An attacker will steal withdrawals from users

An attacker will deposit fake tokens and withdraw USDC

Malicious user can stake an amount which causes zero curStakeAtRisk on a loss but equal rewardPoints to a fair user on a win

NFTs can be transferred even if StakeAtRisk remains, so the user's win cannot be recorded on the chain due to underflow, and can recover past losses that can't be recovered(steal protocol's token)

Attack to make ````CurveSubject```` to be a ````HoneyPot````

Unrestricted claiming of fees due to missing balance updates in `FeeSplitter`

onBalanceChange causes previously unclaimed rewards to be cleared

Curves::_buyCurvesToken(), Excess of Eth received is not refunded back to the user.

Loss of ETH yield due to rounding error when updating the yield rate in the `updateYield` function

Malicious Lender Callback Prevents Repayments in Cooler.sol

Inability to Execute `emergencyShutdown` Without `cooler_overseer` Role

The settle feature will be broken if attacker arbitrarily transfer collateral tokens to the PerpetualAtlanticVaultLP

The peg stability module can be compromised by forcing lowerDepeg to revert.

Users can get immediate profit when deposit and redeem in `PerpetualAtlanticVaultLP`

Inaccurate swap amount calculation in ReLP leads to stuck tokens and lost liquidity

reLP() mintokenAAmount the calculations are wrong.

The same signature can be used in different `distribution` implementation causing that the caller who owns the signature, can distribute on unauthorized implementations

If a winner is blacklisted on any of the tokens they can't receive their funds

Owner can incorrectly pull funds from contests not yet expired

Precision loss/Rounding to Zero in `_distribute()`

Tokens with less than 18 decimals allow for draining of funds

Borrower can use Refinance to cancel auctions so they can extend their loan indefinitely

During refinance() new Pool balance debt is subtracted twice

[H-04] Lender#buyLoan - Malicious user could take over a loan for free without having a pool because of wrong access control

Stealing any loan opening for auction through others' lending pool

Attacker can steal a loan's collateral and break the protocol

Rewards can be sabotaged by large deposit and withdraw

`Lender` does not handle correctly rebasing, inflationary, deflationary tokens and tokens with fee on transfer

Forcing a borrower to pay a huge debt via the giveLoan()

Lender can Sandwich a borrower to seize his collateral

WETH staking rewards accumulated before the first staker deposits remain unutilized and stuck in the `Staking` contract

The `borrow` and `refinance` functions can be front-run by the pool lender to set high interest rates

Lender fails to giveLoan because of inconsistent length between `loadIds` and `poolIds`

Griefing Attack via updateFor Function

Multiple accesses of a mapping/array should use a local variable cache.

Unnecessary If condition in update() of Staking.sol

No use of Ownable in Staking contract.

Incorrect Fee Calculation in Seize Function

Use Openzeppelin Minimal Clones to Save a Lot of Gas

Multiple issues with decimal scaling will cause incorrect accounting of hTokens and underlying tokens

Users may not claim Erc1155 rewards when the Quest has ended