Unauthorized Reallocation in `NudgeCampaign::handleReallocation` and Reward Disruption Vulnerability in `NudgeCampaign::invalidateParticipations`

Sandwich the startAuction function with flashloan

Calling the transferReserveToAuction will revert due to increase in currentPeriod

Fee is charged current reserveToken pool balance to time which is not updated

Bidding can be DOSed

Attacker is able to manipulate the pool balance such that the auction succeeds

Shares are added even with failed auctions

In `transferVesting`, the `grantorVesting.releaseRate` is calculated incorrectly, which leads to the sender being able to unlock more tokens than were initially locked.

Listing potential can not be purchased with discounted price

Users can prevent being reallocated by listing to marketplace