# Plume | Attackathon

## Reports by Severity

<details>

<summary>Critical</summary>

* \#53022 \[SC-Critical] Funds are not properly refunded to user which calls for swap on the dex aggregator
* \#49863 \[SC-Critical] Dex Aggregator ERC20 token theft
* \#51352 \[SC-Critical] User will lose the unspent amount when executing partial swaps via 1inch
* \#53037 \[SC-Critical] Commission changes can retroactively affect user rewards
* \#53011 \[SC-Critical] Uncleaned Partial Approval Consumption in DEX Aggregator Integration Leads to Permanent DoS
* \#51847 \[SC-Critical] DoS via dust leftover in erc-20 approvals
* \#49854 \[SC-Critical] Dex Aggregator partial fill token loss
* \#51283 \[SC-Critical] Permanent Freeze of User token Due to Unhandled Partial Fill Refunds for swap via 1inch in `DexAggregatorWrapperWithPredicateProxy`
* \#52923 \[SC-Critical] Partial fill traps source token residual inside the wrapper and leaves unsafe residual allowance
* \#52178 \[SC-Critical] User will lose the unspent amount when executing partial swaps via OkxRouter
* \#52980 \[SC-Critical] Partial fills strand source tokens in the wrapper and leave dangerous residual allowances

</details>

<details>

<summary>High</summary>

* \#51946 \[SC-High] Commission Claims Fail for Removed Reward Tokens
* \#52964 \[SC-High] if a new reward token is added during a the period a validator is inactive, the validator will still earn rewards/commission for some of the duration in which they were inactive
* \#53020 \[SC-High] There are functions which when inevitably used could result in wrongly accruing yield for inactive validators, which can make the protocol insolvent
* \#52634 \[SC-High] Batch yield distribution has a mathematical flaw that enables economic manipulation
* \#50784 \[SC-High] Any arc token creator can upgrade the implementation
* \#51912 \[SC-High] Mismatched rounding rules in Reward Logic library results in two-fold loss of earnings
* \#50822 \[SC-High] Deployer can cpgrade `ArcToken` to malicious implementation and steal all user funds
* \#50477 \[SC-High] Validator loses all accrued commission when reward token is removed
* \#52097 \[SC-High] Malicious User can steal yield via Reordering Between Batches in `distributeYieldWithLimit`
* \#53034 \[SC-High] ArcTokenFactory doesn't properly handle role management which allows users to arbitrary upgrade their ArcToken's implementation
* \#50735 \[SC-High] some yield tokens will be stuck in contract due to incorrect 'lastProcessedIndex' calculation
* \#51754 \[SC-High] Double yield distribution via token transfers between distributeYieldWithLimit() calls
* \#50450 \[SC-High] Logic error in streak validation causes legitimate jackpot wins to be denied, violating reward contract expectations
* \#50943 \[SC-High] Any malicious token creator can upgrade the Arc Token implementation granting themselves UPGRADER\_ROLE
* \#51558 \[SC-High] ArcToken holder can receive yield twice from `distributeYieldWithLimit`
* \#52955 \[SC-High] A commission rate checkpoint is not created when adding a validator, despite the commission rate being set leading to loss of validator commission.
* \#50860 \[SC-High] Logic Error in Jackpot Eligibility Check Leads to Systematic Theft of User Rewards
* \#52286 \[SC-High] Off-by-One Error in Jackpot Eligibility Check Leads to Denial of Legitimate Rewards
* \#51456 \[SC-High] Token creator can revoke the UPGRADER role from the factory in order to avoid upgrades
* \#52371 \[SC-High] `distributeYieldWithLimit` is vulnerable to inter-batch `balance and holders array` mutations
* \#51589 \[SC-High] TokenCreator retains upgrade rights – Fix remains insufficient - Finding #01: Immunefi Report
* \#53061 \[SC-High] Asymmetric rounding in commission (ceil for users, floor for validators) enables per-segment rounding loss; validators can amplify via frequent commission checkpoints.
* \#49616 \[SC-High] User can steal Rewards
* \#52165 \[SC-High] user can't claim reward ERC20 tokens since rewards transfer will revert
* \#52218 \[SC-High] Creator Retains DEFAULT\_ADMIN\_ROLE, Allowing Bypass of Upgrade Restrictions
* \#52499 \[SC-High] ArcToken Factory's admin cannot upgrade an ArcToken
* \#49731 \[SC-High] Theft on Re-Added Tokens
* \#52833 \[SC-High] bypass the fix of immunefi audit IMM-CRIT-01 ：Token Creator Can Upgrade ArcToken Implementation
* \#51479 \[SC-High] Inaccurate Reward Calculation Post-Validator Slashing Due to Premature Timestamp Update on Token Removal
* \#52983 \[SC-High] Validator will loose commission for the tokens which are removed from the reward tokens but they still have commission left to be claimed.
* \#52527 \[SC-High] The validator admin might claim less commission token when `ValidatorFacet.requestCommissionClaim` is called.
* \#50350 \[SC-High] StakingFacet: stakeOnBehalf allows to prevent withdraws
* \#53001 \[SC-High] Yield tokens become stuck in ArcTokenPurchase contract when distributing yield during active sales
* \#52803 \[SC-High] \_canRecoverFromCooldown is inconsistent when slash and cooldown maturity occur in the same block
* \#52464 \[SC-High] Commission rounding mismatch under payment bug
* \#51526 \[SC-High] Yield token will be locked in ArcToken.sol if the `lastHolder` is not allowed to receive yield
* \#52390 \[SC-High] `_validateIsToken(...)` blocks validators from claiming earned rewards from removed tokens.
* \#49939 \[SC-High] Initial timestamp mismatch might lead to users being able to spin twice in the same day
* \#50490 \[SC-High] User loses reward tokens during validator-user relationship clearing
* \#53051 \[SC-High] Unconsented stakeOnBehalf enables third-party gas-griefing DoS by bloating userValidators, breaking withdraw/claimAll
* \#53025 \[SC-High] Commission on removed tokens is unclaimable
* \#53028 \[SC-High] There is an Asymmetric Rounding issue that is can cause a Theft of Unclaimed Yield in Reward or Commission Accounting
* \#50527 \[SC-High] Attacker can steal yield during batch distribution
* \#51051 \[SC-High] Inactive Validator Reward Accrual Bypass
* \#51992 \[SC-High] Dust Accumulation in ArcToken during Yield Distribution.
* \#52865 \[SC-High] Inconsistency in how stake cooldown is handled due to off by one error
* \#52931 \[SC-High] Validators can not claim their commissions after the reward token removal.
* \#52798 \[SC-High] Integer Division Remainder Loss in Batched Yield Distribution Causes Permanent Fund Lock
* \#52995 \[SC-High] Validators lose access to historical reward tokens when tokens are removed
* \#52409 \[SC-High] Asymmetric commission rounding creates systematic accounting drift
* \#51878 \[SC-High] Timing Misalignment Between Campaign Days and Calendar Days Allows Double Spinning on High-Probability Jackpot Days
* \#49700 \[SC-High] Validator Commission can be Blocked
* \#52424 \[SC-High] There is a Retroactive Commission Miscalculation in PlumeRewardLogic
* \#52961 \[SC-High] Theft of yield from the distributor.
* \#52254 \[SC-High] ArcToken theft beyond unclaimed yield during distribution
* \#53018 \[SC-High] Owed rewards could be lost for some users for periods before slashing time due to incorrect logic.
* \#52517 \[SC-High] Missing Point-in-Time Snapshot in Batched Yield Distribution Enables Double-Claims and Permanent Fund Lock
* \#53016 \[SC-High] ArcTokenPurchase doesn't allow RWA-token owners to recover accrued yield from stored ArcTokens waiting for sale.
* \#51041 \[SC-High] Streak‑Count Misuse in Jackpot Eligibility Allows Theft of User Funds
* \#51116 \[SC-High] Batching yield distribution allows claiming unfair share of the yield
* \#50483 \[SC-High] Final seconds spin requestors of `last week of campaign` will lose jackpots
* \#51999 \[SC-High] Logical Flaw in Validator Reactivation and addRewardToken Allows Claiming Rewards for Validators in Inactive Periods
* \#49673 \[SC-High] Batched Distribution (distributeYieldWithLimit) is vulnerable to double yield claiming attack
* \#52996 \[SC-High] Users can claim rewards for newly added reward tokens even when the validator they staked for was inactive during some time interval.
* \#50252 \[SC-High] Rounding excess yield tokens become permanently stuck when last holder is yield-restricted
* \#52285 \[SC-High] Incorrect Dust Handling in Yield Distribution Leads to Permanent Fund Lock
* \#50951 \[SC-High] Inconsistent streak count usage between jackpot and raffle ticket calculations
* \#50787 \[SC-High] Residual-Yield Bug Locks Tokens Permanently in distributeYield
* \#52576 \[SC-High] Flaw in Raffle::determineReward in Jackpot Prize Calculation after week 12
* \#52667 \[SC-High] commission is not added at point of adding validator hence stakers that stake before the first checkpoint would always use the current commission
* \#50347 \[SC-High] Commission for a validator cannot be claimed when token is removed
* \#51961 \[SC-High] Attackers can deny commission rewards to validators by repeatedly calling forceSettleValidatorCommission()
* \#52770 \[SC-High] Unbounded Gas Consumption via stakeOnBehalf Manipulation
* \#50412 \[SC-High] Illegitimate Reward Claim After Unstake Due to Overlapping Reward Rate Checkpoints
* \#51414 \[SC-High] Attacker can drain yield by transferring tokens to other address in yield batch distributions
* \#52460 \[SC-High] Add RewadToken and SetRewardRate updates the checkpoint of Inactive validators .
* \#52676 \[SC-High] reward rates being set when there is an inactive validator would enable stakers to steal rewards because of the inconsistency in state
* \#52847 \[SC-High] No function to recover the remained yield by distributeYieldWithLimit
* \#51133 \[SC-High] Streak Check Uses Outdated Value in Jackpot Eligibility results in user getting nothing instead of Jackpot
* \#52278 \[SC-High] Incorrect Streak Check in Jackpot Eligibility Leads to Unfair Reward Denial
* \#51905 \[SC-High] Validator commission burn on slashed validator reward path
* \#50167 \[SC-High] Retroactive reward drain via incomplete reward debt reset
* \#50924 \[SC-High] Validators are not able to claim their accrued commission when the reward token is removed.
* \#52104 \[SC-High] Removed reward tokens block validator commission claims
* \#50409 \[SC-High] Validator will lose comission
* \#51987 \[SC-High] Validators will be able to steal more commission from users that isn't the commission to be charged
* \#52572 \[SC-High] A legitimate arc token holder can be denied his yield.
* \#52680 \[SC-High] holders length changing when distributing limit with limit could lead to case where new holders unfairly claim yield and yield is permanently frozen
* \#53077 \[SC-High] Permanent Fund Lock Due to Flawed Remainder Logic in distributeYield
* \#52449 \[SC-High] Broken Streaks Still Pass Jackpot Eligibility in Spin Contract
* \#52458 \[SC-High] In ArcToken::distributeYieldWithLimit() the distribution without snapshot allows more claims from same holder
* \#52061 \[SC-High] Re-adding reward tokens causes userValidatorRewardPerTokenPaid to be uninitialized for users who staked during token removal, allowing them to claim excessive historical rewards
* \#52986 \[SC-High] Jackpot check uses previous `streakCount` instead of current computed streak, denying jackpot on first eligible day
* \#52601 \[SC-High] In Spin::handleRandomness() jackpot eligibility uses outdated streakCount instead of updated streak
* \#52736 \[SC-High] Restaking rewards will revert when users have to catch up with segments
* \#52500 \[SC-High] Missing Commission Checkpoint Initialization Leads to Retroactive Commission Theft of User Rewards
* \#51324 \[SC-High] Rounding in commission accounting burns delegator rewards
* \#52787 \[SC-High] Batched yield distribution rounding in ArcToken permanently freezes unclaimed funds and misreports payouts
* \#51653 \[SC-High] Permanent loss of staker rewards after slashing when validator records are cleared
* \#53039 \[SC-High] Rewards and commissions accrued in the interval before a slash might be lost
* \#52513 \[SC-High] `ValidatorFacet.addValidator` lacks of calling `PlumeRewardLogic.createCommissionRateCheckpoint`
* \#51033 \[SC-High] Off-by-one streak check lets jackpot spins be rejected one day early
* \#51197 \[SC-High] Arc Token owner can take upgrader role for themselves lockout the factory and upgrade the contract without the knowledge of the factory
* \#53043 \[SC-High] handleRandomness doesn't properly account for current streak which could result in the User spinning losing a Jackpot
* \#51060 \[SC-High] PlumeRewardLogic: Improper update of "validatorLastUpdateTimes" can lead to frozen assets
* \#52973 \[SC-High] Anyone can update the last update time of the slashed validator which leads to loss of rewards for the stakers
* \#52780 \[SC-High] Timestamp Manipulation in forceSettleValidatorCommission Leads to Permanent Loss of Staker Rewards
* \#52433 \[SC-High] Permanent loss of user rewards due to improper token removal after validator slashing
* \#52889 \[SC-High] Inactive validators accrue rewards for new tokens
* \#52560 \[SC-High] Incorrect current streak used when calculating whether the jackpot should be awarded or not
* \#50796 \[SC-High] Jackpot eligibility uses stale streak
* \#51090 \[SC-High] malicious user can steal yields when `ArcToken.distributeYieldWithLimit` is used.
* \#52573 \[SC-High] Unconsented `stakeOnBehalf` enables **unbounded gas consumption** via `userValidators[]` growth, causing DoS at scale in `claimAll()` / `withdraw()`
* \#50519 \[SC-High] RewardsFacet: Reintroducing an old reward token will result in wrong accounting, leading to theft of yield
* \#51551 \[SC-High] New rewards tokens will distribute yield to inactive validators
* \#50560 \[SC-High] Inconsistent Commission Rounding Traps User/Validator Funds
* \#52127 \[SC-High] Permanent rewards loss via admin slashing cleanup
* \#51505 \[SC-High] ArcToken creator can still upgrade ArcToken outside of the factory after IMM-CRIT-01 was fixed
* \#51124 \[SC-High] Validator would loss commission fee if the rewards token are removed
* \#52849 \[SC-High] Claimers who claim after (slash/inactive + updateRewardPerTokenForValidator which advances `validatorLastUpdateTimes to be more than slashTimestamp`) will lose rewards for a segment
* \#52956 \[SC-High] State Inconsistency in Batched Yield Distribution Leads to Direct Theft of User Funds and Protocol Insolvency
* \#51172 \[SC-High] Users lose their accrued rewards when the protocol removes a reward token after the user's delegated validator has been slashed.
* \#51941 \[SC-High] Token creator can revoke factory's upgrade capability, permanently blocking upgrades
* \#49710 \[SC-High] Cross-batch state manipulation in yield distribution allows double-dipping of yield funds
* \#50571 \[SC-High] Yield Distribution Meltdown ArcToken's Batch Processing Vulnerability Enables 100% Yield Over Distribution
* \#51866 \[SC-High] Stale Streak Value Used in Jackpot Eligibility Check Causes Denial of Legitimate Jackpot Winners
* \#49787 \[SC-High] Batched Yield Distribution Doesn't Account For Transfers/Purchases Between Batches
* \#52945 \[SC-High] Commission Calculation Rounding Asymmetry Leads to Theft of Unclaimed Yield
* \#51218 \[SC-High] Oracle callback timing vulnerability causes jackpot prize loss
* \#50275 \[SC-High] Eligible user loses Jackpot
* \#51530 \[SC-High] Validators can not Claim Pending Accrued Commission when Reward tokens have been removed from the isRewardToken mapping
* \#51658 \[SC-High] Yield distribution in batches let the same tokens collect rewards in multiple batches, stealing yield from other users
* \#52347 \[SC-High] Improper handling of yield distribution state in distributeYieldWithLimit() leads to revert, freezing users' yield
* \#52711 \[SC-High] In ValidatorFacet, validator cannot claims commissions of removed tokens
* \#52444 \[SC-High] `getMaxNumberOfTokens` returns misleading supply when sales are disabled
* \#50425 \[SC-High] Active non-slashed validators cannot claim rewards when a reward token is disabled
* \#53072 \[SC-High] Ceil-vs-Floor Rounding Mismatch Causes Systematic Underpayment and Unclaimed Yield Leakage
* \#51369 \[SC-High] Unbounded iteration gas‑dos in `_validateTokenForClaim`
* \#51994 \[SC-High] Permanent Loss of Validator Commission Upon Reward Token Removal
* \#50433 \[SC-High] Validator List Griefing: Unrestricted stakeOnBehalf allows User Asset freeze permanently
* \#51813 \[SC-High] Malicious User Can Grief Victims by Staking Them Across Many Validators Leading to Fund Freezing
* \#51452 \[SC-High] stakeOnBehalf() function enables out-of-gas DoS
* \#51896 \[SC-High] Precision Loss in distributeYieldWithLimit Leads to Permanent Locking of Yield Tokens
* \#52944 \[SC-High] The `requestCommisionClaim` function can only claim commission on tokens that are currently reward tokens
* \#50507 \[SC-High] Non atomic yield distribution may lead to theft of yield
* \#51860 \[SC-High] Missing access control in stakeOnBehalf lets anyone bloat another user’s validator list, leading to permanent fund lock via gas-exhaustion DoS
* \#53047 \[SC-High] The jackpot eligibility check uses stale storage data instead of the freshly calculated streak.
* \#52943 \[SC-High] Users can accrue rewards even for periods of validator inactivity
* \#51728 \[SC-High] Users can claim rewards for inactive validator periods due to incorrect checkpoint accrual.
* \#51842 \[SC-High] Unclaimed Staker Rewards Lost When Admin Clears Validator Records Without checking Pending Rewards
* \#52439 \[SC-High] Dust Accumulation in Batched Yield Payouts Leaves Tokens Stranded
* \#51211 \[SC-High] `TellerWithMultiAssetSupportPredicateProxy` lacks withdraw function preventing users from redeeming assets
* \#53070 \[SC-High] Validator Commission Update During Max Allowed Commission Change Causes Incorrect Reward Calculations
* \#52845 \[SC-High] distributeYieldWithLimit Lacks Snapshot Between Batches, Allowing State Changes to Break Distribution and Lock Yield
* \#50916 \[SC-High] Token Creators Can Bypass Factory `Upgrade Controls` via wrong code implementation of `DEFAULT_ADMIN_ROLE` in ArcTokenFactory.sol.
* \#50713 \[SC-High] Deployer’s DEFAULT\_ADMIN\_ROLE Enables Self-Grant of UPGRADER\_ROLE, Bypassing Implementation Whitelist
* \#52649 \[SC-High] Token Creator Can Seize Upgrade Control, Bypassing Factory Whitelist and Enabling Theft of Funds
* \#49723 \[SC-High] Commission‑rounding mismatch in PlumeRewardLogic.sol permanently locks part of every commission
* \#52084 \[SC-High] Unstaking Before Reward Token Removal Leads to Incorrect Reward Accrual on Re-addition
* \#50246 \[SC-High] distributeYieldWithLimit() does not handle rounding errors causing yield to be permanently stuck
* \#52588 \[SC-High] Retroactive reward accrual for newly added tokens when validator was inactive
* \#52198 \[SC-High] Balance Manipulation Between Batches Leading to Inflated Payout and DoS

