I haven't been able to find any audit report for the VestingWallet v4.9, despite searching extensively, including this link.
As I intend to use this contract and lock a significant amount of tokens, it's crucial for me to ensure its safety. Could anyone provide insights or direct me to an audit report for the latest version of the vesting contract, if available?
If there's no recent audit available, could anyone offer any insights or assurances regarding the safety of the most recent version?
We developed VestingWallet for the Forta Protocol initially and it was audited for that project, the report can be found here. We ported the contract to OpenZeppelin Contracts with very small changes.
An audit of the 5.0 version of the contract (with very small differences with 4.9) was done about a month ago but we haven't released the audit report yet. It should be coming in a couple of weeks. In this audit only a small edge case was identified that causes the release functions to revert if invoked during a 1 second window when the vesting period ends, you can see the fix here.