L2SharedBridge l1LegacyBridge is not set

Freezed Chain will never be unfreeze since `StateTransitionManager::unfreezeChain` is calling `freezeDiamond` instead of `unfreezeDiamond`.

assetState_.lastRewardGlobal is not cleared during deposit

Share price manipulation by first depositor in FundingRateArbitrage

Rate calculation inconsistency inside JUSDBankStorage

Whitelised accounts can be forcefully DoSed from buying curveTokens during the presale

Unrestricted claiming of fees due to missing balance updates in `FeeSplitter`

onBalanceChange causes previously unclaimed rewards to be cleared

Theft of holder fees when `holderFeePercent` was positive and is set to zero

TrufVesting.cancelVesting calculates end of vesting incorrectly

LibTWAPOracle can be manipulated

LibTWAPOracle may use outdated price

swap fees going to the liquidation pool manager contract will be accounted for as part of the liquidation amount

Fees are hardcoded to 3000 in ExactInputSingleParams

Wrong Implementation of `LiquidationPool::empty` excludes holder with pending stakes when decreasing a position, resulting in exclusion from asset distribution

Incorrect calculation of amount of EURO to burn during liquidation

A user can steal an already transfered and bridged reSDL lock because of approval

Attacker can exploit lock update logic on secondary chains to increase the amount of rewards sent to a specific secondary chain

Updates from the `secondary pool` to the `primary pool` may not be sent because there are `no rewards` for the secondary pool

Vault token price manipulation by first liquidity minter

`ArtPiece.totalVotesSupply` and `ArtPiece.quorumVotes` are incorrectly calculated due to inclusion of the inaccessible voting powers of the NFT that is being auctioned at the moment when an art piece is created

Once EntropyRateBps is set too high, can lead to denial-of-service (DoS) due to an invalid ETH amount

`ERC20TokenEmitter::buyToken` function mints more tokens to users than it should do

Since buyToken function has no slippage checking, users can get less tokens than expected when they buy tokens directly

The quorumVotes can be bypassed

CultureIndex.sol#dropTopVotedPiece() - Malicious user can manipulate topVotedPiece to DoS the whole CultureIndex and AuctionHouse

`encodedData` argument of `hashStruct` is not calculated perfectly for EIP712 singed messages in `CultureIndex.sol`

Re-triggering the `canOffboard[term]` flag to bypass the DAO vote of the lending term offboarding mechanism

ProfitManager's "creditMultiplier" calculation does not count undistributed rewards; this can cause value losses to users

LendingTerm debtCeiling function uses creditMinterBuffer incorrectly

BunniPrice.getBunniTokenPrice doesn't include fees

BunniSupply.getProtocolOwnedLiquidityOhm doesn't include ohm fees

OlympusSupply.getReservesByCategory will revert in case if submoduleReservesSelector_ is empty

Token.updateFounders will not clear tokenRecipient correctly

LockingPositionService.mintPosition creates 1 week longer lock than user requested

No slippage protection for Market functions

Users will lose rewards when buying new tokens if they already own some tokens

The price of rsEHT could be manipulated by the first staker

Protocol mints less rsETH on deposit than intended

Single host can unfairly skip veto period for proposal that does not have full host support

PartyGovernanceNFT.sol#mint - User can delegate another user funds to themselves and brick them from changing the delegation

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

Adversary can block `claimAuction()` due to push-strategy to transfer assets to multiple bidders

Oracle fees can be drained by calling settle several times

Only one callback per oracle version can be registered in the KeeperOracle callbacks

MultiInvoker doesn't pay keepers refund for l1 calldata

Block of GMXVault by using GMX UI fee

`GMXVault` can be blocked by a malicious actor

Incorrect Execution Fee Refund address on Failed Deposits or withdrawals in Strategy Vaults

Withdraw function provides more funds to withdrawer

The protocol will mint unnecessary fees if the vault is paused and reopened later.

