Protocol is easy to manipulate due to use of slot0

Missing access control on mint/burn functions.

`UniV3SwapInput()` Missing slippage protection

Missing working address for ethOracle

Likely overflow when multiplying in getOwnValuation()

BuyUSSDSellCollateral will underflow when collaterValue is greater than 1e18

`getPriceUSD()` will return the wrong price when outside of min/max range

Missing checks will return stale or 0 price

StableOracleWBTC() uses BTC pricefeed for WBTC

Buyer of club owner can be frontrun by owner of club

Unsafe minting of footiumClubs

Unsafe transfer of arbitrary erc20 token

Frontrunning with allowence can cause users to loose funds.

Once reward token is removed users wont have access to their yield.

Unbound loop in getLockedFunds() can cause DOS preventing refunds.

malicious or paused tokens can cause claiming to fail.

Token Address Limit can be reached by sending dust amounts of junk tokens.

Max out nft deposit with low value ones making bounty undesirable.

Unsafe Transfer of arbitrary erc20 tokens.

If user repays more than what is owed the function will revert.

wrong reward distribution between early and late depositors because of the late syncRewards() call in the cycle, syncReward() logic should be executed in each withdraw or deposits (without reverting)

Rounding error in buyQuote might result in free tokens

`LPDA` price can underflow the price due to bad settings and potentially brick the contract

ETH will get stuck if all NFTs do not get sold.