Related, there's an inconsistency where on the ETH side, refundBridgeTransfer is onlyOwner but on the Move side refund_bridge_transfer can be called by anyone.
Describe the solution you'd like
Proposed solution:
Because users must wait until the time lock expires, I propose changing the default counterparty time lock from 24 hours to 12 hours and the default initiator time lock from 48 hours to 24 hours. That way there's only a maximum 24-hour waiting window before a user can refund their own transfer.
Make the bridge relayer automatically refund transactions after the time lock expires.
Allow anyone to refund a bridge transfer when time lock expires, as a fallback in case the bridge fails. This means removing the onlyOwner restriction in the Eth-side refundBridgeTransfer function.
Is your feature request related to a problem? Please describe. Currently there's no clear refund policy for the bridge.
RFC-40 mentions automatically refunding transactions after the time lock expires: https://github.com/movementlabsxyz/rfcs/blob/main/0040-atomic-bridge/rfc-0040-atomic-bridge.md?plain=1#L13
Related, there's an inconsistency where on the ETH side,
refundBridgeTransferisonlyOwnerbut on the Move siderefund_bridge_transfercan be called by anyone.Describe the solution you'd like
Proposed solution:
Because users must wait until the time lock expires, I propose changing the default counterparty time lock from 24 hours to 12 hours and the default initiator time lock from 48 hours to 24 hours. That way there's only a maximum 24-hour waiting window before a user can refund their own transfer.
Make the bridge relayer automatically refund transactions after the time lock expires.
Allow anyone to refund a bridge transfer when time lock expires, as a fallback in case the bridge fails. This means removing the
onlyOwnerrestriction in the Eth-siderefundBridgeTransferfunction.