Missing minimum token amounts in the emergency contract functions allows MEV bots to take advantage of the protocols emergency situation

Incorrect state transition may cause vault in stuck

GMXVault can stop working in case if GMX will change `Keys.MAX_CALLBACK_GAS_LIMIT` to smaller than 2 millions

Rewards from GMX are sent to Trove only in deposit and withdraw functions

In case if withdraw has failed, then processWithdrawFailure will decrease exchange rate of GMXVault shares

All functions that burn or mint shares for user's should mintFee for protocol before

Inaccurate Fee Due to missing lastFeeCollected Update Before feePerSecond Modification

ChainlinkARBOracle.consult will revert phase id was increased for chainlink aggregator

Batched liquidations doesn't distribute bad debt on next batches in the list

Lenders can escape the blacklisting of their accounts because they can move their MarketTokens to different accounts and gain the WithdrawOnly Role on any account they want

Borrower has no way to update `maxTotalSupply` of `market` or close market.

Borrowers can escape from paying half of the penalty fees by closing the market, and those remaining penalty fees will be covered by the lender who withdraws last

Borrower can drain all funds of a sanctioned lender

`setAnnualInterestBips()` can be abused to keep a market's reserve ratio at 90%

Blocked accounts keep earning interest contrary to the WhitePaper

Borrower can dos liquidations

Courier can be cheated to avoid fees

L2SharedBridge l1LegacyBridge is not set

Freezed Chain will never be unfreeze since `StateTransitionManager::unfreezeChain` is calling `freezeDiamond` instead of `unfreezeDiamond`.

Prime.sol - User can claim Prime token without having any staked XVS, because his `stakedAt` isn't reset whenever he is issued an irrevocable token.

All tokens can be stolen from `VirtualAccount` due to missing access modifier

ArbitrumCoreBranchRouter.executeNoSettlement can't handle 0x07 function

Incorrect source address decoding in RootBridgeAgent and BranchBridgeAgent's _requiresEndpoint breaks LayerZero communication

If RootBridgeAgent.lzReceiveNonBlocking reverts internally, the native token sent by relayer to RootBridgeAgent is left in RootBridgeAgent

No deposit cross-chain calls/communication can still originate from a removed branch bridge agent

`ArbitrumBranchBridgeAgent::_performFallbackCall` Function Does Not Refund Users Their Excess Native Gas Deposit

User can frontrun RFPSimpleStrategy._allocate in order to increase his bid

Anyone can call RFPSimpleStrategy.setPoolActive

QVSimpleStrategy allows allocator to use as many votes as he wishes

Protocol isn't compatible with fee on transfer tokens

RFPSimpleStrategy will not work when useRegistryAnchor is set

Allocator who allocates additional votes to same recipient can provide more votes

In case if QVSimpleStrategy pool will be funded after some user's already received payment, then distribution will be incorrect

Cached `DOMAIN_SEPARATOR` is incorrect for tranche tokens potentially breaking permit integrations

Users Lose Funds and Market Functionality Breaks When Market Reachs 65k Id

Owner of a bad ShortRecord can front-run flagShort calls AND liquidateSecondary and prevent liquidation

Previous NFT owner can burn NFT from the new owner

Possible DOS on deposit(), withdraw() and unstake() for BridgeReth, leading to user loss of funds

User can create small position after exit with bid

withdrawFees does not update checkpoint

The settle feature will be broken if attacker arbitrarily transfer collateral tokens to the PerpetualAtlanticVaultLP

Put settlement can be anticipated and lead to user losses and bonding DoS

The peg stability module can be compromised by forcing lowerDepeg to revert.

Users can get immediate profit when deposit and redeem in `PerpetualAtlanticVaultLP`

`UniV3LiquidityAMO::recoverERC721` will cause `ERC721` tokens to be permanently locked in `rdpxV2Core`

Can not withdraw RDPX if WETH withdrawn is zero

Change of `fundingDuration` causes "time travel" of `PerpetualAtlanticVault.nextFundingPaymentTimestamp()`

`rngComplete` function should only be called by `rngAuctionRelayer`

Sandwich attack to steal all ERC-20 tokens in the Fees contract

Borrower can use Refinance to cancel auctions so they can extend their loan indefinitely

