Astera takes security seriously. This document outlines our security practices, how to report vulnerabilities, and how security auditing is integrated into our development process.
| Version | Supported |
|---|---|
| Testnet | ✅ |
| Mainnet | ❌ (pending audit) |
Our CI/CD pipeline includes the following automated security checks:
-
cargo-audit - Scans Rust dependencies for known vulnerabilities
- Runs on every PR and push to main
- Checks against RustSec Advisory Database
-
Clippy - Rust linter with security-focused lints
- Enforces
#![no_std]compatibility - Checks for unsafe code patterns
- Runs with
-D warnings(deny all warnings)
- Enforces
-
npm audit - Scans Node.js dependencies
- Fails on high/critical severity vulnerabilities
- Runs for frontend dependencies
The following static analysis tools are used:
| Tool | Purpose | Frequency |
|---|---|---|
| cargo-clippy | Rust linting | Every PR |
| cargo-audit | Dependency scanning | Every PR |
| npm audit | Node.js dependency scanning | Every PR |
| rustfmt | Code formatting enforcement | Every PR |
All smart contracts follow these security practices:
- Authentication: All state-changing operations require
.require_auth()on the caller - No unsafe code: Contracts use
#![no_std]and avoid unsafe blocks - Integer overflow protection: Enabled in release profile
- Error handling: Explicit error messages for all failure cases
- Events: All state changes emit events for transparency
- TTL management: Proper storage TTL handling to prevent data loss
| Operation | Invoice Contract | Pool Contract | Credit Score |
|---|---|---|---|
| Initialize | Admin | Admin | Admin |
| Create Invoice | Any (authenticated) | - | - |
| Fund Invoice | Pool only | Investors | - |
| Mark Paid | Owner/Pool/Admin | - | - |
| Mark Defaulted | Pool only | - | - |
| Add Token | - | Admin | - |
| Set Oracle | Admin | - | - |
| Record Payment | - | - | Pool only |
If you discover a security vulnerability, please follow these steps:
- Do NOT open a public issue
- Email security details to: [security contact to be added]
- Include:
- Detailed description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We will:
- Acknowledge receipt within 48 hours
- Provide a timeline for a fix within 5 business days
- Keep you updated on progress
- Credit you in the advisory (with your permission)
Before any deployment:
- All tests pass
- cargo-audit shows no vulnerabilities
- Clippy shows no warnings
- Code review by at least one maintainer
- Security review for contract changes
- Events emitted for all state changes
- TTL properly configured for all storage
Security audits are scheduled:
- Weekly: Automated dependency scanning (cargo-audit, npm audit)
- Every PR: Static analysis and linting
- Monthly: Manual review of contract changes
- Quarterly: Third-party security audit (planned for mainnet)
Security issues found in this codebase are subject to responsible disclosure. See our Code of Conduct for details.