</details>

<details>

<summary>Medium</summary>

* \#50428 \[SC-Medium] Reverting on callback increases chances of winning
* \#52841 \[SC-Medium] Token admin can DOS admin to not let admin change purchase token
* \#51680 \[SC-Medium] ValidatorFacet: Inactivating a validator will result in frozen commisions
* \#51684 \[SC-Medium] Unbounded Gas Consumption in removeStakerFromAllValidators Leads to Denial-of-Service, Preventing Users with Large Validator Counts from Removing Associations and Potentially Lock...
* \#51887 \[SC-Medium] safeApprove will cause revert of USDT and similar Erc20 token
* \#51666 \[SC-Medium] Inactive Validators Blocked from Claiming Accrued Commission
* \#52620 \[SC-Medium] permanently DoS to ArcTokenPurchase contract
* \#51801 \[SC-Medium] Supra callback allows for theft of gas
* \#50059 \[SC-Medium] ETH Refund in depositAndBridge functions enables DoS
* \#51917 \[SC-Medium] Possible gas griefing on the `handleRandomness(...)` function with a fallback that executes other transactions.
* \#51198 \[SC-Medium] BoringVault cannot receive any deposit due to faulty logic related to the `shareLockPeriod`
* \#51988 \[SC-Medium] `PlumeRewardLogic.calculateRewardsWithCheckpointsView` lacking of checking if the validator is inactive but not slashed.
* \#52719 \[SC-Medium] Inactive validators blocked from claiming commissions despite passed timelock
* \#50340 \[SC-Medium] Any ArcToken admin can block the setting/update of the purchase token indefinitely.
* \#51476 \[SC-Medium] Validators can't claim their accrued commission if they are made inactive
* \#52203 \[SC-Medium] Griefing Attack on ArcTokenPurchase.setPurchaseToken() Function via Front-Running
* \#52919 \[SC-Medium] `_safeTransferPlume` can lead to gas griefing attack
* \#53048 \[SC-Medium] Approval logic can break on non-standard ERC-20s (USDT-style) and leave allowances loose
* \#51909 \[SC-Medium] Inconsistent Commission Claim Logic Denies Legitimate Claims for Inactive Validators
* \#52732 \[SC-Medium] Permanent DoS of Purchase Token Change
* \#51899 \[SC-Medium] Partial Distribution of yield will fail if the totalEfficentive supply increases.
* \#52012 \[SC-Medium] Shares lock Applied to Proxy Causes Deposit DoS When shareLockPeriod > 0
* \#49732 \[SC-Medium] Malicious Token Admin Can Permanently Block setPurchaseToken
* \#49963 \[SC-Medium] Anyone can create an ArcToken and block the setPurchaseToken() function
* \#52290 \[SC-Medium] `deposit` function in **TellerWithMultiAssetSupportPredicateProxy** is completely broken due to wrong share lock
* \#52341 \[SC-Medium] `TellerWithMultiAssetSupportPredicateProxy` ShareLock Incompatibility - Unable to Operate Due to Token Access Restrictions
* \#51043 \[SC-Medium] Core deposit and depositAndBridge Functionality in `TellerWithMultiAssetSupportPredicateProxy` is Non-functional Due to Flawed shareLockPeriod Logic
* \#51613 \[SC-Medium] Yield tokens can be stuck in ArcTokenPurchase , PlumeStakingRewardTreasury or other defi protocols when distributeYield is called.
* \#52075 \[SC-Medium] ArcTokenPurchase Contract is a Token Holder and may be Yield Recipient.
* \#49817 \[SC-Medium] Inactive validators are prevented to claim to eligible commission rewards
* \#52484 \[SC-Medium] Permanent deposit DoS with USDT-like tokens due to approve-from-nonzero pattern in 1inch/OKX paths
* \#52034 \[SC-Medium] Inaccurate Reward Calculation Due to Fallback to Next Checkpoint on Missing Timestamp
* \#50194 \[SC-Medium] `DexAggregatorWrapperWithPredicateProxy` can be stucked by any user
* \#52988 \[SC-Medium] deposit function DOS
* \#53035 \[SC-Medium] Share Lock Applied to Wrapper Instead of End User Breaks Transfers or Bypasses Lock
* \#52925 \[SC-Medium] USDT-like approval hygiene can block subsequent operations after partial fill leaves non-zero allowance
* \#52031 \[SC-Medium] Insufficient Access Control in Token Sales Management Leads to Permanent Griefing Attack
* \#52507 \[SC-Medium] Insufficient Fix: IMMUNEFI REPORT - H1 #35
* \#52690 \[SC-Medium] DoS Of Smart Contracts On Bridging Functions
* \#51180 \[SC-Medium] Function is vulnerable to gas griefing
* \#50397 \[SC-Medium] Inefficient Array Iteration in getPrizeDetails function leads to high gas costs.
* \#52179 \[SC-Medium] Validator Commission Becomes Permanently Locked When Deactivated
* \#51547 \[SC-Medium] Approval Race Condition with safeApprove Leads to Transaction Reverts
* \#50937 \[SC-Medium] Non-zero approve pattern causes permanent freeze of token deposits (e.g. USDT) due to ERC20 incompatibility
* \#51982 \[SC-Medium] Token Approval Issue with Non-Standard ERC20 Tokens Leads to Contract Dysfunction
* \#52397 \[SC-Medium] Repeated approve without zero-reset can revert on nonstandard ERC20s, blocking deposits
* \#52026 \[SC-Medium] claimAll could revert because of unbounded gas consumptions
* \#52974 \[SC-Medium] When the approval to the `okxApprover` is not fully spent the deposit function will be blocked
* \#49705 \[SC-Medium] Two vectors for unbounded Gas Consumption due to the normal `Raffle` operations
* \#51777 \[SC-Medium] Denial of service on depositAndBridge(...) function for shareLockPeriod is non zero
* \#53021 \[SC-Medium] Deposit-and-Bridge Workflow Bricked by Immediate Share Lock: Users Cannot Bridge Immediately After Deposit
* \#52982 \[SC-Medium] Non-standard ERC20 approvals (USDT-like) cause repeat-call failures after partial fills
* \#52726 \[SC-Medium] Non-zero approvals after transaction could be used to DoS USDT deposits
* \#52823 \[SC-Medium] Permanent Denial of Service on setPurchaseToken by Malicious Token Creator

