Deposits on long one leverage vault don't actually finalize the flow, leading to a Denial of Service (DoS)

Loss of fee refund due to premature state deletion in `PerpetualVault::_handleReturn` function

If users withdraw while a position is in loss, the whole PNL of the position to their withdrawal amount instead of just their share of it.

Incorrect Token Price Validation in KeeperProxy

not adding `claimable` balance to the total assets in `_harvestAndReport` can cause losses.

Listing potential can not be purchased with discounted price

Users can prevent protocol from rebalancing for his gain and cause loss of funds for protocol and its users

Liquidation doesn't account for penalty when calculating collateral to give, allowing users to profit by borrowing and self-liquidating

`AuraVault::claim` reward calculation does not deduct fees from reward amount, causing DoS or extra rewards lost

In Dolomite, when opening a borrow position, the holding position in the Registry will never be updated due to the removePosition flag being set to true

Missing the `lookback` parameter when invoking the `getWstethUsdPrice()` in the `getTokenPrice` function