During refinance() new Pool balance debt is subtracted twice

[H-04] Lender#buyLoan - Malicious user could take over a loan for free without having a pool because of wrong access control

Fee on transfer tokens will cause users to lose funds

Forcing a borrower to pay a huge debt via the giveLoan()

Hardcoded Router Address May Cause Token Lockup in Non-Standard Networks

No expiration deadline leads to losing a lot of funds

Fixed fee level is used when swap tokens on Uniswap

Theft of collateral tokens with fewer than 18 decimals

There is no incentive to liquidate small positions

DSC protocol can consume stale price data or cannot operate on some EVM chains

Chainlink oracle will return the wrong price if the aggregator hits `minAnswer`

Too many DSC tokens can get minted for fee-on-transfer tokens.

`liquidate` does not allow the liquidator to liquidate a user if the liquidator HF < 1

Protocol can break for a token with a proxy and implementation contract (like `TUSD`)

[H-01] Lack of emergency withdraw function when no arbiter is set

High - Funds can be lost if any participant is blacklisted

LMPVault may update idle not accurate

LMPVaultRouterBase.mint tries to get payment 2 times in case of native payment

MavEthOracle can be manipulated

LiquidationRow.liquidateVaultsForToken will never work, so vault depositors will not receive any rewards

Resetting delegation will result in user funds being lost forever

`Vault.mintYieldFee` FUNCTION CAN BE CALLED BY ANYONE TO MINT `Vault Shares` TO ANY RECIPIENT ADDRESS

Vault is not compatible with some erc4626 vaults

depositWithPermit and mintWithPermit are allowed to be called by permit creator only

Claimer.claimPrizes can be frontrunned in order to make losses for the claim bot

`VaultFactory` allows deployment of vaults with non-authentic `TwabController` and `PrizePool`

Unintended or Malicious Use of Prize Winners' Hooks

`_liquidateUser()` should not re-use the same minimum swap amount out for multiple liquidation

Liquidated USDO from BigBang not being burned after liquidation inflates USDO supply and can threaten peg permanently

`LidoEthStrategy._currentBalance` is subject to price manipulation, allows overborrowing and liquidations

Ability to steal user funds and increase collateral share infinitely in BigBang and Singularity

Tokens can be stolen from other users who have approved Magnetar

twTAP.claimAndSendRewards() will claim the wrong amount for each reward token due to the use of wrong index.

Anybody can buy collateral on behalf of other users without having any allowance using the multiHopBuyCollateral()

The BigBang contract take more fees than it should

Rewards compounded in AaveStrategy are unredeemable

[HB10] `AaveStrategy.sol`: Changing swapper breaks the contract

`totalCollateralShare` state variable not updated in `Singularity` market upon liquidation, resulting in an error on `addCollateral` with skim functionality

SGLLeverage/BigBang `buyCollateral` Can Be Exploited to Steal Asset Approvals & Collateral

Tapioca Bar: Unusable Market Add Functions in Penrose Contract

BigBang and Singularity should not pause repay() and liquidate()

Incorrect `eligibleAmount` for `AirdropBroker` Phase 3

`emitForWeek` will lose `emissionForWeek` if one week is skipped

`extractTAP()` function can allow minting an infinite amount in one week, leading to a DoS attack in `emitForWeek()`

TOFT `exerciseOption` fails due to not passing `msg.value` properly

Using `setBigBangEthMarketDebtRate` or `setBigBangConfig` cause incorrect interest calculation due to retroactively applying the interest rate

Missing deadline checks allow pending transactions to be maliciously executed

There is no mechanism to track and resolve bad debt

`MagnetarV2#burst` double counts `msg.value` for `TOFT_WRAP` operation, making the transaction revert unless the user overpays

all deposit and withdraw function in Convex and Curve nativeLP Strategy, apply slippage on internal pricing; which call real-time on chain price from Curve directly and subject to MEV

SGLLeverage.multiHopSellCollateral checks swapper on wrong chain

USDOOptionsModule.exercise doesn't send refund to user

Some actions inside MagnetarV2.burst will not work because msg.value is used inside delegate call

