The assignment should be made only if ownerToRollOverQueueIndex[_receiver] == 0

The special case of “_epochBegin == block.timestamp” is undefined

Inflation of ggAVAX share price by first depositor

Hijacking of node operators minipool causes loss of staked funds

Users may not be able to redeem their shares due to underflow

NodeOp can get rewards even if there was an error in registering the node as a validator

slashing fails when node operator doesn't have enough staked `GGP`

State Transition: Minipools can be created using other operator's AVAX deposit via recreateMinipool

NodeOp funds may be trapped by a invalid state transition

Anyone can prevent themselves from being liquidated as long as they hold one of the supported NFTs

Reward tokens mismanagement can cause users losing rewards

Giant pools can be drained due to weak vault authenticity check

Possibly reentrancy attacks in `_distributeETHRewardsToUserForToken` function

`bringUnusedETHBackIntoGiantPool` in `GiantMevAndFeesPool` can be used to steal `LPTokens`

GiantMevAndFeesPool.previewAccumulatedETH function: "accumulated" variable is not updated correctly in for loop leading to result that is too low

smartWallet address is not guaranteed correct. ETH may be lost

Medium: Vaults can be griefed to not be able to be used for deposits

Giant pools cannot receive ETH from vaults

Withdrawing wrong LPToken from GiantPool leads to loss of funds

Direct theft of buyers ETH funds.

Mistakenly sent eth could be locked

address.call{value:x}() should be used instead of payable.transfer()

Rewards delay release could cause yields steal and loss

Two address tokens can be withdrawn by the admin even if they are vested

Depeg event can happen at incorrect price

Oracle is tracked per token instead of per pair, leading to surprise results

Different Oracle issues can return outdated prices

A proposal can be cancelled by anyone if the proposal has exactly proposalThreshold votes

Founders can receive less tokens that expected

Index out of bounds error when properties length is more than attributes length breaks minting

Inconsistant parameter requirements between `constructor()` and `Set() functions` in `RANGE.sol` and `Operator.sol`.

Inconsistency in staleness checks between OHM and reserve token oracles

TRSRY susceptible to loan / withdraw confusion

Heart::beat() could be called several times in one block if no one called it for a some time

Admin cannot be changed to EOA after deployment

Redeemer.redeem() for Element withdraws PT to wrong address.

Incorrect implementation of APWine and Tempus `redeem`

Unable to redeem from Notional

`Redeemer.sol#redeem()` can be called by anyone before maturity, which may lead to loss of user funds

Able to mint any amount of PT

The lend function for tempus uses the wrong return value of depositAndFix

[H-05] Not minting iPTs for lenders in several lend functions

Division Before Multiplication Can Lead To Zero Rounding Of Return Amount

Checking yieldBearingToken against u instead of backingToken

sellPrincipalToken, buyPrincipalToken, sellUnderlying, buyUnderlying uses pool funds but pays msg.sender

Sandwich attacks are possible as there is no slippage control option in Marketplace and in Lender yield swaps