Background
Rushed or malicious admin actions (e.g., changing platform fees dramatically) can harm users. A timelock gives the community time to react.
Goal
Wrap critical admin functions with a 2-day timelock. Proposed actions are queued and must be executed after the delay expires.
Acceptance Criteria
DataKey::PendingAction(action_hash) stores { action, proposed_at }.propose_admin_action(action_payload) stores the pending entry.execute_admin_action(action_hash) checks ledger_time >= proposed_at + 172800.- Returns
Error::TimelockActive if too early.
Key Files
contracts/src/admin.rs, contracts/src/timelock.rs
Background
Rushed or malicious admin actions (e.g., changing platform fees dramatically) can harm users. A timelock gives the community time to react.
Goal
Wrap critical admin functions with a 2-day timelock. Proposed actions are queued and must be executed after the delay expires.
Acceptance Criteria
DataKey::PendingAction(action_hash)stores{ action, proposed_at }.propose_admin_action(action_payload)stores the pending entry.execute_admin_action(action_hash)checksledger_time >= proposed_at + 172800.Error::TimelockActiveif too early.Key Files
contracts/src/admin.rs,contracts/src/timelock.rs