Design flaw and mismanagement in vault licensing leads to double counting in collateral ratios and positions collateralized entirely with kerosine

The winning bidder can close all bids and still win the token without paying anything. Furthermore, a very high bid will cause monetary loss to other bidders as they will need to cover the bidding fee.

Blacklisted User can still interact with Stablecoin

Malicious user can stake an amount which causes zero curStakeAtRisk on a loss but equal rewardPoints to a fair user on a win

Remove Liquidity has missing reserve1 DUST check, which can make reserve1 to be less than DUST

Impossible to change managed wallets with `proposeWallets` after first rejection

Rewards can be drained because of lack of access control

Users can not remove some amount of collateral from contract because of wrong implementation of "canRemoveCollateral()"

Bidder can use donations to get VerbsToken from auction that already ended.

LendingTerm::debtCeiling() can return wrong debt as the min() is evaluated incorrectly

No slippage protection for Market functions

[H-04] Lender#buyLoan - Malicious user could take over a loan for free without having a pool because of wrong access control

Zero address leads to transaction reverts

Lender fails to giveLoan because of inconsistent length between `loadIds` and `poolIds`

Multiple accesses of a mapping/array should use a local variable cache.

Uncheck Arithmetic where overflow/underflow impossible

Using Private Rather Than Public For Constants,Saves Gas

Use of magic numbers

Named parameter mappings

For the borrow(), repay() & startAuction() functions in Lender.sol the public visibility modifiers should be changed to external, to help optimize gas usage

Use assembly to check for `address(0)`

NatSpec documentation for function is missing

Large multiples of ten should use scientific notation

Constants in comparisons should appear on the left side

Conformance to Solidity naming conventions

Cache array length outside of loop

Function ordering does not follow the Solidity style guide

Long functions should be refactored into multiple, smaller, functions

Interfaces should be indicated with an `I` prefix in the contract name

Liquidation Is Prevented Due To Strict Implementation of Liqudation Bonus

All of the USD pair price feeds doesn't have 8 decimals

Use `==` instead for `<=` for `uints` when comparing for `zero` values

`++i`/`i++` should be `unchecked{++i}`/`unchecked{i++}` when it is not possible for them to overflow, as is the case when used in `for`- and `while`-loops

Constants should be be used for hardcoded values

The nonReentrant modifier should occur before all other modifiers

NatSpec `@return` argument is missing

[I-4] Constants in comparisons should appear on the left side

Use `assembly` to check for `address(0)`

Constructor of `Escrow` should make sure that `buyer`, `seller`, `arbiter` are different from each other.

Use assembly to check for `address(0)`

The `nonReentrant` `modifier` should occur before all other modifiers

NatSpec `@param` is missing

NatSpec `@return` argument is missing

Constants in comparisons should appear on the left side

Add methods to add/update arbiter in existing Escrow contracts