Unauthorized Access to setCurves Function

Protocol and referral fee would be permanently stuck in the Curves contract when selling a token

onBalanceChange causes previously unclaimed rewards to be cleared

Curves::_buyCurvesToken(), Excess of Eth received is not refunded back to the user.

Cached `DOMAIN_SEPARATOR` is incorrect for tranche tokens potentially breaking permit integrations

The settle feature will be broken if attacker arbitrarily transfer collateral tokens to the PerpetualAtlanticVaultLP

`sync` function in `RdpxV2Core.sol` should be called in multiple scenarios to account for the balance changes that occurs

LSP8 and LSP9's ERC-165 interface ID differs from their specification

Insufficient Length Check When Verifying Allowed Data Keys