In Starknet already processed messages can be re-submitted and by anyone

Invalid token address used in `ChakraSettlementHandler::cross_chain_erc20_settlement(...)` leading to invalid transaction creation and event emission

Does not check if to_chain and to_handler is whitelisted in cross_chain_erc20_settlement

Excessive Authority Granted to Managers in the `ckr_btc.cairo` Contract Presents Significant Management Risks

Missing `lower<upper` check in `mint_position`

Users can't remove liquidity while a pool is disabled

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

Auction payout goes to AuctionDemo contract owner, not the token owner

Protocol markets are incompatible with rebasing tokens

Wrong comment in `setPool` function

DSC protocol can consume stale price data or cannot operate on some EVM chains

Chainlink oracle will return the wrong price if the aggregator hits `minAnswer`

Double checks

Use `==` instead for `<=` for `uints` when comparing for `zero` values

`_voteSucceeded()` returns true when `againstVotes > forVotes` and vice versa

Due to inappropriately short `votingPeriod` and `votingDelay`, it is near impossible for the governance to function correctly.

Incorrect function call in LybraRETHVault's getAssetPrice

Liquidation won't work when bad and safe collateral ratio are set to default values

Wrong `proposalThreshold` amount in `LybraGovernance.sol`