Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

There is no refund mechanism in `ChakraSettlement.processCrossChainCallback` or `ChakraSettlementHandler.receive_cross_chain_callback` function

`ChakraSettlement.receive_cross_chain_msg` and `ChakraSettlement.receive_cross_chain_callback` functions do not ensure that receiving `ChakraSettlement` contract's `contract_chain_name` must match `to_chain` corresponding to respective `txid` input though

Invalid token address used in `ChakraSettlementHandler::cross_chain_erc20_settlement(...)` leading to invalid transaction creation and event emission

Settlement contract is mistakenly used for the handler contract when assigning ReceivedCrossChainTx struct

Does not check if to_chain and to_handler is whitelisted in cross_chain_erc20_settlement

SettlementSignatureVerifier's required_validators is not updated, resulting in a low or high number of signatures being required

Unrestricted Changes to Token Settings Allow Artists to Alter Critical Features

Signature replay in `signatureClaim` results in unauthorized claiming of rewards

Signature replay in `createArt` allows to impersonate artist and steal royalties

`PhiFactory:claim` Potentially Causing Loss of Funds If `mintFee` Changed Beforehand

Refunds sent to incorrect addresses in certain cases

Incorrect Fee Handling Prevents Protocol from Updating Fees

Because `WinnablesTicketManager._checkShouldCancel` function does not revert when raffle's total number of sold tickets equals its `minTicketsThreshold` after its purchase period is ended, such raffle can be canceled though it should not be cancellable, and such raffle's potential winner becomes unable to win

The maximum number of generations is infinite

Number of entities in generation can surpass the 10k number

Wrong minting logic based on total token count across generations

Forger Entities can forge more times than intended

NFTs mature too slowly under default settings.

Discrepancy between nfts minted, price of nft when a generation changes & position of `_incrementGeneration()` inside `_mintInternal()` & `_mintNewEntity()`

Incorrect check against golden entropy value in the first two batches

When malicious behavior occurs and DSS requests slashing against vault during 2 day period after `SLASHING_WINDOW` of 7 days is passed after staker initiates a withdrawal, token amount to be slashed is calculated to be higher than what it should be

`MasterChefRewarder` contract cannot support rebasing token as token to be distributed as rewards

Most users won't be able to claim their share of Uniswap fees

`claim` function lacks slippage controls for `amount0` and `amount1` returned by `pool.burn` function call

Transfer of ILOPool NFT token to different account allows for users to bypass the pool's `maxCapPerUser` invariant

A malicious user can steal money out of the vault and other users

[M-02] Incorrect call argument in `THORChain_Router::_transferOutAndCallV5`, leading to grief/steal of `THORChain_Aggregator`'s funds or DoS

StakingToken.sol doesn't properly handle FOT, rebasing tokens or those with variable which will lead to accounting issues downstream.

Incorrect withdraw queue balance in TVL calculation

Lack of slippage and deadline during withdraw and deposit

Withdrawals and Claims are meant to be pausable, but it is not possible in practice

`executeWithdraw` may be blocked if any of the users are blacklisted from the `baseToken`

Value of asset token can be incorrect when usage of ETH/USD Chainlink oracle is needed

`AccountingManager#totalWithdrawnAmount` should reflect tokens actually transferred to users, instead of expected transfers

Withdrawals in AccountManager are prone to DOS attacks.

Attacker can increase the length of `withdrawQueue` by withdrawing 0 amount of tokens frequently

First depositor can make subsequent depositor lose all of her or his deposit

Stale price can be used in `getValueFromChainlinkFeed` function

`maxDeposit`, `maxMint`, `maxWithdraw`, and `maxRedeem` functions do not return 0 when they should

`AccountingManager` contract's `previewDeposit`, `previewMint`, `previewWithdraw`, and `previewRedeem` functions are not compliant with EIP-4626 standard

`performanceFeeReceiver` cannot mint any performance fee shares even if TVL is dropped by only a very tiny amount

