Stable swap pools don't properly handle assets with different decimals, forcing LPs to receive wrong shares

Logical error in `validate_fees_are_paid` can cause a DoS or allow users to bypass fees if `denom_creation_fee` includes multiple coins including `pool_creation_fee` and the user attempts to pay all fees using only `pool_creation_fee`

Protocol allows creating broken tricrypto CPMM pools

Multi-token stableswap pools allow 0 liquidity for tokens, creating bricked pools

Stableswap pool can be skewed free of fees

Block gas limit can be hit due to loop depth

Attackers can force the rewards to be stuck in the contract with malicious `x/tokenfactory` denoms

Incorrect `slippage_tolerance` handling in stableswap `provide_liquidty` function

Farms can be created to start in past epochs

Stableswap does disjoint swaps, breaking the underlying invariant

Single sided liquidity can't be used to lock LP tokens in the farm manager

`withdraw_liquidity` lacks slippage protection

User is unable to claim their reward for the expanded epochs if farm is expanded

Subtraction in `variance()` will revert due to underflow

Users can list assets with price < 1 ERC20 (ETH, WETH), leading to potential DoS vulnerability.

Boost buyback burns incorrect amount of liquidity

Incorrect router function called during initialization

Incorrect `swap` usage in `V3AMO.sol`

Anyone can overwrite reputer `p2pkey` values

Topics wont activate even with a sufficient stake

Malicious User can call `lockOnBehalf` repeatedly extend a users `unlockTime`, removing their ability to withdraw previously locked tokens

Invalid validation allows users to unlock early

Missing disapproval check in `LockManager.sol::approveUSDPrice` allows simultaneous approval and disapproval of a price proposal

Incorrect withdraw queue balance in TVL calculation

Deposits will always revert if the amount being deposited is less than the bufferToFill value

Missing overflow protection in `_capRates` function can lead to broken wells and pumps after a few blocks of unuse

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

Users can get their Kerosene stuck until TVL becomes greater than Dyad's supply

Flash loan protection mechanism can be bypassed via self-liquidations

Unable to withdraw Kerosene from `vaultmanagerv2::withdraw` as it expects a `vault.oracle()` method which is missing in Kerosene vaults

`VaultManagerV2.sol::burnDyad` function is missing an `isDNftOwner` modifier, allowing a user to burn another user's minted DYAD

Attacker can frontrun to prevent vaults from being removed from the dNFT owner's position

Value of kerosene can be manipulated to force liquidate users

Incorrect deployment / missing contract will break functionality

setUnboundedKerosineVault not called during deployment, causing reverts when querying for Kerosene value after adding it as a Kerosene vault

Liquidation bonus logic is wrong

Users can lose access to funds due to minimum withdrawal limits.

`transfer_share_and_rewards` can be used to transfer out shares without transferring reward debt due to rounding.

Early user can break pool via inflation attack due to no minimum liquidity check in the incentive contract

Storage can be bloated with low liquidtiy positions

Incentive accumulation can be sandwiched with additional shares to gain advantage over long-term depositors

Permit doesnt work with DAI

Malicious liquidity provider can put pool into highly manipulatable state

[H02] No `safe_withdrawal` option in `withdraw_protocol_liquidity` function in omnipool can be abused by frontrunners to cause losses to the admin when removing liquidity

[M02] Complete liquidity removals fail from stableswap pools

[M09] No slippage check in `remove_liquidity` function in omnipool can lead to slippage losses during liquidity withdrawal.

Incorrect `claimable` implementation allows users to withdraw locked tokens

Looping over unbounded `pendingStakes` array can lead to permanent DoS and frozen funds

Missing deadline check allow pending transactions to be maliciously executed

Fees are hardcoded to 3000 in ExactInputSingleParams

Divergence in the pricing method for collateral within the `calculateMinimumAmountOut()` may result in vaults transitioning into an uncollateralized state after executing swaps.

Anyone with TST tokens can monitor the mempool and frontrun mint/burn functions to get EUROs rewards without even staking.

Attackers can mint vaults to a victim to gas grief them

Users staking via the `SurplusGuildMinter` can be immediately slashed when staking into a gauge that had previously incurred a loss

There is no way to liquidate a position if it breaches maxDebtPerCollateralToken value creating bad debt.

PnL system can be broken by large users intentionally or unintentionally.

`totalBorrowedCredit` can revert, breaking gauges.

LendingTerm.sol#_partialRepay() A user cannot partial repay a loan with 0 interest

LendingTerm debtCeiling function uses creditMinterBuffer incorrectly

Malicious borrower can decrease Guild holders reward

QVSimpleStrategy.sol: `allocator.voiceCredits` is never updated

Incorrect CREATE3 implementation for zksync era

Lenders can jack up interest rates to force borrowers to pay more.

The settle feature will be broken if attacker arbitrarily transfer collateral tokens to the PerpetualAtlanticVaultLP

The peg stability module can be compromised by forcing lowerDepeg to revert.

Users can get immediate profit when deposit and redeem in `PerpetualAtlanticVaultLP`

_curveSwap: getDpxEthPrice and getEthPrice is in wrong order

reLP() mintokenAAmount the calculations are wrong.

User can avoid paying high premium price by correctly timing his bond call

The same signature can be used in different `distribution` implementation causing that the caller who owns the signature, can distribute on unauthorized implementations

If a winner is blacklisted on any of the tokens they can't receive their funds

DAI Tokens at Risk Due to Lack of address(0) Check in distribute

Delegated votes are locked when owner lock is expired

Liquidation Is Prevented Due To Strict Implementation of Liqudation Bonus

Fee-on-transfer tokens aren't supported

High - Funds can be lost if any participant is blacklisted

Incorrect idle value accounting in `LMPVault.sol` leads to lost tokens.