</details>

<details>

<summary>Low</summary>

* \#51519 \[SC-Low] `_unstake` does not validate users remaing stake
* \#52843 \[SC-Low] The zero address cannot be whitelisted, which means during restrictions minting and burning cannot work
* \#51264 \[SC-Low] User may need admin to help claim their prize
* \#52129 \[SC-Low] `previewYieldDistribution` Reverts Instead of Returning Zero When No Tokens Are in Circulation
* \#49915 \[SC-Low] Misleading Event Emission in `createWhitelistRestrictions` Function in `RestrictionsFactory` contract
* \#51316 \[SC-Low] Flawed `claimPrize` Logic Allows Invalid or Blocked Prize Claims
* \#52796 \[SC-Low] Whitelist Restriction in ArcToken Blocks All Minting and Burning
* \#52327 \[SC-Low] Unfair Yield Distribution Due to Last Holder Bias
* \#51596 \[SC-Low] Unsafe uint256 to uint8 Downcast Causes Integer Overflow Leading to Unauthorized Jackpot Payouts After Week 255
* \#52414 \[SC-Low] Slashed-path reward accumulation ignores mid-interval rate changes
* \#52915 \[SC-Low] Yield are transferred before eligibility check potentially leading to freezing of funds
* \#50721 \[SC-Low] Winners cannot claim Prizes until all winners have been drawn in `Raffle::claimPrize`
* \#50399 \[SC-Low] Broken access control in particular contract functions due lack of pause/unpause functionality
* \#51979 \[SC-Low] `getAccruedCommission` returns outdated accrued commission
* \#52710 \[SC-Low] Mint/Burn are blocked when whitelist restrictions are enabled
* \#50082 \[SC-Low] Protocol lets validators operate with dust amounts, making attacks risk-free
* \#50195 \[SC-Low] Unfair Yield Distribution Due to Remainder Allocation to Last Holder
* \#52393 \[SC-Low] Burns blocked by both-sides whitelist with zero-address exclusion when restrictions are enabled
* \#52422 \[SC-Low] Using the current time in getEffectiveRewardRateAt will result in incorrect reward calculation for an entire duration of a time segment
* \#52446 \[SC-Low] Withdrawing Unsold Tokens Desynchronizes Sale Accounting
* \#51816 \[SC-Low] Yield distribution can be front-run to steal rounding remainder as last holder
* \#50839 \[SC-Low] Last Holder Always Gets More Yield
* \#51836 \[SC-Low] Contract Cannot Be Paused Despite Inheriting Pausable
* \#53063 \[SC-Low] `maxValidatorPercentage` can be used to DOS protocol staking
* \#51320 \[SC-Low] Malicious teller parameter allow event data manipulation
* \#53038 \[SC-Low] distributeYield can be frontrun to sandwich rewards. We can force ourselves to be the last holder and get unfairly big bonuses
* \#52277 \[SC-Low] Race Condition in Streak Calculation Leads to Unfair Streak Reset for Users Spinning Near UTC Day Change
* \#51146 \[SC-Low] getMaxNumberOfTokens returns wrong max number of tokens available to buy
* \#52905 \[SC-Low] Incorrect Reward Reporting in View Functions (earned and getClaimableReward) Leads to Zero Balance Display for Active Stakers
* \#51510 \[SC-Low] Bypass of `maxValidatorPercentage` allows a validator to exceed the decentralisation cap
* \#52896 \[SC-Low] “Pause” gate is present but no way to pause
* \#51850 \[SC-Low] upgradeToken(...) can not initialize an upgraded token because the `data` variable of upgradeToAndCall() is hardcoded to empty string
* \#52489 \[SC-Low] When users perform unstake operations in batches, it may cause some funds to be frozen for an additional period of time.
* \#52911 \[SC-Low] Last Holder Potential Extra Token Distribution Encourages Gaming Distribution and Race Conditions
* \#51989 \[SC-Low] Event:: RestrictionsCreated always emits msg.sender as Owner
* \#51571 \[SC-Low] Stale mapping after proxy upgrade
* \#50624 \[SC-Low] There is a Missing Emergency Pause in Predicate Proxy
* \#50977 \[SC-Low] TellerWithMultiAssetSupportPredicateProxy contract cannot be emergency paused
* \#52314 \[SC-Low] Unsold Token Withdrawal Causes Permanent Inventory Mismatch
* \#50343 \[SC-Low] Cooldown reset vulnerability
* \#52113 \[SC-Low] `StakingFacet.unstake(uint16 validatorId, uint256 amount)` can be abused to bypass `$.minStakeAmount`
* \#50694 \[SC-Low] Spins occuring close to midnight lead to users streaks being unfairly broken due to VRF callback delay
* \#51241 \[SC-Low] Cooldown shortening logic allows early withdrawal of locked stake
* \#50040 \[SC-Low] Missing Pause Controls, ETH Refund Flaws, and Miscalculated Shares Enable Fund Loss and Protocol Inconsistency in depositAndBridge
* \#51567 \[SC-Low] Contract Cannot Be Paused: Missing Public pause and unpause Functions
* \#51034 \[SC-Low] Sales information is lost when enabling token
* \#52998 \[SC-Low] Minor delays from oracle can unfairly reset users streak
* \#51129 \[SC-Low] BoringVault proxies do not support smart contract wallets
* \#50783 \[SC-Low] Validator percentage cap does not work properly
* \#52339 \[SC-Low] Loss of Daily Streak and Jackpot Eligibility Due to Supra Generator Callback Delay and On-Callback Time Usage in `Spin.sol`
* \#53015 \[SC-Low] Raffle Does Not Invalidate Used Tickets, Breaking Fairness
* \#50922 \[SC-Low] Unstaking partially will extend the cooldown time for previously unstaked amount too
* \#50504 \[SC-Low] totalAmountClaimable() reverts when called with a removed reward token
* \#51132 \[SC-Low] `TellerWithMultiAssetSupportPredicateProxy` cannot be paused/unpaused
* \#50889 \[SC-Low] ArcTokenPurchase::withdrawUnsoldArcTokens() Fails to Reduce totalAmountForSale, Leaving Availability Counters Wrong
* \#52519 \[SC-Low] Missing Eligibility Check Before Fund Transfer in distributeYield Leads to Permanent Loss of Yield Tokens
* \#50415 \[SC-Low] getMaxNumberOfTokens() returns wrong value when ArcTokens are withdrawn
* \#51943 \[SC-Low] TellerWithMultiAssetSupportPredicateProxy is meant to be pausable but cannot be paused
* \#49715 \[SC-Low] Restriction of token burning on whitelisted addresses
* \#50225 \[SC-Low] User can bypass `minStakeAmount` checking.
* \#52979 \[SC-Low] WhitelistRestrictions unintentionally disables mint and burn when transfers are restricted
* \#51122 \[SC-Low] `ArcTokenPurchase#enableToken` can reset the `amountSold` to 0
* \#51776 \[SC-Low] Streak System Breaks Despite Timely User Action Due to Delayed Supra Oracle Callback
* \#52901 \[SC-Low] Wrapped week index can mis-price jackpot table after long uptime
* \#49647 \[SC-Low] Pausable Functions are Not Exposed
* \#52202 \[SC-Low] Failure to Invalidate Winning Tickets Allows Multiple Wins from Single Entry
* \#52990 \[SC-Low] `uint8` truncation and missing cap on week index can return wrong/zero jackpot amounts (Low — Contract fails to deliver promised returns)
* \#51138 \[SC-Low] Winners cannot claim until all winners are drawn
* \#49623 \[SC-Low] Unstaking allows going below minimum stake
* \#50487 \[SC-Low] Cross-Campaign Jackpot Denial Due to State Pollution
* \#52891 \[SC-Low] Staking and unstaking immediately an amount little less than the original staked amount leaves dust stake amounts in the system.
* \#51951 \[SC-Low] A Global Blocking Check in claimPrize Prevents Individual Winner Claims Until All Winners Are Drawn
* \#49941 \[SC-Low] Permanent Freezing of Yield Tokens Due to Flawed Check in Distribution Logic
* \#50404 \[SC-Low] User withdraw time can be delayed much longer if unstake again before the `cooldownEndTime`
* \#51910 \[SC-Low] Inconsistent yield token transfer logic causes permanent loss of yield in distributeYield()
* \#51391 \[SC-Low] enableToken Function Overwrites amountSold to Zero Causing Permanent Loss of Sales History
* \#50022 \[SC-Low] Missing admin `Pause/Unpause` functions in `TellerWithMultiAssetSupportPredicateProxy` contract
* \#52186 \[SC-Low] Incorrect reward calculation for slashed validators due to single segment time handling
* \#52027 \[SC-Low] WhitelistRestrictions.sol: Mint & Burn Operations Blocked When Transfers Disabled
* \#53059 \[SC-Low] Reward rate checkpoints are used but are never set
* \#51286 \[SC-Low] Event `RestrictionsCreated` uses wrong owner
* \#51771 \[SC-Low] Unsafe downcast of uint256 to uint8 will lead to Silent overflow
* \#52436 \[SC-Low] getAccruedCommission() could return an inaccurate value
* \#51746 \[SC-Low] depositAndBridge(...) function of TellerWithMultiAssetSupportPredicateProxy.sol can not be paused
* \#51980 \[SC-Low] Unstake cooldown period is mistakenly reset on each claim, resulting in temporary frozen funds
* \#52669 \[SC-Low] Token minting is blocked for whitelisted addresses when transfersAllowed is false
* \#52041 \[SC-Low] In ArcToken Attacker Can Reposition to Last Holder and Capture Entire Yield Remainder
* \#52706 \[SC-Low] Multi-Quantity Prize Claims Revert Until All Winners Are Drawn, Freezing Early Winners
* \#51882 \[SC-Low] Unnecessary Claiming Restriction in Raffle Contract Prevents Winners from Claiming Prizes Until All Winners Are Drawn
* \#51969 \[SC-Low] Yield tokens permanently stuck when no eligible holders exist
* \#51260 \[SC-Low] Minstake are not enforced after Unstake which creates a DOS for new stakers
* \#52675 \[SC-Low] Minimum Stake Bypass via Partial Unstaking Creates Dust Stakes
* \#50551 \[SC-Low] Staked dust positions are not properly prevented
* \#51525 \[SC-Low] Unfair Yield Distribution to Last Holder Due to Flawed Dust Handling
* \#51070 \[SC-Low] Winning Raffle Ticket can be re-used to maintain unfair advantage over other players in `Raffle`
* \#51201 \[SC-Low] Contracts Without Payable Entry Points cannot withdraw nor claim rewards
* \#51929 \[SC-Low] Deactivating `isTransferAllowed` indirectly DOSes minting/burning functionality
* \#49698 \[SC-Low] Coordinated Validator Attack Delays Slashing and Enables Commission Theft
* \#50436 \[SC-Low] `voteToSlashValidator` prevents malicious inactive validators to be slashed.
* \#53056 \[SC-Low] Native-withdraw to msg.sender only → non-payable contract stakers cannot withdraw (permanent funds lock)
* \#51970 \[SC-Low] Spin streak computation relies on oracle callback time; any third-party delay can reset the user’s streak and block jackpot eligibility.
* \#52130 \[SC-Low] Validator percentage cap bypass vulnerability
* \#52750 \[SC-Low] Percentage Limit Bypass via Unstaking from Other Validators
* \#52810 \[SC-Low] Batch unstake merged cooldowns leading to full fund slashing
* \#50963 \[SC-Low] Unexpected config applied on the Spin
* \#51501 \[SC-Low] It is not possible to update `l1accountEvmAddress` to the `address(0)`
* \#52794 \[SC-Low] remainingForSale not updated after withdrawUnsoldArcTokens will cause following buy revert
* \#52870 \[SC-Low] Cooldown Extension Logic May Lead to Locked Funds
* \#50745 \[SC-Low] Single Cooldown Entry Design Causes Timer Reset on Multiple Unstakes Leading to Extended Lock Periods
* \#51296 \[SC-Low] ArcTokenPurchase Withdrawal Breaks View Functions
* \#53069 \[SC-Low] Dynamic Cooldown Interval Changes Cause Unexpected Fund Lockup Extensions
* \#51451 \[SC-Low] Token Freezing via Whitelist Restriction Bypass
* \#51162 \[SC-Low] Missing Pause Control Implementation in TellerWithMultiAssetSupportPredicateProxy
* \#51863 \[SC-Low] Lack of Winning Ticket Removal in handleWinnerSelection Leads to Unfair Prize Distribution and Economic Exploitation
* \#50402 \[SC-Low] Single rate assumption ignores checkpoints in slashed case
* \#51502 \[SC-Low] Enabling Transfer Restrictions Permanently Blocks Minting and Burning
* \#51455 \[SC-Low] Inflated `earned()` / UI rewards when validator stake is zero due to missing `totalStaked` guard in view logic
* \#51723 \[SC-Low] Yield Tokens Can Become Permanently Stuck in Contract if No Eligible Holders Exist
* \#52976 \[SC-Low] Turning on transfer restriction permanently blocks minting and burning
* \#52948 \[SC-Low] Jackpot Reward Rejected at Exact Threshold
* \#52890 \[SC-Low] No-Recipient Yield Distribution Locks Yield Tokens on ArcToken (effTotal==0)
* \#50818 \[SC-Low] previewYieldDistribution Returns Zero Addresses When Effective Supply Is Zero
* \#52241 \[SC-Low] Unexposed Pauseable Functionality
* \#50914 \[SC-Low] Bypass of Minimum Stake Enforcement via Partial Unstake
* \#50120 \[SC-Low] ArcTokens cannot be burned or minted when transfers are restricted
* \#51276 \[SC-Low] ArcTokenPurchase: Re-enabling Active Token Sales Causes Accounting Corruption and Token Loss
* \#51412 \[SC-Low] Token admin can withdraw the token from the purchase contract making the token balance to be less than the totalAmountForSale
* \#51457 \[SC-Low] getAccruedCommission() reverts when token was removed instead of returning the accrued commission
* \#51713 \[SC-Low] Missing Minimum Stake Validation in Unstake Operations
* \#51966 \[SC-Low] `totalAmountClaimable` reverts instead of returning the claimable reward for historical tokens
* \#52119 \[SC-Low] Yield Tokens Can Become Stuck When All Current Holders Are Restricted
* \#52312 \[SC-Low] Cooldown coalescing bug: Unintended cooldown extension for prior unstakes
* \#51148 \[SC-Low] lastJackpotClaimWeek not reset between campaigns causing legitimate jackpot winners to lose rewards
* \#52589 \[SC-Low] In distribute yield function if there are no legitimate users i.e no restricted users the funds will remain stuck
* \#50493 \[SC-Low] Immutable Proxy→Implementation Mapping in RestrictionsFactory Breaks Upgrade Logic
* \#51287 \[SC-Low] Incorrect Reward Calculation for Slashed Validators When Reward Rates Change Between Updates
* \#51711 \[SC-Low] Overriding cooldown period during `unstake()` leads to unfair stake penalisation if validator is slashed
* \#51802 \[SC-Low] Temporary freeze of rewards is possible if efficientSupply == 0
* \#52457 \[SC-Low] In ArcToken: branch in effectiveTotalSupply == 0 returns misleading nextIndex