Noya is not compatible with tokens whose balance changes outside of transfers causing funds to get stuck in the contract

`revokeVestingSchedule` function, when called after staking token withdrawal of the user whose vesting schedule is to be revoked, incorrectly reduces `_totalSupply` and `_totalSupplyCheckpoints` at `block.number` to values that are lower than what they should be

`ZivoeRewards.depositReward` and `ZivoeRewardsVesting.depositReward` functions can be called with 0 as `reward` input

Calling `revokeVestingSchedule` function does not reduce `_checkpoints[account]` at `block.number` to 0

Calling `ZivoeITO.migrateDeposits`, `ZivoeRewards.getRewards`, and `ZivoeRewardsVesting.getRewards` functions can revert if `transfer` function of one of relevant tokens fails due to contract pausing or sender/receiver blocking

Unclaimable portion of deposited reward token amount can be locked in corresponding `ZivoeRewards` or `ZivoeRewardsVesting` contract

Removed liquidity can overflow when calling `SemiFungiblePositionManager.mintTokenizedPosition` function

Re-triggering the `canOffboard[term]` flag to bypass the DAO vote of the lending term offboarding mechanism

Incorrect calculations in debtCeiling

LendingTerm::debtCeiling() can return wrong debt as the min() is evaluated incorrectly

LendingTerm.sol#_partialRepay() A user cannot partial repay a loan with 0 interest

Malicious borrower can decrease Guild holders reward

Slippage controls for calling `bHermes` contract's `ERC4626DepositOnly.deposit` and `ERC4626DepositOnly.mint` functions are missing

Although `ERC20Boost.decrementGaugesBoostIndexed` function would require user to remove all of her or his boost from a deprecated gauge at once, such user can instead call `ERC20Boost.decrementGaugeBoost` function for multiple times to utilize such deprec

Delegation rewards are not counted toward granting fund

Calling `StandardFunding.screeningVote` function and `ExtraordinaryFunding.voteExtraordinary` function when `block.number` equals respective start block and when `block.number` is bigger than respective start block can result in different available votes

Can't pause or remove a minter

POSITION LIMIT COULD BE FULLY REDUCED TO ZERO BY CLONES

function `restructureCapTable()` in Equity.sol not functioning as expected

Loss of funds for traders due to accounting error in royalty calculations

`EthRouter.sell`, `EthRouter.deposit`, and `EthRouter.change` functions can be DOS'ed for some ERC721 tokens

Flash loan fee is incorrect in Private Pool contract

Reward accounting is incorrect in BathBuddy contract

Incorrect fee handling in Position.sol's Market Buy/Sell functions

Calling `Position._marketSell` function compares `fill_amt` that includes fee to `min_fill_amount` that does not include fee

Incorrect calculations can occur when calling `Position._marketBuy` and `Position._marketSell` functions that do not include maker fee in `_fee`

Calling `Position._marketBuy` and `Position._marketSell` functions that calculate `_fee` by dividing by `10000` can cause incorrect calculations

User can possess less value than before when `V2Migrator.migrate` function is called to give up bathTokenV1 tokens and hold bathTokenV2 tokens

Calling `ExpiringMarket.stop` and `ExpiringMarket.isClosed` functions cannot pause any functionlities of the market

A temporary issue shows in the staking functionality which leads to the users receiving less minted tokens.

`WstEth` derivative assumes a ~1=1 peg of stETH to ETH

Price of sfrxEth derivative is calculated incorrectly

Users can fail to unstake and lose their deserved ETH because malfunctioning or untrusted derivative cannot be removed

No slippage protection on `stake()` in SafEth.sol

Missing derivative limit and deposit availability checks will revert the whole `stake()` function

Lack of deadline for uniswap AMM

Underflow of `lpPosition.points` during withdrawLP causes huge reward minting

Updating a pool's total points doesn't affect existing stake positions for rewards calculation

ReaperVaultERC4626 is not EIP-4626 compliant and integrations can result in loss of funds