Loss of COMP reward in CompoundStragety.sol

Rebalancing mTapiocaOFT of native token forces admin to pay for rebalance amount

Potential loss of value in YieldBox's `depositETHAsset()`

`SGLBorrow::repay` and `BigBang::repay` uses `allowedBorrow` with the asset amount, whereas other functions use it with share of collateral

[HB09] `emergencyWithdraw` on all strategy contracts useless without a pause mechanism

partyA can block partyB from opening position when it's not favorable for it

LiquidationFacetImpl.liquidatePositionsPartyB doesn't check provided signature timestamp correctly

LibMuon.verifyPrices doesn't check user's nonce, which allows to provide old values

PartyBFacetImpl.openPosition can open position that is not solvent

Some liquidations will not be attractive for liquidators

Fees are not returned for locked or cancel_pending quote, when partyB is liquidated

In case if symbol is not valid it should be not possible to open position

PartyBFacetImpl.acceptCancelRequest function doesn't increase nonce for partyA

In case if trading fee will be changed then refund will be done with wrong amount

Suspended account still can do partyB actions

Payment for liquidation is not fair

ArakkisV2Router.addLiquidityPermit2 eth refund logic is not working

ChainLinkOraclePivot uses same outdated timeout for both price feeds

ArrakisV2Storage.setManagerFeeBPS should collect fees before changing fee

User with disapproval role can gas grief the action executor

It is not possible to execute actions that require ETH (or other protocol token)

Chainlink's `latestRoundData` may return stale or incorrect result

ValidatorWithdrawalVault.settleFunds doesn't check amount that user has inside NodeELRewardVault to pay for penalty

ValidatorWithdrawalVault.distributeRewards can be called to make operator slashable

Missing checks for whether Arbitrum Sequencer is active

PriceOracle.getPrice doesn't check for stale price

Traders should pay fee for the oposite side for the whole time, when protocol was paused

BalancedVault.claim can be called in not favorable situation

AmmModule will not work with usdt

Using deprecated Chainlink function latestAnswer

Missing checks for whether Arbitrum Sequencer is active

Anyone can request aave flashloan on behalf of MarginTrading contract to make loses for it

Comptroller.healAccount doesn't distribute rewards for healed borrower

ShortFall contract might transfer incorrect amount of tokens to the highest bidder.

Borrower can cause a DoS by frontrunning a liquidation and repaying as low as 1 wei of the current debt

It's possible to borrow, redeem, transfer tokens and exit markets with outdated collateral prices and borrow interest

User can avoid bankrupting by calling PositionManager.moveLiquidity where to index is bankrupted index

Position NFT can be spammed with insignificant positions by anyone until rewards DoS

Governance attack on Extraordinary Proposals

Calling `StandardFunding.screeningVote` function and `ExtraordinaryFunding.voteExtraordinary` function when `block.number` equals respective start block and when `block.number` is bigger than respective start block can result in different available votes

A malicious strategy can permanently DoS all currently pending withdrawals that contain it

User can loose funds in case if swapping in DecreaseOrderUtils.processOrder will fail

Subaccount.execute is not payable, so user can't provide amount along with the call

It's possible to reset primaryCredit and secondaryCredit for insurance account

FlashLoanLiquidate.JOJOFlashLoan function doesn't check for slippage

Incorrect implementation of RecordParser.readKeyValue()

Challengers and bidders can collude together to restrict the minting of position owner

function `restructureCapTable()` in Equity.sol not functioning as expected

Loss of funds for traders due to accounting error in royalty calculations

Flashloan fee is not distributed to the factory

Position doesn't distribute rewards to users

Reward accounting is incorrect in BathBuddy contract

RubiconMarket checks slippage incorrectly

Fee inclusivity calculations are inaccurate in RubiconMarket

Incorrect fee handling in Position.sol's Market Buy/Sell functions

Zero reward rate calculation impedes low-decimals token distributions

Position._borrowLimit doesn't use exisiting collateral in case if user doesn't have any `_bathToken`

Position contract allows to interact with positions that are liquidated

Incorrect calculations can occur when calling `Position._marketBuy` and `Position._marketSell` functions that do not include maker fee in `_fee`

A temporary issue shows in the staking functionality which leads to the users receiving less minted tokens.