</details>

<details>

<summary>Insight</summary>

* \#50677 \[SC-Insight] Redundant code in `DexAggregatorWrapperWithPredicateProxy` impairs readability and potentially increases gas costs
* \#50628 \[SC-Insight] Incorrect update of Admin state in VRF Requests Leads to Randomness Manipulation and Jackpot Theft
* \#50393 \[SC-Insight] Unused admin state variable increases deployment and storage costs.
* \#50392 \[SC-Insight] Phantom commission burn
* \#51312 \[SC-Insight] Misleading revert
* \#51958 \[SC-Insight] Blacklisted user bricks yield distribution logic
* \#52377 \[SC-Insight] Removed tokens that have not been earned cannot be pulled from the PlumeStakingRewardTreasury.sol
* \#51918 \[SC-Insight] Redundant zero address checks for router address
* \#49708 \[SC-Insight] Yield Distribution in ArcToken does not match expected behavior
* \#52289 \[SC-Insight] In ArcToken.sol redundant holderCount > 0 checks
* \#50502 \[SC-Insight] Raffle contract fails to emit events on multiple state changes
* \#52468 \[SC-Insight] DoS in Batch Yield Distribution Due to Cross-Batch State Inconsistency
* \#49798 \[SC-Insight] Invalid Holder Set Initialization Bypasses Modular Restrictions, Corrupting Yield Distribution
* \#52628 \[SC-Insight] State-Modifying Getter in getPendingRewardForValidator Allows Gas Griefing and Unintended State Changes
* \#52837 \[SC-Insight] Gas-heavy repeated binary search increases reward-calculation gas costs
* \#50974 \[SC-Insight] Inconsistent Validation Between Reward and Jackpot Probability Thresholds
* \#49893 \[SC-Insight] `Raffle.sol` implementation logic allows direct PLUME transfers but has no withdraw locking funds permanently
* \#50580 \[SC-Insight] `ValidatorFacet` missing events on some function state changes
* \#50596 \[SC-Insight] Unnecessary variable setting
* \#50234 \[SC-Insight] Redundant Reward Update in `RewardsFacet::removeRewardToken`
* \#50470 \[SC-Insight] Inefficient Design in `distributeYieldWithLimit:;ArcToken` Creates Unnecessary Gas Consumption
* \#49835 \[SC-Insight] Dex Aggregator unused ETH loss
* \#49671 \[SC-Insight] Wrong emission in Stake
* \#50187 \[SC-Insight] YieldBlacklistRestrictions Uses Slot 0 Instead of Unstructured Storage, Risking Slot Collision
* \#51925 \[SC-Insight] Redundant Checks for Token Transfer Success
* \#51927 \[SC-Insight] Incorrect recipient check in `_update` function
* \#50931 \[SC-Insight] No partial claim may result in a loss of funds
* \#50297 \[SC-Insight] Lack of ETH Rescue Mechanism
* \#51001 \[SC-Insight] Inaccurate share calculation in emitted event for non-bridge deposits
* \#50060 \[SC-Insight] Scattered Module Processing Pattern in `ArcToken._update` Function
* \#51926 \[SC-Insight] ABI mismatch in the claimAll function leads to incorrect reward decoding and potential fund loss for external integrators
* \#50312 \[SC-Insight] Validator can steal user rewards due to a lack of cooldown when validator increases commission
* \#51288 \[SC-Insight] Validators commission can be permanently lost
* \#51228 \[SC-Insight] Missing Zero Address Check in Initialization Leads to Irrecoverable Contract Lock
* \#51100 \[SC-Insight] Gas Inefficiency in Prize Removal Logic
* \#50027 \[SC-Insight] Missing Validation of OKX Swap Output Token in function `_okxHelper()`
* \#50691 \[SC-Insight] No validator limit can lead to DoS
* \#49876 \[SC-Insight] Lack of refund on admin-canceled spin requests leads to permanent loss of funds
* \#49800 \[SC-Insight] Yield distribution could encounter an unexpected revert
* \#51707 \[SC-Insight] Gas inefficiency due to redundant \_validateValidatorExists() modifier in requestCommissionClaim()
* \#50660 \[SC-Insight] Missing event in withdrawPurchaseTokens function
* \#49868 \[SC-Insight] `Raffle.sol` does not enforce `Prize.endTimeStamp` allowing user and admin interactions with expired Prizes
* \#52303 \[SC-Insight] Incorrect Yield Distribution Event Emission
* \#50506 \[SC-Insight] `StakingFacet` missing event emission on any unstaking operations
* \#49726 \[SC-Insight] There is a redundant zero address check in the ValidatorFacet.sol that is obsolete and could never be true
* \#49668 \[SC-Insight] Validator status function emit misleading event
* \#50973 \[SC-Insight] Incorrect Parameter Type in setJackpotProbabilities
* \#50380 \[SC-Insight] Redundant Use of `allowedImplementations` Mapping in Factory Contracts (createToken and createWhitelistRestrictions in ArcTokenFactory and RestrictionsFactory respectively)
* \#49954 \[SC-Insight] `Raffle::editPrizes` lacks logic to make prizes immutable once winner selection starts or users join breaking user trust.
* \#52557 \[SC-Insight] validatorLastUpdateTimes not updated after validator slashing
* \#50887 \[SC-Insight] ArcoTokenPurchase::PurchaseMade Event Mislabels Payment Amount as “pricePaid” Instead Of Unit Price
* \#50168 \[SC-Insight] Unused and duplicated functions should be removed from RewardsFacet and StakingFacet
* \#50461 \[SC-Insight] Incorrect deposit event receiver logged in bridge functions of `DexAggregatorWrapperWithPredicateProxy.sol`
* \#51920 \[SC-Insight] Unnecessary second hand of `if` check in `calculateRewardsWithCheckpointsView`
* \#52248 \[SC-Insight] Lack of initialization check in staking allows users to stake without reward token configured, causing permanent loss of yield
* \#52444 \[SC-Insight] `getMaxNumberOfTokens` returns misleading supply when sales are disabled
* \#53071 \[SC-Insight] `_okxHelper` function incompatible with the `UNISWAP_V3_SWAP_TO_WITH_PERMIT_SELECTOR`
* \#51171 \[SC-Insight] Redundant Storage Reads and Unnecessary Checks in Reward Rate Checkpoint Logic Lead to Inefficient Gas Usage
* \#50284 \[SC-Insight] Incorrect ERC7201 Storage Implementation in Core Factory Contracts
* \#51651 \[SC-Insight] Redundant Array Access in removeStakerFromValidator
* \#51493 \[SC-Insight] Misleading View Function Documentation
* \#50675 \[SC-Insight] Re-Entrant ETH Refund Can Emit Mismatched shares in Deposit event
* \#52646 \[SC-Insight] Missing event emission after reward claim has been finalized in RewardsFacet
* \#51655 \[SC-Insight] Redundant Storage Write in addValidator Function Leads to Unnecessary Gas Costs
* \#52799 \[SC-Insight] unused storage variable
* \#50761 \[SC-Insight] Slashed Validators Not Removed from Active List, Leading to Redundant Reward Checkpoints and Wasted Gas
* \#52935 \[SC-Insight] In Raffle contract, cancel request does not really cancel the request
* \#52937 \[SC-Insight] Redundant Raffle Ticket Balance Check
* \#52918 \[SC-Insight] Redundant Check for AllWinnersDrawn Error
* \#52087 \[SC-Insight] Plume.sol#permit(...) will always revert for smart contract wallet signatures
* \#52137 \[SC-Insight] Silent Override of Non-Global Module Implementation Causes Stored State and Event Log Inconsistency
* \#51028 \[SC-Insight] Gas and Storage Inefficiency in Raffle Ticket Range Tracking
* \#49919 \[SC-Insight] Unstake function does not unstake all as mentioned in the NatSpec
* \#49932 \[SC-Insight] There are five separate but similar implementations of a binary search that can be condensed into one function
* \#49639 \[SC-Insight] Gas Inefficiency in Loop Storage Reads \_processMaturedCooldowns
* \#49738 \[SC-Insight] Active users in prize pool loose invested raffle tickets when `Raffle::removePrize()` is called.
* \#49768 \[SC-Insight] Missing input validation in `Raffle::editPrize` breaks functionality
* \#51083 \[SC-Insight] claimAll() only loops over active reward tokens and ignores historical tokens
* \#50212 \[SC-Insight] Validators without staked funds can control slashing decisions leading to protocol insolvency
* \#52221 \[SC-Insight] Hardcoded Supra subscription wallet can freeze Spin
* \#50949 \[SC-Insight] No check if raffle actually has enough funds
* \#50632 \[SC-Insight] Critical Timestamp Parsing Bug in getYear() of DateTime contract
* \#49626 \[SC-Insight] Modulo Bias in Winner Selection in Raffle
* \#51712 \[SC-Insight] Yield distribution will revert if global module doesn't implement IYieldRestrictions
* \#52960 \[SC-Insight] Incosistent withdrawable amount calculations
* \#50041 \[SC-Insight] Missing global rate fallback in `getEffectiveRewardRateAt`
* \#51738 \[SC-Insight] It's possible to enable the same token multiple times, thereby resetting the parameters
* \#51814 \[SC-Insight] `checkpoint.cumulativeIndex` returned in the `getRewardRateCheckpoint` function will be zero
* \#51159 \[SC-Insight] High Gas: Iterative Date Calculations in DateTime.sol

