Address ChainSecurity questions

[danielattilasimon]

Eliminate unnecessary corner cases & special checks that should never be encountered/needed in normal operation.
Fix code comment about states in which user can vote positively.

Addresses ChainSecurity audit 7.1, 7.5 & 7.6.
Closes IR-09 & IR-10.

[danielattilasimon]

Removing useless test.

[danielattilasimon]

Removing harmful test. It should very much revert when passed nonsensical arguments.

The average timestamp is a weighted average of the form:

t_avg = SUM_i(t_i * lqty_i) / SUM_i(lqty_i)

It is always legal to add any number of new (t_j, lqty_j) pairs to an existing weighted average, in which case the new average will be:

t_avg' = (t_avg * SUM_i(lqty_i) + SUM(t_j * lqty_j)) / (SUM_i(lqty_i) + SUM_j(lqty_j))
       = (t_avg * SUM_i(lqty_i) + [SUM(t_j * lqty_j) / SUM_j(lqty_j)] * SUM_j(lqty_j)) / (SUM_i(lqty_i) + SUM_j(lqty_j))

Note: the parameters of the function _calculateAverageTimestamp() correspond to the following terms:

• _prevOuterAverageTimestamp => t_avg
• _newInnerAverageTimestamp => SUM(t_j * lqty_j) / SUM_j(lqty_j)
• _prevLQTYBalance => SUM_i(lqty_i)
• _newLQTYBalance => SUM_i(lqty_i) + SUM_j(lqty_j)

This explains the seemingly overcomplicated second form of t_avg' above.

However, when removing previously allocated amounts, even if we allow partial deallocation, the parameter _newInnerAverageTimestamp itself must be a valid weighted average of the form:

_newInnerAverageTimestamp = SUM_i(t_i * lqtyDecrease_i) / SUM_i(lqtyDecrease_i)

where forall i. lqtyDecrease_i <= lqty_i. Failing to adhere to this constraint can and should result in reverts.

[bingen]

Looks good!

[bingen]

Nice!! ❤️