Staking, unstaking and rebalanceToWeight can be sandwiched (Mainly rETH deposit )

`WstEth` derivative assumes a ~1=1 peg of stETH to ETH

Users can fail to unstake and lose their deserved ETH because malfunctioning or untrusted derivative cannot be removed

Possible DoS on `unstake()`

deploying contracts with forceDeployOnAddress will break contracts when callConstructor is false

time-sensitive contracts deployed on zkSync

HatsSignerGateBase.setTargetThreshold should adjust minThreshold

Malicious user can trigger XProvider calls with small or 0 relayerFee in order to make txs stuck waiting while someone will execute them

Vault.pullFunds decreases `savedTotalUnderlying` param incorrectly sometimes

Game.rebalanceBasket can be called by user, when rewards are not sent yet for the period, in order to avoid slashing dervy token for negative rewards

Vault.rebalance calculates rewards per locked token incorrectly

MainVault.rebalanceXChain doesn't check that savedTotalUnderlying >= reservedFunds

Game doesn't accrued rewards for previous rebalance period in case if rebalanceBasket is called in next period

Rewards per locked token are calculated incorrectly

Vault.claim should be called before `pushTotalUnderlyingToController`

Vault thinks that all stable coins have same cost

exchangeRate is not up to date in case if vault that is off is changed to on

Vault.blacklistProtocol can revert in emergency

Vault.blacklistProtocol doesn't claim rewards

Players are not guaranteed to receive rewards

User should not receive rewards for the rebalance period, when protocol was blacklisted, because of unpredicted behaviour of protocol price

User can claim all balance of reward tokens, because of issue in calculations

User can claim more rewards, because incorrect order in calculation

cachedUserRewards variable is never reset, so user can steal all rewards

SingleSidedLiquidityVault._accumulateInternalRewards will revert with underflow error if rewardToken.lastRewardTime is bigger than current time

When reward token is being removed it should send rewards to users

ohmRemoved is calculated incorrectly inside SingleSidedLiquidityVault.withdraw function

Any user can call settle before auction in order to mint all tokens to FALLBACK_RECEIVER and ddos AuctionHouse

Vault.remove_operator allows to remove last operator

GasUtils.estimateExecuteWithdrawalGasLimit calculates gas amount incorrectly

No slippage for withdrawal without swapping path

MarketUtils.claimCollateral implemented incorrectly

PositionPricingUtils.getPositionFees takes more fees than should

DecreaseOrderUtils.processOrder doesn't have slippage protection, when `order.swapPath().length == 0`

Oracle._setPricesFromPriceFeeds can get stale price from oracle

Oracle._setPricesFromPriceFeeds will set incorrect price for stable coins in case of deppeging

ExecuteDepositUtils.getAdjustedLongAndShortTokenAmounts works incorrectly

When executeDeposit or executeWithdraw feature is disabled, keeper can execute orders in order to cancel them and burn part of execution fee

User can buy protection for 0 amount for free in order to be able to renew it with not 0 amount when they think pool will default

Lending pool state transition will be broken when pool is expired in late state

Attacker can withdraw in same or next epoch when he deposited

ProtectionPool._accruePremiumAndExpireProtections will stop working when lendingPool will have big number of protections

ProtectionPool.lockCapital doesn't check if protection is already expired

defaultStateManager.getLendingPoolStatus can be stale which allows user to buy/renew protection when he should not

BlueBerryBank doesn't poke all position debt tokens, before checking getDebtValue

In case if user withdrawLend in withdrawVaultFee window, his position.underlyingAmount is not updated correctly

Position owner lose ichi farm rewards when he calls openPositionFarm and collateral already exists

User lose WERC20 when close position and provides amountLpWithdraw that is not 0

BlueBerryBank.liquidate supposes that only 1 token can be borrowed for the position