</details>

## Reports by Type

<details>

<summary>Smart Contract</summary>

* \#51946 \[SC-High] Commission Claims Fail for Removed Reward Tokens
* \#52964 \[SC-High] if a new reward token is added during a the period a validator is inactive, the validator will still earn rewards/commission for some of the duration in which they were inactive
* \#51519 \[SC-Low] `_unstake` does not validate users remaing stake
* \#53020 \[SC-High] There are functions which when inevitably used could result in wrongly accruing yield for inactive validators, which can make the protocol insolvent
* \#52843 \[SC-Low] The zero address cannot be whitelisted, which means during restrictions minting and burning cannot work
* \#53022 \[SC-Critical] Funds are not properly refunded to user which calls for swap on the dex aggregator
* \#51264 \[SC-Low] User may need admin to help claim their prize
* \#52129 \[SC-Low] `previewYieldDistribution` Reverts Instead of Returning Zero When No Tokens Are in Circulation
* \#50428 \[SC-Medium] Reverting on callback increases chances of winning
* \#49915 \[SC-Low] Misleading Event Emission in `createWhitelistRestrictions` Function in `RestrictionsFactory` contract
* \#52634 \[SC-High] Batch yield distribution has a mathematical flaw that enables economic manipulation
* \#52841 \[SC-Medium] Token admin can DOS admin to not let admin change purchase token
* \#51316 \[SC-Low] Flawed `claimPrize` Logic Allows Invalid or Blocked Prize Claims
* \#52796 \[SC-Low] Whitelist Restriction in ArcToken Blocks All Minting and Burning
* \#50784 \[SC-High] Any arc token creator can upgrade the implementation
* \#52327 \[SC-Low] Unfair Yield Distribution Due to Last Holder Bias
* \#51912 \[SC-High] Mismatched rounding rules in Reward Logic library results in two-fold loss of earnings
* \#51596 \[SC-Low] Unsafe uint256 to uint8 Downcast Causes Integer Overflow Leading to Unauthorized Jackpot Payouts After Week 255
* \#50822 \[SC-High] Deployer can cpgrade `ArcToken` to malicious implementation and steal all user funds
* \#52414 \[SC-Low] Slashed-path reward accumulation ignores mid-interval rate changes
* \#50477 \[SC-High] Validator loses all accrued commission when reward token is removed
* \#52915 \[SC-Low] Yield are transferred before eligibility check potentially leading to freezing of funds
* \#51680 \[SC-Medium] ValidatorFacet: Inactivating a validator will result in frozen commisions
* \#52097 \[SC-High] Malicious User can steal yield via Reordering Between Batches in `distributeYieldWithLimit`
* \#53034 \[SC-High] ArcTokenFactory doesn't properly handle role management which allows users to arbitrary upgrade their ArcToken's implementation
* \#50735 \[SC-High] some yield tokens will be stuck in contract due to incorrect 'lastProcessedIndex' calculation
* \#50721 \[SC-Low] Winners cannot claim Prizes until all winners have been drawn in `Raffle::claimPrize`
* \#50399 \[SC-Low] Broken access control in particular contract functions due lack of pause/unpause functionality
* \#51684 \[SC-Medium] Unbounded Gas Consumption in removeStakerFromAllValidators Leads to Denial-of-Service, Preventing Users with Large Validator Counts from Removing Associations and Potentially Lock...
* \#51754 \[SC-High] Double yield distribution via token transfers between distributeYieldWithLimit() calls
* \#51979 \[SC-Low] `getAccruedCommission` returns outdated accrued commission
* \#52710 \[SC-Low] Mint/Burn are blocked when whitelist restrictions are enabled
* \#49863 \[SC-Critical] Dex Aggregator ERC20 token theft
* \#50082 \[SC-Low] Protocol lets validators operate with dust amounts, making attacks risk-free
* \#50450 \[SC-High] Logic error in streak validation causes legitimate jackpot wins to be denied, violating reward contract expectations
* \#50943 \[SC-High] Any malicious token creator can upgrade the Arc Token implementation granting themselves UPGRADER\_ROLE
* \#51887 \[SC-Medium] safeApprove will cause revert of USDT and similar Erc20 token
* \#51558 \[SC-High] ArcToken holder can receive yield twice from `distributeYieldWithLimit`
* \#52955 \[SC-High] A commission rate checkpoint is not created when adding a validator, despite the commission rate being set leading to loss of validator commission.
* \#50860 \[SC-High] Logic Error in Jackpot Eligibility Check Leads to Systematic Theft of User Rewards
* \#50195 \[SC-Low] Unfair Yield Distribution Due to Remainder Allocation to Last Holder
* \#52286 \[SC-High] Off-by-One Error in Jackpot Eligibility Check Leads to Denial of Legitimate Rewards
* \#51456 \[SC-High] Token creator can revoke the UPGRADER role from the factory in order to avoid upgrades
* \#52371 \[SC-High] `distributeYieldWithLimit` is vulnerable to inter-batch `balance and holders array` mutations
* \#52393 \[SC-Low] Burns blocked by both-sides whitelist with zero-address exclusion when restrictions are enabled
* \#51589 \[SC-High] TokenCreator retains upgrade rights – Fix remains insufficient - Finding #01: Immunefi Report
* \#52422 \[SC-Low] Using the current time in getEffectiveRewardRateAt will result in incorrect reward calculation for an entire duration of a time segment
* \#53061 \[SC-High] Asymmetric rounding in commission (ceil for users, floor for validators) enables per-segment rounding loss; validators can amplify via frequent commission checkpoints.
* \#50677 \[SC-Insight] Redundant code in `DexAggregatorWrapperWithPredicateProxy` impairs readability and potentially increases gas costs
* \#49616 \[SC-High] User can steal Rewards
* \#51666 \[SC-Medium] Inactive Validators Blocked from Claiming Accrued Commission
* \#52446 \[SC-Low] Withdrawing Unsold Tokens Desynchronizes Sale Accounting
* \#52165 \[SC-High] user can't claim reward ERC20 tokens since rewards transfer will revert
* \#52218 \[SC-High] Creator Retains DEFAULT\_ADMIN\_ROLE, Allowing Bypass of Upgrade Restrictions
* \#51816 \[SC-Low] Yield distribution can be front-run to steal rounding remainder as last holder
* \#52499 \[SC-High] ArcToken Factory's admin cannot upgrade an ArcToken
* \#49731 \[SC-High] Theft on Re-Added Tokens
* \#52620 \[SC-Medium] permanently DoS to ArcTokenPurchase contract
* \#50839 \[SC-Low] Last Holder Always Gets More Yield
* \#51801 \[SC-Medium] Supra callback allows for theft of gas
* \#51836 \[SC-Low] Contract Cannot Be Paused Despite Inheriting Pausable
* \#52833 \[SC-High] bypass the fix of immunefi audit IMM-CRIT-01 ：Token Creator Can Upgrade ArcToken Implementation
* \#50059 \[SC-Medium] ETH Refund in depositAndBridge functions enables DoS
* \#51479 \[SC-High] Inaccurate Reward Calculation Post-Validator Slashing Due to Premature Timestamp Update on Token Removal
* \#53063 \[SC-Low] `maxValidatorPercentage` can be used to DOS protocol staking
* \#51352 \[SC-Critical] User will lose the unspent amount when executing partial swaps via 1inch
* \#51320 \[SC-Low] Malicious teller parameter allow event data manipulation
* \#52983 \[SC-High] Validator will loose commission for the tokens which are removed from the reward tokens but they still have commission left to be claimed.
* \#50628 \[SC-Insight] Incorrect update of Admin state in VRF Requests Leads to Randomness Manipulation and Jackpot Theft
* \#51917 \[SC-Medium] Possible gas griefing on the `handleRandomness(...)` function with a fallback that executes other transactions.
* \#51198 \[SC-Medium] BoringVault cannot receive any deposit due to faulty logic related to the `shareLockPeriod`
* \#53038 \[SC-Low] distributeYield can be frontrun to sandwich rewards. We can force ourselves to be the last holder and get unfairly big bonuses
* \#51988 \[SC-Medium] `PlumeRewardLogic.calculateRewardsWithCheckpointsView` lacking of checking if the validator is inactive but not slashed.
* \#52527 \[SC-High] The validator admin might claim less commission token when `ValidatorFacet.requestCommissionClaim` is called.
* \#50350 \[SC-High] StakingFacet: stakeOnBehalf allows to prevent withdraws
* \#53037 \[SC-Critical] Commission changes can retroactively affect user rewards
* \#52277 \[SC-Low] Race Condition in Streak Calculation Leads to Unfair Streak Reset for Users Spinning Near UTC Day Change
* \#52719 \[SC-Medium] Inactive validators blocked from claiming commissions despite passed timelock
* \#50340 \[SC-Medium] Any ArcToken admin can block the setting/update of the purchase token indefinitely.
* \#53001 \[SC-High] Yield tokens become stuck in ArcTokenPurchase contract when distributing yield during active sales
* \#51146 \[SC-Low] getMaxNumberOfTokens returns wrong max number of tokens available to buy
* \#52905 \[SC-Low] Incorrect Reward Reporting in View Functions (earned and getClaimableReward) Leads to Zero Balance Display for Active Stakers
* \#52803 \[SC-High] \_canRecoverFromCooldown is inconsistent when slash and cooldown maturity occur in the same block
* \#51510 \[SC-Low] Bypass of `maxValidatorPercentage` allows a validator to exceed the decentralisation cap
* \#52464 \[SC-High] Commission rounding mismatch under payment bug
* \#52896 \[SC-Low] “Pause” gate is present but no way to pause
* \#53011 \[SC-Critical] Uncleaned Partial Approval Consumption in DEX Aggregator Integration Leads to Permanent DoS
* \#51526 \[SC-High] Yield token will be locked in ArcToken.sol if the `lastHolder` is not allowed to receive yield
* \#51476 \[SC-Medium] Validators can't claim their accrued commission if they are made inactive
* \#52390 \[SC-High] `_validateIsToken(...)` blocks validators from claiming earned rewards from removed tokens.
* \#52203 \[SC-Medium] Griefing Attack on ArcTokenPurchase.setPurchaseToken() Function via Front-Running
* \#52919 \[SC-Medium] `_safeTransferPlume` can lead to gas griefing attack
* \#51850 \[SC-Low] upgradeToken(...) can not initialize an upgraded token because the `data` variable of upgradeToAndCall() is hardcoded to empty string
* \#49939 \[SC-High] Initial timestamp mismatch might lead to users being able to spin twice in the same day
* \#52489 \[SC-Low] When users perform unstake operations in batches, it may cause some funds to be frozen for an additional period of time.
* \#52911 \[SC-Low] Last Holder Potential Extra Token Distribution Encourages Gaming Distribution and Race Conditions
* \#51989 \[SC-Low] Event:: RestrictionsCreated always emits msg.sender as Owner
* \#51571 \[SC-Low] Stale mapping after proxy upgrade
* \#50393 \[SC-Insight] Unused admin state variable increases deployment and storage costs.