Users can steal reward tokens due to bad update of rewardDebt in `LMPVault.sol`.

`LMPVaultRegistry` removed vaults cannot be added again since `_vaultsByType` mapping is not cleared

OOG / unexpected reverts due to incorrect usage of staticcall.

Slashing during `LSTCalculatorBase.sol` deployment can show bad apr for months

[HD05] Magnetar contract has no approval checking

[HE02] `twTAP.sol`: Reward tokens stored in index 0 can be stolen

[HF05] `BaseTOFT.sol`: `removeCollateral` can be used to manipulate other user's positions and steal tokens due to absent approval check.

[HF06] `BaseTOFT.sol`: `retrieveFromStrategy` can be used to manipulate other user's positions due to absent approval check.

[HF08] `BaseTOFTLeverageModule.sol`: `leverageDownInternal` tries to burn tokens from wrong address

Collateral can be locked in BigBang contract when `debtStartPoint` is nonzero

TOFT and USDO Modules Can Be Selfdestructed

Incorrect formula used in function `Market.computeClosingFactor()`

Refund mechanism for failed cross-chain transactions does not work

Incorrect liquidation reward computation causes excess liquidator rewards to be given

`_liquidateUser()` should not re-use the same minimum swap amount out for multiple liquidation

`LidoEthStrategy._currentBalance` is subject to price manipulation, allows overborrowing and liquidations

Usage of `BalancerStrategy.updateCache` will cause single sided Loss, discount to Depositor and to OverBorrow from Singularity

A user with a TapiocaOFT allowance >0 could steal all the underlying ERC20 tokens of the owner

Potential 99.5% loss in `emergencyWithdraw()` of two Yieldbox strategies

Attacker can prevent rewards from being issued to gauges for a given epoch in TapiocaOptionBroker

[HB02] `BalancerStrategy.sol`: `_withdraw` withdraws insufficient tokens

[HB10] `AaveStrategy.sol`: Changing swapper breaks the contract

[HC07] `SGLLiquidation`: Liquidations will fail if `liquidationAddress` is set

[MC01] Market liquidations can revert due to arithmetic underflow

[HF07] `BaseTOFTMarketModule.sol`: `removeCollateral` removes collateral from the wrong account

a4185aaf2a0a953dd8ea2e7f62a58087c4cd5680bfbe8c3a749efef847af3c3b - Sent Privately

all deposit and withdraw function in Convex and Curve nativeLP Strategy, apply slippage on internal pricing; which call real-time on chain price from Curve directly and subject to MEV

Swapper contract isn't validated for cross-chain leverage operations

[HB09] `emergencyWithdraw` on all strategy contracts useless without a pause mechanism

[MB01] Inadvised hardcoding of pool address in `AaveStrategy.sol`

Withdrawals can be DDosed by draining gas

Insufficient checks on chainlink prices

Incorrect accounting in Insurance fund

Insufficient checks on oracle price

Incorrect pricing of tokens

Missing access control in mint/burn

Missing slippage check in uniswap swaps

Price calculation susceptible to flashloan exploits

Price calculation susceptible to overflows

Incorrect decimals when selling collateral

Incorrect check for selling DAI

All funds at risk due to insufficient checks in flashloan callback

Users can deposited delisted assets

Token borrow limits can be violated with withdrawals

Interest rate drifts over time, upto 5% in the first year

Locked tokens for repeat collateral addresses

Collateral can be locked by sending loan NFT to blacklisted address

Challenges can be frontrun with de-leveraging to cause lossses for challengers

Owner of Denied Position is not able to withdraw collateral until expiry.

function `restructureCapTable()` in Equity.sol not functioning as expected

RubiconMarket batchOffer and batchRequote make offers as self; complete loss of funds for some types of tokens, for example WETH

Reward accounting is incorrect in BathBuddy contract

DOS of market operations with malicious offers

Some offers can't be cancelled

Incorrect fee handling in Position.sol's Market Buy/Sell functions

Calling `ExpiringMarket.stop` and `ExpiringMarket.isClosed` functions cannot pause any functionlities of the market

An attacker can manipulate the preDepositvePrice to steal from other users.

Staking, unstaking and rebalanceToWeight can be sandwiched (Mainly rETH deposit )

Reth.sol: Withdrawals are unreliable and depend on excess RocketDepositPool balance which can brick the whole protocol

`WstEth` derivative assumes a ~1=1 peg of stETH to ETH

Users can fail to unstake and lose their deserved ETH because malfunctioning or untrusted derivative cannot be removed

Protocol fees can be withdrawn multiple times in `Erc20Quest`

Funds can be stuck due to wrong order of operations

User may loose rewards if the receipt is minted after quest end time

Admin does not have to wait to call `lastResortTimelockOwnerClaimNFT()`

First depositor can break minting of shares

`LPDA` price can underflow the price due to bad settings and potentially brick the contract

Editions should be checked if they are actually deployed from the legitimate Escher721Factory

Sale contracts can be bricked if any other minter mints a token with an id that overlaps the sale

Use of `payable.transfer()` Might Render ETH Impossible to Withdraw

Underlying assets stealing in `AutoPxGmx` and `AutoPxGlp` via share price manipulation

It is clearly stated that timelock is used, but this does not happen in the codes

Public to all funds escape

Incorrect handling of pricefeed.decimals()

Users who deposit in one vault can lose all deposits and receive nothing when counterparty vault has no deposits

User fund lost because they can't withdraw() their funds before epoch startTime and they have to stuck in positions that become unprofitable even when epoch is not started