Scrappy but complete first draft of "what can go wrong, what do we do if it goes wrong". Must cover at minimum:

• Rounding as an attack vector / failure source — and an initial dust strategy listing where rounding errors occur and how they are managed.
• Donation attacks.
• Reentrancy.

Identify mitigations and ensure the current design is compatible with adding more later.