Description

In the claimable function, the calculation for determining whether all remaining tokens should be claimable may not correctly handle edge cases when currentStep equals numOfSteps.

if (vesting.stepsClaimed + claimableSteps >= numOfSteps) {
    claimableAmount = vesting.totalAmount - vesting.amountClaimed;
    return (claimableAmount, claimableSteps);
}

If vesting.stepsClaimed + claimableSteps equals numOfSteps, it's correct to allow claiming all remaining tokens. However, if vesting.stepsClaimed + claimableSteps exceeds numOfSteps, due to possible rounding errors or time discrepancies, the claimableSteps could be more than the total steps, leading to incorrect claimable amounts.

Impact

• Over-claiming Tokens: Users may be able to claim more tokens than allocated.
• Under-claiming Tokens: Users may not be able to claim all their tokens at the end of the vesting period.

Recommendation

• Adjust Conditional Logic:

  if (vesting.stepsClaimed + claimableSteps >= numOfSteps) {
      claimableSteps = numOfSteps - vesting.stepsClaimed;
      claimableAmount = vesting.totalAmount - vesting.amountClaimed;
      return (claimableAmount, claimableSteps);
  }