permanentTotalSupply may be increased twice as much when depositing

[hats-bug-reporter[bot]]

Github username: -- Twitter username: -- Submission hash (on-chain): 0xd5ba0d8ce1c0cf49dc3bb204eed4455a25f66e470e8f1aa5bf48cecb1043e2a8 Severity: low

Description: Description\ When _deposit_for, lockPermanent, unlockPermanent, onAttachToManagedNFT and onDettachFromManagedNFT are called, the variable permanentTotalSupply gets updated. At the function _deposit_for it's updated when the old_locked.isPermanentLocked is true, the condition is checked both at the start of the function and at the boost check. here

So if the deposit is boosted, the lock time is correct and the boostedValue is greater than zero, the permanentTotalSupply will be increased for a second time by _value.

Attack Scenario\ The permanentTotalSupply may be increased twice as much when deposit_for is called.

Attachments

1. Proof of Concept (PoC) File As this is a low finding, the PoC will be provided on demand.

2. Revised Code File (Optional) Remove the second check of old_locked.isPermanentLocked here

[0xmahdirostami]

for now, I will judge these submissions as well

[0xmahdirostami]

Thanks valid