The function liquidatePosition incorrectly calculates borrowedValue, causing borrowedValue to be abnormally large.

Leverager#withdraw use the wrong repayFromWithdraw when `borrowed == up.token1`

The pool contract will be drained by the attacker due to incorrect multiplier settings.

By splitting large purchases and redemptions into multiple smaller amounts, users can get more returns.

Potential Token Transfer Failure in _removeBid Function

`relist` does not set the create time of the listing, so the attacker can set the create time to the future.

When relisting a floor item listing, listingCount is not increased, causing listingCount can be underflowed.

When a staker is removed, the previous unclaimed commission rewards will not be available for claiming.

`getStakersFromBitmap` cannot reach stakerSet[254], resulting in the user being unable to be slashed

Users cannot set a deadline for earlyExitById/exitLateById, which may cause users to lose many assets.

When the total Draw Auction Rewards exceeds availableRewards, `finishDraw` will fail.

By claiming prizes at the canary tiers, malicious users can reduce the claim fee at other tiers

The function _cancelAllBids does not check whether the bidder is the highestBidder

When the amout of token acquired by a flash loan exceeds the expected value, the callback function will fail.

In the function _handleERC20Received, the fee was incorrectly charged

When using the `borrow` function to update the `BorrowingInfo`, the previously accumulated fees were not distributed in time.

The function `settleEpochFromEigenLayer` does not update `currentEpochsByAsset`, resulting in subsequent settlement failed.

In the function _depositETH, there is no check whether depositAmount is equal to 0, which allows malicious users to perform draws at a cost of 0 and maliciously increase the count of deposit.

In function `cancelVesting`, the variable `userVesting` is type of memory, which will cause the assignment to locked to be invalid.

The first founder's share will be lost by 1% when reservedUntilTokenId>=100

In `takeOverDebt`, wrong parameter `borrowingKey` is used to call `_addKeysAndLoansInfo`