Missing hook call will lead to incorrect oracle results

Missing deadline check allow pending transactions to be maliciously executed

Fees are hardcoded to 3000 in ExactInputSingleParams

doesn't follow the EIP standard

`_getCurrentSqrtPriceX96()` is easy to manipulation

Malicious lender can use blacklisted address and harm borrower

DoS and gas griefing of calls to Prime.updateScores()

The protocol doesn't have support for fee-on-transfer types of ERC20 tokens

If a winner is blacklisted on any of the tokens they can't receive their funds

Signature missing nonce & expiration deadline

Sandwich attack to steal all ERC-20 tokens in the Fees contract

Fee on transfer tokens will cause users to lose funds

Hardcoded Router Address May Cause Token Lockup in Non-Standard Networks

The `borrow` and `refinance` functions can be front-run by the pool lender to set high interest rates

Pragma non-specification can lead to non-functional / corrupted contract when deployed on Arbitrum

+= and -= are more expensive

Uncheck Arithmetic where overflow/underflow impossible

Floating pragma in all contracts

Use named imports instead of plain `import file.sol

staleCheckLatestRoundData() does not check the status of the Arbitrum sequencer in Chainlink feeds.

Chainlink oracle will return the wrong price if the aggregator hits `minAnswer`

Too many DSC tokens can get minted for fee-on-transfer tokens.

Pragma isn't specified correctly which can lead to nonfunction/damaged contract when deployed on Arbitrum

`++i`/`i++` should be `unchecked{++i}`/`unchecked{i++}` when it is not possible for them to overflow, as is the case when used in `for`- and `while`-loops

[H-01] Lack of emergency withdraw function when no arbiter is set

High - Funds can be lost if any participant is blacklisted

_settleClaim() cannot be executed because _relayerFee is missing

Missing deadline checks allow pending transactions to be maliciously executed

The user can't recive rewards if token is USDT

`getRoundData` does not check for the freshness of the answer

`getQuoteAtTick()` is vulnerable to manipulation

Wrong `floorTick` calculation in `_getTicksForPosition()`

Unsafe usage of `transfer()` and `transferFrom()`

Some tokens must approve by zero first

Missing check for active L2 Sequencer in `D3Oracle.sol`

No slippage protection when swap tokens

withdrawProtocolFees() Possible malicious or accidental withdrawal of all rewards

Wrong consideration of blockformation period causes incorrect votingPeriod and votingDelay calculations

[M-01] Some functions in Talos contracts does not allow user to supply slippage and deadline, which may cause swap revert

Lack of slippage protection can lead to significant loss of user funds

_decrementWeightUntilFree() Possible infinite loop

Missing check for active L2 Sequencer in `PriceOracle.sol`

Price Oracle could get a stale price

Oracle will return the wrong price for asset if underlying aggregator hits `minAnswer`

Lack of access control in `mintRebalancer()` and `burnRebalancer()`

`getOwnValuation()` is vulnerable to manipulation

Wrong logic in `BuyUSSDSellCollateral()`

Price Oracle could get a stale price

Claiming accumulated rewards while the contract is underfunded can lead to a loss of rewards

`safeMint` in `FootiumClub.sol` doesn't check if receiver supports erc721

Unsafe usage of ERC20 `transfer()`

Price oracle could get a stale price

Missing check for active Arbitrum Sequencer in `ChainlinkAdapterOracle.sol`

The protocol doesn't have support for fee on transfer type of ERC20 tokens

Risk of silent overflow in reserves update

Use `call()` instead of `transfer()` when transferring ETH

Must approve by zero first

Price oracle could get a stale price

Some ERC20 tokens deduct a fee on transfer

ERC20 transfer zero amount can be reverted

Malicious user can blocklist Token

Bad implementation in minter access control for `RabbitHoleReceipt` and `RabbitHoleTickets` contracts

Unsafe usage of ERC20 .transfer() and .transferFrom()

Division rounding can make fraction-price lower than intended

Improper Approval Mechanism of Clearing House