Market Disruption and Financial Loss Post-Liquidation

`LiquidationBranch::checkLiquidatableAccounts()` executes `for` loop with wrong values, causing array out of bounds to be recovered, the program will not work as expected

An Uninitialized Variable In The `MarketConfiguration::update` Function Causes The `PrepMarket::getIndexPrice` Function To Revert

Trading accounts can exceed the maximum number of allowed open positions.

`LibChainlinkOracle::getTokenPrice` will always return instantaneuous prices

LibUsdOracle will compromise Beanstalk peg due to wrong price and DoS

LibUsdOracle returns the wrong price for Uniswap Oracle

`ReseedSilo#reseedSiloDeposit` does not credit the user any `roots`

Successful transactions are not stored, causing a replay attack on ``redeemDepositsAndInternalBalances``

Internal balances are never actually migrated within `L2ContractMigrationFacet`

L2ContractMigrationFacet doesn't increase total Stalk and Roots

User's stalk is overwritten instead of increased within `ReseedSilo`

Grown Stalk is incorrectly calculated in ReseedSilo

L2ContractMigrationFacet migrates incorrect amount of Stalk

`L2ContractMigrationFacet.addMigratedDepositsToAccount()` doesn't update some global balances during the migration.

Possible loss of user's balances after calling `addMigratedDepositsToAccount()`.

ReseedSilo doesn't update total balances of Stalk and Roots

`LibPipelineConvert.executePipelineConvert()` doesn't decrease Grown Stalk when BDV decreases

ReseedBarn.sol doesn't initialize of `s.sys.fert.recapitalized`

`s.sys.silo.unripeSettings` are never set after migration which breaks Unripe functionality

USD prices dont work for 20 hours per day

The declaration and use of `LibTractor::BLUEPRINT_TYPE_HASH` are inconsistent with the structure `struct Blueprint`, and the standard is confusing. It is recommended to unify the standard

`SiloFacet::transferDeposit` does not verify if amount is 0, leading to full withdrawal DoS for any recipient

LibUsdOracle is completely broken for the to-deploy L2 chain

quickSort function does not work as expected, compromising the calculation of Beans per Well to be minted during a flood

When migrating via `L2ContractMigrationFacet`, user is not minted roots for the newly accrued stalk

`LibSilo.transferStalk()` uses incorrect formula to roundUp

`L2ContractMigrationFacet.addMigratedDepositsToAccount()` forfeits "unmowed" rewards from other Silo deposits

`L2ContractMigrationFacet.addMigratedDepositsToAccount()` doesn't push depositId to `depositIdList`

ReseedField.sol incorrectly configures Field values because of mistake in storage layout

Invariable.sol won't save Bean from exploit because of flawed entitlement calculation

Attacker can spam Plots to victim to cause DOS on Plot transfer

Orderers will lose their Beans after migration to L2

Potential Loss of Fertilizer ERC1155 NFTs During L1 to L2 Migration.

The `LibWeth` hardcodes the `WETH` address which makes it incompatible on the to-deploy L2 chain

LibUsdOracle inverses Chainlink TWAP price which results in incorrect price

`BeanL1RecieverFacet#recieveL1Beans()` would never work

Incorrect Hardcoded Block Time Assumptions in Beanstalk's LibDibbler

ETH/USD 1 hour period is too large for Optimism/Base L2 Chains and too small for Arbitrum/Avalanche leading to consuming stale price data.

The `DepotFacet` contract uses an incorrect `PIPELINE` address.

Cannot configure `temperature` in ReseedField due to type mismatch

`ReseedBarn.init()` will run out of gas due to minting firtilizers on some L2s

`LibWell.getBeanTokenPriceFromTwaReserves()` incorrectly assumes that token has 18 decimals

`LibWell.getWellTwaUsdLiquidityFromReserves()` returns liquidity with incorrect precision

`LibFertilizer.beginBarnRaiseMigration()` incorrectly checks that Oracle supports such token

SeasonGettersFacet returns the wrong totalDeltaB

UsdOracle reverts on tokens which are not wstETH, WETH, Bean

`encodeData` is incorrectly calculated thus not compatible with EIP712

Signature malleability breaks TitlesGraph.sol

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

Inability to perform partial liquidations allows huge positions to accrue bad debt in the system

Design flaw and mismanagement in vault licensing leads to double counting in collateral ratios and positions collateralized entirely with kerosine

Kerosene collateral is not being moved on liquidation, exposing liquidators to loss

Users can get their Kerosene stuck until TVL becomes greater than Dyad's supply

`VaultManagerV2.sol::burnDyad` function is missing an `isDNftOwner` modifier, allowing a user to burn another user's minted DYAD

No incentive to liquidate small positions could result in protocol going underwater

Value of kerosene can be manipulated to force liquidate users

setUnboundedKerosineVault not called during deployment, causing reverts when querying for Kerosene value after adding it as a Kerosene vault

No incentive to liquidate when CR <= 1 as asset received < dyad burned

All funds can be stolen from JOJODealer

After withdraw user can be subject to immediate liquidation

Owner cannot withdraw all interest due to wrong calculation of accrued interest in WithdrwaCarry

No slippage protection for Market functions

The price of rsEHT could be manipulated by the first staker

Protocol mints less rsETH on deposit than intended

Update in strategy will cause wrong issuance of shares

Missing debt check lets users start a debt auction of non-existent debt

Incorrect calculations for Surplus Auction creation cause massive surplus imbalances

Unable to retrieve price information with CamelotRelayer contract

Approved address can approve other addresses for an owner's safe

Due to extremely short `votingDelay` and `votingPeriod`, governance is practically impossible.

`ODSafeManager#allowSAFE()` cannot be executed either by the proxy contract or any other address.

Borrower has no way to update `maxTotalSupply` of `market` or close market.

`setAnnualInterestBips()` can be abused to keep a market's reserve ratio at 90%

`collectFees()` updates delinquency wrongly as `_writeState()` is called before assets are transferred

Module transactions will always fail because incompatible with Safe 1.5.0

All tokens can be stolen from `VirtualAccount` due to missing access modifier

Incorrect source address decoding in RootBridgeAgent and BranchBridgeAgent's _requiresEndpoint breaks LayerZero communication

Cached `DOMAIN_SEPARATOR` is incorrect for tranche tokens potentially breaking permit integrations

Users Lose Funds and Market Functionality Breaks When Market Reachs 65k Id

Possible DOS on deposit(), withdraw() and unstake() for BridgeReth, leading to user loss of funds

User can create small position after exit with bid

Division before multiplication results in lower `dittoMatchedShares` distributed to users

Using a cached price in the critical shutdownMarket()

Loss of precision in `twapPriceInEther` due to division before multiplication

`onERC721Received()` callback is never called when new tokens are minted in Erc721Facet.sol

ETH cannot always be unstaked using Rocket Pool

Instant arbitrage opportunity through rETH and stETH price discrepancy

Partial filled short does not reset liquidation flag after user gets fully liquidated, meaning healthy position will still be flagged if the rest of the order gets filled.

Combined short record might exceed the maximum collateral ratio (CRATIO_MAX)

User will lose collateral in the exact case `cRatio == minimumCR`

The settle feature will be broken if attacker arbitrarily transfer collateral tokens to the PerpetualAtlanticVaultLP

Incorrect precision assumed from RdpxPriceOracle creates multiple issues related to value inflation/deflation

Inaccurate swap amount calculation in ReLP leads to stuck tokens and lost liquidity

_curveSwap: getDpxEthPrice and getEthPrice is in wrong order

`sync` function in `RdpxV2Core.sol` should be called in multiple scenarios to account for the balance changes that occurs

No slippage protection for bonders

Change of `fundingDuration` causes "time travel" of `PerpetualAtlanticVault.nextFundingPaymentTimestamp()`

Lack of Balance Validation

The `digest` calculation in `deployProxyAndDistributeBySignature` does not follow EIP-712 specification

`rngComplete` function should only be called by `rngAuctionRelayer`

Overflow can still happened when calculating `priceX8` inside `poolMatchesOracle` operation

V3Proxy swapTokensForExactETH does not send back to the caller the unused input tokens

Return value of low level `call` not checked.

Incorrect chainId of Base in deploy script will force redeployment

Incorrect address is set as Wormhole Bridge, which breaks deploy

Initial deploy won't succeed because of too high `initialMintAmount` for USDC market

Proposals which intend to send native tokens to target addresses can't be executed

`TemporalGovernor` can be bricked by `guardian`

staleCheckLatestRoundData() does not check the status of the Arbitrum sequencer in Chainlink feeds.

DSC protocol can consume stale price data or cannot operate on some EVM chains

Chainlink oracle will return the wrong price if the aggregator hits `minAnswer`

Use Openzeppelin Minimal Clones to Save a Lot of Gas

InterchainProposalExecutor.sol doesn't support non-evm address as caller or sender

Proposal requiring native coin transfers cannot be executed

Governance wrongly calculates `_quorumReached()`

`_voteSucceeded()` returns true when `againstVotes > forVotes` and vice versa

Due to inappropriately short `votingPeriod` and `votingDelay`, it is near impossible for the governance to function correctly.

Liquidation won't work when bad and safe collateral ratio are set to default values

In `LlamaRelativeQuorum`, the governance result might be incorrect as it counts the wrong approval/disapproval.

It is not possible to execute actions that require ETH (or other protocol token)

`updatePoolAddress` functions always reverts when updating existing poolId

`pause/unpause` functionnalities not implemented in many pausable contracts

no bidder has incentive to bid the Auction except doing last-minute MEV due to fixed endBlock

Incorrect flow of adding liquidity in UlyssesRouter.sol

TalosBaseStrategy#init() lacks slippage protection

Rerange/rebalance should not use protocolFee as asset for adding liquidity

Governance relies on current totalSupply of bHermes when calculate `proposalThresholdAmount` and `quorumVotesAmount`

ERC4626PartnerManager.sol mints extra `partnerGovernance` tokens to itself, resulting in over supply of governance token

`unstakeAndWithdraw` inside `BoostAggregator` could lose pendingRewards in certain case

Wrong consideration of blockformation period causes incorrect votingPeriod and votingDelay calculations

[M-01] Some functions in Talos contracts does not allow user to supply slippage and deadline, which may cause swap revert

RestakeToken function is not permissionless

Lack of slippage protection can lead to significant loss of user funds

Deploy flow of Talos is broken

UlyssesPool.sol does not match EIP4626 because of preview functions

ETH/USD priceFeed address is used as BTC/USD

Wrong decimals for DAI/ETH chainlink priceFeed is used

No access control in rebalancer functions in USSD.sol

No slippage control when performing swap in USSD.sol

Protocol assumes DAI is $1

Chainlink's latestRoundData return stale or incorrect result

StableOracle contracts will return the wrong price for asset if underlying aggregator hits minAnswer

StableOracleWBTC use BTC/USD chainlink oracle to price WBTC which is problematic if WBTC depegs

`BuyUSSDSellCollateral()` always sells 0 amount if need to sell part of collateral

Possible DOS of USSDRebalancer due to price deviation of oracle

No slippage protection in FlashloanLiquidate makes liquidator lose money

Missing `payable` in Subaccount.execute() leads to reverting calls to payable funcitons

Lender force Loan become default

Market owner can sandwich `submitBid()` to receive the entire collateral in exchange for the principal

Lenders will lose their loan repays in case of setting new lender manager

CHALLENGER_REWARD can be used to drain reserves and free mint

Challengers and bidders can collude together to restrict the minting of position owner

Royalty recipients will not get fair share of royalties

`changeFeeQuote` will fail for low decimal ERC20 tokens

RubiconMarket batchOffer and batchRequote make offers as self; complete loss of funds for some types of tokens, for example WETH

Reward accounting is incorrect in BathBuddy contract

BathBuddy contract should implement methods to pause and unpause contract

Incorrect fee handling in Position.sol's Market Buy/Sell functions

Incorrect calculations can occur when calling `Position._marketBuy` and `Position._marketSell` functions that do not include maker fee in `_fee`

Calling `Position._marketBuy` and `Position._marketSell` functions that calculate `_fee` by dividing by `10000` can cause incorrect calculations

`WstEth` derivative assumes a ~1=1 peg of stETH to ETH

Reth `poolPrice` calculation may overflow

Price of sfrxEth derivative is calculated incorrectly