_harvestCore() roi calculation error

When calling `BlueBerryBank.withdrawLend` function, it is possible that extra amount, which is the difference between withdrawn amount from soft vault and position's `underlyingAmount`, remains in `BlueBerryBank` contract without belonging to anyone

User is able to reduce a position by withdrawing more collateral than she or he should be allowed to

`BlueBerryBank.withdrawLend` function cannot be paused

Chainlink's reported `answer` can be being carried over and stale

Making a deposit to an ICHI vault that would cause the position size to exceed the vault's maximum position size can be incorrectly allowed

First vault depositor can steal other's assets

syncFeeCheckpoint() does not modify the highWaterMark correctly, sometimes it might even decrease its value, resulting charging more performance fees than it should

Vault fees can be set to anything when initilizing

Fee on transfer token not supported

`Vault.redeem` function does not use `syncFeeCheckpoint` modifier

cool down time period is not properly respected for the `harvest` method

Users can fail to withdraw deposited assets from a vault that uses `YearnAdapter` contract as its adapter because `maxLoss` input for calling corresponding Yearn vault's `withdraw` function cannot be specified

Total assets of yearn vault are not correct

`Vault::takeFees` can be front run to minimize `accruedPerformanceFee`

Protocol fees can be withdrawn multiple times in `Erc20Quest`

Bad implementation in minter access control for `RabbitHoleReceipt` and `RabbitHoleTickets` contracts

Possible scenario for Signature Replay Attack

Buyer on secondary NFT market can lose fund if they buy a NFT that is already used to claim the reward

Users may not claim Erc1155 rewards when the Quest has ended

Fee on transfer tokens will not behave as expected

KYCRegistry is susceptible to signature replay attack.

Strategist can fail to withdraw asset token from a private vault

ERC4626Cloned deposit and mint logic differ on first deposit

For a public vault, minimum deposit requirement that is enforced by `ERC4626Cloned.deposit` function can be bypassed by `ERC4626Cloned.mint` function or vice versa when share price does not equal one

Users are unable to mint shares from a public vault using `AstariaRouter` contract when share price is bigger than one

Trading will not work on ethereum if USDT is used

Centralization risks: owner can freeze withdraws and use timelock to steal all funds

`_handleDeposit` and `_handleWithdraw` do not account for tokens with decimals higher than 18

Governance NFT holder, whose NFT was minted before `Trading._handleOpenFees` function is called, can lose deserved rewards after `Trading._handleOpenFees` function is called

Chainlink price feed is not sufficiently validated and can return stale price

During oracle outages or feeder outages/disagreement, the `ParaSpaceFallbackOracle` is not used

Underlying assets stealing in `AutoPxGmx` and `AutoPxGlp` via share price manipulation

Assets may be lost when calling unprotected `AutoPxGlp::compound` function

Anyone can call AutoPxGmx.compound and perform sandwich attacks with control parameters

Old stakers can steal deposits of new stakers in `StakingFundsVault`

EIP1559 rewards received by syndicate during the period when it has no registered knots can be lost

ETH sent when calling `executeAsSmartWallet` function can be lost

Calling `updateNodeRunnerWhitelistStatus` function always reverts

Node runner who is already known to be malicious cannot be banned before corresponding smart wallet is created

Compromised or malicious DAO can restrict actions of node runners who are not malicious

call opcode's return value not checked.

Public to all funds escape

Mistakenly sent eth could be locked

Variable balance ERC20 support

Borrower/Lender excessive ETH not refunded and permanently locked in protocol

Pausing `WardenPledge` contract, which takes effect immediately, by its owner can unexpectedly block pledge creator from calling `closePledge` or `retrievePledgeRewards` function

Owner can transfer all ERC20 reward token out using function recoverERC20

Calling `repay` function sends less DOLA to `Market` contract when `forceReplenish` function is not called while it could be called

Chainlink oracle data feed is not sufficiently validated and can return stale `price`

Protocol's usability becomes very limited when access to Chainlink oracle data feed is blocked

