Malicious User Will Steal Rewards by Front-Running a Claim Transaction

MasterAMO should not use the `initializer` modifier

Remove splitter will always revert if there are some rewards left on splitter contract

Double-Counting of Redemption Asset (RA) in `_redeemCtDsAndSellExcessCt` Function

Incorrect Deposit Pausing Logic in `LVDepositNotPaused::ModuleState` Modifier

Incorrect set up and logic of `referralInfoMap` in `SystemConfig::updateReferrerInfo` function

Native token withdrawal fails until manually approved

`listOffer` Unsafely References Fungible Identifiers

Validation of `collateralRate` in `PerMarkets::createOffer` function

The quantity is calculated incorrectly when depositing Fee on Transfer Tokens.

Claim Function Fails in `PerAddressTrancheVestingMerkleDistributor` Due to Empty Data

Protocol supports `eETH` but doesn't consider its also a rebase token like `stETH`

Sandwich Attack in Reward Validators

`emergencyClose()` may fail to repay any debt

Lack of events for critical actions

Chainlink aggregators return the incorrect price if it drops below `minAnswer`

Loss of precision in `twapPriceInEther` due to division before multiplication

Signature missing nonce & expiration deadline

Potential DOS due to Gas Exhaustion Due to Large Array Iteration in `_distribute` Function

Multiple accesses of a mapping/array should use a local variable cache.

The `for loops` inside the borrow(), repay(), giveLoan() & startAuction() functions in Lender contract are probably gas-guzzlers

Uncheck Arithmetic where overflow/underflow impossible

Using Private Rather Than Public For Constants,Saves Gas

Use if + custom errors instead of using require + string

Using delete statement can save gas

ADD UNCHECKED{} FOR SUBTRACTIONS WHERE THE OPERANDS CANNOT UNDERFLOW BECAUSE OF A PREVIOUS IF-STATEMENT

Zero address check for tokens

Pragma isn't specified correctly which can lead to nonfunction/damaged contract when deployed on Arbitrum

[I-10] Functions not used internally could be marked external

Reentrancy guard and nonReentrant modifier not required.

Refactor `inState` modifier for high gas savings