Description:
Prevent sessions from staying in Locked state indefinitely by enforcing a maximum lifetime before auto-cancellation.
Acceptance Criteria:
max_session_duration_ledgers: u32 configurable by admin (default 30,000 ledgers ~ 7 days).
lock_funds stores expires_at = current_ledger + max_duration.
cancel_expired_session(session_id) — anyone can call after expiry.
Expired session refunds buyer fully, no fee.
Emits SessionExpiredAndCancelled event.
Session cannot be completed or approved after expiry.
Labels: security, timeout, expiry
Description:
Prevent sessions from staying in Locked state indefinitely by enforcing a maximum lifetime before auto-cancellation.
Acceptance Criteria:
max_session_duration_ledgers: u32 configurable by admin (default 30,000 ledgers ~ 7 days).
lock_funds stores expires_at = current_ledger + max_duration.
cancel_expired_session(session_id) — anyone can call after expiry.
Expired session refunds buyer fully, no fee.
Emits SessionExpiredAndCancelled event.
Session cannot be completed or approved after expiry.
Labels: security, timeout, expiry