Frequent tier changes via `LayerEdgeStaking::_checkBoundariesAndRecord` would lead to high gas costs and even OOG

Unwrapping while equating inside the `eq` function fails to account for the set `L_MATISSA_FLAG`

Sqrt function silently reverts the entire control flow when a packed float of 0 value is passed

Fee-vault can be made insolvent in case of defaults

Flash Loans Allow Borrowing From Frozen Pools, Bypassing Security Controls

Removal of pool from reward zone does not allow gulping emissions which were already distributed in the past

Improper Transfer Restrictions on Non-Bridged Tokens Due to Boolean Bridged Token Tracking, Allowing a DoS Attack Vector

Public `ServiceNft::updateImpact` call leads to cascading issue

Public `ContributionNft::mint` leads to cascading issues / loss of funds

ValidatorRegistry::validatorScore/getPastValidatorScore allows validator to earn full rewards without actually engaging with the protocol

Division in `Bonding.sol._openTradingOnUniswap()` results in an incorrect lpSupply, higher vaultSupply, and dust AgentTokens getting locked in FPair

Attacker can prevent user from executing application registered through `initFromToken()` in `AgentFactoryV4`.

If `FFactory::buyTax` and / or `FFactory::sellTax` is set to 0, buy / sell would revert

`VotesUpgradeable::delegate` bypasses the `addValidator` call, leads to a non-validator holding voting power along with loss of rewards

Removal of a liquidity pool on `AgentToken::removeLiquidityPool` still incurs taxes on swaps

`amountOutMin` passed in as 0 in `AgentToken::_swapTax` leads to loss of funds due to slippage

Missing Slippage Protection On Buy And Sell

Using `AgentFactory::setAssetToken` will lead to loss of funds

RAACNFT mint function receives funds to address(this) but has no way of withdrawing them

Users Can Overwrite Existing Locks in veRAACToken Resulting in Permanent Loss of Funds

Users can borrow more assets than they have deposited as collateral

Attackers can get most of RAACToken rewards by withdrawing dust amount from StabilityPool multiple times

Ownership Parameter Mismatch in LendingPool’s Vault Withdrawal Logic

Treasury Contract Deposit Function Can Be Frontrun To Deny Protocol Operations

Emergency revoke in RAACReleaseOrchestrator will freeze revoked RAAC tokens in orchestrator

Failure to Withdraw Liquidity to RToken.sol Before Changing Curve Vault Address

Fee-on-transfer token handling issue in `Treasury::deposit` leads to permanent fund loss

Unauthorized Vote Casting Vulnerability

The calculation of `totalAssets()` could be wrong if `operatorFeeAmount` > 0, this can cause potential loss for the new depositors

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

Incorrect event emission can be done as a griefing attack

Inability to update `oracleStalenessThreshold` can lead to incorrect weight calculations

Users can claim more that their actual allotment

Incorrect referral fee calculations

Accounting error in `Abond_Token::transferFrom` leads to broken functionality and loss of funds

Lack of input validation in `borrowing::redeemYields` allows anyone to redeem abond tokens as per someone else's `ethBacked` abond state

Re-usable signatures can lead to loss of funds.

Lack of expiry in signatures can lead to hoarding signatures for a profitable `CDS:withdraw` in future

Users can renew options at any time

Malicious actor can DoS admin functions due to lack of access control

Stale `lastEthprice` used in `borrowing::depositTokens` will artificially inflate/deflate the ratio

Protected downside is not updated when `cds.getTotalCdsDepositedAmount() < downsideProtected`

Users can game the voucher pool fees denying other vouchers from their rightful fees.

Incorrect `marketFunds` accounting will lead to loss of funds

Attacker can deny lend order cancellation for others leading to loss of funds.

Improper handling of token order in `MixOracle.sol` will lead to bricked/incorrect price feed.

Malicious actor can match his own lend and borrow order using a flash loan to inflate incentives at end of epoch.

Subtraction in `variance()` will revert due to underflow

Request responses and validations can be mocked leading to extraction of fees and/or forcing other generators to lose their fees by making them outliers

Unrestricted validation score range for validators in `LLMOracleCoordinator::validate`.

Users can list assets with price < 1 ERC20 (ETH, WETH), leading to potential DoS vulnerability.

Incorrect Proof-of-Work Difficulty Check in `assertValidNonce` Function

Griefer can permanently DOS all the deposits to the `StakingPool`

H-1: Raffle termination due to insufficient checks in `WinnablesTicketManager::_checkShouldCancel`

M-1: `setCCIPCounterpart()` allows admin to deny raffle winner from claiming prize.

Malicious user can stake an amount which causes zero curStakeAtRisk on a loss but equal rewardPoints to a fair user on a win