updateParticipation() flaw enables attacker to claim more refund currency tokens than intended.

Missing slippage protection in `AerodromeDexter.sol` `swapExactTokensForTokens()`

Users can claim more that their actual allotment

Incorrect referral fee calculations

Vault inflation causing victims to lose their full deposit

`redeemUSDT()` Prone to Exploitation Through Input Price Manipulation

Lack of access control in `updateDownsideProtected()` would lead to DOS.

`lastEventTime` gets updated wrongly during withdraw of collateral

Double Accounting of fees in `buyVotes()`

Fee taken on unused amount is not returned during `_calculateBuy()`

No slippage protection in sellVotes()

Loss of users fund through share inflation attack in `Pool.sol`

Number of entities in generation can surpass the 10k number

Wrong minting logic based on total token count across generations

Users' ability to nuke will be DoSed for three days after putting NFTs up for sale and cancelling the sale

Use a safe transfer helper library for ERC20 transfers

Share Inflation Attack via Internal Accounting

For Loop would create issue while calling `mintBatch()`

Excessive ETH passed during mint() would not be refunded

Any fee claim lesser than the total `yieldFeeBalance` as unit of shares is lost and locked in the `PrizeVault` contract

No checks to prevent Blacklisted user from using protocol's function