From bae299e968ea1443953f66ac80a3e17590a0ba05 Mon Sep 17 00:00:00 2001
From: Francisco Giordano <fg@frang.io>
Date: Sat, 2 Sep 2023 01:39:37 -0300
Subject: [PATCH 1/2] Avoid overflow on empty multiproof

---
 contracts/utils/cryptography/MerkleProof.sol | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/contracts/utils/cryptography/MerkleProof.sol b/contracts/utils/cryptography/MerkleProof.sol
index b42a080c8f6..a1f5129f058 100644
--- a/contracts/utils/cryptography/MerkleProof.sol
+++ b/contracts/utils/cryptography/MerkleProof.sol
@@ -118,7 +118,7 @@ library MerkleProof {
         uint256 totalHashes = proofFlags.length;
 
         // Check proof validity.
-        if (leavesLen + proofLen - 1 != totalHashes) {
+        if (leavesLen + proofLen != totalHashes + 1) {
             revert MerkleProofInvalidMultiproof();
         }
 
@@ -174,7 +174,7 @@ library MerkleProof {
         uint256 totalHashes = proofFlags.length;
 
         // Check proof validity.
-        if (leavesLen + proofLen - 1 != totalHashes) {
+        if (leavesLen + proofLen != totalHashes + 1) {
             revert MerkleProofInvalidMultiproof();
         }
 

From 708738cfbf6a08f58e68f8f34be848127ba2dda2 Mon Sep 17 00:00:00 2001
From: Francisco Giordano <fg@frang.io>
Date: Sat, 2 Sep 2023 01:42:50 -0300
Subject: [PATCH 2/2] add changeset

---
 .changeset/large-humans-remain.md | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 .changeset/large-humans-remain.md

diff --git a/.changeset/large-humans-remain.md b/.changeset/large-humans-remain.md
new file mode 100644
index 00000000000..95b72aea463
--- /dev/null
+++ b/.changeset/large-humans-remain.md
@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': patch
+---
+
+`MerkleProof`: Use custom error to report invalid multiproof instead of reverting with overflow panic.