Closed sherlock-admin closed 2 years ago
tives
low
https://github.com/sherlock-audit/2022-10-astaria/blob/main/src/LienToken.sol/#L264
lienId = uint256( keccak256( abi.encodePacked( abi.encode( bytes32(collateralId), params.vault, WETH, params.terms.maxAmount, params.terms.rate, params.terms.duration, params.terms.maxPotentialDebt ), params.strategyRoot ) ) );
Currently lienId is calculated by values that do not change in time. If 2 users want to create lien with same values, it will be rejected by the [ERC721.mint](http://ERC721.mint) function [here](https://github.com/sherlock-audit/2022-10-astaria/blob/main/lib/astaria-gpl/src/ERC721.sol/#L140)
lienId
[ERC721.mint](http://ERC721.mint)
function _mint(address to, uint256 id) internal virtual { require(_ownerOf[id] == address(0), "ALREADY_MINTED");
You could add block.timestamp to the lien id calculation. Possibly msg.sender also.
msg.sender
tives
low
Liens for the same vault with same parameters cannot me minted
https://github.com/sherlock-audit/2022-10-astaria/blob/main/src/LienToken.sol/#L264
Impact
Currently
lienIdis calculated by values that do not change in time. If 2 users want to create lien with same values, it will be rejected by the[ERC721.mint](http://ERC721.mint)function [here](https://github.com/sherlock-audit/2022-10-astaria/blob/main/lib/astaria-gpl/src/ERC721.sol/#L140)Mitigation
You could add block.timestamp to the lien id calculation. Possibly
msg.senderalso.