You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Maximum time in seconds for an increase to [default\_admin\_delay](#IAccessControlDefaultAdminRules-default_admin_delay) (that is scheduled using [change\_default\_admin\_delay](#IAccessControlDefaultAdminRules-change_default_admin_delay)) to take effect. Defaults to 5 days.
405
-
406
-
When the [default\_admin\_delay](#IAccessControlDefaultAdminRules-default_admin_delay) is scheduled to be increased, it goes into effect after the new delay has passed with the purpose of giving enough time for reverting any accidental change (i.e. using milliseconds instead of seconds) that may lock the contract. However, to avoid excessive schedules, the wait is capped by this function and it can be overridden for a custom [default\_admin\_delay](#IAccessControlDefaultAdminRules-default_admin_delay) increase scheduling.
405
+
Maximum time in seconds for an increase to [default\_admin\_delay](#IAccessControlDefaultAdminRules-default_admin_delay) (that is scheduled using [change\_default\_admin\_delay](#IAccessControlDefaultAdminRules-change_default_admin_delay)) to take effect.
407
406
407
+
<Callouttype='warn'>
408
408
Make sure to add a reasonable amount of time while overriding this value, otherwise, there’s a risk of setting a high new delay that goes into effect almost immediately without the possibility of human intervention in the case of an input error (e.g. set milliseconds instead of seconds).
409
+
</Callout>
410
+
411
+
Consider carefully the value set for `MAXIMUM_DEFAULT_ADMIN_TRANSFER_DELAY` too, since it will affect how fast you can recover from an accidental delay increase.
Maximum time in seconds for a `default_admin` transfer delay.
420
+
421
+
<Callouttype='warn'>
422
+
If `MAXIMUM_DEFAULT_ADMIN_TRANSFER_DELAY` is set too high, you might be unable to recover from an accidental delay increase for an extended period. Too low, and it unnecessarily restricts how much security delay you can impose for `default_admin` transfers. As a best practice, consider setting it in the 30-60 day range for a good balance between security and recoverability.
Maximum time in seconds for a `default_admin` transfer delay.
1393
+
1394
+
<Callouttype='warn'>
1395
+
If `MAXIMUM_DEFAULT_ADMIN_TRANSFER_DELAY` is set too high, you might be unable to recover from an accidental delay increase for an extended period. Too low, and it unnecessarily restricts how much security delay you can impose for `default_admin` transfers. As a best practice, consider setting it in the 30-60 day range for a good balance between security and recoverability.
Copy file name to clipboardExpand all lines: content/contracts-cairo/3.x/api/erc20.mdx
+2Lines changed: 2 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1139,6 +1139,8 @@ Allows contracts to hook logic into deposit and withdraw transactions. This is w
1139
1139
1140
1140
ERC4626 preview methods must be inclusive of any entry or exit fees. Fees are calculated using [FeeConfigTrait](#ERC4626Component-FeeConfigTrait) methods and automatically adjust the final asset and share amounts. Fee transfers are handled in `ERC4626HooksTrait` methods.
1141
1141
1142
+
When a vault implements fees on deposits or withdrawals (either in shares or assets), fee transfers must be handled in these hooks by library clients. This creates a non-atomic operation flow consisting of multiple state-changing steps: transferring assets, minting or burning shares, and transferring (or minting) fees. Between these steps, the vault's state is temporarily inconsistent: the asset-to-share conversion rate does not accurately reflect the vault's final state until all steps have completed. Therefore, it is critical to avoid making any external calls (including to the vault contract itself) or querying conversion rates during hook execution.
1143
+
1142
1144
Special care must be taken when calling external contracts in these hooks. In that case, consider implementing reentrancy protections. For example, in the `withdraw` flow, the `withdraw_limit` is checked **before** the `before_withdraw` hook is invoked. If this hook performs a reentrant call that invokes `withdraw` again, the subsequent check on `withdraw_limit` will be done before the first withdrawal's core logic (e.g., burning shares and transferring assets) is executed. This could lead to bypassing withdrawal constraints or draining funds.
1143
1145
1144
1146
See the [ERC4626AssetsFeesMock](https://github.com/OpenZeppelin/cairo-contracts/tree/main/packages/test_common/src/mocks/erc4626.cairo#L253) and [ERC4626SharesFeesMock](https://github.com/OpenZeppelin/cairo-contracts/tree/main/packages/test_common/src/mocks/erc4626.cairo#L426) examples.
Copy file name to clipboardExpand all lines: content/contracts-cairo/3.x/api/governance.mdx
+7Lines changed: 7 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -185,6 +185,8 @@ Whether a proposal needs to be queued before execution. This indicates if the pr
185
185
Delay between when a proposal is created and when the vote starts. The unit this duration is expressed in depends on the clock (see [ERC-6372](https://eips.ethereum.org/EIPS/eip-6372)) this contract uses.
186
186
187
187
This can be increased to leave time for users to buy voting power, or delegate it, before the voting of a proposal starts.
188
+
189
+
While this function returns a u64 value, timepoints must fit into u48 according to the EIP-6372 specification. Consequently this value must fit in a u48 (when added to the current clock).
188
190
</APIItem>
189
191
190
192
<APIItem
@@ -1674,6 +1676,7 @@ Cast a vote.
1674
1676
Requirements:
1675
1677
1676
1678
- The proposal must be active.
1679
+
- The current timepoint must be greater than the proposal's snapshot timepoint.
1677
1680
1678
1681
Emits a [VoteCast](#GovernorComponent-VoteCast) event.
1679
1682
</APIItem>
@@ -1688,6 +1691,7 @@ Cast a vote with a `reason`.
1688
1691
Requirements:
1689
1692
1690
1693
- The proposal must be active.
1694
+
- The current timepoint must be greater than the proposal's snapshot timepoint.
1691
1695
1692
1696
Emits a [VoteCast](#GovernorComponent-VoteCast) event.
1693
1697
</APIItem>
@@ -1702,6 +1706,7 @@ Cast a vote with a `reason` and additional serialized `params`.
1702
1706
Requirements:
1703
1707
1704
1708
- The proposal must be active.
1709
+
- The current timepoint must be greater than the proposal's snapshot timepoint.
1705
1710
1706
1711
Emits either:
1707
1712
@@ -1719,6 +1724,7 @@ Cast a vote using the `voter`'s signature.
1719
1724
Requirements:
1720
1725
1721
1726
- The proposal must be active.
1727
+
- The current timepoint must be greater than the proposal's snapshot timepoint.
1722
1728
- The nonce in the signed message must match the account's current nonce.
1723
1729
-`voter` must implement `SRC6::is_valid_signature`.
1724
1730
-`signature` must be valid for the message hash.
@@ -1736,6 +1742,7 @@ Cast a vote with a `reason` and additional serialized `params` using the `voter`
1736
1742
Requirements:
1737
1743
1738
1744
- The proposal must be active.
1745
+
- The current timepoint must be greater than the proposal's snapshot timepoint.
1739
1746
- The nonce in the signed message must match the account's current nonce.
1740
1747
-`voter` must implement `SRC6::is_valid_signature`.
0 commit comments