There are no guards to prevent the _percentage argument from exceeding 100%. A
mistake or typo by the contract owner will not be caught, and will allocate more tokens than
intended. As a result, the recipient of the created schedule will be able to withdraw more
tokens than intended or allotted. Other vesting recipients may be unable to withdraw tokens
as a result.
Impact: Potential loss of funds
Feasibility: High, can occur with simple typo.
Mitigation: Add require(_percentage <= 100); between lines 98 and 99 in
VestingWallet#registerVestingScheduleWithPercentage
There are no guards to prevent the _percentage argument from exceeding 100%. A mistake or typo by the contract owner will not be caught, and will allocate more tokens than intended. As a result, the recipient of the created schedule will be able to withdraw more tokens than intended or allotted. Other vesting recipients may be unable to withdraw tokens as a result.
Impact: Potential loss of funds
Feasibility: High, can occur with simple typo.
Mitigation: Add require(_percentage <= 100); between lines 98 and 99 in
VestingWallet#registerVestingScheduleWithPercentage