BlueBerryBank.getPositionRisk shows risk 0, when underlying price is 0

IchiVaultSpell.strategy.maxPositionSize can be bypassed

Fee on transfer tokens are not supported

No ability to provide slippage when closing position

BasicSpell.doCutRewardsFee uses depositFee instead of withdraw fee

DepositManagerV1.refundDeposit will revert when big number of deposits will be created in bounty

ClaimManagerV1 will not be able to claim for user if he is blocked by any reward token

Attacker can block user from claiming AtomicBountyV1 by depositing token that doesn't support 0 transfer and then refunding

BountyCore.claimNft doesn't check that nft is not refunded

DepositManagerV1.fundBountyNFT doesn't check if address limit is reached

TieredFixedBountyV1.setPayoutScheduleFixed will fail in case issuer wants to make less amount of tiers

Anyone who uses same adapter have ability to pause it

Staking rewards can be drained

BeefyAdapter() malicious vault owner can use malicious _beefyBooster to steal the adapter's token

Protocol loses fees because highWaterMark is updated every time someone deposit, withdraw, mint

DOS any Staking contract with Arithmetic Overflow

`MultiRewardStaking.changeRewardSpeed()` breaks the distribution

Faulty Escrow config will lock up reward tokens in Staking contract

AdpaterBase.harvest should be called before deposit and withdraw

Strategy can't earn yields for user as underlyingBalance is not updated when strategy deposits

Malicious Users Can Drain The Assets Of Vault. (Due to not being ERC4626 Complaint)

[H-01] Management Fee for a vault is charged even when there is no assets under management and subject to manipulation.

cool down time period is not properly respected for the `harvest` method

Anyone can reset fees to 0 value when Vault is deployed

`Vault::takeFees` can be front run to minimize `accruedPerformanceFee`

Borrower can lose partial fund during minting of Power Token as excess ETH are not refunded automatically

Fee on transfer tokens will not behave as expected

Protocol fees can be withdrawn multiple times in `Erc20Quest`

Possible scenario for Signature Replay Attack

Users may not claim Erc1155 rewards when the Quest has ended

User may loose rewards if the receipt is minted after quest end time

Deposits from L1 to L2 using L1CrossDomainMessenger will fail and will not be replayable when L2CrossDomainMessenger is paused

Protocol doesn't check the result of ERC20.transfer calls

Cooler.repay doesn't repay correctly in some cases

attacker can prevent vesting for a very long time

PublicVault.processEpoch calculates withdrawReserve incorrectly. Users can lose funds.

Liquidation will fail if value set as `liquidationInitialAsk` > 2**88-1, causing collateral to be permanently locked

Buying out corrupts the slope of a vault, reducing rewards of LPs

Deadlock in valuts with underlying token with less then 18 decimals

Adversary can game the liquidation flow by transfering a dust amount of the payment token to ClearingHouse contract to settle the auction if no one buy the auctioned NFT

PublicVault.processEpoch updates YIntercept incorrectly when totalAssets() <= expected

Lack of support for ERC20 token that is not 18 decimals

Approved operator of collateral owner can't liquidate lien

WithdrawProxy allows redeem() to be called before withdraw reserves are transferred in

Users are unable to mint shares from a public vault using `AstariaRouter` contract when share price is bigger than one

LienToken._payment function increases users debt

PerpDepository._rebalanceNegativePnlWithSwap doesn't approve spotSwapper before swap

PerpDepository._rebalanceNegativePnlWithSwap doesn't approve vault before deposit

PerpDepository supposes that `clearingHouse.openPosition` returns quoteAmount in e18

PerpDepository calculates fees incorrectly

PerpDepository.netAssetDeposits variable can prevent users to withdraw with underflow error

Stealing fund by applying reentrancy attack on `removeCollateral`, `startLiquidationAuction`, and `purchaseLiquidationAuctionNFT`

Borrowers may earn auction proceeds without filling the debt shortfall

`PaprController` pays swap fee in `buyAndReduceDebt`, not user

Inflation of ggAVAX share price by first depositor

Hijacking of node operators minipool causes loss of staked funds

ProtocolDAO lacks a method to take out GGP

Division by zero error can block RewardsPool#startRewardCycle if all multisig wallet are disabled.

