`set_invocation_costs_config()` fails to authorize admin allowing anyone to set invocation costs

`twap()` under-charges for multi-period queries due to hardcoded `periods=1`

`collectFees` will never work when the other asset of the pool is ETH

Overflow of xyk due to uint128 results

There isn't slippage specified when adding liquidity

Loss of fees on the way up due to incorrect compoundingLiq

Vaults won't work with tokens that revert on a 0 value approval

Attacker can get `TAKER_VAULT_ID` and steal all tokens

An maker can never exit fully

Any zapping call with ETH as the token out will return nothing, hence functions that call it will revert with 0 amount.

Inverted check for `gc` parameter in Factory::set_gauge_controller

InflationaryVest::claim forgets to update `self.claimed`

Some tokens will not work for Everclear rebalancing

Dust orders can block order posting

In case of a transfer of TokenizedShareManager, the `updateChecks` function is inverted logic in the branch, will incorrectly DOS.

Zero-Duration Cooldown in EthenaCooldownHolder Swallows Redeemed USDe

StakingStrategy and CurveConvex2Token require that chainid is Mainet, but protocol says possible deployments on Arbitrum and Base

`GatewaySend::depositAndCall` functions will not work with USDT

Wrong LToken address is being carried across chains causes unexpected reverts on Liquidations

Attacker can partially DoS L1 operations in StakingManager by making huge number of deposits