The first founder will lose ONE percentage ownership if more than 99 tokens are reserved for minters

Protocol mints less rsETH on deposit than intended

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

On a Linear or Exponential Descending Sale Model, a user that mint on the last `block.timestamp` mint at an unexpected price.

Vulnerability in burnToMint function allowing double use of NFT

Auction winner can prevent payments via `safeTransferFrom` callback

Borrower has no way to update `maxTotalSupply` of `market` or close market.

Blocked accounts keep earning interest contrary to the WhitePaper

The settle feature will be broken if attacker arbitrarily transfer collateral tokens to the PerpetualAtlanticVaultLP

Improper precision of strike price calculation can result in broken protocol

Incorrect precision assumed from RdpxPriceOracle creates multiple issues related to value inflation/deflation

Sandwich attack to steal all ERC-20 tokens in the Fees contract

During refinance() new Pool balance debt is subtracted twice

[H-04] Lender#buyLoan - Malicious user could take over a loan for free without having a pool because of wrong access control

Forcing a borrower to pay a huge debt via the giveLoan()

Lender can Sandwich a borrower to seize his collateral

The `borrow` and `refinance` functions can be front-run by the pool lender to set high interest rates

Fixed fee level is used when swap tokens on Uniswap

Interest calculation error if L2 sequencer go down

Theft of collateral tokens with fewer than 18 decimals

staleCheckLatestRoundData() does not check the status of the Arbitrum sequencer in Chainlink feeds.

Chainlink oracle will return the wrong price if the aggregator hits `minAnswer`

[H-01] Lack of emergency withdraw function when no arbiter is set

Add an optional deadline parameter for dispute process

CrosschainDistributor owner may not able to update total

Malicious receiver can steal collateral from other issuers

Malicious issuer can steal quote tokens from other issuers

PartyB may allocate far less balances than expected by calling depositAndAllocateForPartyB

PartyA can avoid being liquidated by increasing partyANonces

Allowing a suspended PartyA to force close positions is against design decision and brings risk

Attacker may drain funds from protocol when tradingFee is updated

PartyB can lock quotes without available balance

Quote may be opened with lockedValues less than minAcceptableQuoteValue

Quote may be opened with an invalid symbolId

Users may not be able to fully redeem USD1 into USDT even when reserve ratio is above 100%

Insufficient slippage protection for swaps

Stale price data may be used for swaps

Attacker can mint max amount of USSD tokens to prevent others from minting

Protocol won't be able to swap on Uniswap due to incorrect parameter settings

Incorrect calculation of collateral selling amount when rebalancing

Incorrect calculation of DAI/USD price

Misconfiguration In StableOracleDAI

Rebalance transaction may revert due to price difference between Chainlink and Uniswap

Attacker can close debt position without authorization

It is possible to steal the unallocated part of every delegation period budget

function `restructureCapTable()` in Equity.sol not functioning as expected

Reward accounting is incorrect in BathBuddy contract

DOS of market operations with malicious offers

Some offers can't be cancelled

Calling `ExpiringMarket.stop` and `ExpiringMarket.isClosed` functions cannot pause any functionlities of the market

First depositor can inflate share price and steal funds from other users