* \#53048 \[SC-Medium] Approval logic can break on non-standard ERC-20s (USDT-style) and leave allowances loose
* \#50490 \[SC-High] User loses reward tokens during validator-user relationship clearing
* \#50624 \[SC-Low] There is a Missing Emergency Pause in Predicate Proxy
* \#53051 \[SC-High] Unconsented stakeOnBehalf enables third-party gas-griefing DoS by bloating userValidators, breaking withdraw/claimAll
* \#51909 \[SC-Medium] Inconsistent Commission Claim Logic Denies Legitimate Claims for Inactive Validators
* \#53025 \[SC-High] Commission on removed tokens is unclaimable
* \#50977 \[SC-Low] TellerWithMultiAssetSupportPredicateProxy contract cannot be emergency paused
* \#53028 \[SC-High] There is an Asymmetric Rounding issue that is can cause a Theft of Unclaimed Yield in Reward or Commission Accounting
* \#52314 \[SC-Low] Unsold Token Withdrawal Causes Permanent Inventory Mismatch
* \#50343 \[SC-Low] Cooldown reset vulnerability
* \#50527 \[SC-High] Attacker can steal yield during batch distribution
* \#51051 \[SC-High] Inactive Validator Reward Accrual Bypass
* \#50392 \[SC-Insight] Phantom commission burn
* \#52113 \[SC-Low] `StakingFacet.unstake(uint16 validatorId, uint256 amount)` can be abused to bypass `$.minStakeAmount`
* \#50694 \[SC-Low] Spins occuring close to midnight lead to users streaks being unfairly broken due to VRF callback delay
* \#51992 \[SC-High] Dust Accumulation in ArcToken during Yield Distribution.
* \#52732 \[SC-Medium] Permanent DoS of Purchase Token Change
* \#51241 \[SC-Low] Cooldown shortening logic allows early withdrawal of locked stake
* \#50040 \[SC-Low] Missing Pause Controls, ETH Refund Flaws, and Miscalculated Shares Enable Fund Loss and Protocol Inconsistency in depositAndBridge
* \#52865 \[SC-High] Inconsistency in how stake cooldown is handled due to off by one error
* \#52931 \[SC-High] Validators can not claim their commissions after the reward token removal.
* \#51847 \[SC-Critical] DoS via dust leftover in erc-20 approvals
* \#52798 \[SC-High] Integer Division Remainder Loss in Batched Yield Distribution Causes Permanent Fund Lock
* \#51567 \[SC-Low] Contract Cannot Be Paused: Missing Public pause and unpause Functions
* \#52995 \[SC-High] Validators lose access to historical reward tokens when tokens are removed
* \#52409 \[SC-High] Asymmetric commission rounding creates systematic accounting drift
* \#51034 \[SC-Low] Sales information is lost when enabling token
* \#51878 \[SC-High] Timing Misalignment Between Campaign Days and Calendar Days Allows Double Spinning on High-Probability Jackpot Days
* \#52998 \[SC-Low] Minor delays from oracle can unfairly reset users streak
* \#49700 \[SC-High] Validator Commission can be Blocked
* \#52424 \[SC-High] There is a Retroactive Commission Miscalculation in PlumeRewardLogic
* \#51899 \[SC-Medium] Partial Distribution of yield will fail if the totalEfficentive supply increases.
* \#51129 \[SC-Low] BoringVault proxies do not support smart contract wallets
* \#52961 \[SC-High] Theft of yield from the distributor.
* \#52012 \[SC-Medium] Shares lock Applied to Proxy Causes Deposit DoS When shareLockPeriod > 0
* \#52254 \[SC-High] ArcToken theft beyond unclaimed yield during distribution
* \#53018 \[SC-High] Owed rewards could be lost for some users for periods before slashing time due to incorrect logic.
* \#52517 \[SC-High] Missing Point-in-Time Snapshot in Batched Yield Distribution Enables Double-Claims and Permanent Fund Lock
* \#53016 \[SC-High] ArcTokenPurchase doesn't allow RWA-token owners to recover accrued yield from stored ArcTokens waiting for sale.
* \#51041 \[SC-High] Streak‑Count Misuse in Jackpot Eligibility Allows Theft of User Funds
* \#50783 \[SC-Low] Validator percentage cap does not work properly
* \#49732 \[SC-Medium] Malicious Token Admin Can Permanently Block setPurchaseToken
* \#52339 \[SC-Low] Loss of Daily Streak and Jackpot Eligibility Due to Supra Generator Callback Delay and On-Callback Time Usage in `Spin.sol`
* \#53015 \[SC-Low] Raffle Does Not Invalidate Used Tickets, Breaking Fairness
* \#51116 \[SC-High] Batching yield distribution allows claiming unfair share of the yield
* \#50483 \[SC-High] Final seconds spin requestors of `last week of campaign` will lose jackpots
* \#50922 \[SC-Low] Unstaking partially will extend the cooldown time for previously unstaked amount too
* \#49963 \[SC-Medium] Anyone can create an ArcToken and block the setPurchaseToken() function
* \#51999 \[SC-High] Logical Flaw in Validator Reactivation and addRewardToken Allows Claiming Rewards for Validators in Inactive Periods
* \#52290 \[SC-Medium] `deposit` function in **TellerWithMultiAssetSupportPredicateProxy** is completely broken due to wrong share lock
* \#49673 \[SC-High] Batched Distribution (distributeYieldWithLimit) is vulnerable to double yield claiming attack
* \#49854 \[SC-Critical] Dex Aggregator partial fill token loss
* \#52996 \[SC-High] Users can claim rewards for newly added reward tokens even when the validator they staked for was inactive during some time interval.
* \#51312 \[SC-Insight] Misleading revert
* \#50504 \[SC-Low] totalAmountClaimable() reverts when called with a removed reward token
* \#50252 \[SC-High] Rounding excess yield tokens become permanently stuck when last holder is yield-restricted
* \#52285 \[SC-High] Incorrect Dust Handling in Yield Distribution Leads to Permanent Fund Lock
* \#51132 \[SC-Low] `TellerWithMultiAssetSupportPredicateProxy` cannot be paused/unpaused
* \#50951 \[SC-High] Inconsistent streak count usage between jackpot and raffle ticket calculations
* \#50787 \[SC-High] Residual-Yield Bug Locks Tokens Permanently in distributeYield
* \#50889 \[SC-Low] ArcTokenPurchase::withdrawUnsoldArcTokens() Fails to Reduce totalAmountForSale, Leaving Availability Counters Wrong
* \#52519 \[SC-Low] Missing Eligibility Check Before Fund Transfer in distributeYield Leads to Permanent Loss of Yield Tokens
* \#52576 \[SC-High] Flaw in Raffle::determineReward in Jackpot Prize Calculation after week 12
* \#51958 \[SC-Insight] Blacklisted user bricks yield distribution logic
* \#52667 \[SC-High] commission is not added at point of adding validator hence stakers that stake before the first checkpoint would always use the current commission
* \#50415 \[SC-Low] getMaxNumberOfTokens() returns wrong value when ArcTokens are withdrawn
* \#51943 \[SC-Low] TellerWithMultiAssetSupportPredicateProxy is meant to be pausable but cannot be paused
* \#52341 \[SC-Medium] `TellerWithMultiAssetSupportPredicateProxy` ShareLock Incompatibility - Unable to Operate Due to Token Access Restrictions
* \#50347 \[SC-High] Commission for a validator cannot be claimed when token is removed
* \#52377 \[SC-Insight] Removed tokens that have not been earned cannot be pulled from the PlumeStakingRewardTreasury.sol
* \#51961 \[SC-High] Attackers can deny commission rewards to validators by repeatedly calling forceSettleValidatorCommission()
* \#49715 \[SC-Low] Restriction of token burning on whitelisted addresses
* \#52770 \[SC-High] Unbounded Gas Consumption via stakeOnBehalf Manipulation
* \#50225 \[SC-Low] User can bypass `minStakeAmount` checking.
* \#50412 \[SC-High] Illegitimate Reward Claim After Unstake Due to Overlapping Reward Rate Checkpoints
* \#52979 \[SC-Low] WhitelistRestrictions unintentionally disables mint and burn when transfers are restricted
* \#51414 \[SC-High] Attacker can drain yield by transferring tokens to other address in yield batch distributions
* \#51283 \[SC-Critical] Permanent Freeze of User token Due to Unhandled Partial Fill Refunds for swap via 1inch in `DexAggregatorWrapperWithPredicateProxy`
* \#51122 \[SC-Low] `ArcTokenPurchase#enableToken` can reset the `amountSold` to 0
* \#51776 \[SC-Low] Streak System Breaks Despite Timely User Action Due to Delayed Supra Oracle Callback
* \#52460 \[SC-High] Add RewadToken and SetRewardRate updates the checkpoint of Inactive validators .
* \#51043 \[SC-Medium] Core deposit and depositAndBridge Functionality in `TellerWithMultiAssetSupportPredicateProxy` is Non-functional Due to Flawed shareLockPeriod Logic
* \#52676 \[SC-High] reward rates being set when there is an inactive validator would enable stakers to steal rewards because of the inconsistency in state
* \#51613 \[SC-Medium] Yield tokens can be stuck in ArcTokenPurchase , PlumeStakingRewardTreasury or other defi protocols when distributeYield is called.
* \#51918 \[SC-Insight] Redundant zero address checks for router address
* \#52901 \[SC-Low] Wrapped week index can mis-price jackpot table after long uptime
* \#49647 \[SC-Low] Pausable Functions are Not Exposed
* \#49708 \[SC-Insight] Yield Distribution in ArcToken does not match expected behavior
* \#52847 \[SC-High] No function to recover the remained yield by distributeYieldWithLimit
* \#52202 \[SC-Low] Failure to Invalidate Winning Tickets Allows Multiple Wins from Single Entry
* \#51133 \[SC-High] Streak Check Uses Outdated Value in Jackpot Eligibility results in user getting nothing instead of Jackpot
* \#52990 \[SC-Low] `uint8` truncation and missing cap on week index can return wrong/zero jackpot amounts (Low — Contract fails to deliver promised returns)
* \#52278 \[SC-High] Incorrect Streak Check in Jackpot Eligibility Leads to Unfair Reward Denial
* \#52289 \[SC-Insight] In ArcToken.sol redundant holderCount > 0 checks
* \#52075 \[SC-Medium] ArcTokenPurchase Contract is a Token Holder and may be Yield Recipient.
* \#51905 \[SC-High] Validator commission burn on slashed validator reward path
* \#51138 \[SC-Low] Winners cannot claim until all winners are drawn
* \#50167 \[SC-High] Retroactive reward drain via incomplete reward debt reset
* \#50502 \[SC-Insight] Raffle contract fails to emit events on multiple state changes
* \#50924 \[SC-High] Validators are not able to claim their accrued commission when the reward token is removed.
* \#52104 \[SC-High] Removed reward tokens block validator commission claims
* \#50409 \[SC-High] Validator will lose comission
* \#49817 \[SC-Medium] Inactive validators are prevented to claim to eligible commission rewards
* \#51987 \[SC-High] Validators will be able to steal more commission from users that isn't the commission to be charged
* \#52572 \[SC-High] A legitimate arc token holder can be denied his yield.
* \#49623 \[SC-Low] Unstaking allows going below minimum stake
* \#52468 \[SC-Insight] DoS in Batch Yield Distribution Due to Cross-Batch State Inconsistency
* \#52680 \[SC-High] holders length changing when distributing limit with limit could lead to case where new holders unfairly claim yield and yield is permanently frozen
