (uint256) { | |
return _vestingSchedule(IERC20(token).balanceOf(address(this)) + released(token), timestamp); | |
} |
A user can send this value by doing the following:
- Transfer the total supply of a token to the vesting wallet of amount
type(uint256).max
- Wait for some to vest and claim it
- Transfer the claimed amount back to the vesting wallet