_woundRequestFulfilled is not a uniform distribution on a population with wounded samples

new staker/LMPvault get free earned token on AbstractRewarders

the stake flow on gpToke being mandatory on rewarder potentially brick staker's withdrawal from DestinationVault

liquidator can only call liquidatePartyA twice, or liquidatorPartyA + setSymbolPrice without completing the 4-step since only first 2 callers get all liquidation fee

user has no way to express minimum output acceptance during swap in Unitas

There is no liveness check on the getLatestPrice from oracle when used on Unitas

an account's deposit on BalancedVault can be DOS to delay permanently

liquidate may fail due to debiting liquidation fee from 0

_calculateMaxBorrowCollateral does not check whether the strategy is in Emode or not leading to inaccurate representation of LTV.

no checks on chainlink stale price on _createActionInfo

setExecutionSettings would be halt during a rebalance operation that gets stuck due to supply cap is reached at Aave

FootiumEscrow uses transfer which may fail for non standard ERC20

FootiumEscrow uses approve which may fail for non standard ERC20

short side of getReservedUsd does not work for market that has the same collateral token

Protocol Fee does not have a cap

lender could be forced to withdraw collateral even if he/she would rather wait for liquidation during default

rebalance would fail if any external market of the same underlying fails to redeem.

use of safeApprove in submit on FeeBuyback is inconsistent among token and _telcoin

_validateRange in Config does not check the input value as described