The operator can create a `NativeVault` that can be silently unslashable.

Changing the slashingHandler for NativeVaults will DoS slashing

The `refundAccount` is erroneously set to `msg.sender` instead of `tx.origin` when `refundAccount` specified as `address(0)`

Flashloan rollover doesn't work with USDT

Owner of a position can prevent liquidation due to the 'onERC721Received' callback

Repayments and liquidations can be forced to revert by an attacker that repays miniscule amount of shares

Since you can reroll with a different fighterType than the NFT you own, you can reroll bypassing maxRerollsAllowed and reroll attributes based on a different fighterType

Players have complete freedom to customize the fighter NFT when calling `redeemMintPass` and can redeem fighters of types Dendroid and with rare attributes

FighterFarm:: reroll won't work for nft id greator than 255 due to input limited to uint8

Can mint NFT with the desired attributes by reverting transaction

Constraints of dailyAllowanceReplenishTime and allowanceRemaining during mint() can be bypassed by using alias accounts & safeTransferFrom()

Fighter created by mintFromMergingPool can have arbitrary weight and element