Compound

• Compound is known to have broken check-effect-interaction patterns, but compound handles this by only listing vetted tokens
  • https://twitter.com/Hacxyk/status/1520370424680304640?cxt=HHwWgMCioZK2uJkqAAAA
  • https://twitter.com/danielvf/status/1509524569836691459?s=21
  • https://www.comp.xyz/t/reentrancy-protection-currently-broken/2573

vote escrow (ve) tokens

• Solidly has a bug where frequent deposits and withdrawals increase rewards received https://github.com/belbix/solidly/issues/1
• veCRV makes assumptions that 1. snapshot voting based on ERC20 token balance is used (erc20-balance-of snapshot strategy) 2. tokens cannot be withdrawn early after depositing