Users can borrow more assets than they have deposited as collateral

Treasury Balance Tracking Bypass in FeeCollector

Ineffective Time-Weighted Average Implementation in Fee Distribution

Treasury Contract Deposit Function Can Be Frontrun To Deny Protocol Operations

Unauthorized Vote Casting Vulnerability

Ineffective pause mechanism in `exchange` contract

Wrong address is emitted in the `burnToken()` function

the intended `Finalize` event is not emited

Invalid error in depositDSS() function

Pause mechanism never used

Creator Can Bypass Protocol Fee

Incorrect sequence of AaveDIVAWrapper constructor parameters

The Aave pool is hardcoded

Incorrect error revert in `operateFlowMatrix()` function

missing !claimed check in NATIVE `claimWithdrawal()` function

TokenManager - Unlimited withdraw

`DeliveryPlace::settleAskTaker` Has Incorrect Access Control

The `DeliveryPlace::settleAskTaker()` function mistakenly uses `makerInfo.tokenAddress` to update the `TokenBalanceType.PointToken` in the `userTokenBalanceMap` mapping, leading to a critical error.

`addLiquidity()` function is called with lack of working deadline and slippage protection

Claimable gauge distributions are lost when `killGaugeTotally` is called

curator can lead to DOS `purchase()` function

the `woPrice_` bound check will ignored if Chainlink returns zero price

latestPrice() doesn't check Arbitrum l2 chainlink feed is active

DoS in `MergingPool::claimRewards` function and potential DoS in `RankedBattle::claimNRN` function if called after a significant amount of rounds passed.

Unauthorized Access to setCurves Function

Tokens with less than 18 decimals allow for draining of funds

Sandwich attack to steal all ERC-20 tokens in the Fees contract

Fee on transfer tokens will cause users to lose funds

Fixed fee level is used when swap tokens on Uniswap

Multiple accesses of a mapping/array should use a local variable cache.

Uncheck Arithmetic where overflow/underflow impossible

caching variable of struct in one slot

Floating pragma in all contracts

Don't initialize `uint/int` variables with default value

Mixed usage of `int`/`uint` with `int256`/`uint256`

Cache array length outside of loop

staleCheckLatestRoundData() does not check the status of the Arbitrum sequencer in Chainlink feeds.

Chainlink oracle will return the wrong price if the aggregator hits `minAnswer`

[H-01] Lack of emergency withdraw function when no arbiter is set

High - Funds can be lost if any participant is blacklisted

`tokenContract`is always an unsafe input, for fairness, it is recommended to add a whitelist for token

Check price != 0 before interacting with IERC20

getVestedFraction missed to check If Arbitrum sequencer is down

getGasPrice() doesn't check Arbitrum l2 chainlink feed is active

The deposit - withdraw - trade transaction lack of expiration timestamp check (DeadLine check)

Using unsafe ERC20 methods can revert the transaction for some tokens.

getPrice() function doesn't check If Arbitrum sequencer is down in Chainlink feeds.

There is no slippage control for trading functions at all

_validateAndGetPrice() doesn't check If Arbitrum sequencer is down in Chainlink feeds

Oracle data feed has no check for round fullness

wrong calculation in logic of the Lend function

in cooler.sol.rescind there is risk of funds to be lost

if transfer fails in repaying loan will be deleted

`_handleDeposit` and `_handleWithdraw` do not account for tokens with decimals higher than 18

contract should check the responses from chainlink aggregator

Use of `payable.transfer()` may lock user funds