* \#50487 \[SC-Low] Cross-Campaign Jackpot Denial Due To State Pollution
* \#52891 \[SC-Low] Staking and unstaking immediately an amount little less than the original staked amount leaves dust stake amounts in the system.
* \#49798 \[SC-Insight] Invalid Holder Set Initialization Bypasses Modular Restrictions, Corrupting Yield Distribution
* \#51951 \[SC-Low] A Global Blocking Check in claimPrize Prevents Individual Winner Claims Until All Winners Are Drawn
* \#49941 \[SC-Low] Permanent Freezing of Yield Tokens Due To Flawed Check in Distribution Logic
* \#52484 \[SC-Medium] Permanent deposit DoS with USDT-like tokens due to approve-from-nonzero pattern in 1inch/OKX paths
* \#52628 \[SC-Insight] State-Modifying Getter in getPendingRewardForValidator Allows Gas Griefing and Unintended State Changes
* \#52034 \[SC-Medium] Inaccurate Reward Calculation Due To Fallback to Next Checkpoint on Missing Timestamp
* \#53077 \[SC-High] Permanent Fund Lock Due To Flawed Remainder Logic in distributeYield
* \#50194 \[SC-Medium] `DexAggregatorWrapperWithPredicateProxy` can be stucked by any user
* \#52449 \[SC-High] Broken Streaks Still Pass Jackpot Eligibility in Spin Contract
* \#52458 \[SC-High] In ArcToken::distributeYieldWithLimit() the distribution without snapshot allows more claims from same holder
* \#52061 \[SC-High] Re-adding reward tokens causes userValidatorRewardPerTokenPaid to be uninitialized for users who staked during token removal, allowing them to claim excessive historical rewards
* \#52837 \[SC-Insight] Gas-heavy repeated binary search increases reward-calculation gas costs
* \#52986 \[SC-High] Jackpot check uses previous `streakCount` instead of current computed streak, denying jackpot on first eligible day
* \#50404 \[SC-Low] User withdraw time can be delayed much longer if unstake again before the `cooldownEndTime`
* \#52601 \[SC-High] In Spin::handleRandomness() jackpot eligibility uses outdated streakCount instead of updated streak
* \#50974 \[SC-Insight] Inconsistent Validation Between Reward and Jackpot Probability Thresholds
* \#51910 \[SC-Low] Inconsistent yield token transfer logic causes permanent loss of yield in distributeYield()
* \#52736 \[SC-High] Restaking rewards will revert when users have to catch up with segments
* \#49893 \[SC-Insight] `Raffle.sol` implementation logic allows direct PLUME transfers but has no withdraw locking funds permanently
* \#50580 \[SC-Insight] `ValidatorFacet` missing events on some function state changes
* \#52500 \[SC-High] Missing Commission Checkpoint Initialization Leads to Retroactive Commission Theft of User Rewards
* \#51391 \[SC-Low] enableToken Function Overwrites amountSold to Zero Causing Permanent Loss of Sales History
* \#51324 \[SC-High] Rounding in commission accounting burns delegator rewards
* \#50022 \[SC-Low] Missing admin `Pause/Unpause` functions in `TellerWithMultiAssetSupportPredicateProxy` contract
* \#50596 \[SC-Insight] Unnecessary variable setting
* \#50234 \[SC-Insight] Redundant Reward Update in `RewardsFacet::removeRewardToken`
* \#50470 \[SC-Insight] Inefficient Design in `distributeYieldWithLimit:;ArcToken` Creates Unnecessary Gas Consumption
* \#52186 \[SC-Low] Incorrect reward calculation for slashed validators due to single segment time handling
* \#52787 \[SC-High] Batched yield distribution rounding in ArcToken permanently freezes unclaimed funds and misreports payouts
* \#49835 \[SC-Insight] Dex Aggregator unused ETH loss
* \#49671 \[SC-Insight] Wrong emission in Stake
* \#50187 \[SC-Insight] YieldBlacklistRestrictions Uses Slot 0 Instead Of Unstructured Storage, Risking Slot Collision
* \#51925 \[SC-Insight] Redundant Checks For Token Transfer Success
* \#51927 \[SC-Insight] Incorrect recipient check in `_update` function
* \#50931 \[SC-Insight] No partial claim may result in a loss of funds
* \#50297 \[SC-Insight] Lack of ETH Rescue Mechanism
* \#51653 \[SC-High] Permanent loss of staker rewards after slashing when validator records are cleared
* \#51001 \[SC-Insight] Inaccurate share calculation in emitted event for non-bridge deposits
* \#50060 \[SC-Insight] Scattered Module Processing Pattern in `ArcToken._update` Function
* \#52027 \[SC-Low] WhitelistRestrictions.sol: Mint & Burn Operations Blocked When Transfers Disabled
* \#53039 \[SC-High] Rewards and commissions accrued in the interval before a slash might be lost
* \#53059 \[SC-Low] Reward rate checkpoints are used but are never set
* \#52513 \[SC-High] `ValidatorFacet.addValidator` lacks of calling `PlumeRewardLogic.createCommissionRateCheckpoint`
* \#51033 \[SC-High] Off-by-one streak check lets jackpot spins be rejected one day early
* \#52988 \[SC-Medium] deposit function DOS
* \#53035 \[SC-Medium] Share Lock Applied to Wrapper Instead Of End User Breaks Transfers or Bypasses Lock
* \#51197 \[SC-High] Arc Token owner can take upgrader role for themselves lockout the factory and upgrade the contract without the knowledge of the factory
* \#51286 \[SC-Low] Event `RestrictionsCreated` uses wrong owner
* \#53043 \[SC-High] handleRandomness doesn't properly account for current streak which could result in the User spinning losing a Jackpot
* \#51771 \[SC-Low] Unsafe downcast of uint256 to uint8 will lead to Silent overflow
* \#51926 \[SC-Insight] ABI mismatch in the claimAll function leads to incorrect reward decoding and potential fund loss for external integrators
* \#52436 \[SC-Low] getAccruedCommission() could return an inaccurate value
* \#51060 \[SC-High] PlumeRewardLogic: Improper update of "validatorLastUpdateTimes" can lead to frozen assets
* \#52973 \[SC-High] Anyone can update the last update time of the slashed validator which leads to loss of rewards for the stakers
* \#52780 \[SC-High] Timestamp Manipulation in forceSettleValidatorCommission Leads to Permanent Loss of Staker Rewards
* \#52433 \[SC-High] Permanent loss of user rewards due to improper token removal after validator slashing
* \#50312 \[SC-Insight] Validator can steal user rewards due to a lack of cooldown when validator increases commission
* \#51288 \[SC-Insight] Validators commission can be permanently lost
* \#52889 \[SC-High] Inactive validators accrue rewards for new tokens
* \#51746 \[SC-Low] depositAndBridge(...) function of TellerWithMultiAssetSupportPredicateProxy.sol can not be paused
* \#51980 \[SC-Low] Unstake cooldown period is mistakenly reset on each claim, resulting in temporary frozen funds
* \#52560 \[SC-High] Incorrect current streak used when calculating whether the jackpot should be awarded or not
* \#52669 \[SC-Low] Token minting is blocked for whitelisted addresses when transfersAllowed is false
* \#50796 \[SC-High] Jackpot eligibility uses stale streak
* \#52041 \[SC-Low] In ArcToken Attacker Can Reposition to Last Holder and Capture Entire Yield Remainder
* \#51228 \[SC-Insight] Missing Zero Address Check in Initialization Leads to Irrecoverable Contract Lock
* \#51090 \[SC-High] malicious user can steal yields when `ArcToken.distributeYieldWithLimit` is used.
* \#52573 \[SC-High] Unconsented `stakeOnBehalf` enables **unbounded gas consumption** via `userValidators[]` growth, causing DoS at scale in `claimAll()` / `withdraw()`
* \#52706 \[SC-Low] Multi-Quantity Prize Claims Revert Until All Winners Are Drawn, Freezing Early Winners
* \#51100 \[SC-Insight] Gas Inefficiency in Prize Removal Logic
* \#50519 \[SC-High] RewardsFacet: Reintroducing an old reward token will result in wrong accounting, leading to theft of yield
* \#51551 \[SC-High] New rewards tokens will distribute yield to inactive validators
* \#51882 \[SC-Low] Unnecessary Claiming Restriction in Raffle Contract Prevents Winners from Claiming Prizes Until All Winners Are Drawn
* \#51969 \[SC-Low] Yield tokens permanently stuck when no eligible holders exist
* \#50560 \[SC-High] Inconsistent Commission Rounding Traps User/Validator Funds
* \#51260 \[SC-Low] Minstake are not enforced after Unstake which creates a DOS for new stakers
* \#50027 \[SC-Insight] Missing Validation of OKX Swap Output Token in function `_okxHelper()`
* \#52675 \[SC-Low] Minimum Stake Bypass via Partial Unstaking Creates Dust Stakes
* \#50691 \[SC-Insight] No validator limit can lead to DoS
* \#50551 \[SC-Low] Staked dust positions are not properly prevented
* \#52127 \[SC-High] Permanent rewards loss via admin slashing cleanup
* \#51505 \[SC-High] ArcToken creator can still upgrade ArcToken outside of the factory after IMM-CRIT-01 was fixed
* \#51525 \[SC-Low] Unfair Yield Distribution to Last Holder Due to Flawed Dust Handling
* \#51124 \[SC-High] Validator would loss commission fee if the rewards token are removed
* \#51070 \[SC-Low] Winning Raffle Ticket can be re-used to maintain unfair advantage over other players in `Raffle`
* \#51201 \[SC-Low] Contracts Without Payable Entry Points cannot withdraw nor claim rewards
* \#51929 \[SC-Low] Deactivating `isTransferAllowed` indirectly DOSes minting/burning functionality
* \#49698 \[SC-Low] Coordinated Validator Attack Delays Slashing and Enables Commission Theft
* \#50436 \[SC-Low] `voteToSlashValidator` prevents malicious inactive validators to be slashed.
* \#49876 \[SC-Insight] Lack of refund on admin-canceled spin requests leads to permanent loss of funds
* \#49800 \[SC-Insight] Yield distribution could encounter an unexpected revert
* \#52849 \[SC-High] Claimers who claim after (slash/inactive + updateRewardPerTokenForValidator which advances `validatorLastUpdateTimes to be more than slashTimestamp`) will lose rewards for a segment
* \#51707 \[SC-Insight] Gas inefficiency due to redundant \_validateValidatorExists() modifier in requestCommissionClaim()
* \#53056 \[SC-Low] Native-withdraw to msg.sender only → non-payable contract stakers cannot withdraw (permanent funds lock)
* \#51970 \[SC-Low] Spin streak computation relies on oracle callback time; any third-party delay can reset the user’s streak and block jackpot eligibility.
* \#52956 \[SC-High] State Inconsistency in Batched Yield Distribution Leads to Direct Theft of User Funds and Protocol Insolvency
* \#51172 \[SC-High] Users lose their accrued rewards when the protocol removes a reward token after the user's delegated validator has been slashed.
* \#50660 \[SC-Insight] Missing event in withdrawPurchaseTokens function
* \#52923 \[SC-Critical] Partial fill traps source token residual inside the wrapper and leaves unsafe residual allowance
