The ERC7984 contract tracks total supply using a confidential euint64 value. If a call to the internal mint function would result in the total supply overflowing, the call fails silently. The wrap and onTransferReceived functions in ERC7984ERC20Wrapper assume that mint won't fail silently and do not check the return value. If the mint function fails silently, users do not receive the confidential wrapped token but still send the underlying token, resulting in a loss of funds.

By default (without overriding rate(), the wrapper fills up after wrapping ~18.4 trillion tokens. There are very few tokens of value with sufficient total supply to result in the filling of the wrapper. That said, we recommend upgrading to 0.3.1 to remove this issue.

This issue has been patched in the 0.3.1 release.