Incorrect APY check causes Oracle reverts immediately after deployment

The maxDeposit returns uint256.max despite hard deposit limits (EIP-4626 Violation)

Unoptimized subset matches counting implementation will exceed tx gas limit on base chain

Changing Payout Calculator During Active Drawing Causes Loss of Unclaimed Winnings

Global Variable Manipulation During Active Draw Alters End Result

If bonus ball max equals normal ball max then ticket buyers gain excessive edge

Malicious users can prevent reward accumulation for all stakers by frequent `updateReward` call

Missing Slippage Check in `PendlePTStrategy` Can Lead to Sandwich Attacks

Migration will Reverts Due to Rounding Mismatch in Borrow Repayment

Incorrect asset matching for ETH/WETH leads to potential DoS of exitPosition in CurveConvexStrategy

Incorrect WithdrawRequestManager Lookup for ETH Token Causes Withdrawal Failure

Reward Loss During `migrateRewardPool` Due to `forceClaimAfter` Lock

Ethena Withdraw request can finalize with 0 token silently if `cooldownDuration == 0`

Missing Reward Manager When Using `CURVE_GAUGE` Directly in CurveConvex Strategy