Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

Potential DOS due to Gas Exhaustion Due to Large Array Iteration in `_distribute` Function

Insufficient validation leads to locking up prize tokens forever

Sandwich attack to steal all ERC-20 tokens in the Fees contract

No expiration deadline leads to losing a lot of funds

Theft of collateral tokens with fewer than 18 decimals

Liquidation Is Prevented Due To Strict Implementation of Liqudation Bonus

`liquidate` does not allow the liquidator to liquidate a user if the liquidator HF < 1

Zero address check for tokens

Pragma isn't specified correctly which can lead to nonfunction/damaged contract when deployed on Arbitrum

Use `==` instead for `<=` for `uints` when comparing for `zero` values

DSC Mint will either return true or revert, thus checking `minted` status in `mintDcs` is unnecessary

Constructor of `Escrow` should make sure that `buyer`, `seller`, `arbiter` are different from each other.

Use Openzeppelin Minimal Clones to Save a Lot of Gas

USDD token supply can be changed at any point by any EOA account

The USDD.sol contract incurs losses in both DAI and USDD whenever it executes a UniswapV3 swap

Minting USDD tokens in exchange for DAI is impossible due to a broken oracle implementation

The `rebalance` function can be exploited to drain ALL the Collateral Assets (in a form of DAI profit)

Centralization risks: owner can freeze withdraws and use timelock to steal all funds

_validateRuntimeConfig checks are being bypassed in the NFTCollection.sol contract initialization