Steal NFTs from a Vault, and ETH + Fractional tokens from users.

Use of `payable.transfer()` may lock user funds

`fillOrder()` and `exercise()` may lock Ether sent to the contract, forever

Putty position tokens may be minted to non ERC721 receivers

`fee` can change without the consent of users

`Staking.sol#stake()` DoS by staking 1 wei for the recipient when `warmUpPeriod > 0`

No way to set CURVE_POOL approval after setting new curve pool address

Arbitrage on `stake()`

`_storeRebase()` is called with the wrong parameters

Functions in the `BatchRequests` contract revert for removed contract addresses

Malicious governance can use `updateWethTranferGas` to steal WETH from buyers

Protocol fee rate can be arbitrarily modified by the owner and the new rate will apply to all existing orders

Users may lose rewards to other users if rewards are given as fee-on-transfer tokens

Owner can set the feeRate to be greater than 100% and cause all future calls to `exercise` to revert

Vault is Not Compatible with Fee Tokens and Vaults with Such Tokens Could Be Exploited

The owner can mint all of the NFTs.

Contract may not have enough fund to cover refund

Many unbounded and under-constrained variables in the system can lead to unfair price or DoS

Critical variables shouldn't be changed after they are set

`call()` should be used instead of `transfer()` on an `address payable`

Avoidance of Liquidation Via Malicious Oracle

Critical Oracle Manipulation Risk by Lender

Lender is able to seize the collateral by changing the loan parameters