You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content/stellar-contracts/governance/timelock-controller.mdx
+3-8Lines changed: 3 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,7 +8,7 @@ title: Timelock Controller
8
8
9
9
The Timelock Controller provides a means of enforcing time delays on the execution of transactions. This is considered good practice regarding governance systems because it allows users the opportunity to exit the system if they disagree with a decision before it is executed.
10
10
11
-
The Timelock contract itself executes transactions, not the user. The Timelock should, therefore, hold associated funds, ownership, and access control roles.
11
+
The benefits of a timelock are best seen in an ownership-based system. Typically, the owner is a G-account or another contract. To delay the execution of privileged functions, one can designate a Timelock Controller as the owner of the system.
12
12
13
13
## Operation Lifecycle
14
14
@@ -33,11 +33,6 @@ Timelocked operations follow a specific lifecycle:
33
33
34
34
**Unset → Waiting → Ready → Done**
35
35
36
-
-**Unset**: The operation has not been scheduled or has been canceled.
37
-
-**Waiting**: The operation has been scheduled and is pending the scheduled delay.
38
-
-**Ready**: The timer has expired, and the operation is eligible for execution.
39
-
-**Done**: The operation has been executed.
40
-
41
36
## Timelock Flow
42
37
43
38
### Schedule
@@ -91,7 +86,7 @@ The minimum delay of a contract is accessible through `get_min_delay`.
91
86
92
87
## Usage Example
93
88
94
-
A complete timelock controller implementation with role-based access control.
89
+
We are providing below a complete timelock controller implementation with role-based access control.
95
90
96
91
### Roles
97
92
@@ -116,7 +111,7 @@ For self-administration operations (e.g., updating the minimum delay, granting a
116
111
117
112
**Why not use `execute_op` for self-administration?** Soroban does not allow re-entrancy: a contract cannot call its own public functions during execution. For example, `execute_op` cannot internally call `update_delay` on the same contract. To work around this, the `CustomAccountInterface` implementation validates and marks operations as executed without performing the cross-contract call, allowing admin functions to be called directly.
118
113
119
-
The `__check_auth` implementation validates that:
114
+
The custom `__check_auth` implementation validates that:
120
115
- The operation targets the timelock contract itself
121
116
- The operation was properly scheduled and is ready for execution
122
117
- The predecessor and salt match the scheduled operation
0 commit comments