MinipoolManager: recordStakingError function does not decrease minipoolCount leading to too high GGP rewards for staker

Users may not be able to redeem their shares due to underflow

wrong reward distribution between early and late depositors because of the late syncRewards() call in the cycle, syncReward() logic should be executed in each withdraw or deposits (without reverting)

Functions cancelMinipool() doesn't reset the value of the RewardsStartTime for user when user's minipoolcount is zero

Inflation rate can be reduce by half at most if it get called every 1.99 interval.

Bypass `whenNotPaused` modifier

NodeOp funds may be trapped by a invalid state transition

Admin does not have to wait to call `lastResortTimelockOwnerClaimNFT()`

Reentrancy in buy function for ERC777 tokens allows buying funds with considerable discount

First depositor can break minting of shares

Malicious user can steal all assets in BondNFT

Lock.sol: assets deposited with Lock.extendLock function are lost

Not enough margin pulled or burned from user when adding to a position

Must approve 0 first

Approved operators of Position token can't call Trading.initiateCloseOrder

`_handleDeposit` and `_handleWithdraw` do not account for tokens with decimals higher than 18

Unreleased locks cause the reward distribution to be flawed in BondNFT

Chainlink price feed is not sufficiently validated and can return stale price

griefing / blocking / delaying users to withdraw

A whale user is able to cause freeze of funds of other users by bypassing withdraw limit

Manager can get around min reserves check, draining all funds from Collateral.sol

`LPDA` price can underflow the price due to bad settings and potentially brick the contract

ETH will get stuck if all NFTs do not get sold.

Unsafe downcasting operation truncate user's input

Use of `payable.transfer()` Might Render ETH Impossible to Withdraw

Router.getOrCreatePoolAndAddLiquidity can be frontrunned which leads to price manipulation

Possible to create Stream with start and stop time in past

Stream doesn't have ability to rescue native token

Stream.rescueERC20 allows to transfer token() in case of 2 address tokens

Not possible to create stream that pays less than 1 token per second

During oracle outages or feeder outages/disagreement, the `ParaSpaceFallbackOracle` is not used

CrabNetting.depositsQueued and CrabNetting.withdrawsQueued will revert when there are many unprocessed deposits and withdraws

Vault_Lyra doesn't allow to close loan if Lyra collateral is not active and accrues more fees

CollateralBook.CHANGE_COLLATERAL_DELAY variable is mistakenly set to 200 sec instead of 2 days

Isomorph.ISOUSD_TIME_DELAY uses 3 sec delay instead of 3 days

Vault_Base_ERC20._updateVirtualPrice allows to skip some price updates

Vault_Lyra will continue calculate interests when contract is paused

Vault_Lyra.increaseCollateralAmount doesn't allow borrower to add collateral if total collateral is less than liquidation amount

The 'redeem' related functions are likely to be blocked

Malicious Users Can Drain The Assets Of Auto Compound Vault

Underlying assets stealing in `AutoPxGmx` and `AutoPxGlp` via share price manipulation

Assets may be lost when calling unprotected `AutoPxGlp::compound` function

Deposit Feature Of The Vault Will Break If Update To A New Platform

PirexGmx.initiateMigration can be blocked

FeeBuyback doesn't use safeTransferFrom for tokens transfering

Fee on transfer tokens are not supported

Result of ERC20 transfer is ignored

Replay attack for order is possible

Fee on transfer tokens are not supported

transferPosition function do not transfer withdrawableCollectionTokenId to new recipient

DODORouteProxy._routeWithdraw uses transfer to send eth

Governance.queue function increases proposalsCreated counter isntead of proposalsPassed

User with delegated votes in amount more then proposalThreshold can block his delegator for undelegating votes

Use safeTransferFrom when unstake token

BondAggregator.liveMarketsBy eventually will revert because of block gas limit

BondBaseSDA.setDefaults doesn't validate inputs

meta.tuneBelowCapacity param is not updated when BondBaseSDA.setIntervals is called

