Some contracts like timelock and the fuzzing example validate for negative values, and instead rely on the token implementation to fail. The problem is that the token interface accepts negative values, so some implementations can choose to implement custom logic to work with negative values. We should make sure none of our examples have a vulnerability due to this.
Some contracts like timelock and the fuzzing example validate for negative values, and instead rely on the token implementation to fail. The problem is that the token interface accepts negative values, so some implementations can choose to implement custom logic to work with negative values. We should make sure none of our examples have a vulnerability due to this.