search

LedgerHQ / ledger-fresh-management

This is where product topics are discussed for Ledger Fresh
Apache License 2.0
14 stars 2 forks source link

[Documentation] - Challenge period definition #94

Open qd-qd opened 1 year ago

qd-qd commented 1 year ago

Header

Name of the task: Challenge period definition

Name of the module: Documentation

Difficulty: 1

Waiting for: /

Body

Short description

Define all the different challenge periods we wanna support in our smart-contract wallet and map all of them with the suggested waiting time we wanna apply.

Full description

Some interactions with the wallet can have a significant impact on security or access to the wallet (like adding or removing a plugin for example). That's why we decided to apply a challenge period to all critical interactions issued by a wallet signer.

A challenge period is simply a delay we apply to sensitive actions. When a user tries to do something we flagged sensitive, we delay the execution of the transaction for a specific amount of time. Thanks to that, signers associated with the wallet will have the opportunity to cancel execution they don't want.

As described by @btchip here, the challenge period can't overlap.

The output of this task must be pushed into the repository and will serve as the source of truth for further development. Feel free to open a discussion here if needed.

Additionals ressources

btchip commented 1 year ago

Side note from earlier discussions, we don't want challenge periods to overlap - if one action requiring a time challenge is pending, the user cannot perform another action requiring a time challenge until the previous one is confirmed or cancelled