Theft of collateral tokens with fewer than 18 decimals

Anyone can burn **DecentralizedStableCoin** tokens with `burnFrom` function

Staking, unstaking and rebalanceToWeight can be sandwiched (Mainly rETH deposit )

Reth.sol: Withdrawals are unreliable and depend on excess RocketDepositPool balance which can brick the whole protocol

`WstEth` derivative assumes a ~1=1 peg of stETH to ETH

Price of sfrxEth derivative is calculated incorrectly

Users can fail to unstake and lose their deserved ETH because malfunctioning or untrusted derivative cannot be removed

DoS due to external call failure

Missing derivative limit and deposit availability checks will revert the whole `stake()` function

Attacker can deposit and refund NFT which leads to DOS in claim functionality

Attacker can fund bounty with malicious ERC20 and block payouts

Unbounded loop in BounyCore.getLockedFunds function leads to DOS in DepositManagerV1.refundDeposit function

Anybody can fund bounty with worthless NFTs thereby not allowing any further NFT funding

When tokenAddresses set has reached TOKEN_ADDRESS_LIMIT, tokens that are contained in the tokenAddresses set cannot be used for funding

Remaining funds cannot be refunded after partial refund

Protocol fees can be withdrawn multiple times in `Erc20Quest`

Funds can be stuck due to wrong order of operations

Users may not claim Erc1155 rewards when the Quest has ended

User may loose rewards if the receipt is minted after quest end time

Drips that end after the current cycle but before its creation can allow users to profit from squeezing

Use safe ERC20 operations

Cooler: roll function should set `loan.rollable` to `false` when called

Cooler: repay function can be front-run so borrowers transaction reverts

Cooler: loan should start out not rollable

Basket range formula is inefficient, leading the protocol to unnecessary haircut

RecollateralizationLib: Dust loss for an asset should be capped at its low value

BackingManager: rTokens might not be redeemable when protocol is paused due to missing token allowance

attacker can prevent vesting for a very long time

BackingManager: rsr is distributed across all rsr revenue destinations which is a loss for rsr stakers

BasketHandler: Users might not be able to redeem their rToken when protocol is paused due to refreshBasket function

StRSR: seizeRSR function fails to update rsrRewardsAtLastPayout variable

PerpDepository: rebalance function is unusable with sqrtPriceLimitX96 parameter unequal 0 (slippage protection cannot be enabled)

If a user approves USDC to PerpDepository, anyone can call rebalance and rebalanceLite

PerpDepository: _rebalanceNegativePnlWithSwap function deposits USDC amount denominated in 1e18 to vault

PerpDepository: user can lose funds in _rebalanceNegativePnlLite function due to partial order execution

PerpDepository: getDebtValue function uses wrong formula to calculate result

Borrowers may earn auction proceeds without filling the debt shortfall

PaprController.buyAndReduceDebt: msg.sender can lose paper by paying the debt twice

`PaprController` pays swap fee in `buyAndReduceDebt`, not user

Grieving attack by failing user's transactions

MinipoolManager: node operator can avoid being slashed

Hijacking of node operators minipool causes loss of staked funds

node operator is getting slashed for full duration even though rewards are distributed based on a 14 day cycle

AVAX Assigned High Water is updated incorrectly

TokenggAVAX: maxDeposit and maxMint return wrong value when contract is paused

MinipoolManager: recordStakingError function does not decrease minipoolCount leading to too high GGP rewards for staker

wrong reward distribution between early and late depositors because of the late syncRewards() call in the cycle, syncReward() logic should be executed in each withdraw or deposits (without reverting)

slashing fails when node operator doesn't have enough staked `GGP`

State Transition: Minipools can be created using other operator's AVAX deposit via recreateMinipool

Inflation rate can be reduce by half at most if it get called every 1.99 interval.

Bypass `whenNotPaused` modifier

`requireNextActiveMultisig` will always return the first enabled multisig which increases the probability of stuck minipools

Coding logic of the contract upgrading renders upgrading contracts impractical

Malicious user can steal all assets in BondNFT

Lock.sol: assets deposited with Lock.extendLock function are lost

Not enough margin pulled or burned from user when adding to a position

`safeTransferMany()` doesn't actually use safe transfer

`executeLimitOrder()` modifies open-interest with a wrong position value

Unreleased locks cause the reward distribution to be flawed in BondNFT

Lock.sol: claimGovFees function can cause assets to be stuck in the Lock contract

`LPDA` price can underflow the price due to bad settings and potentially brick the contract

`saleReceiver` and `feeReceiver` can steal refunds after sale has ended

Sale contracts can be bricked if any other minter mints a token with an id that overlaps the sale

Creator can still "cancel" a sale after it has started by revoking permissions in `OpenEdition` contract

Escher721 contract does not have setTokenRoyalty function

Use of `payable.transfer()` Might Render ETH Impossible to Withdraw

Vault_Synths: false calculation of USD debt allows under-collateralized loans

Depositor.sol: Funds can be withdrawn from any Depositor contract leading to loss of rewards and funds

Depositor.sol: Allowing withdrawals when Depositor is approved is unsafe and can lead to loss of funds

Virtual price is not updated correctly which leads to less interest that needs to be paid