getPriceFromChainlink() could get stale price.

`LPDA` price can underflow the price due to bad settings and potentially brick the contract

`saleReceiver` and `feeReceiver` can steal refunds after sale has ended

call opcode's return value not checked.

Solmate's ERC20 does not check for token contract's existence, which opens up possibility for a honeypot attack

User can free from liquidation fee if its escrow balance is less than the calculated liquidation fee.

StandardPolicyERC1155.sol returns amount == 1 instead of amount == order.amount

Insufficient validation in Oracle price data feed

ERC721Checkpointable: delegateBySig allows the user to vote to address 0, which causes the user to permanently lose his vote and cannot transfer his NFT.