It is possible that operator loses sent ETH after calling `HolographOperator` contract's `executeJob` function

First depositor can manipulate share price and steal next depositor's deposited LINK amount

After `initialize` function is called and before `deposit` or `onTokenTransfer` function is called for the first time for a deployed vault, an attacker can directly transfer `1 wei` of LINK to the vault to force subsequent depositors to receive `0` myLINK shares and lose all deposited LINK amounts

Incompatibility With Rebasing/Deflationary/Inflationary tokens

It is possible that, after swapping, extra input token amount is transferred from user to pool but pool does not give user output token amount that corresponds to the extra input token amount

A "FrontRunning attack" can be made to the `initialize` function

`safeTransfer` function does not check for existence of ERC20 token contract

Centralization risk: admin have privileges: admin can set address to mint any amount of frxETH, can set any address as validator, and change important state in frxETHMinter and withdraw fund from frcETHMinter

frxETHMinter.depositEther may run out of gas, leading to lost ETH

Loss of vested amounts

not able to create claim

Variable balance token causing fund lock and loss

Supply cap of VariableSupplyERC20Token is not properly enforced

Possible centralization issue around RandProvider

ERC20 tokens with transfer fees cannot be withdrawn from the `Vault` contract

Users who deposit in one vault can lose all deposits and receive nothing when counterparty vault has no deposits

Depeg event can happen at incorrect price

It is possible that receiver and treasury can receive nothing when calling `withdraw` function due to division being performed before multiplication

`timewindow` can be changed unexpectedly that blocks users from calling `deposit` function

Calling `transferEth` function can revert if `receiver` input corresponds to a contract that is unable to receive ETH through its `receive` or `fallback` function

Calculated `token0TVL` may be zero under certain scenarios

A proposal can be cancelled by anyone if the proposal has exactly proposalThreshold votes

Truncation in casting can lead to a founder receiving all the base tokens

A proposal can pass with 0 votes in favor at early DAO stages

Auction parameters can be changed during ongoing auction

Quorum votes have no effect for determining whether proposal is defeated or succeeded when token supply is low

Compromised or malicious vetoer can veto any proposals with unrestricted power

State function does not require majority of votes for supporting and passing a proposal

Chainlink oracle data feeds are not sufficiently validated and can lead to incorrect account actions

User cannot liquidate account when calling `sweepTo` function reverts

Lenders could lose native ETH amounts that they lent out because borrowers cannot successfully repay these given that there is an `LToken` contract for native ETH

After endorsing a proposal, user can transfer votes to another user for endorsing the same proposal again

Endorsed votes by a user do not decrease after the user's votes are revoked

Voted votes cannot change after the user are issued with new votes or the user's old votes are revoked during voting

No Cap on Amount of VOTES means the `voter_admin` can get any proposal to pass

[NAZ-M1] Chainlink's `latestRoundData` Might Return Stale Results

Moving average precision is lost

User A cannot cancel User B's proposal when User B's prior number of votes at relevant block is same as proposal threshold, which contradicts the fact that User B actually cannot create the proposal when the prior number of votes is same as proposal thres

Penalty rate is used for pre-maturity date as well

NFT of NFT collection or NFT drop collection can be locked when calling _mint or mintCountTo function to mint it to a contract that does not support ERC721 protocol

Builder can halve the interest paid to a community owner due to arithmetic rounding

Wrong APR can be used when project is unpublished and published again

Builders must pay more interest when the system is paused.

It should not submit a project with no total budget. Requires at least one task with cost > 0

Owner of project NFT has no purpose

The `unwrapETH2LD` use `transferFrom` instead of `safeTransferFrom` to transfer ERC721 token

ORACLE DATA FEED CAN BE OUTDATED YET USED ANYWAYS WHICH WILL IMPACT ON PAYMENT LOGIC

Use a safe transfer helper library for ERC20 transfers

Code credits fee-on-transfer tokens for amount stated, not amount transferred