Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

Incorrect set up and logic of `referralInfoMap` in `SystemConfig::updateReferrerInfo` function

The maximum number of generations is infinite

Number of entities in generation can surpass the 10k number

Wrong minting logic based on total token count across generations

There is no slippage check in the `nuke()` function.

Forger Entities can forge more times than intended

`Golden God` Tokens can be minted twice per generation

`Auctioneer.auction` stores always the `Routing` data for new auctions using `lotId` 0

DoS for EMPAM `refundBid`

Settlement of batch auction can exceed the gas limit

Repayments and liquidations can be forced to revert by an attacker that repays miniscule amount of shares

V3Vault is not ERC-4626 compliant

Lack of safety buffer in `_checkLoanIsHealthy` could subject users who take out the max loan into a forced liquidation

Users can lend and borrow above allowed limitations

Assets for withdrawal can be locked

The operator utilization heap is not updated correctly when a operator is deactivated

Restaking tokens are not priced correctly when there are withdrawals queued

Rebalance DoS due to errors in allocation calculations

Malicious user can stake an amount which causes zero curStakeAtRisk on a loss but equal rewardPoints to a fair user on a win

A locked fighter can be transferred; leads to game server unable to commit transactions, and unstoppable fighters

Since you can reroll with a different fighterType than the NFT you own, you can reroll bypassing maxRerollsAllowed and reroll attributes based on a different fighterType

Players have complete freedom to customize the fighter NFT when calling `redeemMintPass` and can redeem fighters of types Dendroid and with rare attributes

Fighters cannot be minted after the initial generation due to uninitialized `numElements` mapping

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

NFTs can be transferred even if StakeAtRisk remains, so the user's win cannot be recorded on the chain due to underflow, and can recover past losses that can't be recovered(steal protocol's token)

Can mint NFT with the desired attributes by reverting transaction

`LeverageModule` NFT can be unlocked when there is a pending order

Trade fees can be avoided in limit orders

Accounting error for `marginDepositedTotal` in `settleFundingFees()`

Oracle can return different prices in same transaction

DoS for functions with invariant modifiers

The depegging of the collateral token from the USD could result in the Ubiquity Dollar token being undercollateralized

Incorrect amounts of ETH are transferred to the DAO treasury in `ERC20TokenEmitter::buyToken()`, causing a value leak in every transaction

Violation of ERC-721 Standard in VerbsToken:tokenURI Implementation

`encodedData` argument of `hashStruct` is not calculated perfectly for EIP712 singed messages in `CultureIndex.sol`

It may be possible to DoS AuctionHouse by specifying malicious creators

`fetchPrice` can return different prices in the same transaction

Users Lose Funds and Market Functionality Breaks When Market Reachs 65k Id

New orders can overwrite active orders when order id reaches 65000

Flag can be overriden by another user

Primary short liquidation can not be completed in the last hour of the liquidation timeline

Lack of essential stale check in oracleCircuitBreaker()

Changes in `dittoShorterRate` affect retroactively to accrued Ditto yield shares

The protocol allows less flags to be generated than possible which could lead to a DoS of the primary liquidation process

`AbstractRewarder:queueNewRewards()` might try to pull too many reward tokens from caller

It is not possible to liquidate rewards

`redeem` function can return less assets than expected

Users will not be able to withdraw assets on oracle price decrease

`Vault.mintYieldFee` FUNCTION CAN BE CALLED BY ANYONE TO MINT `Vault Shares` TO ANY RECIPIENT ADDRESS

deposit function does not check for the `maxMint` amount.

Unintended or Malicious Use of Prize Winners' Hooks

Transfer of Vault tokens can cause accounting errors in other contracts

No check for expired `priceSig` in `setSymbolsPrice`

`LibMuon` verifications hash collisions

`depositAndAllocateForPartyB` allocates the wrong amount

Users can DOS liquidation process by increasing their nonce

Party A can be liquidated with outdated price data

`partyA` can inflate the uPnL with no cost

The liquidation process can get stuck if the liquidators do not submit the symbol prices in the given time

Wrong calculation of solvency after request to close and after close position

Position can fall below minimum acceptable quote value after partial closing

Chainlink price feed data not validated properly

It is not checked whether the sequencer is down when fetching the price from Chainlink

Wrong price returned by oracle if asset's price drops below `minAnswer`

Spot price of USSD/DAI pool can be manipulated

Wrong address for `BTC/USD` Chainlink aggregator contract

The calculations of DAI price in `StableOracleDAI.sol:getPriceUSD()` are incorrect

Anyone can mint and burn tokens for/from the USSD contract

No slippage protection for swaps

Chainlink price feed data could be stale

Removing collateral token changes order in array

Flash loan callback can be used to steal tokens

Approvals for `FootiumEscrow` remain active after the club owner changes

Return value of ERC20 transfer not checked

`maxGenerationId` + 1 players can be minted per cohort

Committed collateral can be updated by any user at any time

`CollateralManger.sol:setCollateralEscrowBeacon` can be called by anyone

Fee-on-transfer token collateral will lock deposits in escrow

Admin can update `LenderManager` address in `TellerV2`

The `royaltyRecipient` could not be prepare to receive ether, making the `sell` to fail

`changeFeeQuote` will fail for low decimal ERC20 tokens

Flash loan fee is incorrect in Private Pool contract

A temporary issue shows in the staking functionality which leads to the users receiving less minted tokens.

An attacker can manipulate the preDepositvePrice to steal from other users.

`WstEth` derivative assumes a ~1=1 peg of stETH to ETH

Possible DoS on `unstake()`

Missing derivative limit and deposit availability checks will revert the whole `stake()` function

`enlistInRollover()` stores wrong index for receiver

`UniswapSwapAdapter.swap()` only works for paths formed by two tokens

TAU `currentMinted` amount is not updated when tokens are burned from vault

Users can borrow all loan tokens