* \#52925 \[SC-Medium] USDT-like approval hygiene can block subsequent operations after partial fill leaves non-zero allowance
* \#49868 \[SC-Insight] `Raffle.sol` does not enforce `Prize.endTimeStamp` allowing user and admin interactions with expired Prizes
* \#51941 \[SC-High] Token creator can revoke factory's upgrade capability, permanently blocking upgrades
* \#52130 \[SC-Low] Validator percentage cap bypass vulnerability
* \#52750 \[SC-Low] Percentage Limit Bypass via Unstaking from Other Validators
* \#52810 \[SC-Low] Batch unstake merged cooldowns leading to full fund slashing
* \#50963 \[SC-Low] Unexpected config applied on the Spin
* \#51501 \[SC-Low] It is not possible to update `l1accountEvmAddress` to the `address(0)`
* \#52794 \[SC-Low] remainingForSale not updated after withdrawUnsoldArcTokens will cause following buy revert
* \#52303 \[SC-Insight] Incorrect Yield Distribution Event Emission
* \#50506 \[SC-Insight] `StakingFacet` missing event emission on any unstaking operations
* \#49710 \[SC-High] Cross-batch state manipulation in yield distribution allows double-dipping of yield funds
* \#50302 \[SC-Insight] Role Documentation Discrepancy
* \#49726 \[SC-Insight] There is a redundant zero address check in the ValidatorFacet.sol that is obsolete and could never be true
* \#49668 \[SC-Insight] Validator status function emit misleading event
* \#50571 \[SC-High] Yield Distribution Meltdown ArcToken's Batch Processing Vulnerability Enables 100% Yield Over Distribution
* \#51866 \[SC-High] Stale Streak Value Used in Jackpot Eligibility Check Causes Denial of Legitimate Jackpot Winners
* \#52031 \[SC-Medium] Insufficient Access Control in Token Sales Management Leads to Permanent Griefing Attack
* \#50973 \[SC-Insight] Incorrect Parameter Type in setJackpotProbabilities
* \#49787 \[SC-High] Batched Yield Distribution Doesn't Account For Transfers/Purchases Between Batches
* \#50380 \[SC-Insight] Redundant Use of `allowedImplementations` Mapping in Factory Contracts (createToken and createWhitelistRestrictions in ArcTokenFactory and RestrictionsFactory respectively)
* \#49954 \[SC-Insight] `Raffle::editPrizes` lacks logic to make prizes immutable once winner selection starts or users join breaking user trust.
* \#52557 \[SC-Insight] validatorLastUpdateTimes not updated after validator slashing
* \#52945 \[SC-High] Commission Calculation Rounding Asymmetry Leads to Theft of Unclaimed Yield
* \#52870 \[SC-Low] Cooldown Extension Logic May Lead to Locked Funds
* \#50745 \[SC-Low] Single Cooldown Entry Design Causes Timer Reset on Multiple Unstakes Leading to Extended Lock Periods
* \#51296 \[SC-Low] ArcTokenPurchase Withdrawal Breaks View Functions
* \#50887 \[SC-Insight] ArcoTokenPurchase::PurchaseMade Event Mislabels Payment Amount as “pricePaid” Instead Of Unit Price
* \#51218 \[SC-High] Oracle callback timing vulnerability causes jackpot prize loss
* \#50275 \[SC-High] Eligible user loses Jackpot
* \#52178 \[SC-Critical] User will lose the unspent amount when executing partial swaps via OkxRouter
* \#53069 \[SC-Low] Dynamic Cooldown Interval Changes Cause Unexpected Fund Lockup Extensions
* \#50168 \[SC-Insight] Unused and duplicated functions should be removed from RewardsFacet and StakingFacet
* \#51451 \[SC-Low] Token Freezing via Whitelist Restriction Bypass
* \#51530 \[SC-High] Validators can not Claim Pending Accrued Commission when Reward tokens have been removed from the isRewardToken mapping
* \#51162 \[SC-Low] Missing Pause Control Implementation in TellerWithMultiAssetSupportPredicateProxy
* \#50461 \[SC-Insight] Incorrect deposit event receiver logged in bridge functions of `DexAggregatorWrapperWithPredicateProxy.sol`
* \#51920 \[SC-Insight] Unnecessary second hand of `if` check in `calculateRewardsWithCheckpointsView`
* \#52248 \[SC-Insight] Lack of initialization check in staking allows users to stake without reward token configured, causing permanent loss of yield
* \#51658 \[SC-High] Yield distribution in batches let the same tokens collect rewards in multiple batches, stealing yield from other users
* \#52347 \[SC-High] Improper handling of yield distribution state in distributeYieldWithLimit() leads to revert, freezing users' yield
* \#52711 \[SC-High] In ValidatorFacet, validator cannot claims commissions of removed tokens
* \#52444 \[SC-Insight] `getMaxNumberOfTokens` returns misleading supply when sales are disabled
* \#50425 \[SC-High] Active non-slashed validators cannot claim rewards when a reward token is disabled
* \#53071 \[SC-Insight] `_okxHelper` function incompatible with the `UNISWAP_V3_SWAP_TO_WITH_PERMIT_SELECTOR`
* \#52507 \[SC-Medium] Insufficient Fix: IMMUNEFI REPORT - H1 #35
* \#53072 \[SC-High] Ceil-vs-Floor Rounding Mismatch Causes Systematic Underpayment and Unclaimed Yield Leakage
* \#51171 \[SC-Insight] Redundant Storage Reads and Unnecessary Checks in Reward Rate Checkpoint Logic Lead to Inefficient Gas Usage
* \#50284 \[SC-Insight] Incorrect ERC7201 Storage Implementation in Core Factory Contracts
* \#51651 \[SC-Insight] Redundant Array Access in removeStakerFromValidator
* \#52690 \[SC-Medium] DoS Of Smart Contracts On Bridging Functions
* \#51863 \[SC-Low] Lack of Winning Ticket Removal in handleWinnerSelection Leads to Unfair Prize Distribution and Economic Exploitation
* \#51180 \[SC-Medium] Function is vulnerable to gas griefing
* \#50397 \[SC-Medium] Inefficient Array Iteration in getPrizeDetails function leads to high gas costs.
* \#51493 \[SC-Insight] Misleading View Function Documentation
* \#50675 \[SC-Insight] Re-Entrant ETH Refund Can Emit Mismatched shares in Deposit event
* \#51369 \[SC-High] Unbounded iteration gas‑dos in `_validateTokenForClaim`
* \#51994 \[SC-High] Permanent Loss of Validator Commission Upon Reward Token Removal
* \#50402 \[SC-Low] Single rate assumption ignores checkpoints in slashed case
* \#50433 \[SC-High] Validator List Griefing: Unrestricted stakeOnBehalf allows User Asset freeze permanently
* \#52179 \[SC-Medium] Validator Commission Becomes Permanently Locked When Deactivated
* \#51813 \[SC-High] Malicious User Can Grief Victims by Staking Them Across Many Validators Leading to Fund Freezing
* \#52646 \[SC-Insight] Missing event emission after reward claim has been finalized in RewardsFacet
* \#51547 \[SC-Medium] Approval Race Condition with safeApprove Leads to Transaction Reverts
* \#50937 \[SC-Medium] Non-zero approve pattern causes permanent freeze of token deposits (e.g. USDT) due to ERC20 incompatibility
* \#51502 \[SC-Low] Enabling Transfer Restrictions Permanently Blocks Minting and Burning
* \#51452 \[SC-High] stakeOnBehalf() function enables out-of-gas DoS
* \#51455 \[SC-Low] Inflated `earned()` / UI rewards when validator stake is zero due to missing `totalStaked` guard in view logic
* \#51982 \[SC-Medium] Token Approval Issue with Non-Standard ERC20 Tokens Leads to Contract Dysfunction
* \#51655 \[SC-Insight] Redundant Storage Write in addValidator Function Leads to Unnecessary Gas Costs
* \#51723 \[SC-Low] Yield Tokens Can Become Permanently Stuck in Contract if No Eligible Holders Exist
* \#52976 \[SC-Low] Turning on transfer restriction permanently blocks minting and burning
* \#52397 \[SC-Medium] Repeated approve without zero-reset can revert on nonstandard ERC20s, blocking deposits
* \#52948 \[SC-Low] Jackpot Reward Rejected at Exact Threshold
* \#51896 \[SC-High] Precision Loss in distributeYieldWithLimit Leads to Permanent Locking of Yield Tokens
* \#52799 \[SC-Insight] unused storage variable
* \#50761 \[SC-Insight] Slashed Validators Not Removed from Active List, Leading to Redundant Reward Checkpoints and Wasted Gas
* \#52890 \[SC-Low] No-Recipient Yield Distribution Locks Yield Tokens on ArcToken (effTotal==0)
* \#52935 \[SC-Insight] In Raffle contract, cancel request does not really cancel the request
* \#52026 \[SC-Medium] claimAll could revert because of unbounded gas consumptions
* \#52937 \[SC-Insight] Redundant Raffle Ticket Balance Check
* \#52918 \[SC-Insight] Redundant Check For AllWinnersDrawn Error
* \#50818 \[SC-Low] previewYieldDistribution Returns Zero Addresses When Effective Supply Is Zero
* \#52087 \[SC-Insight] Plume.sol#permit(...) will always revert for smart contract wallet signatures
* \#52137 \[SC-Insight] Silent Override of Non-Global Module Implementation Causes Stored State and Event Log Inconsistency
* \#52944 \[SC-High] The `requestCommisionClaim` function can only claim commission on tokens that are currently reward tokens
* \#52974 \[SC-Medium] When the approval to the `okxApprover` is not fully spent the deposit function will be blocked
* \#51028 \[SC-Insight] Gas And Storage Inefficiency in Raffle Ticket Range Tracking
* \#49919 \[SC-Insight] Unstake function does not unstake all as mentioned in the NatSpec
* \#49932 \[SC-Insight] There are five separate but similar implementations of a binary search that can be condensed into one function
* \#49705 \[SC-Medium] Two vectors for unbounded Gas Consumption due to the normal `Raffle` operations
* \#50507 \[SC-High] Non atomic yield distribution may lead to theft of yield
* \#49639 \[SC-Insight] Gas Inefficiency in Loop Storage Reads \_processMaturedCooldowns
* \#49738 \[SC-Insight] Active users in prize pool loose invested raffle tickets when `Raffle::removePrize()` is called.
* \#49768 \[SC-Insight] Missing input validation in `Raffle::editPrize` breaks functionality
* \#51083 \[SC-Insight] claimAll() only loops over active reward tokens and ignores historical tokens
* \#50212 \[SC-Insight] Validators without staked funds can control slashing decisions leading to protocol insolvency
* \#52221 \[SC-Insight] Hardcoded Supra subscription wallet can freeze Spin
* \#50949 \[SC-Insight] No check if raffle actually has enough funds
* \#50632 \[SC-Insight] Critical Timestamp Parsing Bug in getYear() of DateTime contract
* \#49626 \[SC-Insight] Modulo Bias in Winner Selection in Raffle
* \#51712 \[SC-Insight] Yield distribution will revert if global module doesn't implement IYieldRestrictions
* \#52960 \[SC-Insight] Incosistent withdrawable amount calculations
* \#50041 \[SC-Insight] Missing global rate fallback in `getEffectiveRewardRateAt`
* \#51738 \[SC-Insight] It's possible to enable the same token multiple times, thereby resetting the parameters
* \#51814 \[SC-Insight] `checkpoint.cumulativeIndex` returned in the `getRewardRateCheckpoint` function will be zero
* \#51159 \[SC-Insight] High Gas: Iterative Date Calculations in DateTime.sol

</details>

(End of report list)