First depositor can break minting of liquidity shares in GeVault

Market: DoS when stuffed with pending protected positions

CrosschainDistributor: Not paying relayer fee when calling xcall to claim tokens to other domains

LMPVaultRouterBase: Native ETH lost in router when mint&deposit

LMPVault: Wrong accounting because of unsynced `totalDebt`

LMPVault: DoS when `feeSink` balance hits `perWalletLimit`

Vault: The attacker can sandwich attack himself on swaps in open_position, close_position and reduce_position to make a bad debt

Vault: reduced margin is not added back to account

Vault: position margin should be valued in postion token but not debt token

Vault: `_update_debt` does not accrue interest

Vault: 24h ORACLE_FRESHNESS_THRESHOLD is too long for oracle price freshness check

`rebalanceAll` won't work if the fee 500 uniswap pool is not added

Liquidity adding in `rebalanceAll` is vulnerable to sandwich attack

Operator can hijack rebalance control flow inside `swap.router.call` to manipulate pool prices and sandwich attack subsequent liquidity minting

Operator rebalance should be rate limited

MEV bot can sandwich attack oracle update transactions to steal the protocol

Missing check for whether L2 Sequencer is active

Oracle has no check for round completeness

Stale inflationMultiplier in L1ECOBridge

mintRebalancer missing onlyBalancer

UniV3SwapInput is vulnerable to sandwich attack

getOwnValuation is vulnerable to price manipulation attack

getSupplyProportion uses Uniswap V3 pool token balances which can be easily manipulated

Wrong price decimal handling in StableOracleDAI

invokeApprove should approve 0 first

FEE-ON-TRANSFER tokens can not be used as collateral

An attacker can manipulate the preDepositvePrice to steal from other users.

Residual ETH unreachable and unuitilized in SafEth.sol

WNT in depositVault can be drained by abusing initialLongToken/initialShortToken of CreateDepositParams