enlistInRollover updates ownerToRollOverQueueIndex incorrectly

DepositFee can be avoided completely

User will almost always incur a loss when they rollover

Malicious users can prevent the user at the end of the queue from rolling over

It's possible to permanently DOS the rollover system

triggerEndEpoch can be called on null epochs

attacker can drain the premium vault if depegging happens before the epoch starts

getLastestPrice can return stale price

Relayers for the rollover queue can be griefed

Player can prevent rebalancing from completing by allocating to blacklisted protocols.

XChainController does not reset vault's totalWithdrawalRequests

pushTotalUnderlyingToController can still be called even if the vault is inactive

Pullfunds can end before the necessary funds have been pulled

Players can call rebalanceBasket before rewards have been pushed to the game

Liquidate calculations are incorrect when position borrows more than 1 type of token

vault LPTokens can stay in ichiVaultSpell after closePosition() and be drained by another user

Underlying amount after withdrawLend is incorrect if hard/soft vault has withdraw fee

Data returned from latestRoundData() not sufficiently checked

Protocol fees can be withdrawn multiple times in `Erc20Quest`

Funds can be stuck due to wrong order of operations

DOS risk if enough tokens are minted in Quest.claim can lead, at least, to transaction fee lost

Drips that end after the current cycle but before its creation can allow users to profit from squeezing

Function processEpoch() in PublicVault would revert when most of the users withdraws their funds because of the underflow for new yIntercept calculation

Attacker can take loan for Victim

Strategist can fail to withdraw asset token from a private vault

Improper validations in Clearinghouse. possible to lock collateral NFT in contract.

Public vault owner (strategist) can use buyoutLien to indefinitely prevent liquidity providers from withdrawing

yIntercept of public vaults can overflow

Liquidator reward is not taken into account when calculating potential debt

Public vault slope can overflow

Public vault strategist reward is not calculated correctly

LienToken._payment function increases users debt

PaprController.buyAndReduceDebt: msg.sender can lose paper by paying the debt twice

`PaprController` pays swap fee in `buyAndReduceDebt`, not user

Protocol safeguards for time durations are skewed by a factor of 7. Protocol may potentially lock NFT for period of 7 years.

Raffle creator can rug participants

`LPDA` price can underflow the price due to bad settings and potentially brick the contract

`saleReceiver` and `feeReceiver` can steal refunds after sale has ended