The 2 remaining changes may need some discussion on how to resolve.
MIN-01M: The donate() function directly updates the state of the contract, namely the
curValidatorShares state variable, yet it publicly accessible and does not restrict the input
values.
VET-01M: The minters of the system can arbitrarily burn tokens.
vEth2 contract is not upgradeable so this may not be able to be changed.
I have completed all but 2 of the changes for #10
The 2 remaining changes may need some discussion on how to resolve.