blessingblockchain
/ gist:97955cb794ff5795911c3d9946c72783
Last active
September 2, 2025 08:59
Astera-Finance-Audit.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Astera-Finance | |
| Astera Finance || An ERC721-based withdraw cooldown mechanism || 28 August 2025 to 1 Sep 2025 | |
| My Finding Summay | |
| |ID|Title|Severity| | |
| |:-:|:---|:------:| | |
| |[H-01](#h-01-a-malicious-user-can-send-tokens-directly-to-the-Reapervaultv2cooldown.sol-to-DOS-withdrawals-for-all-users-and-force-strategies-to-incur-losses-by-making-unnecessary-pulls-and-underestimating-liquidity)|A malicious user can send tokens directly to the | |
| `Reapervaultv2cooldown.sol` to DOS withdrawals for all users and force strategies to incur losses by making unnecessary pulls and underestimating liquidity |HIGH| | |
| |||| | |
| |[M-01](#m-01-an-attacker-can-DOS-withdrawals-and-force-losses-on-other-users-by-frontrunning-with-large-withrawals-in-`Reapervaultv2cooldown.sol`)|An attacker can DOS withdrawals and force losses on othher users by frontrunning with large withrawals in `Reapervaultv2cooldown.sol`.|MEDIUM| |