`Strategy collectFees` uses incorrect position range in `vestPosition` fee collection

Users can steal borrowed funds during `Leverager::withdraw` when `token1` is the borrowed `denomination`

Rounding error in stepDuration calculations.

Minting zero tokens when underlyingToken is not Ether in cashIn()

Incorrect set up and logic of `referralInfoMap` in `SystemConfig::updateReferrerInfo` function

[Low-01] Missing Access Control in `CapitalPool::approve()` Function Allows any User to call it to set Allowance Amount `TokenContract` to `type(uint256).max`.

Validation of `collateralRate` in `PerMarkets::createOffer` function

CreateOffer allows eachTradeTax to be 100% ( 10000 bp ) violating code assumptions

QA Report - 0xStalin - Low Severities

Incompatibility with Multisig Wallets in `TempleGold::send` Function

```LibUnripe::getTotalRecapitalizedPercent``` returns wrong ```recapitalizedPercent``` if ```totalUsdNeeded``` is 0

Missing validation for ```totalUsdNeeded``` in ```LibUnripe::getPenalizedUnderlying``` can lead to the ```urBean``` chopping block

```LibWstethEthOracle::getWstethEthPrice``` returns wrong ```wstETH/ETH``` price in some conditions impacting system operations

Rewards can be drained because of lack of access control

`costInEuros` calculation will incur precision loss due to division before multiplication

Division before multiplication results in lower `dittoMatchedShares` distributed to users

Malicious/Compromised organiser can reclaw all funds, stealing work from supporters

Centralization Risk for trusted organizers

Precision loss when calculating the health factor