QA Report

[code423n4]

Resolution of penalty division may not high enough

https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/staking/InfinityStaker.sol#L38-L42

  ///@dev Penalties if staked tokens are rageQuit early. Example: If 100 tokens are staked for twelve months but rageQuit right away,
  /// the user will get back 100/4 tokens.
  uint16 public THREE_MONTH_PENALTY = 2;
  uint16 public SIX_MONTH_PENALTY = 3;
  uint16 public TWELVE_MONTH_PENALTY = 4;

https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/staking/InfinityStaker.sol#L195-L200

    uint256 totalToUser = totalVested +
      ((threeMonthLock - threeMonthVested) / THREE_MONTH_PENALTY) +
      ((sixMonthLock - sixMonthVested) / SIX_MONTH_PENALTY) +
      ((twelveMonthLock - twelveMonthVested) / TWELVE_MONTH_PENALTY);

    uint256 penalty = totalStaked - totalToUser;

What if you want to reduce penalty to around 10%? You should set penalty to around 1.1 which is not possible as it is uint not float.

You should write penalty in BPS format

  ///@dev Penalties if staked tokens are rageQuit early. Example: If 100 tokens are staked for twelve months but rageQuit right away,
  /// the user will get back 100/4 tokens.
  uint16 public THREE_MONTH_PENALTY = 20000;
  uint16 public SIX_MONTH_PENALTY = 30000;
  uint16 public TWELVE_MONTH_PENALTY = 40000;

    uint256 totalToUser = totalVested +
      ((threeMonthLock - threeMonthVested) * 10000 / THREE_MONTH_PENALTY) +
      ((sixMonthLock - sixMonthVested) * 10000 / SIX_MONTH_PENALTY) +
      ((twelveMonthLock - twelveMonthVested) * 10000 / TWELVE_MONTH_PENALTY);

    uint256 penalty = totalStaked - totalToUser;

[HardlyDifficult]

Merging with https://github.com/code-423n4/2022-06-infinity-findings/issues/245 and https://github.com/code-423n4/2022-06-infinity-findings/issues/250