Seller's ability to decrypt bids before reveal could result in a much higher clearing price than anticpated and make buyers distrust the system

Attacker may DOS auctions using invalid bid parameters

Incompatibility with fee-on-transfer/inflationary/deflationary/rebasing tokens, on both base tokens and quote tokens, with varying impacts

Repaying a line of credit with a higher than necessary claimed revenue amount will force the borrower into liquidation

Borrower can by mistake add own money to credit if credit is in ETH

Whitelisted functions aren't scoped to revenue contracts and may lead to unnoticed calls due to selector clashing

Mutual consent cannot be revoked and stays valid forever

Variable balance ERC20 support

address.call{value:x}() should be used instead of payable.transfer()

Borrower/Lender excessive ETH not refunded and permanently locked in protocol

Share price manipulation by first depositor is possible on DnGmxJuniorVault and DnGmxSeniorVault

Owner can transfer all ERC20 reward token out using function recoverERC20

Avoidable misconfiguration could lead to INVEscrow contract not minting xINV tokens

Two day low oracle used in `Market.liquidate()` makes the system highly at risk in an oracle attack

Oracle assumes token and feed decimals will be limited to 18 decimals

Chainlink oracle data feed is not sufficiently validated and can return stale `price`

Redeemer.autoRedeem and Redeemer.authRedeem can be called when paused

ERC5095.deposit doesn't check if received shares is less then provided amount

ERC5095.mint function calculates slippage incorrectly

Redeemer.setFee function will always revert

Marketplace.setPrincipal funtion approves allowance for Notional incorrectly

Marketplace.setPrincipal do not approve needed allowance for Element vault and APWine router

AstariaRouter.commitToLiens function will always revert

ASTARIA_ROUTER.getProtocolFee will always revert

Possible to pass signature check and borrow from any Vault for a dummy NFT

Potential debt is calculated incorrectly when taking a new borrow

LienToken.buyoutLien do not set lienData[lienId].payee to address 0

Possible to fully block PublicVault.processEpoch function. No one will be able to receive their funds

LiquidationAccountant.claim function can be called any time

CollateralToken should allow to execute token owner's action to approved addresses also

AuctionHouse.createBid will revert when bid is took when `auctions[tokenId].maxDuration - auctions[tokenId].duration < timeBuffer' with oferflow error

Strategist nonce is not checked

LienToken.createLien doesn't check if user should be liquidated and provides new loan

Manipulation of share price by first depositor of IVault

LienToken._payment function do not return overpaid amount to msg.sender

LienToken._payment function increases users debt

Factory uses signature that do not have expiration

No royalties bps validation in NFTCollection, ERC721NFTProduct and ERC1155NFTProduct

Very critical `Owner` privileges can cause complete destruction of the project in a possible privateKey exploit

Lock time can be avoided

Curve mess up is posssible that leads to deposit function blocked

StandardPolicyERC1155.sol returns amount == 1 instead of amount == order.amount

Manipulation of price by first depositor

Auction.getEpochsByBuyer can be broken

A "FrontRunning attack" can be made to the `initialize` function

Centralization risk: admin have privileges: admin can set address to mint any amount of frxETH, can set any address as validator, and change important state in frxETHMinter and withdraw fund from frcETHMinter

Withheld ETH shoud not be sent back to the frxETHMinter contract itself

It's possible to change for Vault and lost control on it

Early contributor can always become majority of crowdfund leading to rugging risks.

TribeRedeemer will start redeeming incorrectly if someone transfer redeem tokens directly to it

Multiple vote checkpoints per block will lead to incorrect vote accounting

Auction parameters can be changed during ongoing auction

Tokens without properties can be minted and cannot be rendered

Proposals can be bricked and Auctions stalled by bad settings

Compromised or malicious vetoer can veto any proposals with unrestricted power

Owners receive more percentage of total nft if some nfts were burned(because were not sold)

Heart::beat() could be called several times in one block if no one called it for a some time

Operator::setReserveFactor doesn't check if bond market should be changed

Unsafe casting from int128 can cause wrong accounting of locked amounts