Ch_301 - Missing updating of the `unit` value.

[sherlock-admin]

Ch_301

high

Missing updating of the unit value.

Summary

Missing updating of the unit value.

Vulnerability Detail

On TimeLockPool.sol == > setCurvePoint() When the Gov decide to add a point to the curve or remove the last point of the curve

        } else if (_position == curve.length) {
            curve.push(_newPoint);
        } else {
            if (curve.length - 1 < 2) {
                revert ShortCurveError();
            }
            curve.pop();
        }

There is no updating to the unit value We can see here how the unit is calculating

 unit = maxLockDuration / (curve.length - 1);

So any change in the curve.length will affect the unit value which means getMultiplier() will return the wrong value.

Impact

getMultiplier() will deliver a wrong multiplier value And this will affect the shares calculation on deposit()

uint256 mintAmount = _amount * getMultiplier(duration) / 1e18;

Code Snippet

    function setCurvePoint(uint256 _newPoint, uint256 _position) external onlyGov {
        if (_newPoint > maxBonus) {
            revert MaxBonusError();
        }
        if (_position < curve.length) {
            curve[_position] = _newPoint;
        } else if (_position == curve.length) {
            curve.push(_newPoint);
        } else {
            if (curve.length - 1 < 2) {
                revert ShortCurveError();
            }
            curve.pop();
        }
        emit CurveChanged(_msgSender());
    }

https://github.com/sherlock-audit/2022-10-merit-circle/blob/main/merit-liquidity-mining/contracts/TimeLockPool.sol#L322-L337

Tool used

Manual Review

Recommendation

If you add or remove a point to/from the curve Reculcale the unit

unit = maxLockDuration / (curve.length - 1);

Duplicate of #101