Skip to content

Add escape-hatch admin actions guarded by 48-hour timelock #482

Description

@greatest0fallt1me

Description

This is a smart-contract issue for the GrantFox campaign. Critical actions (pause, upgrade, sweep) must propose first and execute only after a 48h timelock window.

Requirements and Context

  • propose/execute pair per action
  • Window from env
  • Cancellable by admin
  • Test wall-clock manipulation
  • Must be secure, tested, and documented
  • Should be efficient and easy to review

Suggested Execution

  1. Fork the repo and create a branch
    git checkout -b feature/admin-timelock
  2. Implement changes
    • contracts/vault/src/timelock.rs (new)
    • contracts/settlement/src/timelock.rs (new)
    • contracts/vault/src/test.rs
  3. Test and commit
    • Run the repo's standard test suite and lint
    • Cover edge cases; include output in the PR

Example commit message

feat: 48h timelock for critical admin actions

Acceptance Criteria

  • Propose stores
  • Execute fails before window
  • Cancel works
  • Tests cover boundary

Guidelines

  • Minimum 95% test coverage with cargo test
  • require_auth on every state-changing entrypoint
  • Overflow-safe math; no unwrap() in production paths
  • Clear NatSpec-style /// rustdoc
  • Timeframe: 96 hours

Metadata

Metadata

Assignees

Labels

GRANTFOX OSSGrantFox open-source campaign taskOFFICIAL CAMPAIGNOfficial GrantFox campaign issueStellar WaveIssues in the Stellar wave programauditSecurity audit/reviewsecuritySecurity hardeningsmart-contractSoroban smart-contract worktestingTests and coverage

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions