TokenManager - Unlimited withdraw

Native token withdrawal fails until manually approved

Formulaic Error Rounds Down Causing Total Loss Of Funds For Bid Takers During Abort

Token withdrawal fails until someone manually approves spending

[H-4] The function `PreMarkets::listOffer` charges an incorrect collateral amount, allowing users to manipulating collateral rates and drain the protocol's funds

Fund Withdrawal Flaw in preMarket Allows Users to Avoid Settlement Obligations

Unnecessary balance checks and precision issues in TokenManager::_transfer

`PreMarket::createTaker` Should Update the `offerInfo.offerStatus` According to `amount usedPoints`

3 `OfferStatus` are never used, and code seems to have contradicting intentions

`SystemConfig::MarketPlaceInfo.tokenPerPoint` does not take into account the possibility points will be much larger than their equivalent tokens with decimals.

`mintToken()`, `mintWithBudget()`, and `forge()` in the `TraitForgeNft` Contract Will Fail Due to a Wrong Modifier Used in `EntropyGenerator.initializeAlphaIndices()`

Number of entities in generation can surpass the 10k number

Potential Uninitialized `entropySlots` Reading in `getNextEntropy`, Causing 0 Entropy Mint

There is no slippage check in the `nuke()` function.

Cancelling a Merkle Lockup is only callable by `initialAdmin` even after `admin` had been modified

Malicious user can honeypot other users to buy their stream on an NFT marketplace and cancel it right before the purchase happens

Unable to withdraw Kerosene from `vaultmanagerv2::withdraw` as it expects a `vault.oracle()` method which is missing in Kerosene vaults

Value of kerosene can be manipulated to force liquidate users