Old router retains token allowance after update

The `generateOrderId` function doesn't always generate unique IDs especially for batch transactions leading to loss of funds.

Anyone can maliciously use the recipient approval (funds) to create bad order and steal funds.

Failure to reset unspent approval to the target address will lead to the wiping of the smart contract balance

A re-entrancy in the execute function can drain the smart contract balance

`cancelOrder` order can be DOSed due to unbounded loop.

Lack of access control on the `updateDownsideProtected` function

Users cannot claim in multiple epoch on the same distribution due to error in logic.

Bad debt are not properly handled, this will lead to loss to the lender that that withdraw last.

Lenders who deposits after a loan has been repaid will lose some of their deposits.

Epoch mismatch in FjordPoints and FjordStaking leads to user being able to stake and unstake instantly for rewards

A Malicious user can stop winner from claiming their prize by calling the `propagateRaffleWinner` function with wrong params.

The status paramenter is not used when assigning roles, so roles cannot be revoked after it has been given.

Unnecessary balance checks and precision issues in TokenManager::_transfer

`listOffer` Unsafely References Fungible Identifiers

There is no slippage check in the `nuke()` function.

Single plot can be occupied by multiple renters

A malicious User can DOS all offchain orders making them unexecutable and leaving the protocol in an insolvent state. Also all offchain Trades can also be DOSed for honest parties that do not meet the fillorder requirements (no try and catch)

Incompatibility with Multisig Wallets in `TempleGold::send` Function

Lack of adequate slippage protection in `OptionTokenV4.sol:_exerciseLp` can lead to loss of funds.

Attacker can spam Plots to victim to cause DOS on Plot transfer

Vaults can become immune from liquidation by setting `vault.recipient` to a blacklisted quote token address

Panoptic pool can be non-profitable by specific Uniswap governance

Swap Fails when Fee On Transfer tokens is being Swapped to Weth Leading to DOS

Use custom gas in `sendMintMessage` instead of default gas

Do not hardcode `_zroPaymentAddress` field to `address(0)`

Looping over unbounded `pendingStakes` array can lead to permanent DoS and frozen funds