Using wrong format of `questionId` for `NegRiskCtfAdapter` leads to loan operations on resolved multi-outcome markets

Frequency-dependent `TaxCalculator.sol::calculateCompoundedFactor` leads to interest loss either for users or for protocol

Quorum overflow in `CollectionShutdown` leads to complete drain of contract's funds

Stale shutdown params can be reused to drain all funds from `CollectionShutdown` contract

Stealing of tax refunds via relisting liquidated protected listings

`Listings::reserve` reduces the listing count without deleting them; can be abused to shutdown a collection

`Listings::_isLiquidation` flag is not cleaned up; will lead to loss of tax refund for users

Wrong divisor in `TaxCalculator.sol::calculateCompoundedFactor` leads to 10x interest rates

`ERC1155Bridgable` is not EIP-1155 compliant

`ERC721Bridgable` and `ERC1155Bridgable` are not EIP-2981 compliant, and fail to correctly collect or attribute royalties to artists

`UniswapImplementation` sets fee exemption erroneously

Unrestricted Changes to Token Settings Allow Artists to Alter Critical Features

Signature replay in `signatureClaim` results in unauthorized claiming of rewards

Exposed `_removeCredIdPerAddress` & `_addCredIdPerAddress` allows anyone to cause issues to current holders as well as upcoming ones

`shareBalance` bloating eventually blocks curator rewards distribution

Signature replay in `createArt` allows to impersonate artist and steal royalties

Contract `PhiNFT1155` can't be paused

Won prizes may get permanently locked due to out-of-gas reverts

A raffle may be guaranteed won, or canceled despite reaching maxTicketSupply, thus depriving users from winning it

An attacker can bypass the challenge period during LPP finalization

LPP metadata can be altered after the challenge period is over, allowing incorrect states to be proven

Pending withdrawals prevent safe removal of collateral assets

The cycle payment due may span over approx. 2 cycles and block the borrower from paying

`Edition.mintBatch(address[], ...)` has disproportionally low mint fee

`Edition.transferWork` does not update fee routes

`Edition` not EIP-1155 compliant

TitlesGraph does not save acknowledgement

Design flaw and mismanagement in vault licensing leads to double counting in collateral ratios and positions collateralized entirely with kerosine

Users can get their Kerosene stuck until TVL becomes greater than Dyad's supply

`_cancelAllBids` allows to cancel the highest bid; can be exploited to steal all contract funds

Funds locked due to missing transfer check

Holders array can be manipulated by transferring or burning with amount 0, stealing rewards or bricking certain functions

Malicious user can stake an amount which causes zero curStakeAtRisk on a loss but equal rewardPoints to a fair user on a win

A locked fighter can be transferred; leads to game server unable to commit transactions, and unstoppable fighters

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

NFTs can be transferred even if StakeAtRisk remains, so the user's win cannot be recorded on the chain due to underflow, and can recover past losses that can't be recovered(steal protocol's token)

Burner role can not be revoked

Unrestricted claiming of fees due to missing balance updates in `FeeSplitter`

Unauthorized Access to setCurves Function

onBalanceChange causes previously unclaimed rewards to be cleared

Tombstoned observer can maliciously add a duplicate observer address resulting in forfeiting voting rewards of targeted observers