Attack on rounding errors to get risk free profit

Calling `ExpiringMarket.stop` and `ExpiringMarket.isClosed` functions cannot pause any functionlities of the market

A temporary issue shows in the staking functionality which leads to the users receiving less minted tokens.

Staking, unstaking and rebalanceToWeight can be sandwiched (Mainly rETH deposit )

`WstEth` derivative assumes a ~1=1 peg of stETH to ETH

Price of sfrxEth derivative is calculated incorrectly

Users can fail to unstake and lose their deserved ETH because malfunctioning or untrusted derivative cannot be removed

Division before multiplication truncate minOut and incurs heavy precision loss and result in insufficient slippage protection

Residual ETH unreachable and unuitilized in SafEth.sol

Allowance is not set to zero first before approving

User can lose up to whole stake on vault withdrawal when there are funds locked in the strategy

P can be updated to zero which can cause a DOS when liquidating troves

DOS to executeDeposit if diff is more than longTokenAmount

getAdjustedLongAndShortTokenAmounts will always revert

loss of funds to user when depositing in a market that uses the same long token and short token

when execute deposit fails, cancel deposit will be called which means that execution fee for keeper will be little for executing the cancellation depending on where the executeDeposit fails

stuck underlying tokens in BlueBerryBank when withdrawLend is called

incorrect logic in withdrawInternal can cause wrong amount lp to be withdrawn from IchiVault for swap

lack of slippage control can cause uniswap swap to be susceptible to sandwich attacks

onlyEOAEx modifier that ensures call is from EOA might not hold true in the future

missing implementation in HardVault causes it to serve no purpose

max position size of strategy can be bypassed if oracle returns 0

chainlink oracle does not check answer returned is not 0

First vault depositor can steal other's assets

Malicious Users Can Drain The Assets Of Vault. (Due to not being ERC4626 Complaint)

Fee on transfer token not supported

Vault.maxWithdraw returns asset amount that is too big for Vault.withdraw

Adversary can grief kicker by frontrunning kickAuction call with a large amount of loan

user can drawDebt that is below dust amount

User who rebalances perpDepository can gain excess tokens without taking any risks

attacker can grief user by frontrunning rebalance with 0 amountOutMinimum and sqrtPriceLimitX96

rebalance will always revert

Inflation of ggAVAX share price by first depositor

wrong reward distribution between early and late depositors because of the late syncRewards() call in the cycle, syncReward() logic should be executed in each withdraw or deposits (without reverting)

slashing fails when node operator doesn't have enough staked `GGP`

Reentrancy in buy function for ERC777 tokens allows buying funds with considerable discount

Liquidity providers may lose funds when adding liquidity

First depositor can break minting of shares

Price will not always be 18 decimals, as expected and outlined in the comments

Rounding error in buyQuote might result in free tokens

Trading#initiateMarketOrder allows to open a position with more margin than expected due to _handleOpenFees wrong calculation when a trade is referred

Chainlink price feed is not sufficiently validated and can return stale price

Malicious Users Can Drain The Assets Of Auto Compound Vault

Underlying assets stealing in `AutoPxGmx` and `AutoPxGlp` via share price manipulation

BringUnusedETHBackIntoGiantPool can cause stuck ether funds in Giant Pool

Incorrect accounting in SyndicateRewardsProcessor results in any LP token holder being able to steal other LP tokens holder's ETH from the fees and MEV vault.

DAO or lsdn owner can steal funds from node runner

Giant pools cannot receive ETH from vaults

User can gain near maximum votes

Public to all funds escape