Gas Token Swap Exhausts User Funds

Protocol will misdirect refunds to truncated Bitcoin addresses

Wrong amount is minted to user when they deposit into the lending pool

Multiple issues from unnecessary balance increase calculation in DebtToken.mint

RToken is Not Interest Bearing Due to Broken Liquidity Index Calculation

Double Usage Index Scaling in StabilityPool Liquidation Inflates Required CRVUSD Balance

Incorrect Debt Scaling Leading to Protocol Solvency Risk

LendingPool deposits do not work with CurveVault due to lack of funds

Workingsupply would always be overwritten in boostcontroller.sol impacting reward calculations

hardcoded baseamount in Updateuserboost fucntion causes users with small token holdings to receive higher boosts relative to their holdings t

Permanent boost inflation through delegation removal in Boostcontroller.sol

Flawed Boost Multiplier Calculation Always Yields Maximum Boost

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions