Unauthorized Reallocation in `NudgeCampaign::handleReallocation` and Reward Disruption Vulnerability in `NudgeCampaign::invalidateParticipations`

Multiple Delegation by Double Spending Boosts and Lack of Delegation Tracking in BoostController Contract

Delegation Boost Not Usable by Delegatees

RAACNFT mint function receives funds to address(this) but has no way of withdrawing them

`BaseGauge` users can claim rewards without staking

Users Can Overwrite Existing Locks in veRAACToken Resulting in Permanent Loss of Funds

`GaugeController` does not send funds to FeeCollector disrupting fees distribution and causing loss of funds

Multiple issues from unnecessary balance increase calculation in DebtToken.mint

Reward manipulation vulnerability in StabilityPool

Incorrect Reward Claim Logic in FeeCollector::claimRewards Causes Denial of Service

RToken's transfer function lead to loss of funds due to incorrect math

Users can borrow more assets than they have deposited as collateral

Double Usage Index Scaling in StabilityPool Liquidation Inflates Required CRVUSD Balance

Treasury Balance Tracking Bypass in FeeCollector

Attackers can double voting power and veToken amount by locking and increasing

Gauge Voting Misallocation Vulnerability

Gauge rewards are not transferred to gauge when distributeRewards() is called

Ineffective Time-Weighted Average Implementation in Fee Distribution

Critical Economic Design Flaw in ZENO Zero-Coupon Bond Implementation Leads to Guaranteed User Losses

Gauge stakers won't get any reward due to round-down in user weight calculation

Gauge reward period can be extended indefinitely

Incorrect utilization rate forces protocol to issue maximum rewards indefinitely

Incorrect DebtToken totalSupply Scaling Breaks Interest Rate Calculations

LendingPool deposits do not work with CurveVault due to lack of funds

LendingPool::getNormalizedIncome() returns stale liquidity index

Liquidation Cannot Be Closed Even With Healthy Position Due To Strict Debt Check

There is no logic checking for RAACNFT price staleness before minting it

`RToken::calculateDustAmount` are incorrectly calculated, leading to not be able to transfer the accrued dust amount

LendingPool.getUserDebt returns outdated value and can lead to liquidation failure

Treasury Contract Deposit Function Can Be Frontrun To Deny Protocol Operations

Workingsupply would always be overwritten in boostcontroller.sol impacting reward calculations

Missing Boost State Update in extend() and withdraw()

Missing Liquidity Rebalancing in Repayments and Liquidations Leading to Inefficient Liquidity Management

Token Accounting Mismatch Between tick() and mintRewards() in RAACMinter

Permanent boost inflation through delegation removal in Boostcontroller.sol

Inconsistent Scaling in RToken Transfer Functions

Wrong access control in `RAACToken::setFeeCollector`, `RAACToken::setSwapTaxRate`, `RAACToken::setBurnTaxRate`

RAACToken burns less tokens than expected when feeCollector is unset

Incorrect boost calculation in `BoostController#_calculateBoost()` can be exploited to gain an unfair advantage in reward distribution

Flawed Boost Multiplier Calculation Always Yields Maximum Boost

The `TimelockController::executeEmergencyAction()` function does not update the `_operations` mapping, which can lead to an operation being executed twice.

Pending fee not cleared and overwritten by updates via updateFeeType()

Unauthorized Vote Casting Vulnerability

Emergency withdraw functionality in veRAACToken takes longer than expected

Incorrect Initialization of minBoost in BaseGauge Constructor Breaks Core Contract Functionality

Missing Checkpoint Reset in `veRAACToken::emergencyWithdraw` Function

`FeeCollector::updateFeeType` wrong fee share validation leads to impossible update for some fee types

Incorrect Timestamp Tracking in RAACHousePrice contract

Hardcoded Emission Values Lead to Incorrect Reward Calculations

Sandwich the startAuction function with flashloan

Calling the transferReserveToAuction will revert due to increase in currentPeriod

Fee is charged current reserveToken pool balance to time which is not updated

Bidding can be DOSed

Attacker is able to manipulate the pool balance such that the auction succeeds

Shares are added even with failed auctions

In `transferVesting`, the `grantorVesting.releaseRate` is calculated incorrectly, which leads to the sender being able to unlock more tokens than were initially locked.

Listing potential can not be purchased with discounted price

Users can prevent being reallocated by listing to marketplace