Users can get their Kerosene stuck until TVL becomes greater than Dyad's supply

Value of kerosene can be manipulated to force liquidate users

TOFT can be forcefully unwrapped resulting in long-term DoS

Pending allowances can be exploited

All ETH can be stolen during rebalancing for `mTOFTs` that hold native

`TOFTMarketReceiverModule::marketBorrowReceiver` flow is broken

Pausable is not implemented

Composing approval with other messages is subject to DoS

StargateRouter cannot send payloads and rebalancing of ERC20s is broken

`mTOFT` can be forced to receive the wrong ERC20 leading to token lockup

Stargate Pools conversion rate leads to token accumulation inside the Balancer contract

Gas parameters for Stargate swap are hardcoded leading to stuck messages

`LeverageExecutor` is not working inside `BBLeverage` and `SGLeverage`

Due to missing checks on minimum gas passed through LayerZero, executions can fail on the destination chain

Potential loss of capital due to fixed fee calculations

Permanent loss of tokens if swap data gets outdated

All tokens can be stolen from `VirtualAccount` due to missing access modifier

Message channels can be blocked resulting in DoS

If RootBridgeAgent.lzReceiveNonBlocking reverts internally, the native token sent by relayer to RootBridgeAgent is left in RootBridgeAgent

Refund mechanism for failed cross-chain transactions does not work

Attacker can block LayerZero channel due to missing check of minimum gas passed

Attacker can block LayerZero channel due to variable gas cost of saving payload

TOFT `triggerSendFrom` can be used to steal all the balance

TOFT `removeCollateral` can be used to steal all the balance

TOFT `exerciseOption` can be used to steal all underlying erc20 tokens

TOFT leverageDown always fails if TOFT is a wrapper for native tokens

TOFT `exerciseOption` fails due to not passing `msg.value` properly

Airdropped tokens can be stolen by a bot