Wrong accounting of `_totalStaked` in `UserManager.debtWriteOff`

`repayBorrowWithERC20Permit` calls `_repayBorrowFresh` without scaling the `interest` input.

The `wfCashLogic.mintViaUnderlying` function does not calculate residual token balance correctly

USDT cannot be retrieved using the `recover` function

Incorrect calculations for Surplus Auction creation cause massive surplus imbalances

`transferSAFEOwnership()` does not fully transfer ownership

Test addresses and incorrect interface in code prevent integration with UniswapV3 and Camelot

Array Length of `tickTracking_ ` Can be Purposely Increased to Brick Minting and Burning of Most Users' Liquidity Positions

Prime.sol - User can claim Prime token without having any staked XVS, because his `stakedAt` isn't reset whenever he is issued an irrevocable token.

You can deposit for other users really small amount to DoS them

withdrawFees does not update checkpoint

Users can mint more vote tokens than intended

`reduce_position` doesn’t update margin mapping correctly

Leverage calculation is wrong

`_debt_interest_since_last_update` calculation uses `PERCENTAGE_BASE` instead of `PERCENTAGE_BASE_HIGH_PRECISION`

Spot contracts execute functions will revert before swapping fee-on-transfer tokens

Oracle freshness check is not constraint enough

Wrong price feed harcoded address in StableOracleWBTC

Rebalancer contract will perform swaps without slippage protection

mintRebalancer and burnRebalancer shouldn't be permisionless

getOwnValuation doesn't always calculate the price correctly

DAI / ETH price feed precision is 18 decimals not 8 decimals

`DAIWethPrice` and Chainlink `price` have inversed quote and base token

The threshold applied when the collateral is too little will prevent from withdrawing a portion of each collateral eventually

Chainlink oracle price could become stale

`ownerToRollOverQueueIndex` is incorrectly updated when a user call `enlistInRollover` twice

After having roll over once a user will not be able to roll over again

Increasing the `relayerFee` create a risk for relayers

Queued deposits can get stuck indefinitely in the deposit queue

The auction can be started by anyone calling `settle` before `start_auction` is called by the owner

`cancelVouch` doesn't update the voucher index of the last vouch of a borrower properly

`refundDeposit` function can be DoS by an unbounded loop in `getLockedFunds`

Funders can deny rewards to last claimants by calling `refundDeposit` between tiers claims

Unsafe usage of `ERC20.transfer` and `ERC20.transferFrom`

Anyone in the order queue wanting to withdraw or deposit can grief the auction by making `withdrawAuction` or `depositAuction` always revert

`UserManager.updateFrozenInfo` cannot be called from `UToken`