`InvestToken`: Whitelisted investors can inflate USDE to infinity by arbitraging previous and current price differences

Chainlink price feed uses BTC, not WBTC. In case of depegging, oracles will become easier to manipulate.

Some tokens enable the direct draining of all approved `ERC20Votes` tokens

`emergency_shutdown` role is not enough for emergency shutdown.

Blacklisted STADIUM_ADDRESS address cause fund stuck in the contract forever

If a winner is blacklisted on any of the tokens they can't receive their funds

Potential DOS due to Gas Exhaustion Due to Large Array Iteration in `_distribute` Function

Using basis points for percentage is not precise enough for realistic use-cases

If governance removes a gauge, user's voting power for that gauge will be lost.

Fee on transfer tokens will cause users to lose funds

Use smaller data types for `lenderFee` and `borrowerFee` for better storage packing

Protocol does not check for price staleness from the XOracle, which is problematic if the price feeder goes down.

PriceOracle will use the wrong price if the Chainlink registry returns price outside min/max range

Chainlink oracle may return stale data

Incorrect `blocksPerYear` constant in `WhitepaperInterestRateModel`

Exchange Rate can be manipulated

Potential Unjust Liquidation After Exiting Market

Unsafe ERC20 transfer: tokens that don't revert on failed transfers may disable claims

Placeholder

Potential infinite loop in `_borrowLimit` function

A liquidated position possibly cannot be closed

Bad implementation in minter access control for `RabbitHoleReceipt` and `RabbitHoleTickets` contracts

DOS risk if enough tokens are minted in Quest.claim can lead, at least, to transaction fee lost

Rollable loans can be indefinitely rolled, opening up room for a griefing attack that will permanently lock funds.

Unsafe ERC20 usage: If one of the token is a non-revert on transfer, the other token can be stolen.

`getEmergencySettlementBPTAmount()`: Wrong usage of `IERC20.totalSupply()` on BPT tokens